Bug fixes, and improvements.

This includes a bug fix found in the ipv6 agent for AWS SG's, along with better IPv6 detection to get the current active source IPv6 address.
2018-12-07 22:09:12 -05:00 · 2018-12-07 22:09:12 -05:00 · 402420472e
parent 744be856b0
commit 402420472e
3 changed files with 40 additions and 29 deletions
--- a/src/agents.d/aws-sg
+++ b/src/agents.d/aws-sg
@ -15,19 +15,24 @@ if [[ -z "$agent_aws_sg_id" ]]; then
    exit 99
 fi

-if [[ -d "${DIP_BASE_DIR}/aws" ]]; then
-    if [[ ! -r "${DIP_BASE_DIR}/aws/config" ]]; then
-        logerr "ERROR: AWS config file not found: '${DIP_BASE_DIR}/aws/config'"
-        exit 99
-    elif [[ ! -r "${DIP_BASE_DIR}/aws/credentials" ]]; then
-        logerr "ERROR: AWS credentials file not found: '${DIP_BASE_DIR}/aws/credentials'"
-        exit 99
-    else
-        export AWS_CONFIG_FILE="${DIP_BASE_DIR}/aws/config"
-        export AWS_SHARED_CREDENTIALS_FILE="${DIP_BASE_DIR}/aws/credentials"
-    fi
-else
-    logerr "ERROR: AWS config directory not found. '${DIP_BASE_DIR}/aws/' is expected to exist and contain 'config' and 'credentials' for AWS access."
+#if [[ -d "${DIP_BASE_DIR}/aws" ]]; then
+#    if [[ ! -r "${DIP_BASE_DIR}/aws/config" ]]; then
+#        logerr "ERROR: AWS config file not found: '${DIP_BASE_DIR}/aws/config'"
+#        exit 99
+#    elif [[ ! -r "${DIP_BASE_DIR}/aws/credentials" ]]; then
+#        logerr "ERROR: AWS credentials file not found: '${DIP_BASE_DIR}/aws/credentials'"
+#        exit 99
+#    else
+#        export AWS_CONFIG_FILE="${DIP_BASE_DIR}/aws/config"
+#        export AWS_SHARED_CREDENTIALS_FILE="${DIP_BASE_DIR}/aws/credentials"
+#    fi
+#else
+#    logerr "ERROR: AWS config directory not found. '${DIP_BASE_DIR}/aws/' is expected to exist and contain 'config' and 'credentials' for AWS access."
+#    exit 99
+#fi
+
+if [[ -z "$AWS_ACCESS_KEY_ID" || -z "$AWS_SECRET_ACCESS_KEY" || -z "$AWS_DEFAULT_REGION" ]]; then
+    echo "ERROR: AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY need to be set"
    exit 99
 fi

@ -57,7 +62,7 @@ if valid_ipv6 "$DIP_CUR_IP"; then
        log "No changes required."
    else
        log "Updating Security Group IPv6"
-        aws ec2 revoke-security-group-ingress --group-id "${agent_aws-sg_id}" --ip-permissions "[{\"IpProtocol\": \"-1\", \"Ipv6Ranges\": [{\"CidrIpv6\": \"${existingprefix}\"}]}]"
-        aws ec2 authorize-security-group-ingress --group-id "${agent_aws-sg_id}" --ip-permissions "[{\"IpProtocol\": \"-1\", \"Ipv6Ranges\": [{\"CidrIpv6\": \"${currentprefix}\"}]}]"
+        aws ec2 revoke-security-group-ingress --group-id "${agent_aws_sg_id}" --ip-permissions "[{\"IpProtocol\": \"-1\", \"Ipv6Ranges\": [{\"CidrIpv6\": \"${existingprefix}\"}]}]"
+        aws ec2 authorize-security-group-ingress --group-id "${agent_aws_sg_id}" --ip-permissions "[{\"IpProtocol\": \"-1\", \"Ipv6Ranges\": [{\"CidrIpv6\": \"${currentprefix}\"}]}]"
    fi
 fi
--- a/src/agents.d/update-dns-r53
+++ b/src/agents.d/update-dns-r53
@ -17,19 +17,24 @@ if [[ -z "$agent_update_dns_r53_id" ]]; then
    exit 99
 fi

-if [[ -d "${DIP_BASE_DIR}/aws" ]]; then
-    if [[ ! -r "${DIP_BASE_DIR}/aws/config" ]]; then
-        logerr "ERROR: AWS config file not found: '${DIP_BASE_DIR}/aws/config'"
-        exit 99
-    elif [[ ! -r "${DIP_BASE_DIR}/aws/credentials" ]]; then
-        logerr "ERROR: AWS credentials file not found: '${DIP_BASE_DIR}/aws/credentials'"
-        exit 99
-    else
-        export AWS_CONFIG_FILE="${DIP_BASE_DIR}/aws/config"
-        export AWS_SHARED_CREDENTIALS_FILE="${DIP_BASE_DIR}/aws/credentials"
-    fi
-else
-    logerr "ERROR: AWS config directory not found. '${DIP_BASE_DIR}/aws/' is expected to exist and contain 'config' and 'credentials' for AWS access."
+#if [[ -d "${DIP_BASE_DIR}/aws" ]]; then
+#    if [[ ! -r "${DIP_BASE_DIR}/aws/config" ]]; then
+#        logerr "ERROR: AWS config file not found: '${DIP_BASE_DIR}/aws/config'"
+#        exit 99
+#    elif [[ ! -r "${DIP_BASE_DIR}/aws/credentials" ]]; then
+#        logerr "ERROR: AWS credentials file not found: '${DIP_BASE_DIR}/aws/credentials'"
+#        exit 99
+#    else
+#        export AWS_CONFIG_FILE="${DIP_BASE_DIR}/aws/config"
+#        export AWS_SHARED_CREDENTIALS_FILE="${DIP_BASE_DIR}/aws/credentials"
+#    fi
+#else
+#    logerr "ERROR: AWS config directory not found. '${DIP_BASE_DIR}/aws/' is expected to exist and contain 'config' and 'credentials' for AWS access."
+#    exit 99
+#fi
+
+if [[ -z "$AWS_ACCESS_KEY_ID" || -z "$AWS_SECRET_ACCESS_KEY" ]]; then
+    echo "ERROR: AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY need to be set"
    exit 99
 fi

--- a/src/dynamic-ip
+++ b/src/dynamic-ip
@ -113,7 +113,8 @@ getIPv4() {
 getIPv6() {
    local result

-    result=$(/sbin/ip -6 addr | grep inet6 | awk -F '[ \t]+|/' '{print $3}' | grep -v ^::1 | grep -v ^fe80)  || return 1
+    #result=$(/sbin/ip -6 addr | grep inet6 | awk -F '[ \t]+|/' '{print $3}' | grep -v ^::1 | grep -v ^fe80)  || return 1
+    result=$(ip -6 route get to 2001:4860:4860::8888 | sed 's/^.*src \([^ ]*\).*$/\1/;q') || return 1

    if valid_ipv6 "$result"; then
        echo "$result"