summaryrefslogtreecommitdiff
path: root/puppet/modules/nagios/manifests/service
diff options
context:
space:
mode:
authorMicah Anderson <micah@riseup.net>2016-11-04 10:54:28 -0400
committerMicah Anderson <micah@riseup.net>2016-11-04 10:54:28 -0400
commit34a381efa8f6295080c843f86bfa07d4e41056af (patch)
tree9282cf5d4c876688602705a7fa0002bc4a810bde /puppet/modules/nagios/manifests/service
parent0a72bc6fd292bf9367b314fcb0347c4d35042f16 (diff)
parent5821964ff7e16ca7aa9141bd09a77d355db492a9 (diff)
Merge branch 'develop'
Diffstat (limited to 'puppet/modules/nagios/manifests/service')
m---------puppet/modules/nagios0
-rw-r--r--puppet/modules/nagios/manifests/service/dns.pp19
-rw-r--r--puppet/modules/nagios/manifests/service/dns_host.pp22
-rw-r--r--puppet/modules/nagios/manifests/service/gpgkey.pp49
-rw-r--r--puppet/modules/nagios/manifests/service/horde_login.pp18
-rw-r--r--puppet/modules/nagios/manifests/service/http.pp54
-rw-r--r--puppet/modules/nagios/manifests/service/imap.pp34
-rw-r--r--puppet/modules/nagios/manifests/service/imap_login.pp22
-rw-r--r--puppet/modules/nagios/manifests/service/mysql.pp58
-rw-r--r--puppet/modules/nagios/manifests/service/ntp.pp9
-rw-r--r--puppet/modules/nagios/manifests/service/passive.pp18
-rw-r--r--puppet/modules/nagios/manifests/service/ping.pp9
-rw-r--r--puppet/modules/nagios/manifests/service/pop.pp32
-rw-r--r--puppet/modules/nagios/manifests/service/pop3_login.pp22
-rw-r--r--puppet/modules/nagios/manifests/service/smtp.pp50
-rw-r--r--puppet/modules/nagios/manifests/service/ssmtp.pp32
16 files changed, 448 insertions, 0 deletions
diff --git a/puppet/modules/nagios b/puppet/modules/nagios
deleted file mode 160000
-Subproject 68dab01a85996e14efcccf856b623a2caf25782
diff --git a/puppet/modules/nagios/manifests/service/dns.pp b/puppet/modules/nagios/manifests/service/dns.pp
new file mode 100644
index 00000000..5ef6e3e8
--- /dev/null
+++ b/puppet/modules/nagios/manifests/service/dns.pp
@@ -0,0 +1,19 @@
+define nagios::service::dns(
+ $host_name = $::fqdn,
+ $comment = $name,
+ $check_domain = $name,
+ $ip
+){
+ if $name != $comment {
+ $check_name = "${comment}_${name}_${::hostname}"
+ } else {
+ $check_name = "${name}_${::hostname}"
+ }
+
+ nagios::service{
+ $check_name:
+ check_command => "check_dns2!${check_domain}!${ip}",
+ host_name => $host_name,
+ service_description => "check if ${::host_name} is resolving ${check_domain}";
+ }
+}
diff --git a/puppet/modules/nagios/manifests/service/dns_host.pp b/puppet/modules/nagios/manifests/service/dns_host.pp
new file mode 100644
index 00000000..d88f3735
--- /dev/null
+++ b/puppet/modules/nagios/manifests/service/dns_host.pp
@@ -0,0 +1,22 @@
+# add a special host and monitor
+# it's dns service
+define nagios::service::dns_host(
+ $check_domain,
+ $host_alias,
+ $parent,
+ $ip
+){
+ @@nagios_host{$name:
+ address => $ip,
+ alias => $host_alias,
+ use => 'generic-host',
+ parents => $parent,
+ }
+
+ nagios::service::dns{$name:
+ host_name => $name,
+ comment => 'public_ns',
+ check_domain => $check_domain,
+ ip => $ip,
+ }
+}
diff --git a/puppet/modules/nagios/manifests/service/gpgkey.pp b/puppet/modules/nagios/manifests/service/gpgkey.pp
new file mode 100644
index 00000000..df13ca88
--- /dev/null
+++ b/puppet/modules/nagios/manifests/service/gpgkey.pp
@@ -0,0 +1,49 @@
+# define a gpgkey to be watched
+define nagios::service::gpgkey(
+ $ensure = 'present',
+ $warning = '14',
+ $key_info = undef,
+ $check_interval = 60,
+){
+ validate_slength($name,40,40)
+ require ::nagios::plugins::gpg
+ $gpg_home = $nagios::plugins::gpg::gpg_home
+ $gpg_cmd = "gpg --homedir ${gpg_home}"
+
+ exec{"manage_key_${name}":
+ user => nagios,
+ group => nagios,
+ }
+ nagios::service{
+ "check_gpg_${name}":
+ ensure => $ensure;
+ }
+
+ if $ensure == 'present' {
+ Exec["manage_key_${name}"]{
+ command => "${gpg_cmd} --keyserver hkps://hkps.pool.sks-keyservers.net --keyserver-options ca-cert-file=${gpg_home}/sks-keyservers.netCA.pem --recv-keys ${name}",
+ unless => "${gpg_cmd} --list-keys ${name}",
+ before => Nagios::Service["check_gpg_${name}"],
+ }
+
+ Nagios::Service["check_gpg_${name}"]{
+ check_command => "check_gpg!${warning}!${name}",
+ check_interval => $check_interval,
+ }
+ if $key_info {
+ Nagios::Service["check_gpg_${name}"]{
+ service_description => "Keyfingerprint: ${name} - Info: ${key_info}",
+ }
+ } else {
+ Nagios::Service["check_gpg_${name}"]{
+ service_description => "Keyfingerprint: ${name}",
+ }
+ }
+ } else {
+ Exec["manage_key_${name}"]{
+ command => "${gpg_cmd} --batch --delete-key ${name}",
+ onlyif => "${gpg_cmd} --list-keys ${name}",
+ require => Nagios::Service["check_gpg_${name}"],
+ }
+ }
+}
diff --git a/puppet/modules/nagios/manifests/service/horde_login.pp b/puppet/modules/nagios/manifests/service/horde_login.pp
new file mode 100644
index 00000000..6cab59e9
--- /dev/null
+++ b/puppet/modules/nagios/manifests/service/horde_login.pp
@@ -0,0 +1,18 @@
+# a horde login check
+define nagios::service::horde_login(
+ $password,
+ $url,
+ $username = $name,
+ $ensure = 'present',
+){
+ nagios::service{
+ "horde_${name}":
+ ensure => $ensure;
+ }
+
+ if $ensure != 'absent' {
+ Nagios::Service["horde_${name}"]{
+ check_command => "check_horde_login!${url}!${username}!${password}",
+ }
+ }
+}
diff --git a/puppet/modules/nagios/manifests/service/http.pp b/puppet/modules/nagios/manifests/service/http.pp
new file mode 100644
index 00000000..b80c140e
--- /dev/null
+++ b/puppet/modules/nagios/manifests/service/http.pp
@@ -0,0 +1,54 @@
+# ssl_mode:
+# - false: only check http
+# - true: check http and https
+# - force: http is permanent redirect to https
+# - only: check only https
+define nagios::service::http(
+ $ensure = present,
+ $check_domain = 'absent',
+ $port = '80',
+ $check_url = '/',
+ $check_code = '200,301,302',
+ $use = 'generic-service',
+ $ssl_mode = false
+){
+ $real_check_domain = $check_domain ? {
+ 'absent' => $name,
+ default => $check_domain
+ }
+ if is_hash($check_code) {
+ $check_code_hash = $check_code
+ } else {
+ $check_code_hash = {
+ http => $check_code,
+ https => $check_code,
+ }
+ }
+ case $ssl_mode {
+ 'force',true,'only': {
+ nagios::service{"https_${name}":
+ ensure => $ensure,
+ use => $use,
+ check_command => "check_https_url_regex!${real_check_domain}!${check_url}!'${check_code_hash[https]}'",
+ }
+ case $ssl_mode {
+ 'force': {
+ nagios::service{"http_${name}":
+ ensure => $ensure,
+ use => $use,
+ check_command => "check_http_url_regex!${real_check_domain}!${port}!${check_url}!'301'",
+ }
+ }
+ }
+ }
+ }
+ case $ssl_mode {
+ false,true: {
+ nagios::service{"http_${name}":
+ ensure => $ensure,
+ use => $use,
+ check_command => "check_http_url_regex!${real_check_domain}!${port}!${check_url}!'${check_code_hash[http]}'",
+ }
+ }
+ }
+}
diff --git a/puppet/modules/nagios/manifests/service/imap.pp b/puppet/modules/nagios/manifests/service/imap.pp
new file mode 100644
index 00000000..45b667ab
--- /dev/null
+++ b/puppet/modules/nagios/manifests/service/imap.pp
@@ -0,0 +1,34 @@
+# check an imap service
+define nagios::service::imap(
+ $ensure = 'present',
+ $host = 'absent',
+ $port = '143',
+ $tls = true,
+ $tls_port = '993'
+){
+
+ $real_host = $host ? {
+ 'absent' => $name,
+ default => $host
+ }
+
+ $tls_ensure = $tls ? {
+ true => $ensure,
+ default => 'absent'
+ }
+ nagios::service{
+ "imap_${name}_${port}":
+ ensure => $ensure;
+ "imaps_${name}_${tls_port}":
+ ensure => $tls_ensure;
+ }
+
+ if $ensure != 'absent' {
+ Nagios::Service["imap_${name}_${port}"]{
+ check_command => "check_imap!${real_host}!${port}",
+ }
+ Nagios::Service["imaps_${name}_${tls_port}"]{
+ check_command => "check_imap_ssl!${real_host}!${tls_port}",
+ }
+ }
+}
diff --git a/puppet/modules/nagios/manifests/service/imap_login.pp b/puppet/modules/nagios/manifests/service/imap_login.pp
new file mode 100644
index 00000000..25303a3f
--- /dev/null
+++ b/puppet/modules/nagios/manifests/service/imap_login.pp
@@ -0,0 +1,22 @@
+# a imap login check
+define nagios::service::imap_login(
+ $username,
+ $password,
+ $warning = 5,
+ $critical = 10,
+ $host = $::fqdn,
+ $host_name = $::fqdn,
+ $ensure = 'present',
+){
+ nagios::service{
+ "imap_login_${name}":
+ ensure => $ensure;
+ }
+
+ if $ensure != 'absent' {
+ Nagios::Service["imap_login_${name}"]{
+ check_command => "check_imap_login!${host}!${username}!${password}!${warning}!${critical}",
+ host_name => $host_name,
+ }
+ }
+}
diff --git a/puppet/modules/nagios/manifests/service/mysql.pp b/puppet/modules/nagios/manifests/service/mysql.pp
new file mode 100644
index 00000000..9559b17c
--- /dev/null
+++ b/puppet/modules/nagios/manifests/service/mysql.pp
@@ -0,0 +1,58 @@
+# Checks a mysql instance via tcp or socket
+define nagios::service::mysql(
+ $ensure = present,
+ $check_host = 'absent',
+ $check_port = '3306',
+ $check_username = 'nagios',
+ $check_password,
+ $check_database = 'information_schema',
+ $check_warning = undef,
+ $check_critical = undef,
+ $check_health_mode = $name,
+ $check_name = undef,
+ $check_name2 = undef,
+ $check_regexp = undef,
+ $check_units = undef,
+ $check_mode = 'tcp' )
+{
+
+ if ($check_host == 'absent') {
+ fail("Please specify a hostname, ip address or socket to check a mysql instance.")
+ }
+
+ if $check_name != undef {
+ $real_check_name = "!--name $check_name"
+ }
+
+ if $check_warning != undef {
+ $real_check_warning = "!--warning $check_warning"
+ }
+
+ if $check_critical != undef {
+ $real_check_critical = "!--critical $check_critical"
+ }
+
+ case $check_mode {
+ 'tcp': {
+ if ($check_host == 'localhost') {
+ $real_check_host = '127.0.0.1'
+ }
+ else {
+ $real_check_host = $check_host
+ }
+ }
+ default: {
+ if ($check_host == '127.0.0.1') {
+ $real_check_host = 'localhost'
+ }
+ else {
+ $real_check_host = $check_host
+ }
+ }
+ }
+
+ nagios::service { "mysql_health_${name}":
+ ensure => $ensure,
+ check_command => "check_mysql_health!${real_check_host}!${check_port}!${check_username}!'${check_password}'!${check_health_mode}!${check_database}${real_check_name}${real_check_warning}${real_check_critical}",
+ }
+}
diff --git a/puppet/modules/nagios/manifests/service/ntp.pp b/puppet/modules/nagios/manifests/service/ntp.pp
new file mode 100644
index 00000000..b3cde2ab
--- /dev/null
+++ b/puppet/modules/nagios/manifests/service/ntp.pp
@@ -0,0 +1,9 @@
+# manifests/service/ntp.pp
+
+class nagios::service::ntp {
+ nagios::service{ "check_ntp":
+ check_command => "check_ntp_time",
+ host_name => $::fqdn,
+ }
+}
+
diff --git a/puppet/modules/nagios/manifests/service/passive.pp b/puppet/modules/nagios/manifests/service/passive.pp
new file mode 100644
index 00000000..f3df1e8b
--- /dev/null
+++ b/puppet/modules/nagios/manifests/service/passive.pp
@@ -0,0 +1,18 @@
+define nagios::service::passive(
+ $ensure = present,
+ $notification_interval = '',
+ $notification_period = '',
+ $notification_options = '',
+ $contact_groups = ''
+) {
+
+ nagios::service { $name:
+ use => 'passive-service',
+ check_command => 'check_dummy!0',
+ notification_interval => $notification_interval,
+ notification_period => $notification_period,
+ notification_options => $notification_options,
+ contact_groups => $contact_groups,
+ }
+
+}
diff --git a/puppet/modules/nagios/manifests/service/ping.pp b/puppet/modules/nagios/manifests/service/ping.pp
new file mode 100644
index 00000000..f1c8d878
--- /dev/null
+++ b/puppet/modules/nagios/manifests/service/ping.pp
@@ -0,0 +1,9 @@
+define nagios::service::ping(
+ $ensure = present,
+ $ping_rate = '!100.0,20%!500.0,60%'
+){
+ nagios::service{ "check_ping":
+ ensure => $ensure,
+ check_command => "check_ping${ping_rate}",
+ }
+}
diff --git a/puppet/modules/nagios/manifests/service/pop.pp b/puppet/modules/nagios/manifests/service/pop.pp
new file mode 100644
index 00000000..9ec4aec1
--- /dev/null
+++ b/puppet/modules/nagios/manifests/service/pop.pp
@@ -0,0 +1,32 @@
+define nagios::service::pop(
+ $ensure = 'present',
+ $host = 'absent',
+ $port = '110',
+ $tls = true,
+ $tls_port = '995'
+){
+
+ $real_host = $host ? {
+ 'absent' => $name,
+ default => $host
+ }
+
+ nagios::service{
+ "pop_${name}_${port}":
+ ensure => $ensure;
+ "pops_${name}_${tls_port}":
+ ensure => $tls ? {
+ true => $ensure,
+ default => 'absent'
+ };
+ }
+
+ if $ensure != 'absent' {
+ Nagios::Service["pop_${name}_${port}"]{
+ check_command => "check_pop3!${real_host}!${port}",
+ }
+ Nagios::Service["pops_${name}_${tls_port}"]{
+ check_command => "check_pop3_ssl!${real_host}!${tls_port}",
+ }
+ }
+}
diff --git a/puppet/modules/nagios/manifests/service/pop3_login.pp b/puppet/modules/nagios/manifests/service/pop3_login.pp
new file mode 100644
index 00000000..74535289
--- /dev/null
+++ b/puppet/modules/nagios/manifests/service/pop3_login.pp
@@ -0,0 +1,22 @@
+# a pop3 login check
+define nagios::service::pop3_login(
+ $username,
+ $password,
+ $warning = 5,
+ $critical = 10,
+ $host = $::fqdn,
+ $host_name = $::fqdn,
+ $ensure = 'present',
+){
+ nagios::service{
+ "pop3_login_${name}":
+ ensure => $ensure;
+ }
+
+ if $ensure != 'absent' {
+ Nagios::Service["pop3_login_${name}"]{
+ check_command => "check_pop3_login!${host}!${username}!${password}!${warning}!${critical}",
+ host_name => $host_name,
+ }
+ }
+}
diff --git a/puppet/modules/nagios/manifests/service/smtp.pp b/puppet/modules/nagios/manifests/service/smtp.pp
new file mode 100644
index 00000000..14237a9e
--- /dev/null
+++ b/puppet/modules/nagios/manifests/service/smtp.pp
@@ -0,0 +1,50 @@
+# true:
+# - true : check tls and plain connect *defualt*
+# - false : check plain connection only
+# cert_days:
+# If tls is used add an additionl check
+# to check for validity for cert.
+# - 'absent' : do not execute that check
+# - INTEGER : Minimum number of days a certificate
+# has to be valid. Default: 10
+define nagios::service::smtp(
+ $ensure = 'present',
+ $host = 'absent',
+ $port = '25',
+ $tls = true,
+ $cert_days = 10
+){
+ $real_host = $host ? {
+ 'absent' => $name,
+ default => $host
+ }
+
+ nagios::service{
+ "smtp_${name}_${port}":
+ ensure => $ensure;
+ "smtp_tls_${name}_${port}":
+ ensure => $tls ? {
+ true => $ensure,
+ default => 'absent'
+ };
+ "smtp_tls_cert_${name}_${port}":
+ ensure => $cert_days ? {
+ 'absent' => 'absent',
+ default => $ensure
+ };
+ }
+
+ if $ensure != 'absent' {
+ Nagios::Service["smtp_${name}_${port}"]{
+ check_command => "check_smtp!${real_host}!${port}",
+ }
+ Nagios::Service["smtp_tls_${name}_${port}"]{
+ check_command => "check_smtp_tls!${real_host}!${port}",
+ }
+ if $cert_days != 'absent' {
+ Nagios::Service["smtp_tls_cert_${name}_${port}"]{
+ check_command => "check_smtp_cert!${real_host}!${port}!${cert_days}",
+ }
+ }
+ }
+}
diff --git a/puppet/modules/nagios/manifests/service/ssmtp.pp b/puppet/modules/nagios/manifests/service/ssmtp.pp
new file mode 100644
index 00000000..b05678a6
--- /dev/null
+++ b/puppet/modules/nagios/manifests/service/ssmtp.pp
@@ -0,0 +1,32 @@
+define nagios::service::ssmtp(
+ $ensure = 'present',
+ $host = 'absent',
+ $port = '465',
+ $cert_days = 10
+){
+ $real_host = $host ? {
+ 'absent' => $name,
+ default => $host
+ }
+
+ nagios::service{
+ "ssmtp_${name}_${port}":
+ ensure => $ensure;
+ "ssmtp_cert_${name}_${port}":
+ ensure => $cert_days ? {
+ 'absent' => 'absent',
+ default => $ensure
+ };
+ }
+
+ if $ensure != 'absent' {
+ Nagios::Service["ssmtp_${name}_${port}"]{
+ check_command => "check_ssmtp!${real_host}!${port}",
+ }
+ if $cert_days != 'absent' {
+ Nagios::Service["ssmtp_cert_${name}_${port}"]{
+ check_command => "check_ssmtp_cert!${real_host}!${port}!${cert_days}",
+ }
+ }
+ }
+}