Skip to content

Instantly share code, notes, and snippets.

@job

job/gist:ea11fc59b2411e042eaad1c1b0213c74 Secret

Last active December 9, 2019 00:20
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save job/ea11fc59b2411e042eaad1c1b0213c74 to your computer and use it in GitHub Desktop.
Save job/ea11fc59b2411e042eaad1c1b0213c74 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
gistfile1.sh
#!/bin/bash
set -e
# script maintained by Job Snijders job@ntt.net
HC_URL=https://hc-ping.com/XXXXX
# Lock
LOCKFILE="/var/lock/$(basename $0)"
LOCKFD=99
_lock() { flock -$1 $LOCKFD; }
_no_more_locking() { _lock u; _lock xn && rm -f "$LOCKFILE"; }
_prepare_locking() { eval "exec $LOCKFD>\"$LOCKFILE\""; trap _no_more_locking EXIT; }
_prepare_locking
exlock_now() { _lock xn; } # obtain an exclusive lock immediately or fail
unlock() { _lock u; } # drop a lock
exlock_now || {
echo "ERROR: `basename $0` already running!"
exit 1
}
trap unlock EXIT
# prettify json
function pretty_json () {
(echo -e "{\n\"roas\": [";
jq -S -c '.roas[]' "$1" \
| sort \
| sed '$!s/$/,/;s/^/ /;s/,/, /g;s/:"/: "/g;s/Length":/Length": /;s/ $//'
echo -e "]\n}" ) > "${1}.tmp" \
&& mv "${1}.tmp" "${1}"
}
function make_cvs () {
jq -c '.roas[] | [.[] | tostring] | @csv' "${1}.json" \
| sed 's/[\\"]//g' \
| sort > "${1}.cvs.tmp" \
&& mv "${1}.cvs.tmp" "${1}.cvs"
}
WAITPERIOD=$((RANDOM % 150))
echo "Waiting ${WAITPERIOD} seconds..." && sleep ${WAITPERIOD}
curl -fsS --retry 3 ${HC_URL}/start
date
# rsync & validation via rpki-client
####################################
cd /root/.rpki-cache/tals
timeout -k 1100 900 /usr/local/bin/rpki-client -j -v \
-t afrinic.tal -t apnic.tal -t arin.tal -t lacnic.tal -t ripe.tal \
/var/www/html/export-rpki-client.json.tmp 2>&1 \
&& pretty_json /var/www/html/export-rpki-client.json.tmp \
&& mv /var/www/html/export-rpki-client.json.tmp /var/www/html/export-rpki-client.json
# make CVS for rpki-client
make_cvs /var/www/html/export-rpki-client
# Routinator
############
timeout -k 1100 900 /root/.cargo/bin/routinator -v vrps -n -f json \
-o /var/www/html/export-routinator.json.tmp 2>&1 \
&& pretty_json /var/www/html/export-routinator.json.tmp \
&& mv /var/www/html/export-routinator.json.tmp /var/www/html/export-routinator.json
# make RPSL with routinator
timeout -k 1100 900 /root/.cargo/bin/routinator -v vrps -n -f rpsl \
-o /var/www/html/export.rpsl.tmp 2>&1 \
&& awk -vRS="" -vFS='\n' -vOFS='@@@@@@@' '$1=$1' /var/www/html/export.rpsl.tmp \
| sort \
| sed 's/$/\n/;s/@@@@@@@/\n/g' \
| egrep -v "last-modified: |created: " > /var/www/html/export.rpsl.2.tmp \
&& mv /var/www/html/export.rpsl.2.tmp /var/www/html/export.rpsl
rm /var/www/html/export.rpsl.tmp
# make CVS for routinator
make_cvs /var/www/html/export-routinator
cd /var/www/html
# make validation comparison to assess whether we are good or not
if [ "$(sha256sum < export-routinator.cvs)" = "$(sha256sum < export-rpki-client.cvs)" ]; then
cp export-rpki-client.json export.json
cp export-rpki-client.cvs export.cvs
date
ls -lahtr /var/www/html/
git add -- *
git commit -am 'commit'
curl -fsS --retry 3 ${HC_URL} # Mark ourselves as safe
exit 0
else
# Collect debugging information
set +e
TMPDIR=$(mktemp -d /tmp/rpki-repository.XXXXXXXXX)
echo
echo "ERROR: something went wrong... saving data to ${TMPDIR}/"
echo
cp /root/run-validation "${TMPDIR}/"
ls -lahtr /var/www/html/
wc -l /var/www/html/*
diff -u /var/www/html/export-routinator.cvs /var/www/html/export-rpki-client.cvs
rsync -a /var/cache/rpki-client/ "${TMPDIR}/"
rsync -a /var/www/html/* "${TMPDIR}/"
du -sh "${TMPDIR}"
date
curl -fsS --retry 3 "${HC_URL}/fail"
exit 1
fi
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment