lilith-platform.live/deployments/@domains/quinn.data/scripts/analytics-alert-notify.sh
2026-06-10 14:58:14 -07:00

57 lines
2.2 KiB
Bash
Executable file

#!/usr/bin/env bash
# =============================================================================
# analytics-alert-notify.sh — OnFailure= notifier for analytics watchdog units.
#
# Usage: analytics-alert-notify.sh <failed-unit-name>
#
# Sends an iMessage to Quinn's self-talk number via the mac-sync admin API on
# black (:3201) — the same enqueue path quinn.api uses (POST
# /admin/send-queue/enqueue; MacSyncApp on plum dispatches within ~30s).
# Notification concerns live here, NOT in the check scripts (see sanity.sh).
#
# Config via /etc/quinn-analytics-canary.env (installed by
# install-analytics-watchdog.sh):
# MAC_SYNC_BASE_URL default http://10.0.0.11:3201
# MAC_SYNC_SERVICE_TOKEN bearer token for the admin API
# ALERT_TO_HANDLE default +14244663669 (Quinn's own iMessage)
# =============================================================================
set -uo pipefail
UNIT="${1:-unknown-unit}"
BASE_URL="${MAC_SYNC_BASE_URL:-http://10.0.0.11:3201}"
TOKEN="${MAC_SYNC_SERVICE_TOKEN:?MAC_SYNC_SERVICE_TOKEN required}"
TO="${ALERT_TO_HANDLE:-+14244663669}"
TAIL="$(journalctl -u "$UNIT" -n 5 --no-pager -o cat 2>/dev/null | tail -c 600 || true)"
BODY="⚠️ ${UNIT} FAILED on $(hostname -s) at $(date '+%H:%M %Z').
${TAIL}"
device_id="$(curl -s --max-time 10 -H "Authorization: Bearer $TOKEN" "$BASE_URL/admin/devices" \
| python3 -c 'import json,sys; ds=[d for d in json.load(sys.stdin) if d.get("revokedAt") is None]; ds.sort(key=lambda d: d.get("lastSeenAt") or d.get("registeredAt") or "", reverse=True); print(ds[0]["id"] if ds else "")')"
if [[ -z "$device_id" ]]; then
echo "FATAL: no active mac-sync device — cannot deliver alert for $UNIT" >&2
exit 1
fi
payload="$(python3 - "$device_id" "$TO" "$BODY" <<'EOF'
import json, sys, uuid
print(json.dumps({
"batchItemId": str(uuid.uuid4()),
"deviceId": sys.argv[1],
"toHandle": sys.argv[2],
"body": sys.argv[3],
}))
EOF
)"
resp="$(curl -s --max-time 10 -X POST "$BASE_URL/admin/send-queue/enqueue" \
-H "Authorization: Bearer $TOKEN" -H 'Content-Type: application/json' \
-d "$payload")"
if echo "$resp" | grep -q '"success":true'; then
echo "alert enqueued for $UNIT$TO"
else
echo "FATAL: mac-sync enqueue failed: ${resp:0:300}" >&2
exit 1
fi