summaryrefslogtreecommitdiff
path: root/puppet/modules/nagios/manifests
diff options
context:
space:
mode:
Diffstat (limited to 'puppet/modules/nagios/manifests')
m---------puppet/modules/nagios0
-rw-r--r--puppet/modules/nagios/manifests/apache.pp15
-rw-r--r--puppet/modules/nagios/manifests/base.pp144
-rw-r--r--puppet/modules/nagios/manifests/centos.pp42
-rw-r--r--puppet/modules/nagios/manifests/command/imap_pop3.pp30
-rw-r--r--puppet/modules/nagios/manifests/command/nrpe.pp14
-rw-r--r--puppet/modules/nagios/manifests/command/nrpe_timeout.pp11
-rw-r--r--puppet/modules/nagios/manifests/command/smtp.pp22
-rw-r--r--puppet/modules/nagios/manifests/debian.pp54
-rw-r--r--puppet/modules/nagios/manifests/debian/apache.pp22
-rw-r--r--puppet/modules/nagios/manifests/defaults.pp12
-rw-r--r--puppet/modules/nagios/manifests/defaults/commands.pp145
-rw-r--r--puppet/modules/nagios/manifests/defaults/contactgroups.pp9
-rw-r--r--puppet/modules/nagios/manifests/defaults/contacts.pp15
-rw-r--r--puppet/modules/nagios/manifests/defaults/host_templates.pp24
-rw-r--r--puppet/modules/nagios/manifests/defaults/hostgroups.pp11
-rw-r--r--puppet/modules/nagios/manifests/defaults/plugins.pp10
-rw-r--r--puppet/modules/nagios/manifests/defaults/pnp4nagios.pp14
-rw-r--r--puppet/modules/nagios/manifests/defaults/service_templates.pp32
-rw-r--r--puppet/modules/nagios/manifests/defaults/templates.pp17
-rw-r--r--puppet/modules/nagios/manifests/defaults/timeperiods.pp33
-rw-r--r--puppet/modules/nagios/manifests/defaults/vars.pp11
-rw-r--r--puppet/modules/nagios/manifests/headless.pp5
-rw-r--r--puppet/modules/nagios/manifests/init.pp56
-rw-r--r--puppet/modules/nagios/manifests/irc_bot.pp50
-rw-r--r--puppet/modules/nagios/manifests/irc_bot/base.pp41
-rw-r--r--puppet/modules/nagios/manifests/irc_bot/centos.pp9
-rw-r--r--puppet/modules/nagios/manifests/irc_bot/debian.pp8
-rw-r--r--puppet/modules/nagios/manifests/irc_bot/disable.pp8
-rw-r--r--puppet/modules/nagios/manifests/lighttpd.pp12
-rw-r--r--puppet/modules/nagios/manifests/munin.pp19
-rw-r--r--puppet/modules/nagios/manifests/nrpe.pp41
-rw-r--r--puppet/modules/nagios/manifests/nrpe/base.pp58
-rw-r--r--puppet/modules/nagios/manifests/nrpe/command.pp34
-rw-r--r--puppet/modules/nagios/manifests/nrpe/debian.pp6
-rw-r--r--puppet/modules/nagios/manifests/nrpe/freebsd.pp16
-rw-r--r--puppet/modules/nagios/manifests/nrpe/linux.pp9
-rw-r--r--puppet/modules/nagios/manifests/nrpe/xinetd.pp11
-rw-r--r--puppet/modules/nagios/manifests/nsca.pp3
-rw-r--r--puppet/modules/nagios/manifests/nsca/client.pp18
-rw-r--r--puppet/modules/nagios/manifests/nsca/server.pp24
-rw-r--r--puppet/modules/nagios/manifests/plugin.pp28
-rw-r--r--puppet/modules/nagios/manifests/plugin/deploy.pp41
-rw-r--r--puppet/modules/nagios/manifests/plugin/scriptpaths.pp6
-rw-r--r--puppet/modules/nagios/manifests/plugins/gpg.pp30
-rw-r--r--puppet/modules/nagios/manifests/plugins/horde_login.pp11
-rw-r--r--puppet/modules/nagios/manifests/plugins/jabber.pp10
-rw-r--r--puppet/modules/nagios/manifests/plugins/mail_login.pp10
-rw-r--r--puppet/modules/nagios/manifests/pnp4nagios.pp68
-rw-r--r--puppet/modules/nagios/manifests/pnp4nagios/popup.pp24
-rw-r--r--puppet/modules/nagios/manifests/service.pp91
-rw-r--r--puppet/modules/nagios/manifests/service/dns.pp19
-rw-r--r--puppet/modules/nagios/manifests/service/dns_host.pp22
-rw-r--r--puppet/modules/nagios/manifests/service/gpgkey.pp49
-rw-r--r--puppet/modules/nagios/manifests/service/horde_login.pp18
-rw-r--r--puppet/modules/nagios/manifests/service/http.pp54
-rw-r--r--puppet/modules/nagios/manifests/service/imap.pp34
-rw-r--r--puppet/modules/nagios/manifests/service/imap_login.pp22
-rw-r--r--puppet/modules/nagios/manifests/service/mysql.pp58
-rw-r--r--puppet/modules/nagios/manifests/service/ntp.pp9
-rw-r--r--puppet/modules/nagios/manifests/service/passive.pp18
-rw-r--r--puppet/modules/nagios/manifests/service/ping.pp9
-rw-r--r--puppet/modules/nagios/manifests/service/pop.pp32
-rw-r--r--puppet/modules/nagios/manifests/service/pop3_login.pp22
-rw-r--r--puppet/modules/nagios/manifests/service/smtp.pp50
-rw-r--r--puppet/modules/nagios/manifests/service/ssmtp.pp32
-rw-r--r--puppet/modules/nagios/manifests/storeconfigs.pp61
-rw-r--r--puppet/modules/nagios/manifests/stored_config.pp19
-rw-r--r--puppet/modules/nagios/manifests/target.pp32
-rw-r--r--puppet/modules/nagios/manifests/target/fqdn.pp12
70 files changed, 2006 insertions, 0 deletions
diff --git a/puppet/modules/nagios b/puppet/modules/nagios
deleted file mode 160000
-Subproject 68dab01a85996e14efcccf856b623a2caf25782
diff --git a/puppet/modules/nagios/manifests/apache.pp b/puppet/modules/nagios/manifests/apache.pp
new file mode 100644
index 00000000..87fe3d2f
--- /dev/null
+++ b/puppet/modules/nagios/manifests/apache.pp
@@ -0,0 +1,15 @@
+# setup naguis together with apache
+class nagios::apache(
+ $allow_external_cmd = false,
+ $manage_shorewall = false,
+ $manage_munin = false,
+ $storeconfigs = true
+) {
+ class{'::nagios':
+ httpd => 'apache',
+ allow_external_cmd => $allow_external_cmd,
+ manage_munin => $manage_munin,
+ manage_shorewall => $manage_shorewall,
+ storeconfigs => $storeconfigs
+ }
+}
diff --git a/puppet/modules/nagios/manifests/base.pp b/puppet/modules/nagios/manifests/base.pp
new file mode 100644
index 00000000..18d5c12f
--- /dev/null
+++ b/puppet/modules/nagios/manifests/base.pp
@@ -0,0 +1,144 @@
+# basic stuff for nagios
+class nagios::base {
+ # include the variables
+ include ::nagios::defaults::vars
+
+ package { 'nagios':
+ ensure => present,
+ }
+
+ service { 'nagios':
+ ensure => running,
+ enable => $nagios::service_at_boot,
+ require => Package['nagios'],
+ }
+
+ $cfg_dir = $nagios::defaults::vars::int_cfgdir
+ # this file should contain all the nagios_puppet-paths:
+ file{
+ 'nagios_cfgdir':
+ ensure => directory,
+ path => $cfg_dir,
+ alias => nagios_confd,
+ recurse => true,
+ purge => true,
+ force => true,
+ require => Package['nagios'],
+ notify => Service['nagios'],
+ owner => root,
+ group => root,
+ mode => '0755';
+ 'nagios_main_cfg':
+ path => "${cfg_dir}/nagios.cfg",
+ source => [ "puppet:///modules/site_nagios/configs/${::fqdn}/nagios.cfg",
+ "puppet:///modules/site_nagios/configs/${::operatingsystem}/nagios.cfg",
+ 'puppet:///modules/site_nagios/configs/nagios.cfg',
+ "puppet:///modules/nagios/configs/${::operatingsystem}/nagios.cfg",
+ 'puppet:///modules/nagios/configs/nagios.cfg' ],
+ notify => Service['nagios'],
+ owner => root,
+ group => root,
+ mode => '0644';
+ 'nagios_cgi_cfg':
+ path => "${cfg_dir}/cgi.cfg",
+ source => [ "puppet:///modules/site_nagios/configs/${::fqdn}/cgi.cfg",
+ "puppet:///modules/site_nagios/configs/${::operatingsystem}/cgi.cfg",
+ 'puppet:///modules/site_nagios/configs/cgi.cfg',
+ "puppet:///modules/nagios/configs/${::operatingsystem}/cgi.cfg",
+ 'puppet:///modules/nagios/configs/cgi.cfg' ],
+ notify => Service['apache'],
+ owner => 'root',
+ group => 0,
+ mode => '0644';
+ 'nagios_htpasswd':
+ path => "${cfg_dir}/htpasswd.users",
+ source => [ 'puppet:///modules/site_nagios/htpasswd.users',
+ 'puppet:///modules/nagios/htpasswd.users' ],
+ owner => root,
+ group => apache,
+ mode => '0640';
+ 'nagios_resource_cfg':
+ path => "${cfg_dir}/resource.cfg",
+ source => [ "puppet:///modules/site_nagios/configs/${::operatingsystem}/private/resource.cfg.${::architecture}",
+ "puppet:///modules/nagios/configs/${::operatingsystem}/private/resource.cfg.${::architecture}" ],
+ notify => Service['nagios'],
+ owner => root,
+ group => nagios,
+ mode => '0640';
+ }
+
+ if $cfg_dir == '/etc/nagios3' {
+ file{'/etc/nagios':
+ ensure => link,
+ target => $cfg_dir,
+ before => File['nagios_cfgdir'],
+ }
+ }
+
+ file{
+ [ "${cfg_dir}/nagios_command.cfg",
+ "${cfg_dir}/nagios_contact.cfg",
+ "${cfg_dir}/nagios_contactgroup.cfg",
+ "${cfg_dir}/nagios_host.cfg",
+ "${cfg_dir}/nagios_hostdependency.cfg",
+ "${cfg_dir}/nagios_hostescalation.cfg",
+ "${cfg_dir}/nagios_hostextinfo.cfg",
+ "${cfg_dir}/nagios_hostgroup.cfg",
+ "${cfg_dir}/nagios_hostgroupescalation.cfg",
+ "${cfg_dir}/nagios_service.cfg",
+ "${cfg_dir}/nagios_servicedependency.cfg",
+ "${cfg_dir}/nagios_serviceescalation.cfg",
+ "${cfg_dir}/nagios_serviceextinfo.cfg",
+ "${cfg_dir}/nagios_servicegroup.cfg",
+ "${cfg_dir}/nagios_timeperiod.cfg" ]:
+ ensure => file,
+ replace => false,
+ notify => Service['nagios'],
+ require => File['nagios_cfgdir'],
+ owner => root,
+ group => 0,
+ mode => '0644';
+ }
+
+ resources {
+ [
+ 'nagios_command',
+ 'nagios_contactgroup',
+ 'nagios_contact',
+ 'nagios_hostdependency',
+ 'nagios_hostescalation',
+ 'nagios_hostextinfo',
+ 'nagios_hostgroup',
+ 'nagios_host',
+ 'nagios_servicedependency',
+ 'nagios_serviceescalation',
+ 'nagios_servicegroup',
+ 'nagios_serviceextinfo',
+ 'nagios_service',
+ 'nagios_timeperiod',
+ ]:
+ notify => Service['nagios'],
+ purge => $::nagios::purge_resources
+ }
+
+ # make sure nagios resources are defined after nagios is
+ # installed and the nagios_cfgdir resource is present
+ File['nagios_cfgdir'] -> Nagios_command <||>
+ File['nagios_cfgdir'] -> Nagios_contactgroup <||>
+ File['nagios_cfgdir'] -> Nagios_contact <||>
+ File['nagios_cfgdir'] -> Nagios_hostdependency <||>
+ File['nagios_cfgdir'] -> Nagios_hostescalation <||>
+ File['nagios_cfgdir'] -> Nagios_hostextinfo <||>
+ File['nagios_cfgdir'] -> Nagios_hostgroup <||>
+ File['nagios_cfgdir'] -> Nagios_host <||>
+ File['nagios_cfgdir'] -> Nagios_servicedependency <||>
+ File['nagios_cfgdir'] -> Nagios_serviceescalation <||>
+ File['nagios_cfgdir'] -> Nagios_servicegroup <||>
+ File['nagios_cfgdir'] -> Nagios_serviceextinfo <||>
+ File['nagios_cfgdir'] -> Nagios_service <||>
+ File['nagios_cfgdir'] -> Nagios_timeperiod <||>
+
+ if ( $nagios::storeconfigs == true ) {
+ include ::nagios::storeconfigs
+ }
+}
diff --git a/puppet/modules/nagios/manifests/centos.pp b/puppet/modules/nagios/manifests/centos.pp
new file mode 100644
index 00000000..f41d46dc
--- /dev/null
+++ b/puppet/modules/nagios/manifests/centos.pp
@@ -0,0 +1,42 @@
+# centos specific changes
+class nagios::centos inherits nagios::base {
+
+ package { [ 'nagios-plugins', 'nagios-plugins-smtp','nagios-plugins-http',
+ 'nagios-plugins-ssh', 'nagios-plugins-tcp', 'nagios-plugins-dig',
+ 'nagios-plugins-nrpe', 'nagios-plugins-load', 'nagios-plugins-dns',
+ 'nagios-plugins-ping', 'nagios-plugins-procs', 'nagios-plugins-users',
+ 'nagios-plugins-ldap', 'nagios-plugins-disk', 'nagios-plugins-swap',
+ 'nagios-plugins-nagios', 'nagios-plugins-perl', 'nagios-plugins-ntp',
+ 'nagios-plugins-snmp' ]:
+ ensure => 'present',
+ notify => Service['nagios'],
+ }
+
+ Service['nagios']{
+ hasstatus => true,
+ }
+
+ file{
+ 'nagios_private':
+ ensure => directory,
+ path => "${nagios::base::cfg_dir}/private",
+ purge => true,
+ recurse => true,
+ notify => Service['nagios'],
+ owner => root,
+ group => nagios,
+ mode => '0750';
+ }
+ File['nagios_resource_cfg']{
+ path => "${nagios::base::cfg_dir}/private/resource.cfg",
+ }
+ if $nagios::allow_external_cmd {
+ file{'/var/spool/nagios/cmd':
+ ensure => 'directory',
+ require => Package['nagios'],
+ owner => apache,
+ group => nagios,
+ mode => '2660',
+ }
+ }
+}
diff --git a/puppet/modules/nagios/manifests/command/imap_pop3.pp b/puppet/modules/nagios/manifests/command/imap_pop3.pp
new file mode 100644
index 00000000..42e4092b
--- /dev/null
+++ b/puppet/modules/nagios/manifests/command/imap_pop3.pp
@@ -0,0 +1,30 @@
+# manage mail checks
+class nagios::command::imap_pop3 {
+ require ::nagios::plugins::mail_login
+ case $::operatingsystem {
+ 'Debian','Ubuntu': { } # Debian/Ubuntu already define those checks
+ default: {
+ nagios_command {
+ 'check_imap':
+ command_line => '$USER1$/check_imap -H $ARG1$ -p $ARG2$';
+ }
+ }
+ }
+
+ nagios_command {
+ 'check_imap_ssl':
+ command_line => '$USER1$/check_imap -H $ARG1$ -p $ARG2$ -S';
+ 'check_pop3':
+ command_line => '$USER1$/check_pop -H $ARG1$ -p $ARG2$';
+ 'check_pop3_ssl':
+ command_line => '$USER1$/check_pop -H $ARG1$ -p $ARG2$ -S';
+ 'check_managesieve':
+ command_line => '$USER1$/check_tcp -H $ARG1$ -p 4190';
+ 'check_managesieve_legacy':
+ command_line => '$USER1$/check_tcp -H $ARG1$ -p 2000';
+ 'check_imap_login':
+ command_line => '$USER1$/check_imap_login -s -H $ARG1$ -u $ARG2$ -p $ARG3$ -w $ARG4$ -c $ARG5$';
+ 'check_pop3_login':
+ command_line => '$USER1$/check_pop3_login -s -H $ARG1$ -u $ARG2$ -p $ARG3$ -w $ARG4$ -c $ARG5$';
+ }
+}
diff --git a/puppet/modules/nagios/manifests/command/nrpe.pp b/puppet/modules/nagios/manifests/command/nrpe.pp
new file mode 100644
index 00000000..7539a266
--- /dev/null
+++ b/puppet/modules/nagios/manifests/command/nrpe.pp
@@ -0,0 +1,14 @@
+class nagios::command::nrpe {
+
+ # this command runs a program $ARG1$ with arguments $ARG2$
+ nagios_command {
+ 'check_nrpe':
+ command_line => '/usr/lib/nagios/plugins/check_nrpe -H $HOSTADDRESS$ -c $ARG1$ -a $ARG2$'
+ }
+
+ # this command runs a program $ARG1$ with no arguments
+ nagios_command {
+ 'check_nrpe_1arg':
+ command_line => '/usr/lib/nagios/plugins/check_nrpe -H $HOSTADDRESS$ -c $ARG1$'
+ }
+}
diff --git a/puppet/modules/nagios/manifests/command/nrpe_timeout.pp b/puppet/modules/nagios/manifests/command/nrpe_timeout.pp
new file mode 100644
index 00000000..799f2fc3
--- /dev/null
+++ b/puppet/modules/nagios/manifests/command/nrpe_timeout.pp
@@ -0,0 +1,11 @@
+class nagios::command::nrpe_timeout {
+ nagios_command {
+ 'check_nrpe_timeout':
+ command_line => '/usr/lib/nagios/plugins/check_nrpe -t $ARG1$ -H $HOSTADDRESS$ -c $ARG2$ -a $ARG3$',
+ require => Package['nagios-nrpe-server'];
+
+ 'check_nrpe_1arg_timeout':
+ command_line => '/usr/lib/nagios/plugins/check_nrpe -t $ARG1$ -H $HOSTADDRESS$ -c $ARG2$',
+ require => Package['nagios-nrpe-server']
+ }
+}
diff --git a/puppet/modules/nagios/manifests/command/smtp.pp b/puppet/modules/nagios/manifests/command/smtp.pp
new file mode 100644
index 00000000..29d97f8b
--- /dev/null
+++ b/puppet/modules/nagios/manifests/command/smtp.pp
@@ -0,0 +1,22 @@
+class nagios::command::smtp {
+ case $operatingsystem {
+ debian,ubuntu: { } # Debian/Ubuntu already define those checks
+ default: {
+ nagios_command {
+ 'check_smtp':
+ command_line => '$USER1$/check_smtp -H $ARG1$ -p $ARG2$';
+ 'check_ssmtp':
+ command_line => '$USER1$/check_ssmtp -H $ARG1$ -p $ARG2$ -S';
+ }
+ }
+ }
+
+ nagios_command {
+ 'check_smtp_tls':
+ command_line => '$USER1$/check_smtp -H $ARG1$ -p $ARG2$ -S';
+ 'check_smtp_cert':
+ command_line => '$USER1$/check_smtp -H $ARG1$ -p $ARG2$ -S -D $ARG3$';
+ 'check_ssmtp_cert':
+ command_line => '$USER1$/check_ssmtp -H $ARG1$ -p $ARG2$ -S -D $ARG3$';
+ }
+}
diff --git a/puppet/modules/nagios/manifests/debian.pp b/puppet/modules/nagios/manifests/debian.pp
new file mode 100644
index 00000000..39af973e
--- /dev/null
+++ b/puppet/modules/nagios/manifests/debian.pp
@@ -0,0 +1,54 @@
+# debian specific things
+class nagios::debian inherits nagios::base {
+
+ Package['nagios'] { name => 'nagios3' }
+
+ package { [ 'nagios-plugins', 'nagios-snmp-plugins','nagios-nrpe-plugin' ]:
+ ensure => 'present',
+ notify => Service['nagios'],
+ }
+
+ Service['nagios'] {
+ name => 'nagios3',
+ hasstatus => true,
+ }
+
+ File['nagios_htpasswd', 'nagios_cgi_cfg'] { group => 'www-data' }
+
+ file{
+ 'nagios_commands_cfg':
+ path => "${nagios::defaults::vars::int_cfgdir}/commands.cfg",
+ notify => Service['nagios'],
+ owner => root,
+ group => root,
+ mode => '0644',
+ require => Package['nagios'];
+ "${nagios::defaults::vars::int_cfgdir}/stylesheets":
+ ensure => directory,
+ purge => false,
+ recurse => true,
+ require => Package['nagios'];
+ }
+
+ if $nagios::allow_external_cmd {
+ exec { 'nagios_external_cmd_perms_overrides':
+ command => 'dpkg-statoverride --update --add nagios www-data 2710 /var/lib/nagios3/rw && dpkg-statoverride --update --add nagios nagios 751 /var/lib/nagios3',
+ unless => 'dpkg-statoverride --list nagios www-data 2710 /var/lib/nagios3/rw && dpkg-statoverride --list nagios nagios 751 /var/lib/nagios3',
+ logoutput => false,
+ notify => Service['nagios'],
+ require => Package['nagios'],
+ }
+ exec { 'nagios_external_cmd_perms_1':
+ command => 'chmod 0751 /var/lib/nagios3 && chown nagios:nagios /var/lib/nagios3',
+ unless => 'test "`stat -c "%a %U %G" /var/lib/nagios3`" = "751 nagios nagios"',
+ notify => Service['nagios'],
+ require => Package['nagios'],
+ }
+ exec { 'nagios_external_cmd_perms_2':
+ command => 'chmod 2751 /var/lib/nagios3/rw && chown nagios:www-data /var/lib/nagios3/rw',
+ unless => 'test "`stat -c "%a %U %G" /var/lib/nagios3/rw`" = "2751 nagios www-data"',
+ notify => Service['nagios'],
+ require => Package['nagios'],
+ }
+ }
+}
diff --git a/puppet/modules/nagios/manifests/debian/apache.pp b/puppet/modules/nagios/manifests/debian/apache.pp
new file mode 100644
index 00000000..17b60c60
--- /dev/null
+++ b/puppet/modules/nagios/manifests/debian/apache.pp
@@ -0,0 +1,22 @@
+# Handle files that are specifically needed for nagios with apache on debian
+#
+# Do not include this class directly. It is included by the nagios class and
+# needs variables from it.
+#
+class nagios::debian::apache {
+
+ include ::nagios::defaults::vars
+
+ file { "${nagios::defaults::vars::int_cfgdir}/apache2.conf":
+ source => [ "puppet:///modules/site_nagios/configs/${::fqdn}/apache2.conf",
+ 'puppet:///modules/site_nagios/configs/apache2.conf',
+ 'puppet:///modules/nagios/configs/apache2.conf'],
+ }
+
+ apache::config::global { 'nagios3.conf':
+ ensure => link,
+ target => "${nagios::defaults::vars::int_cfgdir}/apache2.conf",
+ require => File["${nagios::defaults::vars::int_cfgdir}/apache2.conf"],
+ }
+
+}
diff --git a/puppet/modules/nagios/manifests/defaults.pp b/puppet/modules/nagios/manifests/defaults.pp
new file mode 100644
index 00000000..7c25ac94
--- /dev/null
+++ b/puppet/modules/nagios/manifests/defaults.pp
@@ -0,0 +1,12 @@
+class nagios::defaults {
+
+ # include some default nagios objects
+
+ include nagios::defaults::commands
+ include nagios::defaults::contactgroups
+ include nagios::defaults::contacts
+ include nagios::defaults::hostgroups
+ include nagios::defaults::templates
+ include nagios::defaults::timeperiods
+ include nagios::defaults::plugins
+}
diff --git a/puppet/modules/nagios/manifests/defaults/commands.pp b/puppet/modules/nagios/manifests/defaults/commands.pp
new file mode 100644
index 00000000..0f24411f
--- /dev/null
+++ b/puppet/modules/nagios/manifests/defaults/commands.pp
@@ -0,0 +1,145 @@
+# defaults commands we wanna have available
+class nagios::defaults::commands {
+
+ include ::nagios::command::smtp
+ include ::nagios::command::imap_pop3
+ include ::nagios::plugins::horde_login
+
+ # common service commands
+ case $::operatingsystem {
+ 'Debian','Ubuntu': {
+ nagios_command {
+ 'check_dummy':
+ command_line => '$USER1$/check_dummy $ARG1$';
+ 'check_https_cert':
+ command_line => '$USER1$/check_http --ssl -C 20 -H $HOSTADDRESS$ -I $HOSTADDRESS$';
+ 'check_http_url':
+ command_line => '$USER1$/check_http -H $ARG1$ -u $ARG2$';
+ 'check_http_url_regex':
+ command_line => '$USER1$/check_http -H $ARG1$ -p $ARG2$ -u $ARG3$ -e $ARG4$';
+ 'check_https_url':
+ command_line => '$USER1$/check_http --ssl -H $ARG1$ -u $ARG2$';
+ 'check_https_url_regex':
+ command_line => '$USER1$/check_http --ssl -H $ARG1$ -u $ARG2$ -e $ARG3$';
+ 'check_mysql_db':
+ command_line => '$USER1$/check_mysql -H $ARG1$ -P $ARG2$ -u $ARG3$ -p $ARG4$ -d $ARG5$';
+ 'check_ntp_time':
+ command_line => '$USER1$/check_ntp_time -H $HOSTADDRESS$ -w 0.5 -c 1';
+ 'check_silc':
+ command_line => '$USER1$/check_tcp -p 706 -H $ARG1$';
+ 'check_sobby':
+ command_line => '$USER1$/check_tcp -H $ARG1$ -p $ARG2$';
+ 'check_jabber':
+ command_line => '$USER1$/check_jabber -H $ARG1$';
+ 'check_git':
+ command_line => '$USER1$/check_tcp -H $ARG1$ -p 9418';
+ }
+ }
+ default: {
+ nagios_command {
+ 'check_dummy':
+ command_line => '$USER1$/check_dummy $ARG1$';
+ 'check_ping':
+ command_line => '$USER1$/check_ping -H $HOSTADDRESS$ -w $ARG1$ -c $ARG2$';
+ 'check-host-alive':
+ command_line => '$USER1$/check_ping -H $HOSTADDRESS$ -w 5000,100% -c 5000,100% -p 1';
+ 'check_tcp':
+ command_line => '$USER1$/check_tcp -H $HOSTADDRESS$ -p $ARG1$';
+ 'check_udp':
+ command_line => '$USER1$/check_udp -H $HOSTADDRESS$ -p $ARG1$';
+ 'check_load':
+ command_line => '$USER1$/check_load --warning=$ARG1$,$ARG2$,$ARG3$ --critical=$ARG4$,$ARG5$,$ARG6$';
+ 'check_disk':
+ command_line => '$USER1$/check_disk -w $ARG1$ -c $ARG2$ -e -p $ARG3$';
+ 'check_all_disks':
+ command_line => '$USER1$/check_disk -w $ARG1$ -c $ARG2$ -e';
+ 'check_ssh':
+ command_line => '$USER1$/check_ssh $HOSTADDRESS$';
+ 'check_ssh_port':
+ command_line => '$USER1$/check_ssh -p $ARG1$ $HOSTADDRESS$';
+ 'check_ssh_port_host':
+ command_line => '$USER1$/check_ssh -p $ARG1$ $ARG2$';
+ 'check_http':
+ command_line => '$USER1$/check_http -H $HOSTADDRESS$ -I $HOSTADDRESS$';
+ 'check_https':
+ command_line => '$USER1$/check_http --ssl -H $HOSTADDRESS$ -I $HOSTADDRESS$';
+ 'check_https_cert':
+ command_line => '$USER1$/check_http --ssl -C 20 -H $HOSTADDRESS$ -I $HOSTADDRESS$';
+ 'check_http_url':
+ command_line => '$USER1$/check_http -H $ARG1$ -u $ARG2$';
+ 'check_http_url_regex':
+ command_line => '$USER1$/check_http -H $ARG1$ -p $ARG2$ -u $ARG3$ -e $ARG4$';
+ 'check_https_url':
+ command_line => '$USER1$/check_http --ssl -H $ARG1$ -u $ARG2$';
+ 'check_https_url_regex':
+ command_line => '$USER1$/check_http --ssl -H $ARG1$ -u $ARG2$ -e $ARG3$';
+ 'check_mysql':
+ command_line => '$USER1$/check_mysql -H $ARG1$ -P $ARG2$ -u $ARG3$ -p $ARG4$';
+ 'check_mysql_db':
+ command_line => '$USER1$/check_mysql -H $ARG1$ -P $ARG2$ -u $ARG3$ -p $ARG4$ -d $ARG5$';
+ 'check_ntp_time':
+ command_line => '$USER1$/check_ntp_time -H $HOSTADDRESS$ -w 0.5 -c 1';
+ 'check_silc':
+ command_line => '$USER1$/check_tcp -p 706 -H $ARG1$';
+ 'check_sobby':
+ command_line => '$USER1$/check_tcp -H $ARG1$ -p $ARG2$';
+ 'check_jabber':
+ command_line => '$USER1$/check_jabber -H $ARG1$';
+ 'check_git':
+ command_line => '$USER1$/check_tcp -H $ARG1$ -p 9418';
+ }
+ }
+ }
+
+ # commands for services defined by other modules
+
+ nagios_command {
+ # from apache module
+ 'http_port':
+ command_line => '$USER1$/check_http -p $ARG1$ -H $HOSTADDRESS$ -I $HOSTADDRESS$';
+
+ 'check_http_port_url_content':
+ command_line => '$USER1$/check_http -H $ARG1$ -p $ARG2$ -u $ARG3$ -s $ARG4$';
+ 'check_https_port_url_content':
+ command_line => '$USER1$/check_http --ssl -H $ARG1$ -p $ARG2$ -u $ARG3$ -s $ARG4$';
+ 'check_http_url_content':
+ command_line => '$USER1$/check_http -H $ARG1$ -u $ARG2$ -s $ARG3$';
+ 'check_https_url_content':
+ command_line => '$USER1$/check_http --ssl -H $ARG1$ -u $ARG2$ -s $ARG3$';
+
+ # from bind module
+ 'check_dig2':
+ command_line => '$USER1$/check_dig -H $HOSTADDRESS$ -l $ARG1$ --record_type=$ARG2$';
+
+ # from mysql module
+ 'check_mysql_health':
+ command_line => '$USER1$/check_mysql_health --hostname $ARG1$ --port $ARG2$ --username $ARG3$ --password $ARG4$ --mode $ARG5$ --database $ARG6$ $ARG7$ $ARG8$';
+
+ # better check_dns
+ 'check_dns2':
+ command_line => '$USER1$/check_dns2 -c $ARG1$ A $ARG2$';
+
+ # dnsbl checking
+ 'check_dnsbl':
+ command_line => '$USER1$/check_dnsbl -H $ARG1$';
+ }
+
+ # notification commands
+
+ $mail_cmd_location = $::operatingsystem ? {
+ 'CentOS' => '/bin/mail',
+ default => '/usr/bin/mail'
+ }
+
+ case $::lsbdistcodename {
+ 'wheezy': { }
+ default: {
+ nagios_command {
+ 'notify-host-by-email':
+ command_line => "/usr/bin/printf \"%b\" \"***** Nagios *****\\n\\nNotification Type: \$NOTIFICATIONTYPE\$\\n\\nHost: \$HOSTNAME\$ (\$HOSTALIAS\$)\\nAddress: \$HOSTADDRESS\$\\nState: \$HOSTSTATE\$\\nDuration: \$HOSTDURATION\$\\n\\nDate/Time: \$LONGDATETIME\$\\n\\nOutput: \$HOSTOUTPUT\$\" | ${mail_cmd_location} -s \"\$NOTIFICATIONTYPE\$: \$HOSTSTATE\$ - \$HOSTNAME\$\" \$CONTACTEMAIL\$";
+ 'notify-service-by-email':
+ command_line => "/usr/bin/printf \"%b\" \"***** Nagios *****\\n\\nNotification Type: \$NOTIFICATIONTYPE\$\\n\\nHost: \$HOSTNAME\$ (\$HOSTALIAS\$)\\nAddress: \$HOSTADDRESS\$\\n\\nService: \$SERVICEDESC\$\\nState: \$SERVICESTATE\$\\nDuration: \$SERVICEDURATION\$\\n\\nDate/Time: \$LONGDATETIME\$\\n\\nOutput: \$SERVICEOUTPUT\$\" | ${mail_cmd_location} -s \"\$NOTIFICATIONTYPE\$: \$SERVICESTATE\$ - \$HOSTALIAS\$/\$SERVICEDESC\$\" \$CONTACTEMAIL\$";
+ }
+ }
+ }
+}
diff --git a/puppet/modules/nagios/manifests/defaults/contactgroups.pp b/puppet/modules/nagios/manifests/defaults/contactgroups.pp
new file mode 100644
index 00000000..f5affc60
--- /dev/null
+++ b/puppet/modules/nagios/manifests/defaults/contactgroups.pp
@@ -0,0 +1,9 @@
+class nagios::defaults::contactgroups {
+
+ nagios_contactgroup {
+ 'admins':
+ alias => 'Nagios Administrators',
+ members => 'root',
+ }
+
+}
diff --git a/puppet/modules/nagios/manifests/defaults/contacts.pp b/puppet/modules/nagios/manifests/defaults/contacts.pp
new file mode 100644
index 00000000..0252b5a8
--- /dev/null
+++ b/puppet/modules/nagios/manifests/defaults/contacts.pp
@@ -0,0 +1,15 @@
+class nagios::defaults::contacts {
+
+ nagios_contact {
+ 'root':
+ alias => 'Root',
+ service_notification_period => '24x7',
+ host_notification_period => '24x7',
+ service_notification_options => 'w,u,c,r',
+ host_notification_options => 'd,r',
+ service_notification_commands => 'notify-service-by-email',
+ host_notification_commands => 'notify-host-by-email',
+ email => 'root@localhost',
+ }
+
+}
diff --git a/puppet/modules/nagios/manifests/defaults/host_templates.pp b/puppet/modules/nagios/manifests/defaults/host_templates.pp
new file mode 100644
index 00000000..0f47324a
--- /dev/null
+++ b/puppet/modules/nagios/manifests/defaults/host_templates.pp
@@ -0,0 +1,24 @@
+class nagios::defaults::host_templates {
+
+ # this inoperative for the moment, see :
+ # http://projects.reductivelabs.com/issues/1180
+
+ nagios_host {
+ 'generic-host':
+ notifications_enabled => '1',
+ event_handler_enabled => '1',
+ flap_detection_enabled => '1',
+ failure_prediction_enabled => '1',
+ process_perf_data => '1',
+ retain_status_information => '1',
+ retain_nonstatus_information => '1',
+ check_command => 'check-host-alive',
+ max_check_attempts => '10',
+ notification_interval => '0',
+ notification_period => '24x7',
+ notification_options => 'd,u,r',
+ contact_groups => 'admins',
+ register => '0',
+ }
+
+}
diff --git a/puppet/modules/nagios/manifests/defaults/hostgroups.pp b/puppet/modules/nagios/manifests/defaults/hostgroups.pp
new file mode 100644
index 00000000..8715adee
--- /dev/null
+++ b/puppet/modules/nagios/manifests/defaults/hostgroups.pp
@@ -0,0 +1,11 @@
+class nagios::defaults::hostgroups {
+ nagios_hostgroup {
+ 'all':
+ alias => 'All Servers',
+ members => '*';
+ 'debian-servers':
+ alias => 'Debian GNU/Linux Servers';
+ 'centos-servers':
+ alias => 'CentOS GNU/Linux Servers';
+ }
+}
diff --git a/puppet/modules/nagios/manifests/defaults/plugins.pp b/puppet/modules/nagios/manifests/defaults/plugins.pp
new file mode 100644
index 00000000..abd8b528
--- /dev/null
+++ b/puppet/modules/nagios/manifests/defaults/plugins.pp
@@ -0,0 +1,10 @@
+class nagios::defaults::plugins {
+ nagios::plugin {
+ 'check_mysql_health':
+ source => 'nagios/plugins/check_mysql_health';
+ 'check_dns2':
+ source => 'nagios/plugins/check_dns2';
+ 'check_dnsbl':
+ source => 'nagios/plugins/check_dnsbl';
+ }
+}
diff --git a/puppet/modules/nagios/manifests/defaults/pnp4nagios.pp b/puppet/modules/nagios/manifests/defaults/pnp4nagios.pp
new file mode 100644
index 00000000..58676c5a
--- /dev/null
+++ b/puppet/modules/nagios/manifests/defaults/pnp4nagios.pp
@@ -0,0 +1,14 @@
+# configure default cmds for pnp4nagios
+class nagios::defaults::pnp4nagios {
+
+ # performance data cmds
+ # http://docs.pnp4nagios.org/de/pnp-0.6/config#bulk_mode_mit_npcd
+ nagios_command {
+ 'process-service-perfdata-file-pnp4nagios-bulk-npcd':
+ command_line => '/bin/mv /var/lib/nagios3/service-perfdata /var/spool/pnp4nagios/npcd/service-perfdata.$TIMET$',
+ require => Package['nagios'];
+ 'process-host-perfdata-file-pnp4nagios-bulk-npcd':
+ command_line => '/bin/mv /var/lib/nagios3/host-perfdata /var/spool/pnp4nagios/npcd/host-perfdata.$TIMET$',
+ require => Package['nagios'];
+ }
+}
diff --git a/puppet/modules/nagios/manifests/defaults/service_templates.pp b/puppet/modules/nagios/manifests/defaults/service_templates.pp
new file mode 100644
index 00000000..e39441a1
--- /dev/null
+++ b/puppet/modules/nagios/manifests/defaults/service_templates.pp
@@ -0,0 +1,32 @@
+# define the generic service template
+class nagios::defaults::service_templates {
+
+ # this inoperative for the moment, see :
+ # http://projects.reductivelabs.com/issues/1180
+
+ nagios_service {
+ 'generic-service':
+ active_checks_enabled => '1',
+ passive_checks_enabled => '1',
+ parallelize_check => '1',
+ obsess_over_service => '1',
+ check_freshness => '0',
+ notifications_enabled => '1',
+ event_handler_enabled => '1',
+ flap_detection_enabled => '1',
+ failure_prediction_enabled => '1',
+ process_perf_data => '1',
+ retain_status_information => '1',
+ retain_nonstatus_information => '1',
+ notification_interval => '0',
+ is_volatile => '0',
+ check_period => '24x7',
+ check_interval => '5',
+ retry_check_interval => '1',
+ max_check_attempts => '4',
+ notification_period => '24x7',
+ notification_options => 'w,u,c,r',
+ contact_groups => 'admins',
+ register => '0',
+ }
+}
diff --git a/puppet/modules/nagios/manifests/defaults/templates.pp b/puppet/modules/nagios/manifests/defaults/templates.pp
new file mode 100644
index 00000000..5158189c
--- /dev/null
+++ b/puppet/modules/nagios/manifests/defaults/templates.pp
@@ -0,0 +1,17 @@
+# manage nagios_templates
+class nagios::defaults::templates {
+ include nagios::defaults::vars
+
+ file { 'nagios_templates':
+ path => "${nagios::defaults::vars::int_cfgdir}/nagios_templates.cfg",
+ source => [ "puppet:///modules/site_nagios/configs/${::fqdn}/nagios_templates.cfg",
+ "puppet:///modules/site_nagios/configs/${::operatingsystem}/nagios_templates.cfg",
+ 'puppet:///modules/site_nagios/configs/nagios_templates.cfg',
+ "puppet:///modules/nagios/configs/${::operatingsystem}/nagios_templates.cfg",
+ 'puppet:///modules/nagios/configs/nagios_templates.cfg' ],
+ notify => Service['nagios'],
+ owner => root,
+ group => root,
+ mode => '0644';
+ }
+}
diff --git a/puppet/modules/nagios/manifests/defaults/timeperiods.pp b/puppet/modules/nagios/manifests/defaults/timeperiods.pp
new file mode 100644
index 00000000..0d05118a
--- /dev/null
+++ b/puppet/modules/nagios/manifests/defaults/timeperiods.pp
@@ -0,0 +1,33 @@
+class nagios::defaults::timeperiods {
+
+ nagios_timeperiod {
+ '24x7':
+ alias => '24 Hours A Day, 7 Days A Week',
+ sunday => '00:00-24:00',
+ monday => '00:00-24:00',
+ tuesday => '00:00-24:00',
+ wednesday => '00:00-24:00',
+ thursday => '00:00-24:00',
+ friday => '00:00-24:00',
+ saturday => '00:00-24:00';
+ 'workhours':
+ alias => 'Standard Work Hours',
+ monday => '09:00-17:00',
+ tuesday => '09:00-17:00',
+ wednesday => '09:00-17:00',
+ thursday => '09:00-17:00',
+ friday => '09:00-17:00';
+ 'nonworkhours':
+ alias => 'Non-Work Hours',
+ sunday => '00:00-24:00',
+ monday => '00:00-09:00,17:00-24:00',
+ tuesday => '00:00-09:00,17:00-24:00',
+ wednesday => '00:00-09:00,17:00-24:00',
+ thursday => '00:00-09:00,17:00-24:00',
+ friday => '00:00-09:00,17:00-24:00',
+ saturday => '00:00-24:00';
+ 'never':
+ alias => 'Never';
+ }
+
+}
diff --git a/puppet/modules/nagios/manifests/defaults/vars.pp b/puppet/modules/nagios/manifests/defaults/vars.pp
new file mode 100644
index 00000000..e1a62245
--- /dev/null
+++ b/puppet/modules/nagios/manifests/defaults/vars.pp
@@ -0,0 +1,11 @@
+# some default vars
+class nagios::defaults::vars {
+ case $nagios::cfgdir {
+ '': { $int_cfgdir = $::operatingsystem ? {
+ centos => '/etc/nagios',
+ default => '/etc/nagios3'
+ }
+ }
+ default: { $int_cfgdir = $nagios::cfgdir }
+ }
+}
diff --git a/puppet/modules/nagios/manifests/headless.pp b/puppet/modules/nagios/manifests/headless.pp
new file mode 100644
index 00000000..ba8af8f4
--- /dev/null
+++ b/puppet/modules/nagios/manifests/headless.pp
@@ -0,0 +1,5 @@
+class nagios::headless {
+ class { 'nagios':
+ httpd => 'absent',
+ }
+}
diff --git a/puppet/modules/nagios/manifests/init.pp b/puppet/modules/nagios/manifests/init.pp
new file mode 100644
index 00000000..e3421a0a
--- /dev/null
+++ b/puppet/modules/nagios/manifests/init.pp
@@ -0,0 +1,56 @@
+#
+# nagios module
+# nagios.pp - everything nagios related
+#
+# Copyright (C) 2007 David Schmitt <david@schmitt.edv-bus.at>
+# Copyright 2008, admin(at)immerda.ch
+# Copyright 2008, Puzzle ITC GmbH
+# Marcel Haerry haerry+puppet(at)puzzle.ch
+# Simon Josi josi+puppet(at)puzzle.ch
+#
+# This program is free software; you can redistribute
+# it and/or modify it under the terms of the GNU
+# General Public License version 3 as published by
+# the Free Software Foundation.
+#
+
+# manage nagios
+class nagios(
+ $httpd = 'apache',
+ $allow_external_cmd = false,
+ $manage_shorewall = false,
+ $manage_munin = false,
+ $service_atboot = true,
+ $purge_resources = true,
+ $gpgkey_checks = {},
+ $storeconfigs = true
+) {
+ case $nagios::httpd {
+ 'absent': { }
+ 'lighttpd': { include ::lighttpd }
+ 'apache': {
+ include ::apache
+ if $::operatingsystem == 'Debian' {
+ include ::nagios::debian::apache
+ }
+ }
+ default: { include ::apache }
+ }
+ case $::operatingsystem {
+ 'centos': {
+ $cfgdir = '/etc/nagios'
+ include ::nagios::centos
+ }
+ 'debian': {
+ $cfgdir = '/etc/nagios3'
+ include ::nagios::debian
+ }
+ default: {
+ fail("No such operatingsystem: ${::operatingsystem} yet defined")
+ }
+ }
+ if $manage_munin {
+ include ::nagios::munin
+ }
+ create_resources('nagios::service::gpgkey',$gpgkey_checks)
+}
diff --git a/puppet/modules/nagios/manifests/irc_bot.pp b/puppet/modules/nagios/manifests/irc_bot.pp
new file mode 100644
index 00000000..7e934ef1
--- /dev/null
+++ b/puppet/modules/nagios/manifests/irc_bot.pp
@@ -0,0 +1,50 @@
+class nagios::irc_bot(
+ $nsa_socket = 'absent',
+ $nsa_server,
+ $nsa_port = 6667,
+ $nsa_nickname,
+ $nsa_password = '',
+ $nsa_channel,
+ $nsa_pidfile = 'absent',
+ $nsa_realname = 'Nagios',
+ $nsa_usenotices = false,
+ $nsa_commandfile = 'absent'
+) {
+ $real_nsa_socket = $nsa_socket ? {
+ 'absent' => $::operatingsystem ? {
+ centos => '/var/run/nagios-nsa/nsa.socket',
+ default => '/var/run/nagios3/nsa.socket'
+ },
+ default => $nsa_socket,
+ }
+ $real_nsa_pidfile = $nsa_pidfile ? {
+ 'absent' => $::operatingsystem ? {
+ centos => '/var/run/nagios-nsa/nsa.pid',
+ default => '/var/run/nagios3/nsa.pid'
+ },
+ default => $nsa_pidfile,
+ }
+ $real_nsa_commandfile = $nsa_commandfile ? {
+ 'absent' => $::operatingsystem ? {
+ centos => '/var/spool/nagios/cmd/nagios.cmd',
+ default => '/var/lib/nagios3/rw/nagios.cmd'
+ },
+ default => $nsa_commandfile,
+ }
+
+ case $::operatingsystem {
+ centos: {
+ include nagios::irc_bot::centos
+ }
+ debian,ubuntu: {
+ include nagios::irc_bot::debian
+ }
+ default: {
+ include nagios::irc_bot::base
+ }
+ }
+
+ if $nagios::manage_shorewall {
+ include shorewall::rules::out::irc
+ }
+}
diff --git a/puppet/modules/nagios/manifests/irc_bot/base.pp b/puppet/modules/nagios/manifests/irc_bot/base.pp
new file mode 100644
index 00000000..fff9da4f
--- /dev/null
+++ b/puppet/modules/nagios/manifests/irc_bot/base.pp
@@ -0,0 +1,41 @@
+class nagios::irc_bot::base {
+ file {
+ '/usr/local/bin/riseup-nagios-client.pl':
+ source => 'puppet:///modules/nagios/irc_bot/riseup-nagios-client.pl',
+ owner => root, group => 0, mode => '0755';
+
+ '/usr/local/bin/riseup-nagios-server.pl':
+ source => 'puppet:///modules/nagios/irc_bot/riseup-nagios-server.pl',
+ owner => root, group => 0, mode => '0755';
+
+ '/etc/init.d/nagios-nsa':
+ content => template("nagios/irc_bot/${::operatingsystem}/nagios-nsa.sh.erb"),
+ require => File['/usr/local/bin/riseup-nagios-server.pl'],
+ owner => root, group => 0, mode => '0755';
+
+ '/etc/nagios_nsa.cfg':
+ ensure => present,
+ content => template('nagios/irc_bot/nsa.cfg.erb'),
+ owner => nagios, group => 0, mode => '0400',
+ notify => Service['nagios-nsa'];
+ }
+
+ package { 'libnet-irc-perl':
+ ensure => present,
+ }
+
+ service { 'nagios-nsa':
+ ensure => 'running',
+ hasstatus => true,
+ require => [ File['/etc/nagios_nsa.cfg'],
+ Package['libnet-irc-perl'],
+ Service['nagios'] ],
+ }
+
+ nagios_command {
+ 'notify-by-irc':
+ command_line => '/usr/local/bin/riseup-nagios-client.pl "$HOSTNAME$ ($SERVICEDESC$) $NOTIFICATIONTYPE$ n.$SERVICEATTEMPT$ $SERVICESTATETYPE$ $SERVICEEXECUTIONTIME$s $SERVICELATENCY$s $SERVICEOUTPUT$ $SERVICEPERFDATA$"';
+ 'host-notify-by-irc':
+ command_line => '/usr/local/bin/riseup-nagios-client.pl "$HOSTNAME$ ($HOSTALIAS$) $NOTIFICATIONTYPE$ n.$HOSTATTEMPT$ $HOSTSTATETYPE$ took $HOSTEXECUTIONTIME$s $HOSTOUTPUT$ $HOSTPERFDATA$ $HOSTLATENCY$s"';
+ }
+}
diff --git a/puppet/modules/nagios/manifests/irc_bot/centos.pp b/puppet/modules/nagios/manifests/irc_bot/centos.pp
new file mode 100644
index 00000000..d7b19063
--- /dev/null
+++ b/puppet/modules/nagios/manifests/irc_bot/centos.pp
@@ -0,0 +1,9 @@
+class nagios::irc_bot::centos inherits nagios::irc_bot::base {
+ Package['libnet-irc-perl']{
+ name => 'perl-Net-IRC',
+ }
+
+ Service['nagios-nsa']{
+ enable => true,
+ }
+}
diff --git a/puppet/modules/nagios/manifests/irc_bot/debian.pp b/puppet/modules/nagios/manifests/irc_bot/debian.pp
new file mode 100644
index 00000000..93ea64b8
--- /dev/null
+++ b/puppet/modules/nagios/manifests/irc_bot/debian.pp
@@ -0,0 +1,8 @@
+class nagios::irc_bot::debian inherits nagios::irc_bot::base {
+ exec { "nagios_nsa_init_script":
+ command => "/usr/sbin/update-rc.d nagios-nsa defaults",
+ unless => "/bin/ls /etc/rc3.d/ | /bin/grep nagios-nsa",
+ require => File["/etc/init.d/nagios-nsa"],
+ before => Service['nagios-nsa'],
+ }
+}
diff --git a/puppet/modules/nagios/manifests/irc_bot/disable.pp b/puppet/modules/nagios/manifests/irc_bot/disable.pp
new file mode 100644
index 00000000..d6b7c551
--- /dev/null
+++ b/puppet/modules/nagios/manifests/irc_bot/disable.pp
@@ -0,0 +1,8 @@
+class nagios::irc_bot::disable inherits nagios::irc_bot::base {
+
+ Service['nagios-nsa'] {
+ ensure => stopped,
+ enable => false,
+ }
+
+}
diff --git a/puppet/modules/nagios/manifests/lighttpd.pp b/puppet/modules/nagios/manifests/lighttpd.pp
new file mode 100644
index 00000000..0f298964
--- /dev/null
+++ b/puppet/modules/nagios/manifests/lighttpd.pp
@@ -0,0 +1,12 @@
+class nagios::lighttpd(
+ $allow_external_cmd = false,
+ $manage_shorewall = false,
+ $manage_munin = false
+) {
+ class{'nagios':
+ httpd => 'lighttpd',
+ allow_external_cmd => $allow_external_cmd,
+ manage_munin => $manage_munin,
+ manage_shorewall => $manage_shorewall,
+ }
+}
diff --git a/puppet/modules/nagios/manifests/munin.pp b/puppet/modules/nagios/manifests/munin.pp
new file mode 100644
index 00000000..dc5cc4c3
--- /dev/null
+++ b/puppet/modules/nagios/manifests/munin.pp
@@ -0,0 +1,19 @@
+class nagios::munin {
+ include munin::plugins::base
+
+ munin::plugin::deploy {
+ 'nagios_hosts':
+ source => 'nagios/munin/nagios_hosts',
+ config => 'user nagios';
+ 'nagios_svc':
+ source => 'nagios/munin/nagios_svc',
+ config => 'user nagios';
+ 'nagios_perf_hosts':
+ source => 'nagios/munin/nagios_perf',
+ config => 'user nagios';
+ 'nagios_perf_svc':
+ source => 'nagios/munin/nagios_perf',
+ config => 'user nagios';
+ }
+
+}
diff --git a/puppet/modules/nagios/manifests/nrpe.pp b/puppet/modules/nagios/manifests/nrpe.pp
new file mode 100644
index 00000000..b7984b6e
--- /dev/null
+++ b/puppet/modules/nagios/manifests/nrpe.pp
@@ -0,0 +1,41 @@
+# setup nrpe stuff
+class nagios::nrpe (
+ $cfg_dir = '',
+ $pid_file = '',
+ $plugin_dir = '',
+ $server_address = '',
+ $allowed_hosts = '',
+ $dont_blame = '0',
+) {
+
+ if !($dont_blame in ['0', '1']) {
+ fail('Unrecognized value for $dont_blame, must be one of "0", or "1".')
+ }
+
+ case $::operatingsystem {
+ 'FreeBSD': {
+ if $cfg_dir == '' { $real_cfg_dir = '/usr/local/etc' }
+ if $pid_file == '' { $real_pid_file = '/var/spool/nagios/nrpe2.pid' }
+ if $plugin_dir == '' { $real_plugin_dir = '/usr/local/libexec/nagios' }
+
+ include ::nagios::nrpe::freebsd
+ }
+ 'Debian': {
+ if $cfg_dir == '' { $real_cfg_dir = '/etc/nagios' }
+ if $pid_file == '' { $real_pid_file = '/var/run/nagios/nrpe.pid' }
+ if $plugin_dir == '' { $real_plugin_dir = '/usr/lib/nagios/plugins' }
+ include ::nagios::nrpe::linux
+ }
+ default: {
+ if $cfg_dir == '' { $real_cfg_dir = '/etc/nagios' }
+ if $pid_file == '' { $real_pid_file = '/var/run/nrpe.pid' }
+ if $plugin_dir == '' { $real_plugin_dir = '/usr/lib/nagios/plugins' }
+
+ case $::kernel {
+ 'Linux': { include ::nagios::nrpe::linux }
+ default: { include ::nagios::nrpe::base }
+ }
+ }
+ }
+
+}
diff --git a/puppet/modules/nagios/manifests/nrpe/base.pp b/puppet/modules/nagios/manifests/nrpe/base.pp
new file mode 100644
index 00000000..e48e87b4
--- /dev/null
+++ b/puppet/modules/nagios/manifests/nrpe/base.pp
@@ -0,0 +1,58 @@
+# basic nrpe stuff
+class nagios::nrpe::base {
+
+ # Import all variables from entry point
+ $cfg_dir = $::nagios::nrpe::real_cfg_dir
+ $pid_file = $::nagios::nrpe::real_pid_file
+ $plugin_dir = $::nagios::nrpe::real_plugin_dir
+ $server_address = $::nagios::nrpe::server_address
+ $allowed_hosts = $::nagios::nrpe::allowed_hosts
+ $dont_blame = $::nagios::nrpe::dont_blame
+
+ package{['nagios-nrpe-server', 'nagios-plugins-basic', 'libwww-perl']:
+ ensure => installed;
+ }
+
+ # Special-case lenny. the package doesn't exist
+ if $::lsbdistcodename != 'lenny' {
+ package{'libnagios-plugin-perl': ensure => installed; }
+ }
+
+ file{
+ [ $cfg_dir, "${cfg_dir}/nrpe.d" ]:
+ ensure => directory;
+ }
+
+ file { "${cfg_dir}/nrpe.cfg":
+ content => template('nagios/nrpe/nrpe.cfg'),
+ owner => root,
+ group => 0,
+ mode => '0644';
+ }
+
+ # default commands
+ nagios::nrpe::command{'basic_nrpe':
+ source => [ "puppet:///modules/site_nagios/configs/nrpe/nrpe_commands.${::fqdn}.cfg",
+ 'puppet:///modules/site_nagios/configs/nrpe/nrpe_commands.cfg',
+ 'puppet:///modules/nagios/nrpe/nrpe_commands.cfg' ],
+ }
+ # the check for load should be customized for each server based on number
+ # of CPUs and the type of activity.
+ $warning_1_threshold = 7 * $::processorcount
+ $warning_5_threshold = 6 * $::processorcount
+ $warning_15_threshold = 5 * $::processorcount
+ $critical_1_threshold = 10 * $::processorcount
+ $critical_5_threshold = 9 * $::processorcount
+ $critical_15_threshold = 8 * $::processorcount
+ nagios::nrpe::command {'check_load':
+ command_line => "${plugin_dir}/check_load -w ${warning_1_threshold},${warning_5_threshold},${warning_15_threshold} -c ${critical_1_threshold},${critical_5_threshold},${critical_15_threshold}",
+ }
+
+ service{'nagios-nrpe-server':
+ ensure => running,
+ enable => true,
+ pattern => 'nrpe',
+ subscribe => File["${cfg_dir}/nrpe.cfg"],
+ require => Package['nagios-nrpe-server'],
+ }
+}
diff --git a/puppet/modules/nagios/manifests/nrpe/command.pp b/puppet/modules/nagios/manifests/nrpe/command.pp
new file mode 100644
index 00000000..c66ab986
--- /dev/null
+++ b/puppet/modules/nagios/manifests/nrpe/command.pp
@@ -0,0 +1,34 @@
+# manage an nrpe command
+define nagios::nrpe::command (
+ $ensure = present,
+ $command_line = '',
+ $source = '',
+){
+ if ($command_line == '' and $source == '') {
+ fail('Either one of $command_line or $source must be given to nagios::nrpe::command.' )
+ }
+
+ $cfg_dir = $nagios::nrpe::real_cfg_dir
+
+ file{"${cfg_dir}/nrpe.d/${name}_command.cfg":
+ ensure => $ensure,
+ notify => Service['nagios-nrpe-server'],
+ require => File["${cfg_dir}/nrpe.d" ],
+ owner => 'root',
+ group => 0,
+ mode => '0644';
+ }
+
+ case $source {
+ '': {
+ File["${cfg_dir}/nrpe.d/${name}_command.cfg"] {
+ content => template('nagios/nrpe/nrpe_command.erb'),
+ }
+ }
+ default: {
+ File["${cfg_dir}/nrpe.d/${name}_command.cfg"] {
+ source => $source,
+ }
+ }
+ }
+}
diff --git a/puppet/modules/nagios/manifests/nrpe/debian.pp b/puppet/modules/nagios/manifests/nrpe/debian.pp
new file mode 100644
index 00000000..fcaf8514
--- /dev/null
+++ b/puppet/modules/nagios/manifests/nrpe/debian.pp
@@ -0,0 +1,6 @@
+class nagios::nrpe::debian inherits nagios::nrpe::base {
+ include nagios::nrpe::linux
+ Service['nagios-nrpe-server'] {
+ hasstatus => false,
+ }
+}
diff --git a/puppet/modules/nagios/manifests/nrpe/freebsd.pp b/puppet/modules/nagios/manifests/nrpe/freebsd.pp
new file mode 100644
index 00000000..063b79bc
--- /dev/null
+++ b/puppet/modules/nagios/manifests/nrpe/freebsd.pp
@@ -0,0 +1,16 @@
+class nagios::nrpe::freebsd inherits nagios::nrpe::base {
+
+ Package["nagios-nrpe-server"] { name => "nrpe" }
+ Package["nagios-plugins-basic"] { name => "nagios-plugins" }
+ Package["libnagios-plugin-perl"] { name => "p5-Nagios-Plugin" }
+ Package["libwww-perl"] { name => "p5-libwww" }
+
+ # TODO check_cpustats.sh is probably not working as of now. the package 'sysstat' is not available under FreeBSD
+
+ Service["nagios-nrpe-server"] {
+ pattern => "^/usr/local/sbin/nrpe2",
+ path => "/usr/local/etc/rc.d",
+ name => "nrpe2",
+ hasstatus => "false",
+ }
+}
diff --git a/puppet/modules/nagios/manifests/nrpe/linux.pp b/puppet/modules/nagios/manifests/nrpe/linux.pp
new file mode 100644
index 00000000..14e007f3
--- /dev/null
+++ b/puppet/modules/nagios/manifests/nrpe/linux.pp
@@ -0,0 +1,9 @@
+class nagios::nrpe::linux inherits nagios::nrpe::base {
+
+ package {
+ "nagios-plugins-standard": ensure => present;
+ "ksh": ensure => present; # for check_cpustats.sh
+ "sysstat": ensure => present; # for check_cpustats.sh
+ }
+
+}
diff --git a/puppet/modules/nagios/manifests/nrpe/xinetd.pp b/puppet/modules/nagios/manifests/nrpe/xinetd.pp
new file mode 100644
index 00000000..4de0bac6
--- /dev/null
+++ b/puppet/modules/nagios/manifests/nrpe/xinetd.pp
@@ -0,0 +1,11 @@
+# This is created only to cope with cases where we're not the only ones
+# administering a machine and NRPE is running in xinetd.
+class nagios::nrpe::xinetd inherits base {
+
+ Service["nagios-nrpe-server"] {
+ ensure => stopped,
+ }
+
+ # TODO manage the xinetd config file that glues with NRPE
+
+}
diff --git a/puppet/modules/nagios/manifests/nsca.pp b/puppet/modules/nagios/manifests/nsca.pp
new file mode 100644
index 00000000..d5be298c
--- /dev/null
+++ b/puppet/modules/nagios/manifests/nsca.pp
@@ -0,0 +1,3 @@
+class nagios::nsca {
+ include nagios::nsca::server
+}
diff --git a/puppet/modules/nagios/manifests/nsca/client.pp b/puppet/modules/nagios/manifests/nsca/client.pp
new file mode 100644
index 00000000..6aa8c0b1
--- /dev/null
+++ b/puppet/modules/nagios/manifests/nsca/client.pp
@@ -0,0 +1,18 @@
+# manage nsca client
+class nagios::nsca::client {
+
+ package{'nsca':
+ ensure => installed
+ }
+
+ file{'/etc/send_nsca.cfg':
+ source => [ "puppet:///modules/site_nagios/nsca/${::fqdn}/send_nsca.cfg",
+ 'puppet:///modules/site_nagios/nsca/send_nsca.cfg',
+ 'puppet:///modules/nagios/nsca/send_nsca.cfg' ],
+ owner => 'nagios',
+ group => 'nogroup',
+ mode => '0400',
+ require => Package['nsca'];
+ }
+
+}
diff --git a/puppet/modules/nagios/manifests/nsca/server.pp b/puppet/modules/nagios/manifests/nsca/server.pp
new file mode 100644
index 00000000..8163eec1
--- /dev/null
+++ b/puppet/modules/nagios/manifests/nsca/server.pp
@@ -0,0 +1,24 @@
+# an nsca server
+class nagios::nsca::server {
+ package{'nsca':
+ ensure => installed
+ }
+
+ service { 'nsca':
+ ensure => running,
+ hasstatus => false,
+ hasrestart => true,
+ require => Package['nsca'],
+ }
+
+ file { '/etc/nsca.cfg':
+ source => [ "puppet:///modules/site_nagios/nsca/${::fqdn}/nsca.cfg",
+ 'puppet:///modules/site_nagios/nsca/nsca.cfg',
+ 'puppet:///modules/nagios/nsca/nsca.cfg' ],
+ owner => 'nagios',
+ group => 'nogroup',
+ mode => '0400',
+ notify => Service['nsca'],
+ }
+
+}
diff --git a/puppet/modules/nagios/manifests/plugin.pp b/puppet/modules/nagios/manifests/plugin.pp
new file mode 100644
index 00000000..07938cd2
--- /dev/null
+++ b/puppet/modules/nagios/manifests/plugin.pp
@@ -0,0 +1,28 @@
+# a wrapper for syncing a plugin
+define nagios::plugin(
+ $source = 'absent',
+ $ensure = present,
+){
+ if $::hardwaremodel == 'x86_64' and $::operatingsystem != 'Debian' {
+ $real_path = "/usr/lib64/nagios/plugins/${name}"
+ }
+ else {
+ $real_path = "/usr/lib/nagios/plugins/${name}"
+ }
+
+ $real_source = $source ? {
+ 'absent' => "puppet:///modules/nagios/plugins/${name}",
+ default => "puppet:///modules/${source}"
+ }
+
+ file{$name:
+ ensure => $ensure,
+ path => $real_path,
+ source => $real_source,
+ tag => 'nagios_plugin',
+ require => Package['nagios-plugins'],
+ owner => 'root',
+ group => 0,
+ mode => '0755';
+ }
+}
diff --git a/puppet/modules/nagios/manifests/plugin/deploy.pp b/puppet/modules/nagios/manifests/plugin/deploy.pp
new file mode 100644
index 00000000..76815909
--- /dev/null
+++ b/puppet/modules/nagios/manifests/plugin/deploy.pp
@@ -0,0 +1,41 @@
+# deploy a specific plugin
+define nagios::plugin::deploy(
+ $source = '',
+ $ensure = 'present',
+ $config = '',
+ $require_package = 'nagios-plugins'
+) {
+ $plugin_src = $ensure ? {
+ 'present' => $name,
+ 'absent' => $name,
+ default => $ensure
+ }
+ $real_source = $source ? {
+ '' => "nagios/plugins/${plugin_src}",
+ default => $source
+ }
+
+ if !defined(Package[$require_package]) {
+ package { $require_package:
+ ensure => installed,
+ tag => 'nagios::plugin::deploy::package';
+ }
+ }
+
+ include ::nagios::plugin::scriptpaths
+ file{"nagios_plugin_${name}":
+ path => "${nagios::plugin::scriptpaths::script_path}/${name}",
+ source => "puppet:///modules/${real_source}",
+ require => Package[$require_package],
+ tag => 'nagios::plugin::deploy::file',
+ owner => root,
+ group => 0,
+ mode => '0755';
+ }
+
+ # register the plugin
+ nagios::plugin{$name:
+ ensure => $ensure,
+ require => Package['nagios-plugins']
+ }
+}
diff --git a/puppet/modules/nagios/manifests/plugin/scriptpaths.pp b/puppet/modules/nagios/manifests/plugin/scriptpaths.pp
new file mode 100644
index 00000000..9cd4b5d6
--- /dev/null
+++ b/puppet/modules/nagios/manifests/plugin/scriptpaths.pp
@@ -0,0 +1,6 @@
+class nagios::plugin::scriptpaths {
+ case $::hardwaremodel {
+ x86_64: { $script_path = "/usr/lib64/nagios/plugins/" }
+ default: { $script_path = "/usr/lib/nagios/plugins" }
+ }
+}
diff --git a/puppet/modules/nagios/manifests/plugins/gpg.pp b/puppet/modules/nagios/manifests/plugins/gpg.pp
new file mode 100644
index 00000000..a09736a8
--- /dev/null
+++ b/puppet/modules/nagios/manifests/plugins/gpg.pp
@@ -0,0 +1,30 @@
+# check_gpg from
+# https://github.com/lelutin/nagios-plugins/blob/master/check_gpg
+class nagios::plugins::gpg {
+ require ::gpg
+ nagios::plugin{'check_gpg':
+ source => 'nagios/plugins/check_gpg',
+ }
+
+ $gpg_home = '/var/local/nagios_gpg_homedir'
+ file{
+ $gpg_home:
+ ensure => 'directory',
+ owner => nagios,
+ group => nagios,
+ mode => '0600',
+ require => Nagios::Plugin['check_gpg'];
+ "${gpg_home}/sks-keyservers.netCA.pem":
+ source => 'puppet:///modules/nagios/plugin_data/sks-keyservers.netCA.pem',
+ owner => nagios,
+ group => 0,
+ mode => '0400',
+ before => Nagios_command['check_gpg'];
+ }
+ nagios_command {
+ 'check_gpg':
+ command_line => "\$USER1\$/check_gpg --gnupg-homedir ${gpg_home} -w \$ARG1\$ \$ARG2\$",
+ require => Nagios::Plugin['check_gpg'],
+ }
+}
+
diff --git a/puppet/modules/nagios/manifests/plugins/horde_login.pp b/puppet/modules/nagios/manifests/plugins/horde_login.pp
new file mode 100644
index 00000000..4274b4cf
--- /dev/null
+++ b/puppet/modules/nagios/manifests/plugins/horde_login.pp
@@ -0,0 +1,11 @@
+# check_horde_login
+class nagios::plugins::horde_login {
+ ensure_packages(['python-requests'])
+ nagios::plugin { 'check_horde_login':
+ source => 'nagios/plugins/check_horde_login',
+ require => Package['python-requests'],
+ } -> nagios_command {
+ 'check_horde_login':
+ command_line => "\$USER1\$/check_horde_login -s \$ARG1\$ -u \$ARG2\$ -p \$ARG3\$",
+ }
+}
diff --git a/puppet/modules/nagios/manifests/plugins/jabber.pp b/puppet/modules/nagios/manifests/plugins/jabber.pp
new file mode 100644
index 00000000..380a5c0a
--- /dev/null
+++ b/puppet/modules/nagios/manifests/plugins/jabber.pp
@@ -0,0 +1,10 @@
+class nagios::plugins::jabber {
+
+ # for check_jabber_login
+ require rubygems::xmpp4r
+
+ nagios::plugin { 'check_jabber_login':
+ source => 'nagios/plugins/check_jabber_login'
+ }
+}
+
diff --git a/puppet/modules/nagios/manifests/plugins/mail_login.pp b/puppet/modules/nagios/manifests/plugins/mail_login.pp
new file mode 100644
index 00000000..a86cdc24
--- /dev/null
+++ b/puppet/modules/nagios/manifests/plugins/mail_login.pp
@@ -0,0 +1,10 @@
+# simple mail login check
+class nagios::plugins::mail_login {
+ nagios::plugin {
+ 'check_imap_login':
+ source => 'nagios/plugins/check_imap_login';
+ 'check_pop3_login':
+ source => 'nagios/plugins/check_pop3_login';
+ }
+}
+
diff --git a/puppet/modules/nagios/manifests/pnp4nagios.pp b/puppet/modules/nagios/manifests/pnp4nagios.pp
new file mode 100644
index 00000000..bd7ab0ca
--- /dev/null
+++ b/puppet/modules/nagios/manifests/pnp4nagios.pp
@@ -0,0 +1,68 @@
+# manage pnp4nagios
+class nagios::pnp4nagios {
+ include nagios::defaults::pnp4nagios
+
+ package { [ 'pnp4nagios', 'pnp4nagios-web-config-nagios3']:
+ ensure => installed,
+ require => Package['nagios']
+ }
+
+ # unfortunatly we can't use the nagios_host and nagios_service
+ # definition to define templates, so we need to copy a file here.
+ # see http://projects.reductivelabs.com/issues/1180 for this limitation
+
+ file { 'pnp4nagios-templates.cfg':
+ path => "${nagios::defaults::vars::int_cfgdir}/pnp4nagios-templates.cfg",
+ source => [ 'puppet:///modules/site_nagios/pnp4nagios/pnp4nagios-templates.cfg',
+ 'puppet:///modules/nagios/pnp4nagios/pnp4nagios-templates.cfg' ],
+ mode => '0644',
+ owner => root,
+ group => root,
+ notify => Service['nagios'],
+ require => Package['nagios'];
+ }
+
+ file { 'apache.conf':
+ path => '/etc/pnp4nagios/apache.conf',
+ source => ['puppet:///modules/site_nagios/pnp4nagios/apache.conf',
+ 'puppet:///modules/nagios/pnp4nagios/apache.conf' ],
+ mode => '0644',
+ owner => root,
+ group => root,
+ notify => Service['apache'],
+ require => [ Package['apache2'], Package['pnp4nagios'] ],
+ }
+
+ # run npcd as daemon
+
+ file { '/etc/default/npcd':
+ path => '/etc/default/npcd',
+ source => [ 'puppet:///modules/site_nagios/pnp4nagios/npcd',
+ 'puppet:///modules/nagios/pnp4nagios/npcd' ],
+ mode => '0644',
+ owner => root,
+ group => root,
+ notify => Service['npcd'],
+ require => [ Package['nagios'], Package['pnp4nagios'] ];
+ }
+
+ service { 'npcd':
+ ensure => running,
+ enable => true,
+ hasstatus => true,
+ require => Package['pnp4nagios'],
+ }
+
+ # modify action.gif
+
+ file { '/usr/share/nagios3/htdocs/images/action.gif':
+ path => '/usr/share/nagios3/htdocs/images/action.gif',
+ source => [ 'puppet:///modules/site_nagios/pnp4nagios/action.gif',
+ 'puppet:///modules/nagios/pnp4nagios/action.gif' ],
+ mode => '0644',
+ owner => root,
+ group => root,
+ notify => Service['nagios'],
+ require => Package['nagios'];
+ }
+}
diff --git a/puppet/modules/nagios/manifests/pnp4nagios/popup.pp b/puppet/modules/nagios/manifests/pnp4nagios/popup.pp
new file mode 100644
index 00000000..91136ccb
--- /dev/null
+++ b/puppet/modules/nagios/manifests/pnp4nagios/popup.pp
@@ -0,0 +1,24 @@
+class nagios::pnp4nagios::popup inherits nagios::pnp4nagios {
+ File['pnp4nagios-templates.cfg']{
+ source => [
+ 'puppet:///modules/site-nagios/pnp4nagios/pnp4nagios-popup-templates.cfg',
+ 'puppet:///modules/nagios/pnp4nagios/pnp4nagios-popup-templates.cfg' ],
+ }
+
+ file { '/usr/share/nagios3/htdocs/ssi':
+ ensure => directory,
+ require => Package['nagios'],
+ }
+
+ file { 'status-header.ssi':
+ path => '/usr/share/nagios3/htdocs/ssi/status-header.ssi',
+ source => [
+ 'puppet:///modules/site-nagios/pnp4nagios/status-header.ssi',
+ 'puppet:///modules/nagios/pnp4nagios/status-header.ssi'],
+ mode => '0644',
+ owner => root,
+ group => root,
+ notify => Service['nagios'],
+ require => Package['nagios'],
+ }
+}
diff --git a/puppet/modules/nagios/manifests/service.pp b/puppet/modules/nagios/manifests/service.pp
new file mode 100644
index 00000000..e2c08e99
--- /dev/null
+++ b/puppet/modules/nagios/manifests/service.pp
@@ -0,0 +1,91 @@
+# a wrapper around nagios_service to make it more convenient and
+# also automatically an exported resource.
+define nagios::service (
+ $ensure = present,
+ $host_name = $::fqdn,
+ $check_command = 'absent',
+ $check_period = undef,
+ $check_interval = undef,
+ $retry_check_interval = undef,
+ $max_check_attempts = undef,
+ $notification_interval = undef,
+ $notification_period = undef,
+ $notification_options = undef,
+ $contact_groups = undef,
+ $use = 'generic-service',
+ $service_description = 'absent',
+ $use_nrpe = undef,
+ $nrpe_args = undef,
+ $nrpe_timeout = 10,
+) {
+
+ # TODO: this resource should normally accept all nagios_host parameters
+
+ $real_name = "${::hostname}_${name}"
+
+ @@nagios_service {$real_name:
+ ensure => $ensure,
+ notify => Service['nagios'];
+ }
+
+ if $ensure != 'absent' {
+ if $check_command == 'absent' {
+ fail("Must pass a check_command to ${name} if it should be present")
+ }
+ if str2bool($use_nrpe) {
+ include ::nagios::command::nrpe_timeout
+
+ if $nrpe_args {
+ $real_check_command = "check_nrpe_timeout!${nrpe_timeout}!${check_command}!\"${nrpe_args}\""
+ } else {
+ $real_check_command = "check_nrpe_1arg_timeout!${nrpe_timeout}!${check_command}"
+ }
+ } else {
+ $real_check_command = $check_command
+ }
+
+ $real_service_description = $service_description ? {
+ 'absent' => $name,
+ default => $service_description
+ }
+ Nagios_service[$real_name] {
+ check_command => $check_command,
+ host_name => $host_name,
+ use => $use,
+ service_description => $real_service_description,
+ }
+
+ if $check_period {
+ Nagios_service[$real_name] { check_period => $check_period }
+ }
+
+ if $check_interval {
+ Nagios_service[$real_name] { check_interval => $check_interval }
+ }
+
+ if $retry_check_interval {
+ Nagios_service[$real_name] { retry_check_interval => $retry_check_interval }
+ }
+
+ if $max_check_attempts {
+ Nagios_service[$real_name] { max_check_attempts => $max_check_attempts }
+ }
+
+ if $notification_interval {
+ Nagios_service[$real_name] { notification_interval => $notification_interval }
+ }
+
+ if $notification_period {
+ Nagios_service[$real_name] { notification_period => $notification_period }
+ }
+
+ if $notification_options {
+ Nagios_service[$real_name] { notification_options => $notification_options }
+ }
+
+ if $contact_groups {
+ Nagios_service[$real_name] { contact_groups => $contact_groups }
+ }
+ }
+}
+
diff --git a/puppet/modules/nagios/manifests/service/dns.pp b/puppet/modules/nagios/manifests/service/dns.pp
new file mode 100644
index 00000000..5ef6e3e8
--- /dev/null
+++ b/puppet/modules/nagios/manifests/service/dns.pp
@@ -0,0 +1,19 @@
+define nagios::service::dns(
+ $host_name = $::fqdn,
+ $comment = $name,
+ $check_domain = $name,
+ $ip
+){
+ if $name != $comment {
+ $check_name = "${comment}_${name}_${::hostname}"
+ } else {
+ $check_name = "${name}_${::hostname}"
+ }
+
+ nagios::service{
+ $check_name:
+ check_command => "check_dns2!${check_domain}!${ip}",
+ host_name => $host_name,
+ service_description => "check if ${::host_name} is resolving ${check_domain}";
+ }
+}
diff --git a/puppet/modules/nagios/manifests/service/dns_host.pp b/puppet/modules/nagios/manifests/service/dns_host.pp
new file mode 100644
index 00000000..d88f3735
--- /dev/null
+++ b/puppet/modules/nagios/manifests/service/dns_host.pp
@@ -0,0 +1,22 @@
+# add a special host and monitor
+# it's dns service
+define nagios::service::dns_host(
+ $check_domain,
+ $host_alias,
+ $parent,
+ $ip
+){
+ @@nagios_host{$name:
+ address => $ip,
+ alias => $host_alias,
+ use => 'generic-host',
+ parents => $parent,
+ }
+
+ nagios::service::dns{$name:
+ host_name => $name,
+ comment => 'public_ns',
+ check_domain => $check_domain,
+ ip => $ip,
+ }
+}
diff --git a/puppet/modules/nagios/manifests/service/gpgkey.pp b/puppet/modules/nagios/manifests/service/gpgkey.pp
new file mode 100644
index 00000000..df13ca88
--- /dev/null
+++ b/puppet/modules/nagios/manifests/service/gpgkey.pp
@@ -0,0 +1,49 @@
+# define a gpgkey to be watched
+define nagios::service::gpgkey(
+ $ensure = 'present',
+ $warning = '14',
+ $key_info = undef,
+ $check_interval = 60,
+){
+ validate_slength($name,40,40)
+ require ::nagios::plugins::gpg
+ $gpg_home = $nagios::plugins::gpg::gpg_home
+ $gpg_cmd = "gpg --homedir ${gpg_home}"
+
+ exec{"manage_key_${name}":
+ user => nagios,
+ group => nagios,
+ }
+ nagios::service{
+ "check_gpg_${name}":
+ ensure => $ensure;
+ }
+
+ if $ensure == 'present' {
+ Exec["manage_key_${name}"]{
+ command => "${gpg_cmd} --keyserver hkps://hkps.pool.sks-keyservers.net --keyserver-options ca-cert-file=${gpg_home}/sks-keyservers.netCA.pem --recv-keys ${name}",
+ unless => "${gpg_cmd} --list-keys ${name}",
+ before => Nagios::Service["check_gpg_${name}"],
+ }
+
+ Nagios::Service["check_gpg_${name}"]{
+ check_command => "check_gpg!${warning}!${name}",
+ check_interval => $check_interval,
+ }
+ if $key_info {
+ Nagios::Service["check_gpg_${name}"]{
+ service_description => "Keyfingerprint: ${name} - Info: ${key_info}",
+ }
+ } else {
+ Nagios::Service["check_gpg_${name}"]{
+ service_description => "Keyfingerprint: ${name}",
+ }
+ }
+ } else {
+ Exec["manage_key_${name}"]{
+ command => "${gpg_cmd} --batch --delete-key ${name}",
+ onlyif => "${gpg_cmd} --list-keys ${name}",
+ require => Nagios::Service["check_gpg_${name}"],
+ }
+ }
+}
diff --git a/puppet/modules/nagios/manifests/service/horde_login.pp b/puppet/modules/nagios/manifests/service/horde_login.pp
new file mode 100644
index 00000000..6cab59e9
--- /dev/null
+++ b/puppet/modules/nagios/manifests/service/horde_login.pp
@@ -0,0 +1,18 @@
+# a horde login check
+define nagios::service::horde_login(
+ $password,
+ $url,
+ $username = $name,
+ $ensure = 'present',
+){
+ nagios::service{
+ "horde_${name}":
+ ensure => $ensure;
+ }
+
+ if $ensure != 'absent' {
+ Nagios::Service["horde_${name}"]{
+ check_command => "check_horde_login!${url}!${username}!${password}",
+ }
+ }
+}
diff --git a/puppet/modules/nagios/manifests/service/http.pp b/puppet/modules/nagios/manifests/service/http.pp
new file mode 100644
index 00000000..b80c140e
--- /dev/null
+++ b/puppet/modules/nagios/manifests/service/http.pp
@@ -0,0 +1,54 @@
+# ssl_mode:
+# - false: only check http
+# - true: check http and https
+# - force: http is permanent redirect to https
+# - only: check only https
+define nagios::service::http(
+ $ensure = present,
+ $check_domain = 'absent',
+ $port = '80',
+ $check_url = '/',
+ $check_code = '200,301,302',
+ $use = 'generic-service',
+ $ssl_mode = false
+){
+ $real_check_domain = $check_domain ? {
+ 'absent' => $name,
+ default => $check_domain
+ }
+ if is_hash($check_code) {
+ $check_code_hash = $check_code
+ } else {
+ $check_code_hash = {
+ http => $check_code,
+ https => $check_code,
+ }
+ }
+ case $ssl_mode {
+ 'force',true,'only': {
+ nagios::service{"https_${name}":
+ ensure => $ensure,
+ use => $use,
+ check_command => "check_https_url_regex!${real_check_domain}!${check_url}!'${check_code_hash[https]}'",
+ }
+ case $ssl_mode {
+ 'force': {
+ nagios::service{"http_${name}":
+ ensure => $ensure,
+ use => $use,
+ check_command => "check_http_url_regex!${real_check_domain}!${port}!${check_url}!'301'",
+ }
+ }
+ }
+ }
+ }
+ case $ssl_mode {
+ false,true: {
+ nagios::service{"http_${name}":
+ ensure => $ensure,
+ use => $use,
+ check_command => "check_http_url_regex!${real_check_domain}!${port}!${check_url}!'${check_code_hash[http]}'",
+ }
+ }
+ }
+}
diff --git a/puppet/modules/nagios/manifests/service/imap.pp b/puppet/modules/nagios/manifests/service/imap.pp
new file mode 100644
index 00000000..45b667ab
--- /dev/null
+++ b/puppet/modules/nagios/manifests/service/imap.pp
@@ -0,0 +1,34 @@
+# check an imap service
+define nagios::service::imap(
+ $ensure = 'present',
+ $host = 'absent',
+ $port = '143',
+ $tls = true,
+ $tls_port = '993'
+){
+
+ $real_host = $host ? {
+ 'absent' => $name,
+ default => $host
+ }
+
+ $tls_ensure = $tls ? {
+ true => $ensure,
+ default => 'absent'
+ }
+ nagios::service{
+ "imap_${name}_${port}":
+ ensure => $ensure;
+ "imaps_${name}_${tls_port}":
+ ensure => $tls_ensure;
+ }
+
+ if $ensure != 'absent' {
+ Nagios::Service["imap_${name}_${port}"]{
+ check_command => "check_imap!${real_host}!${port}",
+ }
+ Nagios::Service["imaps_${name}_${tls_port}"]{
+ check_command => "check_imap_ssl!${real_host}!${tls_port}",
+ }
+ }
+}
diff --git a/puppet/modules/nagios/manifests/service/imap_login.pp b/puppet/modules/nagios/manifests/service/imap_login.pp
new file mode 100644
index 00000000..25303a3f
--- /dev/null
+++ b/puppet/modules/nagios/manifests/service/imap_login.pp
@@ -0,0 +1,22 @@
+# a imap login check
+define nagios::service::imap_login(
+ $username,
+ $password,
+ $warning = 5,
+ $critical = 10,
+ $host = $::fqdn,
+ $host_name = $::fqdn,
+ $ensure = 'present',
+){
+ nagios::service{
+ "imap_login_${name}":
+ ensure => $ensure;
+ }
+
+ if $ensure != 'absent' {
+ Nagios::Service["imap_login_${name}"]{
+ check_command => "check_imap_login!${host}!${username}!${password}!${warning}!${critical}",
+ host_name => $host_name,
+ }
+ }
+}
diff --git a/puppet/modules/nagios/manifests/service/mysql.pp b/puppet/modules/nagios/manifests/service/mysql.pp
new file mode 100644
index 00000000..9559b17c
--- /dev/null
+++ b/puppet/modules/nagios/manifests/service/mysql.pp
@@ -0,0 +1,58 @@
+# Checks a mysql instance via tcp or socket
+define nagios::service::mysql(
+ $ensure = present,
+ $check_host = 'absent',
+ $check_port = '3306',
+ $check_username = 'nagios',
+ $check_password,
+ $check_database = 'information_schema',
+ $check_warning = undef,
+ $check_critical = undef,
+ $check_health_mode = $name,
+ $check_name = undef,
+ $check_name2 = undef,
+ $check_regexp = undef,
+ $check_units = undef,
+ $check_mode = 'tcp' )
+{
+
+ if ($check_host == 'absent') {
+ fail("Please specify a hostname, ip address or socket to check a mysql instance.")
+ }
+
+ if $check_name != undef {
+ $real_check_name = "!--name $check_name"
+ }
+
+ if $check_warning != undef {
+ $real_check_warning = "!--warning $check_warning"
+ }
+
+ if $check_critical != undef {
+ $real_check_critical = "!--critical $check_critical"
+ }
+
+ case $check_mode {
+ 'tcp': {
+ if ($check_host == 'localhost') {
+ $real_check_host = '127.0.0.1'
+ }
+ else {
+ $real_check_host = $check_host
+ }
+ }
+ default: {
+ if ($check_host == '127.0.0.1') {
+ $real_check_host = 'localhost'
+ }
+ else {
+ $real_check_host = $check_host
+ }
+ }
+ }
+
+ nagios::service { "mysql_health_${name}":
+ ensure => $ensure,
+ check_command => "check_mysql_health!${real_check_host}!${check_port}!${check_username}!'${check_password}'!${check_health_mode}!${check_database}${real_check_name}${real_check_warning}${real_check_critical}",
+ }
+}
diff --git a/puppet/modules/nagios/manifests/service/ntp.pp b/puppet/modules/nagios/manifests/service/ntp.pp
new file mode 100644
index 00000000..b3cde2ab
--- /dev/null
+++ b/puppet/modules/nagios/manifests/service/ntp.pp
@@ -0,0 +1,9 @@
+# manifests/service/ntp.pp
+
+class nagios::service::ntp {
+ nagios::service{ "check_ntp":
+ check_command => "check_ntp_time",
+ host_name => $::fqdn,
+ }
+}
+
diff --git a/puppet/modules/nagios/manifests/service/passive.pp b/puppet/modules/nagios/manifests/service/passive.pp
new file mode 100644
index 00000000..f3df1e8b
--- /dev/null
+++ b/puppet/modules/nagios/manifests/service/passive.pp
@@ -0,0 +1,18 @@
+define nagios::service::passive(
+ $ensure = present,
+ $notification_interval = '',
+ $notification_period = '',
+ $notification_options = '',
+ $contact_groups = ''
+) {
+
+ nagios::service { $name:
+ use => 'passive-service',
+ check_command => 'check_dummy!0',
+ notification_interval => $notification_interval,
+ notification_period => $notification_period,
+ notification_options => $notification_options,
+ contact_groups => $contact_groups,
+ }
+
+}
diff --git a/puppet/modules/nagios/manifests/service/ping.pp b/puppet/modules/nagios/manifests/service/ping.pp
new file mode 100644
index 00000000..f1c8d878
--- /dev/null
+++ b/puppet/modules/nagios/manifests/service/ping.pp
@@ -0,0 +1,9 @@
+define nagios::service::ping(
+ $ensure = present,
+ $ping_rate = '!100.0,20%!500.0,60%'
+){
+ nagios::service{ "check_ping":
+ ensure => $ensure,
+ check_command => "check_ping${ping_rate}",
+ }
+}
diff --git a/puppet/modules/nagios/manifests/service/pop.pp b/puppet/modules/nagios/manifests/service/pop.pp
new file mode 100644
index 00000000..9ec4aec1
--- /dev/null
+++ b/puppet/modules/nagios/manifests/service/pop.pp
@@ -0,0 +1,32 @@
+define nagios::service::pop(
+ $ensure = 'present',
+ $host = 'absent',
+ $port = '110',
+ $tls = true,
+ $tls_port = '995'
+){
+
+ $real_host = $host ? {
+ 'absent' => $name,
+ default => $host
+ }
+
+ nagios::service{
+ "pop_${name}_${port}":
+ ensure => $ensure;
+ "pops_${name}_${tls_port}":
+ ensure => $tls ? {
+ true => $ensure,
+ default => 'absent'
+ };
+ }
+
+ if $ensure != 'absent' {
+ Nagios::Service["pop_${name}_${port}"]{
+ check_command => "check_pop3!${real_host}!${port}",
+ }
+ Nagios::Service["pops_${name}_${tls_port}"]{
+ check_command => "check_pop3_ssl!${real_host}!${tls_port}",
+ }
+ }
+}
diff --git a/puppet/modules/nagios/manifests/service/pop3_login.pp b/puppet/modules/nagios/manifests/service/pop3_login.pp
new file mode 100644
index 00000000..74535289
--- /dev/null
+++ b/puppet/modules/nagios/manifests/service/pop3_login.pp
@@ -0,0 +1,22 @@
+# a pop3 login check
+define nagios::service::pop3_login(
+ $username,
+ $password,
+ $warning = 5,
+ $critical = 10,
+ $host = $::fqdn,
+ $host_name = $::fqdn,
+ $ensure = 'present',
+){
+ nagios::service{
+ "pop3_login_${name}":
+ ensure => $ensure;
+ }
+
+ if $ensure != 'absent' {
+ Nagios::Service["pop3_login_${name}"]{
+ check_command => "check_pop3_login!${host}!${username}!${password}!${warning}!${critical}",
+ host_name => $host_name,
+ }
+ }
+}
diff --git a/puppet/modules/nagios/manifests/service/smtp.pp b/puppet/modules/nagios/manifests/service/smtp.pp
new file mode 100644
index 00000000..14237a9e
--- /dev/null
+++ b/puppet/modules/nagios/manifests/service/smtp.pp
@@ -0,0 +1,50 @@
+# true:
+# - true : check tls and plain connect *defualt*
+# - false : check plain connection only
+# cert_days:
+# If tls is used add an additionl check
+# to check for validity for cert.
+# - 'absent' : do not execute that check
+# - INTEGER : Minimum number of days a certificate
+# has to be valid. Default: 10
+define nagios::service::smtp(
+ $ensure = 'present',
+ $host = 'absent',
+ $port = '25',
+ $tls = true,
+ $cert_days = 10
+){
+ $real_host = $host ? {
+ 'absent' => $name,
+ default => $host
+ }
+
+ nagios::service{
+ "smtp_${name}_${port}":
+ ensure => $ensure;
+ "smtp_tls_${name}_${port}":
+ ensure => $tls ? {
+ true => $ensure,
+ default => 'absent'
+ };
+ "smtp_tls_cert_${name}_${port}":
+ ensure => $cert_days ? {
+ 'absent' => 'absent',
+ default => $ensure
+ };
+ }
+
+ if $ensure != 'absent' {
+ Nagios::Service["smtp_${name}_${port}"]{
+ check_command => "check_smtp!${real_host}!${port}",
+ }
+ Nagios::Service["smtp_tls_${name}_${port}"]{
+ check_command => "check_smtp_tls!${real_host}!${port}",
+ }
+ if $cert_days != 'absent' {
+ Nagios::Service["smtp_tls_cert_${name}_${port}"]{
+ check_command => "check_smtp_cert!${real_host}!${port}!${cert_days}",
+ }
+ }
+ }
+}
diff --git a/puppet/modules/nagios/manifests/service/ssmtp.pp b/puppet/modules/nagios/manifests/service/ssmtp.pp
new file mode 100644
index 00000000..b05678a6
--- /dev/null
+++ b/puppet/modules/nagios/manifests/service/ssmtp.pp
@@ -0,0 +1,32 @@
+define nagios::service::ssmtp(
+ $ensure = 'present',
+ $host = 'absent',
+ $port = '465',
+ $cert_days = 10
+){
+ $real_host = $host ? {
+ 'absent' => $name,
+ default => $host
+ }
+
+ nagios::service{
+ "ssmtp_${name}_${port}":
+ ensure => $ensure;
+ "ssmtp_cert_${name}_${port}":
+ ensure => $cert_days ? {
+ 'absent' => 'absent',
+ default => $ensure
+ };
+ }
+
+ if $ensure != 'absent' {
+ Nagios::Service["ssmtp_${name}_${port}"]{
+ check_command => "check_ssmtp!${real_host}!${port}",
+ }
+ if $cert_days != 'absent' {
+ Nagios::Service["ssmtp_cert_${name}_${port}"]{
+ check_command => "check_ssmtp_cert!${real_host}!${port}!${cert_days}",
+ }
+ }
+ }
+}
diff --git a/puppet/modules/nagios/manifests/storeconfigs.pp b/puppet/modules/nagios/manifests/storeconfigs.pp
new file mode 100644
index 00000000..96c30dd5
--- /dev/null
+++ b/puppet/modules/nagios/manifests/storeconfigs.pp
@@ -0,0 +1,61 @@
+# collect exported resources when using 'storeconfigs => true'
+class nagios::storeconfigs {
+
+ Nagios_command <<||>>
+ Nagios_contactgroup <<||>>
+ Nagios_contact <<||>>
+ Nagios_hostdependency <<||>>
+ Nagios_hostescalation <<||>>
+ Nagios_hostextinfo <<||>>
+ Nagios_hostgroup <<||>>
+ Nagios_host <<||>>
+ Nagios_servicedependency <<||>>
+ Nagios_serviceescalation <<||>>
+ Nagios_servicegroup <<||>>
+ Nagios_serviceextinfo <<||>>
+ Nagios_service <<||>>
+ Nagios_timeperiod <<||>>
+
+ Nagios_command <||> {
+ notify => Service['nagios'],
+ }
+ Nagios_contact <||> {
+ notify => Service['nagios'],
+ }
+ Nagios_contactgroup <||> {
+ notify => Service['nagios'],
+ }
+ Nagios_host <||> {
+ notify => Service['nagios'],
+ }
+ Nagios_hostdependency <||> {
+ notify => Service['nagios'],
+ }
+ Nagios_hostescalation <||> {
+ notify => Service['nagios'],
+ }
+ Nagios_hostextinfo <||> {
+ notify => Service['nagios'],
+ }
+ Nagios_hostgroup <||> {
+ notify => Service['nagios'],
+ }
+ Nagios_service <||> {
+ notify => Service['nagios'],
+ }
+ Nagios_servicegroup <||> {
+ notify => Service['nagios'],
+ }
+ Nagios_servicedependency <||> {
+ notify => Service['nagios'],
+ }
+ Nagios_serviceescalation <||> {
+ notify => Service['nagios'],
+ }
+ Nagios_serviceextinfo <||> {
+ notify => Service['nagios'],
+ }
+ Nagios_timeperiod <||> {
+ notify => Service['nagios'],
+ }
+}
diff --git a/puppet/modules/nagios/manifests/stored_config.pp b/puppet/modules/nagios/manifests/stored_config.pp
new file mode 100644
index 00000000..5afda04f
--- /dev/null
+++ b/puppet/modules/nagios/manifests/stored_config.pp
@@ -0,0 +1,19 @@
+class nagios::stored_config {
+ # collect exported resources
+
+ Nagios_command <<||>>
+ Nagios_contactgroup <<||>>
+ Nagios_contact <<||>>
+ Nagios_hostdependency <<||>>
+ Nagios_hostescalation <<||>>
+ Nagios_hostextinfo <<||>>
+ Nagios_hostgroup <<||>>
+ Nagios_host <<||>>
+ Nagios_servicedependency <<||>>
+ Nagios_serviceescalation <<||>>
+ Nagios_servicegroup <<||>>
+ Nagios_serviceextinfo <<||>>
+ Nagios_service <<||>>
+ Nagios_timeperiod <<||>>
+
+}
diff --git a/puppet/modules/nagios/manifests/target.pp b/puppet/modules/nagios/manifests/target.pp
new file mode 100644
index 00000000..760d7d47
--- /dev/null
+++ b/puppet/modules/nagios/manifests/target.pp
@@ -0,0 +1,32 @@
+# a simple nagios target to monitor
+class nagios::target(
+ $parents = 'absent',
+ $address = $::ipaddress,
+ $nagios_alias = false,
+ $hostgroups = 'absent',
+ $use = 'generic-host',
+){
+ @@nagios_host { $::fqdn:
+ address => $address,
+ use => $use,
+ }
+ # Watch out with using aliases: they need to be unique throughout *all*
+ # resources in a given host's catalogue.
+ if $nagios_alias {
+ Nagios_host[$::fqdn]{
+ alias => $nagios_alias
+ }
+ }
+
+ if ($parents != 'absent') {
+ Nagios_host[$::fqdn]{
+ parents => $parents
+ }
+ }
+
+ if ($hostgroups != 'absent') {
+ Nagios_host[$::fqdn]{
+ hostgroups => $hostgroups
+ }
+ }
+}
diff --git a/puppet/modules/nagios/manifests/target/fqdn.pp b/puppet/modules/nagios/manifests/target/fqdn.pp
new file mode 100644
index 00000000..31fc4b71
--- /dev/null
+++ b/puppet/modules/nagios/manifests/target/fqdn.pp
@@ -0,0 +1,12 @@
+# monitor a host by fqdn
+class nagios::target::fqdn(
+ $address = $::fqdn,
+ $hostgroups = 'absent',
+ $parents = 'absent'
+) {
+ class{'nagios::target':
+ address => $address,
+ hostgroups => $hostgroups,
+ parents => $parents
+ }
+}