initial commit

2025-03-03 14:17:03 +01:00
commit ce9e8dce54
16 changed files with 369 additions and 0 deletions
--- a/Scripts/check_ssl_cert.sh
+++ b/Scripts/check_ssl_cert.sh
@@ -0,0 +1,68 @@
+#! /bin/sh
+#------------------------------------------------------------
+# zext_ssl_cert.sh
+# Script checks for number of days until certificate expires or the issuing authority
+# depending on switch passed on command line.
+#
+#Based on script from aperto.fr (http://aperto.fr/cms/en/blog/15-blog-en/15-ssl-certificate-expiration-monitoring-with-zabbix.html)
+#with additions by racooper@tamu.edu
+#------------------------------------------------------------
+
+DEBUG=0
+if [ $DEBUG -gt 0 ]
+then
+    exec 2>>/tmp/my.log
+    set -x
+fi
+
+f=$1
+host=$2
+port=$3
+sni=$4
+proto=$5
+
+if [ -z "$sni" ]
+then
+    servername=$host
+else
+    servername=$sni
+fi
+
+if [ -n "$proto" ]
+then
+    starttls="-starttls $proto"
+fi
+
+case $f in
+-d)
+end_date=`openssl s_client -servername $servername -host $host -port $port -showcerts $starttls -prexit </dev/null 2>/dev/null |
+          sed -n '/BEGIN CERTIFICATE/,/END CERT/p' |
+          openssl x509 -text 2>/dev/null |
+          sed -n 's/ *Not After : *//p'`
+
+if [ -n "$end_date" ]
+then
+    end_date_seconds=`date '+%s' --date "$end_date"`
+    now_seconds=`date '+%s'`
+    echo "($end_date_seconds-$now_seconds)/24/3600" | bc
+fi
+;;
+
+-i)
+issue_dn=`openssl s_client -servername $servername -host $host -port $port -showcerts $starttls -prexit </dev/null 2>/dev/null |
+          sed -n '/BEGIN CERTIFICATE/,/END CERT/p' |
+          openssl x509 -text 2>/dev/null |
+          sed -n 's/ *Issuer: *//p'`
+
+if [ -n "$issue_dn" ]
+then
+    issuer=`echo $issue_dn | sed -n 's/.*CN=*//p'`
+    echo $issuer
+fi
+;;
+*)
+echo "usage: $0 [-i|-d] hostname port sni"
+echo "    -i Show Issuer"
+echo "    -d Show valid days remaining"
+;;
+esac
--- a/Scripts/lld_backup_status_file.py
+++ b/Scripts/lld_backup_status_file.py
@@ -0,0 +1,13 @@
+#jinja2:variable_start_string:'[%',variable_end_string:'%]',comment_start_string:'<%',comment_end_string:'%>'
+#! [% discovered_interpreter_python %]
+import glob
+import json
+
+if __name__ == "__main__":
+    # Iterate over all block devices, but ignore them if they are in the
+    # skippable set
+    skippable = ()
+    data=[]
+    files=(file for file in glob.glob( "/var/run/*.status" ))
+    data = [{"{#STATUSFILE}": file} for file in files]
+    print(json.dumps({"data": data}, indent=4))
--- a/Scripts/lld_certlist.py
+++ b/Scripts/lld_certlist.py
@@ -0,0 +1,19 @@
+#!/usr/bin/python
+import json
+import os
+import re
+import glob
+
+import sys
+
+if __name__ == "__main__":
+  data=[]
+  filelist = glob.glob( '/etc/letsencrypt/renewal/*.conf' )
+  cert=[]
+  for line in filelist:
+    cert.append( os.path.basename(os.path.splitext(line)[0]) )
+    print( os.path.splitext(line)[0] )
+	 
+  data = [{"{#CERT}": line.strip()} for line in set(cert)]
+  print(json.dumps({"data": data}, indent=4))
+
--- a/Scripts/lld_filelist.py
+++ b/Scripts/lld_filelist.py
@@ -0,0 +1,15 @@
+#! {{ discovered_interpreter_python }}
+import glob
+import json
+from sys import argv,stderr
+import sys
+
+if __name__ == "__main__":
+    data=[]
+    try:
+        file = open( sys.argv[1] )
+    except:
+        sys.exit(1)
+
+    data = [{"{#FILE}": line.strip()} for line in file.readlines()]
+    print(json.dumps({"data": data}, indent=4))
--- a/Scripts/lld_php_fpm_url.py
+++ b/Scripts/lld_php_fpm_url.py
@@ -0,0 +1,25 @@
+#jinja2:variable_start_string:'[%',variable_end_string:'%]',comment_start_string:'<%',comment_end_string:'%>'
+#! [% discovered_interpreter_python %]
+import json
+import os
+import re
+import glob
+
+dir="/etc/httpd/conf.d/"
+
+phpfpm_status_url="ncstatus"
+
+# we get all url from apache config files
+# we know that name of site == name of file
+if __name__ == "__main__":
+    filelist = glob.glob( dir + '*.conf' )
+    result=[]
+    for file in filelist:
+       poolname=os.path.basename( file )
+       poolname=re.sub( '\.conf$', '', poolname )
+       for line in open(file):
+           res=re.search( phpfpm_status_url, line)
+           if res:
+               url=re.sub( r'\.conf$', '', os.path.basename(file) )
+               result.append({ "{#POOLNAME}": poolname, "{#POOLURL}": 'https://' +url +"/"+ phpfpm_status_url})
+    print(json.dumps({"data": result}, indent=4))
--- a/Scripts/lld_smart_disks.pl
+++ b/Scripts/lld_smart_disks.pl
@@ -0,0 +1,158 @@
+#jinja2:variable_start_string:'[%',variable_end_string:'%]',comment_start_string:'<%',comment_end_string:'%>'
+#!/usr/bin/perl
+use warnings;
+use strict;
+
+#must be run as root
+my $VERSION = 0.9;
+
+#add path if needed into $smartctl_cmd
+my $smartctl_cmd = "smartctl";
+my @input_disks;
+my @global_serials;
+my @smart_disks;
+
+if ( $^O eq 'darwin' ) {    # if MAC OSX
+
+    while ( glob('/dev/disk*') ) {
+        if ( $_ =~ /\/(disk+[0-9])$/ ) { push @input_disks, $1; }
+    }
+}
+else {
+    for (`$smartctl_cmd --scan-open`) {
+
+        #my $testline = "# /dev/sdc -d usbjmicron # /dev/sdc [USB JMicron], ATA device open" ;
+        #for ($testline) {
+        #splitting lines like  "/dev/sda -d scsi # /dev/sda, SCSI device"
+        #"/dev/sda [SAT] -d sat [ATA] (opened)" # in debian 6 and smartctl 5.4
+        #"/dev/sda -d sat # /dev/sda [SAT], ATA device" # in debian 8 and smartctl 6.4
+        #"/dev/bus/0 -d megaraid,01" for megaraid
+        #"# /dev/sdc -d usbjmicron # /dev/sdc [USB JMicron], ATA device open "
+
+        my ($disk_name) = $_ =~ /(\/(.+?))\s/;
+        my ($disk_args) = $_ =~ /(-d [A-Za-z0-9,\+]+)/;
+
+        if ( $disk_name and $disk_args ) {
+            push @input_disks,
+              {
+                disk_name => $disk_name,
+                disk_args => $disk_args,
+                subdisk   => 0
+              };
+        }
+
+    }
+}
+
+foreach my $disk (@input_disks) {
+
+    my @output_arr;
+    if ( @output_arr = get_smart_disks($disk) ) {
+        push @smart_disks, @output_arr;
+    }
+
+}
+
+json_discovery( \@smart_disks );
+
+sub get_smart_disks {
+    my $disk = shift;
+    my @disks;
+
+    $disk->{smart_enabled} = 0;
+
+    chomp( $disk->{disk_name} );
+    chomp( $disk->{disk_args} );
+
+    #my $testline = "open failed: Two devices connected, try '-d usbjmicron,[01]'";
+    #my $testline = "open device: /dev/sdc [USB JMicron] failed: Two devices connected, try '-d usbjmicron,[01]'";
+    #if ($disk->{subdisk} == 1) {
+    #$testline = "/dev/sdb -d usbjmicron,$disk->{disk_args} # /dev/sdb [USB JMicron], ATA device";
+    #}
+    foreach my $line (`$smartctl_cmd -i $disk->{disk_name} $disk->{disk_args} 2>&1`) {
+        #foreach my $line ($testline) {
+        #print $line;
+        #Some disks have "Number" and some "number", so
+        if ( $line =~ /^Serial (N|n)umber: +(.+)$/ ) {
+
+            #print "Serial number is ".$2."\n";
+            if ( grep /$2/, @global_serials ) {
+
+                #print "disk already exist skipping\n";
+                return;
+            }
+            else {
+                push @global_serials, $2;
+            }
+        }
+        elsif ( $line =~ /Permission denied/ ) {
+
+            warn $line;
+
+        }
+        elsif ( $disk->{subdisk} == 0 and $line =~ /failed: [A-zA-Z]+ devices connected, try '(-d [a-zA-Z0-9]+,)\[([0-9]+)\]'/) {
+            #check for usbjmicron: "open failed: Two devices connected, try '-d usbjmicron,[01]'"
+            # or "open device: /dev/sdc [USB JMicron] failed: Two devices connected, try '-d usbjmicron,[01]'"
+            #not $disk->{subdisk} works as a guard against endless recursion
+
+            foreach ( split //, $2 ) {    #splitting [01]
+
+                push @disks,
+                  get_smart_disks(
+                    {
+                        disk_name => $disk->{disk_name},
+                        disk_args => $1 . $_,
+                        subdisk   => 1
+                    }
+                  );
+
+            }
+            return @disks;
+
+        }
+        elsif ( $line =~ /^SMART.+?: +(.+)$/ ) {
+
+            if ( $1 =~ /Enabled/ ) {
+                $disk->{smart_enabled} = 1;
+            }
+            elsif ( $1 =~ /Unavailable/ ) {
+                `$smartctl_cmd -i $disk->{disk_name} $disk->{disk_args} 2>&1`;
+            }
+
+            #if SMART is disabled then try to enable it (also offline tests etc)
+            elsif ( $1 =~ /Disabled/ ) {
+                foreach (`smartctl -s on -o on -S on $disk->{disk_name} $disk->{disk_args}`)
+                {
+                    if (/SMART Enabled/) { $disk->{smart_enabled} = 1; }
+                }
+            }
+
+        }
+    }
+    push @disks, $disk;
+    return @disks;
+
+}
+
+sub json_discovery {
+    my $disks = shift;
+
+    my $first = 1;
+    print "{\n";
+    print "\t\"data\":[\n\n";
+
+    foreach my $disk ( @{$disks} ) {
+
+        print ",\n" if not $first;
+        $first = 0;
+        print "\t\t{\n";
+        print "\t\t\t\"{#DISKNAME}\":\"".$disk->{disk_name}.q{ }.$disk->{disk_args}."\",\n";
+        #print "\t\t\t\"{#DISKCMD}\":\"".$disk->{disk_name}.q{ }.$disk->{disk_args}."\",\n";
+        print "\t\t\t\"{#SMART_ENABLED}\":\"".$disk->{smart_enabled}."\"\n";
+        print "\t\t}";
+
+    }
+    print "\n\t]\n";
+    print "}\n";
+
+}