[BALUG-Admin] Weekly cron job to check on BayCon's nameservers

[Rick Moen]

Having felt sheepish about the lazy design/implementation of my
domain-checking scripts, I figured I'd start small, by rewriting
/etc/cron.weekly/baycondomain to be iota more sophisticated.

This was a profoundly primitive script that just reported back (via
e-mail) current parent-zone SOA serial numbers of domain baycon.org at
its pair of authoritative nameservers -- so I can vgrep and see if they
disagree, or if one or both of them don't answer.  It was a
quick'n'dirty job from 2011, only now revisited.

It's now a _little_ less dumb.  Output presentation is meh at best.
Also, its continued hard-coding quantity and FQDNs of the auth.
nameservers is regrettable, and could be eliminated by revising the
thing more, to generalise it.  Ditto the continued hardcoded name of the
domain being checked.

Still, as the late Adam Osborne used to say, "Adequacy is sufficient."


----- begin cron script -----

#!/bin/sh

# baycondomain  Cron script to sanity-check the BayCon domain's SOA records at
#               all of its authoritative nameservers, as a quick and 
#               dirty way of making sure (1) they're all online and
#               (2) they're all serving up the same data (or at least
#               data with the same zonefile serial number).
#  
#               The script queries all nameservers for their current
#               SOA value (for baycon.org), and then uses awk to parse 
#               out of that verbose record just the S/N field, which is 
#               field #3.  The point is that you can visually spot offline 
#               or aberrant nameservers by their S/Ns being (respectively) 
#               missing or an out-of-step value.
#
#		Written by Rick Moen (rick@linuxmafia.com)
#               $Id: cron.weekly,v 1.02 2023/09/14 22:04:55 rick

set -o errexit  #aka "set -e": exit if any line returns non-true value
set -o nounset  #aka "set -u": exit upon finding an uninitialised variable

test -x /usr/bin/mail || exit 0

{
ns1soa=$(dig @NS1.BLUEHOST.COM. baycon.org. soa +short | awk {'print $3'})
ns2soa=$(dig @NS2.BLUEHOST.COM. baycon.org. soa +short | awk {'print $3'})
( [ "${ns1soa:=nonresponding}" = "${ns2soa:=nonresponding}" ] )  \
&& echo "ns1.bluehost.com and ns2.bluehost.com agree on: $ns1soa" \
|| echo "ns1.bluehost.com says $ns1soa, but ns2.bluehost.com is a rebel and says $ns2soa"
} |
/usr/bin/mail -s "Domain baycon.org SOA check" rick@linuxmafia.com


----- end cron script -----
----- Forwarded message from root <root@linuxmafia.com> -----

Date: Sun, 17 Sep 2023 06:47:01 -0700
From: root <root@linuxmafia.com>
To: rick@linuxmafia.com
Subject: Domain baycon.org SOA check

ns1.bluehost.com and ns2.bluehost.com agree on: 2023082800

----- End forwarded message -----