Merge branch 'simple-task/7546-icinga-check-für-ablaufende-gitlab-tokens' into 'master'

Simple task/7546 icinga check für ablaufende gitlab tokens

See merge request !297

check_ceph_diskfree

@@ -22,11 +22,12 @@
 # 2023-06-19  v1.4  <axel.hahn@unibe.ch>      no more tmpfile
 # 2023-07-27  v1.5  <axel.hahn@unibe.ch>      update help page
 # 2023-10-20  v1.6  <axel.hahn@unibe.ch>      harden sudo command execution
+# 2025-02-12  v1.7  <axel.hahn@unibe.ch>      Show -w and -c param in help
 # ======================================================================
 
 . $(dirname $0)/inc_pluginfunctions
 
-export self_APPVERSION=1.6
+export self_APPVERSION=1.7
 
 typeset -i iWarning=0
 typeset -i iCritical=0
@@ -48,6 +49,9 @@ $(basename $0)
 OPTIONS:
     -h or --help   show this help.
 
+    -w VALUE       warning level  (default: 70)
+    -c VALUE       critical level (default: 90)
+  
 EOF
 }
 
@@ -68,8 +72,8 @@ esac
 ph.require ceph
 
 # set default / override from command line params
-typeset -i iWarnLimit=$(     ph.getValueWithParam 70 w "$@")
-typeset -i iCriticalLimit=$( ph.getValueWithParam 90 c "$@")
+typeset -i iWarnLimit;     iWarnLimit=$(     ph.getValueWithParam 70 w "$@")
+typeset -i iCriticalLimit; iCriticalLimit=$( ph.getValueWithParam 90 c "$@")
 
 if ! data=$( sudo -n /bin/ceph df 2>&1 )
 then

check_ssl

@@ -18,17 +18,18 @@
 # 2020-03-05  v1.1  <axel.hahn@iml.unibe.ch>  switch to ph.* helper functions
 # 2023-02-13  v1.2  <axel.hahn@unibe.ch>      some shell fixes
 # 2023-08-23  v1.3  <axel.hahn@unibe.ch>      fix wrong exitcode to "critical"
+# 2025-02-12  v1.4  <axel.hahn@unibe.ch>      add IML header in help; add warning and critical level
 # ======================================================================
 
 
 . $(dirname $0)/inc_pluginfunctions
 
+self_APPNAME=$( basename $0 | tr [:lower:] [:upper:] )
+self_APPVERSION=1.4
+
 sDomain=
 iPort=443
 
-
-iWarnDaysBefore=60
-
 typeset -i iErrors=0
 typeset -i iWarnings=0
 
@@ -40,13 +41,36 @@ sStatus=
 
 # show help with syntax
 function showHelp(){
-  echo
-  echo ----- SSL Check v1.0
-  echo
-  echo "SYNTAX: $(basename $0) [domain] [[port]]"
-  echo "   domain - domain to verify the ssl vertificate from (required)"
-  echo "   port   - port number to connect (default: 443)"
-  echo
+    _self=$( basename $0 )
+cat <<EOH
+$( ph.showImlHelpHeader )
+
+Check if ssl certificate of a given domain is still valid.
+You can check https or any other port of a ssl enabled service like LDAPS, 
+IMPAS and others.
+
+You can customize the values for warning and critical level.
+
+SYNTAX: $_self [options] DOMAIN [PORT]
+
+OPTIONS
+    -w VALUE  warning level for expiration in days (default: 28)
+    -c VALUE  critical level for expiration in days (default: 7)
+
+PARAMETERS
+    DOMAIN    domain to verify the ssl vertificate from (required)
+    PORT      optional: port number to connect (default: 443)
+
+
+EXAMPLES
+
+    $_self www.iml.unibe.ch 443
+        check https port 443
+
+    $_self -w 30 -c 14 ldap.example.com 636
+        check ldaps port 636 and set custom warning and critical level
+
+EOH
 }
 
 
@@ -61,16 +85,25 @@ function showHelp(){
 
 if [ $# -eq 0 ]; then
     showHelp
-    ph.abort
+    exit 0
 fi
 
 # --- start
 
-  sDomain=$1
-  if [ ! -z $2 ]; then
-    iPort=$2
-  fi
+# set default / override from command line params
+typeset -i iWarnLimit;     iWarnLimit=$(     ph.getValueWithParam 28 w "$@")
+typeset -i iCriticalLimit; iCriticalLimit=$( ph.getValueWithParam 7  c "$@")
 
+sParams="$*"
+sP1="$( rev <<< $sParams | cut -f 2 -d ' ' | rev )"
+sP2="$( rev <<< $sParams | cut -f 1 -d ' ' | rev )"
+
+if grep -q "^[0-9]*$" <<< $sP2; then
+    sDomain=$sP1
+    iPort=$sP2
+else
+    sDomain=$sP2
+fi
 
 # --- try to connect
 
@@ -102,19 +135,18 @@ function showHelp(){
 tsNow=$(date +%s)
 typeset -i iDaysLeft=($tsTo-$tsNow)/60/60/24
 
-
 # --- check date
 
 if [ ${tsFrom} -gt ${tsNow} ]; then
     ph.setStatus "critical"
     ph.status "certificate ${sDomain}:${iPort} is not valid yet - ${dateFrom}"
     else
-    if [ ${tsTo} -lt ${tsNow} ]; then
+        if [ ${tsTo} -lt ${tsNow} ]||[ ${iDaysLeft} -le $iCriticalLimit ]; then
             ph.setStatus "critical"
             ph.status "certificate ${sDomain}:${iPort} is out of date - ${dateTo} - ${iDaysLeft} days"
         else
             # --- check close ending day
-      if [ ${iDaysLeft} -lt ${iWarnDaysBefore} ]; then
+            if [ ${iDaysLeft} -lt ${iWarnLimit} ]; then
                 ph.setStatus "warning"
                 ph.status "certificate ${sDomain}:${iPort} is out of date - ${dateTo} - ${iDaysLeft} days"
             else

docs/20_Checks/_index.md

@@ -47,7 +47,7 @@
 * [check_snmp_data](check_snmp_data.md)
 * [check_snmp_printer](check_snmp_printer.md)
 * [check_snmp_synology](check_snmp_synology.md)
-* check_ssl
+* [check_ssl](check_ssl.md)
 * [check_ssl_certs](check_ssl_certs.md)
 * check_systemdservices
 * [check_systemdunit](check_systemdunit.md)

docs/20_Checks/check_ceph_diskfree.md

@@ -28,10 +28,12 @@ $ check_ceph_diskfree -h
 ______________________________________________________________________
 
 CHECK_CEPH_DISKFREE
-v1.6
+v1.7
 
 (c) Institute for Medical Education - University of Bern
 Licence: GNU GPL 3
+
+https://os-docs.iml.unibe.ch/icinga-checks/Checks/check_ceph_diskfree.html
 ______________________________________________________________________
 
 Show available and free space on a ceph cluster.
@@ -44,6 +46,10 @@ check_ceph_diskfree
 
 OPTIONS:
     -h or --help   show this help.
+
+    -w VALUE       warning level  (default: 70)
+    -c VALUE       critical level (default: 90)
+
 ```
 
 ### Parameters

docs/20_Checks/check_ssl.md

+## Check ssl
+
+Script: `check_ssl`
+
+**check_ssl_certs** is a plugin to check an ssl connection to a host on given port.
+
+## Requirements
+
+* openssl client
+
+## Standalone installation
+
+From this repository ypu need next to this script:
+
+* `inc_pluginfunctions` shared function for all IML checks written in bash
+
+## Syntax
+
+Start the script without params to get the help.
+
+```txt
+______________________________________________________________________
+
+CHECK_SSL
+v1.4
+
+(c) Institute for Medical Education - University of Bern
+Licence: GNU GPL 3
+
+https://os-docs.iml.unibe.ch/icinga-checks/Checks/check_ssl.html
+______________________________________________________________________
+
+Check if ssl certificate of a given domain is still valid.
+You can check https or any other port of a ssl enabled service like LDAPS, 
+IMPAS and others.
+
+You can customize the values for warning and critical level.
+
+SYNTAX: check_ssl [options] DOMAIN [PORT]
+
+OPTIONS
+    -w VALUE  warning level for expiration in days (default: 28)
+    -c VALUE  critical level for expiration in days (default: 7)
+
+PARAMETERS
+    DOMAIN    domain to verify the ssl vertificate from (required)
+    PORT      optional: port number to connect (default: 443)
+
+
+EXAMPLES
+
+    check_ssl www.iml.unibe.ch 443
+        check https port 443
+
+    check_ssl -w 30 -c 14 ldap.example.com 636
+        check ldaps port 636 and set custom warning and critical level
+
+```
+
+## Examples
+
+### Check Website with https
+
+To check a domain name on port 443 add the domain to connect as parameter. The port number 443 is default and not needed.
+
+```txt
+./check_ssl www.iml.unibe.ch
+OK: www.iml.unibe.ch:443 - valid to Apr 23 00:38:13 2025 GMT (69 days left)
+```
+
+### Check Ldaps
+
+```txt
+./check_ssl ldap.example.com 636
+OK: ldap.example.com:636 - valid to Apr  6 00:44:42 2025 GMT (52 days left)
+```

docs/30_Shared_functions/inc_pluginfunctions.md

@@ -163,7 +163,7 @@ Return default value or its override from command line.
 Syntax:
 
 ```text
-ph.getFileAge VALUE PARAMNAME "$@"
+ph.getValueWithParam VALUE PARAMNAME "$@"
 ```
 
 Parameters:
@@ -176,8 +176,8 @@ Example:
 
 ```shell
 # set default / override from command line params
-typeset -i iWarnLimit=$(     ph.getValueWithParam 75 w "$@")
-typeset -i iCriticalLimit=$( ph.getValueWithParam 90 c "$@")
+typeset -i iWarnLimit;     iWarnLimit=$(     ph.getValueWithParam 70 w "$@")
+typeset -i iCriticalLimit; iCriticalLimit=$( ph.getValueWithParam 90 c "$@")
 ```
 
 This will set variable iWarnLimit based on CLI parameter -w [value] ... if it does not exist it gets the default 75.