Database
- Do daily backup.
- Make sure backup be compressed.
- Name the backup properly, with pattern like
{project}_{environment}_{db_identifier}_$(date +%Y-%m-%d_%H-%M-%S).sql.gz. - Use cloud storage to store the backup and encrypt the backup before sending to remote server.
- Make sure backup can be decompressed / decrypted.
- Make sure backup can be loaded back to database.
SSL Certificate Check and Validation
DOMAIN="sunsong.org"
docker run -ti \
-v $(pwd)/testssl:/output \
-w /output drwetter/testssl.sh \
--jsonfile /output/$DOMAIN \
https://$DOMAIN
# Save this file to `notify.py`
#!/usr/bin/python
# -*- coding: utf-8 -*-
import json
import requests
import os
import sys
from datetime import datetime
# "https://hooks.slack.com/services/T0XXXXXXXX/XXXXXXXXX/XXXXXXXXXXXXXXXXXXXXXXXX"
slack_webhook = os.environ["WEBHOOK_URL"]
def main():
output = sys.stdin.read()
output_json = json.loads(output)
for i in output_json:
if i["id"] == "cert_expirationStatus" and i["severity"] != "OK":
print(str(datetime.now()), i)
requests.post(
url=slack_webhook,
json={
"channel": "#monitoring-tick",
"text": "%s" % str(i),
},
)
if __name__ == "__main__":
main()
export WEBHOOK_URL="https://hooks.slack.com/services/T0XXXXXXXX/XXXXXXXXX/XXXXXXXXXXXXXXXXXXXXXXXX"
cat $(pwd)/testssl/$DOMAIN | python notify.py