parallelvirtualcluster/pvc-ansible
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Initial commit of PVC Ansible role

Browse Source
This commit is contained in:
Joshua Boniface
2023-09-01 15:42:19 -04:00
commit 6dfaf433dc
92 changed files with 4709 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
roles/base/files/usr/lib/check_mk_agent/plugins/backup Executable file
View File

@ -0,0 +1,11 @@
#!/bin/bash
# Backup check for Check_MK
# Installed by BLSE 2.0 ansible
SHARELIST=( $( cat /var/backups/shares ) )
echo "<<<backup>>>"
for SHARE in ${SHARELIST[@]}; do
echo "${SHARE} $( cat ${SHARE}/.backup )"
done

15
roles/base/files/usr/lib/check_mk_agent/plugins/cephfsmounts Executable file
View File

@ -0,0 +1,15 @@
echo '<<<cephfsmounts>>>'
sed -n '/ ceph\? /s/[^ ]* \([^ ]*\) .*/\1/p' < /proc/mounts |
sed 's/\\040/ /g' |
while read MP
do
if [ ! -r $MP ]; then
echo "$MP Permission denied"
elif [ $STAT_VERSION != $STAT_BROKE ]; then
waitmax -s 9 2 stat -f -c "$MP ok %b %f %a %s" "$MP" || \
echo "$MP hanging 0 0 0 0"
else
waitmax -s 9 2 stat -f -c "$MP ok %b %f %a %s" "$MP" && \
printf '\n'|| echo "$MP hanging 0 0 0 0"
fi
done

33
roles/base/files/usr/lib/check_mk_agent/plugins/dpkg Executable file
View File

@ -0,0 +1,33 @@
#!/bin/bash
# Apt and dpkg status check for Check_MK
# Installed by BLSE 2.0 ansible
TMP_DPKG="$( COLUMNS=200 dpkg --list )"
TMP_AWK="$( awk '
{ if (NR>5) {
if ($1 != "ii") bad_package[$2]=$1;
}}
END {
print NR-5;
bad_package_count=asort(bad_package,junk)
if (bad_package_count) {
for (package in bad_package)
print package "[" bad_package[package] "]"
exit 1
}
}
' <<<"$TMP_DPKG" )"
DEBIAN_VERSION="$( cat /etc/debian_version )"
TOTAL_PACKAGES=$( head --lines=1 <<<"${TMP_AWK}" )
UPGRADABLE_PACKAGES=( $( apt list --upgradable 2>/dev/null | grep -v '^Listing' | awk '{ gsub(/\]/,"",$NF); print $1 "[" $NF "<>" $2 "]" }' ) )
INCONSISTENT_PACKAGES=( $( tail --lines=+2 <<<"${TMP_AWK}" ) )
OLD_CONFIG_FILES=( $( ionice -c3 find /etc -type f -a \( -name '*.dpkg-*' -o -name '*.ucf-*' \) 2>/dev/null ) )
echo "<<<dpkg>>>"
echo "debian_version ${DEBIAN_VERSION}"
echo "total_packages ${TOTAL_PACKAGES}"
echo "upgradable_packages ${#UPGRADABLE_PACKAGES[*]} ${UPGRADABLE_PACKAGES[*]}"
echo "inconsistent_packages ${#INCONSISTENT_PACKAGES[*]} ${INCONSISTENT_PACKAGES[*]}"
echo "obsolete_configuration_files ${#OLD_CONFIG_FILES[*]} ${OLD_CONFIG_FILES[*]}"

16
roles/base/files/usr/lib/check_mk_agent/plugins/entropy Executable file
View File

@ -0,0 +1,16 @@
#!/bin/bash
# Entropy availability check for Check_MK
# Installed by BLSE 2.0 ansible
if [ -e /proc/sys/kernel/random/entropy_avail ]; then
echo '<<<entropy_avail>>>'
echo -n "entropy_avail "
cat /proc/sys/kernel/random/entropy_avail
echo -n "poolsize "
cat /proc/sys/kernel/random/poolsize
fi

52
roles/base/files/usr/lib/check_mk_agent/plugins/freshness Executable file
View File

@ -0,0 +1,52 @@
#!/bin/bash
# Open file handle freshness check for Check_MK
# Installed by BLSE 2.0 ansible
OK=0
WARNING=1
FRESHNESS="$( lsof -Fcftn / 2>/dev/null | grep -v '/tmp' | \
awk '
{
field=substr($0,1,1);
data=substr($0,2);
if (field=="f") {
file_descriptor=data;
} else if (field=="t") {
file_type=data;
} else if (field=="c") {
command_name=data;
} else if (field=="n" && file_descriptor=="DEL" && file_type=="REG") {
name=data;
file[command_name]++;
}
}
END {
for (name in file) {
error++;
# Skip these problematic programs
if (name=="systemd-udevd") { continue; }
if (name=="pulseaudio") { continue; }
if (name=="light-locker") { continue; }
if (name=="at-spi-bus-laun") { continue; }
if (name=="node") { continue; }
if (error_name) { error_name=error_name " " };
error_name=error_name name;
}
if (error_name) {
print error_name;
exit error;
} else {
exit;
}
}' )";
echo "<<<freshness>>>"
if [ "$FRESHNESS" ]; then
echo "Applications needing restart: $FRESHNESS"
exit $WARNING
else
echo "No applications needing restart"
exit $OK
fi

14
roles/base/files/usr/lib/check_mk_agent/plugins/kernelversion Executable file
View File

@ -0,0 +1,14 @@
#!/bin/bash
OK=0
WARNING=1
echo "<<<kernelversion>>>"
ACTIVE="$( uname -v | awk '{ print $4" "$5 }' )"
ONDISK="$( strings /vmlinuz | grep 'Debian' | head -1 | awk '{ print $6" "$7 }' )"
echo ${ACTIVE}
echo ${ONDISK}
if [[ ${ACTIVE} != ${ONDISK} ]]; then
exit $WARNING
else
exit $OK
fi

68
roles/base/files/usr/lib/check_mk_agent/plugins/ownership Executable file
View File

@ -0,0 +1,68 @@
#!/bin/bash
# File ownership check for Check_MK
# Installed by BLSE 2.0 ansible
UID_MAX=299
# http://www.debian.org/doc/debian-policy/ch-opersys.html
# 0-99: Globally allocated by the Debian project
# 100-199: (BLSE) Dynamically allocated system users and groups
# 200-299: (BLSE) BLSE users and groups
# 300-499: (BLSE) reserved
# 500-599: (BLSE) system administrators
# 600-999: (BLSE) reserved
# 64045: (BLSE) ceph
function is_element_of {
local TO_FIND=$1
shift
for ARRAY_ELEMENT in $*
do
if test $TO_FIND = $ARRAY_ELEMENT
then
return 0
fi
done
return 1
}
OK=0
WARNING=1
FILESYSTEMs=(/ /var/log)
MOUNTs=($(awk '{print $2}' '/proc/mounts'))
FILEs=()
for FILESYSTEM in ${FILESYSTEMs[@]}; do
while IFS= read -r -d $'\0' FILE
do
if ! is_element_of "$FILE" ${FILESYSTEMs[*]}; then
if is_element_of $FILE ${MOUNTs[*]}; then
continue
fi
fi
FILEs+=($FILE)
done < <( find ${FILESYSTEM} -xdev -uid +$UID_MAX -not -uid +64000 -not -uid 2000 \
-not \( -type d -a \( -path /media -o -path /mnt \) \) \
-not \( -name '.*.swp' -a -mtime -3 \) \
-not \( -path '*/.git' -o -path '*/.git/*' \) \
-not \( -path '*.dirtrack.Storable' \) \
-not \( -path '/home/*' \) \
-not \( -path '/tmp/*' \) \
-not \( -path '/var/home/*' \) \
-not \( -path '/var/log/gitlab/*' \) \
-print0 2>/dev/null )
done
echo "<<<file_ownership>>>"
if ! test ${#FILEs[*]} -eq 0; then
echo -n "${#FILEs[*]} file(s) found with invalid ownership (must be UID <299): "
echo "${FILEs[*]}"
exit $WARNING
else
echo "All files have valid ownership"
exit $OK
fi