Allow Disk1 NTFS posture transition
This commit is contained in:
@@ -74,7 +74,7 @@ Secret-Werte sind nicht enthalten. Es werden nur Secret-Namen, Env-Key-Namen und
|
||||
|
||||
| Service | Zweck | Autoritativer Pfad | URL / Zugang | Abhaengigkeiten | Datenpfade | Backup / Restore | Traefik | Besonderheiten / TODOs |
|
||||
|---|---|---|---|---|---|---|---|---|
|
||||
| `posture-check` | Host-Posture-Audit fuer Filesystem, Mover-Drift, NVMe-SMART und Fuellstand | `services/posture-check/posture-check.sh` | Unraid User-Script / Cron / Borg Pre-Hook | `findmnt`, `df`, `nvme`, optional `curl` fuer ntfy | `/mnt/user/services/posture-check/last.json` | Repo-Skript + letzter JSON-Status | nein | Muss auf dem Unraid-Host bei Boot, stuendlich und vor Borg laufen; Warning/Critical alarmieren via ntfy |
|
||||
| `posture-check` | Host-Posture-Audit fuer Filesystem, Mover-Drift, NVMe-SMART und Fuellstand | `services/posture-check/posture-check.sh` | Unraid User-Script / Cron / Borg Pre-Hook | `findmnt`, `df`, `nvme`, optional `curl` fuer ntfy | `/mnt/user/services/posture-check/last.json` | Repo-Skript + letzter JSON-Status | nein | Muss auf dem Unraid-Host bei Boot, stuendlich und vor Borg laufen; `ALLOW_DISK1_NTFS=1` ist die dokumentierte Uebergangsausnahme bis Disk1-Migration Phase 2; Warning/Critical alarmieren via ntfy |
|
||||
|
||||
## Backup- und Restore-Hinweise
|
||||
|
||||
|
||||
@@ -7,6 +7,7 @@ WARNING_TOPIC="${WARNING_TOPIC:-kallilab-warning}"
|
||||
CRITICAL_TOPIC="${CRITICAL_TOPIC:-kallilab-critical}"
|
||||
SEND_NTFY="${SEND_NTFY:-1}"
|
||||
TMP_DIR="${TMP_DIR:-/tmp/kallilab-posture-check}"
|
||||
ALLOW_DISK1_NTFS="${ALLOW_DISK1_NTFS:-1}"
|
||||
|
||||
mkdir -p "$TMP_DIR"
|
||||
RESULTS_FILE="$TMP_DIR/results.$$"
|
||||
@@ -64,15 +65,22 @@ check_fstype() {
|
||||
|
||||
check_no_ntfs_on_core_mounts() {
|
||||
local hits
|
||||
local pattern="^/mnt/(cache|disk1)(/|$)"
|
||||
|
||||
if ! command -v findmnt >/dev/null 2>&1; then
|
||||
add_result "warning" "no_ntfs_core_mounts" "Cannot check NTFS mounts because findmnt is missing"
|
||||
return
|
||||
fi
|
||||
|
||||
hits="$(findmnt -rn -o TARGET,FSTYPE 2>/dev/null | awk '$1 ~ "^/mnt/(cache|disk1)(/|$)" && ($2 == "ntfs3" || $2 == "fuseblk") { print $1 ":" $2 }' | paste -sd ',' -)"
|
||||
if [ "$ALLOW_DISK1_NTFS" = "1" ]; then
|
||||
pattern="^/mnt/cache(/|$)"
|
||||
fi
|
||||
|
||||
hits="$(findmnt -rn -o TARGET,FSTYPE 2>/dev/null | awk -v pattern="$pattern" '$1 ~ pattern && ($2 == "ntfs3" || $2 == "fuseblk") { print $1 ":" $2 }' | paste -sd ',' -)"
|
||||
if [ -n "$hits" ]; then
|
||||
add_result "critical" "no_ntfs_core_mounts" "NTFS-like filesystem on core mount: $hits"
|
||||
elif [ "$ALLOW_DISK1_NTFS" = "1" ]; then
|
||||
add_result "warning" "no_ntfs_core_mounts" "No NTFS on /mnt/cache; /mnt/disk1 NTFS is temporarily allowed until Disk1 phase 2 migration"
|
||||
else
|
||||
add_result "ok" "no_ntfs_core_mounts" "No ntfs3/fuseblk mounts below /mnt/cache or /mnt/disk1"
|
||||
fi
|
||||
@@ -102,6 +110,10 @@ check_inode_usage() {
|
||||
add_result "warning" "$name" "Cannot read inode usage for $path"
|
||||
return
|
||||
fi
|
||||
if ! printf '%s' "$use_percent" | grep -Eq '^[0-9]+$'; then
|
||||
add_result "warning" "$name" "$path inode usage unavailable (${use_percent:-unknown})"
|
||||
return
|
||||
fi
|
||||
|
||||
if [ "$use_percent" -lt "$max_percent" ]; then
|
||||
add_result "ok" "$name" "$path inode usage ${use_percent}%"
|
||||
@@ -246,7 +258,11 @@ main() {
|
||||
need_cmd awk || true
|
||||
|
||||
check_fstype "/mnt/cache" "xfs" "critical" "cache_fstype"
|
||||
if [ "$ALLOW_DISK1_NTFS" = "1" ]; then
|
||||
check_fstype "/mnt/disk1" "ntfs3" "warning" "disk1_fstype"
|
||||
else
|
||||
check_fstype "/mnt/disk1" "xfs" "critical" "disk1_fstype"
|
||||
fi
|
||||
check_no_ntfs_on_core_mounts
|
||||
check_mover_drift
|
||||
check_inode_usage "/mnt/cache" 80 "cache_inode_usage"
|
||||
|
||||
Reference in New Issue
Block a user