脚本之CDN中,测试整个cache平台nginx的https是否生效
2017-03-14 22:29
197 查看
#!/bin/bash read -p "domain: " domain read -p "url(except domain): " url read -p "reload or not ?(NEED reload please enter \"reload\"): " reload platform=`dig $domain.cloudglb.com @8.8.8.8 |grep $domain.cloudglb.com|grep CNAME|awk '{print $5}'|awk -F '.' '{print $1"."$2}'` rm -f /work/caozhi/520/* dev -p $platform > /work/caozhi/node.list cd /work/caozhi/puppet_new/ svn update 2>&1 >/dev/null ########### 批量执行reload ################## [ "$reload" = reload ] && sudo pssh -x -p12321 -t 600 -h /work/caozhi/node.list -P "/etc/init.d/nginx reload" 2>&1 >/dev/null cermd5=`md5sum /work/caozhi/puppet_new/modules/automatic/files/ssl/$platform/auto_$domain\(0\).* |awk '{print $1}'` keymd5=`md5sum /work/caozhi/puppet_new/modules/automatic/files/ssl/$platform/auto_$domain\(1\).key |awk '{print $1}'` nginxmd5=`md5sum /work/caozhi/puppet_new/modules/automatic/files/$platform/$domain.autoconf |awk '{print $1}'` ########## 遍历 autoconf cer key md5 ######### sudo dev -l /work/caozhi/node.list --cmd "md5sum /opt/nginx/ssl/auto_$domain\(0\).* /opt/nginx/ssl/auto_$domain\(1\).key /etc/nginx/conf.d/$domain.autoconf" 2>&1 >/work/caozhi/520/resultconfigure ########## 校验 nginx reload 时间 ########## sudo dev -l /work/caozhi/node.list --cmd "ps aux |grep nginx |grep worker|grep -v shutting|awk '\$1~/nginx/{print \$9}'|sort -u" 2>&1 > /work/caozhi/520/result awk '{print $5}' /work/caozhi/520/result|sort -u|sort -n|head > /work/caozhi/520/timestamp ############ 校验 autoconf cer key md5 ######### cat /work/caozhi/520/resultconfigure |awk '{if (NR % 3) printf $0;else print $0}'|grep "No such file or directory"|awk '{print $2,"\033[31m this server has no configure \033[0m"}' > /work/caozhi/520/error cat /work/caozhi/520/resultconfigure |grep -v "No such file or directory"|awk '{if (NR % 3) printf $0;else print $0}'|grep -v $nginxmd5|awk '{print $2,"\033[31m this server has error autoconf \033[0m"}' >> /work/caozhi/520/error cat /work/caozhi/520/resultconfigure |grep -v "No such file or directory"|awk '{if (NR % 3) printf $0;else print $0}'|grep -v $cermd5 |awk '{print $2,"\033[31m this server has error cer \033[0m"}'>> /work/caozhi/520/error cat /work/caozhi/520/resultconfigure |grep -v "No such file or directory"|awk '{if (NR % 3) printf $0;else print $0}'|grep -v $keymd5 |awk '{print $2,"\033[31m this server has error key \033[0m"}'>> /work/caozhi/520/error #cat /work/caozhi/520/error grep . /work/caozhi/520/error if [ $? -eq 0 ] then echo -e "\e[35;40;1mconfigure(autoconf,cer and key) is ERROR!!!\e[0m" else echo -e "\e[35;40;1mconfigure(autoconf,cer and key) is correct\e[0m" fi ########### 遍历校验 https 访问 ############### for i in `cat /work/caozhi/node.list` do curl -I -o /dev/null -S -s https://$i/$url -H "Host:$domain" -k --retry-delay 2 --connect-timeout 10 -m 15 -w "http_code=%{http_code}"|awk -v tt="$i" '$1!~/200/{print $0,tt}' 2>&1 |tee -a /work/caozhi/520/http > /dev/null done grep . /work/caozhi/520/http if [ $? -eq 0 ] then echo -e "\e[33;40;1mhttps is ERROR!!!\e[0m" else echo -e "\e[33;40;1mhttps is correct\e[0m" fi
整个cache平台的https是用nginx提供的服务,有的时候下发完配置,会有个别长宽,教育网的设备同步不了配置,导致https访问异常,因此这个脚本可以全网验证https是否生效,包括检查证书,私钥,配置文件,nginx的进程启动开始时间,curl访问是否正常。
这几点能保证正常的话,基本就没有问题了。
相关文章推荐
- 小小脚本之 CDN中 测试客户注入的文件,在源站上是否存在,统计出来
- 测试Web应用程序是否存在跨站点脚本漏洞
- 测试 Web 应用程序是否存在跨站点脚本漏洞
- shell脚本实现批量测试局域网主机是否在线
- 测试setsockopt设置超时是否生效代码
- 测试脚本是否有管理员特权,说明了在PowerShell巨大的灵活性:
- 测试Web应用程序是否存在跨站点脚本漏洞
- if嵌套语句 shell脚本实例 测试是否闰年
- LoadRunner 基于安全协议的https的页面测试脚本
- ATS的诊断工具:测试iOS使用的HTTPS地址是否符合ATS的规则
- 同时测试多个服务是否存活的脚本[shell和perl]
- 测试Web应用程序是否存在跨站点脚本漏洞
- 测试主机是否在线的脚本
- shell脚本实现批量测试局域网主机是否在线
- IIS6 启动 gzip 压缩 推荐 附测试是否生效地址
- if嵌套语句 shell脚本实例 测试是否闰年
- 脚本之 查看CDN cache平台访问的内容和正确的是否一致
- 测试文件是否包含特定的文本内容sh脚本
- Redis主从是否生效的特殊测试方法
- python脚本测试局域网中的电脑是否连通