#!/usr/bin/env bash VERS='3.01232023' #NODETYPES=LB NODETYPES=MYSQL,LB,WEB,NC,PD,MM MYSQLHOSTS=10.10.1.51,10.10.1.52 WEBHOSTS=10.10.1.121,10.10.1.122 LBHOSTS=10.10.10.81,10.10.10.82 NCHOSTS=10.10.10.42 PDHOSTS=159.203.158.51,146.190.1.194 MMHOSTS=10.10.1.24 PRIMARYHOST=10.10.1.51 MYSQLMANAGER=10.10.10.50 GLHOSTS=10.10.1.41,10.10.1.42,10.10.1.121,10.10.1.122,10.10.1.43 NODESERVICES=mariadb,mysql,nginx,gitea,pdnsadmin,pdnsadmin.socket,haproxy,keepalived,maxscale,postgresql,web,php5.6-fpm,php7.2-fpm,php7.3-fpm,php7.4-fpm,syncthing,pdns,proxysql,radarr,sonarr,jackett,qbittorrent,snap.tautulli.tautulli,ombi,glusterd,redis-server MYSQLSERVICES_CHECK=mariadb,proxysql,keepalived WEBSERVICES_CHECK=nginx,php5.6-fpm,php7.2-fpm,php7.3-fpm,php7.4-fpm,php8.2-fpm,gitea,pdnsadmin,pdnsadmin.socket,keepalived,glusterd LBSERVICES_CHECK=haproxy,keepalived NCSERVICES_CHECK=nginx,php8.2-fpm,redis-server PDSERVICES_CHECK=pdns,mariadb MMSERVICES_CHECK=radarr,sonarr,jackett,qbittorrent,snap.tautulli.tautulli,ombi,nginx,php8.2-fpm WEBDOCKER=phpmyadmin,phppgadmin LBDOCKER=nginx-proxy_manager noheader=' service status-check nightlyrephp7.3-fpm,new backup report check checkcerts gitea update-nodes copynpmcerts singleservercheck ' CERT_DAEMON='/snap/bin/certbot' FOLDER=/opt/idssys/nodemgmt SCRIPT=${FOLDER}/nodemgmt-scripts.sh LOGFILE=${FOLDER}/logfile RENOTIFY=900 declare -A NM_HOSTNAMES NM_HOSTNAMES['10.10.1.121']='Webserver-Node1' NM_HOSTNAMES['10.10.1.122']='Webserver-Node2' NM_HOSTNAMES['10.10.1.51']='MySQL-Node1' NM_HOSTNAMES['10.10.1.52']='MySQL-Node2' NM_HOSTNAMES['10.10.10.81']='LB-Node1' NM_HOSTNAMES['10.10.10.82']='LB-Node2' NM_HOSTNAMES['10.10.10.42']='Nextcloud-Server' NM_HOSTNAMES['159.203.158.51']='PowerDNS-Node1' NM_HOSTNAMES['146.190.1.194']='PowerDNS-Node3' NM_HOSTNAMES['10.10.10.50']='MySQL-Manager' declare -i errtime IFS=, NODE_TYPES=(${NODETYPES}) MYSQL_HOSTS=(${MYSQLHOSTS}) WEB_HOSTS=(${WEBHOSTS}) LB_HOSTS=(${LBHOSTS}) NC_HOSTS=(${NCHOSTS}) PD_HOSTS=(${PDHOSTS}) MM_HOSTS=(${MMHOSTS}) GL_HOSTS=(${GLHOSTS}) NODE_SERVICES=(${NODESERVICES}) MYSQL_SERVICES_CHECK=(${MYSQLSERVICES_CHECK}) WEB_SERVICES_CHECK=(${WEBSERVICES_CHECK}) LB_SERVICES_CHECK=(${LBSERVICES_CHECK}) NC_SERVICES_CHECK=(${NCSERVICES_CHECK}) PD_SERVICES_CHECK=(${PDSERVICES_CHECK}) MM_SERVICES_CHECK=(${MMSERVICES_CHECK}) LOCAL_SERVICES=(${LOCAL_SERVICES}) WEB_DOCKER=(${WEBDOCKER}) LB_DOCKER=(${LBDOCKER}) unset IFS declare -A NM_NODETYPES NM_NODETYPES['MYSQL']='MySQL' NM_NODETYPES['LB']='LoadBalance' NM_NODETYPES['WEB']='Webserver' NM_NODETYPES['NC']='Nextcloud' NM_NODETYPES['PD']='PowerDNS' NM_NODETYPES['MM']='Media Manager' declare -A NM_SERVICES NM_SERVICES['mysql']='MySQL' NM_SERVICES['mariadb']='MariaDB (MySQL)' NM_SERVICES['postgresql']='PostgreSQL' NM_SERVICES['apache2']='Apache Web Server' NM_SERVICES['nginx']='NGINX Web Server' NM_SERVICES['gogs']='Gogs Git Repository' NM_SERVICES['gitea']='Gitea Git Repository' NM_SERVICES['haproxy']='HAProxy Load Balancer' NM_SERVICES['keepalived']='Keepalived Load Balancer' NM_SERVICES['maxscale']='MaxScale Load Balancer' NM_SERVICES['cmon']='CC-Controller' NM_SERVICES['cmon-events']='CC-Events Manager' NM_SERVICES['cmon-cloud']='CC-Cloud Daemon' NM_SERVICES['php5.6-fpm']='PHP 5.6 FPM' NM_SERVICES['php7.2-fpm']='PHP 7.2 FPM' NM_SERVICES['php7.3-fpm']='PHP 7.3 FPM' NM_SERVICES['php7.4-fpm']='PHP 7.4 FPM' NM_SERVICES['php8.0-fpm']='PHP 8.0 FPM' NM_SERVICES['php8.1-fpm']='PHP 8.1 FPM' NM_SERVICES['php8.2-fpm']='PHP 8.2 FPM' NM_SERVICES['syncthing']='Syncthing' NM_SERVICES['pdns']='PowerDNS Server' NM_SERVICES['pdnsadmin']='PowerDNS-Admin' NM_SERVICES['pdnsadmin.socket']='PowerDNS-Admin Socket' NM_SERVICES['proxysql']='ProxySQL Load Balancer' NM_SERVICES['radarr']='Radarr' NM_SERVICES['sonarr']='Sonarr' NM_SERVICES['jackett']='Jackett' NM_SERVICES['qbittorrent']='qBittorrent' NM_SERVICES['snap.tautulli.tautulli']='Tautulli' NM_SERVICES['ombi']='Ombi' NM_SERVICES['glusterd']='Gluster FileSystem' NM_SERVICES['redis-server']='Redis Caching Server' declare -A NM_DOCKERS NM_DOCKERS['phpmyadmin']='phpMyAdmin' NM_DOCKERS['phppgadmin']='phpPgAdmin' NM_DOCKERS['nginx-proxy_manager']='Nginx Proxy Manager' declare -A NM_DOCKER_COMPOSE NM_DOCKER_COMPOSE['phpmyadmin']='/mnt/web-Data/phpmyadmin' NM_DOCKER_COMPOSE['phppgadmin']='/mnt/web-Data/phppgadmin' NM_DOCKER_COMPOSE['nginx-proxy_manager']='/opt/nginx-proxy' declare -A NM_SRVCOPTS NM_SRVCOPTS['status']='Status' NM_SRVCOPTS['start']='Start' NM_SRVCOPTS['stop']='Stopp' NM_SRVCOPTS['restart']='Restart' NM_SRVCOPTS['reload']='Reload' NM_SRVCOPTS['enable']='Enabl' NM_SRVCOPTS['disable']='Disabl' NM_SRVCOPTS['daemon-reload']='Daemon-Reload' NM_SRVCOPT=(start stop restart reload enable disable) declare -A REPL_CHECKS REPL_CHECKS['apache']='/etc/apache2' REPL_CHECKS['nginx']='/etc/nginx' REPL_CHECKS['nginxproxy']='/opt/nginx-proxy' REPL_CHECKS['ssl']='/etc/letsencrypt' REPL_CHECKS['lessh']='/home/le/.ssh' REPL_CHECKS['php']='/etc/php' REPL_CHECKS['www']='/var/www' REPL_CHECKS['git']='/mnt/web-data/gitea' REPL_CHECKS['gitssh']='/home/git' REPL_CHECKS['pma']='/etc/phpmyadmin' REPL_CHECKS['pdnsa']='/mnt/web-data/powerdns-admin' REPL_CHECKS['nextcloud-data']='/mnt/Nextcloud-Data' REPL_CHECKS['nextcloud-php']='/etc/php' #MYSQL_REPL_CHECK=( ) #WEB_REPL_CHECK=(nginx www ssl lessh php pma pdnsa) #WEB_REPL_CHECK=( ) LB_REPL_CHECK=( nginxproxy ) #NC_REPL_CHECK=(apache nextcloud-php nextcloud-data) #NC_REPL_CHECK=( ) declare -A REPL_DESC REPL_DESC['apache']='Apache Settings' REPL_DESC['nginx']='NGINX Settings' REPL_DESC['nginxproxy']='NGINX-Proxy Settings' REPL_DESC['ssl']='SSL Certificates' REPL_DESC['lessh']='LetsEncrypt SSH Keys' REPL_DESC['php']='PHP Settings' REPL_DESC['www']='Webserver Files' REPL_DESC['git']='Gitea System' REPL_DESC['gitssh']='Gitea SSH Keys' REPL_DESC['pma']='phpMyAdmin Settings' REPL_DESC['pdnsa']='PowerDNS Admin' REPL_DESC['nextcloud-data']='Nextcloud Data' REPL_DESC['nextcloud-php']='Nextcloud PHP Settings' declare -A BACKUP_ITEMS BACKUP_ITEMS[nginx-settings]=/etc/nginx BACKUP_ITEMS[letsencrypt-certs]=/etc/letsencrypt BACKUP_ITEMS[gitea]=/var/lib/gitea BACKUP_ITEMS[nginx-logs]='/var/www/!NGINX-Logs' #BACKUP_ITEMS[webserver-files]=/var/www GET-CHECKCERT-DOMAINS(){ declare -A CHECKCERT_DOMAINS IFS=$'\n' for LINE in `egrep -v '(^#|^$)' ${FOLDER}/ssl-cert-check/ssldomains`; do HOST=${LINE%% *} PORT=${LINE#* } IFS=" " CHECKCERT_DOMAINS[${HOST}]=${PORT} done unset IFS } DISP_HEADER(){ declare -i cw; declare -i spc1; declare -i c if [ "$1" = true ]; then clear fi echo "" echo -e "${idsCL[LightGreen]} NodeMgmt - Galera/NGINX Node Management${idsCL[Default]} ${idsCL[DarkGray]}(ver-${VERS})${idsCL[Default]}" DIVIDER . lightGreen if [ "$2" = true ]; then echo -e " Node hostname : ${idsST[Bold]}${idsCL[LightCyan]}${NODE_HOSTNAME}${idsCL[Default]}${idsST[Reset]}" if [ -z ${LOCAL_SERVICES+x} ]; then SERVICES=$( IFS=$','; echo "${NODE_SERVICES[*]}" ) else SERVICES=$( IFS=$','; echo "${LOCAL_SERVICES[*]}" ) fi IFS=,; SERVICES2=(${SERVICES}); unset IFS for srvc in "${SERVICES2[@]}"; do c=0; cw=18; spc='' spc1=${cw}-${#NM_SERVICES[${srvc}]} until [ $c = ${spc1} ]; do spc="${spc} "; c=`expr $c + 1`; done echo -en " ${NM_SERVICES[${srvc}]}$spc: " if [ $(pgrep ${srvc} | wc -l) -gt "0" ]; then echo -e "${idsCL[Green]}Running${idsCL[Default]}" else echo -e "${idsCL[Red]}Not Running${idsCL[Default]}" fi done DIVIDER if [ $(ls -1 ${FOLDER}/*.lastrun 2>/dev/null | wc -l) != 0 ];then echo -e "${idsST[Bold]}Lastrun Items:${idsST[Reset]}" for lastrun in ${FOLDER}/*.lastrun ; do IFS='/'; lastrun_item=(${lastrun}); unset IFS lastrun_item=$(echo ${lastrun_item[4]} | sed "s/.lastrun//g") lastrun_item=$(echo ${lastrun_item} | sed "s/-/ /g") lastrun_date=$(stat -c %y ${lastrun}) IFS=' '; lastrun_date=(${lastrun_date}); unset IFS IFS='.'; lastrun_time=(${lastrun_date[1]}); unset IFS c=0; cw=18; spc='' spc1=${cw}-${#lastrun_item} until [ $c = ${spc1} ]; do spc="${spc} "; c=`expr $c + 1`; done echo -e " ${lastrun_item~}${spc}: ${lastrun_date[0]} ${lastrun_time}" done DIVIDER fi fi echo "" } CERT-CHECK(){ TARGET="mysite.example.net"; RECIPIENT="hostmaster@mysite.example.net"; DAYS=7; echo "checking if $TARGET expires in less than $DAYS days"; expirationdate=$(date -d "$(: | openssl s_client -connect $TARGET:443 -servername $TARGET 2>/dev/null \ | openssl x509 -text \ | grep 'Not After' \ |awk '{print $4,$5,$7}')" '+%s'); in7days=$(($(date +%s) + (86400*$DAYS))); if [ $in7days -gt $expirationdate ]; then echo "KO - Certificate for $TARGET expires in less than $DAYS days, on $(date -d @$expirationdate '+%Y-%m-%d')" \ | mail -s "Certificate expiration warning for $TARGET" $RECIPIENT ; else echo "OK - Certificate expires on $expirationdate"; fi }