From 8074151300f7ad82fb83dab64d5472009c968913 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?C=C3=A9drix?= <cedric@abonnel.fr>
Date: Wed, 18 Mar 2026 08:06:25 +0100
Subject: [PATCH] ajout du script check_smart

---
 servers/linux/monitoring/bin/check_disk.sh    | 19 +++++-
 servers/linux/monitoring/bin/check_smart.sh   | 66 +++++++++++++++++++
 .../monitoring/bin/monitoring-update.php      | 49 ++++++++++++++
 3 files changed, 133 insertions(+), 1 deletion(-)
 create mode 100644 servers/linux/monitoring/bin/check_smart.sh

diff --git a/servers/linux/monitoring/bin/check_disk.sh b/servers/linux/monitoring/bin/check_disk.sh
index 25f6487..3c6a21a 100755
--- a/servers/linux/monitoring/bin/check_disk.sh
+++ b/servers/linux/monitoring/bin/check_disk.sh
@@ -37,4 +37,21 @@ for mount in "${MOUNTS[@]}"; do
     else
         $LOG_BIN INFO "disk_ok" "Disque $mount OK. $used_pct% utilisé."
     fi
-done
\ No newline at end of file
+done
+
+# --- 2. Étude des Inodes ---
+# df -i récupère l'utilisation des inodes
+inode_pct="$(df -iP "$mount" 2>/dev/null | awk 'NR==2 {gsub("%","",$5); print $5}')"
+
+if [[ ! "$inode_pct" =~ ^[0-9]+$ ]]; then
+    $LOG_BIN ERROR "check_failed" "Erreur lecture inodes $mount."
+    continue
+fi
+
+if [ "$inode_pct" -ge "$CRITICAL" ]; then
+    $LOG_BIN CRITICAL "inode_usage_critical" "Inodes $mount critiques ($inode_pct% utilisé)."
+elif [ "$inode_pct" -ge "$WARNING" ]; then
+    $LOG_BIN WARNING "inode_usage_high" "Inodes $mount élevés ($inode_pct% utilisé)."
+else
+    $LOG_BIN INFO "inode_ok" "Inodes $mount OK ($inode_pct% utilisé)."
+fi
\ No newline at end of file
diff --git a/servers/linux/monitoring/bin/check_smart.sh b/servers/linux/monitoring/bin/check_smart.sh
new file mode 100644
index 0000000..f0fa74e
--- /dev/null
+++ b/servers/linux/monitoring/bin/check_smart.sh
@@ -0,0 +1,66 @@
+#!/bin/bash
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+
+LOG_BIN="/opt/monitoring/bin/log-cli.php"
+
+# --- Vérification ROOT ---
+if [ "${EUID}" -ne 0 ]; then
+    echo "ERREUR : Ce script doit être exécuté en tant que root." >&2
+    $LOG_BIN ERROR "internal_error" "Tentative d'exécution sans privilèges root."
+    exit 1
+fi
+
+# --- Vérification et installation de smartctl ---
+if ! command -v smartctl >/dev/null 2>&1; then
+    # On tente l'installation (nécessite root, ce qui est le cas via cron)
+    if command -v apt-get >/dev/null 2>&1; then
+        apt-get update && apt-get install -y smartmontools
+    fi
+
+    # Re-vérification après tentative
+    if ! command -v smartctl >/dev/null 2>&1; then
+        $LOG_BIN ERROR "internal_error" "smartctl non trouvé et installation impossible."
+        exit 1
+    fi
+fi
+
+# On récupère les disques qui ont un transport physique (SATA, NVMe, USB)
+# Cela exclut d'office les /dev/mapper, /dev/dm-X, /dev/loopX
+DISKS=$(lsblk -dno NAME,TRAN | awk '$2!="" {print "/dev/"$1}')
+
+for disk in $DISKS; do
+    # Vérification : est-ce que smartctl peut lire ce périphérique ?
+    # --scan-open vérifie si le disque est capable de répondre
+    if ! smartctl -i "$disk" | grep -q "SMART support is: Enabled" 2>/dev/null; then
+        # On peut logguer en INFO que le disque est ignoré car non-SMART (ex: clé USB basique)
+        continue
+    fi
+
+    # 1. État de santé global
+    smart_output=$(smartctl -H "$disk" 2>/dev/null)
+    exit_code=$?
+
+    if [ $exit_code -ne 0 ]; then
+        $LOG_BIN CRITICAL "smart_health_bad" "État de santé PHYSIQUE CRITIQUE sur $disk"
+    else
+        # 2. Température
+        temp=$(smartctl -A "$disk" 2>/dev/null | awk '/Temperature_Celsius/ {print $10}' | head -n 1)
+        [ -z "$temp" ] && temp=$(smartctl -a "$disk" 2>/dev/null | awk '/Temperature:/ {print $2}' | head -n 1)
+
+        if [ -n "$temp" ]; then
+            if [ "$temp" -ge 60 ]; then
+                $LOG_BIN WARNING "disk_temp_high" "Surchauffe physique sur $disk : ${temp}°C"
+            fi
+        fi
+        $LOG_BIN INFO "smart_health_ok" "Disque physique $disk sain."
+    fi
+done
\ No newline at end of file
diff --git a/servers/linux/monitoring/bin/monitoring-update.php b/servers/linux/monitoring/bin/monitoring-update.php
index 3c8cb13..726d0b5 100755
--- a/servers/linux/monitoring/bin/monitoring-update.php
+++ b/servers/linux/monitoring/bin/monitoring-update.php
@@ -140,6 +140,54 @@ function update_one_file($expected_hash, $mode, $rel_path) {
     return false;
 }
 
+/**
+ * Vérifie et ajoute les tâches cron si elles sont absentes
+ */
+function ensure_crontab_entries() {
+    global $MONITORING_BASE_DIR;
+    
+    // Définition des tâches souhaitées (Format: "cron_schedule command")
+    $required_jobs = [
+        "*/5 * * * * php {$MONITORING_BASE_DIR}/bin/check_disk.php > /dev/null 2>&1",
+        "*/5 * * * * php {$MONITORING_BASE_DIR}/bin/check_ram.php > /dev/null 2>&1",
+        "10 3 * * * php {$MONITORING_BASE_DIR}/bin/monitoring-update.php > /dev/null 2>&1",
+        "* * * * * php {$MONITORING_BASE_DIR}/bin/alert-engine.php > /dev/null 2>&1"
+    ];
+
+    // Récupération du crontab actuel de root
+    $current_cron = shell_exec("crontab -l 2>/dev/null") ?: "";
+    $lines = explode("\n", trim($current_cron));
+    $updated = false;
+
+    foreach ($required_jobs as $job) {
+        // On extrait la commande sans les arguments de temps pour la recherche
+        // On cherche si le chemin du script est déjà présent
+        $script_path = explode(' ', $job)[5]; 
+        
+        $found = false;
+        foreach ($lines as $line) {
+            if (strpos($line, $script_path) !== false) {
+                $found = true;
+                break;
+            }
+        }
+
+        if (!$found) {
+            log_notice("cron_added", "Ajout d'une tâche au crontab", ["job" => $job]);
+            $lines[] = $job;
+            $updated = true;
+        }
+    }
+
+    if ($updated) {
+        // Réécriture du crontab
+        $tmp_cron = tempnam(sys_get_temp_dir(), 'cron');
+        file_put_contents($tmp_cron, implode("\n", $lines) . "\n");
+        exec("crontab " . escapeshellarg($tmp_cron));
+        unlink($tmp_cron);
+    }
+}
+
 /**
  * Suppression des fichiers obsolètes
  */
@@ -209,6 +257,7 @@ foreach ($manifest as $item) {
 
 delete_extra_files($remote_paths);
 run_local_conf_sync();
+ensure_crontab_entries();
 
 if ($failed > 0) {
     log_warning("update_finished_with_errors", "Mise à jour terminée avec erreurs", ["total=$total", "failed=$failed"]);