Kapisi/roles/Sharingan/files/monit/scripts/check-domain

#!/bin/bash

source /opt/aninix/Uniglot/Bash/dns.bash

domain="$1"

function checkTLSA() {
    ### Usage: $0 "${domain}" tlsa _443._tcp
    identity="$1"
    git diff --no-index <(GenerateTLSA "${identity}" | sed 's/\s\+//g' | tr '[[:upper:]]' '[[:lower:]]' | sort) <(dig _443._tcp."${domain}" TLSA +short | sed 's/\s\+//g' | tr '[[:upper:]]' '[[:lower:]]' | sort)

}

function checkSSHFP() {
    git diff --no-index <(GenerateSSHFP | sed 's/\s\+//g' | tr '[[:upper:]]' '[[:lower:]]' | sort) <(dig "${domain}" SSHFP +short | sed 's/\s\+//g' | tr '[[:upper:]]' '[[:lower:]]' | sort)
}

function checkCAA() {
    ### Usage: $0 "${domain}" caa
    caa="$(dig "${domain}" CAA +short)"
    if [ "$caa" != '128 issue "letsencrypt.org"' ]; then
        exit 1
    else
        exit 0
    fi
}

case "$2" in
  "tlsa") checkTLSA "$3" ;;
  "sshfp") checkSSHFP ;;
  "caa") checkCAA ;;
esac
Adding domain monitoring for TLSA/SSHFP/CAA records 2025-12-18 14:43:13 -06:00			`#!/bin/bash`

			`source /opt/aninix/Uniglot/Bash/dns.bash`

			`domain="$1"`

			`function checkTLSA() {`
			`### Usage: $0 "${domain}" tlsa _443._tcp`
			`identity="$1"`
			`git diff --no-index <(GenerateTLSA "${identity}" \| sed 's/\s\+//g' \| tr '[[:upper:]]' '[[:lower:]]' \| sort) <(dig _443._tcp."${domain}" TLSA +short \| sed 's/\s\+//g' \| tr '[[:upper:]]' '[[:lower:]]' \| sort)`

			`}`

			`function checkSSHFP() {`
			`git diff --no-index <(GenerateSSHFP \| sed 's/\s\+//g' \| tr '[[:upper:]]' '[[:lower:]]' \| sort) <(dig "${domain}" SSHFP +short \| sed 's/\s\+//g' \| tr '[[:upper:]]' '[[:lower:]]' \| sort)`
			`}`

			`function checkCAA() {`
			`### Usage: $0 "${domain}" caa`
			`caa="$(dig "${domain}" CAA +short)"`
			`if [ "$caa" != '128 issue "letsencrypt.org"' ]; then`
			`exit 1`
			`else`
			`exit 0`
			`fi`
			`}`

			`case "$2" in`
			`"tlsa") checkTLSA "$3" ;;`
			`"sshfp") checkSSHFP ;;`
			`"caa") checkCAA ;;`
			`esac`