Fix various shellcheck violations
This commit is contained in:
parent
962eefe3d7
commit
e5d1dc96bb
|
@ -29,7 +29,7 @@ mkdir -p "${_TMPDIR}"
|
|||
|
||||
# Don't try to run if it's already running
|
||||
if [ -e "${_PIDFILE}" ]; then
|
||||
echo "$(date)" >> "${_TMPDIR}"/log
|
||||
date >> "${_TMPDIR}"/log
|
||||
exit 1
|
||||
else
|
||||
echo $$ >> "${_PIDFILE}"
|
||||
|
@ -46,16 +46,14 @@ fi
|
|||
# List peers and loops on them to list them and their BGP state
|
||||
bgpctl show neighbor | grep Description {{ bgp_exclude_grep_command }} | sed s,\ Description:\ ,,g > "${_TMPDIR}"/peers-list
|
||||
|
||||
while read _PEER
|
||||
while read -r _PEER
|
||||
do
|
||||
_STATUS=$(/usr/sbin/bgpctl show neighbor "${_PEER}" | grep state | awk '{print $4}' |tr -d ',')
|
||||
echo -n "${_PEER}" >> "${_TMPDIR}"/bgp-status
|
||||
echo -n " " >> "${_TMPDIR}"/bgp-status
|
||||
# we note only if it's established or not
|
||||
if ! [[ "${_STATUS}" = "Established" ]] ; then
|
||||
_STATUS="NotEstablished"
|
||||
fi
|
||||
echo "${_STATUS}" >> "${_TMPDIR}"/bgp-status
|
||||
echo "${_PEER} ${_STATUS}" >> "${_TMPDIR}"/bgp-status
|
||||
|
||||
done <"${_TMPDIR}"/peers-list
|
||||
|
||||
|
@ -74,7 +72,7 @@ mkdir -p "${_TMPMAILDIR}"
|
|||
|
||||
# go through sessions and list them depending on their BGP state
|
||||
echo "*** Session(s) OK ***\n" >> "${_TMPMAILDIR}"/bodyok
|
||||
while read _LINE
|
||||
while read -r _LINE
|
||||
do
|
||||
# _LINE is session + status
|
||||
_STATUS=$(echo "${_LINE##* }")
|
||||
|
|
|
@ -48,15 +48,13 @@ if [ -z "$2" ];then
|
|||
fi
|
||||
|
||||
# check if the carp interface exists or not
|
||||
ifconfig $1 > /dev/null
|
||||
if [ $? != "0" ];then
|
||||
if ! ifconfig "$1" > /dev/null; then
|
||||
echo "carp interface $1 does not exist. Exiting ...."
|
||||
exit "$STATE_CRITICAL"
|
||||
fi
|
||||
|
||||
# check state
|
||||
ifconfig $1 | grep -i $2 > /dev/null
|
||||
if [ $? != "0" ];then
|
||||
if ! ifconfig "$1" | grep -i "$2" > /dev/null; then
|
||||
echo "NOT_OK - $1 should be $2"
|
||||
exit "$STATE_CRITICAL"
|
||||
else
|
||||
|
|
|
@ -26,8 +26,7 @@ fi
|
|||
|
||||
# If main connection is UP but not used => critical and continue
|
||||
# If main connection is DOWN (used or not) => warning and exit
|
||||
/sbin/ping -c1 -w1 ${MAIN_CONNECTION_PINGABLE_IP} >/dev/null 2>&1
|
||||
if [ $? = 0 ]; then
|
||||
if /sbin/ping -c1 -w1 ${MAIN_CONNECTION_PINGABLE_IP} >/dev/null 2>&1; then
|
||||
if [ "${CURRENT_GATEWAY}" != "${MAIN_CONNECTION_GATEWAY}" ]; then
|
||||
echo "Main connection is UP but not used as gateway !"
|
||||
STATE=2
|
||||
|
@ -42,16 +41,14 @@ else
|
|||
fi
|
||||
|
||||
# If second connection is DOWN => critical and continue
|
||||
/sbin/ping -c1 -w1 ${SECOND_CONNECTION_PINGABLE_IP} >/dev/null 2>&1
|
||||
if [ $? != 0 ]; then
|
||||
if ! /sbin/ping -c1 -w1 ${SECOND_CONNECTION_PINGABLE_IP} >/dev/null 2>&1; then
|
||||
echo "Second connection (${INFO_SECOND_CONNECTION}) is down"
|
||||
STATE=2
|
||||
fi
|
||||
|
||||
# Check whether /etc/mygate has the IP of main connection
|
||||
if [ "${IS_GATEWAY_IN_FILE}" = 1 ]; then
|
||||
/usr/bin/grep -q "${MAIN_CONNECTION_GATEWAY}" /etc/mygate
|
||||
if [ $? != 0 ]; then
|
||||
if ! /usr/bin/grep -q "${MAIN_CONNECTION_GATEWAY}" /etc/mygate; then
|
||||
echo "Main connection is not set in /etc/mygate"
|
||||
STATE=2
|
||||
fi
|
||||
|
@ -59,8 +56,7 @@ fi
|
|||
|
||||
# Check whether ipsecctl use the main connection
|
||||
if [ "${IS_VPN_USING_MAIN_CONNECTION}" = 1 ]; then
|
||||
/sbin/ipsecctl -sa | /usr/bin/grep -q "${MAIN_CONNECTION_IP}"
|
||||
if [ $? != 0 ]; then
|
||||
if ! /sbin/ipsecctl -sa | /usr/bin/grep -q "${MAIN_CONNECTION_IP}"; then
|
||||
echo "VPN is not using the main connection !"
|
||||
STATE=2
|
||||
fi
|
||||
|
@ -68,8 +64,7 @@ fi
|
|||
|
||||
# Check whether PacketFilter has route-to using the main connection
|
||||
if [ "${IS_PF_USING_MAIN_CONNECTION}" = 1 ]; then
|
||||
/sbin/pfctl -sr | /usr/bin/grep "route-to" | /usr/bin/grep -q "${MAIN_CONNECTION_GATEWAY}"
|
||||
if [ $? != 0 ]; then
|
||||
if ! /sbin/pfctl -sr | /usr/bin/grep "route-to" | /usr/bin/grep -q "${MAIN_CONNECTION_GATEWAY}"; then
|
||||
echo "PF is not using the main connection !"
|
||||
STATE=2
|
||||
fi
|
||||
|
|
|
@ -2,19 +2,19 @@
|
|||
IPSECCTL="/sbin/ipsecctl -s sa"
|
||||
STATUS=0
|
||||
|
||||
LINE1=`$IPSECCTL | grep "from $1 to $2" `
|
||||
$IPSECCTL | grep -q "from $1 to $2"
|
||||
if [ $? -eq 1 ]; then
|
||||
STATUS=2;
|
||||
OUTPUT1="No VPN from $1 to $2 "
|
||||
fi
|
||||
|
||||
LINE2=`$IPSECCTL | grep "from $2 to $1" `
|
||||
$IPSECCTL | grep -q "from $2 to $1"
|
||||
if [ $? -eq 1 ]; then
|
||||
STATUS=2;
|
||||
OUTPUT2="No VPN from $2 to $1"
|
||||
fi
|
||||
|
||||
if [ $STATUS -eq 0 ]; then
|
||||
if [ "$STATUS" -eq 0 ]; then
|
||||
echo "VPN OK - $3 is up"
|
||||
exit $STATUS
|
||||
else
|
||||
|
|
|
@ -12,7 +12,7 @@ STATUS=0
|
|||
VPN_KO=""
|
||||
|
||||
default_int=$(route -n show -inet | grep default | awk '{ print $8 }' | grep -v pppoe0)
|
||||
default_ip=$(ifconfig $default_int | grep inet | head -1 | awk '{ print $2 }')
|
||||
default_ip=$(ifconfig "$default_int" | grep inet | head -1 | awk '{ print $2 }')
|
||||
|
||||
# No check if CARP backup
|
||||
|
||||
|
@ -40,11 +40,10 @@ fi
|
|||
# Check with "ipsecctl -sa"
|
||||
|
||||
for vpn in $(cat /etc/ipsec.conf | grep -v "^#" | awk '{print $2}'); do
|
||||
vpn=$(basename $vpn .conf\")
|
||||
vpn=$(basename "$vpn" .conf\")
|
||||
local_ip=$default_ip
|
||||
remote_ip=$(grep -E "remote_ip" /etc/ipsec/${vpn}.conf | grep -v "^#" | grep -o "[0-9]*\.[0-9]*\.[0-9]*\.[0-9]*")
|
||||
$CHECK_IPSECCTL $local_ip $remote_ip "$vpn" > /dev/null
|
||||
if [ $? -ne 0 ]; then
|
||||
remote_ip=$(grep -E "remote_ip" /etc/ipsec/"${vpn}".conf | grep -v "^#" | grep -o "[0-9]*\.[0-9]*\.[0-9]*\.[0-9]*")
|
||||
if ! "$CHECK_IPSECCTL" "$local_ip" "$remote_ip" "$vpn" > /dev/null; then
|
||||
STATUS=2
|
||||
VPN_KO="$VPN_KO $vpn"
|
||||
fi
|
||||
|
@ -67,12 +66,12 @@ if [ $STATUS -eq 0 ]; then
|
|||
|
||||
for vpn in $VPNS; do
|
||||
# dst_ip takes the value of VPNS_IP
|
||||
eval dst_ip=\$${vpn}_IP
|
||||
eval dst_ip=\$"${vpn}"_IP
|
||||
|
||||
# Definition of the source IP of the ping according to the source network used (our side, adjust the -I option)
|
||||
case $vpn in
|
||||
*vlan1*) ping -q -i 0.1 -I 192.168.5.5 -c 3 -w 1 $dst_ip >/dev/null ;;
|
||||
*vlan2*) ping -q -i 0.1 -I 172.16.2.5 -c 3 -w 1 $dst_ip >/dev/null ;;
|
||||
*vlan1*) ping -q -i 0.1 -I 192.168.5.5 -c 3 -w 1 "$dst_ip" >/dev/null ;;
|
||||
*vlan2*) ping -q -i 0.1 -I 172.16.2.5 -c 3 -w 1 "$dst_ip" >/dev/null ;;
|
||||
esac
|
||||
|
||||
if [ $? -ne 0 ]; then
|
||||
|
|
|
@ -4,7 +4,7 @@
|
|||
|
||||
carp=$(/sbin/ifconfig carp0 | /usr/bin/grep 'status' |cut -d' ' -f2)
|
||||
|
||||
if [ $carp = 'backup' ]; then
|
||||
if [ "$carp" = 'backup' ]; then
|
||||
echo "No check, I'm a backup"
|
||||
return 0
|
||||
else
|
||||
|
|
|
@ -10,10 +10,10 @@ _CRTICAL_STATES_LIMIT=$((_MAX_STATES_LIMIT*65/100))
|
|||
|
||||
_CHECK_STATES=$(/sbin/pfctl -si | /usr/bin/grep current | awk '{print $3}')
|
||||
|
||||
if [ $_CHECK_STATES -lt $_WARNING_STATES_LIMIT ];then
|
||||
if [ "$_CHECK_STATES" -lt "$_WARNING_STATES_LIMIT" ];then
|
||||
echo "OK: States number ($_CHECK_STATES) is below threshold (warn : $_WARNING_STATES_LIMIT / crit : $_CRTICAL_STATES_LIMIT / max : $_MAX_STATES_LIMIT)"
|
||||
exit "$STATE_OK"
|
||||
elif [ $_CHECK_STATES -ge $_WARNING_STATES_LIMIT ] && [ $_CHECK_STATES -lt $_CRTICAL_STATES_LIMIT ];then
|
||||
elif [ "$_CHECK_STATES" -ge "$_WARNING_STATES_LIMIT" ] && [ "$_CHECK_STATES" -lt "$_CRTICAL_STATES_LIMIT" ];then
|
||||
echo "WARNING: States number is $_CHECK_STATES (threshold WARNING = $_WARNING_STATES_LIMIT, max = $_MAX_STATES_LIMIT)"
|
||||
exit "$STATE_WARNING"
|
||||
else
|
||||
|
|
|
@ -29,7 +29,7 @@ mkdir -p "${_TMPDIR}"
|
|||
|
||||
# Don't try to run if it's already running
|
||||
if [ -e "${_PIDFILE}" ]; then
|
||||
echo "$(date)" >> "${_TMPDIR}"/log
|
||||
date >> "${_TMPDIR}"/log
|
||||
exit 1
|
||||
else
|
||||
echo $$ >> "${_PIDFILE}"
|
||||
|
@ -46,12 +46,12 @@ fi
|
|||
# List peers and loops on them to list them and their OSPF6 state
|
||||
ospf6ctl show neighbor | grep -v "^$" | grep -v "Uptime" | awk {'print $1'} > "${_TMPDIR}"/peers-list
|
||||
|
||||
while read _PEER
|
||||
while read -r _PEER
|
||||
do
|
||||
_STATUS=$(/usr/sbin/ospf6ctl show neighbor | grep "${_PEER} " | awk {'print $3'})
|
||||
echo -n "${_PEER}" >> "${_TMPDIR}"/ospf6-status
|
||||
echo -n " " >> "${_TMPDIR}"/ospf6-status
|
||||
if ([[ "${_STATUS}" = "FULL/BCKUP" ]] || [[ "${_STATUS}" = "FULL/DR" ]] || [[ "${_STATUS}" = "2-WAY/OTHER" ]] || [[ "${_STATUS}" = "FULL/OTHER" ]]) ; then
|
||||
if [[ "${_STATUS}" = "FULL/BCKUP" ]] || [[ "${_STATUS}" = "FULL/DR" ]] || [[ "${_STATUS}" = "2-WAY/OTHER" ]] || [[ "${_STATUS}" = "FULL/OTHER" ]] ; then
|
||||
_STATUS="UP"
|
||||
else
|
||||
_STATUS="DOWN"
|
||||
|
@ -75,7 +75,7 @@ mkdir -p "${_TMPMAILDIR}"
|
|||
|
||||
# go through sessions and list them depending on their OSPF6 state
|
||||
echo "*** Session(s) OK ***\n" >> "${_TMPMAILDIR}"/bodyok
|
||||
while read _LINE
|
||||
while read -r _LINE
|
||||
do
|
||||
# _LINE is session + status
|
||||
_STATUS=$(echo "${_LINE}" | awk {'print $2'})
|
||||
|
|
|
@ -29,7 +29,7 @@ mkdir -p "${_TMPDIR}"
|
|||
|
||||
# Don't try to run if it's already running
|
||||
if [ -e "${_PIDFILE}" ]; then
|
||||
echo "$(date)" >> "${_TMPDIR}"/log
|
||||
date >> "${_TMPDIR}"/log
|
||||
exit 1
|
||||
else
|
||||
echo $$ >> "${_PIDFILE}"
|
||||
|
@ -46,12 +46,12 @@ fi
|
|||
# List peers and loops on them to list them and their OSPF state
|
||||
ospfctl show neighbor | grep -v "^$" | grep -v "Uptime" | awk {'print $1'} > "${_TMPDIR}"/peers-list
|
||||
|
||||
while read _PEER
|
||||
while read -r _PEER
|
||||
do
|
||||
_STATUS=$(/usr/sbin/ospfctl show neighbor | grep "${_PEER} " | awk {'print $3'})
|
||||
echo -n "${_PEER}" >> "${_TMPDIR}"/ospf-status
|
||||
echo -n " " >> "${_TMPDIR}"/ospf-status
|
||||
if ([[ "${_STATUS}" = "FULL/BCKUP" ]] || [[ "${_STATUS}" = "FULL/DR" ]] || [[ "${_STATUS}" = "2-WAY/OTHER" ]] || [[ "${_STATUS}" = "FULL/OTHER" ]]) ; then
|
||||
if [[ "${_STATUS}" = "FULL/BCKUP" ]] || [[ "${_STATUS}" = "FULL/DR" ]] || [[ "${_STATUS}" = "2-WAY/OTHER" ]] || [[ "${_STATUS}" = "FULL/OTHER" ]] ; then
|
||||
_STATUS="UP"
|
||||
else
|
||||
_STATUS="DOWN"
|
||||
|
@ -75,7 +75,7 @@ mkdir -p "${_TMPMAILDIR}"
|
|||
|
||||
# go through sessions and list them depending on their OSPF state
|
||||
echo "*** Session(s) OK ***\n" >> "${_TMPMAILDIR}"/bodyok
|
||||
while read _LINE
|
||||
while read -r _LINE
|
||||
do
|
||||
# _LINE is session + status
|
||||
_STATUS=$(echo "${_LINE}" | awk {'print $2'})
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
#!/bin/sh
|
||||
|
||||
VERSION=22.01
|
||||
VERSION=22.06
|
||||
|
||||
if [ ! -f /etc/motd-original ]; then
|
||||
cp /etc/motd /etc/motd-original
|
||||
|
@ -18,7 +18,7 @@ ifconfig carp0 | grep -q backup
|
|||
backup=$?
|
||||
|
||||
if [ "$master" -eq 0 ]; then
|
||||
if [ $(cat /tmp/carp.state) = "master" ]; then
|
||||
if [ "$(cat /tmp/carp.state)" = "master" ]; then
|
||||
# We already were master, no change
|
||||
exit 0
|
||||
fi
|
||||
|
@ -32,7 +32,7 @@ cat /etc/motd-original - << EOF > /etc/motd
|
|||
EOF
|
||||
echo "master" > /tmp/carp.state
|
||||
elif [ "$backup" -eq 0 ]; then
|
||||
if [ $(cat /tmp/carp.state) = "backup" ]; then
|
||||
if [ "$(cat /tmp/carp.state)" = "backup" ]; then
|
||||
# We already were backup, no change
|
||||
exit 0
|
||||
fi
|
||||
|
|
|
@ -8,13 +8,13 @@ computerIP=$(ifconfig egress | grep inet | awk -v OFS="\n" '{ print $2, $NF }'|
|
|||
computerKernel=$(sysctl kern.osrelease | sed 's#kern.osrelease=##')
|
||||
computerOS="OpenBSD $computerKernel"
|
||||
HardwareSerial=$(sysctl hw.serialno 2>/dev/null | sed 's#hw.serialno=##')
|
||||
if [ -z $HardwareSerial ]; then sysctl hw | grep -qi qemu && HardwareSerial="Not Specified"; fi
|
||||
if [ -z "$HardwareSerial" ]; then sysctl hw | grep -qi qemu && HardwareSerial="Not Specified"; fi
|
||||
clientNumber="{{ client_number | mandatory }}"
|
||||
monitoringMode="{{ monitoring_mode | mandatory }}"
|
||||
cpuMark=$(sysctl hw.model| sed 's#hw.model=##')
|
||||
cpuModel=$(sysctl hw.model| sed 's#hw.model=##')
|
||||
cpuFreq=$(sysctl hw.cpuspeed| sed 's#hw.cpuspeed=##')
|
||||
mem=$(expr $(sysctl hw.physmem| sed 's#hw.physmem=##') / 1000000)Mo
|
||||
mem="$(($(sysctl hw.physmem | sed 's#hw.physmem=##') / 1000000))"Mo
|
||||
eth0Mark=unknown
|
||||
eth0Model=unknown
|
||||
eth0MAC=$(ifconfig egress | awk -v OFS="\n" '{ print $2, $NF }' | head -3 | tail -1)
|
||||
|
@ -25,19 +25,18 @@ sdaSize=100G
|
|||
sdaModel=unknown
|
||||
swap=unknown
|
||||
nrpeVersion=$(pkg_info nrpe | head -1 | sed 's/Information for inst://')
|
||||
openvpnVersion=$(pkg_info openvpn | head -1 | sed 's/Information for inst://')
|
||||
opensshFingerprintRSA=$(ssh-keyscan -t rsa localhost 2>/dev/null\
|
||||
| sed -e 's/localhost //' -e 's/ssh-rsa /ssh-rsa,/')
|
||||
opensshFingerprintED25519=$(ssh-keyscan -t ed25519 localhost 2>/dev/null\
|
||||
| sed -e 's/localhost //' -e 's/ssh-ed25519 /ssh-ed25519,/')
|
||||
opensshFingerprintECDSA=$(ssh-keyscan -t ecdsa-sha2-nistp256 localhost 2>/dev/null\
|
||||
| sed -e 's/localhost //' -e 's/ecdsa-sha2-nistp256 /ecdsa-sha2-nistp256,/')
|
||||
Fingerprint="${opensshFingerprintRSA}${opensshFingerprintRSA:+;}"\
|
||||
"${opensshFingerprintED25519}${opensshFingerprintED25519:+;}${opensshFingerprintECDSA}"
|
||||
Fingerprint="${opensshFingerprintRSA}${opensshFingerprintRSA:+;}\
|
||||
${opensshFingerprintED25519}${opensshFingerprintED25519:+;}${opensshFingerprintECDSA}"
|
||||
|
||||
ldif_file="/root/${EvoComputerName}.$(date +"%Y%m%d%H%M%S").ldif"
|
||||
|
||||
cat<<EOT>${ldif_file}
|
||||
cat<<EOT>"${ldif_file}"
|
||||
# ldapvi --profile evolix --add --in ${ldif_file}
|
||||
|
||||
dn: EvoComputerName=${EvoComputerName},ou=computer,dc=evolix,dc=net
|
||||
|
@ -150,8 +149,8 @@ ServiceVersion: packetfilter
|
|||
|
||||
EOT
|
||||
|
||||
if egrep -q 'sd.*RAID' /var/run/dmesg.boot; then
|
||||
cat<<EOT>>${ldif_file}
|
||||
if grep -Eq 'sd.*RAID' /var/run/dmesg.boot; then
|
||||
cat<<EOT>>"${ldif_file}"
|
||||
dn: ServiceName=bioctl,EvoComputerName=${EvoComputerName},ou=computer,dc=evolix,dc=net
|
||||
objectClass: EvoService
|
||||
NagiosEnabled: TRUE
|
||||
|
|
Loading…
Reference in New Issue