diff --git a/src/agents.d/aws-sg b/src/agents.d/aws-sg index bd2c1ad..10c60ad 100755 --- a/src/agents.d/aws-sg +++ b/src/agents.d/aws-sg @@ -4,36 +4,34 @@ source "${DIP_FUNCTIONS}" -if [[ -r "${DIP_BASE_DIR}/conf.d/${DIP_AGENT_NAME}.conf" ]]; then +[[ -r "${DIP_BASE_DIR}/conf.d/${DIP_AGENT_NAME}.conf" ]] && \ source "${DIP_BASE_DIR}/conf.d/${DIP_AGENT_NAME}.conf" -fi -if [[ -r "${DIP_BASE_DIR}/conf.d/${DIP_AGENT_EXEC}.conf" ]]; then +[[ -r "${DIP_BASE_DIR}/conf.d/${DIP_AGENT_EXEC}.conf" ]] && \ source "${DIP_BASE_DIR}/conf.d/${DIP_AGENT_EXEC}.conf" -fi if [[ -z "$agent_aws_sg_id" ]]; then - logerr "ERROR: Need 'agent_aws_sg_id' to be defined to your Security Group ID" - exit 99 + logerr "ERROR: Need 'agent_aws_sg_id' to be defined to your Security Group ID" + exit 99 fi if [[ -d "${DIP_BASE_DIR}/aws" ]]; then - if [[ ! -r "${DIP_BASE_DIR}/aws/config" ]]; then - logerr "ERROR: AWS config file not found: '${DIP_BASE_DIR}/aws/config'" - exit 99 - elif [[ ! -r "${DIP_BASE_DIR}/aws/credentials" ]]; then - logerr "ERROR: AWS credentials file not found: '${DIP_BASE_DIR}/aws/credentials'" - exit 99 - else - export AWS_CONFIG_FILE="${DIP_BASE_DIR}/aws/config" - export AWS_SHARED_CREDENTIALS_FILE="${DIP_BASE_DIR}/aws/credentials" - fi + if [[ ! -r "${DIP_BASE_DIR}/aws/config" ]]; then + logerr "ERROR: AWS config file not found: '${DIP_BASE_DIR}/aws/config'" + exit 99 + elif [[ ! -r "${DIP_BASE_DIR}/aws/credentials" ]]; then + logerr "ERROR: AWS credentials file not found: '${DIP_BASE_DIR}/aws/credentials'" + exit 99 + else + export AWS_CONFIG_FILE="${DIP_BASE_DIR}/aws/config" + export AWS_SHARED_CREDENTIALS_FILE="${DIP_BASE_DIR}/aws/credentials" + fi else - logerr "ERROR: AWS config directory not found. '${DIP_BASE_DIR}/aws/' is expected to exist and contain 'config' and 'credentials' for AWS access." - exit 99 + logerr "ERROR: AWS config directory not found. '${DIP_BASE_DIR}/aws/' is expected to exist and contain 'config' and 'credentials' for AWS access." + exit 99 fi -if [[ -z "$DIP_CUR_IP" ]] || [[ -z "$DIP_OLD_IP" ]]; then +if [[ -z "$DIP_CUR_IP" || -z "$DIP_OLD_IP" ]]; then logerr "ERROR: Agent expects currentip, and existingip." exit 98 fi @@ -42,25 +40,24 @@ fi # Main if valid_ipv4 "$DIP_CUR_IP"; then - if [[ "${DIP_CUR_IP}/32" = "${DIP_OLD_IP}/32" ]]; then - log "No changes required." - else - log "Updating Security Group IP" - aws ec2 revoke-security-group-ingress --group-id "${agent_aws_sg_id}" --ip-permissions "[{\"IpProtocol\": \"-1\", \"IpRanges\": [{\"CidrIp\": \"${DIP_OLD_IP}/32\"}]}]" - aws ec2 authorize-security-group-ingress --group-id "${agent_aws_sg_id}" --ip-permissions "[{\"IpProtocol\": \"-1\", \"IpRanges\": [{\"CidrIp\": \"${DIP_CUR_IP}/32\"}]}]" - fi + if [[ "${DIP_CUR_IP}/32" = "${DIP_OLD_IP}/32" ]]; then + log "No changes required." + else + log "Updating Security Group IP" + aws ec2 revoke-security-group-ingress --group-id "${agent_aws_sg_id}" --ip-permissions "[{\"IpProtocol\": \"-1\", \"IpRanges\": [{\"CidrIp\": \"${DIP_OLD_IP}/32\"}]}]" + aws ec2 authorize-security-group-ingress --group-id "${agent_aws_sg_id}" --ip-permissions "[{\"IpProtocol\": \"-1\", \"IpRanges\": [{\"CidrIp\": \"${DIP_CUR_IP}/32\"}]}]" + fi fi if valid_ipv6 "$DIP_CUR_IP"; then - currentprefix=$(getIPv6Prefix $DIP_CUR_IP) - existingprefix=$(getIPv6Prefix $DIP_OLD_IP) + currentprefix=$(getIPv6Prefix "$DIP_CUR_IP") + existingprefix=$(getIPv6Prefix "$DIP_OLD_IP") - if [[ "$currentprefix" = "$existingprefix" ]]; then - log "No changes required." - else - log "Updating Security Group IPv6" - aws ec2 revoke-security-group-ingress --group-id "${agent_aws-sg_id}" --ip-permissions "[{\"IpProtocol\": \"-1\", \"Ipv6Ranges\": [{\"CidrIpv6\": \"${existingprefix}\"}]}]" - aws ec2 authorize-security-group-ingress --group-id "${agent_aws-sg_id}" --ip-permissions "[{\"IpProtocol\": \"-1\", \"Ipv6Ranges\": [{\"CidrIpv6\": \"${currentprefix}\"}]}]" - fi + if [[ "$currentprefix" = "$existingprefix" ]]; then + log "No changes required." + else + log "Updating Security Group IPv6" + aws ec2 revoke-security-group-ingress --group-id "${agent_aws-sg_id}" --ip-permissions "[{\"IpProtocol\": \"-1\", \"Ipv6Ranges\": [{\"CidrIpv6\": \"${existingprefix}\"}]}]" + aws ec2 authorize-security-group-ingress --group-id "${agent_aws-sg_id}" --ip-permissions "[{\"IpProtocol\": \"-1\", \"Ipv6Ranges\": [{\"CidrIpv6\": \"${currentprefix}\"}]}]" + fi fi - diff --git a/src/agents.d/update-dns-r53 b/src/agents.d/update-dns-r53 index 85b94d2..a2634ff 100755 --- a/src/agents.d/update-dns-r53 +++ b/src/agents.d/update-dns-r53 @@ -13,24 +13,24 @@ if [[ -r "${DIP_BASE_DIR}/conf.d/${DIP_AGENT_EXEC}.conf" ]]; then fi if [[ -z "$agent_update_dns_r53_id" ]]; then - logerr "ERROR: Need 'agent_update_dns_r53_id' to be defined to your Route53 Domain ID" - exit 99 + logerr "ERROR: Need 'agent_update_dns_r53_id' to be defined to your Route53 Domain ID" + exit 99 fi if [[ -d "${DIP_BASE_DIR}/aws" ]]; then - if [[ ! -r "${DIP_BASE_DIR}/aws/config" ]]; then - logerr "ERROR: AWS config file not found: '${DIP_BASE_DIR}/aws/config'" - exit 99 - elif [[ ! -r "${DIP_BASE_DIR}/aws/credentials" ]]; then - logerr "ERROR: AWS credentials file not found: '${DIP_BASE_DIR}/aws/credentials'" - exit 99 - else - export AWS_CONFIG_FILE="${DIP_BASE_DIR}/aws/config" - export AWS_SHARED_CREDENTIALS_FILE="${DIP_BASE_DIR}/aws/credentials" - fi + if [[ ! -r "${DIP_BASE_DIR}/aws/config" ]]; then + logerr "ERROR: AWS config file not found: '${DIP_BASE_DIR}/aws/config'" + exit 99 + elif [[ ! -r "${DIP_BASE_DIR}/aws/credentials" ]]; then + logerr "ERROR: AWS credentials file not found: '${DIP_BASE_DIR}/aws/credentials'" + exit 99 + else + export AWS_CONFIG_FILE="${DIP_BASE_DIR}/aws/config" + export AWS_SHARED_CREDENTIALS_FILE="${DIP_BASE_DIR}/aws/credentials" + fi else - logerr "ERROR: AWS config directory not found. '${DIP_BASE_DIR}/aws/' is expected to exist and contain 'config' and 'credentials' for AWS access." - exit 99 + logerr "ERROR: AWS config directory not found. '${DIP_BASE_DIR}/aws/' is expected to exist and contain 'config' and 'credentials' for AWS access." + exit 99 fi if [[ -z "$DIP_CUR_IP" ]] || [[ -z "$DIP_OLD_IP" ]] || [[ -z "$DIP_RECORD" ]]; then @@ -42,11 +42,11 @@ fi # Main if valid_ipv4 "$DIP_CUR_IP"; then - log "Updating Route53 DNS IPv4 Record" + log "Updating Route53 DNS IPv4 Record" /usr/local/bin/cli53 rc --replace "$agent_update_dns_r53_id" "${DIP_RECORD}. 300 A ${DIP_CUR_IP}" fi if valid_ipv6 "$DIP_CUR_IP"; then - log "Updating Route53 DNS IPv6 Record" + log "Updating Route53 DNS IPv6 Record" /usr/local/bin/cli53 rc --replace "$agent_update_dns_r53_id" "${DIP_RECORD}. 300 AAAA ${DIP_CUR_IP}" fi diff --git a/src/dynamic-ip b/src/dynamic-ip index 41788e4..1498a95 100755 --- a/src/dynamic-ip +++ b/src/dynamic-ip @@ -11,7 +11,9 @@ trim() { var=${var##+([[:space:]])} var=${var%%+([[:space:]])} (( extglobWasOff )) && shopt -u extglob - echo -n "$var" + #echo -n "$var" + var=${var%%\#*} + printf '%s' "$var" } detect_ip_version() { @@ -47,11 +49,17 @@ valid_ipv4() { if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then IFS='.' read -ra ipaddr <<< "$ip" - [[ ${ipaddr[0]} -le 255 && ${ipaddr[1]} -le 255 \ - && ${ipaddr[2]} -le 255 && ${ipaddr[3]} -le 255 ]] + [[ $((10#${ipaddr[0]})) -le 255 \ + && $((10#${ipaddr[0]})) -gt 0 \ + && $((10#${ipaddr[1]})) -le 255 \ + && $((10#${ipaddr[1]})) -gt -1 \ + && $((10#${ipaddr[2]})) -le 255 \ + && $((10#${ipaddr[2]})) -gt -1 \ + && $((10#${ipaddr[3]})) -le 255 \ + && $((10#${ipaddr[3]})) -gt -1 ]] stat=$? fi - return $stat + return "$stat" } valid_ipv6() { @@ -84,53 +92,32 @@ getRecords() { getIPv4() { local result - local err - local -a checks + local cmd - if [[ ! -f "${script_dir}/checks.lst" ]] - then - return 1 - else - mapfile -t checks < "${script_dir}/checks.lst" - fi + [[ ! -r "${script_dir}/checks.lst" ]] && return 1 - for i in "${checks[@]}" - do - i=$(trim "$i") - [[ ${i:0:1} == '#' ]] && continue - [[ -z "$i" ]] && continue + while read -r cmd; do + cmd=$(trim "$cmd") + [[ "$cmd" == \#* ]] && continue + [[ -n "$cmd" ]] || continue - result=$($i) - err=$? + result=$($cmd) || continue - if [[ $err -ne 0 ]] - then - continue - fi - - if valid_ipv4 "$result" - then - echo "$result" - return 0 - fi - done - return 1 + if valid_ipv4 "$result"; then + echo "$result" + return 0 + fi + done <"${script_dir}/checks.lst" + return 1 } getIPv6() { local result - local err - result=$(/sbin/ip -6 addr | grep inet6 | awk -F '[ \t]+|/' '{print $3}' | grep -v ^::1 | grep -v ^fe80) - err=$? + result=$(/sbin/ip -6 addr | grep inet6 | awk -F '[ \t]+|/' '{print $3}' | grep -v ^::1 | grep -v ^fe80) || return 1 - if [[ $err -ne 0 ]]; then - return 1 - elif valid_ipv6 "$result"; then + if valid_ipv6 "$result"; then echo "$result" - return 0 - else - return 0 fi } @@ -138,56 +125,39 @@ getDnsNS() { local rec=$1 local domain local result - local err domain=$(sed 's/[^.]*\.\([^.]*\..*\)/\1/' <<<"$rec") - result=$(dig +short @8.8.8.8 NS "$domain" | sed -e 's/.$//') - err=$? - - if [[ $err -eq 0 ]] - then - for d in $result - do - echo "$d" - done - else - logerr "ERROR" - return $err - fi + while read -r result; do + echo "$result" + done < <(dig +short @8.8.8.8 NS "$domain" | sed -e 's/.$//') } getDnsRecord() { local rec=$1 local rectype=$2 local result - local err + local getrecord - for i in $(getDnsNS "$rec") - do - [[ "$i" = "ERROR" ]] && return 1 + while read -r getrecord; do + [[ "$getrecord" == "ERROR" ]] && return 1 - result=$(dig +short @"$i" "$rectype" "$rec" | head -n1) - err=$? + result=$(dig +short @"$getrecord" "$rectype" "$rec" | head -n1) || continue + [[ -z "$result" ]] && continue - if [[ $err -ne 0 ]] || [[ -z "$result" ]]; then - logerr "ERROR: DNS lookup for $i" - continue - elif valid_ip "$result"; then + if valid_ip "$result"; then echo "$result" return 0 else - logerr "ERROR: Lookup failed with: $result" continue fi - done + done < <(getDnsNS "$rec") return 1 } getIPv6Prefix() { local rec=$1 local result - local err if valid_ipv6 "$rec" then @@ -202,18 +172,11 @@ getIPv6Prefix() { getZabbixProxyIP() { local result - local err - result=$(awk -F "=" '/^Server/ { print $2 }' /etc/zabbix/zabbix_proxy.conf) - err=$? + result=$(awk -F "=" '/^Server/ { print $2 }' /etc/zabbix/zabbix_proxy.conf) || return 1 - if [[ $err -ne 0 ]] - then - return 1 - elif valid_ip "$result" - then + if valid_ip "$result"; then echo "$result" - return 0 else return 1 fi @@ -221,18 +184,11 @@ getZabbixProxyIP() { getShorewallIP() { local result - local err - result=$(awk -F "=" '/HOME_IP/ { print $2 }' /etc/shorewall/params) - err=$? + result=$(awk -F "=" '/HOME_IP/ { print $2 }' /etc/shorewall/params) || return 1 - if [[ $err -ne 0 ]] - then - return 1 - elif valid_ip "$result" - then + if valid_ip "$result"; then echo "$result" - return 0 else return 1 fi @@ -240,18 +196,11 @@ getShorewallIP() { getCachedIP() { local result - local err - result=$(<"$HOME/.cached_ip") - err=$? + result=$(<"$HOME/.cached_ip") || return 1 - if [[ $err -ne 0 ]]; then - return 1 - elif valid_ip "$result"; then + if valid_ip "$result"; then echo "$result" - return 0 - else - return 0 fi } @@ -265,8 +214,8 @@ logerr() { run-parts() { # Ignore *~ and *, scripts - for i in $(LC_ALL=C; echo "${1%/}"/*[^~,]) ; do - [[ -d $i ]] && continue + for i in ${1%/}/*[^~]; do + [[ -d "$i" ]] && continue # Don't run *.{rpmsave,rpmorig,rpmnew,swp,cfsaved} scripts [[ "${i%.cfsaved}" != "${i}" ]] && continue [[ "${i%.rpmsave}" != "${i}" ]] && continue @@ -308,26 +257,25 @@ run-hook() { return 0 fi - while read -r hook_script - do + while read -r hook_script; do log "Running agent: $(basename "$hook_script")" - DIP_FUNCTIONS="$(readlink -f "$0")" \ - DIP_AGENT_NAME="$(basename "$(readlink -f "$hook_script")")" \ - DIP_AGENT_EXEC="$(basename "$hook_script")" \ - DIP_AGENT_DIR="$(dirname "$(readlink -f "$hook_script")")" \ - DIP_BASE_DIR="${script_dir}" \ - DIP_CUR_IP="$1" \ - DIP_OLD_IP="$2" \ - DIP_RECORD="$3" \ - "$hook_script" "$@" - err=$? - - if [[ $err -ne 0 ]]; then + if ! \ + DIP_FUNCTIONS="$(readlink -f "$0")" \ + DIP_AGENT_NAME="$(basename "$(readlink -f "$hook_script")")" \ + DIP_AGENT_EXEC="$(basename "$hook_script")" \ + DIP_AGENT_DIR="$(dirname "$(readlink -f "$hook_script")")" \ + DIP_BASE_DIR="${script_dir}" \ + DIP_CUR_IP="$1" \ + DIP_OLD_IP="$2" \ + DIP_RECORD="$3" \ + "$hook_script" "$@" + then + logerr "WARNING: Agent $(basename "$hook_script") had errors" let errors++ fi done < <(run-parts "${hook_dir}") - return $errors + return "$errors" } run-update() { @@ -335,14 +283,8 @@ run-update() { local eip=$2 local rec=$3 - if [[ "$cip" != "$eip" ]] - then - run-hook "${script_dir}/update.d" "$cip" "$eip" "$rec" - err=$? - - if [[ $err -gt 0 ]]; then - return $err - fi + if [[ "$cip" != "$eip" ]]; then + run-hook "${script_dir}/update.d" "$cip" "$eip" "$rec" || return $? else log "No change detected" fi @@ -381,12 +323,12 @@ getCurrentIP() { case "$iptype" in 4) log "Checking if internet IP has changed for $record" - currentip=$(getCurrentLocalIP 4) || return $? + currentip=$(getCurrentLocalIP 4) || return "$?" externalip=$(getDnsRecord "$record" "A") || return 2 return 0 ;; 6) log "Checking if internet IPv6 has changed for $record" - currentip=$(getCurrentLocalIP 6) || return $? + currentip=$(getCurrentLocalIP 6) || return "$?" externalip=$(getDnsRecord "$record" "AAAA") || return 2 return 0 ;; @@ -402,19 +344,16 @@ check-update() { [[ -z "$record" ]] && return 1 getCurrentIP "$iptype" "$record" - err=$? + local status=$? - case $err in + case $status in 0) if [[ "$currentip" != "$externalip" ]]; then log "Updates found: $externalip is not $currentip" log "Running Agents for $record" - run-update "$currentip" "$externalip" "$record" - err=$? - - if [[ $err -ne 0 ]]; then - logerr "WARNING: Agents had $err errors" - else + if run-update "$currentip" "$externalip" "$record"; then log "Agents ran successfully" + else + logerr "WARNING: Agents had $? errors" fi else log "No change detected" @@ -429,7 +368,7 @@ check-update() { ;; *) logerr "Unknown fatal error occurred" logerr "(${BASH_SOURCE[0]}:${LINENO}): ${FUNCNAME[0]:+${FUNCNAME[0]}(): }" - exit $err + exit $status ;; esac } diff --git a/src/plugins/update-ipv4 b/src/plugins/update-ipv4 index 197cb4a..5d67c2c 100644 --- a/src/plugins/update-ipv4 +++ b/src/plugins/update-ipv4 @@ -7,15 +7,11 @@ if [[ -z "$check_record" ]]; then exit 1 else if [[ -r "$check_record" ]]; then - for d in $(getRecords "$check_record"); do - if check-update 4 "$d"; then - let updateerrors++ - fi - done + while read -r d; do + check-update 4 "$d" || let updateerrors++ + done < <(getRecords "$d") else - if check-update 4 "$check_record"; then - let updateerrors++ - fi + check-update 4 "$check_record" || let updateerrors++ fi fi diff --git a/src/plugins/update-ipv6 b/src/plugins/update-ipv6 index fecd57e..b71908c 100644 --- a/src/plugins/update-ipv6 +++ b/src/plugins/update-ipv6 @@ -7,15 +7,11 @@ if [[ -z "$check_record" ]]; then exit 1 else if [[ -r "$check_record" ]]; then - for d in $(getRecords "$check_record"); do - if ! check-update 6 "$check_record"; then - let updateerrors++ - fi - done + while read -r d; do + check-update 6 "$d" || let updateerrors++ + done < <(getRecords "$d") else - if ! check-update 6 "$check_record"; then - let updateerrors++ - fi + check-update 6 "$check_record" || let updateerrors++ fi fi