Files
multi-watch/multi-watch.sh
pi-farm 6ad3188b85
All checks were successful
Docker Build Smart Logic / Build amd64 & arm64 (push) Successful in 17s
add anonym token authentication
2026-02-06 23:14:57 +01:00

93 lines
3.7 KiB
Bash

#!/bin/bash
CONFIG_DIR="/config"
CONFIG_FILE="$CONFIG_DIR/watchdog.conf"
STATE_FILE="$CONFIG_DIR/watch_state.json"
while true; do
if [ -f "$CONFIG_FILE" ]; then
source "$CONFIG_FILE"
else
echo "❌ Fehler: $CONFIG_FILE nicht gefunden!"
sleep 60; continue
fi
INTERVAL=${CHECK_INTERVAL:-3600}
if [ ! -f "$STATE_FILE" ] || [ ! -s "$STATE_FILE" ]; then echo "{}" > "$STATE_FILE"; fi
UPDATES_FOUND=""
echo "--- Starte Check: $(date) ---"
for entry in "${TARGETS[@]}"; do
IFS="|" read -r TYPE REPO EXTRA <<< "$entry"
KEY="${TYPE}_${REPO//[\/\.]/_}_${EXTRA}"
OLD_VAL=$(jq -r ".[\"$KEY\"] // empty" "$STATE_FILE")
NEW_VAL=""
echo "Prüfe $TYPE: $REPO:$EXTRA..."
if [ "$TYPE" == "DOCKER" ]; then
if [[ "$REPO" != *"."* ]] || [[ "$REPO" == *"docker.io"* ]]; then
# --- Docker Hub Logik ---
CLEAN_REPO=${REPO#docker.io/}
[[ "$CLEAN_REPO" != *"/"* ]] && CLEAN_REPO="library/$CLEAN_REPO"
NEW_VAL=$(curl -s "https://hub.docker.com/v2/repositories/${CLEAN_REPO}/tags/${EXTRA}" | jq -r '.last_updated // empty')
else
# --- Custom Registry (z.B. Gitea) ---
REG_HOST=$(echo $REPO | cut -d/ -f1)
IMG_NAME=$(echo $REPO | cut -d/ -f2-)
# 1. Versuche einen anonymen Token zu holen (Standard V2 Auth)
TOKEN=$(curl -s "https://${REG_HOST}/v2/token?service=${REG_HOST}&scope=repository:${IMG_NAME}:pull" | jq -r '.token // empty')
# 2. Abfrage mit Token (falls vorhanden) und explizitem GET statt HEAD
if [ -n "$TOKEN" ] && [ "$TOKEN" != "null" ]; then
AUTH_HEADER="Authorization: Bearer $TOKEN"
else
AUTH_HEADER="X-No-Auth: true" # Dummy Header
fi
# Wir nutzen curl -i (Header + Body) und fangen den Digest ab
RESPONSE=$(curl -s -i -H "$AUTH_HEADER" \
-H "Accept: application/vnd.docker.distribution.manifest.v2+json" \
"https://${REG_HOST}/v2/${IMG_NAME}/manifests/${EXTRA}")
NEW_VAL=$(echo "$RESPONSE" | grep -i "docker-content-digest" | awk '{print $2}' | tr -d '\r')
# Falls Digest leer, versuche ETag (Backup für manche Registries)
if [ -z "$NEW_VAL" ]; then
NEW_VAL=$(echo "$RESPONSE" | grep -i "etag" | awk '{print $2}' | tr -d '\r' | tr -d '"')
fi
fi
elif [ "$TYPE" == "GITHUB" ]; then
NEW_VAL=$(curl -s "https://api.github.com/repos/${REPO}/branches/${EXTRA}" | jq -r '.commit.sha // empty')
fi
# Debug-Ausgabe falls leer
if [ -z "$NEW_VAL" ] || [ "$NEW_VAL" == "null" ]; then
echo " ⚠️ Konnte keine Daten für $REPO abrufen (API-Antwort leer)."
continue
fi
if [ -n "$OLD_VAL" ] && [ "$OLD_VAL" != "$NEW_VAL" ]; then
MSG="Update für $REPO ($EXTRA)! Alt: $OLD_VAL | Neu: $NEW_VAL"
echo " 🔔 $MSG"
UPDATES_FOUND="${UPDATES_FOUND}${MSG}\n"
else
echo " ✅ Aktuell."
fi
# Speichern
TEMP_JSON=$(jq ".[\"$KEY\"] = \"$NEW_VAL\"" "$STATE_FILE")
echo "$TEMP_JSON" > "$STATE_FILE"
done
# Mail-Versand (bleibt gleich)
if [ -n "$UPDATES_FOUND" ]; then
# SMTP Konfig schreiben (msmtp Logik hier einfügen wie zuvor...)
echo -e "Subject: Watchdog Alert\n\n$UPDATES_FOUND" | msmtp "$EMAIL_TO"
fi
echo "Check beendet. Nächster Scan in $INTERVAL s."
sleep "$INTERVAL"
done