-
Notifications
You must be signed in to change notification settings - Fork 1
/
README
78 lines (66 loc) · 3.83 KB
/
README
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
Various scripts that, while useful, don't deserve a project of their own.
blcheck.sh:
A script, started from a forum post
(http://www.daemonforums.org/showthread.php?t=302), to check an IP on
a number of blacklists. It's not the most clever bit of code, but it
works. I modified it to make the output more appropriate for cron: it
doesn't have any when things are ok. It also has an exit code that
indicates how many blacklists you got a hit on.
I'm running it from cron as:
blcheck.sh $( ifconfig eth0 | grep 'inet addr' | awk '{print $2}' | awk -F: '{print $2}' )
which isn't the best commandline either, but it's not bad. If I had
puppet on here I'd probably use facter to get the IP.
named-svn-pre-commit.pl:
A Subversion pre-commit hook for my named config. Parts of it will be
pretty site-specific, but I imagine parts would be useful to someone
else. Assumptions:
* Your zones are in files called db.(zone name)
* You don't have any comments that look suspiciously like my serial
number line
* Your serial number line looks like:
(whitespace)YYYYMMDDNN(whitespace); Serial
The current code probably works if you've got any number in there,
but I make no guarantee of future working
I was pretty tired of people checking in zones without updating the
serial and the associated sadness that comes from it, so I wrote a
pre-commit hook. Totally bad effort per pain, but what the heck.
ssl-cert-pre-commit.sh:
A Subversion pre-commit hook to make sure that an SSL key and cert
match up. We have a few places in Puppet we keep SSL key/cert pairs,
and they're automatically deployed to servers. If they don't line up
(for instance, someone gets a new cert but doesn't copy the new key
in) Apache will blow up when restarted. Don't allow that.
Assumptions:
* Files are named (whatever).key and (whatever).crt
* They're in PEM format (though openssl may auto-detect the right
format for you, I haven't tested that)
check_activemq.pl:
A somewhat trivial Nagios check script for ActiveMQ. Our use case is
that we have a small number of queues that we want to monitor (not all
the available queues), and we just want to know if they have more than
N unconsumed messages in them. Easy! This relies on having access to
the web console of the activemq server and being able to grab the XML
formatted status page that lists all the queues. Let me know if
there's a cleaner way to do this, I don't exactly like it.
This is bodily borrowed from
http://exchange.nagios.org/directory/Tutorials/Other-Tutorials-And-HOWTOs/ActiveMQ-Monitoring-Scripts-For-Nagios/details
, but cleaned up quite a bit for our use.
check_ns_sanity.sh:
I had a bad experience. Namely, my nameservers lost their minds and
stopped serving up my zones. Not all of them, just enough to cause
customers to call in and say they couldn't see the site sporadically.
While we're fixing that, it's the sort of thing that should be
monitored.
I might add some additional checking to look for a specific record,
but right now I'm just concerned with "is anything there", which is
checked by asking for a SOA. Comparing serial numbers might be
clever, though it would alert any time we check during a cache refresh
(i.e. when we've made a change but not every slave has yet fetched
it). Eh.
git-cleanup:
My workflow for our company git projects is pretty simple:
Branch from master, do some stuff, PR it up, delete the branch once
it's accepted. However, sometimes it takes a while to get those PRs
merged. This script just walks through the branches (ignoring master)
and deletes them, both remotely and locally, if they're fully merged.
Is this useful for anyone else? I don't know.