+++ /dev/null
-# vim: filetype=nagios
-
-# CONTACT GROUPS
-define contactgroup {
- contactgroup_name admins
- alias Naemon Administrators
-# members immae
-}
-
-# No contact, we go through master
-# define contact {
-# contact_name immae
-# alias Immae
-# use generic-contact
-# email xxxxxxxxxxxxxxxx
-# }
-#
-# define contact {
-# name generic-contact
-# host_notification_commands notify-host-by-email
-# host_notification_options d,u,r,f,s
-# host_notification_period 24x7
-# register 0
-# service_notification_commands notify-service-by-email
-# service_notification_options w,u,c,r,f,s
-# service_notification_period 24x7
-# }
-#
-# define command {
-# command_name notify-host-by-email
-# command_line SERVICENOTIFICATIONID="$SERVICENOTIFICATIONID$" HOSTSTATE="$HOSTSTATE$" HOSTOUTPUT="$HOSTOUTPUT$" $USER2$/notify_by_email host "$NOTIFICATIONTYPE$" "$HOSTALIAS$" "$LONGDATETIME$" "$CONTACTEMAIL$" $OVE
-# #$OVE is to force naemon to run via shell instead of execve which fails here
-# }
-#
-# # 'notify-service-by-email' command definition
-# define command {
-# command_name notify-service-by-email
-# command_line SERVICENOTIFICATIONID="$SERVICENOTIFICATIONID$" SERVICEDESC="$SERVICEDESC$" SERVICESTATE="$SERVICESTATE$" SERVICEOUTPUT="$SERVICEOUTPUT$" $USER2$/notify_by_email service "$NOTIFICATIONTYPE$" "$HOSTALIAS$" "$LONGDATETIME$" "$CONTACTEMAIL$" $OVE
-# # command_line sudo /usr/bin/strace -o /tmp/foo -vf -s 256 -u naemon $USER2$/notify_by_email
-# #$OVE is to force naemon to run via shell instead of execve which fails here
-# }
+++ /dev/null
-# vim: filetype=nagios
-
-define host {
- name generic-host
- event_handler_enabled 1
- flap_detection_enabled 1
- notification_period 24x7
- notifications_enabled 1
- process_perf_data 1
- register 0
- retain_nonstatus_information 1
- retain_status_information 1
-}
-
-define host {
- name linux-server
- use generic-host
- check_command check-host-alive
- check_interval 5
- check_period 24x7
- contact_groups admins
- max_check_attempts 10
- notification_interval 120
- notification_options d,u,r,f
- register 0
- retry_interval 1
-}
-
-define command {
- command_name check-host-alive
- command_line $USER1$/check_ping -H $HOSTADDRESS$ -w 3000.0,80% -c 5000.0,100% -p 5
-}
+++ /dev/null
-# vim: filetype=nagios
-
-# System usage
-define service {
- service_description Size on root partition
- use local-service
- check_command check_local_disk!20%!10%!/
-}
-define command {
- command_line $USER1$/check_disk -w $ARG1$ -c $ARG2$ -p $ARG3$
- command_name check_local_disk
-}
-
-define service {
- service_description Total number of process
- use local-service
- check_command check_local_procs!250!400!RSZDT
-}
-define command {
- command_line $USER1$/check_procs -w $ARG1$ -c $ARG2$ -s $ARG3$
- command_name check_local_procs
-}
-
-define service {
- service_description Average load
- use local-service
- check_command check_local_load!8.0,8.0,8.0!10.0,10.0,10.0
-}
-define command {
- command_line $USER1$/check_load -w $ARG1$ -c $ARG2$
- command_name check_local_load
-}
-
-define service {
- service_description Swap usage
- use local-service
- check_command check_local_swap!20!10
-}
-define command {
- command_line $USER1$/check_swap -n ok -w $ARG1$ -c $ARG2$
- command_name check_local_swap
-}
-
-define service {
- service_description Memory usage
- use local-service
- check_command check_memory!80!90
-}
-define command {
- command_line $USER2$/check_mem.sh -w $ARG1$ -c $ARG2$
- command_name check_memory
-}
-
-define command {
- command_line $USER2$/check_command -c "$ARG1$" -s 0 -o "$ARG2$" $ARG3$
- command_name check_command_output
-}
-
-# Network dependent local services
-define service {
- service_description NTP is activated and working
- use local-service
- check_command check_ntp
-}
-define command {
- command_line $USER1$/check_ntp_time -t 30 -q -H 0.arch.pool.ntp.org
- command_name check_ntp
-}
+++ /dev/null
-# vim: filetype=nagios
-
-define command {
- command_line /etc/naemon/send_nrdp.sh -H "$HOSTADDRESS$" -s "$SERVICEDESC$" -S "$SERVICESTATEID$" -o "$SERVICEOUTPUT$"
- command_name notify-master
-}
-
-
+++ /dev/null
-# vim: filetype=nagios
-
-define command {
- command_line $USER1$/check_ping -H $HOSTADDRESS$ -w 3000.0,80% -c 5000.0,100% -p 5
- command_name check-host-alive
-}
-
-define command {
- command_line $USER2$/check_md_raid
- command_name check_md_raid
-}
-
-define command {
- command_line $USER2$/check_command -c "$ARG1$" -o "$ARG2$" $ARG3$
- command_name check_command_output
-}
-
-
-define command {
- command_line /usr/bin/sudo -u postgres $USER2$/check_postgres_replication "$ARG1$" "$ARG2$" "$ARG3$"
- command_name check_postgresql_replication
-}
-
-define service {
- ## --PUPPET_NAME-- (called '_naginator_name' in the manifest) Databases are present in postgresql
- active_checks_enabled 1
- check_command check_command_output!psql -c 'select nspname from pg_catalog.pg_namespace'!public!-r postgres
- check_freshness 0
- check_interval 5
- check_period 24x7
- contact_groups admins
- event_handler_enabled 1
- flap_detection_enabled 1
- host_name caldance-1.v.immae.eu
- is_volatile 0
- max_check_attempts 4
- notification_interval 60
- notification_options w,u,c,r
- notification_period 24x7
- notifications_enabled 0
- obsess_over_service 1
- passive_checks_enabled 1
- process_perf_data 1
- retain_nonstatus_information 1
- retain_status_information 1
- retry_interval 1
- service_description Databases are present in postgresql
-}
-
-define command {
- command_line $USER2$/check_last_file_date "$ARG1$" "$ARG2$" "$ARG3$"
- command_name check_last_file_date
-}
-
-define command {
- command_line $USER2$/check_date "$ARG1$" "$ARG2$" "$ARG3$"
- command_name check_date
-}
-
-define service {
- ## --PUPPET_NAME-- (called '_naginator_name' in the manifest) Postgresql replication for backup-1 is up to date
- active_checks_enabled 1
- check_command check_postgresql_replication!backup-1!/run/postgresql!5432
- check_freshness 0
- check_interval 5
- check_period 24x7
- contact_groups admins
- event_handler_enabled 1
- flap_detection_enabled 1
- host_name caldance-1.v.immae.eu
- is_volatile 0
- max_check_attempts 4
- notification_interval 60
- notification_options w,u,c,r
- notification_period 24x7
- notifications_enabled 0
- obsess_over_service 1
- passive_checks_enabled 1
- process_perf_data 1
- retain_nonstatus_information 1
- retain_status_information 1
- retry_interval 1
- service_description Postgresql replication for backup-1 is up to date
-}
+++ /dev/null
-# vim: filetype=nagios
-
-define service {
- name generic-service
- active_checks_enabled 1
- check_freshness 0
- check_interval 10
- check_period 24x7
- contact_groups admins
- event_handler_enabled 1
- flap_detection_enabled 1
- is_volatile 0
- max_check_attempts 3
- notification_interval 60
- notification_options w,u,c,r,f
- notification_period 24x7
- # no notification since we send them to master
- notifications_enabled 0
- obsess_over_service 1
- passive_checks_enabled 1
- process_perf_data 1
- register 0
- retain_nonstatus_information 1
- retain_status_information 1
- retry_interval 2
-}
-
+++ /dev/null
-# vim: filetype=nagios
-
-define service {
- service_description Size on /backup2 partition
- check_command check_local_disk!10%!5%!/backup2
- use local-service
-}
-
-define command {
- command_line /run/wrappers/bin/sudo -u "$ARG3$" $USER2$/check_last_file_date "$ARG1$" "$ARG2$"
- command_name check_last_file_date
-}
-
-define service {
- service_description Last backup in /backup2/phare is not too old
- check_command check_last_file_date!/backup2/phare!14!backup
- use local-service
-}
-
-define service {
- service_description Last backup in /backup2/immae_eu is not too old
- check_command check_last_file_date!/backup2/immae_eu!14!backup
- use local-service
-}
-
-define service {
- service_description Last backup in /backup2/immae_fr is not too old
- check_command check_last_file_date!/backup2/immae_fr!14!backup
- use local-service
-}
-
-define service {
- service_description Last postgresql dump in /backup2/eldiron/postgresql_backup is not too old
- check_command check_last_file_date!/backup2/eldiron/postgresql_backup!7!postgres
- use local-service
-}
+++ /dev/null
-# vim: filetype=nagios
-#
-define command {
- command_line /run/wrappers/bin/sudo -u postgres $USER2$/check_postgres_replication "$ARG1$" "$ARG2$" "$ARG3$"
- command_name check_postgresql_replication
-}
-
-define service {
- service_description Postgresql replication for backup-1 is up to date
- check_command check_postgresql_replication!backup-1!/run/postgresql!5432
- use local-service
-}
-
-define service {
- service_description Postgresql replication for backup-2 is up to date
- check_command check_postgresql_replication!backup-2!/run/postgresql!5432
- use local-service
-}
-
-define service {
- service_description mailq is empty
- use local-service
- check_command check_mailq
-}
-
-define command {
- command_name check_mailq
- command_line $USER1$/check_mailq -s -w 1 -c 2
-}
+++ /dev/null
-# vim: filetype=nagios
-
-define timeperiod {
- alias 24 Hours A Day, 7 Days A Week
- friday 00:00-24:00
- monday 00:00-24:00
- saturday 00:00-24:00
- sunday 00:00-24:00
- thursday 00:00-24:00
- timeperiod_name 24x7
- tuesday 00:00-24:00
- wednesday 00:00-24:00
-}
-
-
pkgs.postgresql
]}
'';
- defaultObjects =
- let specific_file = ./conf + "/specific_" + name + ".cfg";
+ toObjects = pkgs.callPackage ./to_objects.nix {};
+ commonConfig = {
+ eldiron = {
+ processWarn = "250"; processAlert = "400";
+ loadWarn = "8.0"; loadAlert = "10.0";
+ };
+ backup-2 = {
+ processWarn = "50"; processAlert = "60";
+ loadWarn = "1.0"; loadAlert = "2.0";
+ };
+ };
+ commonObjects = pkgs.callPackage ./objects_common.nix ({
+ inherit hostFQDN;
+ sudo = "/run/wrappers/bin/sudo";
+ } // builtins.getAttr name commonConfig);
+ hostObjects =
+ let
+ specific_file = ./. + "/objects_" + name + ".nix";
in
- builtins.readFile ./conf/local_services.cfg
- + builtins.readFile ./conf/timeperiods.cfg
- + builtins.readFile ./conf/services.cfg
- + builtins.readFile ./conf/contacts.cfg
- + builtins.readFile ./conf/hosts.cfg
- + ''
- define command {
- command_line ${myplugins}/send_nrdp.sh -u "$USER200$" -t "$USER201$" -H "$HOSTADDRESS$" -s "$SERVICEDESC$" -S "$SERVICESTATEID$" -o "$SERVICEOUTPUT$"
- command_name notify-master
- }
- define service {
- service_description No mdadm array is degraded
- use local-service
- check_command check_command_output!${pkgs.mdadm}/bin/mdadm --monitor --scan -1!^$!-s 0 -r root
- }
-
- define service {
- name local-service
- use generic-service
- host_name ${hostFQDN}
- check_interval 5
- max_check_attempts 4
- register 0
- retry_interval 1
- }
- define host {
- host_name ${hostFQDN}
- alias ${hostFQDN}
- address ${hostFQDN}
- use linux-server
- }
- ''
- + lib.strings.optionalString (builtins.pathExists specific_file) (builtins.readFile specific_file);
+ lib.attrsets.optionalAttrs (builtins.pathExists specific_file) (pkgs.callPackage specific_file {});
in
{
options = {
$USER200$=${myconfig.env.monitoring.status_url}
$USER201$=${myconfig.env.monitoring.status_token}
'';
- objectDefs = defaultObjects;
+ objectDefs = toObjects commonObjects + toObjects hostObjects;
};
};
}
--- /dev/null
+{ ... }:
+{
+ service = [
+ {
+ service_description = "Size on /backup2 partition";
+ use = "local-service";
+ check_command = ["check_local_disk" "10%" "5%" "/backup2"];
+ }
+ {
+ service_description = "Last backup in /backup2/phare is not too old";
+ use = "local-service";
+ check_command = ["check_last_file_date" "/backup2/phare" "14" "backup"];
+ }
+ {
+ service_description = "Last backup in /backup2/immae_eu is not too old";
+ use = "local-service";
+ check_command = ["check_last_file_date" "/backup2/immae_eu" "14" "backup"];
+ }
+ {
+ service_description = "Last backup in /backup2/immae_fr is not too old";
+ use = "local-service";
+ check_command = ["check_last_file_date" "/backup2/immae_fr" "14" "backup"];
+ }
+ {
+ service_description = "Last postgresql dump in /backup2/eldiron/postgresql_backup is not too old";
+ use = "local-service";
+ check_command = ["check_last_file_date" "/backup2/eldiron/postgresql_backup" "7" "postgres"];
+ }
+ ];
+}
--- /dev/null
+{ hostFQDN
+, processWarn ? "250"
+, processAlert ? "400"
+, loadWarn ? "8.0"
+, loadAlert ? "10.0"
+, mdadm
+, sudo
+, ...
+}:
+{
+ host = {
+ "${hostFQDN}" = {
+ alias = hostFQDN;
+ address = hostFQDN;
+ use = "linux-server";
+ };
+ };
+ service = [
+ {
+ service_description = "Size on root partition";
+ use = "local-service";
+ check_command = ["check_local_disk" "20%" "10%" "/"];
+ }
+ {
+ service_description = "Total number of process";
+ use = "local-service";
+ check_command = [
+ "check_local_procs"
+ processWarn
+ processAlert
+ "RSZDT"
+ ];
+ }
+ {
+ service_description = "Average load";
+ use = "local-service";
+ check_command = [
+ "check_local_load"
+ "${loadWarn},${loadWarn},${loadWarn}"
+ "${loadAlert},${loadAlert},${loadAlert}"
+ ];
+ }
+ {
+ service_description = "Swap usage";
+ use = "local-service";
+ check_command = ["check_local_swap" "20" "10"];
+ }
+ {
+ service_description = "Memory usage";
+ use = "local-service";
+ check_command = ["check_memory" "80" "90"];
+ }
+ {
+ service_description = "NTP is activated and working";
+ use = "local-service";
+ check_command = ["check_ntp"];
+ }
+ {
+ service_description = "No mdadm array is degraded";
+ use = "local-service";
+ check_command = [
+ "check_command_output"
+ "${mdadm}/bin/mdadm --monitor --scan -1"
+ "^$"
+ "-s 0 -r root"
+ ];
+ }
+ ];
+ command = {
+ check_local_disk = "$USER1$/check_disk -w $ARG1$ -c $ARG2$ -p $ARG3$";
+ check_local_procs = "$USER1$/check_procs -w $ARG1$ -c $ARG2$ -s $ARG3$";
+ check_local_load = "$USER1$/check_load -w $ARG1$ -c $ARG2$";
+ check_local_swap = "$USER1$/check_swap -n ok -w $ARG1$ -c $ARG2$";
+ check_memory = "$USER2$/check_mem.sh -w $ARG1$ -c $ARG2$";
+ check_command_output = "$USER2$/check_command -c \"$ARG1$\" -s 0 -o \"$ARG2$\" $ARG3$";
+ check_ntp = "$USER1$/check_ntp_time -t 30 -q -H 0.arch.pool.ntp.org";
+ check_postgresql_replication = "${sudo} -u postgres $USER2$/check_postgres_replication \"$ARG1$\" \"$ARG2$\" \"$ARG3$\"";
+ check_mailq = "$USER1$/check_mailq -s -w 1 -c 2";
+
+ check_host_alive = "$USER1$/check_ping -H $HOSTADDRESS$ -w 3000.0,80% -c 5000.0,100% -p 5";
+ check_last_file_date = "${sudo} -u \"$ARG3$\" $USER2$/check_last_file_date \"$ARG1$\" \"$ARG2$\"";
+
+ # No notify commands, we go through master
+ # notify_host_by_email = "SERVICENOTIFICATIONID=\"$SERVICENOTIFICATIONID$\" HOSTSTATE=\"$HOSTSTATE$\" HOSTOUTPUT=\"$HOSTOUTPUT$\" $USER2$/notify_by_email host \"$NOTIFICATIONTYPE$\" \"$HOSTALIAS$\" \"$LONGDATETIME$\" \"$CONTACTEMAIL$\" $OVE";
+ # #$OVE is to force naemon to run via shell instead of execve which fails here
+ # notify_service_by_email = "SERVICENOTIFICATIONID=\"$SERVICENOTIFICATIONID$\" SERVICEDESC=\"$SERVICEDESC$\" SERVICESTATE=\"$SERVICESTATE$\" SERVICEOUTPUT=\"$SERVICEOUTPUT$\" $USER2$/notify_by_email service \"$NOTIFICATIONTYPE$\" \"$HOSTALIAS$\" \"$LONGDATETIME$\" \"$CONTACTEMAIL$\" $OVE";
+ # #sudo /usr/bin/strace -o /tmp/foo -vf -s 256 -u naemon $USER2$/notify_by_email
+ # #$OVE is to force naemon to run via shell instead of execve which fails here
+
+ notify-master = "$USER2$/send_nrdp.sh -u \"$USER200$\" -t \"$USER201$\" -H \"$HOSTADDRESS$\" -s \"$SERVICEDESC$\" -S \"$SERVICESTATEID$\" -o \"$SERVICEOUTPUT$\"";
+ };
+ timeperiod = {
+ "24x7" = {
+ alias = "24 Hours A Day, 7 Days A Week";
+ monday = "00:00-24:00";
+ tuesday = "00:00-24:00";
+ wednesday = "00:00-24:00";
+ thursday = "00:00-24:00";
+ friday = "00:00-24:00";
+ saturday = "00:00-24:00";
+ sunday = "00:00-24:00";
+ };
+ };
+ contactgroup = {
+ admins = { alias = "Naemon Administrators"; };
+ };
+ # No contact, we go through master
+ # contact = {
+ # immae = {
+ # alias = "Immae";
+ # use = "generic-contact";
+ # email = "xxxxxxxxxxxxxxxx";
+ # };
+ # };
+ templates = {
+ service = {
+ generic-service = {
+ active_checks_enabled = "1";
+ check_freshness = "0";
+ check_interval = "10";
+ check_period = "24x7";
+ contact_groups = "admins";
+ event_handler_enabled = "1";
+ flap_detection_enabled = "1";
+ is_volatile = "0";
+ max_check_attempts = "3";
+ notification_interval = "60";
+ notification_options = "w,u,c,r,f,s";
+ notification_period = "24x7";
+ notifications_enabled = "0"; # no notification since we send them to master
+ obsess_over_service = "1";
+ passive_checks_enabled = "1";
+ process_perf_data = "1";
+ retain_nonstatus_information = "1";
+ retain_status_information = "1";
+ retry_interval = "2";
+ };
+ local-service = {
+ use = "generic-service";
+ host_name = hostFQDN;
+ check_interval = "5";
+ max_check_attempts = "4";
+ retry_interval = "1";
+ };
+ };
+ # No contact, we go through master
+ # contact = {
+ # generic-contact = {
+ # host_notification_commands = "notify_host_by_email";
+ # host_notification_options = "d,u,r,f,s";
+ # host_notification_period = "24x7";
+ # service_notification_commands = "notify_service_by_email";
+ # service_notification_options = "w,u,c,r,f,s";
+ # service_notification_period = "24x7";
+ # };
+ # };
+ host = {
+ generic-host = {
+ event_handler_enabled = "1";
+ flap_detection_enabled = "1";
+ notification_period = "24x7";
+ notifications_enabled = "1";
+ process_perf_data = "1";
+ retain_nonstatus_information = "1";
+ retain_status_information = "1";
+ };
+ linux-server = {
+ check_command = "check_host_alive";
+ check_interval = "5";
+ check_period = "24x7";
+ contact_groups = "admins";
+ max_check_attempts = "10";
+ notification_interval = "120";
+ notification_options = "d,u,r,f";
+ retry_interval = "1";
+ };
+ };
+ };
+}
--- /dev/null
+{ ... }:
+{
+ service = [
+ {
+ service_description = "Postgresql replication for backup-2 is up to date";
+ use = "local-service";
+ check_command = ["check_postgresql_replication" "backup-2" "/run/postgresql" "5432"];
+ }
+ {
+ service_description = "mailq is empty";
+ use = "local-service";
+ check_command = ["check_mailq"];
+ }
+ ];
+}
--- /dev/null
+{ lib }:
+ with lib.attrsets;
+ with lib.strings;
+ with lib.lists;
+ with lib.trivial;
+let
+ pad = width: str: let
+ padWidth = width - stringLength str;
+ padding = concatStrings (genList (const " ") padWidth);
+ in str + optionalString (padWidth > 0) padding;
+ toStr = k: v:
+ if k == "check_command" && builtins.isList v
+ then builtins.concatStringsSep "!" v
+ else v;
+
+ toService = service: ''
+ define service {
+ ${builtins.concatStringsSep "\n" (mapAttrsToList (k: v:
+ " ${pad 30 k} ${toStr k v}"
+ ) service)}
+ }
+ '';
+ toServices = services: builtins.concatStringsSep "\n" (map toService services);
+
+ toCommand = k: v: ''
+ define command {
+ ${pad 30 "command_name"} ${k}
+ ${pad 30 "command_line"} ${v}
+ }
+ '';
+ toCommands = a: builtins.concatStringsSep "\n" (mapAttrsToList toCommand a);
+
+ toOther = keyname: k: v: ''
+ define ${keyname} {
+ ${pad 30 "${keyname}_name"} ${k}
+ ${builtins.concatStringsSep "\n" (mapAttrsToList (kk: vv:
+ " ${pad 30 kk} ${vv}"
+ ) v)}
+ }
+ '';
+ toOthers = keyname: a: builtins.concatStringsSep "\n" (mapAttrsToList (toOther keyname) a);
+
+ toTemplate = keyname: k: v: ''
+ define ${keyname} {
+ ${pad 30 "name"} ${k}
+ ${pad 30 "register"} 0
+ ${builtins.concatStringsSep "\n" (mapAttrsToList (kk: vv:
+ " ${pad 30 kk} ${vv}"
+ ) v)}
+ }
+ '';
+ toTemplates' = keyname: a: builtins.concatStringsSep "\n" (mapAttrsToList (toTemplate keyname) a);
+ toTemplates = v: builtins.concatStringsSep "\n" (mapAttrsToList toTemplates' v);
+
+ toObjects' = keyname: v:
+ if keyname == "service"
+ then toServices v
+ else if keyname == "command"
+ then toCommands v
+ else if keyname == "templates"
+ then toTemplates v
+ else if builtins.elem keyname ["host" "contactgroup" "contact" "timeperiod"]
+ then toOthers keyname v
+ else "";
+ toObjects = v: builtins.concatStringsSep "\n" (mapAttrsToList toObjects' v);
+in
+ toObjects
projects / perso / Immae / Config / Nix.git / commitdiff
