-{ config, pkgs, lib, name, ... }:
+{ config, pkgs, lib, name, nodes, ... }:
let
+ cfg = config.myServices.monitoring;
myplugins = pkgs.runCommand "buildplugins" {
buildInputs = [ pkgs.makeWrapper pkgs.perl ];
} ''
wrapProgram $out/send_nrdp.sh --prefix PATH : ${lib.makeBinPath [
pkgs.curl pkgs.jq
]}
+ wrapProgram $out/check_maison_bbc --prefix PATH : ${lib.makeBinPath [
+ pkgs.curl pkgs.jq
+ ]}
wrapProgram $out/check_mem.sh --prefix PATH : ${lib.makeBinPath [
pkgs.gnugrep pkgs.gawk pkgs.procps-ng
]}
wrapProgram $out/check_openldap_replication --prefix PATH : ${lib.makeBinPath [
pkgs.gnugrep pkgs.gnused pkgs.coreutils pkgs.openldap
]}
+ wrapProgram $out/check_ftp_database --prefix PATH : ${lib.makeBinPath [
+ pkgs.lftp
+ ]}
+ wrapProgram $out/check_git --prefix PATH : ${lib.makeBinPath [
+ pkgs.git pkgs.openssh
+ ]}
+ wrapProgram $out/check_imap_connection --prefix PATH : ${lib.makeBinPath [
+ pkgs.openssl
+ ]}
+ wrapProgram $out/notify_maison_bbc_by_email --prefix PATH : ${lib.makeBinPath [
+ pkgs.mailutils pkgs.gawk
+ ]}
+ wrapProgram $out/notify_by_email --prefix PATH : ${lib.makeBinPath [
+ pkgs.mailutils
+ ]}
+ wrapProgram $out/notify_by_slack --prefix PATH : ${lib.makeBinPath [
+ pkgs.curl pkgs.jq
+ ]}
'';
toObjects = pkgs.callPackage ./to_objects.nix {};
commonConfig = {
processWarn = "50"; processAlert = "60";
loadWarn = "1.0"; loadAlert = "2.0";
};
+ monitoring-1 = {
+ processWarn = "50"; processAlert = "60";
+ loadWarn = "1.0"; loadAlert = "2.0";
+ };
};
+ masterPassiveObjects = let
+ otherPassiveObjects = map
+ (n: (pkgs.callPackage (./. + "/objects_" + n + ".nix") {}))
+ [ "caldance-1" "ulminfo-fr" "immae-eu" "phare" "tiboqorl-fr" ];
+ otherPassiveServices = lib.flatten (map (h: h.service or []) otherPassiveObjects);
+ otherPassiveHosts = (map (h: h.host)) otherPassiveObjects;
+ passiveNodes = lib.attrsets.filterAttrs (n: _: builtins.elem n ["backup-2" "eldiron"]) nodes;
+ toPassiveServices = map (s: s.passiveInfo.filter s // s.passiveInfo);
+ passiveServices = lib.flatten (lib.attrsets.mapAttrsToList
+ (_: n: toPassiveServices n.config.myServices.monitoring.services)
+ passiveNodes
+ );
+ in {
+ service = passiveServices ++ otherPassiveServices;
+ host = lib.lists.foldr
+ (a: b: a//b)
+ {}
+ (otherPassiveHosts ++ lib.attrsets.mapAttrsToList (_: h: h.config.myServices.monitoring.hosts) passiveNodes);
+ };
+ masterObjects = pkgs.callPackage ./objects_master.nix { inherit config; };
commonObjects = pkgs.callPackage ./objects_common.nix ({
+ master = cfg.master;
hostFQDN = config.hostEnv.FQDN;
+ hostName = name;
sudo = "/run/wrappers/bin/sudo";
} // builtins.getAttr name commonConfig);
hostObjects =
let
specific_file = ./. + "/objects_" + name + ".nix";
in
- lib.attrsets.optionalAttrs (builtins.pathExists specific_file) (pkgs.callPackage specific_file { inherit config; });
+ lib.attrsets.optionalAttrs
+ (builtins.pathExists specific_file)
+ (pkgs.callPackage specific_file {
+ inherit config;
+ hostFQDN = config.hostEnv.FQDN;
+ hostName = name;
+ });
in
{
options = {
Whether to enable monitoring.
'';
};
+ master = lib.mkOption {
+ type = lib.types.bool;
+ default = false;
+ description = ''
+ This instance is the master instance
+ '';
+ };
+ hosts = lib.mkOption {
+ readOnly = true;
+ description = "Hosts list for this host";
+ default = (commonObjects.host or {}) // (hostObjects.host or {});
+ };
+ services = lib.mkOption {
+ readOnly = true;
+ description = "Services list for this host";
+ default = commonObjects.service ++ hostObjects.service;
+ };
};
};
- config = lib.mkIf config.myServices.monitoring.enable {
+ config = lib.mkIf cfg.enable {
services.duplyBackup.profiles.monitoring = {
rootDir = config.services.naemon.varDir;
};
text = "MAILADDR ${config.myEnv.monitoring.email}";
};
+ secrets.keys = [
+ {
+ dest = "naemon/id_rsa";
+ user = "naemon";
+ group = "naemon";
+ premissions = "0400";
+ text = config.myEnv.monitoring.ssh_secret_key;
+ }
+ ];
# needed since extraResource is not in the closure
systemd.services.naemon.path = [ myplugins ];
services.naemon = {
log_initial_states=1
date_format=iso8601
admin_email=${config.myEnv.monitoring.email}
-
+ '' + lib.optionalString (!cfg.master) ''
obsess_over_services=1
ocsp_command=notify-master
'';
$USER2$=${myplugins}
$USER200$=${config.myEnv.monitoring.status_url}
$USER201$=${config.myEnv.monitoring.status_token}
+ $USER202$=${config.myEnv.monitoring.http_user_password}
+ $USER203$=${config.secrets.fullPaths."naemon/id_rsa"}
+ $USER204$=${config.myEnv.monitoring.imap_login}
+ $USER205$=${config.myEnv.monitoring.imap_password}
+ $USER206$=${config.myEnv.monitoring.slack_channel}
+ $USER207$=${config.myEnv.monitoring.slack_url}
'';
- objectDefs = toObjects commonObjects + toObjects hostObjects;
+ objectDefs = toObjects commonObjects
+ + toObjects hostObjects
+ + lib.optionalString cfg.master (toObjects masterObjects)
+ + lib.optionalString cfg.master (toObjects masterPassiveObjects);
};
};
}