commit 497de68a6f01e08fe61b69ffcb9eacbdc5da728c Author: CaptainArk Date: Sat Jan 25 21:13:11 2025 +0100 add .gitignore and 2 scripts diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..e43b0f9 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.DS_Store diff --git a/scripts/check_soa.sh b/scripts/check_soa.sh new file mode 100644 index 0000000..426d480 --- /dev/null +++ b/scripts/check_soa.sh @@ -0,0 +1,101 @@ +#!/bin/bash + +# Variables +MINNS=1 +declare -a AUTHNS + +# Functions + +# Name: usage +# Description: shows how the script should be used and exists +usage() { + echo "Usage: $0 -z (-h )" + exit 2 +} + +# Name: getns +# Description: add hidden nameserver to an array if declared; +# then retrives authoritative nameservers for the zone to add them to the same array +getns() { + [[ -n "$HIDDENNS" ]] && AUTHNS+=("$HIDDENNS") + for PUBNS in $(/usr/bin/retry -t 5 -d 1,2,3 -- /usr/bin/dig -4 "$ZONE" NS +short +tcp +tries=1 +timeout=1); do + AUTHNS+=("$PUBNS") + done +} + +# Name: getsoa +# Description: retrieve zone serial from all discovered authoritative nameservers +getsoa() { + local i=0 + for NS in "${AUTHNS[@]}"; do + SOA[i]=$(/usr/bin/retry -t 5 -d 1,2,3 -- /usr/bin/dig -4 @"$NS" "$ZONE" SOA +short +tcp +tries=1 +timeout=1 | /usr/bin/awk '{print $3}') + i=$(( i + 1 )) + done +} + +# Name: soaoutput +# Description: generates script output +soaoutput() { + local i=0 + for OUTPUT in "${AUTHNS[@]}"; do + echo "$OUTPUT: ${SOA[i]}" + i=$(( i + 1 )) + done +} + +# Main +while getopts ":z:h:" o; do + case "${o}" in + z) + ZONE="${OPTARG}" + ;; + h) + HIDDENNS="${OPTARG}" + ;; + :) + echo "ERROR: Option -${OPTARG} requires an argument" + usage + ;; + *) + echo "ERROR: Invalid option -${OPTARG}" + usage + ;; + esac +done + +# -z is required +[[ -z "$ZONE" ]] && usage +# If the user declares a hidden, we expect at least 2 nameservers +[[ -n "$HIDDENNS" ]] && MINNS=2 + +getns + +# Error out if we failed to retrive nameservers for the zone +if [[ ${#AUTHNS[@]} -lt $MINNS ]]; then + echo "CRITICAL: Could not retrive authoritative NS for zone $ZONE" + exit 2 +fi + +getsoa + +for ALLSOA in "${SOA[@]}"; do + # Error out if we failed to retrive one or more serials for the zone + if ! [[ $ALLSOA =~ [[:digit:]]+ ]]; then + echo "CRITICAL: Could not fetch SOA on at least one DNS server for zone $ZONE" + exit 2 + fi + # Compare all serials to the first one we retrived + if [[ $ALLSOA != "${SOA[0]}" ]]; then + INCONSISTENTSERIAL="true" + fi +done + +if [[ -n $INCONSISTENTSERIAL ]]; then + echo "WARNING: Serials are inconsistent for zone $ZONE" + soaoutput + exit 1 +else + echo "OK: Serials are consistent for zone $ZONE" + soaoutput + exit 0 +fi diff --git a/scripts/mmonit-discord-webhook.sh b/scripts/mmonit-discord-webhook.sh new file mode 100644 index 0000000..eec650d --- /dev/null +++ b/scripts/mmonit-discord-webhook.sh @@ -0,0 +1,37 @@ +#!/bin/sh + +if echo "$MONIT_EVENT" | grep -q "succeeded$"; then + DISCORD_TITLE="[M/Monit] OK Alert" + DISCORD_COLOR="5763719" +elif echo "$MONIT_EVENT" | grep -q "failed$"; then + DISCORD_TITLE="[M/Monit] Critical Alert" + DISCORD_COLOR="15548997" +elif echo "$MONIT_EVENT" | grep -Eq "changed$|matched$"; then + DISCORD_TITLE="[M/Monit] Warning Alert" + DISCORD_COLOR="16776960" +else + DISCORD_TITLE="[M/Monit] Generic Alert" + DISCORD_COLOR="5793266" +fi + +# Generate the Discord message payload +generate_payload() { + printf '{ + "embeds": [{ + "title": "%s", + "color": "%s", + "fields": [ + { "name": "Date", "value": "%s", "inline": true }, + { "name": "Host", "value": "%s", "inline": true }, + { "name": "Service", "value": "%s", "inline": true }, + { "name": "Action", "value": "%s", "inline": true }, + { "name": "Event", "value": "%s", "inline": false }, + { "name": "Description", "value": "%s", "inline": false } + ] + }] +}' "$DISCORD_TITLE" "$DISCORD_COLOR" "$MONIT_DATE" "$MONIT_HOST" "$MONIT_SERVICE" "$MONIT_ACTION" "$MONIT_EVENT" "$MONIT_DESCRIPTION" +} + +# Generate and send the payload +payload=$(generate_payload) +curl -H "Content-Type: application/json" -d "$payload" "$ENDPOINT"