From d5c632e74f256da3c2c2ecd15931260a8748ed51 Mon Sep 17 00:00:00 2001 From: Benoit S Date: Thu, 21 Apr 2022 22:15:32 +0900 Subject: [PATCH] Add test condition when there are no errors Also log unjoinable instances --- tootpaste.sh | 104 +++++++++++++++++++++++++++++---------------------- 1 file changed, 60 insertions(+), 44 deletions(-) diff --git a/tootpaste.sh b/tootpaste.sh index 415f616..42948cc 100644 --- a/tootpaste.sh +++ b/tootpaste.sh @@ -40,52 +40,68 @@ accounts_cull() { # Remove instances that have an expired certificate from more than # TLS_EXPIRED_MAX_SEC - grep 'certificate has expired' "$CULL_LOG" \ - | awk '{print $NF}' \ - | cut -d'/' -f3 \ - | sort -u \ - > "$TLS_EXPIRED_LOG" + if grep -q 'certificate has expired' "$CULL_LOG"; then + grep 'certificate has expired' "$CULL_LOG" \ + | awk '{print $NF}' \ + | cut -d'/' -f3 \ + | sort -u \ + > "$TLS_EXPIRED_LOG" - while read -r instance; do - TLS_EXPIRED_TS=$( - date -d "$( - echo Q \ - | openssl s_client \ - -servername "$instance" \ - -connect "${instance}":443 \ - 2>/dev/null \ - | openssl x509 -noout -dates \ - | grep 'notAfter' \ - | cut -d'=' -f2 - )" +%s - ) - DATE_DIFF=$(($(date +%s) - TLS_EXPIRED_TS)) - if [[ $DATE_DIFF -gt $TLS_EXPIRED_MAX_SEC ]]; then - echo "${instance} has a certificate expired for more than TLS_EXPIRED_MAX_SEC, purging..." - $DRY_RUN \ - && $TOOTCTL domains purge \ - --concurrency "$DB_POOL" \ - --dry-run \ - "$instance" - $DRY_RUN \ - || $TOOTCTL domains purge \ - --concurrency "$DB_POOL" \ - "$instance" - fi - done < "$TLS_EXPIRED_LOG" + while read -r instance; do + TLS_EXPIRED_TS=$( + date -d "$( + echo Q \ + | openssl s_client \ + -servername "$instance" \ + -connect "${instance}":443 \ + 2>/dev/null \ + | openssl x509 -noout -dates \ + | grep 'notAfter' \ + | cut -d'=' -f2 + )" +%s + ) + DATE_DIFF=$(($(date +%s) - TLS_EXPIRED_TS)) + if [[ $DATE_DIFF -gt $TLS_EXPIRED_MAX_SEC ]]; then + echo "${instance} has a certificate expired for more than TLS_EXPIRED_MAX_SEC, purging..." + $DRY_RUN \ + && $TOOTCTL domains purge \ + --concurrency "$DB_POOL" \ + --dry-run \ + "$instance" + $DRY_RUN \ + || $TOOTCTL domains purge \ + --concurrency "$DB_POOL" \ + "$instance" + fi + done < "$TLS_EXPIRED_LOG" + fi - # Log other instances errors, then if they were already in the log, purge - # them - grep \ - -e 'certificate verify failed' \ - -e 'timed out' \ - -e 'sslv3 alert handshake failure' \ - -e 'TooManyRedirectsError' \ - "$CULL_LOG" \ - | awk '{print $NF}' \ - | cut -d'/' -f3 \ - | sort -u \ - > "$OTHER_ERRORS_LOG" + # Log other instances errors, then if they were already in the log, purge them + if grep -q 'https' "$CULL_LOG"; then + grep \ + -e 'certificate verify failed' \ + -e 'timed out' \ + -e 'sslv3 alert handshake failure' \ + -e 'TooManyRedirectsError' \ + -e 'EndlessRedirectError' \ + -e 'HostValidationError' \ + "$CULL_LOG" \ + | awk '{print $NF}' \ + | cut -d'/' -f3 \ + | sort -u \ + > "$OTHER_ERRORS_LOG" + fi + + # Log unjoinable instances, then if they were already in the log, purge them + if grep -q 'not available during the check:' "$CULL_LOG"; then + grep \ + -A 9999 \ + 'not available during the check:' \ + "$CULL_LOG" \ + | tail -n +2 \ + | sed -E 's/\s+//' \ + > "$OTHER_ERRORS_LOG" + fi test -f $PREV_ERRORS_LOG || touch $PREV_ERRORS_LOG while read -r instance; do