Benoit/Tootpaste
Benoit/Tootpaste
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: Benoit:0.1.1
Branches Tags
Benoit:main
Benoit:0.2.0
Benoit:0.1.1
Benoit:0.1.0
...
compare: Benoit:main
Branches Tags
Benoit:main
Benoit:0.2.0
Benoit:0.1.1
Benoit:0.1.0

5 commits
0.1.1 ... main

Author SHA1 Message Date
Benoit S
cd1b0f1105 Release 0.2.0 2022-04-22 18:32:38 +09:00
Benoit S
dee4adc149 Add a message when instance can be accessed 2022-04-22 17:22:02 +09:00
Benoit S
a053246f0e Fix #2 silence curl's output 2022-04-22 17:21:34 +09:00
Benoit S
d5c632e74f Add test condition when there are no errors 
Also log unjoinable instances
 2022-04-21 22:15:32 +09:00
Benoit S
90f231e59f Missing some default values 2021-08-29 11:04:02 +09:00
3 changed files with 78 additions and 47 deletions
Show stats Expand all files Collapse all files

12
CHANGELOG.md
View file

@ -12,6 +12,18 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
### Removed ### Removed
## [0.2.0] - 2022-04-22
### Added
- Test condition when there are no errors
- Log unjoinable instances
- A message when instance can be accessed
### Fixed
- Silence curl's output
## [0.1.1] - 2021-08-29 ## [0.1.1] - 2021-08-29
### Added ### Added

6
README.md
View file

@ -44,11 +44,11 @@ and date of expired certificate, default: `1210000`, 2w
- `INSTANCE_LAST_CHANCE_TIMEOUT`, integer, timeout in seconds to connect to an - `INSTANCE_LAST_CHANCE_TIMEOUT`, integer, timeout in seconds to connect to an
instance that was previously not accessible, default: `30` instance that was previously not accessible, default: `30`
- `MEDIA_REMOVE_DAYS`, integer, how old in days media attachments have to be - `MEDIA_REMOVE_DAYS`, integer, how old in days media attachments have to be
before getting removed before getting removed, default: `7`
- `CARDS_REMOVE_DAYS`, integer, how old in days cards previews have to be - `CARDS_REMOVE_DAYS`, integer, how old in days cards previews have to be
before getting removed before getting removed, default: `15`
- `STATUSES_REMOVE_DAYS`, integer, how old in days unreferenced statuses have - `STATUSES_REMOVE_DAYS`, integer, how old in days unreferenced statuses have
to be before getting removed to be before getting removed, default: `30`
Example: Example:

107
tootpaste.sh
View file

@ -40,52 +40,68 @@ accounts_cull() {
# Remove instances that have an expired certificate from more than # Remove instances that have an expired certificate from more than
# TLS_EXPIRED_MAX_SEC # TLS_EXPIRED_MAX_SEC
grep 'certificate has expired' "$CULL_LOG" \ if grep -q 'certificate has expired' "$CULL_LOG"; then
| awk '{print $NF}' \ grep 'certificate has expired' "$CULL_LOG" \
| cut -d'/' -f3 \ | awk '{print $NF}' \
| sort -u \ | cut -d'/' -f3 \
> "$TLS_EXPIRED_LOG" | sort -u \
> "$TLS_EXPIRED_LOG"
while read -r instance; do while read -r instance; do
TLS_EXPIRED_TS=$( TLS_EXPIRED_TS=$(
date -d "$( date -d "$(
echo Q \ echo Q \
| openssl s_client \ | openssl s_client \
-servername "$instance" \ -servername "$instance" \
-connect "${instance}":443 \ -connect "${instance}":443 \
2>/dev/null \ 2>/dev/null \
| openssl x509 -noout -dates \ | openssl x509 -noout -dates \
| grep 'notAfter' \ | grep 'notAfter' \
| cut -d'=' -f2 | cut -d'=' -f2
)" +%s )" +%s
) )
DATE_DIFF=$(($(date +%s) - TLS_EXPIRED_TS)) DATE_DIFF=$(($(date +%s) - TLS_EXPIRED_TS))
if [[ $DATE_DIFF -gt $TLS_EXPIRED_MAX_SEC ]]; then if [[ $DATE_DIFF -gt $TLS_EXPIRED_MAX_SEC ]]; then
echo "${instance} has a certificate expired for more than TLS_EXPIRED_MAX_SEC, purging..." echo "${instance} has a certificate expired for more than TLS_EXPIRED_MAX_SEC, purging..."
$DRY_RUN \ $DRY_RUN \
&& $TOOTCTL domains purge \ && $TOOTCTL domains purge \
--concurrency "$DB_POOL" \ --concurrency "$DB_POOL" \
--dry-run \ --dry-run \
"$instance" "$instance"
$DRY_RUN \ $DRY_RUN \
|| $TOOTCTL domains purge \ || $TOOTCTL domains purge \
--concurrency "$DB_POOL" \ --concurrency "$DB_POOL" \
"$instance" "$instance"
fi fi
done < "$TLS_EXPIRED_LOG" done < "$TLS_EXPIRED_LOG"
fi
# Log other instances errors, then if they were already in the log, purge # Log other instances errors, then if they were already in the log, purge them
# them if grep -q 'https' "$CULL_LOG"; then
grep \ grep \
-e 'certificate verify failed' \ -e 'certificate verify failed' \
-e 'timed out' \ -e 'timed out' \
-e 'sslv3 alert handshake failure' \ -e 'sslv3 alert handshake failure' \
-e 'TooManyRedirectsError' \ -e 'TooManyRedirectsError' \
"$CULL_LOG" \ -e 'EndlessRedirectError' \
| awk '{print $NF}' \ -e 'HostValidationError' \
| cut -d'/' -f3 \ "$CULL_LOG" \
| sort -u \ | awk '{print $NF}' \
> "$OTHER_ERRORS_LOG" | cut -d'/' -f3 \
| sort -u \
> "$OTHER_ERRORS_LOG"
fi
# Log unjoinable instances, then if they were already in the log, purge them
if grep -q 'not available during the check:' "$CULL_LOG"; then
grep \
-A 9999 \
'not available during the check:' \
"$CULL_LOG" \
| tail -n +2 \
| sed -E 's/\s+//' \
> "$OTHER_ERRORS_LOG"
fi
test -f $PREV_ERRORS_LOG || touch $PREV_ERRORS_LOG test -f $PREV_ERRORS_LOG || touch $PREV_ERRORS_LOG
while read -r instance; do while read -r instance; do
@ -93,6 +109,7 @@ accounts_cull() {
error=false error=false
echo "${instance} was already in error last time your ran tootpaste, trying access..." echo "${instance} was already in error last time your ran tootpaste, trying access..."
curl \ curl \
--output /dev/null \
--silent \ --silent \
--show-error \ --show-error \
--max-time "$INSTANCE_LAST_CHANCE_TIMEOUT" \ --max-time "$INSTANCE_LAST_CHANCE_TIMEOUT" \
@ -109,6 +126,8 @@ accounts_cull() {
|| $TOOTCTL domains purge \ || $TOOTCTL domains purge \
--concurrency "$DB_POOL" \ --concurrency "$DB_POOL" \
"$instance" "$instance"
else
echo "${instance} can now be accessed, not purging!"
fi fi
fi fi
done < "$OTHER_ERRORS_LOG" done < "$OTHER_ERRORS_LOG"