summaryrefslogtreecommitdiff
path: root/puppet/modules/site_nagios/manifests
diff options
context:
space:
mode:
Diffstat (limited to 'puppet/modules/site_nagios/manifests')
-rw-r--r--puppet/modules/site_nagios/manifests/add_host.pp31
-rw-r--r--puppet/modules/site_nagios/manifests/add_host_services.pp28
-rw-r--r--puppet/modules/site_nagios/manifests/add_service.pp26
-rw-r--r--puppet/modules/site_nagios/manifests/init.pp2
-rw-r--r--puppet/modules/site_nagios/manifests/server.pp40
-rw-r--r--puppet/modules/site_nagios/manifests/server/apache.pp7
-rw-r--r--puppet/modules/site_nagios/manifests/server/purge.pp20
7 files changed, 96 insertions, 58 deletions
diff --git a/puppet/modules/site_nagios/manifests/add_host.pp b/puppet/modules/site_nagios/manifests/add_host.pp
deleted file mode 100644
index 498552b5..00000000
--- a/puppet/modules/site_nagios/manifests/add_host.pp
+++ /dev/null
@@ -1,31 +0,0 @@
-define site_nagios::add_host {
- $nagios_host = $name
- $nagios_hostname = $name['domain_internal']
- $nagios_ip = $name['ip_address']
- $nagios_services = $name['services']
- $nagios_openvpn_gw = $name['openvpn_gateway_address']
-
- # Add Nagios host
- nagios_host { $nagios_hostname:
- address => $nagios_ip,
- use => 'generic-host',
- }
-
- # Add Nagios service
-
- # First, we need to turn the serice array into hash, using a "hash template"
- # see https://github.com/ashak/puppet-resource-looping
- $nagios_service_hashpart = {
- 'hostname' => $nagios_hostname,
- 'ip_address' => $nagios_ip,
- 'openvpn_gw' => $nagios_openvpn_gw,
- }
- $dynamic_parameters = {
- 'service' => '%s'
- }
- $nagios_servicename = "${nagios_hostname}_%s"
-
- $nagios_service_hash = create_resources_hash_from($nagios_servicename, $nagios_services, $nagios_service_hashpart, $dynamic_parameters)
-
- create_resources ( site_nagios::add_service, $nagios_service_hash )
-}
diff --git a/puppet/modules/site_nagios/manifests/add_host_services.pp b/puppet/modules/site_nagios/manifests/add_host_services.pp
new file mode 100644
index 00000000..279809d1
--- /dev/null
+++ b/puppet/modules/site_nagios/manifests/add_host_services.pp
@@ -0,0 +1,28 @@
+define site_nagios::add_host_services (
+ $domain_full_suffix,
+ $domain_internal,
+ $ip_address,
+ $services,
+ $ssh_port,
+ $openvpn_gateway_address='' ) {
+
+ $nagios_hostname = $domain_internal
+
+ # Add Nagios service
+
+ # First, we need to turn the serice array into hash, using a "hash template"
+ # see https://github.com/ashak/puppet-resource-looping
+ $nagios_service_hashpart = {
+ 'hostname' => $nagios_hostname,
+ 'ip_address' => $ip_address,
+ 'openvpn_gw' => $openvpn_gateway_address,
+ }
+ $dynamic_parameters = {
+ 'service' => '%s'
+ }
+ $nagios_servicename = "${nagios_hostname}_%s"
+
+ $nagios_service_hash = create_resources_hash_from($nagios_servicename, $services, $nagios_service_hashpart, $dynamic_parameters)
+
+ create_resources ( site_nagios::add_service, $nagios_service_hash )
+}
diff --git a/puppet/modules/site_nagios/manifests/add_service.pp b/puppet/modules/site_nagios/manifests/add_service.pp
index 6ef3cbf5..8d2a310b 100644
--- a/puppet/modules/site_nagios/manifests/add_service.pp
+++ b/puppet/modules/site_nagios/manifests/add_service.pp
@@ -3,19 +3,19 @@ define site_nagios::add_service (
case $service {
'webapp': {
- $check_command = 'check_https_cert'
- $service_description = 'Website Certificate'
+ nagios_service {
+ "${name}_cert":
+ use => 'generic-service',
+ check_command => 'check_https_cert',
+ service_description => 'Website Certificate',
+ host_name => $hostname;
+ "${name}_website":
+ use => 'generic-service',
+ check_command => 'check_https',
+ service_description => 'Website',
+ host_name => $hostname
+ }
}
- default: {
- #notice ("No Nagios service check for service \"$service\"")
- }
- }
-
- if ( $check_command != '' ) {
- nagios_service { $name:
- use => 'generic-service',
- check_command => $check_command,
- service_description => $service_description,
- host_name => $hostname }
+ default: {}
}
}
diff --git a/puppet/modules/site_nagios/manifests/init.pp b/puppet/modules/site_nagios/manifests/init.pp
index cab32905..eb08cdcb 100644
--- a/puppet/modules/site_nagios/manifests/init.pp
+++ b/puppet/modules/site_nagios/manifests/init.pp
@@ -1,4 +1,6 @@
class site_nagios {
tag 'leap_service'
+ Class['site_config::default'] -> Class['site_nagios']
+
include site_nagios::server
}
diff --git a/puppet/modules/site_nagios/manifests/server.pp b/puppet/modules/site_nagios/manifests/server.pp
index c114a39a..85443917 100644
--- a/puppet/modules/site_nagios/manifests/server.pp
+++ b/puppet/modules/site_nagios/manifests/server.pp
@@ -1,26 +1,34 @@
class site_nagios::server inherits nagios::base {
# First, purge old nagios config (see #1467)
- class { 'site_nagios::server::purge':
- stage => setup
- }
+ class { 'site_nagios::server::purge': }
- $nagios_hiera=hiera('nagios')
+ $nagios_hiera = hiera('nagios')
$nagiosadmin_pw = htpasswd_sha1($nagios_hiera['nagiosadmin_pw'])
- $hosts = $nagios_hiera['hosts']
+ $nagios_hosts = $nagios_hiera['hosts']
include nagios::defaults
include nagios::base
- #Class ['nagios'] -> Class ['nagios::defaults']
- class {'nagios::apache':
+ class {'nagios':
+ # don't manage apache class from nagios, cause we already include
+ # it in site_apache::common
+ httpd => 'absent',
allow_external_cmd => true,
stored_config => false,
- #before => Class ['nagios::defaults']
}
+ file { '/etc/apache2/conf.d/nagios3.conf':
+ ensure => link,
+ target => '/usr/share/doc/nagios3-common/examples/apache2.conf',
+ notify => Service['apache']
+ }
+
+ include site_apache::common
+ include site_apache::module::headers
+
File ['nagios_htpasswd'] {
source => undef,
- content => "nagiosadmin:$nagiosadmin_pw",
+ content => "nagiosadmin:${nagiosadmin_pw}",
mode => '0640',
}
@@ -33,6 +41,18 @@ class site_nagios::server inherits nagios::base {
group => 'nagios',
}
- site_nagios::add_host {$hosts:}
+ create_resources ( site_nagios::add_host_services, $nagios_hosts )
+
+ include site_nagios::server::apache
+ include site_check_mk::server
include site_shorewall::monitor
+
+ augeas {
+ 'logrotate_nagios':
+ context => '/files/etc/logrotate.d/nagios/rule',
+ changes => [ 'set file /var/log/nagios3/nagios.log', 'set rotate 7',
+ 'set schedule daily', 'set compress compress',
+ 'set missingok missingok', 'set ifempty notifempty',
+ 'set copytruncate copytruncate' ]
+ }
}
diff --git a/puppet/modules/site_nagios/manifests/server/apache.pp b/puppet/modules/site_nagios/manifests/server/apache.pp
new file mode 100644
index 00000000..8dbc7e9b
--- /dev/null
+++ b/puppet/modules/site_nagios/manifests/server/apache.pp
@@ -0,0 +1,7 @@
+class site_nagios::server::apache {
+ include x509::variables
+ include site_config::x509::commercial::cert
+ include site_config::x509::commercial::key
+ include site_config::x509::commercial::ca
+
+}
diff --git a/puppet/modules/site_nagios/manifests/server/purge.pp b/puppet/modules/site_nagios/manifests/server/purge.pp
index 39735cd3..6815a703 100644
--- a/puppet/modules/site_nagios/manifests/server/purge.pp
+++ b/puppet/modules/site_nagios/manifests/server/purge.pp
@@ -1,7 +1,19 @@
-class site_nagios::server::purge {
- exec {'purge_conf.d':
- command => '/bin/rm -rf /etc/nagios3/conf.d/*',
- onlyif => 'test -e /etc/nagios3/conf.d'
+class site_nagios::server::purge inherits nagios::base {
+ # we don't want to get /etc/nagios3 and /etc/nagios3/conf.d
+ # purged, cause the check-mk-config-nagios3 package
+ # places its templates in /etc/nagios3/conf.d/check_mk,
+ # and check_mk -O updated it's nagios config in /etc/nagios3/conf.d/check_mk
+ File['nagios_cfgdir'] {
+ purge => false
+ }
+ File['nagios_confd'] {
+ purge => false
}
+ # only purge files in the /etc/nagios3/conf.d/ dir, not in any subdir
+ exec {'purge_conf.d':
+ command => '/usr/bin/find /etc/nagios3/conf.d/ -maxdepth 1 -type f -exec rm {} \;',
+ onlyif => '/usr/bin/find /etc/nagios3/conf.d/ -maxdepth 1 -type f | grep -q "/etc/nagios3/conf.d"',
+ require => Package['nagios']
+ }
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-03 03:56:37 +0000