Add monitoring for quatresaisons

author Ismaël Bouya <ismael.bouya@normalesup.org>

Sun, 2 May 2021 13:14:43 +0000 (15:14 +0200)

committer Ismaël Bouya <ismael.bouya@normalesup.org>

Sun, 2 May 2021 13:14:43 +0000 (15:14 +0200)
author Ismaël Bouya <ismael.bouya@normalesup.org>
Sun, 2 May 2021 13:14:43 +0000 (15:14 +0200)
committer Ismaël Bouya <ismael.bouya@normalesup.org>
Sun, 2 May 2021 13:14:43 +0000 (15:14 +0200)
diff --git a/modules/private/monitoring/default.nix b/modules/private/monitoring/default.nix

index f00fb7c33c38a09f57e0f1a415d10c86006dcbb0..12e94c9e574a6166bc831dc0cef66a57153978b4 100644 (file)
--- a/modules/private/monitoring/default.nix
+++ b/modules/private/monitoring/default.nix
@@ -238,7 +238,7 @@ in
          broker_module=${pkgs.status_engine.module}/lib/status-engine/naemon/statusengine-${pkgs.naemon.status_engine_version}.o use_service_perfdata=1 use_process_data=0 use_system_command_data=0 use_external_command_data=0 use_flapping_data=0 use_program_status_data=0 use_notification_data=0 use_contact_status_data=0 use_contact_notification_data=0 use_event_handler_data=0 use_object_data=0
        '';
        extraResource = let
          broker_module=${pkgs.status_engine.module}/lib/status-engine/naemon/statusengine-${pkgs.naemon.status_engine_version}.o use_service_perfdata=1 use_process_data=0 use_system_command_data=0 use_external_command_data=0 use_flapping_data=0 use_program_status_data=0 use_notification_data=0 use_contact_status_data=0 use_contact_notification_data=0 use_event_handler_data=0 use_object_data=0
        '';
        extraResource = let
-        resources = lib.mapAttrsToList (k: v: v.resources or {}) mypluginsConfig;
+        resources = [hostObjects.resources or {}] ++ (lib.mapAttrsToList (k: v: v.resources or {}) mypluginsConfig);
          joined = lib.zipAttrsWith (n: v: if builtins.length (lib.unique v) == 1 then builtins.head v else abort "Non-unique resources names") resources;
          joinedStr = builtins.concatStringsSep "\n" (lib.mapAttrsToList (k: v: "$" + "${k}$=${v}") joined);
        in ''
          joined = lib.zipAttrsWith (n: v: if builtins.length (lib.unique v) == 1 then builtins.head v else abort "Non-unique resources names") resources;
          joinedStr = builtins.concatStringsSep "\n" (lib.mapAttrsToList (k: v: "$" + "${k}$=${v}") joined);
        in ''
diff --git a/modules/private/monitoring/myplugins.nix b/modules/private/monitoring/myplugins.nix

index 8c77ee77d3618ac8f88f076ffb9394116aa76b5a..86b5f1ec29449e5d1d5271e1dfe00368a77735b4 100644 (file)
--- a/modules/private/monitoring/myplugins.nix
+++ b/modules/private/monitoring/myplugins.nix
@@ -310,6 +310,7 @@ in
    postgresql = {
      commands = {
        check_postgresql_replication = "${sudo} -u postgres $USER2$/check_postgres_replication \"$ARG1$\" \"$ARG2$\" \"$ARG3$\"";
    postgresql = {
      commands = {
        check_postgresql_replication = "${sudo} -u postgres $USER2$/check_postgres_replication \"$ARG1$\" \"$ARG2$\" \"$ARG3$\"";
+      check_postgresql_database_count = "$USER2$/check_postgres_database_count \"$ARG1$\" \"$ARG2$\" \"$ARG3$\"";
      };
      chunk = let
        postgresqlBinary = if config.myServices.databasesReplication.postgresql.enable
      };
      chunk = let
        postgresqlBinary = if config.myServices.databasesReplication.postgresql.enable
@@ -323,6 +324,11 @@ in
        wrapProgram $out/check_postgres_replication --prefix PATH : ${lib.makeBinPath [
          postgresqlBinary
        ]}
        wrapProgram $out/check_postgres_replication --prefix PATH : ${lib.makeBinPath [
          postgresqlBinary
        ]}
+      cp ${./plugins}/check_postgres_database_count $out/
+      patchShebangs $out/check_postgres_database_count
+      wrapProgram $out/check_postgres_database_count --prefix PATH : ${lib.makeBinPath [
+        postgresqlBinary
+      ]}
      '';
  
      sudo = myplugins: {
      '';
  
      sudo = myplugins: {
diff --git a/modules/private/monitoring/objects_monitoring-1.nix b/modules/private/monitoring/objects_monitoring-1.nix

index 32dbe4b9cd758b340f3bd13903cd587a4fd606ab..0e7d9dfd1205e491d3d17d09ac5e02be8a679564 100644 (file)
--- a/modules/private/monitoring/objects_monitoring-1.nix
+++ b/modules/private/monitoring/objects_monitoring-1.nix
@@ -371,6 +371,17 @@ in
        _webstatus_url = "https://cloud.immae.eu";
      }
  
        _webstatus_url = "https://cloud.immae.eu";
      }
  
+    {
+      service_description = "nextcloud website is running on nextcloud.4c.salle-s.org";
+      host_name = "quatresaisons.immae.eu";
+      use = "external-web-service";
+      check_command = ["check_https" "nextcloud.4c.salle-s.org" "/" "a safe home for all your data"];
+
+      servicegroups = "webstatus-webapps";
+      _webstatus_name = "Nextcloud";
+      _webstatus_url = "https://nextcloud.4c.salle-s.org";
+    }
+
      {
        service_description = "davical website is running on dav.immae.eu";
        host_name = "eldiron.immae.eu";
      {
        service_description = "davical website is running on dav.immae.eu";
        host_name = "eldiron.immae.eu";
diff --git a/modules/private/monitoring/objects_quatresaisons.nix b/modules/private/monitoring/objects_quatresaisons.nix

index 55d563120d11f9ce19d23e0152f493e5bc7f4ff1..f30cf81f49579196370dc87838ad0c85d036b04f 100644 (file)
--- a/modules/private/monitoring/objects_quatresaisons.nix
+++ b/modules/private/monitoring/objects_quatresaisons.nix
@@ -1,4 +1,4 @@
-{ lib, hostFQDN, emailCheck, ... }:
+{ lib, hostFQDN, emailCheck, openldap, ... }:
  let
    defaultPassiveInfo = {
      filter = lib.attrsets.filterAttrs
  let
    defaultPassiveInfo = {
      filter = lib.attrsets.filterAttrs
@@ -11,7 +11,10 @@ let
    };
  in
  {
    };
  in
  {
-  activatedPlugins = [ "megaraid" ];
+  resources = {
+    USER212 = "{{ .monitoring.quatresaisons.naemon_ldap }}";
+  };
+  activatedPlugins = [ "megaraid" "command" "postgresql" ];
    service = [
      {
        passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-resources"; };
    service = [
      {
        passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-resources"; };
@@ -19,5 +22,17 @@ in
        use = "local-service";
        check_command = ["check_megaraid"];
      }
        use = "local-service";
        check_command = ["check_megaraid"];
      }
+    {
+      passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-resources"; };
+      service_description = "LDAP is running";
+      use = "local-service";
+      check_command = [ "check_command_status" "${openldap}/bin/ldapwhoami -D uid=naemon,ou=services,dc=salle-s,dc=org -w $USER212$" "0" ""];
+    }
+    {
+      passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-resources"; };
+      service_description = "Postgresql is running";
+      use = "local-service";
+      check_command = [ "check_postgresql_database_count" "/run/postgresql" "5432" "3" ];
+    }
    ];
  }
    ];
  }
diff --git a/modules/private/monitoring/plugins/check_postgres_database_count b/modules/private/monitoring/plugins/check_postgres_database_count

new file mode 100755 (executable)

index 0000000..43bdd8c
--- /dev/null
+++ b/modules/private/monitoring/plugins/check_postgres_database_count
@@ -0,0 +1,32 @@
+#!/bin/bash
+
+STATE_OK=0
+STATE_WARNING=1
+STATE_CRITICAL=2
+STATE_UNKNOWN=3
+
+host=$1
+port=$2
+min=$3
+
+count=$(psql -h $host -p $port -A -q -c '\t' -c 'select count(datname) from pg_catalog.pg_database' postgres 2>&1)
+exit_code=$?
+
+if [[ $exit_code -ne 0 ]]; then
+  echo "UNKNOWN - Impossible to run psql command: $count"
+  exit $STATE_UNKNOWN
+elif [[ -z "$count" ]]; then
+  echo "UNKNOWN - No database found"
+  exit $STATE_UNKNOWN
+else
+  output="Database count is $count"
+  LC_ALL=C count=$(printf "%.*f" 0 $count)
+
+  if [[ $count -gt $min ]]; then
+    echo "OK - $output | count=${count};$min;$min;0;"
+    exit $STATE_OK
+  else
+    echo "CRITICAL - $output | count=${count};$min;$min;0;"
+    exit $STATE_CRITICAL
+  fi
+fi
diff --git a/modules/private/system/quatresaisons/databases.nix b/modules/private/system/quatresaisons/databases.nix

index 3491ae4fccdcb4b28e530c7f59ba73901280ebfc..8748058d6856d3450d25cb716f3f8db7e876d865 100644 (file)
--- a/modules/private/system/quatresaisons/databases.nix
+++ b/modules/private/system/quatresaisons/databases.nix
@@ -6,6 +6,9 @@
    in {
      services.postgresql.enable = true;
      services.postgresql.package = pkgs.postgresql_12;
    in {
      services.postgresql.enable = true;
      services.postgresql.package = pkgs.postgresql_12;
+    services.postgresql.ensureUsers = [
+      { name = "naemon"; }
+    ];
      secrets.keys = [
        {
          dest = "ldap/password";
      secrets.keys = [
        {
          dest = "ldap/password";
diff --git a/nixops/secrets b/nixops/secrets

index bf72e9cc77b6c2217ae9e9a272805b1d917336c3..36233b7f760f9a3a20b8684e1f04b1b3a54c28f1 160000 (submodule)
--- a/nixops/secrets
+++ b/nixops/secrets
@@ -1 +1 @@
-Subproject commit bf72e9cc77b6c2217ae9e9a272805b1d917336c3
+Subproject commit 36233b7f760f9a3a20b8684e1f04b1b3a54c28f1
author	Ismaël Bouya <ismael.bouya@normalesup.org>
	Sun, 2 May 2021 13:14:43 +0000 (15:14 +0200)
committer	Ismaël Bouya <ismael.bouya@normalesup.org>
	Sun, 2 May 2021 13:14:43 +0000 (15:14 +0200)
modules/private/monitoring/default.nix		patch \| blob \| blame \| history
modules/private/monitoring/myplugins.nix		patch \| blob \| blame \| history
modules/private/monitoring/objects_monitoring-1.nix		patch \| blob \| blame \| history
modules/private/monitoring/objects_quatresaisons.nix		patch \| blob \| blame \| history
modules/private/monitoring/plugins/check_postgres_database_count	[new file with mode: 0755]	patch \| blob
modules/private/system/quatresaisons/databases.nix		patch \| blob \| blame \| history
nixops/secrets		patch \| blob \| blame \| history