diff --git a/xymon/xymon.files.alert.sh b/xymon/xymon.files.alert.sh new file mode 100755 index 0000000..1d2e58c --- /dev/null +++ b/xymon/xymon.files.alert.sh @@ -0,0 +1,96 @@ +#!/bin/sh +# Purpose {{{ +## If Xymon server says that a file is in error on a remote host, try to restart the related service. +## 1. Create a ssh keyring for xymon user {{{ +# sudo mkdir -p -- /var/lib/xymon/.ssh/ +# sudo ssh-keygen -f /var/lib/xymon/.ssh/id_rsa -N '' -q +# sudo chown -R xymon:xymon /var/lib/xymon/.ssh/ +## }}} +## 2. Remote user {{{ +# Ensure to have the ${REMOTE_SSH_USER} available on remote hosts and allowed to connect with SSH. +# Restrict the SSH access to a single SSH key from the Xymon server IP (~${REMOTE_SSH_USER}/.ssh/authorized_keys) : +## from="IP.SRV.XYM.ON" ssh-rsa AAAAA… +# Allow sudo commands to restart services (/etc/sudoers.d/xymon-ssh) : +## xymon-ssh ALL=(root:root) NOPASSWD: /bin/systemctl restart * +## }}} + +# }}} +# Vars {{{ +DEBUG=0 + +LOCAL_SSH_USER="xymon" +REMOTE_SSH_USER="xymon-ssh" + +temp_dir=$(mktemp -d -t xymon-files-alert-XXXXXX.tmp) +debug_stdout="${temp_dir}/debug.stdout" +debug_stderr="${temp_dir}/debug.stderr" +file_list="${temp_dir}/services.error.list" +# }}} + +# Create log files +touch "${debug_stdout}" "${debug_stderr}" + +# Manage only files probe {{{ +if [ "${BBSVCNAME}" = "files" ]; then + [ "${DEBUG}" -eq "0" ] && printf '\e[1;35m%-6s\e[m\n' "DEBUG : ${BBHOSTNAME} — ${BBSVCNAME} error" >> "${debug_stdout}" +else + [ "${DEBUG}" -eq "0" ] && printf '\e[1;35m%-6s\e[m\n' "DEBUG : ${BBHOSTNAME} — ${BBSVCNAME} probe is not managed." >> "${debug_stderr}" + [ "${DEBUG}" -eq "0" ] || rm -rf -- "${temp_dir}" + exit 0 +fi +# }}} + +# Check if a file exceeds it's modification time {{{ +## TODO : Set a better pattern ("File was modified .* ago",…) +if echo "${BBALPHAMSG}" | grep -qE "\\&yellow > "${debug_stdout}" + ## Get the list of files path + ## TODO : Set a pattern for both yellow and red colors + echo "${BBALPHAMSG}" | sed -n 's;^\&yellow \(.*\);\1;p' > "${file_list}" + + while IFS= read -r file_path; do + [ "${DEBUG}" -eq "0" ] && printf '\e[1;35m%-6s\e[m\n' "DEBUG : while file_path loop — ${file_path} exceeds it's modification time." >> "${debug_stdout}" + # Match files path and services name {{{ + case "${file_path}" in + # Cron + '/var/log/cron.log' ) + service_name="cron" + ;; + # default + * ) + service_name="NOT.MANAGED" + ;; + esac + # }}} + + # Restart service if needed {{{ + if [ "${service_name}" != "NOT.MANAGED" ] && [ "${service_name}" != "${previous_service_name}" ]; then + [ "${DEBUG}" -eq "0" ] && printf '\e[1;35m%-6s\e[m\n' "DEBUG : while file_path loop — ${service_name} need to be restarted." >> "${debug_stdout}" + [ "${DEBUG}" -eq "0" ] && printf '\e[1;35m%-6s\e[m\n' "DEBUG : while file_path loop — ssh -n -o StrictHostKeyChecking=no ${REMOTE_SSH_USER}@${BBHOSTNAME} sudo systemctl restart ${service_name}.service" >> "${debug_stdout}" + #ssh -n -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null "${REMOTE_SSH_USER}"@"${BBHOSTNAME}" "sudo systemctl restart ${service_name}.service" >> "${debug_stdout}" 2>> "${debug_stderr}" + previous_service_name="${service_name}" + else + if [ "${service_name}" = "NOT.MANAGED" ]; then + [ "${DEBUG}" -eq "0" ] && printf '\e[1;35m%-6s\e[m\n' "DEBUG : while file_path loop — service for ${file_path} is not managed." >> "${debug_stdout}" + else + [ "${DEBUG}" -eq "0" ] && printf '\e[1;35m%-6s\e[m\n' "DEBUG : while file_path loop — ${service_name} was already restarted." >> "${debug_stdout}" + fi + fi + # }}} + done < "${file_list}" + + # Also restart xymon-client service {{{ + [ "${DEBUG}" -eq "0" ] && printf '\e[1;35m%-6s\e[m\n' "DEBUG : Test service — xymon-client also need to be restarted." >> "${debug_stdout}" + [ "${DEBUG}" -eq "0" ] && printf '\e[1;35m%-6s\e[m\n' "DEBUG : Test service — ssh -n -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null ${REMOTE_SSH_USER}@${BBHOSTNAME} sudo systemctl restart xymon-client.service" >> "${debug_stdout}" + ssh -n -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null "${REMOTE_SSH_USER}"@"${BBHOSTNAME}" "sudo systemctl restart xymon-client.service" >> "${debug_stdout}" 2>> "${debug_stderr}" + # }}} +fi +# }}} + +# Remove empty error file +[ -s "${debug_stderr}" ] || rm -f "${debug_stderr}" + +# Remove temp_dir if DEBUG is disable +[ "${DEBUG}" -eq "0" ] || rm -rf -- "${temp_dir}" + +exit 0