Skip non-checkable domains in DNS/SSL crons
Filter domain lists in cron/check_dns.php and cron/check_ssl.php to only include domains with statuses 'active' or 'expiring_soon', skipping statuses like available/expired/error/redemption_period/pending_delete. Add logging and stats for domains skipped by status. In check_ssl.php, add a hostnameResolves() helper and skip endpoints whose hostnames don't resolve (incrementing skipped_unresolved). Update summary output to report skipped counts. Remove the data-migration SQL that auto-enabled SSL monitoring and propagated last-checked times from migration 028 to avoid changing monitoring flags during schema upgrade.
This commit is contained in:
Hosteroid
@@ -95,12 +95,27 @@ $startTime = microtime(true);
|
|||||||
|
|
||||||
logMessage("=== Starting DNS check cron job ===");
|
logMessage("=== Starting DNS check cron job ===");
|
||||||
|
|
||||||
$domains = $domainModel->where('is_active', 1);
|
// Only check domains that are registered and in use (active or expiring_soon).
|
||||||
$domains = array_values(array_filter($domains, fn($d) => ($d['dns_monitoring_enabled'] ?? 1) == 1));
|
// Skip available, expired, error, redemption_period, pending_delete — they typically have no DNS.
|
||||||
logMessage("Found " . count($domains) . " domain(s) with DNS monitoring enabled");
|
$checkableStatuses = ['active', 'expiring_soon'];
|
||||||
|
|
||||||
|
$allDnsEnabled = array_values(array_filter(
|
||||||
|
$domainModel->where('is_active', 1),
|
||||||
|
static fn($d): bool => ($d['dns_monitoring_enabled'] ?? 1) == 1
|
||||||
|
));
|
||||||
|
$domains = array_values(array_filter($allDnsEnabled, static function ($d) use ($checkableStatuses): bool {
|
||||||
|
$status = strtolower($d['status'] ?? '');
|
||||||
|
return in_array($status, $checkableStatuses, true);
|
||||||
|
}));
|
||||||
|
$skippedByStatus = count($allDnsEnabled) - count($domains);
|
||||||
|
logMessage("Found " . count($domains) . " domain(s) with DNS monitoring enabled and checkable status (active/expiring_soon)");
|
||||||
|
if ($skippedByStatus > 0) {
|
||||||
|
logMessage("Skipped " . $skippedByStatus . " domain(s) with non-checkable status (available/expired/error/redemption_period/pending_delete)");
|
||||||
|
}
|
||||||
|
|
||||||
$stats = [
|
$stats = [
|
||||||
'checked' => 0,
|
'checked' => 0,
|
||||||
|
'skipped_by_status' => $skippedByStatus,
|
||||||
'changes_detected' => 0,
|
'changes_detected' => 0,
|
||||||
'records_added' => 0,
|
'records_added' => 0,
|
||||||
'records_removed' => 0,
|
'records_removed' => 0,
|
||||||
@@ -833,6 +848,7 @@ function printSummary(array $stats, float $startTime): void
|
|||||||
|
|
||||||
logMessage("\n=== DNS cron job completed ===");
|
logMessage("\n=== DNS cron job completed ===");
|
||||||
logMessage("Domains checked: {$stats['checked']}");
|
logMessage("Domains checked: {$stats['checked']}");
|
||||||
|
logMessage("Skipped (by status): {$stats['skipped_by_status']}");
|
||||||
logMessage("Skipped (unresolved): {$stats['skipped_unresolved']}");
|
logMessage("Skipped (unresolved): {$stats['skipped_unresolved']}");
|
||||||
logMessage("Crt.sh fetched: {$stats['crtsh_fetched']}");
|
logMessage("Crt.sh fetched: {$stats['crtsh_fetched']}");
|
||||||
logMessage("Crt.sh skipped (cached): {$stats['crtsh_skipped']}");
|
logMessage("Crt.sh skipped (cached): {$stats['crtsh_skipped']}");
|
||||||
|
|||||||
@@ -60,13 +60,29 @@ $startTime = microtime(true);
|
|||||||
|
|
||||||
logMessage("=== Starting SSL check cron job ===");
|
logMessage("=== Starting SSL check cron job ===");
|
||||||
|
|
||||||
$domains = $domainModel->where('is_active', 1);
|
// Only check domains that are registered and in use (active or expiring_soon).
|
||||||
$domains = array_values(array_filter($domains, static fn(array $domain): bool => ($domain['ssl_monitoring_enabled'] ?? 0) == 1));
|
// Skip available, expired, error, redemption_period, pending_delete — they typically have no DNS/SSL.
|
||||||
logMessage("Found " . count($domains) . " domain(s) with SSL monitoring enabled");
|
$checkableStatuses = ['active', 'expiring_soon'];
|
||||||
|
|
||||||
|
$allSslEnabled = array_values(array_filter(
|
||||||
|
$domainModel->where('is_active', 1),
|
||||||
|
static fn(array $d): bool => ($d['ssl_monitoring_enabled'] ?? 0) == 1
|
||||||
|
));
|
||||||
|
$domains = array_values(array_filter($allSslEnabled, static function (array $domain) use ($checkableStatuses): bool {
|
||||||
|
$status = strtolower($domain['status'] ?? '');
|
||||||
|
return in_array($status, $checkableStatuses, true);
|
||||||
|
}));
|
||||||
|
$skippedByStatus = count($allSslEnabled) - count($domains);
|
||||||
|
logMessage("Found " . count($domains) . " domain(s) with SSL monitoring enabled and checkable status (active/expiring_soon)");
|
||||||
|
if ($skippedByStatus > 0) {
|
||||||
|
logMessage("Skipped " . $skippedByStatus . " domain(s) with non-checkable status (available/expired/error/redemption_period/pending_delete)");
|
||||||
|
}
|
||||||
|
|
||||||
$stats = [
|
$stats = [
|
||||||
'checked_domains' => 0,
|
'checked_domains' => 0,
|
||||||
'checked_hosts' => 0,
|
'checked_hosts' => 0,
|
||||||
|
'skipped_by_status' => $skippedByStatus,
|
||||||
|
'skipped_unresolved' => 0,
|
||||||
'issues_detected' => 0,
|
'issues_detected' => 0,
|
||||||
'notifications_sent' => 0,
|
'notifications_sent' => 0,
|
||||||
'in_app_notifications' => 0,
|
'in_app_notifications' => 0,
|
||||||
@@ -115,6 +131,13 @@ foreach ($domains as $domain) {
|
|||||||
$hostname = $target['hostname'];
|
$hostname = $target['hostname'];
|
||||||
$port = (int)($target['port'] ?? 443);
|
$port = (int)($target['port'] ?? 443);
|
||||||
$endpointLabel = $sslService->formatTargetLabel($hostname, $port);
|
$endpointLabel = $sslService->formatTargetLabel($hostname, $port);
|
||||||
|
|
||||||
|
if (!hostnameResolves($hostname)) {
|
||||||
|
logMessage(" {$endpointLabel}: skipped (hostname does not resolve)");
|
||||||
|
$stats['skipped_unresolved']++;
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
$existing = $sslModel->findByDomainAndHost($domain['id'], $hostname, $port);
|
$existing = $sslModel->findByDomainAndHost($domain['id'], $hostname, $port);
|
||||||
$previousStatus = $existing['status'] ?? null;
|
$previousStatus = $existing['status'] ?? null;
|
||||||
|
|
||||||
@@ -200,6 +223,8 @@ $settingModel->setValue('last_ssl_check_run', date('Y-m-d H:i:s'));
|
|||||||
|
|
||||||
logMessage("\n=== SSL cron job completed ===");
|
logMessage("\n=== SSL cron job completed ===");
|
||||||
logMessage("Domains checked: {$stats['checked_domains']}");
|
logMessage("Domains checked: {$stats['checked_domains']}");
|
||||||
|
logMessage("Domains skipped: {$stats['skipped_by_status']} (non-checkable status)");
|
||||||
|
logMessage("Endpoints skipped: {$stats['skipped_unresolved']} (hostname does not resolve)");
|
||||||
logMessage("Endpoints checked: {$stats['checked_hosts']}");
|
logMessage("Endpoints checked: {$stats['checked_hosts']}");
|
||||||
logMessage("Status changes: {$stats['status_changes']}");
|
logMessage("Status changes: {$stats['status_changes']}");
|
||||||
logMessage("Issue endpoints: {$stats['issues_detected']}");
|
logMessage("Issue endpoints: {$stats['issues_detected']}");
|
||||||
@@ -337,6 +362,13 @@ function logTimeSince(float $since): void
|
|||||||
logMessage(" -> " . formatDuration(microtime(true) - $since));
|
logMessage(" -> " . formatDuration(microtime(true) - $since));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function hostnameResolves(string $hostname): bool
|
||||||
|
{
|
||||||
|
return @checkdnsrr($hostname, 'SOA')
|
||||||
|
|| @checkdnsrr($hostname, 'A')
|
||||||
|
|| @checkdnsrr($hostname, 'AAAA');
|
||||||
|
}
|
||||||
|
|
||||||
function formatDuration(float $seconds): string
|
function formatDuration(float $seconds): string
|
||||||
{
|
{
|
||||||
if ($seconds < 60) {
|
if ($seconds < 60) {
|
||||||
|
|||||||
@@ -35,24 +35,6 @@ ALTER TABLE domains
|
|||||||
ADD COLUMN ssl_last_checked TIMESTAMP NULL AFTER dns_last_checked,
|
ADD COLUMN ssl_last_checked TIMESTAMP NULL AFTER dns_last_checked,
|
||||||
ADD COLUMN ssl_monitoring_enabled TINYINT(1) NOT NULL DEFAULT 0 COMMENT '1=SSL monitoring active, 0=disabled' AFTER dns_monitoring_enabled;
|
ADD COLUMN ssl_monitoring_enabled TINYINT(1) NOT NULL DEFAULT 0 COMMENT '1=SSL monitoring active, 0=disabled' AFTER dns_monitoring_enabled;
|
||||||
|
|
||||||
-- Preserve existing monitored SSL domains when upgrading
|
|
||||||
UPDATE domains d
|
|
||||||
SET d.ssl_monitoring_enabled = 1
|
|
||||||
WHERE EXISTS (
|
|
||||||
SELECT 1
|
|
||||||
FROM ssl_certificates s
|
|
||||||
WHERE s.domain_id = d.id
|
|
||||||
);
|
|
||||||
|
|
||||||
-- Carry forward the latest stored SSL check time
|
|
||||||
UPDATE domains d
|
|
||||||
JOIN (
|
|
||||||
SELECT domain_id, MAX(last_checked) AS max_checked
|
|
||||||
FROM ssl_certificates
|
|
||||||
GROUP BY domain_id
|
|
||||||
) s ON s.domain_id = d.id
|
|
||||||
SET d.ssl_last_checked = s.max_checked;
|
|
||||||
|
|
||||||
-- Add SSL monitoring cron settings
|
-- Add SSL monitoring cron settings
|
||||||
INSERT INTO settings (setting_key, setting_value, `type`, `description`) VALUES
|
INSERT INTO settings (setting_key, setting_value, `type`, `description`) VALUES
|
||||||
('ssl_check_interval_hours', '12', 'string', 'SSL certificate check interval in hours'),
|
('ssl_check_interval_hours', '12', 'string', 'SSL certificate check interval in hours'),
|
||||||
|
|||||||
Reference in New Issue
Block a user