Last active
December 9, 2019 00:20
-
-
Save job/ea11fc59b2411e042eaad1c1b0213c74 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
set -e | |
# script maintained by Job Snijders job@ntt.net | |
HC_URL=https://hc-ping.com/XXXXX | |
# Lock | |
LOCKFILE="/var/lock/$(basename $0)" | |
LOCKFD=99 | |
_lock() { flock -$1 $LOCKFD; } | |
_no_more_locking() { _lock u; _lock xn && rm -f "$LOCKFILE"; } | |
_prepare_locking() { eval "exec $LOCKFD>\"$LOCKFILE\""; trap _no_more_locking EXIT; } | |
_prepare_locking | |
exlock_now() { _lock xn; } # obtain an exclusive lock immediately or fail | |
unlock() { _lock u; } # drop a lock | |
exlock_now || { | |
echo "ERROR: `basename $0` already running!" | |
exit 1 | |
} | |
trap unlock EXIT | |
# prettify json | |
function pretty_json () { | |
(echo -e "{\n\"roas\": ["; | |
jq -S -c '.roas[]' "$1" \ | |
| sort \ | |
| sed '$!s/$/,/;s/^/ /;s/,/, /g;s/:"/: "/g;s/Length":/Length": /;s/ $//' | |
echo -e "]\n}" ) > "${1}.tmp" \ | |
&& mv "${1}.tmp" "${1}" | |
} | |
function make_cvs () { | |
jq -c '.roas[] | [.[] | tostring] | @csv' "${1}.json" \ | |
| sed 's/[\\"]//g' \ | |
| sort > "${1}.cvs.tmp" \ | |
&& mv "${1}.cvs.tmp" "${1}.cvs" | |
} | |
WAITPERIOD=$((RANDOM % 150)) | |
echo "Waiting ${WAITPERIOD} seconds..." && sleep ${WAITPERIOD} | |
curl -fsS --retry 3 ${HC_URL}/start | |
date | |
# rsync & validation via rpki-client | |
#################################### | |
cd /root/.rpki-cache/tals | |
timeout -k 1100 900 /usr/local/bin/rpki-client -j -v \ | |
-t afrinic.tal -t apnic.tal -t arin.tal -t lacnic.tal -t ripe.tal \ | |
/var/www/html/export-rpki-client.json.tmp 2>&1 \ | |
&& pretty_json /var/www/html/export-rpki-client.json.tmp \ | |
&& mv /var/www/html/export-rpki-client.json.tmp /var/www/html/export-rpki-client.json | |
# make CVS for rpki-client | |
make_cvs /var/www/html/export-rpki-client | |
# Routinator | |
############ | |
timeout -k 1100 900 /root/.cargo/bin/routinator -v vrps -n -f json \ | |
-o /var/www/html/export-routinator.json.tmp 2>&1 \ | |
&& pretty_json /var/www/html/export-routinator.json.tmp \ | |
&& mv /var/www/html/export-routinator.json.tmp /var/www/html/export-routinator.json | |
# make RPSL with routinator | |
timeout -k 1100 900 /root/.cargo/bin/routinator -v vrps -n -f rpsl \ | |
-o /var/www/html/export.rpsl.tmp 2>&1 \ | |
&& awk -vRS="" -vFS='\n' -vOFS='@@@@@@@' '$1=$1' /var/www/html/export.rpsl.tmp \ | |
| sort \ | |
| sed 's/$/\n/;s/@@@@@@@/\n/g' \ | |
| egrep -v "last-modified: |created: " > /var/www/html/export.rpsl.2.tmp \ | |
&& mv /var/www/html/export.rpsl.2.tmp /var/www/html/export.rpsl | |
rm /var/www/html/export.rpsl.tmp | |
# make CVS for routinator | |
make_cvs /var/www/html/export-routinator | |
cd /var/www/html | |
# make validation comparison to assess whether we are good or not | |
if [ "$(sha256sum < export-routinator.cvs)" = "$(sha256sum < export-rpki-client.cvs)" ]; then | |
cp export-rpki-client.json export.json | |
cp export-rpki-client.cvs export.cvs | |
date | |
ls -lahtr /var/www/html/ | |
git add -- * | |
git commit -am 'commit' | |
curl -fsS --retry 3 ${HC_URL} # Mark ourselves as safe | |
exit 0 | |
else | |
# Collect debugging information | |
set +e | |
TMPDIR=$(mktemp -d /tmp/rpki-repository.XXXXXXXXX) | |
echo | |
echo "ERROR: something went wrong... saving data to ${TMPDIR}/" | |
echo | |
cp /root/run-validation "${TMPDIR}/" | |
ls -lahtr /var/www/html/ | |
wc -l /var/www/html/* | |
diff -u /var/www/html/export-routinator.cvs /var/www/html/export-rpki-client.cvs | |
rsync -a /var/cache/rpki-client/ "${TMPDIR}/" | |
rsync -a /var/www/html/* "${TMPDIR}/" | |
du -sh "${TMPDIR}" | |
date | |
curl -fsS --retry 3 "${HC_URL}/fail" | |
exit 1 | |
fi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment