diff options
Diffstat (limited to 'modules/private/monitoring')
40 files changed, 0 insertions, 4318 deletions
diff --git a/modules/private/monitoring/default.nix b/modules/private/monitoring/default.nix deleted file mode 100644 index 0783c2f..0000000 --- a/modules/private/monitoring/default.nix +++ /dev/null | |||
@@ -1,249 +0,0 @@ | |||
1 | { config, pkgs, lib, name, nodes, ... }: | ||
2 | let | ||
3 | cfg = config.myServices.monitoring; | ||
4 | activatedPlugins = [ "memory" "command" "bandwidth" ] | ||
5 | ++ (if cfg.master then (masterObjects.activatedPlugins or []) else []) | ||
6 | ++ (if cfg.master then (lib.flatten (map (v: v.activatedPlugins or []) otherObjects)) else []) | ||
7 | ++ (hostObjects.activatedPlugins or []) | ||
8 | ++ (if cfg.master then ["notify-primary"] else ["notify-secondary"]); | ||
9 | allPluginsConfig = import ./myplugins.nix { | ||
10 | inherit pkgs lib config; | ||
11 | sudo = "/run/wrappers/bin/sudo"; | ||
12 | }; | ||
13 | mypluginsConfig = lib.getAttrs activatedPlugins allPluginsConfig; | ||
14 | myplugins = let | ||
15 | mypluginsChunk = builtins.concatStringsSep "\n" (lib.attrsets.mapAttrsToList (k: v: v.chunk or "") mypluginsConfig); | ||
16 | in pkgs.runCommand "buildplugins" { | ||
17 | buildInputs = [ pkgs.makeWrapper pkgs.perl ]; | ||
18 | } '' | ||
19 | mkdir $out | ||
20 | ${mypluginsChunk} | ||
21 | ''; | ||
22 | toObjects = pkgs.callPackage ./to_objects.nix {}; | ||
23 | commonConfig = { | ||
24 | dilion = { | ||
25 | processWarn = "250"; processAlert = "400"; | ||
26 | loadWarn = "1.0"; loadAlert = "1.2"; | ||
27 | interface = "eth0"; | ||
28 | }; | ||
29 | eldiron = { | ||
30 | processWarn = "550"; processAlert = "650"; | ||
31 | loadWarn = "1.0"; loadAlert = "1.2"; | ||
32 | interface = "eth0"; | ||
33 | }; | ||
34 | backup-2 = { | ||
35 | processWarn = "60"; processAlert = "70"; | ||
36 | loadWarn = "1.0"; loadAlert = "2.0"; | ||
37 | interface = "ens3"; | ||
38 | }; | ||
39 | monitoring-1 = { | ||
40 | processWarn = "50"; processAlert = "60"; | ||
41 | loadWarn = "4.0"; loadAlert = "6.0"; | ||
42 | load15Warn = "1.0"; load15Alert = "2.0"; | ||
43 | interface = "ens3"; | ||
44 | }; | ||
45 | quatresaisons = { | ||
46 | processWarn = "250"; processAlert = "400"; | ||
47 | loadWarn = "1.0"; loadAlert = "1.2"; | ||
48 | interface = "eth0"; | ||
49 | }; | ||
50 | }; | ||
51 | externalObjects = lib.genAttrs [ "tiboqorl-fr" ] | ||
52 | (n: pkgs.callPackage (./. + "/objects_" + n + ".nix") { inherit emailCheck; }); | ||
53 | masterPassiveObjects = let | ||
54 | passiveNodes = lib.attrsets.filterAttrs (n: _: builtins.elem n ["backup-2" "eldiron" "quatresaisons" "dilion"]) nodes; | ||
55 | toPassiveServices = map (s: s.passiveInfo.filter s // s.passiveInfo); | ||
56 | passiveServices = lib.flatten (lib.attrsets.mapAttrsToList | ||
57 | (_: n: toPassiveServices n.config.myServices.monitoring.services) | ||
58 | passiveNodes | ||
59 | ) ++ lib.flatten (lib.attrsets.mapAttrsToList | ||
60 | (_: n: toPassiveServices n.service) | ||
61 | externalObjects); | ||
62 | in { | ||
63 | service = passiveServices; | ||
64 | host = lib.lists.foldr | ||
65 | (a: b: a//b) | ||
66 | {} | ||
67 | (lib.attrsets.mapAttrsToList (_: h: h.config.myServices.monitoring.hosts) passiveNodes | ||
68 | ++ lib.attrsets.mapAttrsToList (_: n: n.host) externalObjects); | ||
69 | }; | ||
70 | emailCheck = host: hostFQDN: let | ||
71 | allCfg = config.myEnv.monitoring.email_check; | ||
72 | cfg = allCfg."${host}"; | ||
73 | reverseTargets = builtins.attrNames (lib.attrsets.filterAttrs (k: v: builtins.elem host v.targets) allCfg); | ||
74 | to_email = cfg': host': | ||
75 | let sep = if lib.strings.hasInfix "+" cfg'.mail_address then "_" else "+"; | ||
76 | in "${cfg'.mail_address}${sep}${host'}@${cfg'.mail_domain}"; | ||
77 | mails_to_send = builtins.concatStringsSep "," (map (n: to_email allCfg."${n}" host) cfg.targets); | ||
78 | mails_to_receive = builtins.concatStringsSep "," (map (n: "${to_email cfg n}:${n}") reverseTargets); | ||
79 | command = if cfg.local | ||
80 | then | ||
81 | [ "check_emails_local" "/var/lib/naemon/checks/email" mails_to_send mails_to_receive ] | ||
82 | else | ||
83 | [ "check_emails" cfg.login cfg.port mails_to_send mails_to_receive ]; | ||
84 | in | ||
85 | { | ||
86 | service_description = "${hostFQDN} email service is active"; | ||
87 | use = "mail-service"; | ||
88 | host_name = hostFQDN; | ||
89 | servicegroups = "webstatus-email"; | ||
90 | check_command = command; | ||
91 | }; | ||
92 | otherObjects = map | ||
93 | (n: (pkgs.callPackage (./. + "/objects_" + n + ".nix") { inherit emailCheck; })) | ||
94 | [ "ulminfo-fr" "phare" "eban" ]; | ||
95 | masterObjects = pkgs.callPackage ./objects_master.nix { inherit config; }; | ||
96 | commonObjects = pkgs.callPackage ./objects_common.nix ({ | ||
97 | master = cfg.master; | ||
98 | hostFQDN = config.hostEnv.fqdn; | ||
99 | hostName = name; | ||
100 | inherit mypluginsConfig; | ||
101 | } // builtins.getAttr name commonConfig); | ||
102 | hostObjects = | ||
103 | let | ||
104 | specific_file = ./. + "/objects_" + name + ".nix"; | ||
105 | in | ||
106 | lib.attrsets.optionalAttrs | ||
107 | (builtins.pathExists specific_file) | ||
108 | (pkgs.callPackage specific_file { | ||
109 | inherit config nodes emailCheck; | ||
110 | hostFQDN = config.hostEnv.fqdn; | ||
111 | hostName = name; | ||
112 | }); | ||
113 | objectsFiles = lib.mapAttrs' (name: value: lib.nameValuePair | ||
114 | "=/${name}/objects.conf" { alias = pkgs.writeText "objects.conf" (toObjects value); } | ||
115 | ) externalObjects; | ||
116 | in | ||
117 | { | ||
118 | options = { | ||
119 | myServices.monitoring = { | ||
120 | enable = lib.mkOption { | ||
121 | type = lib.types.bool; | ||
122 | default = false; | ||
123 | description = '' | ||
124 | Whether to enable monitoring. | ||
125 | ''; | ||
126 | }; | ||
127 | master = lib.mkOption { | ||
128 | type = lib.types.bool; | ||
129 | default = false; | ||
130 | description = '' | ||
131 | This instance is the master instance | ||
132 | ''; | ||
133 | }; | ||
134 | hosts = lib.mkOption { | ||
135 | readOnly = true; | ||
136 | description = "Hosts list for this host"; | ||
137 | default = (commonObjects.host or {}) // (hostObjects.host or {}); | ||
138 | }; | ||
139 | services = lib.mkOption { | ||
140 | readOnly = true; | ||
141 | description = "Services list for this host"; | ||
142 | default = commonObjects.service ++ hostObjects.service; | ||
143 | }; | ||
144 | }; | ||
145 | }; | ||
146 | |||
147 | config = lib.mkIf cfg.enable { | ||
148 | services.nginx = lib.mkIf config.myServices.status.enable { | ||
149 | virtualHosts."status.immae.eu".locations = objectsFiles // { | ||
150 | "=/common/immae.cfg" = { | ||
151 | alias = pkgs.writeText "immae.cfg" '' | ||
152 | # put me for instance in /etc/naemon/module-conf.d/immae.cfg | ||
153 | # Make sure that you have include_dir=module-conf.d in | ||
154 | # naemon.cfg | ||
155 | log_initial_states=1 | ||
156 | date_format=iso8601 | ||
157 | admin_email=${config.myEnv.monitoring.email} | ||
158 | obsess_over_services=1 | ||
159 | ocsp_command=notify-master | ||
160 | ''; | ||
161 | }; | ||
162 | "=/common/resource.cfg" = { | ||
163 | alias = pkgs.writeText "resource.cfg" '' | ||
164 | # Resource.cfg file | ||
165 | # Replace this with path to monitoring plugins | ||
166 | $USER1$=@@COMMON_PLUGINS@@ | ||
167 | # Replace this with a path to scripts from | ||
168 | # https://git.immae.eu/cgit/perso/Immae/Config/Nix.git/tree/modules/private/monitoring/plugins | ||
169 | $USER2$=@@IMMAE_PLUGINS@@ | ||
170 | $USER200$=https://status.immae.eu/ | ||
171 | $USER201$=@@TOKEN@@ | ||
172 | ''; | ||
173 | }; | ||
174 | }; | ||
175 | }; | ||
176 | |||
177 | security.sudo.extraRules = let | ||
178 | pluginsSudo = lib.lists.remove null (lib.attrsets.mapAttrsToList (k: v: | ||
179 | if (v ? sudo) | ||
180 | then ({ users = [ "naemon" ]; } // (v.sudo myplugins)) | ||
181 | else null) mypluginsConfig); | ||
182 | in [ | ||
183 | { | ||
184 | commands = [ | ||
185 | { command = "${pkgs.mdadm}/bin/mdadm --monitor --scan -1"; options = [ "NOPASSWD" ]; } | ||
186 | { command = "${pkgs.postfix}/bin/mailq"; options = [ "NOPASSWD" ]; } | ||
187 | ]; | ||
188 | users = [ "naemon" ]; | ||
189 | runAs = "root"; | ||
190 | } | ||
191 | ] ++ pluginsSudo; | ||
192 | environment.etc."mdadm.conf" = { | ||
193 | enable = true; | ||
194 | mode = "0644"; | ||
195 | user = "root"; | ||
196 | text = "MAILADDR ${config.myEnv.monitoring.email}"; | ||
197 | }; | ||
198 | |||
199 | secrets.keys = { | ||
200 | "naemon/id_rsa" = { | ||
201 | user = "naemon"; | ||
202 | group = "naemon"; | ||
203 | permissions = "0400"; | ||
204 | text = config.myEnv.monitoring.ssh_secret_key; | ||
205 | }; | ||
206 | } // lib.optionalAttrs cfg.master ( | ||
207 | lib.mapAttrs' (k: v: lib.nameValuePair "${k}_access_key" { | ||
208 | user = "naemon"; | ||
209 | group = "naemon"; | ||
210 | permissions = "0400"; | ||
211 | text = '' | ||
212 | export AWS_ACCESS_KEY_ID="${v.accessKeyId}" | ||
213 | export AWS_SECRET_ACCESS_KEY="${v.secretAccessKey}" | ||
214 | export BASE_URL="${v.remote "immae-eldiron"}" | ||
215 | ''; | ||
216 | }) config.myEnv.backup.remotes | ||
217 | ); | ||
218 | # needed since extraResource is not in the closure | ||
219 | systemd.services.naemon.path = [ myplugins ]; | ||
220 | services.naemon = { | ||
221 | enable = true; | ||
222 | extraConfig = '' | ||
223 | use_syslog=1 | ||
224 | log_initial_states=1 | ||
225 | date_format=iso8601 | ||
226 | admin_email=${config.myEnv.monitoring.email} | ||
227 | '' + lib.optionalString (!cfg.master) '' | ||
228 | obsess_over_services=1 | ||
229 | ocsp_command=notify-master | ||
230 | '' + lib.optionalString (cfg.master) '' | ||
231 | broker_module=${pkgs.naemon-livestatus}/lib/naemon-livestatus/livestatus.so ${config.services.naemon.runDir}/live | ||
232 | broker_module=${pkgs.status_engine.module}/lib/status-engine/naemon/statusengine-${pkgs.naemon.status_engine_version}.o use_service_perfdata=1 use_process_data=0 use_system_command_data=0 use_external_command_data=0 use_flapping_data=0 use_program_status_data=0 use_notification_data=0 use_contact_status_data=0 use_contact_notification_data=0 use_event_handler_data=0 use_object_data=0 | ||
233 | ''; | ||
234 | extraResource = let | ||
235 | resources = [hostObjects.resources or {}] ++ (lib.mapAttrsToList (k: v: v.resources or {}) mypluginsConfig); | ||
236 | joined = lib.zipAttrsWith (n: v: if builtins.length (lib.unique v) == 1 then builtins.head v else abort "Non-unique resources names") resources; | ||
237 | joinedStr = builtins.concatStringsSep "\n" (lib.mapAttrsToList (k: v: "$" + "${k}$=${v}") joined); | ||
238 | in '' | ||
239 | $USER2$=${myplugins} | ||
240 | ${joinedStr} | ||
241 | ''; | ||
242 | objectDefs = toObjects commonObjects | ||
243 | + toObjects hostObjects | ||
244 | + lib.optionalString cfg.master (toObjects masterObjects) | ||
245 | + lib.optionalString cfg.master (toObjects masterPassiveObjects) | ||
246 | + lib.optionalString cfg.master (builtins.concatStringsSep "\n" (map toObjects otherObjects)); | ||
247 | }; | ||
248 | }; | ||
249 | } | ||
diff --git a/modules/private/monitoring/myplugins.nix b/modules/private/monitoring/myplugins.nix deleted file mode 100644 index e59ddc4..0000000 --- a/modules/private/monitoring/myplugins.nix +++ /dev/null | |||
@@ -1,389 +0,0 @@ | |||
1 | { sudo, pkgs, lib, config }: | ||
2 | let | ||
3 | cfg = config.myServices.monitoring; | ||
4 | in | ||
5 | { | ||
6 | notify-secondary = { | ||
7 | resources = { | ||
8 | USER200 = config.myEnv.monitoring.status_url; | ||
9 | USER201 = config.myEnv.monitoring.status_token; | ||
10 | }; | ||
11 | commands = { | ||
12 | notify-master = "$USER2$/send_nrdp.sh -u \"$USER200$\" -t \"$USER201$\" -H \"$HOSTADDRESS$\" -s \"$SERVICEDESC$\" -S \"$SERVICESTATEID$\" -o \"$SERVICEOUTPUT$ | $SERVICEPERFDATA$\""; | ||
13 | }; | ||
14 | chunk = '' | ||
15 | cp ${./plugins}/send_nrdp.sh $out | ||
16 | patchShebangs $out/send_nrdp.sh | ||
17 | wrapProgram $out/send_nrdp.sh --prefix PATH : ${lib.makeBinPath [ | ||
18 | pkgs.curl pkgs.jq | ||
19 | ]} | ||
20 | ''; | ||
21 | }; | ||
22 | notify-primary = { | ||
23 | resources = { | ||
24 | USER206 = config.myEnv.monitoring.slack_channel; | ||
25 | USER207 = config.myEnv.monitoring.slack_url; | ||
26 | USER210 = config.myEnv.monitoring.eban.user; | ||
27 | USER211 = config.myEnv.monitoring.eban.password; | ||
28 | }; | ||
29 | commands = { | ||
30 | # $OVE is to force naemon to run via shell instead of execve which fails here | ||
31 | notify-host-by-email = "ADMINEMAIL=\"$ADMINEMAIL$\" SERVICENOTIFICATIONID=\"$SERVICENOTIFICATIONID$\" HOSTSTATE=\"$HOSTSTATE$\" HOSTOUTPUT=\"$HOSTOUTPUT$\" $USER2$/notify_by_email host \"$NOTIFICATIONTYPE$\" \"$HOSTALIAS$\" \"$LONGDATETIME$\" \"$CONTACTEMAIL$\" $OVE"; | ||
32 | # $OVE is to force naemon to run via shell instead of execve which fails here | ||
33 | notify-service-by-email = "ADMINEMAIL=\"$ADMINEMAIL$\" SERVICENOTIFICATIONID=\"$SERVICENOTIFICATIONID$\" SERVICEDESC=\"$SERVICEDESC$\" SERVICESTATE=\"$SERVICESTATE$\" SERVICEOUTPUT=\"$SERVICEOUTPUT$\" $USER2$/notify_by_email service \"$NOTIFICATIONTYPE$\" \"$HOSTALIAS$\" \"$LONGDATETIME$\" \"$CONTACTEMAIL$\" $OVE"; | ||
34 | notify-by-slack = "HOST=\"$HOSTALIAS$\" SERVICESTATE=\"$SERVICESTATE$\" SERVICEDESC=\"$SERVICEDESC$\" SERVICEOUTPUT=\"$SERVICEOUTPUT$\" $USER2$/notify_by_slack \"$ARG1$\" \"$ARG2$\""; | ||
35 | notify-host-eban-url = "STATUS_NAME=\"Server\" USER=\"$USER210$\" PASSWORD=\"$USER211$\" HOSTSTATE=\"$HOSTSTATE$\" $USER2$/notify_eban_url"; | ||
36 | notify-service-eban-url = "STATUS_NAME=\"$_SERVICEWEBSTATUS_NAME$\" USER=\"$USER210$\" PASSWORD=\"$USER211$\" SERVICESTATE=\"$SERVICESTATE$\" $USER2$/notify_eban_url"; | ||
37 | }; | ||
38 | chunk = '' | ||
39 | cp ${./plugins}/{notify_by_email,notify_by_slack,notify_eban_url} $out | ||
40 | patchShebangs $out/{notify_by_email,notify_by_slack,notify_eban_url} | ||
41 | wrapProgram $out/notify_by_email --prefix PATH : ${lib.makeBinPath [ | ||
42 | pkgs.mailutils | ||
43 | ]} | ||
44 | wrapProgram $out/notify_by_slack --prefix PATH : ${lib.makeBinPath [ | ||
45 | pkgs.curl pkgs.jq | ||
46 | ]} | ||
47 | wrapProgram $out/notify_eban_url --prefix PATH : ${lib.makeBinPath [ | ||
48 | pkgs.curl | ||
49 | ]} | ||
50 | ''; | ||
51 | }; | ||
52 | bandwidth = { | ||
53 | commands = { | ||
54 | check_local_bandwidth = "$USER2$/check_bandwidth -i=$ARG1$ -w $ARG2$ -c $ARG3$"; | ||
55 | }; | ||
56 | chunk = '' | ||
57 | cp ${./plugins}/check_bandwidth $out/ | ||
58 | patchShebangs $out/check_bandwidth | ||
59 | wrapProgram $out/check_bandwidth --prefix PATH : ${lib.makeBinPath [ | ||
60 | pkgs.iproute pkgs.bc | ||
61 | ]} | ||
62 | ''; | ||
63 | }; | ||
64 | command = { | ||
65 | commands = { | ||
66 | check_command_match = "$USER2$/check_command -c \"$ARG1$\" -C \"$ARG2$\" $ARG3$"; | ||
67 | check_command_output = "$USER2$/check_command -c \"$ARG1$\" -s 0 -o \"$ARG2$\" $ARG3$"; | ||
68 | check_command_status = "$USER2$/check_command -c \"$ARG1$\" -s \"$ARG2$\" $ARG3$"; | ||
69 | }; | ||
70 | chunk = '' | ||
71 | cp ${./plugins}/check_command $out/ | ||
72 | patchShebangs $out/check_command | ||
73 | wrapProgram $out/check_command --prefix PATH : ${config.security.wrapperDir} | ||
74 | ''; | ||
75 | }; | ||
76 | dns = { | ||
77 | commands = { | ||
78 | check_dns = "$USER1$/check_dns -H $ARG1$ -s $HOSTADDRESS$ $ARG2$"; | ||
79 | check_external_dns = "$USER1$/check_dns -H $ARG2$ -s $ARG1$ $ARG3$"; | ||
80 | }; | ||
81 | }; | ||
82 | emails = { | ||
83 | resources = { | ||
84 | USER203 = config.secrets.fullPaths."naemon/id_rsa"; | ||
85 | }; | ||
86 | commands = { | ||
87 | check_emails = "$USER2$/check_emails -H $HOSTADDRESS$ -i $USER203$ -l $ARG1$ -p $ARG2$ -s $ARG3$ -f $ARG4$"; | ||
88 | check_emails_local = "$USER2$/check_emails -H $HOSTADDRESS$ -n $ARG1$ -r $ADMINEMAIL$ -s $ARG2$ -f $ARG3$"; | ||
89 | }; | ||
90 | chunk = let | ||
91 | send_mails = pkgs.runCommand "send_mails" { | ||
92 | buildInputs = [ pkgs.makeWrapper ]; | ||
93 | } '' | ||
94 | mkdir -p $out/bin | ||
95 | cp ${./send_mails} $out/bin/send_mails | ||
96 | patchShebangs $out | ||
97 | wrapProgram $out/bin/send_mails --prefix PATH : ${lib.makeBinPath [ | ||
98 | pkgs.mailutils | ||
99 | ]} | ||
100 | ''; | ||
101 | in '' | ||
102 | cp ${./plugins}/check_emails $out/ | ||
103 | patchShebangs $out/check_emails | ||
104 | wrapProgram $out/check_emails --prefix PATH : ${lib.makeBinPath [ | ||
105 | pkgs.openssh send_mails | ||
106 | ]} --prefix PERL5LIB : ${pkgs.perlPackages.makePerlPath [ | ||
107 | pkgs.perlPackages.TimeDate | ||
108 | ]} | ||
109 | ''; | ||
110 | }; | ||
111 | eriomem = { | ||
112 | resources = { | ||
113 | USER208 = builtins.concatStringsSep "," (map (builtins.concatStringsSep ":") config.myEnv.monitoring.eriomem_keys); | ||
114 | }; | ||
115 | commands = { | ||
116 | check_backup_eriomem = "$USER2$/check_eriomem $USER208$"; | ||
117 | check_backup_eriomem_age = "$USER2$/check_backup_eriomem_age $ARG1$"; | ||
118 | }; | ||
119 | chunk = '' | ||
120 | cp ${./plugins}/check_eriomem $out/ | ||
121 | patchShebangs $out/check_eriomem | ||
122 | wrapProgram $out/check_eriomem --prefix PATH : ${lib.makeBinPath [ | ||
123 | pkgs.s3cmd pkgs.python3 | ||
124 | ]} | ||
125 | cp ${./plugins}/check_backup_age $out/check_backup_eriomem_age | ||
126 | patchShebangs $out/check_backup_eriomem_age | ||
127 | wrapProgram $out/check_backup_eriomem_age --prefix PATH : ${lib.makeBinPath [ | ||
128 | pkgs.duplicity | ||
129 | ]} --set SECRETS_PATH ${lib.optionalString cfg.master config.secrets.fullPaths."eriomem_access_key"} | ||
130 | ''; | ||
131 | }; | ||
132 | file_date = { | ||
133 | commands = { | ||
134 | check_last_file_date = "${sudo} -u \"$ARG3$\" $USER2$/check_last_file_date \"$ARG1$\" \"$ARG2$\""; | ||
135 | }; | ||
136 | chunk = '' | ||
137 | cp ${./plugins}/check_last_file_date $out/ | ||
138 | patchShebangs $out/check_last_file_date | ||
139 | ''; | ||
140 | sudo = myplugins: { | ||
141 | commands = [ | ||
142 | { command = "${myplugins}/check_last_file_date /backup2/*"; options = [ "NOPASSWD" ]; } | ||
143 | ]; | ||
144 | runAs = "ALL"; | ||
145 | }; | ||
146 | }; | ||
147 | ftp = { | ||
148 | commands = { | ||
149 | check_ftp_database = "$USER2$/check_ftp_database"; | ||
150 | }; | ||
151 | chunk = '' | ||
152 | cp ${./plugins}/check_ftp_database $out/ | ||
153 | patchShebangs $out/check_ftp_database | ||
154 | wrapProgram $out/check_ftp_database --prefix PATH : ${lib.makeBinPath [ | ||
155 | pkgs.lftp | ||
156 | ]} | ||
157 | ''; | ||
158 | }; | ||
159 | git = { | ||
160 | resources = { | ||
161 | USER203 = config.secrets.fullPaths."naemon/id_rsa"; | ||
162 | }; | ||
163 | commands = { | ||
164 | check_git = "$USER2$/check_git $USER203$"; | ||
165 | }; | ||
166 | chunk = '' | ||
167 | cp ${./plugins}/check_git $out/ | ||
168 | patchShebangs $out/check_git | ||
169 | wrapProgram $out/check_git --prefix PATH : ${lib.makeBinPath [ | ||
170 | pkgs.git pkgs.openssh | ||
171 | ]} | ||
172 | ''; | ||
173 | }; | ||
174 | http = { | ||
175 | resources = { | ||
176 | USER202 = config.myEnv.monitoring.http_user_password; | ||
177 | }; | ||
178 | commands = { | ||
179 | check_http = "$USER1$/check_http --sni -f stickyport -H \"$ARG1$\" -u \"$ARG2$\" -r \"$ARG3$\""; | ||
180 | check_https = "$USER1$/check_http --sni --ssl -f stickyport -H \"$ARG1$\" -u \"$ARG2$\" -r \"$ARG3$\""; | ||
181 | check_https_auth = "$USER1$/check_http --sni --ssl -a \"$USER202$\" -f stickyport -H \"$ARG1$\" -u \"$ARG2$\" -r \"$ARG3$\""; | ||
182 | check_https_certificate = "$USER1$/check_http --sni --ssl -H \"$ARG1$\" -C 21,15"; | ||
183 | check_https_code = "$USER1$/check_http --sni --ssl -f stickyport -H \"$ARG1$\" -u \"$ARG2$\" -e \"$ARG3$\" -r \"$ARG4$\""; | ||
184 | }; | ||
185 | }; | ||
186 | imap = { | ||
187 | resources = { | ||
188 | USER204 = config.myEnv.monitoring.imap_login; | ||
189 | USER205 = config.myEnv.monitoring.imap_password; | ||
190 | }; | ||
191 | commands = { | ||
192 | check_imap_connection = "$USER2$/check_imap_connection -u \"$USER204$\" -p \"$USER205$\" -H \"imap.immae.eu:143\""; | ||
193 | }; | ||
194 | chunk = '' | ||
195 | cp ${./plugins}/check_imap_connection $out/ | ||
196 | patchShebangs $out/check_imap_connection | ||
197 | wrapProgram $out/check_imap_connection --prefix PATH : ${lib.makeBinPath [ | ||
198 | pkgs.openssl | ||
199 | ]} | ||
200 | ''; | ||
201 | }; | ||
202 | megaraid = let | ||
203 | megacli = pkgs.megacli.overrideAttrs(old: { meta = old.meta // { license = null; }; }); | ||
204 | in { | ||
205 | commands = { | ||
206 | check_megaraid = "$USER2$/check_megaraid_sas --sudo"; | ||
207 | }; | ||
208 | chunk = let | ||
209 | megaCliPlugin = pkgs.runCommand "megaCliPlugin" { | ||
210 | plugin = pkgs.fetchurl { | ||
211 | name = "check_megaraid_sas"; | ||
212 | url = "https://exchange.nagios.org/components/com_mtree/attachment.php?link_id=6381&cf_id=24"; | ||
213 | sha256 = "0yf60p4c0hb4q3fng9fc14qc89bqm0f1sijayzygadaqcl44jx4p"; | ||
214 | }; | ||
215 | } '' | ||
216 | mkdir $out | ||
217 | cp $plugin $out/check_megaraid_sas | ||
218 | chmod +x $out/check_megaraid_sas | ||
219 | patchShebangs $out | ||
220 | substituteInPlace $out/check_megaraid_sas --replace /usr/sbin/MegaCli ${megacli}/bin/MegaCli64 | ||
221 | substituteInPlace $out/check_megaraid_sas --replace 'sudo $megacli' '${sudo} $megacli' | ||
222 | sed -i -e "s/use utils qw(%ERRORS);/my %ERRORS = ('OK' => 0, 'WARNING' => 1, 'CRITICAL' => 2, 'UNKNOWN' => 3);/" $out/check_megaraid_sas | ||
223 | ''; | ||
224 | in '' | ||
225 | cp ${megaCliPlugin}/check_megaraid_sas $out/ | ||
226 | patchShebangs $out/check_megaraid_sas | ||
227 | ''; | ||
228 | sudo = _: { | ||
229 | commands = [ | ||
230 | { command = "${megacli}/bin/MegaCli64"; options = [ "NOPASSWD" ]; } | ||
231 | ]; | ||
232 | runAs = "root"; | ||
233 | }; | ||
234 | }; | ||
235 | memory = { | ||
236 | commands = { | ||
237 | check_memory = "$USER2$/check_mem.sh -w $ARG1$ -c $ARG2$"; | ||
238 | }; | ||
239 | chunk = '' | ||
240 | cp ${./plugins}/check_mem.sh $out/ | ||
241 | patchShebangs $out/check_mem.sh | ||
242 | wrapProgram $out/check_mem.sh --prefix PATH : ${lib.makeBinPath [ | ||
243 | pkgs.gnugrep pkgs.gawk pkgs.procps-ng | ||
244 | ]} | ||
245 | ''; | ||
246 | }; | ||
247 | mysql = { | ||
248 | commands = { | ||
249 | check_mysql_replication = "${sudo} -u mysql $USER2$/check_mysql_replication \"$ARG1$\" \"$ARG2$\""; | ||
250 | }; | ||
251 | chunk = '' | ||
252 | cp ${./plugins}/check_mysql_replication $out/ | ||
253 | patchShebangs $out/check_mysql_replication | ||
254 | wrapProgram $out/check_mysql_replication --prefix PATH : ${lib.makeBinPath [ | ||
255 | pkgs.gnugrep pkgs.gnused pkgs.coreutils pkgs.mariadb | ||
256 | ]} | ||
257 | ''; | ||
258 | sudo = myplugins: { | ||
259 | commands = [ | ||
260 | { command = "${myplugins}/check_mysql_replication *"; options = [ "NOPASSWD" ]; } | ||
261 | ]; | ||
262 | runAs = "mysql"; | ||
263 | }; | ||
264 | }; | ||
265 | openldap = { | ||
266 | commands = { | ||
267 | check_openldap_replication = "${sudo} -u openldap $USER2$/check_openldap_replication \"$ARG1$\" \"$ARG2$\" \"$ARG3$\" \"$ARG4$\" \"$ARG5$\""; | ||
268 | }; | ||
269 | chunk = '' | ||
270 | cp ${./plugins}/check_openldap_replication $out/ | ||
271 | patchShebangs $out/check_openldap_replication | ||
272 | wrapProgram $out/check_openldap_replication --prefix PATH : ${lib.makeBinPath [ | ||
273 | pkgs.gnugrep pkgs.gnused pkgs.coreutils pkgs.openldap | ||
274 | ]} | ||
275 | ''; | ||
276 | sudo = myplugins: { | ||
277 | commands = [ | ||
278 | { command = "${myplugins}/check_openldap_replication *"; options = [ "NOPASSWD" ]; } | ||
279 | ]; | ||
280 | runAs = "openldap"; | ||
281 | }; | ||
282 | }; | ||
283 | ovh = { | ||
284 | resources = { | ||
285 | USER209 = builtins.concatStringsSep "," [ | ||
286 | config.myEnv.monitoring.ovh_sms.endpoint | ||
287 | config.myEnv.monitoring.ovh_sms.application_key | ||
288 | config.myEnv.monitoring.ovh_sms.application_secret | ||
289 | config.myEnv.monitoring.ovh_sms.consumer_key | ||
290 | config.myEnv.monitoring.ovh_sms.account | ||
291 | ]; | ||
292 | }; | ||
293 | commands = { | ||
294 | check_backup_ovh_age = "$USER2$/check_backup_ovh_age $ARG1$"; | ||
295 | check_ovh_sms = "$USER2$/check_ovh_sms \"$USER209$\""; | ||
296 | }; | ||
297 | chunk = '' | ||
298 | cp ${./plugins}/check_backup_age $out/check_backup_ovh_age | ||
299 | patchShebangs $out/check_backup_ovh_age | ||
300 | wrapProgram $out/check_backup_ovh_age --prefix PATH : ${lib.makeBinPath [ | ||
301 | pkgs.duplicity | ||
302 | ]} --set SECRETS_PATH ${lib.optionalString cfg.master config.secrets.fullPaths."ovh_access_key"} | ||
303 | cp ${./plugins}/check_ovh_sms $out/ | ||
304 | patchShebangs $out/check_ovh_sms | ||
305 | wrapProgram $out/check_ovh_sms --prefix PATH : ${lib.makeBinPath [ | ||
306 | (pkgs.python3.withPackages (ps: [ps.ovh])) | ||
307 | ]} | ||
308 | ''; | ||
309 | }; | ||
310 | postgresql = { | ||
311 | commands = { | ||
312 | check_postgresql_replication = "${sudo} -u postgres $USER2$/check_postgres_replication \"$ARG1$\" \"$ARG2$\" \"$ARG3$\""; | ||
313 | check_postgresql_database_count = "$USER2$/check_postgres_database_count \"$ARG1$\" \"$ARG2$\" \"$ARG3$\""; | ||
314 | }; | ||
315 | chunk = let | ||
316 | postgresqlBinary = if config.myServices.databasesReplication.postgresql.enable | ||
317 | then config.myServices.databasesReplication.postgresql.mainPackage | ||
318 | else if config.myServices.databases.enable | ||
319 | then config.myServices.databases.postgresql.package | ||
320 | else pkgs.postgresql; | ||
321 | in '' | ||
322 | cp ${./plugins}/check_postgres_replication $out/ | ||
323 | patchShebangs $out/check_postgres_replication | ||
324 | wrapProgram $out/check_postgres_replication --prefix PATH : ${lib.makeBinPath [ | ||
325 | postgresqlBinary | ||
326 | ]} | ||
327 | cp ${./plugins}/check_postgres_database_count $out/ | ||
328 | patchShebangs $out/check_postgres_database_count | ||
329 | wrapProgram $out/check_postgres_database_count --prefix PATH : ${lib.makeBinPath [ | ||
330 | postgresqlBinary | ||
331 | ]} | ||
332 | ''; | ||
333 | |||
334 | sudo = myplugins: { | ||
335 | commands = [ | ||
336 | { command = "${myplugins}/check_postgres_replication *"; options = [ "NOPASSWD" ]; } | ||
337 | ]; | ||
338 | runAs = "postgres"; | ||
339 | }; | ||
340 | }; | ||
341 | redis = { | ||
342 | commands = { | ||
343 | check_redis_replication = "${sudo} -u redis $USER2$/check_redis_replication \"$ARG1$\""; | ||
344 | }; | ||
345 | chunk = '' | ||
346 | cp ${./plugins}/check_redis_replication $out/ | ||
347 | patchShebangs $out/check_redis_replication | ||
348 | wrapProgram $out/check_redis_replication --prefix PATH : ${lib.makeBinPath [ | ||
349 | pkgs.gnugrep pkgs.coreutils pkgs.redis | ||
350 | ]} | ||
351 | ''; | ||
352 | sudo = myplugins: { | ||
353 | commands = [ | ||
354 | { command = "${myplugins}/check_redis_replication *"; options = [ "NOPASSWD" ]; } | ||
355 | ]; | ||
356 | runAs = "redis"; | ||
357 | }; | ||
358 | }; | ||
359 | tcp = { | ||
360 | commands = { | ||
361 | check_tcp = "$USER1$/check_tcp -H $HOSTADDRESS$ -p $ARG1$ -e \"$ARG2$\" -Mcrit"; | ||
362 | check_tcp_ssl = "$USER1$/check_tcp -H $HOSTADDRESS$ -p $ARG1$ -S -D 21,15"; | ||
363 | }; | ||
364 | }; | ||
365 | zfs = { | ||
366 | commands = { | ||
367 | check_zfs = "$USER2$/check_zpool.sh -p ALL -w 80 -c 90"; | ||
368 | check_zfs_snapshot = "$USER2$/check_zfs_snapshot -d $ARG1$ -c 18000 -w 14400"; | ||
369 | }; | ||
370 | chunk = let | ||
371 | zfsPlugin = pkgs.fetchurl { | ||
372 | url = "https://www.claudiokuenzler.com/monitoring-plugins/check_zpools.sh"; | ||
373 | sha256 = "0p9ms9340in80jkds4kfspw62xnzsv5s7ni9m28kxyd0bnzkbzhf"; | ||
374 | }; | ||
375 | in '' | ||
376 | cp ${zfsPlugin} $out/check_zpool.sh | ||
377 | chmod +x $out/check_zpool.sh | ||
378 | patchShebangs $out/check_zpool.sh | ||
379 | wrapProgram $out/check_zpool.sh --prefix PATH : ${lib.makeBinPath [ | ||
380 | pkgs.which pkgs.zfs pkgs.gawk | ||
381 | ]} | ||
382 | cp ${./plugins}/check_zfs_snapshot $out | ||
383 | patchShebangs $out/check_zfs_snapshot | ||
384 | wrapProgram $out/check_zfs_snapshot --prefix PATH : ${lib.makeBinPath [ | ||
385 | pkgs.zfs pkgs.coreutils pkgs.gawk pkgs.gnugrep | ||
386 | ]} | ||
387 | ''; | ||
388 | }; | ||
389 | } | ||
diff --git a/modules/private/monitoring/nagios-cli.cfg b/modules/private/monitoring/nagios-cli.cfg deleted file mode 100644 index 7bd30cb..0000000 --- a/modules/private/monitoring/nagios-cli.cfg +++ /dev/null | |||
@@ -1,68 +0,0 @@ | |||
1 | # -*- coding: utf-8; -*- | ||
2 | |||
3 | [cli] | ||
4 | history = /var/lib/naemon/nagios_cli_history | ||
5 | |||
6 | [ui] | ||
7 | color = 1 | ||
8 | prompt = naemon %s> | ||
9 | prompt_separator = " → " | ||
10 | |||
11 | [nagios] | ||
12 | log = /var/log/naemon | ||
13 | command_file = /run/naemon/naemon.cmd | ||
14 | log_file = %(log)s/naemon.log | ||
15 | object_cache_file = /var/lib/naemon/objects.cache | ||
16 | status_file = /var/lib/naemon/status.dat | ||
17 | |||
18 | [object] | ||
19 | host.status = | ||
20 | host_name | ||
21 | current_state | ||
22 | plugin_output | ||
23 | is_flapping | ||
24 | last_check | ||
25 | last_time_down | ||
26 | last_state_change | ||
27 | check_period | ||
28 | notification_period | ||
29 | current_attempt | ||
30 | max_attempts | ||
31 | service.status = | ||
32 | host_name | ||
33 | service_description | ||
34 | current_state | ||
35 | is_flapping | ||
36 | plugin_output | ||
37 | last_time_down | ||
38 | last_state_change | ||
39 | last_check | ||
40 | next_check | ||
41 | check_interval | ||
42 | check_latency | ||
43 | check_period | ||
44 | notification_period | ||
45 | current_attempt | ||
46 | max_attempts | ||
47 | |||
48 | [string] | ||
49 | level.ok = ↑ OK | ||
50 | level.warning = ! WARNING | ||
51 | level.critical = ↓ CRITICAL | ||
52 | level.unknown = ↕ UNKNOWN | ||
53 | |||
54 | [color] | ||
55 | error = bold_red | ||
56 | |||
57 | prompt = normal | ||
58 | prompt.object = bold | ||
59 | |||
60 | host.host_name = bold | ||
61 | host.plugin_output = bold | ||
62 | service.plugin_output = bold | ||
63 | |||
64 | level.ok = bold_green | ||
65 | level.warning = bold_yellow | ||
66 | level.critical = bold_red | ||
67 | level.unknown = bold_magenta | ||
68 | |||
diff --git a/modules/private/monitoring/objects_backup-2.nix b/modules/private/monitoring/objects_backup-2.nix deleted file mode 100644 index 28032a4..0000000 --- a/modules/private/monitoring/objects_backup-2.nix +++ /dev/null | |||
@@ -1,111 +0,0 @@ | |||
1 | { config, pkgs, lib, hostFQDN, emailCheck, ... }: | ||
2 | let | ||
3 | defaultPassiveInfo = { | ||
4 | filter = lib.attrsets.filterAttrs | ||
5 | (k: v: builtins.elem k ["service_description"] || builtins.substring 0 1 k == "_"); | ||
6 | use = "external-passive-service"; | ||
7 | freshness_threshold = "450"; | ||
8 | retry_interval = "1"; | ||
9 | servicegroups = "webstatus-resources"; | ||
10 | host_name = hostFQDN; | ||
11 | }; | ||
12 | in | ||
13 | { | ||
14 | activatedPlugins = [ "file_date" "mysql" "openldap" "redis" "emails" ]; | ||
15 | service = [ | ||
16 | (emailCheck "backup-2" hostFQDN // { | ||
17 | passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-email"; freshness_threshold = "1350"; }; | ||
18 | }) | ||
19 | { | ||
20 | passiveInfo = defaultPassiveInfo; | ||
21 | service_description = "Size on /backup2 partition"; | ||
22 | use = "local-service"; | ||
23 | check_command = ["check_local_disk" "10%" "5%" "/backup2"]; | ||
24 | } | ||
25 | { | ||
26 | passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-backup"; }; | ||
27 | service_description = "Last backup in /backup2/phare is not too old"; | ||
28 | use = "local-service"; | ||
29 | check_command = ["check_last_file_date" "/backup2/phare" "14" "backup"]; | ||
30 | } | ||
31 | { | ||
32 | passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-backup"; }; | ||
33 | service_description = "Last backup in /backup2/dilion is not too old"; | ||
34 | use = "local-service"; | ||
35 | check_command = ["check_last_file_date" "/backup2/dilion" "14" "backup"]; | ||
36 | } | ||
37 | { | ||
38 | passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-backup"; }; | ||
39 | service_description = "Last backup in /backup2/ulminfo is not too old"; | ||
40 | use = "local-service"; | ||
41 | check_command = ["check_last_file_date" "/backup2/ulminfo" "14" "backup"]; | ||
42 | } | ||
43 | { | ||
44 | passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-databases,webstatus-backup"; }; | ||
45 | service_description = "Last postgresql dump in /backup2/eldiron/postgresql_backup is not too old"; | ||
46 | use = "local-service"; | ||
47 | check_command = ["check_last_file_date" "/backup2/eldiron/postgresql_backup" "7" "postgres"]; | ||
48 | } | ||
49 | { | ||
50 | passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-databases"; }; | ||
51 | service_description = "Redis replication for eldiron is up to date"; | ||
52 | use = "local-service"; | ||
53 | check_command = ["check_redis_replication" "/run/redis_eldiron/redis.sock"]; | ||
54 | } | ||
55 | { | ||
56 | passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-databases,webstatus-backup"; }; | ||
57 | service_description = "Last redis dump in /backup2/eldiron/redis_backup is not too old"; | ||
58 | use = "local-service"; | ||
59 | check_command = ["check_last_file_date" "/backup2/eldiron/redis_backup" "7" "redis"]; | ||
60 | } | ||
61 | { | ||
62 | passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-databases"; }; | ||
63 | service_description = "Mysql replication for eldiron is up to date"; | ||
64 | use = "local-service"; | ||
65 | check_command = ["check_mysql_replication" "/run/mysqld_eldiron/mysqld.sock" config.secrets.fullPaths."mysql_replication/eldiron/client"]; | ||
66 | } | ||
67 | { | ||
68 | passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-databases,webstatus-backup"; }; | ||
69 | service_description = "Last mysql dump in /backup2/eldiron/mysql_backup is not too old"; | ||
70 | use = "local-service"; | ||
71 | check_command = ["check_last_file_date" "/backup2/eldiron/mysql_backup" "7" "mysql"]; | ||
72 | } | ||
73 | { | ||
74 | passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-databases"; }; | ||
75 | service_description = "Openldap replication for eldiron is up to date"; | ||
76 | use = "local-service"; | ||
77 | check_command = let | ||
78 | name = "eldiron"; | ||
79 | hcfg = config.myServices.databasesReplication.openldap.hosts.eldiron; | ||
80 | base = config.myServices.databasesReplication.openldap.base; | ||
81 | eldiron_schemas = pkgs.callPackage ../databases/openldap/eldiron_schemas.nix {}; | ||
82 | ldapConfig = pkgs.writeText "slapd.conf" '' | ||
83 | include ${pkgs.openldap}/etc/schema/core.schema | ||
84 | include ${pkgs.openldap}/etc/schema/cosine.schema | ||
85 | include ${pkgs.openldap}/etc/schema/inetorgperson.schema | ||
86 | include ${pkgs.openldap}/etc/schema/nis.schema | ||
87 | ${eldiron_schemas} | ||
88 | moduleload back_hdb | ||
89 | backend hdb | ||
90 | database hdb | ||
91 | |||
92 | suffix "${hcfg.base}" | ||
93 | directory ${base}/${name}/openldap | ||
94 | ''; | ||
95 | in [ | ||
96 | "check_openldap_replication" | ||
97 | hcfg.url | ||
98 | hcfg.dn | ||
99 | config.secrets.fullPaths."openldap_replication/eldiron/replication_password" | ||
100 | hcfg.base | ||
101 | ldapConfig | ||
102 | ]; | ||
103 | } | ||
104 | { | ||
105 | passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-databases,webstatus-backup"; }; | ||
106 | service_description = "Last openldap dump in /backup2/eldiron/openldap_backup is not too old"; | ||
107 | use = "local-service"; | ||
108 | check_command = ["check_last_file_date" "/backup2/eldiron/openldap_backup" "7" "openldap"]; | ||
109 | } | ||
110 | ]; | ||
111 | } | ||
diff --git a/modules/private/monitoring/objects_common.nix b/modules/private/monitoring/objects_common.nix deleted file mode 100644 index 7c9f642..0000000 --- a/modules/private/monitoring/objects_common.nix +++ /dev/null | |||
@@ -1,253 +0,0 @@ | |||
1 | { hostFQDN | ||
2 | , hostName | ||
3 | , interface ? "eth0" | ||
4 | , processWarn ? "250" | ||
5 | , processAlert ? "400" | ||
6 | , loadWarn ? "0.9" | ||
7 | , load5Warn ? loadWarn | ||
8 | , load15Warn ? load5Warn | ||
9 | , loadAlert ? "1.0" | ||
10 | , load5Alert ? loadAlert | ||
11 | , load15Alert ? load5Alert | ||
12 | , mdadm | ||
13 | , master | ||
14 | , lib | ||
15 | , mypluginsConfig | ||
16 | , ... | ||
17 | }: | ||
18 | let | ||
19 | defaultPassiveInfo = { | ||
20 | filter = lib.attrsets.filterAttrs | ||
21 | (k: v: builtins.elem k ["service_description"] || builtins.substring 0 1 k == "_"); | ||
22 | use = "external-passive-service"; | ||
23 | freshness_threshold = "450"; | ||
24 | retry_interval = "1"; | ||
25 | servicegroups = "webstatus-resources"; | ||
26 | host_name = hostFQDN; | ||
27 | }; | ||
28 | in | ||
29 | { | ||
30 | host = { | ||
31 | "${hostFQDN}" = { | ||
32 | alias = hostFQDN; | ||
33 | address = hostFQDN; | ||
34 | use = "linux-server"; | ||
35 | hostgroups = "webstatus-hosts"; | ||
36 | _webstatus_name = hostName; | ||
37 | _webstatus_vhost = "status.immae.eu"; | ||
38 | }; | ||
39 | }; | ||
40 | service = [ | ||
41 | { | ||
42 | passiveInfo = defaultPassiveInfo; | ||
43 | service_description = "Size on root partition"; | ||
44 | use = "local-service"; | ||
45 | check_command = ["check_local_disk" "20%" "10%" "/"]; | ||
46 | } | ||
47 | { | ||
48 | passiveInfo = defaultPassiveInfo; | ||
49 | service_description = "Total number of process"; | ||
50 | use = "local-service"; | ||
51 | check_command = [ | ||
52 | "check_local_procs" | ||
53 | processWarn | ||
54 | processAlert | ||
55 | "RSZDT" | ||
56 | ]; | ||
57 | } | ||
58 | { | ||
59 | passiveInfo = defaultPassiveInfo; | ||
60 | service_description = "Network bandwidth"; | ||
61 | use = "local-service"; | ||
62 | check_interval = "2"; | ||
63 | max_check_attempts = "20"; | ||
64 | retry_interval = "2"; | ||
65 | check_command = [ | ||
66 | "check_local_bandwidth" | ||
67 | interface | ||
68 | "20480" # kb/s | ||
69 | "51200" # kb/s | ||
70 | ]; | ||
71 | } | ||
72 | { | ||
73 | passiveInfo = defaultPassiveInfo; | ||
74 | service_description = "Average load"; | ||
75 | use = "local-service"; | ||
76 | check_command = [ | ||
77 | "check_local_load" | ||
78 | "${loadWarn},${load5Warn},${load15Warn}" | ||
79 | "${loadAlert},${load5Alert},${load15Alert}" | ||
80 | ]; | ||
81 | } | ||
82 | { | ||
83 | passiveInfo = defaultPassiveInfo; | ||
84 | service_description = "Swap usage"; | ||
85 | use = "local-service"; | ||
86 | check_command = ["check_local_swap" "20" "10"]; | ||
87 | } | ||
88 | { | ||
89 | passiveInfo = defaultPassiveInfo; | ||
90 | service_description = "Memory usage"; | ||
91 | use = "local-service"; | ||
92 | check_command = ["check_memory" "80" "90"]; | ||
93 | } | ||
94 | { | ||
95 | passiveInfo = defaultPassiveInfo; | ||
96 | service_description = "NTP is activated and working"; | ||
97 | use = "local-service"; | ||
98 | check_command = ["check_ntp"]; | ||
99 | } | ||
100 | { | ||
101 | passiveInfo = defaultPassiveInfo; | ||
102 | service_description = "No mdadm array is degraded"; | ||
103 | use = "local-service"; | ||
104 | check_command = [ | ||
105 | "check_command_output" | ||
106 | "${mdadm}/bin/mdadm --monitor --scan -1" | ||
107 | "^$" | ||
108 | "-s 0 -r root" | ||
109 | ]; | ||
110 | } | ||
111 | ]; | ||
112 | command = lib.foldr (v: o: o // (v.commands or {})) {} (builtins.attrValues mypluginsConfig) // { | ||
113 | check_local_disk = "$USER1$/check_disk -w $ARG1$ -c $ARG2$ -p $ARG3$"; | ||
114 | check_local_procs = "$USER1$/check_procs -w $ARG1$ -c $ARG2$ -s $ARG3$"; | ||
115 | check_local_load = "$USER1$/check_load -r -w $ARG1$ -c $ARG2$"; | ||
116 | check_local_swap = "$USER1$/check_swap -n ok -w $ARG1$ -c $ARG2$"; | ||
117 | check_ntp = "$USER1$/check_ntp_time -t 30 -q -H 0.arch.pool.ntp.org"; | ||
118 | check_mailq = "$USER1$/check_mailq -s -w 1 -c 2"; | ||
119 | check_smtp = "$USER1$/check_smtp -H $HOSTADDRESS$ -p 25 -S -D 21,15"; | ||
120 | |||
121 | check_host_alive = "$USER1$/check_ping -H $HOSTADDRESS$ -w 3000.0,80% -c 5000.0,100% -p 5"; | ||
122 | check_ok = "$USER1$/check_dummy 0 \"Dummy OK\""; | ||
123 | check_critical = "$USER1$/check_dummy 2 \"Dummy CRITICAL\""; | ||
124 | }; | ||
125 | timeperiod = { | ||
126 | "24x7" = { | ||
127 | alias = "24 Hours A Day, 7 Days A Week"; | ||
128 | monday = "00:00-24:00"; | ||
129 | tuesday = "00:00-24:00"; | ||
130 | wednesday = "00:00-24:00"; | ||
131 | thursday = "00:00-24:00"; | ||
132 | friday = "00:00-24:00"; | ||
133 | saturday = "00:00-24:00"; | ||
134 | sunday = "00:00-24:00"; | ||
135 | }; | ||
136 | }; | ||
137 | servicegroup = { | ||
138 | webstatus-webapps = { alias = "Web applications"; }; | ||
139 | webstatus-websites = { alias = "Personal websites"; }; | ||
140 | webstatus-ssl = { alias = "SSL certificates"; }; | ||
141 | webstatus-dns = { alias = "DNS resolution"; }; | ||
142 | webstatus-remote-services = { alias = "Other remote services"; }; | ||
143 | webstatus-local-services = { alias = "Other local services"; }; | ||
144 | webstatus-email = { alias = "E-mail services"; }; | ||
145 | webstatus-resources = { alias = "Local resources"; }; | ||
146 | webstatus-databases = { alias = "Databases resources"; }; | ||
147 | webstatus-backup = { alias = "Backup resources"; }; | ||
148 | }; | ||
149 | hostgroup = { | ||
150 | webstatus-hosts = { alias = "Hosts"; }; | ||
151 | }; | ||
152 | contactgroup = { | ||
153 | admins = { alias = "Naemon Administrators"; }; | ||
154 | }; | ||
155 | templates = { | ||
156 | service = { | ||
157 | generic-service = { | ||
158 | active_checks_enabled = "1"; | ||
159 | check_freshness = "0"; | ||
160 | check_interval = "10"; | ||
161 | check_period = "24x7"; | ||
162 | contact_groups = "admins"; | ||
163 | event_handler_enabled = "1"; | ||
164 | flap_detection_enabled = "1"; | ||
165 | is_volatile = "0"; | ||
166 | max_check_attempts = "3"; | ||
167 | notification_interval = "60"; | ||
168 | notification_options = "w,u,c,r,f,s"; | ||
169 | notification_period = "24x7"; | ||
170 | notifications_enabled = if master then "1" else "0"; | ||
171 | obsess_over_service = "1"; | ||
172 | passive_checks_enabled = "1"; | ||
173 | process_perf_data = "1"; | ||
174 | retain_nonstatus_information = "1"; | ||
175 | retain_status_information = "1"; | ||
176 | retry_interval = "2"; | ||
177 | _webstatus_namespace = "immae"; | ||
178 | }; | ||
179 | local-service = { | ||
180 | use = "generic-service"; | ||
181 | host_name = hostFQDN; | ||
182 | check_interval = "5"; | ||
183 | max_check_attempts = "4"; | ||
184 | retry_interval = "1"; | ||
185 | servicegroups = "webstatus-resources"; | ||
186 | }; | ||
187 | external-service = { | ||
188 | use = "generic-service"; | ||
189 | check_interval = "5"; | ||
190 | max_check_attempts = "4"; | ||
191 | retry_interval = "1"; | ||
192 | }; | ||
193 | web-service = { | ||
194 | use = "generic-service"; | ||
195 | check_interval = "20"; | ||
196 | max_check_attempts = "2"; | ||
197 | retry_interval = "1"; | ||
198 | }; | ||
199 | external-web-service = { | ||
200 | use = "generic-service"; | ||
201 | check_interval = "20"; | ||
202 | max_check_attempts = "2"; | ||
203 | retry_interval = "1"; | ||
204 | }; | ||
205 | mail-service = { | ||
206 | use = "generic-service"; | ||
207 | check_interval = "15"; | ||
208 | max_check_attempts = "1"; | ||
209 | retry_interval = "1"; | ||
210 | }; | ||
211 | dns-service = { | ||
212 | use = "generic-service"; | ||
213 | check_interval = "120"; | ||
214 | notification_interval = "120"; | ||
215 | max_check_attempts = "5"; | ||
216 | retry_interval = "5"; | ||
217 | }; | ||
218 | }; | ||
219 | # No contact, we go through master | ||
220 | contact = { | ||
221 | generic-contact = { | ||
222 | host_notification_commands = "notify-host-by-email"; | ||
223 | host_notification_options = "d,u,r,f,s"; | ||
224 | host_notification_period = "24x7"; | ||
225 | service_notification_commands = "notify-service-by-email"; | ||
226 | service_notification_options = "w,u,c,r,f,s"; | ||
227 | service_notification_period = "24x7"; | ||
228 | }; | ||
229 | }; | ||
230 | host = { | ||
231 | generic-host = { | ||
232 | event_handler_enabled = "1"; | ||
233 | flap_detection_enabled = "1"; | ||
234 | notification_period = "24x7"; | ||
235 | notifications_enabled = "1"; | ||
236 | process_perf_data = "1"; | ||
237 | retain_nonstatus_information = "1"; | ||
238 | retain_status_information = "1"; | ||
239 | }; | ||
240 | linux-server = { | ||
241 | check_command = "check_host_alive"; | ||
242 | check_interval = "5"; | ||
243 | check_period = "24x7"; | ||
244 | contact_groups = "admins"; | ||
245 | max_check_attempts = "10"; | ||
246 | notification_interval = "120"; | ||
247 | notification_options = "d,u,r,f"; | ||
248 | retry_interval = "1"; | ||
249 | _webstatus_namespace = "immae"; | ||
250 | }; | ||
251 | }; | ||
252 | }; | ||
253 | } | ||
diff --git a/modules/private/monitoring/objects_dilion.nix b/modules/private/monitoring/objects_dilion.nix deleted file mode 100644 index 16b3c64..0000000 --- a/modules/private/monitoring/objects_dilion.nix +++ /dev/null | |||
@@ -1,32 +0,0 @@ | |||
1 | { lib, hostFQDN, emailCheck, ... }: | ||
2 | let | ||
3 | defaultPassiveInfo = { | ||
4 | filter = lib.attrsets.filterAttrs | ||
5 | (k: v: builtins.elem k ["service_description"] || builtins.substring 0 1 k == "_"); | ||
6 | use = "external-passive-service"; | ||
7 | freshness_threshold = "450"; | ||
8 | retry_interval = "1"; | ||
9 | servicegroups = "webstatus-resources"; | ||
10 | host_name = hostFQDN; | ||
11 | }; | ||
12 | zfs_snapshot = name: { | ||
13 | passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-resources"; }; | ||
14 | service_description = "ZFS snapshot ${name} happened not too long ago"; | ||
15 | use = "local-service"; | ||
16 | check_command = ["check_zfs_snapshot" name]; | ||
17 | }; | ||
18 | in | ||
19 | { | ||
20 | activatedPlugins = [ "zfs" ]; | ||
21 | service = [ | ||
22 | { | ||
23 | passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-resources"; }; | ||
24 | service_description = "No ZFS pool is degraded"; | ||
25 | use = "local-service"; | ||
26 | check_command = ["check_zfs"]; | ||
27 | } | ||
28 | (zfs_snapshot "zpool/backup/eldiron/zpool/root") | ||
29 | (zfs_snapshot "zpool/backup/eldiron/zpool/root/etc") | ||
30 | (zfs_snapshot "zpool/backup/eldiron/zpool/root/var") | ||
31 | ]; | ||
32 | } | ||
diff --git a/modules/private/monitoring/objects_eban.nix b/modules/private/monitoring/objects_eban.nix deleted file mode 100644 index df54f6a..0000000 --- a/modules/private/monitoring/objects_eban.nix +++ /dev/null | |||
@@ -1,70 +0,0 @@ | |||
1 | { ... }: | ||
2 | let | ||
3 | serviceTemplate = rest: { | ||
4 | host_name = "eban.bzh"; | ||
5 | use = "external-web-service"; | ||
6 | contacts = "eban"; | ||
7 | contact_groups = "null"; | ||
8 | check_interval = "15"; | ||
9 | |||
10 | servicegroups = "webstatus-resources"; | ||
11 | _webstatus_namespace = "eban"; | ||
12 | } // rest; | ||
13 | in | ||
14 | { | ||
15 | activatedPlugins = [ "http" ]; | ||
16 | contact = { | ||
17 | eban = { | ||
18 | use = "generic-contact"; | ||
19 | host_notification_commands = "notify-host-eban-url"; | ||
20 | service_notification_commands = "notify-service-eban-url"; | ||
21 | }; | ||
22 | }; | ||
23 | host = { | ||
24 | "eban.bzh" = { | ||
25 | alias = "eban.bzh"; | ||
26 | address = "eban.bzh"; | ||
27 | use = "linux-server"; | ||
28 | hostgroups = "webstatus-hosts"; | ||
29 | contacts = "eban"; | ||
30 | contact_groups = "null"; | ||
31 | _webstatus_name = "Eban"; | ||
32 | _webstatus_vhost = "status.eban.bzh"; | ||
33 | _webstatus_namespace = "eban"; | ||
34 | }; | ||
35 | }; | ||
36 | service = [ | ||
37 | (serviceTemplate { | ||
38 | service_description = "Eban website is up and running"; | ||
39 | check_command = ["check_https" "eban.bzh" "/" "<title>"]; | ||
40 | _webstatus_name = "Main Website"; | ||
41 | _webstatus_url = "https://eban.bzh/"; | ||
42 | }) | ||
43 | (serviceTemplate { | ||
44 | service_description = "Eban blog is up and running"; | ||
45 | check_command = ["check_https" "blog.eban.bzh" "/" "<title>"]; | ||
46 | _webstatus_name = "Blog"; | ||
47 | _webstatus_url = "https://blog.eban.bzh/"; | ||
48 | }) | ||
49 | (serviceTemplate { | ||
50 | service_description = "Eban gitea is up and running"; | ||
51 | check_command = ["check_https" "git.eban.bzh" "/" "<title>"]; | ||
52 | _webstatus_name = "Git"; | ||
53 | _webstatus_url = "https://git.eban.bzh/"; | ||
54 | }) | ||
55 | (serviceTemplate { | ||
56 | service_description = "I Learned website is up and running"; | ||
57 | check_command = [ "check_https" "ilearned.eu.org" "/" "<title" ]; | ||
58 | |||
59 | _webstatus_name = "I Learned website"; | ||
60 | _webstatus_url = "https://ilearned.eu.org/"; | ||
61 | }) | ||
62 | (serviceTemplate { | ||
63 | service_description = "I Learned gitea is up and running"; | ||
64 | check_command = [ "check_https" "git.ilearned.eu.org" "/" "<title" ]; | ||
65 | |||
66 | _webstatus_name = "I Learned Git"; | ||
67 | _webstatus_url = "https://git.ilearned.eu.org/"; | ||
68 | }) | ||
69 | ]; | ||
70 | } | ||
diff --git a/modules/private/monitoring/objects_eldiron.nix b/modules/private/monitoring/objects_eldiron.nix deleted file mode 100644 index 75e7b0e..0000000 --- a/modules/private/monitoring/objects_eldiron.nix +++ /dev/null | |||
@@ -1,38 +0,0 @@ | |||
1 | { lib, hostFQDN, emailCheck, ... }: | ||
2 | let | ||
3 | defaultPassiveInfo = { | ||
4 | filter = lib.attrsets.filterAttrs | ||
5 | (k: v: builtins.elem k ["service_description"] || builtins.substring 0 1 k == "_"); | ||
6 | use = "external-passive-service"; | ||
7 | freshness_threshold = "450"; | ||
8 | retry_interval = "1"; | ||
9 | servicegroups = "webstatus-resources"; | ||
10 | host_name = hostFQDN; | ||
11 | }; | ||
12 | in | ||
13 | { | ||
14 | activatedPlugins = [ "emails" "postgresql" "zfs" ]; | ||
15 | service = [ | ||
16 | { | ||
17 | passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-databases"; }; | ||
18 | service_description = "Postgresql replication for backup-2 is up to date"; | ||
19 | use = "local-service"; | ||
20 | check_command = ["check_postgresql_replication" "backup-2" "/run/postgresql" "5432"]; | ||
21 | } | ||
22 | { | ||
23 | passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-resources"; }; | ||
24 | service_description = "No ZFS pool is degraded"; | ||
25 | use = "local-service"; | ||
26 | check_command = ["check_zfs"]; | ||
27 | } | ||
28 | { | ||
29 | passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-email"; }; | ||
30 | service_description = "mailq is empty"; | ||
31 | use = "local-service"; | ||
32 | check_command = ["check_mailq"]; | ||
33 | } | ||
34 | (emailCheck "eldiron" hostFQDN // { | ||
35 | passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-email"; freshness_threshold = "1350"; }; | ||
36 | }) | ||
37 | ]; | ||
38 | } | ||
diff --git a/modules/private/monitoring/objects_master.nix b/modules/private/monitoring/objects_master.nix deleted file mode 100644 index 30bfe73..0000000 --- a/modules/private/monitoring/objects_master.nix +++ /dev/null | |||
@@ -1,39 +0,0 @@ | |||
1 | { config, ... }: | ||
2 | { | ||
3 | contact = { | ||
4 | immae = config.myEnv.monitoring.contacts.immae // { | ||
5 | use = "generic-contact"; | ||
6 | contactgroups = "admins"; | ||
7 | host_notification_commands = "notify-host-by-email,notify-by-slack!$USER206$!$USER207$"; | ||
8 | service_notification_commands = "notify-service-by-email,notify-by-slack!$USER206$!$USER207$"; | ||
9 | }; | ||
10 | }; | ||
11 | command = { | ||
12 | check_passive = "$USER1$/check_dummy 3 \"Service result are stale\""; | ||
13 | }; | ||
14 | templates = { | ||
15 | service = { | ||
16 | external-passive-service = { | ||
17 | active_checks_enabled = "0"; | ||
18 | check_freshness = "1"; | ||
19 | check_period = "24x7"; | ||
20 | contact_groups = "admins"; | ||
21 | event_handler_enabled = "1"; | ||
22 | flap_detection_enabled = "1"; | ||
23 | is_volatile = "0"; | ||
24 | max_check_attempts = "3"; | ||
25 | notification_interval = "60"; | ||
26 | notification_options = "w,u,c,r,f,s"; | ||
27 | notification_period = "24x7"; | ||
28 | notifications_enabled = "1"; | ||
29 | passive_checks_enabled = "1"; | ||
30 | process_perf_data = "1"; | ||
31 | retain_nonstatus_information = "1"; | ||
32 | retain_status_information = "1"; | ||
33 | retry_interval = "2"; | ||
34 | check_command = "check_passive"; | ||
35 | _webstatus_namespace = "immae"; | ||
36 | }; | ||
37 | }; | ||
38 | }; | ||
39 | } | ||
diff --git a/modules/private/monitoring/objects_monitoring-1.nix b/modules/private/monitoring/objects_monitoring-1.nix deleted file mode 100644 index 563be16..0000000 --- a/modules/private/monitoring/objects_monitoring-1.nix +++ /dev/null | |||
@@ -1,714 +0,0 @@ | |||
1 | { config, pkgs, nodes, hostFQDN, emailCheck, lib, ... }: | ||
2 | { | ||
3 | activatedPlugins = [ "dns" "ftp" "git" "http" "imap" "ovh" "tcp" ]; | ||
4 | host = { | ||
5 | # Dummy host for testing | ||
6 | # "dummy-host" = { | ||
7 | # alias = "dummy.host"; | ||
8 | # address = "dummy.host"; | ||
9 | # use = "linux-server"; | ||
10 | # check_command = "check_ok"; | ||
11 | # }; | ||
12 | }; | ||
13 | service = [ | ||
14 | # Dummy service for testing | ||
15 | # { | ||
16 | # service_description = "Dummy failing test"; | ||
17 | # host_name = "dummy-host"; | ||
18 | # use = "local-service"; | ||
19 | # check_interval = "0.3"; | ||
20 | # max_check_attempts = "1"; | ||
21 | # flap_detection_enabled = "0"; | ||
22 | # notification_interval = "0.1"; | ||
23 | # check_command = "check_critical"; | ||
24 | # } | ||
25 | |||
26 | (emailCheck "monitoring-1" hostFQDN) | ||
27 | |||
28 | { | ||
29 | service_description = "ftp has access to database for authentication"; | ||
30 | host_name = "eldiron.immae.eu"; | ||
31 | use = "external-service"; | ||
32 | check_command = "check_ftp_database"; | ||
33 | |||
34 | servicegroups = "webstatus-remote-services"; | ||
35 | _webstatus_name = "FTP"; | ||
36 | _webstatus_url = "ftp.immae.eu"; | ||
37 | } | ||
38 | |||
39 | { | ||
40 | service_description = "gitolite is working"; | ||
41 | host_name = "eldiron.immae.eu"; | ||
42 | use = "external-web-service"; | ||
43 | check_command = "check_git"; | ||
44 | |||
45 | servicegroups = "webstatus-remote-services"; | ||
46 | _webstatus_name = "Git"; | ||
47 | _webstatus_url = "git.immae.eu"; | ||
48 | } | ||
49 | |||
50 | { | ||
51 | service_description = "postfix SSL is up to date"; | ||
52 | host_name = "eldiron.immae.eu"; | ||
53 | use = "external-service"; | ||
54 | check_command = "check_smtp"; | ||
55 | |||
56 | servicegroups = "webstatus-ssl"; | ||
57 | _webstatus_name = "SMTP"; | ||
58 | _webstatus_url = "smtp.immae.eu"; | ||
59 | } | ||
60 | |||
61 | { | ||
62 | service_description = "imap SSL is up to date"; | ||
63 | host_name = "eldiron.immae.eu"; | ||
64 | use = "external-service"; | ||
65 | check_command = ["check_tcp_ssl" "993"]; | ||
66 | |||
67 | servicegroups = "webstatus-ssl"; | ||
68 | _webstatus_name = "IMAP"; | ||
69 | _webstatus_url = "imap.immae.eu"; | ||
70 | } | ||
71 | |||
72 | { | ||
73 | service_description = "imap connection works"; | ||
74 | host_name = "eldiron.immae.eu"; | ||
75 | use = "external-service"; | ||
76 | check_command = "check_imap_connection"; | ||
77 | |||
78 | servicegroups = "webstatus-remote-services,webstatus-email"; | ||
79 | _webstatus_name = "IMAP"; | ||
80 | _webstatus_url = "imap.immae.eu"; | ||
81 | } | ||
82 | |||
83 | # Third party services | ||
84 | { | ||
85 | service_description = "OVH account has enough sms"; | ||
86 | host_name = "eldiron.immae.eu"; | ||
87 | use = "external-service"; | ||
88 | check_command = "check_ovh_sms"; | ||
89 | |||
90 | check_interval = "120"; | ||
91 | notification_interval = "1440"; | ||
92 | } | ||
93 | |||
94 | # Backup services | ||
95 | # { | ||
96 | # service_description = "eriomem backup is up and not full"; | ||
97 | # host_name = "eldiron.immae.eu"; | ||
98 | # use = "external-service"; | ||
99 | # check_command = "check_backup_eriomem"; | ||
100 | |||
101 | # check_interval = "120"; | ||
102 | # notification_interval = "1440"; | ||
103 | |||
104 | # servicegroups = "webstatus-backup"; | ||
105 | # } | ||
106 | { | ||
107 | service_description = "ovh backup is up and not full"; | ||
108 | host_name = "eldiron.immae.eu"; | ||
109 | use = "external-service"; | ||
110 | check_command = "check_ok"; | ||
111 | |||
112 | check_interval = "120"; | ||
113 | notification_interval = "1440"; | ||
114 | |||
115 | servicegroups = "webstatus-backup"; | ||
116 | } | ||
117 | |||
118 | # DNS services | ||
119 | { | ||
120 | service_description = "eldiron dns is active and authoritative for aten.pro"; | ||
121 | host_name = "eldiron.immae.eu"; | ||
122 | use = "dns-service"; | ||
123 | check_command = ["check_dns" "aten.pro" "-A"]; | ||
124 | |||
125 | servicegroups = "webstatus-dns"; | ||
126 | _webstatus_name = "aten.pro"; | ||
127 | } | ||
128 | |||
129 | { | ||
130 | service_description = "eldiron dns is active and authoritative for bouya.org"; | ||
131 | host_name = "eldiron.immae.eu"; | ||
132 | use = "dns-service"; | ||
133 | check_command = ["check_dns" "bouya.org" "-A"]; | ||
134 | |||
135 | servicegroups = "webstatus-dns"; | ||
136 | _webstatus_name = "bouya.org"; | ||
137 | } | ||
138 | |||
139 | { | ||
140 | service_description = "eldiron dns is active and authoritative for filedesreves.fr"; | ||
141 | host_name = "eldiron.immae.eu"; | ||
142 | use = "dns-service"; | ||
143 | check_command = ["check_dns" "filedesreves.fr" "-A"]; | ||
144 | |||
145 | servicegroups = "webstatus-dns"; | ||
146 | _webstatus_name = "filedesreves.fr"; | ||
147 | } | ||
148 | |||
149 | { | ||
150 | service_description = "eldiron dns is active and authoritative for ludivinecassal.com"; | ||
151 | host_name = "eldiron.immae.eu"; | ||
152 | use = "dns-service"; | ||
153 | check_command = ["check_dns" "ludivinecassal.com" "-A"]; | ||
154 | |||
155 | servicegroups = "webstatus-dns"; | ||
156 | _webstatus_name = "ludivinecassal.com"; | ||
157 | } | ||
158 | |||
159 | { | ||
160 | service_description = "eldiron dns is active and authoritative for icommandeur.org"; | ||
161 | host_name = "eldiron.immae.eu"; | ||
162 | use = "dns-service"; | ||
163 | check_command = ["check_dns" "icommandeur.org" "-A"]; | ||
164 | |||
165 | servicegroups = "webstatus-dns"; | ||
166 | _webstatus_name = "icommandeur.org"; | ||
167 | } | ||
168 | |||
169 | { | ||
170 | service_description = "eldiron dns is active and authoritative for immae.eu"; | ||
171 | host_name = "eldiron.immae.eu"; | ||
172 | use = "dns-service"; | ||
173 | check_command = ["check_dns" "immae.eu" "-A"]; | ||
174 | |||
175 | servicegroups = "webstatus-dns"; | ||
176 | _webstatus_name = "immae.eu"; | ||
177 | } | ||
178 | |||
179 | { | ||
180 | service_description = "eldiron dns is active and authoritative for immae.fr"; | ||
181 | host_name = "eldiron.immae.eu"; | ||
182 | use = "dns-service"; | ||
183 | check_command = ["check_dns" "immae.fr" "-A"]; | ||
184 | |||
185 | servicegroups = "webstatus-dns"; | ||
186 | _webstatus_name = "immae.fr"; | ||
187 | } | ||
188 | |||
189 | { | ||
190 | service_description = "eldiron dns is active and authoritative for piedsjaloux.fr"; | ||
191 | host_name = "eldiron.immae.eu"; | ||
192 | use = "dns-service"; | ||
193 | check_command = ["check_dns" "piedsjaloux.fr" "-A"]; | ||
194 | |||
195 | servicegroups = "webstatus-dns"; | ||
196 | _webstatus_name = "piedsjaloux.fr"; | ||
197 | } | ||
198 | |||
199 | { | ||
200 | service_description = "eldiron dns is active and authoritative for saison-photo.org"; | ||
201 | host_name = "eldiron.immae.eu"; | ||
202 | use = "dns-service"; | ||
203 | check_command = ["check_dns" "saison-photo.org" "-A"]; | ||
204 | |||
205 | servicegroups = "webstatus-dns"; | ||
206 | _webstatus_name = "saison-photo.org"; | ||
207 | } | ||
208 | |||
209 | { | ||
210 | service_description = "eldiron dns is active and authoritative for tellesflorian.com"; | ||
211 | host_name = "eldiron.immae.eu"; | ||
212 | use = "dns-service"; | ||
213 | check_command = ["check_dns" "tellesflorian.com" "-A"]; | ||
214 | |||
215 | servicegroups = "webstatus-dns"; | ||
216 | _webstatus_name = "tellesflorian.com"; | ||
217 | } | ||
218 | |||
219 | { | ||
220 | service_description = "eldiron dns is active and authoritative for capitaines.fr"; | ||
221 | host_name = "eldiron.immae.eu"; | ||
222 | use = "dns-service"; | ||
223 | check_command = ["check_dns" "capitaines.fr" "-A"]; | ||
224 | |||
225 | servicegroups = "webstatus-dns"; | ||
226 | _webstatus_name = "capitaines.fr"; | ||
227 | } | ||
228 | |||
229 | { | ||
230 | service_description = "cloudns dns is active and authoritative for aten.pro"; | ||
231 | host_name = "eldiron.immae.eu"; | ||
232 | use = "dns-service"; | ||
233 | check_command = ["check_external_dns" "pns1.cloudns.net" "aten.pro" "-A"]; | ||
234 | |||
235 | servicegroups = "webstatus-dns"; | ||
236 | _webstatus_name = "aten.pro (Secondary DNS ClouDNS)"; | ||
237 | } | ||
238 | |||
239 | { | ||
240 | service_description = "cloudns dns is active and authoritative for bouya.org"; | ||
241 | host_name = "eldiron.immae.eu"; | ||
242 | use = "dns-service"; | ||
243 | check_command = ["check_external_dns" "pns1.cloudns.net" "bouya.org" "-A"]; | ||
244 | |||
245 | servicegroups = "webstatus-dns"; | ||
246 | _webstatus_name = "bouya.org (Secondary DNS ClouDNS)"; | ||
247 | } | ||
248 | |||
249 | { | ||
250 | service_description = "cloudns dns is active and authoritative for filedesreves.fr"; | ||
251 | host_name = "eldiron.immae.eu"; | ||
252 | use = "dns-service"; | ||
253 | check_command = ["check_external_dns" "pns1.cloudns.net" "filedesreves.fr" "-A"]; | ||
254 | |||
255 | servicegroups = "webstatus-dns"; | ||
256 | _webstatus_name = "filedesreves.fr (Secondary DNS ClouDNS)"; | ||
257 | } | ||
258 | |||
259 | { | ||
260 | service_description = "cloudns dns is active and authoritative for ludivinecassal.com"; | ||
261 | host_name = "eldiron.immae.eu"; | ||
262 | use = "dns-service"; | ||
263 | check_command = ["check_external_dns" "pns1.cloudns.net" "ludivinecassal.com" "-A"]; | ||
264 | |||
265 | servicegroups = "webstatus-dns"; | ||
266 | _webstatus_name = "ludivinecassal.com (Secondary DNS ClouDNS)"; | ||
267 | } | ||
268 | |||
269 | { | ||
270 | service_description = "cloudns dns is active and authoritative for icommandeur.org"; | ||
271 | host_name = "eldiron.immae.eu"; | ||
272 | use = "dns-service"; | ||
273 | check_command = ["check_external_dns" "pns1.cloudns.net" "icommandeur.org" "-A"]; | ||
274 | |||
275 | servicegroups = "webstatus-dns"; | ||
276 | _webstatus_name = "icommandeur.org (Secondary DNS ClouDNS)"; | ||
277 | } | ||
278 | |||
279 | { | ||
280 | service_description = "cloudns dns is active and authoritative for immae.eu"; | ||
281 | host_name = "eldiron.immae.eu"; | ||
282 | use = "dns-service"; | ||
283 | check_command = ["check_external_dns" "pns1.cloudns.net" "immae.eu" "-A"]; | ||
284 | |||
285 | servicegroups = "webstatus-dns"; | ||
286 | _webstatus_name = "immae.eu (Secondary DNS ClouDNS)"; | ||
287 | } | ||
288 | |||
289 | { | ||
290 | service_description = "cloudns dns is active and authoritative for immae.fr"; | ||
291 | host_name = "eldiron.immae.eu"; | ||
292 | use = "dns-service"; | ||
293 | check_command = ["check_external_dns" "pns1.cloudns.net" "immae.fr" "-A"]; | ||
294 | |||
295 | servicegroups = "webstatus-dns"; | ||
296 | _webstatus_name = "immae.fr (Secondary DNS ClouDNS)"; | ||
297 | } | ||
298 | |||
299 | { | ||
300 | service_description = "cloudns dns is active and authoritative for piedsjaloux.fr"; | ||
301 | host_name = "eldiron.immae.eu"; | ||
302 | use = "dns-service"; | ||
303 | check_command = ["check_external_dns" "pns1.cloudns.net" "piedsjaloux.fr" "-A"]; | ||
304 | |||
305 | servicegroups = "webstatus-dns"; | ||
306 | _webstatus_name = "piedsjaloux.fr (Secondary DNS ClouDNS)"; | ||
307 | } | ||
308 | |||
309 | { | ||
310 | service_description = "cloudns dns is active and authoritative for tellesflorian.com"; | ||
311 | host_name = "eldiron.immae.eu"; | ||
312 | use = "dns-service"; | ||
313 | check_command = ["check_external_dns" "pns1.cloudns.net" "tellesflorian.com" "-A"]; | ||
314 | |||
315 | servicegroups = "webstatus-dns"; | ||
316 | _webstatus_name = "tellesflorian.com (Secondary DNS ClouDNS)"; | ||
317 | } | ||
318 | |||
319 | { | ||
320 | service_description = "cloudns dns is active and authoritative for saison-photo.org"; | ||
321 | host_name = "eldiron.immae.eu"; | ||
322 | use = "dns-service"; | ||
323 | check_command = ["check_external_dns" "pns1.cloudns.net" "saison-photo.org" "-A"]; | ||
324 | |||
325 | servicegroups = "webstatus-dns"; | ||
326 | _webstatus_name = "saison-photo.org (Secondary DNS ClouDNS)"; | ||
327 | } | ||
328 | |||
329 | #### Web scenarios | ||
330 | { | ||
331 | service_description = "blog website is running on immae.eu"; | ||
332 | host_name = "eldiron.immae.eu"; | ||
333 | use = "external-web-service"; | ||
334 | check_command = ["check_https" "www.immae.eu" "/blog/" "egrep -ri TODO /etc"]; | ||
335 | |||
336 | servicegroups = "webstatus-websites"; | ||
337 | _webstatus_name = "Immae’s Blog"; | ||
338 | _webstatus_url = "https://www.immae.eu/blog"; | ||
339 | } | ||
340 | |||
341 | { | ||
342 | service_description = "owncloud website is running on cloud.immae.eu"; | ||
343 | host_name = "eldiron.immae.eu"; | ||
344 | use = "external-web-service"; | ||
345 | check_command = ["check_https" "cloud.immae.eu" "/" "a safe home for all your data"]; | ||
346 | |||
347 | servicegroups = "webstatus-webapps"; | ||
348 | _webstatus_name = "Nextcloud"; | ||
349 | _webstatus_url = "https://cloud.immae.eu"; | ||
350 | } | ||
351 | |||
352 | { | ||
353 | service_description = "nextcloud website is running on nextcloud.4c.salle-s.org"; | ||
354 | host_name = "quatresaisons.immae.eu"; | ||
355 | use = "external-web-service"; | ||
356 | check_command = ["check_https" "nextcloud.4c.salle-s.org" "/" "a safe home for all your data"]; | ||
357 | |||
358 | servicegroups = "webstatus-webapps"; | ||
359 | _webstatus_name = "Nextcloud"; | ||
360 | _webstatus_url = "https://nextcloud.4c.salle-s.org"; | ||
361 | } | ||
362 | |||
363 | { | ||
364 | service_description = "davical website is running on dav.immae.eu"; | ||
365 | host_name = "eldiron.immae.eu"; | ||
366 | use = "external-web-service"; | ||
367 | check_command = ["check_https" "dav.immae.eu" "/davical/" "Log On Please"]; | ||
368 | |||
369 | servicegroups = "webstatus-webapps"; | ||
370 | _webstatus_name = "Davical"; | ||
371 | _webstatus_url = "https://dav.immae.eu/davical"; | ||
372 | } | ||
373 | |||
374 | { | ||
375 | service_description = "adminer website is running on tools.immae.eu"; | ||
376 | host_name = "eldiron.immae.eu"; | ||
377 | use = "external-web-service"; | ||
378 | check_command = ["check_https_auth" "tools.immae.eu" "/adminer/" "www.adminer.org"]; | ||
379 | |||
380 | servicegroups = "webstatus-webapps"; | ||
381 | _webstatus_name = "Adminer"; | ||
382 | _webstatus_url = "https://tools.immae.eu/adminer/"; | ||
383 | } | ||
384 | |||
385 | { | ||
386 | service_description = "ttrss website is running on tools.immae.eu"; | ||
387 | host_name = "eldiron.immae.eu"; | ||
388 | use = "external-web-service"; | ||
389 | check_command = ["check_https" "tools.immae.eu" "/ttrss/" "<title>Tiny Tiny RSS"]; | ||
390 | |||
391 | servicegroups = "webstatus-webapps"; | ||
392 | _webstatus_name = "TT-RSS"; | ||
393 | _webstatus_url = "https://tools.immae.eu/ttrss/"; | ||
394 | } | ||
395 | |||
396 | { | ||
397 | service_description = "mpd website is running on tools.immae.eu"; | ||
398 | host_name = "eldiron.immae.eu"; | ||
399 | use = "external-web-service"; | ||
400 | check_command = ["check_https_auth" "tools.immae.eu" "/mpd/" "<title>ympd"]; | ||
401 | |||
402 | servicegroups = "webstatus-webapps"; | ||
403 | _webstatus_name = "MPD (YMPD)"; | ||
404 | _webstatus_url = "https://tools.immae.eu/mpd/"; | ||
405 | } | ||
406 | |||
407 | { | ||
408 | service_description = "rompr mpd website is running on tools.immae.eu"; | ||
409 | host_name = "eldiron.immae.eu"; | ||
410 | use = "external-web-service"; | ||
411 | check_command = ["check_https_auth" "tools.immae.eu" "/rompr/" "<title>RompЯ"]; | ||
412 | |||
413 | servicegroups = "webstatus-webapps"; | ||
414 | _webstatus_name = "MPD (ROMPR)"; | ||
415 | _webstatus_url = "https://tools.immae.eu/rompr/"; | ||
416 | } | ||
417 | |||
418 | { | ||
419 | service_description = "wallabag website is running on tools.immae.eu"; | ||
420 | host_name = "eldiron.immae.eu"; | ||
421 | use = "external-web-service"; | ||
422 | check_command = ["check_https" "tools.immae.eu" "/wallabag/" "<title>Bienvenue sur wallabag"]; | ||
423 | |||
424 | servicegroups = "webstatus-webapps"; | ||
425 | _webstatus_name = "Wallabag"; | ||
426 | _webstatus_url = "https://tools.immae.eu/wallabag/"; | ||
427 | } | ||
428 | |||
429 | { | ||
430 | service_description = "yourl website is running on tools.immae.eu"; | ||
431 | host_name = "eldiron.immae.eu"; | ||
432 | use = "external-web-service"; | ||
433 | check_command = ["check_https" "tools.immae.eu" "/url/admin/" "<title>YOURLS"]; | ||
434 | |||
435 | servicegroups = "webstatus-webapps"; | ||
436 | _webstatus_name = "YOURLS"; | ||
437 | _webstatus_url = "https://tools.immae.eu/url/admin/"; | ||
438 | } | ||
439 | |||
440 | { | ||
441 | service_description = "roundcube website is running on mail.immae.eu"; | ||
442 | host_name = "eldiron.immae.eu"; | ||
443 | use = "external-web-service"; | ||
444 | check_command = ["check_https" "mail.immae.eu" "/roundcube/" "<title>Roundcube"]; | ||
445 | |||
446 | servicegroups = "webstatus-webapps,webstatus-email"; | ||
447 | _webstatus_name = "Roundcube"; | ||
448 | _webstatus_url = "https://mail.immae.eu/roundcube/"; | ||
449 | } | ||
450 | |||
451 | { | ||
452 | service_description = "dokuwiki website is running on tools.immae.eu"; | ||
453 | host_name = "eldiron.immae.eu"; | ||
454 | use = "external-web-service"; | ||
455 | check_command = ["check_https" "tools.immae.eu" "/dokuwiki/" "<title>start"]; | ||
456 | |||
457 | servicegroups = "webstatus-webapps"; | ||
458 | _webstatus_name = "Dokuwiki"; | ||
459 | _webstatus_url = "https://tools.immae.eu/dokuwiki/"; | ||
460 | } | ||
461 | |||
462 | { | ||
463 | service_description = "shaarli website is running on tools.immae.eu"; | ||
464 | host_name = "eldiron.immae.eu"; | ||
465 | use = "external-web-service"; | ||
466 | check_command = ["check_https" "tools.immae.eu" "/Shaarli/immae" "<title>Immae"]; | ||
467 | |||
468 | servicegroups = "webstatus-webapps"; | ||
469 | _webstatus_name = "Shaarli"; | ||
470 | _webstatus_url = "https://tools.immae.eu/Shaarli/"; | ||
471 | } | ||
472 | |||
473 | { | ||
474 | service_description = "ldap website is running on tools.immae.eu"; | ||
475 | host_name = "eldiron.immae.eu"; | ||
476 | use = "external-web-service"; | ||
477 | check_command = ["check_https" "tools.immae.eu" "/ldap/" "<title>phpLDAPadmin"]; | ||
478 | |||
479 | servicegroups = "webstatus-webapps"; | ||
480 | _webstatus_name = "LDAP"; | ||
481 | _webstatus_url = "https://tools.immae.eu/ldap/"; | ||
482 | } | ||
483 | |||
484 | { | ||
485 | service_description = "gitweb website is running on git.immae.eu"; | ||
486 | host_name = "eldiron.immae.eu"; | ||
487 | use = "external-web-service"; | ||
488 | check_command = ["check_https" "git.immae.eu" "/cgit" "<title>Immae’s git"]; | ||
489 | |||
490 | servicegroups = "webstatus-webapps"; | ||
491 | _webstatus_name = "Git"; | ||
492 | _webstatus_url = "https://git.immae.eu/"; | ||
493 | } | ||
494 | |||
495 | { | ||
496 | service_description = "mantisbt website is running on git.immae.eu"; | ||
497 | host_name = "eldiron.immae.eu"; | ||
498 | use = "external-web-service"; | ||
499 | check_command = ["check_https" "git.immae.eu" "/mantisbt/" "<title>My View - MantisBT"]; | ||
500 | |||
501 | servicegroups = "webstatus-webapps"; | ||
502 | _webstatus_name = "Mantisbt"; | ||
503 | _webstatus_url = "https://git.immae.eu/mantisbt"; | ||
504 | } | ||
505 | |||
506 | { | ||
507 | service_description = "diaspora website is running on diaspora.immae.eu"; | ||
508 | host_name = "eldiron.immae.eu"; | ||
509 | use = "external-web-service"; | ||
510 | check_command = ["check_https" "diaspora.immae.eu" "/" "is the online social world where you are in control"]; | ||
511 | |||
512 | servicegroups = "webstatus-webapps"; | ||
513 | _webstatus_name = "Diaspora"; | ||
514 | _webstatus_url = "https://diaspora.immae.eu/"; | ||
515 | } | ||
516 | |||
517 | { | ||
518 | service_description = "peertube website is running on peertube.immae.eu"; | ||
519 | host_name = "eldiron.immae.eu"; | ||
520 | use = "external-web-service"; | ||
521 | check_command = ["check_https" "peertube.immae.eu" "/" "<title>Immae’s PeerTube"]; | ||
522 | |||
523 | servicegroups = "webstatus-webapps"; | ||
524 | _webstatus_name = "Peertube"; | ||
525 | _webstatus_url = "https://peertube.immae.eu/"; | ||
526 | } | ||
527 | |||
528 | { | ||
529 | service_description = "etherpad website is running on ether.immae.eu"; | ||
530 | host_name = "eldiron.immae.eu"; | ||
531 | use = "external-web-service"; | ||
532 | check_command = ["check_https" "ether.immae.eu" "/" "<title>Etherpad"]; | ||
533 | |||
534 | servicegroups = "webstatus-webapps"; | ||
535 | _webstatus_name = "Etherpad"; | ||
536 | _webstatus_url = "https://ether.immae.eu/"; | ||
537 | } | ||
538 | |||
539 | { | ||
540 | service_description = "mediagoblin website is running on mgoblin.immae.eu"; | ||
541 | host_name = "eldiron.immae.eu"; | ||
542 | use = "external-web-service"; | ||
543 | check_command = ["check_https" "mgoblin.immae.eu" "/" "<title>GNU MediaGoblin"]; | ||
544 | |||
545 | servicegroups = "webstatus-webapps"; | ||
546 | _webstatus_name = "Mediagoblin"; | ||
547 | _webstatus_url = "https://mgoblin.immae.eu/"; | ||
548 | } | ||
549 | |||
550 | { | ||
551 | service_description = "mastodon website is running on mastodon.immae.eu"; | ||
552 | host_name = "eldiron.immae.eu"; | ||
553 | use = "external-web-service"; | ||
554 | check_command = ["check_https" "mastodon.immae.eu" "/" "Mastodon</title>"]; | ||
555 | |||
556 | servicegroups = "webstatus-webapps"; | ||
557 | _webstatus_name = "Mastodon"; | ||
558 | _webstatus_url = "https://mastodon.immae.eu/"; | ||
559 | } | ||
560 | |||
561 | # Other web pages | ||
562 | { | ||
563 | service_description = "Jerome website is running on naturaloutil.immae.eu"; | ||
564 | host_name = "eldiron.immae.eu"; | ||
565 | use = "external-web-service"; | ||
566 | check_command = ["check_https" "naturaloutil.immae.eu" "/ping.php" "YES"]; | ||
567 | |||
568 | servicegroups = "webstatus-websites"; | ||
569 | _webstatus_name = "naturaloutil.immae.eu"; | ||
570 | _webstatus_url = "https://naturaloutil.immae.eu/"; | ||
571 | } | ||
572 | |||
573 | { | ||
574 | service_description = "Telio website is running on realistesmedia.fr"; | ||
575 | host_name = "eldiron.immae.eu"; | ||
576 | use = "external-web-service"; | ||
577 | check_command = ["check_https" "realistesmedia.fr" "/" "doctype html"]; | ||
578 | contact_groups = "telio-tortay"; | ||
579 | } | ||
580 | |||
581 | { | ||
582 | service_description = "Chloe website site is running on osteopathe-cc.fr"; | ||
583 | host_name = "eldiron.immae.eu"; | ||
584 | use = "external-web-service"; | ||
585 | check_command = ["check_https" "www.osteopathe-cc.fr" "/" "<title>Chloé Condamin ostéopathe D.O."]; | ||
586 | |||
587 | servicegroups = "webstatus-websites"; | ||
588 | _webstatus_name = "osteopathe-cc.fr"; | ||
589 | _webstatus_url = "https://www.osteopathe-cc.fr/"; | ||
590 | } | ||
591 | |||
592 | { | ||
593 | service_description = "Richie website is running on europe-richie.org"; | ||
594 | host_name = "eldiron.immae.eu"; | ||
595 | use = "external-web-service"; | ||
596 | check_command = ["check_https" "www.europe-richie.org" "/" "<title>.Europe Richie]"]; | ||
597 | |||
598 | servicegroups = "webstatus-websites"; | ||
599 | _webstatus_name = "europe-richie.org"; | ||
600 | _webstatus_url = "https://www.europe-richie.org/"; | ||
601 | } | ||
602 | |||
603 | { | ||
604 | service_description = "Ludivine website site is running on ludivinecassal.com"; | ||
605 | host_name = "eldiron.immae.eu"; | ||
606 | use = "external-web-service"; | ||
607 | check_command = ["check_https" "www.ludivinecassal.com" "/" "<title>Ludivine Cassal"]; | ||
608 | |||
609 | servicegroups = "webstatus-websites"; | ||
610 | _webstatus_name = "ludivinecassal.com"; | ||
611 | _webstatus_url = "https://www.ludivinecassal.com/"; | ||
612 | } | ||
613 | |||
614 | { | ||
615 | service_description = "Aten website site is running on aten.pro"; | ||
616 | host_name = "eldiron.immae.eu"; | ||
617 | use = "external-web-service"; | ||
618 | check_command = ["check_https" "aten.pro" "/" "<title>ATEN"]; | ||
619 | |||
620 | servicegroups = "webstatus-websites"; | ||
621 | _webstatus_name = "aten.pro"; | ||
622 | _webstatus_url = "https://aten.pro/"; | ||
623 | } | ||
624 | |||
625 | { | ||
626 | service_description = "PiedsJaloux website site is running on piedsjaloux.fr"; | ||
627 | host_name = "eldiron.immae.eu"; | ||
628 | use = "external-web-service"; | ||
629 | check_command = ["check_https" "www.piedsjaloux.fr" "/" "<title>Les Pieds Jaloux"]; | ||
630 | |||
631 | servicegroups = "webstatus-websites"; | ||
632 | _webstatus_name = "piedsjaloux.fr"; | ||
633 | _webstatus_url = "https://www.piedsjaloux.fr/"; | ||
634 | } | ||
635 | |||
636 | { | ||
637 | service_description = "Denise and Jerome website site is running on denisejerome.piedsjaloux.fr"; | ||
638 | host_name = "eldiron.immae.eu"; | ||
639 | use = "external-web-service"; | ||
640 | check_command = ["check_https" "denisejerome.piedsjaloux.fr" "/" "<title>Accueil - Mariage"]; | ||
641 | |||
642 | servicegroups = "webstatus-websites"; | ||
643 | _webstatus_name = "denisejerome.piedsjaloux.fr"; | ||
644 | _webstatus_url = "https://denisejerome.piedsjaloux.fr/"; | ||
645 | } | ||
646 | |||
647 | { | ||
648 | service_description = "Connexionswing website site is running on connexionswing.com"; | ||
649 | host_name = "eldiron.immae.eu"; | ||
650 | use = "external-web-service"; | ||
651 | check_command = ["check_https" "www.connexionswing.com" "/" "<title>Cours, stages"]; | ||
652 | |||
653 | servicegroups = "webstatus-websites"; | ||
654 | _webstatus_name = "connexionswing.com"; | ||
655 | _webstatus_url = "https://www.connexionswing.com/"; | ||
656 | } | ||
657 | |||
658 | { | ||
659 | service_description = "Sandetludo website site is running on sandetludo.com"; | ||
660 | host_name = "eldiron.immae.eu"; | ||
661 | use = "external-web-service"; | ||
662 | check_command = ["check_https" "www.sandetludo.com" "/" "<title>Cours de West Coast"]; | ||
663 | |||
664 | servicegroups = "webstatus-websites"; | ||
665 | _webstatus_name = "sandetludo.com"; | ||
666 | _webstatus_url = "https://www.sandetludo.com/"; | ||
667 | } | ||
668 | |||
669 | # SSL | ||
670 | { | ||
671 | service_description = "ldap SSL is up to date"; | ||
672 | host_name = "eldiron.immae.eu"; | ||
673 | use = "external-service"; | ||
674 | check_command = ["check_tcp_ssl" "636"]; | ||
675 | |||
676 | servicegroups = "webstatus-ssl"; | ||
677 | _webstatus_name = "LDAP"; | ||
678 | _webstatus_url = "ldap.immae.eu"; | ||
679 | } | ||
680 | |||
681 | # Tiboqorl | ||
682 | { | ||
683 | service_description = "Cyllene support page is running"; | ||
684 | host_name = "tiboqorl.fr"; | ||
685 | use = "external-web-service"; | ||
686 | contact_groups = "tiboqorl"; | ||
687 | check_command = [ "check_https" "sc.groupe-cyllene.com" "/" "<title>Support Client Cyllene" ]; | ||
688 | _webstatus_namespace = "tiboqorl"; | ||
689 | } | ||
690 | |||
691 | { | ||
692 | service_description = "Origny page is running"; | ||
693 | host_name = "tiboqorl.fr"; | ||
694 | use = "external-web-service"; | ||
695 | contact_groups = "tiboqorl"; | ||
696 | check_command = [ "check_https" "origny.tiboqorl.fr" "/" "<title>Home Assistant" ]; | ||
697 | _webstatus_namespace = "tiboqorl"; | ||
698 | } | ||
699 | ]; | ||
700 | contact = { | ||
701 | telio-tortay = config.myEnv.monitoring.contacts.telio-tortay // { | ||
702 | use = "generic-contact"; | ||
703 | contactgroups = "telio-tortay"; | ||
704 | }; | ||
705 | thibault = config.myEnv.monitoring.contacts.thibault // { | ||
706 | use = "generic-contact"; | ||
707 | contactgroups = "tiboqorl"; | ||
708 | }; | ||
709 | }; | ||
710 | contactgroup = { | ||
711 | telio-tortay = { alias = "Telio Tortay"; members = "immae"; }; | ||
712 | tiboqorl = { alias = "Tiboqorl"; members = "immae"; }; | ||
713 | }; | ||
714 | } | ||
diff --git a/modules/private/monitoring/objects_phare.nix b/modules/private/monitoring/objects_phare.nix deleted file mode 100644 index 082e7e3..0000000 --- a/modules/private/monitoring/objects_phare.nix +++ /dev/null | |||
@@ -1,17 +0,0 @@ | |||
1 | { emailCheck, ... }: | ||
2 | { | ||
3 | activatedPlugins = [ "emails" ]; | ||
4 | host = { | ||
5 | "phare.normalesup.org" = { | ||
6 | alias = "phare.normalesup.org"; | ||
7 | address = "phare.normalesup.org"; | ||
8 | use = "linux-server"; | ||
9 | hostgroups = "webstatus-hosts"; | ||
10 | _webstatus_name = "phare"; | ||
11 | _webstatus_vhost = "status.immae.eu"; | ||
12 | }; | ||
13 | }; | ||
14 | service = [ | ||
15 | (emailCheck "phare" "phare.normalesup.org") | ||
16 | ]; | ||
17 | } | ||
diff --git a/modules/private/monitoring/objects_quatresaisons.nix b/modules/private/monitoring/objects_quatresaisons.nix deleted file mode 100644 index f30cf81..0000000 --- a/modules/private/monitoring/objects_quatresaisons.nix +++ /dev/null | |||
@@ -1,38 +0,0 @@ | |||
1 | { lib, hostFQDN, emailCheck, openldap, ... }: | ||
2 | let | ||
3 | defaultPassiveInfo = { | ||
4 | filter = lib.attrsets.filterAttrs | ||
5 | (k: v: builtins.elem k ["service_description"] || builtins.substring 0 1 k == "_"); | ||
6 | use = "external-passive-service"; | ||
7 | freshness_threshold = "450"; | ||
8 | retry_interval = "1"; | ||
9 | servicegroups = "webstatus-resources"; | ||
10 | host_name = hostFQDN; | ||
11 | }; | ||
12 | in | ||
13 | { | ||
14 | resources = { | ||
15 | USER212 = "{{ .monitoring.quatresaisons.naemon_ldap }}"; | ||
16 | }; | ||
17 | activatedPlugins = [ "megaraid" "command" "postgresql" ]; | ||
18 | service = [ | ||
19 | { | ||
20 | passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-resources"; }; | ||
21 | service_description = "No RAID device is degraded"; | ||
22 | use = "local-service"; | ||
23 | check_command = ["check_megaraid"]; | ||
24 | } | ||
25 | { | ||
26 | passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-resources"; }; | ||
27 | service_description = "LDAP is running"; | ||
28 | use = "local-service"; | ||
29 | check_command = [ "check_command_status" "${openldap}/bin/ldapwhoami -D uid=naemon,ou=services,dc=salle-s,dc=org -w $USER212$" "0" ""]; | ||
30 | } | ||
31 | { | ||
32 | passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-resources"; }; | ||
33 | service_description = "Postgresql is running"; | ||
34 | use = "local-service"; | ||
35 | check_command = [ "check_postgresql_database_count" "/run/postgresql" "5432" "3" ]; | ||
36 | } | ||
37 | ]; | ||
38 | } | ||
diff --git a/modules/private/monitoring/objects_tiboqorl-fr.nix b/modules/private/monitoring/objects_tiboqorl-fr.nix deleted file mode 100644 index b49a1d8..0000000 --- a/modules/private/monitoring/objects_tiboqorl-fr.nix +++ /dev/null | |||
@@ -1,174 +0,0 @@ | |||
1 | { lib, ... }: | ||
2 | let | ||
3 | hostFQDN = "tiboqorl.fr"; | ||
4 | defaultPassiveInfo = { | ||
5 | filter = lib.attrsets.filterAttrs | ||
6 | (k: v: builtins.elem k ["service_description"] || builtins.substring 0 1 k == "_"); | ||
7 | use = "external-passive-service"; | ||
8 | contact_groups = "tiboqorl"; | ||
9 | freshness_threshold = "450"; | ||
10 | notification_interval = "240"; | ||
11 | retry_interval = "1"; | ||
12 | servicegroups = "webstatus-resources"; | ||
13 | _webstatus_namespace = "tiboqorl"; | ||
14 | host_name = hostFQDN; | ||
15 | }; | ||
16 | in | ||
17 | { | ||
18 | host = { | ||
19 | "tiboqorl.fr" = { | ||
20 | alias = "tiboqorl.fr"; | ||
21 | address = "tiboqorl.fr"; | ||
22 | use = "linux-server"; | ||
23 | contact_groups = "tiboqorl"; | ||
24 | hostgroups = "webstatus-hosts"; | ||
25 | _webstatus_name = "tiboqorl"; | ||
26 | _webstatus_vhost = "status.immae.eu"; | ||
27 | _webstatus_namespace = "tiboqorl"; | ||
28 | }; | ||
29 | }; | ||
30 | service = [ | ||
31 | { | ||
32 | passiveInfo = defaultPassiveInfo; | ||
33 | service_description = "Size on root partition"; | ||
34 | use = "local-service"; | ||
35 | check_command = ["check_local_disk" "20%" "10%" "/"]; | ||
36 | } | ||
37 | { | ||
38 | passiveInfo = defaultPassiveInfo; | ||
39 | service_description = "Total number of process"; | ||
40 | use = "local-service"; | ||
41 | check_command = [ "check_local_procs" "250" "400" "RSZDT" ]; | ||
42 | } | ||
43 | { | ||
44 | passiveInfo = defaultPassiveInfo; | ||
45 | service_description = "Network bandwidth"; | ||
46 | use = "local-service"; | ||
47 | check_interval = "2"; | ||
48 | max_check_attempts = "20"; | ||
49 | retry_interval = "2"; | ||
50 | check_command = [ | ||
51 | "check_local_bandwidth" | ||
52 | "eth0" | ||
53 | "20480" # kb/s | ||
54 | "51200" # kb/s | ||
55 | ]; | ||
56 | } | ||
57 | { | ||
58 | passiveInfo = defaultPassiveInfo; | ||
59 | service_description = "Average load"; | ||
60 | use = "local-service"; | ||
61 | check_command = [ | ||
62 | "check_local_load" | ||
63 | "0.75,0.75,0.75" # warn | ||
64 | "1.0,1.0,1.0" # alert | ||
65 | ]; | ||
66 | } | ||
67 | { | ||
68 | passiveInfo = defaultPassiveInfo; | ||
69 | service_description = "Swap usage"; | ||
70 | use = "local-service"; | ||
71 | check_command = ["check_local_swap" "20" "10"]; | ||
72 | } | ||
73 | { | ||
74 | passiveInfo = defaultPassiveInfo; | ||
75 | service_description = "Memory usage"; | ||
76 | use = "local-service"; | ||
77 | check_command = ["check_memory" "80" "90"]; | ||
78 | } | ||
79 | { | ||
80 | passiveInfo = defaultPassiveInfo; | ||
81 | service_description = "NTP is activated and working"; | ||
82 | use = "local-service"; | ||
83 | check_command = ["check_ntp"]; | ||
84 | } | ||
85 | ]; | ||
86 | command = { | ||
87 | check_local_disk = "$USER1$/check_disk -w $ARG1$ -c $ARG2$ -p $ARG3$"; | ||
88 | check_local_procs = "$USER1$/check_procs -w $ARG1$ -c $ARG2$ -s $ARG3$"; | ||
89 | check_local_load = "$USER1$/check_load -w $ARG1$ -c $ARG2$"; | ||
90 | check_local_swap = "$USER1$/check_swap -n ok -w $ARG1$ -c $ARG2$"; | ||
91 | check_local_bandwidth = "$USER2$/check_bandwidth -i=$ARG1$ -w $ARG2$ -c $ARG3$"; | ||
92 | check_memory = "$USER2$/check_mem.sh -w $ARG1$ -c $ARG2$"; | ||
93 | check_ntp = "$USER1$/check_ntp_time -t 30 -q -H 0.arch.pool.ntp.org"; | ||
94 | |||
95 | check_host_alive = "$USER1$/check_ping -H $HOSTADDRESS$ -w 3000.0,80% -c 5000.0,100% -p 5"; | ||
96 | |||
97 | notify-master = "$USER2$/send_nrdp.sh -u \"$USER200$\" -t \"$USER201$\" -H \"$HOSTADDRESS$\" -s \"$SERVICEDESC$\" -S \"$SERVICESTATEID$\" -o \"$SERVICEOUTPUT$ | $SERVICEPERFDATA$\""; | ||
98 | }; | ||
99 | timeperiod = { | ||
100 | "24x7" = { | ||
101 | alias = "24 Hours A Day, 7 Days A Week"; | ||
102 | monday = "00:00-24:00"; | ||
103 | tuesday = "00:00-24:00"; | ||
104 | wednesday = "00:00-24:00"; | ||
105 | thursday = "00:00-24:00"; | ||
106 | friday = "00:00-24:00"; | ||
107 | saturday = "00:00-24:00"; | ||
108 | sunday = "00:00-24:00"; | ||
109 | }; | ||
110 | }; | ||
111 | servicegroup = { | ||
112 | webstatus-resources = { alias = "Local resources"; }; | ||
113 | }; | ||
114 | hostgroup = { | ||
115 | webstatus-hosts = { alias = "Hosts"; }; | ||
116 | }; | ||
117 | contactgroup = { | ||
118 | tiboqorl = { alias = "Naemon Administrators"; }; | ||
119 | }; | ||
120 | templates = { | ||
121 | service = { | ||
122 | generic-service = { | ||
123 | active_checks_enabled = "1"; | ||
124 | check_freshness = "0"; | ||
125 | check_interval = "10"; | ||
126 | check_period = "24x7"; | ||
127 | contact_groups = "tiboqorl"; | ||
128 | event_handler_enabled = "1"; | ||
129 | flap_detection_enabled = "1"; | ||
130 | is_volatile = "0"; | ||
131 | max_check_attempts = "3"; | ||
132 | notification_interval = "60"; | ||
133 | notification_options = "w,u,c,r,f,s"; | ||
134 | notification_period = "24x7"; | ||
135 | notifications_enabled = "0"; | ||
136 | obsess_over_service = "1"; | ||
137 | passive_checks_enabled = "1"; | ||
138 | process_perf_data = "1"; | ||
139 | retain_nonstatus_information = "1"; | ||
140 | retain_status_information = "1"; | ||
141 | retry_interval = "2"; | ||
142 | }; | ||
143 | local-service = { | ||
144 | use = "generic-service"; | ||
145 | host_name = hostFQDN; | ||
146 | check_interval = "5"; | ||
147 | max_check_attempts = "4"; | ||
148 | retry_interval = "1"; | ||
149 | servicegroups = "webstatus-resources"; | ||
150 | }; | ||
151 | }; | ||
152 | host = { | ||
153 | generic-host = { | ||
154 | event_handler_enabled = "1"; | ||
155 | flap_detection_enabled = "1"; | ||
156 | notification_period = "24x7"; | ||
157 | notifications_enabled = "1"; | ||
158 | process_perf_data = "1"; | ||
159 | retain_nonstatus_information = "1"; | ||
160 | retain_status_information = "1"; | ||
161 | }; | ||
162 | linux-server = { | ||
163 | check_command = "check_host_alive"; | ||
164 | check_interval = "5"; | ||
165 | check_period = "24x7"; | ||
166 | contact_groups = "tiboqorl"; | ||
167 | max_check_attempts = "10"; | ||
168 | notification_interval = "120"; | ||
169 | notification_options = "d,u,r,f"; | ||
170 | retry_interval = "1"; | ||
171 | }; | ||
172 | }; | ||
173 | }; | ||
174 | } | ||
diff --git a/modules/private/monitoring/objects_ulminfo-fr.nix b/modules/private/monitoring/objects_ulminfo-fr.nix deleted file mode 100644 index bd2804b..0000000 --- a/modules/private/monitoring/objects_ulminfo-fr.nix +++ /dev/null | |||
@@ -1,17 +0,0 @@ | |||
1 | { emailCheck, ... }: | ||
2 | { | ||
3 | activatedPlugins = [ "emails" ]; | ||
4 | host = { | ||
5 | "ulminfo.fr" = { | ||
6 | alias = "ulminfo.fr"; | ||
7 | address = "ulminfo.fr"; | ||
8 | use = "linux-server"; | ||
9 | hostgroups = "webstatus-hosts"; | ||
10 | _webstatus_name = "ulminfo"; | ||
11 | _webstatus_vhost = "status.immae.eu"; | ||
12 | }; | ||
13 | }; | ||
14 | service = [ | ||
15 | (emailCheck "ulminfo" "ulminfo.fr") | ||
16 | ]; | ||
17 | } | ||
diff --git a/modules/private/monitoring/plugins/check_backup_age b/modules/private/monitoring/plugins/check_backup_age deleted file mode 100755 index d873bdc..0000000 --- a/modules/private/monitoring/plugins/check_backup_age +++ /dev/null | |||
@@ -1,66 +0,0 @@ | |||
1 | #!/usr/bin/env bash | ||
2 | |||
3 | set -euo pipefail | ||
4 | |||
5 | source $SECRETS_PATH | ||
6 | export HOME=$(mktemp -d) | ||
7 | |||
8 | trap "rm -rf $HOME" EXIT | ||
9 | folder=$1 | ||
10 | |||
11 | parse_date() { | ||
12 | d=$1 | ||
13 | echo $d | sed -e "s/^\(....\)\(..\)\(..\)T\(..\)\(..\)\(..\)/\1-\2-\3T\4:\5:\6/" | ||
14 | } | ||
15 | |||
16 | output=$(duplicity collection-status --log-fd 2 "$BASE_URL$folder" 2>&1 > /dev/null) | ||
17 | |||
18 | output=$(echo "$output" | grep -v "^\.") | ||
19 | |||
20 | last_full=$(parse_date "$(echo "$output" | grep "^ full " | cut -d' ' -f3 | sort | tail -n1)") | ||
21 | last_bkp=$(parse_date "$(echo "$output" | grep -E "^ (full|inc) " | cut -d' ' -f3 | sort | tail -n1)") | ||
22 | orphaned_sets=$(echo "$output" | grep "^orphaned-sets-num" | cut -d' ' -f2) | ||
23 | incomplete_sets=$(echo "$output" | grep "^incomplete-sets-num" | cut -d' ' -f2) | ||
24 | |||
25 | if [[ -z "$last_full" || -z "$last_bkp" || -z "$orphaned_sets" || -z "$incomplete_sets" ]]; then | ||
26 | echo "duply-backup $folder UNKNOWN - impossible to parse result" | ||
27 | exit 3 | ||
28 | fi | ||
29 | |||
30 | last_full_age=$(( ($(date "+%s") - $(date -d "$last_full" "+%s")) / (60*60*24) )) | ||
31 | last_bkp_age=$(( ($(date "+%s") - $(date -d "$last_bkp" "+%s")) / (60*60) )) | ||
32 | |||
33 | PERFS="orphan=$orphaned_sets;1;;0; incomplete=$incomplete_sets;1;;0; age=${last_bkp_age}h;30;48;0; full_age=${last_full_age}d;35;45;0;" | ||
34 | |||
35 | |||
36 | WARNINGS="" | ||
37 | ERRORS="" | ||
38 | if [[ "$incomplete_sets" -gt 0 ]]; then | ||
39 | WARNINGS="$WARNINGS - Incomplete sets is $incomplete_sets" | ||
40 | fi | ||
41 | |||
42 | if [[ "$orphaned_sets" -gt 0 ]]; then | ||
43 | WARNINGS="$WARNINGS - Orphaned sets is $orphaned_sets" | ||
44 | fi | ||
45 | |||
46 | if [[ "$last_full_age" -gt 45 ]]; then | ||
47 | ERRORS="$ERRORS - Last full backup is too old $last_full" | ||
48 | elif [[ "$last_full_age" -gt 35 ]]; then | ||
49 | WARNINGS="$WARNINGS - Last full backup is getting old $last_full" | ||
50 | fi | ||
51 | |||
52 | if [[ "$last_bkp_age" -gt 48 ]]; then | ||
53 | ERRORS="$ERRORS - Last backup is too old $last_bkp" | ||
54 | elif [[ "$last_bkp_age" -gt 30 ]]; then | ||
55 | WARNINGS="$WARNINGS - Last backup is getting old $last_bkp" | ||
56 | fi | ||
57 | |||
58 | if [[ -n "$ERRORS" ]]; then | ||
59 | echo "duply-backup $folder CRITICAL$ERRORS$WARNINGS | $PERFS" | ||
60 | exit 2 | ||
61 | elif [[ -n "$WARNINGS" ]]; then | ||
62 | echo "duply-backup $folder WARNING$WARNINGS | $PERFS" | ||
63 | exit 1 | ||
64 | else | ||
65 | echo "duply-backup $folder OK | $PERFS" | ||
66 | fi | ||
diff --git a/modules/private/monitoring/plugins/check_bandwidth b/modules/private/monitoring/plugins/check_bandwidth deleted file mode 100755 index 53c5d85..0000000 --- a/modules/private/monitoring/plugins/check_bandwidth +++ /dev/null | |||
@@ -1,123 +0,0 @@ | |||
1 | #!/bin/bash | ||
2 | |||
3 | # ============================== SUMMARY ===================================== | ||
4 | #Author : Ken Roulamellah | ||
5 | #Date : 19/07/2018 | ||
6 | #Version : 1.0 | ||
7 | # Licence : GPL | ||
8 | # ===================== INFORMATION ABOUT THIS PLUGIN ======================== | ||
9 | # | ||
10 | # This plugin checks the average RX and TX bandwidth utilisation. It use | ||
11 | # kbytes as measure unite. | ||
12 | # | ||
13 | # ========================== START OF PROGRAM CODE =========================== | ||
14 | |||
15 | STATE_OK=0 | ||
16 | STATE_WARNING=1 | ||
17 | STATE_CRITICAL=2 | ||
18 | STATE_UNKNOWN=3 | ||
19 | |||
20 | interface=$( ip route | grep default | awk '{print $5}' | head -n1) | ||
21 | function print_usage() | ||
22 | { | ||
23 | echo "Usage :" | ||
24 | echo "$0 [ -i=INTERFACE] [ -ct=COUNT ] -w WARNING -c CRITICAL" | ||
25 | echo "This script calculate the average bandwith usage." | ||
26 | echo "Default values | interface: ${interface}, counter: 10" | ||
27 | } | ||
28 | |||
29 | counter=10 | ||
30 | warning=-1 | ||
31 | critical=-1 | ||
32 | |||
33 | sum_rx=0 | ||
34 | sum_tx=0 | ||
35 | avg_rx= | ||
36 | avg_tx= | ||
37 | i= | ||
38 | |||
39 | |||
40 | if [[ $# -lt 4 ]]; | ||
41 | then | ||
42 | echo "Error: Arguments are missing" | ||
43 | print_usage | ||
44 | exit $STATE_UNKNOWN | ||
45 | fi | ||
46 | |||
47 | while [[ $# -gt 0 ]]; do | ||
48 | case "$1" in | ||
49 | -i=*) | ||
50 | interface="$(cut -d'=' -f2 <<<"$1")" | ||
51 | shift | ||
52 | ;; | ||
53 | -ct=*) | ||
54 | counter="$(cut -d'=' -f2 <<<"$1")" | ||
55 | shift | ||
56 | ;; | ||
57 | -w) | ||
58 | warning=$2 | ||
59 | shift 2 | ||
60 | ;; | ||
61 | -c) | ||
62 | critical=$2 | ||
63 | shift 2 | ||
64 | ;; | ||
65 | *) | ||
66 | printf "\nError: Invalid option '$1'" | ||
67 | print_usage | ||
68 | exit $STATE_UNKNOWN | ||
69 | ;; | ||
70 | esac | ||
71 | done | ||
72 | |||
73 | if [ $warning -lt 0 ] || [ $critical -lt 0 ]; | ||
74 | then | ||
75 | echo "Error: You need to specify a warning and critical treshold" | ||
76 | print_usage | ||
77 | exit $STATE_UNKNOWN | ||
78 | fi | ||
79 | |||
80 | grep -q "up" /sys/class/net/$interface/operstate || exec echo "$interface: no such device or down" | ||
81 | |||
82 | read rx <"/sys/class/net/$interface/statistics/rx_bytes" | ||
83 | read tx <"/sys/class/net/$interface/statistics/tx_bytes" | ||
84 | |||
85 | i=$counter | ||
86 | while [ $i -gt 0 ]; do | ||
87 | sleep 1 | ||
88 | read newrx <"/sys/class/net/$interface/statistics/rx_bytes" | ||
89 | read newtx <"/sys/class/net/$interface/statistics/tx_bytes" | ||
90 | |||
91 | #echo "old rx :$rx" | ||
92 | #echo "new rx :$newrx" | ||
93 | rx_cal=$(bc <<< "scale=2; ($newrx-$rx) / 1000") | ||
94 | tx_cal=$(bc <<< "scale=2; ($newtx-$tx) / 1000") | ||
95 | |||
96 | sum_rx=$(bc <<< "scale=2;$sum_rx+$rx_cal") | ||
97 | sum_tx=$(bc <<< "scale=2;$sum_tx+$tx_cal") | ||
98 | |||
99 | #echo "$interface {rx: $rx_cal ko/s, tx: $tx_cal ko/s}" | ||
100 | rx=$newrx | ||
101 | tx=$newtx | ||
102 | ((i --)) | ||
103 | done | ||
104 | |||
105 | avg_rx=$(bc <<< "scale=2;$sum_rx/$counter") | ||
106 | avg_tx=$(bc <<< "scale=2;$sum_tx/$counter") | ||
107 | |||
108 | #echo "$avg_rx" | ||
109 | #echo "$avg_tx" | ||
110 | |||
111 | |||
112 | if [ $(bc <<< "$avg_rx > $critical || $avg_tx > $critical") -eq 1 ]; then | ||
113 | echo "$interface CRITICAL - AVG_RX: $avg_rx kb/s, AVG_TX: | ||
114 | $avg_tx kb/s | RX="$avg_rx"kbps;0;0;0; TX="$avg_tx"kbps;0;0;0;" | ||
115 | exit $STATE_CRITICAL | ||
116 | elif [ $(bc <<< "$avg_rx > $warning || $avg_tx > $warning") -eq 1 ]; then | ||
117 | echo "$interface WARNING - AVG_RX: $avg_rx kb/s, AVG_TX: $avg_tx kb/s | RX="$avg_rx"kbps;0;0;0; TX="$avg_tx"kbps;0;0;0;" | ||
118 | exit $STATE_WARNING | ||
119 | else | ||
120 | echo "$interface - OK AVG_RX: $avg_rx kb/s, AVG_TX: $avg_tx kb/s | RX="$avg_rx"kbps;0;0;0; TX="$avg_tx"kbps;0;0;0;" | ||
121 | exit $STATE_OK | ||
122 | fi | ||
123 | exit 3 | ||
diff --git a/modules/private/monitoring/plugins/check_command b/modules/private/monitoring/plugins/check_command deleted file mode 100755 index 2b546c1..0000000 --- a/modules/private/monitoring/plugins/check_command +++ /dev/null | |||
@@ -1,113 +0,0 @@ | |||
1 | #!/usr/bin/env perl | ||
2 | |||
3 | use strict; | ||
4 | use Getopt::Std; | ||
5 | $| = 1; | ||
6 | |||
7 | my %opts; | ||
8 | getopts('hr:C:c:s:o:', \%opts); | ||
9 | |||
10 | my $STATE_OK = 0; | ||
11 | my $STATE_WARNING = 1; | ||
12 | my $STATE_CRITICAL = 2; | ||
13 | my $STATE_UNKNOWN = 3; | ||
14 | |||
15 | if ($opts{'h'} || scalar(%opts) == 0) { | ||
16 | &print_help(); | ||
17 | exit($STATE_OK); | ||
18 | } | ||
19 | |||
20 | my $command = $opts{'c'}; | ||
21 | if ($command eq '') { | ||
22 | print "You must provide a command to check.\n"; | ||
23 | exit($STATE_UNKNOWN); | ||
24 | } | ||
25 | |||
26 | my $expected_output = $opts{'o'}; | ||
27 | my $expected_status = $opts{'s'}; | ||
28 | my $other_command = $opts{'C'}; | ||
29 | |||
30 | if ($other_command eq '' and $expected_status eq '' and $expected_output eq '') { | ||
31 | $expected_status = 0; | ||
32 | } | ||
33 | |||
34 | my $cmd = $command . ' 2>&1'; | ||
35 | my $other_cmd; | ||
36 | if ($other_command ne '') { | ||
37 | $other_cmd = $other_command . ' 2>&1'; | ||
38 | } | ||
39 | |||
40 | my $run_as; | ||
41 | if ($opts{'r'}) { | ||
42 | $run_as = $opts{'r'}; | ||
43 | $cmd = "sudo -u $run_as -n $cmd"; | ||
44 | |||
45 | if ($other_command ne '') { | ||
46 | $other_cmd = "sudo -u $run_as -n $other_cmd"; | ||
47 | } | ||
48 | |||
49 | } | ||
50 | |||
51 | my $cmd_result = `$cmd`; | ||
52 | my $other_cmd_result; | ||
53 | if ($other_command ne '') { | ||
54 | $other_cmd_result = `$other_cmd`; | ||
55 | chomp($other_cmd_result); | ||
56 | } | ||
57 | |||
58 | chomp($cmd_result); | ||
59 | if ($cmd_result =~ /sudo/i) { | ||
60 | print "$command CRITICAL - No sudo right to run the command | result=1;;;;\n"; | ||
61 | exit($STATE_UNKNOWN); | ||
62 | } elsif ($expected_status ne '') { | ||
63 | if ($? != $expected_status) { | ||
64 | print "$command CRITICAL - Response status $? | result=1;;;;\n"; | ||
65 | exit($STATE_CRITICAL); | ||
66 | } else { | ||
67 | print "$command OK - Response status $? | result=0;;;;\n"; | ||
68 | exit($STATE_OK); | ||
69 | } | ||
70 | } elsif ($other_command ne '') { | ||
71 | if ($cmd_result ne $other_cmd_result) { | ||
72 | print "$command CRITICAL - Expected output not matching other command output | result=1;;;;\n"; | ||
73 | exit($STATE_CRITICAL); | ||
74 | } else { | ||
75 | print "$command OK - Expected output matching other command output | result=0;;;;\n"; | ||
76 | exit($STATE_OK); | ||
77 | } | ||
78 | } else { | ||
79 | if ($cmd_result !~ /$expected_output/) { | ||
80 | print "$command CRITICAL - Expected output not matching | result=1;;;;\n"; | ||
81 | exit($STATE_CRITICAL); | ||
82 | } else { | ||
83 | print "$command OK - Expected output matching | result=0;;;;\n"; | ||
84 | exit($STATE_OK); | ||
85 | } | ||
86 | } | ||
87 | |||
88 | sub print_help() { | ||
89 | print << "EOF"; | ||
90 | Check whether the given command responds as expected. One of -o -C or -s must be selected. | ||
91 | |||
92 | Options: | ||
93 | -h | ||
94 | Print detailed help screen | ||
95 | |||
96 | -c | ||
97 | command to run (required) | ||
98 | |||
99 | -C | ||
100 | other command to compare output | ||
101 | |||
102 | -r user | ||
103 | Run as user via sudo. | ||
104 | |||
105 | -s | ||
106 | status code to check | ||
107 | |||
108 | -o | ||
109 | output to check | ||
110 | |||
111 | EOF | ||
112 | } | ||
113 | |||
diff --git a/modules/private/monitoring/plugins/check_emails b/modules/private/monitoring/plugins/check_emails deleted file mode 100755 index 534e5a5..0000000 --- a/modules/private/monitoring/plugins/check_emails +++ /dev/null | |||
@@ -1,121 +0,0 @@ | |||
1 | #!/usr/bin/env perl | ||
2 | |||
3 | use strict; | ||
4 | use Getopt::Std; | ||
5 | use File::Basename; | ||
6 | use Date::Parse; | ||
7 | use POSIX qw(strftime); | ||
8 | |||
9 | $| = 1; | ||
10 | |||
11 | my %opts; | ||
12 | getopts('hH:l:s:p:f:i:n:r:', \%opts); | ||
13 | |||
14 | my $STATE_OK = 0; | ||
15 | my $STATE_WARNING = 1; | ||
16 | my $STATE_CRITICAL = 2; | ||
17 | my $STATE_UNKNOWN = 3; | ||
18 | |||
19 | if ($opts{'h'} || scalar(%opts) == 0) { | ||
20 | &print_help(); | ||
21 | exit($STATE_OK); | ||
22 | } | ||
23 | |||
24 | my $port = $opts{'p'}; | ||
25 | my $host = $opts{'H'}; | ||
26 | my $login = $opts{'l'}; | ||
27 | if ($login ne '') { | ||
28 | $login = "$login@"; | ||
29 | } | ||
30 | |||
31 | my $identity = $opts{'i'}; | ||
32 | my $local_directory = $opts{'n'}; | ||
33 | my $return_path = $opts{'r'}; | ||
34 | |||
35 | my @emails_to_send = split(/,/, $opts{'s'}); | ||
36 | my @emails_to_expect = split(/,/, $opts{'f'}); | ||
37 | |||
38 | my $cmd_result; | ||
39 | if ($local_directory ne '') { | ||
40 | if (@emails_to_expect and ! -d $local_directory) { | ||
41 | print "Emails $host UNKNOWN - Could not find local directory"; | ||
42 | exit($STATE_UNKNOWN); | ||
43 | } | ||
44 | $cmd_result = `send_mails $local_directory $return_path @emails_to_send 2>&1`; | ||
45 | } else { | ||
46 | $cmd_result = `ssh -o BatchMode=yes -o UserKnownHostsFile=/dev/null -o CheckHostIP=no -o StrictHostKeyChecking=no -p $port -i $identity $login$host send_mails @emails_to_send 2>&1`; | ||
47 | |||
48 | if ($cmd_result =~ /Host key verification failed./) { | ||
49 | print "Emails $host UNKNOWN - Could not connect to host with ssh key\n"; | ||
50 | exit($STATE_UNKNOWN); | ||
51 | } | ||
52 | } | ||
53 | |||
54 | my @lines = split(/\n/, $cmd_result); | ||
55 | |||
56 | my %found_emails; | ||
57 | |||
58 | foreach my $line (@lines) { | ||
59 | my @split_line = split(/;/, $line, 2); | ||
60 | $found_emails{$split_line[0]} = $split_line[1]; | ||
61 | } | ||
62 | |||
63 | my $output = ""; | ||
64 | my $old = 0; | ||
65 | foreach my $email_from (@emails_to_expect) { | ||
66 | my @email_split = split(/:/, $email_from); | ||
67 | my $email = $email_split[0]; | ||
68 | my $from = $email_split[1]; | ||
69 | |||
70 | if ( exists $found_emails{$email} ) { | ||
71 | my $email_date = str2time($found_emails{$email}); | ||
72 | my $current_date = strftime "%s", localtime; | ||
73 | |||
74 | if ($current_date - $email_date > 60*30) { | ||
75 | $output = "$output$email ($found_emails{$email} from $from) "; | ||
76 | } | ||
77 | $old = ($current_date - $email_date) > $old ? ($current_date - $email_date) : $old; | ||
78 | } else { | ||
79 | $output = "$output$email (missing) " | ||
80 | } | ||
81 | } | ||
82 | |||
83 | if ($output ne '') { | ||
84 | print "Emails $host CRITICAL - expecting emails: $output | timestamp=${old}s;;;;\n"; | ||
85 | exit($STATE_CRITICAL); | ||
86 | } else { | ||
87 | print "Emails $host OK | timestamp=${old}s;;;;\n"; | ||
88 | exit($STATE_OK); | ||
89 | } | ||
90 | |||
91 | sub print_help() { | ||
92 | print << "EOF"; | ||
93 | Check sent emails | ||
94 | |||
95 | Options: | ||
96 | -h | ||
97 | Print detailed help screen | ||
98 | |||
99 | -H | ||
100 | Host to check | ||
101 | |||
102 | -l | ||
103 | Login | ||
104 | |||
105 | -i | ||
106 | Identity file | ||
107 | |||
108 | -n | ||
109 | Don’t use ssh, pass that directory to script | ||
110 | |||
111 | -r | ||
112 | Return path for local e-mails | ||
113 | |||
114 | -s | ||
115 | Comma separated list of emails to send from the host. | ||
116 | |||
117 | -f | ||
118 | Comma separated list of emails to expect on the host. | ||
119 | EOF | ||
120 | } | ||
121 | |||
diff --git a/modules/private/monitoring/plugins/check_eriomem b/modules/private/monitoring/plugins/check_eriomem deleted file mode 100755 index 880b88a..0000000 --- a/modules/private/monitoring/plugins/check_eriomem +++ /dev/null | |||
@@ -1,83 +0,0 @@ | |||
1 | #!/usr/bin/env python | ||
2 | import os | ||
3 | import sys | ||
4 | import getopt | ||
5 | import signal | ||
6 | from subprocess import Popen, PIPE | ||
7 | |||
8 | STATE_OK = 0 | ||
9 | STATE_WARNING = 1 | ||
10 | STATE_CRITICAL = 2 | ||
11 | STATE_UNKNOWN = 3 | ||
12 | |||
13 | keys = sys.argv[1].split(",") | ||
14 | |||
15 | def to_args(k): | ||
16 | access, secret = k.split(":", 1) | ||
17 | return [ | ||
18 | "s3cmd", | ||
19 | '-c=/dev/null', | ||
20 | '--no-check-certificate', | ||
21 | '--access_key={}'.format(access), | ||
22 | '--secret_key={}'.format(secret), | ||
23 | '--host=e.eriomem.net', | ||
24 | '--host-bucket=%(bucket)s.e.eriomem.net', | ||
25 | 'du' | ||
26 | ] | ||
27 | |||
28 | max_size = 1024*1024*1024*1024 | ||
29 | warning_percent = 99.75 | ||
30 | critical_percent = 99.95 | ||
31 | |||
32 | def output(code, msg): | ||
33 | print(msg) | ||
34 | sys.exit(code) | ||
35 | |||
36 | def main(): | ||
37 | def handler(signum, frame): | ||
38 | raise IOError | ||
39 | signal.signal(signal.SIGALRM, handler) | ||
40 | signal.alarm(60) | ||
41 | |||
42 | try: | ||
43 | ps = [Popen(to_args(a), stdout=PIPE, stderr=PIPE) for a in keys] | ||
44 | outs = [p.communicate() for p in ps] | ||
45 | rets = [p.wait() for p in ps] | ||
46 | except IOError: | ||
47 | for p in ps: | ||
48 | os.kill(p.pid, signal.SIGTERM) | ||
49 | output(STATE_UNKNOWN, | ||
50 | "Eriomem UNKNOWN - Command timeout after 60 seconds!") | ||
51 | |||
52 | signal.alarm(0) | ||
53 | |||
54 | if sum(rets) == 0: | ||
55 | usages = [int(out[0].decode().split("\n")[-2].split()[0]) for out in outs] | ||
56 | usage = sum(usages) | ||
57 | use_percent = 100 * usage / max_size | ||
58 | if use_percent > critical_percent: | ||
59 | output(STATE_CRITICAL, | ||
60 | "Eriomem CRITICAL - bucket usage: %s (%s%%);| size=%s;;;;" % | ||
61 | (sizeof_fmt(usage), use_percent, sizeof_fmt(usage))) | ||
62 | elif use_percent > warning_percent: | ||
63 | output(STATE_WARNING, | ||
64 | "Eriomem WARNING - bucket usage: %s (%s%%);| size=%s;;;;" % | ||
65 | (sizeof_fmt(usage), use_percent, sizeof_fmt(usage))) | ||
66 | else: | ||
67 | output(STATE_OK, | ||
68 | "Eriomem OK - bucket usage: %s (%d%%);| size=%s;;;;" % | ||
69 | (sizeof_fmt(usage), use_percent, sizeof_fmt(usage))) | ||
70 | else: | ||
71 | messages = "\n".join([out[0].decode() + out[1].decode() for out in outs]) | ||
72 | output(STATE_UNKNOWN, | ||
73 | "Eriomem UNKNOWN - Error in command") | ||
74 | |||
75 | def sizeof_fmt(num): | ||
76 | for unit in ['','ko','Mo','Go','To','Po','Eo','Zo']: | ||
77 | if abs(num) < 1024.0: | ||
78 | return "%3.1f%s" % (num, unit) | ||
79 | num /= 1024.0 | ||
80 | return "%.1f%s%s" % (num, 'Yo') | ||
81 | |||
82 | if __name__ == '__main__': | ||
83 | main() | ||
diff --git a/modules/private/monitoring/plugins/check_ftp_database b/modules/private/monitoring/plugins/check_ftp_database deleted file mode 100755 index f9cf579..0000000 --- a/modules/private/monitoring/plugins/check_ftp_database +++ /dev/null | |||
@@ -1,11 +0,0 @@ | |||
1 | #!/usr/bin/env bash | ||
2 | |||
3 | OUT=$(echo "ls" | lftp -u test_ftp,test_ftp eldiron.immae.eu | grep it_works | wc -l) | ||
4 | |||
5 | if [ "$OUT" -eq 1 ]; then | ||
6 | echo "ftp connection OK - access to ftp is working | ftp=1;;;;" | ||
7 | exit 0 | ||
8 | else | ||
9 | echo "ftp connection CRITICAL - no access to ftp | ftp=0;;;;" | ||
10 | exit 2 | ||
11 | fi | ||
diff --git a/modules/private/monitoring/plugins/check_git b/modules/private/monitoring/plugins/check_git deleted file mode 100755 index e8fbb29..0000000 --- a/modules/private/monitoring/plugins/check_git +++ /dev/null | |||
@@ -1,81 +0,0 @@ | |||
1 | #!/usr/bin/env bash | ||
2 | |||
3 | SSH_KEY="$1" | ||
4 | |||
5 | TMPDIR=$(mktemp -d) | ||
6 | |||
7 | if [ ! -d "$TMPDIR" ]; then | ||
8 | echo "gitolite UNKNOWN - impossible to create temp dir" | ||
9 | exit 3 | ||
10 | fi | ||
11 | |||
12 | trap "rm -rf $TMPDIR" EXIT | ||
13 | |||
14 | ERRORS="" | ||
15 | OUTPUT="" | ||
16 | PERFS="" | ||
17 | |||
18 | cd "$TMPDIR" | ||
19 | OUT=$(git clone -q git://git.immae.eu/perso/Immae/Projets/Ruby/Monitor.git 2>&1) | ||
20 | ERR=$? | ||
21 | if [ -n "$OUT" ]; then | ||
22 | OUTPUT="$OUTPUT | ||
23 | $OUT" | ||
24 | fi | ||
25 | if [ "$ERR" != 0 ]; then | ||
26 | PERFS="$PERFS git=0;;;;" | ||
27 | ERRORS="$ERRORS git://" | ||
28 | else | ||
29 | PERFS="$PERFS git=1;;;;" | ||
30 | fi | ||
31 | rm -rf Monitor | ||
32 | |||
33 | OUT=$(git clone -q http://git.immae.eu/perso/Immae/Projets/Ruby/Monitor.git 2>&1) | ||
34 | ERR=$? | ||
35 | if [ -n "$OUT" ]; then | ||
36 | OUTPUT="$OUTPUT | ||
37 | $OUT" | ||
38 | fi | ||
39 | if [ "$ERR" != 0 ]; then | ||
40 | ERRORS="$ERRORS http://" | ||
41 | PERFS="$PERFS http=0;;;;" | ||
42 | else | ||
43 | PERFS="$PERFS http=1;;;;" | ||
44 | fi | ||
45 | rm -rf Monitor | ||
46 | |||
47 | OUT=$(git clone -q https://git.immae.eu/perso/Immae/Projets/Ruby/Monitor.git 2>&1) | ||
48 | ERR=$? | ||
49 | if [ -n "$OUT" ]; then | ||
50 | OUTPUT="$OUTPUT | ||
51 | $OUT" | ||
52 | fi | ||
53 | if [ "$ERR" != 0 ]; then | ||
54 | ERRORS="$ERRORS https://" | ||
55 | PERFS="$PERFS https=0;;;;" | ||
56 | else | ||
57 | PERFS="$PERFS https=1;;;;" | ||
58 | fi | ||
59 | rm -rf Monitor | ||
60 | |||
61 | OUT=$(GIT_SSH_COMMAND="ssh -i $SSH_KEY -o BatchMode=yes -o UserKnownHostsFile=/dev/null -o CheckHostIP=no -o StrictHostKeyChecking=no" git clone -q gitolite@git.immae.eu:perso/Immae/Projets/Ruby/Monitor 2>&1) | ||
62 | ERR=$? | ||
63 | if [ -n "$OUT" ]; then | ||
64 | OUTPUT="$OUTPUT | ||
65 | $OUT" | ||
66 | fi | ||
67 | if [ "$ERR" != 0 ]; then | ||
68 | ERRORS="$ERRORS ssh" | ||
69 | PERFS="$PERFS ssh=0;;;;" | ||
70 | else | ||
71 | PERFS="$PERFS ssh=1;;;;" | ||
72 | fi | ||
73 | rm -rf Monitor | ||
74 | |||
75 | if [ -n "$ERRORS" ]; then | ||
76 | echo "gitolite CRITICAL - impossible to clone via$ERRORS | $PERFS" | ||
77 | exit 2 | ||
78 | else | ||
79 | echo "gitolite OK - ssh, git, http and https work | $PERFS" | ||
80 | exit 0 | ||
81 | fi | ||
diff --git a/modules/private/monitoring/plugins/check_imap_connection b/modules/private/monitoring/plugins/check_imap_connection deleted file mode 100755 index c1ab0dd..0000000 --- a/modules/private/monitoring/plugins/check_imap_connection +++ /dev/null | |||
@@ -1,52 +0,0 @@ | |||
1 | #!/usr/bin/env perl | ||
2 | |||
3 | use strict; | ||
4 | use Getopt::Std; | ||
5 | $| = 1; | ||
6 | |||
7 | my %opts; | ||
8 | getopts('h:u:p:H:', \%opts); | ||
9 | |||
10 | my $STATE_OK = 0; | ||
11 | my $STATE_WARNING = 1; | ||
12 | my $STATE_CRITICAL = 2; | ||
13 | my $STATE_UNKNOWN = 3; | ||
14 | |||
15 | if ($opts{'h'} || !$opts{'u'} || !$opts{'p'} || !$opts{'H'}) { | ||
16 | &print_help(); | ||
17 | exit($STATE_UNKNOWN); | ||
18 | } | ||
19 | |||
20 | my $user = $opts{'u'}; | ||
21 | my $password = $opts{'p'}; | ||
22 | my $host = $opts{'H'}; | ||
23 | |||
24 | my $cmd_result = `(echo "a login $user $password"; echo "b logout") | openssl s_client -quiet -ign_eof -connect $host -starttls imap 2>&1`; | ||
25 | my $expected_result = "a OK Logged in"; | ||
26 | |||
27 | chomp($cmd_result); | ||
28 | if ($cmd_result !~ /$expected_result/) { | ||
29 | print "IMAP CRITICAL - Unable to connect via imaps | imap=0;;;;\n"; | ||
30 | exit($STATE_CRITICAL); | ||
31 | } else { | ||
32 | print "IMAP OK - imaps connected successfully | imap=1;;;;\n"; | ||
33 | exit($STATE_OK); | ||
34 | } | ||
35 | |||
36 | sub print_help() { | ||
37 | print << "EOF"; | ||
38 | Check whether imap works via ssl and is able to connect its database. | ||
39 | |||
40 | Options: | ||
41 | -h | ||
42 | Print detailed help screen | ||
43 | -u | ||
44 | User to log in as | ||
45 | -p | ||
46 | Password to log in | ||
47 | -H | ||
48 | Host to log in to | ||
49 | |||
50 | EOF | ||
51 | } | ||
52 | |||
diff --git a/modules/private/monitoring/plugins/check_last_file_date b/modules/private/monitoring/plugins/check_last_file_date deleted file mode 100755 index f51a258..0000000 --- a/modules/private/monitoring/plugins/check_last_file_date +++ /dev/null | |||
@@ -1,28 +0,0 @@ | |||
1 | #!/bin/bash | ||
2 | |||
3 | STATE_OK=0 | ||
4 | STATE_WARNING=1 | ||
5 | STATE_CRITICAL=2 | ||
6 | STATE_UNKNOWN=3 | ||
7 | |||
8 | base_path=$1 | ||
9 | hours=$2 | ||
10 | |||
11 | last_date=$(find $base_path -mindepth 1 -maxdepth 1 -printf "%T@\n" 2>/dev/null | sort | tail -n 1) | ||
12 | |||
13 | if [ -z "$last_date" ]; then | ||
14 | echo "UNKNOWN: Could not read folder" | ||
15 | exit $STATE_UNKNOWN | ||
16 | else | ||
17 | LC_ALL=C last_date=$(printf "%.*f" 0 $last_date) | ||
18 | LC_ALL=C age=$(( $(date "+%s") - $last_date)) | ||
19 | max_age=$(( $hours * 60 * 60 )) | ||
20 | min_date=$(date -d "$hours hours ago" "+%s") | ||
21 | if [ "$min_date" -lt "$last_date" ]; then | ||
22 | echo "OK: Last file $(date -d @$last_date) | age=${age}s;;$max_age;;" | ||
23 | exit $STATE_OK | ||
24 | else | ||
25 | echo "CRITICAL: Last file $(date -d @$last_date) | age=${age}s;;$max_age;;" | ||
26 | exit $STATE_CRITICAL | ||
27 | fi | ||
28 | fi | ||
diff --git a/modules/private/monitoring/plugins/check_mem.sh b/modules/private/monitoring/plugins/check_mem.sh deleted file mode 100755 index cc97ae2..0000000 --- a/modules/private/monitoring/plugins/check_mem.sh +++ /dev/null | |||
@@ -1,29 +0,0 @@ | |||
1 | #!/bin/bash | ||
2 | |||
3 | if [ "$1" = "-w" ] && [ "$2" -gt "0" ] && [ "$3" = "-c" ] && [ "$4" -gt "0" ]; then | ||
4 | FreeM=`free -m` | ||
5 | memTotal_m=`echo "$FreeM" |grep Mem |awk '{print $2}'` | ||
6 | memUsed_m=`echo "$FreeM" |grep Mem |awk '{print $3}'` | ||
7 | memFree_m=`echo "$FreeM" |grep Mem |awk '{print $4}'` | ||
8 | memBuffer_m=`echo "$FreeM" |grep Mem |awk '{print $6}'` | ||
9 | memCache_m=`echo "$FreeM" |grep Mem |awk '{print $7}'` | ||
10 | memUsedPrc=`echo $((($memUsed_m*100)/$memTotal_m))||cut -d. -f1` | ||
11 | if [ "$memUsedPrc" -ge "$4" ]; then | ||
12 | echo "Memory: CRITICAL Total: $memTotal_m MB - Used: $memUsed_m MB - $memUsedPrc% used!|TOTAL=$memTotal_m;;;; USED=$memUsed_m;;;; CACHE=$memCache_m;;;; BUFFER=$memBuffer_m;;;;" | ||
13 | exit 2 | ||
14 | elif [ "$memUsedPrc" -ge "$2" ]; then | ||
15 | echo "Memory: WARNING Total: $memTotal_m MB - Used: $memUsed_m MB - $memUsedPrc% used!|TOTAL=$memTotal_m;;;; USED=$memUsed_m;;;; CACHE=$memCache_m;;;; BUFFER=$memBuffer_m;;;;" | ||
16 | exit 1 | ||
17 | else | ||
18 | echo "Memory: OK Total: $memTotal_m MB - Used: $memUsed_m MB - $memUsedPrc% used|TOTAL=$memTotal_m;;;; USED=$memUsed_m;;;; CACHE=$memCache_m;;;; BUFFER=$memBuffer_m;;;;" | ||
19 | exit 0 | ||
20 | fi | ||
21 | else # If inputs are not as expected, print help. | ||
22 | sName="`echo $0|awk -F '/' '{print $NF}'`" | ||
23 | echo -e "\n\n\t\t### $sName Version 2.0###\n" | ||
24 | echo -e "# Usage:\t$sName -w <warnlevel> -c <critlevel>" | ||
25 | echo -e "\t\t= warnlevel and critlevel is percentage value without %\n" | ||
26 | echo "# EXAMPLE:\t/usr/lib64/nagios/plugins/$sName -w 80 -c 90" | ||
27 | echo -e "\nCopyright (C) 2012 Lukasz Gogolin (lukasz.gogolin@gmail.com), improved by Nestor 2015\n\n" | ||
28 | exit | ||
29 | fi | ||
diff --git a/modules/private/monitoring/plugins/check_mysql_replication b/modules/private/monitoring/plugins/check_mysql_replication deleted file mode 100755 index 1ee5de1..0000000 --- a/modules/private/monitoring/plugins/check_mysql_replication +++ /dev/null | |||
@@ -1,41 +0,0 @@ | |||
1 | #!/bin/bash | ||
2 | |||
3 | STATE_OK=0 | ||
4 | STATE_WARNING=1 | ||
5 | STATE_CRITICAL=2 | ||
6 | STATE_UNKNOWN=3 | ||
7 | |||
8 | socket=$1 | ||
9 | config_file=$2 | ||
10 | info=$(mysql --defaults-file=${config_file} -S $socket -e "show slave status" --vertical) | ||
11 | exit_code=$? | ||
12 | |||
13 | lag=$(echo "$info" | grep "\bSeconds_Behind_Master\b" | cut -d':' -f2 | sed -e "s/\s//g") | ||
14 | |||
15 | IO_running=$(echo "$info" | grep "\bSlave_IO_Running\b" | cut -d':' -f2 | sed -e "s/\s//g") | ||
16 | SQL_running=$(echo "$info" | grep "\bSlave_SQL_Running\b" | cut -d':' -f2 | sed -e "s/\s//g") | ||
17 | |||
18 | if [[ $exit_code -ne 0 ]]; then | ||
19 | echo "UNKNOWN - Impossible to run mysql command" | ||
20 | exit $STATE_UNKNOWN | ||
21 | elif [[ -z "$lag" ]]; then | ||
22 | echo "UNKNOWN - No replication found for mysql" | ||
23 | exit $STATE_UNKNOWN | ||
24 | elif [[ "$IO_running" != "Yes" || "$SQL_running" != "Yes" ]]; then | ||
25 | echo "UNKNOWN - Replication is not running" | ||
26 | exit $STATE_UNKNOWN | ||
27 | else | ||
28 | output="Replication lag for mysql is ${lag}s" | ||
29 | LC_ALL=C lag=$(printf "%.*f" 0 $lag) | ||
30 | |||
31 | if [[ $lag -lt 5 ]]; then | ||
32 | echo "OK - $output | time=${lag}s;5;10;;" | ||
33 | exit $STATE_OK | ||
34 | elif [[ $lag -lt 10 ]]; then | ||
35 | echo "WARNING - $output | time=${lag}s;5;10;;" | ||
36 | exit $STATE_WARNING | ||
37 | else | ||
38 | echo "CRITICAL - $output | time=${lag}s;5;10;;" | ||
39 | exit $STATE_CRITICAL | ||
40 | fi | ||
41 | fi | ||
diff --git a/modules/private/monitoring/plugins/check_openldap_replication b/modules/private/monitoring/plugins/check_openldap_replication deleted file mode 100755 index 7136ad5..0000000 --- a/modules/private/monitoring/plugins/check_openldap_replication +++ /dev/null | |||
@@ -1,54 +0,0 @@ | |||
1 | #!/bin/bash | ||
2 | |||
3 | STATE_OK=0 | ||
4 | STATE_WARNING=1 | ||
5 | STATE_CRITICAL=2 | ||
6 | STATE_UNKNOWN=3 | ||
7 | |||
8 | distant_host="$1" | ||
9 | replication_dn="$2" | ||
10 | replication_pw="$3" | ||
11 | base="$4" | ||
12 | config="$5" | ||
13 | |||
14 | to_date() { | ||
15 | i="$1" | ||
16 | i=$(echo "$i" | grep contextCSN | cut -d":" -f2 | sed -e "s/\s//g") | ||
17 | i=$(echo "$i" | cut -d"#" -f1) | ||
18 | i=$(echo "$i" | cut -d"." -f1) | ||
19 | echo "$i" | ||
20 | } | ||
21 | |||
22 | # ldap | ||
23 | remote_ldap=$(ldapsearch -H $distant_host -D "$replication_dn" -y "$replication_pw" -b "$base" -s base -LLL contextCSN ) | ||
24 | exit_code_remote=$? | ||
25 | remote_ldap=$(to_date "$remote_ldap") | ||
26 | |||
27 | # slapcat | ||
28 | local_ldap=$(slapcat -b "$base" -f "$config" -a "(entryDN=$base)") | ||
29 | exit_code_local=$? | ||
30 | local_ldap=$(to_date "$local_ldap") | ||
31 | |||
32 | offset=$(($remote_ldap - $local_ldap)) | ||
33 | |||
34 | if [[ $exit_code_remote -ne 0 || $exit_code_local -ne 0 ]]; then | ||
35 | echo "UNKNOWN - Impossible to run ldap command" | ||
36 | exit $STATE_UNKNOWN | ||
37 | elif [[ -z "$offset" ]]; then | ||
38 | echo "UNKNOWN - No replication found" | ||
39 | exit $STATE_UNKNOWN | ||
40 | else | ||
41 | output="Replication lag for openldap is ${offset}s" | ||
42 | LC_ALL=C lag=$(printf "%.*f" 0 $lag) | ||
43 | |||
44 | if [[ $offset -lt 5 ]]; then | ||
45 | echo "OK - $output | time=${offset}s;5;10;;" | ||
46 | exit $STATE_OK | ||
47 | elif [[ $offset -lt 10 ]]; then | ||
48 | echo "WARNING - $output | time=${offset}s;5;10;;" | ||
49 | exit $STATE_WARNING | ||
50 | else | ||
51 | echo "CRITICAL - $output | time=${offset}s;5;10;;" | ||
52 | exit $STATE_CRITICAL | ||
53 | fi | ||
54 | fi | ||
diff --git a/modules/private/monitoring/plugins/check_ovh_sms b/modules/private/monitoring/plugins/check_ovh_sms deleted file mode 100755 index caf279c..0000000 --- a/modules/private/monitoring/plugins/check_ovh_sms +++ /dev/null | |||
@@ -1,25 +0,0 @@ | |||
1 | #!/usr/bin/env python | ||
2 | |||
3 | import sys | ||
4 | try: | ||
5 | import ovh | ||
6 | |||
7 | [endpoint, application_key, application_secret, consumer_key, account] = sys.argv[1].split(",") | ||
8 | client = ovh.Client( | ||
9 | endpoint=endpoint, | ||
10 | application_key=application_key, | ||
11 | application_secret=application_secret, | ||
12 | consumer_key=consumer_key, | ||
13 | ) | ||
14 | |||
15 | result = client.get('/sms/{}'.format(account))["creditsLeft"] | ||
16 | |||
17 | if result < 20: | ||
18 | print("SMS OVH Critical - Not enough sms left ({})|SMS={};;;;".format(result, result)) | ||
19 | sys.exit(2) | ||
20 | else: | ||
21 | print("SMS OVH Ok - Enough sms left ({})|SMS={};;;;".format(result, result)) | ||
22 | sys.exit(0) | ||
23 | except Exception: | ||
24 | print("SMS OVH UNKNOWN - Error during script") | ||
25 | sys.exit(3) | ||
diff --git a/modules/private/monitoring/plugins/check_postgres_database_count b/modules/private/monitoring/plugins/check_postgres_database_count deleted file mode 100755 index 43bdd8c..0000000 --- a/modules/private/monitoring/plugins/check_postgres_database_count +++ /dev/null | |||
@@ -1,32 +0,0 @@ | |||
1 | #!/bin/bash | ||
2 | |||
3 | STATE_OK=0 | ||
4 | STATE_WARNING=1 | ||
5 | STATE_CRITICAL=2 | ||
6 | STATE_UNKNOWN=3 | ||
7 | |||
8 | host=$1 | ||
9 | port=$2 | ||
10 | min=$3 | ||
11 | |||
12 | count=$(psql -h $host -p $port -A -q -c '\t' -c 'select count(datname) from pg_catalog.pg_database' postgres 2>&1) | ||
13 | exit_code=$? | ||
14 | |||
15 | if [[ $exit_code -ne 0 ]]; then | ||
16 | echo "UNKNOWN - Impossible to run psql command: $count" | ||
17 | exit $STATE_UNKNOWN | ||
18 | elif [[ -z "$count" ]]; then | ||
19 | echo "UNKNOWN - No database found" | ||
20 | exit $STATE_UNKNOWN | ||
21 | else | ||
22 | output="Database count is $count" | ||
23 | LC_ALL=C count=$(printf "%.*f" 0 $count) | ||
24 | |||
25 | if [[ $count -gt $min ]]; then | ||
26 | echo "OK - $output | count=${count};$min;$min;0;" | ||
27 | exit $STATE_OK | ||
28 | else | ||
29 | echo "CRITICAL - $output | count=${count};$min;$min;0;" | ||
30 | exit $STATE_CRITICAL | ||
31 | fi | ||
32 | fi | ||
diff --git a/modules/private/monitoring/plugins/check_postgres_replication b/modules/private/monitoring/plugins/check_postgres_replication deleted file mode 100755 index ff257a3..0000000 --- a/modules/private/monitoring/plugins/check_postgres_replication +++ /dev/null | |||
@@ -1,35 +0,0 @@ | |||
1 | #!/bin/bash | ||
2 | |||
3 | STATE_OK=0 | ||
4 | STATE_WARNING=1 | ||
5 | STATE_CRITICAL=2 | ||
6 | STATE_UNKNOWN=3 | ||
7 | |||
8 | user=$1 | ||
9 | host=$2 | ||
10 | port=$3 | ||
11 | |||
12 | lag=$(psql -h $host -p $port -A -t -c "SELECT COALESCE(EXTRACT(EPOCH FROM replay_lag),0) FROM pg_stat_replication WHERE usename='$user'" 2>/dev/null) | ||
13 | exit_code=$? | ||
14 | |||
15 | if [[ $exit_code -ne 0 ]]; then | ||
16 | echo "UNKNOWN - Impossible to run psql command" | ||
17 | exit $STATE_UNKNOWN | ||
18 | elif [[ -z "$lag" ]]; then | ||
19 | echo "UNKNOWN - No replication found for $user" | ||
20 | exit $STATE_UNKNOWN | ||
21 | else | ||
22 | output="Replication lag for $user is ${lag}s" | ||
23 | LC_ALL=C lag=$(printf "%.*f" 0 $lag) | ||
24 | |||
25 | if [[ $lag -lt 5 ]]; then | ||
26 | echo "OK - $output | time=${lag}s;5;10;0;" | ||
27 | exit $STATE_OK | ||
28 | elif [[ $lag -lt 10 ]]; then | ||
29 | echo "WARNING - $output | time=${lag}s;5;10;0;" | ||
30 | exit $STATE_WARNING | ||
31 | else | ||
32 | echo "CRITICAL - $output | time=${lag}s;5;10;0;" | ||
33 | exit $STATE_CRITICAL | ||
34 | fi | ||
35 | fi | ||
diff --git a/modules/private/monitoring/plugins/check_redis_replication b/modules/private/monitoring/plugins/check_redis_replication deleted file mode 100755 index 6dbe4c4..0000000 --- a/modules/private/monitoring/plugins/check_redis_replication +++ /dev/null | |||
@@ -1,38 +0,0 @@ | |||
1 | #!/bin/bash | ||
2 | |||
3 | STATE_OK=0 | ||
4 | STATE_WARNING=1 | ||
5 | STATE_CRITICAL=2 | ||
6 | STATE_UNKNOWN=3 | ||
7 | |||
8 | socket=$1 | ||
9 | |||
10 | info=$(redis-cli -s $socket info replication) | ||
11 | lag=$(echo "$info" | grep master_last_io_seconds_ago | cut -d":" -f2 | sed -e "s/\s//g") | ||
12 | slave_offset=$(echo "$info" | grep slave_repl_offset | cut -d":" -f2 | sed -e "s/\s//g") | ||
13 | master_offset=$(echo "$info" | grep master_repl_offset | cut -d":" -f2 | sed -e "s/\s//g") | ||
14 | offset=$(($master_offset - $slave_offset)) | ||
15 | |||
16 | exit_code=$? | ||
17 | |||
18 | if [[ $exit_code -ne 0 ]]; then | ||
19 | echo "UNKNOWN - Impossible to run redis command" | ||
20 | exit $STATE_UNKNOWN | ||
21 | elif [[ -z "$lag" ]]; then | ||
22 | echo "UNKNOWN - No replication found" | ||
23 | exit $STATE_UNKNOWN | ||
24 | else | ||
25 | output="Replication lag for redis is ${lag}s and offset is ${offset}" | ||
26 | LC_ALL=C lag=$(printf "%.*f" 0 $lag) | ||
27 | |||
28 | if [[ $lag -lt 5 && $offset -lt 5 ]]; then | ||
29 | echo "OK - $output | time=${lag}s;5;10;0; offset=${offset};5;10;0;" | ||
30 | exit $STATE_OK | ||
31 | elif [[ $lag -lt 10 && $offset -lt 10 ]]; then | ||
32 | echo "WARNING - $output | time=${lag}s;5;10;0; offset=${offset};5;10;0;" | ||
33 | exit $STATE_WARNING | ||
34 | else | ||
35 | echo "CRITICAL - $output | time=${lag}s;5;10;0; offset=${offset};5;10;0;" | ||
36 | exit $STATE_CRITICAL | ||
37 | fi | ||
38 | fi | ||
diff --git a/modules/private/monitoring/plugins/check_zfs_snapshot b/modules/private/monitoring/plugins/check_zfs_snapshot deleted file mode 100755 index 56f8c4f..0000000 --- a/modules/private/monitoring/plugins/check_zfs_snapshot +++ /dev/null | |||
@@ -1,325 +0,0 @@ | |||
1 | #! /bin/sh | ||
2 | |||
3 | OS=$(uname) | ||
4 | |||
5 | # MIT License | ||
6 | # | ||
7 | # Copyright (c) 2016 Josef Friedrich <josef@friedrich.rocks> | ||
8 | # | ||
9 | # Permission is hereby granted, free of charge, to any person obtaining | ||
10 | # a copy of this software and associated documentation files (the | ||
11 | # "Software"), to deal in the Software without restriction, including | ||
12 | # without limitation the rights to use, copy, modify, merge, publish, | ||
13 | # distribute, sublicense, and/or sell copies of the Software, and to | ||
14 | # permit persons to whom the Software is furnished to do so, subject to | ||
15 | # the following conditions: | ||
16 | # | ||
17 | # The above copyright notice and this permission notice shall be | ||
18 | # included in all copies or substantial portions of the Software. | ||
19 | # | ||
20 | # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, | ||
21 | # EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF | ||
22 | # MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. | ||
23 | # IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY | ||
24 | # CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, | ||
25 | # TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE | ||
26 | # SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. | ||
27 | |||
28 | ######################################################################## | ||
29 | # Date functions | ||
30 | ######################################################################## | ||
31 | |||
32 | # This date function must be placed on the top of this file because | ||
33 | # they are used in some global variables. | ||
34 | |||
35 | # to_year ### | ||
36 | |||
37 | ## | ||
38 | # Get the four digit year integer from now. | ||
39 | # | ||
40 | # Return: | ||
41 | # The current 4 digit year. | ||
42 | ## | ||
43 | _now_to_year() { | ||
44 | date +%Y | ||
45 | } | ||
46 | |||
47 | ## | ||
48 | # Convert a date in the format YYYY-MM-DD to a four digit year integer. | ||
49 | # | ||
50 | # Parameters: | ||
51 | # a date in the format YYYY-MM-DD | ||
52 | # | ||
53 | # Return: | ||
54 | # four digit year integer | ||
55 | ## | ||
56 | _date_to_year() { | ||
57 | local OPTIONS | ||
58 | if [ "$OS" = 'Linux' ]; then | ||
59 | OPTIONS="--date $1" | ||
60 | # FreeBSD, Darwin | ||
61 | else | ||
62 | OPTIONS="-j -f %Y-%m-%d $1" | ||
63 | fi | ||
64 | date $OPTIONS +%Y | ||
65 | } | ||
66 | |||
67 | # to_datetime ### | ||
68 | |||
69 | ## | ||
70 | # Convert a UNIX timestamp to a datetime string. | ||
71 | # | ||
72 | # Parameters: | ||
73 | # UNIX timestamp | ||
74 | # | ||
75 | # Return: | ||
76 | # %Y-%m-%d.%H:%M:%S | ||
77 | ## | ||
78 | _timestamp_to_datetime() { | ||
79 | local OPTIONS | ||
80 | if [ "$OS" = 'Linux' ]; then | ||
81 | OPTIONS="--date @$1" | ||
82 | # FreeBSD, Darwin | ||
83 | else | ||
84 | OPTIONS="-j -f %s $1" | ||
85 | fi | ||
86 | date $OPTIONS +%Y-%m-%d.%H:%M:%S | ||
87 | } | ||
88 | |||
89 | # to_timestamp ### | ||
90 | |||
91 | ## | ||
92 | # Get the current UNIX timestamp. | ||
93 | # | ||
94 | # Return: | ||
95 | # %current UNIX timestamp | ||
96 | ## | ||
97 | _now_to_timestamp() { | ||
98 | date +%s | ||
99 | } | ||
100 | |||
101 | PROJECT_PAGES='https://github.com/Josef-Friedrich/check_zfs_snapshot | ||
102 | https://exchange.icinga.com/joseffriedrich/check_zfs_snapshot | ||
103 | https://exchange.nagios.org/directory/Plugins/System-Metrics/File-System/check_zfs_snapshot/details' | ||
104 | |||
105 | VERSION=1.2 | ||
106 | FIRST_RELEASE=2016-09-08 | ||
107 | SHORT_DESCRIPTION="Monitoring plugin to check how long ago the last \ | ||
108 | snapshot of a ZFS dataset was created." | ||
109 | USAGE="check_zfs_snapshot v$VERSION | ||
110 | Copyright (c) $(_date_to_year $FIRST_RELEASE)-$(_now_to_year) \ | ||
111 | Josef Friedrich <josef@friedrich.rocks> | ||
112 | |||
113 | $SHORT_DESCRIPTION | ||
114 | |||
115 | |||
116 | Usage: check_zfs_snapshot <options> | ||
117 | |||
118 | Options: | ||
119 | -c, --critical=OPT_CRITICAL | ||
120 | Interval in seconds for critical state. | ||
121 | -d, --dataset=OPT_DATASET | ||
122 | The ZFS dataset to check. | ||
123 | -h, --help | ||
124 | Show this help. | ||
125 | -s, --short-description | ||
126 | Show a short description of the command. | ||
127 | -v, --version | ||
128 | Show the version number. | ||
129 | -w, --warning=OPT_WARNING | ||
130 | Interval in seconds for warning state. Must be lower than -c | ||
131 | |||
132 | Performance data: | ||
133 | - last_ago | ||
134 | Time interval in seconds for last snapshot. | ||
135 | - warning | ||
136 | Interval in seconds. | ||
137 | - critical | ||
138 | Interval in seconds. | ||
139 | - snapshot_count | ||
140 | How many snapshot exists in the given dataset and all child | ||
141 | datasets exists. | ||
142 | " | ||
143 | |||
144 | # Exit codes | ||
145 | STATE_OK=0 | ||
146 | STATE_WARNING=1 | ||
147 | STATE_CRITICAL=2 | ||
148 | STATE_UNKNOWN=3 | ||
149 | |||
150 | _get_last_snapshot() { | ||
151 | zfs get creation -Hpr -t snapshot "$1" | \ | ||
152 | awk 'BEGIN {max = 0} {if ($3>max) max=$3} END {print max}' | ||
153 | } | ||
154 | |||
155 | _getopts() { | ||
156 | while getopts ':c:d:hsvw:-:' OPT ; do | ||
157 | case $OPT in | ||
158 | |||
159 | c) | ||
160 | OPT_CRITICAL=$OPTARG | ||
161 | ;; | ||
162 | |||
163 | d) | ||
164 | OPT_DATASET="$OPTARG" | ||
165 | ;; | ||
166 | |||
167 | h) | ||
168 | echo "$USAGE" | ||
169 | exit 0 | ||
170 | ;; | ||
171 | |||
172 | s) | ||
173 | echo "$SHORT_DESCRIPTION" | ||
174 | exit 0 | ||
175 | ;; | ||
176 | |||
177 | v) | ||
178 | echo "$VERSION" | ||
179 | exit 0 | ||
180 | ;; | ||
181 | |||
182 | w) | ||
183 | OPT_WARNING=$OPTARG | ||
184 | ;; | ||
185 | |||
186 | \?) | ||
187 | echo "Invalid option “-$OPTARG”!" >&2 | ||
188 | exit 2 | ||
189 | ;; | ||
190 | |||
191 | :) | ||
192 | echo "Option “-$OPTARG” requires an argument!" >&2 | ||
193 | exit 3 | ||
194 | ;; | ||
195 | |||
196 | -) | ||
197 | LONG_OPTARG="${OPTARG#*=}" | ||
198 | |||
199 | case $OPTARG in | ||
200 | |||
201 | critical=?*) | ||
202 | OPT_CRITICAL=$LONG_OPTARG | ||
203 | ;; | ||
204 | |||
205 | dataset=?*) | ||
206 | OPT_DATASET="$LONG_OPTARG" | ||
207 | ;; | ||
208 | |||
209 | help) | ||
210 | echo "$USAGE" | ||
211 | exit 0 | ||
212 | ;; | ||
213 | |||
214 | short-description) | ||
215 | echo "$SHORT_DESCRIPTION" | ||
216 | exit 0 | ||
217 | ;; | ||
218 | |||
219 | version) | ||
220 | echo "$VERSION" | ||
221 | exit 0 | ||
222 | ;; | ||
223 | |||
224 | warning=?*) | ||
225 | OPT_WARNING=$LONG_OPTARG | ||
226 | ;; | ||
227 | |||
228 | critical*|dataset*|warning*) | ||
229 | echo "Option “--$OPTARG” requires an argument!" >&2 | ||
230 | exit 3 | ||
231 | ;; | ||
232 | |||
233 | help*|short-description*|version*) | ||
234 | echo "No argument allowed for the option “--$OPTARG”!" >&2 | ||
235 | exit 4 | ||
236 | ;; | ||
237 | |||
238 | '') # "--" terminates argument processing | ||
239 | break | ||
240 | ;; | ||
241 | |||
242 | *) | ||
243 | echo "Invalid option “--$OPTARG”!" >&2 | ||
244 | exit 2 | ||
245 | ;; | ||
246 | |||
247 | esac | ||
248 | ;; | ||
249 | |||
250 | esac | ||
251 | done | ||
252 | } | ||
253 | |||
254 | _snapshot_count() { | ||
255 | # FreeBSD wc adds some whitespaces before the number! | ||
256 | # cat $HOME/debug | wc -l | ||
257 | # 7 | ||
258 | local COUNT | ||
259 | COUNT="$(zfs list -t snapshot | grep "$1" | wc -l)" | ||
260 | echo $COUNT | ||
261 | } | ||
262 | |||
263 | _performance_data() { | ||
264 | echo "| \ | ||
265 | last_ago=${DIFF}s;$OPT_WARNING;$OPT_CRITICAL;0 \ | ||
266 | count=$(_snapshot_count "$OPT_DATASET");;;0\ | ||
267 | " | ||
268 | } | ||
269 | |||
270 | ## This SEPARATOR is required for test purposes. Please don’t remove! ## | ||
271 | |||
272 | _getopts $@ | ||
273 | |||
274 | if [ -z "$OPT_WARNING" ]; then | ||
275 | # 1 day | ||
276 | OPT_WARNING=86400 | ||
277 | fi | ||
278 | |||
279 | if [ -z "$OPT_CRITICAL" ]; then | ||
280 | # 3 day | ||
281 | OPT_CRITICAL=259200 | ||
282 | fi | ||
283 | |||
284 | if [ -z "$OPT_DATASET" ]; then | ||
285 | echo "Dataset has to be set! Use option -d <dataset>" >&2 | ||
286 | echo "$USAGE" >&2 | ||
287 | exit $STATE_UNKNOWN | ||
288 | fi | ||
289 | |||
290 | if ! zfs list "$OPT_DATASET" > /dev/null 2>&1; then | ||
291 | echo "'$OPT_DATASET' is no ZFS dataset!" >&2 | ||
292 | echo "$USAGE" >&2 | ||
293 | exit $STATE_UNKNOWN | ||
294 | fi | ||
295 | |||
296 | NOW=$(_now_to_timestamp) | ||
297 | |||
298 | CREATION_DATE=$(_get_last_snapshot "$OPT_DATASET") | ||
299 | |||
300 | DIFF=$((NOW - CREATION_DATE)) | ||
301 | |||
302 | if [ "$OPT_WARNING" -gt "$OPT_CRITICAL" ]; then | ||
303 | echo '-w OPT_WARNING must be smaller than -c OPT_CRITICAL' | ||
304 | _usage >&2 | ||
305 | exit $STATE_UNKNOWN | ||
306 | fi | ||
307 | |||
308 | RETURN=STATE_UNKNOWN | ||
309 | |||
310 | if [ "$DIFF" -gt "$OPT_CRITICAL" ]; then | ||
311 | RETURN=$STATE_CRITICAL | ||
312 | MESSAGE="CRITICAL:" | ||
313 | elif [ "$DIFF" -gt "$OPT_WARNING" ]; then | ||
314 | RETURN=$STATE_WARNING | ||
315 | MESSAGE="WARNING:" | ||
316 | else | ||
317 | RETURN=$STATE_OK | ||
318 | MESSAGE="OK:" | ||
319 | fi | ||
320 | |||
321 | DATE="$(_timestamp_to_datetime "$CREATION_DATE")" | ||
322 | |||
323 | echo "$MESSAGE Last snapshot for dataset '$OPT_DATASET' was created on $DATE $(_performance_data)" | ||
324 | |||
325 | exit $RETURN | ||
diff --git a/modules/private/monitoring/plugins/notify_by_email b/modules/private/monitoring/plugins/notify_by_email deleted file mode 100755 index 959db26..0000000 --- a/modules/private/monitoring/plugins/notify_by_email +++ /dev/null | |||
@@ -1,29 +0,0 @@ | |||
1 | #!/usr/bin/env bash | ||
2 | |||
3 | # $1 = service/host | ||
4 | |||
5 | # $2 = type (PROBLEM RECOVERY ACKNOWLEDGEMENT FLAPPINGSTART FLAPPINGSTOP FLAPPINGDISABLED DOWNTIMESTART DOWNTIMESTOP DOWNTIMECANCELLED) | ||
6 | # http://www.naemon.org/documentation/usersguide/macrolist.html#notificationtype | ||
7 | |||
8 | # $3 = host alias | ||
9 | |||
10 | # $4 = date (YYYY-MM-DDTHH:MM:SS) | ||
11 | |||
12 | # $5 = E-mail | ||
13 | |||
14 | NOTIFICATION_TYPE="$2" | ||
15 | HOST_ALIAS="$3" | ||
16 | DATE="$4" | ||
17 | CONTACT="$5" | ||
18 | |||
19 | message="" | ||
20 | |||
21 | if [ "$1" = "host" ]; then | ||
22 | message=$(printf "%b" "***** Naemon *****\n\nNotification Type: $NOTIFICATION_TYPE\n\nHost: $HOST_ALIAS\nState: $HOSTSTATE\nInfo: $HOSTOUTPUT\n\nDate/Time: $DATE\n") | ||
23 | subject="** $NOTIFICATION_TYPE Host Alert: $HOST_ALIAS is $HOSTSTATE **" | ||
24 | else | ||
25 | message=$(printf "%b" "***** Naemon *****\n\nNotification Type: $NOTIFICATION_TYPE\n\nService: $SERVICEDESC\nHost: $HOST_ALIAS\nState: $SERVICESTATE\n\nDate/Time: $DATE\n\nAdditional Info:\n\n$SERVICEOUTPUT\n") | ||
26 | subject="** $NOTIFICATION_TYPE Service Alert: $HOST_ALIAS/$SERVICEDESC is $SERVICESTATE **" | ||
27 | fi | ||
28 | |||
29 | echo "$message" | MAILRC=/dev/null mail -r "$ADMINEMAIL" -n -s "$subject" "$CONTACT" | ||
diff --git a/modules/private/monitoring/plugins/notify_by_slack b/modules/private/monitoring/plugins/notify_by_slack deleted file mode 100755 index 1b16a0d..0000000 --- a/modules/private/monitoring/plugins/notify_by_slack +++ /dev/null | |||
@@ -1,46 +0,0 @@ | |||
1 | #!/usr/bin/env bash | ||
2 | |||
3 | SLACK_CHANNEL="$1" | ||
4 | SLACK_USERNAME="Naemon" | ||
5 | SLACK_URL="$2" | ||
6 | SLACK_USERICON="https://assets.immae.eu/monitoring.png" | ||
7 | |||
8 | if [ "$SERVICESTATE" = "CRITICAL" ]; then | ||
9 | ICON=":exclamation:" | ||
10 | COLOR="#DA0505" | ||
11 | elif [ "$SERVICESTATE" = "WARNING" ]; then | ||
12 | ICON=":warning:" | ||
13 | COLOR="#F1E903" | ||
14 | elif [ "$SERVICESTATE" = "OK" ]; then | ||
15 | ICON=":white_check_mark:" | ||
16 | COLOR="#36a64f" | ||
17 | elif [ "$SERVICESTATE" = "UNKNOWN" ]; then | ||
18 | ICON=":question:" | ||
19 | COLOR="#000000" | ||
20 | else | ||
21 | ICON=":white_medium_square:" | ||
22 | COLOR="#ffffff" | ||
23 | fi | ||
24 | |||
25 | payload=$(echo "{}" | jq -r \ | ||
26 | --arg "icon_url" "$SLACK_USERICON" \ | ||
27 | --arg "channel" "$SLACK_CHANNEL" \ | ||
28 | --arg "username" "$SLACK_USERNAME" \ | ||
29 | --arg "text" "${ICON} ${SERVICEDESC} on ${HOST} is ${SERVICESTATE}" \ | ||
30 | --arg "color" "$COLOR" \ | ||
31 | --arg "host" "$HOST" \ | ||
32 | --arg "desc" "$SERVICEDESC" \ | ||
33 | --arg "state" "$SERVICESTATE" \ | ||
34 | --arg "output" "$SERVICEOUTPUT" \ | ||
35 | '.icon_url = $icon_url | | ||
36 | .channel = $channel | | ||
37 | .username = $username | | ||
38 | .text = $text | | ||
39 | .attachments = [{fallback:"", color:$color,fields: [{},{},{},{}]}] | | ||
40 | .attachments[0].fields[0] = {title:"Host",value:$host,short:true} | | ||
41 | .attachments[0].fields[1] = {title:"Service description",value:$desc,short:true} | | ||
42 | .attachments[0].fields[2] = {title:"Status",value:$state,short:true} | | ||
43 | .attachments[0].fields[3] = {title:"Message",value:$output,short:false} | ||
44 | ') | ||
45 | |||
46 | curl -X POST --data "payload=$payload" $SLACK_URL | ||
diff --git a/modules/private/monitoring/plugins/notify_eban_url b/modules/private/monitoring/plugins/notify_eban_url deleted file mode 100755 index 107b5de..0000000 --- a/modules/private/monitoring/plugins/notify_eban_url +++ /dev/null | |||
@@ -1,6 +0,0 @@ | |||
1 | #!/usr/bin/env bash | ||
2 | |||
3 | if [ "$SERVICESTATE" = "CRITICAL" -o "$SERVICESTATE" = "UNKNOWN" -o "$HOSTSTATE" = "DOWN" -o "$HOSTSTATE" = "UNREACHABLE" ]; then | ||
4 | MESSAGE="$STATUS_NAME seems down!" | ||
5 | curl -X GET -G --data-urlencode "user=$USER" --data-urlencode "pass=$PASSWORD" --data-urlencode "msg=$MESSAGE" https://smsapi.free-mobile.fr/sendmsg | ||
6 | fi | ||
diff --git a/modules/private/monitoring/plugins/send_nrdp.sh b/modules/private/monitoring/plugins/send_nrdp.sh deleted file mode 100755 index c83c8cb..0000000 --- a/modules/private/monitoring/plugins/send_nrdp.sh +++ /dev/null | |||
@@ -1,57 +0,0 @@ | |||
1 | #!/bin/bash | ||
2 | |||
3 | TEMPLATE='{ | ||
4 | "cmd": "submitcheck", | ||
5 | "token": $token, | ||
6 | "checkresult": [{ | ||
7 | "hostname": $hostname, | ||
8 | "state": $state, | ||
9 | "output": $output, | ||
10 | "type": $type, | ||
11 | "servicename": $servicename | ||
12 | }] | ||
13 | }' | ||
14 | |||
15 | while getopts "u:t:H:s:S:o:" option | ||
16 | do | ||
17 | case $option in | ||
18 | u) url=$OPTARG ;; | ||
19 | t) token=$OPTARG ;; | ||
20 | H) hostname=$OPTARG ;; | ||
21 | s) servicename=$OPTARG ;; | ||
22 | S) state=$OPTARG ;; | ||
23 | o) output=$OPTARG ;; | ||
24 | esac | ||
25 | done | ||
26 | |||
27 | if [ -n "$servicename" ]; then | ||
28 | checktype="service" | ||
29 | else | ||
30 | checktype="host" | ||
31 | fi | ||
32 | |||
33 | payload=$(jq -n \ | ||
34 | --arg type "$checktype" \ | ||
35 | --arg hostname "$hostname" \ | ||
36 | --arg servicename "$servicename" \ | ||
37 | --arg output "$output" \ | ||
38 | --arg token "$token" \ | ||
39 | --arg state "$state" \ | ||
40 | "$TEMPLATE") | ||
41 | |||
42 | rslt=$(curl -f --silent --insecure -d "$payload" -H "Content-Type: application/json" "$url") | ||
43 | ret=$? | ||
44 | |||
45 | if [ $ret != 0 ];then | ||
46 | echo "ERROR: could not connect to NRDP server at $url" | ||
47 | exit 1 | ||
48 | fi | ||
49 | |||
50 | status=$(echo "$rslt" | jq -r .status) | ||
51 | message=$(echo "$rslt" | jq -r .message) | ||
52 | |||
53 | if [ "$status" != "ok" ];then | ||
54 | echo "ERROR: The NRDP Server said $message" | ||
55 | exit 2 | ||
56 | fi | ||
57 | echo "Sent 1 checks to $url" | ||
diff --git a/modules/private/monitoring/send_mails b/modules/private/monitoring/send_mails deleted file mode 100755 index 105c505..0000000 --- a/modules/private/monitoring/send_mails +++ /dev/null | |||
@@ -1,15 +0,0 @@ | |||
1 | #!/usr/bin/env bash | ||
2 | |||
3 | CHECK_DIR=$1 | ||
4 | shift | ||
5 | RETURN_PATH=$1 | ||
6 | shift | ||
7 | |||
8 | for mail in "$@"; do | ||
9 | echo "Test Mail" | MAILRC=/dev/null mail -n -r "$RETURN_PATH" -s "TestMailImmae " "$mail" | ||
10 | done | ||
11 | |||
12 | if [ -d "$CHECK_DIR" ]; then | ||
13 | cd $CHECK_DIR | ||
14 | stat -c '%n;%y' * | ||
15 | fi | ||
diff --git a/modules/private/monitoring/status.nix b/modules/private/monitoring/status.nix deleted file mode 100644 index ab0290c..0000000 --- a/modules/private/monitoring/status.nix +++ /dev/null | |||
@@ -1,93 +0,0 @@ | |||
1 | { config, pkgs, lib, name, ... }: | ||
2 | { | ||
3 | options = { | ||
4 | myServices.status = { | ||
5 | enable = lib.mkOption { | ||
6 | type = lib.types.bool; | ||
7 | default = false; | ||
8 | description = '' | ||
9 | Whether to enable status app. | ||
10 | ''; | ||
11 | }; | ||
12 | }; | ||
13 | }; | ||
14 | config = lib.mkIf config.myServices.status.enable { | ||
15 | secrets.keys."naemon-status/environment" = { | ||
16 | user = "naemon"; | ||
17 | group = "naemon"; | ||
18 | permissions = "0400"; | ||
19 | text = '' | ||
20 | TOKENS=${builtins.concatStringsSep " " config.myEnv.monitoring.nrdp_tokens} | ||
21 | ''; | ||
22 | }; | ||
23 | services.nginx = { | ||
24 | enable = true; | ||
25 | recommendedOptimisation = true; | ||
26 | recommendedGzipSettings = true; | ||
27 | recommendedProxySettings = true; | ||
28 | upstreams."netdata".servers = { "127.0.0.1:19999" = {}; }; | ||
29 | upstreams."netdata".extraConfig = '' | ||
30 | keepalive 64; | ||
31 | ''; | ||
32 | virtualHosts."status.eban.bzh" = { | ||
33 | acmeRoot = config.myServices.certificates.webroot; | ||
34 | useACMEHost = name; | ||
35 | forceSSL = true; | ||
36 | locations."/".proxyPass = "http://unix:/run/naemon-status/socket.sock:/"; | ||
37 | }; | ||
38 | virtualHosts."status.immae.eu" = { | ||
39 | acmeRoot = config.myServices.certificates.webroot; | ||
40 | useACMEHost = name; | ||
41 | forceSSL = true; | ||
42 | locations."/".proxyPass = "http://unix:/run/naemon-status/socket.sock:/"; | ||
43 | |||
44 | locations."= /netdata".return = "301 /netdata/"; | ||
45 | locations."~ /netdata/(?<ndpath>.*)".extraConfig = '' | ||
46 | proxy_redirect off; | ||
47 | proxy_set_header Host $host; | ||
48 | |||
49 | proxy_set_header X-Forwarded-Host $host; | ||
50 | proxy_set_header X-Forwarded-Server $host; | ||
51 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | ||
52 | proxy_http_version 1.1; | ||
53 | proxy_pass_request_headers on; | ||
54 | proxy_set_header Connection "keep-alive"; | ||
55 | proxy_store off; | ||
56 | proxy_pass http://netdata/$ndpath$is_args$args; | ||
57 | |||
58 | gzip on; | ||
59 | gzip_proxied any; | ||
60 | gzip_types *; | ||
61 | ''; | ||
62 | }; | ||
63 | }; | ||
64 | security.acme.certs."${name}" = { | ||
65 | extraDomains."status.immae.eu" = null; | ||
66 | extraDomains."status.eban.bzh" = null; | ||
67 | user = config.services.nginx.user; | ||
68 | group = config.services.nginx.group; | ||
69 | }; | ||
70 | |||
71 | myServices.certificates.enable = true; | ||
72 | networking.firewall.allowedTCPPorts = [ 80 443 ]; | ||
73 | systemd.services.naemon-status = { | ||
74 | description = "Naemon status"; | ||
75 | after = [ "network.target" ]; | ||
76 | wantedBy = [ "multi-user.target" ]; | ||
77 | |||
78 | serviceConfig = { | ||
79 | EnvironmentFile = config.secrets.fullPaths."naemon-status/environment"; | ||
80 | Type = "simple"; | ||
81 | WorkingDirectory = "${./status}"; | ||
82 | ExecStart = let | ||
83 | python = pkgs.python3.withPackages (p: [ p.gunicorn p.flask p.flask_login ]); | ||
84 | in | ||
85 | "${python}/bin/gunicorn -w4 --bind unix:/run/naemon-status/socket.sock app:app"; | ||
86 | User = "naemon"; | ||
87 | RuntimeDirectory = "naemon-status"; | ||
88 | StandardOutput = "journal"; | ||
89 | StandardError = "inherit"; | ||
90 | }; | ||
91 | }; | ||
92 | }; | ||
93 | } | ||
diff --git a/modules/private/monitoring/status/app.py b/modules/private/monitoring/status/app.py deleted file mode 100755 index ff92891..0000000 --- a/modules/private/monitoring/status/app.py +++ /dev/null | |||
@@ -1,414 +0,0 @@ | |||
1 | from flask import Flask, request, render_template_string, jsonify, make_response | ||
2 | from flask_login import LoginManager, UserMixin, login_required | ||
3 | import socket | ||
4 | import json | ||
5 | import time | ||
6 | import os | ||
7 | |||
8 | login_manager = LoginManager() | ||
9 | app = Flask(__name__) | ||
10 | login_manager.init_app(app) | ||
11 | |||
12 | STATUS = [ | ||
13 | "ok", | ||
14 | "warning", | ||
15 | "error", | ||
16 | "unknown" | ||
17 | ] | ||
18 | |||
19 | HOST_STATUS = [ | ||
20 | "up", | ||
21 | "down", | ||
22 | "unreachable", | ||
23 | ] | ||
24 | |||
25 | #### Push | ||
26 | AUTHORIZED_KEYS = os.environ.get("TOKENS", "").split() | ||
27 | COMMAND_FILE = "/var/run/naemon/naemon.cmd" | ||
28 | |||
29 | ERROR_NO_REQUEST_HANDLER="NO REQUEST HANDLER" | ||
30 | ERROR_NO_TOKEN_SUPPLIED="NO TOKEN" | ||
31 | ERROR_BAD_TOKEN_SUPPLIED="BAD TOKEN" | ||
32 | |||
33 | ERROR_BAD_COMMAND_FILE="BAD COMMAND FILE" | ||
34 | ERROR_COMMAND_FILE_OPEN_WRITE="COMMAND FILE UNWRITEABLE" | ||
35 | ERROR_COMMAND_FILE_OPEN="CANNOT OPEN COMMAND FILE" | ||
36 | ERROR_BAD_WRITE="WRITE ERROR" | ||
37 | |||
38 | ERROR_BAD_DATA="BAD DATA" | ||
39 | ERROR_BAD_JSON="BAD JSON" | ||
40 | |||
41 | ERROR_NO_CORRECT_STATUS="NO STATUS WAS CORRECT" | ||
42 | #### /Push | ||
43 | |||
44 | def get_lq(request): | ||
45 | # https://mathias-kettner.de/checkmk_livestatus.html | ||
46 | socket_path="/var/run/naemon/live" | ||
47 | s = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM) | ||
48 | s.connect(socket_path) | ||
49 | s.send(request.encode()) | ||
50 | s.shutdown(socket.SHUT_WR) | ||
51 | chunks = [] | ||
52 | while len(chunks) == 0 or len(chunks[-1]) > 0: | ||
53 | chunks.append(s.recv(4096)) | ||
54 | s.close() | ||
55 | return b"".join(chunks).decode() | ||
56 | |||
57 | class Host: | ||
58 | def __init__(self, name, alias, status, webname, vhost): | ||
59 | self.name = name | ||
60 | self.alias = alias | ||
61 | self.webname = webname or alias | ||
62 | self.vhost = vhost | ||
63 | self.status = status | ||
64 | self.services = [] | ||
65 | |||
66 | @classmethod | ||
67 | def parse_hosts(cls, payload, vhost): | ||
68 | parsed = filter(lambda x: x.vhost == vhost, [cls.parse(p) for p in json.loads(payload)]) | ||
69 | return {p.name: p for p in parsed} | ||
70 | |||
71 | @classmethod | ||
72 | def parse(cls, payload): | ||
73 | return cls(payload[0], payload[1], HOST_STATUS[payload[2]], payload[3].get("WEBSTATUS_NAME"), payload[3].get("WEBSTATUS_VHOST")) | ||
74 | |||
75 | def __repr__(self): | ||
76 | return "Host {}: {} ({})".format(self.name, self.alias, self.webname) | ||
77 | |||
78 | @classmethod | ||
79 | def query(cls, vhost): | ||
80 | answer = get_lq("""GET hosts | ||
81 | Filter: groups >= webstatus-hosts | ||
82 | Columns: name alias state custom_variables | ||
83 | OutputFormat: json | ||
84 | """) | ||
85 | return cls.parse_hosts(answer, vhost) | ||
86 | |||
87 | def fill_services(self, services): | ||
88 | self.services = [service for service in services if service.host == self.name] | ||
89 | |||
90 | class ServiceGroup: | ||
91 | def __init__(self, name, alias): | ||
92 | self.name = name | ||
93 | self.alias = alias | ||
94 | self.services = [] | ||
95 | |||
96 | @classmethod | ||
97 | def parse_groups(cls, payload): | ||
98 | parsed = [cls.parse(p) for p in json.loads(payload)] | ||
99 | return {p.name: p for p in parsed} | ||
100 | |||
101 | @classmethod | ||
102 | def parse(cls, payload): | ||
103 | return cls(payload[0], payload[1]) | ||
104 | |||
105 | @classmethod | ||
106 | def query(cls): | ||
107 | answer = get_lq("""GET servicegroups | ||
108 | Filter: name ~ ^webstatus- | ||
109 | Columns: name alias custom_variables | ||
110 | OutputFormat: json | ||
111 | """) | ||
112 | return cls.parse_groups(answer) | ||
113 | |||
114 | def fill_services(self, services, hosts): | ||
115 | self.services = [service for service in services if any([group == self.name for group in service.groups]) and service.host in hosts] | ||
116 | |||
117 | def __repr__(self): | ||
118 | return "ServiceGroup {}: {}".format(self.name, self.alias) | ||
119 | |||
120 | class Service: | ||
121 | def __init__(self, name, host, groups, status, webname, url, description, infos): | ||
122 | self.name = name | ||
123 | self.host = host | ||
124 | self.groups = groups | ||
125 | self.status = status | ||
126 | self.webname = webname | ||
127 | self.url = url | ||
128 | self.description = description | ||
129 | self.infos = infos | ||
130 | |||
131 | @classmethod | ||
132 | def parse_services(cls, payload): | ||
133 | parsed = json.loads(payload) | ||
134 | return [cls.parse(p) for p in parsed if cls.valid(p[2])] | ||
135 | |||
136 | @staticmethod | ||
137 | def valid(groups): | ||
138 | return any([b.startswith("webstatus-") for b in groups]) | ||
139 | |||
140 | @classmethod | ||
141 | def parse(cls, payload): | ||
142 | return cls(payload[0], | ||
143 | payload[1], | ||
144 | payload[2], | ||
145 | STATUS[payload[3]], | ||
146 | payload[4].get("WEBSTATUS_NAME"), | ||
147 | payload[4].get("WEBSTATUS_URL"), | ||
148 | payload[5], | ||
149 | payload[6]) | ||
150 | |||
151 | @classmethod | ||
152 | def query(cls): | ||
153 | answer = get_lq("""GET services | ||
154 | Columns: display_name host_name groups state custom_variables description plugin_output | ||
155 | OutputFormat: json | ||
156 | """) | ||
157 | return cls.parse_services(answer) | ||
158 | |||
159 | def __repr__(self): | ||
160 | return "Service {}: {}".format(self.name, self.webname) | ||
161 | |||
162 | def get_infos(vhost): | ||
163 | hosts = Host.query(vhost) | ||
164 | servicegroups = ServiceGroup.query() | ||
165 | services = Service.query() | ||
166 | |||
167 | for host in hosts: | ||
168 | hosts[host].fill_services(services) | ||
169 | for group in servicegroups: | ||
170 | servicegroups[group].fill_services(services, hosts) | ||
171 | return (hosts, servicegroups, services) | ||
172 | |||
173 | TEMPLATE='''<?xml version="1.0" encoding="UTF-8"?> | ||
174 | <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"> | ||
175 | <html lang="en" xmlns="http://www.w3.org/1999/xhtml"> | ||
176 | <head> | ||
177 | <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> | ||
178 | <meta name="viewport" content="width=device-width, initial-scale=1.0" /> | ||
179 | <title>Status</title> | ||
180 | <meta name="referrer" content="no-referrer" /> | ||
181 | <style type="text/css"> | ||
182 | ul { | ||
183 | list-style: none; | ||
184 | margin: 0px; | ||
185 | } | ||
186 | ul li:nth-child(2n) { | ||
187 | background-color: rgb(240, 240, 240); | ||
188 | } | ||
189 | li.resource, li.service { | ||
190 | margin: 1px 0px; | ||
191 | } | ||
192 | span.status { | ||
193 | display: inline-block; | ||
194 | width: 150px; | ||
195 | text-align: center; | ||
196 | margin-right: 5px; | ||
197 | font-variant: small-caps; | ||
198 | font-size: 1.2em; | ||
199 | } | ||
200 | .status_ok,.status_up { | ||
201 | background-color: rgba(0, 255, 0, 0.5);; | ||
202 | } | ||
203 | .status_warning { | ||
204 | background-color: rgba(255, 255, 0, 0.5);; | ||
205 | } | ||
206 | .status_error,.status_down { | ||
207 | background-color: rgba(255, 0, 0, 0.5);; | ||
208 | } | ||
209 | .status_unknown,.status_unreachable { | ||
210 | background-color: rgba(0, 0, 255, 0.5);; | ||
211 | } | ||
212 | .infos { | ||
213 | margin-left: 40px; | ||
214 | color: rgb(100, 100, 100); | ||
215 | } | ||
216 | div#services { | ||
217 | column-count: auto; | ||
218 | column-width: 36em; | ||
219 | } | ||
220 | div.servicegroup { | ||
221 | -webkit-column-break-inside: avoid; | ||
222 | break-inside: avoid; | ||
223 | } | ||
224 | h3.servicegroup_title, h3.host_title { | ||
225 | margin: 1px 0px; | ||
226 | } | ||
227 | span.service_host, span.infos { | ||
228 | float: right; | ||
229 | display: inline-block; | ||
230 | color: rgb(100, 100, 100); | ||
231 | } | ||
232 | </style> | ||
233 | </head> | ||
234 | <body> | ||
235 | <h2>Hosts</h2> | ||
236 | {%- for host in hosts.values() %} | ||
237 | <h3 class="host_title"> | ||
238 | <span class="status status_{{ host.status }}">{{ host.status }}</span> | ||
239 | <span class="host">{{ host.webname }}</span> | ||
240 | </h3> | ||
241 | {%- for service in servicegroups["webstatus-resources"].services if service.host == host.name -%} | ||
242 | {%- if loop.first %} | ||
243 | <ul class="resources"> | ||
244 | {% endif %} | ||
245 | |||
246 | <li class="resource"> | ||
247 | <span class="status status_{{ service.status }}">{{ service.status }}</span> | ||
248 | <span class="description">{{ service.description }}</span> | ||
249 | <span class="infos">{{ service.infos }}</span> | ||
250 | </li> | ||
251 | |||
252 | {%- if loop.last %} | ||
253 | </ul> | ||
254 | {% endif %} | ||
255 | {% endfor %} | ||
256 | {%- endfor %} | ||
257 | |||
258 | {%- for group in servicegroups.values() if group.services and group.name != "webstatus-resources" %} | ||
259 | {%- if loop.first %} | ||
260 | <h2>Services</h2> | ||
261 | <div id="services"> | ||
262 | {%- endif %} | ||
263 | <div class="servicegroup"> | ||
264 | <h3 class="servicegroup_title">{{ group.alias }}</h3> | ||
265 | {%- for service in group.services if service.host in hosts -%} | ||
266 | {%- if loop.first %} | ||
267 | <ul class="services"> | ||
268 | {% endif %} | ||
269 | |||
270 | <li class="service" title="{{ service.infos }}"> | ||
271 | <span class="status status_{{ service.status }}">{{ service.status }}</span> | ||
272 | <span class="description"> | ||
273 | {% if service.url and service.url.startswith("https://") %} | ||
274 | <a href="{{ service.url }}">{{ service.webname or service.description }}</a> | ||
275 | {% else %} | ||
276 | {{ service.webname or service.description }} | ||
277 | {% endif %} | ||
278 | </span> | ||
279 | <span class="service_host">{{ hosts[service.host].webname }}</span> | ||
280 | </li> | ||
281 | |||
282 | {%- if loop.last %} | ||
283 | </ul> | ||
284 | {% endif %} | ||
285 | {%- endfor -%} | ||
286 | </div> | ||
287 | {%- if loop.last %} | ||
288 | </div> | ||
289 | {% endif %} | ||
290 | {%- endfor %} | ||
291 | </body> | ||
292 | </html> | ||
293 | ''' | ||
294 | |||
295 | @login_manager.request_loader | ||
296 | def load_user_from_request(request): | ||
297 | api_key = request.headers.get('Token') | ||
298 | if api_key in AUTHORIZED_KEYS: | ||
299 | return UserMixin() | ||
300 | content = request.get_json(force=True, silent=True) | ||
301 | if content is not None and content.get("token") in AUTHORIZED_KEYS: | ||
302 | return UserMixin() | ||
303 | |||
304 | @app.route("/live", methods=["POST"]) | ||
305 | @login_required | ||
306 | def live(): | ||
307 | query = request.get_data() | ||
308 | result = get_lq(query.decode() + "\n") | ||
309 | resp = make_response(result) | ||
310 | resp.content_type = "text/plain" | ||
311 | return resp | ||
312 | |||
313 | @app.route("/", methods=["GET"]) | ||
314 | def get(): | ||
315 | (hosts, servicegroups, services) = get_infos(request.host) | ||
316 | resp = make_response(render_template_string(TEMPLATE, hosts=hosts, servicegroups=servicegroups)) | ||
317 | resp.content_type = "text/html" | ||
318 | return resp | ||
319 | |||
320 | @app.route("/", methods=["POST"]) | ||
321 | @login_required | ||
322 | def push(): | ||
323 | content = request.get_json(force=True, silent=True) | ||
324 | if content is None: | ||
325 | return ERROR_BAD_JSON | ||
326 | if content.get("cmd") != "submitcheck": | ||
327 | return render_error(ERROR_NO_REQUEST_HANDLER) | ||
328 | if "checkresult" not in content or not isinstance(content["checkresult"], list): | ||
329 | return render_error(ERROR_BAD_DATA) | ||
330 | |||
331 | checks = 0 | ||
332 | errors = 0 | ||
333 | for check in map(lambda x: CheckResult.from_json(x), content["checkresult"]): | ||
334 | if check is None: | ||
335 | errors += 1 | ||
336 | continue | ||
337 | try: | ||
338 | write_check_output(check) | ||
339 | except Exception as e: | ||
340 | return render_error(str(e)) | ||
341 | checks += 1 | ||
342 | return render_response(checks, errors) | ||
343 | |||
344 | def write_check_output(check): | ||
345 | if check.type== "service": | ||
346 | command = "[{time}] PROCESS_SERVICE_CHECK_RESULT;{hostname};{servicename};{state};{output}"; | ||
347 | else: | ||
348 | command = "[{time}] PROCESS_HOST_CHECK_RESULT;{hostname};{state};{output}"; | ||
349 | formatted = command.format( | ||
350 | time=int(time.time()), | ||
351 | hostname=check.hostname, | ||
352 | state=check.state, | ||
353 | output=check.output, | ||
354 | servicename=check.servicename, | ||
355 | ) | ||
356 | |||
357 | if not os.path.exists(COMMAND_FILE): | ||
358 | raise Exception(ERROR_BAD_COMMAND_FILE) | ||
359 | if not os.access(COMMAND_FILE, os.W_OK): | ||
360 | raise Exception(ERROR_COMMAND_FILE_OPEN_WRITE) | ||
361 | if not os.access(COMMAND_FILE, os.W_OK): | ||
362 | raise Exception(ERROR_COMMAND_FILE_OPEN_WRITE) | ||
363 | try: | ||
364 | with open(COMMAND_FILE, "w") as c: | ||
365 | c.write(formatted + "\n") | ||
366 | except Exception as e: | ||
367 | raise Exception(ERROR_BAD_WRITE) | ||
368 | |||
369 | def render_error(error): | ||
370 | return jsonify({ | ||
371 | "status": "error", | ||
372 | "message": error, | ||
373 | }) | ||
374 | |||
375 | def render_response(checks, errors): | ||
376 | if checks > 0: | ||
377 | return jsonify({ | ||
378 | "status": "ok", | ||
379 | "result": { | ||
380 | "checks": checks, | ||
381 | "errors": errors, | ||
382 | } | ||
383 | }) | ||
384 | else: | ||
385 | return jsonify({ | ||
386 | "status": "error", | ||
387 | "message": ERROR_NO_CORRECT_STATUS, | ||
388 | }) | ||
389 | |||
390 | class CheckResult: | ||
391 | def __init__(self, hostname, state, output, servicename, checktype): | ||
392 | self.hostname = hostname | ||
393 | self.state = state | ||
394 | self.output = output | ||
395 | self.servicename = servicename | ||
396 | self.type = checktype | ||
397 | |||
398 | @classmethod | ||
399 | def from_json(klass, j): | ||
400 | if not isinstance(j, dict): | ||
401 | return None | ||
402 | for key in ["hostname", "state", "output"]: | ||
403 | if key not in j or not isinstance(j[key], str): | ||
404 | return None | ||
405 | for key in ["servicename", "type"]: | ||
406 | if key in j and not isinstance(j[key], str): | ||
407 | return None | ||
408 | return klass( | ||
409 | j["hostname"], | ||
410 | j["state"], | ||
411 | j["output"], | ||
412 | j.get("servicename", ""), | ||
413 | j.get("type", "host")) | ||
414 | |||
diff --git a/modules/private/monitoring/status_engine.nix b/modules/private/monitoring/status_engine.nix deleted file mode 100644 index 39a753a..0000000 --- a/modules/private/monitoring/status_engine.nix +++ /dev/null | |||
@@ -1,115 +0,0 @@ | |||
1 | { config, pkgs, lib, name, ... }: | ||
2 | let | ||
3 | package = pkgs.status_engine.worker.override { config_file = config.secrets.fullPaths."status_engine"; }; | ||
4 | env = config.myEnv.tools.status_engine; | ||
5 | in | ||
6 | { | ||
7 | config = lib.mkIf config.myServices.status.enable { | ||
8 | systemd.services.gearmand = { | ||
9 | description = "Gearman daemon"; | ||
10 | after = [ "network.target" ]; | ||
11 | wantedBy = [ "multi-user.target" ]; | ||
12 | serviceConfig = { | ||
13 | DynamicUser = true; | ||
14 | User = "gearmand"; | ||
15 | Type = "simple"; | ||
16 | ExecStart = "${pkgs.gearmand}/bin/gearmand --syslog -L 127.0.0.1 -q libsqlite3 --libsqlite3-db /var/lib/gearmand/gearmand.db --store-queue-on-shutdown -l stderr -P /run/gearmand/gearmand.pid"; | ||
17 | RuntimeDirectory = "gearmand"; | ||
18 | StateDirectory = "gearmand"; | ||
19 | }; | ||
20 | }; | ||
21 | |||
22 | secrets.keys."status_engine" = { | ||
23 | permissions = "0400"; | ||
24 | user = "naemon"; | ||
25 | group = "naemon"; | ||
26 | text = '' | ||
27 | node_name: ${name} | ||
28 | use_gearman: 1 | ||
29 | gearman: | ||
30 | address: 127.0.0.1 | ||
31 | port: 4730 | ||
32 | timeout: 1000 | ||
33 | use_rabbitmq: 0 | ||
34 | use_redis: 1 | ||
35 | redis: | ||
36 | address: 127.0.0.1 | ||
37 | port: 6379 | ||
38 | db: 0 | ||
39 | store_live_data_in_archive_backend: 1 | ||
40 | use_mysql: 1 | ||
41 | mysql: | ||
42 | host: ${env.mysql.remoteHost} | ||
43 | port: ${env.mysql.port} | ||
44 | username: ${env.mysql.user} | ||
45 | password: ${env.mysql.password} | ||
46 | database: ${env.mysql.database} | ||
47 | use_crate: 0 | ||
48 | number_of_bulk_records: 100 | ||
49 | max_bulk_delay: 5 | ||
50 | number_servicestatus_worker: 1 | ||
51 | number_hoststatus_worker: 1 | ||
52 | number_logentry_worker: 1 | ||
53 | number_statechange_worker: 1 | ||
54 | number_hostcheck_worker: 1 | ||
55 | number_servicecheck_worker: 1 | ||
56 | number_misc_worker: 1 | ||
57 | |||
58 | process_perfdata: 1 | ||
59 | number_perfdata_worker: 1 | ||
60 | perfdata_backend: | ||
61 | - mysql | ||
62 | |||
63 | check_for_commands: 1 | ||
64 | command_check_interval: 15 | ||
65 | external_command_file: /run/naemon/naemon.cmd | ||
66 | query_handler: /run/naemon/naemon.qh | ||
67 | submit_method: qh | ||
68 | |||
69 | syslog_enabled: 1 | ||
70 | syslog_tag: statusengine-worker | ||
71 | |||
72 | # Archive age | ||
73 | age_hostchecks: 5 | ||
74 | age_host_acknowledgements: 60 | ||
75 | age_host_notifications: 60 | ||
76 | age_host_statehistory: 365 | ||
77 | age_host_downtimes: 60 | ||
78 | age_servicechecks: 5 | ||
79 | age_service_acknowledgements: 60 | ||
80 | age_service_notifications: 60 | ||
81 | age_service_statehistory: 365 | ||
82 | age_service_downtimes: 60 | ||
83 | age_logentries: 5 | ||
84 | age_tasks: 1 | ||
85 | age_perfdata: 90 | ||
86 | |||
87 | disable_http_proxy: 1 | ||
88 | ''; | ||
89 | }; | ||
90 | |||
91 | services.redis = rec { | ||
92 | enable = true; | ||
93 | bind = "127.0.0.1"; | ||
94 | }; | ||
95 | |||
96 | services.cron = { | ||
97 | mailto = "cron@immae.eu"; | ||
98 | systemCronJobs = [ | ||
99 | "0 0 * * * naemon cd ${package} && ./bin/Console.php cleanup" | ||
100 | ]; | ||
101 | }; | ||
102 | |||
103 | systemd.services.status_engine_worker = { | ||
104 | description = "Status engine worker"; | ||
105 | after = [ "network.target" ]; | ||
106 | wantedBy = [ "multi-user.target" ]; | ||
107 | serviceConfig = { | ||
108 | Type = "simple"; | ||
109 | Restart = "on-failure"; | ||
110 | User = "naemon"; | ||
111 | ExecStart = "${package}/bin/StatusengineWorker.php"; | ||
112 | }; | ||
113 | }; | ||
114 | }; | ||
115 | } | ||
diff --git a/modules/private/monitoring/to_objects.nix b/modules/private/monitoring/to_objects.nix deleted file mode 100644 index 12721d2..0000000 --- a/modules/private/monitoring/to_objects.nix +++ /dev/null | |||
@@ -1,77 +0,0 @@ | |||
1 | { lib }: | ||
2 | with lib.attrsets; | ||
3 | with lib.strings; | ||
4 | with lib.lists; | ||
5 | with lib.trivial; | ||
6 | let | ||
7 | pad = width: str: let | ||
8 | padWidth = width - stringLength str; | ||
9 | padding = concatStrings (genList (const " ") padWidth); | ||
10 | in str + optionalString (padWidth > 0) padding; | ||
11 | toStr = k: v: | ||
12 | if k == "check_command" && builtins.isList v | ||
13 | then builtins.concatStringsSep "!" v | ||
14 | else v; | ||
15 | |||
16 | toService = service: '' | ||
17 | define service { | ||
18 | ${builtins.concatStringsSep "\n" (mapAttrsToList (k: v: | ||
19 | " ${pad 30 k} ${toStr k v}" | ||
20 | ) (filterAttrs (k: v: ! builtins.elem k ["passiveInfo" "filter"]) service))} | ||
21 | } | ||
22 | ''; | ||
23 | toServices = services: builtins.concatStringsSep "\n" (map toService services); | ||
24 | |||
25 | toCommand = k: v: '' | ||
26 | define command { | ||
27 | ${pad 30 "command_name"} ${k} | ||
28 | ${pad 30 "command_line"} ${v} | ||
29 | } | ||
30 | ''; | ||
31 | toCommands = a: builtins.concatStringsSep "\n" (mapAttrsToList toCommand a); | ||
32 | |||
33 | toOther = keyname: k: v: '' | ||
34 | define ${keyname} { | ||
35 | ${pad 30 "${keyname}_name"} ${k} | ||
36 | ${builtins.concatStringsSep "\n" (mapAttrsToList (kk: vv: | ||
37 | " ${pad 30 kk} ${vv}" | ||
38 | ) v)} | ||
39 | } | ||
40 | ''; | ||
41 | toOtherNoName = keyname: v: '' | ||
42 | define ${keyname} { | ||
43 | ${builtins.concatStringsSep "\n" (mapAttrsToList (kk: vv: | ||
44 | " ${pad 30 kk} ${vv}" | ||
45 | ) v)} | ||
46 | } | ||
47 | ''; | ||
48 | toOthers = keyname: a: builtins.concatStringsSep "\n" (mapAttrsToList (toOther keyname) a); | ||
49 | toOthersArray = keyname: a: builtins.concatStringsSep "\n" (map (toOtherNoName keyname) a); | ||
50 | |||
51 | toTemplate = keyname: k: v: '' | ||
52 | define ${keyname} { | ||
53 | ${pad 30 "name"} ${k} | ||
54 | ${pad 30 "register"} 0 | ||
55 | ${builtins.concatStringsSep "\n" (mapAttrsToList (kk: vv: | ||
56 | " ${pad 30 kk} ${vv}" | ||
57 | ) v)} | ||
58 | } | ||
59 | ''; | ||
60 | toTemplates' = keyname: a: builtins.concatStringsSep "\n" (mapAttrsToList (toTemplate keyname) a); | ||
61 | toTemplates = v: builtins.concatStringsSep "\n" (mapAttrsToList toTemplates' v); | ||
62 | |||
63 | toObjects' = keyname: v: | ||
64 | if keyname == "service" | ||
65 | then toServices v | ||
66 | else if keyname == "command" | ||
67 | then toCommands v | ||
68 | else if keyname == "templates" | ||
69 | then toTemplates v | ||
70 | else if builtins.elem keyname ["hostgroup" "host" "contactgroup" "contact" "timeperiod" "servicegroup"] | ||
71 | then toOthers keyname v | ||
72 | else if builtins.elem keyname ["servicedependency"] | ||
73 | then toOthersArray keyname v | ||
74 | else ""; | ||
75 | toObjects = v: builtins.concatStringsSep "\n" (mapAttrsToList toObjects' v); | ||
76 | in | ||
77 | toObjects | ||