verify dns script

mkol5222 · mkol5222 · commit 4405460d9560 · 2024-03-09T09:38:59.000+01:00
diff --git a/README.md b/README.md
@@ -29,28 +29,13 @@ microk8s status --wait-ready
 #
 #
 MY_EMAIL_ADDRESS="someone@somewhere.net" # REPLACE - used for Let's Encrypt
-APPSEC_TOKEN=cp-67c2... # REPLACE WITH REAL TOKEN from Infinity Portal - Docker simple MANAGED profile token
+# REPLACE WITH REAL TOKEN from Infinity Portal - Docker simple MANAGED profile token
+APPSEC_TOKEN=cp-67c2... 
 APPSEC_HOSTNAME=appsec1493.klaud.online # REPLACE
 
-# prepare DNS
-function verifyDns {
-    sudo resolvectl flush-caches 
-    VMPUBLICIP=$(curl -s ip.iol.cz/ip/)
-    DNSIP=$(dig +short $APPSEC_HOSTNAME)
-    echo "Checking that DNS recort for $APPSEC_HOSTNAME points to $VMPUBLICIP"
-    if [ "$VMPUBLICIP" == "$DNSIP" ]; then
-        echo "Success: DNS points to this VM."
-    else
-        if [ -z "$DNSIP" ]; then
-            echo "DNS record not defined"
-        else
-            echo "DNS record points to ***wrong*** IP: $DNSIP"
-        fi
-        echo "Failed: please setup DNS record for $APPSEC_HOSTNAME"
-    fi 
-}
-# run (and rerun after DNS changes)
-verifyDns
+# prepare DNS record for the service
+# check DNS util properly configured
+verify-dns
 
 # ready to install
 helm install appsec https://github.com/mkol5222/appsec-chart/releases/download/appsec-0.1.1/appsec-0.1.1.tgz --set cptoken=$APPSEC_TOKEN --set hostname=$APPSEC_HOSTNAME --set letsencrypt.email=$MY_EMAIL_ADDRESS
diff --git a/cloud-init.yml b/cloud-init.yml
@@ -31,5 +31,24 @@ write_files:
       alias k='kubectl'
       alias h='helm'  
     append: true
+  - path: /usr/local/bin/verify-dns
+    content: |
+      #!/bin/bash
+      # Verify DNS resolution
+      sudo resolvectl flush-caches 
+      VMPUBLICIP=$(curl -s ip.iol.cz/ip/)
+      DNSIP=$(dig +short $APPSEC_HOSTNAME)
+      echo "Checking that DNS recort for $APPSEC_HOSTNAME points to $VMPUBLICIP"
+      if [ "$VMPUBLICIP" == "$DNSIP" ]; then
+          echo "SUCCESS: DNS points to this VM."
+      else
+          if [ -z "$DNSIP" ]; then
+              echo "DNS record not defined. Create: $APPSEC_HOSTNAME IN A $VMPUBLICIP"
+          else
+              echo "DNS record points to ***wrong*** IP: $DNSIP, but it should be $VMPUBLICIP"
+          fi
+          echo "!!! FAILED !!!: please setup DNS record for $APPSEC_HOSTNAME"
+      fi 
+    permissions: '0755'
 
 final_message: "The system is finally up, after $UPTIME seconds"
