evolix/ansible-roles
22
2
Fork 2
Code Issues 61 Pull requests 19 Releases 33 Wiki Activity

evocheck: upstream release 23.07
All checks were successful
Ansible Lint |Total|New|Outstanding|Fixed|Trend |:-:|:-:|:-:|:-:|:-: |2594|6|2588|5|:-1: Reference build: <a href="https://jenkins.evolix.org/job/gitea/job/ansible-roles/job/unstable/288//ansiblelint">Evolix » ansible-roles » unstable #288</a>
Details
gitea/ansible-roles/pipeline/head This commit looks good
Details

Browse source
This commit is contained in:
William Hirigoyen 2023-07-07 11:18:20 +02:00
parent aa10f719b4
commit 53f82edefb
3 changed files with 31 additions and 23 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
evocheck/files/evocheck.jessie.sh
View file

@ -4,7 +4,7 @@
# Script to verify compliance of a Linux (Debian) server
# powered by Evolix
VERSION="23.04.01"
VERSION="23.07"
readonly VERSION
# base functions

34
evocheck/files/evocheck.sh
View file

@ -4,7 +4,7 @@
# Script to verify compliance of a Linux (Debian) server
# powered by Evolix
VERSION="23.04.01"
VERSION="23.07"
readonly VERSION
# base functions
@ -276,7 +276,7 @@ check_alert5minifw() {
fi
}
check_minifw() {
/sbin/iptables -L -n | grep -q -E "^ACCEPT\s*all\s*--\s*31\.170\.8\.4\s*0\.0\.0\.0/0\s*$" \
/sbin/iptables -L -n | grep -q -E "^ACCEPT\s*(all|0)\s*--\s*31\.170\.8\.4\s*0\.0\.0\.0/0\s*$" \
|| failed "IS_MINIFW" "minifirewall seems not started"
}
check_minifw_includes() {
@ -307,7 +307,7 @@ check_nrpedisks() {
test "$NRPEDISKS" = "$DFDISKS" || failed "IS_NRPEDISKS" "there must be $DFDISKS check_disk in nrpe.cfg"
}
check_nrpepid() {
if is_debian_bullseye; then
if { is_debian_bullseye || is_debian_bookworm ; }; then
{ test -e /etc/nagios/nrpe.cfg \
&& grep -q "^pid_file=/run/nagios/nrpe.pid" /etc/nagios/nrpe.cfg;
} || failed "IS_NRPEPID" "missing or wrong pid_file directive in nrpe.cfg"
@ -874,20 +874,28 @@ check_ldap_backup() {
check_redis_backup() {
if is_installed redis-server; then
# You could change the default path in /etc/evocheck.cf
# REDIS_BACKUP_PATH may contain space-separated paths, example:
# REDIS_BACKUP_PATH may contain space-separated paths, for example:
# REDIS_BACKUP_PATH='/home/backup/redis-instance1/dump.rdb /home/backup/redis-instance2/dump.rdb'
# Old default path: /home/backup/dump.rdb
# New default path: /home/backup/redis/dump.rdb
if [ -z "${REDIS_BACKUP_PATH}" ]; then
if ! [ -f "/home/backup/dump.rdb" ] && ! [ -f "/home/backup/redis/dump.rdb" ]; then
failed "IS_REDIS_BACKUP" "Redis dump is missing (/home/backup/dump.rdb or /home/backup/redis/dump.rdb)."
# Warning : this script doesn't handle spaces in file paths !
REDIS_BACKUP_PATH="${REDIS_BACKUP_PATH:-$(find /home/backup/ -iname "*.rdb*")}"
# Check number of dumps
n_instances=$(pgrep 'redis-server' | wc -l)
n_dumps=$(echo $REDIS_BACKUP_PATH | wc -w)
if [ ${n_dumps} -lt ${n_instances} ]; then
failed "IS_REDIS_BACKUP" "Missing Redis dump : ${n_instances} instance(s) found versus ${n_dumps} dump(s) found."
fi
# Check last dump date
age_threshold=$(date +"%s" -d "now - 2 days")
for dump in ${REDIS_BACKUP_PATH}; do
last_update=$(stat -c "%Z" $dump)
if [ "${last_update}" -lt "${age_threshold}" ]; then
failed "IS_REDIS_BACKUP" "Redis dump ${dump} is older than 2 days."
fi
else
for file in ${REDIS_BACKUP_PATH}; do
test -f "${file}" || failed "IS_REDIS_BACKUP" "Redis dump ${file} is missing."
done
fi
fi
}
check_elastic_backup() {
if is_installed elasticsearch; then

2
evocheck/files/evocheck.wheezy.sh
View file

@ -4,7 +4,7 @@
# Script to verify compliance of a Linux (Debian) server
# powered by Evolix
VERSION="23.04.01"
VERSION="23.07"
readonly VERSION
# base functions