X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=modules%2Fprivate%2Fmonitoring%2Fdefault.nix;h=6062abab2e1689e5c02eb57983ad84f0c49e5273;hb=9f2025235d888eb4a7822024a5fad2e288388814;hp=d99124e836da9511f957b227a34924580a27422f;hpb=5ea246baa7afa72c44e0afa5122eaa61eb9c7e5c;p=perso%2FImmae%2FConfig%2FNix.git

diff --git a/modules/private/monitoring/default.nix b/modules/private/monitoring/default.nix
index d99124e..6062aba 100644
--- a/modules/private/monitoring/default.nix
+++ b/modules/private/monitoring/default.nix
@@ -1,4 +1,4 @@
-{ config, myconfig, pkgs, lib, ... }:
+{ config, myconfig, pkgs, lib, name, hostFQDN, ... }:
 let
   myplugins = pkgs.runCommand "buildplugins" {
     buildInputs = [ pkgs.makeWrapper pkgs.perl ];
@@ -8,25 +8,69 @@ let
     patchShebangs $out
     wrapProgram $out/check_command --prefix PATH : ${config.security.wrapperDir}
     wrapProgram $out/send_nrdp.sh --prefix PATH : ${lib.makeBinPath [
-      pkgs.curl pkgs.which pkgs.coreutils
+      pkgs.curl pkgs.jq
     ]}
     wrapProgram $out/check_mem.sh --prefix PATH : ${lib.makeBinPath [
       pkgs.gnugrep pkgs.gawk pkgs.procps-ng
     ]}
+    wrapProgram $out/check_postgres_replication --prefix PATH : ${lib.makeBinPath [
+      pkgs.postgresql
+    ]}
     '';
+  defaultObjects =
+    let specific_file = ./conf + "/specific_" + name + ".cfg";
+    in
+        builtins.readFile ./conf/local_services.cfg
+      + builtins.readFile ./conf/timeperiods.cfg
+      + builtins.readFile ./conf/services.cfg
+      + builtins.readFile ./conf/contacts.cfg
+      + builtins.readFile ./conf/hosts.cfg
+      + ''
+        define command {
+          command_line       ${myplugins}/send_nrdp.sh -u "$USER200$" -t "$USER201$" -H "$HOSTADDRESS$" -s "$SERVICEDESC$" -S "$SERVICESTATEID$" -o "$SERVICEOUTPUT$"
+          command_name       notify-master
+        }
+        define service {
+          service_description  No mdadm array is degraded
+          use                  local-service
+          check_command        check_command_output!${pkgs.mdadm}/bin/mdadm --monitor --scan -1!^$!-s 0 -r root
+        }
+
+        define service {
+          name                local-service
+          use                 generic-service
+          host_name           ${hostFQDN}
+          check_interval      5
+          max_check_attempts  4
+          register            0
+          retry_interval      1
+        }
+        define host {
+          host_name           ${hostFQDN}
+          alias               ${hostFQDN}
+          address             ${hostFQDN}
+          use                 linux-server
+        }
+        ''
+      + lib.strings.optionalString (builtins.pathExists specific_file) (builtins.readFile specific_file);
 in
 {
   options = {
-    myServices.monitoring.enable = lib.mkOption {
-      type = lib.types.bool;
-      default = false;
-      description = ''
-        Whether to enable monitoring.
-      '';
+    myServices.monitoring = {
+      enable = lib.mkOption {
+        type = lib.types.bool;
+        default = false;
+        description = ''
+          Whether to enable monitoring.
+        '';
+      };
     };
   };
 
   config = lib.mkIf config.myServices.monitoring.enable {
+    services.duplyBackup.profiles.monitoring = {
+      rootDir = config.services.naemon.varDir;
+    };
     security.sudo.extraRules = [
       {
         commands = [
@@ -36,6 +80,21 @@ in
         users = [ "naemon" ];
         runAs = "root";
       }
+      {
+        commands = [
+          { command = "${myplugins}/check_postgres_replication *"; options = [ "NOPASSWD" ]; }
+          { command = "${myplugins}/check_last_file_date /backup2/*"; options = [ "NOPASSWD" ]; }
+        ];
+        users = [ "naemon" ];
+        runAs = "postgres";
+      }
+      {
+        commands = [
+          { command = "${myplugins}/check_last_file_date /backup2/*"; options = [ "NOPASSWD" ]; }
+        ];
+        users = [ "naemon" ];
+        runAs = "backup";
+      }
     ];
     environment.etc."mdadm.conf" = {
       enable = true;
@@ -63,49 +122,7 @@ in
         $USER200$=${myconfig.env.monitoring.status_url}
         $USER201$=${myconfig.env.monitoring.status_token}
       '';
-      objectDefs = builtins.readFile ./conf/local_services.cfg
-        + builtins.readFile ./conf/timeperiods.cfg
-        + builtins.readFile ./conf/services.cfg
-        + builtins.readFile ./conf/contacts.cfg
-        + builtins.readFile ./conf/hosts.cfg
-        + ''
-          define command {
-            command_line       ${myplugins}/send_nrdp.sh -u "$USER200$" -t "$USER201$" -H "$HOSTADDRESS$" -s "$SERVICEDESC$" -S "$SERVICESTATEID$" -o "$SERVICEOUTPUT$"
-            command_name       notify-master
-          }
-          define service {
-            service_description  No mdadm array is degraded
-            use                  local-service
-            check_command        check_command_output!${pkgs.mdadm}/bin/mdadm --monitor --scan -1!^$!-s 0 -r root
-          }
-
-          define service {
-            service_description  mailq is empty
-            use                  local-service
-            check_command        check_mailq
-          }
-
-          define command {
-            command_name        check_mailq
-            command_line        $USER1$/check_mailq -s -w 1 -c 2
-          }
-
-          define service {
-            name                local-service
-            use                 generic-service
-            host_name           eldiron.immae.eu
-            check_interval      5
-            max_check_attempts  4
-            register            0
-            retry_interval      1
-          }
-          define host {
-            host_name           eldiron.immae.eu
-            alias               eldiron.immae.eu
-            address             eldiron.immae.eu
-            use                 linux-server
-          }
-          '';
+      objectDefs = defaultObjects;
     };
   };
 }