kunsi/bundlewrap
1
0
Fork 0
Code Issues 2 Pull requests 1 Releases Activity

bundles/pppd: refactor check_dyndns_update
Some checks failed
kunsi/bundlewrap/pipeline/head There was a failure building this commit
Details

Browse source 
We don't care about what the DNS provider said when updating the ip
address. The only thing we care about is wether the current external ip
of the system matches the resolved ip address.
This commit is contained in:
Franzi 2021-08-14 07:55:01 +02:00
parent 1d8733d0c2
commit bd10dc578f
Signed by: kunsi
GPG key ID: 12E3D2136B818350
5 changed files with 30 additions and 35 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

40
bundles/pppd/files/check_dyndns_update
View file

@ -1,28 +1,20 @@
#!/bin/bash #!/bin/bash
statusfile="/var/tmp/dyndns.monitoring" [[ -n "$DEBUG" ]] && set -x
if ! [[ -f "$statusfile" ]]
then
echo "Status file not found"
exit 3
fi
mtime=$(stat -c %Y $statusfile) interface="$(ip link show | awk '/ ppp/ {print substr($2, 1, length($2)-1)}')"
now=$(date +%s) addr="$(ip addr show dev "$interface" | awk '/inet / {print $2}')"
if (( $now - $mtime > 60*60*24*8 )) resolved="$(dig +short "${domain}" A)"
then
echo "Status file is older than 8 days!"
exit 3
fi
statuscode=$(cat $statusfile) if [[ -z "$addr" ]] || [[ -z "$resolved" ]]
case "$statuscode" in then
200) echo "Address on '$interface' is '$addr' - resolved '$resolved'"
echo "OK" exit 3
exit 0 elif [[ "$addr" == "$resolved" ]]
;; then
*) echo "Resolved IP for ${domain} matches current ip on $interface"
echo "Last statuscode was $statuscode" exit 0
exit 2 else
;; echo "Resolved $resolved for ${domain}, but got $addr on $interface!"
esac exit 2
fi

3
bundles/pppd/files/dyndns
View file

@ -20,5 +20,4 @@ r = requests.get(
) )
) )
with open('/var/tmp/dyndns.monitoring', 'w') as s: print('got status {} when updating dns'.format(r.status_code))
s.write(str(r.status_code))

18
bundles/pppd/items.py
View file

@ -38,7 +38,7 @@ files = {
'/etc/ppp/chap-secrets': { '/etc/ppp/chap-secrets': {
'source': 'secrets', 'source': 'secrets',
'content_type': 'mako', 'content_type': 'mako',
'context': node.metadata['pppd'], 'context': node.metadata.get('pppd'),
'mode': '0400', 'mode': '0400',
'triggers': { 'triggers': {
'svc_systemd:pppoe:restart', 'svc_systemd:pppoe:restart',
@ -47,7 +47,7 @@ files = {
'/etc/ppp/pap-secrets': { '/etc/ppp/pap-secrets': {
'source': 'secrets', 'source': 'secrets',
'content_type': 'mako', 'content_type': 'mako',
'context': node.metadata['pppd'], 'context': node.metadata.get('pppd'),
'mode': '0400', 'mode': '0400',
'triggers': { 'triggers': {
'svc_systemd:pppoe:restart', 'svc_systemd:pppoe:restart',
@ -63,7 +63,7 @@ files = {
}, },
'/etc/ppp/peers/provider': { '/etc/ppp/peers/provider': {
'content_type': 'mako', 'content_type': 'mako',
'context': node.metadata['pppd'], 'context': node.metadata.get('pppd'),
'triggers': { 'triggers': {
'svc_systemd:pppoe:restart', 'svc_systemd:pppoe:restart',
}, },
@ -87,15 +87,17 @@ files = {
'/usr/local/bin/restart-pppoe-if-no-public-ip': { '/usr/local/bin/restart-pppoe-if-no-public-ip': {
'mode': '0755', 'mode': '0755',
}, },
'/usr/local/share/icinga/plugins/check_dyndns_update': {
'mode': '0755',
},
} }
if 'dyndns' in node.metadata['pppd']: if node.metadata.get('pppd/dyndns', {}):
files['/etc/ppp/ip-up.d/dyndns'] = { files['/etc/ppp/ip-up.d/dyndns'] = {
'content_type': 'mako', 'content_type': 'mako',
'context': node.metadata['pppd']['dyndns'], 'context': node.metadata.get('pppd/dyndns'),
'mode': '0755',
}
files['/usr/local/share/icinga/plugins/check_dyndns_update'] = {
'content_type': 'mako',
'context': node.metadata.get('pppd/dyndns'),
'mode': '0755', 'mode': '0755',
} }

3
bundles/pppd/metadata.py
View file

@ -30,7 +30,7 @@ defaults = {
'icinga2_api/pppd/services', 'icinga2_api/pppd/services',
) )
def icinga_dyndns(metadata): def icinga_dyndns(metadata):
if 'dyndns' not in metadata.get('pppd'): if not metadata.get('pppd/dyndns', {}):
return {} return {}
return { return {
@ -39,6 +39,7 @@ def icinga_dyndns(metadata):
'services': { 'services': {
'DYNDNS UPDATE': { 'DYNDNS UPDATE': {
'command_on_monitored_host': '/usr/local/share/icinga/plugins/check_dyndns_update', 'command_on_monitored_host': '/usr/local/share/icinga/plugins/check_dyndns_update',
'vars.notification.mail': True,
}, },
}, },
}, },

1
nodes/home/router.py
View file

@ -148,6 +148,7 @@ nodes['home.router'] = {
'password': vault.decrypt('encrypt$gAAAAABfruaXEDkaFksFMU8g97ydWyJF8p2KcSDJJBlzaOLDsLL6oCDYjG1kMPVESOzqjn8ThtSht1uZDuMCstA-sATmLS-EWQ=='), 'password': vault.decrypt('encrypt$gAAAAABfruaXEDkaFksFMU8g97ydWyJF8p2KcSDJJBlzaOLDsLL6oCDYjG1kMPVESOzqjn8ThtSht1uZDuMCstA-sATmLS-EWQ=='),
'interface': 'enp1s0.100', 'interface': 'enp1s0.100',
'dyndns': { 'dyndns': {
'domain': 'franzi-home.kunbox.net',
'url': 'https://ns-1.kunbox.net/nic/update?hostname=franzi-home.kunbox.net&myip={ip}', 'url': 'https://ns-1.kunbox.net/nic/update?hostname=franzi-home.kunbox.net&myip={ip}',
'username': vault.decrypt('encrypt$gAAAAABfr8DLAJhmUIhdxLq83I8MnRRvkRgDZcO8Brvw1KpvplC3K8ZGj0jIIWD3Us33vIP6t0ybd_mgD8slpRUk78Kqd3BMoQ=='), 'username': vault.decrypt('encrypt$gAAAAABfr8DLAJhmUIhdxLq83I8MnRRvkRgDZcO8Brvw1KpvplC3K8ZGj0jIIWD3Us33vIP6t0ybd_mgD8slpRUk78Kqd3BMoQ=='),
'password': vault.decrypt('encrypt$gAAAAABfr8Cq5M1hweeJTQAl0dLhFntdlw-QnkIYUQpY-_ycODVWOpyeAwjwOgWLSdsdXIUvqcoiXPZPV-BE12p5C42NGnj9r7sKYpoGz8xfuGIk6haMa2g='), 'password': vault.decrypt('encrypt$gAAAAABfr8Cq5M1hweeJTQAl0dLhFntdlw-QnkIYUQpY-_ycODVWOpyeAwjwOgWLSdsdXIUvqcoiXPZPV-BE12p5C42NGnj9r7sKYpoGz8xfuGIk6haMa2g='),