199 lines
5.7 KiB
Bash
199 lines
5.7 KiB
Bash
#!/usr/bin/env dash
|
|
|
|
# router.sh — POSIX sh HTTP backend (for socat)
|
|
# usage: socat -T5 -t5 TCP-LISTEN:${port},reuseaddr,fork EXEC:"sh ${currentfile}"
|
|
# Routes:
|
|
# GET /status -> check $URLS (0/0 if unset)
|
|
# GET /disk -> check $VOLUMES (all if unset)
|
|
# Env:
|
|
# URLS="http://..." # default: none
|
|
# VOLUMES="/ /home" # default: all from df -P
|
|
# TIMEOUT=5
|
|
# AUTH_FILE="/path/htpasswd-like" # lines: user:pass
|
|
|
|
base64() {
|
|
local mod
|
|
mod="${1:?}"
|
|
|
|
case "$mod" in
|
|
encode)
|
|
printf '%s' "${2:?}" | od -An -t u1 | tr -s ' ' | tr -d '\n' | awk '
|
|
BEGIN {
|
|
A="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"
|
|
}
|
|
function dec2bin(n, r,len,pad) {
|
|
if (n==0) return "00000000"
|
|
while (n>0) {
|
|
r = (n%2) r
|
|
n = int(n/2)
|
|
}
|
|
return sprintf("%08s", r)
|
|
}
|
|
function bin2dec(s, i,d,r) {
|
|
r=0
|
|
for(i=1;i<=length(s);i++) {
|
|
d=substr(s,i,1)
|
|
r = r*2 + d
|
|
}
|
|
return r
|
|
}
|
|
function buildbin(t, r) {
|
|
for(i=1;i<=NF;i+=1) {
|
|
#printf("%s | %s\n", dec2bin($i), $i)
|
|
r = sprintf("%s%s", r, dec2bin($i))
|
|
}
|
|
return r
|
|
}
|
|
function base64(b, r,c) {
|
|
for(i=1;i<=length(b);i+=6) {
|
|
#printf("%s | %s\n", substr(b,i,6), bin2dec(substr(b,i,6)))
|
|
c = substr(A, bin2dec(substr(b,i,6))+1, 1)
|
|
r = sprintf("%s%s", r, c)
|
|
}
|
|
return r
|
|
}
|
|
{
|
|
b=buildbin($1)
|
|
l=length(b)
|
|
lack = (6 - l % 6) % 6
|
|
for(i=1;i<=lack;i+=1) {
|
|
b = sprintf("%s0", b)
|
|
}
|
|
r = base64(b)
|
|
for(i=1;i<=lack/2;i+=1) {
|
|
r = sprintf("%s=", r)
|
|
}
|
|
print r
|
|
}
|
|
'
|
|
;;
|
|
decode)
|
|
printf '%b\n' "$(printf '%s' "${2:?}" | awk ' BEGIN {
|
|
A="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"
|
|
}
|
|
function dec2bin(n, r,len,pad) {
|
|
if (n==0) return "000000"
|
|
while (n>0) {
|
|
r = (n%2) r
|
|
n = int(n/2)
|
|
}
|
|
r = sprintf("%6s", r)
|
|
gsub(/ /,"0",r)
|
|
return r
|
|
}
|
|
{
|
|
for(i=1;i<=length($1);i+=1) {
|
|
b=sprintf("%s%s", b, dec2bin(index(A, substr($1,i,1))-1))
|
|
}
|
|
for(i=1; i<=length(b); i+=8){
|
|
n=0
|
|
for(j=0;j<8;j++) n = n*2 + (substr(b,i+j,1)=="1")
|
|
printf "\\x%02X", n
|
|
}
|
|
}
|
|
')"
|
|
;;
|
|
esac
|
|
}
|
|
|
|
: "${TIMEOUT:=5}"
|
|
: "${VOLUMES:=$(df -P | awk 'NR>1{print $6}')}"
|
|
|
|
route_status() {
|
|
if [ -z "${URLS:-}" ]; then
|
|
printf '{"checks":[],"summary":{"total":0,"ok":0}}'
|
|
return
|
|
fi
|
|
{
|
|
printf '{"checks":['
|
|
first=1 okcnt=0 tot=0
|
|
for u in $URLS; do
|
|
tot=$((tot+1))
|
|
res=$(curl -sS -m "$TIMEOUT" -o /dev/null -w '%{http_code} %{time_total}' "$u" 2>/dev/null) || res="000 0"
|
|
code=${res%% *}; ttot=${res#* }
|
|
case $code in 2*|3*) ok=true; okcnt=$((okcnt+1));; *) ok=false;; esac
|
|
[ $first -eq 0 ] && printf ','; first=0
|
|
printf '{"url":"%s","code":%s,"time_s":%s,"ok":%s}' "$u" "$code" "$ttot" "$ok"
|
|
done
|
|
printf '],"summary":{"total":%s,"ok":%s}}' "$tot" "$okcnt"
|
|
}
|
|
}
|
|
|
|
route_disk() {
|
|
{
|
|
printf '{"volumes":['
|
|
first=1
|
|
for v in $VOLUMES; do
|
|
# POSIX df -P: Filesystem 1K-blocks Used Available Capacity Mounted on
|
|
# shellcheck disable=SC2046
|
|
set -- $(df -P "$v" 2>/dev/null | awk 'NR==2{print $2, $3, $4, $5, $6}')
|
|
size=$1 used=$2 avail=$3 usep=$4 mnt=$5
|
|
[ -z "$size" ] && continue
|
|
[ $first -eq 0 ] && printf ','; first=0
|
|
printf '{"mount":"%s","size_blocks":%s,"used":%s,"avail":%s,"use_percent":"%s"}' \
|
|
"$mnt" "$size" "$used" "$avail" "$usep"
|
|
done
|
|
printf ']}'
|
|
}
|
|
}
|
|
|
|
AUTH_TOKENS=""
|
|
if [ -n "${AUTH_FILE:-}" ] && [ -r "$AUTH_FILE" ]; then
|
|
while IFS= read -r up || [ -n "$up" ]; do
|
|
[ -n "$up" ] || continue
|
|
AUTH_TOKENS="$AUTH_TOKENS $(base64 encode "$up" | tail -n1)"
|
|
done <"$AUTH_FILE"
|
|
fi
|
|
|
|
require_auth=false
|
|
[ -n "$AUTH_TOKENS" ] && require_auth=true
|
|
|
|
# --- read request & headers ---
|
|
IFS= read -r req || exit 0
|
|
cr=$(printf '\r')
|
|
while IFS= read -r line; do
|
|
[ -z "$line" ] && break
|
|
[ "$line" = "$cr" ] && break
|
|
case "$line" in
|
|
"Authorization: Basic "*)
|
|
tok=${line#Authorization: Basic }
|
|
tok=$(printf '%s' "$tok" | tr -d '\r\n')
|
|
expect=$(base64 encode "$USER:$PASS")
|
|
[ "$tok" = "$expect" ] && auth_ok=true
|
|
;;
|
|
esac
|
|
done
|
|
|
|
# --- auth gate ---
|
|
unauth() {
|
|
body='{"error":"unauthorized"}'
|
|
len=$(printf '%s' "$body" | wc -c | awk '{print $1}')
|
|
printf 'HTTP/1.1 401 Unauthorized\r\n'
|
|
printf 'Content-Type: application/json\r\n'
|
|
printf 'Content-Length: %s\r\n' "$len"
|
|
printf 'WWW-Authenticate: Basic realm="minimal", charset="UTF-8"\r\n'
|
|
printf 'Connection: close\r\n\r\n'
|
|
printf '%s' "$body"
|
|
}
|
|
|
|
auth_ok=false
|
|
if $require_auth; then
|
|
for t in $AUTH_TOKENS; do
|
|
[ "$tok" = "$t" ] && auth_ok=true && break
|
|
done
|
|
$auth_ok || { unauth; exit 0; }
|
|
fi
|
|
|
|
tmp=$(mktemp) || exit 1
|
|
trap 'rm -f "$tmp"' EXIT INT HUP
|
|
|
|
case "$req" in
|
|
"GET /status "*) route_status >"$tmp"; status='200 OK'; ctype='application/json' ;;
|
|
"GET /disk "*) route_disk >"$tmp"; status='200 OK'; ctype='application/json' ;;
|
|
*) printf 'Not found\n' >"$tmp"; status='404 Not Found'; ctype='text/plain' ;;
|
|
esac
|
|
|
|
len=$(wc -c <"$tmp" | awk '{print $1}')
|
|
printf 'HTTP/1.1 %s\r\nContent-Type: %s\r\nContent-Length: %s\r\nConnection: close\r\n\r\n' "$status" "$ctype" "$len"
|
|
cat "$tmp"
|