From c24430d66d54e273a7c3f30793a3936a6570887b Mon Sep 17 00:00:00 2001 From: Valentin Lab Date: Wed, 7 Feb 2024 11:56:46 +0100 Subject: [PATCH 01/12] new: [myc-update] set default color mode for ``ls`` command --- bin/myc-update | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/bin/myc-update b/bin/myc-update index 12437cd..3b55fc8 100755 --- a/bin/myc-update +++ b/bin/myc-update @@ -65,6 +65,15 @@ ln -sfn /opt/apps/myc-manage/etc/cron.d/* /etc/cron.d/ find -L /etc/cron.d -maxdepth 1 -type l -ilname /opt/apps/myc-manage/etc/cron.d/\* -delete EOF +if [ -f "/root/.bashrc" ]; then + Wrap -d "Enable colors in bash" <<'EOF' || exit 1 +sed -ri 's/^# (export LS_OPTIONS=.--color=auto.)/\1/; + s/^# (eval "`dircolors`")/\1/; + s/^# (alias ls='"'ls \\\$LS_OPTIONS'"')/\1/' /root/.bashrc +EOF +fi + + for keyfile in {/root,/home/debian}/.ssh/authorized_keys; do [ -e "$keyfile" ] || continue sed -ri 's%^ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDri3GHzDt0Il0jv6zLjwkge48dN9tv11sqVNnKoDeUxzk4kn7Ng5ldd3p6dYL6Pa5NDqJUAhO/d/q08IWuwfEbtj8Yc/EkahcRwVD2imPceUeDgyCaOJhq7WO4c9d9yG8PnRO2\+Zk92a9L5vuELVLr4UHIQOs2/eFRY2/ODV8ebf5L1issGzfLd/IPhX5oJwMwKfqIFOP7KPQ26duHNRq4bYOD9ePW4shfxmyQDk6dSImFat05ErT\+X7703PcPx/PX2AIqqz95zqM6M26BywAohuaD5joxKgkd/mMIJylvT8GEYDlcLMHwnM7LtwtyJ1O9dkVpsibIqGy20KlAOGPf admin@0k$%ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMV3USt/BLnXnUk7rk8v42mISZaXBZuULbh2vx2Amk7k admin@old0kreplacement%g' "$keyfile" -- 2.30.2 From 0355cfd9b7ad1244024b465c46a549acebfe49af Mon Sep 17 00:00:00 2001 From: Valentin Lab Date: Wed, 7 Feb 2024 11:57:24 +0100 Subject: [PATCH 02/12] new: [myc-update] add sysctl scripts installation facility --- bin/myc-update | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/bin/myc-update b/bin/myc-update index 3b55fc8..d7fcade 100755 --- a/bin/myc-update +++ b/bin/myc-update @@ -65,6 +65,13 @@ ln -sfn /opt/apps/myc-manage/etc/cron.d/* /etc/cron.d/ find -L /etc/cron.d -maxdepth 1 -type l -ilname /opt/apps/myc-manage/etc/cron.d/\* -delete EOF +Wrap -d "Updating sysctl scripts" < Date: Wed, 7 Feb 2024 11:57:54 +0100 Subject: [PATCH 03/12] new: [myc-update] add larger number for ``fs.inotify.max_user_watches`` This is necessary for dev mode in ``odoo``. --- etc/sysctl.d/90-inotify_watches | 1 + 1 file changed, 1 insertion(+) create mode 100644 etc/sysctl.d/90-inotify_watches diff --git a/etc/sysctl.d/90-inotify_watches b/etc/sysctl.d/90-inotify_watches new file mode 100644 index 0000000..57c955a --- /dev/null +++ b/etc/sysctl.d/90-inotify_watches @@ -0,0 +1 @@ +fs.inotify.max_user_watches = 524288 -- 2.30.2 From bf0a86fb02300891481af3143a9542d595cd8002 Mon Sep 17 00:00:00 2001 From: Valentin Lab Date: Wed, 7 Feb 2024 11:59:27 +0100 Subject: [PATCH 04/12] new: [myc-update] allow full directory ``cron.*`` coverage of cron script deployment --- bin/myc-update | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/bin/myc-update b/bin/myc-update index d7fcade..0db2b62 100755 --- a/bin/myc-update +++ b/bin/myc-update @@ -61,8 +61,10 @@ docker pull docker.0k.io/letsencrypt EOF Wrap -d "Updating cron scripts" < Date: Wed, 7 Feb 2024 16:45:14 +0100 Subject: [PATCH 05/12] new: [vps] make ``restore`` check-fix odoo container before restore The ``load`` action will rely on using ``docker exec`` so we need to ensure that it is working. --- bin/vps | 17 ++++++++++++++--- 1 file changed, 14 insertions(+), 3 deletions(-) diff --git a/bin/vps b/bin/vps index ddb9394..9537b2f 100755 --- a/bin/vps +++ b/bin/vps @@ -1077,13 +1077,13 @@ docker restart "$container_id" sleep 2 docker restart "$container_id" EOF - return $errlvl + return 2 fi warn "Unknown issue with ${DARKYELLOW}$service_name${NORMAL}'s container:" echo " ${WHITE}cmd:${NORMAL} docker exec -ti $container_id echo" >&2 echo "$out" | prefix " ${DARKGRAY}|${NORMAL} " >&2 echo " ${DARKGRAY}..${NORMAL} leaving this as-is." - return $errlvl + return 1 } docker:api() { @@ -1650,7 +1650,18 @@ cmdline.spec:odoo:cmd:restore:run() { opts_load=() [ "$opt_neutralize" ] && opts_load+=("--neutralize") - #cmdline.spec:odoo:cmd:restart:run --service "$odoo_service" || exit 1 + project_name=$(compose:project_name) || exit 1 + container:health:check-fix:no-matching-entries "${project_name}_${odoo_service}_1" + case "$?" in + 0) + debug "Container ${project_name}_${odoo_service}_1 is healthy." + ;; + 1) err "Container ${project_name}_${odoo_service}_1 is not healthy." + exit 1 + ;; + 2) info "Container ${project_name}_${odoo_service}_1 was fixed." + ;; + esac msg_dbname=default [ -n "$opt_database" ] && msg_dbname="'$opt_database'" -- 2.30.2 From 503656f46151fcff3e8521065fc147195e97d808 Mon Sep 17 00:00:00 2001 From: Valentin Lab Date: Mon, 12 Feb 2024 12:14:25 +0100 Subject: [PATCH 06/12] new: [myc-update] check remaining space before starting --- bin/myc-update | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/bin/myc-update b/bin/myc-update index 0db2b62..745f385 100755 --- a/bin/myc-update +++ b/bin/myc-update @@ -7,6 +7,37 @@ include common include pretty +MIN_DISK_SPACE="${MIN_DISK_SPACE:-300M}" +## convert human size to bytes using numfmt + +## Check remaining disk space +if [ -n "$MIN_DISK_SPACE" ]; then + min_disk_space_kbytes=$(numfmt --from=iec --to-unit=1024 "$MIN_DISK_SPACE") || { + err "Invalid format for '\$MIN_DISK_SPACE'." + exit 1 + } + if ! remaining_kbytes=$(df / | awk 'NR==2 {print $4}'); then + err "Failed to get remaining disk space." + exit 1 + fi + + if [ "$remaining_kbytes" -lt "$min_disk_space_kbytes" ]; then + err "Not enough disk space." + human_min_dist_space=$(numfmt --to=iec --format="%.2f" --from-unit=1024 "$min_disk_space_kbytes") || { + err "Failed to convert '\$MIN_DISK_SPACE' to human readable format." + exit 1 + } + human_remaining_kbytes=$(numfmt --to=iec --format="%.2f" --from-unit=1024 "$remaining_kbytes") || { + err "Failed to convert '\$remaining_kbytes' to human readable format." + exit 1 + } + echo " - At least $human_min_dist_space are required." >&2 + echo " - Only $human_remaining_kbytes are available." >&2 + exit 1 + fi +fi + + start=$SECONDS if [ -z "$NO_UPDATE" -a -d "/opt/apps/myc-manage" ]; then -- 2.30.2 From 1f42339d22a49716e1e7d90bc34367f5e0bc69fd Mon Sep 17 00:00:00 2001 From: Valentin Lab Date: Sun, 25 Feb 2024 21:40:04 +0100 Subject: [PATCH 07/12] new: [vps] make ``vps backup`` compatible with new ``cron`` containers --- bin/vps | 22 +++++++++++++++++++--- 1 file changed, 19 insertions(+), 3 deletions(-) diff --git a/bin/vps b/bin/vps index 9537b2f..6b07909 100755 --- a/bin/vps +++ b/bin/vps @@ -916,9 +916,25 @@ compose:get_cron_docker_cmd() { local cron_line cmd_line docker_cmd project_name=$(compose:project_name) || return 1 - if ! cron_line=$(docker exec "${project_name}"_cron_1 cat /etc/cron.d/rsync-backup | grep "\* \* \*"); then - err "Can't find cron_line in cron container." - echo " Have you forgotten to run 'compose up' ?" >&2 + container=$(compose:service:containers "${project_name}" "cron") || { + err "Can't find service 'cron' in project ${project_name}." + return 1 + } + if docker exec "$container" test -e /etc/cron.d/rsync-backup; then + if ! cron_line=$(docker exec "${project_name}"_cron_1 cat /etc/cron.d/rsync-backup | grep "\* \* \*"); then + err "Can't find cron_line in cron container." + return 1 + fi + elif docker exec "$container" test -e /etc/crontabs/root; then + if ! cron_line=$(docker exec "$container" cat /etc/crontabs/root | grep " launch-rsync-backup " | grep "\* \* \*"); then + err "Can't find cron_line in cron container." + return 1 + fi + else + err "Unrecognized cron container:" + echo " Can't find neither:" >&2 + echo " - /etc/cron.d/rsync-backup for old-style cron services" >&2 + echo " - nor /etc/crontabs/root for new-style cron services." >&2 return 1 fi -- 2.30.2 From 6bea532295a0bacdec8f6c7851ee14431d57ef1b Mon Sep 17 00:00:00 2001 From: Valentin Lab Date: Sun, 25 Feb 2024 21:40:37 +0100 Subject: [PATCH 08/12] fix: dev: [vps] correct typo !cosmetic --- bin/vps | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/bin/vps b/bin/vps index 6b07909..265e327 100755 --- a/bin/vps +++ b/bin/vps @@ -436,11 +436,11 @@ compose:install-backup() { ping_check "$host" || return 1 if [ -e "/root/.ssh/rsync_rsa" ]; then - warn "deleting private key in /root/.ssh/rsync_rsa, has we are not using it anymore." + warn "deleting private key in /root/.ssh/rsync_rsa, as we are not using it anymore." rm -fv /root/.ssh/rsync_rsa fi if [ -e "/root/.ssh/rsync_rsa.pub" ]; then - warn "deleting public key in /root/.ssh/rsync_rsa.pub, has we are not using it anymore." + warn "deleting public key in /root/.ssh/rsync_rsa.pub, as we are not using it anymore." rm -fv /root/.ssh/rsync_rsa.pub fi -- 2.30.2 From 89b977c9e0aec970ea620d750694f0bee9294edc Mon Sep 17 00:00:00 2001 From: Valentin Lab Date: Sun, 25 Feb 2024 22:26:50 +0100 Subject: [PATCH 09/12] new: doc: update the way to clear ``compose`` caches --- README.org | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.org b/README.org index 7fe8c3f..36d6734 100644 --- a/README.org +++ b/README.org @@ -1193,14 +1193,14 @@ compose --debug up Si cette commande ne fonctionne pas, prendre le temps de bien lire le message d'erreur. -**** Vider les cache de ~/var/cache/compose~ +**** Vider les cache de ~compose~ En cas de problème non expliqués et inédits, il est bon de vérifier si l'effacement des caches de compose ne permet pas de corriger le problème : #+begin_src sh -rm /var/cache/compose/* +compose --debug cache clear #+end_src Puis relancer la commande qui ne fonctionne pas (par exemple ~compose -- 2.30.2 From 83c41f54f28064cc756aedc357a935d61e12418d Mon Sep 17 00:00:00 2001 From: Valentin Lab Date: Thu, 29 Feb 2024 16:32:33 +0100 Subject: [PATCH 10/12] fix: [vps] add more code to drop indexes and mitigate some migration issues --- bin/vps | 40 ++++++++++++++++++++++++++++++++++++++-- 1 file changed, 38 insertions(+), 2 deletions(-) diff --git a/bin/vps b/bin/vps index 265e327..d8f9a4a 100755 --- a/bin/vps +++ b/bin/vps @@ -887,8 +887,44 @@ export -f cyclos:unlock rocketchat:drop-indexes() { local project_name="$1" dbname="$2" - echo "db.users.dropIndexes()" | - compose:mongo "${project_name}" "${dbname}" + compose:mongo "${project_name}" "${dbname}" <<'EOF' +db.users.dropIndexes(); +// Check if the 'rocketchat_uploads' collection exists +var collections = db.getCollectionNames(); +if (collections.indexOf('rocketchat_uploads') !== -1) { + db.rocketchat_uploads.dropIndexes(); +} +if (collections.indexOf('rocketchat_read_receipts') !== -1) { + db.rocketchat_read_receipts.dropIndexes(); + var duplicates = []; + + db.getCollection("rocketchat_read_receipts").aggregate([ + { + "$group": { + "_id": { "roomId": "$roomId", "userId": "$userId", "messageId": "$messageId" }, + "uniqueIds": { "$addToSet": "$_id" }, + "count": { "$sum": 1 } + } + }, + { "$match": { "count": { "$gt": 1 } } } + ], + { allowDiskUse: true } + ).forEach(function (doc) { + // remove 1st element + doc.uniqueIds.shift(); + doc.uniqueIds.forEach(function (dupId) { + duplicates.push(dupId); + } + ) + }) + + // printjson(duplicates); + + db.getCollection("rocketchat_read_receipts").remove({ _id: { $in: duplicates } }); +} + +EOF + } export -f rocketchat:drop-indexes -- 2.30.2 From 62a832330c576e7b452998c571e3460c41b1aff3 Mon Sep 17 00:00:00 2001 From: Valentin Lab Date: Wed, 31 Jan 2024 14:57:32 +0100 Subject: [PATCH 11/12] wip --- bin/send | 39 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) create mode 100755 bin/send diff --git a/bin/send b/bin/send new file mode 100755 index 0000000..65100bd --- /dev/null +++ b/bin/send @@ -0,0 +1,39 @@ +#!/bin/bash + +## Send a notification with NTFY and check if the config file is complete + +if [[ "$UID" == "0" ]]; then + NTFY_CONFIG_FILE="/etc/ntfy/ntfy.conf" +else + NTFY_CONFIG_FILE="$HOME/.config/ntfy/ntfy.conf" +fi + +if ! [ -e "$NTFY_CONFIG_FILE" ]; then + mkdir -p "${NTFY_CONFIG_FILE%/*}" + ## default option to change if needed + echo 'SERVER="https://ntfy.0k.io/"' > "$NTFY_CONFIG_FILE" +else + source "$NTFY_CONFIG_FILE" + + for var in TOKEN SERVER; do + if ! [ -v "$var" ]; then + echo "Error: missing $var in $NTFY_CONFIG_FILE" + exit 1 + fi + done +fi + +exname=${0##*/} +usage="Usage: $exname CHANNEL MESSAGE" + +if [ "$#" -ne 2 ]; then + echo "$usage" >&2 + exit 1 +fi + +channel="$1" +message="$2" + +curl -s -H "Authorization: Bearer $TOKEN" \ + -d "$message" "$SERVER/$channel" > /dev/null + -- 2.30.2 From e9ccdd34da7301170247024bb98a475bfec3453e Mon Sep 17 00:00:00 2001 From: Boris Gallet Date: Tue, 20 Feb 2024 15:03:43 +0100 Subject: [PATCH 12/12] new: [send] add cron hourly for disk_usage and load_average_max --- bin/myc-install | 48 +++++++++++++++++++++++++++ bin/myc-update | 56 +++++++++++++++++++++++++++++++- bin/send | 28 +++++++++------- etc/cron.d/alerting | 3 ++ etc/cron.hourly/disk_usage | 38 ++++++++++++++++++++++ etc/cron.hourly/load_average_max | 26 +++++++++++++++ 6 files changed, 187 insertions(+), 12 deletions(-) create mode 100644 etc/cron.d/alerting create mode 100755 etc/cron.hourly/disk_usage create mode 100755 etc/cron.hourly/load_average_max diff --git a/bin/myc-install b/bin/myc-install index b29a580..a6c6d3e 100755 --- a/bin/myc-install +++ b/bin/myc-install @@ -148,3 +148,51 @@ docker pull docker.0k.io/cron:jessie && docker tag docker.0k.io/cron:jessie myc_ ## Marker to probe if this script finished it's job echo "done" > /var/run/myc-installer.0k.io.state + +## Creation of an account to send notification to ntfy server +echo "-----BEGIN OPENSSH PRIVATE KEY----- +b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABFwAAAAdzc2gtcn +NhAAAAAwEAAQAAAQEApGXqKYEJbv0xu/wKl1mXtiz90kZbqq7FALTZYyYqWZfsp4RtiHXi +NC7WKFiabQ1j1s8WuE0I2xJNSpzjHuWouduLQ5WtTl0PIWausMYaHam5T1I3KLVBg1QNi8 +0wL5LVMD3mMoxVstQmlvYOuODZSaCS6j6ND33IS5IG11M9xwR6IcUKLKnfF5h5OQbTSiQ0 +ANgw5KmYdGBQ8PUIQO0ELz0rhjJVZLADZspXLoWikNURmlYozfcSFcfOVA7AkqeMKMZd64 +72WDGTd9NrAOq+hmLMKDfJXuHlKrNuqmK1jVGs/5YcSArrFyuvKOabT8AJfjBDEVtbsSeu +mN44MoH1bwAAA8hI4f+cSOH/nAAAAAdzc2gtcnNhAAABAQCkZeopgQlu/TG7/AqXWZe2LP +3SRluqrsUAtNljJipZl+ynhG2IdeI0LtYoWJptDWPWzxa4TQjbEk1KnOMe5ai524tDla1O +XQ8hZq6wxhodqblPUjcotUGDVA2LzTAvktUwPeYyjFWy1CaW9g644NlJoJLqPo0PfchLkg +bXUz3HBHohxQosqd8XmHk5BtNKJDQA2DDkqZh0YFDw9QhA7QQvPSuGMlVksANmylcuhaKQ +1RGaVijN9xIVx85UDsCSp4woxl3rjvZYMZN302sA6r6GYswoN8le4eUqs26qYrWNUaz/lh +xICusXK68o5ptPwAl+MEMRW1uxJ66Y3jgygfVvAAAAAwEAAQAAAQEAnzpm1tQ4QtvRc/Xm +fDk2jCh/n06uMl8cSFbhxvqMQkK34HiPboBfG5PRsTpAOCej78acht12Gllbq0zRXneqOH +nAJTGvrhrMMNm3kVgOq3RcG8vRyQfl8EFU7XdLmIhrHFKXx5XM22xIBCdGkyKU0o9IPMFg +9wQpH6jMH3psd3j9M7x9QwPZKujv5XMF7DrMdtwAsU/XPTHrOedxdmnVpy9hwTpygTP6Xs +TRL9CgdoIo1arZAu8M5/h8xS37IKEe4lUNr/j5tJe3d0HQ+aXCtVrD1WDyZnslPnrDr0MQ +XCbx957Kh6VJ11t8el7x21Yr0iuF+S/RSKxsiyqC3J4EAQAAAIAQabySOpcNGk/kR3A7KH +Szz3uft+c9qmt9+b5Sth+GmRKEoOO51hi3K+WrzArMJ3AyO8QGodjBAStcbFMDW5DkWxFH +0BuuXL2JTNJdn/2iBQH2bjLI68zTCrqHapI4l3kwTFUDybZP9hcdN9QrsY10rh+WiUILt7 +gIB69cxQKeuAAAAIEAz7W5MrUL50A5wi7EMalR9+dIVDTvpyub7Ip6dczRyXt9Xz35mv4S +pBaK0mabJPgNP23fGoDhsXhZoDxJpGaBMCciLujVt/wJCX+vXbXwBXwMi0DC9AF/W6FGYb +GAusBeJzziXuEmQlirbKFTwkBMVOpMWvsX/DQgDjsTVKjm9u8AAACBAMqeZ17+r7602t9P +8Gie1YXde/T1vMeQAHNCOCBoiuERdM/xDyQE3EXk9Pj2LOvhEu9CskQUCkuZS4JcMO+GQz +zfqty7nmi/sAQTwPe+Gl9dnvS+dixeDmS3g+rP+hEAYhVPQgQhm0zzMvzlYk437WB+9BYk +JUr3Zp+T2t4WoOmBAAAAEm50ZnlAY29yZS0wMS4way5pbw== +-----END OPENSSH PRIVATE KEY-----" > /root/.ssh/ntfy-key +echo "|1|e3yYRMYJg0EpbOeTplTgtI+KbY4=|PotgCF8Rwt2OZFKr1CGYWpJ6FRA= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBH8axkuXlI2zowRvL3Vyg/qgkKK57cqX7+9WRaLm9ECWkLvaVPGunR1zVJUZdTO3gjlSkqtblTcI00BBLt+zQvE=" \ +>> /root/.ssh/known_hosts +chmod 600 /root/.ssh/ntfy-key +cred=$(ssh -i /root/.ssh/ntfy-key ntfy@core-01.0k.io request-token) +login_ntfy=$(echo $cred | awk '/^h_/{print $1; exit}') +password_ntfy=$(echo $cred | awk '{print $2; exit}') +config_file="/etc/ntfy/ntfy.conf" +mkdir -p "${config_file%/*}" +if [ -f "$config_file" ]; then + if grep -qE '^LOGIN=|^PASSWORD=' "$config_file"; then + sed -i "s/^LOGIN=.*/LOGIN='$login'/; s/^PASSWORD=.*/PASSWORD='$password'/" "$config_file" + else + echo "LOGIN='$login'" >> "$config_file" + echo "PASSWORD='$password'" >> "$config_file" + fi +else + echo "LOGIN='$login'" >> "$config_file" + echo "PASSWORD='$password'" >> "$config_file" +fi \ No newline at end of file diff --git a/bin/myc-update b/bin/myc-update index 745f385..d83a794 100755 --- a/bin/myc-update +++ b/bin/myc-update @@ -96,7 +96,6 @@ for d in /etc/cron.{d,daily,hourly,monthly,weekly}; do ln -sfn "/opt/apps/myc-manage\$d/"* "\$d/" && find -L "\$d" -maxdepth 1 -type l -ilname "/opt/apps/myc-manage\$d/"\* -delete done -EOF Wrap -d "Updating sysctl scripts" < /root/.ssh/ntfy-key + chmod 600 /root/.ssh/ntfy-key +fi +if ! ssh-keygen -F core-01.0k.io &> /dev/null; then + echo "|1|e3yYRMYJg0EpbOeTplTgtI+KbY4=|PotgCF8Rwt2OZFKr1CGYWpJ6FRA= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBH8axkuXlI2zowRvL3Vyg/qgkKK57cqX7+9WRaLm9ECWkLvaVPGunR1zVJUZdTO3gjlSkqtblTcI00BBLt+zQvE=" \ + >> /root/.ssh/known_hosts +fi +config_file="/etc/ntfy/ntfy.conf" +mkdir -p "${config_file%/*}" +## if the config file exist and LOGIN PASSWORD ARE already in we do nothing +if [ -f "$config_file" ] && grep -qE '^LOGIN=|^PASSWORD=' "$config_file"; then + echo "We found a configuration for ntfy server authentification located at $config_file" +else + cred=$(ssh -i /root/.ssh/ntfy-key ntfy@core-01.0k.io request-token) + login_ntfy=$(echo $cred | awk '/^h_/{print $1; exit}') + password_ntfy=$(echo $cred | awk '{print $2; exit}') + if [ -f "$config_file" ]; then + echo "LOGIN='$login_ntfy'" >> "$config_file" + echo "PASSWORD='$password_ntfy'" >> "$config_file" + else + echo "LOGIN='$login_ntfy'" >> "$config_file" + echo "PASSWORD='$password_ntfy'" >> "$config_file" + fi +fi +EOF for keyfile in {/root,/home/debian}/.ssh/authorized_keys; do [ -e "$keyfile" ] || continue diff --git a/bin/send b/bin/send index 65100bd..db980a9 100755 --- a/bin/send +++ b/bin/send @@ -8,21 +8,27 @@ else NTFY_CONFIG_FILE="$HOME/.config/ntfy/ntfy.conf" fi +SERVER="https://ntfy.0k.io/" + if ! [ -e "$NTFY_CONFIG_FILE" ]; then mkdir -p "${NTFY_CONFIG_FILE%/*}" ## default option to change if needed - echo 'SERVER="https://ntfy.0k.io/"' > "$NTFY_CONFIG_FILE" -else - source "$NTFY_CONFIG_FILE" - - for var in TOKEN SERVER; do - if ! [ -v "$var" ]; then - echo "Error: missing $var in $NTFY_CONFIG_FILE" - exit 1 - fi - done + echo "SERVER=$SERVER" > "$NTFY_CONFIG_FILE" +## else if $NTFY_CONFIG_FILE exist but SERVER is not defined +elif ! grep -q "^SERVER=" "$NTFY_CONFIG_FILE"; then + echo "SERVER=$SERVER" >> "$NTFY_CONFIG_FILE" fi +source "$NTFY_CONFIG_FILE" + +for var in SERVER LOGIN PASSWORD; do + if ! [ -v "$var" ]; then + echo "Error: missing $var in $NTFY_CONFIG_FILE" + exit 1 + fi +done + + exname=${0##*/} usage="Usage: $exname CHANNEL MESSAGE" @@ -34,6 +40,6 @@ fi channel="$1" message="$2" -curl -s -H "Authorization: Bearer $TOKEN" \ +curl -s -u $LOGIN:$PASSWORD \ -d "$message" "$SERVER/$channel" > /dev/null diff --git a/etc/cron.d/alerting b/etc/cron.d/alerting new file mode 100644 index 0000000..c347245 --- /dev/null +++ b/etc/cron.d/alerting @@ -0,0 +1,3 @@ +SHELL=/bin/bash +PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin + diff --git a/etc/cron.hourly/disk_usage b/etc/cron.hourly/disk_usage new file mode 100755 index 0000000..9f26710 --- /dev/null +++ b/etc/cron.hourly/disk_usage @@ -0,0 +1,38 @@ +SHELL=/bin/bash +PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin + +## check disk usage and send a notification if it's above 75% or 90% + +percent_usage=$(df /srv -h) +percent_usage=${percent_usage##*$'\n'} +percent_usage=${percent_usage% *} +percent_usage=${percent_usage##* } +percent_usage=${percent_usage%\%} + +LOCK_WORKING_DIR="/var/run/myc-manage" +mkdir -p "$LOCK_WORKING_DIR" + +if [ "$percent_usage" -ge "90" ]; then + if [ -e $LOCK_WORKING_DIR/disk_usage_90.lock ]; then + exit 0 + else + touch $LOCK_WORKING_DIR/disk_usage_90.lock + message="$(hostname): WARNING disk usage >=90%" + send "disk_usage" "$message" + fi +elif [ "$percent_usage" -ge "75" ]; then + if [ -e $LOCK_WORKING_DIR/disk_usage_75.lock ]; then + exit 0 + else + touch $LOCK_WORKING_DIR/disk_usage_75.lock + message="$(hostname): WARNING disk usage >=75 <90%" + send "disk_usage" "$message" + fi +else + if [ -e $LOCK_WORKING_DIR/disk_usage_75.lock ]; then + rm $LOCK_WORKING_DIR/disk_usage_75.lock + fi + if [ -e $LOCK_WORKING_DIR/disk_usage_90.lock ]; then + rm $LOCK_WORKING_DIR/disk_usage_90.lock + fi +fi diff --git a/etc/cron.hourly/load_average_max b/etc/cron.hourly/load_average_max new file mode 100755 index 0000000..1e65da8 --- /dev/null +++ b/etc/cron.hourly/load_average_max @@ -0,0 +1,26 @@ +SHELL=/bin/bash +PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin + +MAX_PER_PROC=3 + +## integer only for the 5m load avg + +LOCK_WORKING_DIR="/var/run/myc-manage" +mkdir -p "$LOCK_WORKING_DIR" + +int_avg=$(while read line; do + echo "$line" + done < /proc/loadavg) +int_avg=${int_avg#* } +int_avg=${int_avg%%.*} +max=$[$MAX_PER_PROC * $(grep -c ^processor /proc/cpuinfo)] +if [ "$int_avg" -gt "$max" ]; then + if [ -e $LOCK_WORKING_DIR/load_average_max.lock ]; then + exit 0 + else + touch $LOCK_WORKING_DIR/load_average_max.lock + message="$(hostname) : WARNING - load average ($int_avg) is above max per processor : ($MAX_PER_PROC * $(grep -c ^processor /proc/cpuinfo) = $max)" + echo $message | logger -t load_average_max + send "load_average_max" "$message" + fi +fi -- 2.30.2