add support for ssh

2026-05-24 02:24:51 +00:00 · 2020-06-07 17:45:23 +02:00 · 2020-06-07 17:45:23 +02:00 · 0af761a5f5
commit 0af761a5f5
parent 667128af86
2 changed files with 33 additions and 6 deletions
--- a/README.md
+++ b/README.md
@ -12,14 +12,21 @@ First, install and configure [signal-cli](https://github.com/AsamK/signal-cli)
 Then modify script and configure your sending number, recipient number and
 optionally path to java. I add PATH to signal-cli and java commands as well.

-Then at the bottom of the script, configure ping checks and URL string match
-checks.
+Then at the bottom of the script, configure ping checks, URL string match
+checks and successful ssh (key) authentication.

-check_ping takes one argument, which is the name of the server
+**check_ping** takes one argument, which is the name of the server

-check_url takes three arguments: "check identificator" (can be anything recognizable that can be a part of filename, such as hostname), URL and string to look for on the web page.
+**check_url** takes three arguments: "check identificator" (can be anything recognizable
+that can be a part of filename, such as hostname), URL and string to look for on the web page.

-The last signal-cli command just downloads all messages for this instance and
+**check_ssh** takes three arguments: username, hostname a optional port (otherwise it's 22).
+Make sure that ssh key authentication is working, because it does not simply check for open
+port, but if the authentication succeeds. It only needs to be able to run echo command, or
+you can configure the shell to just print "ssh_connection_ok" on stdout. It does not need
+to be able to execute any other commands.
+
+The last **signal-cli** command just downloads all messages for this instance and
 drops them. Use this if this script is the only user using this server to
 ease up storage requirements for signal servers and make sure that it does not
 store too much (encrypted) messages for you.
--- a/signal-monitoring.sh
+++ b/signal-monitoring.sh
@ -21,7 +21,7 @@ function log {

 # arguments: notify_text
 function notify {
-	echo $1 | signal-cli -u ${SIGNAL_USER} send $NOTIFY_NUMBER
+	echo $1 | signal-cli -u ${SIGNAL_USER} send $NOTIFY_NUMBER > /dev/null
 	log "Sending notification ${1}"
 }

@ -81,6 +81,24 @@ function check_url {
 			fi
 }

+# argument: username hostname port
+function check_ssh {
+    username=$1
+    hostname=$2
+    port="${3:-22}"
+
+    status=$(ssh -o BatchMode=yes -o ConnectTimeout=5 ${username}@${hostname} -p ${port} echo ssh_connection_ok 2>&1)
+
+    if [[ $status == "ssh_connection_ok" ]] ; then
+			check_passed ${username}-${hostname}-${port}-ssh "${username}@${hostname}:${port} SSH is up"
+    elif echo $status | grep -q "Permission denied" ; then
+			check_failed ${username}-${hostname}-${port}-ssh "${username}@${hostname}:${port} SSH returned permission denied: ${status}"
+    else
+			check_failed ${username}-${hostname}-${port}-ssh "${username}@${hostname}:${port} SSH is down: ${status}"
+    fi
+}
+
+
 # here are the checks

 # check pings
@ -90,6 +108,8 @@ check_ping my-second.server.com
 check_url my-first.server.com "https://my-first.server.com/url/index.html" "Welcome to My First Server"
 check_url my-third.server.com "https://my-third.server.com/index.html" "Welcome to My Third Server"

+check_ssh "johnpb27" "my-ssh.server.com" 22
+
 # Leave this if you don't use signal-cli outside of this script,
 # otherwise comment out, see readme
 signal-cli -u $SIGNAL_USER receive > /dev/null 2>&1