better error handling

author: Sam Chudnick <sam@chudnick.com> 2022-04-17 12:29:35 -0400
committer: Sam Chudnick <sam@chudnick.com> 2022-04-17 12:29:35 -0400
commit: ccc0e036fd52e84ce47af4ad11cb6ecd271309c0 (patch)
tree: 106b33afe8bf3ec61515f194261aa6ae531ab4e2
parent: 85c561f9a32f8f2b9ddf34e7d60ef4b7bf0d3680 (diff)
1 files changed, 47 insertions, 12 deletions
diff --git a/monitoring/icinga-agent b/monitoring/icinga-agent
index 328d65b..e4690fe 100755
--- a/monitoring/icinga-agent
+++ b/monitoring/icinga-agent
@@ -1,37 +1,72 @@
 #!/bin/sh
 #
-# Configirues an icinga2 agent (with on-demand csr signing)
+# Configures an icinga2 agent (with on-demand csr signing)
 icingauser="nagios"
 certdir="/etc/icinga2/pki"
 api_certdir="/var/lib/icinga2/certs"
 nodename="$(hostname)"
 global_zone="director-global"
-master_fqdn=""
+apikey=
+displayname=
+master_fqdn=
+help() {
+        echo "usage: icinga-agent --apikey apikey --display name --master master_fqdn"
+        echo "-a, --apikey:\t self-service api key to register with"
+        echo "-d, --display:\t display name for host in Icinga"
+        echo "-m, --master:\t full hostname of Icinga master (e.g. monitoring.example.com)"
+        exit 1
+}
+error() {
+        echo "error: $1"
+        exit 2
+}
+[ $(id -u) -ne 0 ] && echo "error: must be run as root" && exit 1
+opts=$(getopt -o "a:,d:,h,m:" -l "apikey:,display:,help,master:" -- "$@")
+eval set -- "$opts"
+while true
+do
+                case "$1" in
+                                '-a' | '--apikey') apikey="$2" shift 2; continue ;;
+                                '-d' | '--display') displayname="$2" shift 2; continue ;;
+                                '-m' | '--master') master_fqdn="$2" shift 2; continue ;;
+                                '-h' | '--help') help ;;
+                                '--') shift; break ;;
+                esac
+done
+[ -z "$apikey" ] && help
+[ -z "$displayname" ] && help
+[ -z "$master_fqdn" ] && help
 # Install packages
 apt install -y icinga2 monitoring-plugins monitoring-plugins-contrib
 # Register with master via self-service API
-apikey=""
-displayname=""
 # Not pretty but gets the job done
 dev="$(ip link | grep ^2: | head -1 | cut -d':' -f 2 | tr -d ' ')"
 ipv4="$(ip addr show $dev | grep "inet " | sed "s/^\s*//;s/\// /" | cut -d ' ' -f 2)"
 ipv6="$(ip addr show $dev | grep "inet6 " | sed "s/^\s*//;s/\// /" | cut -d ' ' -f 2)"
-result=$(curl -i "http://$master_fqdn/icingaweb2/director/self-service/register-host?name=$nodename&key=$apikey" \
+proto="http"
-         -H "Accept: application/json" \
+base="$proto://$master_fqdn/icingaweb2/director/self-service/register-host"
-         -X "POST" \
+url="$base?name=$nodename&key=$apikey"
-         -d "{\"display_name\":\"$displayname\",\"address\":\"$ipv4\",\"address6\":\"$ipv6\"}")
+result=$(curl -m 30 -i $url -H "Accept: application/json" -X "POST" \
-echo $result | grep -q error && \
+-d "{\"display_name\":\"$displayname\",\"address\":\"$ipv4\",\"address6\":\"$ipv6\"}" \
-                echo "error: unable to register with master (is the api key correct?)" && \
+|| error "unable to register with master")
-                exit 2
+echo $result | grep -q "error" && error "unable to register with master"
 # Initialize PKI with master
 icinga2 pki new-cert \
-                --cn "pbs.home.local" \
+                --cn "$nodename" \
                --cert "$certdir/$nodename.crt" \
                --csr "$certdir/$nodename.csr" \
                --key "$certdir/$nodename.key"
author	Sam Chudnick <sam@chudnick.com>	2022-04-17 12:29:35 -0400
committer	Sam Chudnick <sam@chudnick.com>	2022-04-17 12:29:35 -0400
commit	ccc0e036fd52e84ce47af4ad11cb6ecd271309c0 (patch)
tree	106b33afe8bf3ec61515f194261aa6ae531ab4e2
parent	85c561f9a32f8f2b9ddf34e7d60ef4b7bf0d3680 (diff)

diff --git a/monitoring/icinga-agent b/monitoring/icinga-agent index 328d65b..e4690fe 100755 --- a/monitoring/icinga-agent +++ b/monitoring/icinga-agent
@@ -1,37 +1,72 @@
1	#!/bin/sh	1	#!/bin/sh
2	#	2	#
3	# Configirues an icinga2 agent (with on-demand csr signing)	3	# Configures an icinga2 agent (with on-demand csr signing)
4		4
5	icingauser="nagios"	5	icingauser="nagios"
6	certdir="/etc/icinga2/pki"	6	certdir="/etc/icinga2/pki"
7	api_certdir="/var/lib/icinga2/certs"	7	api_certdir="/var/lib/icinga2/certs"
8	nodename="$(hostname)"	8	nodename="$(hostname)"
9	global_zone="director-global"	9	global_zone="director-global"
10	master_fqdn=""	10
		11	apikey=
		12	displayname=
		13	master_fqdn=
		14
		15	help() {
		16	echo "usage: icinga-agent --apikey apikey --display name --master master_fqdn"
		17	echo "-a, --apikey:\t self-service api key to register with"
		18	echo "-d, --display:\t display name for host in Icinga"
		19	echo "-m, --master:\t full hostname of Icinga master (e.g. monitoring.example.com)"
		20	exit 1
		21	}
		22
		23	error() {
		24	echo "error: $1"
		25	exit 2
		26	}
		27
		28	[ $(id -u) -ne 0 ] && echo "error: must be run as root" && exit 1
		29
		30	opts=$(getopt -o "a:,d:,h,m:" -l "apikey:,display:,help,master:" -- "$@")
		31	eval set -- "$opts"
		32	while true
		33	do
		34	case "$1" in
		35	'-a' \| '--apikey') apikey="$2" shift 2; continue ;;
		36	'-d' \| '--display') displayname="$2" shift 2; continue ;;
		37	'-m' \| '--master') master_fqdn="$2" shift 2; continue ;;
		38	'-h' \| '--help') help ;;
		39	'--') shift; break ;;
		40	esac
		41	done
		42
		43	[ -z "$apikey" ] && help
		44	[ -z "$displayname" ] && help
		45	[ -z "$master_fqdn" ] && help
		46
11		47
12	# Install packages	48	# Install packages
13	apt install -y icinga2 monitoring-plugins monitoring-plugins-contrib	49	apt install -y icinga2 monitoring-plugins monitoring-plugins-contrib
14		50
15	# Register with master via self-service API	51	# Register with master via self-service API
16	apikey=""
17	displayname=""
18	# Not pretty but gets the job done	52	# Not pretty but gets the job done
19	dev="$(ip link \| grep ^2: \| head -1 \| cut -d':' -f 2 \| tr -d ' ')"	53	dev="$(ip link \| grep ^2: \| head -1 \| cut -d':' -f 2 \| tr -d ' ')"
20	ipv4="$(ip addr show $dev \| grep "inet " \| sed "s/^\s*//;s/\// /" \| cut -d ' ' -f 2)"	54	ipv4="$(ip addr show $dev \| grep "inet " \| sed "s/^\s*//;s/\// /" \| cut -d ' ' -f 2)"
21	ipv6="$(ip addr show $dev \| grep "inet6 " \| sed "s/^\s*//;s/\// /" \| cut -d ' ' -f 2)"	55	ipv6="$(ip addr show $dev \| grep "inet6 " \| sed "s/^\s*//;s/\// /" \| cut -d ' ' -f 2)"
22		56
23	result=$(curl -i "http://$master_fqdn/icingaweb2/director/self-service/register-host?name=$nodename&key=$apikey" \	57	proto="http"
24	-H "Accept: application/json" \	58	base="$proto://$master_fqdn/icingaweb2/director/self-service/register-host"
25	-X "POST" \	59	url="$base?name=$nodename&key=$apikey"
26	-d "{\"display_name\":\"$displayname\",\"address\":\"$ipv4\",\"address6\":\"$ipv6\"}")	60	result=$(curl -m 30 -i $url -H "Accept: application/json" -X "POST" \
27	echo $result \| grep -q error && \	61	-d "{\"display_name\":\"$displayname\",\"address\":\"$ipv4\",\"address6\":\"$ipv6\"}" \
28	echo "error: unable to register with master (is the api key correct?)" && \	62	\|\| error "unable to register with master")
29	exit 2	63
		64	echo $result \| grep -q "error" && error "unable to register with master"
30		65
31		66
32	# Initialize PKI with master	67	# Initialize PKI with master
33	icinga2 pki new-cert \	68	icinga2 pki new-cert \
34	--cn "pbs.home.local" \	69	--cn "$nodename" \
35	--cert "$certdir/$nodename.crt" \	70	--cert "$certdir/$nodename.crt" \
36	--csr "$certdir/$nodename.csr" \	71	--csr "$certdir/$nodename.csr" \
37	--key "$certdir/$nodename.key"	72	--key "$certdir/$nodename.key"