From: Ismaƫl Bouya Date: Sun, 2 May 2021 13:14:43 +0000 (+0200) Subject: Add monitoring for quatresaisons X-Git-Url: https://git.immae.eu/?p=perso%2FImmae%2FConfig%2FNix.git;a=commitdiff_plain;h=e64a496820b90607cba3762db3ce77847aaac22d Add monitoring for quatresaisons --- diff --git a/modules/private/monitoring/default.nix b/modules/private/monitoring/default.nix index f00fb7c..12e94c9 100644 --- a/modules/private/monitoring/default.nix +++ b/modules/private/monitoring/default.nix @@ -238,7 +238,7 @@ in broker_module=${pkgs.status_engine.module}/lib/status-engine/naemon/statusengine-${pkgs.naemon.status_engine_version}.o use_service_perfdata=1 use_process_data=0 use_system_command_data=0 use_external_command_data=0 use_flapping_data=0 use_program_status_data=0 use_notification_data=0 use_contact_status_data=0 use_contact_notification_data=0 use_event_handler_data=0 use_object_data=0 ''; extraResource = let - resources = lib.mapAttrsToList (k: v: v.resources or {}) mypluginsConfig; + resources = [hostObjects.resources or {}] ++ (lib.mapAttrsToList (k: v: v.resources or {}) mypluginsConfig); joined = lib.zipAttrsWith (n: v: if builtins.length (lib.unique v) == 1 then builtins.head v else abort "Non-unique resources names") resources; joinedStr = builtins.concatStringsSep "\n" (lib.mapAttrsToList (k: v: "$" + "${k}$=${v}") joined); in '' diff --git a/modules/private/monitoring/myplugins.nix b/modules/private/monitoring/myplugins.nix index 8c77ee7..86b5f1e 100644 --- a/modules/private/monitoring/myplugins.nix +++ b/modules/private/monitoring/myplugins.nix @@ -310,6 +310,7 @@ in postgresql = { commands = { check_postgresql_replication = "${sudo} -u postgres $USER2$/check_postgres_replication \"$ARG1$\" \"$ARG2$\" \"$ARG3$\""; + check_postgresql_database_count = "$USER2$/check_postgres_database_count \"$ARG1$\" \"$ARG2$\" \"$ARG3$\""; }; chunk = let postgresqlBinary = if config.myServices.databasesReplication.postgresql.enable @@ -323,6 +324,11 @@ in wrapProgram $out/check_postgres_replication --prefix PATH : ${lib.makeBinPath [ postgresqlBinary ]} + cp ${./plugins}/check_postgres_database_count $out/ + patchShebangs $out/check_postgres_database_count + wrapProgram $out/check_postgres_database_count --prefix PATH : ${lib.makeBinPath [ + postgresqlBinary + ]} ''; sudo = myplugins: { diff --git a/modules/private/monitoring/objects_monitoring-1.nix b/modules/private/monitoring/objects_monitoring-1.nix index 32dbe4b..0e7d9df 100644 --- a/modules/private/monitoring/objects_monitoring-1.nix +++ b/modules/private/monitoring/objects_monitoring-1.nix @@ -371,6 +371,17 @@ in _webstatus_url = "https://cloud.immae.eu"; } + { + service_description = "nextcloud website is running on nextcloud.4c.salle-s.org"; + host_name = "quatresaisons.immae.eu"; + use = "external-web-service"; + check_command = ["check_https" "nextcloud.4c.salle-s.org" "/" "a safe home for all your data"]; + + servicegroups = "webstatus-webapps"; + _webstatus_name = "Nextcloud"; + _webstatus_url = "https://nextcloud.4c.salle-s.org"; + } + { service_description = "davical website is running on dav.immae.eu"; host_name = "eldiron.immae.eu"; diff --git a/modules/private/monitoring/objects_quatresaisons.nix b/modules/private/monitoring/objects_quatresaisons.nix index 55d5631..f30cf81 100644 --- a/modules/private/monitoring/objects_quatresaisons.nix +++ b/modules/private/monitoring/objects_quatresaisons.nix @@ -1,4 +1,4 @@ -{ lib, hostFQDN, emailCheck, ... }: +{ lib, hostFQDN, emailCheck, openldap, ... }: let defaultPassiveInfo = { filter = lib.attrsets.filterAttrs @@ -11,7 +11,10 @@ let }; in { - activatedPlugins = [ "megaraid" ]; + resources = { + USER212 = "{{ .monitoring.quatresaisons.naemon_ldap }}"; + }; + activatedPlugins = [ "megaraid" "command" "postgresql" ]; service = [ { passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-resources"; }; @@ -19,5 +22,17 @@ in use = "local-service"; check_command = ["check_megaraid"]; } + { + passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-resources"; }; + service_description = "LDAP is running"; + use = "local-service"; + check_command = [ "check_command_status" "${openldap}/bin/ldapwhoami -D uid=naemon,ou=services,dc=salle-s,dc=org -w $USER212$" "0" ""]; + } + { + passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-resources"; }; + service_description = "Postgresql is running"; + use = "local-service"; + check_command = [ "check_postgresql_database_count" "/run/postgresql" "5432" "3" ]; + } ]; } diff --git a/modules/private/monitoring/plugins/check_postgres_database_count b/modules/private/monitoring/plugins/check_postgres_database_count new file mode 100755 index 0000000..43bdd8c --- /dev/null +++ b/modules/private/monitoring/plugins/check_postgres_database_count @@ -0,0 +1,32 @@ +#!/bin/bash + +STATE_OK=0 +STATE_WARNING=1 +STATE_CRITICAL=2 +STATE_UNKNOWN=3 + +host=$1 +port=$2 +min=$3 + +count=$(psql -h $host -p $port -A -q -c '\t' -c 'select count(datname) from pg_catalog.pg_database' postgres 2>&1) +exit_code=$? + +if [[ $exit_code -ne 0 ]]; then + echo "UNKNOWN - Impossible to run psql command: $count" + exit $STATE_UNKNOWN +elif [[ -z "$count" ]]; then + echo "UNKNOWN - No database found" + exit $STATE_UNKNOWN +else + output="Database count is $count" + LC_ALL=C count=$(printf "%.*f" 0 $count) + + if [[ $count -gt $min ]]; then + echo "OK - $output | count=${count};$min;$min;0;" + exit $STATE_OK + else + echo "CRITICAL - $output | count=${count};$min;$min;0;" + exit $STATE_CRITICAL + fi +fi diff --git a/modules/private/system/quatresaisons/databases.nix b/modules/private/system/quatresaisons/databases.nix index 3491ae4..8748058 100644 --- a/modules/private/system/quatresaisons/databases.nix +++ b/modules/private/system/quatresaisons/databases.nix @@ -6,6 +6,9 @@ in { services.postgresql.enable = true; services.postgresql.package = pkgs.postgresql_12; + services.postgresql.ensureUsers = [ + { name = "naemon"; } + ]; secrets.keys = [ { dest = "ldap/password"; diff --git a/nixops/secrets b/nixops/secrets index bf72e9c..36233b7 160000 --- a/nixops/secrets +++ b/nixops/secrets @@ -1 +1 @@ -Subproject commit bf72e9cc77b6c2217ae9e9a272805b1d917336c3 +Subproject commit 36233b7f760f9a3a20b8684e1f04b1b3a54c28f1