aboutsummaryrefslogtreecommitdiff
path: root/modules/private/monitoring
diff options
context:
space:
mode:
Diffstat (limited to 'modules/private/monitoring')
-rw-r--r--modules/private/monitoring/default.nix249
-rw-r--r--modules/private/monitoring/myplugins.nix389
-rw-r--r--modules/private/monitoring/nagios-cli.cfg68
-rw-r--r--modules/private/monitoring/objects_backup-2.nix111
-rw-r--r--modules/private/monitoring/objects_common.nix253
-rw-r--r--modules/private/monitoring/objects_dilion.nix32
-rw-r--r--modules/private/monitoring/objects_eban.nix70
-rw-r--r--modules/private/monitoring/objects_eldiron.nix38
-rw-r--r--modules/private/monitoring/objects_master.nix39
-rw-r--r--modules/private/monitoring/objects_monitoring-1.nix714
-rw-r--r--modules/private/monitoring/objects_phare.nix17
-rw-r--r--modules/private/monitoring/objects_quatresaisons.nix38
-rw-r--r--modules/private/monitoring/objects_tiboqorl-fr.nix174
-rw-r--r--modules/private/monitoring/objects_ulminfo-fr.nix17
-rwxr-xr-xmodules/private/monitoring/plugins/check_backup_age66
-rwxr-xr-xmodules/private/monitoring/plugins/check_bandwidth123
-rwxr-xr-xmodules/private/monitoring/plugins/check_command113
-rwxr-xr-xmodules/private/monitoring/plugins/check_emails121
-rwxr-xr-xmodules/private/monitoring/plugins/check_eriomem83
-rwxr-xr-xmodules/private/monitoring/plugins/check_ftp_database11
-rwxr-xr-xmodules/private/monitoring/plugins/check_git81
-rwxr-xr-xmodules/private/monitoring/plugins/check_imap_connection52
-rwxr-xr-xmodules/private/monitoring/plugins/check_last_file_date28
-rwxr-xr-xmodules/private/monitoring/plugins/check_mem.sh29
-rwxr-xr-xmodules/private/monitoring/plugins/check_mysql_replication41
-rwxr-xr-xmodules/private/monitoring/plugins/check_openldap_replication54
-rwxr-xr-xmodules/private/monitoring/plugins/check_ovh_sms25
-rwxr-xr-xmodules/private/monitoring/plugins/check_postgres_database_count32
-rwxr-xr-xmodules/private/monitoring/plugins/check_postgres_replication35
-rwxr-xr-xmodules/private/monitoring/plugins/check_redis_replication38
-rwxr-xr-xmodules/private/monitoring/plugins/check_zfs_snapshot325
-rwxr-xr-xmodules/private/monitoring/plugins/notify_by_email29
-rwxr-xr-xmodules/private/monitoring/plugins/notify_by_slack46
-rwxr-xr-xmodules/private/monitoring/plugins/notify_eban_url6
-rwxr-xr-xmodules/private/monitoring/plugins/send_nrdp.sh57
-rwxr-xr-xmodules/private/monitoring/send_mails15
-rw-r--r--modules/private/monitoring/status.nix93
-rwxr-xr-xmodules/private/monitoring/status/app.py414
-rw-r--r--modules/private/monitoring/status_engine.nix115
-rw-r--r--modules/private/monitoring/to_objects.nix77
40 files changed, 0 insertions, 4318 deletions
diff --git a/modules/private/monitoring/default.nix b/modules/private/monitoring/default.nix
deleted file mode 100644
index 0783c2f..0000000
--- a/modules/private/monitoring/default.nix
+++ /dev/null
@@ -1,249 +0,0 @@
1{ config, pkgs, lib, name, nodes, ... }:
2let
3 cfg = config.myServices.monitoring;
4 activatedPlugins = [ "memory" "command" "bandwidth" ]
5 ++ (if cfg.master then (masterObjects.activatedPlugins or []) else [])
6 ++ (if cfg.master then (lib.flatten (map (v: v.activatedPlugins or []) otherObjects)) else [])
7 ++ (hostObjects.activatedPlugins or [])
8 ++ (if cfg.master then ["notify-primary"] else ["notify-secondary"]);
9 allPluginsConfig = import ./myplugins.nix {
10 inherit pkgs lib config;
11 sudo = "/run/wrappers/bin/sudo";
12 };
13 mypluginsConfig = lib.getAttrs activatedPlugins allPluginsConfig;
14 myplugins = let
15 mypluginsChunk = builtins.concatStringsSep "\n" (lib.attrsets.mapAttrsToList (k: v: v.chunk or "") mypluginsConfig);
16 in pkgs.runCommand "buildplugins" {
17 buildInputs = [ pkgs.makeWrapper pkgs.perl ];
18 } ''
19 mkdir $out
20 ${mypluginsChunk}
21 '';
22 toObjects = pkgs.callPackage ./to_objects.nix {};
23 commonConfig = {
24 dilion = {
25 processWarn = "250"; processAlert = "400";
26 loadWarn = "1.0"; loadAlert = "1.2";
27 interface = "eth0";
28 };
29 eldiron = {
30 processWarn = "550"; processAlert = "650";
31 loadWarn = "1.0"; loadAlert = "1.2";
32 interface = "eth0";
33 };
34 backup-2 = {
35 processWarn = "60"; processAlert = "70";
36 loadWarn = "1.0"; loadAlert = "2.0";
37 interface = "ens3";
38 };
39 monitoring-1 = {
40 processWarn = "50"; processAlert = "60";
41 loadWarn = "4.0"; loadAlert = "6.0";
42 load15Warn = "1.0"; load15Alert = "2.0";
43 interface = "ens3";
44 };
45 quatresaisons = {
46 processWarn = "250"; processAlert = "400";
47 loadWarn = "1.0"; loadAlert = "1.2";
48 interface = "eth0";
49 };
50 };
51 externalObjects = lib.genAttrs [ "tiboqorl-fr" ]
52 (n: pkgs.callPackage (./. + "/objects_" + n + ".nix") { inherit emailCheck; });
53 masterPassiveObjects = let
54 passiveNodes = lib.attrsets.filterAttrs (n: _: builtins.elem n ["backup-2" "eldiron" "quatresaisons" "dilion"]) nodes;
55 toPassiveServices = map (s: s.passiveInfo.filter s // s.passiveInfo);
56 passiveServices = lib.flatten (lib.attrsets.mapAttrsToList
57 (_: n: toPassiveServices n.config.myServices.monitoring.services)
58 passiveNodes
59 ) ++ lib.flatten (lib.attrsets.mapAttrsToList
60 (_: n: toPassiveServices n.service)
61 externalObjects);
62 in {
63 service = passiveServices;
64 host = lib.lists.foldr
65 (a: b: a//b)
66 {}
67 (lib.attrsets.mapAttrsToList (_: h: h.config.myServices.monitoring.hosts) passiveNodes
68 ++ lib.attrsets.mapAttrsToList (_: n: n.host) externalObjects);
69 };
70 emailCheck = host: hostFQDN: let
71 allCfg = config.myEnv.monitoring.email_check;
72 cfg = allCfg."${host}";
73 reverseTargets = builtins.attrNames (lib.attrsets.filterAttrs (k: v: builtins.elem host v.targets) allCfg);
74 to_email = cfg': host':
75 let sep = if lib.strings.hasInfix "+" cfg'.mail_address then "_" else "+";
76 in "${cfg'.mail_address}${sep}${host'}@${cfg'.mail_domain}";
77 mails_to_send = builtins.concatStringsSep "," (map (n: to_email allCfg."${n}" host) cfg.targets);
78 mails_to_receive = builtins.concatStringsSep "," (map (n: "${to_email cfg n}:${n}") reverseTargets);
79 command = if cfg.local
80 then
81 [ "check_emails_local" "/var/lib/naemon/checks/email" mails_to_send mails_to_receive ]
82 else
83 [ "check_emails" cfg.login cfg.port mails_to_send mails_to_receive ];
84 in
85 {
86 service_description = "${hostFQDN} email service is active";
87 use = "mail-service";
88 host_name = hostFQDN;
89 servicegroups = "webstatus-email";
90 check_command = command;
91 };
92 otherObjects = map
93 (n: (pkgs.callPackage (./. + "/objects_" + n + ".nix") { inherit emailCheck; }))
94 [ "ulminfo-fr" "phare" "eban" ];
95 masterObjects = pkgs.callPackage ./objects_master.nix { inherit config; };
96 commonObjects = pkgs.callPackage ./objects_common.nix ({
97 master = cfg.master;
98 hostFQDN = config.hostEnv.fqdn;
99 hostName = name;
100 inherit mypluginsConfig;
101 } // builtins.getAttr name commonConfig);
102 hostObjects =
103 let
104 specific_file = ./. + "/objects_" + name + ".nix";
105 in
106 lib.attrsets.optionalAttrs
107 (builtins.pathExists specific_file)
108 (pkgs.callPackage specific_file {
109 inherit config nodes emailCheck;
110 hostFQDN = config.hostEnv.fqdn;
111 hostName = name;
112 });
113 objectsFiles = lib.mapAttrs' (name: value: lib.nameValuePair
114 "=/${name}/objects.conf" { alias = pkgs.writeText "objects.conf" (toObjects value); }
115 ) externalObjects;
116in
117{
118 options = {
119 myServices.monitoring = {
120 enable = lib.mkOption {
121 type = lib.types.bool;
122 default = false;
123 description = ''
124 Whether to enable monitoring.
125 '';
126 };
127 master = lib.mkOption {
128 type = lib.types.bool;
129 default = false;
130 description = ''
131 This instance is the master instance
132 '';
133 };
134 hosts = lib.mkOption {
135 readOnly = true;
136 description = "Hosts list for this host";
137 default = (commonObjects.host or {}) // (hostObjects.host or {});
138 };
139 services = lib.mkOption {
140 readOnly = true;
141 description = "Services list for this host";
142 default = commonObjects.service ++ hostObjects.service;
143 };
144 };
145 };
146
147 config = lib.mkIf cfg.enable {
148 services.nginx = lib.mkIf config.myServices.status.enable {
149 virtualHosts."status.immae.eu".locations = objectsFiles // {
150 "=/common/immae.cfg" = {
151 alias = pkgs.writeText "immae.cfg" ''
152 # put me for instance in /etc/naemon/module-conf.d/immae.cfg
153 # Make sure that you have include_dir=module-conf.d in
154 # naemon.cfg
155 log_initial_states=1
156 date_format=iso8601
157 admin_email=${config.myEnv.monitoring.email}
158 obsess_over_services=1
159 ocsp_command=notify-master
160 '';
161 };
162 "=/common/resource.cfg" = {
163 alias = pkgs.writeText "resource.cfg" ''
164 # Resource.cfg file
165 # Replace this with path to monitoring plugins
166 $USER1$=@@COMMON_PLUGINS@@
167 # Replace this with a path to scripts from
168 # https://git.immae.eu/cgit/perso/Immae/Config/Nix.git/tree/modules/private/monitoring/plugins
169 $USER2$=@@IMMAE_PLUGINS@@
170 $USER200$=https://status.immae.eu/
171 $USER201$=@@TOKEN@@
172 '';
173 };
174 };
175 };
176
177 security.sudo.extraRules = let
178 pluginsSudo = lib.lists.remove null (lib.attrsets.mapAttrsToList (k: v:
179 if (v ? sudo)
180 then ({ users = [ "naemon" ]; } // (v.sudo myplugins))
181 else null) mypluginsConfig);
182 in [
183 {
184 commands = [
185 { command = "${pkgs.mdadm}/bin/mdadm --monitor --scan -1"; options = [ "NOPASSWD" ]; }
186 { command = "${pkgs.postfix}/bin/mailq"; options = [ "NOPASSWD" ]; }
187 ];
188 users = [ "naemon" ];
189 runAs = "root";
190 }
191 ] ++ pluginsSudo;
192 environment.etc."mdadm.conf" = {
193 enable = true;
194 mode = "0644";
195 user = "root";
196 text = "MAILADDR ${config.myEnv.monitoring.email}";
197 };
198
199 secrets.keys = {
200 "naemon/id_rsa" = {
201 user = "naemon";
202 group = "naemon";
203 permissions = "0400";
204 text = config.myEnv.monitoring.ssh_secret_key;
205 };
206 } // lib.optionalAttrs cfg.master (
207 lib.mapAttrs' (k: v: lib.nameValuePair "${k}_access_key" {
208 user = "naemon";
209 group = "naemon";
210 permissions = "0400";
211 text = ''
212 export AWS_ACCESS_KEY_ID="${v.accessKeyId}"
213 export AWS_SECRET_ACCESS_KEY="${v.secretAccessKey}"
214 export BASE_URL="${v.remote "immae-eldiron"}"
215 '';
216 }) config.myEnv.backup.remotes
217 );
218 # needed since extraResource is not in the closure
219 systemd.services.naemon.path = [ myplugins ];
220 services.naemon = {
221 enable = true;
222 extraConfig = ''
223 use_syslog=1
224 log_initial_states=1
225 date_format=iso8601
226 admin_email=${config.myEnv.monitoring.email}
227 '' + lib.optionalString (!cfg.master) ''
228 obsess_over_services=1
229 ocsp_command=notify-master
230 '' + lib.optionalString (cfg.master) ''
231 broker_module=${pkgs.naemon-livestatus}/lib/naemon-livestatus/livestatus.so ${config.services.naemon.runDir}/live
232 broker_module=${pkgs.status_engine.module}/lib/status-engine/naemon/statusengine-${pkgs.naemon.status_engine_version}.o use_service_perfdata=1 use_process_data=0 use_system_command_data=0 use_external_command_data=0 use_flapping_data=0 use_program_status_data=0 use_notification_data=0 use_contact_status_data=0 use_contact_notification_data=0 use_event_handler_data=0 use_object_data=0
233 '';
234 extraResource = let
235 resources = [hostObjects.resources or {}] ++ (lib.mapAttrsToList (k: v: v.resources or {}) mypluginsConfig);
236 joined = lib.zipAttrsWith (n: v: if builtins.length (lib.unique v) == 1 then builtins.head v else abort "Non-unique resources names") resources;
237 joinedStr = builtins.concatStringsSep "\n" (lib.mapAttrsToList (k: v: "$" + "${k}$=${v}") joined);
238 in ''
239 $USER2$=${myplugins}
240 ${joinedStr}
241 '';
242 objectDefs = toObjects commonObjects
243 + toObjects hostObjects
244 + lib.optionalString cfg.master (toObjects masterObjects)
245 + lib.optionalString cfg.master (toObjects masterPassiveObjects)
246 + lib.optionalString cfg.master (builtins.concatStringsSep "\n" (map toObjects otherObjects));
247 };
248 };
249}
diff --git a/modules/private/monitoring/myplugins.nix b/modules/private/monitoring/myplugins.nix
deleted file mode 100644
index e59ddc4..0000000
--- a/modules/private/monitoring/myplugins.nix
+++ /dev/null
@@ -1,389 +0,0 @@
1{ sudo, pkgs, lib, config }:
2let
3 cfg = config.myServices.monitoring;
4in
5{
6 notify-secondary = {
7 resources = {
8 USER200 = config.myEnv.monitoring.status_url;
9 USER201 = config.myEnv.monitoring.status_token;
10 };
11 commands = {
12 notify-master = "$USER2$/send_nrdp.sh -u \"$USER200$\" -t \"$USER201$\" -H \"$HOSTADDRESS$\" -s \"$SERVICEDESC$\" -S \"$SERVICESTATEID$\" -o \"$SERVICEOUTPUT$ | $SERVICEPERFDATA$\"";
13 };
14 chunk = ''
15 cp ${./plugins}/send_nrdp.sh $out
16 patchShebangs $out/send_nrdp.sh
17 wrapProgram $out/send_nrdp.sh --prefix PATH : ${lib.makeBinPath [
18 pkgs.curl pkgs.jq
19 ]}
20 '';
21 };
22 notify-primary = {
23 resources = {
24 USER206 = config.myEnv.monitoring.slack_channel;
25 USER207 = config.myEnv.monitoring.slack_url;
26 USER210 = config.myEnv.monitoring.eban.user;
27 USER211 = config.myEnv.monitoring.eban.password;
28 };
29 commands = {
30 # $OVE is to force naemon to run via shell instead of execve which fails here
31 notify-host-by-email = "ADMINEMAIL=\"$ADMINEMAIL$\" SERVICENOTIFICATIONID=\"$SERVICENOTIFICATIONID$\" HOSTSTATE=\"$HOSTSTATE$\" HOSTOUTPUT=\"$HOSTOUTPUT$\" $USER2$/notify_by_email host \"$NOTIFICATIONTYPE$\" \"$HOSTALIAS$\" \"$LONGDATETIME$\" \"$CONTACTEMAIL$\" $OVE";
32 # $OVE is to force naemon to run via shell instead of execve which fails here
33 notify-service-by-email = "ADMINEMAIL=\"$ADMINEMAIL$\" SERVICENOTIFICATIONID=\"$SERVICENOTIFICATIONID$\" SERVICEDESC=\"$SERVICEDESC$\" SERVICESTATE=\"$SERVICESTATE$\" SERVICEOUTPUT=\"$SERVICEOUTPUT$\" $USER2$/notify_by_email service \"$NOTIFICATIONTYPE$\" \"$HOSTALIAS$\" \"$LONGDATETIME$\" \"$CONTACTEMAIL$\" $OVE";
34 notify-by-slack = "HOST=\"$HOSTALIAS$\" SERVICESTATE=\"$SERVICESTATE$\" SERVICEDESC=\"$SERVICEDESC$\" SERVICEOUTPUT=\"$SERVICEOUTPUT$\" $USER2$/notify_by_slack \"$ARG1$\" \"$ARG2$\"";
35 notify-host-eban-url = "STATUS_NAME=\"Server\" USER=\"$USER210$\" PASSWORD=\"$USER211$\" HOSTSTATE=\"$HOSTSTATE$\" $USER2$/notify_eban_url";
36 notify-service-eban-url = "STATUS_NAME=\"$_SERVICEWEBSTATUS_NAME$\" USER=\"$USER210$\" PASSWORD=\"$USER211$\" SERVICESTATE=\"$SERVICESTATE$\" $USER2$/notify_eban_url";
37 };
38 chunk = ''
39 cp ${./plugins}/{notify_by_email,notify_by_slack,notify_eban_url} $out
40 patchShebangs $out/{notify_by_email,notify_by_slack,notify_eban_url}
41 wrapProgram $out/notify_by_email --prefix PATH : ${lib.makeBinPath [
42 pkgs.mailutils
43 ]}
44 wrapProgram $out/notify_by_slack --prefix PATH : ${lib.makeBinPath [
45 pkgs.curl pkgs.jq
46 ]}
47 wrapProgram $out/notify_eban_url --prefix PATH : ${lib.makeBinPath [
48 pkgs.curl
49 ]}
50 '';
51 };
52 bandwidth = {
53 commands = {
54 check_local_bandwidth = "$USER2$/check_bandwidth -i=$ARG1$ -w $ARG2$ -c $ARG3$";
55 };
56 chunk = ''
57 cp ${./plugins}/check_bandwidth $out/
58 patchShebangs $out/check_bandwidth
59 wrapProgram $out/check_bandwidth --prefix PATH : ${lib.makeBinPath [
60 pkgs.iproute pkgs.bc
61 ]}
62 '';
63 };
64 command = {
65 commands = {
66 check_command_match = "$USER2$/check_command -c \"$ARG1$\" -C \"$ARG2$\" $ARG3$";
67 check_command_output = "$USER2$/check_command -c \"$ARG1$\" -s 0 -o \"$ARG2$\" $ARG3$";
68 check_command_status = "$USER2$/check_command -c \"$ARG1$\" -s \"$ARG2$\" $ARG3$";
69 };
70 chunk = ''
71 cp ${./plugins}/check_command $out/
72 patchShebangs $out/check_command
73 wrapProgram $out/check_command --prefix PATH : ${config.security.wrapperDir}
74 '';
75 };
76 dns = {
77 commands = {
78 check_dns = "$USER1$/check_dns -H $ARG1$ -s $HOSTADDRESS$ $ARG2$";
79 check_external_dns = "$USER1$/check_dns -H $ARG2$ -s $ARG1$ $ARG3$";
80 };
81 };
82 emails = {
83 resources = {
84 USER203 = config.secrets.fullPaths."naemon/id_rsa";
85 };
86 commands = {
87 check_emails = "$USER2$/check_emails -H $HOSTADDRESS$ -i $USER203$ -l $ARG1$ -p $ARG2$ -s $ARG3$ -f $ARG4$";
88 check_emails_local = "$USER2$/check_emails -H $HOSTADDRESS$ -n $ARG1$ -r $ADMINEMAIL$ -s $ARG2$ -f $ARG3$";
89 };
90 chunk = let
91 send_mails = pkgs.runCommand "send_mails" {
92 buildInputs = [ pkgs.makeWrapper ];
93 } ''
94 mkdir -p $out/bin
95 cp ${./send_mails} $out/bin/send_mails
96 patchShebangs $out
97 wrapProgram $out/bin/send_mails --prefix PATH : ${lib.makeBinPath [
98 pkgs.mailutils
99 ]}
100 '';
101 in ''
102 cp ${./plugins}/check_emails $out/
103 patchShebangs $out/check_emails
104 wrapProgram $out/check_emails --prefix PATH : ${lib.makeBinPath [
105 pkgs.openssh send_mails
106 ]} --prefix PERL5LIB : ${pkgs.perlPackages.makePerlPath [
107 pkgs.perlPackages.TimeDate
108 ]}
109 '';
110 };
111 eriomem = {
112 resources = {
113 USER208 = builtins.concatStringsSep "," (map (builtins.concatStringsSep ":") config.myEnv.monitoring.eriomem_keys);
114 };
115 commands = {
116 check_backup_eriomem = "$USER2$/check_eriomem $USER208$";
117 check_backup_eriomem_age = "$USER2$/check_backup_eriomem_age $ARG1$";
118 };
119 chunk = ''
120 cp ${./plugins}/check_eriomem $out/
121 patchShebangs $out/check_eriomem
122 wrapProgram $out/check_eriomem --prefix PATH : ${lib.makeBinPath [
123 pkgs.s3cmd pkgs.python3
124 ]}
125 cp ${./plugins}/check_backup_age $out/check_backup_eriomem_age
126 patchShebangs $out/check_backup_eriomem_age
127 wrapProgram $out/check_backup_eriomem_age --prefix PATH : ${lib.makeBinPath [
128 pkgs.duplicity
129 ]} --set SECRETS_PATH ${lib.optionalString cfg.master config.secrets.fullPaths."eriomem_access_key"}
130 '';
131 };
132 file_date = {
133 commands = {
134 check_last_file_date = "${sudo} -u \"$ARG3$\" $USER2$/check_last_file_date \"$ARG1$\" \"$ARG2$\"";
135 };
136 chunk = ''
137 cp ${./plugins}/check_last_file_date $out/
138 patchShebangs $out/check_last_file_date
139 '';
140 sudo = myplugins: {
141 commands = [
142 { command = "${myplugins}/check_last_file_date /backup2/*"; options = [ "NOPASSWD" ]; }
143 ];
144 runAs = "ALL";
145 };
146 };
147 ftp = {
148 commands = {
149 check_ftp_database = "$USER2$/check_ftp_database";
150 };
151 chunk = ''
152 cp ${./plugins}/check_ftp_database $out/
153 patchShebangs $out/check_ftp_database
154 wrapProgram $out/check_ftp_database --prefix PATH : ${lib.makeBinPath [
155 pkgs.lftp
156 ]}
157 '';
158 };
159 git = {
160 resources = {
161 USER203 = config.secrets.fullPaths."naemon/id_rsa";
162 };
163 commands = {
164 check_git = "$USER2$/check_git $USER203$";
165 };
166 chunk = ''
167 cp ${./plugins}/check_git $out/
168 patchShebangs $out/check_git
169 wrapProgram $out/check_git --prefix PATH : ${lib.makeBinPath [
170 pkgs.git pkgs.openssh
171 ]}
172 '';
173 };
174 http = {
175 resources = {
176 USER202 = config.myEnv.monitoring.http_user_password;
177 };
178 commands = {
179 check_http = "$USER1$/check_http --sni -f stickyport -H \"$ARG1$\" -u \"$ARG2$\" -r \"$ARG3$\"";
180 check_https = "$USER1$/check_http --sni --ssl -f stickyport -H \"$ARG1$\" -u \"$ARG2$\" -r \"$ARG3$\"";
181 check_https_auth = "$USER1$/check_http --sni --ssl -a \"$USER202$\" -f stickyport -H \"$ARG1$\" -u \"$ARG2$\" -r \"$ARG3$\"";
182 check_https_certificate = "$USER1$/check_http --sni --ssl -H \"$ARG1$\" -C 21,15";
183 check_https_code = "$USER1$/check_http --sni --ssl -f stickyport -H \"$ARG1$\" -u \"$ARG2$\" -e \"$ARG3$\" -r \"$ARG4$\"";
184 };
185 };
186 imap = {
187 resources = {
188 USER204 = config.myEnv.monitoring.imap_login;
189 USER205 = config.myEnv.monitoring.imap_password;
190 };
191 commands = {
192 check_imap_connection = "$USER2$/check_imap_connection -u \"$USER204$\" -p \"$USER205$\" -H \"imap.immae.eu:143\"";
193 };
194 chunk = ''
195 cp ${./plugins}/check_imap_connection $out/
196 patchShebangs $out/check_imap_connection
197 wrapProgram $out/check_imap_connection --prefix PATH : ${lib.makeBinPath [
198 pkgs.openssl
199 ]}
200 '';
201 };
202 megaraid = let
203 megacli = pkgs.megacli.overrideAttrs(old: { meta = old.meta // { license = null; }; });
204 in {
205 commands = {
206 check_megaraid = "$USER2$/check_megaraid_sas --sudo";
207 };
208 chunk = let
209 megaCliPlugin = pkgs.runCommand "megaCliPlugin" {
210 plugin = pkgs.fetchurl {
211 name = "check_megaraid_sas";
212 url = "https://exchange.nagios.org/components/com_mtree/attachment.php?link_id=6381&cf_id=24";
213 sha256 = "0yf60p4c0hb4q3fng9fc14qc89bqm0f1sijayzygadaqcl44jx4p";
214 };
215 } ''
216 mkdir $out
217 cp $plugin $out/check_megaraid_sas
218 chmod +x $out/check_megaraid_sas
219 patchShebangs $out
220 substituteInPlace $out/check_megaraid_sas --replace /usr/sbin/MegaCli ${megacli}/bin/MegaCli64
221 substituteInPlace $out/check_megaraid_sas --replace 'sudo $megacli' '${sudo} $megacli'
222 sed -i -e "s/use utils qw(%ERRORS);/my %ERRORS = ('OK' => 0, 'WARNING' => 1, 'CRITICAL' => 2, 'UNKNOWN' => 3);/" $out/check_megaraid_sas
223 '';
224 in ''
225 cp ${megaCliPlugin}/check_megaraid_sas $out/
226 patchShebangs $out/check_megaraid_sas
227 '';
228 sudo = _: {
229 commands = [
230 { command = "${megacli}/bin/MegaCli64"; options = [ "NOPASSWD" ]; }
231 ];
232 runAs = "root";
233 };
234 };
235 memory = {
236 commands = {
237 check_memory = "$USER2$/check_mem.sh -w $ARG1$ -c $ARG2$";
238 };
239 chunk = ''
240 cp ${./plugins}/check_mem.sh $out/
241 patchShebangs $out/check_mem.sh
242 wrapProgram $out/check_mem.sh --prefix PATH : ${lib.makeBinPath [
243 pkgs.gnugrep pkgs.gawk pkgs.procps-ng
244 ]}
245 '';
246 };
247 mysql = {
248 commands = {
249 check_mysql_replication = "${sudo} -u mysql $USER2$/check_mysql_replication \"$ARG1$\" \"$ARG2$\"";
250 };
251 chunk = ''
252 cp ${./plugins}/check_mysql_replication $out/
253 patchShebangs $out/check_mysql_replication
254 wrapProgram $out/check_mysql_replication --prefix PATH : ${lib.makeBinPath [
255 pkgs.gnugrep pkgs.gnused pkgs.coreutils pkgs.mariadb
256 ]}
257 '';
258 sudo = myplugins: {
259 commands = [
260 { command = "${myplugins}/check_mysql_replication *"; options = [ "NOPASSWD" ]; }
261 ];
262 runAs = "mysql";
263 };
264 };
265 openldap = {
266 commands = {
267 check_openldap_replication = "${sudo} -u openldap $USER2$/check_openldap_replication \"$ARG1$\" \"$ARG2$\" \"$ARG3$\" \"$ARG4$\" \"$ARG5$\"";
268 };
269 chunk = ''
270 cp ${./plugins}/check_openldap_replication $out/
271 patchShebangs $out/check_openldap_replication
272 wrapProgram $out/check_openldap_replication --prefix PATH : ${lib.makeBinPath [
273 pkgs.gnugrep pkgs.gnused pkgs.coreutils pkgs.openldap
274 ]}
275 '';
276 sudo = myplugins: {
277 commands = [
278 { command = "${myplugins}/check_openldap_replication *"; options = [ "NOPASSWD" ]; }
279 ];
280 runAs = "openldap";
281 };
282 };
283 ovh = {
284 resources = {
285 USER209 = builtins.concatStringsSep "," [
286 config.myEnv.monitoring.ovh_sms.endpoint
287 config.myEnv.monitoring.ovh_sms.application_key
288 config.myEnv.monitoring.ovh_sms.application_secret
289 config.myEnv.monitoring.ovh_sms.consumer_key
290 config.myEnv.monitoring.ovh_sms.account
291 ];
292 };
293 commands = {
294 check_backup_ovh_age = "$USER2$/check_backup_ovh_age $ARG1$";
295 check_ovh_sms = "$USER2$/check_ovh_sms \"$USER209$\"";
296 };
297 chunk = ''
298 cp ${./plugins}/check_backup_age $out/check_backup_ovh_age
299 patchShebangs $out/check_backup_ovh_age
300 wrapProgram $out/check_backup_ovh_age --prefix PATH : ${lib.makeBinPath [
301 pkgs.duplicity
302 ]} --set SECRETS_PATH ${lib.optionalString cfg.master config.secrets.fullPaths."ovh_access_key"}
303 cp ${./plugins}/check_ovh_sms $out/
304 patchShebangs $out/check_ovh_sms
305 wrapProgram $out/check_ovh_sms --prefix PATH : ${lib.makeBinPath [
306 (pkgs.python3.withPackages (ps: [ps.ovh]))
307 ]}
308 '';
309 };
310 postgresql = {
311 commands = {
312 check_postgresql_replication = "${sudo} -u postgres $USER2$/check_postgres_replication \"$ARG1$\" \"$ARG2$\" \"$ARG3$\"";
313 check_postgresql_database_count = "$USER2$/check_postgres_database_count \"$ARG1$\" \"$ARG2$\" \"$ARG3$\"";
314 };
315 chunk = let
316 postgresqlBinary = if config.myServices.databasesReplication.postgresql.enable
317 then config.myServices.databasesReplication.postgresql.mainPackage
318 else if config.myServices.databases.enable
319 then config.myServices.databases.postgresql.package
320 else pkgs.postgresql;
321 in ''
322 cp ${./plugins}/check_postgres_replication $out/
323 patchShebangs $out/check_postgres_replication
324 wrapProgram $out/check_postgres_replication --prefix PATH : ${lib.makeBinPath [
325 postgresqlBinary
326 ]}
327 cp ${./plugins}/check_postgres_database_count $out/
328 patchShebangs $out/check_postgres_database_count
329 wrapProgram $out/check_postgres_database_count --prefix PATH : ${lib.makeBinPath [
330 postgresqlBinary
331 ]}
332 '';
333
334 sudo = myplugins: {
335 commands = [
336 { command = "${myplugins}/check_postgres_replication *"; options = [ "NOPASSWD" ]; }
337 ];
338 runAs = "postgres";
339 };
340 };
341 redis = {
342 commands = {
343 check_redis_replication = "${sudo} -u redis $USER2$/check_redis_replication \"$ARG1$\"";
344 };
345 chunk = ''
346 cp ${./plugins}/check_redis_replication $out/
347 patchShebangs $out/check_redis_replication
348 wrapProgram $out/check_redis_replication --prefix PATH : ${lib.makeBinPath [
349 pkgs.gnugrep pkgs.coreutils pkgs.redis
350 ]}
351 '';
352 sudo = myplugins: {
353 commands = [
354 { command = "${myplugins}/check_redis_replication *"; options = [ "NOPASSWD" ]; }
355 ];
356 runAs = "redis";
357 };
358 };
359 tcp = {
360 commands = {
361 check_tcp = "$USER1$/check_tcp -H $HOSTADDRESS$ -p $ARG1$ -e \"$ARG2$\" -Mcrit";
362 check_tcp_ssl = "$USER1$/check_tcp -H $HOSTADDRESS$ -p $ARG1$ -S -D 21,15";
363 };
364 };
365 zfs = {
366 commands = {
367 check_zfs = "$USER2$/check_zpool.sh -p ALL -w 80 -c 90";
368 check_zfs_snapshot = "$USER2$/check_zfs_snapshot -d $ARG1$ -c 18000 -w 14400";
369 };
370 chunk = let
371 zfsPlugin = pkgs.fetchurl {
372 url = "https://www.claudiokuenzler.com/monitoring-plugins/check_zpools.sh";
373 sha256 = "0p9ms9340in80jkds4kfspw62xnzsv5s7ni9m28kxyd0bnzkbzhf";
374 };
375 in ''
376 cp ${zfsPlugin} $out/check_zpool.sh
377 chmod +x $out/check_zpool.sh
378 patchShebangs $out/check_zpool.sh
379 wrapProgram $out/check_zpool.sh --prefix PATH : ${lib.makeBinPath [
380 pkgs.which pkgs.zfs pkgs.gawk
381 ]}
382 cp ${./plugins}/check_zfs_snapshot $out
383 patchShebangs $out/check_zfs_snapshot
384 wrapProgram $out/check_zfs_snapshot --prefix PATH : ${lib.makeBinPath [
385 pkgs.zfs pkgs.coreutils pkgs.gawk pkgs.gnugrep
386 ]}
387 '';
388 };
389}
diff --git a/modules/private/monitoring/nagios-cli.cfg b/modules/private/monitoring/nagios-cli.cfg
deleted file mode 100644
index 7bd30cb..0000000
--- a/modules/private/monitoring/nagios-cli.cfg
+++ /dev/null
@@ -1,68 +0,0 @@
1# -*- coding: utf-8; -*-
2
3[cli]
4history = /var/lib/naemon/nagios_cli_history
5
6[ui]
7color = 1
8prompt = naemon %s>
9prompt_separator = " → "
10
11[nagios]
12log = /var/log/naemon
13command_file = /run/naemon/naemon.cmd
14log_file = %(log)s/naemon.log
15object_cache_file = /var/lib/naemon/objects.cache
16status_file = /var/lib/naemon/status.dat
17
18[object]
19host.status =
20 host_name
21 current_state
22 plugin_output
23 is_flapping
24 last_check
25 last_time_down
26 last_state_change
27 check_period
28 notification_period
29 current_attempt
30 max_attempts
31service.status =
32 host_name
33 service_description
34 current_state
35 is_flapping
36 plugin_output
37 last_time_down
38 last_state_change
39 last_check
40 next_check
41 check_interval
42 check_latency
43 check_period
44 notification_period
45 current_attempt
46 max_attempts
47
48[string]
49level.ok = ↑ OK
50level.warning = ! WARNING
51level.critical = ↓ CRITICAL
52level.unknown = ↕ UNKNOWN
53
54[color]
55error = bold_red
56
57prompt = normal
58prompt.object = bold
59
60host.host_name = bold
61host.plugin_output = bold
62service.plugin_output = bold
63
64level.ok = bold_green
65level.warning = bold_yellow
66level.critical = bold_red
67level.unknown = bold_magenta
68
diff --git a/modules/private/monitoring/objects_backup-2.nix b/modules/private/monitoring/objects_backup-2.nix
deleted file mode 100644
index 28032a4..0000000
--- a/modules/private/monitoring/objects_backup-2.nix
+++ /dev/null
@@ -1,111 +0,0 @@
1{ config, pkgs, lib, hostFQDN, emailCheck, ... }:
2let
3 defaultPassiveInfo = {
4 filter = lib.attrsets.filterAttrs
5 (k: v: builtins.elem k ["service_description"] || builtins.substring 0 1 k == "_");
6 use = "external-passive-service";
7 freshness_threshold = "450";
8 retry_interval = "1";
9 servicegroups = "webstatus-resources";
10 host_name = hostFQDN;
11 };
12in
13{
14 activatedPlugins = [ "file_date" "mysql" "openldap" "redis" "emails" ];
15 service = [
16 (emailCheck "backup-2" hostFQDN // {
17 passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-email"; freshness_threshold = "1350"; };
18 })
19 {
20 passiveInfo = defaultPassiveInfo;
21 service_description = "Size on /backup2 partition";
22 use = "local-service";
23 check_command = ["check_local_disk" "10%" "5%" "/backup2"];
24 }
25 {
26 passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-backup"; };
27 service_description = "Last backup in /backup2/phare is not too old";
28 use = "local-service";
29 check_command = ["check_last_file_date" "/backup2/phare" "14" "backup"];
30 }
31 {
32 passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-backup"; };
33 service_description = "Last backup in /backup2/dilion is not too old";
34 use = "local-service";
35 check_command = ["check_last_file_date" "/backup2/dilion" "14" "backup"];
36 }
37 {
38 passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-backup"; };
39 service_description = "Last backup in /backup2/ulminfo is not too old";
40 use = "local-service";
41 check_command = ["check_last_file_date" "/backup2/ulminfo" "14" "backup"];
42 }
43 {
44 passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-databases,webstatus-backup"; };
45 service_description = "Last postgresql dump in /backup2/eldiron/postgresql_backup is not too old";
46 use = "local-service";
47 check_command = ["check_last_file_date" "/backup2/eldiron/postgresql_backup" "7" "postgres"];
48 }
49 {
50 passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-databases"; };
51 service_description = "Redis replication for eldiron is up to date";
52 use = "local-service";
53 check_command = ["check_redis_replication" "/run/redis_eldiron/redis.sock"];
54 }
55 {
56 passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-databases,webstatus-backup"; };
57 service_description = "Last redis dump in /backup2/eldiron/redis_backup is not too old";
58 use = "local-service";
59 check_command = ["check_last_file_date" "/backup2/eldiron/redis_backup" "7" "redis"];
60 }
61 {
62 passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-databases"; };
63 service_description = "Mysql replication for eldiron is up to date";
64 use = "local-service";
65 check_command = ["check_mysql_replication" "/run/mysqld_eldiron/mysqld.sock" config.secrets.fullPaths."mysql_replication/eldiron/client"];
66 }
67 {
68 passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-databases,webstatus-backup"; };
69 service_description = "Last mysql dump in /backup2/eldiron/mysql_backup is not too old";
70 use = "local-service";
71 check_command = ["check_last_file_date" "/backup2/eldiron/mysql_backup" "7" "mysql"];
72 }
73 {
74 passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-databases"; };
75 service_description = "Openldap replication for eldiron is up to date";
76 use = "local-service";
77 check_command = let
78 name = "eldiron";
79 hcfg = config.myServices.databasesReplication.openldap.hosts.eldiron;
80 base = config.myServices.databasesReplication.openldap.base;
81 eldiron_schemas = pkgs.callPackage ../databases/openldap/eldiron_schemas.nix {};
82 ldapConfig = pkgs.writeText "slapd.conf" ''
83 include ${pkgs.openldap}/etc/schema/core.schema
84 include ${pkgs.openldap}/etc/schema/cosine.schema
85 include ${pkgs.openldap}/etc/schema/inetorgperson.schema
86 include ${pkgs.openldap}/etc/schema/nis.schema
87 ${eldiron_schemas}
88 moduleload back_hdb
89 backend hdb
90 database hdb
91
92 suffix "${hcfg.base}"
93 directory ${base}/${name}/openldap
94 '';
95 in [
96 "check_openldap_replication"
97 hcfg.url
98 hcfg.dn
99 config.secrets.fullPaths."openldap_replication/eldiron/replication_password"
100 hcfg.base
101 ldapConfig
102 ];
103 }
104 {
105 passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-databases,webstatus-backup"; };
106 service_description = "Last openldap dump in /backup2/eldiron/openldap_backup is not too old";
107 use = "local-service";
108 check_command = ["check_last_file_date" "/backup2/eldiron/openldap_backup" "7" "openldap"];
109 }
110 ];
111}
diff --git a/modules/private/monitoring/objects_common.nix b/modules/private/monitoring/objects_common.nix
deleted file mode 100644
index 7c9f642..0000000
--- a/modules/private/monitoring/objects_common.nix
+++ /dev/null
@@ -1,253 +0,0 @@
1{ hostFQDN
2, hostName
3, interface ? "eth0"
4, processWarn ? "250"
5, processAlert ? "400"
6, loadWarn ? "0.9"
7, load5Warn ? loadWarn
8, load15Warn ? load5Warn
9, loadAlert ? "1.0"
10, load5Alert ? loadAlert
11, load15Alert ? load5Alert
12, mdadm
13, master
14, lib
15, mypluginsConfig
16, ...
17}:
18let
19 defaultPassiveInfo = {
20 filter = lib.attrsets.filterAttrs
21 (k: v: builtins.elem k ["service_description"] || builtins.substring 0 1 k == "_");
22 use = "external-passive-service";
23 freshness_threshold = "450";
24 retry_interval = "1";
25 servicegroups = "webstatus-resources";
26 host_name = hostFQDN;
27 };
28in
29{
30 host = {
31 "${hostFQDN}" = {
32 alias = hostFQDN;
33 address = hostFQDN;
34 use = "linux-server";
35 hostgroups = "webstatus-hosts";
36 _webstatus_name = hostName;
37 _webstatus_vhost = "status.immae.eu";
38 };
39 };
40 service = [
41 {
42 passiveInfo = defaultPassiveInfo;
43 service_description = "Size on root partition";
44 use = "local-service";
45 check_command = ["check_local_disk" "20%" "10%" "/"];
46 }
47 {
48 passiveInfo = defaultPassiveInfo;
49 service_description = "Total number of process";
50 use = "local-service";
51 check_command = [
52 "check_local_procs"
53 processWarn
54 processAlert
55 "RSZDT"
56 ];
57 }
58 {
59 passiveInfo = defaultPassiveInfo;
60 service_description = "Network bandwidth";
61 use = "local-service";
62 check_interval = "2";
63 max_check_attempts = "20";
64 retry_interval = "2";
65 check_command = [
66 "check_local_bandwidth"
67 interface
68 "20480" # kb/s
69 "51200" # kb/s
70 ];
71 }
72 {
73 passiveInfo = defaultPassiveInfo;
74 service_description = "Average load";
75 use = "local-service";
76 check_command = [
77 "check_local_load"
78 "${loadWarn},${load5Warn},${load15Warn}"
79 "${loadAlert},${load5Alert},${load15Alert}"
80 ];
81 }
82 {
83 passiveInfo = defaultPassiveInfo;
84 service_description = "Swap usage";
85 use = "local-service";
86 check_command = ["check_local_swap" "20" "10"];
87 }
88 {
89 passiveInfo = defaultPassiveInfo;
90 service_description = "Memory usage";
91 use = "local-service";
92 check_command = ["check_memory" "80" "90"];
93 }
94 {
95 passiveInfo = defaultPassiveInfo;
96 service_description = "NTP is activated and working";
97 use = "local-service";
98 check_command = ["check_ntp"];
99 }
100 {
101 passiveInfo = defaultPassiveInfo;
102 service_description = "No mdadm array is degraded";
103 use = "local-service";
104 check_command = [
105 "check_command_output"
106 "${mdadm}/bin/mdadm --monitor --scan -1"
107 "^$"
108 "-s 0 -r root"
109 ];
110 }
111 ];
112 command = lib.foldr (v: o: o // (v.commands or {})) {} (builtins.attrValues mypluginsConfig) // {
113 check_local_disk = "$USER1$/check_disk -w $ARG1$ -c $ARG2$ -p $ARG3$";
114 check_local_procs = "$USER1$/check_procs -w $ARG1$ -c $ARG2$ -s $ARG3$";
115 check_local_load = "$USER1$/check_load -r -w $ARG1$ -c $ARG2$";
116 check_local_swap = "$USER1$/check_swap -n ok -w $ARG1$ -c $ARG2$";
117 check_ntp = "$USER1$/check_ntp_time -t 30 -q -H 0.arch.pool.ntp.org";
118 check_mailq = "$USER1$/check_mailq -s -w 1 -c 2";
119 check_smtp = "$USER1$/check_smtp -H $HOSTADDRESS$ -p 25 -S -D 21,15";
120
121 check_host_alive = "$USER1$/check_ping -H $HOSTADDRESS$ -w 3000.0,80% -c 5000.0,100% -p 5";
122 check_ok = "$USER1$/check_dummy 0 \"Dummy OK\"";
123 check_critical = "$USER1$/check_dummy 2 \"Dummy CRITICAL\"";
124 };
125 timeperiod = {
126 "24x7" = {
127 alias = "24 Hours A Day, 7 Days A Week";
128 monday = "00:00-24:00";
129 tuesday = "00:00-24:00";
130 wednesday = "00:00-24:00";
131 thursday = "00:00-24:00";
132 friday = "00:00-24:00";
133 saturday = "00:00-24:00";
134 sunday = "00:00-24:00";
135 };
136 };
137 servicegroup = {
138 webstatus-webapps = { alias = "Web applications"; };
139 webstatus-websites = { alias = "Personal websites"; };
140 webstatus-ssl = { alias = "SSL certificates"; };
141 webstatus-dns = { alias = "DNS resolution"; };
142 webstatus-remote-services = { alias = "Other remote services"; };
143 webstatus-local-services = { alias = "Other local services"; };
144 webstatus-email = { alias = "E-mail services"; };
145 webstatus-resources = { alias = "Local resources"; };
146 webstatus-databases = { alias = "Databases resources"; };
147 webstatus-backup = { alias = "Backup resources"; };
148 };
149 hostgroup = {
150 webstatus-hosts = { alias = "Hosts"; };
151 };
152 contactgroup = {
153 admins = { alias = "Naemon Administrators"; };
154 };
155 templates = {
156 service = {
157 generic-service = {
158 active_checks_enabled = "1";
159 check_freshness = "0";
160 check_interval = "10";
161 check_period = "24x7";
162 contact_groups = "admins";
163 event_handler_enabled = "1";
164 flap_detection_enabled = "1";
165 is_volatile = "0";
166 max_check_attempts = "3";
167 notification_interval = "60";
168 notification_options = "w,u,c,r,f,s";
169 notification_period = "24x7";
170 notifications_enabled = if master then "1" else "0";
171 obsess_over_service = "1";
172 passive_checks_enabled = "1";
173 process_perf_data = "1";
174 retain_nonstatus_information = "1";
175 retain_status_information = "1";
176 retry_interval = "2";
177 _webstatus_namespace = "immae";
178 };
179 local-service = {
180 use = "generic-service";
181 host_name = hostFQDN;
182 check_interval = "5";
183 max_check_attempts = "4";
184 retry_interval = "1";
185 servicegroups = "webstatus-resources";
186 };
187 external-service = {
188 use = "generic-service";
189 check_interval = "5";
190 max_check_attempts = "4";
191 retry_interval = "1";
192 };
193 web-service = {
194 use = "generic-service";
195 check_interval = "20";
196 max_check_attempts = "2";
197 retry_interval = "1";
198 };
199 external-web-service = {
200 use = "generic-service";
201 check_interval = "20";
202 max_check_attempts = "2";
203 retry_interval = "1";
204 };
205 mail-service = {
206 use = "generic-service";
207 check_interval = "15";
208 max_check_attempts = "1";
209 retry_interval = "1";
210 };
211 dns-service = {
212 use = "generic-service";
213 check_interval = "120";
214 notification_interval = "120";
215 max_check_attempts = "5";
216 retry_interval = "5";
217 };
218 };
219 # No contact, we go through master
220 contact = {
221 generic-contact = {
222 host_notification_commands = "notify-host-by-email";
223 host_notification_options = "d,u,r,f,s";
224 host_notification_period = "24x7";
225 service_notification_commands = "notify-service-by-email";
226 service_notification_options = "w,u,c,r,f,s";
227 service_notification_period = "24x7";
228 };
229 };
230 host = {
231 generic-host = {
232 event_handler_enabled = "1";
233 flap_detection_enabled = "1";
234 notification_period = "24x7";
235 notifications_enabled = "1";
236 process_perf_data = "1";
237 retain_nonstatus_information = "1";
238 retain_status_information = "1";
239 };
240 linux-server = {
241 check_command = "check_host_alive";
242 check_interval = "5";
243 check_period = "24x7";
244 contact_groups = "admins";
245 max_check_attempts = "10";
246 notification_interval = "120";
247 notification_options = "d,u,r,f";
248 retry_interval = "1";
249 _webstatus_namespace = "immae";
250 };
251 };
252 };
253}
diff --git a/modules/private/monitoring/objects_dilion.nix b/modules/private/monitoring/objects_dilion.nix
deleted file mode 100644
index 16b3c64..0000000
--- a/modules/private/monitoring/objects_dilion.nix
+++ /dev/null
@@ -1,32 +0,0 @@
1{ lib, hostFQDN, emailCheck, ... }:
2let
3 defaultPassiveInfo = {
4 filter = lib.attrsets.filterAttrs
5 (k: v: builtins.elem k ["service_description"] || builtins.substring 0 1 k == "_");
6 use = "external-passive-service";
7 freshness_threshold = "450";
8 retry_interval = "1";
9 servicegroups = "webstatus-resources";
10 host_name = hostFQDN;
11 };
12 zfs_snapshot = name: {
13 passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-resources"; };
14 service_description = "ZFS snapshot ${name} happened not too long ago";
15 use = "local-service";
16 check_command = ["check_zfs_snapshot" name];
17 };
18in
19{
20 activatedPlugins = [ "zfs" ];
21 service = [
22 {
23 passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-resources"; };
24 service_description = "No ZFS pool is degraded";
25 use = "local-service";
26 check_command = ["check_zfs"];
27 }
28 (zfs_snapshot "zpool/backup/eldiron/zpool/root")
29 (zfs_snapshot "zpool/backup/eldiron/zpool/root/etc")
30 (zfs_snapshot "zpool/backup/eldiron/zpool/root/var")
31 ];
32}
diff --git a/modules/private/monitoring/objects_eban.nix b/modules/private/monitoring/objects_eban.nix
deleted file mode 100644
index df54f6a..0000000
--- a/modules/private/monitoring/objects_eban.nix
+++ /dev/null
@@ -1,70 +0,0 @@
1{ ... }:
2let
3 serviceTemplate = rest: {
4 host_name = "eban.bzh";
5 use = "external-web-service";
6 contacts = "eban";
7 contact_groups = "null";
8 check_interval = "15";
9
10 servicegroups = "webstatus-resources";
11 _webstatus_namespace = "eban";
12 } // rest;
13in
14{
15 activatedPlugins = [ "http" ];
16 contact = {
17 eban = {
18 use = "generic-contact";
19 host_notification_commands = "notify-host-eban-url";
20 service_notification_commands = "notify-service-eban-url";
21 };
22 };
23 host = {
24 "eban.bzh" = {
25 alias = "eban.bzh";
26 address = "eban.bzh";
27 use = "linux-server";
28 hostgroups = "webstatus-hosts";
29 contacts = "eban";
30 contact_groups = "null";
31 _webstatus_name = "Eban";
32 _webstatus_vhost = "status.eban.bzh";
33 _webstatus_namespace = "eban";
34 };
35 };
36 service = [
37 (serviceTemplate {
38 service_description = "Eban website is up and running";
39 check_command = ["check_https" "eban.bzh" "/" "<title>"];
40 _webstatus_name = "Main Website";
41 _webstatus_url = "https://eban.bzh/";
42 })
43 (serviceTemplate {
44 service_description = "Eban blog is up and running";
45 check_command = ["check_https" "blog.eban.bzh" "/" "<title>"];
46 _webstatus_name = "Blog";
47 _webstatus_url = "https://blog.eban.bzh/";
48 })
49 (serviceTemplate {
50 service_description = "Eban gitea is up and running";
51 check_command = ["check_https" "git.eban.bzh" "/" "<title>"];
52 _webstatus_name = "Git";
53 _webstatus_url = "https://git.eban.bzh/";
54 })
55 (serviceTemplate {
56 service_description = "I Learned website is up and running";
57 check_command = [ "check_https" "ilearned.eu.org" "/" "<title" ];
58
59 _webstatus_name = "I Learned website";
60 _webstatus_url = "https://ilearned.eu.org/";
61 })
62 (serviceTemplate {
63 service_description = "I Learned gitea is up and running";
64 check_command = [ "check_https" "git.ilearned.eu.org" "/" "<title" ];
65
66 _webstatus_name = "I Learned Git";
67 _webstatus_url = "https://git.ilearned.eu.org/";
68 })
69 ];
70}
diff --git a/modules/private/monitoring/objects_eldiron.nix b/modules/private/monitoring/objects_eldiron.nix
deleted file mode 100644
index 75e7b0e..0000000
--- a/modules/private/monitoring/objects_eldiron.nix
+++ /dev/null
@@ -1,38 +0,0 @@
1{ lib, hostFQDN, emailCheck, ... }:
2let
3 defaultPassiveInfo = {
4 filter = lib.attrsets.filterAttrs
5 (k: v: builtins.elem k ["service_description"] || builtins.substring 0 1 k == "_");
6 use = "external-passive-service";
7 freshness_threshold = "450";
8 retry_interval = "1";
9 servicegroups = "webstatus-resources";
10 host_name = hostFQDN;
11 };
12in
13{
14 activatedPlugins = [ "emails" "postgresql" "zfs" ];
15 service = [
16 {
17 passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-databases"; };
18 service_description = "Postgresql replication for backup-2 is up to date";
19 use = "local-service";
20 check_command = ["check_postgresql_replication" "backup-2" "/run/postgresql" "5432"];
21 }
22 {
23 passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-resources"; };
24 service_description = "No ZFS pool is degraded";
25 use = "local-service";
26 check_command = ["check_zfs"];
27 }
28 {
29 passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-email"; };
30 service_description = "mailq is empty";
31 use = "local-service";
32 check_command = ["check_mailq"];
33 }
34 (emailCheck "eldiron" hostFQDN // {
35 passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-email"; freshness_threshold = "1350"; };
36 })
37 ];
38}
diff --git a/modules/private/monitoring/objects_master.nix b/modules/private/monitoring/objects_master.nix
deleted file mode 100644
index 30bfe73..0000000
--- a/modules/private/monitoring/objects_master.nix
+++ /dev/null
@@ -1,39 +0,0 @@
1{ config, ... }:
2{
3 contact = {
4 immae = config.myEnv.monitoring.contacts.immae // {
5 use = "generic-contact";
6 contactgroups = "admins";
7 host_notification_commands = "notify-host-by-email,notify-by-slack!$USER206$!$USER207$";
8 service_notification_commands = "notify-service-by-email,notify-by-slack!$USER206$!$USER207$";
9 };
10 };
11 command = {
12 check_passive = "$USER1$/check_dummy 3 \"Service result are stale\"";
13 };
14 templates = {
15 service = {
16 external-passive-service = {
17 active_checks_enabled = "0";
18 check_freshness = "1";
19 check_period = "24x7";
20 contact_groups = "admins";
21 event_handler_enabled = "1";
22 flap_detection_enabled = "1";
23 is_volatile = "0";
24 max_check_attempts = "3";
25 notification_interval = "60";
26 notification_options = "w,u,c,r,f,s";
27 notification_period = "24x7";
28 notifications_enabled = "1";
29 passive_checks_enabled = "1";
30 process_perf_data = "1";
31 retain_nonstatus_information = "1";
32 retain_status_information = "1";
33 retry_interval = "2";
34 check_command = "check_passive";
35 _webstatus_namespace = "immae";
36 };
37 };
38 };
39}
diff --git a/modules/private/monitoring/objects_monitoring-1.nix b/modules/private/monitoring/objects_monitoring-1.nix
deleted file mode 100644
index 563be16..0000000
--- a/modules/private/monitoring/objects_monitoring-1.nix
+++ /dev/null
@@ -1,714 +0,0 @@
1{ config, pkgs, nodes, hostFQDN, emailCheck, lib, ... }:
2{
3 activatedPlugins = [ "dns" "ftp" "git" "http" "imap" "ovh" "tcp" ];
4 host = {
5 # Dummy host for testing
6 # "dummy-host" = {
7 # alias = "dummy.host";
8 # address = "dummy.host";
9 # use = "linux-server";
10 # check_command = "check_ok";
11 # };
12 };
13 service = [
14 # Dummy service for testing
15 # {
16 # service_description = "Dummy failing test";
17 # host_name = "dummy-host";
18 # use = "local-service";
19 # check_interval = "0.3";
20 # max_check_attempts = "1";
21 # flap_detection_enabled = "0";
22 # notification_interval = "0.1";
23 # check_command = "check_critical";
24 # }
25
26 (emailCheck "monitoring-1" hostFQDN)
27
28 {
29 service_description = "ftp has access to database for authentication";
30 host_name = "eldiron.immae.eu";
31 use = "external-service";
32 check_command = "check_ftp_database";
33
34 servicegroups = "webstatus-remote-services";
35 _webstatus_name = "FTP";
36 _webstatus_url = "ftp.immae.eu";
37 }
38
39 {
40 service_description = "gitolite is working";
41 host_name = "eldiron.immae.eu";
42 use = "external-web-service";
43 check_command = "check_git";
44
45 servicegroups = "webstatus-remote-services";
46 _webstatus_name = "Git";
47 _webstatus_url = "git.immae.eu";
48 }
49
50 {
51 service_description = "postfix SSL is up to date";
52 host_name = "eldiron.immae.eu";
53 use = "external-service";
54 check_command = "check_smtp";
55
56 servicegroups = "webstatus-ssl";
57 _webstatus_name = "SMTP";
58 _webstatus_url = "smtp.immae.eu";
59 }
60
61 {
62 service_description = "imap SSL is up to date";
63 host_name = "eldiron.immae.eu";
64 use = "external-service";
65 check_command = ["check_tcp_ssl" "993"];
66
67 servicegroups = "webstatus-ssl";
68 _webstatus_name = "IMAP";
69 _webstatus_url = "imap.immae.eu";
70 }
71
72 {
73 service_description = "imap connection works";
74 host_name = "eldiron.immae.eu";
75 use = "external-service";
76 check_command = "check_imap_connection";
77
78 servicegroups = "webstatus-remote-services,webstatus-email";
79 _webstatus_name = "IMAP";
80 _webstatus_url = "imap.immae.eu";
81 }
82
83 # Third party services
84 {
85 service_description = "OVH account has enough sms";
86 host_name = "eldiron.immae.eu";
87 use = "external-service";
88 check_command = "check_ovh_sms";
89
90 check_interval = "120";
91 notification_interval = "1440";
92 }
93
94 # Backup services
95 # {
96 # service_description = "eriomem backup is up and not full";
97 # host_name = "eldiron.immae.eu";
98 # use = "external-service";
99 # check_command = "check_backup_eriomem";
100
101 # check_interval = "120";
102 # notification_interval = "1440";
103
104 # servicegroups = "webstatus-backup";
105 # }
106 {
107 service_description = "ovh backup is up and not full";
108 host_name = "eldiron.immae.eu";
109 use = "external-service";
110 check_command = "check_ok";
111
112 check_interval = "120";
113 notification_interval = "1440";
114
115 servicegroups = "webstatus-backup";
116 }
117
118 # DNS services
119 {
120 service_description = "eldiron dns is active and authoritative for aten.pro";
121 host_name = "eldiron.immae.eu";
122 use = "dns-service";
123 check_command = ["check_dns" "aten.pro" "-A"];
124
125 servicegroups = "webstatus-dns";
126 _webstatus_name = "aten.pro";
127 }
128
129 {
130 service_description = "eldiron dns is active and authoritative for bouya.org";
131 host_name = "eldiron.immae.eu";
132 use = "dns-service";
133 check_command = ["check_dns" "bouya.org" "-A"];
134
135 servicegroups = "webstatus-dns";
136 _webstatus_name = "bouya.org";
137 }
138
139 {
140 service_description = "eldiron dns is active and authoritative for filedesreves.fr";
141 host_name = "eldiron.immae.eu";
142 use = "dns-service";
143 check_command = ["check_dns" "filedesreves.fr" "-A"];
144
145 servicegroups = "webstatus-dns";
146 _webstatus_name = "filedesreves.fr";
147 }
148
149 {
150 service_description = "eldiron dns is active and authoritative for ludivinecassal.com";
151 host_name = "eldiron.immae.eu";
152 use = "dns-service";
153 check_command = ["check_dns" "ludivinecassal.com" "-A"];
154
155 servicegroups = "webstatus-dns";
156 _webstatus_name = "ludivinecassal.com";
157 }
158
159 {
160 service_description = "eldiron dns is active and authoritative for icommandeur.org";
161 host_name = "eldiron.immae.eu";
162 use = "dns-service";
163 check_command = ["check_dns" "icommandeur.org" "-A"];
164
165 servicegroups = "webstatus-dns";
166 _webstatus_name = "icommandeur.org";
167 }
168
169 {
170 service_description = "eldiron dns is active and authoritative for immae.eu";
171 host_name = "eldiron.immae.eu";
172 use = "dns-service";
173 check_command = ["check_dns" "immae.eu" "-A"];
174
175 servicegroups = "webstatus-dns";
176 _webstatus_name = "immae.eu";
177 }
178
179 {
180 service_description = "eldiron dns is active and authoritative for immae.fr";
181 host_name = "eldiron.immae.eu";
182 use = "dns-service";
183 check_command = ["check_dns" "immae.fr" "-A"];
184
185 servicegroups = "webstatus-dns";
186 _webstatus_name = "immae.fr";
187 }
188
189 {
190 service_description = "eldiron dns is active and authoritative for piedsjaloux.fr";
191 host_name = "eldiron.immae.eu";
192 use = "dns-service";
193 check_command = ["check_dns" "piedsjaloux.fr" "-A"];
194
195 servicegroups = "webstatus-dns";
196 _webstatus_name = "piedsjaloux.fr";
197 }
198
199 {
200 service_description = "eldiron dns is active and authoritative for saison-photo.org";
201 host_name = "eldiron.immae.eu";
202 use = "dns-service";
203 check_command = ["check_dns" "saison-photo.org" "-A"];
204
205 servicegroups = "webstatus-dns";
206 _webstatus_name = "saison-photo.org";
207 }
208
209 {
210 service_description = "eldiron dns is active and authoritative for tellesflorian.com";
211 host_name = "eldiron.immae.eu";
212 use = "dns-service";
213 check_command = ["check_dns" "tellesflorian.com" "-A"];
214
215 servicegroups = "webstatus-dns";
216 _webstatus_name = "tellesflorian.com";
217 }
218
219 {
220 service_description = "eldiron dns is active and authoritative for capitaines.fr";
221 host_name = "eldiron.immae.eu";
222 use = "dns-service";
223 check_command = ["check_dns" "capitaines.fr" "-A"];
224
225 servicegroups = "webstatus-dns";
226 _webstatus_name = "capitaines.fr";
227 }
228
229 {
230 service_description = "cloudns dns is active and authoritative for aten.pro";
231 host_name = "eldiron.immae.eu";
232 use = "dns-service";
233 check_command = ["check_external_dns" "pns1.cloudns.net" "aten.pro" "-A"];
234
235 servicegroups = "webstatus-dns";
236 _webstatus_name = "aten.pro (Secondary DNS ClouDNS)";
237 }
238
239 {
240 service_description = "cloudns dns is active and authoritative for bouya.org";
241 host_name = "eldiron.immae.eu";
242 use = "dns-service";
243 check_command = ["check_external_dns" "pns1.cloudns.net" "bouya.org" "-A"];
244
245 servicegroups = "webstatus-dns";
246 _webstatus_name = "bouya.org (Secondary DNS ClouDNS)";
247 }
248
249 {
250 service_description = "cloudns dns is active and authoritative for filedesreves.fr";
251 host_name = "eldiron.immae.eu";
252 use = "dns-service";
253 check_command = ["check_external_dns" "pns1.cloudns.net" "filedesreves.fr" "-A"];
254
255 servicegroups = "webstatus-dns";
256 _webstatus_name = "filedesreves.fr (Secondary DNS ClouDNS)";
257 }
258
259 {
260 service_description = "cloudns dns is active and authoritative for ludivinecassal.com";
261 host_name = "eldiron.immae.eu";
262 use = "dns-service";
263 check_command = ["check_external_dns" "pns1.cloudns.net" "ludivinecassal.com" "-A"];
264
265 servicegroups = "webstatus-dns";
266 _webstatus_name = "ludivinecassal.com (Secondary DNS ClouDNS)";
267 }
268
269 {
270 service_description = "cloudns dns is active and authoritative for icommandeur.org";
271 host_name = "eldiron.immae.eu";
272 use = "dns-service";
273 check_command = ["check_external_dns" "pns1.cloudns.net" "icommandeur.org" "-A"];
274
275 servicegroups = "webstatus-dns";
276 _webstatus_name = "icommandeur.org (Secondary DNS ClouDNS)";
277 }
278
279 {
280 service_description = "cloudns dns is active and authoritative for immae.eu";
281 host_name = "eldiron.immae.eu";
282 use = "dns-service";
283 check_command = ["check_external_dns" "pns1.cloudns.net" "immae.eu" "-A"];
284
285 servicegroups = "webstatus-dns";
286 _webstatus_name = "immae.eu (Secondary DNS ClouDNS)";
287 }
288
289 {
290 service_description = "cloudns dns is active and authoritative for immae.fr";
291 host_name = "eldiron.immae.eu";
292 use = "dns-service";
293 check_command = ["check_external_dns" "pns1.cloudns.net" "immae.fr" "-A"];
294
295 servicegroups = "webstatus-dns";
296 _webstatus_name = "immae.fr (Secondary DNS ClouDNS)";
297 }
298
299 {
300 service_description = "cloudns dns is active and authoritative for piedsjaloux.fr";
301 host_name = "eldiron.immae.eu";
302 use = "dns-service";
303 check_command = ["check_external_dns" "pns1.cloudns.net" "piedsjaloux.fr" "-A"];
304
305 servicegroups = "webstatus-dns";
306 _webstatus_name = "piedsjaloux.fr (Secondary DNS ClouDNS)";
307 }
308
309 {
310 service_description = "cloudns dns is active and authoritative for tellesflorian.com";
311 host_name = "eldiron.immae.eu";
312 use = "dns-service";
313 check_command = ["check_external_dns" "pns1.cloudns.net" "tellesflorian.com" "-A"];
314
315 servicegroups = "webstatus-dns";
316 _webstatus_name = "tellesflorian.com (Secondary DNS ClouDNS)";
317 }
318
319 {
320 service_description = "cloudns dns is active and authoritative for saison-photo.org";
321 host_name = "eldiron.immae.eu";
322 use = "dns-service";
323 check_command = ["check_external_dns" "pns1.cloudns.net" "saison-photo.org" "-A"];
324
325 servicegroups = "webstatus-dns";
326 _webstatus_name = "saison-photo.org (Secondary DNS ClouDNS)";
327 }
328
329 #### Web scenarios
330 {
331 service_description = "blog website is running on immae.eu";
332 host_name = "eldiron.immae.eu";
333 use = "external-web-service";
334 check_command = ["check_https" "www.immae.eu" "/blog/" "egrep -ri TODO /etc"];
335
336 servicegroups = "webstatus-websites";
337 _webstatus_name = "Immae’s Blog";
338 _webstatus_url = "https://www.immae.eu/blog";
339 }
340
341 {
342 service_description = "owncloud website is running on cloud.immae.eu";
343 host_name = "eldiron.immae.eu";
344 use = "external-web-service";
345 check_command = ["check_https" "cloud.immae.eu" "/" "a safe home for all your data"];
346
347 servicegroups = "webstatus-webapps";
348 _webstatus_name = "Nextcloud";
349 _webstatus_url = "https://cloud.immae.eu";
350 }
351
352 {
353 service_description = "nextcloud website is running on nextcloud.4c.salle-s.org";
354 host_name = "quatresaisons.immae.eu";
355 use = "external-web-service";
356 check_command = ["check_https" "nextcloud.4c.salle-s.org" "/" "a safe home for all your data"];
357
358 servicegroups = "webstatus-webapps";
359 _webstatus_name = "Nextcloud";
360 _webstatus_url = "https://nextcloud.4c.salle-s.org";
361 }
362
363 {
364 service_description = "davical website is running on dav.immae.eu";
365 host_name = "eldiron.immae.eu";
366 use = "external-web-service";
367 check_command = ["check_https" "dav.immae.eu" "/davical/" "Log On Please"];
368
369 servicegroups = "webstatus-webapps";
370 _webstatus_name = "Davical";
371 _webstatus_url = "https://dav.immae.eu/davical";
372 }
373
374 {
375 service_description = "adminer website is running on tools.immae.eu";
376 host_name = "eldiron.immae.eu";
377 use = "external-web-service";
378 check_command = ["check_https_auth" "tools.immae.eu" "/adminer/" "www.adminer.org"];
379
380 servicegroups = "webstatus-webapps";
381 _webstatus_name = "Adminer";
382 _webstatus_url = "https://tools.immae.eu/adminer/";
383 }
384
385 {
386 service_description = "ttrss website is running on tools.immae.eu";
387 host_name = "eldiron.immae.eu";
388 use = "external-web-service";
389 check_command = ["check_https" "tools.immae.eu" "/ttrss/" "<title>Tiny Tiny RSS"];
390
391 servicegroups = "webstatus-webapps";
392 _webstatus_name = "TT-RSS";
393 _webstatus_url = "https://tools.immae.eu/ttrss/";
394 }
395
396 {
397 service_description = "mpd website is running on tools.immae.eu";
398 host_name = "eldiron.immae.eu";
399 use = "external-web-service";
400 check_command = ["check_https_auth" "tools.immae.eu" "/mpd/" "<title>ympd"];
401
402 servicegroups = "webstatus-webapps";
403 _webstatus_name = "MPD (YMPD)";
404 _webstatus_url = "https://tools.immae.eu/mpd/";
405 }
406
407 {
408 service_description = "rompr mpd website is running on tools.immae.eu";
409 host_name = "eldiron.immae.eu";
410 use = "external-web-service";
411 check_command = ["check_https_auth" "tools.immae.eu" "/rompr/" "<title>RompЯ"];
412
413 servicegroups = "webstatus-webapps";
414 _webstatus_name = "MPD (ROMPR)";
415 _webstatus_url = "https://tools.immae.eu/rompr/";
416 }
417
418 {
419 service_description = "wallabag website is running on tools.immae.eu";
420 host_name = "eldiron.immae.eu";
421 use = "external-web-service";
422 check_command = ["check_https" "tools.immae.eu" "/wallabag/" "<title>Bienvenue sur wallabag"];
423
424 servicegroups = "webstatus-webapps";
425 _webstatus_name = "Wallabag";
426 _webstatus_url = "https://tools.immae.eu/wallabag/";
427 }
428
429 {
430 service_description = "yourl website is running on tools.immae.eu";
431 host_name = "eldiron.immae.eu";
432 use = "external-web-service";
433 check_command = ["check_https" "tools.immae.eu" "/url/admin/" "<title>YOURLS"];
434
435 servicegroups = "webstatus-webapps";
436 _webstatus_name = "YOURLS";
437 _webstatus_url = "https://tools.immae.eu/url/admin/";
438 }
439
440 {
441 service_description = "roundcube website is running on mail.immae.eu";
442 host_name = "eldiron.immae.eu";
443 use = "external-web-service";
444 check_command = ["check_https" "mail.immae.eu" "/roundcube/" "<title>Roundcube"];
445
446 servicegroups = "webstatus-webapps,webstatus-email";
447 _webstatus_name = "Roundcube";
448 _webstatus_url = "https://mail.immae.eu/roundcube/";
449 }
450
451 {
452 service_description = "dokuwiki website is running on tools.immae.eu";
453 host_name = "eldiron.immae.eu";
454 use = "external-web-service";
455 check_command = ["check_https" "tools.immae.eu" "/dokuwiki/" "<title>start"];
456
457 servicegroups = "webstatus-webapps";
458 _webstatus_name = "Dokuwiki";
459 _webstatus_url = "https://tools.immae.eu/dokuwiki/";
460 }
461
462 {
463 service_description = "shaarli website is running on tools.immae.eu";
464 host_name = "eldiron.immae.eu";
465 use = "external-web-service";
466 check_command = ["check_https" "tools.immae.eu" "/Shaarli/immae" "<title>Immae"];
467
468 servicegroups = "webstatus-webapps";
469 _webstatus_name = "Shaarli";
470 _webstatus_url = "https://tools.immae.eu/Shaarli/";
471 }
472
473 {
474 service_description = "ldap website is running on tools.immae.eu";
475 host_name = "eldiron.immae.eu";
476 use = "external-web-service";
477 check_command = ["check_https" "tools.immae.eu" "/ldap/" "<title>phpLDAPadmin"];
478
479 servicegroups = "webstatus-webapps";
480 _webstatus_name = "LDAP";
481 _webstatus_url = "https://tools.immae.eu/ldap/";
482 }
483
484 {
485 service_description = "gitweb website is running on git.immae.eu";
486 host_name = "eldiron.immae.eu";
487 use = "external-web-service";
488 check_command = ["check_https" "git.immae.eu" "/cgit" "<title>Immae’s git"];
489
490 servicegroups = "webstatus-webapps";
491 _webstatus_name = "Git";
492 _webstatus_url = "https://git.immae.eu/";
493 }
494
495 {
496 service_description = "mantisbt website is running on git.immae.eu";
497 host_name = "eldiron.immae.eu";
498 use = "external-web-service";
499 check_command = ["check_https" "git.immae.eu" "/mantisbt/" "<title>My View - MantisBT"];
500
501 servicegroups = "webstatus-webapps";
502 _webstatus_name = "Mantisbt";
503 _webstatus_url = "https://git.immae.eu/mantisbt";
504 }
505
506 {
507 service_description = "diaspora website is running on diaspora.immae.eu";
508 host_name = "eldiron.immae.eu";
509 use = "external-web-service";
510 check_command = ["check_https" "diaspora.immae.eu" "/" "is the online social world where you are in control"];
511
512 servicegroups = "webstatus-webapps";
513 _webstatus_name = "Diaspora";
514 _webstatus_url = "https://diaspora.immae.eu/";
515 }
516
517 {
518 service_description = "peertube website is running on peertube.immae.eu";
519 host_name = "eldiron.immae.eu";
520 use = "external-web-service";
521 check_command = ["check_https" "peertube.immae.eu" "/" "<title>Immae’s PeerTube"];
522
523 servicegroups = "webstatus-webapps";
524 _webstatus_name = "Peertube";
525 _webstatus_url = "https://peertube.immae.eu/";
526 }
527
528 {
529 service_description = "etherpad website is running on ether.immae.eu";
530 host_name = "eldiron.immae.eu";
531 use = "external-web-service";
532 check_command = ["check_https" "ether.immae.eu" "/" "<title>Etherpad"];
533
534 servicegroups = "webstatus-webapps";
535 _webstatus_name = "Etherpad";
536 _webstatus_url = "https://ether.immae.eu/";
537 }
538
539 {
540 service_description = "mediagoblin website is running on mgoblin.immae.eu";
541 host_name = "eldiron.immae.eu";
542 use = "external-web-service";
543 check_command = ["check_https" "mgoblin.immae.eu" "/" "<title>GNU MediaGoblin"];
544
545 servicegroups = "webstatus-webapps";
546 _webstatus_name = "Mediagoblin";
547 _webstatus_url = "https://mgoblin.immae.eu/";
548 }
549
550 {
551 service_description = "mastodon website is running on mastodon.immae.eu";
552 host_name = "eldiron.immae.eu";
553 use = "external-web-service";
554 check_command = ["check_https" "mastodon.immae.eu" "/" "Mastodon</title>"];
555
556 servicegroups = "webstatus-webapps";
557 _webstatus_name = "Mastodon";
558 _webstatus_url = "https://mastodon.immae.eu/";
559 }
560
561 # Other web pages
562 {
563 service_description = "Jerome website is running on naturaloutil.immae.eu";
564 host_name = "eldiron.immae.eu";
565 use = "external-web-service";
566 check_command = ["check_https" "naturaloutil.immae.eu" "/ping.php" "YES"];
567
568 servicegroups = "webstatus-websites";
569 _webstatus_name = "naturaloutil.immae.eu";
570 _webstatus_url = "https://naturaloutil.immae.eu/";
571 }
572
573 {
574 service_description = "Telio website is running on realistesmedia.fr";
575 host_name = "eldiron.immae.eu";
576 use = "external-web-service";
577 check_command = ["check_https" "realistesmedia.fr" "/" "doctype html"];
578 contact_groups = "telio-tortay";
579 }
580
581 {
582 service_description = "Chloe website site is running on osteopathe-cc.fr";
583 host_name = "eldiron.immae.eu";
584 use = "external-web-service";
585 check_command = ["check_https" "www.osteopathe-cc.fr" "/" "<title>Chloé Condamin ostéopathe D.O."];
586
587 servicegroups = "webstatus-websites";
588 _webstatus_name = "osteopathe-cc.fr";
589 _webstatus_url = "https://www.osteopathe-cc.fr/";
590 }
591
592 {
593 service_description = "Richie website is running on europe-richie.org";
594 host_name = "eldiron.immae.eu";
595 use = "external-web-service";
596 check_command = ["check_https" "www.europe-richie.org" "/" "<title>.Europe Richie]"];
597
598 servicegroups = "webstatus-websites";
599 _webstatus_name = "europe-richie.org";
600 _webstatus_url = "https://www.europe-richie.org/";
601 }
602
603 {
604 service_description = "Ludivine website site is running on ludivinecassal.com";
605 host_name = "eldiron.immae.eu";
606 use = "external-web-service";
607 check_command = ["check_https" "www.ludivinecassal.com" "/" "<title>Ludivine Cassal"];
608
609 servicegroups = "webstatus-websites";
610 _webstatus_name = "ludivinecassal.com";
611 _webstatus_url = "https://www.ludivinecassal.com/";
612 }
613
614 {
615 service_description = "Aten website site is running on aten.pro";
616 host_name = "eldiron.immae.eu";
617 use = "external-web-service";
618 check_command = ["check_https" "aten.pro" "/" "<title>ATEN"];
619
620 servicegroups = "webstatus-websites";
621 _webstatus_name = "aten.pro";
622 _webstatus_url = "https://aten.pro/";
623 }
624
625 {
626 service_description = "PiedsJaloux website site is running on piedsjaloux.fr";
627 host_name = "eldiron.immae.eu";
628 use = "external-web-service";
629 check_command = ["check_https" "www.piedsjaloux.fr" "/" "<title>Les Pieds Jaloux"];
630
631 servicegroups = "webstatus-websites";
632 _webstatus_name = "piedsjaloux.fr";
633 _webstatus_url = "https://www.piedsjaloux.fr/";
634 }
635
636 {
637 service_description = "Denise and Jerome website site is running on denisejerome.piedsjaloux.fr";
638 host_name = "eldiron.immae.eu";
639 use = "external-web-service";
640 check_command = ["check_https" "denisejerome.piedsjaloux.fr" "/" "<title>Accueil - Mariage"];
641
642 servicegroups = "webstatus-websites";
643 _webstatus_name = "denisejerome.piedsjaloux.fr";
644 _webstatus_url = "https://denisejerome.piedsjaloux.fr/";
645 }
646
647 {
648 service_description = "Connexionswing website site is running on connexionswing.com";
649 host_name = "eldiron.immae.eu";
650 use = "external-web-service";
651 check_command = ["check_https" "www.connexionswing.com" "/" "<title>Cours, stages"];
652
653 servicegroups = "webstatus-websites";
654 _webstatus_name = "connexionswing.com";
655 _webstatus_url = "https://www.connexionswing.com/";
656 }
657
658 {
659 service_description = "Sandetludo website site is running on sandetludo.com";
660 host_name = "eldiron.immae.eu";
661 use = "external-web-service";
662 check_command = ["check_https" "www.sandetludo.com" "/" "<title>Cours de West Coast"];
663
664 servicegroups = "webstatus-websites";
665 _webstatus_name = "sandetludo.com";
666 _webstatus_url = "https://www.sandetludo.com/";
667 }
668
669 # SSL
670 {
671 service_description = "ldap SSL is up to date";
672 host_name = "eldiron.immae.eu";
673 use = "external-service";
674 check_command = ["check_tcp_ssl" "636"];
675
676 servicegroups = "webstatus-ssl";
677 _webstatus_name = "LDAP";
678 _webstatus_url = "ldap.immae.eu";
679 }
680
681 # Tiboqorl
682 {
683 service_description = "Cyllene support page is running";
684 host_name = "tiboqorl.fr";
685 use = "external-web-service";
686 contact_groups = "tiboqorl";
687 check_command = [ "check_https" "sc.groupe-cyllene.com" "/" "<title>Support Client Cyllene" ];
688 _webstatus_namespace = "tiboqorl";
689 }
690
691 {
692 service_description = "Origny page is running";
693 host_name = "tiboqorl.fr";
694 use = "external-web-service";
695 contact_groups = "tiboqorl";
696 check_command = [ "check_https" "origny.tiboqorl.fr" "/" "<title>Home Assistant" ];
697 _webstatus_namespace = "tiboqorl";
698 }
699 ];
700 contact = {
701 telio-tortay = config.myEnv.monitoring.contacts.telio-tortay // {
702 use = "generic-contact";
703 contactgroups = "telio-tortay";
704 };
705 thibault = config.myEnv.monitoring.contacts.thibault // {
706 use = "generic-contact";
707 contactgroups = "tiboqorl";
708 };
709 };
710 contactgroup = {
711 telio-tortay = { alias = "Telio Tortay"; members = "immae"; };
712 tiboqorl = { alias = "Tiboqorl"; members = "immae"; };
713 };
714}
diff --git a/modules/private/monitoring/objects_phare.nix b/modules/private/monitoring/objects_phare.nix
deleted file mode 100644
index 082e7e3..0000000
--- a/modules/private/monitoring/objects_phare.nix
+++ /dev/null
@@ -1,17 +0,0 @@
1{ emailCheck, ... }:
2{
3 activatedPlugins = [ "emails" ];
4 host = {
5 "phare.normalesup.org" = {
6 alias = "phare.normalesup.org";
7 address = "phare.normalesup.org";
8 use = "linux-server";
9 hostgroups = "webstatus-hosts";
10 _webstatus_name = "phare";
11 _webstatus_vhost = "status.immae.eu";
12 };
13 };
14 service = [
15 (emailCheck "phare" "phare.normalesup.org")
16 ];
17}
diff --git a/modules/private/monitoring/objects_quatresaisons.nix b/modules/private/monitoring/objects_quatresaisons.nix
deleted file mode 100644
index f30cf81..0000000
--- a/modules/private/monitoring/objects_quatresaisons.nix
+++ /dev/null
@@ -1,38 +0,0 @@
1{ lib, hostFQDN, emailCheck, openldap, ... }:
2let
3 defaultPassiveInfo = {
4 filter = lib.attrsets.filterAttrs
5 (k: v: builtins.elem k ["service_description"] || builtins.substring 0 1 k == "_");
6 use = "external-passive-service";
7 freshness_threshold = "450";
8 retry_interval = "1";
9 servicegroups = "webstatus-resources";
10 host_name = hostFQDN;
11 };
12in
13{
14 resources = {
15 USER212 = "{{ .monitoring.quatresaisons.naemon_ldap }}";
16 };
17 activatedPlugins = [ "megaraid" "command" "postgresql" ];
18 service = [
19 {
20 passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-resources"; };
21 service_description = "No RAID device is degraded";
22 use = "local-service";
23 check_command = ["check_megaraid"];
24 }
25 {
26 passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-resources"; };
27 service_description = "LDAP is running";
28 use = "local-service";
29 check_command = [ "check_command_status" "${openldap}/bin/ldapwhoami -D uid=naemon,ou=services,dc=salle-s,dc=org -w $USER212$" "0" ""];
30 }
31 {
32 passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-resources"; };
33 service_description = "Postgresql is running";
34 use = "local-service";
35 check_command = [ "check_postgresql_database_count" "/run/postgresql" "5432" "3" ];
36 }
37 ];
38}
diff --git a/modules/private/monitoring/objects_tiboqorl-fr.nix b/modules/private/monitoring/objects_tiboqorl-fr.nix
deleted file mode 100644
index b49a1d8..0000000
--- a/modules/private/monitoring/objects_tiboqorl-fr.nix
+++ /dev/null
@@ -1,174 +0,0 @@
1{ lib, ... }:
2let
3 hostFQDN = "tiboqorl.fr";
4 defaultPassiveInfo = {
5 filter = lib.attrsets.filterAttrs
6 (k: v: builtins.elem k ["service_description"] || builtins.substring 0 1 k == "_");
7 use = "external-passive-service";
8 contact_groups = "tiboqorl";
9 freshness_threshold = "450";
10 notification_interval = "240";
11 retry_interval = "1";
12 servicegroups = "webstatus-resources";
13 _webstatus_namespace = "tiboqorl";
14 host_name = hostFQDN;
15 };
16in
17{
18 host = {
19 "tiboqorl.fr" = {
20 alias = "tiboqorl.fr";
21 address = "tiboqorl.fr";
22 use = "linux-server";
23 contact_groups = "tiboqorl";
24 hostgroups = "webstatus-hosts";
25 _webstatus_name = "tiboqorl";
26 _webstatus_vhost = "status.immae.eu";
27 _webstatus_namespace = "tiboqorl";
28 };
29 };
30 service = [
31 {
32 passiveInfo = defaultPassiveInfo;
33 service_description = "Size on root partition";
34 use = "local-service";
35 check_command = ["check_local_disk" "20%" "10%" "/"];
36 }
37 {
38 passiveInfo = defaultPassiveInfo;
39 service_description = "Total number of process";
40 use = "local-service";
41 check_command = [ "check_local_procs" "250" "400" "RSZDT" ];
42 }
43 {
44 passiveInfo = defaultPassiveInfo;
45 service_description = "Network bandwidth";
46 use = "local-service";
47 check_interval = "2";
48 max_check_attempts = "20";
49 retry_interval = "2";
50 check_command = [
51 "check_local_bandwidth"
52 "eth0"
53 "20480" # kb/s
54 "51200" # kb/s
55 ];
56 }
57 {
58 passiveInfo = defaultPassiveInfo;
59 service_description = "Average load";
60 use = "local-service";
61 check_command = [
62 "check_local_load"
63 "0.75,0.75,0.75" # warn
64 "1.0,1.0,1.0" # alert
65 ];
66 }
67 {
68 passiveInfo = defaultPassiveInfo;
69 service_description = "Swap usage";
70 use = "local-service";
71 check_command = ["check_local_swap" "20" "10"];
72 }
73 {
74 passiveInfo = defaultPassiveInfo;
75 service_description = "Memory usage";
76 use = "local-service";
77 check_command = ["check_memory" "80" "90"];
78 }
79 {
80 passiveInfo = defaultPassiveInfo;
81 service_description = "NTP is activated and working";
82 use = "local-service";
83 check_command = ["check_ntp"];
84 }
85 ];
86 command = {
87 check_local_disk = "$USER1$/check_disk -w $ARG1$ -c $ARG2$ -p $ARG3$";
88 check_local_procs = "$USER1$/check_procs -w $ARG1$ -c $ARG2$ -s $ARG3$";
89 check_local_load = "$USER1$/check_load -w $ARG1$ -c $ARG2$";
90 check_local_swap = "$USER1$/check_swap -n ok -w $ARG1$ -c $ARG2$";
91 check_local_bandwidth = "$USER2$/check_bandwidth -i=$ARG1$ -w $ARG2$ -c $ARG3$";
92 check_memory = "$USER2$/check_mem.sh -w $ARG1$ -c $ARG2$";
93 check_ntp = "$USER1$/check_ntp_time -t 30 -q -H 0.arch.pool.ntp.org";
94
95 check_host_alive = "$USER1$/check_ping -H $HOSTADDRESS$ -w 3000.0,80% -c 5000.0,100% -p 5";
96
97 notify-master = "$USER2$/send_nrdp.sh -u \"$USER200$\" -t \"$USER201$\" -H \"$HOSTADDRESS$\" -s \"$SERVICEDESC$\" -S \"$SERVICESTATEID$\" -o \"$SERVICEOUTPUT$ | $SERVICEPERFDATA$\"";
98 };
99 timeperiod = {
100 "24x7" = {
101 alias = "24 Hours A Day, 7 Days A Week";
102 monday = "00:00-24:00";
103 tuesday = "00:00-24:00";
104 wednesday = "00:00-24:00";
105 thursday = "00:00-24:00";
106 friday = "00:00-24:00";
107 saturday = "00:00-24:00";
108 sunday = "00:00-24:00";
109 };
110 };
111 servicegroup = {
112 webstatus-resources = { alias = "Local resources"; };
113 };
114 hostgroup = {
115 webstatus-hosts = { alias = "Hosts"; };
116 };
117 contactgroup = {
118 tiboqorl = { alias = "Naemon Administrators"; };
119 };
120 templates = {
121 service = {
122 generic-service = {
123 active_checks_enabled = "1";
124 check_freshness = "0";
125 check_interval = "10";
126 check_period = "24x7";
127 contact_groups = "tiboqorl";
128 event_handler_enabled = "1";
129 flap_detection_enabled = "1";
130 is_volatile = "0";
131 max_check_attempts = "3";
132 notification_interval = "60";
133 notification_options = "w,u,c,r,f,s";
134 notification_period = "24x7";
135 notifications_enabled = "0";
136 obsess_over_service = "1";
137 passive_checks_enabled = "1";
138 process_perf_data = "1";
139 retain_nonstatus_information = "1";
140 retain_status_information = "1";
141 retry_interval = "2";
142 };
143 local-service = {
144 use = "generic-service";
145 host_name = hostFQDN;
146 check_interval = "5";
147 max_check_attempts = "4";
148 retry_interval = "1";
149 servicegroups = "webstatus-resources";
150 };
151 };
152 host = {
153 generic-host = {
154 event_handler_enabled = "1";
155 flap_detection_enabled = "1";
156 notification_period = "24x7";
157 notifications_enabled = "1";
158 process_perf_data = "1";
159 retain_nonstatus_information = "1";
160 retain_status_information = "1";
161 };
162 linux-server = {
163 check_command = "check_host_alive";
164 check_interval = "5";
165 check_period = "24x7";
166 contact_groups = "tiboqorl";
167 max_check_attempts = "10";
168 notification_interval = "120";
169 notification_options = "d,u,r,f";
170 retry_interval = "1";
171 };
172 };
173 };
174}
diff --git a/modules/private/monitoring/objects_ulminfo-fr.nix b/modules/private/monitoring/objects_ulminfo-fr.nix
deleted file mode 100644
index bd2804b..0000000
--- a/modules/private/monitoring/objects_ulminfo-fr.nix
+++ /dev/null
@@ -1,17 +0,0 @@
1{ emailCheck, ... }:
2{
3 activatedPlugins = [ "emails" ];
4 host = {
5 "ulminfo.fr" = {
6 alias = "ulminfo.fr";
7 address = "ulminfo.fr";
8 use = "linux-server";
9 hostgroups = "webstatus-hosts";
10 _webstatus_name = "ulminfo";
11 _webstatus_vhost = "status.immae.eu";
12 };
13 };
14 service = [
15 (emailCheck "ulminfo" "ulminfo.fr")
16 ];
17}
diff --git a/modules/private/monitoring/plugins/check_backup_age b/modules/private/monitoring/plugins/check_backup_age
deleted file mode 100755
index d873bdc..0000000
--- a/modules/private/monitoring/plugins/check_backup_age
+++ /dev/null
@@ -1,66 +0,0 @@
1#!/usr/bin/env bash
2
3set -euo pipefail
4
5source $SECRETS_PATH
6export HOME=$(mktemp -d)
7
8trap "rm -rf $HOME" EXIT
9folder=$1
10
11parse_date() {
12 d=$1
13 echo $d | sed -e "s/^\(....\)\(..\)\(..\)T\(..\)\(..\)\(..\)/\1-\2-\3T\4:\5:\6/"
14}
15
16output=$(duplicity collection-status --log-fd 2 "$BASE_URL$folder" 2>&1 > /dev/null)
17
18output=$(echo "$output" | grep -v "^\.")
19
20last_full=$(parse_date "$(echo "$output" | grep "^ full " | cut -d' ' -f3 | sort | tail -n1)")
21last_bkp=$(parse_date "$(echo "$output" | grep -E "^ (full|inc) " | cut -d' ' -f3 | sort | tail -n1)")
22orphaned_sets=$(echo "$output" | grep "^orphaned-sets-num" | cut -d' ' -f2)
23incomplete_sets=$(echo "$output" | grep "^incomplete-sets-num" | cut -d' ' -f2)
24
25if [[ -z "$last_full" || -z "$last_bkp" || -z "$orphaned_sets" || -z "$incomplete_sets" ]]; then
26 echo "duply-backup $folder UNKNOWN - impossible to parse result"
27 exit 3
28fi
29
30last_full_age=$(( ($(date "+%s") - $(date -d "$last_full" "+%s")) / (60*60*24) ))
31last_bkp_age=$(( ($(date "+%s") - $(date -d "$last_bkp" "+%s")) / (60*60) ))
32
33PERFS="orphan=$orphaned_sets;1;;0; incomplete=$incomplete_sets;1;;0; age=${last_bkp_age}h;30;48;0; full_age=${last_full_age}d;35;45;0;"
34
35
36WARNINGS=""
37ERRORS=""
38if [[ "$incomplete_sets" -gt 0 ]]; then
39 WARNINGS="$WARNINGS - Incomplete sets is $incomplete_sets"
40fi
41
42if [[ "$orphaned_sets" -gt 0 ]]; then
43 WARNINGS="$WARNINGS - Orphaned sets is $orphaned_sets"
44fi
45
46if [[ "$last_full_age" -gt 45 ]]; then
47 ERRORS="$ERRORS - Last full backup is too old $last_full"
48elif [[ "$last_full_age" -gt 35 ]]; then
49 WARNINGS="$WARNINGS - Last full backup is getting old $last_full"
50fi
51
52if [[ "$last_bkp_age" -gt 48 ]]; then
53 ERRORS="$ERRORS - Last backup is too old $last_bkp"
54elif [[ "$last_bkp_age" -gt 30 ]]; then
55 WARNINGS="$WARNINGS - Last backup is getting old $last_bkp"
56fi
57
58if [[ -n "$ERRORS" ]]; then
59 echo "duply-backup $folder CRITICAL$ERRORS$WARNINGS | $PERFS"
60 exit 2
61elif [[ -n "$WARNINGS" ]]; then
62 echo "duply-backup $folder WARNING$WARNINGS | $PERFS"
63 exit 1
64else
65 echo "duply-backup $folder OK | $PERFS"
66fi
diff --git a/modules/private/monitoring/plugins/check_bandwidth b/modules/private/monitoring/plugins/check_bandwidth
deleted file mode 100755
index 53c5d85..0000000
--- a/modules/private/monitoring/plugins/check_bandwidth
+++ /dev/null
@@ -1,123 +0,0 @@
1#!/bin/bash
2
3# ============================== SUMMARY =====================================
4#Author : Ken Roulamellah
5#Date : 19/07/2018
6#Version : 1.0
7# Licence : GPL
8# ===================== INFORMATION ABOUT THIS PLUGIN ========================
9#
10# This plugin checks the average RX and TX bandwidth utilisation. It use
11# kbytes as measure unite.
12#
13# ========================== START OF PROGRAM CODE ===========================
14
15STATE_OK=0
16STATE_WARNING=1
17STATE_CRITICAL=2
18STATE_UNKNOWN=3
19
20interface=$( ip route | grep default | awk '{print $5}' | head -n1)
21function print_usage()
22{
23 echo "Usage :"
24 echo "$0 [ -i=INTERFACE] [ -ct=COUNT ] -w WARNING -c CRITICAL"
25 echo "This script calculate the average bandwith usage."
26 echo "Default values | interface: ${interface}, counter: 10"
27}
28
29counter=10
30warning=-1
31critical=-1
32
33sum_rx=0
34sum_tx=0
35avg_rx=
36avg_tx=
37i=
38
39
40if [[ $# -lt 4 ]];
41then
42 echo "Error: Arguments are missing"
43 print_usage
44 exit $STATE_UNKNOWN
45fi
46
47while [[ $# -gt 0 ]]; do
48 case "$1" in
49 -i=*)
50 interface="$(cut -d'=' -f2 <<<"$1")"
51 shift
52 ;;
53 -ct=*)
54 counter="$(cut -d'=' -f2 <<<"$1")"
55 shift
56 ;;
57 -w)
58 warning=$2
59 shift 2
60 ;;
61 -c)
62 critical=$2
63 shift 2
64 ;;
65 *)
66 printf "\nError: Invalid option '$1'"
67 print_usage
68 exit $STATE_UNKNOWN
69 ;;
70 esac
71done
72
73if [ $warning -lt 0 ] || [ $critical -lt 0 ];
74then
75 echo "Error: You need to specify a warning and critical treshold"
76 print_usage
77 exit $STATE_UNKNOWN
78fi
79
80grep -q "up" /sys/class/net/$interface/operstate || exec echo "$interface: no such device or down"
81
82read rx <"/sys/class/net/$interface/statistics/rx_bytes"
83read tx <"/sys/class/net/$interface/statistics/tx_bytes"
84
85i=$counter
86while [ $i -gt 0 ]; do
87 sleep 1
88 read newrx <"/sys/class/net/$interface/statistics/rx_bytes"
89 read newtx <"/sys/class/net/$interface/statistics/tx_bytes"
90
91 #echo "old rx :$rx"
92 #echo "new rx :$newrx"
93 rx_cal=$(bc <<< "scale=2; ($newrx-$rx) / 1000")
94 tx_cal=$(bc <<< "scale=2; ($newtx-$tx) / 1000")
95
96 sum_rx=$(bc <<< "scale=2;$sum_rx+$rx_cal")
97 sum_tx=$(bc <<< "scale=2;$sum_tx+$tx_cal")
98
99 #echo "$interface {rx: $rx_cal ko/s, tx: $tx_cal ko/s}"
100 rx=$newrx
101 tx=$newtx
102 ((i --))
103done
104
105avg_rx=$(bc <<< "scale=2;$sum_rx/$counter")
106avg_tx=$(bc <<< "scale=2;$sum_tx/$counter")
107
108#echo "$avg_rx"
109#echo "$avg_tx"
110
111
112if [ $(bc <<< "$avg_rx > $critical || $avg_tx > $critical") -eq 1 ]; then
113 echo "$interface CRITICAL - AVG_RX: $avg_rx kb/s, AVG_TX:
114 $avg_tx kb/s | RX="$avg_rx"kbps;0;0;0; TX="$avg_tx"kbps;0;0;0;"
115 exit $STATE_CRITICAL
116elif [ $(bc <<< "$avg_rx > $warning || $avg_tx > $warning") -eq 1 ]; then
117 echo "$interface WARNING - AVG_RX: $avg_rx kb/s, AVG_TX: $avg_tx kb/s | RX="$avg_rx"kbps;0;0;0; TX="$avg_tx"kbps;0;0;0;"
118 exit $STATE_WARNING
119else
120 echo "$interface - OK AVG_RX: $avg_rx kb/s, AVG_TX: $avg_tx kb/s | RX="$avg_rx"kbps;0;0;0; TX="$avg_tx"kbps;0;0;0;"
121 exit $STATE_OK
122fi
123exit 3
diff --git a/modules/private/monitoring/plugins/check_command b/modules/private/monitoring/plugins/check_command
deleted file mode 100755
index 2b546c1..0000000
--- a/modules/private/monitoring/plugins/check_command
+++ /dev/null
@@ -1,113 +0,0 @@
1#!/usr/bin/env perl
2
3use strict;
4use Getopt::Std;
5$| = 1;
6
7my %opts;
8getopts('hr:C:c:s:o:', \%opts);
9
10my $STATE_OK = 0;
11my $STATE_WARNING = 1;
12my $STATE_CRITICAL = 2;
13my $STATE_UNKNOWN = 3;
14
15if ($opts{'h'} || scalar(%opts) == 0) {
16 &print_help();
17 exit($STATE_OK);
18}
19
20my $command = $opts{'c'};
21if ($command eq '') {
22 print "You must provide a command to check.\n";
23 exit($STATE_UNKNOWN);
24}
25
26my $expected_output = $opts{'o'};
27my $expected_status = $opts{'s'};
28my $other_command = $opts{'C'};
29
30if ($other_command eq '' and $expected_status eq '' and $expected_output eq '') {
31 $expected_status = 0;
32}
33
34my $cmd = $command . ' 2>&1';
35my $other_cmd;
36if ($other_command ne '') {
37 $other_cmd = $other_command . ' 2>&1';
38}
39
40my $run_as;
41if ($opts{'r'}) {
42 $run_as = $opts{'r'};
43 $cmd = "sudo -u $run_as -n $cmd";
44
45 if ($other_command ne '') {
46 $other_cmd = "sudo -u $run_as -n $other_cmd";
47 }
48
49}
50
51my $cmd_result = `$cmd`;
52my $other_cmd_result;
53if ($other_command ne '') {
54 $other_cmd_result = `$other_cmd`;
55 chomp($other_cmd_result);
56}
57
58chomp($cmd_result);
59if ($cmd_result =~ /sudo/i) {
60 print "$command CRITICAL - No sudo right to run the command | result=1;;;;\n";
61 exit($STATE_UNKNOWN);
62} elsif ($expected_status ne '') {
63 if ($? != $expected_status) {
64 print "$command CRITICAL - Response status $? | result=1;;;;\n";
65 exit($STATE_CRITICAL);
66 } else {
67 print "$command OK - Response status $? | result=0;;;;\n";
68 exit($STATE_OK);
69 }
70} elsif ($other_command ne '') {
71 if ($cmd_result ne $other_cmd_result) {
72 print "$command CRITICAL - Expected output not matching other command output | result=1;;;;\n";
73 exit($STATE_CRITICAL);
74 } else {
75 print "$command OK - Expected output matching other command output | result=0;;;;\n";
76 exit($STATE_OK);
77 }
78} else {
79 if ($cmd_result !~ /$expected_output/) {
80 print "$command CRITICAL - Expected output not matching | result=1;;;;\n";
81 exit($STATE_CRITICAL);
82 } else {
83 print "$command OK - Expected output matching | result=0;;;;\n";
84 exit($STATE_OK);
85 }
86}
87
88sub print_help() {
89 print << "EOF";
90Check whether the given command responds as expected. One of -o -C or -s must be selected.
91
92Options:
93-h
94 Print detailed help screen
95
96-c
97 command to run (required)
98
99-C
100 other command to compare output
101
102-r user
103 Run as user via sudo.
104
105-s
106 status code to check
107
108-o
109 output to check
110
111EOF
112}
113
diff --git a/modules/private/monitoring/plugins/check_emails b/modules/private/monitoring/plugins/check_emails
deleted file mode 100755
index 534e5a5..0000000
--- a/modules/private/monitoring/plugins/check_emails
+++ /dev/null
@@ -1,121 +0,0 @@
1#!/usr/bin/env perl
2
3use strict;
4use Getopt::Std;
5use File::Basename;
6use Date::Parse;
7use POSIX qw(strftime);
8
9$| = 1;
10
11my %opts;
12getopts('hH:l:s:p:f:i:n:r:', \%opts);
13
14my $STATE_OK = 0;
15my $STATE_WARNING = 1;
16my $STATE_CRITICAL = 2;
17my $STATE_UNKNOWN = 3;
18
19if ($opts{'h'} || scalar(%opts) == 0) {
20 &print_help();
21 exit($STATE_OK);
22}
23
24my $port = $opts{'p'};
25my $host = $opts{'H'};
26my $login = $opts{'l'};
27if ($login ne '') {
28 $login = "$login@";
29}
30
31my $identity = $opts{'i'};
32my $local_directory = $opts{'n'};
33my $return_path = $opts{'r'};
34
35my @emails_to_send = split(/,/, $opts{'s'});
36my @emails_to_expect = split(/,/, $opts{'f'});
37
38my $cmd_result;
39if ($local_directory ne '') {
40 if (@emails_to_expect and ! -d $local_directory) {
41 print "Emails $host UNKNOWN - Could not find local directory";
42 exit($STATE_UNKNOWN);
43 }
44 $cmd_result = `send_mails $local_directory $return_path @emails_to_send 2>&1`;
45} else {
46 $cmd_result = `ssh -o BatchMode=yes -o UserKnownHostsFile=/dev/null -o CheckHostIP=no -o StrictHostKeyChecking=no -p $port -i $identity $login$host send_mails @emails_to_send 2>&1`;
47
48 if ($cmd_result =~ /Host key verification failed./) {
49 print "Emails $host UNKNOWN - Could not connect to host with ssh key\n";
50 exit($STATE_UNKNOWN);
51 }
52}
53
54my @lines = split(/\n/, $cmd_result);
55
56my %found_emails;
57
58foreach my $line (@lines) {
59 my @split_line = split(/;/, $line, 2);
60 $found_emails{$split_line[0]} = $split_line[1];
61}
62
63my $output = "";
64my $old = 0;
65foreach my $email_from (@emails_to_expect) {
66 my @email_split = split(/:/, $email_from);
67 my $email = $email_split[0];
68 my $from = $email_split[1];
69
70 if ( exists $found_emails{$email} ) {
71 my $email_date = str2time($found_emails{$email});
72 my $current_date = strftime "%s", localtime;
73
74 if ($current_date - $email_date > 60*30) {
75 $output = "$output$email ($found_emails{$email} from $from) ";
76 }
77 $old = ($current_date - $email_date) > $old ? ($current_date - $email_date) : $old;
78 } else {
79 $output = "$output$email (missing) "
80 }
81}
82
83if ($output ne '') {
84 print "Emails $host CRITICAL - expecting emails: $output | timestamp=${old}s;;;;\n";
85 exit($STATE_CRITICAL);
86} else {
87 print "Emails $host OK | timestamp=${old}s;;;;\n";
88 exit($STATE_OK);
89}
90
91sub print_help() {
92 print << "EOF";
93Check sent emails
94
95Options:
96-h
97 Print detailed help screen
98
99-H
100 Host to check
101
102-l
103 Login
104
105-i
106 Identity file
107
108-n
109 Don’t use ssh, pass that directory to script
110
111-r
112 Return path for local e-mails
113
114-s
115 Comma separated list of emails to send from the host.
116
117-f
118 Comma separated list of emails to expect on the host.
119EOF
120}
121
diff --git a/modules/private/monitoring/plugins/check_eriomem b/modules/private/monitoring/plugins/check_eriomem
deleted file mode 100755
index 880b88a..0000000
--- a/modules/private/monitoring/plugins/check_eriomem
+++ /dev/null
@@ -1,83 +0,0 @@
1#!/usr/bin/env python
2import os
3import sys
4import getopt
5import signal
6from subprocess import Popen, PIPE
7
8STATE_OK = 0
9STATE_WARNING = 1
10STATE_CRITICAL = 2
11STATE_UNKNOWN = 3
12
13keys = sys.argv[1].split(",")
14
15def to_args(k):
16 access, secret = k.split(":", 1)
17 return [
18 "s3cmd",
19 '-c=/dev/null',
20 '--no-check-certificate',
21 '--access_key={}'.format(access),
22 '--secret_key={}'.format(secret),
23 '--host=e.eriomem.net',
24 '--host-bucket=%(bucket)s.e.eriomem.net',
25 'du'
26 ]
27
28max_size = 1024*1024*1024*1024
29warning_percent = 99.75
30critical_percent = 99.95
31
32def output(code, msg):
33 print(msg)
34 sys.exit(code)
35
36def main():
37 def handler(signum, frame):
38 raise IOError
39 signal.signal(signal.SIGALRM, handler)
40 signal.alarm(60)
41
42 try:
43 ps = [Popen(to_args(a), stdout=PIPE, stderr=PIPE) for a in keys]
44 outs = [p.communicate() for p in ps]
45 rets = [p.wait() for p in ps]
46 except IOError:
47 for p in ps:
48 os.kill(p.pid, signal.SIGTERM)
49 output(STATE_UNKNOWN,
50 "Eriomem UNKNOWN - Command timeout after 60 seconds!")
51
52 signal.alarm(0)
53
54 if sum(rets) == 0:
55 usages = [int(out[0].decode().split("\n")[-2].split()[0]) for out in outs]
56 usage = sum(usages)
57 use_percent = 100 * usage / max_size
58 if use_percent > critical_percent:
59 output(STATE_CRITICAL,
60 "Eriomem CRITICAL - bucket usage: %s (%s%%);| size=%s;;;;" %
61 (sizeof_fmt(usage), use_percent, sizeof_fmt(usage)))
62 elif use_percent > warning_percent:
63 output(STATE_WARNING,
64 "Eriomem WARNING - bucket usage: %s (%s%%);| size=%s;;;;" %
65 (sizeof_fmt(usage), use_percent, sizeof_fmt(usage)))
66 else:
67 output(STATE_OK,
68 "Eriomem OK - bucket usage: %s (%d%%);| size=%s;;;;" %
69 (sizeof_fmt(usage), use_percent, sizeof_fmt(usage)))
70 else:
71 messages = "\n".join([out[0].decode() + out[1].decode() for out in outs])
72 output(STATE_UNKNOWN,
73 "Eriomem UNKNOWN - Error in command")
74
75def sizeof_fmt(num):
76 for unit in ['','ko','Mo','Go','To','Po','Eo','Zo']:
77 if abs(num) < 1024.0:
78 return "%3.1f%s" % (num, unit)
79 num /= 1024.0
80 return "%.1f%s%s" % (num, 'Yo')
81
82if __name__ == '__main__':
83 main()
diff --git a/modules/private/monitoring/plugins/check_ftp_database b/modules/private/monitoring/plugins/check_ftp_database
deleted file mode 100755
index f9cf579..0000000
--- a/modules/private/monitoring/plugins/check_ftp_database
+++ /dev/null
@@ -1,11 +0,0 @@
1#!/usr/bin/env bash
2
3OUT=$(echo "ls" | lftp -u test_ftp,test_ftp eldiron.immae.eu | grep it_works | wc -l)
4
5if [ "$OUT" -eq 1 ]; then
6 echo "ftp connection OK - access to ftp is working | ftp=1;;;;"
7 exit 0
8else
9 echo "ftp connection CRITICAL - no access to ftp | ftp=0;;;;"
10 exit 2
11fi
diff --git a/modules/private/monitoring/plugins/check_git b/modules/private/monitoring/plugins/check_git
deleted file mode 100755
index e8fbb29..0000000
--- a/modules/private/monitoring/plugins/check_git
+++ /dev/null
@@ -1,81 +0,0 @@
1#!/usr/bin/env bash
2
3SSH_KEY="$1"
4
5TMPDIR=$(mktemp -d)
6
7if [ ! -d "$TMPDIR" ]; then
8 echo "gitolite UNKNOWN - impossible to create temp dir"
9 exit 3
10fi
11
12trap "rm -rf $TMPDIR" EXIT
13
14ERRORS=""
15OUTPUT=""
16PERFS=""
17
18cd "$TMPDIR"
19OUT=$(git clone -q git://git.immae.eu/perso/Immae/Projets/Ruby/Monitor.git 2>&1)
20ERR=$?
21if [ -n "$OUT" ]; then
22OUTPUT="$OUTPUT
23$OUT"
24fi
25if [ "$ERR" != 0 ]; then
26 PERFS="$PERFS git=0;;;;"
27 ERRORS="$ERRORS git://"
28else
29 PERFS="$PERFS git=1;;;;"
30fi
31rm -rf Monitor
32
33OUT=$(git clone -q http://git.immae.eu/perso/Immae/Projets/Ruby/Monitor.git 2>&1)
34ERR=$?
35if [ -n "$OUT" ]; then
36OUTPUT="$OUTPUT
37$OUT"
38fi
39if [ "$ERR" != 0 ]; then
40 ERRORS="$ERRORS http://"
41 PERFS="$PERFS http=0;;;;"
42else
43 PERFS="$PERFS http=1;;;;"
44fi
45rm -rf Monitor
46
47OUT=$(git clone -q https://git.immae.eu/perso/Immae/Projets/Ruby/Monitor.git 2>&1)
48ERR=$?
49if [ -n "$OUT" ]; then
50OUTPUT="$OUTPUT
51$OUT"
52fi
53if [ "$ERR" != 0 ]; then
54 ERRORS="$ERRORS https://"
55 PERFS="$PERFS https=0;;;;"
56else
57 PERFS="$PERFS https=1;;;;"
58fi
59rm -rf Monitor
60
61OUT=$(GIT_SSH_COMMAND="ssh -i $SSH_KEY -o BatchMode=yes -o UserKnownHostsFile=/dev/null -o CheckHostIP=no -o StrictHostKeyChecking=no" git clone -q gitolite@git.immae.eu:perso/Immae/Projets/Ruby/Monitor 2>&1)
62ERR=$?
63if [ -n "$OUT" ]; then
64OUTPUT="$OUTPUT
65$OUT"
66fi
67if [ "$ERR" != 0 ]; then
68 ERRORS="$ERRORS ssh"
69 PERFS="$PERFS ssh=0;;;;"
70else
71 PERFS="$PERFS ssh=1;;;;"
72fi
73rm -rf Monitor
74
75if [ -n "$ERRORS" ]; then
76 echo "gitolite CRITICAL - impossible to clone via$ERRORS | $PERFS"
77 exit 2
78else
79 echo "gitolite OK - ssh, git, http and https work | $PERFS"
80 exit 0
81fi
diff --git a/modules/private/monitoring/plugins/check_imap_connection b/modules/private/monitoring/plugins/check_imap_connection
deleted file mode 100755
index c1ab0dd..0000000
--- a/modules/private/monitoring/plugins/check_imap_connection
+++ /dev/null
@@ -1,52 +0,0 @@
1#!/usr/bin/env perl
2
3use strict;
4use Getopt::Std;
5$| = 1;
6
7my %opts;
8getopts('h:u:p:H:', \%opts);
9
10my $STATE_OK = 0;
11my $STATE_WARNING = 1;
12my $STATE_CRITICAL = 2;
13my $STATE_UNKNOWN = 3;
14
15if ($opts{'h'} || !$opts{'u'} || !$opts{'p'} || !$opts{'H'}) {
16 &print_help();
17 exit($STATE_UNKNOWN);
18}
19
20my $user = $opts{'u'};
21my $password = $opts{'p'};
22my $host = $opts{'H'};
23
24my $cmd_result = `(echo "a login $user $password"; echo "b logout") | openssl s_client -quiet -ign_eof -connect $host -starttls imap 2>&1`;
25my $expected_result = "a OK Logged in";
26
27chomp($cmd_result);
28if ($cmd_result !~ /$expected_result/) {
29 print "IMAP CRITICAL - Unable to connect via imaps | imap=0;;;;\n";
30 exit($STATE_CRITICAL);
31} else {
32 print "IMAP OK - imaps connected successfully | imap=1;;;;\n";
33 exit($STATE_OK);
34}
35
36sub print_help() {
37 print << "EOF";
38Check whether imap works via ssl and is able to connect its database.
39
40Options:
41-h
42 Print detailed help screen
43-u
44 User to log in as
45-p
46 Password to log in
47-H
48 Host to log in to
49
50EOF
51}
52
diff --git a/modules/private/monitoring/plugins/check_last_file_date b/modules/private/monitoring/plugins/check_last_file_date
deleted file mode 100755
index f51a258..0000000
--- a/modules/private/monitoring/plugins/check_last_file_date
+++ /dev/null
@@ -1,28 +0,0 @@
1#!/bin/bash
2
3STATE_OK=0
4STATE_WARNING=1
5STATE_CRITICAL=2
6STATE_UNKNOWN=3
7
8base_path=$1
9hours=$2
10
11last_date=$(find $base_path -mindepth 1 -maxdepth 1 -printf "%T@\n" 2>/dev/null | sort | tail -n 1)
12
13if [ -z "$last_date" ]; then
14 echo "UNKNOWN: Could not read folder"
15 exit $STATE_UNKNOWN
16else
17 LC_ALL=C last_date=$(printf "%.*f" 0 $last_date)
18 LC_ALL=C age=$(( $(date "+%s") - $last_date))
19 max_age=$(( $hours * 60 * 60 ))
20 min_date=$(date -d "$hours hours ago" "+%s")
21 if [ "$min_date" -lt "$last_date" ]; then
22 echo "OK: Last file $(date -d @$last_date) | age=${age}s;;$max_age;;"
23 exit $STATE_OK
24 else
25 echo "CRITICAL: Last file $(date -d @$last_date) | age=${age}s;;$max_age;;"
26 exit $STATE_CRITICAL
27 fi
28fi
diff --git a/modules/private/monitoring/plugins/check_mem.sh b/modules/private/monitoring/plugins/check_mem.sh
deleted file mode 100755
index cc97ae2..0000000
--- a/modules/private/monitoring/plugins/check_mem.sh
+++ /dev/null
@@ -1,29 +0,0 @@
1#!/bin/bash
2
3if [ "$1" = "-w" ] && [ "$2" -gt "0" ] && [ "$3" = "-c" ] && [ "$4" -gt "0" ]; then
4 FreeM=`free -m`
5 memTotal_m=`echo "$FreeM" |grep Mem |awk '{print $2}'`
6 memUsed_m=`echo "$FreeM" |grep Mem |awk '{print $3}'`
7 memFree_m=`echo "$FreeM" |grep Mem |awk '{print $4}'`
8 memBuffer_m=`echo "$FreeM" |grep Mem |awk '{print $6}'`
9 memCache_m=`echo "$FreeM" |grep Mem |awk '{print $7}'`
10 memUsedPrc=`echo $((($memUsed_m*100)/$memTotal_m))||cut -d. -f1`
11 if [ "$memUsedPrc" -ge "$4" ]; then
12 echo "Memory: CRITICAL Total: $memTotal_m MB - Used: $memUsed_m MB - $memUsedPrc% used!|TOTAL=$memTotal_m;;;; USED=$memUsed_m;;;; CACHE=$memCache_m;;;; BUFFER=$memBuffer_m;;;;"
13 exit 2
14 elif [ "$memUsedPrc" -ge "$2" ]; then
15 echo "Memory: WARNING Total: $memTotal_m MB - Used: $memUsed_m MB - $memUsedPrc% used!|TOTAL=$memTotal_m;;;; USED=$memUsed_m;;;; CACHE=$memCache_m;;;; BUFFER=$memBuffer_m;;;;"
16 exit 1
17 else
18 echo "Memory: OK Total: $memTotal_m MB - Used: $memUsed_m MB - $memUsedPrc% used|TOTAL=$memTotal_m;;;; USED=$memUsed_m;;;; CACHE=$memCache_m;;;; BUFFER=$memBuffer_m;;;;"
19 exit 0
20 fi
21else # If inputs are not as expected, print help.
22 sName="`echo $0|awk -F '/' '{print $NF}'`"
23 echo -e "\n\n\t\t### $sName Version 2.0###\n"
24 echo -e "# Usage:\t$sName -w <warnlevel> -c <critlevel>"
25 echo -e "\t\t= warnlevel and critlevel is percentage value without %\n"
26 echo "# EXAMPLE:\t/usr/lib64/nagios/plugins/$sName -w 80 -c 90"
27 echo -e "\nCopyright (C) 2012 Lukasz Gogolin (lukasz.gogolin@gmail.com), improved by Nestor 2015\n\n"
28 exit
29fi
diff --git a/modules/private/monitoring/plugins/check_mysql_replication b/modules/private/monitoring/plugins/check_mysql_replication
deleted file mode 100755
index 1ee5de1..0000000
--- a/modules/private/monitoring/plugins/check_mysql_replication
+++ /dev/null
@@ -1,41 +0,0 @@
1#!/bin/bash
2
3STATE_OK=0
4STATE_WARNING=1
5STATE_CRITICAL=2
6STATE_UNKNOWN=3
7
8socket=$1
9config_file=$2
10info=$(mysql --defaults-file=${config_file} -S $socket -e "show slave status" --vertical)
11exit_code=$?
12
13lag=$(echo "$info" | grep "\bSeconds_Behind_Master\b" | cut -d':' -f2 | sed -e "s/\s//g")
14
15IO_running=$(echo "$info" | grep "\bSlave_IO_Running\b" | cut -d':' -f2 | sed -e "s/\s//g")
16SQL_running=$(echo "$info" | grep "\bSlave_SQL_Running\b" | cut -d':' -f2 | sed -e "s/\s//g")
17
18if [[ $exit_code -ne 0 ]]; then
19 echo "UNKNOWN - Impossible to run mysql command"
20 exit $STATE_UNKNOWN
21elif [[ -z "$lag" ]]; then
22 echo "UNKNOWN - No replication found for mysql"
23 exit $STATE_UNKNOWN
24elif [[ "$IO_running" != "Yes" || "$SQL_running" != "Yes" ]]; then
25 echo "UNKNOWN - Replication is not running"
26 exit $STATE_UNKNOWN
27else
28 output="Replication lag for mysql is ${lag}s"
29 LC_ALL=C lag=$(printf "%.*f" 0 $lag)
30
31 if [[ $lag -lt 5 ]]; then
32 echo "OK - $output | time=${lag}s;5;10;;"
33 exit $STATE_OK
34 elif [[ $lag -lt 10 ]]; then
35 echo "WARNING - $output | time=${lag}s;5;10;;"
36 exit $STATE_WARNING
37 else
38 echo "CRITICAL - $output | time=${lag}s;5;10;;"
39 exit $STATE_CRITICAL
40 fi
41fi
diff --git a/modules/private/monitoring/plugins/check_openldap_replication b/modules/private/monitoring/plugins/check_openldap_replication
deleted file mode 100755
index 7136ad5..0000000
--- a/modules/private/monitoring/plugins/check_openldap_replication
+++ /dev/null
@@ -1,54 +0,0 @@
1#!/bin/bash
2
3STATE_OK=0
4STATE_WARNING=1
5STATE_CRITICAL=2
6STATE_UNKNOWN=3
7
8distant_host="$1"
9replication_dn="$2"
10replication_pw="$3"
11base="$4"
12config="$5"
13
14to_date() {
15 i="$1"
16 i=$(echo "$i" | grep contextCSN | cut -d":" -f2 | sed -e "s/\s//g")
17 i=$(echo "$i" | cut -d"#" -f1)
18 i=$(echo "$i" | cut -d"." -f1)
19 echo "$i"
20}
21
22# ldap
23remote_ldap=$(ldapsearch -H $distant_host -D "$replication_dn" -y "$replication_pw" -b "$base" -s base -LLL contextCSN )
24exit_code_remote=$?
25remote_ldap=$(to_date "$remote_ldap")
26
27# slapcat
28local_ldap=$(slapcat -b "$base" -f "$config" -a "(entryDN=$base)")
29exit_code_local=$?
30local_ldap=$(to_date "$local_ldap")
31
32offset=$(($remote_ldap - $local_ldap))
33
34if [[ $exit_code_remote -ne 0 || $exit_code_local -ne 0 ]]; then
35 echo "UNKNOWN - Impossible to run ldap command"
36 exit $STATE_UNKNOWN
37elif [[ -z "$offset" ]]; then
38 echo "UNKNOWN - No replication found"
39 exit $STATE_UNKNOWN
40else
41 output="Replication lag for openldap is ${offset}s"
42 LC_ALL=C lag=$(printf "%.*f" 0 $lag)
43
44 if [[ $offset -lt 5 ]]; then
45 echo "OK - $output | time=${offset}s;5;10;;"
46 exit $STATE_OK
47 elif [[ $offset -lt 10 ]]; then
48 echo "WARNING - $output | time=${offset}s;5;10;;"
49 exit $STATE_WARNING
50 else
51 echo "CRITICAL - $output | time=${offset}s;5;10;;"
52 exit $STATE_CRITICAL
53 fi
54fi
diff --git a/modules/private/monitoring/plugins/check_ovh_sms b/modules/private/monitoring/plugins/check_ovh_sms
deleted file mode 100755
index caf279c..0000000
--- a/modules/private/monitoring/plugins/check_ovh_sms
+++ /dev/null
@@ -1,25 +0,0 @@
1#!/usr/bin/env python
2
3import sys
4try:
5 import ovh
6
7 [endpoint, application_key, application_secret, consumer_key, account] = sys.argv[1].split(",")
8 client = ovh.Client(
9 endpoint=endpoint,
10 application_key=application_key,
11 application_secret=application_secret,
12 consumer_key=consumer_key,
13 )
14
15 result = client.get('/sms/{}'.format(account))["creditsLeft"]
16
17 if result < 20:
18 print("SMS OVH Critical - Not enough sms left ({})|SMS={};;;;".format(result, result))
19 sys.exit(2)
20 else:
21 print("SMS OVH Ok - Enough sms left ({})|SMS={};;;;".format(result, result))
22 sys.exit(0)
23except Exception:
24 print("SMS OVH UNKNOWN - Error during script")
25 sys.exit(3)
diff --git a/modules/private/monitoring/plugins/check_postgres_database_count b/modules/private/monitoring/plugins/check_postgres_database_count
deleted file mode 100755
index 43bdd8c..0000000
--- a/modules/private/monitoring/plugins/check_postgres_database_count
+++ /dev/null
@@ -1,32 +0,0 @@
1#!/bin/bash
2
3STATE_OK=0
4STATE_WARNING=1
5STATE_CRITICAL=2
6STATE_UNKNOWN=3
7
8host=$1
9port=$2
10min=$3
11
12count=$(psql -h $host -p $port -A -q -c '\t' -c 'select count(datname) from pg_catalog.pg_database' postgres 2>&1)
13exit_code=$?
14
15if [[ $exit_code -ne 0 ]]; then
16 echo "UNKNOWN - Impossible to run psql command: $count"
17 exit $STATE_UNKNOWN
18elif [[ -z "$count" ]]; then
19 echo "UNKNOWN - No database found"
20 exit $STATE_UNKNOWN
21else
22 output="Database count is $count"
23 LC_ALL=C count=$(printf "%.*f" 0 $count)
24
25 if [[ $count -gt $min ]]; then
26 echo "OK - $output | count=${count};$min;$min;0;"
27 exit $STATE_OK
28 else
29 echo "CRITICAL - $output | count=${count};$min;$min;0;"
30 exit $STATE_CRITICAL
31 fi
32fi
diff --git a/modules/private/monitoring/plugins/check_postgres_replication b/modules/private/monitoring/plugins/check_postgres_replication
deleted file mode 100755
index ff257a3..0000000
--- a/modules/private/monitoring/plugins/check_postgres_replication
+++ /dev/null
@@ -1,35 +0,0 @@
1#!/bin/bash
2
3STATE_OK=0
4STATE_WARNING=1
5STATE_CRITICAL=2
6STATE_UNKNOWN=3
7
8user=$1
9host=$2
10port=$3
11
12lag=$(psql -h $host -p $port -A -t -c "SELECT COALESCE(EXTRACT(EPOCH FROM replay_lag),0) FROM pg_stat_replication WHERE usename='$user'" 2>/dev/null)
13exit_code=$?
14
15if [[ $exit_code -ne 0 ]]; then
16 echo "UNKNOWN - Impossible to run psql command"
17 exit $STATE_UNKNOWN
18elif [[ -z "$lag" ]]; then
19 echo "UNKNOWN - No replication found for $user"
20 exit $STATE_UNKNOWN
21else
22 output="Replication lag for $user is ${lag}s"
23 LC_ALL=C lag=$(printf "%.*f" 0 $lag)
24
25 if [[ $lag -lt 5 ]]; then
26 echo "OK - $output | time=${lag}s;5;10;0;"
27 exit $STATE_OK
28 elif [[ $lag -lt 10 ]]; then
29 echo "WARNING - $output | time=${lag}s;5;10;0;"
30 exit $STATE_WARNING
31 else
32 echo "CRITICAL - $output | time=${lag}s;5;10;0;"
33 exit $STATE_CRITICAL
34 fi
35fi
diff --git a/modules/private/monitoring/plugins/check_redis_replication b/modules/private/monitoring/plugins/check_redis_replication
deleted file mode 100755
index 6dbe4c4..0000000
--- a/modules/private/monitoring/plugins/check_redis_replication
+++ /dev/null
@@ -1,38 +0,0 @@
1#!/bin/bash
2
3STATE_OK=0
4STATE_WARNING=1
5STATE_CRITICAL=2
6STATE_UNKNOWN=3
7
8socket=$1
9
10info=$(redis-cli -s $socket info replication)
11lag=$(echo "$info" | grep master_last_io_seconds_ago | cut -d":" -f2 | sed -e "s/\s//g")
12slave_offset=$(echo "$info" | grep slave_repl_offset | cut -d":" -f2 | sed -e "s/\s//g")
13master_offset=$(echo "$info" | grep master_repl_offset | cut -d":" -f2 | sed -e "s/\s//g")
14offset=$(($master_offset - $slave_offset))
15
16exit_code=$?
17
18if [[ $exit_code -ne 0 ]]; then
19 echo "UNKNOWN - Impossible to run redis command"
20 exit $STATE_UNKNOWN
21elif [[ -z "$lag" ]]; then
22 echo "UNKNOWN - No replication found"
23 exit $STATE_UNKNOWN
24else
25 output="Replication lag for redis is ${lag}s and offset is ${offset}"
26 LC_ALL=C lag=$(printf "%.*f" 0 $lag)
27
28 if [[ $lag -lt 5 && $offset -lt 5 ]]; then
29 echo "OK - $output | time=${lag}s;5;10;0; offset=${offset};5;10;0;"
30 exit $STATE_OK
31 elif [[ $lag -lt 10 && $offset -lt 10 ]]; then
32 echo "WARNING - $output | time=${lag}s;5;10;0; offset=${offset};5;10;0;"
33 exit $STATE_WARNING
34 else
35 echo "CRITICAL - $output | time=${lag}s;5;10;0; offset=${offset};5;10;0;"
36 exit $STATE_CRITICAL
37 fi
38fi
diff --git a/modules/private/monitoring/plugins/check_zfs_snapshot b/modules/private/monitoring/plugins/check_zfs_snapshot
deleted file mode 100755
index 56f8c4f..0000000
--- a/modules/private/monitoring/plugins/check_zfs_snapshot
+++ /dev/null
@@ -1,325 +0,0 @@
1#! /bin/sh
2
3OS=$(uname)
4
5# MIT License
6#
7# Copyright (c) 2016 Josef Friedrich <josef@friedrich.rocks>
8#
9# Permission is hereby granted, free of charge, to any person obtaining
10# a copy of this software and associated documentation files (the
11# "Software"), to deal in the Software without restriction, including
12# without limitation the rights to use, copy, modify, merge, publish,
13# distribute, sublicense, and/or sell copies of the Software, and to
14# permit persons to whom the Software is furnished to do so, subject to
15# the following conditions:
16#
17# The above copyright notice and this permission notice shall be
18# included in all copies or substantial portions of the Software.
19#
20# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
21# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
22# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
23# IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
24# CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
25# TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
26# SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
27
28########################################################################
29# Date functions
30########################################################################
31
32# This date function must be placed on the top of this file because
33# they are used in some global variables.
34
35# to_year ###
36
37##
38# Get the four digit year integer from now.
39#
40# Return:
41# The current 4 digit year.
42##
43_now_to_year() {
44 date +%Y
45}
46
47##
48# Convert a date in the format YYYY-MM-DD to a four digit year integer.
49#
50# Parameters:
51# a date in the format YYYY-MM-DD
52#
53# Return:
54# four digit year integer
55##
56_date_to_year() {
57 local OPTIONS
58 if [ "$OS" = 'Linux' ]; then
59 OPTIONS="--date $1"
60 # FreeBSD, Darwin
61 else
62 OPTIONS="-j -f %Y-%m-%d $1"
63 fi
64 date $OPTIONS +%Y
65}
66
67# to_datetime ###
68
69##
70# Convert a UNIX timestamp to a datetime string.
71#
72# Parameters:
73# UNIX timestamp
74#
75# Return:
76# %Y-%m-%d.%H:%M:%S
77##
78_timestamp_to_datetime() {
79 local OPTIONS
80 if [ "$OS" = 'Linux' ]; then
81 OPTIONS="--date @$1"
82 # FreeBSD, Darwin
83 else
84 OPTIONS="-j -f %s $1"
85 fi
86 date $OPTIONS +%Y-%m-%d.%H:%M:%S
87}
88
89# to_timestamp ###
90
91##
92# Get the current UNIX timestamp.
93#
94# Return:
95# %current UNIX timestamp
96##
97_now_to_timestamp() {
98 date +%s
99}
100
101PROJECT_PAGES='https://github.com/Josef-Friedrich/check_zfs_snapshot
102https://exchange.icinga.com/joseffriedrich/check_zfs_snapshot
103https://exchange.nagios.org/directory/Plugins/System-Metrics/File-System/check_zfs_snapshot/details'
104
105VERSION=1.2
106FIRST_RELEASE=2016-09-08
107SHORT_DESCRIPTION="Monitoring plugin to check how long ago the last \
108snapshot of a ZFS dataset was created."
109USAGE="check_zfs_snapshot v$VERSION
110Copyright (c) $(_date_to_year $FIRST_RELEASE)-$(_now_to_year) \
111Josef Friedrich <josef@friedrich.rocks>
112
113$SHORT_DESCRIPTION
114
115
116Usage: check_zfs_snapshot <options>
117
118Options:
119 -c, --critical=OPT_CRITICAL
120 Interval in seconds for critical state.
121 -d, --dataset=OPT_DATASET
122 The ZFS dataset to check.
123 -h, --help
124 Show this help.
125 -s, --short-description
126 Show a short description of the command.
127 -v, --version
128 Show the version number.
129 -w, --warning=OPT_WARNING
130 Interval in seconds for warning state. Must be lower than -c
131
132Performance data:
133 - last_ago
134 Time interval in seconds for last snapshot.
135 - warning
136 Interval in seconds.
137 - critical
138 Interval in seconds.
139 - snapshot_count
140 How many snapshot exists in the given dataset and all child
141 datasets exists.
142"
143
144# Exit codes
145STATE_OK=0
146STATE_WARNING=1
147STATE_CRITICAL=2
148STATE_UNKNOWN=3
149
150_get_last_snapshot() {
151 zfs get creation -Hpr -t snapshot "$1" | \
152 awk 'BEGIN {max = 0} {if ($3>max) max=$3} END {print max}'
153}
154
155_getopts() {
156 while getopts ':c:d:hsvw:-:' OPT ; do
157 case $OPT in
158
159 c)
160 OPT_CRITICAL=$OPTARG
161 ;;
162
163 d)
164 OPT_DATASET="$OPTARG"
165 ;;
166
167 h)
168 echo "$USAGE"
169 exit 0
170 ;;
171
172 s)
173 echo "$SHORT_DESCRIPTION"
174 exit 0
175 ;;
176
177 v)
178 echo "$VERSION"
179 exit 0
180 ;;
181
182 w)
183 OPT_WARNING=$OPTARG
184 ;;
185
186 \?)
187 echo "Invalid option “-$OPTARG”!" >&2
188 exit 2
189 ;;
190
191 :)
192 echo "Option “-$OPTARG” requires an argument!" >&2
193 exit 3
194 ;;
195
196 -)
197 LONG_OPTARG="${OPTARG#*=}"
198
199 case $OPTARG in
200
201 critical=?*)
202 OPT_CRITICAL=$LONG_OPTARG
203 ;;
204
205 dataset=?*)
206 OPT_DATASET="$LONG_OPTARG"
207 ;;
208
209 help)
210 echo "$USAGE"
211 exit 0
212 ;;
213
214 short-description)
215 echo "$SHORT_DESCRIPTION"
216 exit 0
217 ;;
218
219 version)
220 echo "$VERSION"
221 exit 0
222 ;;
223
224 warning=?*)
225 OPT_WARNING=$LONG_OPTARG
226 ;;
227
228 critical*|dataset*|warning*)
229 echo "Option “--$OPTARG” requires an argument!" >&2
230 exit 3
231 ;;
232
233 help*|short-description*|version*)
234 echo "No argument allowed for the option “--$OPTARG”!" >&2
235 exit 4
236 ;;
237
238 '') # "--" terminates argument processing
239 break
240 ;;
241
242 *)
243 echo "Invalid option “--$OPTARG”!" >&2
244 exit 2
245 ;;
246
247 esac
248 ;;
249
250 esac
251 done
252}
253
254_snapshot_count() {
255 # FreeBSD wc adds some whitespaces before the number!
256 # cat $HOME/debug | wc -l
257 # 7
258 local COUNT
259 COUNT="$(zfs list -t snapshot | grep "$1" | wc -l)"
260 echo $COUNT
261}
262
263_performance_data() {
264 echo "| \
265last_ago=${DIFF}s;$OPT_WARNING;$OPT_CRITICAL;0 \
266count=$(_snapshot_count "$OPT_DATASET");;;0\
267"
268}
269
270## This SEPARATOR is required for test purposes. Please don’t remove! ##
271
272_getopts $@
273
274if [ -z "$OPT_WARNING" ]; then
275 # 1 day
276 OPT_WARNING=86400
277fi
278
279if [ -z "$OPT_CRITICAL" ]; then
280 # 3 day
281 OPT_CRITICAL=259200
282fi
283
284if [ -z "$OPT_DATASET" ]; then
285 echo "Dataset has to be set! Use option -d <dataset>" >&2
286 echo "$USAGE" >&2
287 exit $STATE_UNKNOWN
288fi
289
290if ! zfs list "$OPT_DATASET" > /dev/null 2>&1; then
291 echo "'$OPT_DATASET' is no ZFS dataset!" >&2
292 echo "$USAGE" >&2
293 exit $STATE_UNKNOWN
294fi
295
296NOW=$(_now_to_timestamp)
297
298CREATION_DATE=$(_get_last_snapshot "$OPT_DATASET")
299
300DIFF=$((NOW - CREATION_DATE))
301
302if [ "$OPT_WARNING" -gt "$OPT_CRITICAL" ]; then
303 echo '-w OPT_WARNING must be smaller than -c OPT_CRITICAL'
304 _usage >&2
305 exit $STATE_UNKNOWN
306fi
307
308RETURN=STATE_UNKNOWN
309
310if [ "$DIFF" -gt "$OPT_CRITICAL" ]; then
311 RETURN=$STATE_CRITICAL
312 MESSAGE="CRITICAL:"
313elif [ "$DIFF" -gt "$OPT_WARNING" ]; then
314 RETURN=$STATE_WARNING
315 MESSAGE="WARNING:"
316else
317 RETURN=$STATE_OK
318 MESSAGE="OK:"
319fi
320
321DATE="$(_timestamp_to_datetime "$CREATION_DATE")"
322
323echo "$MESSAGE Last snapshot for dataset '$OPT_DATASET' was created on $DATE $(_performance_data)"
324
325exit $RETURN
diff --git a/modules/private/monitoring/plugins/notify_by_email b/modules/private/monitoring/plugins/notify_by_email
deleted file mode 100755
index 959db26..0000000
--- a/modules/private/monitoring/plugins/notify_by_email
+++ /dev/null
@@ -1,29 +0,0 @@
1#!/usr/bin/env bash
2
3# $1 = service/host
4
5# $2 = type (PROBLEM RECOVERY ACKNOWLEDGEMENT FLAPPINGSTART FLAPPINGSTOP FLAPPINGDISABLED DOWNTIMESTART DOWNTIMESTOP DOWNTIMECANCELLED)
6# http://www.naemon.org/documentation/usersguide/macrolist.html#notificationtype
7
8# $3 = host alias
9
10# $4 = date (YYYY-MM-DDTHH:MM:SS)
11
12# $5 = E-mail
13
14NOTIFICATION_TYPE="$2"
15HOST_ALIAS="$3"
16DATE="$4"
17CONTACT="$5"
18
19message=""
20
21if [ "$1" = "host" ]; then
22 message=$(printf "%b" "***** Naemon *****\n\nNotification Type: $NOTIFICATION_TYPE\n\nHost: $HOST_ALIAS\nState: $HOSTSTATE\nInfo: $HOSTOUTPUT\n\nDate/Time: $DATE\n")
23 subject="** $NOTIFICATION_TYPE Host Alert: $HOST_ALIAS is $HOSTSTATE **"
24else
25 message=$(printf "%b" "***** Naemon *****\n\nNotification Type: $NOTIFICATION_TYPE\n\nService: $SERVICEDESC\nHost: $HOST_ALIAS\nState: $SERVICESTATE\n\nDate/Time: $DATE\n\nAdditional Info:\n\n$SERVICEOUTPUT\n")
26 subject="** $NOTIFICATION_TYPE Service Alert: $HOST_ALIAS/$SERVICEDESC is $SERVICESTATE **"
27fi
28
29echo "$message" | MAILRC=/dev/null mail -r "$ADMINEMAIL" -n -s "$subject" "$CONTACT"
diff --git a/modules/private/monitoring/plugins/notify_by_slack b/modules/private/monitoring/plugins/notify_by_slack
deleted file mode 100755
index 1b16a0d..0000000
--- a/modules/private/monitoring/plugins/notify_by_slack
+++ /dev/null
@@ -1,46 +0,0 @@
1#!/usr/bin/env bash
2
3SLACK_CHANNEL="$1"
4SLACK_USERNAME="Naemon"
5SLACK_URL="$2"
6SLACK_USERICON="https://assets.immae.eu/monitoring.png"
7
8if [ "$SERVICESTATE" = "CRITICAL" ]; then
9 ICON=":exclamation:"
10 COLOR="#DA0505"
11elif [ "$SERVICESTATE" = "WARNING" ]; then
12 ICON=":warning:"
13 COLOR="#F1E903"
14elif [ "$SERVICESTATE" = "OK" ]; then
15 ICON=":white_check_mark:"
16 COLOR="#36a64f"
17elif [ "$SERVICESTATE" = "UNKNOWN" ]; then
18 ICON=":question:"
19 COLOR="#000000"
20else
21 ICON=":white_medium_square:"
22 COLOR="#ffffff"
23fi
24
25payload=$(echo "{}" | jq -r \
26 --arg "icon_url" "$SLACK_USERICON" \
27 --arg "channel" "$SLACK_CHANNEL" \
28 --arg "username" "$SLACK_USERNAME" \
29 --arg "text" "${ICON} ${SERVICEDESC} on ${HOST} is ${SERVICESTATE}" \
30 --arg "color" "$COLOR" \
31 --arg "host" "$HOST" \
32 --arg "desc" "$SERVICEDESC" \
33 --arg "state" "$SERVICESTATE" \
34 --arg "output" "$SERVICEOUTPUT" \
35 '.icon_url = $icon_url |
36 .channel = $channel |
37 .username = $username |
38 .text = $text |
39 .attachments = [{fallback:"", color:$color,fields: [{},{},{},{}]}] |
40 .attachments[0].fields[0] = {title:"Host",value:$host,short:true} |
41 .attachments[0].fields[1] = {title:"Service description",value:$desc,short:true} |
42 .attachments[0].fields[2] = {title:"Status",value:$state,short:true} |
43 .attachments[0].fields[3] = {title:"Message",value:$output,short:false}
44 ')
45
46curl -X POST --data "payload=$payload" $SLACK_URL
diff --git a/modules/private/monitoring/plugins/notify_eban_url b/modules/private/monitoring/plugins/notify_eban_url
deleted file mode 100755
index 107b5de..0000000
--- a/modules/private/monitoring/plugins/notify_eban_url
+++ /dev/null
@@ -1,6 +0,0 @@
1#!/usr/bin/env bash
2
3if [ "$SERVICESTATE" = "CRITICAL" -o "$SERVICESTATE" = "UNKNOWN" -o "$HOSTSTATE" = "DOWN" -o "$HOSTSTATE" = "UNREACHABLE" ]; then
4 MESSAGE="$STATUS_NAME seems down!"
5 curl -X GET -G --data-urlencode "user=$USER" --data-urlencode "pass=$PASSWORD" --data-urlencode "msg=$MESSAGE" https://smsapi.free-mobile.fr/sendmsg
6fi
diff --git a/modules/private/monitoring/plugins/send_nrdp.sh b/modules/private/monitoring/plugins/send_nrdp.sh
deleted file mode 100755
index c83c8cb..0000000
--- a/modules/private/monitoring/plugins/send_nrdp.sh
+++ /dev/null
@@ -1,57 +0,0 @@
1#!/bin/bash
2
3TEMPLATE='{
4 "cmd": "submitcheck",
5 "token": $token,
6 "checkresult": [{
7 "hostname": $hostname,
8 "state": $state,
9 "output": $output,
10 "type": $type,
11 "servicename": $servicename
12 }]
13}'
14
15while getopts "u:t:H:s:S:o:" option
16do
17 case $option in
18 u) url=$OPTARG ;;
19 t) token=$OPTARG ;;
20 H) hostname=$OPTARG ;;
21 s) servicename=$OPTARG ;;
22 S) state=$OPTARG ;;
23 o) output=$OPTARG ;;
24 esac
25done
26
27if [ -n "$servicename" ]; then
28 checktype="service"
29else
30 checktype="host"
31fi
32
33payload=$(jq -n \
34 --arg type "$checktype" \
35 --arg hostname "$hostname" \
36 --arg servicename "$servicename" \
37 --arg output "$output" \
38 --arg token "$token" \
39 --arg state "$state" \
40 "$TEMPLATE")
41
42rslt=$(curl -f --silent --insecure -d "$payload" -H "Content-Type: application/json" "$url")
43ret=$?
44
45if [ $ret != 0 ];then
46 echo "ERROR: could not connect to NRDP server at $url"
47 exit 1
48fi
49
50status=$(echo "$rslt" | jq -r .status)
51message=$(echo "$rslt" | jq -r .message)
52
53if [ "$status" != "ok" ];then
54 echo "ERROR: The NRDP Server said $message"
55 exit 2
56fi
57echo "Sent 1 checks to $url"
diff --git a/modules/private/monitoring/send_mails b/modules/private/monitoring/send_mails
deleted file mode 100755
index 105c505..0000000
--- a/modules/private/monitoring/send_mails
+++ /dev/null
@@ -1,15 +0,0 @@
1#!/usr/bin/env bash
2
3CHECK_DIR=$1
4shift
5RETURN_PATH=$1
6shift
7
8for mail in "$@"; do
9 echo "Test Mail" | MAILRC=/dev/null mail -n -r "$RETURN_PATH" -s "TestMailImmae " "$mail"
10done
11
12if [ -d "$CHECK_DIR" ]; then
13 cd $CHECK_DIR
14 stat -c '%n;%y' *
15fi
diff --git a/modules/private/monitoring/status.nix b/modules/private/monitoring/status.nix
deleted file mode 100644
index ab0290c..0000000
--- a/modules/private/monitoring/status.nix
+++ /dev/null
@@ -1,93 +0,0 @@
1{ config, pkgs, lib, name, ... }:
2{
3 options = {
4 myServices.status = {
5 enable = lib.mkOption {
6 type = lib.types.bool;
7 default = false;
8 description = ''
9 Whether to enable status app.
10 '';
11 };
12 };
13 };
14 config = lib.mkIf config.myServices.status.enable {
15 secrets.keys."naemon-status/environment" = {
16 user = "naemon";
17 group = "naemon";
18 permissions = "0400";
19 text = ''
20 TOKENS=${builtins.concatStringsSep " " config.myEnv.monitoring.nrdp_tokens}
21 '';
22 };
23 services.nginx = {
24 enable = true;
25 recommendedOptimisation = true;
26 recommendedGzipSettings = true;
27 recommendedProxySettings = true;
28 upstreams."netdata".servers = { "127.0.0.1:19999" = {}; };
29 upstreams."netdata".extraConfig = ''
30 keepalive 64;
31 '';
32 virtualHosts."status.eban.bzh" = {
33 acmeRoot = config.myServices.certificates.webroot;
34 useACMEHost = name;
35 forceSSL = true;
36 locations."/".proxyPass = "http://unix:/run/naemon-status/socket.sock:/";
37 };
38 virtualHosts."status.immae.eu" = {
39 acmeRoot = config.myServices.certificates.webroot;
40 useACMEHost = name;
41 forceSSL = true;
42 locations."/".proxyPass = "http://unix:/run/naemon-status/socket.sock:/";
43
44 locations."= /netdata".return = "301 /netdata/";
45 locations."~ /netdata/(?<ndpath>.*)".extraConfig = ''
46 proxy_redirect off;
47 proxy_set_header Host $host;
48
49 proxy_set_header X-Forwarded-Host $host;
50 proxy_set_header X-Forwarded-Server $host;
51 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
52 proxy_http_version 1.1;
53 proxy_pass_request_headers on;
54 proxy_set_header Connection "keep-alive";
55 proxy_store off;
56 proxy_pass http://netdata/$ndpath$is_args$args;
57
58 gzip on;
59 gzip_proxied any;
60 gzip_types *;
61 '';
62 };
63 };
64 security.acme.certs."${name}" = {
65 extraDomains."status.immae.eu" = null;
66 extraDomains."status.eban.bzh" = null;
67 user = config.services.nginx.user;
68 group = config.services.nginx.group;
69 };
70
71 myServices.certificates.enable = true;
72 networking.firewall.allowedTCPPorts = [ 80 443 ];
73 systemd.services.naemon-status = {
74 description = "Naemon status";
75 after = [ "network.target" ];
76 wantedBy = [ "multi-user.target" ];
77
78 serviceConfig = {
79 EnvironmentFile = config.secrets.fullPaths."naemon-status/environment";
80 Type = "simple";
81 WorkingDirectory = "${./status}";
82 ExecStart = let
83 python = pkgs.python3.withPackages (p: [ p.gunicorn p.flask p.flask_login ]);
84 in
85 "${python}/bin/gunicorn -w4 --bind unix:/run/naemon-status/socket.sock app:app";
86 User = "naemon";
87 RuntimeDirectory = "naemon-status";
88 StandardOutput = "journal";
89 StandardError = "inherit";
90 };
91 };
92 };
93}
diff --git a/modules/private/monitoring/status/app.py b/modules/private/monitoring/status/app.py
deleted file mode 100755
index ff92891..0000000
--- a/modules/private/monitoring/status/app.py
+++ /dev/null
@@ -1,414 +0,0 @@
1from flask import Flask, request, render_template_string, jsonify, make_response
2from flask_login import LoginManager, UserMixin, login_required
3import socket
4import json
5import time
6import os
7
8login_manager = LoginManager()
9app = Flask(__name__)
10login_manager.init_app(app)
11
12STATUS = [
13 "ok",
14 "warning",
15 "error",
16 "unknown"
17 ]
18
19HOST_STATUS = [
20 "up",
21 "down",
22 "unreachable",
23 ]
24
25#### Push
26AUTHORIZED_KEYS = os.environ.get("TOKENS", "").split()
27COMMAND_FILE = "/var/run/naemon/naemon.cmd"
28
29ERROR_NO_REQUEST_HANDLER="NO REQUEST HANDLER"
30ERROR_NO_TOKEN_SUPPLIED="NO TOKEN"
31ERROR_BAD_TOKEN_SUPPLIED="BAD TOKEN"
32
33ERROR_BAD_COMMAND_FILE="BAD COMMAND FILE"
34ERROR_COMMAND_FILE_OPEN_WRITE="COMMAND FILE UNWRITEABLE"
35ERROR_COMMAND_FILE_OPEN="CANNOT OPEN COMMAND FILE"
36ERROR_BAD_WRITE="WRITE ERROR"
37
38ERROR_BAD_DATA="BAD DATA"
39ERROR_BAD_JSON="BAD JSON"
40
41ERROR_NO_CORRECT_STATUS="NO STATUS WAS CORRECT"
42#### /Push
43
44def get_lq(request):
45 # https://mathias-kettner.de/checkmk_livestatus.html
46 socket_path="/var/run/naemon/live"
47 s = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM)
48 s.connect(socket_path)
49 s.send(request.encode())
50 s.shutdown(socket.SHUT_WR)
51 chunks = []
52 while len(chunks) == 0 or len(chunks[-1]) > 0:
53 chunks.append(s.recv(4096))
54 s.close()
55 return b"".join(chunks).decode()
56
57class Host:
58 def __init__(self, name, alias, status, webname, vhost):
59 self.name = name
60 self.alias = alias
61 self.webname = webname or alias
62 self.vhost = vhost
63 self.status = status
64 self.services = []
65
66 @classmethod
67 def parse_hosts(cls, payload, vhost):
68 parsed = filter(lambda x: x.vhost == vhost, [cls.parse(p) for p in json.loads(payload)])
69 return {p.name: p for p in parsed}
70
71 @classmethod
72 def parse(cls, payload):
73 return cls(payload[0], payload[1], HOST_STATUS[payload[2]], payload[3].get("WEBSTATUS_NAME"), payload[3].get("WEBSTATUS_VHOST"))
74
75 def __repr__(self):
76 return "Host {}: {} ({})".format(self.name, self.alias, self.webname)
77
78 @classmethod
79 def query(cls, vhost):
80 answer = get_lq("""GET hosts
81Filter: groups >= webstatus-hosts
82Columns: name alias state custom_variables
83OutputFormat: json
84""")
85 return cls.parse_hosts(answer, vhost)
86
87 def fill_services(self, services):
88 self.services = [service for service in services if service.host == self.name]
89
90class ServiceGroup:
91 def __init__(self, name, alias):
92 self.name = name
93 self.alias = alias
94 self.services = []
95
96 @classmethod
97 def parse_groups(cls, payload):
98 parsed = [cls.parse(p) for p in json.loads(payload)]
99 return {p.name: p for p in parsed}
100
101 @classmethod
102 def parse(cls, payload):
103 return cls(payload[0], payload[1])
104
105 @classmethod
106 def query(cls):
107 answer = get_lq("""GET servicegroups
108Filter: name ~ ^webstatus-
109Columns: name alias custom_variables
110OutputFormat: json
111""")
112 return cls.parse_groups(answer)
113
114 def fill_services(self, services, hosts):
115 self.services = [service for service in services if any([group == self.name for group in service.groups]) and service.host in hosts]
116
117 def __repr__(self):
118 return "ServiceGroup {}: {}".format(self.name, self.alias)
119
120class Service:
121 def __init__(self, name, host, groups, status, webname, url, description, infos):
122 self.name = name
123 self.host = host
124 self.groups = groups
125 self.status = status
126 self.webname = webname
127 self.url = url
128 self.description = description
129 self.infos = infos
130
131 @classmethod
132 def parse_services(cls, payload):
133 parsed = json.loads(payload)
134 return [cls.parse(p) for p in parsed if cls.valid(p[2])]
135
136 @staticmethod
137 def valid(groups):
138 return any([b.startswith("webstatus-") for b in groups])
139
140 @classmethod
141 def parse(cls, payload):
142 return cls(payload[0],
143 payload[1],
144 payload[2],
145 STATUS[payload[3]],
146 payload[4].get("WEBSTATUS_NAME"),
147 payload[4].get("WEBSTATUS_URL"),
148 payload[5],
149 payload[6])
150
151 @classmethod
152 def query(cls):
153 answer = get_lq("""GET services
154Columns: display_name host_name groups state custom_variables description plugin_output
155OutputFormat: json
156""")
157 return cls.parse_services(answer)
158
159 def __repr__(self):
160 return "Service {}: {}".format(self.name, self.webname)
161
162def get_infos(vhost):
163 hosts = Host.query(vhost)
164 servicegroups = ServiceGroup.query()
165 services = Service.query()
166
167 for host in hosts:
168 hosts[host].fill_services(services)
169 for group in servicegroups:
170 servicegroups[group].fill_services(services, hosts)
171 return (hosts, servicegroups, services)
172
173TEMPLATE='''<?xml version="1.0" encoding="UTF-8"?>
174<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
175<html lang="en" xmlns="http://www.w3.org/1999/xhtml">
176 <head>
177 <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
178 <meta name="viewport" content="width=device-width, initial-scale=1.0" />
179 <title>Status</title>
180 <meta name="referrer" content="no-referrer" />
181 <style type="text/css">
182 ul {
183 list-style: none;
184 margin: 0px;
185 }
186 ul li:nth-child(2n) {
187 background-color: rgb(240, 240, 240);
188 }
189 li.resource, li.service {
190 margin: 1px 0px;
191 }
192 span.status {
193 display: inline-block;
194 width: 150px;
195 text-align: center;
196 margin-right: 5px;
197 font-variant: small-caps;
198 font-size: 1.2em;
199 }
200 .status_ok,.status_up {
201 background-color: rgba(0, 255, 0, 0.5);;
202 }
203 .status_warning {
204 background-color: rgba(255, 255, 0, 0.5);;
205 }
206 .status_error,.status_down {
207 background-color: rgba(255, 0, 0, 0.5);;
208 }
209 .status_unknown,.status_unreachable {
210 background-color: rgba(0, 0, 255, 0.5);;
211 }
212 .infos {
213 margin-left: 40px;
214 color: rgb(100, 100, 100);
215 }
216 div#services {
217 column-count: auto;
218 column-width: 36em;
219 }
220 div.servicegroup {
221 -webkit-column-break-inside: avoid;
222 break-inside: avoid;
223 }
224 h3.servicegroup_title, h3.host_title {
225 margin: 1px 0px;
226 }
227 span.service_host, span.infos {
228 float: right;
229 display: inline-block;
230 color: rgb(100, 100, 100);
231 }
232 </style>
233 </head>
234 <body>
235 <h2>Hosts</h2>
236 {%- for host in hosts.values() %}
237 <h3 class="host_title">
238 <span class="status status_{{ host.status }}">{{ host.status }}</span>
239 <span class="host">{{ host.webname }}</span>
240 </h3>
241 {%- for service in servicegroups["webstatus-resources"].services if service.host == host.name -%}
242 {%- if loop.first %}
243 <ul class="resources">
244 {% endif %}
245
246 <li class="resource">
247 <span class="status status_{{ service.status }}">{{ service.status }}</span>
248 <span class="description">{{ service.description }}</span>
249 <span class="infos">{{ service.infos }}</span>
250 </li>
251
252 {%- if loop.last %}
253 </ul>
254 {% endif %}
255 {% endfor %}
256 {%- endfor %}
257
258 {%- for group in servicegroups.values() if group.services and group.name != "webstatus-resources" %}
259 {%- if loop.first %}
260 <h2>Services</h2>
261 <div id="services">
262 {%- endif %}
263 <div class="servicegroup">
264 <h3 class="servicegroup_title">{{ group.alias }}</h3>
265 {%- for service in group.services if service.host in hosts -%}
266 {%- if loop.first %}
267 <ul class="services">
268 {% endif %}
269
270 <li class="service" title="{{ service.infos }}">
271 <span class="status status_{{ service.status }}">{{ service.status }}</span>
272 <span class="description">
273 {% if service.url and service.url.startswith("https://") %}
274 <a href="{{ service.url }}">{{ service.webname or service.description }}</a>
275 {% else %}
276 {{ service.webname or service.description }}
277 {% endif %}
278 </span>
279 <span class="service_host">{{ hosts[service.host].webname }}</span>
280 </li>
281
282 {%- if loop.last %}
283 </ul>
284 {% endif %}
285 {%- endfor -%}
286 </div>
287 {%- if loop.last %}
288 </div>
289 {% endif %}
290 {%- endfor %}
291 </body>
292</html>
293'''
294
295@login_manager.request_loader
296def load_user_from_request(request):
297 api_key = request.headers.get('Token')
298 if api_key in AUTHORIZED_KEYS:
299 return UserMixin()
300 content = request.get_json(force=True, silent=True)
301 if content is not None and content.get("token") in AUTHORIZED_KEYS:
302 return UserMixin()
303
304@app.route("/live", methods=["POST"])
305@login_required
306def live():
307 query = request.get_data()
308 result = get_lq(query.decode() + "\n")
309 resp = make_response(result)
310 resp.content_type = "text/plain"
311 return resp
312
313@app.route("/", methods=["GET"])
314def get():
315 (hosts, servicegroups, services) = get_infos(request.host)
316 resp = make_response(render_template_string(TEMPLATE, hosts=hosts, servicegroups=servicegroups))
317 resp.content_type = "text/html"
318 return resp
319
320@app.route("/", methods=["POST"])
321@login_required
322def push():
323 content = request.get_json(force=True, silent=True)
324 if content is None:
325 return ERROR_BAD_JSON
326 if content.get("cmd") != "submitcheck":
327 return render_error(ERROR_NO_REQUEST_HANDLER)
328 if "checkresult" not in content or not isinstance(content["checkresult"], list):
329 return render_error(ERROR_BAD_DATA)
330
331 checks = 0
332 errors = 0
333 for check in map(lambda x: CheckResult.from_json(x), content["checkresult"]):
334 if check is None:
335 errors += 1
336 continue
337 try:
338 write_check_output(check)
339 except Exception as e:
340 return render_error(str(e))
341 checks += 1
342 return render_response(checks, errors)
343
344def write_check_output(check):
345 if check.type== "service":
346 command = "[{time}] PROCESS_SERVICE_CHECK_RESULT;{hostname};{servicename};{state};{output}";
347 else:
348 command = "[{time}] PROCESS_HOST_CHECK_RESULT;{hostname};{state};{output}";
349 formatted = command.format(
350 time=int(time.time()),
351 hostname=check.hostname,
352 state=check.state,
353 output=check.output,
354 servicename=check.servicename,
355 )
356
357 if not os.path.exists(COMMAND_FILE):
358 raise Exception(ERROR_BAD_COMMAND_FILE)
359 if not os.access(COMMAND_FILE, os.W_OK):
360 raise Exception(ERROR_COMMAND_FILE_OPEN_WRITE)
361 if not os.access(COMMAND_FILE, os.W_OK):
362 raise Exception(ERROR_COMMAND_FILE_OPEN_WRITE)
363 try:
364 with open(COMMAND_FILE, "w") as c:
365 c.write(formatted + "\n")
366 except Exception as e:
367 raise Exception(ERROR_BAD_WRITE)
368
369def render_error(error):
370 return jsonify({
371 "status": "error",
372 "message": error,
373 })
374
375def render_response(checks, errors):
376 if checks > 0:
377 return jsonify({
378 "status": "ok",
379 "result": {
380 "checks": checks,
381 "errors": errors,
382 }
383 })
384 else:
385 return jsonify({
386 "status": "error",
387 "message": ERROR_NO_CORRECT_STATUS,
388 })
389
390class CheckResult:
391 def __init__(self, hostname, state, output, servicename, checktype):
392 self.hostname = hostname
393 self.state = state
394 self.output = output
395 self.servicename = servicename
396 self.type = checktype
397
398 @classmethod
399 def from_json(klass, j):
400 if not isinstance(j, dict):
401 return None
402 for key in ["hostname", "state", "output"]:
403 if key not in j or not isinstance(j[key], str):
404 return None
405 for key in ["servicename", "type"]:
406 if key in j and not isinstance(j[key], str):
407 return None
408 return klass(
409 j["hostname"],
410 j["state"],
411 j["output"],
412 j.get("servicename", ""),
413 j.get("type", "host"))
414
diff --git a/modules/private/monitoring/status_engine.nix b/modules/private/monitoring/status_engine.nix
deleted file mode 100644
index 39a753a..0000000
--- a/modules/private/monitoring/status_engine.nix
+++ /dev/null
@@ -1,115 +0,0 @@
1{ config, pkgs, lib, name, ... }:
2let
3 package = pkgs.status_engine.worker.override { config_file = config.secrets.fullPaths."status_engine"; };
4 env = config.myEnv.tools.status_engine;
5in
6{
7 config = lib.mkIf config.myServices.status.enable {
8 systemd.services.gearmand = {
9 description = "Gearman daemon";
10 after = [ "network.target" ];
11 wantedBy = [ "multi-user.target" ];
12 serviceConfig = {
13 DynamicUser = true;
14 User = "gearmand";
15 Type = "simple";
16 ExecStart = "${pkgs.gearmand}/bin/gearmand --syslog -L 127.0.0.1 -q libsqlite3 --libsqlite3-db /var/lib/gearmand/gearmand.db --store-queue-on-shutdown -l stderr -P /run/gearmand/gearmand.pid";
17 RuntimeDirectory = "gearmand";
18 StateDirectory = "gearmand";
19 };
20 };
21
22 secrets.keys."status_engine" = {
23 permissions = "0400";
24 user = "naemon";
25 group = "naemon";
26 text = ''
27 node_name: ${name}
28 use_gearman: 1
29 gearman:
30 address: 127.0.0.1
31 port: 4730
32 timeout: 1000
33 use_rabbitmq: 0
34 use_redis: 1
35 redis:
36 address: 127.0.0.1
37 port: 6379
38 db: 0
39 store_live_data_in_archive_backend: 1
40 use_mysql: 1
41 mysql:
42 host: ${env.mysql.remoteHost}
43 port: ${env.mysql.port}
44 username: ${env.mysql.user}
45 password: ${env.mysql.password}
46 database: ${env.mysql.database}
47 use_crate: 0
48 number_of_bulk_records: 100
49 max_bulk_delay: 5
50 number_servicestatus_worker: 1
51 number_hoststatus_worker: 1
52 number_logentry_worker: 1
53 number_statechange_worker: 1
54 number_hostcheck_worker: 1
55 number_servicecheck_worker: 1
56 number_misc_worker: 1
57
58 process_perfdata: 1
59 number_perfdata_worker: 1
60 perfdata_backend:
61 - mysql
62
63 check_for_commands: 1
64 command_check_interval: 15
65 external_command_file: /run/naemon/naemon.cmd
66 query_handler: /run/naemon/naemon.qh
67 submit_method: qh
68
69 syslog_enabled: 1
70 syslog_tag: statusengine-worker
71
72 # Archive age
73 age_hostchecks: 5
74 age_host_acknowledgements: 60
75 age_host_notifications: 60
76 age_host_statehistory: 365
77 age_host_downtimes: 60
78 age_servicechecks: 5
79 age_service_acknowledgements: 60
80 age_service_notifications: 60
81 age_service_statehistory: 365
82 age_service_downtimes: 60
83 age_logentries: 5
84 age_tasks: 1
85 age_perfdata: 90
86
87 disable_http_proxy: 1
88 '';
89 };
90
91 services.redis = rec {
92 enable = true;
93 bind = "127.0.0.1";
94 };
95
96 services.cron = {
97 mailto = "cron@immae.eu";
98 systemCronJobs = [
99 "0 0 * * * naemon cd ${package} && ./bin/Console.php cleanup"
100 ];
101 };
102
103 systemd.services.status_engine_worker = {
104 description = "Status engine worker";
105 after = [ "network.target" ];
106 wantedBy = [ "multi-user.target" ];
107 serviceConfig = {
108 Type = "simple";
109 Restart = "on-failure";
110 User = "naemon";
111 ExecStart = "${package}/bin/StatusengineWorker.php";
112 };
113 };
114 };
115}
diff --git a/modules/private/monitoring/to_objects.nix b/modules/private/monitoring/to_objects.nix
deleted file mode 100644
index 12721d2..0000000
--- a/modules/private/monitoring/to_objects.nix
+++ /dev/null
@@ -1,77 +0,0 @@
1{ lib }:
2 with lib.attrsets;
3 with lib.strings;
4 with lib.lists;
5 with lib.trivial;
6let
7 pad = width: str: let
8 padWidth = width - stringLength str;
9 padding = concatStrings (genList (const " ") padWidth);
10 in str + optionalString (padWidth > 0) padding;
11 toStr = k: v:
12 if k == "check_command" && builtins.isList v
13 then builtins.concatStringsSep "!" v
14 else v;
15
16 toService = service: ''
17 define service {
18 ${builtins.concatStringsSep "\n" (mapAttrsToList (k: v:
19 " ${pad 30 k} ${toStr k v}"
20 ) (filterAttrs (k: v: ! builtins.elem k ["passiveInfo" "filter"]) service))}
21 }
22 '';
23 toServices = services: builtins.concatStringsSep "\n" (map toService services);
24
25 toCommand = k: v: ''
26 define command {
27 ${pad 30 "command_name"} ${k}
28 ${pad 30 "command_line"} ${v}
29 }
30 '';
31 toCommands = a: builtins.concatStringsSep "\n" (mapAttrsToList toCommand a);
32
33 toOther = keyname: k: v: ''
34 define ${keyname} {
35 ${pad 30 "${keyname}_name"} ${k}
36 ${builtins.concatStringsSep "\n" (mapAttrsToList (kk: vv:
37 " ${pad 30 kk} ${vv}"
38 ) v)}
39 }
40 '';
41 toOtherNoName = keyname: v: ''
42 define ${keyname} {
43 ${builtins.concatStringsSep "\n" (mapAttrsToList (kk: vv:
44 " ${pad 30 kk} ${vv}"
45 ) v)}
46 }
47 '';
48 toOthers = keyname: a: builtins.concatStringsSep "\n" (mapAttrsToList (toOther keyname) a);
49 toOthersArray = keyname: a: builtins.concatStringsSep "\n" (map (toOtherNoName keyname) a);
50
51 toTemplate = keyname: k: v: ''
52 define ${keyname} {
53 ${pad 30 "name"} ${k}
54 ${pad 30 "register"} 0
55 ${builtins.concatStringsSep "\n" (mapAttrsToList (kk: vv:
56 " ${pad 30 kk} ${vv}"
57 ) v)}
58 }
59 '';
60 toTemplates' = keyname: a: builtins.concatStringsSep "\n" (mapAttrsToList (toTemplate keyname) a);
61 toTemplates = v: builtins.concatStringsSep "\n" (mapAttrsToList toTemplates' v);
62
63 toObjects' = keyname: v:
64 if keyname == "service"
65 then toServices v
66 else if keyname == "command"
67 then toCommands v
68 else if keyname == "templates"
69 then toTemplates v
70 else if builtins.elem keyname ["hostgroup" "host" "contactgroup" "contact" "timeperiod" "servicegroup"]
71 then toOthers keyname v
72 else if builtins.elem keyname ["servicedependency"]
73 then toOthersArray keyname v
74 else "";
75 toObjects = v: builtins.concatStringsSep "\n" (mapAttrsToList toObjects' v);
76in
77 toObjects
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-26 10:42:31 +0000