#!/usr/bin/env bash
set -euo pipefail

# Collect a concise host and network snapshot for incident triage.

now="$(date -u +%Y-%m-%dT%H:%M:%SZ)"
host="$(hostname 2>/dev/null || echo unknown)"

echo "=== sysdiag snapshot ==="
echo "timestamp_utc: $now"
echo "host: $host"
echo

echo "--- os ---"
uname -a || true
if [ -f /etc/os-release ]; then
  sed -n '1,12p' /etc/os-release || true
fi
echo

echo "--- uptime/load ---"
uptime || true
echo

echo "--- cpu/memory ---"
free -h || true
echo

echo "--- disk ---"
df -hT || true
df -ih || true
echo

echo "--- interfaces ---"
ip -br addr 2>/dev/null || true
ip -s link 2>/dev/null || true
echo

echo "--- routing ---"
ip route show 2>/dev/null || true
ip rule show 2>/dev/null || true
echo

echo "--- listening sockets ---"
ss -tulpn 2>/dev/null || true
echo

echo "--- dns ---"
if command -v resolvectl >/dev/null 2>&1; then
  resolvectl status 2>/dev/null || true
fi
cat /etc/resolv.conf 2>/dev/null || true
echo

echo "--- firewall ---"
if command -v nft >/dev/null 2>&1; then
  nft list ruleset 2>/dev/null || true
elif command -v iptables >/dev/null 2>&1; then
  iptables -S 2>/dev/null || true
else
  echo "No nftables/iptables binary found"
fi
echo

echo "--- services ---"
systemctl --failed --no-pager 2>/dev/null || true
echo

echo "--- recent critical logs ---"
journalctl -p 3 -xb --no-pager -n 120 2>/dev/null || true