diff options
author | Micah Anderson <micah@riseup.net> | 2016-11-04 10:54:28 -0400 |
---|---|---|
committer | Micah Anderson <micah@riseup.net> | 2016-11-04 10:54:28 -0400 |
commit | 34a381efa8f6295080c843f86bfa07d4e41056af (patch) | |
tree | 9282cf5d4c876688602705a7fa0002bc4a810bde /puppet/modules/nagios/manifests/service | |
parent | 0a72bc6fd292bf9367b314fcb0347c4d35042f16 (diff) | |
parent | 5821964ff7e16ca7aa9141bd09a77d355db492a9 (diff) |
Merge branch 'develop'
Diffstat (limited to 'puppet/modules/nagios/manifests/service')
m--------- | puppet/modules/nagios | 0 | ||||
-rw-r--r-- | puppet/modules/nagios/manifests/service/dns.pp | 19 | ||||
-rw-r--r-- | puppet/modules/nagios/manifests/service/dns_host.pp | 22 | ||||
-rw-r--r-- | puppet/modules/nagios/manifests/service/gpgkey.pp | 49 | ||||
-rw-r--r-- | puppet/modules/nagios/manifests/service/horde_login.pp | 18 | ||||
-rw-r--r-- | puppet/modules/nagios/manifests/service/http.pp | 54 | ||||
-rw-r--r-- | puppet/modules/nagios/manifests/service/imap.pp | 34 | ||||
-rw-r--r-- | puppet/modules/nagios/manifests/service/imap_login.pp | 22 | ||||
-rw-r--r-- | puppet/modules/nagios/manifests/service/mysql.pp | 58 | ||||
-rw-r--r-- | puppet/modules/nagios/manifests/service/ntp.pp | 9 | ||||
-rw-r--r-- | puppet/modules/nagios/manifests/service/passive.pp | 18 | ||||
-rw-r--r-- | puppet/modules/nagios/manifests/service/ping.pp | 9 | ||||
-rw-r--r-- | puppet/modules/nagios/manifests/service/pop.pp | 32 | ||||
-rw-r--r-- | puppet/modules/nagios/manifests/service/pop3_login.pp | 22 | ||||
-rw-r--r-- | puppet/modules/nagios/manifests/service/smtp.pp | 50 | ||||
-rw-r--r-- | puppet/modules/nagios/manifests/service/ssmtp.pp | 32 |
16 files changed, 448 insertions, 0 deletions
diff --git a/puppet/modules/nagios b/puppet/modules/nagios deleted file mode 160000 -Subproject 68dab01a85996e14efcccf856b623a2caf25782 diff --git a/puppet/modules/nagios/manifests/service/dns.pp b/puppet/modules/nagios/manifests/service/dns.pp new file mode 100644 index 00000000..5ef6e3e8 --- /dev/null +++ b/puppet/modules/nagios/manifests/service/dns.pp @@ -0,0 +1,19 @@ +define nagios::service::dns( + $host_name = $::fqdn, + $comment = $name, + $check_domain = $name, + $ip +){ + if $name != $comment { + $check_name = "${comment}_${name}_${::hostname}" + } else { + $check_name = "${name}_${::hostname}" + } + + nagios::service{ + $check_name: + check_command => "check_dns2!${check_domain}!${ip}", + host_name => $host_name, + service_description => "check if ${::host_name} is resolving ${check_domain}"; + } +} diff --git a/puppet/modules/nagios/manifests/service/dns_host.pp b/puppet/modules/nagios/manifests/service/dns_host.pp new file mode 100644 index 00000000..d88f3735 --- /dev/null +++ b/puppet/modules/nagios/manifests/service/dns_host.pp @@ -0,0 +1,22 @@ +# add a special host and monitor +# it's dns service +define nagios::service::dns_host( + $check_domain, + $host_alias, + $parent, + $ip +){ + @@nagios_host{$name: + address => $ip, + alias => $host_alias, + use => 'generic-host', + parents => $parent, + } + + nagios::service::dns{$name: + host_name => $name, + comment => 'public_ns', + check_domain => $check_domain, + ip => $ip, + } +} diff --git a/puppet/modules/nagios/manifests/service/gpgkey.pp b/puppet/modules/nagios/manifests/service/gpgkey.pp new file mode 100644 index 00000000..df13ca88 --- /dev/null +++ b/puppet/modules/nagios/manifests/service/gpgkey.pp @@ -0,0 +1,49 @@ +# define a gpgkey to be watched +define nagios::service::gpgkey( + $ensure = 'present', + $warning = '14', + $key_info = undef, + $check_interval = 60, +){ + validate_slength($name,40,40) + require ::nagios::plugins::gpg + $gpg_home = $nagios::plugins::gpg::gpg_home + $gpg_cmd = "gpg --homedir ${gpg_home}" + + exec{"manage_key_${name}": + user => nagios, + group => nagios, + } + nagios::service{ + "check_gpg_${name}": + ensure => $ensure; + } + + if $ensure == 'present' { + Exec["manage_key_${name}"]{ + command => "${gpg_cmd} --keyserver hkps://hkps.pool.sks-keyservers.net --keyserver-options ca-cert-file=${gpg_home}/sks-keyservers.netCA.pem --recv-keys ${name}", + unless => "${gpg_cmd} --list-keys ${name}", + before => Nagios::Service["check_gpg_${name}"], + } + + Nagios::Service["check_gpg_${name}"]{ + check_command => "check_gpg!${warning}!${name}", + check_interval => $check_interval, + } + if $key_info { + Nagios::Service["check_gpg_${name}"]{ + service_description => "Keyfingerprint: ${name} - Info: ${key_info}", + } + } else { + Nagios::Service["check_gpg_${name}"]{ + service_description => "Keyfingerprint: ${name}", + } + } + } else { + Exec["manage_key_${name}"]{ + command => "${gpg_cmd} --batch --delete-key ${name}", + onlyif => "${gpg_cmd} --list-keys ${name}", + require => Nagios::Service["check_gpg_${name}"], + } + } +} diff --git a/puppet/modules/nagios/manifests/service/horde_login.pp b/puppet/modules/nagios/manifests/service/horde_login.pp new file mode 100644 index 00000000..6cab59e9 --- /dev/null +++ b/puppet/modules/nagios/manifests/service/horde_login.pp @@ -0,0 +1,18 @@ +# a horde login check +define nagios::service::horde_login( + $password, + $url, + $username = $name, + $ensure = 'present', +){ + nagios::service{ + "horde_${name}": + ensure => $ensure; + } + + if $ensure != 'absent' { + Nagios::Service["horde_${name}"]{ + check_command => "check_horde_login!${url}!${username}!${password}", + } + } +} diff --git a/puppet/modules/nagios/manifests/service/http.pp b/puppet/modules/nagios/manifests/service/http.pp new file mode 100644 index 00000000..b80c140e --- /dev/null +++ b/puppet/modules/nagios/manifests/service/http.pp @@ -0,0 +1,54 @@ +# ssl_mode: +# - false: only check http +# - true: check http and https +# - force: http is permanent redirect to https +# - only: check only https +define nagios::service::http( + $ensure = present, + $check_domain = 'absent', + $port = '80', + $check_url = '/', + $check_code = '200,301,302', + $use = 'generic-service', + $ssl_mode = false +){ + $real_check_domain = $check_domain ? { + 'absent' => $name, + default => $check_domain + } + if is_hash($check_code) { + $check_code_hash = $check_code + } else { + $check_code_hash = { + http => $check_code, + https => $check_code, + } + } + case $ssl_mode { + 'force',true,'only': { + nagios::service{"https_${name}": + ensure => $ensure, + use => $use, + check_command => "check_https_url_regex!${real_check_domain}!${check_url}!'${check_code_hash[https]}'", + } + case $ssl_mode { + 'force': { + nagios::service{"http_${name}": + ensure => $ensure, + use => $use, + check_command => "check_http_url_regex!${real_check_domain}!${port}!${check_url}!'301'", + } + } + } + } + } + case $ssl_mode { + false,true: { + nagios::service{"http_${name}": + ensure => $ensure, + use => $use, + check_command => "check_http_url_regex!${real_check_domain}!${port}!${check_url}!'${check_code_hash[http]}'", + } + } + } +} diff --git a/puppet/modules/nagios/manifests/service/imap.pp b/puppet/modules/nagios/manifests/service/imap.pp new file mode 100644 index 00000000..45b667ab --- /dev/null +++ b/puppet/modules/nagios/manifests/service/imap.pp @@ -0,0 +1,34 @@ +# check an imap service +define nagios::service::imap( + $ensure = 'present', + $host = 'absent', + $port = '143', + $tls = true, + $tls_port = '993' +){ + + $real_host = $host ? { + 'absent' => $name, + default => $host + } + + $tls_ensure = $tls ? { + true => $ensure, + default => 'absent' + } + nagios::service{ + "imap_${name}_${port}": + ensure => $ensure; + "imaps_${name}_${tls_port}": + ensure => $tls_ensure; + } + + if $ensure != 'absent' { + Nagios::Service["imap_${name}_${port}"]{ + check_command => "check_imap!${real_host}!${port}", + } + Nagios::Service["imaps_${name}_${tls_port}"]{ + check_command => "check_imap_ssl!${real_host}!${tls_port}", + } + } +} diff --git a/puppet/modules/nagios/manifests/service/imap_login.pp b/puppet/modules/nagios/manifests/service/imap_login.pp new file mode 100644 index 00000000..25303a3f --- /dev/null +++ b/puppet/modules/nagios/manifests/service/imap_login.pp @@ -0,0 +1,22 @@ +# a imap login check +define nagios::service::imap_login( + $username, + $password, + $warning = 5, + $critical = 10, + $host = $::fqdn, + $host_name = $::fqdn, + $ensure = 'present', +){ + nagios::service{ + "imap_login_${name}": + ensure => $ensure; + } + + if $ensure != 'absent' { + Nagios::Service["imap_login_${name}"]{ + check_command => "check_imap_login!${host}!${username}!${password}!${warning}!${critical}", + host_name => $host_name, + } + } +} diff --git a/puppet/modules/nagios/manifests/service/mysql.pp b/puppet/modules/nagios/manifests/service/mysql.pp new file mode 100644 index 00000000..9559b17c --- /dev/null +++ b/puppet/modules/nagios/manifests/service/mysql.pp @@ -0,0 +1,58 @@ +# Checks a mysql instance via tcp or socket +define nagios::service::mysql( + $ensure = present, + $check_host = 'absent', + $check_port = '3306', + $check_username = 'nagios', + $check_password, + $check_database = 'information_schema', + $check_warning = undef, + $check_critical = undef, + $check_health_mode = $name, + $check_name = undef, + $check_name2 = undef, + $check_regexp = undef, + $check_units = undef, + $check_mode = 'tcp' ) +{ + + if ($check_host == 'absent') { + fail("Please specify a hostname, ip address or socket to check a mysql instance.") + } + + if $check_name != undef { + $real_check_name = "!--name $check_name" + } + + if $check_warning != undef { + $real_check_warning = "!--warning $check_warning" + } + + if $check_critical != undef { + $real_check_critical = "!--critical $check_critical" + } + + case $check_mode { + 'tcp': { + if ($check_host == 'localhost') { + $real_check_host = '127.0.0.1' + } + else { + $real_check_host = $check_host + } + } + default: { + if ($check_host == '127.0.0.1') { + $real_check_host = 'localhost' + } + else { + $real_check_host = $check_host + } + } + } + + nagios::service { "mysql_health_${name}": + ensure => $ensure, + check_command => "check_mysql_health!${real_check_host}!${check_port}!${check_username}!'${check_password}'!${check_health_mode}!${check_database}${real_check_name}${real_check_warning}${real_check_critical}", + } +} diff --git a/puppet/modules/nagios/manifests/service/ntp.pp b/puppet/modules/nagios/manifests/service/ntp.pp new file mode 100644 index 00000000..b3cde2ab --- /dev/null +++ b/puppet/modules/nagios/manifests/service/ntp.pp @@ -0,0 +1,9 @@ +# manifests/service/ntp.pp + +class nagios::service::ntp { + nagios::service{ "check_ntp": + check_command => "check_ntp_time", + host_name => $::fqdn, + } +} + diff --git a/puppet/modules/nagios/manifests/service/passive.pp b/puppet/modules/nagios/manifests/service/passive.pp new file mode 100644 index 00000000..f3df1e8b --- /dev/null +++ b/puppet/modules/nagios/manifests/service/passive.pp @@ -0,0 +1,18 @@ +define nagios::service::passive( + $ensure = present, + $notification_interval = '', + $notification_period = '', + $notification_options = '', + $contact_groups = '' +) { + + nagios::service { $name: + use => 'passive-service', + check_command => 'check_dummy!0', + notification_interval => $notification_interval, + notification_period => $notification_period, + notification_options => $notification_options, + contact_groups => $contact_groups, + } + +} diff --git a/puppet/modules/nagios/manifests/service/ping.pp b/puppet/modules/nagios/manifests/service/ping.pp new file mode 100644 index 00000000..f1c8d878 --- /dev/null +++ b/puppet/modules/nagios/manifests/service/ping.pp @@ -0,0 +1,9 @@ +define nagios::service::ping( + $ensure = present, + $ping_rate = '!100.0,20%!500.0,60%' +){ + nagios::service{ "check_ping": + ensure => $ensure, + check_command => "check_ping${ping_rate}", + } +} diff --git a/puppet/modules/nagios/manifests/service/pop.pp b/puppet/modules/nagios/manifests/service/pop.pp new file mode 100644 index 00000000..9ec4aec1 --- /dev/null +++ b/puppet/modules/nagios/manifests/service/pop.pp @@ -0,0 +1,32 @@ +define nagios::service::pop( + $ensure = 'present', + $host = 'absent', + $port = '110', + $tls = true, + $tls_port = '995' +){ + + $real_host = $host ? { + 'absent' => $name, + default => $host + } + + nagios::service{ + "pop_${name}_${port}": + ensure => $ensure; + "pops_${name}_${tls_port}": + ensure => $tls ? { + true => $ensure, + default => 'absent' + }; + } + + if $ensure != 'absent' { + Nagios::Service["pop_${name}_${port}"]{ + check_command => "check_pop3!${real_host}!${port}", + } + Nagios::Service["pops_${name}_${tls_port}"]{ + check_command => "check_pop3_ssl!${real_host}!${tls_port}", + } + } +} diff --git a/puppet/modules/nagios/manifests/service/pop3_login.pp b/puppet/modules/nagios/manifests/service/pop3_login.pp new file mode 100644 index 00000000..74535289 --- /dev/null +++ b/puppet/modules/nagios/manifests/service/pop3_login.pp @@ -0,0 +1,22 @@ +# a pop3 login check +define nagios::service::pop3_login( + $username, + $password, + $warning = 5, + $critical = 10, + $host = $::fqdn, + $host_name = $::fqdn, + $ensure = 'present', +){ + nagios::service{ + "pop3_login_${name}": + ensure => $ensure; + } + + if $ensure != 'absent' { + Nagios::Service["pop3_login_${name}"]{ + check_command => "check_pop3_login!${host}!${username}!${password}!${warning}!${critical}", + host_name => $host_name, + } + } +} diff --git a/puppet/modules/nagios/manifests/service/smtp.pp b/puppet/modules/nagios/manifests/service/smtp.pp new file mode 100644 index 00000000..14237a9e --- /dev/null +++ b/puppet/modules/nagios/manifests/service/smtp.pp @@ -0,0 +1,50 @@ +# true: +# - true : check tls and plain connect *defualt* +# - false : check plain connection only +# cert_days: +# If tls is used add an additionl check +# to check for validity for cert. +# - 'absent' : do not execute that check +# - INTEGER : Minimum number of days a certificate +# has to be valid. Default: 10 +define nagios::service::smtp( + $ensure = 'present', + $host = 'absent', + $port = '25', + $tls = true, + $cert_days = 10 +){ + $real_host = $host ? { + 'absent' => $name, + default => $host + } + + nagios::service{ + "smtp_${name}_${port}": + ensure => $ensure; + "smtp_tls_${name}_${port}": + ensure => $tls ? { + true => $ensure, + default => 'absent' + }; + "smtp_tls_cert_${name}_${port}": + ensure => $cert_days ? { + 'absent' => 'absent', + default => $ensure + }; + } + + if $ensure != 'absent' { + Nagios::Service["smtp_${name}_${port}"]{ + check_command => "check_smtp!${real_host}!${port}", + } + Nagios::Service["smtp_tls_${name}_${port}"]{ + check_command => "check_smtp_tls!${real_host}!${port}", + } + if $cert_days != 'absent' { + Nagios::Service["smtp_tls_cert_${name}_${port}"]{ + check_command => "check_smtp_cert!${real_host}!${port}!${cert_days}", + } + } + } +} diff --git a/puppet/modules/nagios/manifests/service/ssmtp.pp b/puppet/modules/nagios/manifests/service/ssmtp.pp new file mode 100644 index 00000000..b05678a6 --- /dev/null +++ b/puppet/modules/nagios/manifests/service/ssmtp.pp @@ -0,0 +1,32 @@ +define nagios::service::ssmtp( + $ensure = 'present', + $host = 'absent', + $port = '465', + $cert_days = 10 +){ + $real_host = $host ? { + 'absent' => $name, + default => $host + } + + nagios::service{ + "ssmtp_${name}_${port}": + ensure => $ensure; + "ssmtp_cert_${name}_${port}": + ensure => $cert_days ? { + 'absent' => 'absent', + default => $ensure + }; + } + + if $ensure != 'absent' { + Nagios::Service["ssmtp_${name}_${port}"]{ + check_command => "check_ssmtp!${real_host}!${port}", + } + if $cert_days != 'absent' { + Nagios::Service["ssmtp_cert_${name}_${port}"]{ + check_command => "check_ssmtp_cert!${real_host}!${port}!${cert_days}", + } + } + } +} |