nagios-nrpe: Cleaning of check_ssl_local (minor)
All checks were successful
Ansible Lint |Total|New|Outstanding|Fixed|Trend
|:-:|:-:|:-:|:-:|:-:
|2594|6|2588|8|:+1:
Reference build: <a href="https://jenkins.evolix.org/job/gitea/job/ansible-roles/job/unstable/290//ansiblelint">Evolix » ansible-roles » unstable #290</a>
gitea/ansible-roles/pipeline/head This commit looks good
All checks were successful
Ansible Lint |Total|New|Outstanding|Fixed|Trend
|:-:|:-:|:-:|:-:|:-:
|2594|6|2588|8|:+1:
Reference build: <a href="https://jenkins.evolix.org/job/gitea/job/ansible-roles/job/unstable/290//ansiblelint">Evolix » ansible-roles » unstable #290</a>
gitea/ansible-roles/pipeline/head This commit looks good
This commit is contained in:
parent
831715e44c
commit
da0110b4f3
|
@ -16,54 +16,54 @@ critical=0
|
||||||
warning=0
|
warning=0
|
||||||
|
|
||||||
|
|
||||||
if [[ ! -f "$certs_list_path" ]]; then
|
if [[ ! -f "${certs_list_path}" ]]; then
|
||||||
touch "$certs_list_path"
|
touch "${certs_list_path}"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
certs_list=$(cat "$certs_list_path" | sed -E 's/(.*)#.*/\1/g' | grep -v -E '^$')
|
certs_list=$(sed -E 's/(.*)#.*/\1/g' "${certs_list_path}" | grep -v -E '^$')
|
||||||
|
|
||||||
for cert_path in $certs_list; do
|
for cert_path in ${certs_list}; do
|
||||||
|
|
||||||
if [ ! -f "$cert_path" ] && [ ! -d "$cert_path" ]; then
|
if [ ! -f "$cert_path" ] && [ ! -d "${cert_path}" ]; then
|
||||||
echo "Warning: path '$cert_path' is not a file or a directory."
|
echo "Warning: path '${cert_path}' is not a file or a directory."
|
||||||
warning=1
|
warning=1
|
||||||
continue
|
continue
|
||||||
fi
|
fi
|
||||||
|
|
||||||
enddate=$(openssl x509 -noout -enddate -in "$cert_path" | cut -d'=' -f2)
|
enddate=$(openssl x509 -noout -enddate -in "${cert_path}" | cut -d'=' -f2)
|
||||||
|
|
||||||
# Check cert expiré (critique)
|
# Check cert expiré (critique)
|
||||||
if ! openssl x509 -checkend 0 -in "$cert_path" &> /dev/null; then
|
if ! openssl x509 -checkend 0 -in "${cert_path}" &> /dev/null; then
|
||||||
critical=1
|
critical=1
|
||||||
echo "Critical: Cert '$cert_path' has expired on $enddate."
|
echo "Critical: Cert '${cert_path}' has expired on ${enddate}."
|
||||||
continue
|
continue
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Check cert expire < 10 jours (critique)
|
# Check cert expire < 10 jours (critique)
|
||||||
if ! openssl x509 -checkend "$_10_days" -in "$cert_path" &> /dev/null; then
|
if ! openssl x509 -checkend "${_10_days}" -in "${cert_path}" &> /dev/null; then
|
||||||
critical=1
|
critical=1
|
||||||
echo "Critical: Cert '$cert_path' will expire on $enddate."
|
echo "Critical: Cert '${cert_path}' will expire on ${enddate}."
|
||||||
continue
|
continue
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Check cert expire < 15 jours (warning)
|
# Check cert expire < 15 jours (warning)
|
||||||
if ! openssl x509 -checkend "$_15_days" -in "$cert_path" &> /dev/null; then
|
if ! openssl x509 -checkend "${_15_days}" -in "${cert_path}" &> /dev/null; then
|
||||||
warning=1
|
warning=1
|
||||||
echo "Warning: Cert '$cert_path' will expire on $enddate."
|
echo "Warning: Cert '${cert_path}' will expire on ${enddate}."
|
||||||
continue
|
continue
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Cert expire > 15 jours (OK)
|
# Cert expire > 15 jours (OK)
|
||||||
echo "Cert '$cert_path' OK."
|
echo "Cert '${cert_path}' OK."
|
||||||
|
|
||||||
done
|
done
|
||||||
|
|
||||||
if [ $critical -eq 1 ]; then
|
if [ "${critical}" -eq 1 ]; then
|
||||||
exit 2
|
exit 2
|
||||||
elif [ $warning -eq 1 ]; then
|
elif [ "${warning}" -eq 1 ]; then
|
||||||
exit 1
|
exit 1
|
||||||
else
|
else
|
||||||
exit 0
|
exit 0
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue