def run_monthly(last: bool = False, dry_run: bool = False): """ special monthly procedure """ if dry_run: logger.log("robot", "Dry run procedure for testing monthly procedures") else: logger.log("exec", "run monthly procedures") from p05_month import run e = run(dry_run) for k, v in e.items(): if v != "Ok": logger.log_error("robot", k + " -> " + v) # # pack monthly # cwd = os.getcwd() os.chdir(log_dir) month_log = full_logfile.parent / (full_logfile.stem + "_month_" + str(the_date.year) + "_" + str(the_date.month) + ".tgz") if month_log.exists(): return # already done year_log = full_logfile.parent / (full_logfile.stem + "_year_" + str(the_date.year) + ".tgz") if year_log.exists(): return # already done cmd = "tar czf " + str(month_log) + " " + str(full_logfile) if dry_run: logger.log("monthly", "Packing dry") logger.log("monthly", ">>> " + cmd) else: logger.log("monthly", "Packing") system_exec(cmd) if not last: logger.new_log() os.chdir(cwd)
def run_yearly(dry_run: bool = False): """ special yearly procedures """ run_monthly(True, dry_run) if dry_run: logger.log("robot", "Dry run procedure for testing yearly procedures") else: logger.log("exec", "run yearly procedures") from p06_year import run e = run(dry_run) for k, v in e.items(): if v != "Ok": logger.log_error("robot", k + " -> " + v) # # pack yearly # cwd = os.getcwd() os.chdir(log_dir) year_log = full_logfile.parent / (full_logfile.stem + "_year_" + str(the_date.year) + ".tgz") if year_log.exists(): return # already done cmd = "tar czf " + str(year_log) + " " + \ str(full_logfile.parent / full_logfile.stem) + "_month_" + str(the_date.year) + "_*.tgz " if dry_run: logger.log("yearly", "Packing dry:") logger.log("yearly", ">>> " + cmd) logger.log("yearly", ">>> logger.new_log") else: logger.log("yearly", "Packing") system_exec(cmd) logger.new_log() os.chdir(cwd) logger.log("yearly", "Happy new year!")
def main(dry_run: bool = False): """ main script execution :param dry_run: if the script should be run without system modification :return: """ # if check_certificates(): logger.log("autoSSLRenew", "Certificates Still valid") add_paragraph("SSL renewal", message="SSL certificates are still valid") return logger.log("autoSSLRenew", "Certificates due to renewal") ret, lines = system_exec("/usr/local/bin/certbot renew" + ["", " --dry-run"][dry_run]) if ret != 0: logger.log_error("autoSSLRenew", "certbot return code (" + str(ret) + ")") for line in lines: logger.log_error("autoSSLRenew", line) return if check_certificates() or dry_run: logger.log("autoSSLRenew", "SSL Certificates have been successfully renewed") add_paragraph( "SSL renewal", message="SSL Certificates have been successfully renewed") if dry_run: return ret, lines = system_exec("rcctl restart apache2") if ret == 0: return logger.log_error("autoSSLRenew", "Unable to restart web server after renewal") for line in lines: logger.log_error("autoSSLRenew", line) ret, lines = system_exec("rcctl restart smtpd") if ret == 0: return logger.log_error("autoSSLRenew", "Unable to restart mail server after renewal") for line in lines: logger.log_error("autoSSLRenew", line) else: logger.log_error( "autoSSLRenew", "SSL Certificates are still invalid after renew\n" + "\n".join(lines)) add_paragraph_with_lines( "SSL renewal", pre_message=["SSL Certificates are still invalid after renew"], lines=lines)
def setheaderlines(): """ get information about kernel version and uptime :return: lines to be displayed in mail """ res = [] cmd = "sysctl -n kern.version" ret, lines = system_exec(cmd) res.append(lines[0]) ret, lines = system_exec("uptime") res.append(lines[0]) return res
def login_account(): """ get login statistics (not really working) :return: """ # ac -p | sort -nr -k 2 ret, lines = system_exec("ac -p | sort -nr -k 2") logger.log("weekly", "login time statistics\n" + "\n".join(lines)) add_paragraph_with_lines("Login statistic", 3, lines=lines)
def get_actual_version(): """ retreave te actual version number :return: version """ ret, version = system_exec("uname -r") version = version[0] if "." not in version: return "0.0" return ".".join(version.split(".")[0:2])
def restart_smtpd(): """ restart the mail service :return: execution status """ ret, lines = system_exec("rcctl restart smtpd") for line in lines: if 'failed' in line: return False if 'ok' not in line: return False return True
def services(): """ check for service that are not runin :return: """ ret, lines = system_exec("rcctl ls failed") if len(lines) == 0: # everything is OK! return logger.log( "daily", "Services that should be running but aren't\n" + "\n".join(lines)) add_paragraph_with_items("Services that should be running but aren't", lines=lines)
def sendmail(local_mail_file, local_mailing_list): """ :param local_mail_file: :param local_mailing_list: :return: """ ret, lines = system_exec("cat " + local_mail_file + " | sendmail " + local_mailing_list) if len(lines) == 0: return True # there is a problem temp_pb = False for line in lines: if "451" in line: temp_pb = True break if not temp_pb: # this is a true problem logger.log_error("mailing", "Mail sending problem:") for line in lines: logger.log("mailing", line) return False # attempt to restart smtpd: if not restart_smtpd(): # error during restart logger.log_error("mailing", "unable to restart smtpd") return False # resend message ret, lines = system_exec("cat " + local_mail_file + " | sendmail " + local_mailing_list) if len(lines) == 0: return True logger.log_error("mailing", "Mail sending problem:") for line in lines: logger.log("mailing", line) return False
def newsyslog_forced(): """ monthly log rotate has to be forced :return: """ logger.log("monthly", "newsyslog forced") ret, lines = system_exec("/usr/bin/newsyslog -F") if len(lines) != 0: # il y a un probleme logger.log_error("monthly", "problem in newsyslog execution\n" + "\n".join(lines)) add_paragraph_with_lines( "newsyslog", pre_message=["problem in newsyslog execution"], lines=lines)
def run_unit_tests(): """ run all unittests """ import sys logger.log("TestingSystem", "*-------------------------*") logger.log("TestingSystem", "| testing procedure |") logger.log("TestingSystem", "*-------------------------*") test_exec = Path(__file__).parent / "test.py" cmd = "python " + str(test_exec) logger.log("TestingSystem", cmd) ret, lines = system_exec(cmd) for line in lines: logger.log("TestingSystem", line) if ret != 0: sys.exit(1)
def locate_database(): """ update the locate database :return: """ # /usr/libexec/locate.updatedb logger.log("weekly", "Updating locate database") ret, lines = system_exec("/usr/libexec/locate.updatedb") if len(lines) != 0: # houston, we got a problem logger.log_error( "weekly", "problem in locate database update\n" + "\n".join(lines)) add_paragraph_with_lines( "locate_database", 3, pre_message=["Problems in locate database reconstruction"], lines=lines)
def whatis_database(): """ update the whatis database :return: """ # /usr/sbin/makewhatis logger.log("weekly", "whatis database update") ret, lines = system_exec("/usr/sbin/makewhatis") if len(lines) != 0: # il y a un probleme logger.log_error( "weekly", "problem in whatis database update\n" + "\n".join(lines)) add_paragraph_with_lines( "whatis_database", 3, pre_message=["problem in whatis database update"], lines=lines)
def disk(): """ check disk space :return: """ ret, lines = system_exec("df -hl") if len(lines) == 0: return logger.log("daily", "Disks:\n" + "\n".join(lines)) ct = [] r = [] for line in lines: if len(ct) == 0: ct = line.split(maxsplit=5) continue r.append(line.split(maxsplit=5)) add_paragraph_with_array("Disks", col_titles=ct, rows=r)
def check_packages(): """ check the package installation :return: """ # now check packages ret, lines = system_exec("pkg_check -xq") ok = True for line in lines: if "ok" not in line: ok = False break if not ok: # houston, we got a problem logger.log_error("weekly", "problem in packages\n" + "\n".join(lines)) add_paragraph_with_lines("check_packages", 3, pre_message=["problem in packages"], lines=lines)
def check_certificates(): """ check the actual certificates to see if a renewal has to be done :return: True if the certificates are still valid """ ret, lines = system_exec("/usr/local/bin/certbot certificates") if ret != 0: logger.log_error("autoSSLRenew", "getting certificates (" + str(ret) + ")") for line in lines: logger.log_error("autoSSLRenew", line) for line in lines: if "INVALID" in line: return False if "VALID:" in line: try: days = int(line.split("VALID:")[-1].split("day")[0]) except: return False if days < 25: return False return True