165 lines
4.6 KiB
Bash
165 lines
4.6 KiB
Bash
#!/bin/bash
|
||
# =============================================================================
|
||
# Google Drive 認證監控與告警腳本
|
||
#
|
||
# 功能:
|
||
# 1. 監控 Google Drive API 認證狀態
|
||
# 2. 檢測 Token 過期或撤銷
|
||
# 3. 發送 Telegram 告警通知(需人工重新認證)
|
||
#
|
||
# 用法:
|
||
# 每 30 分鐘執行一次(透過 cron)
|
||
# */30 * * * * /home/wooo/scripts/google_drive_monitor.sh >> /var/log/google_drive_monitor.log 2>&1
|
||
#
|
||
# 注意:Google Drive OAuth Token 無法自動刷新,需要人工介入
|
||
#
|
||
# 作者:Claude Code
|
||
# 日期:2026-01-28
|
||
# =============================================================================
|
||
|
||
set -e
|
||
|
||
# =============================================================================
|
||
# 配置區
|
||
# =============================================================================
|
||
|
||
# API 端點
|
||
API_URL="https://mo.wooo.work/api/test_drive_connection"
|
||
|
||
# Telegram 配置
|
||
TELEGRAM_BOT_TOKEN="<TELEGRAM_BOT_TOKEN>"
|
||
TELEGRAM_CHAT_ID="5619078117"
|
||
|
||
# 超時設定(秒)
|
||
CURL_TIMEOUT=30
|
||
|
||
# 狀態檔案(避免重複告警)
|
||
STATE_FILE="/tmp/google_drive_monitor_state"
|
||
ALERT_COOLDOWN=3600 # 1 小時內不重複告警
|
||
|
||
# 日誌檔案
|
||
LOG_FILE="/var/log/google_drive_monitor.log"
|
||
|
||
# =============================================================================
|
||
# 函數定義
|
||
# =============================================================================
|
||
|
||
log() {
|
||
echo "[$(date '+%Y-%m-%d %H:%M:%S')] $1"
|
||
}
|
||
|
||
send_telegram() {
|
||
local message="$1"
|
||
curl -s -X POST "https://api.telegram.org/bot${TELEGRAM_BOT_TOKEN}/sendMessage" \
|
||
-d chat_id="${TELEGRAM_CHAT_ID}" \
|
||
-d text="${message}" \
|
||
-d parse_mode="HTML" \
|
||
> /dev/null 2>&1 || true
|
||
}
|
||
|
||
check_google_drive() {
|
||
# 測試 Google Drive API 連線
|
||
local response
|
||
response=$(curl -s --connect-timeout ${CURL_TIMEOUT} --max-time ${CURL_TIMEOUT} \
|
||
-X POST "${API_URL}" \
|
||
-H "Content-Type: application/json" \
|
||
-d '{}' 2>/dev/null || echo '{"success":false,"message":"Connection failed"}')
|
||
|
||
# 解析 JSON 回應
|
||
if echo "${response}" | grep -q '"success":true'; then
|
||
echo "healthy"
|
||
else
|
||
# 提取錯誤訊息
|
||
local error_msg
|
||
error_msg=$(echo "${response}" | grep -o '"message":"[^"]*"' | cut -d'"' -f4 || echo "Unknown error")
|
||
echo "unhealthy:${error_msg}"
|
||
fi
|
||
}
|
||
|
||
should_send_alert() {
|
||
# 檢查是否在冷卻期內
|
||
if [ -f "${STATE_FILE}" ]; then
|
||
local last_alert
|
||
last_alert=$(cat "${STATE_FILE}" 2>/dev/null || echo "0")
|
||
local now
|
||
now=$(date +%s)
|
||
local diff=$((now - last_alert))
|
||
|
||
if [ ${diff} -lt ${ALERT_COOLDOWN} ]; then
|
||
log "在冷卻期內 (${diff}s < ${ALERT_COOLDOWN}s),跳過告警"
|
||
return 1
|
||
fi
|
||
fi
|
||
return 0
|
||
}
|
||
|
||
record_alert_time() {
|
||
date +%s > "${STATE_FILE}"
|
||
}
|
||
|
||
clear_alert_state() {
|
||
rm -f "${STATE_FILE}"
|
||
}
|
||
|
||
# =============================================================================
|
||
# 主程式
|
||
# =============================================================================
|
||
|
||
main() {
|
||
log "========== 開始 Google Drive 認證檢查 =========="
|
||
|
||
# 檢查 Google Drive 認證狀態
|
||
local status
|
||
status=$(check_google_drive)
|
||
log "Google Drive 狀態: ${status}"
|
||
|
||
if [ "${status}" = "healthy" ]; then
|
||
log "Google Drive 認證正常"
|
||
# 清除告警狀態(恢復後可以再次告警)
|
||
clear_alert_state
|
||
log "========== 檢查完成 =========="
|
||
exit 0
|
||
fi
|
||
|
||
# 認證失敗,發送告警
|
||
local error_msg="${status#unhealthy:}"
|
||
log "Google Drive 認證失敗: ${error_msg}"
|
||
|
||
# 檢查是否需要發送告警
|
||
if should_send_alert; then
|
||
send_telegram "🔴 <b>Google Drive 認證失敗</b>
|
||
|
||
症狀: ${error_msg}
|
||
原因: OAuth Token 可能已過期或被撤銷
|
||
|
||
<b>需要人工處理:</b>
|
||
1. SSH 到本機開發環境
|
||
2. 執行重新認證:
|
||
<code>cd /Users/ogt/momo-pro-system
|
||
python3 -c \"
|
||
from services.google_drive_service import drive_service
|
||
import os
|
||
os.remove('config/google_token.pickle') if os.path.exists('config/google_token.pickle') else None
|
||
drive_service.authenticate()
|
||
\"</code>
|
||
|
||
3. 更新 Docker 容器:
|
||
<code>scp config/google_*.* wooo@192.168.0.110:/tmp/
|
||
ssh wooo@192.168.0.110 '
|
||
docker cp /tmp/google_credentials.json momo-pro-system:/app/config/
|
||
docker cp /tmp/google_token.pickle momo-pro-system:/app/config/
|
||
docker restart momo-pro-system momo-scheduler
|
||
'</code>
|
||
|
||
時間: $(date '+%Y-%m-%d %H:%M:%S')"
|
||
|
||
record_alert_time
|
||
log "已發送 Telegram 告警"
|
||
fi
|
||
|
||
log "========== 檢查完成 =========="
|
||
}
|
||
|
||
# 執行主程式
|
||
main "$@"
|