inspect-domains : add Nginx support

2022-09-05 18:50:07 +02:00 · 2022-09-05 18:50:07 +02:00 · 7e979132f7
parent c28ded807d
commit 7e979132f7
1 changed files with 79 additions and 20 deletions
--- a/inspect-domains/files/inspect-domains.py
+++ b/inspect-domains/files/inspect-domains.py
@ -17,6 +17,7 @@ import subprocess
 import threading
 import time
 import argparse
+import json

 #import importlib.machinery
 #list_domains = importlib.machinery.SourceFileLoader('list_domains.py', list_domains_path).load_module()
@ -40,7 +41,7 @@ def get_my_ips():
    stdout, stderr = execute('hostname -I')
    if not stdout:
        return []
-    return stdout[0].strip().split()
+    return stdout[0].strip(' \t').split()


 def dig(domain):
@ -48,6 +49,12 @@ def dig(domain):
    stdout, stderr = execute('dig +short {}'.format(domain))
    return stdout

+
+def strip_comments(string):
+    """Return string with any # comment removed.""" 
+    return string.split('#')[0]
+
+
 def list_apache_domains():
    """Return a dict containing :
    - key: Apache domain (from command "apache2ctl -D DUMP_VHOSTS").
@ -56,24 +63,24 @@ def list_apache_domains():
    domains = {}

    try:
-        stdout, stderr = execute("apache2ctl -D DUMP_VHOSTS")
+        stdout, stderr = execute('apache2ctl -D DUMP_VHOSTS')
    except:
-        # Apache is not on the server
+        # Apache is not present on the server
        return domains

-    vhost_infos = ""
+    vhost_infos = ''
    for line in stdout:
-        dom = ""
-        words = line.strip().split()
+        dom = ''
+        words = line.strip(' \t').split()

-        if "namevhost" in line and len(words) >= 5:
+        if 'namevhost' in line and len(words) >= 5:
            # line format: port <PORT> namevhost <DOMAIN> (<VHOST_PATH>:<LINE_IN_BLOCK>)
-            dom = words[3]
-            vhost_infos = "apache:" + words[4].strip('()')
+            dom = words[3].strip()
+            vhost_infos = 'apache:' + words[4].strip('()')

-        elif "alias" in line and len(words) >= 2:
+        elif 'alias' in line and len(words) >= 2:
            # line format: alias <DOMAIN>
-            dom = words[1]  # vhost_infos defined in previous lines
+            dom = words[1].strip()  # vhost_infos defined in previous lines

        if dom:
            if dom not in domains:
@ -84,6 +91,54 @@ def list_apache_domains():
    return domains


+def list_nginx_domains():
+    """Return a dict containing :
+    - key: Nginx domain (from command "nginx -T").
+    - value: a list of strings "nginx:<VHOST_PATH>:<LINE_IN_BLOCK>"
+    """
+    domains = {}
+
+    try:
+        stdout, stderr = execute('nginx -T')
+    except:
+        # Nginx is not present on the server
+        return domains
+
+    line_number = 1
+    config_file_path = ''
+
+    for line in stdout:
+        if '# configuration file' in line:
+            # line format : # configuration file <PATH>:
+            words = line.strip(' \t;').split()
+            config_file_path = words[3].strip(' :')
+            continue
+         
+        if 'server_name ' in line:
+            # TODO: améliorer le if (cas tabulation)
+            # line format : server_name <DOMAIN1> [<DOMAINS2 ...];
+            line = strip_comments(line)
+            words = line.strip(' \t;').split()
+
+            for d in words[1:]:
+                dom = d.strip()
+                vhost_infos = 'nginx:{}:{}'.format(config_file_path, line_number)
+
+                if dom not in domains:
+                    domains[dom] = []
+                if vhost_infos not in domains[d]:
+                    domains[dom].append(vhost_infos)
+
+        line_number += 1  # increment line number for next round
+        
+        if 'server {' in line:
+            # TODO: améliorer le if (cas plusieurs espaces)
+            # line format : server {
+            line_number = 0
+
+    return domains
+
+
 class ResolutionThread(threading.Thread):
    
    def __init__(self, domain):
@ -217,7 +272,7 @@ def main(argv):
            sys.exit(1)
   
    if not (args.all_domains or args.apache_domains or args.nginx_domains or args.haproxy_domains):
-        print('Domains not specified, looking for all domains (default).')
+        print('Domains scope not specified, looking for all domains (default).')
        args.all_domains = True

    doms = {}
@ -229,9 +284,9 @@ def main(argv):
        if args.apache_domains:
            doms.update(list_apache_domains())
        if args.nginx_domains:
-            print("Option --nginx-domains not supported yet.")
+            doms.update(list_nginx_domains())
        if args.haproxy_domains:
-            print("Option --haproxy-domains not supported yet.")
+            print('Option --haproxy-domains not supported yet.')
    
    if not doms:
        if args.output_style == 'nrpe':
@ -241,14 +296,18 @@ def main(argv):
            print('No domain found on this server.')
            sys.exit(1)
    
-    timeout_domains, none_domains, outside_ips, ok_domains = run_check_domains(doms.keys())
+    if args.action == 'check-dns':
+        timeout_domains, none_domains, outside_ips, ok_domains = run_check_domains(doms.keys())
+        
+        if args.output_style == 'nrpe':
+            output_check_mode(timeout_domains, none_domains, outside_ips, ok_domains)
    
-    if args.output_style == 'nrpe':
-        output_check_mode(timeout_domains, none_domains, outside_ips, ok_domains)
-    
-    else:
-        output_friendly_mode(doms, timeout_domains, none_domains, outside_ips)
+        else:
+            output_friendly_mode(doms, timeout_domains, none_domains, outside_ips)

+    elif args.action == 'list':
+        print(json.dumps(doms, sort_keys=True, indent=4))
+        

 if __name__ == '__main__':
    main(sys.argv[1:])