]>
Commit | Line | Data |
---|---|---|
1 | { hostFQDN | |
2 | , hostName | |
3 | , interface ? "eth0" | |
4 | , processWarn ? "250" | |
5 | , processAlert ? "400" | |
6 | , loadWarn ? "8.0" | |
7 | , load5Warn ? loadWarn | |
8 | , load15Warn ? load5Warn | |
9 | , loadAlert ? "10.0" | |
10 | , load5Alert ? loadAlert | |
11 | , load15Alert ? load5Alert | |
12 | , mdadm | |
13 | , sudo | |
14 | , master | |
15 | , lib | |
16 | , ... | |
17 | }: | |
18 | let | |
19 | defaultPassiveInfo = { | |
20 | filter = lib.attrsets.filterAttrs | |
21 | (k: v: builtins.elem k ["service_description"] || builtins.substring 0 1 k == "_"); | |
22 | use = "external-passive-service"; | |
23 | freshness_threshold = "450"; | |
24 | retry_interval = "1"; | |
25 | servicegroups = "webstatus-resources"; | |
26 | host_name = hostFQDN; | |
27 | }; | |
28 | in | |
29 | { | |
30 | host = { | |
31 | "${hostFQDN}" = { | |
32 | alias = hostFQDN; | |
33 | address = hostFQDN; | |
34 | use = "linux-server"; | |
35 | hostgroups = "webstatus-hosts"; | |
36 | _webstatus_name = hostName; | |
37 | _webstatus_vhost = "status.immae.eu"; | |
38 | }; | |
39 | }; | |
40 | service = [ | |
41 | { | |
42 | passiveInfo = defaultPassiveInfo; | |
43 | service_description = "Size on root partition"; | |
44 | use = "local-service"; | |
45 | check_command = ["check_local_disk" "20%" "10%" "/"]; | |
46 | } | |
47 | { | |
48 | passiveInfo = defaultPassiveInfo; | |
49 | service_description = "Total number of process"; | |
50 | use = "local-service"; | |
51 | check_command = [ | |
52 | "check_local_procs" | |
53 | processWarn | |
54 | processAlert | |
55 | "RSZDT" | |
56 | ]; | |
57 | } | |
58 | { | |
59 | passiveInfo = defaultPassiveInfo; | |
60 | service_description = "Network bandwidth"; | |
61 | use = "local-service"; | |
62 | check_interval = "2"; | |
63 | max_check_attempts = "20"; | |
64 | retry_interval = "2"; | |
65 | check_command = [ | |
66 | "check_local_bandwidth" | |
67 | interface | |
68 | "20480" # kb/s | |
69 | "51200" # kb/s | |
70 | ]; | |
71 | } | |
72 | { | |
73 | passiveInfo = defaultPassiveInfo; | |
74 | service_description = "Average load"; | |
75 | use = "local-service"; | |
76 | check_command = [ | |
77 | "check_local_load" | |
78 | "${loadWarn},${load5Warn},${load15Warn}" | |
79 | "${loadAlert},${load5Alert},${load15Alert}" | |
80 | ]; | |
81 | } | |
82 | { | |
83 | passiveInfo = defaultPassiveInfo; | |
84 | service_description = "Swap usage"; | |
85 | use = "local-service"; | |
86 | check_command = ["check_local_swap" "20" "10"]; | |
87 | } | |
88 | { | |
89 | passiveInfo = defaultPassiveInfo; | |
90 | service_description = "Memory usage"; | |
91 | use = "local-service"; | |
92 | check_command = ["check_memory" "80" "90"]; | |
93 | } | |
94 | { | |
95 | passiveInfo = defaultPassiveInfo; | |
96 | service_description = "NTP is activated and working"; | |
97 | use = "local-service"; | |
98 | check_command = ["check_ntp"]; | |
99 | } | |
100 | { | |
101 | passiveInfo = defaultPassiveInfo; | |
102 | service_description = "No mdadm array is degraded"; | |
103 | use = "local-service"; | |
104 | check_command = [ | |
105 | "check_command_output" | |
106 | "${mdadm}/bin/mdadm --monitor --scan -1" | |
107 | "^$" | |
108 | "-s 0 -r root" | |
109 | ]; | |
110 | } | |
111 | ]; | |
112 | command = { | |
113 | check_dns = "$USER1$/check_dns -H $ARG1$ -s $HOSTADDRESS$ $ARG2$"; | |
114 | check_emails = "$USER2$/check_emails -H $HOSTADDRESS$ -i $USER203$ -l $ARG1$ -p $ARG2$ -s $ARG3$ -f $ARG4$"; | |
115 | check_emails_local = "$USER2$/check_emails -H $HOSTADDRESS$ -n $ARG1$ -r $ADMINEMAIL$ -s $ARG2$ -f $ARG3$"; | |
116 | check_backup_eriomem = "$USER2$/check_eriomem $USER208$"; | |
117 | check_backup_eriomem_age = "$USER2$/check_backup_eriomem_age $ARG1$"; | |
118 | check_backup_ovh_age = "$USER2$/check_backup_ovh_age $ARG1$"; | |
119 | check_external_dns = "$USER1$/check_dns -H $ARG2$ -s $ARG1$ $ARG3$"; | |
120 | check_ftp_database = "$USER2$/check_ftp_database"; | |
121 | check_git = "$USER2$/check_git $USER203$"; | |
122 | check_http = "$USER1$/check_http --sni -f stickyport -H \"$ARG1$\" -u \"$ARG2$\" -r \"$ARG3$\""; | |
123 | check_https = "$USER1$/check_http --sni --ssl -f stickyport -H \"$ARG1$\" -u \"$ARG2$\" -r \"$ARG3$\""; | |
124 | check_https_auth = "$USER1$/check_http --sni --ssl -a \"$USER202$\" -f stickyport -H \"$ARG1$\" -u \"$ARG2$\" -r \"$ARG3$\""; | |
125 | check_https_certificate = "$USER1$/check_http --sni --ssl -H \"$ARG1$\" -C 21,15"; | |
126 | check_https_code = "$USER1$/check_http --sni --ssl -f stickyport -H \"$ARG1$\" -u \"$ARG2$\" -e \"$ARG3$\" -r \"$ARG4$\""; | |
127 | check_imap_connection = "$USER2$/check_imap_connection -u \"$USER204$\" -p \"$USER205$\" -H \"imap.immae.eu:143\""; | |
128 | check_local_disk = "$USER1$/check_disk -w $ARG1$ -c $ARG2$ -p $ARG3$"; | |
129 | check_local_procs = "$USER1$/check_procs -w $ARG1$ -c $ARG2$ -s $ARG3$"; | |
130 | check_local_load = "$USER1$/check_load -w $ARG1$ -c $ARG2$"; | |
131 | check_local_swap = "$USER1$/check_swap -n ok -w $ARG1$ -c $ARG2$"; | |
132 | check_local_bandwidth = "$USER2$/check_bandwidth -i=$ARG1$ -w $ARG2$ -c $ARG3$"; | |
133 | check_memory = "$USER2$/check_mem.sh -w $ARG1$ -c $ARG2$"; | |
134 | check_command_match = "$USER2$/check_command -c \"$ARG1$\" -C \"$ARG2$\" $ARG3$"; | |
135 | check_command_output = "$USER2$/check_command -c \"$ARG1$\" -s 0 -o \"$ARG2$\" $ARG3$"; | |
136 | check_command_status = "$USER2$/check_command -c \"$ARG1$\" -s \"$ARG2$\" $ARG3$"; | |
137 | check_ntp = "$USER1$/check_ntp_time -t 30 -q -H 0.arch.pool.ntp.org"; | |
138 | check_mailq = "$USER1$/check_mailq -s -w 1 -c 2"; | |
139 | check_mysql_replication = "${sudo} -u mysql $USER2$/check_mysql_replication \"$ARG1$\" \"$ARG2$\""; | |
140 | check_postgresql_replication = "${sudo} -u postgres $USER2$/check_postgres_replication \"$ARG1$\" \"$ARG2$\" \"$ARG3$\""; | |
141 | check_openldap_replication = "${sudo} -u openldap $USER2$/check_openldap_replication \"$ARG1$\" \"$ARG2$\" \"$ARG3$\" \"$ARG4$\" \"$ARG5$\""; | |
142 | check_ovh_sms = "$USER2$/check_ovh_sms \"$USER209$\""; | |
143 | check_redis_replication = "${sudo} -u redis $USER2$/check_redis_replication \"$ARG1$\""; | |
144 | check_smtp = "$USER1$/check_smtp -H $HOSTADDRESS$ -p 25 -S -D 21,15"; | |
145 | check_tcp = "$USER1$/check_tcp -H $HOSTADDRESS$ -p $ARG1$ -e \"$ARG2$\" -Mcrit"; | |
146 | check_tcp_ssl = "$USER1$/check_tcp -H $HOSTADDRESS$ -p $ARG1$ -S -D 21,15"; | |
147 | check_zfs = "$USER2$/check_zpool.sh -p ALL"; | |
148 | ||
149 | check_host_alive = "$USER1$/check_ping -H $HOSTADDRESS$ -w 3000.0,80% -c 5000.0,100% -p 5"; | |
150 | check_last_file_date = "${sudo} -u \"$ARG3$\" $USER2$/check_last_file_date \"$ARG1$\" \"$ARG2$\""; | |
151 | check_ok = "$USER1$/check_dummy 0 \"Dummy OK\""; | |
152 | check_critical = "$USER1$/check_dummy 2 \"Dummy CRITICAL\""; | |
153 | ||
154 | # $OVE is to force naemon to run via shell instead of execve which fails here | |
155 | notify-host-by-email = "ADMINEMAIL=\"$ADMINEMAIL$\" SERVICENOTIFICATIONID=\"$SERVICENOTIFICATIONID$\" HOSTSTATE=\"$HOSTSTATE$\" HOSTOUTPUT=\"$HOSTOUTPUT$\" $USER2$/notify_by_email host \"$NOTIFICATIONTYPE$\" \"$HOSTALIAS$\" \"$LONGDATETIME$\" \"$CONTACTEMAIL$\" $OVE"; | |
156 | # $OVE is to force naemon to run via shell instead of execve which fails here | |
157 | notify-service-by-email = "ADMINEMAIL=\"$ADMINEMAIL$\" SERVICENOTIFICATIONID=\"$SERVICENOTIFICATIONID$\" SERVICEDESC=\"$SERVICEDESC$\" SERVICESTATE=\"$SERVICESTATE$\" SERVICEOUTPUT=\"$SERVICEOUTPUT$\" $USER2$/notify_by_email service \"$NOTIFICATIONTYPE$\" \"$HOSTALIAS$\" \"$LONGDATETIME$\" \"$CONTACTEMAIL$\" $OVE"; | |
158 | notify-by-slack = "HOST=\"$HOSTALIAS$\" SERVICESTATE=\"$SERVICESTATE$\" SERVICEDESC=\"$SERVICEDESC$\" SERVICEOUTPUT=\"$SERVICEOUTPUT$\" $USER2$/notify_by_slack \"$ARG1$\" \"$ARG2$\""; | |
159 | notify-host-eban-url = "STATUS_NAME=\"Server\" PASSWORD=\"$USER210$\" HOSTSTATE=\"$HOSTSTATE$\" $USER2$/notify_eban_url"; | |
160 | notify-service-eban-url = "STATUS_NAME=\"$_SERVICEWEBSTATUS_NAME$\" PASSWORD=\"$USER210$\" SERVICESTATE=\"$SERVICESTATE$\" $USER2$/notify_eban_url"; | |
161 | ||
162 | notify-master = "$USER2$/send_nrdp.sh -u \"$USER200$\" -t \"$USER201$\" -H \"$HOSTADDRESS$\" -s \"$SERVICEDESC$\" -S \"$SERVICESTATEID$\" -o \"$SERVICEOUTPUT$ | $SERVICEPERFDATA$\""; | |
163 | }; | |
164 | timeperiod = { | |
165 | "24x7" = { | |
166 | alias = "24 Hours A Day, 7 Days A Week"; | |
167 | monday = "00:00-24:00"; | |
168 | tuesday = "00:00-24:00"; | |
169 | wednesday = "00:00-24:00"; | |
170 | thursday = "00:00-24:00"; | |
171 | friday = "00:00-24:00"; | |
172 | saturday = "00:00-24:00"; | |
173 | sunday = "00:00-24:00"; | |
174 | }; | |
175 | }; | |
176 | servicegroup = { | |
177 | webstatus-webapps = { alias = "Web applications"; }; | |
178 | webstatus-websites = { alias = "Personal websites"; }; | |
179 | webstatus-ssl = { alias = "SSL certificates"; }; | |
180 | webstatus-dns = { alias = "DNS resolution"; }; | |
181 | webstatus-remote-services = { alias = "Other remote services"; }; | |
182 | webstatus-local-services = { alias = "Other local services"; }; | |
183 | webstatus-email = { alias = "E-mail services"; }; | |
184 | webstatus-resources = { alias = "Local resources"; }; | |
185 | webstatus-databases = { alias = "Databases resources"; }; | |
186 | webstatus-backup = { alias = "Backup resources"; }; | |
187 | }; | |
188 | hostgroup = { | |
189 | webstatus-hosts = { alias = "Hosts"; }; | |
190 | }; | |
191 | contactgroup = { | |
192 | admins = { alias = "Naemon Administrators"; }; | |
193 | }; | |
194 | templates = { | |
195 | service = { | |
196 | generic-service = { | |
197 | active_checks_enabled = "1"; | |
198 | check_freshness = "0"; | |
199 | check_interval = "10"; | |
200 | check_period = "24x7"; | |
201 | contact_groups = "admins"; | |
202 | event_handler_enabled = "1"; | |
203 | flap_detection_enabled = "1"; | |
204 | is_volatile = "0"; | |
205 | max_check_attempts = "3"; | |
206 | notification_interval = "60"; | |
207 | notification_options = "w,u,c,r,f,s"; | |
208 | notification_period = "24x7"; | |
209 | notifications_enabled = if master then "1" else "0"; | |
210 | obsess_over_service = "1"; | |
211 | passive_checks_enabled = "1"; | |
212 | process_perf_data = "1"; | |
213 | retain_nonstatus_information = "1"; | |
214 | retain_status_information = "1"; | |
215 | retry_interval = "2"; | |
216 | }; | |
217 | local-service = { | |
218 | use = "generic-service"; | |
219 | host_name = hostFQDN; | |
220 | check_interval = "5"; | |
221 | max_check_attempts = "4"; | |
222 | retry_interval = "1"; | |
223 | servicegroups = "webstatus-resources"; | |
224 | }; | |
225 | external-service = { | |
226 | use = "generic-service"; | |
227 | check_interval = "5"; | |
228 | max_check_attempts = "4"; | |
229 | retry_interval = "1"; | |
230 | }; | |
231 | web-service = { | |
232 | use = "generic-service"; | |
233 | check_interval = "20"; | |
234 | max_check_attempts = "2"; | |
235 | retry_interval = "1"; | |
236 | }; | |
237 | external-web-service = { | |
238 | use = "generic-service"; | |
239 | check_interval = "20"; | |
240 | max_check_attempts = "2"; | |
241 | retry_interval = "1"; | |
242 | }; | |
243 | mail-service = { | |
244 | use = "generic-service"; | |
245 | check_interval = "15"; | |
246 | max_check_attempts = "1"; | |
247 | retry_interval = "1"; | |
248 | }; | |
249 | dns-service = { | |
250 | use = "generic-service"; | |
251 | check_interval = "120"; | |
252 | notification_interval = "120"; | |
253 | max_check_attempts = "5"; | |
254 | retry_interval = "5"; | |
255 | }; | |
256 | }; | |
257 | # No contact, we go through master | |
258 | contact = { | |
259 | generic-contact = { | |
260 | host_notification_commands = "notify-host-by-email"; | |
261 | host_notification_options = "d,u,r,f,s"; | |
262 | host_notification_period = "24x7"; | |
263 | service_notification_commands = "notify-service-by-email"; | |
264 | service_notification_options = "w,u,c,r,f,s"; | |
265 | service_notification_period = "24x7"; | |
266 | }; | |
267 | }; | |
268 | host = { | |
269 | generic-host = { | |
270 | event_handler_enabled = "1"; | |
271 | flap_detection_enabled = "1"; | |
272 | notification_period = "24x7"; | |
273 | notifications_enabled = "1"; | |
274 | process_perf_data = "1"; | |
275 | retain_nonstatus_information = "1"; | |
276 | retain_status_information = "1"; | |
277 | }; | |
278 | linux-server = { | |
279 | check_command = "check_host_alive"; | |
280 | check_interval = "5"; | |
281 | check_period = "24x7"; | |
282 | contact_groups = "admins"; | |
283 | max_check_attempts = "10"; | |
284 | notification_interval = "120"; | |
285 | notification_options = "d,u,r,f"; | |
286 | retry_interval = "1"; | |
287 | }; | |
288 | }; | |
289 | }; | |
290 | } |