adsb-feeder-image-loggy.sh

adsb-feeder-image-loggy.sh

#!/bin/bash
# CC0 - public domain
# We read the file
SANITISED_LOG=$(cat /opt/adsb/adsb-setup.log)

# We set vars to empty
SANITISE_VARS="""FEEDER_LAT FEEDER_LONG ADSBLOL_UUID AF_MICRO_IP ULTRAFEEDER_UUID FEEDER_1090UK_API_KEY
FEEDER_ADSBHUB_STATION_KEY FEEDER_FR24_SHARING_KEY FEEDER_FR24_UAT_SHARING_KEY
FEEDER_PLANEWATCH_API_KEY FEEDER_RADARBOX_SHARING_KEY FEEDER_RV_FEEDER_KEY
_ADSB_STATE_SSH_KEY FEEDER_PIAWARE_FEEDER_ID FEEDER_RADARBOX_SHARING_KEY FEEDER_RADARBOX_SN"""

# We set vars that cannot be empty, have to be stripped
IMPORTANT_VARS="FEEDER_LAT FEEDER_LONG ADSBLOL_UUID AF_MICRO_IP ULTRAFEEDER_UUID"

# For each
for VAR in $SANITISE_VARS; do
  # We get the value of the variable
  SECRET_VALUE=$(grep ^$VAR= /opt/adsb/config/.env | cut -d'=' -f2)
  # SECRET_VALUE is empty, and it is one of FEEDER_LAT FEEDER_LONG ADSBLOL_UUID, bail out
  if [ -z "$SECRET_VALUE" ] && [[ "$IMPORTANT_VARS" == *"$VAR"* ]]; then
    # If we are here, it means that the variable is empty, and it is one of the important ones
    echo "ERROR: $VAR is empty, this is a critical variable, exiting"
    exit 1
  fi
  # if it's empty, we skip
  if [ -z "$SECRET_VALUE" ]; then
    continue
  fi
  SANITISED_LOG=$(echo "$SANITISED_LOG" | sed "s/${SECRET_VALUE}/MY_REAL_${VAR}/g")
  # Otherwise we just strip it out, and put it back into SANITISED_LOG
done

# now get rid of anything that looks like an IP address
SANITISED_LOG=$(sed -r 's/((1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])/<hidden-ip-address>/g' <<< $SANITISED_LOG)
# finally, replace everything that looks like a uuid
SANITISED_LOG=$(sed -r 's/[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}/<hidden-uuid>/g' <<< $SANITISED_LOG)

# Then we echo the sanitised log
echo "$SANITISED_LOG"

how about this slight modification and extension:

#!/bin/bash
# CC0 - public domain

# We read the file
SANITISED_LOG=$(</opt/adsb/adsb-setup.log)

# We set vars to empty
SANITISE_VARS="""FEEDER_LAT FEEDER_LONG ADSBLOL_UUID AF_MICRO_IP ULTRAFEEDER_UUID FEEDER_1090UK_API_KEY
FEEDER_ADSBHUB_STATION_KEY FEEDER_FR24_SHARING_KEY FEEDER_FR24_UAT_SHARING_KEY
FEEDER_PLANEWATCH_API_KEY FEEDER_RADARBOX_SHARING_KEY FEEDER_RV_FEEDER_KEY
_ADSB_STATE_SSH_KEY FEEDER_PIAWARE_FEEDER_ID FEEDER_RADARBOX_SHARING_KEY FEEDER_RADARBOX_SN"""

# We set vars that cannot be empty, have to be stripped
IMPORTANT_VARS="FEEDER_LAT FEEDER_LONG ADSBLOL_UUID AF_MICRO_IP ULTRAFEEDER_UUID"

# For each
for VAR in $SANITISE_VARS; do
  # We get the value of the variable
  MY_VAR=$(grep ^$VAR= /opt/adsb/config/.env | cut -d'=' -f2)
  # MY_VAR is empty, and it is one of FEEDER_LAT FEEDER_LONG ADSBLOL_UUID, bail out
  if [ -z "$MY_VAR" ] ; then
    if [[ "$IMPORTANT_VARS" == *"$VAR"* ]]; then
      # If we are here, it means that the variable is empty, and it is one of the important ones
      echo "ERROR: $VAR is empty, this is a critical variable, exiting"
      exit 1
    fi
  else
    echo "handling ${MY_VARa} for ${VAR}"
    SANITISED_LOG=$(echo "$SANITISED_LOG" | sed "s/${MY_VAR}/MY_REAL_${VAR}/g")
    # Otherwise we just strip it out, and put it back into SANITISED_LOG
  fi
done
# now get rid of anything that looks like an IP address
SANITISED_LOG=$(sed -r 's/((1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])/<hidden-ip-address>/g' <<< $SANITISED_LOG)
# finally, replace everything that looks like a uuid
SANITISED_LOG=$(sed -r 's/[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}/<hidden-uuid>/g' <<< $SANITISED_LOG)
#
# Then we echo the sanitised log
echo "$SANITISED_LOG"

@dirkhh I added the last 2 seds, to replace IPs and UUIDs away, but I am not sure what this line does

echo "handling ${MY_VARa} for ${VAR}"

without the typo, ${MY_VAR} would have the 'sensitive' data, and we definitely don't want to print that, in fact, let me change that to $MY_SECRET_VALUE in the code so it's obvious we definitely don't want to print that

also added handling empty variables, because if we do sed s//foo/, sed gets rightfully upset