Mathieu Trossevin
831715e44c
All checks were successful
Ansible Lint |Total|New|Outstanding|Fixed|Trend
|:-:|:-:|:-:|:-:|:-:
|2596|5|2591|3|:-1:
Reference build: <a href="https://jenkins.evolix.org/job/gitea/job/ansible-roles/job/unstable/289//ansiblelint">Evolix » ansible-roles » unstable #289</a>
gitea/ansible-roles/pipeline/head This commit looks good
nrpe read output of plugins from stdout only, if there is no output it return UNKNOWN regardless of return code.
70 lines
1.6 KiB
Bash
Executable file
70 lines
1.6 KiB
Bash
Executable file
#!/bin/bash
|
|
|
|
# Check permettant de monitorer une liste de certificats se trouvant dans
|
|
# /etc/nagios/ssl_local.cfg
|
|
#
|
|
# Développé par Will (2022)
|
|
#
|
|
|
|
certs_list_path="/etc/nagios/check_ssl_local_list.cfg"
|
|
|
|
# Dates in seconds
|
|
_10_days="864000"
|
|
_15_days="1296000"
|
|
|
|
critical=0
|
|
warning=0
|
|
|
|
|
|
if [[ ! -f "$certs_list_path" ]]; then
|
|
touch "$certs_list_path"
|
|
fi
|
|
|
|
certs_list=$(cat "$certs_list_path" | sed -E 's/(.*)#.*/\1/g' | grep -v -E '^$')
|
|
|
|
for cert_path in $certs_list; do
|
|
|
|
if [ ! -f "$cert_path" ] && [ ! -d "$cert_path" ]; then
|
|
echo "Warning: path '$cert_path' is not a file or a directory."
|
|
warning=1
|
|
continue
|
|
fi
|
|
|
|
enddate=$(openssl x509 -noout -enddate -in "$cert_path" | cut -d'=' -f2)
|
|
|
|
# Check cert expiré (critique)
|
|
if ! openssl x509 -checkend 0 -in "$cert_path" &> /dev/null; then
|
|
critical=1
|
|
echo "Critical: Cert '$cert_path' has expired on $enddate."
|
|
continue
|
|
fi
|
|
|
|
# Check cert expire < 10 jours (critique)
|
|
if ! openssl x509 -checkend "$_10_days" -in "$cert_path" &> /dev/null; then
|
|
critical=1
|
|
echo "Critical: Cert '$cert_path' will expire on $enddate."
|
|
continue
|
|
fi
|
|
|
|
# Check cert expire < 15 jours (warning)
|
|
if ! openssl x509 -checkend "$_15_days" -in "$cert_path" &> /dev/null; then
|
|
warning=1
|
|
echo "Warning: Cert '$cert_path' will expire on $enddate."
|
|
continue
|
|
fi
|
|
|
|
# Cert expire > 15 jours (OK)
|
|
echo "Cert '$cert_path' OK."
|
|
|
|
done
|
|
|
|
if [ $critical -eq 1 ]; then
|
|
exit 2
|
|
elif [ $warning -eq 1 ]; then
|
|
exit 1
|
|
else
|
|
exit 0
|
|
fi
|
|
|
|
|