mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2025-10-09 18:28:10 +02:00
Kevin Veen-Birkenbach
4d9890406e
Updated README to reflect correct usage with '--', adjusted script.py to always append separator, and simplified task template handling for consistency. Ref: https://chatgpt.com/share/68dfc69b-7c94-800f-871b-3525deb8e374
78 lines
2.1 KiB
Python
78 lines
2.1 KiB
Python
#!/usr/bin/env python3
|
|
|
|
import os
|
|
import re
|
|
import subprocess
|
|
import sys
|
|
import argparse
|
|
|
|
def extract_domains(config_path):
|
|
"""
|
|
Extracts domain names from .conf filenames in the given directory.
|
|
"""
|
|
domain_pattern = re.compile(r'^([a-zA-Z0-9-]+\.)+[a-zA-Z]{2,}\.conf$')
|
|
try:
|
|
return [
|
|
fn[:-5]
|
|
for fn in os.listdir(config_path)
|
|
if fn.endswith(".conf") and domain_pattern.match(fn)
|
|
]
|
|
except FileNotFoundError:
|
|
print(f"Directory {config_path} not found.", file=sys.stderr)
|
|
return None
|
|
|
|
def run_checkcsp(domains, ignore_network_blocks_from):
|
|
"""
|
|
Executes the 'checkcsp' command with the given domains and optional ignores.
|
|
"""
|
|
cmd = ["checkcsp", "start", "--short"]
|
|
|
|
# pass through ignore list only if not empty
|
|
if ignore_network_blocks_from:
|
|
cmd.append("--ignore-network-blocks-from")
|
|
cmd.extend(ignore_network_blocks_from)
|
|
cmd.append("--")
|
|
|
|
cmd += domains
|
|
|
|
try:
|
|
result = subprocess.run(cmd, check=True)
|
|
return result.returncode
|
|
except subprocess.CalledProcessError as e:
|
|
print(f"'checkcsp' reported issues (exit code {e.returncode})", file=sys.stderr)
|
|
return e.returncode
|
|
except Exception as e:
|
|
print(f"Unexpected error: {e}", file=sys.stderr)
|
|
return 1
|
|
|
|
def main():
|
|
parser = argparse.ArgumentParser(
|
|
description="Extract domains from NGINX and run checkcsp against them"
|
|
)
|
|
parser.add_argument(
|
|
"--nginx-config-dir",
|
|
required=True,
|
|
help="Directory containing NGINX .conf files"
|
|
)
|
|
parser.add_argument(
|
|
"--ignore-network-blocks-from",
|
|
nargs="*",
|
|
default=[],
|
|
help="Optional: one or more domains whose network block failures should be ignored"
|
|
)
|
|
args = parser.parse_args()
|
|
|
|
domains = extract_domains(args.nginx_config_dir)
|
|
if domains is None:
|
|
sys.exit(1)
|
|
|
|
if not domains:
|
|
print("No domains found to check.")
|
|
sys.exit(0)
|
|
|
|
rc = run_checkcsp(domains, args.ignore_network_blocks_from)
|
|
sys.exit(rc)
|
|
|
|
if __name__ == "__main__":
|
|
main()
|