From: Ian Kelling Date: Mon, 4 Apr 2022 06:49:30 +0000 (-0400) Subject: add new test X-Git-Url: https://iankelling.org/git/?a=commitdiff_plain;h=5b09fb8ae01ae1c9aa5c3ccde60f6e6a22f7d6a6;p=distro-setup add new test --- diff --git a/check-crypttab b/check-crypttab new file mode 100755 index 0000000..2bbbdea --- /dev/null +++ b/check-crypttab @@ -0,0 +1,38 @@ +#!/bin/bash + +# I somehow ended up with an empty crypttab, and had to rescue my +# system. So, lets check for some basic validity. + +if ! test "$BASH_VERSION"; then echo "error: shell is not bash" >&2; exit 1; fi +shopt -s inherit_errexit 2>/dev/null ||: # ignore fail in bash < 4.4 +set -eE -o pipefail +trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" exit status: $?, PIPESTATUS: ${PIPESTATUS[*]}" >&2' ERR + +debug=false +if [[ $1 ]]; then + debug=true +fi +d() { + if $debug; then + printf "%s\n" "$*" + fi +} + +metric_dir=/var/lib/prometheus/node-exporter +mnt="$(findmnt -fn -o SOURCE /)" +case $mnt in + /dev/mapper/crypt_dev_*) + tmp=${mnt#/dev/mapper/} + dev=${tmp%%\[*} + if ! grep -qF $dev /etc/crypttab; then + d $dev + if [[ -e $metric_dir ]]; then + echo "crypttab_check 1" > $metric_dir/crypttab_check.prom + exit 0 + fi + fi + ;; +esac +if [[ -e $metric_dir ]]; then + echo "crypttab_check 0" > $metric_dir/crypttab_check.prom +fi diff --git a/filesystem/etc/cron.d/ian b/filesystem/etc/cron.d/ian index 867f6c9..8a0ac95 100644 --- a/filesystem/etc/cron.d/ian +++ b/filesystem/etc/cron.d/ian @@ -14,3 +14,4 @@ MAILTO=root # maybe try this again sometime. it needs updating to be like # myupgrade. #0 * * * * root mycheckrestart |& log-once -1 mycheckrestart +19 * * * * root check-crypttab diff --git a/filesystem/etc/prometheus/rules/iank.yml b/filesystem/etc/prometheus/rules/iank.yml index 40fc404..0ee3335 100644 --- a/filesystem/etc/prometheus/rules/iank.yml +++ b/filesystem/etc/prometheus/rules/iank.yml @@ -98,6 +98,12 @@ groups: labels: severity: warn + - alert: check_crypttab + expr: |- + check_crypttab > 0 + labels: + severity: prod + - alert: mailtest_check_vps expr: |- time() - mailtest_check_last_usec{job="tlsnode"} >= 60 * 12 diff --git a/install-my-scripts b/install-my-scripts index 27c5c4b..c932cfe 100755 --- a/install-my-scripts +++ b/install-my-scripts @@ -44,6 +44,7 @@ rsync -t --chmod=755 --chown=root:root switch-mail-host btrbk-run mount-latest-s iptables-exim \ ip6tables-exim \ exim-nn-iptables \ + check-crypttab \ /usr/local/bin rsync -t --chmod=755 --chown=root:root /a/bin/errhandle/err /usr/local/lib