From 7890c38cce1e5cfceb4b6e6fe994e2a742b8b765 Mon Sep 17 00:00:00 2001 From: Erich Eckner Date: Thu, 13 Oct 2016 15:11:44 +0200 Subject: manpage automatisch erzeugen --- .gitignore | 4 +++- Makefile | 16 +++++++++++++--- crypt-expiry-check.in | 44 ++++++++++++++++++++++++-------------------- man.commons.in | 30 ++++++++++++++++++++++++++++++ 4 files changed, 70 insertions(+), 24 deletions(-) create mode 100644 man.commons.in diff --git a/.gitignore b/.gitignore index 919177e..9ab43ca 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,5 @@ crypt-expiry-check crypt-expiry-check.cron -crypt-expiry-check.1 +man.commons +*.common +*.1 diff --git a/Makefile b/Makefile index 2a82a8d..a808e4d 100644 --- a/Makefile +++ b/Makefile @@ -27,10 +27,18 @@ MANDIR = /usr/share/man VERSION = 4.0.7 -all: crypt-expiry-check crypt-expiry-check.cron crypt-expiry-check.1 +all: man.commons crypt-expiry-check crypt-expiry-check.cron crypt-expiry-check.1 %: %.in sed "s/#VERSION#/$(VERSION)/; s@#CRONDIR#@$(CRONDIR)@; s@#BINDIR#@$(BINDIR)@; s@#ETCDIR#@$(ETCDIR)@" $< > $@ + [ "$@" = "crypt-expiry-check" ] && chmod +x "$@" || true + +%.1: % man.commons + grep -v "^$<(" man.commons | sed '/^\[SEE ALSO]$$/{n;:a;N;/\[/b;s/\n/, /;ta;}' > "$<.common" && \ + help2man \ + -n 'Check expiry of gpg-keys and X.509 certificates' \ + -h -h -v -Z \ + -o "$@" -N --include $<.common --no-discard-stderr "./$<" .PHONY: install dist clean @@ -41,8 +49,10 @@ install: all install -D -m0644 -t $(DESTDIR)$(ETCDIR) crypt-expiry.checks clean: - rm -f crypt-expiry-check crypt-expiry-check.cron crypt-expiry-check.1 - + ls -A | \ + grep "^\($(shell cat .gitignore | sed 's|\.|\\.|; s|\*|.*|; s|$$|\\|' | tr '\n' '\|' )\)\$$" | \ + xargs -r rm + dist: clean git status --porcelain 2> /dev/null | grep -q "\S" && (git add .; git commit -m"neue Version: $(VERSION)") || true ! git tag -d v$(VERSION) 2> /dev/null diff --git a/crypt-expiry-check.in b/crypt-expiry-check.in index f634650..e631140 100755 --- a/crypt-expiry-check.in +++ b/crypt-expiry-check.in @@ -192,27 +192,27 @@ print_heading() ########################################## usage() { - >&2 echo "This is crypt-expiry-check version #VERSION#" + >&2 echo "$(basename "$0") checks expiration of gpg keys and X.509 certificates and sends emails if keys are about to expire." >&2 echo "" - >&2 echo "Usage: $0 [ -e email address ] [ -x days ] [-q] [-a] [-b] [-h] [-i] [-n] [-v]" - >&2 echo " { [ -s common_name:port] } || { [ -f cert_file ] } || { [ -c certificate file ] } || { [ -g email address ] }" + >&2 echo "Usage: $0 [ -e email address ] [ -x days ] [-q] [-a] [-b] [-h] [-i] [-n] [-v] { [ -s common_name:port] } || { [ -f cert_file ] } || { [ -c certificate file ] } || { [ -g email address ] }" >&2 echo "" - >&2 echo " -a : Send a warning message through E-mail" - >&2 echo " -b : Will not print header" - >&2 echo " -c cert file : Print the expiration date for the PEM or PKCS12 formatted certificate in cert file" - >&2 echo " -e E-mail address : E-mail address to send expiration notices" - >&2 echo " -f cert file : File with a list of FQDNs and ports" - >&2 echo " -g E-mail address : E-mail address to check expiry of gpg-key from" - >&2 echo " -h : Print this screen" - >&2 echo " -i : Print the issuer of the certificate" - >&2 echo " -k password : PKCS12 file password" - >&2 echo " -n : Run as a Nagios plugin" - >&2 echo " -s commmon_name:port : Server and Port to connect to (interactive mode)" - >&2 echo " -t type : Specify the certificate type" - >&2 echo " -q : Don't print anything on the console" - >&2 echo " -v : Specify a specific protocol version to use (tls, ssl2, ssl3)" - >&2 echo " -V : Only print validation data" - >&2 echo " -x days : Certificate expiration interval (eg. if cert_date < days)" + >&2 echo " -a Send a warning message through E-mail" + >&2 echo " -b Will not print header" + >&2 echo " -c cert file Print the expiration date for the PEM or PKCS12 formatted certificate in cert file" + >&2 echo " -e E-mail address E-mail address to send expiration notices" + >&2 echo " -f cert file File with a list of FQDNs and ports" + >&2 echo " -g E-mail address E-mail address to check expiry of gpg-key from" + >&2 echo " -h Print this screen" + >&2 echo " -i Print the issuer of the certificate" + >&2 echo " -k password PKCS12 file password" + >&2 echo " -n Run as a Nagios plugin" + >&2 echo " -s commmon_name:port Server and Port to connect to (interactive mode)" + >&2 echo " -t type Specify the certificate type" + >&2 echo " -q Don't print anything on the console" + >&2 echo " -v Specify a specific protocol version to use (tls, ssl2, ssl3)" + >&2 echo " -V Only print validation data" + >&2 echo " -x days Certificate expiration interval (eg. if cert_date < days)" + >&2 echo " -Z Print version" >&2 echo "" } @@ -449,7 +449,7 @@ check_gpg_key_status() { ################################# ### Start of main program ################################# -while getopts abc:e:f:g:hik:nqs:t:x:v:V option +while getopts abc:e:f:g:hik:nqs:t:x:v:VZ option do case "${option}" in @@ -499,6 +499,10 @@ do x) WARNDAYS=${OPTARG} ;; + Z) + echo '#VERSION#' + exit 0 + ;; *) usage exit 1 diff --git a/man.commons.in b/man.commons.in new file mode 100644 index 0000000..cc4cbe4 --- /dev/null +++ b/man.commons.in @@ -0,0 +1,30 @@ +[CONFIG] +\fB#ETCDIR#/crypt-expiry.checks\fP contains the information which certificates and keys to surveil. +Empty lines and lines starting with \fB#\fP are being ignored. +The following non-comment lines are understood: +.TP +.B "\fIfqdn\fP \fIport\fP" +surveil certificate of \fIhttps://fqdn:port\fP +.TP +.B "\fIemail-address\fP GPG" +surveil gpg key of \fIemail-address\fP +.TP +.B "\fIfile\fP FILE" +surveil certificate in \fIfile\fP +[FILES] +.TP +.B "#BINDIR#/crypt-expiry-check" +program file +.TP +.B "#ETCDIR#/crypt-expiry.checks" +contains keys to surveil +.TP +.B "#CRONDIR#/crypt-expiry-check.cron" +cronfile to initiate daily checks +[CONTRIBUTION] +Heavily based on \fBssl-cert-check\fP from \fBMatty < matty91 at gmail dot com >\fP. +The original source can be found here: \fBhttp://prefetch.net/code/ssl-cert-check\fP +[AUTHOR] +.nf +Erich Eckner +.fi -- cgit v1.2.3