evolix/evomaintenance
21
0
Fork 0
Code Issues 10 Pull requests 2 Releases 6 Wiki Activity

Compare commits

base: evolix:master
Branches Tags
evolix:master
evolix:lxc-etc-git
evolix:timeout-read
evolix:sudo-user
evolix:jlecour-dev
evolix:openbsd-port
evolix:23.10.1
evolix:23.10
evolix:22.01
evolix:0.6.4
evolix:0.6.3
evolix:0.6.0
evolix:0.4.1
evolix:0.4.0
..
compare: evolix:openbsd-port
Branches Tags
evolix:master
evolix:lxc-etc-git
evolix:timeout-read
evolix:sudo-user
evolix:jlecour-dev
evolix:openbsd-port
evolix:23.10.1
evolix:23.10
evolix:22.01
evolix:0.6.4
evolix:0.6.3
evolix:0.6.0
evolix:0.4.1
evolix:0.4.0

2 commits
master ... openbsd-po

Author SHA1 Message Date
Daniel Jakots 172974912a add the WIP port 2016-12-09 14:47:38 +01:00
Daniel Jakots f525b3bf3d Begin the work on creating an OpenBSD port 2016-12-09 14:40:53 +01:00
15 changed files with 139 additions and 1080 deletions
Show stats Expand all files Collapse all files

98
CHANGELOG.md
View file

@ -1,98 +0,0 @@
The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
and this project **does not adhere to [Semantic Versioning](http://semver.org/spec/v2.0.0.html)**.
## [Unreleased]
### Added
### Changed
### Deprecated
### Removed
### Fixed
### Security
## [23.10.1] - 2023-10-09
### Fixed
* Use a special variable name since USER is always defined from the environment
## [23.10] - 2023-10-09
### Added
* Force a user name with `-u,--user` option (default is still `logname(1)`).
* More people credited
### Deprecated
* `--autosysadmin` is replaced by `--user autosysadmin`
## [22.07] - 2022-07-05
### Added
* Add `--autosysadmin` flag
* Commit change in /etc of lxc containers
### Changed
### Deprecated
### Removed
### Fixed
### Security
## [22.01] - 2022-01-25
### Added
* version/host/user headers in sent email
### Changed
New version pattern
## [0.6.4] - 2021-06-17
### Added
* fallback if findmnt is absent
## [0.6.3] - 2020-02-02
### Added
* Notify syslog when partitions are re-mounted (Linux)
## [0.6.2] - 2020-02-02
### Fixed
* better detection of read-only partitions (Linux)
## [0.6.0] - 2019-11-05
### Added
* commit changes in /usr/share/scripts/ if needed
## Previous changelog
* 0.5.0 : options et mode interactif pour l'exécution des actions, meilleure compatibilité POSIX
* 0.4.1 : Utilisation de "printf" à la place de "echo" pour mieux gérer les sauts de ligne
* 0.4.0 : Amélioration de la récupération d'information (plus de cas gérés). Infos Git avant la saisie.
* 0.3.0 : Écriture dans un fichier de log, amélioration de la récupération d'informations, amélioration de la syntaxe shell
* 0.2.7 : Correction d'un bug lors de l'utilisation de '&' dans le texte
* 0.2.6 : Precision du charset dans les entetes du mail
* 0.2.5 : Correction d'un bug avec le path de sendmail sous OpenBSD
* 0.2.4 : Correction d'un bug lors de l'utilisation de '/' dans le texte
* 0.2.3 : Correction d'un bug avec $REALM

11
README Normal file
View file

@ -0,0 +1,11 @@
script for Evolix maintenance
=============================
script evomaintenance.sh which sends a mail
for each intervention on a Pack Evolix server.
* Pb quand '&' dans le msg d'evomaintenance...
# Pour le port OpenBSD, avoir l'arbre des ports puis
$ mkdir -p /usr/ports/mystuff/sysutils
$ cp -R openbsd/evomaintenance /usr/ports/mystuff/sysutils

30
README.md
View file

@ -1,30 +0,0 @@
# Evomaintenance
```.plain
$ evomaintenance --help
evomaintenance is a program that helps reporting what you've done on a server
Usage: evomaintenance
or evomaintenance --message="add new host"
or evomaintenance --no-api --no-mail --no-commit
or echo "add new vhost" | evomaintenance
Options
-m, --message=MESSAGE set the message from the command line
--mail enable the mail hook (default)
--no-mail disable the mail hook
--db enable the database hook
--no-db disable the database hook (default)
--api enable the API hook (default)
--no-api disable the API hook
--commit enable the commit hook (default)
--no-commit disable the commit hook
--evocheck enable evocheck execution (default)
--no-evocheck disable evocheck execution
--auto use "auto" mode
--no-auto use "manual" mode (default)
-v, --verbose increase verbosity
-n, --dry-run actions are not executed
--help print this message and exit
--version print version and exit
```

60
Vagrantfile vendored
View file

@ -1,60 +0,0 @@
# -*- mode: ruby -*-
# vi: set ft=ruby :
Vagrant::DEFAULT_SERVER_URL.replace('https://vagrantcloud.com')
# Load ~/.VagrantFile if exist, permit local config provider
vagrantfile = File.join("#{Dir.home}", '.VagrantFile')
load File.expand_path(vagrantfile) if File.exists?(vagrantfile)
Vagrant.configure('2') do |config|
config.vm.synced_folder "./", "/vagrant", type: "rsync", rsync__exclude: [ '.vagrant', '.git' ]
config.ssh.shell = "/bin/sh"
$deps = <<SCRIPT
DEBIAN_FRONTEND=noninteractive apt-get -yq install postgresql-client sudo sendmail
SCRIPT
$install = <<SCRIPT
if [ ! -d /usr/share/scripts ]; then
mkdir /usr/share/scripts
chmod 700 /usr/share/scripts
chown root:$1 /usr/share/scripts
fi
ln -fs /vagrant/evomaintenance.sh /usr/share/scripts
ln -fs /vagrant/evomaintenance.cf /etc
SCRIPT
$trap = <<SCRIPT
trap_cmd='trap "sudo /usr/share/scripts/evomaintenance.sh" 0'
if [ -f /home/vagrant/.bash_profile ]; then
if ! grep -q "$trap_cmd" /home/vagrant/.bash_profile; then
echo "$trap_cmd" >> /home/vagrant/.bash_profile
fi
elif [ -f /home/vagrant/.profile ]; then
if ! grep -q "$trap_cmd" /home/vagrant/.profile; then
echo "$trap_cmd" >> /home/vagrant/.profile
fi
else
echo "$trap_cmd" > /home/vagrant/.profile
fi
SCRIPT
nodes = [
{ :name => "debian", :box => "debian/stretch64", :group => "root" },
{ :name => "openbsd", :box => "generic/openbsd6", :group => "wheel" }
]
nodes.each do |i|
config.vm.define "#{i[:name]}" do |node|
node.vm.hostname = "evomaintenance-#{i[:name]}"
node.vm.box = "#{i[:box]}"
config.vm.provision "deps", type: "shell", :inline => $deps if "#{i[:name]}" == "debian"
config.vm.provision "deps", type: "shell", :inline => "pkg_add postgresql-client-10.5p1" if "#{i[:name]}" == "openbsd"
config.vm.provision "install", type: "shell", :inline => $install, :args => ["#{i[:group]}"]
config.vm.provision "trap", type: "shell", :inline => $trap
end
end
end

5
changelog Normal file
View file

@ -0,0 +1,5 @@
0.2.7 : Correction d'un bug lors de l'utilisation de '&' dans le texte
0.2.6 : Precision du charset dans les entetes du mail
0.2.5 : Correction d'un bug avec le path de sendmail sous OpenBSD
0.2.4 : Correction d'un bug lors de l'utilisation de '/' dans le texte
0.2.3 : Correction d'un bug avec $REALM

3
contrib/git-hook-post-checkout
View file

@ -1,3 +0,0 @@
#!/bin/sh
# Git pre-checkout hook restoring permissions and ownerships.
mtree -u < .mtree

26
contrib/git-hook-pre-commit
View file

@ -1,26 +0,0 @@
#!/bin/sh
# Git pre-commit hook storing permissions and ownerships.
mtreeignore=$(mktemp --suffix mtree)
mtree_exclude() {
echo .git
# Get ignored files from git https://stackoverflow.com/a/467053
find . -not -path './.git/*' | git check-ignore --stdin
}
# In case .mtree doens't exists yet, we still want it in the specification
# to be generated.
if [ -f .mtree ]; then
touch .mtree
fi
mtree_exclude > "$mtreeignore"
trap 'rm --force "$mtreeignore"' EXIT
mtree -x -c \
-p . \
-k uname,gname,mode \
-X "$mtreeignore" > .mtree
git add .mtree

55
debian/changelog vendored
View file

@ -1,50 +1,3 @@
evomaintenance (0.6.3-1) UNRELEASED; urgency=low
* fix partitions re-mounting before/after commits
-- Jérémy Lecour <jlecour@evolix.fr> Mon, 3 Mar 2020 22:14:12 +0100
evomaintenance (0.6.0-1) UNRELEASED; urgency=low
* commit changes in /usr/share/scripts/ if needed
-- Jérémy Lecour <jlecour@evolix.fr> Tue, 5 Nov 2019 14:50:12 +0100
evomaintenance (0.5.1-1) UNRELEASED; urgency=low
* verify commands presence only if needed
-- Jérémy Lecour <jlecour@evolix.fr> Wed, 21 Aug 2019 15:38:12 +0200
evomaintenance (0.5.0-1) UNRELEASED; urgency=low
* options and interactive mode for selective hooks execution, and better POSIX compliance
-- Jérémy Lecour <jlecour@evolix.fr> Sun, 26 Mar 2019 11:13:12 +0100
evomaintenance (0.4.1-1) UNRELEASED; urgency=low
* Use "printf" instead of "echo" for better line breaks support
-- Jérémy Lecour <jlecour@evolix.fr> Tue, 25 Sep 2018 11:54:12 +0200
evomaintenance (0.4.0-1) UNRELEASED; urgency=low
* Git status printed before typing the message
* better information extraction (User, IP…)
-- Jérémy Lecour <jlecour@evolix.fr> Tue, 25 Sep 2018 09:51:55 +0200
evomaintenance (0.3.0-1) UNRELEASED; urgency=medium
* New upstream release.
* log file support.
* more information in Git commit.
* improve information gathering.
* improve shell syntax
-- Jérémy Lecour <jlecour@evolix.fr> Wed, 05 Sep 2018 18:48:55 +0200
evomaintenance (0.2.8-1) UNRELEASED; urgency=medium
* New upstream release.
@ -57,7 +10,7 @@ evomaintenance (0.2.8-1) UNRELEASED; urgency=medium
evomaintenance (0.2.7-1) UNRELEASED; urgency=low
* New upstream release.
* This version fixes bug when text contains a character '&'.
* This version fixes bug when text contains a character '&'.
-- Gregory Colpart <reg@debian.org> Thu, 11 Mar 2010 16:14:19 +0100
@ -65,7 +18,7 @@ evomaintenance (0.2.6-1) UNRELEASED; urgency=low
* New upstream release.
* This version fixes the bug for charset in mail.
* Add Build-Depends on debhelper.
* Add Build-Depends on debhelper.
-- Gregory Colpart <reg@debian.org> Mon, 01 Jun 2009 15:57:32 +0200
@ -86,13 +39,13 @@ evomaintenance (0.2.3-1) UNRELEASED; urgency=low
evomaintenance (0.2.2-1) UNRELEASED; urgency=low
* New upstream release.
* Fix debian/rules to have correct permissions.
* Fix debian/rules to have correct permissions.
-- Gregory Colpart <reg@debian.org> Mon, 10 Nov 2008 00:09:39 +0100
evomaintenance (0.2.1-1) UNRELEASED; urgency=low
* New upstream release.
* New upstream release.
-- Gregory Colpart <reg@debian.org> Sun, 9 Nov 2008 22:37:20 +0100

3
debian/control vendored
View file

@ -7,7 +7,8 @@ Standards-Version: 3.8.0
Package: evomaintenance
Architecture: all
Depends: coreutils, sudo, sed, hostname, postfix, git, postgresql-client
Depends: postgresql-client, sudo
Description: script for Evolix maintenance
This package contains the script evomaintenance.sh
which sends a mail for each intervention on a Pack Evolix server.

7
debian/rules vendored
View file

@ -12,18 +12,19 @@ build: build-stamp
build-stamp:
dh_testdir
touch $@
clean:
clean:
dh_testdir
dh_testroot
rm -f build-stamp
dh_clean
dh_clean
install: build
dh_testdir
dh_testroot
dh_clean -k
dh_clean -k
dh_installdirs
install -m 700 -d $(CURDIR)/debian/evomaintenance/usr/share/scripts
install -m 700 evomaintenance.sh $(CURDIR)/debian/evomaintenance/usr/share/scripts/
install -m 600 evomaintenance.tpl $(CURDIR)/debian/evomaintenance/usr/share/scripts/
install -m 755 -d $(CURDIR)/debian/evomaintenance/etc
install -m 600 evomaintenance.cf $(CURDIR)/debian/evomaintenance/etc/
# Build architecture-independent files here.

2
evomaintenance.cf
View file

@ -13,5 +13,3 @@ FULLFROM="John Doe <jdoe@example.com>"
URGENCYFROM=mama.doe@example.com
URGENCYTEL="06.00.00.00.00"
REALM=example.com
API_ENDPOINT=https://example.com/api/
API_KEY=secretkey

858
evomaintenance.sh Executable file → Normal file
View file

@ -1,830 +1,76 @@
#!/bin/sh
VERSION="23.10.1"
# EvoMaintenance script
# Dependencies (all OS): git postgresql-client
# Dependencies (Debian): sudo
show_version() {
cat <<END
evomaintenance version ${VERSION}
# version 0.2
# Copyright 2007-2008 Gregory Colpart <reg@evolix.fr>, Evolix <info@evolix.fr>
Copyright 2007-2023 Evolix <info@evolix.fr>,
Gregory Colpart <reg@evolix.fr>,
Jérémy Lecour <jlecour@evolix.fr>,
Brice Waegeneire <bwaegeneire@evolix.fr>,
Mathieu Trossevin <mtrossevin@evolix.fr>
and others.
SYSTEME=$(uname -s)
evomaintenance comes with ABSOLUTELY NO WARRANTY. This is free software,
and you are welcome to redistribute it under certain conditions.
See the GNU General Public Licence for details.
END
}
show_help() {
cat <<END
evomaintenance is a program that helps reporting what you've done on a server
Usage: evomaintenance
or evomaintenance --message="add new host"
or evomaintenance --no-api --no-mail --no-commit
or echo "add new vhost" | evomaintenance
Options
-m, --message=MESSAGE set the message from the command line
--mail enable the mail hook (default)
--no-mail disable the mail hook
--db enable the database hook
--no-db disable the database hook (default)
--api enable the API hook (default)
--no-api disable the API hook
--commit enable the commit hook (default)
--no-commit disable the commit hook
--evocheck enable evocheck execution (default)
--no-evocheck disable evocheck execution
--auto use "auto" mode
--no-auto use "manual" mode (default)
-u, --user=USER force USER value (default: logname(1))
-v, --verbose increase verbosity
-n, --dry-run actions are not executed
--help print this message and exit
-V, --version print version and exit
END
}
syslog() {
if [ -x "${LOGGER_BIN}" ]; then
${LOGGER_BIN} -t "evomaintenance" "$1"
fi
}
get_system() {
uname -s
}
get_fqdn() {
if [ "$(get_system)" = "Linux" ]; then
hostname --fqdn
elif [ "$(get_system)" = "OpenBSD" ]; then
hostname
else
echo "OS not detected!"
exit 1
fi
}
get_tty() {
if [ "$(get_system)" = "Linux" ]; then
ps -o tty= | tail -1
elif [ "$(get_system)" = "OpenBSD" ]; then
env | grep SSH_TTY | cut -d"/" -f3
else
echo "OS not detected!"
exit 1
fi
}
get_who() {
who=$(LC_ALL=C who -m | tr -s ' ')
if [ -n "${who}" ]; then
echo "${who}"
else
LC_ALL=C who | grep "$(get_tty)" | tr -s ' '
fi
}
get_begin_date() {
# XXX A begin date isn't applicable when used in autosysadmin, so we
# use the same date as the end date.
if is_autosysadmin; then
get_end_date
else
printf "%s %s" "$(date "+%Y")" "$(get_who | cut -d" " -f3,4,5)"
fi
}
get_ip() {
ip=$(get_who | cut -d" " -f6 | sed -e "s/^(// ; s/)$//")
if is_autosysadmin || [ "${ip}" = ":0" ]; then
ip="localhost"
elif [ -z "${ip}" ]; then
ip="unknown (no tty)"
fi
echo "${ip}"
}
get_end_date() {
date +"%Y %b %d %H:%M"
}
get_now() {
date +"%Y-%m-%dT%H:%M:%S%z"
}
get_user() {
if [ -n "${FORCE_USER}" ]; then
echo "${FORCE_USER}"
else
logname
fi
}
get_complete_hostname() {
REAL_HOSTNAME=$(get_fqdn)
if [ "${HOSTNAME}" = "${REAL_HOSTNAME}" ]; then
echo "${HOSTNAME}"
else
echo "${HOSTNAME} (${REAL_HOSTNAME})"
fi
}
get_repository_status() {
dir=$1
# tell Git where to find the repository and the work tree (no need to `cd …` there)
export GIT_DIR="${dir}/.git" GIT_WORK_TREE="${dir}"
# If the repository and the work tree exist, try to commit changes
if [ -d "${GIT_DIR}" ] && [ -d "${GIT_WORK_TREE}" ]; then
CHANGED_LINES=$(${GIT_BIN} status --porcelain | wc -l | tr -d ' ')
if [ "${CHANGED_LINES}" != "0" ]; then
STATUS=$(${GIT_BIN} status --short | tail -n ${GIT_STATUS_MAX_LINES})
printf "%s\n%s\n" "${GIT_DIR} (last ${GIT_STATUS_MAX_LINES} lines)" "${STATUS}" | sed -e '/^$/d'
fi
fi
# unset environment variables to prevent accidental influence on other git commands
unset GIT_DIR GIT_WORK_TREE
}
get_evocheck() {
if [ -x "${EVOCHECK_BIN}" ]; then
printf "Evocheck status :"
EVOCHECK_OUT=$(${EVOCHECK_BIN})
EVOCHECK_RC=$?
if [ "${EVOCHECK_RC}" = "0" ] && [ -z "${EVOCHECK_OUT}" ]; then
printf " OK\n\n"
else
printf " ERROR\n%s\n\n" "${EVOCHECK_OUT}"
fi
fi
}
print_log() {
printf "*********** %s ***************\n" "$(get_now)"
print_session_data
printf "Hooks : commit=%s db=%s api=%s mail=%s\n"\
"${HOOK_COMMIT}" "${HOOK_DB}" "${HOOK_API}" "${HOOK_MAIL}"
if [ "${HOOK_MAIL}" = "1" ]; then
printf "Mailto : %s\n" "${EVOMAINTMAIL}"
fi
}
print_session_data() {
printf "Host : %s\n" "${HOSTNAME_TEXT}"
printf "User : %s\n" "${USER}"
printf "IP : %s\n" "${IP}"
printf "Begin : %s\n" "${BEGIN_DATE}"
printf "End : %s\n" "${END_DATE}"
printf "Message : %s\n" "${MESSAGE}"
}
is_autosysadmin() {
test "${USER}" = "autosysadmin"
}
is_repository_readonly() {
if [ "$(get_system)" = "OpenBSD" ]; then
partition=$(stat -f '%Sd' $1)
mount | grep ${partition} | grep -q "read-only"
elif command -v findmnt >/dev/null; then
mountpoint=$(stat -c '%m' $1)
findmnt ${mountpoint} --noheadings --output OPTIONS -O ro
else
grep /usr /proc/mounts | grep -E '\bro\b'
fi
}
remount_repository_readwrite() {
if [ "$(get_system)" = "OpenBSD" ]; then
partition=$(stat -f '%Sd' $1)
mount -u -w /dev/${partition} 2>/dev/null
else
mountpoint=$(stat -c '%m' $1)
mount -o remount,rw ${mountpoint}
syslog "Re-mount ${mountpoint} as read-write to commit in repository $1"
fi
}
remount_repository_readonly() {
if [ "$(get_system)" = "OpenBSD" ]; then
partition=$(stat -f '%Sd' $1)
mount -u -r /dev/${partition} 2>/dev/null
else
mountpoint=$(stat -c '%m' $1)
mount -o remount,ro ${mountpoint} 2>/dev/null
syslog "Re-mount ${mountpoint} as read-only after commit to repository $1"
fi
}
hook_commit() {
if [ -x "${GIT_BIN}" ]; then
# loop on possible directories managed by GIT
for dir in ${GIT_REPOSITORIES}; do
# tell Git where to find the repository and the work tree (no need to `cd …` there)
export GIT_DIR="${dir}/.git" GIT_WORK_TREE="${dir}"
# reset variable used to track if a mount point is readonly
READONLY_ORIG=0
# If the repository and the work tree exist, try to commit changes
if [ -d "${GIT_DIR}" ] && [ -d "${GIT_WORK_TREE}" ]; then
CHANGED_LINES=$(${GIT_BIN} status --porcelain | wc -l | tr -d ' ')
if [ "${CHANGED_LINES}" != "0" ]; then
if [ "${DRY_RUN}" = "1" ]; then
# STATS_SHORT=$(${GIT_BIN} diff --stat | tail -1)
STATS=$(${GIT_BIN} diff --stat | tail -n ${GIT_STATUS_MAX_LINES})
# GIT_COMMITS_SHORT=$(printf "%s\n%s : %s" "${GIT_COMMITS_SHORT}" "${GIT_DIR}" "${STATS_SHORT}" | sed -e '/^$/d')
GIT_COMMITS=$(printf "%s\n%s\n%s" "${GIT_COMMITS}" "${GIT_DIR}" "${STATS}" | sed -e '/^$/d')
else
# remount mount point read-write if currently readonly
is_repository_readonly ${dir} && { READONLY_ORIG=1; remount_repository_readwrite ${dir}; }
# commit changes
${GIT_BIN} add --all
${GIT_BIN} commit --message "${MESSAGE}" --author="${USER} <${USER}@evolix.net>" --quiet
# remount mount point read-only if it was before
test "$READONLY_ORIG" = "1" && remount_repository_readonly ${dir}
# Add the SHA to the log file if something has been committed
SHA=$(${GIT_BIN} rev-parse --short HEAD)
# STATS_SHORT=$(${GIT_BIN} show --stat | tail -1)
STATS=$(${GIT_BIN} show --stat --pretty=format:"" | tail -n ${GIT_STATUS_MAX_LINES})
# append commit data, without empty lines
# GIT_COMMITS_SHORT=$(printf "%s\n%s : %s %s" "${GIT_COMMITS_SHORT}" "${GIT_DIR}" "${SHA}" "${STATS_SHORT}" | sed -e '/^$/d')
GIT_COMMITS=$(printf "%s\n%s : %s\n%s" "${GIT_COMMITS}" "${GIT_DIR}" "${SHA}" "${STATS}" | sed -e '/^$/d')
fi
fi
fi
# unset environment variables to prevent accidental influence on other git commands
unset GIT_DIR GIT_WORK_TREE
done
if [ -n "${GIT_COMMITS}" ]; then
# if [ "${VERBOSE}" = "1" ]; then
printf "\n********** Commits ****************\n%s\n***********************************\n" "${GIT_COMMITS}"
# fi
if [ "${DRY_RUN}" != "1" ]; then
echo "${GIT_COMMITS}" >> "${LOGFILE}"
fi
fi
fi
}
hook_db() {
SQL_DETAILS=$(echo "${MESSAGE}" | sed "s/'/''/g")
PG_QUERY="INSERT INTO evomaint(hostname,userid,ipaddress,begin_date,end_date,details) VALUES ('${HOSTNAME}','${USER}','${IP}','${BEGIN_DATE}',now(),'${SQL_DETAILS}')"
if [ "${VERBOSE}" = "1" ]; then
printf "\n********** DB query **************\n%s\n***********************************\n" "${PG_QUERY}"
fi
if [ "${DRY_RUN}" != "1" ] && [ -x "${PSQL_BIN}" ]; then
echo "${PG_QUERY}" | ${PSQL_BIN} "${PGDB}" "${PGTABLE}" -h "${PGHOST}"
fi
}
hook_api() {
if [ "${VERBOSE}" = "1" ]; then
printf "\n********** API call **************\n"
printf "curl -f -s -S -X POST [REDACTED] -k -F api_key=[REDACTED] -F action=insertEvoMaintenance -F hostname=%s -F userid=%s -F ipaddress=%s -F begin_date=%s -F end_date='now()' -F details=%s" \
"${HOSTNAME}" "${USER}" "${IP}" "${BEGIN_DATE}" "${MESSAGE}"
printf "\n***********************************\n"
fi
if [ "${DRY_RUN}" != "1" ] && [ -x "${CURL_BIN}" ]; then
API_RETURN_STATUS=$(curl -f -s -S -X POST \
"${API_ENDPOINT}" -k \
-F api_key="${API_KEY}" \
-F action=insertEvoMaintenance \
-F hostname="${HOSTNAME}" \
-F userid="${USER}" \
-F ipaddress="${IP}" \
-F begin_date="${BEGIN_DATE}" \
-F end_date='now()' \
-F details="${MESSAGE}")
# either cURL or the API backend can throw an error, otherwise it returns this JSON response
if [ "$API_RETURN_STATUS" = '{"status":"Ok"}' ]; then
echo "API call OK."
else
echo "API call FAILED."
fi
fi
}
format_mail() {
cat <<EOTEMPLATE
From: ${FULLFROM}
Content-Type: text/plain; charset=UTF-8
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Evomaintenance-Version: ${VERSION}
X-Evomaintenance-Host: ${HOSTNAME_TEXT}
X-Evomaintenance-User: ${USER}
To: ${EVOMAINTMAIL}
Subject: [evomaintenance] Intervention sur ${HOSTNAME_TEXT} (${USER})
Bonjour,
Une intervention vient de se terminer sur votre serveur.
Nom du serveur : ${HOSTNAME_TEXT}
Personne ayant réalisée l'intervention : ${USER}
Intervention réalisée depuis : ${IP}
Début de l'intervention : ${BEGIN_DATE}
Fin de l'intervention : ${END_DATE}
### Renseignements sur l'intervention
${MESSAGE}
###
EOTEMPLATE
if [ -n "${GIT_COMMITS}" ]; then
cat << EOTEMPLATE
### Commits
${GIT_COMMITS}
###
EOTEMPLATE
fi
cat <<EOTEMPLATE
Pour réagir à cette intervention, vous pouvez répondre à ce message
(sur l'adresse mail ${FROM}). En cas d'urgence, utilisez
l'adresse ${URGENCYFROM} ou notre téléphone portable d'astreinte
(${URGENCYTEL})
Cordialement,
--
${FULLFROM}
EOTEMPLATE
}
hook_mail() {
MAIL_CONTENT=$(format_mail)
if [ "${VERBOSE}" = "1" ]; then
printf "\n********** Mail *******************\n%s\n***********************************\n" "${MAIL_CONTENT}"
fi
if [ "${DRY_RUN}" != "1" ] && [ -x "${SENDMAIL_BIN}" ]; then
echo "${MAIL_CONTENT}" | ${SENDMAIL_BIN} -oi -t -f "${FROM}"
fi
}
hook_log() {
if [ "${VERBOSE}" = "1" ]; then
print_log
fi
if [ "${DRY_RUN}" != "1" ]; then
print_log >> "${LOGFILE}"
fi
}
# load configuration if present.
test -f /etc/evomaintenance.cf && . /etc/evomaintenance.cf
HOSTNAME=${HOSTNAME:-$(get_fqdn)}
EVOMAINTMAIL=${EVOMAINTMAIL:-"evomaintenance-$(echo "${HOSTNAME}" | cut -d- -f1)@${REALM}"}
LOGFILE=${LOGFILE:-"/var/log/evomaintenance.log"}
HOOK_COMMIT=${HOOK_COMMIT:-"1"}
HOOK_DB=${HOOK_DB:-"0"}
HOOK_API=${HOOK_API:-"1"}
HOOK_MAIL=${HOOK_MAIL:-"1"}
DRY_RUN=${DRY_RUN:-"0"}
VERBOSE=${VERBOSE:-"0"}
AUTO=${AUTO:-"0"}
EVOCHECK=${EVOCHECK:-"0"}
GIT_STATUS_MAX_LINES=${GIT_STATUS_MAX_LINES:-20}
API_ENDPOINT=${API_ENDPOINT:-""}
FORCE_USER=${FORCE_USER:-""}
[ $HOSTNAME ] || HOSTNAME=$(hostname)
[ $EVOMAINTMAIL ] || EVOMAINTMAIL=evomaintenance-$(echo $HOSTNAME | cut -d- -f1)@$REALM
# initialize variables
MESSAGE=""
# GIT_COMMITS_SHORT=""
GIT_COMMITS=""
PATH=$PATH:/usr/sbin
SENDMAIL=$(which sendmail)
# get ipaddress
# Parse options
# based on https://gist.github.com/deshion/10d3cb5f88a21671e17a
while :; do
case $1 in
-h|-\?|--help)
show_help
exit 0
;;
-V|--version)
show_version
exit 0
;;
-m|--message)
# message options, with value speparated by space
if [ -n "$2" ]; then
MESSAGE=$2
shift
else
printf 'ERROR: "--message" requires a non-empty option argument.\n' >&2
exit 1
fi
;;
--message=?*)
# message options, with value speparated by =
MESSAGE=${1#*=}
;;
--message=)
# message options, without value
printf 'ERROR: "--message" requires a non-empty option argument.\n' >&2
exit 1
;;
--no-commit)
# disable commit hook
HOOK_COMMIT=0
;;
--commit)
# enable commit hook
HOOK_COMMIT=1
;;
--no-db)
# disable DB hook
HOOK_DB=0
;;
--db)
# enable DB hook
HOOK_DB=1
;;
--no-api)
# disable API hook
HOOK_API=0
;;
--api)
# enable API hook
HOOK_API=1
;;
--no-mail)
# disable mail hook
HOOK_MAIL=0
;;
--mail)
# enable mail hook
HOOK_MAIL=1
;;
--no-auto)
# use "manual" mode
AUTO=0
;;
--auto)
# use "auto" mode
AUTO=1
;;
--autosysadmin)
# Deprecated, backward compatibility
# author change as autosysadmin
printf 'WARNING: "--autosysadmin" is deprecated, use "--user autosysadmin".\n' >&2
FORCE_USER="autosysadmin"
;;
-u|--user)
# user options, with value speparated by space
if [ -n "$2" ]; then
FORCE_USER=$2
shift
else
printf 'ERROR: "--user" requires a non-empty option argument.\n' >&2
exit 1
fi
;;
--user=?*)
# message options, with value speparated by =
FORCE_USER=${1#*=}
;;
--user=)
# message options, without value
printf 'ERROR: "--user" requires a non-empty option argument.\n' >&2
exit 1
;;
-n|--dry-run)
# disable actual commands
DRY_RUN=1
;;
-v|--verbose)
# print verbose information
VERBOSE=1
;;
--)
# End of all options.
shift
break
;;
-?*|[[:alnum:]]*)
# ignore unknown options
printf 'WARN: Unknown option (ignored): %s\n' "$1" >&2
;;
*)
# Default case: If no more options then break out of the loop.
break
;;
esac
BEGIN_YEAR=$(date "+%Y")
shift
done
# Treat unset variables as an error when substituting.
# Only after this line, because some config variables might be missing.
set -u
# Gather information
HOSTNAME_TEXT=$(get_complete_hostname)
# TTY=$(get_tty)
# WHO=$(get_who)
IP=$(get_ip)
BEGIN_DATE=$(get_begin_date)
END_DATE=$(get_end_date)
USER=$(get_user)
PATH=${PATH}:/usr/sbin
SENDMAIL_BIN=$(command -v sendmail)
readonly SENDMAIL_BIN
if [ "${HOOK_MAIL}" = "1" ] && [ -z "${SENDMAIL_BIN}" ]; then
echo "No \`sendmail' command has been found, can't send mail." 2>&1
fi
GIT_BIN=$(command -v git)
readonly GIT_BIN
if [ "${HOOK_COMMIT}" = "1" ] && [ -z "${GIT_BIN}" ]; then
echo "No \`git' command has been found, can't commit changes" 2>&1
fi
PSQL_BIN=$(command -v psql)
readonly PSQL_BIN
if [ "${HOOK_DB}" = "1" ] && [ -z "${PSQL_BIN}" ]; then
echo "No \`psql' command has been found, can't save to the database." 2>&1
fi
CURL_BIN=$(command -v curl)
readonly CURL_BIN
if [ "${HOOK_API}" = "1" ] && [ -z "${CURL_BIN}" ]; then
echo "No \`curl' command has been found, can't call the API." 2>&1
fi
LOGGER_BIN=$(command -v logger)
readonly LOGGER_BIN
if [ "${HOOK_API}" = "1" ] && [ -z "${API_ENDPOINT}" ]; then
echo "No API endpoint specified, can't call the API." 2>&1
fi
EVOCHECK_BIN="/usr/share/scripts/evocheck.sh"
GIT_REPOSITORIES="/etc /etc/bind /usr/share/scripts"
# Add /etc directories from lxc containers if they are git directories
if [ -d /var/lib/lxc ]; then
GIT_REPOSITORIES="${GIT_REPOSITORIES} $(find -L /var/lib/lxc/ -maxdepth 3 -name 'etc' | tr '\n' ' ' | sed 's/[[:space:]]\+$//')"
fi
# initialize variable
GIT_STATUSES=""
# git statuses
if [ -x "${GIT_BIN}" ]; then
# loop on possible directories managed by GIT
for dir in ${GIT_REPOSITORIES}; do
RESULT=$(get_repository_status "${dir}")
if [ -n "${RESULT}" ]; then
# append diff data, without empty lines
GIT_STATUSES=$(printf "%s\n%s\n" "${GIT_STATUSES}" "${RESULT}" | sed -e '/^$/d')
fi
unset RESULT
done
fi
# find out if running in interactive mode, or not
if [ -t 0 ]; then
INTERACTIVE=1
if [ $SYSTEME = "Linux" ]; then
IP=$(LC_ALL=C who | grep $(ps -o tty= | tail -1) | tr -s ' ' | cut -d" " -f6 | sed -e "s/^(// ; s/)$//")
BEGIN_DATE=$(LC_ALL=C who | grep $(ps -o tty= | tail -1) | tr -s ' ' | cut -d" " -f3,4,5)
_USER=$SUDO_USER
elif [ $SYSTEME = "OpenBSD" ]; then
IP=$(LC_ALL=C who | grep $(env | grep SSH_TTY | cut -d"/" -f3) | tr -s ' ' | cut -d" " -f6 | sed -e "s/^(// ; s/)$//")
BEGIN_DATE=$(LC_ALL=C who | grep $(env | grep SSH_TTY | cut -d"/" -f3) | tr -s ' ' | cut -d" " -f3,4,5)
_USER=$USER
else
INTERACTIVE=0
fi
readonly INTERACTIVE
if [ "${INTERACTIVE}" = "1" ] && [ "${EVOCHECK}" = "1" ]; then
get_evocheck
fi
if [ -n "${GIT_STATUSES}" ] && [ "${INTERACTIVE}" = "1" ]; then
printf "/!\\\ There are some uncommited changes.\n%s\n\n" "${GIT_STATUSES}"
echo "OS not detected!"
exit 1
fi
if [ -z "${MESSAGE}" ]; then
if [ "${INTERACTIVE}" = "1" ]; then
printf "> Please, enter details about your maintenance:\n"
fi
read -r MESSAGE
fi
# end_date
#now()
if [ -z "${MESSAGE}" ]; then
# details
echo "Please, enter details about your maintenance"
read TEXTE
if [ "$TEXTE" = "" ]; then
echo "no value..."
exit 1
fi
print_session_data
# SQL
TEXTE=`echo "$TEXTE" | sed "s/'/\\\\\\'/g ; s@/@\\\\\/@g ; s@\\&@et@g"`
if [ "${INTERACTIVE}" = "1" ] && [ "${AUTO}" = "0" ]; then
if [ "${HOOK_COMMIT}" = "1" ] || [ "${HOOK_MAIL}" = "1" ] || [ "${HOOK_DB}" = "1" ]; then
printf "\nActions to execute:\n"
if [ "${HOOK_COMMIT}" = "1" ]; then
printf "* commit changes in repositories\n"
fi
if [ "${HOOK_MAIL}" = "1" ]; then
printf "* send mail to %s\n" "${EVOMAINTMAIL}"
fi
if [ "${HOOK_DB}" = "1" ]; then
printf "* save metadata to the database\n"
fi
if [ "${HOOK_API}" = "1" ]; then
printf "* send metadata to the API\n"
fi
echo ""
# recapitulatif
echo "hostname = $HOSTNAME"
echo "user = $_USER"
echo "IP = $IP"
echo "begin date = $BEGIN_YEAR $BEGIN_DATE"
echo "details = $TEXTE"
answer=""
while :; do
printf "> Let's continue? [Y,n,i,?] "
read -r answer
case $answer in
[Yy]|"" )
# force "auto" mode, but keep hooks settings
AUTO=1
break
;;
[Nn] )
# force "auto" mode, and disable all hooks
HOOK_COMMIT=0
HOOK_MAIL=0
HOOK_DB=0
HOOK_API=0
AUTO=1
break
;;
[Ii] )
# force "manual" mode
AUTO=0
break
;;
* )
printf "y - yes, execute actions and exit\n"
printf "n - no, don't execute actions and exit\n"
printf "i - switch to interactive mode\n"
printf "? - print this help\n"
;;
esac
done
fi
echo "To cancel, [Ctrl+C] else press [Enter]"
read enter
# git stuff
if (test -x /usr/bin/git); then
cd /etc/
git add .
GIT_COMMIT=$(git commit -a -m "$TEXTE" --author="$_USER <$_USER@evolix.net>")
fi
if [ "${INTERACTIVE}" = "1" ] && [ "${AUTO}" = "0" ]; then
# Commit hook
if [ -n "${GIT_STATUSES}" ] && [ "${HOOK_COMMIT}" = "1" ]; then
printf "/!\ There are some uncommited changes.\n%s\n\n" "${GIT_STATUSES}"
echo "
INSERT INTO evomaint(hostname,userid,ipaddress,begin_date,end_date,details)
VALUES ('$HOSTNAME','$_USER','$IP','$BEGIN_YEAR $BEGIN_DATE',now(),'$TEXTE') " | \
psql $PGDB $PGTABLE -h $PGHOST
y="Y"; n="n"
answer=""
while :; do
printf "> Do you want to commit the changes? [%s] " "${y},${n}"
read -r answer
case $answer in
[Yy] )
hook_commit;
break
;;
[Nn] )
break
;;
"" )
if [ "${HOOK_COMMIT}" = "1" ]; then
hook_commit
fi
break
;;
* )
echo "answer with a valid choice"
;;
esac
done
fi
cat /usr/share/scripts/evomaintenance.tpl | \
sed -e "s/__TO__/$EVOMAINTMAIL/ ; s/__HOSTNAME__/$HOSTNAME/ ; s/__USER__/$_USER/ ; s/__BEGIN_DATE__/$BEGIN_YEAR $BEGIN_DATE/ ; s/__TEXTE__/$TEXTE/ ; s/__IP__/$IP/ ; s/__FULLFROM__/$FULLFROM/ ; s/__FROM__/$FROM/ ; s/__URGENCYFROM__/$URGENCYFROM/ ; s/__URGENCYTEL__/$URGENCYTEL/"| \
$SENDMAIL -oi -t -f $FROM
# Mail hook
if [ "${HOOK_MAIL}" = "1" ]; then
y="Y"; n="n"
else
y="y"; n="N"
fi
answer=""
while :; do
printf "> Do you want to send an email to <%s>? [%s] " "${EVOMAINTMAIL}" "${y},${n},e"
read -r answer
case $answer in
[Yy] )
hook_mail;
break
;;
[Nn] )
break
;;
[Ee] )
printf "> To: [%s] " "${EVOMAINTMAIL}"
read -r mail_recipient
if [ -n "${mail_recipient}" ]; then
EVOMAINTMAIL="${mail_recipient}"
fi
;;
"" )
if [ "${HOOK_MAIL}" = "1" ]; then
hook_mail
fi
break
;;
* )
echo "answer with a valid choice"
;;
esac
done
# Database hook
if [ "${HOOK_DB}" = "1" ]; then
y="Y"; n="n"
else
y="y"; n="N"
fi
answer=""
while :; do
printf "> Do you want to insert your message into the database? [%s] " "${y},${n}"
read -r answer
case $answer in
[Yy] )
hook_db;
break
;;
[Nn] )
break
;;
"" )
if [ "${HOOK_DB}" = "1" ]; then
hook_db
fi
break
;;
* )
echo "answer with a valid choice"
;;
esac
done
# API hook
if [ "${HOOK_API}" = "1" ]; then
y="Y"; n="n"
else
y="y"; n="N"
fi
answer=""
while :; do
printf "> Do you want to send the metadata to the API? [%s] " "${y},${n}"
read -r answer
case $answer in
[Yy] )
hook_api;
break
;;
[Nn] )
break
;;
"" )
if [ "${HOOK_API}" = "1" ]; then
hook_api
fi
break
;;
* )
echo "answer with a valid choice"
;;
esac
done
fi
# Log hook
hook_log
if [ "${INTERACTIVE}" = "0" ] || [ "${AUTO}" = "1" ]; then
if [ "${HOOK_COMMIT}" = "1" ]; then
hook_commit
fi
if [ "${HOOK_MAIL}" = "1" ]; then
hook_mail
fi
if [ "${HOOK_DB}" = "1" ]; then
hook_db
fi
if [ "${HOOK_API}" = "1" ]; then
hook_api
fi
fi
exit 0

32
evomaintenance.tpl Normal file
View file

@ -0,0 +1,32 @@
From: __FULLFROM__
Content-Type: text/plain; charset=UTF-8
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
To: __TO__
Subject: [evomaintenance] Intervention sur __HOSTNAME__ (__USER__)
Bonjour,
Une intervention vient de se terminer sur votre serveur.
Voici les renseignements sur l'intervention :
Nom du serveur : __HOSTNAME__
Personne ayant réalisée l'intervention : __USER__
Intervention réalisée depuis : __IP__
Date/heure du début de l'intervention : __BEGIN_DATE__
###
Renseignements sur l'intervention :
__TEXTE__
###
Pour réagir à cette intervention, vous pouvez répondre à ce message
(sur l'adresse mail __FROM__). En cas d'urgence, utilisez
l'adresse __URGENCYFROM__ ou notre téléphone portable d'astreinte
(__URGENCYTEL__)
Cordialement,
--
__FULLFROM__

27
openbsd/evomaintenance/Makefile Normal file
View file

@ -0,0 +1,27 @@
# $OpenBSD$
COMMENT = evolix maintenance script
DISTNAME = evomaintenance-0.1
CATEGORIES = sysutils
EXTRACT_SUFX = .sh
EXTRACT_ONLY =
HOMEPAGE = http://evolix.com/
# N/A
PERMIT_PACKAGE_CDROM = Yes
MASTER_SITES = http://winnie.evolix.net/evoscripts
DISTFILES = evomaintenance.cf evomaintenance.tpl
EVOMAINTENANCEDIR = ${SYSCONFDIR}
NO_BUILD = Yes
NO_TEST = Yes
do-install:
${INSTALL_SCRIPT} ${FULLDISTDIR}/${DISTNAME}${EXTRACT_SUFX} ${PREFIX}/bin/
.include <bsd.port.mk>

2
openbsd/evomaintenance/pkg/DESCR Normal file
View file

@ -0,0 +1,2 @@
Evomaintenance script. This script should be run from your .profil with
trap "sudo /usr/local/bin/evomaintenance.sh" 0