176 lines
6.3 KiB
Bash
176 lines
6.3 KiB
Bash
# ------------------------------------------------------------------------------
|
|
# Install check_mk agent using xinetd superserver
|
|
# This file is part of the init.sh project
|
|
# Copyright (c) 2019-2023 Geoffray Levasseur <fatalerrors@geoffray-levasseur.org>
|
|
# ------------------------------------------------------------------------------
|
|
# This file is distributed under 3-clause BSD license.
|
|
# The complete license agreement can be obtained at:
|
|
# https://opensource.org/licenses/BSD-3-Clause
|
|
# ------------------------------------------------------------------------------
|
|
# Variable:
|
|
# * MK_SERVER: Server IP address
|
|
# * MK_SITE: The check_mk site (or instance) to use
|
|
# * MK_URL: The URL to use to download the agent
|
|
# * MK_SECRET: The secret to use to register the agent
|
|
# * MK_USER: The user to use to register
|
|
# ------------------------------------------------------------------------------
|
|
|
|
export VER_install_mkagent="0.1.0"
|
|
export DEP_install_mkagent=""
|
|
|
|
|
|
# ------------------------------------------------------------------------------
|
|
# Extract CheckMK version from the server
|
|
get_checkmk_version_from_server()
|
|
{
|
|
local ip="$1"
|
|
local site="${2:-$MK_SITE}"
|
|
local proto out v header
|
|
local re_version='[0-9]+\.[0-9]+(\.[0-9]+)?p?[0-9]+'
|
|
|
|
[[ -n "$MK_VERSION" ]] && { printf '%s' "$MK_VERSION"; return 0; }
|
|
|
|
for proto in http https; do
|
|
# 1) Tentative via version.py (souvent non protégée)
|
|
if out=$(curl -fsS --max-time 3 "$proto://$ip/$site/check_mk/version.py" 2>/dev/null); then
|
|
v=$(grep -oE "$re_version" <<<"$out" | head -n1)
|
|
[[ -n "$v" ]] && { printf '%s' "$v"; return 0; }
|
|
fi
|
|
|
|
# 2) Tentative via login.py (page de connexion)
|
|
if out=$(curl -fsS --max-time 3 "$proto://$ip/$site/check_mk/login.py" 2>/dev/null); then
|
|
v=$(grep -oE "$re_version" <<<"$out" | grep -vE '2\.[0-9]{1,3}\.[0-9]{2,3}' | head -n1)
|
|
[[ -n "$v" ]] && { printf '%s' "$v"; return 0; }
|
|
fi
|
|
|
|
# 3) En-têtes HTTP éventuels
|
|
header=$(curl -fsSI --max-time 3 "$proto://$ip/$site/" 2>/dev/null || true)
|
|
if [[ -n "$header" ]]; then
|
|
v=$(grep -oiE "$re_version" <<<"$header" | head -n1)
|
|
[[ -n "$v" ]] && { printf '%s' "$v"; return 0; }
|
|
fi
|
|
|
|
# 4) Fallback : page d'accueil, mais filtrer les faux positifs du JS
|
|
out=$(curl -fsS --max-time 5 "$proto://$ip/$site/" 2>/dev/null || true)
|
|
if [[ -n "$out" ]]; then
|
|
# Filtre plus strict : commence par 1.x ou 2.x et max 2 chiffres après le point
|
|
v=$(grep -oE "$re_version" <<<"$out" \
|
|
| grep -E '^2\.[0-9]+(\.[0-9]+)?p?[0-9]*$' \
|
|
| grep -vE '\.[0-9]{3,}' \
|
|
| head -n1)
|
|
[[ -n "$v" ]] && { printf '%s-1' "$v"; return 0; }
|
|
fi
|
|
done
|
|
|
|
return 1
|
|
}
|
|
|
|
install_mkagent()
|
|
{
|
|
local debfile="/tmp/check-mk-agent_latest_all.deb"
|
|
prnt I "Downloading CheckMK agent from: $MK_URL"
|
|
|
|
# try primary URL
|
|
if ! wget -q "$MK_URL" -O "$debfile"; then
|
|
prnt W "Primary download failed. Attempting to detect server version and fallback..."
|
|
local mkver
|
|
mkver=$(get_checkmk_version_from_server "$MK_SERVER_IP" 2>/dev/null || true)
|
|
|
|
if [[ -n "$mkver" ]]; then
|
|
prnt I "Detected Check_MK version: $mkver — building fallback URL"
|
|
# replace the literal 'latest' token in MK_URL with the detected version
|
|
local fallback_url
|
|
fallback_url="${MK_URL/latest/$mkver}"
|
|
prnt I "Trying fallback URL: $fallback_url"
|
|
if ! wget -q "$fallback_url" -O "$debfile"; then
|
|
prnt E "Fallback download with version $mkver failed."
|
|
die 163
|
|
fi
|
|
else
|
|
prnt E "Unable to detect Check_MK version on $MK_SERVER_IP and primary download failed."
|
|
die 163
|
|
fi
|
|
fi
|
|
|
|
# On non-systemd systems, install xinetd before the .deb to avoid postinst failures
|
|
if ! pidof systemd >/dev/null; then
|
|
pkginst xinetd
|
|
fi
|
|
|
|
# Install agent package
|
|
pkginst "$debfile"
|
|
rm -f "$debfile"
|
|
|
|
# Enable service depending on init system
|
|
if pidof systemd >/dev/null; then
|
|
systemctl enable --now check-mk-agent.socket
|
|
else
|
|
backup_dist /etc/xinetd.d/check-mk-agent
|
|
install_file cmk/check_mk /etc/xinetd.d/check-mk-agent
|
|
tag_file /etc/xinetd.d/check-mk-agent
|
|
sed -i -e "s/@MK_SERVER_IP@/$MK_SERVER_IP/" /etc/xinetd.d/check-mk-agent
|
|
svc_restart xinetd
|
|
fi
|
|
|
|
# Debian plugin
|
|
if [[ $PKG_MAN == "apt-get" ]]; then
|
|
mkdir -pv /usr/lib/check_mk_agent/plugins/3600
|
|
install_file cmk/mk_apt /usr/lib/check_mk_agent/plugins/3600/mk_apt
|
|
fi
|
|
|
|
# Registration (if secret provided)
|
|
if [[ -n $MK_SECRET ]]; then
|
|
local secret
|
|
prnt I "Fetching secret $MK_SECRET..."
|
|
secret=$(fetch_secret "$MK_SECRET")
|
|
if [[ -e /var/lib/cmk-agent/cmk-agent-ctl.gz ]]; then
|
|
gunzip -v -f /var/lib/cmk-agent/cmk-agent-ctl.gz
|
|
chmod -v +x /var/lib/cmk-agent/cmk-agent-ctl
|
|
fi
|
|
if [[ -x /var/lib/cmk-agent/cmk-agent-ctl ]]; then
|
|
/var/lib/cmk-agent/cmk-agent-ctl register \
|
|
--hostname "$HOSTNAME" \
|
|
--server "$MK_SERVER_IP" \
|
|
--site "$MK_SITE" \
|
|
--user "$MK_USER" \
|
|
--password "$secret"
|
|
else
|
|
prnt W "Agent control tool not found; skipping registration."
|
|
fi
|
|
unset secret
|
|
else
|
|
prnt W "No secret configured, agent cannot be registered."
|
|
fi
|
|
}
|
|
|
|
precheck_install_mkagent()
|
|
{
|
|
if [[ -z $MK_SITE ]]; then
|
|
prnt E "Undeclared check_mk site to use."
|
|
die 162
|
|
fi
|
|
if [[ -z $MK_URL ]]; then
|
|
prnt E "Undeclared check_mk download URL."
|
|
die 162
|
|
fi
|
|
if [[ -z $MK_SERVER_IP ]]; then
|
|
prnt E "Undeclared check_mk server."
|
|
die 162
|
|
fi
|
|
if [[ $PKG_MAN == "apt-get" ]]; then
|
|
file_must_exists cmk/check_mk cmk/mk_apt
|
|
fi
|
|
if [[ -z $MK_SECRET ]]; then
|
|
prnt W "No secret set for CheckMK, registration won't be possible."
|
|
if [[ -z $MK_USER ]]; then
|
|
prnt E "A CheckMK user is required to register."
|
|
die 162
|
|
fi
|
|
fi
|
|
}
|
|
|
|
export -f install_mkagent
|
|
export -f precheck_install_mkagent
|
|
|
|
# EOF
|