From: Julien Cristau Date: Mon, 7 Aug 2017 20:31:03 +0000 (-0400) Subject: Export scheduled shutdowns to the web X-Git-Url: https://git.adam-barratt.org.uk/?a=commitdiff_plain;h=3c6ec3bea56f171d8864c0c8eb04680477e40c7b;p=mirror%2Fdsa-puppet.git Export scheduled shutdowns to the web Move logic from dsa2_shutdown nrpe command to a separate script, and use it to let http(s) clients know a shutdown is scheduled. --- diff --git a/modules/apache2/files/cron-export-scheduled-shutdown b/modules/apache2/files/cron-export-scheduled-shutdown new file mode 100644 index 000000000..213aa801d --- /dev/null +++ b/modules/apache2/files/cron-export-scheduled-shutdown @@ -0,0 +1,2 @@ +PATH=/usr/local/bin:/usr/bin:/bin +*/2 root if dsa-is-shutdown-scheduled; then echo 'system-in-shutdown' > /srv/www/default.debian.org/htdocs/shutdown-in-progress ; else rm -f /srv/www/default.debian.org/htdocs/shutdown-in-progress; fi diff --git a/modules/apache2/files/local-scheduled-shutdown b/modules/apache2/files/local-scheduled-shutdown new file mode 100644 index 000000000..53038713a --- /dev/null +++ b/modules/apache2/files/local-scheduled-shutdown @@ -0,0 +1 @@ +Alias /shutdown-in-progress /srv/www/default.debian.org/htdocs/shutdown-in-progress diff --git a/modules/apache2/manifests/init.pp b/modules/apache2/manifests/init.pp index 129c9d584..4f07934cb 100644 --- a/modules/apache2/manifests/init.pp +++ b/modules/apache2/manifests/init.pp @@ -185,4 +185,11 @@ class apache2 { content => template('apache2/ssl-key-pins.erb'), notify => Exec['service apache2 reload'], } + + file { '/etc/cron.d/puppet-export-scheduled-shutdown': + source => 'puppet:///modules/apache2/cron-export-scheduled-shutdown', + } + apache2::config { 'local-scheduled-shutdown': + source => 'puppet:///modules/apache2/local-scheduled-shutdown', + } } diff --git a/modules/debian_org/files/dsa-is-shutdown-scheduled b/modules/debian_org/files/dsa-is-shutdown-scheduled new file mode 100644 index 000000000..c23f2f2ed --- /dev/null +++ b/modules/debian_org/files/dsa-is-shutdown-scheduled @@ -0,0 +1,15 @@ +#!/bin/sh + +# sysvinit +if /usr/lib/nagios/plugins/check_procs -w 1: -u root -C shutdown > /dev/null; then + exit 0 +fi +# jessie +if /usr/lib/nagios/plugins/check_procs -w 1: -u root -a /lib/systemd/systemd-shutdownd > /dev/null; then + exit 0 +fi +# stretch +if busctl get-property org.freedesktop.login1 /org/freedesktop/login1 org.freedesktop.login1.Manager ScheduledShutdown 2> /dev/null | awk '$3 > 0 { t=$3 } END { exit (t == 0)}'; then + exit 0 +fi +exit 1 diff --git a/modules/debian_org/manifests/init.pp b/modules/debian_org/manifests/init.pp index fdb213570..622681369 100644 --- a/modules/debian_org/manifests/init.pp +++ b/modules/debian_org/manifests/init.pp @@ -251,6 +251,10 @@ class debian_org { owner => root, group => root, } + file { '/usr/local/bin/dsa-is-shutdown-in-progress': + source => 'puppet:///modules/debian_org/dsa-is-shutdown-in-progress', + mode => '0555', + } exec { 'dpkg-reconfigure tzdata -pcritical -fnoninteractive': path => '/usr/bin:/usr/sbin:/bin:/sbin', diff --git a/modules/nagios/templates/inc-debian.org.erb b/modules/nagios/templates/inc-debian.org.erb index 817366e71..821786689 100644 --- a/modules/nagios/templates/inc-debian.org.erb +++ b/modules/nagios/templates/inc-debian.org.erb @@ -22,7 +22,7 @@ out # if a system is running shutdown. We do not use check_nrpe's # exit code as that does not reliably tell us if the check could # not connect to the nrpe server or if the remote check returned not-null. -command[dsa2_shutdown]=if /usr/lib/nagios/plugins/check_procs -w 1: -u root -C shutdown > /dev/null || /usr/lib/nagios/plugins/check_procs -w 1: -u root -a /lib/systemd/systemd-shutdownd > /dev/null || ( busctl get-property org.freedesktop.login1 /org/freedesktop/login1 org.freedesktop.login1.Manager ScheduledShutdown 2> /dev/null | awk '$3 > 0 { t=$3; } END { exit (t == 0)}' ); then echo 'system-in-shutdown'; else echo 'no shutdown running' ; fi +command[dsa2_shutdown]=if /usr/local/bin/dsa-is-shutdown-scheduled; then echo 'system-in-shutdown'; else echo 'no shutdown running' ; fi command[restart-ekey]=sudo /usr/sbin/service ekeyd-egd-linux restart command[restart-samhain]=sudo /usr/sbin/service samhain restart command[restart-ekey]=sudo /usr/sbin/service ekeyd-egd-linux restart