#!/usr/bin/env bash if [ "$EUID" -ne 0 ]; then echo "Please run as root" exit 1 fi HOSTNAME=$(hostname) TMPDIR=/tmp/$(hostname)-$(date +"%d-%m-%Y_%H:%M") MIT="/srv/mitigator" DATE=$(date '+%Y%m%d_%H%M%S') DELIMITER="" trap "rm -rf $TMPDIR" EXIT test -d $MIT if [ $? -eq 0 ]; then cd $MIT else echo -e "\033[31mCan't find /srv/mitigator directory! \033[0m" exit 1 fi echo "-------------------------------Copying current MITIGATOR configuration files------------------------" mkdir $TMPDIR ls -lah $MIT > $TMPDIR/ls.txt test -f $MIT/dataplane.conf && cp $MIT/dataplane.conf $TMPDIR/dataplane.conf test -f $MIT/data-plane.conf && cp $MIT/data-plane.conf $TMPDIR/data-plane.conf test -f $MIT/vpn-public.conf && cp $MIT/vpn-public.conf $TMPDIR/vpn-public.conf test -f $MIT/vpn-private.conf && sed -e 's/^\(PrivateKey\)\s*=\s*\(.\{4\}\).*/\1 = \2... (REDACTED)/' <$MIT/vpn-private.conf >$TMPDIR/vpn-private.conf test -f /var/lib/docker/volumes/mitigator_own_id/_data/own_id.conf && cp /var/lib/docker/volumes/mitigator_own_id/_data/own_id.conf $TMPDIR/own_id.conf test -f /etc/docker/daemon.json && cp /etc/docker/daemon.json $TMPDIR/daemon.json test -f /root/.docker/config.json && sed -e 's/"auth":.*/"auth": *******/g' /root/.docker/config.json > $TMPDIR/config.json test -f $MIT/.env && cp $MIT/.env $TMPDIR/env.txt test -f /etc/default/grub && cp /etc/default/grub $TMPDIR/grub.txt test -f /etc/systemd/system/mitigator.service.d/nics.conf && cp /etc/systemd/system/mitigator.service.d/nics.conf $TMPDIR/nics.conf find $MIT -type f -name '*.yml' -exec cp {} $TMPDIR/ \; echo -e "\033[32mAll needed files was copied \033[0m" echo "-------------------------------Getting state and logs of docker containers-------------------------" # Redirect file descriptor "3" in location file descriptor "2" in standard STDOUT on monitor. exec 3>&2 # Redirect all STDERR in file exec 2>$TMPDIR/docker-compose_errors.txt docker-compose ps -a > $TMPDIR/docker_compose_ps.txt for service in $(docker-compose ps -a --services) do if [ "$service" == 'backend' ]; then echo "Copying $service logs" docker-compose logs --no-color --timestamps $service > $TMPDIR/LOGS_$service.txt else echo "Copying $service logs" docker-compose logs --no-color --timestamps --tail=30000 $service > $TMPDIR/LOGS_$service.txt fi done echo "\copy (select * from backend.journals order by id desc limit 1000) to /tmp/journal.txt;" | docker-compose exec -T postgres psql mitigator docker cp $(docker-compose ps -q postgres):/tmp/journal.txt $TMPDIR/journal.txt docker exec $(docker-compose ps -q postgres ) rm /tmp/journal.txt echo "\copy (select * from backend.instances LEFT JOIN backend.leader USING (id)) to /tmp/instances.txt;" | docker-compose exec -T postgres psql mitigator docker cp $(docker-compose ps -q postgres):/tmp/instances.txt $TMPDIR/instances.txt docker exec $(docker-compose ps -q postgres) rm /tmp/instances.txt echo "\copy (select * from pg_stat_activity) to /tmp/pg_stat_activity.csv With CSV DELIMITER ',' HEADER;" | docker-compose exec -T postgres psql mitigator docker cp $(docker-compose ps -q postgres):/tmp/pg_stat_activity.csv $TMPDIR/pg_stat_activity.csv docker exec $(docker-compose ps -q postgres) rm /tmp/pg_stat_activity.csv for ports in $(nsenter -t "$(docker inspect -f '{{ .State.Pid }}' $(docker-compose ps -q dataplane))" \ -n curl --noproxy '*' -s http://127.0.0.1:8889/info \ | grep name: \ | awk '{ print substr($2, 2, length($2) - 2) }'); do nsenter -t "$(docker inspect -f '{{ .State.Pid }}' $(docker-compose ps -q dataplane))" \ -n curl \ --noproxy '*' \ -s http://127.0.0.1:8889/$ports/stats \ > $TMPDIR/DATAPLANE_STATS_$ports.txt done echo "Collecting inspect files of all containers" for inspect in $(docker ps --format "{{.Names}}") do docker inspect $inspect > $TMPDIR/INSPECT_$inspect.json done echo -e "\x1dclose\x0d" | nsenter -n -t "$(docker inspect -f '{{ .State.Pid }}' $(docker-compose ps -q backend))" telnet ls.mitigator.ru 443 > $TMPDIR/ls_host.txt 2>/dev/null echo -e "\x1dclose\x0d" | nsenter -n -t "$(docker inspect -f '{{ .State.Pid }}' $(docker-compose ps -q backend))" telnet 109.232.248.251 443 > $TMPDIR/ls_ip.txt 2>/dev/null echo -e "\033[32mGetting state of containers was successful \033[0m" # Came back STDERR in STDOUT on monitor exec 2>&3 echo "-------------------------------Collect ethernet interfaces information------------------------------" which lshw 2>&1 > /dev/null if [ $? -eq 0 ]; then lshw -class network > $TMPDIR/NETWORK_lshw.txt 2>/dev/null else echo -e "\033[31mAttention, the utility lshw not installed, if necessary, install and run the script again \033[0m" fi which ethtool 2>&1 > /dev/null if [ $? -eq 0 ]; then for interfaces in $(ip -o link show | awk -F': ' '{print $2}') do echo "Copying information of $interfaces state" ethtool -i $interfaces > $TMPDIR/NETWORK_$interfaces.txt 2>/dev/null done echo -e "\033[32mCollection was successful \033[0m" else echo -e "\033[31mAttention, the utility ethtool not installed, if necessary, install and run the script again \033[0m" fi echo "-------------------------------Copying current information of system state--------------------------" which curl 2>&1 > /dev/null if [ $? -eq 0 ]; then # Redirect all STDERR in file exec 2>>$TMPDIR/docker-compose_errors.txt nsenter -n -t "$(docker inspect -f '{{ .State.Pid }}' $(docker-compose ps -q dataplane))" curl --noproxy '*' -s http://127.0.0.1:8889/settings > $TMPDIR/DATAPLANE_settings.txt nsenter -n -t "$(docker inspect -f '{{ .State.Pid }}' $(docker-compose ps -q dataplane))" curl --noproxy '*' -s http://127.0.0.1:8889/info > $TMPDIR/DATAPLANE_info.txt else echo -e "\033[31mAttention, install curl and run this script again \033[0m" fi dpdk-devbind -s > $TMPDIR/dpdk-devbind.txt 2>/dev/null df -ih > $TMPDIR/df_inodes.txt df -h > $TMPDIR/df.txt free -h > $TMPDIR/free.txt ps aux > $TMPDIR/ps.txt dmesg -T > $TMPDIR/dmesg.txt lscpu > $TMPDIR/lscpu.txt lspci > $TMPDIR/lspci.txt lsmod > $TMPDIR/lsmod.txt uname -a > $TMPDIR/uname.txt uptime > $TMPDIR/uptime.txt cat /etc/issue > $TMPDIR/issue.txt cat /etc/*release > $TMPDIR/release.txt docker ps -a --no-trunc > $TMPDIR/docker_ps.txt docker system df -v > $TMPDIR/docker_df.txt ip a > $TMPDIR/ip_a.txt ip r > $TMPDIR/ip_r.txt ip neigh > $TMPDIR/ip_neigh.txt docker version > $TMPDIR/docker_version.txt docker images > $TMPDIR/docker_images.txt docker events --since '24h' --until '1s' >$TMPDIR/docker_events.txt docker stats --no-stream > $TMPDIR/docker_stats.txt docker-compose config > $TMPDIR/docker_compose_config.txt docker-compose version > $TMPDIR/docker_compose_version.txt nsenter -n -t "$(docker inspect -f '{{ .State.Pid }}' $(docker-compose ps -q gateway))" wg > $TMPDIR/docker_exec_gateway_wg.txt # Came back STDERR in STDOUT on monitor exec 2>&3 cat /proc/meminfo > $TMPDIR/meminfo.txt date > $TMPDIR/date.txt cat /etc/modules > $TMPDIR/modules.txt cat /etc/debian_version > $TMPDIR/debian_version.txt 2>/dev/null top -b -n 1 > $TMPDIR/top.txt echo -e "\033[32mCopying was successful \033[0m" echo $DELIMITER echo "--------------------------------Creating the final archive------------------------------------------" tar -czf $MIT/support_archive_$HOSTNAME-$DATE.tgz $TMPDIR/* 2>/dev/null echo -e "\033[32mDone. The archive located here:\033[33m /srv/mitigator/support_archive_$HOSTNAME-$DATE.tgz \033[0m"