forked from evolix/ansible-roles
fix(nagios-nrpe): Fix check_ssl_local output
nrpe read output of plugins from stdout only, if there is no output it return UNKNOWN regardless of return code.
This commit is contained in:
parent
53f82edefb
commit
831715e44c
|
@ -42,6 +42,7 @@ The **patch** part changes is incremented if multiple releases happen the same m
|
||||||
* nagios-nrpe: remount /usr **after** installing the packages
|
* nagios-nrpe: remount /usr **after** installing the packages
|
||||||
* packweb-apache,nagios-nrpe: add missing task and config for PHP 8.2 container
|
* packweb-apache,nagios-nrpe: add missing task and config for PHP 8.2 container
|
||||||
* potsfix: add missing `localhost.$mydomain` to mydestination
|
* potsfix: add missing `localhost.$mydomain` to mydestination
|
||||||
|
* nagios-nrpe: check\_ssl\_local now has an output that nrpe can understand when it isn't OK
|
||||||
|
|
||||||
### Removed
|
### Removed
|
||||||
|
|
||||||
|
|
|
@ -25,7 +25,7 @@ certs_list=$(cat "$certs_list_path" | sed -E 's/(.*)#.*/\1/g' | grep -v -E '^$')
|
||||||
for cert_path in $certs_list; do
|
for cert_path in $certs_list; do
|
||||||
|
|
||||||
if [ ! -f "$cert_path" ] && [ ! -d "$cert_path" ]; then
|
if [ ! -f "$cert_path" ] && [ ! -d "$cert_path" ]; then
|
||||||
>&2 echo "Warning: path '$cert_path' is not a file or a directory."
|
echo "Warning: path '$cert_path' is not a file or a directory."
|
||||||
warning=1
|
warning=1
|
||||||
continue
|
continue
|
||||||
fi
|
fi
|
||||||
|
@ -35,21 +35,21 @@ for cert_path in $certs_list; do
|
||||||
# Check cert expiré (critique)
|
# Check cert expiré (critique)
|
||||||
if ! openssl x509 -checkend 0 -in "$cert_path" &> /dev/null; then
|
if ! openssl x509 -checkend 0 -in "$cert_path" &> /dev/null; then
|
||||||
critical=1
|
critical=1
|
||||||
>&2 echo "Critical: Cert '$cert_path' has expired on $enddate."
|
echo "Critical: Cert '$cert_path' has expired on $enddate."
|
||||||
continue
|
continue
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Check cert expire < 10 jours (critique)
|
# Check cert expire < 10 jours (critique)
|
||||||
if ! openssl x509 -checkend "$_10_days" -in "$cert_path" &> /dev/null; then
|
if ! openssl x509 -checkend "$_10_days" -in "$cert_path" &> /dev/null; then
|
||||||
critical=1
|
critical=1
|
||||||
>&2 echo "Critical: Cert '$cert_path' will expire on $enddate."
|
echo "Critical: Cert '$cert_path' will expire on $enddate."
|
||||||
continue
|
continue
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Check cert expire < 15 jours (warning)
|
# Check cert expire < 15 jours (warning)
|
||||||
if ! openssl x509 -checkend "$_15_days" -in "$cert_path" &> /dev/null; then
|
if ! openssl x509 -checkend "$_15_days" -in "$cert_path" &> /dev/null; then
|
||||||
warning=1
|
warning=1
|
||||||
>&2 echo "Warning: Cert '$cert_path' will expire on $enddate."
|
echo "Warning: Cert '$cert_path' will expire on $enddate."
|
||||||
continue
|
continue
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue