Further code cleanup from online reviews

This commit is contained in:
Eric Renfro 2017-08-20 00:07:59 -04:00
parent fe249830ed
commit 9e06db14c7
5 changed files with 126 additions and 198 deletions

View file

@ -4,36 +4,34 @@
source "${DIP_FUNCTIONS}" source "${DIP_FUNCTIONS}"
if [[ -r "${DIP_BASE_DIR}/conf.d/${DIP_AGENT_NAME}.conf" ]]; then [[ -r "${DIP_BASE_DIR}/conf.d/${DIP_AGENT_NAME}.conf" ]] && \
source "${DIP_BASE_DIR}/conf.d/${DIP_AGENT_NAME}.conf" source "${DIP_BASE_DIR}/conf.d/${DIP_AGENT_NAME}.conf"
fi
if [[ -r "${DIP_BASE_DIR}/conf.d/${DIP_AGENT_EXEC}.conf" ]]; then [[ -r "${DIP_BASE_DIR}/conf.d/${DIP_AGENT_EXEC}.conf" ]] && \
source "${DIP_BASE_DIR}/conf.d/${DIP_AGENT_EXEC}.conf" source "${DIP_BASE_DIR}/conf.d/${DIP_AGENT_EXEC}.conf"
fi
if [[ -z "$agent_aws_sg_id" ]]; then if [[ -z "$agent_aws_sg_id" ]]; then
logerr "ERROR: Need 'agent_aws_sg_id' to be defined to your Security Group ID" logerr "ERROR: Need 'agent_aws_sg_id' to be defined to your Security Group ID"
exit 99 exit 99
fi fi
if [[ -d "${DIP_BASE_DIR}/aws" ]]; then if [[ -d "${DIP_BASE_DIR}/aws" ]]; then
if [[ ! -r "${DIP_BASE_DIR}/aws/config" ]]; then if [[ ! -r "${DIP_BASE_DIR}/aws/config" ]]; then
logerr "ERROR: AWS config file not found: '${DIP_BASE_DIR}/aws/config'" logerr "ERROR: AWS config file not found: '${DIP_BASE_DIR}/aws/config'"
exit 99 exit 99
elif [[ ! -r "${DIP_BASE_DIR}/aws/credentials" ]]; then elif [[ ! -r "${DIP_BASE_DIR}/aws/credentials" ]]; then
logerr "ERROR: AWS credentials file not found: '${DIP_BASE_DIR}/aws/credentials'" logerr "ERROR: AWS credentials file not found: '${DIP_BASE_DIR}/aws/credentials'"
exit 99 exit 99
else else
export AWS_CONFIG_FILE="${DIP_BASE_DIR}/aws/config" export AWS_CONFIG_FILE="${DIP_BASE_DIR}/aws/config"
export AWS_SHARED_CREDENTIALS_FILE="${DIP_BASE_DIR}/aws/credentials" export AWS_SHARED_CREDENTIALS_FILE="${DIP_BASE_DIR}/aws/credentials"
fi fi
else else
logerr "ERROR: AWS config directory not found. '${DIP_BASE_DIR}/aws/' is expected to exist and contain 'config' and 'credentials' for AWS access." logerr "ERROR: AWS config directory not found. '${DIP_BASE_DIR}/aws/' is expected to exist and contain 'config' and 'credentials' for AWS access."
exit 99 exit 99
fi fi
if [[ -z "$DIP_CUR_IP" ]] || [[ -z "$DIP_OLD_IP" ]]; then if [[ -z "$DIP_CUR_IP" || -z "$DIP_OLD_IP" ]]; then
logerr "ERROR: Agent expects currentip, and existingip." logerr "ERROR: Agent expects currentip, and existingip."
exit 98 exit 98
fi fi
@ -42,25 +40,24 @@ fi
# Main # Main
if valid_ipv4 "$DIP_CUR_IP"; then if valid_ipv4 "$DIP_CUR_IP"; then
if [[ "${DIP_CUR_IP}/32" = "${DIP_OLD_IP}/32" ]]; then if [[ "${DIP_CUR_IP}/32" = "${DIP_OLD_IP}/32" ]]; then
log "No changes required." log "No changes required."
else else
log "Updating Security Group IP" log "Updating Security Group IP"
aws ec2 revoke-security-group-ingress --group-id "${agent_aws_sg_id}" --ip-permissions "[{\"IpProtocol\": \"-1\", \"IpRanges\": [{\"CidrIp\": \"${DIP_OLD_IP}/32\"}]}]" aws ec2 revoke-security-group-ingress --group-id "${agent_aws_sg_id}" --ip-permissions "[{\"IpProtocol\": \"-1\", \"IpRanges\": [{\"CidrIp\": \"${DIP_OLD_IP}/32\"}]}]"
aws ec2 authorize-security-group-ingress --group-id "${agent_aws_sg_id}" --ip-permissions "[{\"IpProtocol\": \"-1\", \"IpRanges\": [{\"CidrIp\": \"${DIP_CUR_IP}/32\"}]}]" aws ec2 authorize-security-group-ingress --group-id "${agent_aws_sg_id}" --ip-permissions "[{\"IpProtocol\": \"-1\", \"IpRanges\": [{\"CidrIp\": \"${DIP_CUR_IP}/32\"}]}]"
fi fi
fi fi
if valid_ipv6 "$DIP_CUR_IP"; then if valid_ipv6 "$DIP_CUR_IP"; then
currentprefix=$(getIPv6Prefix $DIP_CUR_IP) currentprefix=$(getIPv6Prefix "$DIP_CUR_IP")
existingprefix=$(getIPv6Prefix $DIP_OLD_IP) existingprefix=$(getIPv6Prefix "$DIP_OLD_IP")
if [[ "$currentprefix" = "$existingprefix" ]]; then if [[ "$currentprefix" = "$existingprefix" ]]; then
log "No changes required." log "No changes required."
else else
log "Updating Security Group IPv6" log "Updating Security Group IPv6"
aws ec2 revoke-security-group-ingress --group-id "${agent_aws-sg_id}" --ip-permissions "[{\"IpProtocol\": \"-1\", \"Ipv6Ranges\": [{\"CidrIpv6\": \"${existingprefix}\"}]}]" aws ec2 revoke-security-group-ingress --group-id "${agent_aws-sg_id}" --ip-permissions "[{\"IpProtocol\": \"-1\", \"Ipv6Ranges\": [{\"CidrIpv6\": \"${existingprefix}\"}]}]"
aws ec2 authorize-security-group-ingress --group-id "${agent_aws-sg_id}" --ip-permissions "[{\"IpProtocol\": \"-1\", \"Ipv6Ranges\": [{\"CidrIpv6\": \"${currentprefix}\"}]}]" aws ec2 authorize-security-group-ingress --group-id "${agent_aws-sg_id}" --ip-permissions "[{\"IpProtocol\": \"-1\", \"Ipv6Ranges\": [{\"CidrIpv6\": \"${currentprefix}\"}]}]"
fi fi
fi fi

View file

@ -13,24 +13,24 @@ if [[ -r "${DIP_BASE_DIR}/conf.d/${DIP_AGENT_EXEC}.conf" ]]; then
fi fi
if [[ -z "$agent_update_dns_r53_id" ]]; then if [[ -z "$agent_update_dns_r53_id" ]]; then
logerr "ERROR: Need 'agent_update_dns_r53_id' to be defined to your Route53 Domain ID" logerr "ERROR: Need 'agent_update_dns_r53_id' to be defined to your Route53 Domain ID"
exit 99 exit 99
fi fi
if [[ -d "${DIP_BASE_DIR}/aws" ]]; then if [[ -d "${DIP_BASE_DIR}/aws" ]]; then
if [[ ! -r "${DIP_BASE_DIR}/aws/config" ]]; then if [[ ! -r "${DIP_BASE_DIR}/aws/config" ]]; then
logerr "ERROR: AWS config file not found: '${DIP_BASE_DIR}/aws/config'" logerr "ERROR: AWS config file not found: '${DIP_BASE_DIR}/aws/config'"
exit 99 exit 99
elif [[ ! -r "${DIP_BASE_DIR}/aws/credentials" ]]; then elif [[ ! -r "${DIP_BASE_DIR}/aws/credentials" ]]; then
logerr "ERROR: AWS credentials file not found: '${DIP_BASE_DIR}/aws/credentials'" logerr "ERROR: AWS credentials file not found: '${DIP_BASE_DIR}/aws/credentials'"
exit 99 exit 99
else else
export AWS_CONFIG_FILE="${DIP_BASE_DIR}/aws/config" export AWS_CONFIG_FILE="${DIP_BASE_DIR}/aws/config"
export AWS_SHARED_CREDENTIALS_FILE="${DIP_BASE_DIR}/aws/credentials" export AWS_SHARED_CREDENTIALS_FILE="${DIP_BASE_DIR}/aws/credentials"
fi fi
else else
logerr "ERROR: AWS config directory not found. '${DIP_BASE_DIR}/aws/' is expected to exist and contain 'config' and 'credentials' for AWS access." logerr "ERROR: AWS config directory not found. '${DIP_BASE_DIR}/aws/' is expected to exist and contain 'config' and 'credentials' for AWS access."
exit 99 exit 99
fi fi
if [[ -z "$DIP_CUR_IP" ]] || [[ -z "$DIP_OLD_IP" ]] || [[ -z "$DIP_RECORD" ]]; then if [[ -z "$DIP_CUR_IP" ]] || [[ -z "$DIP_OLD_IP" ]] || [[ -z "$DIP_RECORD" ]]; then
@ -42,11 +42,11 @@ fi
# Main # Main
if valid_ipv4 "$DIP_CUR_IP"; then if valid_ipv4 "$DIP_CUR_IP"; then
log "Updating Route53 DNS IPv4 Record" log "Updating Route53 DNS IPv4 Record"
/usr/local/bin/cli53 rc --replace "$agent_update_dns_r53_id" "${DIP_RECORD}. 300 A ${DIP_CUR_IP}" /usr/local/bin/cli53 rc --replace "$agent_update_dns_r53_id" "${DIP_RECORD}. 300 A ${DIP_CUR_IP}"
fi fi
if valid_ipv6 "$DIP_CUR_IP"; then if valid_ipv6 "$DIP_CUR_IP"; then
log "Updating Route53 DNS IPv6 Record" log "Updating Route53 DNS IPv6 Record"
/usr/local/bin/cli53 rc --replace "$agent_update_dns_r53_id" "${DIP_RECORD}. 300 AAAA ${DIP_CUR_IP}" /usr/local/bin/cli53 rc --replace "$agent_update_dns_r53_id" "${DIP_RECORD}. 300 AAAA ${DIP_CUR_IP}"
fi fi

View file

@ -11,7 +11,9 @@ trim() {
var=${var##+([[:space:]])} var=${var##+([[:space:]])}
var=${var%%+([[:space:]])} var=${var%%+([[:space:]])}
(( extglobWasOff )) && shopt -u extglob (( extglobWasOff )) && shopt -u extglob
echo -n "$var" #echo -n "$var"
var=${var%%\#*}
printf '%s' "$var"
} }
detect_ip_version() { detect_ip_version() {
@ -47,11 +49,17 @@ valid_ipv4() {
if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then
IFS='.' read -ra ipaddr <<< "$ip" IFS='.' read -ra ipaddr <<< "$ip"
[[ ${ipaddr[0]} -le 255 && ${ipaddr[1]} -le 255 \ [[ $((10#${ipaddr[0]})) -le 255 \
&& ${ipaddr[2]} -le 255 && ${ipaddr[3]} -le 255 ]] && $((10#${ipaddr[0]})) -gt 0 \
&& $((10#${ipaddr[1]})) -le 255 \
&& $((10#${ipaddr[1]})) -gt -1 \
&& $((10#${ipaddr[2]})) -le 255 \
&& $((10#${ipaddr[2]})) -gt -1 \
&& $((10#${ipaddr[3]})) -le 255 \
&& $((10#${ipaddr[3]})) -gt -1 ]]
stat=$? stat=$?
fi fi
return $stat return "$stat"
} }
valid_ipv6() { valid_ipv6() {
@ -84,53 +92,32 @@ getRecords() {
getIPv4() { getIPv4() {
local result local result
local err local cmd
local -a checks
if [[ ! -f "${script_dir}/checks.lst" ]] [[ ! -r "${script_dir}/checks.lst" ]] && return 1
then
return 1
else
mapfile -t checks < "${script_dir}/checks.lst"
fi
for i in "${checks[@]}" while read -r cmd; do
do cmd=$(trim "$cmd")
i=$(trim "$i") [[ "$cmd" == \#* ]] && continue
[[ ${i:0:1} == '#' ]] && continue [[ -n "$cmd" ]] || continue
[[ -z "$i" ]] && continue
result=$($i) result=$($cmd) || continue
err=$?
if [[ $err -ne 0 ]] if valid_ipv4 "$result"; then
then echo "$result"
continue return 0
fi fi
done <"${script_dir}/checks.lst"
if valid_ipv4 "$result" return 1
then
echo "$result"
return 0
fi
done
return 1
} }
getIPv6() { getIPv6() {
local result local result
local err
result=$(/sbin/ip -6 addr | grep inet6 | awk -F '[ \t]+|/' '{print $3}' | grep -v ^::1 | grep -v ^fe80) result=$(/sbin/ip -6 addr | grep inet6 | awk -F '[ \t]+|/' '{print $3}' | grep -v ^::1 | grep -v ^fe80) || return 1
err=$?
if [[ $err -ne 0 ]]; then if valid_ipv6 "$result"; then
return 1
elif valid_ipv6 "$result"; then
echo "$result" echo "$result"
return 0
else
return 0
fi fi
} }
@ -138,56 +125,39 @@ getDnsNS() {
local rec=$1 local rec=$1
local domain local domain
local result local result
local err
domain=$(sed 's/[^.]*\.\([^.]*\..*\)/\1/' <<<"$rec") domain=$(sed 's/[^.]*\.\([^.]*\..*\)/\1/' <<<"$rec")
result=$(dig +short @8.8.8.8 NS "$domain" | sed -e 's/.$//') while read -r result; do
err=$? echo "$result"
done < <(dig +short @8.8.8.8 NS "$domain" | sed -e 's/.$//')
if [[ $err -eq 0 ]]
then
for d in $result
do
echo "$d"
done
else
logerr "ERROR"
return $err
fi
} }
getDnsRecord() { getDnsRecord() {
local rec=$1 local rec=$1
local rectype=$2 local rectype=$2
local result local result
local err local getrecord
for i in $(getDnsNS "$rec") while read -r getrecord; do
do [[ "$getrecord" == "ERROR" ]] && return 1
[[ "$i" = "ERROR" ]] && return 1
result=$(dig +short @"$i" "$rectype" "$rec" | head -n1) result=$(dig +short @"$getrecord" "$rectype" "$rec" | head -n1) || continue
err=$? [[ -z "$result" ]] && continue
if [[ $err -ne 0 ]] || [[ -z "$result" ]]; then if valid_ip "$result"; then
logerr "ERROR: DNS lookup for $i"
continue
elif valid_ip "$result"; then
echo "$result" echo "$result"
return 0 return 0
else else
logerr "ERROR: Lookup failed with: $result"
continue continue
fi fi
done done < <(getDnsNS "$rec")
return 1 return 1
} }
getIPv6Prefix() { getIPv6Prefix() {
local rec=$1 local rec=$1
local result local result
local err
if valid_ipv6 "$rec" if valid_ipv6 "$rec"
then then
@ -202,18 +172,11 @@ getIPv6Prefix() {
getZabbixProxyIP() { getZabbixProxyIP() {
local result local result
local err
result=$(awk -F "=" '/^Server/ { print $2 }' /etc/zabbix/zabbix_proxy.conf) result=$(awk -F "=" '/^Server/ { print $2 }' /etc/zabbix/zabbix_proxy.conf) || return 1
err=$?
if [[ $err -ne 0 ]] if valid_ip "$result"; then
then
return 1
elif valid_ip "$result"
then
echo "$result" echo "$result"
return 0
else else
return 1 return 1
fi fi
@ -221,18 +184,11 @@ getZabbixProxyIP() {
getShorewallIP() { getShorewallIP() {
local result local result
local err
result=$(awk -F "=" '/HOME_IP/ { print $2 }' /etc/shorewall/params) result=$(awk -F "=" '/HOME_IP/ { print $2 }' /etc/shorewall/params) || return 1
err=$?
if [[ $err -ne 0 ]] if valid_ip "$result"; then
then
return 1
elif valid_ip "$result"
then
echo "$result" echo "$result"
return 0
else else
return 1 return 1
fi fi
@ -240,18 +196,11 @@ getShorewallIP() {
getCachedIP() { getCachedIP() {
local result local result
local err
result=$(<"$HOME/.cached_ip") result=$(<"$HOME/.cached_ip") || return 1
err=$?
if [[ $err -ne 0 ]]; then if valid_ip "$result"; then
return 1
elif valid_ip "$result"; then
echo "$result" echo "$result"
return 0
else
return 0
fi fi
} }
@ -265,8 +214,8 @@ logerr() {
run-parts() { run-parts() {
# Ignore *~ and *, scripts # Ignore *~ and *, scripts
for i in $(LC_ALL=C; echo "${1%/}"/*[^~,]) ; do for i in ${1%/}/*[^~]; do
[[ -d $i ]] && continue [[ -d "$i" ]] && continue
# Don't run *.{rpmsave,rpmorig,rpmnew,swp,cfsaved} scripts # Don't run *.{rpmsave,rpmorig,rpmnew,swp,cfsaved} scripts
[[ "${i%.cfsaved}" != "${i}" ]] && continue [[ "${i%.cfsaved}" != "${i}" ]] && continue
[[ "${i%.rpmsave}" != "${i}" ]] && continue [[ "${i%.rpmsave}" != "${i}" ]] && continue
@ -308,26 +257,25 @@ run-hook() {
return 0 return 0
fi fi
while read -r hook_script while read -r hook_script; do
do
log "Running agent: $(basename "$hook_script")" log "Running agent: $(basename "$hook_script")"
DIP_FUNCTIONS="$(readlink -f "$0")" \ if ! \
DIP_AGENT_NAME="$(basename "$(readlink -f "$hook_script")")" \ DIP_FUNCTIONS="$(readlink -f "$0")" \
DIP_AGENT_EXEC="$(basename "$hook_script")" \ DIP_AGENT_NAME="$(basename "$(readlink -f "$hook_script")")" \
DIP_AGENT_DIR="$(dirname "$(readlink -f "$hook_script")")" \ DIP_AGENT_EXEC="$(basename "$hook_script")" \
DIP_BASE_DIR="${script_dir}" \ DIP_AGENT_DIR="$(dirname "$(readlink -f "$hook_script")")" \
DIP_CUR_IP="$1" \ DIP_BASE_DIR="${script_dir}" \
DIP_OLD_IP="$2" \ DIP_CUR_IP="$1" \
DIP_RECORD="$3" \ DIP_OLD_IP="$2" \
"$hook_script" "$@" DIP_RECORD="$3" \
err=$? "$hook_script" "$@"
then
if [[ $err -ne 0 ]]; then logerr "WARNING: Agent $(basename "$hook_script") had errors"
let errors++ let errors++
fi fi
done < <(run-parts "${hook_dir}") done < <(run-parts "${hook_dir}")
return $errors return "$errors"
} }
run-update() { run-update() {
@ -335,14 +283,8 @@ run-update() {
local eip=$2 local eip=$2
local rec=$3 local rec=$3
if [[ "$cip" != "$eip" ]] if [[ "$cip" != "$eip" ]]; then
then run-hook "${script_dir}/update.d" "$cip" "$eip" "$rec" || return $?
run-hook "${script_dir}/update.d" "$cip" "$eip" "$rec"
err=$?
if [[ $err -gt 0 ]]; then
return $err
fi
else else
log "No change detected" log "No change detected"
fi fi
@ -381,12 +323,12 @@ getCurrentIP() {
case "$iptype" in case "$iptype" in
4) log "Checking if internet IP has changed for $record" 4) log "Checking if internet IP has changed for $record"
currentip=$(getCurrentLocalIP 4) || return $? currentip=$(getCurrentLocalIP 4) || return "$?"
externalip=$(getDnsRecord "$record" "A") || return 2 externalip=$(getDnsRecord "$record" "A") || return 2
return 0 return 0
;; ;;
6) log "Checking if internet IPv6 has changed for $record" 6) log "Checking if internet IPv6 has changed for $record"
currentip=$(getCurrentLocalIP 6) || return $? currentip=$(getCurrentLocalIP 6) || return "$?"
externalip=$(getDnsRecord "$record" "AAAA") || return 2 externalip=$(getDnsRecord "$record" "AAAA") || return 2
return 0 return 0
;; ;;
@ -402,19 +344,16 @@ check-update() {
[[ -z "$record" ]] && return 1 [[ -z "$record" ]] && return 1
getCurrentIP "$iptype" "$record" getCurrentIP "$iptype" "$record"
err=$? local status=$?
case $err in case $status in
0) if [[ "$currentip" != "$externalip" ]]; then 0) if [[ "$currentip" != "$externalip" ]]; then
log "Updates found: $externalip is not $currentip" log "Updates found: $externalip is not $currentip"
log "Running Agents for $record" log "Running Agents for $record"
run-update "$currentip" "$externalip" "$record" if run-update "$currentip" "$externalip" "$record"; then
err=$?
if [[ $err -ne 0 ]]; then
logerr "WARNING: Agents had $err errors"
else
log "Agents ran successfully" log "Agents ran successfully"
else
logerr "WARNING: Agents had $? errors"
fi fi
else else
log "No change detected" log "No change detected"
@ -429,7 +368,7 @@ check-update() {
;; ;;
*) logerr "Unknown fatal error occurred" *) logerr "Unknown fatal error occurred"
logerr "(${BASH_SOURCE[0]}:${LINENO}): ${FUNCNAME[0]:+${FUNCNAME[0]}(): }" logerr "(${BASH_SOURCE[0]}:${LINENO}): ${FUNCNAME[0]:+${FUNCNAME[0]}(): }"
exit $err exit $status
;; ;;
esac esac
} }

View file

@ -7,15 +7,11 @@ if [[ -z "$check_record" ]]; then
exit 1 exit 1
else else
if [[ -r "$check_record" ]]; then if [[ -r "$check_record" ]]; then
for d in $(getRecords "$check_record"); do while read -r d; do
if check-update 4 "$d"; then check-update 4 "$d" || let updateerrors++
let updateerrors++ done < <(getRecords "$d")
fi
done
else else
if check-update 4 "$check_record"; then check-update 4 "$check_record" || let updateerrors++
let updateerrors++
fi
fi fi
fi fi

View file

@ -7,15 +7,11 @@ if [[ -z "$check_record" ]]; then
exit 1 exit 1
else else
if [[ -r "$check_record" ]]; then if [[ -r "$check_record" ]]; then
for d in $(getRecords "$check_record"); do while read -r d; do
if ! check-update 6 "$check_record"; then check-update 6 "$d" || let updateerrors++
let updateerrors++ done < <(getRecords "$d")
fi
done
else else
if ! check-update 6 "$check_record"; then check-update 6 "$check_record" || let updateerrors++
let updateerrors++
fi
fi fi
fi fi