diff options
author | Ismaël Bouya <ismael.bouya@normalesup.org> | 2021-05-02 15:14:43 +0200 |
---|---|---|
committer | Ismaël Bouya <ismael.bouya@normalesup.org> | 2021-05-02 15:14:43 +0200 |
commit | e64a496820b90607cba3762db3ce77847aaac22d (patch) | |
tree | c7cb1c0e536ff75e3b523de7759c13e7b7a8a381 | |
parent | acab8301f6a0a76d97b36d009a60d4172bf62981 (diff) | |
download | Nix-e64a496820b90607cba3762db3ce77847aaac22d.tar.gz Nix-e64a496820b90607cba3762db3ce77847aaac22d.tar.zst Nix-e64a496820b90607cba3762db3ce77847aaac22d.zip |
Add monitoring for quatresaisons
-rw-r--r-- | modules/private/monitoring/default.nix | 2 | ||||
-rw-r--r-- | modules/private/monitoring/myplugins.nix | 6 | ||||
-rw-r--r-- | modules/private/monitoring/objects_monitoring-1.nix | 11 | ||||
-rw-r--r-- | modules/private/monitoring/objects_quatresaisons.nix | 19 | ||||
-rwxr-xr-x | modules/private/monitoring/plugins/check_postgres_database_count | 32 | ||||
-rw-r--r-- | modules/private/system/quatresaisons/databases.nix | 3 | ||||
m--------- | nixops/secrets | 0 |
7 files changed, 70 insertions, 3 deletions
diff --git a/modules/private/monitoring/default.nix b/modules/private/monitoring/default.nix index f00fb7c..12e94c9 100644 --- a/modules/private/monitoring/default.nix +++ b/modules/private/monitoring/default.nix | |||
@@ -238,7 +238,7 @@ in | |||
238 | broker_module=${pkgs.status_engine.module}/lib/status-engine/naemon/statusengine-${pkgs.naemon.status_engine_version}.o use_service_perfdata=1 use_process_data=0 use_system_command_data=0 use_external_command_data=0 use_flapping_data=0 use_program_status_data=0 use_notification_data=0 use_contact_status_data=0 use_contact_notification_data=0 use_event_handler_data=0 use_object_data=0 | 238 | broker_module=${pkgs.status_engine.module}/lib/status-engine/naemon/statusengine-${pkgs.naemon.status_engine_version}.o use_service_perfdata=1 use_process_data=0 use_system_command_data=0 use_external_command_data=0 use_flapping_data=0 use_program_status_data=0 use_notification_data=0 use_contact_status_data=0 use_contact_notification_data=0 use_event_handler_data=0 use_object_data=0 |
239 | ''; | 239 | ''; |
240 | extraResource = let | 240 | extraResource = let |
241 | resources = lib.mapAttrsToList (k: v: v.resources or {}) mypluginsConfig; | 241 | resources = [hostObjects.resources or {}] ++ (lib.mapAttrsToList (k: v: v.resources or {}) mypluginsConfig); |
242 | joined = lib.zipAttrsWith (n: v: if builtins.length (lib.unique v) == 1 then builtins.head v else abort "Non-unique resources names") resources; | 242 | joined = lib.zipAttrsWith (n: v: if builtins.length (lib.unique v) == 1 then builtins.head v else abort "Non-unique resources names") resources; |
243 | joinedStr = builtins.concatStringsSep "\n" (lib.mapAttrsToList (k: v: "$" + "${k}$=${v}") joined); | 243 | joinedStr = builtins.concatStringsSep "\n" (lib.mapAttrsToList (k: v: "$" + "${k}$=${v}") joined); |
244 | in '' | 244 | in '' |
diff --git a/modules/private/monitoring/myplugins.nix b/modules/private/monitoring/myplugins.nix index 8c77ee7..86b5f1e 100644 --- a/modules/private/monitoring/myplugins.nix +++ b/modules/private/monitoring/myplugins.nix | |||
@@ -310,6 +310,7 @@ in | |||
310 | postgresql = { | 310 | postgresql = { |
311 | commands = { | 311 | commands = { |
312 | check_postgresql_replication = "${sudo} -u postgres $USER2$/check_postgres_replication \"$ARG1$\" \"$ARG2$\" \"$ARG3$\""; | 312 | check_postgresql_replication = "${sudo} -u postgres $USER2$/check_postgres_replication \"$ARG1$\" \"$ARG2$\" \"$ARG3$\""; |
313 | check_postgresql_database_count = "$USER2$/check_postgres_database_count \"$ARG1$\" \"$ARG2$\" \"$ARG3$\""; | ||
313 | }; | 314 | }; |
314 | chunk = let | 315 | chunk = let |
315 | postgresqlBinary = if config.myServices.databasesReplication.postgresql.enable | 316 | postgresqlBinary = if config.myServices.databasesReplication.postgresql.enable |
@@ -323,6 +324,11 @@ in | |||
323 | wrapProgram $out/check_postgres_replication --prefix PATH : ${lib.makeBinPath [ | 324 | wrapProgram $out/check_postgres_replication --prefix PATH : ${lib.makeBinPath [ |
324 | postgresqlBinary | 325 | postgresqlBinary |
325 | ]} | 326 | ]} |
327 | cp ${./plugins}/check_postgres_database_count $out/ | ||
328 | patchShebangs $out/check_postgres_database_count | ||
329 | wrapProgram $out/check_postgres_database_count --prefix PATH : ${lib.makeBinPath [ | ||
330 | postgresqlBinary | ||
331 | ]} | ||
326 | ''; | 332 | ''; |
327 | 333 | ||
328 | sudo = myplugins: { | 334 | sudo = myplugins: { |
diff --git a/modules/private/monitoring/objects_monitoring-1.nix b/modules/private/monitoring/objects_monitoring-1.nix index 32dbe4b..0e7d9df 100644 --- a/modules/private/monitoring/objects_monitoring-1.nix +++ b/modules/private/monitoring/objects_monitoring-1.nix | |||
@@ -372,6 +372,17 @@ in | |||
372 | } | 372 | } |
373 | 373 | ||
374 | { | 374 | { |
375 | service_description = "nextcloud website is running on nextcloud.4c.salle-s.org"; | ||
376 | host_name = "quatresaisons.immae.eu"; | ||
377 | use = "external-web-service"; | ||
378 | check_command = ["check_https" "nextcloud.4c.salle-s.org" "/" "a safe home for all your data"]; | ||
379 | |||
380 | servicegroups = "webstatus-webapps"; | ||
381 | _webstatus_name = "Nextcloud"; | ||
382 | _webstatus_url = "https://nextcloud.4c.salle-s.org"; | ||
383 | } | ||
384 | |||
385 | { | ||
375 | service_description = "davical website is running on dav.immae.eu"; | 386 | service_description = "davical website is running on dav.immae.eu"; |
376 | host_name = "eldiron.immae.eu"; | 387 | host_name = "eldiron.immae.eu"; |
377 | use = "external-web-service"; | 388 | use = "external-web-service"; |
diff --git a/modules/private/monitoring/objects_quatresaisons.nix b/modules/private/monitoring/objects_quatresaisons.nix index 55d5631..f30cf81 100644 --- a/modules/private/monitoring/objects_quatresaisons.nix +++ b/modules/private/monitoring/objects_quatresaisons.nix | |||
@@ -1,4 +1,4 @@ | |||
1 | { lib, hostFQDN, emailCheck, ... }: | 1 | { lib, hostFQDN, emailCheck, openldap, ... }: |
2 | let | 2 | let |
3 | defaultPassiveInfo = { | 3 | defaultPassiveInfo = { |
4 | filter = lib.attrsets.filterAttrs | 4 | filter = lib.attrsets.filterAttrs |
@@ -11,7 +11,10 @@ let | |||
11 | }; | 11 | }; |
12 | in | 12 | in |
13 | { | 13 | { |
14 | activatedPlugins = [ "megaraid" ]; | 14 | resources = { |
15 | USER212 = "{{ .monitoring.quatresaisons.naemon_ldap }}"; | ||
16 | }; | ||
17 | activatedPlugins = [ "megaraid" "command" "postgresql" ]; | ||
15 | service = [ | 18 | service = [ |
16 | { | 19 | { |
17 | passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-resources"; }; | 20 | passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-resources"; }; |
@@ -19,5 +22,17 @@ in | |||
19 | use = "local-service"; | 22 | use = "local-service"; |
20 | check_command = ["check_megaraid"]; | 23 | check_command = ["check_megaraid"]; |
21 | } | 24 | } |
25 | { | ||
26 | passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-resources"; }; | ||
27 | service_description = "LDAP is running"; | ||
28 | use = "local-service"; | ||
29 | check_command = [ "check_command_status" "${openldap}/bin/ldapwhoami -D uid=naemon,ou=services,dc=salle-s,dc=org -w $USER212$" "0" ""]; | ||
30 | } | ||
31 | { | ||
32 | passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-resources"; }; | ||
33 | service_description = "Postgresql is running"; | ||
34 | use = "local-service"; | ||
35 | check_command = [ "check_postgresql_database_count" "/run/postgresql" "5432" "3" ]; | ||
36 | } | ||
22 | ]; | 37 | ]; |
23 | } | 38 | } |
diff --git a/modules/private/monitoring/plugins/check_postgres_database_count b/modules/private/monitoring/plugins/check_postgres_database_count new file mode 100755 index 0000000..43bdd8c --- /dev/null +++ b/modules/private/monitoring/plugins/check_postgres_database_count | |||
@@ -0,0 +1,32 @@ | |||
1 | #!/bin/bash | ||
2 | |||
3 | STATE_OK=0 | ||
4 | STATE_WARNING=1 | ||
5 | STATE_CRITICAL=2 | ||
6 | STATE_UNKNOWN=3 | ||
7 | |||
8 | host=$1 | ||
9 | port=$2 | ||
10 | min=$3 | ||
11 | |||
12 | count=$(psql -h $host -p $port -A -q -c '\t' -c 'select count(datname) from pg_catalog.pg_database' postgres 2>&1) | ||
13 | exit_code=$? | ||
14 | |||
15 | if [[ $exit_code -ne 0 ]]; then | ||
16 | echo "UNKNOWN - Impossible to run psql command: $count" | ||
17 | exit $STATE_UNKNOWN | ||
18 | elif [[ -z "$count" ]]; then | ||
19 | echo "UNKNOWN - No database found" | ||
20 | exit $STATE_UNKNOWN | ||
21 | else | ||
22 | output="Database count is $count" | ||
23 | LC_ALL=C count=$(printf "%.*f" 0 $count) | ||
24 | |||
25 | if [[ $count -gt $min ]]; then | ||
26 | echo "OK - $output | count=${count};$min;$min;0;" | ||
27 | exit $STATE_OK | ||
28 | else | ||
29 | echo "CRITICAL - $output | count=${count};$min;$min;0;" | ||
30 | exit $STATE_CRITICAL | ||
31 | fi | ||
32 | fi | ||
diff --git a/modules/private/system/quatresaisons/databases.nix b/modules/private/system/quatresaisons/databases.nix index 3491ae4..8748058 100644 --- a/modules/private/system/quatresaisons/databases.nix +++ b/modules/private/system/quatresaisons/databases.nix | |||
@@ -6,6 +6,9 @@ | |||
6 | in { | 6 | in { |
7 | services.postgresql.enable = true; | 7 | services.postgresql.enable = true; |
8 | services.postgresql.package = pkgs.postgresql_12; | 8 | services.postgresql.package = pkgs.postgresql_12; |
9 | services.postgresql.ensureUsers = [ | ||
10 | { name = "naemon"; } | ||
11 | ]; | ||
9 | secrets.keys = [ | 12 | secrets.keys = [ |
10 | { | 13 | { |
11 | dest = "ldap/password"; | 14 | dest = "ldap/password"; |
diff --git a/nixops/secrets b/nixops/secrets | |||
Subproject bf72e9cc77b6c2217ae9e9a272805b1d917336c | Subproject 36233b7f760f9a3a20b8684e1f04b1b3a54c28f | ||