def run_monthly(last: bool = False, dry_run: bool = False):
"""
special monthly procedure
"""
if dry_run:
logger.log("robot", "Dry run procedure for testing monthly procedures")
else:
logger.log("exec", "run monthly procedures")
from p05_month import run
e = run(dry_run)
for k, v in e.items():
if v != "Ok":
logger.log_error("robot", k + " -> " + v)
#
# pack monthly
#
cwd = os.getcwd()
os.chdir(log_dir)
month_log = full_logfile.parent / (full_logfile.stem + "_month_" + str(the_date.year) + "_" + str(the_date.month) + ".tgz")
if month_log.exists():
return # already done
year_log = full_logfile.parent / (full_logfile.stem + "_year_" + str(the_date.year) + ".tgz")
if year_log.exists():
return # already done
cmd = "tar czf " + str(month_log) + " " + str(full_logfile)
if dry_run:
logger.log("monthly", "Packing dry")
logger.log("monthly", ">>> " + cmd)
else:
logger.log("monthly", "Packing")
system_exec(cmd)
if not last:
logger.new_log()
os.chdir(cwd)
def run_yearly(dry_run: bool = False):
"""
special yearly procedures
"""
run_monthly(True, dry_run)
if dry_run:
logger.log("robot", "Dry run procedure for testing yearly procedures")
else:
logger.log("exec", "run yearly procedures")
from p06_year import run
e = run(dry_run)
for k, v in e.items():
if v != "Ok":
logger.log_error("robot", k + " -> " + v)
#
# pack yearly
#
cwd = os.getcwd()
os.chdir(log_dir)
year_log = full_logfile.parent / (full_logfile.stem + "_year_" + str(the_date.year) + ".tgz")
if year_log.exists():
return # already done
cmd = "tar czf " + str(year_log) + " " + \
str(full_logfile.parent / full_logfile.stem) + "_month_" + str(the_date.year) + "_*.tgz "
if dry_run:
logger.log("yearly", "Packing dry:")
logger.log("yearly", ">>> " + cmd)
logger.log("yearly", ">>> logger.new_log")
else:
logger.log("yearly", "Packing")
system_exec(cmd)
logger.new_log()
os.chdir(cwd)
logger.log("yearly", "Happy new year!")
def main(dry_run: bool = False):
"""
main script execution
:param dry_run: if the script should be run without system modification
:return:
"""
#
if check_certificates():
logger.log("autoSSLRenew", "Certificates Still valid")
add_paragraph("SSL renewal",
message="SSL certificates are still valid")
return
logger.log("autoSSLRenew", "Certificates due to renewal")
ret, lines = system_exec("/usr/local/bin/certbot renew" +
["", " --dry-run"][dry_run])
if ret != 0:
logger.log_error("autoSSLRenew",
"certbot return code (" + str(ret) + ")")
for line in lines:
logger.log_error("autoSSLRenew", line)
return
if check_certificates() or dry_run:
logger.log("autoSSLRenew",
"SSL Certificates have been successfully renewed")
add_paragraph(
"SSL renewal",
message="SSL Certificates have been successfully renewed")
if dry_run:
return
ret, lines = system_exec("rcctl restart apache2")
if ret == 0:
return
logger.log_error("autoSSLRenew",
"Unable to restart web server after renewal")
for line in lines:
logger.log_error("autoSSLRenew", line)
ret, lines = system_exec("rcctl restart smtpd")
if ret == 0:
return
logger.log_error("autoSSLRenew",
"Unable to restart mail server after renewal")
for line in lines:
logger.log_error("autoSSLRenew", line)
else:
logger.log_error(
"autoSSLRenew",
"SSL Certificates are still invalid after renew\n" +
"\n".join(lines))
add_paragraph_with_lines(
"SSL renewal",
pre_message=["SSL Certificates are still invalid after renew"],
lines=lines)
def setheaderlines():
"""
get information about kernel version and uptime
:return: lines to be displayed in mail
"""
res = []
cmd = "sysctl -n kern.version"
ret, lines = system_exec(cmd)
res.append(lines[0])
ret, lines = system_exec("uptime")
res.append(lines[0])
return res
def login_account():
"""
get login statistics (not really working)
:return:
"""
# ac -p | sort -nr -k 2
ret, lines = system_exec("ac -p | sort -nr -k 2")
logger.log("weekly", "login time statistics\n" + "\n".join(lines))
add_paragraph_with_lines("Login statistic", 3, lines=lines)
def get_actual_version():
"""
retreave te actual version number
:return: version
"""
ret, version = system_exec("uname -r")
version = version[0]
if "." not in version:
return "0.0"
return ".".join(version.split(".")[0:2])
def restart_smtpd():
"""
restart the mail service
:return: execution status
"""
ret, lines = system_exec("rcctl restart smtpd")
for line in lines:
if 'failed' in line:
return False
if 'ok' not in line:
return False
return True
def services():
"""
check for service that are not runin
:return:
"""
ret, lines = system_exec("rcctl ls failed")
if len(lines) == 0:
# everything is OK!
return
logger.log(
"daily",
"Services that should be running but aren't\n" + "\n".join(lines))
add_paragraph_with_items("Services that should be running but aren't",
lines=lines)
def sendmail(local_mail_file, local_mailing_list):
"""
:param local_mail_file:
:param local_mailing_list:
:return:
"""
ret, lines = system_exec("cat " + local_mail_file + " | sendmail " +
local_mailing_list)
if len(lines) == 0:
return True
# there is a problem
temp_pb = False
for line in lines:
if "451" in line:
temp_pb = True
break
if not temp_pb:
# this is a true problem
logger.log_error("mailing", "Mail sending problem:")
for line in lines:
logger.log("mailing", line)
return False
# attempt to restart smtpd:
if not restart_smtpd():
# error during restart
logger.log_error("mailing", "unable to restart smtpd")
return False
# resend message
ret, lines = system_exec("cat " + local_mail_file + " | sendmail " +
local_mailing_list)
if len(lines) == 0:
return True
logger.log_error("mailing", "Mail sending problem:")
for line in lines:
logger.log("mailing", line)
return False
def newsyslog_forced():
"""
monthly log rotate has to be forced
:return:
"""
logger.log("monthly", "newsyslog forced")
ret, lines = system_exec("/usr/bin/newsyslog -F")
if len(lines) != 0:
# il y a un probleme
logger.log_error("monthly",
"problem in newsyslog execution\n" + "\n".join(lines))
add_paragraph_with_lines(
"newsyslog",
pre_message=["problem in newsyslog execution"],
lines=lines)
def run_unit_tests():
"""
run all unittests
"""
import sys
logger.log("TestingSystem", "*-------------------------*")
logger.log("TestingSystem", "| testing procedure |")
logger.log("TestingSystem", "*-------------------------*")
test_exec = Path(__file__).parent / "test.py"
cmd = "python " + str(test_exec)
logger.log("TestingSystem", cmd)
ret, lines = system_exec(cmd)
for line in lines:
logger.log("TestingSystem", line)
if ret != 0:
sys.exit(1)
def locate_database():
"""
update the locate database
:return:
"""
# /usr/libexec/locate.updatedb
logger.log("weekly", "Updating locate database")
ret, lines = system_exec("/usr/libexec/locate.updatedb")
if len(lines) != 0:
# houston, we got a problem
logger.log_error(
"weekly", "problem in locate database update\n" + "\n".join(lines))
add_paragraph_with_lines(
"locate_database",
3,
pre_message=["Problems in locate database reconstruction"],
lines=lines)
def whatis_database():
"""
update the whatis database
:return:
"""
# /usr/sbin/makewhatis
logger.log("weekly", "whatis database update")
ret, lines = system_exec("/usr/sbin/makewhatis")
if len(lines) != 0:
# il y a un probleme
logger.log_error(
"weekly", "problem in whatis database update\n" + "\n".join(lines))
add_paragraph_with_lines(
"whatis_database",
3,
pre_message=["problem in whatis database update"],
lines=lines)
def disk():
"""
check disk space
:return:
"""
ret, lines = system_exec("df -hl")
if len(lines) == 0:
return
logger.log("daily", "Disks:\n" + "\n".join(lines))
ct = []
r = []
for line in lines:
if len(ct) == 0:
ct = line.split(maxsplit=5)
continue
r.append(line.split(maxsplit=5))
add_paragraph_with_array("Disks", col_titles=ct, rows=r)
def check_packages():
"""
check the package installation
:return:
"""
# now check packages
ret, lines = system_exec("pkg_check -xq")
ok = True
for line in lines:
if "ok" not in line:
ok = False
break
if not ok:
# houston, we got a problem
logger.log_error("weekly", "problem in packages\n" + "\n".join(lines))
add_paragraph_with_lines("check_packages",
3,
pre_message=["problem in packages"],
lines=lines)
def check_certificates():
"""
check the actual certificates to see if a renewal has to be done
:return: True if the certificates are still valid
"""
ret, lines = system_exec("/usr/local/bin/certbot certificates")
if ret != 0:
logger.log_error("autoSSLRenew",
"getting certificates (" + str(ret) + ")")
for line in lines:
logger.log_error("autoSSLRenew", line)
for line in lines:
if "INVALID" in line:
return False
if "VALID:" in line:
try:
days = int(line.split("VALID:")[-1].split("day")[0])
except:
return False
if days < 25:
return False
return True
