Compare commits
6 commits
Author | SHA1 | Date | |
---|---|---|---|
Alarig Le Lay | 6745d85e8f | ||
Alarig Le Lay | cab6e738aa | ||
Alarig Le Lay | f77ab3348c | ||
Alarig Le Lay | 559cb97cd4 | ||
Alarig Le Lay | 2b112d5344 | ||
Alarig Le Lay | 5a3f7686f0 |
|
@ -1,5 +1,7 @@
|
||||||
Script intented to check a domain expiration with a query to the corresponding
|
Script intented to check a domain expiration with a query to the corresponding
|
||||||
RDAP server.
|
RDAP server. The RDAP server for the TLD is extracted from the IANA JSON RDAP.
|
||||||
|
If the expiration field isn’t found on the TLD server, the script falls back to
|
||||||
|
the registrar server.
|
||||||
|
|
||||||
This script is inspired from
|
This script is inspired from
|
||||||
https://raw.githubusercontent.com/buanzo/check_expiration_rdap/main/src/nagios_check_domain_expiration_rdap/nagios_check_domain_expiration_rdap.py
|
https://raw.githubusercontent.com/buanzo/check_expiration_rdap/main/src/nagios_check_domain_expiration_rdap/nagios_check_domain_expiration_rdap.py
|
||||||
|
@ -8,10 +10,10 @@ and `/usr/lib/python3.11/site-packages/nagiosplugin/examples/`
|
||||||
The script assumes that the TLD has only one label while looking for the RDAP
|
The script assumes that the TLD has only one label while looking for the RDAP
|
||||||
server from the IANA JSON. If it’s not the case it will fail.
|
server from the IANA JSON. If it’s not the case it will fail.
|
||||||
|
|
||||||
I don’t understand half of what I wrote
|
|
||||||
|
|
||||||
Have fun.
|
Have fun.
|
||||||
|
|
||||||
|
For all the options, run `./check_domain_expiration_rdap.py -h`
|
||||||
|
|
||||||
Here are the tested cases:
|
Here are the tested cases:
|
||||||
```shell
|
```shell
|
||||||
# expired domain
|
# expired domain
|
||||||
|
|
|
@ -7,6 +7,7 @@ import argparse
|
||||||
import datetime
|
import datetime
|
||||||
import logging
|
import logging
|
||||||
import os
|
import os
|
||||||
|
import pathlib
|
||||||
import requests
|
import requests
|
||||||
|
|
||||||
import nagiosplugin
|
import nagiosplugin
|
||||||
|
@ -18,10 +19,20 @@ __version__ = '0.1'
|
||||||
_log = logging.getLogger('nagiosplugin')
|
_log = logging.getLogger('nagiosplugin')
|
||||||
|
|
||||||
# cache session for json and csv storage
|
# cache session for json and csv storage
|
||||||
session = requests_cache.CachedSession(
|
uid = os.getuid()
|
||||||
'/tmp/iana_rdap_cache',
|
home = pathlib.Path.home()
|
||||||
cache_control=True
|
for possible_dir in [f'/run/{uid}', home, '/tmp']:
|
||||||
)
|
iana_rdap_cache = f'{possible_dir}/iana_rdap_cache'
|
||||||
|
try:
|
||||||
|
cache = open(f'{iana_rdap_cache}.sqlite', 'a')
|
||||||
|
cache.close()
|
||||||
|
session = requests_cache.CachedSession(iana_rdap_cache, cache_control=True)
|
||||||
|
_log.debug(f'Caching to {iana_rdap_cache}.sqlite')
|
||||||
|
break
|
||||||
|
except IOError:
|
||||||
|
_log.debug(f'{iana_rdap_cache}.sqlite is not writtable')
|
||||||
|
session = requests
|
||||||
|
iana_rdap_cache = ''
|
||||||
|
|
||||||
def find_rdap_server(domain):
|
def find_rdap_server(domain):
|
||||||
"""Find the TLD rdap server."""
|
"""Find the TLD rdap server."""
|
||||||
|
@ -41,7 +52,7 @@ def find_rdap_server(domain):
|
||||||
# no rdap on tld
|
# no rdap on tld
|
||||||
except IndexError:
|
except IndexError:
|
||||||
raise nagiosplugin.CheckError(
|
raise nagiosplugin.CheckError(
|
||||||
f'The TLD {tld} does not have an RDAP server'
|
f'The TLD {tld} does not have an RDAP server, try forcing the registrar server with --server. It can be found on https://www.iana.org/assignments/registrar-ids/registrar-ids.xhtml'
|
||||||
)
|
)
|
||||||
|
|
||||||
_log.debug(f'The used RDAP server is {url}')
|
_log.debug(f'The used RDAP server is {url}')
|
||||||
|
@ -53,6 +64,10 @@ def parse_ldap(domain, rdap_server):
|
||||||
req_rdap = requests.get(f'{rdap_server}domain/{domain}')
|
req_rdap = requests.get(f'{rdap_server}domain/{domain}')
|
||||||
|
|
||||||
match req_rdap.status_code:
|
match req_rdap.status_code:
|
||||||
|
case 400:
|
||||||
|
raise nagiosplugin.CheckError(
|
||||||
|
f'Got {req_rdap.status_code}, the RDAP server {rdap_server} interprets this domain query as a bad request'
|
||||||
|
)
|
||||||
case 403:
|
case 403:
|
||||||
raise nagiosplugin.CheckError(
|
raise nagiosplugin.CheckError(
|
||||||
f'Got {req_rdap.status_code}, the RDAP server {rdap_server} refused to reply'
|
f'Got {req_rdap.status_code}, the RDAP server {rdap_server} refused to reply'
|
||||||
|
@ -97,7 +112,8 @@ def parse_ldap(domain, rdap_server):
|
||||||
raw_expiration.append(line[3])
|
raw_expiration.append(line[3])
|
||||||
|
|
||||||
elif len(raw_expiration) == 1:
|
elif len(raw_expiration) == 1:
|
||||||
fecha = raw_expiration[0].split('T')[0]
|
fecha = raw_expiration[0].split('T')[0].strip().split()
|
||||||
|
fecha = fecha[0]
|
||||||
today = datetime.datetime.now()
|
today = datetime.datetime.now()
|
||||||
delta = datetime.datetime.strptime(fecha, '%Y-%m-%d') - today
|
delta = datetime.datetime.strptime(fecha, '%Y-%m-%d') - today
|
||||||
raw_expiration[0] = delta.days
|
raw_expiration[0] = delta.days
|
||||||
|
@ -124,10 +140,11 @@ def expiration(domain, server):
|
||||||
elif isinstance(raw_expiration[0], str):
|
elif isinstance(raw_expiration[0], str):
|
||||||
import csv
|
import csv
|
||||||
# fetch csv
|
# fetch csv
|
||||||
iana_registrars_csv = session.get(
|
iana_registrars_req = session.get(
|
||||||
'https://www.iana.org/assignments/registrar-ids/registrar-ids-1.csv',
|
'https://www.iana.org/assignments/registrar-ids/registrar-ids-1.csv',
|
||||||
timeout=120
|
timeout=120
|
||||||
).content.decode('utf-8')
|
)
|
||||||
|
iana_registrars_csv = iana_registrars_req.content.decode('utf-8')
|
||||||
# parse csv
|
# parse csv
|
||||||
registrar_rdap_found = False
|
registrar_rdap_found = False
|
||||||
for registrar_row in csv.reader(
|
for registrar_row in csv.reader(
|
||||||
|
@ -148,7 +165,7 @@ def expiration(domain, server):
|
||||||
)
|
)
|
||||||
if not(registrar_rdap_found):
|
if not(registrar_rdap_found):
|
||||||
raise nagiosplugin.CheckError(
|
raise nagiosplugin.CheckError(
|
||||||
f'The registrar {raw_expiration[0]} is not fond from {iana_registrars_csv.url}'
|
f'The registrar {raw_expiration[0]} is not found from {iana_registrars_req.url}'
|
||||||
)
|
)
|
||||||
|
|
||||||
else:
|
else:
|
||||||
|
@ -242,8 +259,13 @@ def main():
|
||||||
)
|
)
|
||||||
|
|
||||||
domain = pyunycode.convert(args.domain)
|
domain = pyunycode.convert(args.domain)
|
||||||
|
# be sure that the provided server url ends with / for future concat
|
||||||
|
if (isinstance(args.server, str) and args.server[-1] != '/'):
|
||||||
|
server = args.server + '/'
|
||||||
|
else:
|
||||||
|
server = args.server
|
||||||
check = nagiosplugin.Check(
|
check = nagiosplugin.Check(
|
||||||
Expiration(domain, args.server),
|
Expiration(domain, server),
|
||||||
nagiosplugin.ScalarContext(
|
nagiosplugin.ScalarContext(
|
||||||
'daystoexpiration',
|
'daystoexpiration',
|
||||||
warning=wrange,
|
warning=wrange,
|
||||||
|
|
Loading…
Reference in a new issue