summaryrefslogtreecommitdiff
path: root/puppet/modules
diff options
context:
space:
mode:
Diffstat (limited to 'puppet/modules')
-rw-r--r--puppet/modules/nagios/.gitrepo11
-rw-r--r--puppet/modules/nagios/LICENSE674
-rw-r--r--puppet/modules/nagios/README305
-rw-r--r--puppet/modules/nagios/README.pnp4nagios65
-rw-r--r--puppet/modules/nagios/files/configs/CentOS/cgi.cfg280
-rw-r--r--puppet/modules/nagios/files/configs/CentOS/nagios.cfg949
-rw-r--r--puppet/modules/nagios/files/configs/CentOS/private/resource.cfg.i38634
-rw-r--r--puppet/modules/nagios/files/configs/CentOS/private/resource.cfg.x86_6434
-rw-r--r--puppet/modules/nagios/files/configs/Debian/cgi.cfg330
-rw-r--r--puppet/modules/nagios/files/configs/Debian/nagios.cfg1288
-rw-r--r--puppet/modules/nagios/files/configs/Debian/private/resource.cfg.amd6431
-rw-r--r--puppet/modules/nagios/files/configs/Debian/private/resource.cfg.i38631
-rw-r--r--puppet/modules/nagios/files/configs/Debian/private/resource.cfg.x86_6431
-rw-r--r--puppet/modules/nagios/files/configs/apache2.conf67
l---------puppet/modules/nagios/files/configs/cgi.cfg1
l---------puppet/modules/nagios/files/configs/nagios.cfg1
-rw-r--r--puppet/modules/nagios/files/configs/nagios_templates.cfg49
-rw-r--r--puppet/modules/nagios/files/htpasswd.users0
-rw-r--r--puppet/modules/nagios/files/irc_bot/riseup-nagios-client.pl72
-rw-r--r--puppet/modules/nagios/files/irc_bot/riseup-nagios-server.pl239
-rw-r--r--puppet/modules/nagios/files/munin/nagios_hosts32
-rw-r--r--puppet/modules/nagios/files/munin/nagios_perf38
-rw-r--r--puppet/modules/nagios/files/munin/nagios_svc37
-rw-r--r--puppet/modules/nagios/files/nrpe/nrpe_commands.cfg5
-rw-r--r--puppet/modules/nagios/files/nsca/nsca.cfg197
-rw-r--r--puppet/modules/nagios/files/nsca/send_nsca.cfg65
-rw-r--r--puppet/modules/nagios/files/plugin_data/sks-keyservers.netCA.pem32
-rw-r--r--puppet/modules/nagios/files/plugins/check_dns2102
-rw-r--r--puppet/modules/nagios/files/plugins/check_dnsbl107
-rw-r--r--puppet/modules/nagios/files/plugins/check_gpg115
-rw-r--r--puppet/modules/nagios/files/plugins/check_horde_login94
-rw-r--r--puppet/modules/nagios/files/plugins/check_imap_login80
-rw-r--r--puppet/modules/nagios/files/plugins/check_jabber_login30
-rwxr-xr-xpuppet/modules/nagios/files/plugins/check_mysql_health3780
-rwxr-xr-xpuppet/modules/nagios/files/plugins/check_openvpn_server.pl109
-rw-r--r--puppet/modules/nagios/files/plugins/check_pop3_login83
-rw-r--r--puppet/modules/nagios/files/pnp4nagios/action.gifbin0 -> 1536 bytes
-rw-r--r--puppet/modules/nagios/files/pnp4nagios/apache.conf31
-rw-r--r--puppet/modules/nagios/files/pnp4nagios/npcd8
-rw-r--r--puppet/modules/nagios/files/pnp4nagios/pnp4nagios-popup-templates.cfg31
-rw-r--r--puppet/modules/nagios/files/pnp4nagios/pnp4nagios-templates.cfg33
-rw-r--r--puppet/modules/nagios/files/pnp4nagios/status-header.ssi8
-rw-r--r--puppet/modules/nagios/images/nagiosgraph.gifbin0 -> 1252 bytes
-rw-r--r--puppet/modules/nagios/manifests/apache.pp15
-rw-r--r--puppet/modules/nagios/manifests/base.pp144
-rw-r--r--puppet/modules/nagios/manifests/centos.pp42
-rw-r--r--puppet/modules/nagios/manifests/command/imap_pop3.pp30
-rw-r--r--puppet/modules/nagios/manifests/command/nrpe.pp14
-rw-r--r--puppet/modules/nagios/manifests/command/nrpe_timeout.pp11
-rw-r--r--puppet/modules/nagios/manifests/command/smtp.pp22
-rw-r--r--puppet/modules/nagios/manifests/debian.pp54
-rw-r--r--puppet/modules/nagios/manifests/debian/apache.pp22
-rw-r--r--puppet/modules/nagios/manifests/defaults.pp12
-rw-r--r--puppet/modules/nagios/manifests/defaults/commands.pp145
-rw-r--r--puppet/modules/nagios/manifests/defaults/contactgroups.pp9
-rw-r--r--puppet/modules/nagios/manifests/defaults/contacts.pp15
-rw-r--r--puppet/modules/nagios/manifests/defaults/host_templates.pp24
-rw-r--r--puppet/modules/nagios/manifests/defaults/hostgroups.pp11
-rw-r--r--puppet/modules/nagios/manifests/defaults/plugins.pp10
-rw-r--r--puppet/modules/nagios/manifests/defaults/pnp4nagios.pp14
-rw-r--r--puppet/modules/nagios/manifests/defaults/service_templates.pp32
-rw-r--r--puppet/modules/nagios/manifests/defaults/templates.pp17
-rw-r--r--puppet/modules/nagios/manifests/defaults/timeperiods.pp33
-rw-r--r--puppet/modules/nagios/manifests/defaults/vars.pp11
-rw-r--r--puppet/modules/nagios/manifests/headless.pp5
-rw-r--r--puppet/modules/nagios/manifests/init.pp56
-rw-r--r--puppet/modules/nagios/manifests/irc_bot.pp50
-rw-r--r--puppet/modules/nagios/manifests/irc_bot/base.pp41
-rw-r--r--puppet/modules/nagios/manifests/irc_bot/centos.pp9
-rw-r--r--puppet/modules/nagios/manifests/irc_bot/debian.pp8
-rw-r--r--puppet/modules/nagios/manifests/irc_bot/disable.pp8
-rw-r--r--puppet/modules/nagios/manifests/lighttpd.pp12
-rw-r--r--puppet/modules/nagios/manifests/munin.pp19
-rw-r--r--puppet/modules/nagios/manifests/nrpe.pp41
-rw-r--r--puppet/modules/nagios/manifests/nrpe/base.pp58
-rw-r--r--puppet/modules/nagios/manifests/nrpe/command.pp34
-rw-r--r--puppet/modules/nagios/manifests/nrpe/debian.pp6
-rw-r--r--puppet/modules/nagios/manifests/nrpe/freebsd.pp16
-rw-r--r--puppet/modules/nagios/manifests/nrpe/linux.pp9
-rw-r--r--puppet/modules/nagios/manifests/nrpe/xinetd.pp11
-rw-r--r--puppet/modules/nagios/manifests/nsca.pp3
-rw-r--r--puppet/modules/nagios/manifests/nsca/client.pp18
-rw-r--r--puppet/modules/nagios/manifests/nsca/server.pp24
-rw-r--r--puppet/modules/nagios/manifests/plugin.pp28
-rw-r--r--puppet/modules/nagios/manifests/plugin/deploy.pp41
-rw-r--r--puppet/modules/nagios/manifests/plugin/scriptpaths.pp6
-rw-r--r--puppet/modules/nagios/manifests/plugins/gpg.pp30
-rw-r--r--puppet/modules/nagios/manifests/plugins/horde_login.pp11
-rw-r--r--puppet/modules/nagios/manifests/plugins/jabber.pp10
-rw-r--r--puppet/modules/nagios/manifests/plugins/mail_login.pp10
-rw-r--r--puppet/modules/nagios/manifests/pnp4nagios.pp68
-rw-r--r--puppet/modules/nagios/manifests/pnp4nagios/popup.pp24
-rw-r--r--puppet/modules/nagios/manifests/service.pp91
-rw-r--r--puppet/modules/nagios/manifests/service/dns.pp19
-rw-r--r--puppet/modules/nagios/manifests/service/dns_host.pp22
-rw-r--r--puppet/modules/nagios/manifests/service/gpgkey.pp49
-rw-r--r--puppet/modules/nagios/manifests/service/horde_login.pp18
-rw-r--r--puppet/modules/nagios/manifests/service/http.pp54
-rw-r--r--puppet/modules/nagios/manifests/service/imap.pp34
-rw-r--r--puppet/modules/nagios/manifests/service/imap_login.pp22
-rw-r--r--puppet/modules/nagios/manifests/service/mysql.pp58
-rw-r--r--puppet/modules/nagios/manifests/service/ntp.pp9
-rw-r--r--puppet/modules/nagios/manifests/service/passive.pp18
-rw-r--r--puppet/modules/nagios/manifests/service/ping.pp9
-rw-r--r--puppet/modules/nagios/manifests/service/pop.pp32
-rw-r--r--puppet/modules/nagios/manifests/service/pop3_login.pp22
-rw-r--r--puppet/modules/nagios/manifests/service/smtp.pp50
-rw-r--r--puppet/modules/nagios/manifests/service/ssmtp.pp32
-rw-r--r--puppet/modules/nagios/manifests/storeconfigs.pp61
-rw-r--r--puppet/modules/nagios/manifests/stored_config.pp19
-rw-r--r--puppet/modules/nagios/manifests/target.pp32
-rw-r--r--puppet/modules/nagios/manifests/target/fqdn.pp12
-rw-r--r--puppet/modules/nagios/templates/irc_bot/CentOS/nagios-nsa.sh.erb104
-rw-r--r--puppet/modules/nagios/templates/irc_bot/Debian/nagios-nsa.sh.erb72
-rw-r--r--puppet/modules/nagios/templates/irc_bot/nsa.cfg.erb15
-rw-r--r--puppet/modules/nagios/templates/nrpe/nrpe.cfg203
-rw-r--r--puppet/modules/nagios/templates/nrpe/nrpe_command.erb2
117 files changed, 11911 insertions, 0 deletions
diff --git a/puppet/modules/nagios/.gitrepo b/puppet/modules/nagios/.gitrepo
new file mode 100644
index 00000000..b832fa2a
--- /dev/null
+++ b/puppet/modules/nagios/.gitrepo
@@ -0,0 +1,11 @@
+; DO NOT EDIT (unless you know what you are doing)
+;
+; This subdirectory is a git "subrepo", and this file is maintained by the
+; git-subrepo command. See https://github.com/git-commands/git-subrepo#readme
+;
+[subrepo]
+ remote = https://leap.se/git/puppet_nagios
+ branch = master
+ commit = e6fee3c731f68ccf8b6add8ada2162c7ad2b8407
+ parent = f5775156d8d8800247b8917ab6212c7eed16a124
+ cmdver = 0.3.0
diff --git a/puppet/modules/nagios/LICENSE b/puppet/modules/nagios/LICENSE
new file mode 100644
index 00000000..94a9ed02
--- /dev/null
+++ b/puppet/modules/nagios/LICENSE
@@ -0,0 +1,674 @@
+ GNU GENERAL PUBLIC LICENSE
+ Version 3, 29 June 2007
+
+ Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+ Preamble
+
+ The GNU General Public License is a free, copyleft license for
+software and other kinds of works.
+
+ The licenses for most software and other practical works are designed
+to take away your freedom to share and change the works. By contrast,
+the GNU General Public License is intended to guarantee your freedom to
+share and change all versions of a program--to make sure it remains free
+software for all its users. We, the Free Software Foundation, use the
+GNU General Public License for most of our software; it applies also to
+any other work released this way by its authors. You can apply it to
+your programs, too.
+
+ When we speak of free software, we are referring to freedom, not
+price. Our General Public Licenses are designed to make sure that you
+have the freedom to distribute copies of free software (and charge for
+them if you wish), that you receive source code or can get it if you
+want it, that you can change the software or use pieces of it in new
+free programs, and that you know you can do these things.
+
+ To protect your rights, we need to prevent others from denying you
+these rights or asking you to surrender the rights. Therefore, you have
+certain responsibilities if you distribute copies of the software, or if
+you modify it: responsibilities to respect the freedom of others.
+
+ For example, if you distribute copies of such a program, whether
+gratis or for a fee, you must pass on to the recipients the same
+freedoms that you received. You must make sure that they, too, receive
+or can get the source code. And you must show them these terms so they
+know their rights.
+
+ Developers that use the GNU GPL protect your rights with two steps:
+(1) assert copyright on the software, and (2) offer you this License
+giving you legal permission to copy, distribute and/or modify it.
+
+ For the developers' and authors' protection, the GPL clearly explains
+that there is no warranty for this free software. For both users' and
+authors' sake, the GPL requires that modified versions be marked as
+changed, so that their problems will not be attributed erroneously to
+authors of previous versions.
+
+ Some devices are designed to deny users access to install or run
+modified versions of the software inside them, although the manufacturer
+can do so. This is fundamentally incompatible with the aim of
+protecting users' freedom to change the software. The systematic
+pattern of such abuse occurs in the area of products for individuals to
+use, which is precisely where it is most unacceptable. Therefore, we
+have designed this version of the GPL to prohibit the practice for those
+products. If such problems arise substantially in other domains, we
+stand ready to extend this provision to those domains in future versions
+of the GPL, as needed to protect the freedom of users.
+
+ Finally, every program is threatened constantly by software patents.
+States should not allow patents to restrict development and use of
+software on general-purpose computers, but in those that do, we wish to
+avoid the special danger that patents applied to a free program could
+make it effectively proprietary. To prevent this, the GPL assures that
+patents cannot be used to render the program non-free.
+
+ The precise terms and conditions for copying, distribution and
+modification follow.
+
+ TERMS AND CONDITIONS
+
+ 0. Definitions.
+
+ "This License" refers to version 3 of the GNU General Public License.
+
+ "Copyright" also means copyright-like laws that apply to other kinds of
+works, such as semiconductor masks.
+
+ "The Program" refers to any copyrightable work licensed under this
+License. Each licensee is addressed as "you". "Licensees" and
+"recipients" may be individuals or organizations.
+
+ To "modify" a work means to copy from or adapt all or part of the work
+in a fashion requiring copyright permission, other than the making of an
+exact copy. The resulting work is called a "modified version" of the
+earlier work or a work "based on" the earlier work.
+
+ A "covered work" means either the unmodified Program or a work based
+on the Program.
+
+ To "propagate" a work means to do anything with it that, without
+permission, would make you directly or secondarily liable for
+infringement under applicable copyright law, except executing it on a
+computer or modifying a private copy. Propagation includes copying,
+distribution (with or without modification), making available to the
+public, and in some countries other activities as well.
+
+ To "convey" a work means any kind of propagation that enables other
+parties to make or receive copies. Mere interaction with a user through
+a computer network, with no transfer of a copy, is not conveying.
+
+ An interactive user interface displays "Appropriate Legal Notices"
+to the extent that it includes a convenient and prominently visible
+feature that (1) displays an appropriate copyright notice, and (2)
+tells the user that there is no warranty for the work (except to the
+extent that warranties are provided), that licensees may convey the
+work under this License, and how to view a copy of this License. If
+the interface presents a list of user commands or options, such as a
+menu, a prominent item in the list meets this criterion.
+
+ 1. Source Code.
+
+ The "source code" for a work means the preferred form of the work
+for making modifications to it. "Object code" means any non-source
+form of a work.
+
+ A "Standard Interface" means an interface that either is an official
+standard defined by a recognized standards body, or, in the case of
+interfaces specified for a particular programming language, one that
+is widely used among developers working in that language.
+
+ The "System Libraries" of an executable work include anything, other
+than the work as a whole, that (a) is included in the normal form of
+packaging a Major Component, but which is not part of that Major
+Component, and (b) serves only to enable use of the work with that
+Major Component, or to implement a Standard Interface for which an
+implementation is available to the public in source code form. A
+"Major Component", in this context, means a major essential component
+(kernel, window system, and so on) of the specific operating system
+(if any) on which the executable work runs, or a compiler used to
+produce the work, or an object code interpreter used to run it.
+
+ The "Corresponding Source" for a work in object code form means all
+the source code needed to generate, install, and (for an executable
+work) run the object code and to modify the work, including scripts to
+control those activities. However, it does not include the work's
+System Libraries, or general-purpose tools or generally available free
+programs which are used unmodified in performing those activities but
+which are not part of the work. For example, Corresponding Source
+includes interface definition files associated with source files for
+the work, and the source code for shared libraries and dynamically
+linked subprograms that the work is specifically designed to require,
+such as by intimate data communication or control flow between those
+subprograms and other parts of the work.
+
+ The Corresponding Source need not include anything that users
+can regenerate automatically from other parts of the Corresponding
+Source.
+
+ The Corresponding Source for a work in source code form is that
+same work.
+
+ 2. Basic Permissions.
+
+ All rights granted under this License are granted for the term of
+copyright on the Program, and are irrevocable provided the stated
+conditions are met. This License explicitly affirms your unlimited
+permission to run the unmodified Program. The output from running a
+covered work is covered by this License only if the output, given its
+content, constitutes a covered work. This License acknowledges your
+rights of fair use or other equivalent, as provided by copyright law.
+
+ You may make, run and propagate covered works that you do not
+convey, without conditions so long as your license otherwise remains
+in force. You may convey covered works to others for the sole purpose
+of having them make modifications exclusively for you, or provide you
+with facilities for running those works, provided that you comply with
+the terms of this License in conveying all material for which you do
+not control copyright. Those thus making or running the covered works
+for you must do so exclusively on your behalf, under your direction
+and control, on terms that prohibit them from making any copies of
+your copyrighted material outside their relationship with you.
+
+ Conveying under any other circumstances is permitted solely under
+the conditions stated below. Sublicensing is not allowed; section 10
+makes it unnecessary.
+
+ 3. Protecting Users' Legal Rights From Anti-Circumvention Law.
+
+ No covered work shall be deemed part of an effective technological
+measure under any applicable law fulfilling obligations under article
+11 of the WIPO copyright treaty adopted on 20 December 1996, or
+similar laws prohibiting or restricting circumvention of such
+measures.
+
+ When you convey a covered work, you waive any legal power to forbid
+circumvention of technological measures to the extent such circumvention
+is effected by exercising rights under this License with respect to
+the covered work, and you disclaim any intention to limit operation or
+modification of the work as a means of enforcing, against the work's
+users, your or third parties' legal rights to forbid circumvention of
+technological measures.
+
+ 4. Conveying Verbatim Copies.
+
+ You may convey verbatim copies of the Program's source code as you
+receive it, in any medium, provided that you conspicuously and
+appropriately publish on each copy an appropriate copyright notice;
+keep intact all notices stating that this License and any
+non-permissive terms added in accord with section 7 apply to the code;
+keep intact all notices of the absence of any warranty; and give all
+recipients a copy of this License along with the Program.
+
+ You may charge any price or no price for each copy that you convey,
+and you may offer support or warranty protection for a fee.
+
+ 5. Conveying Modified Source Versions.
+
+ You may convey a work based on the Program, or the modifications to
+produce it from the Program, in the form of source code under the
+terms of section 4, provided that you also meet all of these conditions:
+
+ a) The work must carry prominent notices stating that you modified
+ it, and giving a relevant date.
+
+ b) The work must carry prominent notices stating that it is
+ released under this License and any conditions added under section
+ 7. This requirement modifies the requirement in section 4 to
+ "keep intact all notices".
+
+ c) You must license the entire work, as a whole, under this
+ License to anyone who comes into possession of a copy. This
+ License will therefore apply, along with any applicable section 7
+ additional terms, to the whole of the work, and all its parts,
+ regardless of how they are packaged. This License gives no
+ permission to license the work in any other way, but it does not
+ invalidate such permission if you have separately received it.
+
+ d) If the work has interactive user interfaces, each must display
+ Appropriate Legal Notices; however, if the Program has interactive
+ interfaces that do not display Appropriate Legal Notices, your
+ work need not make them do so.
+
+ A compilation of a covered work with other separate and independent
+works, which are not by their nature extensions of the covered work,
+and which are not combined with it such as to form a larger program,
+in or on a volume of a storage or distribution medium, is called an
+"aggregate" if the compilation and its resulting copyright are not
+used to limit the access or legal rights of the compilation's users
+beyond what the individual works permit. Inclusion of a covered work
+in an aggregate does not cause this License to apply to the other
+parts of the aggregate.
+
+ 6. Conveying Non-Source Forms.
+
+ You may convey a covered work in object code form under the terms
+of sections 4 and 5, provided that you also convey the
+machine-readable Corresponding Source under the terms of this License,
+in one of these ways:
+
+ a) Convey the object code in, or embodied in, a physical product
+ (including a physical distribution medium), accompanied by the
+ Corresponding Source fixed on a durable physical medium
+ customarily used for software interchange.
+
+ b) Convey the object code in, or embodied in, a physical product
+ (including a physical distribution medium), accompanied by a
+ written offer, valid for at least three years and valid for as
+ long as you offer spare parts or customer support for that product
+ model, to give anyone who possesses the object code either (1) a
+ copy of the Corresponding Source for all the software in the
+ product that is covered by this License, on a durable physical
+ medium customarily used for software interchange, for a price no
+ more than your reasonable cost of physically performing this
+ conveying of source, or (2) access to copy the
+ Corresponding Source from a network server at no charge.
+
+ c) Convey individual copies of the object code with a copy of the
+ written offer to provide the Corresponding Source. This
+ alternative is allowed only occasionally and noncommercially, and
+ only if you received the object code with such an offer, in accord
+ with subsection 6b.
+
+ d) Convey the object code by offering access from a designated
+ place (gratis or for a charge), and offer equivalent access to the
+ Corresponding Source in the same way through the same place at no
+ further charge. You need not require recipients to copy the
+ Corresponding Source along with the object code. If the place to
+ copy the object code is a network server, the Corresponding Source
+ may be on a different server (operated by you or a third party)
+ that supports equivalent copying facilities, provided you maintain
+ clear directions next to the object code saying where to find the
+ Corresponding Source. Regardless of what server hosts the
+ Corresponding Source, you remain obligated to ensure that it is
+ available for as long as needed to satisfy these requirements.
+
+ e) Convey the object code using peer-to-peer transmission, provided
+ you inform other peers where the object code and Corresponding
+ Source of the work are being offered to the general public at no
+ charge under subsection 6d.
+
+ A separable portion of the object code, whose source code is excluded
+from the Corresponding Source as a System Library, need not be
+included in conveying the object code work.
+
+ A "User Product" is either (1) a "consumer product", which means any
+tangible personal property which is normally used for personal, family,
+or household purposes, or (2) anything designed or sold for incorporation
+into a dwelling. In determining whether a product is a consumer product,
+doubtful cases shall be resolved in favor of coverage. For a particular
+product received by a particular user, "normally used" refers to a
+typical or common use of that class of product, regardless of the status
+of the particular user or of the way in which the particular user
+actually uses, or expects or is expected to use, the product. A product
+is a consumer product regardless of whether the product has substantial
+commercial, industrial or non-consumer uses, unless such uses represent
+the only significant mode of use of the product.
+
+ "Installation Information" for a User Product means any methods,
+procedures, authorization keys, or other information required to install
+and execute modified versions of a covered work in that User Product from
+a modified version of its Corresponding Source. The information must
+suffice to ensure that the continued functioning of the modified object
+code is in no case prevented or interfered with solely because
+modification has been made.
+
+ If you convey an object code work under this section in, or with, or
+specifically for use in, a User Product, and the conveying occurs as
+part of a transaction in which the right of possession and use of the
+User Product is transferred to the recipient in perpetuity or for a
+fixed term (regardless of how the transaction is characterized), the
+Corresponding Source conveyed under this section must be accompanied
+by the Installation Information. But this requirement does not apply
+if neither you nor any third party retains the ability to install
+modified object code on the User Product (for example, the work has
+been installed in ROM).
+
+ The requirement to provide Installation Information does not include a
+requirement to continue to provide support service, warranty, or updates
+for a work that has been modified or installed by the recipient, or for
+the User Product in which it has been modified or installed. Access to a
+network may be denied when the modification itself materially and
+adversely affects the operation of the network or violates the rules and
+protocols for communication across the network.
+
+ Corresponding Source conveyed, and Installation Information provided,
+in accord with this section must be in a format that is publicly
+documented (and with an implementation available to the public in
+source code form), and must require no special password or key for
+unpacking, reading or copying.
+
+ 7. Additional Terms.
+
+ "Additional permissions" are terms that supplement the terms of this
+License by making exceptions from one or more of its conditions.
+Additional permissions that are applicable to the entire Program shall
+be treated as though they were included in this License, to the extent
+that they are valid under applicable law. If additional permissions
+apply only to part of the Program, that part may be used separately
+under those permissions, but the entire Program remains governed by
+this License without regard to the additional permissions.
+
+ When you convey a copy of a covered work, you may at your option
+remove any additional permissions from that copy, or from any part of
+it. (Additional permissions may be written to require their own
+removal in certain cases when you modify the work.) You may place
+additional permissions on material, added by you to a covered work,
+for which you have or can give appropriate copyright permission.
+
+ Notwithstanding any other provision of this License, for material you
+add to a covered work, you may (if authorized by the copyright holders of
+that material) supplement the terms of this License with terms:
+
+ a) Disclaiming warranty or limiting liability differently from the
+ terms of sections 15 and 16 of this License; or
+
+ b) Requiring preservation of specified reasonable legal notices or
+ author attributions in that material or in the Appropriate Legal
+ Notices displayed by works containing it; or
+
+ c) Prohibiting misrepresentation of the origin of that material, or
+ requiring that modified versions of such material be marked in
+ reasonable ways as different from the original version; or
+
+ d) Limiting the use for publicity purposes of names of licensors or
+ authors of the material; or
+
+ e) Declining to grant rights under trademark law for use of some
+ trade names, trademarks, or service marks; or
+
+ f) Requiring indemnification of licensors and authors of that
+ material by anyone who conveys the material (or modified versions of
+ it) with contractual assumptions of liability to the recipient, for
+ any liability that these contractual assumptions directly impose on
+ those licensors and authors.
+
+ All other non-permissive additional terms are considered "further
+restrictions" within the meaning of section 10. If the Program as you
+received it, or any part of it, contains a notice stating that it is
+governed by this License along with a term that is a further
+restriction, you may remove that term. If a license document contains
+a further restriction but permits relicensing or conveying under this
+License, you may add to a covered work material governed by the terms
+of that license document, provided that the further restriction does
+not survive such relicensing or conveying.
+
+ If you add terms to a covered work in accord with this section, you
+must place, in the relevant source files, a statement of the
+additional terms that apply to those files, or a notice indicating
+where to find the applicable terms.
+
+ Additional terms, permissive or non-permissive, may be stated in the
+form of a separately written license, or stated as exceptions;
+the above requirements apply either way.
+
+ 8. Termination.
+
+ You may not propagate or modify a covered work except as expressly
+provided under this License. Any attempt otherwise to propagate or
+modify it is void, and will automatically terminate your rights under
+this License (including any patent licenses granted under the third
+paragraph of section 11).
+
+ However, if you cease all violation of this License, then your
+license from a particular copyright holder is reinstated (a)
+provisionally, unless and until the copyright holder explicitly and
+finally terminates your license, and (b) permanently, if the copyright
+holder fails to notify you of the violation by some reasonable means
+prior to 60 days after the cessation.
+
+ Moreover, your license from a particular copyright holder is
+reinstated permanently if the copyright holder notifies you of the
+violation by some reasonable means, this is the first time you have
+received notice of violation of this License (for any work) from that
+copyright holder, and you cure the violation prior to 30 days after
+your receipt of the notice.
+
+ Termination of your rights under this section does not terminate the
+licenses of parties who have received copies or rights from you under
+this License. If your rights have been terminated and not permanently
+reinstated, you do not qualify to receive new licenses for the same
+material under section 10.
+
+ 9. Acceptance Not Required for Having Copies.
+
+ You are not required to accept this License in order to receive or
+run a copy of the Program. Ancillary propagation of a covered work
+occurring solely as a consequence of using peer-to-peer transmission
+to receive a copy likewise does not require acceptance. However,
+nothing other than this License grants you permission to propagate or
+modify any covered work. These actions infringe copyright if you do
+not accept this License. Therefore, by modifying or propagating a
+covered work, you indicate your acceptance of this License to do so.
+
+ 10. Automatic Licensing of Downstream Recipients.
+
+ Each time you convey a covered work, the recipient automatically
+receives a license from the original licensors, to run, modify and
+propagate that work, subject to this License. You are not responsible
+for enforcing compliance by third parties with this License.
+
+ An "entity transaction" is a transaction transferring control of an
+organization, or substantially all assets of one, or subdividing an
+organization, or merging organizations. If propagation of a covered
+work results from an entity transaction, each party to that
+transaction who receives a copy of the work also receives whatever
+licenses to the work the party's predecessor in interest had or could
+give under the previous paragraph, plus a right to possession of the
+Corresponding Source of the work from the predecessor in interest, if
+the predecessor has it or can get it with reasonable efforts.
+
+ You may not impose any further restrictions on the exercise of the
+rights granted or affirmed under this License. For example, you may
+not impose a license fee, royalty, or other charge for exercise of
+rights granted under this License, and you may not initiate litigation
+(including a cross-claim or counterclaim in a lawsuit) alleging that
+any patent claim is infringed by making, using, selling, offering for
+sale, or importing the Program or any portion of it.
+
+ 11. Patents.
+
+ A "contributor" is a copyright holder who authorizes use under this
+License of the Program or a work on which the Program is based. The
+work thus licensed is called the contributor's "contributor version".
+
+ A contributor's "essential patent claims" are all patent claims
+owned or controlled by the contributor, whether already acquired or
+hereafter acquired, that would be infringed by some manner, permitted
+by this License, of making, using, or selling its contributor version,
+but do not include claims that would be infringed only as a
+consequence of further modification of the contributor version. For
+purposes of this definition, "control" includes the right to grant
+patent sublicenses in a manner consistent with the requirements of
+this License.
+
+ Each contributor grants you a non-exclusive, worldwide, royalty-free
+patent license under the contributor's essential patent claims, to
+make, use, sell, offer for sale, import and otherwise run, modify and
+propagate the contents of its contributor version.
+
+ In the following three paragraphs, a "patent license" is any express
+agreement or commitment, however denominated, not to enforce a patent
+(such as an express permission to practice a patent or covenant not to
+sue for patent infringement). To "grant" such a patent license to a
+party means to make such an agreement or commitment not to enforce a
+patent against the party.
+
+ If you convey a covered work, knowingly relying on a patent license,
+and the Corresponding Source of the work is not available for anyone
+to copy, free of charge and under the terms of this License, through a
+publicly available network server or other readily accessible means,
+then you must either (1) cause the Corresponding Source to be so
+available, or (2) arrange to deprive yourself of the benefit of the
+patent license for this particular work, or (3) arrange, in a manner
+consistent with the requirements of this License, to extend the patent
+license to downstream recipients. "Knowingly relying" means you have
+actual knowledge that, but for the patent license, your conveying the
+covered work in a country, or your recipient's use of the covered work
+in a country, would infringe one or more identifiable patents in that
+country that you have reason to believe are valid.
+
+ If, pursuant to or in connection with a single transaction or
+arrangement, you convey, or propagate by procuring conveyance of, a
+covered work, and grant a patent license to some of the parties
+receiving the covered work authorizing them to use, propagate, modify
+or convey a specific copy of the covered work, then the patent license
+you grant is automatically extended to all recipients of the covered
+work and works based on it.
+
+ A patent license is "discriminatory" if it does not include within
+the scope of its coverage, prohibits the exercise of, or is
+conditioned on the non-exercise of one or more of the rights that are
+specifically granted under this License. You may not convey a covered
+work if you are a party to an arrangement with a third party that is
+in the business of distributing software, under which you make payment
+to the third party based on the extent of your activity of conveying
+the work, and under which the third party grants, to any of the
+parties who would receive the covered work from you, a discriminatory
+patent license (a) in connection with copies of the covered work
+conveyed by you (or copies made from those copies), or (b) primarily
+for and in connection with specific products or compilations that
+contain the covered work, unless you entered into that arrangement,
+or that patent license was granted, prior to 28 March 2007.
+
+ Nothing in this License shall be construed as excluding or limiting
+any implied license or other defenses to infringement that may
+otherwise be available to you under applicable patent law.
+
+ 12. No Surrender of Others' Freedom.
+
+ If conditions are imposed on you (whether by court order, agreement or
+otherwise) that contradict the conditions of this License, they do not
+excuse you from the conditions of this License. If you cannot convey a
+covered work so as to satisfy simultaneously your obligations under this
+License and any other pertinent obligations, then as a consequence you may
+not convey it at all. For example, if you agree to terms that obligate you
+to collect a royalty for further conveying from those to whom you convey
+the Program, the only way you could satisfy both those terms and this
+License would be to refrain entirely from conveying the Program.
+
+ 13. Use with the GNU Affero General Public License.
+
+ Notwithstanding any other provision of this License, you have
+permission to link or combine any covered work with a work licensed
+under version 3 of the GNU Affero General Public License into a single
+combined work, and to convey the resulting work. The terms of this
+License will continue to apply to the part which is the covered work,
+but the special requirements of the GNU Affero General Public License,
+section 13, concerning interaction through a network will apply to the
+combination as such.
+
+ 14. Revised Versions of this License.
+
+ The Free Software Foundation may publish revised and/or new versions of
+the GNU General Public License from time to time. Such new versions will
+be similar in spirit to the present version, but may differ in detail to
+address new problems or concerns.
+
+ Each version is given a distinguishing version number. If the
+Program specifies that a certain numbered version of the GNU General
+Public License "or any later version" applies to it, you have the
+option of following the terms and conditions either of that numbered
+version or of any later version published by the Free Software
+Foundation. If the Program does not specify a version number of the
+GNU General Public License, you may choose any version ever published
+by the Free Software Foundation.
+
+ If the Program specifies that a proxy can decide which future
+versions of the GNU General Public License can be used, that proxy's
+public statement of acceptance of a version permanently authorizes you
+to choose that version for the Program.
+
+ Later license versions may give you additional or different
+permissions. However, no additional obligations are imposed on any
+author or copyright holder as a result of your choosing to follow a
+later version.
+
+ 15. Disclaimer of Warranty.
+
+ THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
+APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
+HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
+OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
+THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
+IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
+ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
+
+ 16. Limitation of Liability.
+
+ IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
+WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
+THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
+GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
+USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
+DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
+PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
+EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
+SUCH DAMAGES.
+
+ 17. Interpretation of Sections 15 and 16.
+
+ If the disclaimer of warranty and limitation of liability provided
+above cannot be given local legal effect according to their terms,
+reviewing courts shall apply local law that most closely approximates
+an absolute waiver of all civil liability in connection with the
+Program, unless a warranty or assumption of liability accompanies a
+copy of the Program in return for a fee.
+
+ END OF TERMS AND CONDITIONS
+
+ How to Apply These Terms to Your New Programs
+
+ If you develop a new program, and you want it to be of the greatest
+possible use to the public, the best way to achieve this is to make it
+free software which everyone can redistribute and change under these terms.
+
+ To do so, attach the following notices to the program. It is safest
+to attach them to the start of each source file to most effectively
+state the exclusion of warranty; and each file should have at least
+the "copyright" line and a pointer to where the full notice is found.
+
+ <one line to give the program's name and a brief idea of what it does.>
+ Copyright (C) <year> <name of author>
+
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+Also add information on how to contact you by electronic and paper mail.
+
+ If the program does terminal interaction, make it output a short
+notice like this when it starts in an interactive mode:
+
+ <program> Copyright (C) <year> <name of author>
+ This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
+ This is free software, and you are welcome to redistribute it
+ under certain conditions; type `show c' for details.
+
+The hypothetical commands `show w' and `show c' should show the appropriate
+parts of the General Public License. Of course, your program's commands
+might be different; for a GUI interface, you would use an "about box".
+
+ You should also get your employer (if you work as a programmer) or school,
+if any, to sign a "copyright disclaimer" for the program, if necessary.
+For more information on this, and how to apply and follow the GNU GPL, see
+<http://www.gnu.org/licenses/>.
+
+ The GNU General Public License does not permit incorporating your program
+into proprietary programs. If your program is a subroutine library, you
+may consider it more useful to permit linking proprietary applications with
+the library. If this is what you want to do, use the GNU Lesser General
+Public License instead of this License. But first, please read
+<http://www.gnu.org/philosophy/why-not-lgpl.html>.
diff --git a/puppet/modules/nagios/README b/puppet/modules/nagios/README
new file mode 100644
index 00000000..0c42b4a7
--- /dev/null
+++ b/puppet/modules/nagios/README
@@ -0,0 +1,305 @@
+Introduction/Notes
+==================
+
+This modules was inspired and based on the work of David Schmitt
+The immerda project group adapted and improved this module.
+Mainly we made it using the new native puppet nagios commands
+as well we made it more modular to fit for multidistro usage.
+
+In it's current form, this module can be used on CentOS and Debian.
+
+
+Overview
+========
+
+To use the nagios resources in an puppetmaster setup you need to activate
+[storeconfigs](https://docs.puppetlabs.com/puppet/latest/reference/configuration.html#storeconfigs) on the puppetmaster.
+You can also use this module in a masterless setup, please set the
+`storeconfigs` parameter to `false` when declaring the nafios class.
+
+You need to be running version 0.25 or later of puppet.
+
+
+Monitor
+-------
+
+On one node the "nagios" class has to be included. By default this installs
+apache using the "apache" module. To use lighttpd instead, set the "httpd"
+parameter to the "nagios" class to "lighttpd", or, if the web server is not to
+be managed by puppet, set the "httpd" parameter to "absent".
+
+
+Hosts
+-----
+
+On a node which shall be monitored with nagios, include the "nagios::target".
+This just creates a host declaration for this host's "$::ipaddress" fact. If
+the $::ipaddress of your target is not the one you wish to modify, you can use
+"nagios::target::fqdn" instead, which will use the $::fqdn fact of the host instead.
+
+Pass the $parents variable to the target class for enabling the reachability
+features of nagios. If a node needs more customisation, use the
+native "@@nagios_host" type directly (the double-ampersand declares the object
+as an exported resource).
+
+To monitor hosts not managed by puppet, add "nagios_host" objects to the
+monitoring node. The required parameters are "alias", "address" and "use". If
+you don't specify a proper nagios template with the "use" parameter, some extra
+parameters are needed. You may look up the nagios documentation for this.
+
+
+Services
+--------
+
+Services can be monitored by using the "nagios::service" component.
+
+The simplest form is:
+
+ nagios::service { 'check_http':
+ check_command => 'http_port!80',
+ }
+
+The intention being obviously to put such declarations into a component defining
+a service, thereby being automatically applied together with all instances of
+the service.
+
+Obviously, the check command must either be defined using nagios_command objects
+(some are supplied in nagios::defaults::commands) or in the nagios configuration
+files directly.
+
+NRPE client configuration
+=========================
+
+To setup a machine as an NRPE client, the class 'nagios::nrpe' should be used:
+
+ class { 'nagios::nrpe':
+ allowed_hosts => '10.2.3.4,10.5.6.7',
+ }
+
+The class can take the following parameters to change configuration or
+configuration directory:
+
+ * $cfg_dir : Defines the path to the NRPE configuration. The default is to use
+ the path used by packages per your distro.
+
+ * $pid_file : Sets the path of the PID file. The default value is the path
+ used by init script shipped with your distro's packages.
+
+ * $plugin_dir : Defines the path in which nagios plugins that are to be
+ executed with NRPE commands are stored. The default value is the path where
+ your distro's nagios package stores plugins.
+
+ * $server_address : The IP address to which the NRPE client daemon should
+ bind. The default behaviour is to bind to all IPs.
+
+ * $allowed_hosts : A string containing a comma-separated list of host IPs that
+ are allowed to request NRPE commands to be run. The default value is to
+ allow only 127.0.0.1, so you might want to pass in a list of additional host
+ IPs.
+
+ * $dont_blame : A string that enables ('1') or disables ('0') NRPE command
+ arguments. Enabling arguments can lead to potentials of shell escapes so it
+ should be used with caution and only if absolutely needed. This is disabled
+ by default.
+
+NRPE Services
+-------------
+
+Some Nagios services need to be checked via NRPE. The following will make the
+nagios server define a service that will check the NRPE command 'check_cpu' on
+the current node:
+
+ nagios::service { 'CPU Usage':
+ use_nrpe => true,
+ check_command => "check_cpu",
+ nrpe_args => "-t 60"
+ }
+
+NRPE Commands
+-------------
+
+To be able to call NRPE commands on a host, one needs to define that command
+and what it is going to execute:
+
+ nagios::nrpe::command { 'debsums':
+ check_command => '/usr/lib/nagios/plugins/check_debsums openssh-server'
+ }
+
+
+Upgrade Notes
+=============
+
+The nagios::target bits have been reworked, the notable changes that
+may affect an upgrade are:
+
+. previous versions had nagios::target::nat which used the $::fqdn for
+the address part of nagios::target, this has been renamed to
+nagios::target::fqdn to be more clear. if you were using
+nagios::target::nat then you will need to change those references to
+::fqdn
+
+. previous versions of this module used $::fqdn for the nagios::target
+address, now it is using $::ipaddress. If you need $::fqdn, use
+nagios::target::fqdn instead of nagios::target
+
+. previous versions of nagios_host used the parameter named 'ip', that
+has been changed to 'address'
+
+
+IRC bot
+=======
+
+Notifications can easily be sent to an IRC channel by using a bot. To do so,
+simply include 'nagios::irc_bot' on the nagios server and define the right
+$nagios_nsa_* variables (see the 'Variables' section below).
+
+You can then use the notification commands 'notify-by-irc' and
+'host-notify-by-irc' with service and host definitions to make them report
+state changes over IRC.
+
+Caveats
+=======
+
+
+Consistency/Validation/Verification
+-----------------------------------
+
+After convergance of the configuration, the system is obviously consistent.
+That is, all defined services are monitored. The problem is though, that it is
+neither automatically valid - it is not guaranteed that all components declare a
+nagios::service - and even if the configuration is valid it definitly is
+unverified, since that is always a judgment call for an external observer.
+
+
+Removal of nagios objects
+-------------------------
+
+This module does not automatically purge nagios objects such as hosts and
+services that become absent from the manifests. One must set ensure => absent
+to guarantee the removal of nagios objects from the configuration as desired.
+
+
+Templates not supported using native types
+------------------------------------------
+
+Templates of hosts and services cannot yet be defined using native types. In
+this module, they are provided using a file resource by the class
+nagios::defaults::templates
+
+See : http://projects.reductivelabs.com/issues/1180
+
+
+Variables
+=========
+
+Options to change the behavior of the nagios class:
+
+- allow_external_cmd: Set to true, if you'd like to ensure that your http
+ daemon can write to the external command file. You
+ may also need to flip "check_external_commands" in
+ "nagios.cfg" to enable this functionality.
+
+For the irc_bot class:
+
+- nsa_socket: This optional variable can be used to specify the path to
+ the socket file that the IRC daemon should use.
+
+- nsa_server: When using the IRC bot, this defines the server address of
+ the IRC network on which the bot will connect.
+
+- nsa_port: Defines the port number on the IRC server on which the bot
+ should connect. When this variable is not set, the port used
+ by default is 6667.
+
+- nsa_nickname: This is the nickname that the IRC bot will take.
+
+- nsa_password: Some networks require a password to connect to them.
+ This defines such a password.
+
+- nsa_channel: The name of the channel that the IRC bot will join and
+ will post notifications to.
+
+- nsa_pidfile: This optional variable can be used to define the path to
+ the file that will contain the process ID of the IRC bot
+ daemon.
+- nsa_realname: The IRC bot user's real name that will be displayed. By
+ default, the real name is 'Nagios'.
+
+- nsa_usenotices: The IRC bot will by default "say" to the channel the
+ nagios message, but you can switch this variable to
+ 'notice' if you would prefer them to be sent as IRC
+ NOTICE messages.
+
+PNP4Nagios integration
+======================
+
+For PNP4Nagios integration information, please see README.pnp4nagios
+
+Examples
+========
+
+Usage example:
+
+~~~
+node nagios {
+
+ class { 'nagios': } -> class { 'nagios::defaults': }
+
+ # Declare another nagios command
+ nagios::command { http_port:
+ command_line => '/usr/lib/nagios/plugins/check_http -p $ARG1$ -H $HOSTADDRESS$ -I $HOSTADDRESS$'
+ }
+
+ # Declare unmanaged hosts
+ nagios_host {
+ 'router01.mydomain.com':
+ alias => 'router01',
+ notes => 'MyDomain Gateway',
+ address => '10.0.0.1',
+ use => 'generic-host';
+ 'router02.mydomain.com':
+ alias => 'router02',
+ address => '192.168.0.1',
+ parents => 'router01',
+ use => 'generic-host';
+ }
+
+}
+
+
+node target {
+
+ # Monitor this host
+ class{'nagios::target':
+ parents = 'router01'
+ }
+
+ # monitor a service
+ $apache2_port = 8080
+ include apache2
+
+ # This actually does this somewhere:
+ #nagios::service { "http_${apache2_port}":
+ # check_command => "http_port!${apache2_port}"
+ #}
+
+}
+~~~
+
+TODO
+====
+
+- Provide a default http vhost
+- Add facility to deploy nagios plugins
+- Add more useful commands and services
+- When Puppet will support them, supply nagios templates using native types
+
+
+License
+=======
+
+Copyright (C) 2007 David Schmitt <david@schmitt.edv-bus.at>
+See the file LICENSE in the top directory for the full license.
+
+Copyright (C) 2010 Riseup Networks <micah@riseup.net>
+
diff --git a/puppet/modules/nagios/README.pnp4nagios b/puppet/modules/nagios/README.pnp4nagios
new file mode 100644
index 00000000..dd407021
--- /dev/null
+++ b/puppet/modules/nagios/README.pnp4nagios
@@ -0,0 +1,65 @@
+PNP4Nagios integration
+======================
+
+As of 2012/01 debian packages for pnp4nagios are availible from lenny-backports on.
+
+See http://docs.pnp4nagios.org/pnp-0.6/start for installation notes.
+
+Integration in the nagios/icinga webinterface is configured by including either
+the nagios::pnp4nagios or the nagios::pnp4nagios::popup class, the later one
+includes fancy popups when you hoover over the extra service action image. For
+hosts you need to use the host-pnp definition, for services the srv-pnp def.
+i.e.
+
+ @@nagios_service { "ping_example_node":
+ use => "generic-service,srv-pnp",
+ ...
+
+ nagios_host { 'example_node':
+ use => 'generic-host,host-pnp',
+ ...
+
+In the default config files the "Bulk Mode with NPCD" is used
+(see http://docs.pnp4nagios.org/en/pnp-0.6/config for more infos about the different
+modes).
+
+Include the nagios::pnp4nagios::popup class for fancy popups when you hoover over
+the extra service action image.
+
+
+Please include this in your nagios.cfg:
+
+process_performance_data=1
+
+#http://docs.pnp4nagios.org/en/pnp-0.6/config#bulk_mode_mit_npcd
+#
+# Service Performance-Data
+#
+service_perfdata_file=/var/lib/nagios3/service-perfdata
+service_perfdata_file_template=DATATYPE::SERVICEPERFDATA\tTIMET::$TIMET$\tHOSTNAME::$HOSTNAME$\tSERVICEDESC::$SERVICEDESC$\tSERVICEPERFDATA::$SERVICEPERFDATA$\tSERVICECHECKCOMMAND::$SERVICECHECKCOMMAND$\tHOSTSTATE::$HOSTSTATE$\tHOSTSTATETYPE::$HOSTSTATETYPE$\tSERVICESTATE::$SERVICESTATE$\tSERVICESTATETYPE::$SERVICESTATETYPE$
+service_perfdata_file_mode=a
+service_perfdata_file_processing_interval=15
+service_perfdata_file_processing_command=process-service-perfdata-file-pnp4nagios-bulk-npcd
+
+#
+# Host Performance-Data
+#
+host_perfdata_file=/var/lib/nagios3/host-perfdata
+host_perfdata_file_template=DATATYPE::HOSTPERFDATA\tTIMET::$TIMET$\tHOSTNAME::$HOSTNAME$\tHOSTPERFDATA::$HOSTPERFDATA$\tHOSTCHECKCOMMAND::$HOSTCHECKCOMMAND$\tHOSTSTATE::$HOSTSTATE$\tHOSTSTATETYPE::$HOSTSTATETYPE$
+host_perfdata_file_mode=a
+host_perfdata_file_processing_interval=15
+host_perfdata_file_processing_command=process-host-perfdata-file-pnp4nagios-bulk-npcd
+
+
+For hosts you need to use the host-pnp definition, for services the srv-pnp def.
+i.e.
+
+ @@nagios_service { "ping_example_node":
+ use => "generic-service,srv-pnp",
+ ...
+
+ nagios_host { 'example_node':
+ use => 'generic-host,host-pnp',
+ ...
+
+
diff --git a/puppet/modules/nagios/files/configs/CentOS/cgi.cfg b/puppet/modules/nagios/files/configs/CentOS/cgi.cfg
new file mode 100644
index 00000000..cd625d4c
--- /dev/null
+++ b/puppet/modules/nagios/files/configs/CentOS/cgi.cfg
@@ -0,0 +1,280 @@
+#################################################################
+#
+# CGI.CFG - Sample CGI Configuration File for Nagios 2.9
+#
+# Last Modified: 11-21-2006
+#
+#################################################################
+
+
+# MAIN CONFIGURATION FILE
+# This tells the CGIs where to find your main configuration file.
+# The CGIs will read the main and host config files for any other
+# data they might need.
+
+main_config_file=/etc/nagios/nagios.cfg
+
+
+
+# PHYSICAL HTML PATH
+# This is the path where the HTML files for Nagios reside. This
+# value is used to locate the logo images needed by the statusmap
+# and statuswrl CGIs.
+
+physical_html_path=/usr/share/nagios/share
+
+
+
+# URL HTML PATH
+# This is the path portion of the URL that corresponds to the
+# physical location of the Nagios HTML files (as defined above).
+# This value is used by the CGIs to locate the online documentation
+# and graphics. If you access the Nagios pages with an URL like
+# http://www.myhost.com/nagios, this value should be '/nagios'
+# (without the quotes).
+
+url_html_path=/nagios
+
+
+
+# CONTEXT-SENSITIVE HELP
+# This option determines whether or not a context-sensitive
+# help icon will be displayed for most of the CGIs.
+# Values: 0 = disables context-sensitive help
+# 1 = enables context-sensitive help
+
+show_context_help=0
+
+
+
+# NAGIOS PROCESS CHECK COMMAND
+# This is the full path and filename of the program used to check
+# the status of the Nagios process. It is used only by the CGIs
+# and is completely optional. However, if you don't use it, you'll
+# see warning messages in the CGIs about the Nagios process
+# not running and you won't be able to execute any commands from
+# the web interface. The program should follow the same rules
+# as plugins; the return codes are the same as for the plugins,
+# it should have timeout protection, it should output something
+# to STDIO, etc.
+#
+# Note: The command line for the check_nagios plugin below may
+# have to be tweaked a bit, as different versions of the plugin
+# use different command line arguments/syntaxes.
+
+#nagios_check_command=/usr/lib64/nagios/plugins/check_nagios /var/log/nagios/status.dat 5 '/usr/sbin/nagios'
+
+
+
+# AUTHENTICATION USAGE
+# This option controls whether or not the CGIs will use any
+# authentication when displaying host and service information, as
+# well as committing commands to Nagios for processing.
+#
+# Read the HTML documentation to learn how the authorization works!
+#
+# NOTE: It is a really *bad* idea to disable authorization, unless
+# you plan on removing the command CGI (cmd.cgi)! Failure to do
+# so will leave you wide open to kiddies messing with Nagios and
+# possibly hitting you with a denial of service attack by filling up
+# your drive by continuously writing to your command file!
+#
+# Setting this value to 0 will cause the CGIs to *not* use
+# authentication (bad idea), while any other value will make them
+# use the authentication functions (the default).
+
+use_authentication=1
+
+
+
+# DEFAULT USER
+# Setting this variable will define a default user name that can
+# access pages without authentication. This allows people within a
+# secure domain (i.e., behind a firewall) to see the current status
+# without authenticating. You may want to use this to avoid basic
+# authentication if you are not using a secure server since basic
+# authentication transmits passwords in the clear.
+#
+# Important: Do not define a default username unless you are
+# running a secure web server and are sure that everyone who has
+# access to the CGIs has been authenticated in some manner! If you
+# define this variable, anyone who has not authenticated to the web
+# server will inherit all rights you assign to this user!
+
+#default_user_name=guest
+
+
+
+# SYSTEM/PROCESS INFORMATION ACCESS
+# This option is a comma-delimited list of all usernames that
+# have access to viewing the Nagios process information as
+# provided by the Extended Information CGI (extinfo.cgi). By
+# default, *no one* has access to this unless you choose to
+# not use authorization. You may use an asterisk (*) to
+# authorize any user who has authenticated to the web server.
+
+#authorized_for_system_information=nagiosadmin,theboss,jdoe
+authorized_for_system_information=admin
+
+# CONFIGURATION INFORMATION ACCESS
+# This option is a comma-delimited list of all usernames that
+# can view ALL configuration information (hosts, commands, etc).
+# By default, users can only view configuration information
+# for the hosts and services they are contacts for. You may use
+# an asterisk (*) to authorize any user who has authenticated
+# to the web server.
+
+#authorized_for_configuration_information=nagiosadmin,jdoe
+authorized_for_configuration_information=admin
+
+
+
+# SYSTEM/PROCESS COMMAND ACCESS
+# This option is a comma-delimited list of all usernames that
+# can issue shutdown and restart commands to Nagios via the
+# command CGI (cmd.cgi). Users in this list can also change
+# the program mode to active or standby. By default, *no one*
+# has access to this unless you choose to not use authorization.
+# You may use an asterisk (*) to authorize any user who has
+# authenticated to the web server.
+
+#authorized_for_system_commands=nagiosadmin
+authorized_for_system_commands=admin
+
+
+
+# GLOBAL HOST/SERVICE VIEW ACCESS
+# These two options are comma-delimited lists of all usernames that
+# can view information for all hosts and services that are being
+# monitored. By default, users can only view information
+# for hosts or services that they are contacts for (unless you
+# you choose to not use authorization). You may use an asterisk (*)
+# to authorize any user who has authenticated to the web server.
+
+
+#authorized_for_all_services=nagiosadmin,guest
+authorized_for_all_services=admin
+#authorized_for_all_hosts=nagiosadmin,guest
+authorized_for_all_hosts=admin
+
+
+
+# GLOBAL HOST/SERVICE COMMAND ACCESS
+# These two options are comma-delimited lists of all usernames that
+# can issue host or service related commands via the command
+# CGI (cmd.cgi) for all hosts and services that are being monitored.
+# By default, users can only issue commands for hosts or services
+# that they are contacts for (unless you you choose to not use
+# authorization). You may use an asterisk (*) to authorize any
+# user who has authenticated to the web server.
+
+#authorized_for_all_service_commands=nagiosadmin
+authorized_for_all_service_commands=admin
+#authorized_for_all_host_commands=nagiosadmin
+authorized_for_all_host_commands=admin
+
+
+
+
+# STATUSMAP BACKGROUND IMAGE
+# This option allows you to specify an image to be used as a
+# background in the statusmap CGI. It is assumed that the image
+# resides in the HTML images path (i.e. /usr/local/nagios/share/images).
+# This path is automatically determined by appending "/images"
+# to the path specified by the 'physical_html_path' directive.
+# Note: The image file may be in GIF, PNG, JPEG, or GD2 format.
+# However, I recommend that you convert your image to GD2 format
+# (uncompressed), as this will cause less CPU load when the CGI
+# generates the image.
+
+#statusmap_background_image=smbackground.gd2
+
+
+
+# DEFAULT STATUSMAP LAYOUT METHOD
+# This option allows you to specify the default layout method
+# the statusmap CGI should use for drawing hosts. If you do
+# not use this option, the default is to use user-defined
+# coordinates. Valid options are as follows:
+# 0 = User-defined coordinates
+# 1 = Depth layers
+# 2 = Collapsed tree
+# 3 = Balanced tree
+# 4 = Circular
+# 5 = Circular (Marked Up)
+
+default_statusmap_layout=5
+
+
+
+# DEFAULT STATUSWRL LAYOUT METHOD
+# This option allows you to specify the default layout method
+# the statuswrl (VRML) CGI should use for drawing hosts. If you
+# do not use this option, the default is to use user-defined
+# coordinates. Valid options are as follows:
+# 0 = User-defined coordinates
+# 2 = Collapsed tree
+# 3 = Balanced tree
+# 4 = Circular
+
+default_statuswrl_layout=4
+
+
+
+# STATUSWRL INCLUDE
+# This option allows you to include your own objects in the
+# generated VRML world. It is assumed that the file
+# resides in the HTML path (i.e. /usr/local/nagios/share).
+
+#statuswrl_include=myworld.wrl
+
+
+
+# PING SYNTAX
+# This option determines what syntax should be used when
+# attempting to ping a host from the WAP interface (using
+# the statuswml CGI. You must include the full path to
+# the ping binary, along with all required options. The
+# $HOSTADDRESS$ macro is substituted with the address of
+# the host before the command is executed.
+# Please note that the syntax for the ping binary is
+# notorious for being different on virtually ever *NIX
+# OS and distribution, so you may have to tweak this to
+# work on your system.
+
+ping_syntax=/bin/ping -n -U -c 5 $HOSTADDRESS$
+
+
+
+# REFRESH RATE
+# This option allows you to specify the refresh rate in seconds
+# of various CGIs (status, statusmap, extinfo, and outages).
+
+refresh_rate=90
+
+
+
+# SOUND OPTIONS
+# These options allow you to specify an optional audio file
+# that should be played in your browser window when there are
+# problems on the network. The audio files are used only in
+# the status CGI. Only the sound for the most critical problem
+# will be played. Order of importance (higher to lower) is as
+# follows: unreachable hosts, down hosts, critical services,
+# warning services, and unknown services. If there are no
+# visible problems, the sound file optionally specified by
+# 'normal_sound' variable will be played.
+#
+#
+# <varname>=<sound_file>
+#
+# Note: All audio files must be placed in the /media subdirectory
+# under the HTML path (i.e. /usr/local/nagios/share/media/).
+
+#host_unreachable_sound=hostdown.wav
+#host_down_sound=hostdown.wav
+#service_critical_sound=critical.wav
+#service_warning_sound=warning.wav
+#service_unknown_sound=warning.wav
+#normal_sound=noproblem.wav
+
diff --git a/puppet/modules/nagios/files/configs/CentOS/nagios.cfg b/puppet/modules/nagios/files/configs/CentOS/nagios.cfg
new file mode 100644
index 00000000..b88e3db7
--- /dev/null
+++ b/puppet/modules/nagios/files/configs/CentOS/nagios.cfg
@@ -0,0 +1,949 @@
+##############################################################################
+#
+# NAGIOS.CFG - Sample Main Config File for Nagios 2.10
+#
+# Read the documentation for more information on this configuration
+# file. I've provided some comments here, but things may not be so
+# clear without further explanation.
+#
+# Last Modified: 12-21-2006
+#
+##############################################################################
+
+
+# LOG FILE
+# This is the main log file where service and host events are logged
+# for historical purposes. This should be the first option specified
+# in the config file!!!
+
+log_file=/var/log/nagios/nagios.log
+
+
+
+# OBJECT CONFIGURATION FILE(S)
+# This is the configuration file in which you define hosts, host
+# groups, contacts, contact groups, services, etc. I guess it would
+# be better called an object definition file, but for historical
+# reasons it isn't. You can split object definitions into several
+# different config files by using multiple cfg_file statements here.
+# Nagios will read and process all the config files you define.
+# This can be very useful if you want to keep command definitions
+# separate from host and contact definitions...
+
+# Puppet-managed configuration files
+cfg_file=/etc/nagios/nagios_templates.cfg
+cfg_file=/etc/nagios/nagios_command.cfg
+cfg_file=/etc/nagios/nagios_contact.cfg
+cfg_file=/etc/nagios/nagios_contactgroup.cfg
+cfg_file=/etc/nagios/nagios_host.cfg
+cfg_file=/etc/nagios/nagios_hostdependency.cfg
+cfg_file=/etc/nagios/nagios_hostescalation.cfg
+cfg_file=/etc/nagios/nagios_hostextinfo.cfg
+cfg_file=/etc/nagios/nagios_hostgroup.cfg
+cfg_file=/etc/nagios/nagios_hostgroupescalation.cfg
+cfg_file=/etc/nagios/nagios_service.cfg
+cfg_file=/etc/nagios/nagios_servicedependency.cfg
+cfg_file=/etc/nagios/nagios_serviceescalation.cfg
+cfg_file=/etc/nagios/nagios_serviceextinfo.cfg
+cfg_file=/etc/nagios/nagios_servicegroup.cfg
+cfg_file=/etc/nagios/nagios_timeperiod.cfg
+
+# OBJECT CACHE FILE
+# This option determines where object definitions are cached when
+# Nagios starts/restarts. The CGIs read object definitions from
+# this cache file (rather than looking at the object config files
+# directly) in order to prevent inconsistencies that can occur
+# when the config files are modified after Nagios starts.
+
+object_cache_file=/var/log/nagios/objects.cache
+
+
+
+# RESOURCE FILE
+# This is an optional resource file that contains $USERx$ macro
+# definitions. Multiple resource files can be specified by using
+# multiple resource_file definitions. The CGIs will not attempt to
+# read the contents of resource files, so information that is
+# considered to be sensitive (usernames, passwords, etc) can be
+# defined as macros in this file and restrictive permissions (600)
+# can be placed on this file.
+
+resource_file=/etc/nagios/private/resource.cfg
+
+
+
+# STATUS FILE
+# This is where the current status of all monitored services and
+# hosts is stored. Its contents are read and processed by the CGIs.
+# The contents of the status file are deleted every time Nagios
+# restarts.
+
+status_file=/var/log/nagios/status.dat
+
+
+
+# NAGIOS USER
+# This determines the effective user that Nagios should run as.
+# You can either supply a username or a UID.
+
+nagios_user=nagios
+
+
+
+# NAGIOS GROUP
+# This determines the effective group that Nagios should run as.
+# You can either supply a group name or a GID.
+
+nagios_group=nagios
+
+
+
+# EXTERNAL COMMAND OPTION
+# This option allows you to specify whether or not Nagios should check
+# for external commands (in the command file defined below). By default
+# Nagios will *not* check for external commands, just to be on the
+# cautious side. If you want to be able to use the CGI command interface
+# you will have to enable this. Setting this value to 0 disables command
+# checking (the default), other values enable it.
+
+check_external_commands=0
+
+
+
+# EXTERNAL COMMAND CHECK INTERVAL
+# This is the interval at which Nagios should check for external commands.
+# This value works of the interval_length you specify later. If you leave
+# that at its default value of 60 (seconds), a value of 1 here will cause
+# Nagios to check for external commands every minute. If you specify a
+# number followed by an "s" (i.e. 15s), this will be interpreted to mean
+# actual seconds rather than a multiple of the interval_length variable.
+# Note: In addition to reading the external command file at regularly
+# scheduled intervals, Nagios will also check for external commands after
+# event handlers are executed.
+# NOTE: Setting this value to -1 causes Nagios to check the external
+# command file as often as possible.
+
+#command_check_interval=15s
+command_check_interval=-1
+
+
+
+# EXTERNAL COMMAND FILE
+# This is the file that Nagios checks for external command requests.
+# It is also where the command CGI will write commands that are submitted
+# by users, so it must be writeable by the user that the web server
+# is running as (usually 'nobody'). Permissions should be set at the
+# directory level instead of on the file, as the file is deleted every
+# time its contents are processed.
+
+command_file=/var/spool/nagios/cmd/nagios.cmd
+
+
+
+# EXTERNAL COMMAND BUFFER SLOTS
+# This settings is used to tweak the number of items or "slots" that
+# the Nagios daemon should allocate to the buffer that holds incoming
+# external commands before they are processed. As external commands
+# are processed by the daemon, they are removed from the buffer.
+
+external_command_buffer_slots=4096
+
+
+
+# COMMENT FILE
+# This is the file that Nagios will use for storing host and service
+# comments.
+
+comment_file=/var/log/nagios/comments.dat
+
+
+
+# DOWNTIME FILE
+# This is the file that Nagios will use for storing host and service
+# downtime data.
+
+downtime_file=/var/log/nagios/downtime.dat
+
+
+
+# LOCK FILE
+# This is the lockfile that Nagios will use to store its PID number
+# in when it is running in daemon mode.
+
+lock_file=/var/run/nagios.pid
+
+
+
+# TEMP FILE
+# This is a temporary file that is used as scratch space when Nagios
+# updates the status log, cleans the comment file, etc. This file
+# is created, used, and deleted throughout the time that Nagios is
+# running.
+
+temp_file=/var/log/nagios/nagios.tmp
+
+
+
+# EVENT BROKER OPTIONS
+# Controls what (if any) data gets sent to the event broker.
+# Values: 0 = Broker nothing
+# -1 = Broker everything
+# <other> = See documentation
+
+event_broker_options=-1
+
+
+
+# EVENT BROKER MODULE(S)
+# This directive is used to specify an event broker module that should
+# by loaded by Nagios at startup. Use multiple directives if you want
+# to load more than one module. Arguments that should be passed to
+# the module at startup are seperated from the module path by a space.
+#
+# Example:
+#
+# broker_module=<modulepath> [moduleargs]
+
+#broker_module=/somewhere/module1.o
+#broker_module=/somewhere/module2.o arg1 arg2=3 debug=0
+
+
+
+
+# LOG ROTATION METHOD
+# This is the log rotation method that Nagios should use to rotate
+# the main log file. Values are as follows..
+# n = None - don't rotate the log
+# h = Hourly rotation (top of the hour)
+# d = Daily rotation (midnight every day)
+# w = Weekly rotation (midnight on Saturday evening)
+# m = Monthly rotation (midnight last day of month)
+
+log_rotation_method=d
+
+
+
+# LOG ARCHIVE PATH
+# This is the directory where archived (rotated) log files should be
+# placed (assuming you've chosen to do log rotation).
+
+log_archive_path=/var/log/nagios/archives
+
+
+
+# LOGGING OPTIONS
+# If you want messages logged to the syslog facility, as well as the
+# NetAlarm log file set this option to 1. If not, set it to 0.
+
+use_syslog=1
+
+
+
+# NOTIFICATION LOGGING OPTION
+# If you don't want notifications to be logged, set this value to 0.
+# If notifications should be logged, set the value to 1.
+
+log_notifications=1
+
+
+
+# SERVICE RETRY LOGGING OPTION
+# If you don't want service check retries to be logged, set this value
+# to 0. If retries should be logged, set the value to 1.
+
+log_service_retries=1
+
+
+
+# HOST RETRY LOGGING OPTION
+# If you don't want host check retries to be logged, set this value to
+# 0. If retries should be logged, set the value to 1.
+
+log_host_retries=1
+
+
+
+# EVENT HANDLER LOGGING OPTION
+# If you don't want host and service event handlers to be logged, set
+# this value to 0. If event handlers should be logged, set the value
+# to 1.
+
+log_event_handlers=1
+
+
+
+# INITIAL STATES LOGGING OPTION
+# If you want Nagios to log all initial host and service states to
+# the main log file (the first time the service or host is checked)
+# you can enable this option by setting this value to 1. If you
+# are not using an external application that does long term state
+# statistics reporting, you do not need to enable this option. In
+# this case, set the value to 0.
+
+log_initial_states=0
+
+
+
+# EXTERNAL COMMANDS LOGGING OPTION
+# If you don't want Nagios to log external commands, set this value
+# to 0. If external commands should be logged, set this value to 1.
+# Note: This option does not include logging of passive service
+# checks - see the option below for controlling whether or not
+# passive checks are logged.
+
+log_external_commands=1
+
+
+
+# PASSIVE CHECKS LOGGING OPTION
+# If you don't want Nagios to log passive host and service checks, set
+# this value to 0. If passive checks should be logged, set
+# this value to 1.
+
+log_passive_checks=1
+
+
+
+# GLOBAL HOST AND SERVICE EVENT HANDLERS
+# These options allow you to specify a host and service event handler
+# command that is to be run for every host or service state change.
+# The global event handler is executed immediately prior to the event
+# handler that you have optionally specified in each host or
+# service definition. The command argument is the short name of a
+# command definition that you define in your host configuration file.
+# Read the HTML docs for more information.
+
+#global_host_event_handler=somecommand
+#global_service_event_handler=somecommand
+
+
+
+# SERVICE INTER-CHECK DELAY METHOD
+# This is the method that Nagios should use when initially
+# "spreading out" service checks when it starts monitoring. The
+# default is to use smart delay calculation, which will try to
+# space all service checks out evenly to minimize CPU load.
+# Using the dumb setting will cause all checks to be scheduled
+# at the same time (with no delay between them)! This is not a
+# good thing for production, but is useful when testing the
+# parallelization functionality.
+# n = None - don't use any delay between checks
+# d = Use a "dumb" delay of 1 second between checks
+# s = Use "smart" inter-check delay calculation
+# x.xx = Use an inter-check delay of x.xx seconds
+
+service_inter_check_delay_method=s
+
+
+
+# MAXIMUM SERVICE CHECK SPREAD
+# This variable determines the timeframe (in minutes) from the
+# program start time that an initial check of all services should
+# be completed. Default is 30 minutes.
+
+max_service_check_spread=30
+
+
+
+# SERVICE CHECK INTERLEAVE FACTOR
+# This variable determines how service checks are interleaved.
+# Interleaving the service checks allows for a more even
+# distribution of service checks and reduced load on remote
+# hosts. Setting this value to 1 is equivalent to how versions
+# of Nagios previous to 0.0.5 did service checks. Set this
+# value to s (smart) for automatic calculation of the interleave
+# factor unless you have a specific reason to change it.
+# s = Use "smart" interleave factor calculation
+# x = Use an interleave factor of x, where x is a
+# number greater than or equal to 1.
+
+service_interleave_factor=s
+
+
+
+# HOST INTER-CHECK DELAY METHOD
+# This is the method that Nagios should use when initially
+# "spreading out" host checks when it starts monitoring. The
+# default is to use smart delay calculation, which will try to
+# space all host checks out evenly to minimize CPU load.
+# Using the dumb setting will cause all checks to be scheduled
+# at the same time (with no delay between them)!
+# n = None - don't use any delay between checks
+# d = Use a "dumb" delay of 1 second between checks
+# s = Use "smart" inter-check delay calculation
+# x.xx = Use an inter-check delay of x.xx seconds
+
+host_inter_check_delay_method=s
+
+
+
+# MAXIMUM HOST CHECK SPREAD
+# This variable determines the timeframe (in minutes) from the
+# program start time that an initial check of all hosts should
+# be completed. Default is 30 minutes.
+
+max_host_check_spread=30
+
+
+
+# MAXIMUM CONCURRENT SERVICE CHECKS
+# This option allows you to specify the maximum number of
+# service checks that can be run in parallel at any given time.
+# Specifying a value of 1 for this variable essentially prevents
+# any service checks from being parallelized. A value of 0
+# will not restrict the number of concurrent checks that are
+# being executed.
+
+max_concurrent_checks=0
+
+
+
+# SERVICE CHECK REAPER FREQUENCY
+# This is the frequency (in seconds!) that Nagios will process
+# the results of services that have been checked.
+
+service_reaper_frequency=10
+
+
+
+# CHECK RESULT BUFFER SLOTS
+# This settings is used to tweak the number of items or "slots" that
+# the Nagios daemon should allocate to the buffer that holds
+# service check results before they are processed. As check results
+# are processed by the daemon, they are removed from the buffer.
+
+check_result_buffer_slots=4096
+
+
+
+# AUTO-RESCHEDULING OPTION
+# This option determines whether or not Nagios will attempt to
+# automatically reschedule active host and service checks to
+# "smooth" them out over time. This can help balance the load on
+# the monitoring server.
+# WARNING: THIS IS AN EXPERIMENTAL FEATURE - IT CAN DEGRADE
+# PERFORMANCE, RATHER THAN INCREASE IT, IF USED IMPROPERLY
+
+auto_reschedule_checks=0
+
+
+
+# AUTO-RESCHEDULING INTERVAL
+# This option determines how often (in seconds) Nagios will
+# attempt to automatically reschedule checks. This option only
+# has an effect if the auto_reschedule_checks option is enabled.
+# Default is 30 seconds.
+# WARNING: THIS IS AN EXPERIMENTAL FEATURE - IT CAN DEGRADE
+# PERFORMANCE, RATHER THAN INCREASE IT, IF USED IMPROPERLY
+
+auto_rescheduling_interval=30
+
+
+
+
+# AUTO-RESCHEDULING WINDOW
+# This option determines the "window" of time (in seconds) that
+# Nagios will look at when automatically rescheduling checks.
+# Only host and service checks that occur in the next X seconds
+# (determined by this variable) will be rescheduled. This option
+# only has an effect if the auto_reschedule_checks option is
+# enabled. Default is 180 seconds (3 minutes).
+# WARNING: THIS IS AN EXPERIMENTAL FEATURE - IT CAN DEGRADE
+# PERFORMANCE, RATHER THAN INCREASE IT, IF USED IMPROPERLY
+
+auto_rescheduling_window=180
+
+
+
+# SLEEP TIME
+# This is the number of seconds to sleep between checking for system
+# events and service checks that need to be run.
+
+sleep_time=0.25
+
+
+
+# TIMEOUT VALUES
+# These options control how much time Nagios will allow various
+# types of commands to execute before killing them off. Options
+# are available for controlling maximum time allotted for
+# service checks, host checks, event handlers, notifications, the
+# ocsp command, and performance data commands. All values are in
+# seconds.
+
+service_check_timeout=60
+host_check_timeout=30
+event_handler_timeout=30
+notification_timeout=30
+ocsp_timeout=5
+perfdata_timeout=5
+
+
+
+# RETAIN STATE INFORMATION
+# This setting determines whether or not Nagios will save state
+# information for services and hosts before it shuts down. Upon
+# startup Nagios will reload all saved service and host state
+# information before starting to monitor. This is useful for
+# maintaining long-term data on state statistics, etc, but will
+# slow Nagios down a bit when it (re)starts. Since its only
+# a one-time penalty, I think its well worth the additional
+# startup delay.
+
+retain_state_information=1
+
+
+
+# STATE RETENTION FILE
+# This is the file that Nagios should use to store host and
+# service state information before it shuts down. The state
+# information in this file is also read immediately prior to
+# starting to monitor the network when Nagios is restarted.
+# This file is used only if the preserve_state_information
+# variable is set to 1.
+
+state_retention_file=/var/log/nagios/retention.dat
+
+
+
+# RETENTION DATA UPDATE INTERVAL
+# This setting determines how often (in minutes) that Nagios
+# will automatically save retention data during normal operation.
+# If you set this value to 0, Nagios will not save retention
+# data at regular interval, but it will still save retention
+# data before shutting down or restarting. If you have disabled
+# state retention, this option has no effect.
+
+retention_update_interval=60
+
+
+
+# USE RETAINED PROGRAM STATE
+# This setting determines whether or not Nagios will set
+# program status variables based on the values saved in the
+# retention file. If you want to use retained program status
+# information, set this value to 1. If not, set this value
+# to 0.
+
+use_retained_program_state=1
+
+
+
+# USE RETAINED SCHEDULING INFO
+# This setting determines whether or not Nagios will retain
+# the scheduling info (next check time) for hosts and services
+# based on the values saved in the retention file. If you
+# If you want to use retained scheduling info, set this
+# value to 1. If not, set this value to 0.
+
+use_retained_scheduling_info=0
+
+
+
+# INTERVAL LENGTH
+# This is the seconds per unit interval as used in the
+# host/contact/service configuration files. Setting this to 60 means
+# that each interval is one minute long (60 seconds). Other settings
+# have not been tested much, so your mileage is likely to vary...
+
+interval_length=60
+
+
+
+# AGGRESSIVE HOST CHECKING OPTION
+# If you don't want to turn on aggressive host checking features, set
+# this value to 0 (the default). Otherwise set this value to 1 to
+# enable the aggressive check option. Read the docs for more info
+# on what aggressive host check is or check out the source code in
+# base/checks.c
+
+use_aggressive_host_checking=0
+
+
+
+# SERVICE CHECK EXECUTION OPTION
+# This determines whether or not Nagios will actively execute
+# service checks when it initially starts. If this option is
+# disabled, checks are not actively made, but Nagios can still
+# receive and process passive check results that come in. Unless
+# you're implementing redundant hosts or have a special need for
+# disabling the execution of service checks, leave this enabled!
+# Values: 1 = enable checks, 0 = disable checks
+
+execute_service_checks=1
+
+
+
+# PASSIVE SERVICE CHECK ACCEPTANCE OPTION
+# This determines whether or not Nagios will accept passive
+# service checks results when it initially (re)starts.
+# Values: 1 = accept passive checks, 0 = reject passive checks
+
+accept_passive_service_checks=1
+
+
+
+# HOST CHECK EXECUTION OPTION
+# This determines whether or not Nagios will actively execute
+# host checks when it initially starts. If this option is
+# disabled, checks are not actively made, but Nagios can still
+# receive and process passive check results that come in. Unless
+# you're implementing redundant hosts or have a special need for
+# disabling the execution of host checks, leave this enabled!
+# Values: 1 = enable checks, 0 = disable checks
+
+execute_host_checks=1
+
+
+
+# PASSIVE HOST CHECK ACCEPTANCE OPTION
+# This determines whether or not Nagios will accept passive
+# host checks results when it initially (re)starts.
+# Values: 1 = accept passive checks, 0 = reject passive checks
+
+accept_passive_host_checks=1
+
+
+
+# NOTIFICATIONS OPTION
+# This determines whether or not Nagios will sent out any host or
+# service notifications when it is initially (re)started.
+# Values: 1 = enable notifications, 0 = disable notifications
+
+enable_notifications=1
+
+
+
+# EVENT HANDLER USE OPTION
+# This determines whether or not Nagios will run any host or
+# service event handlers when it is initially (re)started. Unless
+# you're implementing redundant hosts, leave this option enabled.
+# Values: 1 = enable event handlers, 0 = disable event handlers
+
+enable_event_handlers=1
+
+
+
+# PROCESS PERFORMANCE DATA OPTION
+# This determines whether or not Nagios will process performance
+# data returned from service and host checks. If this option is
+# enabled, host performance data will be processed using the
+# host_perfdata_command (defined below) and service performance
+# data will be processed using the service_perfdata_command (also
+# defined below). Read the HTML docs for more information on
+# performance data.
+# Values: 1 = process performance data, 0 = do not process performance data
+
+process_performance_data=0
+
+
+
+# HOST AND SERVICE PERFORMANCE DATA PROCESSING COMMANDS
+# These commands are run after every host and service check is
+# performed. These commands are executed only if the
+# enable_performance_data option (above) is set to 1. The command
+# argument is the short name of a command definition that you
+# define in your host configuration file. Read the HTML docs for
+# more information on performance data.
+
+#host_perfdata_command=process-host-perfdata
+#service_perfdata_command=process-service-perfdata
+
+
+
+# HOST AND SERVICE PERFORMANCE DATA FILES
+# These files are used to store host and service performance data.
+# Performance data is only written to these files if the
+# enable_performance_data option (above) is set to 1.
+
+#host_perfdata_file=/tmp/host-perfdata
+#service_perfdata_file=/tmp/service-perfdata
+
+
+
+# HOST AND SERVICE PERFORMANCE DATA FILE TEMPLATES
+# These options determine what data is written (and how) to the
+# performance data files. The templates may contain macros, special
+# characters (\t for tab, \r for carriage return, \n for newline)
+# and plain text. A newline is automatically added after each write
+# to the performance data file. Some examples of what you can do are
+# shown below.
+
+#host_perfdata_file_template=[HOSTPERFDATA]\t$TIMET$\t$HOSTNAME$\t$HOSTEXECUTIONTIME$\t$HOSTOUTPUT$\t$HOSTPERFDATA$
+#service_perfdata_file_template=[SERVICEPERFDATA]\t$TIMET$\t$HOSTNAME$\t$SERVICEDESC$\t$SERVICEEXECUTIONTIME$\t$SERVICELATENCY$\t$SERVICEOUTPUT$\t$SERVICEPERFDATA$
+
+
+
+
+# HOST AND SERVICE PERFORMANCE DATA FILE MODES
+# This option determines whether or not the host and service
+# performance data files are opened in write ("w") or append ("a")
+# mode. Unless you are the files are named pipes, you will probably
+# want to use the default mode of append ("a").
+
+#host_perfdata_file_mode=a
+#service_perfdata_file_mode=a
+
+
+
+# HOST AND SERVICE PERFORMANCE DATA FILE PROCESSING INTERVAL
+# These options determine how often (in seconds) the host and service
+# performance data files are processed using the commands defined
+# below. A value of 0 indicates the files should not be periodically
+# processed.
+
+#host_perfdata_file_processing_interval=0
+#service_perfdata_file_processing_interval=0
+
+
+
+# HOST AND SERVICE PERFORMANCE DATA FILE PROCESSING COMMANDS
+# These commands are used to periodically process the host and
+# service performance data files. The interval at which the
+# processing occurs is determined by the options above.
+
+#host_perfdata_file_processing_command=process-host-perfdata-file
+#service_perfdata_file_processing_command=process-service-perfdata-file
+
+
+
+# OBSESS OVER SERVICE CHECKS OPTION
+# This determines whether or not Nagios will obsess over service
+# checks and run the ocsp_command defined below. Unless you're
+# planning on implementing distributed monitoring, do not enable
+# this option. Read the HTML docs for more information on
+# implementing distributed monitoring.
+# Values: 1 = obsess over services, 0 = do not obsess (default)
+
+obsess_over_services=0
+
+
+
+# OBSESSIVE COMPULSIVE SERVICE PROCESSOR COMMAND
+# This is the command that is run for every service check that is
+# processed by Nagios. This command is executed only if the
+# obsess_over_service option (above) is set to 1. The command
+# argument is the short name of a command definition that you
+# define in your host configuration file. Read the HTML docs for
+# more information on implementing distributed monitoring.
+
+#ocsp_command=somecommand
+
+
+
+# ORPHANED SERVICE CHECK OPTION
+# This determines whether or not Nagios will periodically
+# check for orphaned services. Since service checks are not
+# rescheduled until the results of their previous execution
+# instance are processed, there exists a possibility that some
+# checks may never get rescheduled. This seems to be a rare
+# problem and should not happen under normal circumstances.
+# If you have problems with service checks never getting
+# rescheduled, you might want to try enabling this option.
+# Values: 1 = enable checks, 0 = disable checks
+
+check_for_orphaned_services=1
+
+
+
+# SERVICE FRESHNESS CHECK OPTION
+# This option determines whether or not Nagios will periodically
+# check the "freshness" of service results. Enabling this option
+# is useful for ensuring passive checks are received in a timely
+# manner.
+# Values: 1 = enabled freshness checking, 0 = disable freshness checking
+
+check_service_freshness=1
+
+
+
+# SERVICE FRESHNESS CHECK INTERVAL
+# This setting determines how often (in seconds) Nagios will
+# check the "freshness" of service check results. If you have
+# disabled service freshness checking, this option has no effect.
+
+service_freshness_check_interval=60
+
+
+
+# HOST FRESHNESS CHECK OPTION
+# This option determines whether or not Nagios will periodically
+# check the "freshness" of host results. Enabling this option
+# is useful for ensuring passive checks are received in a timely
+# manner.
+# Values: 1 = enabled freshness checking, 0 = disable freshness checking
+
+check_host_freshness=0
+
+
+
+# HOST FRESHNESS CHECK INTERVAL
+# This setting determines how often (in seconds) Nagios will
+# check the "freshness" of host check results. If you have
+# disabled host freshness checking, this option has no effect.
+
+host_freshness_check_interval=60
+
+
+
+# AGGREGATED STATUS UPDATES
+# This option determines whether or not Nagios will
+# aggregate updates of host, service, and program status
+# data. Normally, status data is updated immediately when
+# a change occurs. This can result in high CPU loads if
+# you are monitoring a lot of services. If you want Nagios
+# to only refresh status data every few seconds, disable
+# this option.
+# Values: 1 = enable aggregate updates, 0 = disable aggregate updates
+
+aggregate_status_updates=1
+
+
+
+# AGGREGATED STATUS UPDATE INTERVAL
+# Combined with the aggregate_status_updates option,
+# this option determines the frequency (in seconds!) that
+# Nagios will periodically dump program, host, and
+# service status data. If you are not using aggregated
+# status data updates, this option has no effect.
+
+status_update_interval=15
+
+
+
+# FLAP DETECTION OPTION
+# This option determines whether or not Nagios will try
+# and detect hosts and services that are "flapping".
+# Flapping occurs when a host or service changes between
+# states too frequently. When Nagios detects that a
+# host or service is flapping, it will temporarily suppress
+# notifications for that host/service until it stops
+# flapping. Flap detection is very experimental, so read
+# the HTML documentation before enabling this feature!
+# Values: 1 = enable flap detection
+# 0 = disable flap detection (default)
+
+enable_flap_detection=0
+
+
+
+# FLAP DETECTION THRESHOLDS FOR HOSTS AND SERVICES
+# Read the HTML documentation on flap detection for
+# an explanation of what this option does. This option
+# has no effect if flap detection is disabled.
+
+low_service_flap_threshold=5.0
+high_service_flap_threshold=20.0
+low_host_flap_threshold=5.0
+high_host_flap_threshold=20.0
+
+
+
+# DATE FORMAT OPTION
+# This option determines how short dates are displayed. Valid options
+# include:
+# us (MM-DD-YYYY HH:MM:SS)
+# euro (DD-MM-YYYY HH:MM:SS)
+# iso8601 (YYYY-MM-DD HH:MM:SS)
+# strict-iso8601 (YYYY-MM-DDTHH:MM:SS)
+#
+
+date_format=us
+
+
+
+# P1.PL FILE LOCATION
+# This value determines where the p1.pl perl script (used by the
+# embedded Perl interpreter) is located. If you didn't compile
+# Nagios with embedded Perl support, this option has no effect.
+
+p1_file=/usr/sbin/p1.pl
+
+
+
+# ILLEGAL OBJECT NAME CHARACTERS
+# This option allows you to specify illegal characters that cannot
+# be used in host names, service descriptions, or names of other
+# object types.
+
+illegal_object_name_chars=`~!$%^&*|'"<>?,()=
+
+
+
+# ILLEGAL MACRO OUTPUT CHARACTERS
+# This option allows you to specify illegal characters that are
+# stripped from macros before being used in notifications, event
+# handlers, etc. This DOES NOT affect macros used in service or
+# host check commands.
+# The following macros are stripped of the characters you specify:
+# $HOSTOUTPUT$
+# $HOSTPERFDATA$
+# $HOSTACKAUTHOR$
+# $HOSTACKCOMMENT$
+# $SERVICEOUTPUT$
+# $SERVICEPERFDATA$
+# $SERVICEACKAUTHOR$
+# $SERVICEACKCOMMENT$
+
+illegal_macro_output_chars=`~$&|'"<>
+
+
+
+# REGULAR EXPRESSION MATCHING
+# This option controls whether or not regular expression matching
+# takes place in the object config files. Regular expression
+# matching is used to match host, hostgroup, service, and service
+# group names/descriptions in some fields of various object types.
+# Values: 1 = enable regexp matching, 0 = disable regexp matching
+
+use_regexp_matching=0
+
+
+
+# "TRUE" REGULAR EXPRESSION MATCHING
+# This option controls whether or not "true" regular expression
+# matching takes place in the object config files. This option
+# only has an effect if regular expression matching is enabled
+# (see above). If this option is DISABLED, regular expression
+# matching only occurs if a string contains wildcard characters
+# (* and ?). If the option is ENABLED, regexp matching occurs
+# all the time (which can be annoying).
+# Values: 1 = enable true matching, 0 = disable true matching
+
+use_true_regexp_matching=0
+
+
+
+
+# ADMINISTRATOR EMAIL ADDRESS
+# The email address of the administrator of *this* machine (the one
+# doing the monitoring). Nagios never uses this value itself, but
+# you can access this value by using the $ADMINEMAIL$ macro in your
+# notification commands.
+
+admin_email=nagios
+
+
+
+# ADMINISTRATOR PAGER NUMBER/ADDRESS
+# The pager number/address for the administrator of *this* machine.
+# Nagios never uses this value itself, but you can access this
+# value by using the $ADMINPAGER$ macro in your notification
+# commands.
+
+admin_pager=pagenagios
+
+
+
+# DAEMON CORE DUMP OPTION
+# This option determines whether or not Nagios is allowed to create
+# a core dump when it runs as a daemon. Note that it is generally
+# considered bad form to allow this, but it may be useful for
+# debugging purposes.
+# Values: 1 - Allow core dumps
+# 0 - Do not allow core dumps (default)
+
+daemon_dumps_core=0
+
+
+
diff --git a/puppet/modules/nagios/files/configs/CentOS/private/resource.cfg.i386 b/puppet/modules/nagios/files/configs/CentOS/private/resource.cfg.i386
new file mode 100644
index 00000000..0ccf2e17
--- /dev/null
+++ b/puppet/modules/nagios/files/configs/CentOS/private/resource.cfg.i386
@@ -0,0 +1,34 @@
+###########################################################################
+#
+# RESOURCE.CFG - Sample Resource File for Nagios 2.9
+#
+# Last Modified: 09-10-2003
+#
+# You can define $USERx$ macros in this file, which can in turn be used
+# in command definitions in your host config file(s). $USERx$ macros are
+# useful for storing sensitive information such as usernames, passwords,
+# etc. They are also handy for specifying the path to plugins and
+# event handlers - if you decide to move the plugins or event handlers to
+# a different directory in the future, you can just update one or two
+# $USERx$ macros, instead of modifying a lot of command definitions.
+#
+# The CGIs will not attempt to read the contents of resource files, so
+# you can set restrictive permissions (600 or 660) on them.
+#
+# Nagios supports up to 32 $USERx$ macros ($USER1$ through $USER32$)
+#
+# Resource files may also be used to store configuration directives for
+# external data sources like MySQL...
+#
+###########################################################################
+
+# Sets $USER1$ to be the path to the plugins
+$USER1$=/usr/lib/nagios/plugins
+
+# Sets $USER2$ to be the path to event handlers
+#$USER2$=/usr/lib64/nagios/plugins/eventhandlers
+
+# Store some usernames and passwords (hidden from the CGIs)
+#$USER3$=someuser
+#$USER4$=somepassword
+
diff --git a/puppet/modules/nagios/files/configs/CentOS/private/resource.cfg.x86_64 b/puppet/modules/nagios/files/configs/CentOS/private/resource.cfg.x86_64
new file mode 100644
index 00000000..b9f0841c
--- /dev/null
+++ b/puppet/modules/nagios/files/configs/CentOS/private/resource.cfg.x86_64
@@ -0,0 +1,34 @@
+###########################################################################
+#
+# RESOURCE.CFG - Sample Resource File for Nagios 2.9
+#
+# Last Modified: 09-10-2003
+#
+# You can define $USERx$ macros in this file, which can in turn be used
+# in command definitions in your host config file(s). $USERx$ macros are
+# useful for storing sensitive information such as usernames, passwords,
+# etc. They are also handy for specifying the path to plugins and
+# event handlers - if you decide to move the plugins or event handlers to
+# a different directory in the future, you can just update one or two
+# $USERx$ macros, instead of modifying a lot of command definitions.
+#
+# The CGIs will not attempt to read the contents of resource files, so
+# you can set restrictive permissions (600 or 660) on them.
+#
+# Nagios supports up to 32 $USERx$ macros ($USER1$ through $USER32$)
+#
+# Resource files may also be used to store configuration directives for
+# external data sources like MySQL...
+#
+###########################################################################
+
+# Sets $USER1$ to be the path to the plugins
+$USER1$=/usr/lib64/nagios/plugins
+
+# Sets $USER2$ to be the path to event handlers
+#$USER2$=/usr/lib64/nagios/plugins/eventhandlers
+
+# Store some usernames and passwords (hidden from the CGIs)
+#$USER3$=someuser
+#$USER4$=somepassword
+
diff --git a/puppet/modules/nagios/files/configs/Debian/cgi.cfg b/puppet/modules/nagios/files/configs/Debian/cgi.cfg
new file mode 100644
index 00000000..103db8a1
--- /dev/null
+++ b/puppet/modules/nagios/files/configs/Debian/cgi.cfg
@@ -0,0 +1,330 @@
+#################################################################
+#
+# CGI.CFG - Sample CGI Configuration File for Nagios
+#
+#################################################################
+
+
+# MAIN CONFIGURATION FILE
+# This tells the CGIs where to find your main configuration file.
+# The CGIs will read the main and host config files for any other
+# data they might need.
+
+main_config_file=/etc/nagios3/nagios.cfg
+
+
+
+# PHYSICAL HTML PATH
+# This is the path where the HTML files for Nagios reside. This
+# value is used to locate the logo images needed by the statusmap
+# and statuswrl CGIs.
+
+physical_html_path=/usr/share/nagios3/htdocs
+
+
+
+# URL HTML PATH
+# This is the path portion of the URL that corresponds to the
+# physical location of the Nagios HTML files (as defined above).
+# This value is used by the CGIs to locate the online documentation
+# and graphics. If you access the Nagios pages with an URL like
+# http://www.myhost.com/nagios, this value should be '/nagios'
+# (without the quotes).
+
+url_html_path=/nagios3
+
+
+
+# CONTEXT-SENSITIVE HELP
+# This option determines whether or not a context-sensitive
+# help icon will be displayed for most of the CGIs.
+# Values: 0 = disables context-sensitive help
+# 1 = enables context-sensitive help
+
+show_context_help=1
+
+
+
+# PENDING STATES OPTION
+# This option determines what states should be displayed in the web
+# interface for hosts/services that have not yet been checked.
+# Values: 0 = leave hosts/services that have not been check yet in their original state
+# 1 = mark hosts/services that have not been checked yet as PENDING
+
+use_pending_states=1
+
+nagios_check_command=/usr/lib/nagios/plugins/check_nagios /var/cache/nagios3/status.dat 5 '/usr/sbin/nagios3'
+
+
+# AUTHENTICATION USAGE
+# This option controls whether or not the CGIs will use any
+# authentication when displaying host and service information, as
+# well as committing commands to Nagios for processing.
+#
+# Read the HTML documentation to learn how the authorization works!
+#
+# NOTE: It is a really *bad* idea to disable authorization, unless
+# you plan on removing the command CGI (cmd.cgi)! Failure to do
+# so will leave you wide open to kiddies messing with Nagios and
+# possibly hitting you with a denial of service attack by filling up
+# your drive by continuously writing to your command file!
+#
+# Setting this value to 0 will cause the CGIs to *not* use
+# authentication (bad idea), while any other value will make them
+# use the authentication functions (the default).
+
+use_authentication=1
+
+
+
+
+# x509 CERT AUTHENTICATION
+# When enabled, this option allows you to use x509 cert (SSL)
+# authentication in the CGIs. This is an advanced option and should
+# not be enabled unless you know what you're doing.
+
+use_ssl_authentication=0
+
+
+
+
+# DEFAULT USER
+# Setting this variable will define a default user name that can
+# access pages without authentication. This allows people within a
+# secure domain (i.e., behind a firewall) to see the current status
+# without authenticating. You may want to use this to avoid basic
+# authentication if you are not using a secure server since basic
+# authentication transmits passwords in the clear.
+#
+# Important: Do not define a default username unless you are
+# running a secure web server and are sure that everyone who has
+# access to the CGIs has been authenticated in some manner! If you
+# define this variable, anyone who has not authenticated to the web
+# server will inherit all rights you assign to this user!
+
+#default_user_name=guest
+
+
+
+# SYSTEM/PROCESS INFORMATION ACCESS
+# This option is a comma-delimited list of all usernames that
+# have access to viewing the Nagios process information as
+# provided by the Extended Information CGI (extinfo.cgi). By
+# default, *no one* has access to this unless you choose to
+# not use authorization. You may use an asterisk (*) to
+# authorize any user who has authenticated to the web server.
+
+authorized_for_system_information=nagiosadmin
+
+
+
+# CONFIGURATION INFORMATION ACCESS
+# This option is a comma-delimited list of all usernames that
+# can view ALL configuration information (hosts, commands, etc).
+# By default, users can only view configuration information
+# for the hosts and services they are contacts for. You may use
+# an asterisk (*) to authorize any user who has authenticated
+# to the web server.
+
+authorized_for_configuration_information=nagiosadmin
+
+
+
+# SYSTEM/PROCESS COMMAND ACCESS
+# This option is a comma-delimited list of all usernames that
+# can issue shutdown and restart commands to Nagios via the
+# command CGI (cmd.cgi). Users in this list can also change
+# the program mode to active or standby. By default, *no one*
+# has access to this unless you choose to not use authorization.
+# You may use an asterisk (*) to authorize any user who has
+# authenticated to the web server.
+
+authorized_for_system_commands=nagiosadmin
+
+
+
+# GLOBAL HOST/SERVICE VIEW ACCESS
+# These two options are comma-delimited lists of all usernames that
+# can view information for all hosts and services that are being
+# monitored. By default, users can only view information
+# for hosts or services that they are contacts for (unless you
+# you choose to not use authorization). You may use an asterisk (*)
+# to authorize any user who has authenticated to the web server.
+
+
+authorized_for_all_services=nagiosadmin
+authorized_for_all_hosts=nagiosadmin
+
+
+
+# GLOBAL HOST/SERVICE COMMAND ACCESS
+# These two options are comma-delimited lists of all usernames that
+# can issue host or service related commands via the command
+# CGI (cmd.cgi) for all hosts and services that are being monitored.
+# By default, users can only issue commands for hosts or services
+# that they are contacts for (unless you you choose to not use
+# authorization). You may use an asterisk (*) to authorize any
+# user who has authenticated to the web server.
+
+authorized_for_all_service_commands=nagiosadmin
+authorized_for_all_host_commands=nagiosadmin
+
+
+
+
+# STATUSMAP BACKGROUND IMAGE
+# This option allows you to specify an image to be used as a
+# background in the statusmap CGI. It is assumed that the image
+# resides in the HTML images path (i.e. /usr/local/nagios/share/images).
+# This path is automatically determined by appending "/images"
+# to the path specified by the 'physical_html_path' directive.
+# Note: The image file may be in GIF, PNG, JPEG, or GD2 format.
+# However, I recommend that you convert your image to GD2 format
+# (uncompressed), as this will cause less CPU load when the CGI
+# generates the image.
+
+#statusmap_background_image=smbackground.gd2
+
+
+
+# DEFAULT STATUSMAP LAYOUT METHOD
+# This option allows you to specify the default layout method
+# the statusmap CGI should use for drawing hosts. If you do
+# not use this option, the default is to use user-defined
+# coordinates. Valid options are as follows:
+# 0 = User-defined coordinates
+# 1 = Depth layers
+# 2 = Collapsed tree
+# 3 = Balanced tree
+# 4 = Circular
+# 5 = Circular (Marked Up)
+
+default_statusmap_layout=5
+
+
+
+# DEFAULT STATUSWRL LAYOUT METHOD
+# This option allows you to specify the default layout method
+# the statuswrl (VRML) CGI should use for drawing hosts. If you
+# do not use this option, the default is to use user-defined
+# coordinates. Valid options are as follows:
+# 0 = User-defined coordinates
+# 2 = Collapsed tree
+# 3 = Balanced tree
+# 4 = Circular
+
+default_statuswrl_layout=4
+
+
+
+# STATUSWRL INCLUDE
+# This option allows you to include your own objects in the
+# generated VRML world. It is assumed that the file
+# resides in the HTML path (i.e. /usr/local/nagios/share).
+
+#statuswrl_include=myworld.wrl
+
+
+
+# PING SYNTAX
+# This option determines what syntax should be used when
+# attempting to ping a host from the WAP interface (using
+# the statuswml CGI. You must include the full path to
+# the ping binary, along with all required options. The
+# $HOSTADDRESS$ macro is substituted with the address of
+# the host before the command is executed.
+# Please note that the syntax for the ping binary is
+# notorious for being different on virtually ever *NIX
+# OS and distribution, so you may have to tweak this to
+# work on your system.
+
+ping_syntax=/bin/ping -n -U -c 5 $HOSTADDRESS$
+
+
+
+# REFRESH RATE
+# This option allows you to specify the refresh rate in seconds
+# of various CGIs (status, statusmap, extinfo, and outages).
+
+refresh_rate=90
+
+
+
+# ESCAPE HTML TAGS
+# This option determines whether HTML tags in host and service
+# status output is escaped in the web interface. If enabled,
+# your plugin output will not be able to contain clickable links.
+
+escape_html_tags=1
+
+
+
+
+# SOUND OPTIONS
+# These options allow you to specify an optional audio file
+# that should be played in your browser window when there are
+# problems on the network. The audio files are used only in
+# the status CGI. Only the sound for the most critical problem
+# will be played. Order of importance (higher to lower) is as
+# follows: unreachable hosts, down hosts, critical services,
+# warning services, and unknown services. If there are no
+# visible problems, the sound file optionally specified by
+# 'normal_sound' variable will be played.
+#
+#
+# <varname>=<sound_file>
+#
+# Note: All audio files must be placed in the /media subdirectory
+# under the HTML path (i.e. /usr/local/nagios/share/media/).
+
+#host_unreachable_sound=hostdown.wav
+#host_down_sound=hostdown.wav
+#service_critical_sound=critical.wav
+#service_warning_sound=warning.wav
+#service_unknown_sound=warning.wav
+#normal_sound=noproblem.wav
+
+
+
+# URL TARGET FRAMES
+# These options determine the target frames in which notes and
+# action URLs will open.
+
+action_url_target=_blank
+notes_url_target=_blank
+
+
+
+
+# LOCK AUTHOR NAMES OPTION
+# This option determines whether users can change the author name
+# when submitting comments, scheduling downtime. If disabled, the
+# author names will be locked into their contact name, as defined in Nagios.
+# Values: 0 = allow editing author names
+# 1 = lock author names (disallow editing)
+
+lock_author_names=1
+
+
+
+
+# SPLUNK INTEGRATION OPTIONS
+# These options allow you to enable integration with Splunk
+# in the web interface. If enabled, you'll be presented with
+# "Splunk It" links in various places in the CGIs (log file,
+# alert history, host/service detail, etc). Useful if you're
+# trying to research why a particular problem occurred.
+# For more information on Splunk, visit http://www.splunk.com/
+
+# This option determines whether the Splunk integration is enabled
+# Values: 0 = disable Splunk integration
+# 1 = enable Splunk integration
+
+#enable_splunk_integration=1
+
+
+# This option should be the URL used to access your instance of Splunk
+
+#splunk_url=http://127.0.0.1:8000/
+
+
diff --git a/puppet/modules/nagios/files/configs/Debian/nagios.cfg b/puppet/modules/nagios/files/configs/Debian/nagios.cfg
new file mode 100644
index 00000000..291a4741
--- /dev/null
+++ b/puppet/modules/nagios/files/configs/Debian/nagios.cfg
@@ -0,0 +1,1288 @@
+##############################################################################
+#
+# NAGIOS.CFG - Sample Main Config File for Nagios
+#
+#
+##############################################################################
+
+
+# LOG FILE
+# This is the main log file where service and host events are logged
+# for historical purposes. This should be the first option specified
+# in the config file!!!
+
+log_file=/var/log/nagios3/nagios.log
+
+
+
+# OBJECT CONFIGURATION FILE(S)
+# These are the object configuration files in which you define hosts,
+# host groups, contacts, contact groups, services, etc.
+# You can split your object definitions across several config files
+# if you wish (as shown below), or keep them all in a single config file.
+#cfg_file=/etc/nagios3/commands.cfg
+
+# Puppet-managed configuration files
+cfg_file=/etc/nagios3/nagios_templates.cfg
+cfg_file=/etc/nagios3/nagios_command.cfg
+cfg_file=/etc/nagios3/nagios_contact.cfg
+cfg_file=/etc/nagios3/nagios_contactgroup.cfg
+cfg_file=/etc/nagios3/nagios_host.cfg
+cfg_file=/etc/nagios3/nagios_hostdependency.cfg
+cfg_file=/etc/nagios3/nagios_hostescalation.cfg
+cfg_file=/etc/nagios3/nagios_hostextinfo.cfg
+cfg_file=/etc/nagios3/nagios_hostgroup.cfg
+cfg_file=/etc/nagios3/nagios_hostgroupescalation.cfg
+cfg_file=/etc/nagios3/nagios_service.cfg
+cfg_file=/etc/nagios3/nagios_servicedependency.cfg
+cfg_file=/etc/nagios3/nagios_serviceescalation.cfg
+cfg_file=/etc/nagios3/nagios_serviceextinfo.cfg
+cfg_file=/etc/nagios3/nagios_servicegroup.cfg
+cfg_file=/etc/nagios3/nagios_timeperiod.cfg
+
+# Debian also defaults to using the check commands defined by the debian
+# nagios-plugins package
+cfg_dir=/etc/nagios-plugins/config
+
+
+
+# OBJECT CACHE FILE
+# This option determines where object definitions are cached when
+# Nagios starts/restarts. The CGIs read object definitions from
+# this cache file (rather than looking at the object config files
+# directly) in order to prevent inconsistencies that can occur
+# when the config files are modified after Nagios starts.
+
+object_cache_file=/var/cache/nagios3/objects.cache
+
+
+
+# PRE-CACHED OBJECT FILE
+# This options determines the location of the precached object file.
+# If you run Nagios with the -p command line option, it will preprocess
+# your object configuration file(s) and write the cached config to this
+# file. You can then start Nagios with the -u option to have it read
+# object definitions from this precached file, rather than the standard
+# object configuration files (see the cfg_file and cfg_dir options above).
+# Using a precached object file can speed up the time needed to (re)start
+# the Nagios process if you've got a large and/or complex configuration.
+# Read the documentation section on optimizing Nagios to find our more
+# about how this feature works.
+
+precached_object_file=/var/lib/nagios3/objects.precache
+
+
+
+# RESOURCE FILE
+# This is an optional resource file that contains $USERx$ macro
+# definitions. Multiple resource files can be specified by using
+# multiple resource_file definitions. The CGIs will not attempt to
+# read the contents of resource files, so information that is
+# considered to be sensitive (usernames, passwords, etc) can be
+# defined as macros in this file and restrictive permissions (600)
+# can be placed on this file.
+
+resource_file=/etc/nagios3/resource.cfg
+
+
+
+# STATUS FILE
+# This is where the current status of all monitored services and
+# hosts is stored. Its contents are read and processed by the CGIs.
+# The contents of the status file are deleted every time Nagios
+# restarts.
+
+status_file=/var/cache/nagios3/status.dat
+
+
+
+# STATUS FILE UPDATE INTERVAL
+# This option determines the frequency (in seconds) that
+# Nagios will periodically dump program, host, and
+# service status data.
+
+status_update_interval=10
+
+
+
+# NAGIOS USER
+# This determines the effective user that Nagios should run as.
+# You can either supply a username or a UID.
+
+nagios_user=nagios
+
+
+
+# NAGIOS GROUP
+# This determines the effective group that Nagios should run as.
+# You can either supply a group name or a GID.
+
+nagios_group=nagios
+
+
+
+# EXTERNAL COMMAND OPTION
+# This option allows you to specify whether or not Nagios should check
+# for external commands (in the command file defined below). By default
+# Nagios will *not* check for external commands, just to be on the
+# cautious side. If you want to be able to use the CGI command interface
+# you will have to enable this.
+# Values: 0 = disable commands, 1 = enable commands
+
+check_external_commands=0
+
+
+
+# EXTERNAL COMMAND CHECK INTERVAL
+# This is the interval at which Nagios should check for external commands.
+# This value works of the interval_length you specify later. If you leave
+# that at its default value of 60 (seconds), a value of 1 here will cause
+# Nagios to check for external commands every minute. If you specify a
+# number followed by an "s" (i.e. 15s), this will be interpreted to mean
+# actual seconds rather than a multiple of the interval_length variable.
+# Note: In addition to reading the external command file at regularly
+# scheduled intervals, Nagios will also check for external commands after
+# event handlers are executed.
+# NOTE: Setting this value to -1 causes Nagios to check the external
+# command file as often as possible.
+
+#command_check_interval=15s
+command_check_interval=-1
+
+
+
+# EXTERNAL COMMAND FILE
+# This is the file that Nagios checks for external command requests.
+# It is also where the command CGI will write commands that are submitted
+# by users, so it must be writeable by the user that the web server
+# is running as (usually 'nobody'). Permissions should be set at the
+# directory level instead of on the file, as the file is deleted every
+# time its contents are processed.
+# Debian Users: In case you didn't read README.Debian yet, _NOW_ is the
+# time to do it.
+
+command_file=/var/lib/nagios3/rw/nagios.cmd
+
+
+
+# EXTERNAL COMMAND BUFFER SLOTS
+# This settings is used to tweak the number of items or "slots" that
+# the Nagios daemon should allocate to the buffer that holds incoming
+# external commands before they are processed. As external commands
+# are processed by the daemon, they are removed from the buffer.
+
+external_command_buffer_slots=4096
+
+
+
+# LOCK FILE
+# This is the lockfile that Nagios will use to store its PID number
+# in when it is running in daemon mode.
+
+lock_file=/var/run/nagios3/nagios3.pid
+
+
+
+# TEMP FILE
+# This is a temporary file that is used as scratch space when Nagios
+# updates the status log, cleans the comment file, etc. This file
+# is created, used, and deleted throughout the time that Nagios is
+# running.
+
+temp_file=/var/cache/nagios3/nagios.tmp
+
+
+
+# TEMP PATH
+# This is path where Nagios can create temp files for service and
+# host check results, etc.
+
+temp_path=/tmp
+
+
+
+# EVENT BROKER OPTIONS
+# Controls what (if any) data gets sent to the event broker.
+# Values: 0 = Broker nothing
+# -1 = Broker everything
+# <other> = See documentation
+
+event_broker_options=-1
+
+
+
+# EVENT BROKER MODULE(S)
+# This directive is used to specify an event broker module that should
+# by loaded by Nagios at startup. Use multiple directives if you want
+# to load more than one module. Arguments that should be passed to
+# the module at startup are seperated from the module path by a space.
+#
+#!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+# WARNING !!! WARNING !!! WARNING !!! WARNING !!! WARNING !!! WARNING
+#!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+#
+# Do NOT overwrite modules while they are being used by Nagios or Nagios
+# will crash in a fiery display of SEGFAULT glory. This is a bug/limitation
+# either in dlopen(), the kernel, and/or the filesystem. And maybe Nagios...
+#
+# The correct/safe way of updating a module is by using one of these methods:
+# 1. Shutdown Nagios, replace the module file, restart Nagios
+# 2. Delete the original module file, move the new module file into place, restart Nagios
+#
+# Example:
+#
+# broker_module=<modulepath> [moduleargs]
+
+#broker_module=/somewhere/module1.o
+#broker_module=/somewhere/module2.o arg1 arg2=3 debug=0
+
+
+
+# LOG ROTATION METHOD
+# This is the log rotation method that Nagios should use to rotate
+# the main log file. Values are as follows..
+# n = None - don't rotate the log
+# h = Hourly rotation (top of the hour)
+# d = Daily rotation (midnight every day)
+# w = Weekly rotation (midnight on Saturday evening)
+# m = Monthly rotation (midnight last day of month)
+
+log_rotation_method=d
+
+
+
+# LOG ARCHIVE PATH
+# This is the directory where archived (rotated) log files should be
+# placed (assuming you've chosen to do log rotation).
+
+log_archive_path=/var/log/nagios3/archives
+
+
+
+# LOGGING OPTIONS
+# If you want messages logged to the syslog facility, as well as the
+# Nagios log file set this option to 1. If not, set it to 0.
+
+use_syslog=1
+
+
+
+# NOTIFICATION LOGGING OPTION
+# If you don't want notifications to be logged, set this value to 0.
+# If notifications should be logged, set the value to 1.
+
+log_notifications=1
+
+
+
+# SERVICE RETRY LOGGING OPTION
+# If you don't want service check retries to be logged, set this value
+# to 0. If retries should be logged, set the value to 1.
+
+log_service_retries=1
+
+
+
+# HOST RETRY LOGGING OPTION
+# If you don't want host check retries to be logged, set this value to
+# 0. If retries should be logged, set the value to 1.
+
+log_host_retries=1
+
+
+
+# EVENT HANDLER LOGGING OPTION
+# If you don't want host and service event handlers to be logged, set
+# this value to 0. If event handlers should be logged, set the value
+# to 1.
+
+log_event_handlers=1
+
+
+
+# INITIAL STATES LOGGING OPTION
+# If you want Nagios to log all initial host and service states to
+# the main log file (the first time the service or host is checked)
+# you can enable this option by setting this value to 1. If you
+# are not using an external application that does long term state
+# statistics reporting, you do not need to enable this option. In
+# this case, set the value to 0.
+
+log_initial_states=0
+
+
+
+# EXTERNAL COMMANDS LOGGING OPTION
+# If you don't want Nagios to log external commands, set this value
+# to 0. If external commands should be logged, set this value to 1.
+# Note: This option does not include logging of passive service
+# checks - see the option below for controlling whether or not
+# passive checks are logged.
+
+log_external_commands=1
+
+
+
+# PASSIVE CHECKS LOGGING OPTION
+# If you don't want Nagios to log passive host and service checks, set
+# this value to 0. If passive checks should be logged, set
+# this value to 1.
+
+log_passive_checks=1
+
+
+
+# GLOBAL HOST AND SERVICE EVENT HANDLERS
+# These options allow you to specify a host and service event handler
+# command that is to be run for every host or service state change.
+# The global event handler is executed immediately prior to the event
+# handler that you have optionally specified in each host or
+# service definition. The command argument is the short name of a
+# command definition that you define in your host configuration file.
+# Read the HTML docs for more information.
+
+#global_host_event_handler=somecommand
+#global_service_event_handler=somecommand
+
+
+
+# SERVICE INTER-CHECK DELAY METHOD
+# This is the method that Nagios should use when initially
+# "spreading out" service checks when it starts monitoring. The
+# default is to use smart delay calculation, which will try to
+# space all service checks out evenly to minimize CPU load.
+# Using the dumb setting will cause all checks to be scheduled
+# at the same time (with no delay between them)! This is not a
+# good thing for production, but is useful when testing the
+# parallelization functionality.
+# n = None - don't use any delay between checks
+# d = Use a "dumb" delay of 1 second between checks
+# s = Use "smart" inter-check delay calculation
+# x.xx = Use an inter-check delay of x.xx seconds
+
+service_inter_check_delay_method=s
+
+
+
+# MAXIMUM SERVICE CHECK SPREAD
+# This variable determines the timeframe (in minutes) from the
+# program start time that an initial check of all services should
+# be completed. Default is 30 minutes.
+
+max_service_check_spread=30
+
+
+
+# SERVICE CHECK INTERLEAVE FACTOR
+# This variable determines how service checks are interleaved.
+# Interleaving the service checks allows for a more even
+# distribution of service checks and reduced load on remote
+# hosts. Setting this value to 1 is equivalent to how versions
+# of Nagios previous to 0.0.5 did service checks. Set this
+# value to s (smart) for automatic calculation of the interleave
+# factor unless you have a specific reason to change it.
+# s = Use "smart" interleave factor calculation
+# x = Use an interleave factor of x, where x is a
+# number greater than or equal to 1.
+
+service_interleave_factor=s
+
+
+
+# HOST INTER-CHECK DELAY METHOD
+# This is the method that Nagios should use when initially
+# "spreading out" host checks when it starts monitoring. The
+# default is to use smart delay calculation, which will try to
+# space all host checks out evenly to minimize CPU load.
+# Using the dumb setting will cause all checks to be scheduled
+# at the same time (with no delay between them)!
+# n = None - don't use any delay between checks
+# d = Use a "dumb" delay of 1 second between checks
+# s = Use "smart" inter-check delay calculation
+# x.xx = Use an inter-check delay of x.xx seconds
+
+host_inter_check_delay_method=s
+
+
+
+# MAXIMUM HOST CHECK SPREAD
+# This variable determines the timeframe (in minutes) from the
+# program start time that an initial check of all hosts should
+# be completed. Default is 30 minutes.
+
+max_host_check_spread=30
+
+
+
+# MAXIMUM CONCURRENT SERVICE CHECKS
+# This option allows you to specify the maximum number of
+# service checks that can be run in parallel at any given time.
+# Specifying a value of 1 for this variable essentially prevents
+# any service checks from being parallelized. A value of 0
+# will not restrict the number of concurrent checks that are
+# being executed.
+
+max_concurrent_checks=0
+
+
+
+# HOST AND SERVICE CHECK REAPER FREQUENCY
+# This is the frequency (in seconds!) that Nagios will process
+# the results of host and service checks.
+
+check_result_reaper_frequency=10
+
+
+
+
+# MAX CHECK RESULT REAPER TIME
+# This is the max amount of time (in seconds) that a single
+# check result reaper event will be allowed to run before
+# returning control back to Nagios so it can perform other
+# duties.
+
+max_check_result_reaper_time=30
+
+
+
+
+# CHECK RESULT PATH
+# This is directory where Nagios stores the results of host and
+# service checks that have not yet been processed.
+#
+# Note: Make sure that only one instance of Nagios has access
+# to this directory!
+
+check_result_path=/var/lib/nagios3/spool/checkresults
+
+
+
+
+# MAX CHECK RESULT FILE AGE
+# This option determines the maximum age (in seconds) which check
+# result files are considered to be valid. Files older than this
+# threshold will be mercilessly deleted without further processing.
+
+max_check_result_file_age=3600
+
+
+
+
+# CACHED HOST CHECK HORIZON
+# This option determines the maximum amount of time (in seconds)
+# that the state of a previous host check is considered current.
+# Cached host states (from host checks that were performed more
+# recently that the timeframe specified by this value) can immensely
+# improve performance in regards to the host check logic.
+# Too high of a value for this option may result in inaccurate host
+# states being used by Nagios, while a lower value may result in a
+# performance hit for host checks. Use a value of 0 to disable host
+# check caching.
+
+cached_host_check_horizon=15
+
+
+
+# CACHED SERVICE CHECK HORIZON
+# This option determines the maximum amount of time (in seconds)
+# that the state of a previous service check is considered current.
+# Cached service states (from service checks that were performed more
+# recently that the timeframe specified by this value) can immensely
+# improve performance in regards to predictive dependency checks.
+# Use a value of 0 to disable service check caching.
+
+cached_service_check_horizon=15
+
+
+
+# ENABLE PREDICTIVE HOST DEPENDENCY CHECKS
+# This option determines whether or not Nagios will attempt to execute
+# checks of hosts when it predicts that future dependency logic test
+# may be needed. These predictive checks can help ensure that your
+# host dependency logic works well.
+# Values:
+# 0 = Disable predictive checks
+# 1 = Enable predictive checks (default)
+
+enable_predictive_host_dependency_checks=1
+
+
+
+# ENABLE PREDICTIVE SERVICE DEPENDENCY CHECKS
+# This option determines whether or not Nagios will attempt to execute
+# checks of service when it predicts that future dependency logic test
+# may be needed. These predictive checks can help ensure that your
+# service dependency logic works well.
+# Values:
+# 0 = Disable predictive checks
+# 1 = Enable predictive checks (default)
+
+enable_predictive_service_dependency_checks=1
+
+
+
+# SOFT STATE DEPENDENCIES
+# This option determines whether or not Nagios will use soft state
+# information when checking host and service dependencies. Normally
+# Nagios will only use the latest hard host or service state when
+# checking dependencies. If you want it to use the latest state (regardless
+# of whether its a soft or hard state type), enable this option.
+# Values:
+# 0 = Don't use soft state dependencies (default)
+# 1 = Use soft state dependencies
+
+soft_state_dependencies=0
+
+
+
+# TIME CHANGE ADJUSTMENT THRESHOLDS
+# These options determine when Nagios will react to detected changes
+# in system time (either forward or backwards).
+
+#time_change_threshold=900
+
+
+
+# AUTO-RESCHEDULING OPTION
+# This option determines whether or not Nagios will attempt to
+# automatically reschedule active host and service checks to
+# "smooth" them out over time. This can help balance the load on
+# the monitoring server.
+# WARNING: THIS IS AN EXPERIMENTAL FEATURE - IT CAN DEGRADE
+# PERFORMANCE, RATHER THAN INCREASE IT, IF USED IMPROPERLY
+
+auto_reschedule_checks=0
+
+
+
+# AUTO-RESCHEDULING INTERVAL
+# This option determines how often (in seconds) Nagios will
+# attempt to automatically reschedule checks. This option only
+# has an effect if the auto_reschedule_checks option is enabled.
+# Default is 30 seconds.
+# WARNING: THIS IS AN EXPERIMENTAL FEATURE - IT CAN DEGRADE
+# PERFORMANCE, RATHER THAN INCREASE IT, IF USED IMPROPERLY
+
+auto_rescheduling_interval=30
+
+
+
+# AUTO-RESCHEDULING WINDOW
+# This option determines the "window" of time (in seconds) that
+# Nagios will look at when automatically rescheduling checks.
+# Only host and service checks that occur in the next X seconds
+# (determined by this variable) will be rescheduled. This option
+# only has an effect if the auto_reschedule_checks option is
+# enabled. Default is 180 seconds (3 minutes).
+# WARNING: THIS IS AN EXPERIMENTAL FEATURE - IT CAN DEGRADE
+# PERFORMANCE, RATHER THAN INCREASE IT, IF USED IMPROPERLY
+
+auto_rescheduling_window=180
+
+
+
+# SLEEP TIME
+# This is the number of seconds to sleep between checking for system
+# events and service checks that need to be run.
+
+sleep_time=0.25
+
+
+
+# TIMEOUT VALUES
+# These options control how much time Nagios will allow various
+# types of commands to execute before killing them off. Options
+# are available for controlling maximum time allotted for
+# service checks, host checks, event handlers, notifications, the
+# ocsp command, and performance data commands. All values are in
+# seconds.
+
+service_check_timeout=60
+host_check_timeout=30
+event_handler_timeout=30
+notification_timeout=30
+ocsp_timeout=5
+perfdata_timeout=5
+
+
+
+# RETAIN STATE INFORMATION
+# This setting determines whether or not Nagios will save state
+# information for services and hosts before it shuts down. Upon
+# startup Nagios will reload all saved service and host state
+# information before starting to monitor. This is useful for
+# maintaining long-term data on state statistics, etc, but will
+# slow Nagios down a bit when it (re)starts. Since its only
+# a one-time penalty, I think its well worth the additional
+# startup delay.
+
+retain_state_information=1
+
+
+
+# STATE RETENTION FILE
+# This is the file that Nagios should use to store host and
+# service state information before it shuts down. The state
+# information in this file is also read immediately prior to
+# starting to monitor the network when Nagios is restarted.
+# This file is used only if the preserve_state_information
+# variable is set to 1.
+
+state_retention_file=/var/lib/nagios3/retention.dat
+
+
+
+# RETENTION DATA UPDATE INTERVAL
+# This setting determines how often (in minutes) that Nagios
+# will automatically save retention data during normal operation.
+# If you set this value to 0, Nagios will not save retention
+# data at regular interval, but it will still save retention
+# data before shutting down or restarting. If you have disabled
+# state retention, this option has no effect.
+
+retention_update_interval=60
+
+
+
+# USE RETAINED PROGRAM STATE
+# This setting determines whether or not Nagios will set
+# program status variables based on the values saved in the
+# retention file. If you want to use retained program status
+# information, set this value to 1. If not, set this value
+# to 0.
+
+use_retained_program_state=1
+
+
+
+# USE RETAINED SCHEDULING INFO
+# This setting determines whether or not Nagios will retain
+# the scheduling info (next check time) for hosts and services
+# based on the values saved in the retention file. If you
+# If you want to use retained scheduling info, set this
+# value to 1. If not, set this value to 0.
+
+use_retained_scheduling_info=1
+
+
+
+# RETAINED ATTRIBUTE MASKS (ADVANCED FEATURE)
+# The following variables are used to specify specific host and
+# service attributes that should *not* be retained by Nagios during
+# program restarts.
+#
+# The values of the masks are bitwise ANDs of values specified
+# by the "MODATTR_" definitions found in include/common.h.
+# For example, if you do not want the current enabled/disabled state
+# of flap detection and event handlers for hosts to be retained, you
+# would use a value of 24 for the host attribute mask...
+# MODATTR_EVENT_HANDLER_ENABLED (8) + MODATTR_FLAP_DETECTION_ENABLED (16) = 24
+
+# This mask determines what host attributes are not retained
+retained_host_attribute_mask=0
+
+# This mask determines what service attributes are not retained
+retained_service_attribute_mask=0
+
+# These two masks determine what process attributes are not retained.
+# There are two masks, because some process attributes have host and service
+# options. For example, you can disable active host checks, but leave active
+# service checks enabled.
+retained_process_host_attribute_mask=0
+retained_process_service_attribute_mask=0
+
+# These two masks determine what contact attributes are not retained.
+# There are two masks, because some contact attributes have host and
+# service options. For example, you can disable host notifications for
+# a contact, but leave service notifications enabled for them.
+retained_contact_host_attribute_mask=0
+retained_contact_service_attribute_mask=0
+
+
+
+# INTERVAL LENGTH
+# This is the seconds per unit interval as used in the
+# host/contact/service configuration files. Setting this to 60 means
+# that each interval is one minute long (60 seconds). Other settings
+# have not been tested much, so your mileage is likely to vary...
+
+interval_length=60
+
+
+
+# AGGRESSIVE HOST CHECKING OPTION
+# If you don't want to turn on aggressive host checking features, set
+# this value to 0 (the default). Otherwise set this value to 1 to
+# enable the aggressive check option. Read the docs for more info
+# on what aggressive host check is or check out the source code in
+# base/checks.c
+
+use_aggressive_host_checking=0
+
+
+
+# SERVICE CHECK EXECUTION OPTION
+# This determines whether or not Nagios will actively execute
+# service checks when it initially starts. If this option is
+# disabled, checks are not actively made, but Nagios can still
+# receive and process passive check results that come in. Unless
+# you're implementing redundant hosts or have a special need for
+# disabling the execution of service checks, leave this enabled!
+# Values: 1 = enable checks, 0 = disable checks
+
+execute_service_checks=1
+
+
+
+# PASSIVE SERVICE CHECK ACCEPTANCE OPTION
+# This determines whether or not Nagios will accept passive
+# service checks results when it initially (re)starts.
+# Values: 1 = accept passive checks, 0 = reject passive checks
+
+accept_passive_service_checks=1
+
+
+
+# HOST CHECK EXECUTION OPTION
+# This determines whether or not Nagios will actively execute
+# host checks when it initially starts. If this option is
+# disabled, checks are not actively made, but Nagios can still
+# receive and process passive check results that come in. Unless
+# you're implementing redundant hosts or have a special need for
+# disabling the execution of host checks, leave this enabled!
+# Values: 1 = enable checks, 0 = disable checks
+
+execute_host_checks=1
+
+
+
+# PASSIVE HOST CHECK ACCEPTANCE OPTION
+# This determines whether or not Nagios will accept passive
+# host checks results when it initially (re)starts.
+# Values: 1 = accept passive checks, 0 = reject passive checks
+
+accept_passive_host_checks=1
+
+
+
+# NOTIFICATIONS OPTION
+# This determines whether or not Nagios will sent out any host or
+# service notifications when it is initially (re)started.
+# Values: 1 = enable notifications, 0 = disable notifications
+
+enable_notifications=1
+
+
+
+# EVENT HANDLER USE OPTION
+# This determines whether or not Nagios will run any host or
+# service event handlers when it is initially (re)started. Unless
+# you're implementing redundant hosts, leave this option enabled.
+# Values: 1 = enable event handlers, 0 = disable event handlers
+
+enable_event_handlers=1
+
+
+
+# PROCESS PERFORMANCE DATA OPTION
+# This determines whether or not Nagios will process performance
+# data returned from service and host checks. If this option is
+# enabled, host performance data will be processed using the
+# host_perfdata_command (defined below) and service performance
+# data will be processed using the service_perfdata_command (also
+# defined below). Read the HTML docs for more information on
+# performance data.
+# Values: 1 = process performance data, 0 = do not process performance data
+
+process_performance_data=0
+
+
+
+# HOST AND SERVICE PERFORMANCE DATA PROCESSING COMMANDS
+# These commands are run after every host and service check is
+# performed. These commands are executed only if the
+# enable_performance_data option (above) is set to 1. The command
+# argument is the short name of a command definition that you
+# define in your host configuration file. Read the HTML docs for
+# more information on performance data.
+
+#host_perfdata_command=process-host-perfdata
+#service_perfdata_command=process-service-perfdata
+
+
+
+# HOST AND SERVICE PERFORMANCE DATA FILES
+# These files are used to store host and service performance data.
+# Performance data is only written to these files if the
+# enable_performance_data option (above) is set to 1.
+
+#host_perfdata_file=/tmp/host-perfdata
+#service_perfdata_file=/tmp/service-perfdata
+
+
+
+# HOST AND SERVICE PERFORMANCE DATA FILE TEMPLATES
+# These options determine what data is written (and how) to the
+# performance data files. The templates may contain macros, special
+# characters (\t for tab, \r for carriage return, \n for newline)
+# and plain text. A newline is automatically added after each write
+# to the performance data file. Some examples of what you can do are
+# shown below.
+
+#host_perfdata_file_template=[HOSTPERFDATA]\t$TIMET$\t$HOSTNAME$\t$HOSTEXECUTIONTIME$\t$HOSTOUTPUT$\t$HOSTPERFDATA$
+#service_perfdata_file_template=[SERVICEPERFDATA]\t$TIMET$\t$HOSTNAME$\t$SERVICEDESC$\t$SERVICEEXECUTIONTIME$\t$SERVICELATENCY$\t$SERVICEOUTPUT$\t$SERVICEPERFDATA$
+
+
+
+# HOST AND SERVICE PERFORMANCE DATA FILE MODES
+# This option determines whether or not the host and service
+# performance data files are opened in write ("w") or append ("a")
+# mode. If you want to use named pipes, you should use the special
+# pipe ("p") mode which avoid blocking at startup, otherwise you will
+# likely want the defult append ("a") mode.
+
+#host_perfdata_file_mode=a
+#service_perfdata_file_mode=a
+
+
+
+# HOST AND SERVICE PERFORMANCE DATA FILE PROCESSING INTERVAL
+# These options determine how often (in seconds) the host and service
+# performance data files are processed using the commands defined
+# below. A value of 0 indicates the files should not be periodically
+# processed.
+
+#host_perfdata_file_processing_interval=0
+#service_perfdata_file_processing_interval=0
+
+
+
+# HOST AND SERVICE PERFORMANCE DATA FILE PROCESSING COMMANDS
+# These commands are used to periodically process the host and
+# service performance data files. The interval at which the
+# processing occurs is determined by the options above.
+
+#host_perfdata_file_processing_command=process-host-perfdata-file
+#service_perfdata_file_processing_command=process-service-perfdata-file
+
+
+
+# OBSESS OVER SERVICE CHECKS OPTION
+# This determines whether or not Nagios will obsess over service
+# checks and run the ocsp_command defined below. Unless you're
+# planning on implementing distributed monitoring, do not enable
+# this option. Read the HTML docs for more information on
+# implementing distributed monitoring.
+# Values: 1 = obsess over services, 0 = do not obsess (default)
+
+obsess_over_services=0
+
+
+
+# OBSESSIVE COMPULSIVE SERVICE PROCESSOR COMMAND
+# This is the command that is run for every service check that is
+# processed by Nagios. This command is executed only if the
+# obsess_over_services option (above) is set to 1. The command
+# argument is the short name of a command definition that you
+# define in your host configuration file. Read the HTML docs for
+# more information on implementing distributed monitoring.
+
+#ocsp_command=somecommand
+
+
+
+# OBSESS OVER HOST CHECKS OPTION
+# This determines whether or not Nagios will obsess over host
+# checks and run the ochp_command defined below. Unless you're
+# planning on implementing distributed monitoring, do not enable
+# this option. Read the HTML docs for more information on
+# implementing distributed monitoring.
+# Values: 1 = obsess over hosts, 0 = do not obsess (default)
+
+obsess_over_hosts=0
+
+
+
+# OBSESSIVE COMPULSIVE HOST PROCESSOR COMMAND
+# This is the command that is run for every host check that is
+# processed by Nagios. This command is executed only if the
+# obsess_over_hosts option (above) is set to 1. The command
+# argument is the short name of a command definition that you
+# define in your host configuration file. Read the HTML docs for
+# more information on implementing distributed monitoring.
+
+#ochp_command=somecommand
+
+
+
+# TRANSLATE PASSIVE HOST CHECKS OPTION
+# This determines whether or not Nagios will translate
+# DOWN/UNREACHABLE passive host check results into their proper
+# state for this instance of Nagios. This option is useful
+# if you have distributed or failover monitoring setup. In
+# these cases your other Nagios servers probably have a different
+# "view" of the network, with regards to the parent/child relationship
+# of hosts. If a distributed monitoring server thinks a host
+# is DOWN, it may actually be UNREACHABLE from the point of
+# this Nagios instance. Enabling this option will tell Nagios
+# to translate any DOWN or UNREACHABLE host states it receives
+# passively into the correct state from the view of this server.
+# Values: 1 = perform translation, 0 = do not translate (default)
+
+translate_passive_host_checks=0
+
+
+
+# PASSIVE HOST CHECKS ARE SOFT OPTION
+# This determines whether or not Nagios will treat passive host
+# checks as being HARD or SOFT. By default, a passive host check
+# result will put a host into a HARD state type. This can be changed
+# by enabling this option.
+# Values: 0 = passive checks are HARD, 1 = passive checks are SOFT
+
+passive_host_checks_are_soft=0
+
+
+
+# ORPHANED HOST/SERVICE CHECK OPTIONS
+# These options determine whether or not Nagios will periodically
+# check for orphaned host service checks. Since service checks are
+# not rescheduled until the results of their previous execution
+# instance are processed, there exists a possibility that some
+# checks may never get rescheduled. A similar situation exists for
+# host checks, although the exact scheduling details differ a bit
+# from service checks. Orphaned checks seem to be a rare
+# problem and should not happen under normal circumstances.
+# If you have problems with service checks never getting
+# rescheduled, make sure you have orphaned service checks enabled.
+# Values: 1 = enable checks, 0 = disable checks
+
+check_for_orphaned_services=1
+check_for_orphaned_hosts=1
+
+
+
+# SERVICE FRESHNESS CHECK OPTION
+# This option determines whether or not Nagios will periodically
+# check the "freshness" of service results. Enabling this option
+# is useful for ensuring passive checks are received in a timely
+# manner.
+# Values: 1 = enabled freshness checking, 0 = disable freshness checking
+
+check_service_freshness=1
+
+
+
+# SERVICE FRESHNESS CHECK INTERVAL
+# This setting determines how often (in seconds) Nagios will
+# check the "freshness" of service check results. If you have
+# disabled service freshness checking, this option has no effect.
+
+service_freshness_check_interval=60
+
+
+
+# HOST FRESHNESS CHECK OPTION
+# This option determines whether or not Nagios will periodically
+# check the "freshness" of host results. Enabling this option
+# is useful for ensuring passive checks are received in a timely
+# manner.
+# Values: 1 = enabled freshness checking, 0 = disable freshness checking
+
+check_host_freshness=0
+
+
+
+# HOST FRESHNESS CHECK INTERVAL
+# This setting determines how often (in seconds) Nagios will
+# check the "freshness" of host check results. If you have
+# disabled host freshness checking, this option has no effect.
+
+host_freshness_check_interval=60
+
+
+
+
+# ADDITIONAL FRESHNESS THRESHOLD LATENCY
+# This setting determines the number of seconds that Nagios
+# will add to any host and service freshness thresholds that
+# it calculates (those not explicitly specified by the user).
+
+additional_freshness_latency=15
+
+
+
+
+# FLAP DETECTION OPTION
+# This option determines whether or not Nagios will try
+# and detect hosts and services that are "flapping".
+# Flapping occurs when a host or service changes between
+# states too frequently. When Nagios detects that a
+# host or service is flapping, it will temporarily suppress
+# notifications for that host/service until it stops
+# flapping. Flap detection is very experimental, so read
+# the HTML documentation before enabling this feature!
+# Values: 1 = enable flap detection
+# 0 = disable flap detection (default)
+
+enable_flap_detection=1
+
+
+
+# FLAP DETECTION THRESHOLDS FOR HOSTS AND SERVICES
+# Read the HTML documentation on flap detection for
+# an explanation of what this option does. This option
+# has no effect if flap detection is disabled.
+
+low_service_flap_threshold=5.0
+high_service_flap_threshold=20.0
+low_host_flap_threshold=5.0
+high_host_flap_threshold=20.0
+
+
+
+# DATE FORMAT OPTION
+# This option determines how short dates are displayed. Valid options
+# include:
+# us (MM-DD-YYYY HH:MM:SS)
+# euro (DD-MM-YYYY HH:MM:SS)
+# iso8601 (YYYY-MM-DD HH:MM:SS)
+# strict-iso8601 (YYYY-MM-DDTHH:MM:SS)
+#
+
+date_format=iso8601
+
+
+
+
+# TIMEZONE OFFSET
+# This option is used to override the default timezone that this
+# instance of Nagios runs in. If not specified, Nagios will use
+# the system configured timezone.
+#
+# NOTE: In order to display the correct timezone in the CGIs, you
+# will also need to alter the Apache directives for the CGI path
+# to include your timezone. Example:
+#
+# <Directory "/usr/local/nagios/sbin/">
+# SetEnv TZ "Australia/Brisbane"
+# ...
+# </Directory>
+
+#use_timezone=US/Mountain
+#use_timezone=Australia/Brisbane
+
+
+
+
+# P1.PL FILE LOCATION
+# This value determines where the p1.pl perl script (used by the
+# embedded Perl interpreter) is located. If you didn't compile
+# Nagios with embedded Perl support, this option has no effect.
+
+p1_file=/usr/lib/nagios3/p1.pl
+
+
+
+# EMBEDDED PERL INTERPRETER OPTION
+# This option determines whether or not the embedded Perl interpreter
+# will be enabled during runtime. This option has no effect if Nagios
+# has not been compiled with support for embedded Perl.
+# Values: 0 = disable interpreter, 1 = enable interpreter
+
+enable_embedded_perl=1
+
+
+
+# EMBEDDED PERL USAGE OPTION
+# This option determines whether or not Nagios will process Perl plugins
+# and scripts with the embedded Perl interpreter if the plugins/scripts
+# do not explicitly indicate whether or not it is okay to do so. Read
+# the HTML documentation on the embedded Perl interpreter for more
+# information on how this option works.
+
+use_embedded_perl_implicitly=1
+
+
+
+# ILLEGAL OBJECT NAME CHARACTERS
+# This option allows you to specify illegal characters that cannot
+# be used in host names, service descriptions, or names of other
+# object types.
+
+illegal_object_name_chars=`~!$%^&*|'"<>?,()=
+
+
+
+# ILLEGAL MACRO OUTPUT CHARACTERS
+# This option allows you to specify illegal characters that are
+# stripped from macros before being used in notifications, event
+# handlers, etc. This DOES NOT affect macros used in service or
+# host check commands.
+# The following macros are stripped of the characters you specify:
+# $HOSTOUTPUT$
+# $HOSTPERFDATA$
+# $HOSTACKAUTHOR$
+# $HOSTACKCOMMENT$
+# $SERVICEOUTPUT$
+# $SERVICEPERFDATA$
+# $SERVICEACKAUTHOR$
+# $SERVICEACKCOMMENT$
+
+illegal_macro_output_chars=`~$&|'"<>
+
+
+
+# REGULAR EXPRESSION MATCHING
+# This option controls whether or not regular expression matching
+# takes place in the object config files. Regular expression
+# matching is used to match host, hostgroup, service, and service
+# group names/descriptions in some fields of various object types.
+# Values: 1 = enable regexp matching, 0 = disable regexp matching
+
+use_regexp_matching=0
+
+
+
+# "TRUE" REGULAR EXPRESSION MATCHING
+# This option controls whether or not "true" regular expression
+# matching takes place in the object config files. This option
+# only has an effect if regular expression matching is enabled
+# (see above). If this option is DISABLED, regular expression
+# matching only occurs if a string contains wildcard characters
+# (* and ?). If the option is ENABLED, regexp matching occurs
+# all the time (which can be annoying).
+# Values: 1 = enable true matching, 0 = disable true matching
+
+use_true_regexp_matching=0
+
+
+
+# ADMINISTRATOR EMAIL/PAGER ADDRESSES
+# The email and pager address of a global administrator (likely you).
+# Nagios never uses these values itself, but you can access them by
+# using the $ADMINEMAIL$ and $ADMINPAGER$ macros in your notification
+# commands.
+
+admin_email=root@localhost
+admin_pager=pageroot@localhost
+
+
+
+# DAEMON CORE DUMP OPTION
+# This option determines whether or not Nagios is allowed to create
+# a core dump when it runs as a daemon. Note that it is generally
+# considered bad form to allow this, but it may be useful for
+# debugging purposes. Enabling this option doesn't guarantee that
+# a core file will be produced, but that's just life...
+# Values: 1 - Allow core dumps
+# 0 - Do not allow core dumps (default)
+
+daemon_dumps_core=0
+
+
+
+# LARGE INSTALLATION TWEAKS OPTION
+# This option determines whether or not Nagios will take some shortcuts
+# which can save on memory and CPU usage in large Nagios installations.
+# Read the documentation for more information on the benefits/tradeoffs
+# of enabling this option.
+# Values: 1 - Enabled tweaks
+# 0 - Disable tweaks (default)
+
+use_large_installation_tweaks=0
+
+
+
+# ENABLE ENVIRONMENT MACROS
+# This option determines whether or not Nagios will make all standard
+# macros available as environment variables when host/service checks
+# and system commands (event handlers, notifications, etc.) are
+# executed. Enabling this option can cause performance issues in
+# large installations, as it will consume a bit more memory and (more
+# importantly) consume more CPU.
+# Values: 1 - Enable environment variable macros (default)
+# 0 - Disable environment variable macros
+
+enable_environment_macros=1
+
+
+
+# CHILD PROCESS MEMORY OPTION
+# This option determines whether or not Nagios will free memory in
+# child processes (processed used to execute system commands and host/
+# service checks). If you specify a value here, it will override
+# program defaults.
+# Value: 1 - Free memory in child processes
+# 0 - Do not free memory in child processes
+
+#free_child_process_memory=1
+
+
+
+# CHILD PROCESS FORKING BEHAVIOR
+# This option determines how Nagios will fork child processes
+# (used to execute system commands and host/service checks). Normally
+# child processes are fork()ed twice, which provides a very high level
+# of isolation from problems. Fork()ing once is probably enough and will
+# save a great deal on CPU usage (in large installs), so you might
+# want to consider using this. If you specify a value here, it will
+# program defaults.
+# Value: 1 - Child processes fork() twice
+# 0 - Child processes fork() just once
+
+#child_processes_fork_twice=1
+
+
+
+# DEBUG LEVEL
+# This option determines how much (if any) debugging information will
+# be written to the debug file. OR values together to log multiple
+# types of information.
+# Values:
+# -1 = Everything
+# 0 = Nothing
+# 1 = Functions
+# 2 = Configuration
+# 4 = Process information
+# 8 = Scheduled events
+# 16 = Host/service checks
+# 32 = Notifications
+# 64 = Event broker
+# 128 = External commands
+# 256 = Commands
+# 512 = Scheduled downtime
+# 1024 = Comments
+# 2048 = Macros
+
+debug_level=0
+
+
+
+# DEBUG VERBOSITY
+# This option determines how verbose the debug log out will be.
+# Values: 0 = Brief output
+# 1 = More detailed
+# 2 = Very detailed
+
+debug_verbosity=1
+
+
+
+# DEBUG FILE
+# This option determines where Nagios should write debugging information.
+
+debug_file=/var/lib/nagios3/nagios.debug
+
+
+
+# MAX DEBUG FILE SIZE
+# This option determines the maximum size (in bytes) of the debug file. If
+# the file grows larger than this size, it will be renamed with a .old
+# extension. If a file already exists with a .old extension it will
+# automatically be deleted. This helps ensure your disk space usage doesn't
+# get out of control when debugging Nagios.
+
+max_debug_file_size=1000000
+
+
diff --git a/puppet/modules/nagios/files/configs/Debian/private/resource.cfg.amd64 b/puppet/modules/nagios/files/configs/Debian/private/resource.cfg.amd64
new file mode 100644
index 00000000..3ed732bb
--- /dev/null
+++ b/puppet/modules/nagios/files/configs/Debian/private/resource.cfg.amd64
@@ -0,0 +1,31 @@
+###########################################################################
+#
+# RESOURCE.CFG - Resource File for Nagios
+#
+# You can define $USERx$ macros in this file, which can in turn be used
+# in command definitions in your host config file(s). $USERx$ macros are
+# useful for storing sensitive information such as usernames, passwords,
+# etc. They are also handy for specifying the path to plugins and
+# event handlers - if you decide to move the plugins or event handlers to
+# a different directory in the future, you can just update one or two
+# $USERx$ macros, instead of modifying a lot of command definitions.
+#
+# The CGIs will not attempt to read the contents of resource files, so
+# you can set restrictive permissions (600 or 660) on them.
+#
+# Nagios supports up to 32 $USERx$ macros ($USER1$ through $USER32$)
+#
+# Resource files may also be used to store configuration directives for
+# external data sources like MySQL...
+#
+###########################################################################
+
+# Sets $USER1$ to be the path to the plugins
+$USER1$=/usr/lib/nagios/plugins
+
+# Sets $USER2$ to be the path to event handlers
+#$USER2$=/usr/lib/nagios/plugins/eventhandlers
+
+# Store some usernames and passwords (hidden from the CGIs)
+#$USER3$=someuser
+#$USER4$=somepassword
diff --git a/puppet/modules/nagios/files/configs/Debian/private/resource.cfg.i386 b/puppet/modules/nagios/files/configs/Debian/private/resource.cfg.i386
new file mode 100644
index 00000000..3ed732bb
--- /dev/null
+++ b/puppet/modules/nagios/files/configs/Debian/private/resource.cfg.i386
@@ -0,0 +1,31 @@
+###########################################################################
+#
+# RESOURCE.CFG - Resource File for Nagios
+#
+# You can define $USERx$ macros in this file, which can in turn be used
+# in command definitions in your host config file(s). $USERx$ macros are
+# useful for storing sensitive information such as usernames, passwords,
+# etc. They are also handy for specifying the path to plugins and
+# event handlers - if you decide to move the plugins or event handlers to
+# a different directory in the future, you can just update one or two
+# $USERx$ macros, instead of modifying a lot of command definitions.
+#
+# The CGIs will not attempt to read the contents of resource files, so
+# you can set restrictive permissions (600 or 660) on them.
+#
+# Nagios supports up to 32 $USERx$ macros ($USER1$ through $USER32$)
+#
+# Resource files may also be used to store configuration directives for
+# external data sources like MySQL...
+#
+###########################################################################
+
+# Sets $USER1$ to be the path to the plugins
+$USER1$=/usr/lib/nagios/plugins
+
+# Sets $USER2$ to be the path to event handlers
+#$USER2$=/usr/lib/nagios/plugins/eventhandlers
+
+# Store some usernames and passwords (hidden from the CGIs)
+#$USER3$=someuser
+#$USER4$=somepassword
diff --git a/puppet/modules/nagios/files/configs/Debian/private/resource.cfg.x86_64 b/puppet/modules/nagios/files/configs/Debian/private/resource.cfg.x86_64
new file mode 100644
index 00000000..3ed732bb
--- /dev/null
+++ b/puppet/modules/nagios/files/configs/Debian/private/resource.cfg.x86_64
@@ -0,0 +1,31 @@
+###########################################################################
+#
+# RESOURCE.CFG - Resource File for Nagios
+#
+# You can define $USERx$ macros in this file, which can in turn be used
+# in command definitions in your host config file(s). $USERx$ macros are
+# useful for storing sensitive information such as usernames, passwords,
+# etc. They are also handy for specifying the path to plugins and
+# event handlers - if you decide to move the plugins or event handlers to
+# a different directory in the future, you can just update one or two
+# $USERx$ macros, instead of modifying a lot of command definitions.
+#
+# The CGIs will not attempt to read the contents of resource files, so
+# you can set restrictive permissions (600 or 660) on them.
+#
+# Nagios supports up to 32 $USERx$ macros ($USER1$ through $USER32$)
+#
+# Resource files may also be used to store configuration directives for
+# external data sources like MySQL...
+#
+###########################################################################
+
+# Sets $USER1$ to be the path to the plugins
+$USER1$=/usr/lib/nagios/plugins
+
+# Sets $USER2$ to be the path to event handlers
+#$USER2$=/usr/lib/nagios/plugins/eventhandlers
+
+# Store some usernames and passwords (hidden from the CGIs)
+#$USER3$=someuser
+#$USER4$=somepassword
diff --git a/puppet/modules/nagios/files/configs/apache2.conf b/puppet/modules/nagios/files/configs/apache2.conf
new file mode 100644
index 00000000..f0f8b2f3
--- /dev/null
+++ b/puppet/modules/nagios/files/configs/apache2.conf
@@ -0,0 +1,67 @@
+# apache configuration for nagios 3.x
+# note to users of nagios 1.x and 2.x:
+# throughout this file are commented out sections which preserve
+# backwards compatibility with bookmarks/config for older nagios versios.
+# simply look for lines following "nagios 1.x:" and "nagios 2.x" comments.
+
+ScriptAlias /cgi-bin/nagios3 /usr/lib/cgi-bin/nagios3
+ScriptAlias /nagios3/cgi-bin /usr/lib/cgi-bin/nagios3
+# nagios 1.x:
+#ScriptAlias /cgi-bin/nagios /usr/lib/cgi-bin/nagios3
+#ScriptAlias /nagios/cgi-bin /usr/lib/cgi-bin/nagios3
+# nagios 2.x:
+#ScriptAlias /cgi-bin/nagios2 /usr/lib/cgi-bin/nagios3
+#ScriptAlias /nagios2/cgi-bin /usr/lib/cgi-bin/nagios3
+
+# Where the stylesheets (config files) reside
+Alias /nagios3/stylesheets /etc/nagios3/stylesheets
+# nagios 1.x:
+#Alias /nagios/stylesheets /etc/nagios3/stylesheets
+# nagios 2.x:
+#Alias /nagios2/stylesheets /etc/nagios3/stylesheets
+
+# Where the HTML pages live
+Alias /nagios3 /usr/share/nagios3/htdocs
+# nagios 2.x:
+#Alias /nagios2 /usr/share/nagios3/htdocs
+# nagios 1.x:
+#Alias /nagios /usr/share/nagios3/htdocs
+
+<DirectoryMatch (/usr/share/nagios3/htdocs|/usr/lib/cgi-bin/nagios3|/etc/nagios3/stylesheets)>
+ Options FollowSymLinks
+
+ DirectoryIndex index.php index.html
+
+ AllowOverride AuthConfig
+
+
+ <IfVersion < 2.3>
+ Order Allow,Deny
+ Allow From All
+ </IfVersion>
+
+ <IfVersion >= 2.3>
+ Require all denied
+ </IfVersion>
+
+ AuthName "Nagios Access"
+ AuthType Basic
+ AuthUserFile /etc/nagios3/htpasswd.users
+ # nagios 1.x:
+ #AuthUserFile /etc/nagios/htpasswd.users
+ require valid-user
+</DirectoryMatch>
+
+<Directory /usr/share/nagios3/htdocs>
+ Options +ExecCGI
+</Directory>
+
+# Enable this ScriptAlias if you want to enable the grouplist patch.
+# See http://apan.sourceforge.net/download.html for more info
+# It allows you to see a clickable list of all hostgroups in the
+# left pane of the Nagios web interface
+# XXX This is not tested for nagios 2.x use at your own peril
+#ScriptAlias /nagios3/side.html /usr/lib/cgi-bin/nagios3/grouplist.cgi
+# nagios 1.x:
+#ScriptAlias /nagios/side.html /usr/lib/cgi-bin/nagios3/grouplist.cgi
+
diff --git a/puppet/modules/nagios/files/configs/cgi.cfg b/puppet/modules/nagios/files/configs/cgi.cfg
new file mode 120000
index 00000000..db9667b3
--- /dev/null
+++ b/puppet/modules/nagios/files/configs/cgi.cfg
@@ -0,0 +1 @@
+Debian/cgi.cfg \ No newline at end of file
diff --git a/puppet/modules/nagios/files/configs/nagios.cfg b/puppet/modules/nagios/files/configs/nagios.cfg
new file mode 120000
index 00000000..1409b9e8
--- /dev/null
+++ b/puppet/modules/nagios/files/configs/nagios.cfg
@@ -0,0 +1 @@
+Debian/nagios.cfg \ No newline at end of file
diff --git a/puppet/modules/nagios/files/configs/nagios_templates.cfg b/puppet/modules/nagios/files/configs/nagios_templates.cfg
new file mode 100644
index 00000000..98596713
--- /dev/null
+++ b/puppet/modules/nagios/files/configs/nagios_templates.cfg
@@ -0,0 +1,49 @@
+define host{
+ name generic-host ; The name of this host template
+ notifications_enabled 1 ; Host notifications are enabled
+ event_handler_enabled 1 ; Host event handler is enabled
+ flap_detection_enabled 1 ; Flap detection is enabled
+ failure_prediction_enabled 1 ; Failure prediction is enabled
+ process_perf_data 1 ; Process performance data
+ retain_status_information 1 ; Retain status information across program restarts
+ retain_nonstatus_information 1 ; Retain non-status information across program restarts
+ check_command check-host-alive
+ max_check_attempts 10
+ notification_interval 0
+ notification_period 24x7
+ notification_options d,u,r
+ contact_groups admins
+ register 0 ; DONT REGISTER THIS DEFINITION - ITS NOT A REAL HOST, JUST A TEMPLATE!
+}
+
+define service{
+ name generic-service ; The 'name' of this service template
+ active_checks_enabled 1 ; Active service checks are enabled
+ passive_checks_enabled 1 ; Passive service checks are enabled/accepted
+ parallelize_check 1 ; Active service checks should be parallelized (disabling this can lead to major performance problems)
+ obsess_over_service 1 ; We should obsess over this service (if necessary)
+ check_freshness 0 ; Default is to NOT check service 'freshness'
+ notifications_enabled 1 ; Service notifications are enabled
+ event_handler_enabled 1 ; Service event handler is enabled
+ flap_detection_enabled 1 ; Flap detection is enabled
+ failure_prediction_enabled 1 ; Failure prediction is enabled
+ process_perf_data 1 ; Process performance data
+ retain_status_information 1 ; Retain status information across program restarts
+ retain_nonstatus_information 1 ; Retain non-status information across program restarts
+ notification_interval 0 ; Only send notifications on status change by default.
+ is_volatile 0
+ check_period 24x7
+ normal_check_interval 5
+ retry_check_interval 1
+ max_check_attempts 4
+ notification_period 24x7
+ notification_options w,u,c,r
+ contact_groups admins
+ register 0 ; DONT REGISTER THIS DEFINITION - ITS NOT A REAL SERVICE, JUST A TEMPLATE!
+}
+
+define service{
+ name passive-service
+ use generic-service
+ active_checks_enabled 0
+}
diff --git a/puppet/modules/nagios/files/htpasswd.users b/puppet/modules/nagios/files/htpasswd.users
new file mode 100644
index 00000000..e69de29b
--- /dev/null
+++ b/puppet/modules/nagios/files/htpasswd.users
diff --git a/puppet/modules/nagios/files/irc_bot/riseup-nagios-client.pl b/puppet/modules/nagios/files/irc_bot/riseup-nagios-client.pl
new file mode 100644
index 00000000..2467058d
--- /dev/null
+++ b/puppet/modules/nagios/files/irc_bot/riseup-nagios-client.pl
@@ -0,0 +1,72 @@
+#!/usr/bin/perl -w
+
+# ##############################################################################
+# Infrabot-Client - a simple Infrabot client which sends it's whole command
+# line arguments to a local UNIX domain socket.
+# ##############################################################################
+
+use strict;
+use IO::Socket;
+
+
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# >> CONFIGURATION >>
+
+# Read a configuration file
+# The arg can be a relative or full path, or
+# it can be a file located somewhere in @INC.
+sub ReadCfg
+{
+ my $file = $_[0];
+
+ our $err;
+
+ { # Put config data into a separate namespace
+ package CFG;
+
+ # Process the contents of the config file
+ my $rc = do($file);
+
+ # Check for errors
+ if ($@) {
+ $::err = "ERROR: Failure compiling '$file' - $@";
+ } elsif (! defined($rc)) {
+ $::err = "ERROR: Failure reading '$file' - $!";
+ } elsif (! $rc) {
+ $::err = "ERROR: Failure processing '$file'";
+ }
+ }
+
+ return ($err);
+}
+
+# Get our configuration information
+if (my $err = ReadCfg('/etc/nagios_nsa.cfg')) {
+ print(STDERR $err, "\n");
+ exit(1);
+}
+
+# << CONFIGURATION <<
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+if (@ARGV == 0) {
+ print "Hey - specify a message, sucker!\n";
+ exit(1);
+}
+
+unless (-S $CFG::Nsa{'socket'}) {
+ die "Socket '$CFG::Nsa{'socket'}' doesn't exist or isn't a socket!\n";
+}
+
+unless (-r $CFG::Nsa{'socket'}) {
+ die "Socket '$CFG::Nsa{'socket'}' can't be read!\n";
+}
+
+my $sock = IO::Socket::UNIX->new (
+ Peer => $CFG::Nsa{'socket'},
+ Type => SOCK_DGRAM,
+ Timeout => 10
+) || die "Can't open socket '$CFG::Nsa{'socket'}'!\n";
+
+print $sock "@ARGV";
+close($sock);
diff --git a/puppet/modules/nagios/files/irc_bot/riseup-nagios-server.pl b/puppet/modules/nagios/files/irc_bot/riseup-nagios-server.pl
new file mode 100644
index 00000000..5d65e6dd
--- /dev/null
+++ b/puppet/modules/nagios/files/irc_bot/riseup-nagios-server.pl
@@ -0,0 +1,239 @@
+#!/usr/bin/perl -w
+
+# ##############################################################################
+# a simple IRC bot which dispatches messages received via local domain sockets
+# ##############################################################################
+
+
+######
+## THIS NEEDS TO BE PORTED TO THE NEW FRAMEWORKS!
+##
+## STICKY POINTS: the addfh() function doesn't exist in BasicBot or POE::Component::IRC
+##
+## people suggested we use Anyevent::IRC and POE::Kernel ->select_read and POE::Wheel namespace
+##
+## in the meantime, inspiration for extensions can be found here: http://svn.foswiki.org/trunk/WikiBot/mozbot.pl
+
+use strict;
+use File::Basename;
+
+BEGIN {
+ unshift @INC, dirname($0);
+}
+
+my $VERSION = '0.2';
+my $running = 1;
+
+# Read a configuration file
+# The arg can be a relative or full path, or
+# it can be a file located somewhere in @INC.
+sub ReadCfg
+{
+ my $file = $_[0];
+
+ our $err;
+
+ { # Put config data into a separate namespace
+ package CFG;
+
+ # Process the contents of the config file
+ my $rc = do($file);
+
+ # Check for errors
+ if ($@) {
+ $::err = "ERROR: Failure compiling '$file' - $@";
+ } elsif (! defined($rc)) {
+ $::err = "ERROR: Failure reading '$file' - $!";
+ } elsif (! $rc) {
+ $::err = "ERROR: Failure processing '$file'";
+ }
+ }
+
+ return ($err);
+}
+
+# Get our configuration information
+if (my $err = ReadCfg('/etc/nagios_nsa.cfg')) {
+ print(STDERR $err, "\n");
+ exit(1);
+}
+
+use POSIX qw(setsid);
+use IO::Socket;
+use Net::IRC;
+
+sub new {
+ my $self = {
+ socket => undef,
+ irc => undef,
+ conn => undef,
+ commandfile => undef,
+ };
+
+ return bless($self, __PACKAGE__);
+}
+
+sub daemonize {
+ my $self = shift;
+ my $pid;
+
+ chdir '/' or die "Can't chdir to /: $!";
+
+ open STDIN, '/dev/null' or die "Can't read /dev/null: $!";
+ open STDOUT, '>/dev/null' or die "Can't write to /dev/null: $!";
+
+ defined ($pid = fork) or die "Can't fork: $!";
+
+ if ($pid && $CFG::Nsa{'pidfile'}) { # write pid of child
+ open PID, ">$CFG::Nsa{'pidfile'}" or die "Can't open pid file: $!";
+ print PID $pid;
+ close PID;
+ }
+ exit if $pid;
+ setsid or die "Can't start a new session: $!";
+
+ #open STDERR, '>&STDOUT' or die "Can't dup stdout: $!";
+}
+
+sub run {
+ my $self = shift;
+
+ $self->{irc}->do_one_loop();
+}
+
+sub shutdown {
+ my $sig = shift;
+
+ print STDERR "Received SIG$sig, shutting down...\n";
+ $running = 0;
+}
+
+sub socket_has_data {
+ my $self = shift;
+
+ $self->{socket}->recv(my $data, 1024);
+ if ($CFG::Nsa{'usenotices'}) {
+ $self->{conn}->notice($CFG::Nsa{'channel'}, $data);
+ } else {
+ $self->{conn}->privmsg($CFG::Nsa{'channel'}, $data);
+ }
+}
+
+sub irc_on_connect {
+ my $self = shift;
+
+ print STDERR "Joining channel '$CFG::Nsa{'channel'}'...\n";
+ $self->join($CFG::Nsa{'channel'});
+}
+
+sub irc_on_msg {
+ my ($self, $event) = @_;
+ my $data = join(' ', $event->args);
+ #my $nick = quotemeta($nicks[$nick]);
+ my $to = $event->to;
+ #my $channel = &toToChannel($self, @$to);
+ #my $cmdChar = $commandChar{default}; # FIXME: should look up for CURRENT channel first!
+ #if ( exists $commandChar{$channel} ) { $cmdChar = $commandChar{$channel}; }
+ my $msg = parse_msg($event);
+ if (defined($msg)) {
+ #$self->privmsg($event->nick, "alright, sending this message to nagios, hope it figures it out: $msg");
+ } else {
+ $self->privmsg($event->nick, "can't parse $data, you want 'ack host service comment'\n");
+ }
+}
+
+sub irc_on_public {
+ my ($self, $event) = @_;
+ my $data = join(' ', $event->args);
+ my $to = $event->to;
+ if ($data =~ s/([^:]*):\s+//) {
+ if ($1 eq $CFG::Nsa{'nickname'}) {
+ my $msg = parse_msg($event);
+ if (defined($msg)) {
+ #$self->privmsg($event->to, "alright, sending this message to nagios, hope it figures it out: $msg");
+ } else {
+ $self->privmsg($event->to, "can't parse $data, you want 'ack host service comment'\n");
+ }
+ } else {
+ #print STDERR "ignoring message $data, not for me (me being $1)\n";
+ }
+ } else {
+ #print STDERR "ignoring message $data\n";
+ }
+}
+
+sub parse_msg {
+ my $event= shift;
+ my $data = join(' ', $event->args);
+ my $msg;
+ if ($data =~ m/([^:]*:)?\s*ack(?:knowledge)?\s+([a-zA-Z0-9\-\.]+)(?:\s+([-\w\.]+)(?:\s+([\w\s]+))?)?/) {
+ #print STDERR "writing to nagios scoket ". $CFG::Nsa{'commandfile'} . "\n";
+ open(my $cmdfile, ">", $CFG::Nsa{'commandfile'}) || die "Can't open Nagios commandfile: $CFG::Nsa{'commandfile'}!\n";
+ my $host = $2;
+ my ($service, $comment) = (undef, "no comment (from irc)");
+ if ($4) {
+ $service = $3;
+ $comment = $4;
+ } elsif ($3) {
+ $service = $3;
+ }
+ my $user = $event->nick;
+ $msg = '[' . time() . '] ';
+ if (defined($service)) {
+ $msg .= "ACKNOWLEDGE_SVC_PROBLEM;$host;$service;1;1;1;$user;$comment\n";
+ } else {
+ $msg .= "ACKNOWLEDGE_HOST_PROBLEM;$host;1;1;1;$user;$comment\n";
+ }
+ print {$cmdfile} $msg;
+ close($cmdfile);
+ }
+ return $msg;
+}
+
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+my $bot = &new;
+
+if (-e $CFG::Nsa{'socket'}) {
+ die "Socket '$CFG::Nsa{'socket'}' exists!\n";
+}
+
+$bot->{socket} = IO::Socket::UNIX->new (
+ Local => $CFG::Nsa{'socket'},
+ Type => SOCK_DGRAM,
+ Listen => 5
+) || die "Can't create socket '$CFG::Nsa{'socket'}'!\n";
+
+$SIG{INT} = $SIG{TERM} = \&shutdown;
+
+$bot->daemonize();
+$bot->{irc} = new Net::IRC;
+
+$bot->{conn} = $bot->{irc}->newconn (
+ Server => $CFG::Nsa{'server'},
+ Port => $CFG::Nsa{'port'},
+ Nick => $CFG::Nsa{'nickname'},
+ Username => $CFG::Nsa{'nickname'},
+ Password => $CFG::Nsa{'password'},
+ Ircname => $CFG::Nsa{'realname'} . " (NSA $VERSION)",
+) || die "Can't connect to server '$CFG::Nsa{'server'}'!\n";
+
+$bot->{conn}->add_global_handler(376, \&irc_on_connect);
+$bot->{conn}->add_global_handler('nomotd', \&irc_on_connect);
+$bot->{conn}->add_global_handler('msg', \&irc_on_msg);
+$bot->{conn}->add_global_handler('public', \&irc_on_public);
+#$bot->{conn}->add_global_handler('notice', \&irc_on_msg);
+$bot->{irc}->addfh($bot->{socket}, \&socket_has_data, 'r', $bot);
+
+while ($running) {
+ $bot->run();
+}
+
+close($bot->{socket});
+unlink($CFG::Nsa{'socket'});
+
+exit(0);
+
+1;
+
+__END__
diff --git a/puppet/modules/nagios/files/munin/nagios_hosts b/puppet/modules/nagios/files/munin/nagios_hosts
new file mode 100644
index 00000000..3fa00f1d
--- /dev/null
+++ b/puppet/modules/nagios/files/munin/nagios_hosts
@@ -0,0 +1,32 @@
+#!/bin/bash
+
+if [ -z "$nag_stats_binary" ]; then
+ nag_stats_binary=/usr/sbin/nagios3stats
+fi
+
+if [ "$1" = "config" ]; then
+ echo 'graph_title Nagios host stats'
+ echo 'graph_args --base 1000 -l 0'
+ echo 'graph_vlabel hosts'
+ echo 'graph_category nagios'
+ echo 'graph_info The number of hosts checked by nagios'
+ echo 'up.label up'
+ echo 'up.draw AREA'
+ echo 'up.info number of hosts UP'
+ echo 'down.label down'
+ echo 'down.draw STACK'
+ echo 'down.info number of hosts DOWN'
+ echo 'unr.label unr'
+ echo 'unr.draw STACK'
+ echo 'unr.info number of hosts UNREACHABLE'
+
+ exit 0
+fi
+
+echo -n 'up.value '
+$nag_stats_binary --mrtg --data NUMHSTUP
+echo -n 'down.value '
+$nag_stats_binary --mrtg --data NUMHSTDOWN
+echo -n 'unr.value '
+$nag_stats_binary --mrtg --data NUMHSTUNR
+
diff --git a/puppet/modules/nagios/files/munin/nagios_perf b/puppet/modules/nagios/files/munin/nagios_perf
new file mode 100644
index 00000000..609d62f4
--- /dev/null
+++ b/puppet/modules/nagios/files/munin/nagios_perf
@@ -0,0 +1,38 @@
+#!/bin/bash
+
+if [ -z "$nag_stats_binary" ]; then
+ nag_stats_binary=/usr/sbin/nagios3stats
+fi
+
+NAME=$(basename $0)
+
+TYPE=${NAME##nagios_perf_}
+
+[ "x$TYPE" = 'xhosts' ] && TYPE_ABBR=HST
+[ "x$TYPE" = 'xsvc' ] && TYPE_ABBR=SVC
+[ -z "$TYPE_ABBR" ] && echo "unknown type $TYPE" >&2 && exit 1
+
+if [ "$1" = "config" ]; then
+ echo "graph_title Nagios $TYPE performance stats"
+ echo "graph_args --base 1000"
+ echo "graph_vlabel seconds"
+ echo "graph_category nagios"
+ echo "graph_info Check performance statistics"
+
+ echo "act_lat_$TYPE_ABBR.label act lat"
+ echo "act_lat_$TYPE_ABBR.type GAUGE"
+ echo "act_lat_$TYPE_ABBR.draw AREA"
+ echo "act_lat_$TYPE_ABBR.cdef act_lat_$TYPE_ABBR,1000,/"
+ echo "act_lat_$TYPE_ABBR.info average latency of active checks over the last 5 minutes"
+
+ echo "act_ext_$TYPE_ABBR.label act ext"
+ echo "act_ext_$TYPE_ABBR.type GAUGE"
+ echo "act_ext_$TYPE_ABBR.draw LINE1"
+ echo "act_ext_$TYPE_ABBR.cdef act_ext_$TYPE_ABBR,1000,/"
+ echo "act_ext_$TYPE_ABBR.info average execution time of active checks over the last 5 minutes"
+
+ exit 0
+fi
+
+echo "act_lat_$TYPE_ABBR.value " $($nag_stats_binary --mrtg --data AVGACT${TYPE_ABBR}LAT)
+echo "act_ext_$TYPE_ABBR.value " $($nag_stats_binary --mrtg --data AVGACT${TYPE_ABBR}EXT)
diff --git a/puppet/modules/nagios/files/munin/nagios_svc b/puppet/modules/nagios/files/munin/nagios_svc
new file mode 100644
index 00000000..97c8bfc1
--- /dev/null
+++ b/puppet/modules/nagios/files/munin/nagios_svc
@@ -0,0 +1,37 @@
+#!/bin/bash
+
+if [ -z "$nag_stats_binary" ]; then
+ nag_stats_binary=/usr/sbin/nagios3stats
+fi
+
+if [ "$1" = "config" ]; then
+ echo 'graph_title Nagios service stats'
+ echo 'graph_args --base 1000 -l 0'
+ echo 'graph_vlabel services'
+ echo 'graph_category nagios'
+ echo 'graph_info The number of services checked by nagios'
+ echo 'ok.label ok'
+ echo 'ok.draw AREA'
+ echo 'ok.info number of services OK'
+ echo 'warn.label warn'
+ echo 'warn.draw STACK'
+ echo 'warn.info number of services WARNING'
+ echo 'crit.label crit'
+ echo 'crit.draw STACK'
+ echo 'crit.info number of services CRITICAL'
+ echo 'unkn.label unkn'
+ echo 'unkn.draw STACK'
+ echo 'unkn.info number of services UNKNOWN'
+
+ exit 0
+fi
+
+echo -n 'ok.value '
+$nag_stats_binary --mrtg --data NUMSVCOK
+echo -n 'warn.value '
+$nag_stats_binary --mrtg --data NUMSVCWARN
+echo -n 'crit.value '
+$nag_stats_binary --mrtg --data NUMSVCCRIT
+echo -n 'unkn.value '
+$nag_stats_binary --mrtg --data NUMSVCUNKN
+
diff --git a/puppet/modules/nagios/files/nrpe/nrpe_commands.cfg b/puppet/modules/nagios/files/nrpe/nrpe_commands.cfg
new file mode 100644
index 00000000..b725a36a
--- /dev/null
+++ b/puppet/modules/nagios/files/nrpe/nrpe_commands.cfg
@@ -0,0 +1,5 @@
+# default plugins
+command[check_users]=/usr/lib/nagios/plugins/check_users $ARG1$
+command[check_disk]=/usr/lib/nagios/plugins/check_disk $ARG1$ -x "/dev" -x "/dev/shm" -x "/lib/init/rw"
+command[check_apt]=sudo /usr/lib/nagios/plugins/check_apt -u $ARG1$
+command[check_swap]=/usr/lib/nagios/plugins/check_swap $ARG1$
diff --git a/puppet/modules/nagios/files/nsca/nsca.cfg b/puppet/modules/nagios/files/nsca/nsca.cfg
new file mode 100644
index 00000000..0b019ea1
--- /dev/null
+++ b/puppet/modules/nagios/files/nsca/nsca.cfg
@@ -0,0 +1,197 @@
+# This file is managed by Puppet.
+#
+####################################################
+# Sample NSCA Daemon Config File
+# Written by: Ethan Galstad (nagios@nagios.org)
+#
+# Last Modified: 04-03-2006
+####################################################
+
+
+# PID FILE
+# The name of the file in which the NSCA daemon should write it's process ID
+# number. The file is only written if the NSCA daemon is started by the root
+# user as a single- or multi-process daemon.
+
+pid_file=/var/run/nsca.pid
+
+
+
+# PORT NUMBER
+# Port number we should wait for connections on.
+# This must be a non-priveledged port (i.e. > 1024).
+
+server_port=5667
+
+
+
+# SERVER ADDRESS
+# Address that NSCA has to bind to in case there are
+# more as one interface and we do not want NSCA to bind
+# (thus listen) on all interfaces.
+
+#server_address=192.168.1.1
+
+
+
+# NSCA USER
+# This determines the effective user that the NSCA daemon should run as.
+# You can either supply a username or a UID.
+#
+# NOTE: This option is ignored if NSCA is running under either inetd or xinetd
+
+nsca_user=nagios
+
+
+
+# NSCA GROUP
+# This determines the effective group that the NSCA daemon should run as.
+# You can either supply a group name or a GID.
+#
+# NOTE: This option is ignored if NSCA is running under either inetd or xinetd
+
+nsca_group=nogroup
+
+
+
+# NSCA CHROOT
+# If specified, determines a directory into which the nsca daemon
+# will perform a chroot(2) operation before dropping its privileges.
+# for the security conscious this can add a layer of protection in
+# the event that the nagios daemon is compromised.
+#
+# NOTE: if you specify this option, the command file will be opened
+# relative to this directory.
+
+#nsca_chroot=/var/run/nagios/rw
+
+
+
+# DEBUGGING OPTION
+# This option determines whether or not debugging
+# messages are logged to the syslog facility.
+# Values: 0 = debugging off, 1 = debugging on
+
+debug=0
+
+
+
+# COMMAND FILE
+# This is the location of the Nagios command file that the daemon
+# should write all service check results that it receives.
+# Note to debian users: nagios 1.x and nagios 2.x have
+# different default locations for this file. this is the
+# default location for nagios 1.x:
+#command_file=/var/run/nagios/nagios.cmd
+# and this is the default location for nagios2:
+#command_file=/var/lib/nagios2/rw/nagios.cmd
+# and this is the default location for nagios3:
+command_file=/var/lib/nagios3/rw/nagios.cmd
+
+# ALTERNATE DUMP FILE
+# This is used to specify an alternate file the daemon should
+# write service check results to in the event the command file
+# does not exist. It is important to note that the command file
+# is implemented as a named pipe and only exists when Nagios is
+# running. You may want to modify the startup script for Nagios
+# to dump the contents of this file into the command file after
+# it starts Nagios. Or you may simply choose to ignore any
+# check results received while Nagios was not running...
+
+alternate_dump_file=/var/run/nagios/nsca.dump
+
+
+# AGGREGATED WRITES OPTION
+# This option determines whether or not the nsca daemon will
+# aggregate writes to the external command file for client
+# connections that contain multiple check results. If you
+# are queueing service check results on remote hosts and
+# sending them to the nsca daemon in bulk, you will probably
+# want to enable bulk writes, as this will be a bit more
+# efficient.
+# Values: 0 = do not aggregate writes, 1 = aggregate writes
+
+aggregate_writes=0
+
+
+
+# APPEND TO FILE OPTION
+# This option determines whether or not the nsca daemon will
+# will open the external command file for writing or appending.
+# This option should almost *always* be set to 0!
+# Values: 0 = open file for writing, 1 = open file for appending
+
+append_to_file=0
+
+
+
+# MAX PACKET AGE OPTION
+# This option is used by the nsca daemon to determine when client
+# data is too old to be valid. Keeping this value as small as
+# possible is recommended, as it helps prevent the possibility of
+# "replay" attacks. This value needs to be at least as long as
+# the time it takes your clients to send their data to the server.
+# Values are in seconds. The max packet age cannot exceed 15
+# minutes (900 seconds). If this variable is set to zero (0), no
+# packets will be rejected based on their age.
+
+max_packet_age=30
+
+
+
+# DECRYPTION PASSWORD
+# This is the password/passphrase that should be used to descrypt the
+# incoming packets. Note that all clients must encrypt the packets
+# they send using the same password!
+# IMPORTANT: You don't want all the users on this system to be able
+# to read the password you specify here, so make sure to set
+# restrictive permissions on this config file!
+
+#password=
+
+
+
+# DECRYPTION METHOD
+# This option determines the method by which the nsca daemon will
+# decrypt the packets it receives from the clients. The decryption
+# method you choose will be a balance between security and performance,
+# as strong encryption methods consume more processor resources.
+# You should evaluate your security needs when choosing a decryption
+# method.
+#
+# Note: The decryption method you specify here must match the
+# encryption method the nsca clients use (as specified in
+# the send_nsca.cfg file)!!
+# Values:
+#
+# 0 = None (Do NOT use this option)
+# 1 = Simple XOR (No security, just obfuscation, but very fast)
+#
+# 2 = DES
+# 3 = 3DES (Triple DES)
+# 4 = CAST-128
+# 5 = CAST-256
+# 6 = xTEA
+# 7 = 3WAY
+# 8 = BLOWFISH
+# 9 = TWOFISH
+# 10 = LOKI97
+# 11 = RC2
+# 12 = ARCFOUR
+#
+# 14 = RIJNDAEL-128
+# 15 = RIJNDAEL-192
+# 16 = RIJNDAEL-256
+#
+# 19 = WAKE
+# 20 = SERPENT
+#
+# 22 = ENIGMA (Unix crypt)
+# 23 = GOST
+# 24 = SAFER64
+# 25 = SAFER128
+# 26 = SAFER+
+#
+
+decryption_method=1
+
diff --git a/puppet/modules/nagios/files/nsca/send_nsca.cfg b/puppet/modules/nagios/files/nsca/send_nsca.cfg
new file mode 100644
index 00000000..8127226b
--- /dev/null
+++ b/puppet/modules/nagios/files/nsca/send_nsca.cfg
@@ -0,0 +1,65 @@
+# This file is managed by Puppet.
+#
+####################################################
+# Sample NSCA Client Config File
+# Written by: Ethan Galstad (nagios@nagios.org)
+#
+# Last Modified: 02-21-2002
+####################################################
+
+
+# ENCRYPTION PASSWORD
+# This is the password/passphrase that should be used to encrypt the
+# outgoing packets. Note that the nsca daemon must use the same
+# password when decrypting the packet!
+# IMPORTANT: You don't want all the users on this system to be able
+# to read the password you specify here, so make sure to set
+# restrictive permissions on this config file!
+
+#password=
+
+
+
+# ENCRYPTION METHOD
+# This option determines the method by which the send_nsca client will
+# encrypt the packets it sends to the nsca daemon. The encryption
+# method you choose will be a balance between security and performance,
+# as strong encryption methods consume more processor resources.
+# You should evaluate your security needs when choosing an encryption
+# method.
+#
+# Note: The encryption method you specify here must match the
+# decryption method the nsca daemon uses (as specified in
+# the nsca.cfg file)!!
+# Values:
+# 0 = None (Do NOT use this option)
+# 1 = Simple XOR (No security, just obfuscation, but very fast)
+#
+# 2 = DES
+# 3 = 3DES (Triple DES)
+# 4 = CAST-128
+# 5 = CAST-256
+# 6 = xTEA
+# 7 = 3WAY
+# 8 = BLOWFISH
+# 9 = TWOFISH
+# 10 = LOKI97
+# 11 = RC2
+# 12 = ARCFOUR
+#
+# 14 = RIJNDAEL-128
+# 15 = RIJNDAEL-192
+# 16 = RIJNDAEL-256
+#
+# 19 = WAKE
+# 20 = SERPENT
+#
+# 22 = ENIGMA (Unix crypt)
+# 23 = GOST
+# 24 = SAFER64
+# 25 = SAFER128
+# 26 = SAFER+
+#
+
+encryption_method=1
+
diff --git a/puppet/modules/nagios/files/plugin_data/sks-keyservers.netCA.pem b/puppet/modules/nagios/files/plugin_data/sks-keyservers.netCA.pem
new file mode 100644
index 00000000..24a2ad2e
--- /dev/null
+++ b/puppet/modules/nagios/files/plugin_data/sks-keyservers.netCA.pem
@@ -0,0 +1,32 @@
+-----BEGIN CERTIFICATE-----
+MIIFizCCA3OgAwIBAgIJAK9zyLTPn4CPMA0GCSqGSIb3DQEBBQUAMFwxCzAJBgNV
+BAYTAk5PMQ0wCwYDVQQIDARPc2xvMR4wHAYDVQQKDBVza3Mta2V5c2VydmVycy5u
+ZXQgQ0ExHjAcBgNVBAMMFXNrcy1rZXlzZXJ2ZXJzLm5ldCBDQTAeFw0xMjEwMDkw
+MDMzMzdaFw0yMjEwMDcwMDMzMzdaMFwxCzAJBgNVBAYTAk5PMQ0wCwYDVQQIDARP
+c2xvMR4wHAYDVQQKDBVza3Mta2V5c2VydmVycy5uZXQgQ0ExHjAcBgNVBAMMFXNr
+cy1rZXlzZXJ2ZXJzLm5ldCBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC
+ggIBANdsWy4PXWNUCkS3L//nrd0GqN3dVwoBGZ6w94Tw2jPDPifegwxQozFXkG6I
+6A4TK1CJLXPvfz0UP0aBYyPmTNadDinaB9T4jIwd4rnxl+59GiEmqkN3IfPsv5Jj
+MkKUmJnvOT0DEVlEaO1UZIwx5WpfprB3mR81/qm4XkAgmYrmgnLXd/pJDAMk7y1F
+45b5zWofiD5l677lplcIPRbFhpJ6kDTODXh/XEdtF71EAeaOdEGOvyGDmCO0GWqS
+FDkMMPTlieLA/0rgFTcz4xwUYj/cD5e0ZBuSkYsYFAU3hd1cGfBue0cPZaQH2HYx
+Qk4zXD8S3F4690fRhr+tki5gyG6JDR67aKp3BIGLqm7f45WkX1hYp+YXywmEziM4
+aSbGYhx8hoFGfq9UcfPEvp2aoc8u5sdqjDslhyUzM1v3m3ZGbhwEOnVjljY6JJLx
+MxagxnZZSAY424ZZ3t71E/Mn27dm2w+xFRuoy8JEjv1d+BT3eChM5KaNwrj0IO/y
+u8kFIgWYA1vZ/15qMT+tyJTfyrNVV/7Df7TNeWyNqjJ5rBmt0M6NpHG7CrUSkBy9
+p8JhimgjP5r0FlEkgg+lyD+V79H98gQfVgP3pbJICz0SpBQf2F/2tyS4rLm+49rP
+fcOajiXEuyhpcmzgusAj/1FjrtlynH1r9mnNaX4e+rLWzvU5AgMBAAGjUDBOMB0G
+A1UdDgQWBBTkwyoJFGfYTVISTpM8E+igjdq28zAfBgNVHSMEGDAWgBTkwyoJFGfY
+TVISTpM8E+igjdq28zAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4ICAQAR
+OXnYwu3g1ZjHyley3fZI5aLPsaE17cOImVTehC8DcIphm2HOMR/hYTTL+V0G4P+u
+gH+6xeRLKSHMHZTtSBIa6GDL03434y9CBuwGvAFCMU2GV8w92/Z7apkAhdLToZA/
+X/iWP2jeaVJhxgEcH8uPrnSlqoPBcKC9PrgUzQYfSZJkLmB+3jEa3HKruy1abJP5
+gAdQvwvcPpvYRnIzUc9fZODsVmlHVFBCl2dlu/iHh2h4GmL4Da2rRkUMlbVTdioB
+UYIvMycdOkpH5wJftzw7cpjsudGas0PARDXCFfGyKhwBRFY7Xp7lbjtU5Rz0Gc04
+lPrhDf0pFE98Aw4jJRpFeWMjpXUEaG1cq7D641RpgcMfPFvOHY47rvDTS7XJOaUT
+BwRjmDt896s6vMDcaG/uXJbQjuzmmx3W2Idyh3s5SI0GTHb0IwMKYb4eBUIpQOnB
+cE77VnCYqKvN1NVYAqhWjXbY7XasZvszCRcOG+W3FqNaHOK/n/0ueb0uijdLan+U
+f4p1bjbAox8eAOQS/8a3bzkJzdyBNUKGx1BIK2IBL9bn/HravSDOiNRSnZ/R3l9G
+ZauX0tu7IIDlRCILXSyeazu0aj/vdT3YFQXPcvt5Fkf5wiNTo53f72/jYEJd6qph
+WrpoKqrwGwTpRUCMhYIUt65hsTxCiJJ5nKe39h46sg==
+-----END CERTIFICATE-----
diff --git a/puppet/modules/nagios/files/plugins/check_dns2 b/puppet/modules/nagios/files/plugins/check_dns2
new file mode 100644
index 00000000..21956315
--- /dev/null
+++ b/puppet/modules/nagios/files/plugins/check_dns2
@@ -0,0 +1,102 @@
+#!/bin/bash
+# Written by Damien Gy
+# damien.gy+nagiosexchange(AT)gmail.com
+# 2007-09-28
+
+PROGNAME=`basename $0`
+REVISION=1.00
+TMP=/tmp/tmpdig
+DIG=/usr/bin/dig
+
+print_revision() {
+ echo $PROGNAME $REVISION
+}
+
+print_usage() {
+ echo "Usage:"
+ echo " $PROGNAME -c|--check <host> <type> <server>"
+ echo " $PROGNAME -h|--help"
+ echo " $PROGNAME -v|--version"
+}
+
+print_help() {
+ print_revision
+ echo ""
+ print_usage
+ echo "Where:"
+ echo " host the name of the resource record to be looked up"
+ echo " type indicates the query required (any, a, mx, etc.)"
+ echo " server the name or IP address of the name server to query"
+ echo ""
+ echo " -h|--help prints this help screen"
+ echo ""
+ echo " -v|--version prints version and license information"
+ echo ""
+ echo " Created by Damien Gy, questions or problems e-mail damien.gy+nagiosexchange(AT)gmail.com"
+ echo ""
+}
+
+check_dns() {
+
+ if [ $# -ne 3 ]
+ then
+ echo "Number of arguments incorrect"
+ exit 3
+ fi
+ if [ ! -e $DIG ]
+ then
+ echo "$DIG not found"
+ exit 3
+ fi
+ $DIG $1 $2 @$3 > $TMP
+
+ if ( grep "status" $TMP > /dev/null )
+ then
+ # DNS server answered
+ if ( grep "NOERROR" $TMP > /dev/null )
+ then
+ echo "DNS OK "`grep "time:" $TMP`
+ rm -f $TMP
+ exit 0
+ else
+ echo "WARNING "`grep "time:" $TMP`
+ rm -f $TMP
+ exit 1
+ fi
+
+ else
+ # no answer
+ echo "CRITICAL - Connection timed out"
+ rm -f $TMP
+ exit 2
+ fi
+}
+
+case "$1" in
+--help)
+ print_help
+ exit 0
+ ;;
+-h)
+ print_help
+ exit 0
+ ;;
+--version)
+ print_revision
+ exit 0
+ ;;
+-v)
+ print_revision
+ exit 0
+ ;;
+--check)
+ check_dns $2 $3 $4
+ ;;
+-c)
+ check_dns $2 $3 $4
+ ;;
+*)
+ print_usage
+ exit 3
+
+esac
diff --git a/puppet/modules/nagios/files/plugins/check_dnsbl b/puppet/modules/nagios/files/plugins/check_dnsbl
new file mode 100644
index 00000000..93cea375
--- /dev/null
+++ b/puppet/modules/nagios/files/plugins/check_dnsbl
@@ -0,0 +1,107 @@
+#!/bin/sh
+#
+# dnsbl-check-nagios.sh
+#
+# (c) 2009 Damon Tajeddini & heise Netze
+#
+STATE_OK=0
+STATE_WARNING=1
+STATE_CRITICAL=2
+STATE_UNKNOWN=3
+STATE_DEPENDENT=4
+
+FOUND_ADRESS=0
+
+DNSBLlist=`grep -v ^# <<!
+cbl.abuseat.org
+dnsbl.ahbl.org
+ircbl.ahbl.org
+virbl.dnsbl.bit.nl
+blackholes.five-ten-sg.com
+dnsbl.inps.de
+ix.dnsbl.manitu.net
+no-more-funn.moensted.dk
+combined.njabl.org
+dnsbl.njabl.org
+dnsbl.sorbs.net
+bl.spamcannibal.org
+bl.spamcop.net
+sbl.spamhaus.org
+xbl.spamhaus.org
+pbl.spamhaus.org
+dnsbl-1.uceprotect.net
+# dnsbl-2.uceprotect.net
+# dnsbl-3.uceprotect.net
+psbl.surriel.com
+l2.apews.org
+dnsrbl.swinog.ch
+db.wpbl.info
+!`
+
+# reverse IP address
+convertIP()
+{
+ set `IFS=".";echo $1`
+ echo $4.$3.$2.$1
+}
+
+usage()
+{
+ echo "Usage: $0 [-H] <host>] [-p]"
+ echo " -H check Host "
+ echo " -p print list of DNSBLs"
+ exit 3
+}
+
+# Checks the IP with list of DNSBL servers
+check()
+{
+ count=0;
+ for i in $DNSBLlist
+ do
+ count=$(($count + 1))
+ if nslookup $ip_arpa.$i | grep -q "127.0.0." ;
+ then
+ FOUND_ADRESS=$(($FOUND_ADRESS + 1))
+ echo "DNSBL-Alarm: $ip is listed on $i"
+ fi
+ done
+ if [ $FOUND_ADRESS -ge 1 ]
+ then
+ exit 1
+ fi
+ echo "OK - $ip not on $count DNSBLs"
+ exit 0
+}
+
+case $1 in
+ -H)
+ if [ -z "$2" ]
+ then
+ echo "ip address missing"
+ exit
+ fi
+ ip=$2
+ ip_arpa=`convertIP $ip`
+ check;;
+
+ -p)
+ for i in $DNSBLlist
+ do
+ echo $i
+ done
+ exit $STATE_WARNING
+ exit;;
+
+ --help)
+ usage
+ exit;;
+
+ *)
+ if [ -z "$1" ]
+ then
+ usage
+ fi
+ echo "unknown command: $1"
+ exit;;
+esac
diff --git a/puppet/modules/nagios/files/plugins/check_gpg b/puppet/modules/nagios/files/plugins/check_gpg
new file mode 100644
index 00000000..eb9fa51f
--- /dev/null
+++ b/puppet/modules/nagios/files/plugins/check_gpg
@@ -0,0 +1,115 @@
+#!/bin/bash
+#
+# Nagios plugin that checks whether a key ID has expired, or will expire within
+# a certain time.
+#
+# note: the plugin will issue a critical state if the required key has been
+# revoked.
+#
+# usage: check_gpg [-w <num_days>] [--gnupg-homedir <path>] <key_id>
+#
+# <key_id> is any PGP key ID that GnuPG accepts with "gpg --list-key <key_id>"
+#
+# The option -w parameter lets you specify the number of days within which key
+# expiry will trigger a warning. e.g. if <key_id> expires within <num_days>
+# days, make nagios issue a warning.
+#
+# num_days must be an integer value
+#
+# optionally, if the keyring directory you want GPG to use is not located in
+# the user's ~/.gnupg, you can specify the path to the keyring directory with
+# the --gnupg-homedir parameter.
+#
+# Thanks a bunch to Daniel Kahn Gillmor for providing example commands that
+# made up most of the core of this plugin.
+#
+# Copyleft Gabriel Filion
+#
+# This plugin is released under the GPL v3+ license. To get a copy of the
+# license text visit: https://www.gnu.org/licenses/gpl-3.0.txt
+#
+SECS_IN_DAY=86400
+
+function debug () {
+ if [ -n "$DEBUG" ]; then
+ echo "$1" >&2
+ fi
+}
+
+debug "got args: $*"
+
+now=$(date +%s)
+debug "current timestamp: $now"
+
+warning_threshold=
+homedir=
+homedir_path=~/.gnupg
+for arg in $*; do
+ case $arg in
+ "-w")
+ if [ -z "$2" ]; then
+ echo "UNKNOWN: argument -w got no value. integer needed"
+ exit 3
+ fi
+ if [ "`echo $2 | egrep ^[[:digit:]]+$`" = "" ]; then
+ echo "UNKNOWN: invalid value '$2' passed to -w. integer needed"
+ exit 3
+ fi
+ warning_threshold=$(( $now + ($2*$SECS_IN_DAY) ))
+ debug "setting warning_threshold to '$warning_threshold'"
+
+ shift 2
+ ;;
+ "--gnupg-homedir")
+ if [ -z "$2" ]; then
+ echo "UNKNOWN: argument --gnupg-homedir got no value. path needed"
+ exit 3
+ fi
+ if [ ! -d "$2" ]; then
+ echo "UNKNOWN: homedir '$2' does not exist or is not a directory"
+ exit 3
+ fi
+ homedir_path=$2
+ homedir="--homedir ${homedir_path}"
+ debug "setting homedir to '$homedir_path'"
+
+ shift 2
+ ;;
+ esac
+done
+
+if [ -z "$1" ]; then
+ echo "UNKNOWN: must provide a key ID"
+ exit 3
+fi
+key="$1"
+
+# GPG is too stupid to error out when asked to refresh a key that's not in the
+# local keyring so we need to perform another call to verify this first.
+output=$( { gpg $homedir --list-key "$key" >/dev/null && gpg $homedir --refresh --keyserver hkps://hkps.pool.sks-keyservers.net --keyserver-options ca-cert-file=$homedir_path/sks-keyservers.netCA.pem "$key" >/dev/null; } 2>&1 )
+if [ $? -ne 0 ]; then
+ echo "UNKNOWN: $output"
+ exit 3
+fi
+
+if [ "$(gpg $homedir --check-sig "$key" | grep "^rev!")" != "" ]; then
+ echo "CRITICAL: key '$key' has been revoked!"
+ exit 1
+fi
+
+for expiry in $(gpg $homedir --with-colons --fixed-list-mode --list-key "$key" 2>/dev/null | awk -F: '/^pub:/{ print $7 }');
+do
+ debug "expiry value: $expiry"
+
+ if [ "$now" -gt "$expiry" ] ; then
+ printf "CRITICAL: %s has expired on %s\n" "$key" "$(date -d "$expiry seconds")";
+ exit 1;
+ fi;
+ if [ -n "$warning_threshold" ] && [ "$warning_threshold" -gt "$expiry" ]; then
+ remaining=$(( ($expiry-$now) / $SECS_IN_DAY ))
+ printf "WARNING: %s expires in %s days\n" "$key" "$remaining";
+ exit 2;
+ fi
+done
+
+echo "OK: key '$key' has not expired."
diff --git a/puppet/modules/nagios/files/plugins/check_horde_login b/puppet/modules/nagios/files/plugins/check_horde_login
new file mode 100644
index 00000000..8c821e48
--- /dev/null
+++ b/puppet/modules/nagios/files/plugins/check_horde_login
@@ -0,0 +1,94 @@
+#!/bin/env python
+# vi:si:et:sw=4:sts=4:ts=4
+# -*- coding: UTF-8 -*-
+# -*- Mode: Python -*-
+#
+# Copyright (C) 2015 mh <mh@immerda.ch>
+
+# This file may be distributed and/or modified under the terms of
+# the GNU General Public License version 2 as published by
+# the Free Software Foundation.
+# This file is distributed without any warranty; without even the implied
+# warranty of merchantability or fitness for a particular purpose.
+#
+
+import sys, os, requests, getopt
+from time import time
+
+def usage():
+ print sys.argv[0] + " -u username "+ \
+ "-p password " + \
+ "-s server path" + \
+ "[-w warning_in_s] " + \
+ "[-c critical_in_s]"
+ sys.exit(1)
+
+def main():
+ try:
+ opts, args = getopt.getopt(sys.argv[1:], "u:p:s:h:w:c")
+ except getopt.GetoptError:
+ usage()
+ return 3
+
+ user = url = password = None
+ warning = 5
+ critical = 10
+
+ for o, a in opts:
+ if o == "-u":
+ user = a
+ elif o == "-p":
+ password = a
+ elif o == "-w":
+ warning = a
+ elif o == "-c":
+ critical = a
+ elif o == "-s":
+ url = a + "/login.php"
+ elif o == '-h':
+ usage()
+
+ if user == None or password == None or url == None:
+ usage()
+
+ params = { 'horde_user': user,
+ 'horde_pass': password,
+ 'horde_select_view': 'auto',
+ 'anchor_string': '',
+ 'app': '',
+ 'login_post': 1,
+ 'new_lang': 'en_US',
+ 'url': '',
+ }
+
+
+ timestamp = time()
+ try:
+ r = requests.post(url, data=params, allow_redirects=False)
+ except Exception, e:
+ print "CRITICAL Horde Login Failed: %s" % e
+ sys.exit(2)
+
+ timestamp = time() - timestamp
+ if r.status_code == 302:
+ if timestamp < warning:
+ status = "OK"
+ exitcode = 0
+ if timestamp >= warning:
+ status = "WARNING"
+ exitcode = 1
+ if timestamp >= critical:
+ status = "CRITICAL"
+ exitcode = 2
+ else:
+ status = "ERROR"
+ exitcode = 2
+ # on a successfully login we are redirected to the mailbox
+ print '%s Horde Login | response_time=%.3fs;%.3f;%.3f' % (status, timestamp, warning, critical)
+ sys.exit(exitcode)
+
+
+if __name__ == "__main__":
+ sys.exit(main())
+
+
diff --git a/puppet/modules/nagios/files/plugins/check_imap_login b/puppet/modules/nagios/files/plugins/check_imap_login
new file mode 100644
index 00000000..d059822b
--- /dev/null
+++ b/puppet/modules/nagios/files/plugins/check_imap_login
@@ -0,0 +1,80 @@
+#!/usr/bin/python
+# -*- coding: UTF-8 -*-
+# -*- Mode: Python -*-
+#
+# Copyright (C) 2006 Bertera Pietro <pietro@bertera.it>
+# Response time monitoring with perfdata modification by Ivan Savcic <isavcic@gmail.com> and Milos Buncic, 2012.
+# From: https://github.com/isavcic/check_imap_login
+
+# This file may be distributed and/or modified under the terms of
+# the GNU General Public License version 2 as published by
+# the Free Software Foundation.
+# This file is distributed without any warranty; without even the implied
+# warranty of merchantability or fitness for a particular purpose.
+
+import sys, os, imaplib, getopt
+from time import time
+
+def usage():
+ print sys.argv[0] + " -u <user> -p <password> -H <host> [-s] -w <warning threshold (sec)> -c <critical threshold (sec)>\n -s is for using IMAPS"
+
+def main():
+ try:
+ opts, args = getopt.getopt(sys.argv[1:], "u:p:sH:w:c:")
+ except getopt.GetoptError:
+ usage()
+ return 3
+
+ user = host = password = use_ssl = warning = critical = None
+
+ for o, a in opts:
+ if o == "-u":
+ user = a
+ elif o == "-p":
+ password = a
+ elif o == "-s":
+ use_ssl = True
+ elif o == "-H":
+ host = a
+ elif o == "-w":
+ warning = float(a)
+ elif o == "-c":
+ critical = float(a)
+
+ if user == None or password == None or host == None or warning == None or critical == None:
+ usage()
+ return 1
+
+ if use_ssl:
+ M = imaplib.IMAP4_SSL(host=host)
+ else:
+ M = imaplib.IMAP4(host)
+
+ timestamp = time()
+
+ try:
+ M.login(user, password)
+ except Exception, e:
+ print "CRITICAL IMAP Login Failed: %s" % e
+ return 2
+
+ M.logout()
+
+ timestamp = time() - timestamp
+
+ if timestamp < warning:
+ status = "OK"
+ exitcode = 0
+ if timestamp >= warning:
+ status = "WARNING"
+ exitcode = 1
+ if timestamp >= critical:
+ status = "CRITICAL"
+ exitcode = 2
+
+ print '%s IMAP Login | response_time=%.3fs;%.3f;%.3f' % (status, timestamp, warning, critical)
+
+ return exitcode
+
+if __name__ == "__main__":
+ sys.exit(main())
diff --git a/puppet/modules/nagios/files/plugins/check_jabber_login b/puppet/modules/nagios/files/plugins/check_jabber_login
new file mode 100644
index 00000000..dac0e1fe
--- /dev/null
+++ b/puppet/modules/nagios/files/plugins/check_jabber_login
@@ -0,0 +1,30 @@
+#!/usr/bin/env ruby
+require 'rubygems'
+require 'xmpp4r'
+
+
+def usage
+ puts "#{$0} jabberid password"
+ exit 3
+end
+
+usage unless ARGV.size == 2
+
+begin
+ my_client = Jabber::Client.new(ARGV[0])
+ my_client.connect
+ my_client.auth(ARGV[1])
+rescue Jabber::ClientAuthenticationFailure => detail
+ puts "CRITICAL: Login Error"
+ exit 2
+rescue Errno::ECONNREFUSED => detail
+ puts "CRITICAL: Connection refused"
+ exit 2
+rescue SocketError => detail
+ puts "CRITICAL: Socket Error"
+ exit 2
+#rescue
+# puts "CRITICAL: Unknown Error"
+# exit 2
+end
+puts "OK: Login for #{ARGV[0]} successfull"
diff --git a/puppet/modules/nagios/files/plugins/check_mysql_health b/puppet/modules/nagios/files/plugins/check_mysql_health
new file mode 100755
index 00000000..9292ae09
--- /dev/null
+++ b/puppet/modules/nagios/files/plugins/check_mysql_health
@@ -0,0 +1,3780 @@
+#! /usr/bin/perl -w
+# nagios: -epn
+
+my %ERRORS=( OK => 0, WARNING => 1, CRITICAL => 2, UNKNOWN => 3 );
+my %ERRORCODES=( 0 => 'OK', 1 => 'WARNING', 2 => 'CRITICAL', 3 => 'UNKNOWN' );
+package DBD::MySQL::Server::Instance::Innodb;
+
+use strict;
+
+our @ISA = qw(DBD::MySQL::Server::Instance);
+
+
+sub new {
+ my $class = shift;
+ my %params = @_;
+ my $self = {
+ handle => $params{handle},
+ internals => undef,
+ warningrange => $params{warningrange},
+ criticalrange => $params{criticalrange},
+ };
+ bless $self, $class;
+ $self->init(%params);
+ return $self;
+}
+
+sub init {
+ my $self = shift;
+ my %params = @_;
+ $self->init_nagios();
+ if ($params{mode} =~ /server::instance::innodb/) {
+ $self->{internals} =
+ DBD::MySQL::Server::Instance::Innodb::Internals->new(%params);
+ }
+}
+
+sub nagios {
+ my $self = shift;
+ my %params = @_;
+ if ($params{mode} =~ /server::instance::innodb/) {
+ $self->{internals}->nagios(%params);
+ $self->merge_nagios($self->{internals});
+ }
+}
+
+
+package DBD::MySQL::Server::Instance::Innodb::Internals;
+
+use strict;
+
+our @ISA = qw(DBD::MySQL::Server::Instance::Innodb);
+
+our $internals; # singleton, nur ein einziges mal instantiierbar
+
+sub new {
+ my $class = shift;
+ my %params = @_;
+ unless ($internals) {
+ $internals = {
+ handle => $params{handle},
+ bufferpool_hitrate => undef,
+ wait_free => undef,
+ log_waits => undef,
+ have_innodb => undef,
+ warningrange => $params{warningrange},
+ criticalrange => $params{criticalrange},
+ };
+ bless($internals, $class);
+ $internals->init(%params);
+ }
+ return($internals);
+}
+
+sub init {
+ my $self = shift;
+ my %params = @_;
+ my $dummy;
+ $self->debug("enter init");
+ $self->init_nagios();
+ ($dummy, $self->{have_innodb})
+ = $self->{handle}->fetchrow_array(q{
+ SHOW VARIABLES LIKE 'have_innodb'
+ });
+ if ($self->{have_innodb} eq "NO") {
+ $self->add_nagios_critical("the innodb engine has a problem (have_innodb=no)");
+ } elsif ($self->{have_innodb} eq "DISABLED") {
+ # add_nagios_ok later
+ } elsif ($params{mode} =~ /server::instance::innodb::bufferpool::hitrate/) {
+ ($dummy, $self->{bufferpool_reads})
+ = $self->{handle}->fetchrow_array(q{
+ SHOW /*!50000 global */ STATUS LIKE 'Innodb_buffer_pool_reads'
+ });
+ ($dummy, $self->{bufferpool_read_requests})
+ = $self->{handle}->fetchrow_array(q{
+ SHOW /*!50000 global */ STATUS LIKE 'Innodb_buffer_pool_read_requests'
+ });
+ if (! defined $self->{bufferpool_reads}) {
+ $self->add_nagios_critical("no innodb buffer pool info available");
+ } else {
+ $self->valdiff(\%params, qw(bufferpool_reads
+ bufferpool_read_requests));
+ $self->{bufferpool_hitrate_now} =
+ $self->{delta_bufferpool_read_requests} > 0 ?
+ 100 - (100 * $self->{delta_bufferpool_reads} /
+ $self->{delta_bufferpool_read_requests}) : 100;
+ $self->{bufferpool_hitrate} =
+ $self->{bufferpool_read_requests} > 0 ?
+ 100 - (100 * $self->{bufferpool_reads} /
+ $self->{bufferpool_read_requests}) : 100;
+ }
+ } elsif ($params{mode} =~ /server::instance::innodb::bufferpool::waitfree/) {
+ ($dummy, $self->{bufferpool_wait_free})
+ = $self->{handle}->fetchrow_array(q{
+ SHOW /*!50000 global */ STATUS LIKE 'Innodb_buffer_pool_wait_free'
+ });
+ if (! defined $self->{bufferpool_wait_free}) {
+ $self->add_nagios_critical("no innodb buffer pool info available");
+ } else {
+ $self->valdiff(\%params, qw(bufferpool_wait_free));
+ $self->{bufferpool_wait_free_rate} =
+ $self->{delta_bufferpool_wait_free} / $self->{delta_timestamp};
+ }
+ } elsif ($params{mode} =~ /server::instance::innodb::logwaits/) {
+ ($dummy, $self->{log_waits})
+ = $self->{handle}->fetchrow_array(q{
+ SHOW /*!50000 global */ STATUS LIKE 'Innodb_log_waits'
+ });
+ if (! defined $self->{log_waits}) {
+ $self->add_nagios_critical("no innodb log info available");
+ } else {
+ $self->valdiff(\%params, qw(log_waits));
+ $self->{log_waits_rate} =
+ $self->{delta_log_waits} / $self->{delta_timestamp};
+ }
+ } elsif ($params{mode} =~ /server::instance::innodb::needoptimize/) {
+#fragmentation=$(($datafree * 100 / $datalength))
+
+#http://www.electrictoolbox.com/optimize-tables-mysql-php/
+ my @result = $self->{handle}->fetchall_array(q{
+SHOW TABLE STATUS WHERE Data_free / Data_length > 0.1 AND Data_free > 102400
+});
+printf "%s\n", Data::Dumper::Dumper(\@result);
+
+ }
+}
+
+sub nagios {
+ my $self = shift;
+ my %params = @_;
+ my $now = $params{lookback} ? '_now' : '';
+ if ($self->{have_innodb} eq "DISABLED") {
+ $self->add_nagios_ok("the innodb engine has been disabled");
+ } elsif (! $self->{nagios_level}) {
+ if ($params{mode} =~ /server::instance::innodb::bufferpool::hitrate/) {
+ my $refkey = 'bufferpool_hitrate'.($params{lookback} ? '_now' : '');
+ $self->add_nagios(
+ $self->check_thresholds($self->{$refkey}, "99:", "95:"),
+ sprintf "innodb buffer pool hitrate at %.2f%%", $self->{$refkey});
+ $self->add_perfdata(sprintf "bufferpool_hitrate=%.2f%%;%s;%s;0;100",
+ $self->{bufferpool_hitrate},
+ $self->{warningrange}, $self->{criticalrange});
+ $self->add_perfdata(sprintf "bufferpool_hitrate_now=%.2f%%",
+ $self->{bufferpool_hitrate_now});
+ } elsif ($params{mode} =~ /server::instance::innodb::bufferpool::waitfree/) {
+ $self->add_nagios(
+ $self->check_thresholds($self->{bufferpool_wait_free_rate}, "1", "10"),
+ sprintf "%ld innodb buffer pool waits in %ld seconds (%.4f/sec)",
+ $self->{delta_bufferpool_wait_free}, $self->{delta_timestamp},
+ $self->{bufferpool_wait_free_rate});
+ $self->add_perfdata(sprintf "bufferpool_free_waits_rate=%.4f;%s;%s;0;100",
+ $self->{bufferpool_wait_free_rate},
+ $self->{warningrange}, $self->{criticalrange});
+ } elsif ($params{mode} =~ /server::instance::innodb::logwaits/) {
+ $self->add_nagios(
+ $self->check_thresholds($self->{log_waits_rate}, "1", "10"),
+ sprintf "%ld innodb log waits in %ld seconds (%.4f/sec)",
+ $self->{delta_log_waits}, $self->{delta_timestamp},
+ $self->{log_waits_rate});
+ $self->add_perfdata(sprintf "innodb_log_waits_rate=%.4f;%s;%s;0;100",
+ $self->{log_waits_rate},
+ $self->{warningrange}, $self->{criticalrange});
+ }
+ }
+}
+
+
+
+
+package DBD::MySQL::Server::Instance::MyISAM;
+
+use strict;
+
+our @ISA = qw(DBD::MySQL::Server::Instance);
+
+
+sub new {
+ my $class = shift;
+ my %params = @_;
+ my $self = {
+ handle => $params{handle},
+ internals => undef,
+ warningrange => $params{warningrange},
+ criticalrange => $params{criticalrange},
+ };
+ bless $self, $class;
+ $self->init(%params);
+ return $self;
+}
+
+sub init {
+ my $self = shift;
+ my %params = @_;
+ $self->init_nagios();
+ if ($params{mode} =~ /server::instance::myisam/) {
+ $self->{internals} =
+ DBD::MySQL::Server::Instance::MyISAM::Internals->new(%params);
+ }
+}
+
+sub nagios {
+ my $self = shift;
+ my %params = @_;
+ if ($params{mode} =~ /server::instance::myisam/) {
+ $self->{internals}->nagios(%params);
+ $self->merge_nagios($self->{internals});
+ }
+}
+
+
+package DBD::MySQL::Server::Instance::MyISAM::Internals;
+
+use strict;
+
+our @ISA = qw(DBD::MySQL::Server::Instance::MyISAM);
+
+our $internals; # singleton, nur ein einziges mal instantiierbar
+
+sub new {
+ my $class = shift;
+ my %params = @_;
+ unless ($internals) {
+ $internals = {
+ handle => $params{handle},
+ keycache_hitrate => undef,
+ warningrange => $params{warningrange},
+ criticalrange => $params{criticalrange},
+ };
+ bless($internals, $class);
+ $internals->init(%params);
+ }
+ return($internals);
+}
+
+sub init {
+ my $self = shift;
+ my %params = @_;
+ my $dummy;
+ $self->debug("enter init");
+ $self->init_nagios();
+ if ($params{mode} =~ /server::instance::myisam::keycache::hitrate/) {
+ ($dummy, $self->{key_reads})
+ = $self->{handle}->fetchrow_array(q{
+ SHOW /*!50000 global */ STATUS LIKE 'Key_reads'
+ });
+ ($dummy, $self->{key_read_requests})
+ = $self->{handle}->fetchrow_array(q{
+ SHOW /*!50000 global */ STATUS LIKE 'Key_read_requests'
+ });
+ if (! defined $self->{key_read_requests}) {
+ $self->add_nagios_critical("no myisam keycache info available");
+ } else {
+ $self->valdiff(\%params, qw(key_reads key_read_requests));
+ $self->{keycache_hitrate} =
+ $self->{key_read_requests} > 0 ?
+ 100 - (100 * $self->{key_reads} /
+ $self->{key_read_requests}) : 100;
+ $self->{keycache_hitrate_now} =
+ $self->{delta_key_read_requests} > 0 ?
+ 100 - (100 * $self->{delta_key_reads} /
+ $self->{delta_key_read_requests}) : 100;
+ }
+ } elsif ($params{mode} =~ /server::instance::myisam::sonstnochwas/) {
+ }
+}
+
+sub nagios {
+ my $self = shift;
+ my %params = @_;
+ if (! $self->{nagios_level}) {
+ if ($params{mode} =~ /server::instance::myisam::keycache::hitrate/) {
+ my $refkey = 'keycache_hitrate'.($params{lookback} ? '_now' : '');
+ $self->add_nagios(
+ $self->check_thresholds($self->{$refkey}, "99:", "95:"),
+ sprintf "myisam keycache hitrate at %.2f%%", $self->{$refkey});
+ $self->add_perfdata(sprintf "keycache_hitrate=%.2f%%;%s;%s",
+ $self->{keycache_hitrate},
+ $self->{warningrange}, $self->{criticalrange});
+ $self->add_perfdata(sprintf "keycache_hitrate_now=%.2f%%;%s;%s",
+ $self->{keycache_hitrate_now},
+ $self->{warningrange}, $self->{criticalrange});
+ }
+ }
+}
+
+
+package DBD::MySQL::Server::Instance::Replication;
+
+use strict;
+
+our @ISA = qw(DBD::MySQL::Server::Instance);
+
+
+sub new {
+ my $class = shift;
+ my %params = @_;
+ my $self = {
+ handle => $params{handle},
+ internals => undef,
+ warningrange => $params{warningrange},
+ criticalrange => $params{criticalrange},
+ };
+ bless $self, $class;
+ $self->init(%params);
+ return $self;
+}
+
+sub init {
+ my $self = shift;
+ my %params = @_;
+ $self->init_nagios();
+ if ($params{mode} =~ /server::instance::replication/) {
+ $self->{internals} =
+ DBD::MySQL::Server::Instance::Replication::Internals->new(%params);
+ }
+}
+
+sub nagios {
+ my $self = shift;
+ my %params = @_;
+ if ($params{mode} =~ /server::instance::replication/) {
+ $self->{internals}->nagios(%params);
+ $self->merge_nagios($self->{internals});
+ }
+}
+
+
+package DBD::MySQL::Server::Instance::Replication::Internals;
+
+use strict;
+
+our @ISA = qw(DBD::MySQL::Server::Instance::Replication);
+
+our $internals; # singleton, nur ein einziges mal instantiierbar
+
+sub new {
+ my $class = shift;
+ my %params = @_;
+ unless ($internals) {
+ $internals = {
+ handle => $params{handle},
+ seconds_behind_master => undef,
+ slave_io_running => undef,
+ slave_sql_running => undef,
+ warningrange => $params{warningrange},
+ criticalrange => $params{criticalrange},
+ };
+ bless($internals, $class);
+ $internals->init(%params);
+ }
+ return($internals);
+}
+
+sub init {
+ my $self = shift;
+ my %params = @_;
+ $self->debug("enter init");
+ $self->init_nagios();
+ if ($params{mode} =~ /server::instance::replication::slavelag/) {
+ # "show slave status", "Seconds_Behind_Master"
+ my $slavehash = $self->{handle}->selectrow_hashref(q{
+ SHOW SLAVE STATUS
+ });
+ if ((! defined $slavehash->{Seconds_Behind_Master}) &&
+ (lc $slavehash->{Slave_IO_Running} eq 'no')) {
+ $self->add_nagios_critical(
+ "unable to get slave lag, because io thread is not running");
+ } elsif (! defined $slavehash->{Seconds_Behind_Master}) {
+ $self->add_nagios_critical(sprintf "unable to get replication info%s",
+ $self->{handle}->{errstr} ? $self->{handle}->{errstr} : "");
+ } else {
+ $self->{seconds_behind_master} = $slavehash->{Seconds_Behind_Master};
+ }
+ } elsif ($params{mode} =~ /server::instance::replication::slaveiorunning/) {
+ # "show slave status", "Slave_IO_Running"
+ my $slavehash = $self->{handle}->selectrow_hashref(q{
+ SHOW SLAVE STATUS
+ });
+ if (! defined $slavehash->{Slave_IO_Running}) {
+ $self->add_nagios_critical(sprintf "unable to get replication info%s",
+ $self->{handle}->{errstr} ? $self->{handle}->{errstr} : "");
+ } else {
+ $self->{slave_io_running} = $slavehash->{Slave_IO_Running};
+ }
+ } elsif ($params{mode} =~ /server::instance::replication::slavesqlrunning/) {
+ # "show slave status", "Slave_SQL_Running"
+ my $slavehash = $self->{handle}->selectrow_hashref(q{
+ SHOW SLAVE STATUS
+ });
+ if (! defined $slavehash->{Slave_SQL_Running}) {
+ $self->add_nagios_critical(sprintf "unable to get replication info%s",
+ $self->{handle}->{errstr} ? $self->{handle}->{errstr} : "");
+ } else {
+ $self->{slave_sql_running} = $slavehash->{Slave_SQL_Running};
+ }
+ }
+}
+
+sub nagios {
+ my $self = shift;
+ my %params = @_;
+ if (! $self->{nagios_level}) {
+ if ($params{mode} =~ /server::instance::replication::slavelag/) {
+ $self->add_nagios(
+ $self->check_thresholds($self->{seconds_behind_master}, "10", "20"),
+ sprintf "Slave is %d seconds behind master",
+ $self->{seconds_behind_master});
+ $self->add_perfdata(sprintf "slave_lag=%d;%s;%s",
+ $self->{seconds_behind_master},
+ $self->{warningrange}, $self->{criticalrange});
+ } elsif ($params{mode} =~ /server::instance::replication::slaveiorunning/) {
+ if (lc $self->{slave_io_running} eq "yes") {
+ $self->add_nagios_ok("Slave io is running");
+ } else {
+ $self->add_nagios_critical("Slave io is not running");
+ }
+ } elsif ($params{mode} =~ /server::instance::replication::slavesqlrunning/) {
+ if (lc $self->{slave_sql_running} eq "yes") {
+ $self->add_nagios_ok("Slave sql is running");
+ } else {
+ $self->add_nagios_critical("Slave sql is not running");
+ }
+ }
+ }
+}
+
+
+
+package DBD::MySQL::Server::Instance;
+
+use strict;
+
+our @ISA = qw(DBD::MySQL::Server);
+
+
+sub new {
+ my $class = shift;
+ my %params = @_;
+ my $self = {
+ handle => $params{handle},
+ uptime => $params{uptime},
+ warningrange => $params{warningrange},
+ criticalrange => $params{criticalrange},
+ threads_connected => undef,
+ threads_created => undef,
+ connections => undef,
+ threadcache_hitrate => undef,
+ querycache_hitrate => undef,
+ lowmem_prunes_per_sec => undef,
+ slow_queries_per_sec => undef,
+ longrunners => undef,
+ tablecache_hitrate => undef,
+ index_usage => undef,
+ engine_innodb => undef,
+ engine_myisam => undef,
+ replication => undef,
+ };
+ bless $self, $class;
+ $self->init(%params);
+ return $self;
+}
+
+sub init {
+ my $self = shift;
+ my %params = @_;
+ my $dummy;
+ $self->init_nagios();
+ if ($params{mode} =~ /server::instance::connectedthreads/) {
+ ($dummy, $self->{threads_connected}) = $self->{handle}->fetchrow_array(q{
+ SHOW /*!50000 global */ STATUS LIKE 'Threads_connected'
+ });
+ } elsif ($params{mode} =~ /server::instance::createdthreads/) {
+ ($dummy, $self->{threads_created}) = $self->{handle}->fetchrow_array(q{
+ SHOW /*!50000 global */ STATUS LIKE 'Threads_created'
+ });
+ $self->valdiff(\%params, qw(threads_created));
+ $self->{threads_created_per_sec} = $self->{delta_threads_created} /
+ $self->{delta_timestamp};
+ } elsif ($params{mode} =~ /server::instance::runningthreads/) {
+ ($dummy, $self->{threads_running}) = $self->{handle}->fetchrow_array(q{
+ SHOW /*!50000 global */ STATUS LIKE 'Threads_running'
+ });
+ } elsif ($params{mode} =~ /server::instance::cachedthreads/) {
+ ($dummy, $self->{threads_cached}) = $self->{handle}->fetchrow_array(q{
+ SHOW /*!50000 global */ STATUS LIKE 'Threads_cached'
+ });
+ } elsif ($params{mode} =~ /server::instance::abortedconnects/) {
+ ($dummy, $self->{connects_aborted}) = $self->{handle}->fetchrow_array(q{
+ SHOW /*!50000 global */ STATUS LIKE 'Aborted_connects'
+ });
+ $self->valdiff(\%params, qw(connects_aborted));
+ $self->{connects_aborted_per_sec} = $self->{delta_connects_aborted} /
+ $self->{delta_timestamp};
+ } elsif ($params{mode} =~ /server::instance::abortedclients/) {
+ ($dummy, $self->{clients_aborted}) = $self->{handle}->fetchrow_array(q{
+ SHOW /*!50000 global */ STATUS LIKE 'Aborted_clients'
+ });
+ $self->valdiff(\%params, qw(clients_aborted));
+ $self->{clients_aborted_per_sec} = $self->{delta_clients_aborted} /
+ $self->{delta_timestamp};
+ } elsif ($params{mode} =~ /server::instance::threadcachehitrate/) {
+ ($dummy, $self->{threads_created}) = $self->{handle}->fetchrow_array(q{
+ SHOW /*!50000 global */ STATUS LIKE 'Threads_created'
+ });
+ ($dummy, $self->{connections}) = $self->{handle}->fetchrow_array(q{
+ SHOW /*!50000 global */ STATUS LIKE 'Connections'
+ });
+ $self->valdiff(\%params, qw(threads_created connections));
+ if ($self->{delta_connections} > 0) {
+ $self->{threadcache_hitrate_now} =
+ 100 - ($self->{delta_threads_created} * 100.0 /
+ $self->{delta_connections});
+ } else {
+ $self->{threadcache_hitrate_now} = 100;
+ }
+ $self->{threadcache_hitrate} = 100 -
+ ($self->{threads_created} * 100.0 / $self->{connections});
+ $self->{connections_per_sec} = $self->{delta_connections} /
+ $self->{delta_timestamp};
+ } elsif ($params{mode} =~ /server::instance::querycachehitrate/) {
+ ($dummy, $self->{com_select}) = $self->{handle}->fetchrow_array(q{
+ SHOW /*!50000 global */ STATUS LIKE 'Com_select'
+ });
+ ($dummy, $self->{qcache_hits}) = $self->{handle}->fetchrow_array(q{
+ SHOW /*!50000 global */ STATUS LIKE 'Qcache_hits'
+ });
+ # SHOW VARIABLES WHERE Variable_name = 'have_query_cache' for 5.x, but LIKE is compatible
+ ($dummy, $self->{have_query_cache}) = $self->{handle}->fetchrow_array(q{
+ SHOW VARIABLES LIKE 'have_query_cache'
+ });
+ # SHOW VARIABLES WHERE Variable_name = 'query_cache_size'
+ ($dummy, $self->{query_cache_size}) = $self->{handle}->fetchrow_array(q{
+ SHOW VARIABLES LIKE 'query_cache_size'
+ });
+ $self->valdiff(\%params, qw(com_select qcache_hits));
+ $self->{querycache_hitrate_now} =
+ ($self->{delta_com_select} + $self->{delta_qcache_hits}) > 0 ?
+ 100 * $self->{delta_qcache_hits} /
+ ($self->{delta_com_select} + $self->{delta_qcache_hits}) :
+ 0;
+ $self->{querycache_hitrate} =
+ 100 * $self->{qcache_hits} / ($self->{com_select} + $self->{qcache_hits});
+ $self->{selects_per_sec} =
+ $self->{delta_com_select} / $self->{delta_timestamp};
+ } elsif ($params{mode} =~ /server::instance::querycachelowmemprunes/) {
+ ($dummy, $self->{lowmem_prunes}) = $self->{handle}->fetchrow_array(q{
+ SHOW /*!50000 global */ STATUS LIKE 'Qcache_lowmem_prunes'
+ });
+ $self->valdiff(\%params, qw(lowmem_prunes));
+ $self->{lowmem_prunes_per_sec} = $self->{delta_lowmem_prunes} /
+ $self->{delta_timestamp};
+ } elsif ($params{mode} =~ /server::instance::slowqueries/) {
+ ($dummy, $self->{slow_queries}) = $self->{handle}->fetchrow_array(q{
+ SHOW /*!50000 global */ STATUS LIKE 'Slow_queries'
+ });
+ $self->valdiff(\%params, qw(slow_queries));
+ $self->{slow_queries_per_sec} = $self->{delta_slow_queries} /
+ $self->{delta_timestamp};
+ } elsif ($params{mode} =~ /server::instance::longprocs/) {
+ if (DBD::MySQL::Server::return_first_server()->version_is_minimum("5.1")) {
+ ($self->{longrunners}) = $self->{handle}->fetchrow_array(q{
+ SELECT
+ COUNT(*)
+ FROM
+ information_schema.processlist
+ WHERE user <> 'replication'
+ AND id <> CONNECTION_ID()
+ AND time > 60
+ AND command <> 'Sleep'
+ });
+ } else {
+ $self->{longrunners} = 0 if ! defined $self->{longrunners};
+ foreach ($self->{handle}->fetchall_array(q{
+ SHOW PROCESSLIST
+ })) {
+ my($id, $user, $host, $db, $command, $tme, $state, $info) = @{$_};
+ if (($user ne 'replication') &&
+ ($tme > 60) &&
+ ($command ne 'Sleep')) {
+ $self->{longrunners}++;
+ }
+ }
+ }
+ } elsif ($params{mode} =~ /server::instance::tablecachehitrate/) {
+ ($dummy, $self->{open_tables}) = $self->{handle}->fetchrow_array(q{
+ SHOW /*!50000 global */ STATUS LIKE 'Open_tables'
+ });
+ ($dummy, $self->{opened_tables}) = $self->{handle}->fetchrow_array(q{
+ SHOW /*!50000 global */ STATUS LIKE 'Opened_tables'
+ });
+ if (DBD::MySQL::Server::return_first_server()->version_is_minimum("5.1.3")) {
+ # SHOW VARIABLES WHERE Variable_name = 'table_open_cache'
+ ($dummy, $self->{table_cache}) = $self->{handle}->fetchrow_array(q{
+ SHOW VARIABLES LIKE 'table_open_cache'
+ });
+ } else {
+ # SHOW VARIABLES WHERE Variable_name = 'table_cache'
+ ($dummy, $self->{table_cache}) = $self->{handle}->fetchrow_array(q{
+ SHOW VARIABLES LIKE 'table_cache'
+ });
+ }
+ $self->{table_cache} ||= 0;
+ #$self->valdiff(\%params, qw(open_tables opened_tables table_cache));
+ # _now ist hier sinnlos, da opened_tables waechst, aber open_tables wieder
+ # schrumpfen kann weil tabellen geschlossen werden.
+ if ($self->{opened_tables} != 0 && $self->{table_cache} != 0) {
+ $self->{tablecache_hitrate} =
+ 100 * $self->{open_tables} / $self->{opened_tables};
+ $self->{tablecache_fillrate} =
+ 100 * $self->{open_tables} / $self->{table_cache};
+ } elsif ($self->{opened_tables} == 0 && $self->{table_cache} != 0) {
+ $self->{tablecache_hitrate} = 100;
+ $self->{tablecache_fillrate} =
+ 100 * $self->{open_tables} / $self->{table_cache};
+ } else {
+ $self->{tablecache_hitrate} = 0;
+ $self->{tablecache_fillrate} = 0;
+ $self->add_nagios_critical("no table cache");
+ }
+ } elsif ($params{mode} =~ /server::instance::tablelockcontention/) {
+ ($dummy, $self->{table_locks_waited}) = $self->{handle}->fetchrow_array(q{
+ SHOW /*!50000 global */ STATUS LIKE 'Table_locks_waited'
+ });
+ ($dummy, $self->{table_locks_immediate}) = $self->{handle}->fetchrow_array(q{
+ SHOW /*!50000 global */ STATUS LIKE 'Table_locks_immediate'
+ });
+ $self->valdiff(\%params, qw(table_locks_waited table_locks_immediate));
+ $self->{table_lock_contention} =
+ ($self->{table_locks_waited} + $self->{table_locks_immediate}) > 0 ?
+ 100 * $self->{table_locks_waited} /
+ ($self->{table_locks_waited} + $self->{table_locks_immediate}) :
+ 100;
+ $self->{table_lock_contention_now} =
+ ($self->{delta_table_locks_waited} + $self->{delta_table_locks_immediate}) > 0 ?
+ 100 * $self->{delta_table_locks_waited} /
+ ($self->{delta_table_locks_waited} + $self->{delta_table_locks_immediate}) :
+ 100;
+ } elsif ($params{mode} =~ /server::instance::tableindexusage/) {
+ # http://johnjacobm.wordpress.com/2007/06/
+ # formula for calculating the percentage of full table scans
+ ($dummy, $self->{handler_read_first}) = $self->{handle}->fetchrow_array(q{
+ SHOW /*!50000 global */ STATUS LIKE 'Handler_read_first'
+ });
+ ($dummy, $self->{handler_read_key}) = $self->{handle}->fetchrow_array(q{
+ SHOW /*!50000 global */ STATUS LIKE 'Handler_read_key'
+ });
+ ($dummy, $self->{handler_read_next}) = $self->{handle}->fetchrow_array(q{
+ SHOW /*!50000 global */ STATUS LIKE 'Handler_read_next'
+ });
+ ($dummy, $self->{handler_read_prev}) = $self->{handle}->fetchrow_array(q{
+ SHOW /*!50000 global */ STATUS LIKE 'Handler_read_prev'
+ });
+ ($dummy, $self->{handler_read_rnd}) = $self->{handle}->fetchrow_array(q{
+ SHOW /*!50000 global */ STATUS LIKE 'Handler_read_rnd'
+ });
+ ($dummy, $self->{handler_read_rnd_next}) = $self->{handle}->fetchrow_array(q{
+ SHOW /*!50000 global */ STATUS LIKE 'Handler_read_rnd_next'
+ });
+ $self->valdiff(\%params, qw(handler_read_first handler_read_key
+ handler_read_next handler_read_prev handler_read_rnd
+ handler_read_rnd_next));
+ my $delta_reads = $self->{delta_handler_read_first} +
+ $self->{delta_handler_read_key} +
+ $self->{delta_handler_read_next} +
+ $self->{delta_handler_read_prev} +
+ $self->{delta_handler_read_rnd} +
+ $self->{delta_handler_read_rnd_next};
+ my $reads = $self->{handler_read_first} +
+ $self->{handler_read_key} +
+ $self->{handler_read_next} +
+ $self->{handler_read_prev} +
+ $self->{handler_read_rnd} +
+ $self->{handler_read_rnd_next};
+ $self->{index_usage_now} = ($delta_reads == 0) ? 0 :
+ 100 - (100.0 * ($self->{delta_handler_read_rnd} +
+ $self->{delta_handler_read_rnd_next}) /
+ $delta_reads);
+ $self->{index_usage} = ($reads == 0) ? 0 :
+ 100 - (100.0 * ($self->{handler_read_rnd} +
+ $self->{handler_read_rnd_next}) /
+ $reads);
+ } elsif ($params{mode} =~ /server::instance::tabletmpondisk/) {
+ ($dummy, $self->{created_tmp_tables}) = $self->{handle}->fetchrow_array(q{
+ SHOW /*!50000 global */ STATUS LIKE 'Created_tmp_tables'
+ });
+ ($dummy, $self->{created_tmp_disk_tables}) = $self->{handle}->fetchrow_array(q{
+ SHOW /*!50000 global */ STATUS LIKE 'Created_tmp_disk_tables'
+ });
+ $self->valdiff(\%params, qw(created_tmp_tables created_tmp_disk_tables));
+ $self->{pct_tmp_on_disk} = $self->{created_tmp_tables} > 0 ?
+ 100 * $self->{created_tmp_disk_tables} / $self->{created_tmp_tables} :
+ 100;
+ $self->{pct_tmp_on_disk_now} = $self->{delta_created_tmp_tables} > 0 ?
+ 100 * $self->{delta_created_tmp_disk_tables} / $self->{delta_created_tmp_tables} :
+ 100;
+ } elsif ($params{mode} =~ /server::instance::openfiles/) {
+ ($dummy, $self->{open_files_limit}) = $self->{handle}->fetchrow_array(q{
+ SHOW VARIABLES LIKE 'open_files_limit'
+ });
+ ($dummy, $self->{open_files}) = $self->{handle}->fetchrow_array(q{
+ SHOW /*!50000 global */ STATUS LIKE 'Open_files'
+ });
+ $self->{pct_open_files} = 100 * $self->{open_files} / $self->{open_files_limit};
+ } elsif ($params{mode} =~ /server::instance::needoptimize/) {
+ $self->{fragmented} = [];
+ #http://www.electrictoolbox.com/optimize-tables-mysql-php/
+ my @result = $self->{handle}->fetchall_array(q{
+ SHOW TABLE STATUS
+ });
+ foreach (@result) {
+ my ($name, $engine, $data_length, $data_free) =
+ ($_->[0], $_->[1], $_->[6 ], $_->[9]);
+ next if ($params{name} && $params{name} ne $name);
+ my $fragmentation = $data_length ? $data_free * 100 / $data_length : 0;
+ push(@{$self->{fragmented}},
+ [$name, $fragmentation, $data_length, $data_free]);
+ }
+ } elsif ($params{mode} =~ /server::instance::myisam/) {
+ $self->{engine_myisam} = DBD::MySQL::Server::Instance::MyISAM->new(
+ %params
+ );
+ } elsif ($params{mode} =~ /server::instance::innodb/) {
+ $self->{engine_innodb} = DBD::MySQL::Server::Instance::Innodb->new(
+ %params
+ );
+ } elsif ($params{mode} =~ /server::instance::replication/) {
+ $self->{replication} = DBD::MySQL::Server::Instance::Replication->new(
+ %params
+ );
+ }
+}
+
+sub nagios {
+ my $self = shift;
+ my %params = @_;
+ if (! $self->{nagios_level}) {
+ if ($params{mode} =~ /server::instance::connectedthreads/) {
+ $self->add_nagios(
+ $self->check_thresholds($self->{threads_connected}, 10, 20),
+ sprintf "%d client connection threads", $self->{threads_connected});
+ $self->add_perfdata(sprintf "threads_connected=%d;%d;%d",
+ $self->{threads_connected},
+ $self->{warningrange}, $self->{criticalrange});
+ } elsif ($params{mode} =~ /server::instance::createdthreads/) {
+ $self->add_nagios(
+ $self->check_thresholds($self->{threads_created_per_sec}, 10, 20),
+ sprintf "%.2f threads created/sec", $self->{threads_created_per_sec});
+ $self->add_perfdata(sprintf "threads_created_per_sec=%.2f;%.2f;%.2f",
+ $self->{threads_created_per_sec},
+ $self->{warningrange}, $self->{criticalrange});
+ } elsif ($params{mode} =~ /server::instance::runningthreads/) {
+ $self->add_nagios(
+ $self->check_thresholds($self->{threads_running}, 10, 20),
+ sprintf "%d running threads", $self->{threads_running});
+ $self->add_perfdata(sprintf "threads_running=%d;%d;%d",
+ $self->{threads_running},
+ $self->{warningrange}, $self->{criticalrange});
+ } elsif ($params{mode} =~ /server::instance::cachedthreads/) {
+ $self->add_nagios(
+ $self->check_thresholds($self->{threads_cached}, 10, 20),
+ sprintf "%d cached threads", $self->{threads_cached});
+ $self->add_perfdata(sprintf "threads_cached=%d;%d;%d",
+ $self->{threads_cached},
+ $self->{warningrange}, $self->{criticalrange});
+ } elsif ($params{mode} =~ /server::instance::abortedconnects/) {
+ $self->add_nagios(
+ $self->check_thresholds($self->{connects_aborted_per_sec}, 1, 5),
+ sprintf "%.2f aborted connections/sec", $self->{connects_aborted_per_sec});
+ $self->add_perfdata(sprintf "connects_aborted_per_sec=%.2f;%.2f;%.2f",
+ $self->{connects_aborted_per_sec},
+ $self->{warningrange}, $self->{criticalrange});
+ } elsif ($params{mode} =~ /server::instance::abortedclients/) {
+ $self->add_nagios(
+ $self->check_thresholds($self->{clients_aborted_per_sec}, 1, 5),
+ sprintf "%.2f aborted (client died) connections/sec", $self->{clients_aborted_per_sec});
+ $self->add_perfdata(sprintf "clients_aborted_per_sec=%.2f;%.2f;%.2f",
+ $self->{clients_aborted_per_sec},
+ $self->{warningrange}, $self->{criticalrange});
+ } elsif ($params{mode} =~ /server::instance::threadcachehitrate/) {
+ my $refkey = 'threadcache_hitrate'.($params{lookback} ? '_now' : '');
+ $self->add_nagios(
+ $self->check_thresholds($self->{$refkey}, "90:", "80:"),
+ sprintf "thread cache hitrate %.2f%%", $self->{$refkey});
+ $self->add_perfdata(sprintf "thread_cache_hitrate=%.2f%%;%s;%s",
+ $self->{threadcache_hitrate},
+ $self->{warningrange}, $self->{criticalrange});
+ $self->add_perfdata(sprintf "thread_cache_hitrate_now=%.2f%%",
+ $self->{threadcache_hitrate_now});
+ $self->add_perfdata(sprintf "connections_per_sec=%.2f",
+ $self->{connections_per_sec});
+ } elsif ($params{mode} =~ /server::instance::querycachehitrate/) {
+ my $refkey = 'querycache_hitrate'.($params{lookback} ? '_now' : '');
+ if ((lc $self->{have_query_cache} eq 'yes') && ($self->{query_cache_size})) {
+ $self->add_nagios(
+ $self->check_thresholds($self->{$refkey}, "90:", "80:"),
+ sprintf "query cache hitrate %.2f%%", $self->{$refkey});
+ } else {
+ $self->check_thresholds($self->{$refkey}, "90:", "80:");
+ $self->add_nagios_ok(
+ sprintf "query cache hitrate %.2f%% (because it's turned off)",
+ $self->{querycache_hitrate});
+ }
+ $self->add_perfdata(sprintf "qcache_hitrate=%.2f%%;%s;%s",
+ $self->{querycache_hitrate},
+ $self->{warningrange}, $self->{criticalrange});
+ $self->add_perfdata(sprintf "qcache_hitrate_now=%.2f%%",
+ $self->{querycache_hitrate_now});
+ $self->add_perfdata(sprintf "selects_per_sec=%.2f",
+ $self->{selects_per_sec});
+ } elsif ($params{mode} =~ /server::instance::querycachelowmemprunes/) {
+ $self->add_nagios(
+ $self->check_thresholds($self->{lowmem_prunes_per_sec}, "1", "10"),
+ sprintf "%d query cache lowmem prunes in %d seconds (%.2f/sec)",
+ $self->{delta_lowmem_prunes}, $self->{delta_timestamp},
+ $self->{lowmem_prunes_per_sec});
+ $self->add_perfdata(sprintf "qcache_lowmem_prunes_rate=%.2f;%s;%s",
+ $self->{lowmem_prunes_per_sec},
+ $self->{warningrange}, $self->{criticalrange});
+ } elsif ($params{mode} =~ /server::instance::slowqueries/) {
+ $self->add_nagios(
+ $self->check_thresholds($self->{slow_queries_per_sec}, "0.1", "1"),
+ sprintf "%d slow queries in %d seconds (%.2f/sec)",
+ $self->{delta_slow_queries}, $self->{delta_timestamp},
+ $self->{slow_queries_per_sec});
+ $self->add_perfdata(sprintf "slow_queries_rate=%.2f%%;%s;%s",
+ $self->{slow_queries_per_sec},
+ $self->{warningrange}, $self->{criticalrange});
+ } elsif ($params{mode} =~ /server::instance::longprocs/) {
+ $self->add_nagios(
+ $self->check_thresholds($self->{longrunners}, 10, 20),
+ sprintf "%d long running processes", $self->{longrunners});
+ $self->add_perfdata(sprintf "long_running_procs=%d;%d;%d",
+ $self->{longrunners},
+ $self->{warningrange}, $self->{criticalrange});
+ } elsif ($params{mode} =~ /server::instance::tablecachehitrate/) {
+ if ($self->{tablecache_fillrate} < 95) {
+ $self->add_nagios_ok(
+ sprintf "table cache hitrate %.2f%%, %.2f%% filled",
+ $self->{tablecache_hitrate},
+ $self->{tablecache_fillrate});
+ $self->check_thresholds($self->{tablecache_hitrate}, "99:", "95:");
+ } else {
+ $self->add_nagios(
+ $self->check_thresholds($self->{tablecache_hitrate}, "99:", "95:"),
+ sprintf "table cache hitrate %.2f%%", $self->{tablecache_hitrate});
+ }
+ $self->add_perfdata(sprintf "tablecache_hitrate=%.2f%%;%s;%s",
+ $self->{tablecache_hitrate},
+ $self->{warningrange}, $self->{criticalrange});
+ $self->add_perfdata(sprintf "tablecache_fillrate=%.2f%%",
+ $self->{tablecache_fillrate});
+ } elsif ($params{mode} =~ /server::instance::tablelockcontention/) {
+ my $refkey = 'table_lock_contention'.($params{lookback} ? '_now' : '');
+ if ($self->{uptime} > 10800) { # MySQL Bug #30599
+ $self->add_nagios(
+ $self->check_thresholds($self->{$refkey}, "1", "2"),
+ sprintf "table lock contention %.2f%%", $self->{$refkey});
+ } else {
+ $self->check_thresholds($self->{$refkey}, "1", "2");
+ $self->add_nagios_ok(
+ sprintf "table lock contention %.2f%% (uptime < 10800)",
+ $self->{$refkey});
+ }
+ $self->add_perfdata(sprintf "tablelock_contention=%.2f%%;%s;%s",
+ $self->{table_lock_contention},
+ $self->{warningrange}, $self->{criticalrange});
+ $self->add_perfdata(sprintf "tablelock_contention_now=%.2f%%",
+ $self->{table_lock_contention_now});
+ } elsif ($params{mode} =~ /server::instance::tableindexusage/) {
+ my $refkey = 'index_usage'.($params{lookback} ? '_now' : '');
+ $self->add_nagios(
+ $self->check_thresholds($self->{$refkey}, "90:", "80:"),
+ sprintf "index usage %.2f%%", $self->{$refkey});
+ $self->add_perfdata(sprintf "index_usage=%.2f%%;%s;%s",
+ $self->{index_usage},
+ $self->{warningrange}, $self->{criticalrange});
+ $self->add_perfdata(sprintf "index_usage_now=%.2f%%",
+ $self->{index_usage_now});
+ } elsif ($params{mode} =~ /server::instance::tabletmpondisk/) {
+ my $refkey = 'pct_tmp_on_disk'.($params{lookback} ? '_now' : '');
+ $self->add_nagios(
+ $self->check_thresholds($self->{$refkey}, "25", "50"),
+ sprintf "%.2f%% of %d tables were created on disk",
+ $self->{$refkey}, $self->{delta_created_tmp_tables});
+ $self->add_perfdata(sprintf "pct_tmp_table_on_disk=%.2f%%;%s;%s",
+ $self->{pct_tmp_on_disk},
+ $self->{warningrange}, $self->{criticalrange});
+ $self->add_perfdata(sprintf "pct_tmp_table_on_disk_now=%.2f%%",
+ $self->{pct_tmp_on_disk_now});
+ } elsif ($params{mode} =~ /server::instance::openfiles/) {
+ $self->add_nagios(
+ $self->check_thresholds($self->{pct_open_files}, 80, 95),
+ sprintf "%.2f%% of the open files limit reached (%d of max. %d)",
+ $self->{pct_open_files},
+ $self->{open_files}, $self->{open_files_limit});
+ $self->add_perfdata(sprintf "pct_open_files=%.3f%%;%.3f;%.3f",
+ $self->{pct_open_files},
+ $self->{warningrange},
+ $self->{criticalrange});
+ $self->add_perfdata(sprintf "open_files=%d;%d;%d",
+ $self->{open_files},
+ $self->{open_files_limit} * $self->{warningrange} / 100,
+ $self->{open_files_limit} * $self->{criticalrange} / 100);
+ } elsif ($params{mode} =~ /server::instance::needoptimize/) {
+ foreach (@{$self->{fragmented}}) {
+ $self->add_nagios(
+ $self->check_thresholds($_->[1], 10, 25),
+ sprintf "table %s is %.2f%% fragmented", $_->[0], $_->[1]);
+ if ($params{name}) {
+ $self->add_perfdata(sprintf "'%s_frag'=%.2f%%;%d;%d",
+ $_->[0], $_->[1], $self->{warningrange}, $self->{criticalrange});
+ }
+ }
+ } elsif ($params{mode} =~ /server::instance::myisam/) {
+ $self->{engine_myisam}->nagios(%params);
+ $self->merge_nagios($self->{engine_myisam});
+ } elsif ($params{mode} =~ /server::instance::innodb/) {
+ $self->{engine_innodb}->nagios(%params);
+ $self->merge_nagios($self->{engine_innodb});
+ } elsif ($params{mode} =~ /server::instance::replication/) {
+ $self->{replication}->nagios(%params);
+ $self->merge_nagios($self->{replication});
+ }
+ }
+}
+
+
+
+package DBD::MySQL::Server;
+
+use strict;
+use Time::HiRes;
+use IO::File;
+use File::Copy 'cp';
+use Data::Dumper;
+
+
+{
+ our $verbose = 0;
+ our $scream = 0; # scream if something is not implemented
+ our $access = "dbi"; # how do we access the database.
+ our $my_modules_dyn_dir = ""; # where we look for self-written extensions
+
+ my @servers = ();
+ my $initerrors = undef;
+
+ sub add_server {
+ push(@servers, shift);
+ }
+
+ sub return_servers {
+ return @servers;
+ }
+
+ sub return_first_server() {
+ return $servers[0];
+ }
+
+}
+
+sub new {
+ my $class = shift;
+ my %params = @_;
+ my $self = {
+ access => $params{method} || 'dbi',
+ hostname => $params{hostname},
+ database => $params{database} || 'information_schema',
+ port => $params{port},
+ socket => $params{socket},
+ username => $params{username},
+ password => $params{password},
+ timeout => $params{timeout},
+ warningrange => $params{warningrange},
+ criticalrange => $params{criticalrange},
+ verbose => $params{verbose},
+ report => $params{report},
+ labelformat => $params{labelformat},
+ version => 'unknown',
+ instance => undef,
+ handle => undef,
+ };
+ bless $self, $class;
+ $self->init_nagios();
+ if ($self->dbconnect(%params)) {
+ ($self->{dummy}, $self->{version}) = $self->{handle}->fetchrow_array(
+ #q{ SHOW VARIABLES WHERE Variable_name = 'version' }
+ q{ SHOW VARIABLES LIKE 'version' }
+ );
+ $self->{version} = (split "-", $self->{version})[0];
+ ($self->{dummy}, $self->{uptime}) = $self->{handle}->fetchrow_array(
+ q{ SHOW STATUS LIKE 'Uptime' }
+ );
+ DBD::MySQL::Server::add_server($self);
+ $self->init(%params);
+ }
+ return $self;
+}
+
+sub init {
+ my $self = shift;
+ my %params = @_;
+ $params{handle} = $self->{handle};
+ $params{uptime} = $self->{uptime};
+ $self->set_global_db_thresholds(\%params);
+ if ($params{mode} =~ /^server::instance/) {
+ $self->{instance} = DBD::MySQL::Server::Instance->new(%params);
+ } elsif ($params{mode} =~ /^server::sql/) {
+ $self->set_local_db_thresholds(%params);
+ if ($params{regexp}) {
+ # sql output is treated as text
+ if ($params{name2} eq $params{name}) {
+ $self->add_nagios_unknown(sprintf "where's the regexp????");
+ } else {
+ $self->{genericsql} =
+ $self->{handle}->fetchrow_array($params{selectname});
+ if (! defined $self->{genericsql}) {
+ $self->add_nagios_unknown(sprintf "got no valid response for %s",
+ $params{selectname});
+ }
+ }
+ } else {
+ # sql output must be a number (or array of numbers)
+ @{$self->{genericsql}} =
+ $self->{handle}->fetchrow_array($params{selectname});
+ if (! (defined $self->{genericsql} &&
+ (scalar(grep { /^[+-]?(?:\d+(?:\.\d*)?|\.\d+)$/ } @{$self->{genericsql}})) ==
+ scalar(@{$self->{genericsql}}))) {
+ $self->add_nagios_unknown(sprintf "got no valid response for %s",
+ $params{selectname});
+ } else {
+ # name2 in array
+ # units in array
+ }
+ }
+ } elsif ($params{mode} =~ /^server::uptime/) {
+ # already set with the connection. but use minutes here
+ } elsif ($params{mode} =~ /^server::connectiontime/) {
+ $self->{connection_time} = $self->{tac} - $self->{tic};
+ } elsif ($params{mode} =~ /^my::([^:.]+)/) {
+ my $class = $1;
+ my $loaderror = undef;
+ substr($class, 0, 1) = uc substr($class, 0, 1);
+ foreach my $libpath (split(":", $DBD::MySQL::Server::my_modules_dyn_dir)) {
+ foreach my $extmod (glob $libpath."/CheckMySQLHealth*.pm") {
+ eval {
+ $self->trace(sprintf "loading module %s", $extmod);
+ require $extmod;
+ };
+ if ($@) {
+ $loaderror = $extmod;
+ $self->trace(sprintf "failed loading module %s: %s", $extmod, $@);
+ }
+ }
+ }
+ my $obj = {
+ handle => $params{handle},
+ warningrange => $params{warningrange},
+ criticalrange => $params{criticalrange},
+ };
+ bless $obj, "My$class";
+ $self->{my} = $obj;
+ if ($self->{my}->isa("DBD::MySQL::Server")) {
+ my $dos_init = $self->can("init");
+ my $dos_nagios = $self->can("nagios");
+ my $my_init = $self->{my}->can("init");
+ my $my_nagios = $self->{my}->can("nagios");
+ if ($my_init == $dos_init) {
+ $self->add_nagios_unknown(
+ sprintf "Class %s needs an init() method", ref($self->{my}));
+ } elsif ($my_nagios == $dos_nagios) {
+ $self->add_nagios_unknown(
+ sprintf "Class %s needs a nagios() method", ref($self->{my}));
+ } else {
+ $self->{my}->init_nagios(%params);
+ $self->{my}->init(%params);
+ }
+ } else {
+ $self->add_nagios_unknown(
+ sprintf "Class %s is not a subclass of DBD::MySQL::Server%s",
+ ref($self->{my}),
+ $loaderror ? sprintf " (syntax error in %s?)", $loaderror : "" );
+ }
+ } else {
+ printf "broken mode %s\n", $params{mode};
+ }
+}
+
+sub dump {
+ my $self = shift;
+ my $message = shift || "";
+ printf "%s %s\n", $message, Data::Dumper::Dumper($self);
+}
+
+sub nagios {
+ my $self = shift;
+ my %params = @_;
+ if (! $self->{nagios_level}) {
+ if ($params{mode} =~ /^server::instance/) {
+ $self->{instance}->nagios(%params);
+ $self->merge_nagios($self->{instance});
+ } elsif ($params{mode} =~ /^server::database/) {
+ $self->{database}->nagios(%params);
+ $self->merge_nagios($self->{database});
+ } elsif ($params{mode} =~ /^server::uptime/) {
+ $self->add_nagios(
+ $self->check_thresholds($self->{uptime} / 60, "10:", "5:"),
+ sprintf "database is up since %d minutes", $self->{uptime} / 60);
+ $self->add_perfdata(sprintf "uptime=%ds",
+ $self->{uptime});
+ } elsif ($params{mode} =~ /^server::connectiontime/) {
+ $self->add_nagios(
+ $self->check_thresholds($self->{connection_time}, 1, 5),
+ sprintf "%.2f seconds to connect as %s",
+ $self->{connection_time}, ($self->{username} || getpwuid($<)));
+ $self->add_perfdata(sprintf "connection_time=%.4fs;%d;%d",
+ $self->{connection_time},
+ $self->{warningrange}, $self->{criticalrange});
+ } elsif ($params{mode} =~ /^server::sql/) {
+ if ($params{regexp}) {
+ if (substr($params{name2}, 0, 1) eq '!') {
+ $params{name2} =~ s/^!//;
+ if ($self->{genericsql} !~ /$params{name2}/) {
+ $self->add_nagios_ok(
+ sprintf "output %s does not match pattern %s",
+ $self->{genericsql}, $params{name2});
+ } else {
+ $self->add_nagios_critical(
+ sprintf "output %s matches pattern %s",
+ $self->{genericsql}, $params{name2});
+ }
+ } else {
+ if ($self->{genericsql} =~ /$params{name2}/) {
+ $self->add_nagios_ok(
+ sprintf "output %s matches pattern %s",
+ $self->{genericsql}, $params{name2});
+ } else {
+ $self->add_nagios_critical(
+ sprintf "output %s does not match pattern %s",
+ $self->{genericsql}, $params{name2});
+ }
+ }
+ } else {
+ $self->add_nagios(
+ # the first item in the list will trigger the threshold values
+ $self->check_thresholds($self->{genericsql}[0], 1, 5),
+ sprintf "%s: %s%s",
+ $params{name2} ? lc $params{name2} : lc $params{selectname},
+ # float as float, integers as integers
+ join(" ", map {
+ (sprintf("%d", $_) eq $_) ? $_ : sprintf("%f", $_)
+ } @{$self->{genericsql}}),
+ $params{units} ? $params{units} : "");
+ my $i = 0;
+ # workaround... getting the column names from the database would be nicer
+ my @names2_arr = split(/\s+/, $params{name2});
+ foreach my $t (@{$self->{genericsql}}) {
+ $self->add_perfdata(sprintf "\'%s\'=%s%s;%s;%s",
+ $names2_arr[$i] ? lc $names2_arr[$i] : lc $params{selectname},
+ # float as float, integers as integers
+ (sprintf("%d", $t) eq $t) ? $t : sprintf("%f", $t),
+ $params{units} ? $params{units} : "",
+ ($i == 0) ? $self->{warningrange} : "",
+ ($i == 0) ? $self->{criticalrange} : ""
+ );
+ $i++;
+ }
+ }
+ } elsif ($params{mode} =~ /^my::([^:.]+)/) {
+ $self->{my}->nagios(%params);
+ $self->merge_nagios($self->{my});
+ }
+ }
+}
+
+
+sub init_nagios {
+ my $self = shift;
+ no strict 'refs';
+ if (! ref($self)) {
+ my $nagiosvar = $self."::nagios";
+ my $nagioslevelvar = $self."::nagios_level";
+ $$nagiosvar = {
+ messages => {
+ 0 => [],
+ 1 => [],
+ 2 => [],
+ 3 => [],
+ },
+ perfdata => [],
+ };
+ $$nagioslevelvar = $ERRORS{OK},
+ } else {
+ $self->{nagios} = {
+ messages => {
+ 0 => [],
+ 1 => [],
+ 2 => [],
+ 3 => [],
+ },
+ perfdata => [],
+ };
+ $self->{nagios_level} = $ERRORS{OK},
+ }
+}
+
+sub check_thresholds {
+ my $self = shift;
+ my $value = shift;
+ my $defaultwarningrange = shift;
+ my $defaultcriticalrange = shift;
+ my $level = $ERRORS{OK};
+ $self->{warningrange} = defined $self->{warningrange} ?
+ $self->{warningrange} : $defaultwarningrange;
+ $self->{criticalrange} = defined $self->{criticalrange} ?
+ $self->{criticalrange} : $defaultcriticalrange;
+ if ($self->{warningrange} !~ /:/ && $self->{criticalrange} !~ /:/) {
+ # warning = 10, critical = 20, warn if > 10, crit if > 20
+ $level = $ERRORS{WARNING} if $value > $self->{warningrange};
+ $level = $ERRORS{CRITICAL} if $value > $self->{criticalrange};
+ } elsif ($self->{warningrange} =~ /([\d\.]+):/ &&
+ $self->{criticalrange} =~ /([\d\.]+):/) {
+ # warning = 98:, critical = 95:, warn if < 98, crit if < 95
+ $self->{warningrange} =~ /([\d\.]+):/;
+ $level = $ERRORS{WARNING} if $value < $1;
+ $self->{criticalrange} =~ /([\d\.]+):/;
+ $level = $ERRORS{CRITICAL} if $value < $1;
+ }
+ return $level;
+ #
+ # syntax error must be reported with returncode -1
+ #
+}
+
+sub add_nagios {
+ my $self = shift;
+ my $level = shift;
+ my $message = shift;
+ push(@{$self->{nagios}->{messages}->{$level}}, $message);
+ # recalc current level
+ foreach my $llevel qw(CRITICAL WARNING UNKNOWN OK) {
+ if (scalar(@{$self->{nagios}->{messages}->{$ERRORS{$llevel}}})) {
+ $self->{nagios_level} = $ERRORS{$llevel};
+ }
+ }
+}
+
+sub add_nagios_ok {
+ my $self = shift;
+ my $message = shift;
+ $self->add_nagios($ERRORS{OK}, $message);
+}
+
+sub add_nagios_warning {
+ my $self = shift;
+ my $message = shift;
+ $self->add_nagios($ERRORS{WARNING}, $message);
+}
+
+sub add_nagios_critical {
+ my $self = shift;
+ my $message = shift;
+ $self->add_nagios($ERRORS{CRITICAL}, $message);
+}
+
+sub add_nagios_unknown {
+ my $self = shift;
+ my $message = shift;
+ $self->add_nagios($ERRORS{UNKNOWN}, $message);
+}
+
+sub add_perfdata {
+ my $self = shift;
+ my $data = shift;
+ push(@{$self->{nagios}->{perfdata}}, $data);
+}
+
+sub merge_nagios {
+ my $self = shift;
+ my $child = shift;
+ foreach my $level (0..3) {
+ foreach (@{$child->{nagios}->{messages}->{$level}}) {
+ $self->add_nagios($level, $_);
+ }
+ #push(@{$self->{nagios}->{messages}->{$level}},
+ # @{$child->{nagios}->{messages}->{$level}});
+ }
+ push(@{$self->{nagios}->{perfdata}}, @{$child->{nagios}->{perfdata}});
+}
+
+sub calculate_result {
+ my $self = shift;
+ my $labels = shift || {};
+ my $multiline = 0;
+ map {
+ $self->{nagios_level} = $ERRORS{$_} if
+ (scalar(@{$self->{nagios}->{messages}->{$ERRORS{$_}}}));
+ } ("OK", "UNKNOWN", "WARNING", "CRITICAL");
+ if ($ENV{NRPE_MULTILINESUPPORT} &&
+ length join(" ", @{$self->{nagios}->{perfdata}}) > 200) {
+ $multiline = 1;
+ }
+ my $all_messages = join(($multiline ? "\n" : ", "), map {
+ join(($multiline ? "\n" : ", "), @{$self->{nagios}->{messages}->{$ERRORS{$_}}})
+ } grep {
+ scalar(@{$self->{nagios}->{messages}->{$ERRORS{$_}}})
+ } ("CRITICAL", "WARNING", "UNKNOWN", "OK"));
+ my $bad_messages = join(($multiline ? "\n" : ", "), map {
+ join(($multiline ? "\n" : ", "), @{$self->{nagios}->{messages}->{$ERRORS{$_}}})
+ } grep {
+ scalar(@{$self->{nagios}->{messages}->{$ERRORS{$_}}})
+ } ("CRITICAL", "WARNING", "UNKNOWN"));
+ my $all_messages_short = $bad_messages ? $bad_messages : 'no problems';
+ my $all_messages_html = "<table style=\"border-collapse: collapse;\">".
+ join("", map {
+ my $level = $_;
+ join("", map {
+ sprintf "<tr valign=\"top\"><td class=\"service%s\">%s</td></tr>",
+ $level, $_;
+ } @{$self->{nagios}->{messages}->{$ERRORS{$_}}});
+ } grep {
+ scalar(@{$self->{nagios}->{messages}->{$ERRORS{$_}}})
+ } ("CRITICAL", "WARNING", "UNKNOWN", "OK")).
+ "</table>";
+ if (exists $self->{identstring}) {
+ $self->{nagios_message} .= $self->{identstring};
+ }
+ if ($self->{report} eq "long") {
+ $self->{nagios_message} .= $all_messages;
+ } elsif ($self->{report} eq "short") {
+ $self->{nagios_message} .= $all_messages_short;
+ } elsif ($self->{report} eq "html") {
+ $self->{nagios_message} .= $all_messages_short."\n".$all_messages_html;
+ }
+ if ($self->{labelformat} eq "pnp4nagios") {
+ $self->{perfdata} = join(" ", @{$self->{nagios}->{perfdata}});
+ } else {
+ $self->{perfdata} = join(" ", map {
+ my $perfdata = $_;
+ if ($perfdata =~ /^(.*?)=(.*)/) {
+ my $label = $1;
+ my $data = $2;
+ if (exists $labels->{$label} &&
+ exists $labels->{$label}->{$self->{labelformat}}) {
+ $labels->{$label}->{$self->{labelformat}}."=".$data;
+ } else {
+ $perfdata;
+ }
+ } else {
+ $perfdata;
+ }
+ } @{$self->{nagios}->{perfdata}});
+ }
+}
+
+sub set_global_db_thresholds {
+ my $self = shift;
+ my $params = shift;
+ my $warning = undef;
+ my $critical = undef;
+ return unless defined $params->{dbthresholds};
+ $params->{name0} = $params->{dbthresholds};
+ # :pluginmode :name :warning :critical
+ # mode empty
+ #
+ eval {
+ if ($self->{handle}->fetchrow_array(q{
+ SELECT table_name
+ FROM information_schema.tables
+ WHERE table_schema = ?
+ AND table_name = 'CHECK_MYSQL_HEALTH_THRESHOLDS';
+ }, $self->{database})) { # either --database... or information_schema
+ my @dbthresholds = $self->{handle}->fetchall_array(q{
+ SELECT * FROM check_mysql_health_thresholds
+ });
+ $params->{dbthresholds} = \@dbthresholds;
+ foreach (@dbthresholds) {
+ if (($_->[0] eq $params->{cmdlinemode}) &&
+ (! defined $_->[1] || ! $_->[1])) {
+ ($warning, $critical) = ($_->[2], $_->[3]);
+ }
+ }
+ }
+ };
+ if (! $@) {
+ if ($warning) {
+ $params->{warningrange} = $warning;
+ $self->trace("read warningthreshold %s from database", $warning);
+ }
+ if ($critical) {
+ $params->{criticalrange} = $critical;
+ $self->trace("read criticalthreshold %s from database", $critical);
+ }
+ }
+}
+
+sub set_local_db_thresholds {
+ my $self = shift;
+ my %params = @_;
+ my $warning = undef;
+ my $critical = undef;
+ # :pluginmode :name :warning :critical
+ # mode name0
+ # mode name2
+ # mode name
+ #
+ # first: argument of --dbthresholds, it it exists
+ # second: --name2
+ # third: --name
+ if (ref($params{dbthresholds}) eq 'ARRAY') {
+ my $marker;
+ foreach (@{$params{dbthresholds}}) {
+ if ($_->[0] eq $params{cmdlinemode}) {
+ if (defined $_->[1] && $params{name0} && $_->[1] eq $params{name0}) {
+ ($warning, $critical) = ($_->[2], $_->[3]);
+ $marker = $params{name0};
+ last;
+ } elsif (defined $_->[1] && $params{name2} && $_->[1] eq $params{name2}) {
+ ($warning, $critical) = ($_->[2], $_->[3]);
+ $marker = $params{name2};
+ last;
+ } elsif (defined $_->[1] && $params{name} && $_->[1] eq $params{name}) {
+ ($warning, $critical) = ($_->[2], $_->[3]);
+ $marker = $params{name};
+ last;
+ }
+ }
+ }
+ if ($warning) {
+ $self->{warningrange} = $warning;
+ $self->trace("read warningthreshold %s for %s from database",
+ $marker, $warning);
+ }
+ if ($critical) {
+ $self->{criticalrange} = $critical;
+ $self->trace("read criticalthreshold %s for %s from database",
+ $marker, $critical);
+ }
+ }
+}
+
+sub debug {
+ my $self = shift;
+ my $msg = shift;
+ if ($DBD::MySQL::Server::verbose) {
+ printf "%s %s\n", $msg, ref($self);
+ }
+}
+
+sub dbconnect {
+ my $self = shift;
+ my %params = @_;
+ my $retval = undef;
+ $self->{tic} = Time::HiRes::time();
+ $self->{handle} = DBD::MySQL::Server::Connection->new(%params);
+ if ($self->{handle}->{errstr}) {
+ if ($params{mode} =~ /^server::tnsping/ &&
+ $self->{handle}->{errstr} =~ /ORA-01017/) {
+ $self->add_nagios($ERRORS{OK},
+ sprintf "connection established to %s.", $self->{connect});
+ $retval = undef;
+ } elsif ($self->{handle}->{errstr} eq "alarm\n") {
+ $self->add_nagios($ERRORS{CRITICAL},
+ sprintf "connection could not be established within %d seconds",
+ $self->{timeout});
+ } else {
+ $self->add_nagios($ERRORS{CRITICAL},
+ sprintf "cannot connect to %s. %s",
+ $self->{database}, $self->{handle}->{errstr});
+ $retval = undef;
+ }
+ } else {
+ $retval = $self->{handle};
+ }
+ $self->{tac} = Time::HiRes::time();
+ return $retval;
+}
+
+sub trace {
+ my $self = shift;
+ my $format = shift;
+ $self->{trace} = -f "/tmp/check_mysql_health.trace" ? 1 : 0;
+ if ($self->{verbose}) {
+ printf("%s: ", scalar localtime);
+ printf($format, @_);
+ }
+ if ($self->{trace}) {
+ my $logfh = new IO::File;
+ $logfh->autoflush(1);
+ if ($logfh->open("/tmp/check_mysql_health.trace", "a")) {
+ $logfh->printf("%s: ", scalar localtime);
+ $logfh->printf($format, @_);
+ $logfh->printf("\n");
+ $logfh->close();
+ }
+ }
+}
+
+sub DESTROY {
+ my $self = shift;
+ my $handle1 = "null";
+ my $handle2 = "null";
+ if (defined $self->{handle}) {
+ $handle1 = ref($self->{handle});
+ if (defined $self->{handle}->{handle}) {
+ $handle2 = ref($self->{handle}->{handle});
+ }
+ }
+ $self->trace(sprintf "DESTROY %s with handle %s %s", ref($self), $handle1, $handle2);
+ if (ref($self) eq "DBD::MySQL::Server") {
+ }
+ $self->trace(sprintf "DESTROY %s exit with handle %s %s", ref($self), $handle1, $handle2);
+ if (ref($self) eq "DBD::MySQL::Server") {
+ #printf "humpftata\n";
+ }
+}
+
+sub save_state {
+ my $self = shift;
+ my %params = @_;
+ my $extension = "";
+ my $mode = $params{mode};
+ if ($params{connect} && $params{connect} =~ /(\w+)\/(\w+)@(\w+)/) {
+ $params{connect} = $3;
+ } elsif ($params{connect}) {
+ # just to be sure
+ $params{connect} =~ s/\//_/g;
+ }
+ if ($^O =~ /MSWin/) {
+ $mode =~ s/::/_/g;
+ $params{statefilesdir} = $self->system_vartmpdir();
+ }
+ if (! -d $params{statefilesdir}) {
+ eval {
+ use File::Path;
+ mkpath $params{statefilesdir};
+ };
+ }
+ if ($@ || ! -w $params{statefilesdir}) {
+ $self->add_nagios($ERRORS{CRITICAL},
+ sprintf "statefilesdir %s does not exist or is not writable\n",
+ $params{statefilesdir});
+ return;
+ }
+ my $statefile = sprintf "%s_%s", $params{hostname}, $mode;
+ $extension .= $params{differenciator} ? "_".$params{differenciator} : "";
+ $extension .= $params{socket} ? "_".$params{socket} : "";
+ $extension .= $params{port} ? "_".$params{port} : "";
+ $extension .= $params{database} ? "_".$params{database} : "";
+ $extension .= $params{tablespace} ? "_".$params{tablespace} : "";
+ $extension .= $params{datafile} ? "_".$params{datafile} : "";
+ $extension .= $params{name} ? "_".$params{name} : "";
+ $extension =~ s/\//_/g;
+ $extension =~ s/\(/_/g;
+ $extension =~ s/\)/_/g;
+ $extension =~ s/\*/_/g;
+ $extension =~ s/\s/_/g;
+ $statefile .= $extension;
+ $statefile = lc $statefile;
+ $statefile = sprintf "%s/%s", $params{statefilesdir}, $statefile;
+ if (open(STATE, ">$statefile")) {
+ if ((ref($params{save}) eq "HASH") && exists $params{save}->{timestamp}) {
+ $params{save}->{localtime} = scalar localtime $params{save}->{timestamp};
+ }
+ printf STATE Data::Dumper::Dumper($params{save});
+ close STATE;
+ } else {
+ $self->add_nagios($ERRORS{CRITICAL},
+ sprintf "statefile %s is not writable", $statefile);
+ }
+ $self->debug(sprintf "saved %s to %s",
+ Data::Dumper::Dumper($params{save}), $statefile);
+}
+
+sub load_state {
+ my $self = shift;
+ my %params = @_;
+ my $extension = "";
+ my $mode = $params{mode};
+ if ($params{connect} && $params{connect} =~ /(\w+)\/(\w+)@(\w+)/) {
+ $params{connect} = $3;
+ } elsif ($params{connect}) {
+ # just to be sure
+ $params{connect} =~ s/\//_/g;
+ }
+ if ($^O =~ /MSWin/) {
+ $mode =~ s/::/_/g;
+ $params{statefilesdir} = $self->system_vartmpdir();
+ }
+ my $statefile = sprintf "%s_%s", $params{hostname}, $mode;
+ $extension .= $params{differenciator} ? "_".$params{differenciator} : "";
+ $extension .= $params{socket} ? "_".$params{socket} : "";
+ $extension .= $params{port} ? "_".$params{port} : "";
+ $extension .= $params{database} ? "_".$params{database} : "";
+ $extension .= $params{tablespace} ? "_".$params{tablespace} : "";
+ $extension .= $params{datafile} ? "_".$params{datafile} : "";
+ $extension .= $params{name} ? "_".$params{name} : "";
+ $extension =~ s/\//_/g;
+ $extension =~ s/\(/_/g;
+ $extension =~ s/\)/_/g;
+ $extension =~ s/\*/_/g;
+ $extension =~ s/\s/_/g;
+ $statefile .= $extension;
+ $statefile = lc $statefile;
+ $statefile = sprintf "%s/%s", $params{statefilesdir}, $statefile;
+ if ( -f $statefile) {
+ our $VAR1;
+ eval {
+ require $statefile;
+ };
+ if($@) {
+ $self->add_nagios($ERRORS{CRITICAL},
+ sprintf "statefile %s is corrupt", $statefile);
+ }
+ $self->debug(sprintf "load %s", Data::Dumper::Dumper($VAR1));
+ return $VAR1;
+ } else {
+ return undef;
+ }
+}
+
+sub valdiff {
+ my $self = shift;
+ my $pparams = shift;
+ my %params = %{$pparams};
+ my @keys = @_;
+ my $now = time;
+ my $last_values = $self->load_state(%params) || eval {
+ my $empty_events = {};
+ foreach (@keys) {
+ $empty_events->{$_} = 0;
+ }
+ $empty_events->{timestamp} = 0;
+ if ($params{lookback}) {
+ $empty_events->{lookback_history} = {};
+ }
+ $empty_events;
+ };
+ foreach (@keys) {
+ if ($params{lookback}) {
+ # find a last_value in the history which fits lookback best
+ # and overwrite $last_values->{$_} with historic data
+ if (exists $last_values->{lookback_history}->{$_}) {
+ foreach my $date (sort {$a <=> $b} keys %{$last_values->{lookback_history}->{$_}}) {
+ if ($date >= ($now - $params{lookback})) {
+ $last_values->{$_} = $last_values->{lookback_history}->{$_}->{$date};
+ $last_values->{timestamp} = $date;
+ last;
+ } else {
+ delete $last_values->{lookback_history}->{$_}->{$date};
+ }
+ }
+ }
+ }
+ $last_values->{$_} = 0 if ! exists $last_values->{$_};
+ if ($self->{$_} >= $last_values->{$_}) {
+ $self->{'delta_'.$_} = $self->{$_} - $last_values->{$_};
+ } else {
+ # vermutlich db restart und zaehler alle auf null
+ $self->{'delta_'.$_} = $self->{$_};
+ }
+ $self->debug(sprintf "delta_%s %f", $_, $self->{'delta_'.$_});
+ }
+ $self->{'delta_timestamp'} = $now - $last_values->{timestamp};
+ $params{save} = eval {
+ my $empty_events = {};
+ foreach (@keys) {
+ $empty_events->{$_} = $self->{$_};
+ }
+ $empty_events->{timestamp} = $now;
+ if ($params{lookback}) {
+ $empty_events->{lookback_history} = $last_values->{lookback_history};
+ foreach (@keys) {
+ $empty_events->{lookback_history}->{$_}->{$now} = $self->{$_};
+ }
+ }
+ $empty_events;
+ };
+ $self->save_state(%params);
+}
+
+sub requires_version {
+ my $self = shift;
+ my $version = shift;
+ my @instances = DBD::MySQL::Server::return_servers();
+ my $instversion = $instances[0]->{version};
+ if (! $self->version_is_minimum($version)) {
+ $self->add_nagios($ERRORS{UNKNOWN},
+ sprintf "not implemented/possible for MySQL release %s", $instversion);
+ }
+}
+
+sub version_is_minimum {
+ # the current version is newer or equal
+ my $self = shift;
+ my $version = shift;
+ my $newer = 1;
+ my @instances = DBD::MySQL::Server::return_servers();
+ my @v1 = map { $_ eq "x" ? 0 : $_ } split(/\./, $version);
+ my @v2 = split(/\./, $instances[0]->{version});
+ if (scalar(@v1) > scalar(@v2)) {
+ push(@v2, (0) x (scalar(@v1) - scalar(@v2)));
+ } elsif (scalar(@v2) > scalar(@v1)) {
+ push(@v1, (0) x (scalar(@v2) - scalar(@v1)));
+ }
+ foreach my $pos (0..$#v1) {
+ if ($v2[$pos] > $v1[$pos]) {
+ $newer = 1;
+ last;
+ } elsif ($v2[$pos] < $v1[$pos]) {
+ $newer = 0;
+ last;
+ }
+ }
+ #printf STDERR "check if %s os minimum %s\n", join(".", @v2), join(".", @v1);
+ return $newer;
+}
+
+sub instance_thread {
+ my $self = shift;
+ my @instances = DBD::MySQL::Server::return_servers();
+ return $instances[0]->{thread};
+}
+
+sub windows_server {
+ my $self = shift;
+ my @instances = DBD::MySQL::Server::return_servers();
+ if ($instances[0]->{os} =~ /Win/i) {
+ return 1;
+ } else {
+ return 0;
+ }
+}
+
+sub system_vartmpdir {
+ my $self = shift;
+ if ($^O =~ /MSWin/) {
+ return $self->system_tmpdir();
+ } else {
+ return "/var/tmp/check_mysql_health";
+ }
+}
+
+sub system_oldvartmpdir {
+ my $self = shift;
+ return "/tmp";
+}
+
+sub system_tmpdir {
+ my $self = shift;
+ if ($^O =~ /MSWin/) {
+ return $ENV{TEMP} if defined $ENV{TEMP};
+ return $ENV{TMP} if defined $ENV{TMP};
+ return File::Spec->catfile($ENV{windir}, 'Temp')
+ if defined $ENV{windir};
+ return 'C:\Temp';
+ } else {
+ return "/tmp";
+ }
+}
+
+
+package DBD::MySQL::Server::Connection;
+
+use strict;
+
+our @ISA = qw(DBD::MySQL::Server);
+
+
+sub new {
+ my $class = shift;
+ my %params = @_;
+ my $self = {
+ mode => $params{mode},
+ timeout => $params{timeout},
+ access => $params{method} || "dbi",
+ hostname => $params{hostname},
+ database => $params{database} || "information_schema",
+ port => $params{port},
+ socket => $params{socket},
+ username => $params{username},
+ password => $params{password},
+ handle => undef,
+ };
+ bless $self, $class;
+ if ($params{method} eq "dbi") {
+ bless $self, "DBD::MySQL::Server::Connection::Dbi";
+ } elsif ($params{method} eq "mysql") {
+ bless $self, "DBD::MySQL::Server::Connection::Mysql";
+ } elsif ($params{method} eq "sqlrelay") {
+ bless $self, "DBD::MySQL::Server::Connection::Sqlrelay";
+ }
+ $self->init(%params);
+ return $self;
+}
+
+
+package DBD::MySQL::Server::Connection::Dbi;
+
+use strict;
+use Net::Ping;
+
+our @ISA = qw(DBD::MySQL::Server::Connection);
+
+
+sub init {
+ my $self = shift;
+ my %params = @_;
+ my $retval = undef;
+ if ($self->{mode} =~ /^server::tnsping/) {
+ if (! $self->{connect}) {
+ $self->{errstr} = "Please specify a database";
+ } else {
+ $self->{sid} = $self->{connect};
+ $self->{username} ||= time; # prefer an existing user
+ $self->{password} = time;
+ }
+ } else {
+ if (($self->{hostname} ne 'localhost') && (! $self->{username} || ! $self->{password})) {
+ $self->{errstr} = "Please specify hostname, username and password";
+ return undef;
+ }
+ $self->{dsn} = "DBI:mysql:";
+ $self->{dsn} .= sprintf "database=%s", $self->{database};
+ $self->{dsn} .= sprintf ";host=%s", $self->{hostname};
+ $self->{dsn} .= sprintf ";port=%s", $self->{port}
+ unless $self->{socket} || $self->{hostname} eq 'localhost';
+ $self->{dsn} .= sprintf ";mysql_socket=%s", $self->{socket}
+ if $self->{socket};
+ }
+ if (! exists $self->{errstr}) {
+ eval {
+ require DBI;
+ use POSIX ':signal_h';
+ local $SIG{'ALRM'} = sub {
+ die "alarm\n";
+ };
+ my $mask = POSIX::SigSet->new( SIGALRM );
+ my $action = POSIX::SigAction->new(
+ sub { die "alarm\n" ; }, $mask);
+ my $oldaction = POSIX::SigAction->new();
+ sigaction(SIGALRM ,$action ,$oldaction );
+ alarm($self->{timeout} - 1); # 1 second before the global unknown timeout
+ if ($self->{handle} = DBI->connect(
+ $self->{dsn},
+ $self->{username},
+ $self->{password},
+ { RaiseError => 0, AutoCommit => 0, PrintError => 0 })) {
+# $self->{handle}->do(q{
+# ALTER SESSION SET NLS_NUMERIC_CHARACTERS=".," });
+ $retval = $self;
+ } else {
+ $self->{errstr} = DBI::errstr();
+ }
+ };
+ if ($@) {
+ $self->{errstr} = $@;
+ $retval = undef;
+ }
+ }
+ $self->{tac} = Time::HiRes::time();
+ return $retval;
+}
+
+sub selectrow_hashref {
+ my $self = shift;
+ my $sql = shift;
+ my @arguments = @_;
+ my $sth = undef;
+ my $hashref = undef;
+ eval {
+ $self->trace(sprintf "SQL:\n%s\nARGS:\n%s\n",
+ $sql, Data::Dumper::Dumper(\@arguments));
+ # helm auf! jetzt wirds dreckig.
+ if ($sql =~ /^\s*SHOW/) {
+ $hashref = $self->{handle}->selectrow_hashref($sql);
+ } else {
+ $sth = $self->{handle}->prepare($sql);
+ if (scalar(@arguments)) {
+ $sth->execute(@arguments);
+ } else {
+ $sth->execute();
+ }
+ $hashref = $sth->selectrow_hashref();
+ }
+ $self->trace(sprintf "RESULT:\n%s\n",
+ Data::Dumper::Dumper($hashref));
+ };
+ if ($@) {
+ $self->debug(sprintf "bumm %s", $@);
+ }
+ if (-f "/tmp/check_mysql_health_simulation/".$self->{mode}) {
+ my $simulation = do { local (@ARGV, $/) =
+ "/tmp/check_mysql_health_simulation/".$self->{mode}; <> };
+ # keine lust auf den scheiss
+ }
+ return $hashref;
+}
+
+sub fetchrow_array {
+ my $self = shift;
+ my $sql = shift;
+ my @arguments = @_;
+ my $sth = undef;
+ my @row = ();
+ eval {
+ $self->trace(sprintf "SQL:\n%s\nARGS:\n%s\n",
+ $sql, Data::Dumper::Dumper(\@arguments));
+ $sth = $self->{handle}->prepare($sql);
+ if (scalar(@arguments)) {
+ $sth->execute(@arguments);
+ } else {
+ $sth->execute();
+ }
+ @row = $sth->fetchrow_array();
+ $self->trace(sprintf "RESULT:\n%s\n",
+ Data::Dumper::Dumper(\@row));
+ };
+ if ($@) {
+ $self->debug(sprintf "bumm %s", $@);
+ }
+ if (-f "/tmp/check_mysql_health_simulation/".$self->{mode}) {
+ my $simulation = do { local (@ARGV, $/) =
+ "/tmp/check_mysql_health_simulation/".$self->{mode}; <> };
+ @row = split(/\s+/, (split(/\n/, $simulation))[0]);
+ }
+ return $row[0] unless wantarray;
+ return @row;
+}
+
+sub fetchall_array {
+ my $self = shift;
+ my $sql = shift;
+ my @arguments = @_;
+ my $sth = undef;
+ my $rows = undef;
+ eval {
+ $self->trace(sprintf "SQL:\n%s\nARGS:\n%s\n",
+ $sql, Data::Dumper::Dumper(\@arguments));
+ $sth = $self->{handle}->prepare($sql);
+ if (scalar(@arguments)) {
+ $sth->execute(@arguments);
+ } else {
+ $sth->execute();
+ }
+ $rows = $sth->fetchall_arrayref();
+ $self->trace(sprintf "RESULT:\n%s\n",
+ Data::Dumper::Dumper($rows));
+ };
+ if ($@) {
+ printf STDERR "bumm %s\n", $@;
+ }
+ if (-f "/tmp/check_mysql_health_simulation/".$self->{mode}) {
+ my $simulation = do { local (@ARGV, $/) =
+ "/tmp/check_mysql_health_simulation/".$self->{mode}; <> };
+ @{$rows} = map { [ split(/\s+/, $_) ] } split(/\n/, $simulation);
+ }
+ return @{$rows};
+}
+
+sub func {
+ my $self = shift;
+ $self->{handle}->func(@_);
+}
+
+
+sub execute {
+ my $self = shift;
+ my $sql = shift;
+ eval {
+ my $sth = $self->{handle}->prepare($sql);
+ $sth->execute();
+ };
+ if ($@) {
+ printf STDERR "bumm %s\n", $@;
+ }
+}
+
+sub errstr {
+ my $self = shift;
+ return $self->{errstr};
+}
+
+sub DESTROY {
+ my $self = shift;
+ $self->trace(sprintf "disconnecting DBD %s",
+ $self->{handle} ? "with handle" : "without handle");
+ $self->{handle}->disconnect() if $self->{handle};
+}
+
+package DBD::MySQL::Server::Connection::Mysql;
+
+use strict;
+use File::Temp qw/tempfile/;
+
+our @ISA = qw(DBD::MySQL::Server::Connection);
+
+
+sub init {
+ my $self = shift;
+ my %params = @_;
+ my $retval = undef;
+ $self->{loginstring} = "traditional";
+ ($self->{sql_commandfile_handle}, $self->{sql_commandfile}) =
+ tempfile($self->{mode}."XXXXX", SUFFIX => ".sql",
+ DIR => $self->system_tmpdir() );
+ close $self->{sql_commandfile_handle};
+ ($self->{sql_resultfile_handle}, $self->{sql_resultfile}) =
+ tempfile($self->{mode}."XXXXX", SUFFIX => ".out",
+ DIR => $self->system_tmpdir() );
+ close $self->{sql_resultfile_handle};
+ if ($self->{mode} =~ /^server::tnsping/) {
+ if (! $self->{connect}) {
+ $self->{errstr} = "Please specify a database";
+ } else {
+ $self->{sid} = $self->{connect};
+ $self->{username} ||= time; # prefer an existing user
+ $self->{password} = time;
+ }
+ } else {
+ if (! $self->{username} || ! $self->{password}) {
+ $self->{errstr} = "Please specify database, username and password";
+ return undef;
+ } elsif (! (($self->{hostname} && $self->{port}) || $self->{socket})) {
+ $self->{errstr} = "Please specify hostname and port or socket";
+ return undef;
+ }
+ }
+ if (! exists $self->{errstr}) {
+ eval {
+ my $mysql = '/'.'usr'.'/'.'bin'.'/'.'mysql';
+ if (! -x $mysql) {
+ die "nomysql\n";
+ }
+ if ($self->{loginstring} eq "traditional") {
+ $self->{sqlplus} = sprintf "%s ", $mysql;
+ $self->{sqlplus} .= sprintf "--batch --raw --skip-column-names ";
+ $self->{sqlplus} .= sprintf "--database=%s ", $self->{database};
+ $self->{sqlplus} .= sprintf "--host=%s ", $self->{hostname};
+ $self->{sqlplus} .= sprintf "--port=%s ", $self->{port}
+ unless $self->{socket} || $self->{hostname} eq "localhost";
+ $self->{sqlplus} .= sprintf "--socket=%s ", $self->{socket}
+ if $self->{socket};
+ $self->{sqlplus} .= sprintf "--user=%s --password=%s < %s > %s",
+ $self->{username}, $self->{password},
+ $self->{sql_commandfile}, $self->{sql_resultfile};
+ }
+
+ use POSIX ':signal_h';
+ local $SIG{'ALRM'} = sub {
+ die "alarm\n";
+ };
+ my $mask = POSIX::SigSet->new( SIGALRM );
+ my $action = POSIX::SigAction->new(
+ sub { die "alarm\n" ; }, $mask);
+ my $oldaction = POSIX::SigAction->new();
+ sigaction(SIGALRM ,$action ,$oldaction );
+ alarm($self->{timeout} - 1); # 1 second before the global unknown timeout
+
+ my $answer = $self->fetchrow_array(
+ q{ SELECT 42 FROM dual});
+ die unless defined $answer and $answer == 42;
+ $retval = $self;
+ };
+ if ($@) {
+ $self->{errstr} = $@;
+ $self->{errstr} =~ s/at $0 .*//g;
+ chomp $self->{errstr};
+ $retval = undef;
+ }
+ }
+ $self->{tac} = Time::HiRes::time();
+ return $retval;
+}
+
+sub selectrow_hashref {
+ my $self = shift;
+ my $sql = shift;
+ my @arguments = @_;
+ my $sth = undef;
+ my $hashref = undef;
+ foreach (@arguments) {
+ # replace the ? by the parameters
+ if (/^\d+$/) {
+ $sql =~ s/\?/$_/;
+ } else {
+ $sql =~ s/\?/'$_'/;
+ }
+ }
+ if ($sql =~ /^\s*SHOW/) {
+ $sql .= '\G'; # http://dev.mysql.com/doc/refman/5.1/de/show-slave-status.html
+ }
+ $self->trace(sprintf "SQL (? resolved):\n%s\nARGS:\n%s\n",
+ $sql, Data::Dumper::Dumper(\@arguments));
+ $self->create_commandfile($sql);
+ my $exit_output = `$self->{sqlplus}`;
+ if ($?) {
+ printf STDERR "fetchrow_array exit bumm \n";
+ my $output = do { local (@ARGV, $/) = $self->{sql_resultfile}; <> };
+ my @oerrs = map {
+ /((ERROR \d+).*)/ ? $1 : ();
+ } split(/\n/, $output);
+ $self->{errstr} = join(" ", @oerrs);
+ } else {
+ my $output = do { local (@ARGV, $/) = $self->{sql_resultfile}; <> };
+ if ($sql =~ /^\s*SHOW/) {
+ map {
+ if (/^\s*([\w_]+):\s*(.*)/) {
+ $hashref->{$1} = $2;
+ }
+ } split(/\n/, $output);
+ } else {
+ # i dont mess around here and you shouldn't either
+ }
+ $self->trace(sprintf "RESULT:\n%s\n",
+ Data::Dumper::Dumper($hashref));
+ }
+ unlink $self->{sql_commandfile};
+ unlink $self->{sql_resultfile};
+ return $hashref;
+}
+
+sub fetchrow_array {
+ my $self = shift;
+ my $sql = shift;
+ my @arguments = @_;
+ my $sth = undef;
+ my @row = ();
+ foreach (@arguments) {
+ # replace the ? by the parameters
+ if (/^\d+$/) {
+ $sql =~ s/\?/$_/;
+ } else {
+ $sql =~ s/\?/'$_'/;
+ }
+ }
+ $self->trace(sprintf "SQL (? resolved):\n%s\nARGS:\n%s\n",
+ $sql, Data::Dumper::Dumper(\@arguments));
+ $self->create_commandfile($sql);
+ my $exit_output = `$self->{sqlplus}`;
+ if ($?) {
+ printf STDERR "fetchrow_array exit bumm \n";
+ my $output = do { local (@ARGV, $/) = $self->{sql_resultfile}; <> };
+ my @oerrs = map {
+ /((ERROR \d+).*)/ ? $1 : ();
+ } split(/\n/, $output);
+ $self->{errstr} = join(" ", @oerrs);
+ } else {
+ my $output = do { local (@ARGV, $/) = $self->{sql_resultfile}; <> };
+ @row = map { convert($_) }
+ map { s/^\s+([\.\d]+)$/$1/g; $_ } # strip leading space from numbers
+ map { s/\s+$//g; $_ } # strip trailing space
+ split(/\t/, (split(/\n/, $output))[0]);
+ $self->trace(sprintf "RESULT:\n%s\n",
+ Data::Dumper::Dumper(\@row));
+ }
+ if ($@) {
+ $self->debug(sprintf "bumm %s", $@);
+ }
+ unlink $self->{sql_commandfile};
+ unlink $self->{sql_resultfile};
+ return $row[0] unless wantarray;
+ return @row;
+}
+
+sub fetchall_array {
+ my $self = shift;
+ my $sql = shift;
+ my @arguments = @_;
+ my $sth = undef;
+ my $rows = undef;
+ foreach (@arguments) {
+ # replace the ? by the parameters
+ if (/^\d+$/) {
+ $sql =~ s/\?/$_/;
+ } else {
+ $sql =~ s/\?/'$_'/;
+ }
+ }
+ $self->trace(sprintf "SQL (? resolved):\n%s\nARGS:\n%s\n",
+ $sql, Data::Dumper::Dumper(\@arguments));
+ $self->create_commandfile($sql);
+ my $exit_output = `$self->{sqlplus}`;
+ if ($?) {
+ printf STDERR "fetchrow_array exit bumm %s\n", $exit_output;
+ my $output = do { local (@ARGV, $/) = $self->{sql_resultfile}; <> };
+ my @oerrs = map {
+ /((ERROR \d+).*)/ ? $1 : ();
+ } split(/\n/, $output);
+ $self->{errstr} = join(" ", @oerrs);
+ } else {
+ my $output = do { local (@ARGV, $/) = $self->{sql_resultfile}; <> };
+ my @rows = map { [
+ map { convert($_) }
+ map { s/^\s+([\.\d]+)$/$1/g; $_ }
+ map { s/\s+$//g; $_ }
+ split /\t/
+ ] } grep { ! /^\d+ rows selected/ }
+ grep { ! /^Elapsed: / }
+ grep { ! /^\s*$/ } split(/\n/, $output);
+ $rows = \@rows;
+ $self->trace(sprintf "RESULT:\n%s\n",
+ Data::Dumper::Dumper($rows));
+ }
+ if ($@) {
+ $self->debug(sprintf "bumm %s", $@);
+ }
+ unlink $self->{sql_commandfile};
+ unlink $self->{sql_resultfile};
+ return @{$rows};
+}
+
+sub func {
+ my $self = shift;
+ my $function = shift;
+ $self->{handle}->func(@_);
+}
+
+sub convert {
+ my $n = shift;
+ # mostly used to convert numbers in scientific notation
+ if ($n =~ /^\s*\d+\s*$/) {
+ return $n;
+ } elsif ($n =~ /^\s*([-+]?)(\d*[\.,]*\d*)[eE]{1}([-+]?)(\d+)\s*$/) {
+ my ($vor, $num, $sign, $exp) = ($1, $2, $3, $4);
+ $n =~ s/E/e/g;
+ $n =~ s/,/\./g;
+ $num =~ s/,/\./g;
+ my $sig = $sign eq '-' ? "." . ($exp - 1 + length $num) : '';
+ my $dec = sprintf "%${sig}f", $n;
+ $dec =~ s/\.[0]+$//g;
+ return $dec;
+ } elsif ($n =~ /^\s*([-+]?)(\d+)[\.,]*(\d*)\s*$/) {
+ return $1.$2.".".$3;
+ } elsif ($n =~ /^\s*(.*?)\s*$/) {
+ return $1;
+ } else {
+ return $n;
+ }
+}
+
+
+sub execute {
+ my $self = shift;
+ my $sql = shift;
+ eval {
+ my $sth = $self->{handle}->prepare($sql);
+ $sth->execute();
+ };
+ if ($@) {
+ printf STDERR "bumm %s\n", $@;
+ }
+}
+
+sub errstr {
+ my $self = shift;
+ return $self->{errstr};
+}
+
+sub DESTROY {
+ my $self = shift;
+ $self->trace("try to clean up command and result files");
+ unlink $self->{sql_commandfile} if -f $self->{sql_commandfile};
+ unlink $self->{sql_resultfile} if -f $self->{sql_resultfile};
+}
+
+sub create_commandfile {
+ my $self = shift;
+ my $sql = shift;
+ open CMDCMD, "> $self->{sql_commandfile}";
+ printf CMDCMD "%s\n", $sql;
+ close CMDCMD;
+}
+
+
+package DBD::MySQL::Server::Connection::Sqlrelay;
+
+use strict;
+use Net::Ping;
+
+our @ISA = qw(DBD::MySQL::Server::Connection);
+
+
+sub init {
+ my $self = shift;
+ my %params = @_;
+ my $retval = undef;
+ if ($self->{mode} =~ /^server::tnsping/) {
+ if (! $self->{connect}) {
+ $self->{errstr} = "Please specify a database";
+ } else {
+ if ($self->{connect} =~ /([\.\w]+):(\d+)/) {
+ $self->{host} = $1;
+ $self->{port} = $2;
+ $self->{socket} = "";
+ } elsif ($self->{connect} =~ /([\.\w]+):([\w\/]+)/) {
+ $self->{host} = $1;
+ $self->{socket} = $2;
+ $self->{port} = "";
+ }
+ }
+ } else {
+ if (! $self->{hostname} || ! $self->{username} || ! $self->{password}) {
+ if ($self->{hostname} && $self->{hostname} =~ /(\w+)\/(\w+)@([\.\w]+):(\d+)/) {
+ $self->{username} = $1;
+ $self->{password} = $2;
+ $self->{hostname} = $3;
+ $self->{port} = $4;
+ $self->{socket} = "";
+ } elsif ($self->{hostname} && $self->{hostname} =~ /(\w+)\/(\w+)@([\.\w]+):([\w\/]+)/) {
+ $self->{username} = $1;
+ $self->{password} = $2;
+ $self->{hostname} = $3;
+ $self->{socket} = $4;
+ $self->{port} = "";
+ } else {
+ $self->{errstr} = "Please specify database, username and password";
+ return undef;
+ }
+ } else {
+ if ($self->{hostname} =~ /([\.\w]+):(\d+)/) {
+ $self->{hostname} = $1;
+ $self->{port} = $2;
+ $self->{socket} = "";
+ } elsif ($self->{hostname} =~ /([\.\w]+):([\w\/]+)/) {
+ $self->{hostname} = $1;
+ $self->{socket} = $2;
+ $self->{port} = "";
+ } else {
+ $self->{errstr} = "Please specify hostname, username, password and port/socket";
+ return undef;
+ }
+ }
+ }
+ if (! exists $self->{errstr}) {
+ eval {
+ require DBI;
+ use POSIX ':signal_h';
+ local $SIG{'ALRM'} = sub {
+ die "alarm\n";
+ };
+ my $mask = POSIX::SigSet->new( SIGALRM );
+ my $action = POSIX::SigAction->new(
+ sub { die "alarm\n" ; }, $mask);
+ my $oldaction = POSIX::SigAction->new();
+ sigaction(SIGALRM ,$action ,$oldaction );
+ alarm($self->{timeout} - 1); # 1 second before the global unknown timeout
+ if ($self->{handle} = DBI->connect(
+ sprintf("DBI:SQLRelay:host=%s;port=%d;socket=%s",
+ $self->{hostname}, $self->{port}, $self->{socket}),
+ $self->{username},
+ $self->{password},
+ { RaiseError => 1, AutoCommit => 0, PrintError => 1 })) {
+ $retval = $self;
+ if ($self->{mode} =~ /^server::tnsping/ && $self->{handle}->ping()) {
+ # database connected. fake a "unknown user"
+ $self->{errstr} = "ORA-01017";
+ }
+ } else {
+ $self->{errstr} = DBI::errstr();
+ }
+ };
+ if ($@) {
+ $self->{errstr} = $@;
+ $self->{errstr} =~ s/at [\w\/\.]+ line \d+.*//g;
+ $retval = undef;
+ }
+ }
+ $self->{tac} = Time::HiRes::time();
+ return $retval;
+}
+
+sub fetchrow_array {
+ my $self = shift;
+ my $sql = shift;
+ my @arguments = @_;
+ my $sth = undef;
+ my @row = ();
+ $self->trace(sprintf "fetchrow_array: %s", $sql);
+ eval {
+ $sth = $self->{handle}->prepare($sql);
+ if (scalar(@arguments)) {
+ $sth->execute(@arguments);
+ } else {
+ $sth->execute();
+ }
+ @row = $sth->fetchrow_array();
+ };
+ if ($@) {
+ $self->debug(sprintf "bumm %s", $@);
+ }
+ if (-f "/tmp/check_mysql_health_simulation/".$self->{mode}) {
+ my $simulation = do { local (@ARGV, $/) =
+ "/tmp/check_mysql_health_simulation/".$self->{mode}; <> };
+ @row = split(/\s+/, (split(/\n/, $simulation))[0]);
+ }
+ return $row[0] unless wantarray;
+ return @row;
+}
+
+sub fetchall_array {
+ my $self = shift;
+ my $sql = shift;
+ my @arguments = @_;
+ my $sth = undef;
+ my $rows = undef;
+ $self->trace(sprintf "fetchall_array: %s", $sql);
+ eval {
+ $sth = $self->{handle}->prepare($sql);
+ if (scalar(@arguments)) {
+ $sth->execute(@arguments);
+ } else {
+ $sth->execute();
+ }
+ $rows = $sth->fetchall_arrayref();
+ };
+ if ($@) {
+ printf STDERR "bumm %s\n", $@;
+ }
+ if (-f "/tmp/check_mysql_health_simulation/".$self->{mode}) {
+ my $simulation = do { local (@ARGV, $/) =
+ "/tmp/check_mysql_health_simulation/".$self->{mode}; <> };
+ @{$rows} = map { [ split(/\s+/, $_) ] } split(/\n/, $simulation);
+ }
+ return @{$rows};
+}
+
+sub func {
+ my $self = shift;
+ $self->{handle}->func(@_);
+}
+
+sub execute {
+ my $self = shift;
+ my $sql = shift;
+ eval {
+ my $sth = $self->{handle}->prepare($sql);
+ $sth->execute();
+ };
+ if ($@) {
+ printf STDERR "bumm %s\n", $@;
+ }
+}
+
+sub DESTROY {
+ my $self = shift;
+ #$self->trace(sprintf "disconnecting DBD %s",
+ # $self->{handle} ? "with handle" : "without handle");
+ #$self->{handle}->disconnect() if $self->{handle};
+}
+
+
+
+
+package DBD::MySQL::Cluster;
+
+use strict;
+use Time::HiRes;
+use IO::File;
+use Data::Dumper;
+
+
+{
+ our $verbose = 0;
+ our $scream = 0; # scream if something is not implemented
+ our $access = "dbi"; # how do we access the database.
+ our $my_modules_dyn_dir = ""; # where we look for self-written extensions
+
+ my @clusters = ();
+ my $initerrors = undef;
+
+ sub add_cluster {
+ push(@clusters, shift);
+ }
+
+ sub return_clusters {
+ return @clusters;
+ }
+
+ sub return_first_cluster() {
+ return $clusters[0];
+ }
+
+}
+
+sub new {
+ my $class = shift;
+ my %params = @_;
+ my $self = {
+ hostname => $params{hostname},
+ port => $params{port},
+ username => $params{username},
+ password => $params{password},
+ timeout => $params{timeout},
+ warningrange => $params{warningrange},
+ criticalrange => $params{criticalrange},
+ version => 'unknown',
+ nodes => [],
+ ndbd_nodes => 0,
+ ndb_mgmd_nodes => 0,
+ mysqld_nodes => 0,
+ };
+ bless $self, $class;
+ $self->init_nagios();
+ if ($self->connect(%params)) {
+ DBD::MySQL::Cluster::add_cluster($self);
+ $self->init(%params);
+ }
+ return $self;
+}
+
+sub init {
+ my $self = shift;
+ my %params = @_;
+ if ($self->{show}) {
+ my $type = undef;
+ foreach (split /\n/, $self->{show}) {
+ if (/\[(\w+)\((\w+)\)\]\s+(\d+) node/) {
+ $type = uc $2;
+ } elsif (/id=(\d+)(.*)/) {
+ push(@{$self->{nodes}}, DBD::MySQL::Cluster::Node->new(
+ type => $type,
+ id => $1,
+ status => $2,
+ ));
+ }
+ }
+ } else {
+ }
+ if ($params{mode} =~ /^cluster::ndbdrunning/) {
+ foreach my $node (@{$self->{nodes}}) {
+ $node->{type} eq "NDB" && $node->{status} eq "running" && $self->{ndbd_nodes}++;
+ $node->{type} eq "MGM" && $node->{status} eq "running" && $self->{ndb_mgmd_nodes}++;
+ $node->{type} eq "API" && $node->{status} eq "running" && $self->{mysqld_nodes}++;
+ }
+ } else {
+ printf "broken mode %s\n", $params{mode};
+ }
+}
+
+sub dump {
+ my $self = shift;
+ my $message = shift || "";
+ printf "%s %s\n", $message, Data::Dumper::Dumper($self);
+}
+
+sub nagios {
+ my $self = shift;
+ my %params = @_;
+ my $dead_ndb = 0;
+ my $dead_api = 0;
+ if (! $self->{nagios_level}) {
+ if ($params{mode} =~ /^cluster::ndbdrunning/) {
+ foreach my $node (grep { $_->{type} eq "NDB"} @{$self->{nodes}}) {
+ next if $params{selectname} && $params{selectname} ne $_->{id};
+ if (! $node->{connected}) {
+ $self->add_nagios_critical(
+ sprintf "ndb node %d is not connected", $node->{id});
+ $dead_ndb++;
+ }
+ }
+ foreach my $node (grep { $_->{type} eq "API"} @{$self->{nodes}}) {
+ next if $params{selectname} && $params{selectname} ne $_->{id};
+ if (! $node->{connected}) {
+ $self->add_nagios_critical(
+ sprintf "api node %d is not connected", $node->{id});
+ $dead_api++;
+ }
+ }
+ if (! $dead_ndb) {
+ $self->add_nagios_ok("all ndb nodes are connected");
+ }
+ if (! $dead_api) {
+ $self->add_nagios_ok("all api nodes are connected");
+ }
+ }
+ }
+ $self->add_perfdata(sprintf "ndbd_nodes=%d ndb_mgmd_nodes=%d mysqld_nodes=%d",
+ $self->{ndbd_nodes}, $self->{ndb_mgmd_nodes}, $self->{mysqld_nodes});
+}
+
+
+sub init_nagios {
+ my $self = shift;
+ no strict 'refs';
+ if (! ref($self)) {
+ my $nagiosvar = $self."::nagios";
+ my $nagioslevelvar = $self."::nagios_level";
+ $$nagiosvar = {
+ messages => {
+ 0 => [],
+ 1 => [],
+ 2 => [],
+ 3 => [],
+ },
+ perfdata => [],
+ };
+ $$nagioslevelvar = $ERRORS{OK},
+ } else {
+ $self->{nagios} = {
+ messages => {
+ 0 => [],
+ 1 => [],
+ 2 => [],
+ 3 => [],
+ },
+ perfdata => [],
+ };
+ $self->{nagios_level} = $ERRORS{OK},
+ }
+}
+
+sub check_thresholds {
+ my $self = shift;
+ my $value = shift;
+ my $defaultwarningrange = shift;
+ my $defaultcriticalrange = shift;
+ my $level = $ERRORS{OK};
+ $self->{warningrange} = $self->{warningrange} ?
+ $self->{warningrange} : $defaultwarningrange;
+ $self->{criticalrange} = $self->{criticalrange} ?
+ $self->{criticalrange} : $defaultcriticalrange;
+ if ($self->{warningrange} !~ /:/ && $self->{criticalrange} !~ /:/) {
+ # warning = 10, critical = 20, warn if > 10, crit if > 20
+ $level = $ERRORS{WARNING} if $value > $self->{warningrange};
+ $level = $ERRORS{CRITICAL} if $value > $self->{criticalrange};
+ } elsif ($self->{warningrange} =~ /([\d\.]+):/ &&
+ $self->{criticalrange} =~ /([\d\.]+):/) {
+ # warning = 98:, critical = 95:, warn if < 98, crit if < 95
+ $self->{warningrange} =~ /([\d\.]+):/;
+ $level = $ERRORS{WARNING} if $value < $1;
+ $self->{criticalrange} =~ /([\d\.]+):/;
+ $level = $ERRORS{CRITICAL} if $value < $1;
+ }
+ return $level;
+ #
+ # syntax error must be reported with returncode -1
+ #
+}
+
+sub add_nagios {
+ my $self = shift;
+ my $level = shift;
+ my $message = shift;
+ push(@{$self->{nagios}->{messages}->{$level}}, $message);
+ # recalc current level
+ foreach my $llevel qw(CRITICAL WARNING UNKNOWN OK) {
+ if (scalar(@{$self->{nagios}->{messages}->{$ERRORS{$llevel}}})) {
+ $self->{nagios_level} = $ERRORS{$llevel};
+ }
+ }
+}
+
+sub add_nagios_ok {
+ my $self = shift;
+ my $message = shift;
+ $self->add_nagios($ERRORS{OK}, $message);
+}
+
+sub add_nagios_warning {
+ my $self = shift;
+ my $message = shift;
+ $self->add_nagios($ERRORS{WARNING}, $message);
+}
+
+sub add_nagios_critical {
+ my $self = shift;
+ my $message = shift;
+ $self->add_nagios($ERRORS{CRITICAL}, $message);
+}
+
+sub add_nagios_unknown {
+ my $self = shift;
+ my $message = shift;
+ $self->add_nagios($ERRORS{UNKNOWN}, $message);
+}
+
+sub add_perfdata {
+ my $self = shift;
+ my $data = shift;
+ push(@{$self->{nagios}->{perfdata}}, $data);
+}
+
+sub merge_nagios {
+ my $self = shift;
+ my $child = shift;
+ foreach my $level (0..3) {
+ foreach (@{$child->{nagios}->{messages}->{$level}}) {
+ $self->add_nagios($level, $_);
+ }
+ #push(@{$self->{nagios}->{messages}->{$level}},
+ # @{$child->{nagios}->{messages}->{$level}});
+ }
+ push(@{$self->{nagios}->{perfdata}}, @{$child->{nagios}->{perfdata}});
+}
+
+
+sub calculate_result {
+ my $self = shift;
+ if ($ENV{NRPE_MULTILINESUPPORT} &&
+ length join(" ", @{$self->{nagios}->{perfdata}}) > 200) {
+ foreach my $level ("CRITICAL", "WARNING", "UNKNOWN", "OK") {
+ # first the bad news
+ if (scalar(@{$self->{nagios}->{messages}->{$ERRORS{$level}}})) {
+ $self->{nagios_message} .=
+ "\n".join("\n", @{$self->{nagios}->{messages}->{$ERRORS{$level}}});
+ }
+ }
+ $self->{nagios_message} =~ s/^\n//g;
+ $self->{perfdata} = join("\n", @{$self->{nagios}->{perfdata}});
+ } else {
+ foreach my $level ("CRITICAL", "WARNING", "UNKNOWN", "OK") {
+ # first the bad news
+ if (scalar(@{$self->{nagios}->{messages}->{$ERRORS{$level}}})) {
+ $self->{nagios_message} .=
+ join(", ", @{$self->{nagios}->{messages}->{$ERRORS{$level}}}).", ";
+ }
+ }
+ $self->{nagios_message} =~ s/, $//g;
+ $self->{perfdata} = join(" ", @{$self->{nagios}->{perfdata}});
+ }
+ foreach my $level ("OK", "UNKNOWN", "WARNING", "CRITICAL") {
+ if (scalar(@{$self->{nagios}->{messages}->{$ERRORS{$level}}})) {
+ $self->{nagios_level} = $ERRORS{$level};
+ }
+ }
+}
+
+sub debug {
+ my $self = shift;
+ my $msg = shift;
+ if ($DBD::MySQL::Cluster::verbose) {
+ printf "%s %s\n", $msg, ref($self);
+ }
+}
+
+sub connect {
+ my $self = shift;
+ my %params = @_;
+ my $retval = undef;
+ $self->{tic} = Time::HiRes::time();
+ eval {
+ use POSIX ':signal_h';
+ local $SIG{'ALRM'} = sub {
+ die "alarm\n";
+ };
+ my $mask = POSIX::SigSet->new( SIGALRM );
+ my $action = POSIX::SigAction->new(
+ sub { die "connection timeout\n" ; }, $mask);
+ my $oldaction = POSIX::SigAction->new();
+ sigaction(SIGALRM ,$action ,$oldaction );
+ alarm($self->{timeout} - 1); # 1 second before the global unknown timeout
+ my $ndb_mgm = "ndb_mgm";
+ $params{hostname} = "127.0.0.1" if ! $params{hostname};
+ $ndb_mgm .= sprintf " --ndb-connectstring=%s", $params{hostname}
+ if $params{hostname};
+ $ndb_mgm .= sprintf ":%d", $params{port}
+ if $params{port};
+ $self->{show} = `$ndb_mgm -e show 2>&1`;
+ if ($? == -1) {
+ $self->add_nagios_critical("ndb_mgm failed to execute $!");
+ } elsif ($? & 127) {
+ $self->add_nagios_critical("ndb_mgm failed to execute $!");
+ } elsif ($? >> 8 != 0) {
+ $self->add_nagios_critical("ndb_mgm unable to connect");
+ } else {
+ if ($self->{show} !~ /Cluster Configuration/) {
+ $self->add_nagios_critical("got no cluster configuration");
+ } else {
+ $retval = 1;
+ }
+ }
+ };
+ if ($@) {
+ $self->{errstr} = $@;
+ $self->{errstr} =~ s/at $0 .*//g;
+ chomp $self->{errstr};
+ $self->add_nagios_critical($self->{errstr});
+ $retval = undef;
+ }
+ $self->{tac} = Time::HiRes::time();
+ return $retval;
+}
+
+sub trace {
+ my $self = shift;
+ my $format = shift;
+ $self->{trace} = -f "/tmp/check_mysql_health.trace" ? 1 : 0;
+ if ($self->{verbose}) {
+ printf("%s: ", scalar localtime);
+ printf($format, @_);
+ }
+ if ($self->{trace}) {
+ my $logfh = new IO::File;
+ $logfh->autoflush(1);
+ if ($logfh->open("/tmp/check_mysql_health.trace", "a")) {
+ $logfh->printf("%s: ", scalar localtime);
+ $logfh->printf($format, @_);
+ $logfh->printf("\n");
+ $logfh->close();
+ }
+ }
+}
+
+sub DESTROY {
+ my $self = shift;
+ my $handle1 = "null";
+ my $handle2 = "null";
+ if (defined $self->{handle}) {
+ $handle1 = ref($self->{handle});
+ if (defined $self->{handle}->{handle}) {
+ $handle2 = ref($self->{handle}->{handle});
+ }
+ }
+ $self->trace(sprintf "DESTROY %s with handle %s %s", ref($self), $handle1, $handle2);
+ if (ref($self) eq "DBD::MySQL::Cluster") {
+ }
+ $self->trace(sprintf "DESTROY %s exit with handle %s %s", ref($self), $handle1, $handle2);
+ if (ref($self) eq "DBD::MySQL::Cluster") {
+ #printf "humpftata\n";
+ }
+}
+
+sub save_state {
+ my $self = shift;
+ my %params = @_;
+ my $extension = "";
+ mkdir $params{statefilesdir} unless -d $params{statefilesdir};
+ my $statefile = sprintf "%s/%s_%s",
+ $params{statefilesdir}, $params{hostname}, $params{mode};
+ $extension .= $params{differenciator} ? "_".$params{differenciator} : "";
+ $extension .= $params{socket} ? "_".$params{socket} : "";
+ $extension .= $params{port} ? "_".$params{port} : "";
+ $extension .= $params{database} ? "_".$params{database} : "";
+ $extension .= $params{tablespace} ? "_".$params{tablespace} : "";
+ $extension .= $params{datafile} ? "_".$params{datafile} : "";
+ $extension .= $params{name} ? "_".$params{name} : "";
+ $extension =~ s/\//_/g;
+ $extension =~ s/\(/_/g;
+ $extension =~ s/\)/_/g;
+ $extension =~ s/\*/_/g;
+ $extension =~ s/\s/_/g;
+ $statefile .= $extension;
+ $statefile = lc $statefile;
+ open(STATE, ">$statefile");
+ if ((ref($params{save}) eq "HASH") && exists $params{save}->{timestamp}) {
+ $params{save}->{localtime} = scalar localtime $params{save}->{timestamp};
+ }
+ printf STATE Data::Dumper::Dumper($params{save});
+ close STATE;
+ $self->debug(sprintf "saved %s to %s",
+ Data::Dumper::Dumper($params{save}), $statefile);
+}
+
+sub load_state {
+ my $self = shift;
+ my %params = @_;
+ my $extension = "";
+ my $statefile = sprintf "%s/%s_%s",
+ $params{statefilesdir}, $params{hostname}, $params{mode};
+ $extension .= $params{differenciator} ? "_".$params{differenciator} : "";
+ $extension .= $params{socket} ? "_".$params{socket} : "";
+ $extension .= $params{port} ? "_".$params{port} : "";
+ $extension .= $params{database} ? "_".$params{database} : "";
+ $extension .= $params{tablespace} ? "_".$params{tablespace} : "";
+ $extension .= $params{datafile} ? "_".$params{datafile} : "";
+ $extension .= $params{name} ? "_".$params{name} : "";
+ $extension =~ s/\//_/g;
+ $extension =~ s/\(/_/g;
+ $extension =~ s/\)/_/g;
+ $extension =~ s/\*/_/g;
+ $extension =~ s/\s/_/g;
+ $statefile .= $extension;
+ $statefile = lc $statefile;
+ if ( -f $statefile) {
+ our $VAR1;
+ eval {
+ require $statefile;
+ };
+ if($@) {
+printf "rumms\n";
+ }
+ $self->debug(sprintf "load %s", Data::Dumper::Dumper($VAR1));
+ return $VAR1;
+ } else {
+ return undef;
+ }
+}
+
+sub valdiff {
+ my $self = shift;
+ my $pparams = shift;
+ my %params = %{$pparams};
+ my @keys = @_;
+ my $last_values = $self->load_state(%params) || eval {
+ my $empty_events = {};
+ foreach (@keys) {
+ $empty_events->{$_} = 0;
+ }
+ $empty_events->{timestamp} = 0;
+ $empty_events;
+ };
+ foreach (@keys) {
+ $self->{'delta_'.$_} = $self->{$_} - $last_values->{$_};
+ $self->debug(sprintf "delta_%s %f", $_, $self->{'delta_'.$_});
+ }
+ $self->{'delta_timestamp'} = time - $last_values->{timestamp};
+ $params{save} = eval {
+ my $empty_events = {};
+ foreach (@keys) {
+ $empty_events->{$_} = $self->{$_};
+ }
+ $empty_events->{timestamp} = time;
+ $empty_events;
+ };
+ $self->save_state(%params);
+}
+
+sub requires_version {
+ my $self = shift;
+ my $version = shift;
+ my @instances = DBD::MySQL::Cluster::return_clusters();
+ my $instversion = $instances[0]->{version};
+ if (! $self->version_is_minimum($version)) {
+ $self->add_nagios($ERRORS{UNKNOWN},
+ sprintf "not implemented/possible for MySQL release %s", $instversion);
+ }
+}
+
+sub version_is_minimum {
+ # the current version is newer or equal
+ my $self = shift;
+ my $version = shift;
+ my $newer = 1;
+ my @instances = DBD::MySQL::Cluster::return_clusters();
+ my @v1 = map { $_ eq "x" ? 0 : $_ } split(/\./, $version);
+ my @v2 = split(/\./, $instances[0]->{version});
+ if (scalar(@v1) > scalar(@v2)) {
+ push(@v2, (0) x (scalar(@v1) - scalar(@v2)));
+ } elsif (scalar(@v2) > scalar(@v1)) {
+ push(@v1, (0) x (scalar(@v2) - scalar(@v1)));
+ }
+ foreach my $pos (0..$#v1) {
+ if ($v2[$pos] > $v1[$pos]) {
+ $newer = 1;
+ last;
+ } elsif ($v2[$pos] < $v1[$pos]) {
+ $newer = 0;
+ last;
+ }
+ }
+ #printf STDERR "check if %s os minimum %s\n", join(".", @v2), join(".", @v1);
+ return $newer;
+}
+
+sub instance_rac {
+ my $self = shift;
+ my @instances = DBD::MySQL::Cluster::return_clusters();
+ return (lc $instances[0]->{parallel} eq "yes") ? 1 : 0;
+}
+
+sub instance_thread {
+ my $self = shift;
+ my @instances = DBD::MySQL::Cluster::return_clusters();
+ return $instances[0]->{thread};
+}
+
+sub windows_cluster {
+ my $self = shift;
+ my @instances = DBD::MySQL::Cluster::return_clusters();
+ if ($instances[0]->{os} =~ /Win/i) {
+ return 1;
+ } else {
+ return 0;
+ }
+}
+
+sub system_vartmpdir {
+ my $self = shift;
+ if ($^O =~ /MSWin/) {
+ return $self->system_tmpdir();
+ } else {
+ return "/var/tmp/check_mysql_health";
+ }
+}
+
+sub system_oldvartmpdir {
+ my $self = shift;
+ return "/tmp";
+}
+
+sub system_tmpdir {
+ my $self = shift;
+ if ($^O =~ /MSWin/) {
+ return $ENV{TEMP} if defined $ENV{TEMP};
+ return $ENV{TMP} if defined $ENV{TMP};
+ return File::Spec->catfile($ENV{windir}, 'Temp')
+ if defined $ENV{windir};
+ return 'C:\Temp';
+ } else {
+ return "/tmp";
+ }
+}
+
+
+package DBD::MySQL::Cluster::Node;
+
+use strict;
+
+our @ISA = qw(DBD::MySQL::Cluster);
+
+
+sub new {
+ my $class = shift;
+ my %params = @_;
+ my $self = {
+ mode => $params{mode},
+ timeout => $params{timeout},
+ type => $params{type},
+ id => $params{id},
+ status => $params{status},
+ };
+ bless $self, $class;
+ $self->init(%params);
+ if ($params{type} eq "NDB") {
+ bless $self, "DBD::MySQL::Cluster::Node::NDB";
+ $self->init(%params);
+ }
+ return $self;
+}
+
+sub init {
+ my $self = shift;
+ my %params = @_;
+ if ($self->{status} =~ /@(\d+\.\d+\.\d+\.\d+)\s/) {
+ $self->{addr} = $1;
+ $self->{connected} = 1;
+ } elsif ($self->{status} =~ /accepting connect from (\d+\.\d+\.\d+\.\d+)/) {
+ $self->{addr} = $1;
+ $self->{connected} = 0;
+ }
+ if ($self->{status} =~ /starting,/) {
+ $self->{status} = "starting";
+ } elsif ($self->{status} =~ /shutting,/) {
+ $self->{status} = "shutting";
+ } else {
+ $self->{status} = $self->{connected} ? "running" : "dead";
+ }
+}
+
+
+package DBD::MySQL::Cluster::Node::NDB;
+
+use strict;
+
+our @ISA = qw(DBD::MySQL::Cluster::Node);
+
+
+sub init {
+ my $self = shift;
+ my %params = @_;
+ if ($self->{status} =~ /Nodegroup:\s*(\d+)/) {
+ $self->{nodegroup} = $1;
+ }
+ $self->{master} = ($self->{status} =~ /Master\)/) ? 1 : 0;
+}
+
+
+package Extraopts;
+
+use strict;
+use File::Basename;
+use Data::Dumper;
+
+sub new {
+ my $class = shift;
+ my %params = @_;
+ my $self = {
+ file => $params{file},
+ commandline => $params{commandline},
+ config => {},
+ section => 'default_no_section',
+ };
+ bless $self, $class;
+ $self->prepare_file_and_section();
+ $self->init();
+ return $self;
+}
+
+sub prepare_file_and_section {
+ my $self = shift;
+ if (! defined $self->{file}) {
+ # ./check_stuff --extra-opts
+ $self->{section} = basename($0);
+ $self->{file} = $self->get_default_file();
+ } elsif ($self->{file} =~ /^[^@]+$/) {
+ # ./check_stuff --extra-opts=special_opts
+ $self->{section} = $self->{file};
+ $self->{file} = $self->get_default_file();
+ } elsif ($self->{file} =~ /^@(.*)/) {
+ # ./check_stuff --extra-opts=@/etc/myconfig.ini
+ $self->{section} = basename($0);
+ $self->{file} = $1;
+ } elsif ($self->{file} =~ /^(.*?)@(.*)/) {
+ # ./check_stuff --extra-opts=special_opts@/etc/myconfig.ini
+ $self->{section} = $1;
+ $self->{file} = $2;
+ }
+}
+
+sub get_default_file {
+ my $self = shift;
+ foreach my $default (qw(/etc/nagios/plugins.ini
+ /usr/local/nagios/etc/plugins.ini
+ /usr/local/etc/nagios/plugins.ini
+ /etc/opt/nagios/plugins.ini
+ /etc/nagios-plugins.ini
+ /usr/local/etc/nagios-plugins.ini
+ /etc/opt/nagios-plugins.ini)) {
+ if (-f $default) {
+ return $default;
+ }
+ }
+ return undef;
+}
+
+sub init {
+ my $self = shift;
+ if (! defined $self->{file}) {
+ $self->{errors} = sprintf 'no extra-opts file specified and no default file found';
+ } elsif (! -f $self->{file}) {
+ $self->{errors} = sprintf 'could not open %s', $self->{file};
+ } else {
+ my $data = do { local (@ARGV, $/) = $self->{file}; <> };
+ my $in_section = 'default_no_section';
+ foreach my $line (split(/\n/, $data)) {
+ if ($line =~ /\[(.*)\]/) {
+ $in_section = $1;
+ } elsif ($line =~ /(.*?)\s*=\s*(.*)/) {
+ $self->{config}->{$in_section}->{$1} = $2;
+ }
+ }
+ }
+}
+
+sub is_valid {
+ my $self = shift;
+ return ! exists $self->{errors};
+}
+
+sub overwrite {
+ my $self = shift;
+ my %commandline = ();
+ if (scalar(keys %{$self->{config}->{default_no_section}}) > 0) {
+ foreach (keys %{$self->{config}->{default_no_section}}) {
+ $commandline{$_} = $self->{config}->{default_no_section}->{$_};
+ }
+ }
+ if (exists $self->{config}->{$self->{section}}) {
+ foreach (keys %{$self->{config}->{$self->{section}}}) {
+ $commandline{$_} = $self->{config}->{$self->{section}}->{$_};
+ }
+ }
+ foreach (keys %commandline) {
+ if (! exists $self->{commandline}->{$_}) {
+ $self->{commandline}->{$_} = $commandline{$_};
+ }
+ }
+}
+
+
+
+package main;
+
+use strict;
+use Getopt::Long qw(:config no_ignore_case);
+use File::Basename;
+use lib dirname($0);
+
+
+
+use vars qw ($PROGNAME $REVISION $CONTACT $TIMEOUT $STATEFILESDIR $needs_restart %commandline);
+
+$PROGNAME = "check_mysql_health";
+$REVISION = '$Revision: 2.1.7 $';
+$CONTACT = 'gerhard.lausser@consol.de';
+$TIMEOUT = 60;
+$STATEFILESDIR = '/var/tmp/check_mysql_health';
+$needs_restart = 0;
+
+my @modes = (
+ ['server::connectiontime',
+ 'connection-time', undef,
+ 'Time to connect to the server' ],
+ ['server::uptime',
+ 'uptime', undef,
+ 'Time the server is running' ],
+ ['server::instance::connectedthreads',
+ 'threads-connected', undef,
+ 'Number of currently open connections' ],
+ ['server::instance::threadcachehitrate',
+ 'threadcache-hitrate', undef,
+ 'Hit rate of the thread-cache' ],
+ ['server::instance::createdthreads',
+ 'threads-created', undef,
+ 'Number of threads created per sec' ],
+ ['server::instance::runningthreads',
+ 'threads-running', undef,
+ 'Number of currently running threads' ],
+ ['server::instance::cachedthreads',
+ 'threads-cached', undef,
+ 'Number of currently cached threads' ],
+ ['server::instance::abortedconnects',
+ 'connects-aborted', undef,
+ 'Number of aborted connections per sec' ],
+ ['server::instance::abortedclients',
+ 'clients-aborted', undef,
+ 'Number of aborted connections (because the client died) per sec' ],
+ ['server::instance::replication::slavelag',
+ 'slave-lag', ['replication-slave-lag'],
+ 'Seconds behind master' ],
+ ['server::instance::replication::slaveiorunning',
+ 'slave-io-running', ['replication-slave-io-running'],
+ 'Slave io running: Yes' ],
+ ['server::instance::replication::slavesqlrunning',
+ 'slave-sql-running', ['replication-slave-sql-running'],
+ 'Slave sql running: Yes' ],
+ ['server::instance::querycachehitrate',
+ 'qcache-hitrate', ['querycache-hitrate'],
+ 'Query cache hitrate' ],
+ ['server::instance::querycachelowmemprunes',
+ 'qcache-lowmem-prunes', ['querycache-lowmem-prunes'],
+ 'Query cache entries pruned because of low memory' ],
+ ['server::instance::myisam::keycache::hitrate',
+ 'keycache-hitrate', ['myisam-keycache-hitrate'],
+ 'MyISAM key cache hitrate' ],
+ ['server::instance::innodb::bufferpool::hitrate',
+ 'bufferpool-hitrate', ['innodb-bufferpool-hitrate'],
+ 'InnoDB buffer pool hitrate' ],
+ ['server::instance::innodb::bufferpool::waitfree',
+ 'bufferpool-wait-free', ['innodb-bufferpool-wait-free'],
+ 'InnoDB buffer pool waits for clean page available' ],
+ ['server::instance::innodb::logwaits',
+ 'log-waits', ['innodb-log-waits'],
+ 'InnoDB log waits because of a too small log buffer' ],
+ ['server::instance::tablecachehitrate',
+ 'tablecache-hitrate', undef,
+ 'Table cache hitrate' ],
+ ['server::instance::tablelockcontention',
+ 'table-lock-contention', undef,
+ 'Table lock contention' ],
+ ['server::instance::tableindexusage',
+ 'index-usage', undef,
+ 'Usage of indices' ],
+ ['server::instance::tabletmpondisk',
+ 'tmp-disk-tables', undef,
+ 'Percent of temp tables created on disk' ],
+ ['server::instance::needoptimize',
+ 'table-fragmentation', undef,
+ 'Show tables which should be optimized' ],
+ ['server::instance::openfiles',
+ 'open-files', undef,
+ 'Percent of opened files' ],
+ ['server::instance::slowqueries',
+ 'slow-queries', undef,
+ 'Slow queries' ],
+ ['server::instance::longprocs',
+ 'long-running-procs', undef,
+ 'long running processes' ],
+ ['cluster::ndbdrunning',
+ 'cluster-ndbd-running', undef,
+ 'ndnd nodes are up and running' ],
+ ['server::sql',
+ 'sql', undef,
+ 'any sql command returning a single number' ],
+);
+
+# rrd data store names are limited to 19 characters
+my %labels = (
+ bufferpool_hitrate => {
+ groundwork => 'bp_hitrate',
+ },
+ bufferpool_hitrate_now => {
+ groundwork => 'bp_hitrate_now',
+ },
+ bufferpool_free_waits_rate => {
+ groundwork => 'bp_freewaits',
+ },
+ innodb_log_waits_rate => {
+ groundwork => 'inno_log_waits',
+ },
+ keycache_hitrate => {
+ groundwork => 'kc_hitrate',
+ },
+ keycache_hitrate_now => {
+ groundwork => 'kc_hitrate_now',
+ },
+ threads_created_per_sec => {
+ groundwork => 'thrds_creat_per_s',
+ },
+ connects_aborted_per_sec => {
+ groundwork => 'conn_abrt_per_s',
+ },
+ clients_aborted_per_sec => {
+ groundwork => 'clnt_abrt_per_s',
+ },
+ thread_cache_hitrate => {
+ groundwork => 'tc_hitrate',
+ },
+ thread_cache_hitrate_now => {
+ groundwork => 'tc_hitrate_now',
+ },
+ qcache_lowmem_prunes_rate => {
+ groundwork => 'qc_lowm_prnsrate',
+ },
+ slow_queries_rate => {
+ groundwork => 'slow_q_rate',
+ },
+ tablecache_hitrate => {
+ groundwork => 'tac_hitrate',
+ },
+ tablecache_fillrate => {
+ groundwork => 'tac_fillrate',
+ },
+ tablelock_contention => {
+ groundwork => 'tl_contention',
+ },
+ tablelock_contention_now => {
+ groundwork => 'tl_contention_now',
+ },
+ pct_tmp_table_on_disk => {
+ groundwork => 'tmptab_on_disk',
+ },
+ pct_tmp_table_on_disk_now => {
+ groundwork => 'tmptab_on_disk_now',
+ },
+);
+
+sub print_usage () {
+ print <<EOUS;
+ Usage:
+ $PROGNAME [-v] [-t <timeout>] [[--hostname <hostname>]
+ [--port <port> | --socket <socket>]
+ --username <username> --password <password>] --mode <mode>
+ [--method mysql]
+ $PROGNAME [-h | --help]
+ $PROGNAME [-V | --version]
+
+ Options:
+ --hostname
+ the database server's hostname
+ --port
+ the database's port. (default: 3306)
+ --socket
+ the database's unix socket.
+ --username
+ the mysql db user
+ --password
+ the mysql db user's password
+ --database
+ the database's name. (default: information_schema)
+ --warning
+ the warning range
+ --critical
+ the critical range
+ --mode
+ the mode of the plugin. select one of the following keywords:
+EOUS
+ my $longest = length ((reverse sort {length $a <=> length $b} map { $_->[1] } @modes)[0]);
+ my $format = " %-".
+ (length ((reverse sort {length $a <=> length $b} map { $_->[1] } @modes)[0])).
+ "s\t(%s)\n";
+ foreach (@modes) {
+ printf $format, $_->[1], $_->[3];
+ }
+ printf "\n";
+ print <<EOUS;
+ --name
+ the name of something that needs to be further specified,
+ currently only used for sql statements
+ --name2
+ if name is a sql statement, this statement would appear in
+ the output and the performance data. This can be ugly, so
+ name2 can be used to appear instead.
+ --regexp
+ if this parameter is used, name will be interpreted as a
+ regular expression.
+ --units
+ one of %, KB, MB, GB. This is used for a better output of mode=sql
+ and for specifying thresholds for mode=tablespace-free
+ --labelformat
+ one of pnp4nagios (which is the default) or groundwork.
+ It is used to shorten performance data labels to 19 characters.
+
+ In mode sql you can url-encode the statement so you will not have to mess
+ around with special characters in your Nagios service definitions.
+ Instead of
+ --name="select count(*) from v\$session where status = 'ACTIVE'"
+ you can say
+ --name=select%20count%28%2A%29%20from%20v%24session%20where%20status%20%3D%20%27ACTIVE%27
+ For your convenience you can call check_mysql_health with the --mode encode
+ option and it will encode the standard input.
+
+ You can find the full documentation at
+ http://www.consol.de/opensource/nagios/check-mysql-health
+
+EOUS
+
+}
+
+sub print_help () {
+ print "Copyright (c) 2009 Gerhard Lausser\n\n";
+ print "\n";
+ print " Check various parameters of MySQL databases \n";
+ print "\n";
+ print_usage();
+ support();
+}
+
+
+sub print_revision ($$) {
+ my $commandName = shift;
+ my $pluginRevision = shift;
+ $pluginRevision =~ s/^\$Revision: //;
+ $pluginRevision =~ s/ \$\s*$//;
+ print "$commandName ($pluginRevision)\n";
+ print "This nagios plugin comes with ABSOLUTELY NO WARRANTY. You may redistribute\ncopies of this plugin under the terms of the GNU General Public License.\n";
+}
+
+sub support () {
+ my $support='Send email to gerhard.lausser@consol.de if you have questions\nregarding use of this software. \nPlease include version information with all correspondence (when possible,\nuse output from the --version option of the plugin itself).\n';
+ $support =~ s/@/\@/g;
+ $support =~ s/\\n/\n/g;
+ print $support;
+}
+
+sub contact_author ($$) {
+ my $item = shift;
+ my $strangepattern = shift;
+ if ($commandline{verbose}) {
+ printf STDERR
+ "++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++\n".
+ "You found a line which is not recognized by %s\n".
+ "This means, certain components of your system cannot be checked.\n".
+ "Please contact the author %s and\nsend him the following output:\n\n".
+ "%s /%s/\n\nThank you!\n".
+ "++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++\n",
+ $PROGNAME, $CONTACT, $item, $strangepattern;
+ }
+}
+
+%commandline = ();
+my @params = (
+ "timeout|t=i",
+ "version|V",
+ "help|h",
+ "verbose|v",
+ "debug|d",
+ "hostname|H=s",
+ "database=s",
+ "port|P=s",
+ "socket|S=s",
+ "username|u=s",
+ "password|p=s",
+ "mode|m=s",
+ "name=s",
+ "name2=s",
+ "regexp",
+ "perfdata",
+ "warning=s",
+ "critical=s",
+ "dbthresholds:s",
+ "absolute|a",
+ "environment|e=s%",
+ "method=s",
+ "runas|r=s",
+ "scream",
+ "shell",
+ "eyecandy",
+ "encode",
+ "units=s",
+ "lookback=i",
+ "3",
+ "statefilesdir=s",
+ "with-mymodules-dyn-dir=s",
+ "report=s",
+ "labelformat=s",
+ "extra-opts:s");
+
+if (! GetOptions(\%commandline, @params)) {
+ print_help();
+ exit $ERRORS{UNKNOWN};
+}
+
+if (exists $commandline{'extra-opts'}) {
+ # read the extra file and overwrite other parameters
+ my $extras = Extraopts->new(file => $commandline{'extra-opts'}, commandline =>
+ \%commandline);
+ if (! $extras->is_valid()) {
+ printf "extra-opts are not valid: %s\n", $extras->{errors};
+ exit $ERRORS{UNKNOWN};
+ } else {
+ $extras->overwrite();
+ }
+}
+
+if (exists $commandline{version}) {
+ print_revision($PROGNAME, $REVISION);
+ exit $ERRORS{OK};
+}
+
+if (exists $commandline{help}) {
+ print_help();
+ exit $ERRORS{OK};
+} elsif (! exists $commandline{mode}) {
+ printf "Please select a mode\n";
+ print_help();
+ exit $ERRORS{OK};
+}
+
+if ($commandline{mode} eq "encode") {
+ my $input = <>;
+ chomp $input;
+ $input =~ s/([^A-Za-z0-9])/sprintf("%%%02X", ord($1))/seg;
+ printf "%s\n", $input;
+ exit $ERRORS{OK};
+}
+
+if (exists $commandline{3}) {
+ $ENV{NRPE_MULTILINESUPPORT} = 1;
+}
+
+if (exists $commandline{timeout}) {
+ $TIMEOUT = $commandline{timeout};
+}
+
+if (exists $commandline{verbose}) {
+ $DBD::MySQL::Server::verbose = exists $commandline{verbose};
+}
+
+if (exists $commandline{scream}) {
+# $DBD::MySQL::Server::hysterical = exists $commandline{scream};
+}
+
+if (exists $commandline{method}) {
+ # snmp or mysql cmdline
+} else {
+ $commandline{method} = "dbi";
+}
+
+if (exists $commandline{report}) {
+ # short, long, html
+} else {
+ $commandline{report} = "long";
+}
+
+if (exists $commandline{labelformat}) {
+ # groundwork
+} else {
+ $commandline{labelformat} = "pnp4nagios";
+}
+
+if (exists $commandline{'with-mymodules-dyn-dir'}) {
+ $DBD::MySQL::Server::my_modules_dyn_dir = $commandline{'with-mymodules-dyn-dir'};
+} else {
+ $DBD::MySQL::Server::my_modules_dyn_dir = '/usr/local/nagios/libexec';
+}
+
+if (exists $commandline{environment}) {
+ # if the desired environment variable values are different from
+ # the environment of this running script, then a restart is necessary.
+ # because setting $ENV does _not_ change the environment of the running script.
+ foreach (keys %{$commandline{environment}}) {
+ if ((! $ENV{$_}) || ($ENV{$_} ne $commandline{environment}->{$_})) {
+ $needs_restart = 1;
+ $ENV{$_} = $commandline{environment}->{$_};
+ printf STDERR "new %s=%s forces restart\n", $_, $ENV{$_}
+ if $DBD::MySQL::Server::verbose;
+ }
+ }
+ # e.g. called with --runas dbnagio. shlib_path environment variable is stripped
+ # during the sudo.
+ # so the perl interpreter starts without a shlib_path. but --runas cares for
+ # a --environment shlib_path=...
+ # so setting the environment variable in the code above and restarting the
+ # perl interpreter will help it find shared libs
+}
+
+if (exists $commandline{runas}) {
+ # remove the runas parameter
+ # exec sudo $0 ... the remaining parameters
+ $needs_restart = 1;
+ # if the calling script has a path for shared libs and there is no --environment
+ # parameter then the called script surely needs the variable too.
+ foreach my $important_env qw(LD_LIBRARY_PATH SHLIB_PATH
+ ORACLE_HOME TNS_ADMIN ORA_NLS ORA_NLS33 ORA_NLS10) {
+ if ($ENV{$important_env} && ! scalar(grep { /^$important_env=/ }
+ keys %{$commandline{environment}})) {
+ $commandline{environment}->{$important_env} = $ENV{$important_env};
+ printf STDERR "add important --environment %s=%s\n",
+ $important_env, $ENV{$important_env} if $DBD::MySQL::Server::verbose;
+ }
+ }
+}
+
+if ($needs_restart) {
+ my @newargv = ();
+ my $runas = undef;
+ if (exists $commandline{runas}) {
+ $runas = $commandline{runas};
+ delete $commandline{runas};
+ }
+ foreach my $option (keys %commandline) {
+ if (grep { /^$option/ && /=/ } @params) {
+ if (ref ($commandline{$option}) eq "HASH") {
+ foreach (keys %{$commandline{$option}}) {
+ push(@newargv, sprintf "--%s", $option);
+ push(@newargv, sprintf "%s=%s", $_, $commandline{$option}->{$_});
+ }
+ } else {
+ push(@newargv, sprintf "--%s", $option);
+ push(@newargv, sprintf "%s", $commandline{$option});
+ }
+ } else {
+ push(@newargv, sprintf "--%s", $option);
+ }
+ }
+ if ($runas) {
+ exec "sudo", "-S", "-u", $runas, $0, @newargv;
+ } else {
+ exec $0, @newargv;
+ # this makes sure that even a SHLIB or LD_LIBRARY_PATH are set correctly
+ # when the perl interpreter starts. Setting them during runtime does not
+ # help loading e.g. libclntsh.so
+ }
+ exit;
+}
+
+if (exists $commandline{shell}) {
+ # forget what you see here.
+ system("/bin/sh");
+}
+
+if (! exists $commandline{statefilesdir}) {
+ if (exists $ENV{OMD_ROOT}) {
+ $commandline{statefilesdir} = $ENV{OMD_ROOT}."/var/tmp/check_mysql_health";
+ } else {
+ $commandline{statefilesdir} = $STATEFILESDIR;
+ }
+}
+
+if (exists $commandline{name}) {
+ # objects can be encoded like an url
+ # with s/([^A-Za-z0-9])/sprintf("%%%02X", ord($1))/seg;
+ if (($commandline{mode} ne "sql") ||
+ (($commandline{mode} eq "sql") &&
+ ($commandline{name} =~ /select%20/i))) { # protect ... like '%cac%' ... from decoding
+ $commandline{name} =~ s/\%([A-Fa-f0-9]{2})/pack('C', hex($1))/seg;
+ }
+ if ($commandline{name} =~ /^0$/) {
+ # without this, $params{selectname} would be treated like undef
+ $commandline{name} = "00";
+ }
+}
+
+$SIG{'ALRM'} = sub {
+ printf "UNKNOWN - %s timed out after %d seconds\n", $PROGNAME, $TIMEOUT;
+ exit $ERRORS{UNKNOWN};
+};
+alarm($TIMEOUT);
+
+my $nagios_level = $ERRORS{UNKNOWN};
+my $nagios_message = "";
+my $perfdata = "";
+if ($commandline{mode} =~ /^my-([^\-.]+)/) {
+ my $param = $commandline{mode};
+ $param =~ s/\-/::/g;
+ push(@modes, [$param, $commandline{mode}, undef, 'my extension']);
+} elsif ((! grep { $commandline{mode} eq $_ } map { $_->[1] } @modes) &&
+ (! grep { $commandline{mode} eq $_ } map { defined $_->[2] ? @{$_->[2]} : () } @modes)) {
+ printf "UNKNOWN - mode %s\n", $commandline{mode};
+ print_usage();
+ exit 3;
+}
+
+my %params = (
+ timeout => $TIMEOUT,
+ mode => (
+ map { $_->[0] }
+ grep {
+ ($commandline{mode} eq $_->[1]) ||
+ ( defined $_->[2] && grep { $commandline{mode} eq $_ } @{$_->[2]})
+ } @modes
+ )[0],
+ cmdlinemode => $commandline{mode},
+ method => $commandline{method} ||
+ $ENV{NAGIOS__SERVICEMYSQL_METH} ||
+ $ENV{NAGIOS__HOSTMYSQL_METH} || 'dbi',
+ hostname => $commandline{hostname} ||
+ $ENV{NAGIOS__SERVICEMYSQL_HOST} ||
+ $ENV{NAGIOS__HOSTMYSQL_HOST} || 'localhost',
+ database => $commandline{database} ||
+ $ENV{NAGIOS__SERVICEMYSQL_DATABASE} ||
+ $ENV{NAGIOS__HOSTMYSQL_DATABASE} || 'information_schema',
+ port => $commandline{port} || (($commandline{mode} =~ /^cluster/) ?
+ ($ENV{NAGIOS__SERVICENDBMGM_PORT} || $ENV{NAGIOS__HOSTNDBMGM_PORT} || 1186) :
+ ($ENV{NAGIOS__SERVICEMYSQL_PORT} || $ENV{NAGIOS__HOSTMYSQL_PORT} || 3306)),
+ socket => $commandline{socket} ||
+ $ENV{NAGIOS__SERVICEMYSQL_SOCKET} ||
+ $ENV{NAGIOS__HOSTMYSQL_SOCKET},
+ username => $commandline{username} ||
+ $ENV{NAGIOS__SERVICEMYSQL_USER} ||
+ $ENV{NAGIOS__HOSTMYSQL_USER},
+ password => $commandline{password} ||
+ $ENV{NAGIOS__SERVICEMYSQL_PASS} ||
+ $ENV{NAGIOS__HOSTMYSQL_PASS},
+ warningrange => $commandline{warning},
+ criticalrange => $commandline{critical},
+ dbthresholds => $commandline{dbthresholds},
+ absolute => $commandline{absolute},
+ lookback => $commandline{lookback},
+ selectname => $commandline{name} || $commandline{tablespace} || $commandline{datafile},
+ regexp => $commandline{regexp},
+ name => $commandline{name},
+ name2 => $commandline{name2} || $commandline{name},
+ units => $commandline{units},
+ lookback => $commandline{lookback} || 0,
+ eyecandy => $commandline{eyecandy},
+ statefilesdir => $commandline{statefilesdir},
+ verbose => $commandline{verbose},
+ report => $commandline{report},
+ labelformat => $commandline{labelformat},
+);
+
+my $server = undef;
+my $cluster = undef;
+
+if ($params{mode} =~ /^(server|my)/) {
+ $server = DBD::MySQL::Server->new(%params);
+ $server->nagios(%params);
+ $server->calculate_result(\%labels);
+ $nagios_message = $server->{nagios_message};
+ $nagios_level = $server->{nagios_level};
+ $perfdata = $server->{perfdata};
+} elsif ($params{mode} =~ /^cluster/) {
+ $cluster = DBD::MySQL::Cluster->new(%params);
+ $cluster->nagios(%params);
+ $cluster->calculate_result(\%labels);
+ $nagios_message = $cluster->{nagios_message};
+ $nagios_level = $cluster->{nagios_level};
+ $perfdata = $cluster->{perfdata};
+}
+
+printf "%s - %s", $ERRORCODES{$nagios_level}, $nagios_message;
+printf " | %s", $perfdata if $perfdata;
+printf "\n";
+exit $nagios_level;
+
+
+__END__
+
+
diff --git a/puppet/modules/nagios/files/plugins/check_openvpn_server.pl b/puppet/modules/nagios/files/plugins/check_openvpn_server.pl
new file mode 100755
index 00000000..b74ace89
--- /dev/null
+++ b/puppet/modules/nagios/files/plugins/check_openvpn_server.pl
@@ -0,0 +1,109 @@
+#!/usr/bin/perl
+#
+# Filaname: check_openvpn
+# Created: 2012-06-15
+# Website: http://blog.kernelpicnic.net
+#
+# Description:
+# This script is for verifying the status of an OpenVPN daemon. It has been
+# written to integrate directly with Nagios / Opsview.
+#
+# Usage:
+# check_openvpn [OPTIONS]...
+#
+# -H, --hostname Host to check
+# -p, --port Port number to check
+# -h, --help Display help.
+#
+#############################################################################
+
+# Custom library path for Nagis modules.
+use lib qw ( /usr/local/nagios/perl/lib );
+
+# Enforce sanity.
+use strict;
+use warnings;
+
+# Required modules.
+use Getopt::Long qw(:config no_ignore_case);
+use Nagios::Plugin;
+use IO::Socket;
+
+# Define defaults.
+my $help = 0;
+my $timeout = 5;
+
+# Ensure required variables are set.
+my($hostname, $port);
+
+my $options = GetOptions(
+ "hostname|H=s" => \$hostname,
+ "timeout|t=s" => \$timeout,
+ "port|p=s" => \$port,
+ "help|h" => \$help,
+);
+
+# Check if help has been requested.
+if($help || !$hostname || !$port) {
+
+ printf("\n");
+ printf("Usage: check_openvpn [OPTIONS]...\n\n");
+ printf(" -H, --hostname Host to check\n");
+ printf(" -p, --port Port number to check\n");
+ printf(" -h, --help This help page\n");
+ printf(" -t, --timeout Socket timeout\n");
+ printf("\n");
+
+ exit(-1);
+
+}
+
+# Setup a new Nagios::Plugin object.
+my $nagios = Nagios::Plugin->new();
+
+# Define the check string to send to the OpenVPN server - as binary due
+# to non-printable characters.
+my $check_string = "001110000011001010010010011011101000000100010001110"
+ ."100110110101010110011000000000000000000000000000000"
+ ."0000000000";
+
+# Attempt to setup a socket to the specified host.
+my $host_sock = IO::Socket::INET->new(
+ Proto => 'udp',
+ PeerAddr => $hostname,
+ PeerPort => $port,
+);
+
+# Ensure we have a socket.
+if(!$host_sock) {
+ $nagios->nagios_exit(UNKNOWN, "Unable to bind socket");
+}
+
+# Fire off the check request.
+$host_sock->send(pack("B*", $check_string));
+
+# Wait for $timeout for response for a response, otherwise, fail.
+my $response;
+
+eval {
+
+ # Define how to handle ALARM.
+ local $SIG{ALRM} = sub {
+ $nagios->nagios_exit(CRITICAL, "No response received");
+ };
+
+ # Set the alarm for the given timeout value.
+ alarm($timeout);
+
+ # Check for response.
+ $host_sock->recv($response, 1)
+ or $nagios->nagios_exit(CRITICAL, "No response received");
+
+ # Alright, response received, cancel alarm.
+ alarm(0);
+ 1;
+
+};
+
+# Reply received, return okay.
+$nagios->nagios_exit(OK, "Response received from host");
diff --git a/puppet/modules/nagios/files/plugins/check_pop3_login b/puppet/modules/nagios/files/plugins/check_pop3_login
new file mode 100644
index 00000000..4eb29b88
--- /dev/null
+++ b/puppet/modules/nagios/files/plugins/check_pop3_login
@@ -0,0 +1,83 @@
+#!/usr/bin/python
+# -*- coding: UTF-8 -*-
+# -*- Mode: Python -*-
+#
+# Copyright (C) 2006 Bertera Pietro <pietro@bertera.it>
+# Copyright (C) 2015 mh <mh@immerda.ch>
+# Response time monitoring with perfdata modification by Ivan Savcic <isavcic@gmail.com> and Milos Buncic, 2012.
+# Derived from: https://github.com/isavcic/check_imap_login
+
+# This file may be distributed and/or modified under the terms of
+# the GNU General Public License version 2 as published by
+# the Free Software Foundation.
+# This file is distributed without any warranty; without even the implied
+# warranty of merchantability or fitness for a particular purpose.
+
+import sys, os, poplib, getopt
+from time import time
+
+def usage():
+ print sys.argv[0] + " -u <user> -p <password> -H <host> [-s] -w <warning threshold (sec)> -c <critical threshold (sec)>\n -s is for using POP3s"
+
+def main():
+ try:
+ opts, args = getopt.getopt(sys.argv[1:], "u:p:sH:w:c:")
+ except getopt.GetoptError:
+ usage()
+ return 3
+
+ user = host = password = use_ssl = warning = critical = None
+
+ for o, a in opts:
+ if o == "-u":
+ user = a
+ elif o == "-p":
+ password = a
+ elif o == "-s":
+ use_ssl = True
+ elif o == "-H":
+ host = a
+ elif o == "-w":
+ warning = float(a)
+ elif o == "-c":
+ critical = float(a)
+
+ if user == None or password == None or host == None or warning == None or critical == None:
+ usage()
+ return 1
+
+ if use_ssl:
+ M = poplib.POP3_SSL(host=host)
+ else:
+ M = poplib.POP3(host)
+
+ timestamp = time()
+
+ try:
+ M.getwelcome()
+ M.user(user)
+ M.pass_(password)
+ except Exception, e:
+ print "CRITICAL POP3 Login Failed: %s" % e
+ return 2
+
+ M.quit()
+
+ timestamp = time() - timestamp
+
+ if timestamp < warning:
+ status = "OK"
+ exitcode = 0
+ if timestamp >= warning:
+ status = "WARNING"
+ exitcode = 1
+ if timestamp >= critical:
+ status = "CRITICAL"
+ exitcode = 2
+
+ print '%s POP3 Login | response_time=%.3fs;%.3f;%.3f' % (status, timestamp, warning, critical)
+
+ return exitcode
+
+if __name__ == "__main__":
+ sys.exit(main())
diff --git a/puppet/modules/nagios/files/pnp4nagios/action.gif b/puppet/modules/nagios/files/pnp4nagios/action.gif
new file mode 100644
index 00000000..96571a40
--- /dev/null
+++ b/puppet/modules/nagios/files/pnp4nagios/action.gif
Binary files differ
diff --git a/puppet/modules/nagios/files/pnp4nagios/apache.conf b/puppet/modules/nagios/files/pnp4nagios/apache.conf
new file mode 100644
index 00000000..816bf05c
--- /dev/null
+++ b/puppet/modules/nagios/files/pnp4nagios/apache.conf
@@ -0,0 +1,31 @@
+# SAMPLE CONFIG SNIPPETS FOR APACHE WEB SERVER
+
+Alias /pnp4nagios "/usr/share/pnp4nagios/html"
+
+<Directory "/usr/share/pnp4nagios/html">
+ AllowOverride None
+ Order allow,deny
+ Allow from all
+ #
+ # Use the same value as defined in nagios.conf
+ #
+ AuthName "Nagios Access"
+ AuthType Basic
+ AuthUserFile /etc/nagios3/htpasswd.users
+ Require valid-user
+ <IfModule mod_rewrite.c>
+ # Turn on URL rewriting
+ RewriteEngine On
+ Options FollowSymLinks
+ # Installation directory
+ RewriteBase /pnp4nagios/
+ # Protect application and system files from being viewed
+ RewriteRule ^(application|modules|system) - [F,L]
+ # Allow any files or directories that exist to be displayed directly
+ RewriteCond %{REQUEST_FILENAME} !-f
+ RewriteCond %{REQUEST_FILENAME} !-d
+ # Rewrite all other URLs to index.php/URL
+ RewriteRule .* index.php/$0 [PT,L]
+ </IfModule>
+ DirectoryIndex index.php
+</Directory>
diff --git a/puppet/modules/nagios/files/pnp4nagios/npcd b/puppet/modules/nagios/files/pnp4nagios/npcd
new file mode 100644
index 00000000..64b3d4d9
--- /dev/null
+++ b/puppet/modules/nagios/files/pnp4nagios/npcd
@@ -0,0 +1,8 @@
+# Default settings for the NPCD init script.
+
+# Should NPCD be started? ("yes" to enable)
+RUN="yes"
+
+# Additional options that are passed to the daemon.
+DAEMON_OPTS="-d -f /etc/pnp4nagios/npcd.cfg"
+
diff --git a/puppet/modules/nagios/files/pnp4nagios/pnp4nagios-popup-templates.cfg b/puppet/modules/nagios/files/pnp4nagios/pnp4nagios-popup-templates.cfg
new file mode 100644
index 00000000..de17d841
--- /dev/null
+++ b/puppet/modules/nagios/files/pnp4nagios/pnp4nagios-popup-templates.cfg
@@ -0,0 +1,31 @@
+# http://docs.pnp4nagios.org/de/pnp-0.6/webfe
+
+define host {
+ name host-pnp
+ action_url /pnp4nagios/index.php/graph?host=$HOSTNAME$&srv=_HOST_' class='tips' rel='/pnp4nagios/index.php/popup?host=$HOSTNAME$&srv=_HOST_
+ register 0
+}
+
+define service {
+ name srv-pnp
+ action_url /pnp4nagios/index.php/graph?host=$HOSTNAME$&srv=$SERVICEDESC$' class='tips' rel='/pnp4nagios/index.php/popup?host=$HOSTNAME$&srv=$SERVICEDESC$
+ register 0
+}
+
+# templates for explicit use, i.e.
+# use => 'generic-host-pnp'
+
+define host {
+ name generic-host-pnp
+ use generic-host,host-pnp
+# action_url /pnp4nagios/index.php/graph?host=$HOSTNAME$&srv=_HOST_
+ register 0
+}
+
+define service {
+ name generic-service-pnp
+ use generic-service,srv-pnp
+# action_url /pnp4nagios/index.php/graph?host=$HOSTNAME$&srv=_HOST_
+ register 0
+}
+
diff --git a/puppet/modules/nagios/files/pnp4nagios/pnp4nagios-templates.cfg b/puppet/modules/nagios/files/pnp4nagios/pnp4nagios-templates.cfg
new file mode 100644
index 00000000..64c51865
--- /dev/null
+++ b/puppet/modules/nagios/files/pnp4nagios/pnp4nagios-templates.cfg
@@ -0,0 +1,33 @@
+# http://docs.pnp4nagios.org/de/pnp-0.6/webfe
+
+# templates for additional use, i.e.
+# use => 'generic-host,host-pnp'
+define host {
+ name host-pnp
+ action_url /pnp4nagios/index.php/graph?host=$HOSTNAME$&srv=_HOST_
+ register 0
+}
+
+define service {
+ name srv-pnp
+ action_url /pnp4nagios/index.php/graph?host=$HOSTNAME$&srv=$SERVICEDESC$
+ register 0
+}
+
+# templates for explicit use, i.e.
+# use => 'generic-host-pnp'
+
+define host {
+ name generic-host-pnp
+ use generic-host,host-pnp
+# action_url /pnp4nagios/index.php/graph?host=$HOSTNAME$&srv=_HOST_
+ register 0
+}
+
+define service {
+ name generic-service-pnp
+ use generic-service,srv-pnp
+# action_url /pnp4nagios/index.php/graph?host=$HOSTNAME$&srv=_HOST_
+ register 0
+}
+
diff --git a/puppet/modules/nagios/files/pnp4nagios/status-header.ssi b/puppet/modules/nagios/files/pnp4nagios/status-header.ssi
new file mode 100644
index 00000000..472be3a2
--- /dev/null
+++ b/puppet/modules/nagios/files/pnp4nagios/status-header.ssi
@@ -0,0 +1,8 @@
+<script src="/pnp4nagios/media/js/jquery-min.js" type="text/javascript"></script>
+<script src="/pnp4nagios/media/js/jquery.cluetip.js" type="text/javascript"></script>
+<script type="text/javascript">
+$(document).ready(function() {
+ $('a.tips').cluetip({ajaxCache: false, dropShadow: false,showTitle: false });
+});
+</script>
+
diff --git a/puppet/modules/nagios/images/nagiosgraph.gif b/puppet/modules/nagios/images/nagiosgraph.gif
new file mode 100644
index 00000000..068082af
--- /dev/null
+++ b/puppet/modules/nagios/images/nagiosgraph.gif
Binary files differ
diff --git a/puppet/modules/nagios/manifests/apache.pp b/puppet/modules/nagios/manifests/apache.pp
new file mode 100644
index 00000000..87fe3d2f
--- /dev/null
+++ b/puppet/modules/nagios/manifests/apache.pp
@@ -0,0 +1,15 @@
+# setup naguis together with apache
+class nagios::apache(
+ $allow_external_cmd = false,
+ $manage_shorewall = false,
+ $manage_munin = false,
+ $storeconfigs = true
+) {
+ class{'::nagios':
+ httpd => 'apache',
+ allow_external_cmd => $allow_external_cmd,
+ manage_munin => $manage_munin,
+ manage_shorewall => $manage_shorewall,
+ storeconfigs => $storeconfigs
+ }
+}
diff --git a/puppet/modules/nagios/manifests/base.pp b/puppet/modules/nagios/manifests/base.pp
new file mode 100644
index 00000000..18d5c12f
--- /dev/null
+++ b/puppet/modules/nagios/manifests/base.pp
@@ -0,0 +1,144 @@
+# basic stuff for nagios
+class nagios::base {
+ # include the variables
+ include ::nagios::defaults::vars
+
+ package { 'nagios':
+ ensure => present,
+ }
+
+ service { 'nagios':
+ ensure => running,
+ enable => $nagios::service_at_boot,
+ require => Package['nagios'],
+ }
+
+ $cfg_dir = $nagios::defaults::vars::int_cfgdir
+ # this file should contain all the nagios_puppet-paths:
+ file{
+ 'nagios_cfgdir':
+ ensure => directory,
+ path => $cfg_dir,
+ alias => nagios_confd,
+ recurse => true,
+ purge => true,
+ force => true,
+ require => Package['nagios'],
+ notify => Service['nagios'],
+ owner => root,
+ group => root,
+ mode => '0755';
+ 'nagios_main_cfg':
+ path => "${cfg_dir}/nagios.cfg",
+ source => [ "puppet:///modules/site_nagios/configs/${::fqdn}/nagios.cfg",
+ "puppet:///modules/site_nagios/configs/${::operatingsystem}/nagios.cfg",
+ 'puppet:///modules/site_nagios/configs/nagios.cfg',
+ "puppet:///modules/nagios/configs/${::operatingsystem}/nagios.cfg",
+ 'puppet:///modules/nagios/configs/nagios.cfg' ],
+ notify => Service['nagios'],
+ owner => root,
+ group => root,
+ mode => '0644';
+ 'nagios_cgi_cfg':
+ path => "${cfg_dir}/cgi.cfg",
+ source => [ "puppet:///modules/site_nagios/configs/${::fqdn}/cgi.cfg",
+ "puppet:///modules/site_nagios/configs/${::operatingsystem}/cgi.cfg",
+ 'puppet:///modules/site_nagios/configs/cgi.cfg',
+ "puppet:///modules/nagios/configs/${::operatingsystem}/cgi.cfg",
+ 'puppet:///modules/nagios/configs/cgi.cfg' ],
+ notify => Service['apache'],
+ owner => 'root',
+ group => 0,
+ mode => '0644';
+ 'nagios_htpasswd':
+ path => "${cfg_dir}/htpasswd.users",
+ source => [ 'puppet:///modules/site_nagios/htpasswd.users',
+ 'puppet:///modules/nagios/htpasswd.users' ],
+ owner => root,
+ group => apache,
+ mode => '0640';
+ 'nagios_resource_cfg':
+ path => "${cfg_dir}/resource.cfg",
+ source => [ "puppet:///modules/site_nagios/configs/${::operatingsystem}/private/resource.cfg.${::architecture}",
+ "puppet:///modules/nagios/configs/${::operatingsystem}/private/resource.cfg.${::architecture}" ],
+ notify => Service['nagios'],
+ owner => root,
+ group => nagios,
+ mode => '0640';
+ }
+
+ if $cfg_dir == '/etc/nagios3' {
+ file{'/etc/nagios':
+ ensure => link,
+ target => $cfg_dir,
+ before => File['nagios_cfgdir'],
+ }
+ }
+
+ file{
+ [ "${cfg_dir}/nagios_command.cfg",
+ "${cfg_dir}/nagios_contact.cfg",
+ "${cfg_dir}/nagios_contactgroup.cfg",
+ "${cfg_dir}/nagios_host.cfg",
+ "${cfg_dir}/nagios_hostdependency.cfg",
+ "${cfg_dir}/nagios_hostescalation.cfg",
+ "${cfg_dir}/nagios_hostextinfo.cfg",
+ "${cfg_dir}/nagios_hostgroup.cfg",
+ "${cfg_dir}/nagios_hostgroupescalation.cfg",
+ "${cfg_dir}/nagios_service.cfg",
+ "${cfg_dir}/nagios_servicedependency.cfg",
+ "${cfg_dir}/nagios_serviceescalation.cfg",
+ "${cfg_dir}/nagios_serviceextinfo.cfg",
+ "${cfg_dir}/nagios_servicegroup.cfg",
+ "${cfg_dir}/nagios_timeperiod.cfg" ]:
+ ensure => file,
+ replace => false,
+ notify => Service['nagios'],
+ require => File['nagios_cfgdir'],
+ owner => root,
+ group => 0,
+ mode => '0644';
+ }
+
+ resources {
+ [
+ 'nagios_command',
+ 'nagios_contactgroup',
+ 'nagios_contact',
+ 'nagios_hostdependency',
+ 'nagios_hostescalation',
+ 'nagios_hostextinfo',
+ 'nagios_hostgroup',
+ 'nagios_host',
+ 'nagios_servicedependency',
+ 'nagios_serviceescalation',
+ 'nagios_servicegroup',
+ 'nagios_serviceextinfo',
+ 'nagios_service',
+ 'nagios_timeperiod',
+ ]:
+ notify => Service['nagios'],
+ purge => $::nagios::purge_resources
+ }
+
+ # make sure nagios resources are defined after nagios is
+ # installed and the nagios_cfgdir resource is present
+ File['nagios_cfgdir'] -> Nagios_command <||>
+ File['nagios_cfgdir'] -> Nagios_contactgroup <||>
+ File['nagios_cfgdir'] -> Nagios_contact <||>
+ File['nagios_cfgdir'] -> Nagios_hostdependency <||>
+ File['nagios_cfgdir'] -> Nagios_hostescalation <||>
+ File['nagios_cfgdir'] -> Nagios_hostextinfo <||>
+ File['nagios_cfgdir'] -> Nagios_hostgroup <||>
+ File['nagios_cfgdir'] -> Nagios_host <||>
+ File['nagios_cfgdir'] -> Nagios_servicedependency <||>
+ File['nagios_cfgdir'] -> Nagios_serviceescalation <||>
+ File['nagios_cfgdir'] -> Nagios_servicegroup <||>
+ File['nagios_cfgdir'] -> Nagios_serviceextinfo <||>
+ File['nagios_cfgdir'] -> Nagios_service <||>
+ File['nagios_cfgdir'] -> Nagios_timeperiod <||>
+
+ if ( $nagios::storeconfigs == true ) {
+ include ::nagios::storeconfigs
+ }
+}
diff --git a/puppet/modules/nagios/manifests/centos.pp b/puppet/modules/nagios/manifests/centos.pp
new file mode 100644
index 00000000..f41d46dc
--- /dev/null
+++ b/puppet/modules/nagios/manifests/centos.pp
@@ -0,0 +1,42 @@
+# centos specific changes
+class nagios::centos inherits nagios::base {
+
+ package { [ 'nagios-plugins', 'nagios-plugins-smtp','nagios-plugins-http',
+ 'nagios-plugins-ssh', 'nagios-plugins-tcp', 'nagios-plugins-dig',
+ 'nagios-plugins-nrpe', 'nagios-plugins-load', 'nagios-plugins-dns',
+ 'nagios-plugins-ping', 'nagios-plugins-procs', 'nagios-plugins-users',
+ 'nagios-plugins-ldap', 'nagios-plugins-disk', 'nagios-plugins-swap',
+ 'nagios-plugins-nagios', 'nagios-plugins-perl', 'nagios-plugins-ntp',
+ 'nagios-plugins-snmp' ]:
+ ensure => 'present',
+ notify => Service['nagios'],
+ }
+
+ Service['nagios']{
+ hasstatus => true,
+ }
+
+ file{
+ 'nagios_private':
+ ensure => directory,
+ path => "${nagios::base::cfg_dir}/private",
+ purge => true,
+ recurse => true,
+ notify => Service['nagios'],
+ owner => root,
+ group => nagios,
+ mode => '0750';
+ }
+ File['nagios_resource_cfg']{
+ path => "${nagios::base::cfg_dir}/private/resource.cfg",
+ }
+ if $nagios::allow_external_cmd {
+ file{'/var/spool/nagios/cmd':
+ ensure => 'directory',
+ require => Package['nagios'],
+ owner => apache,
+ group => nagios,
+ mode => '2660',
+ }
+ }
+}
diff --git a/puppet/modules/nagios/manifests/command/imap_pop3.pp b/puppet/modules/nagios/manifests/command/imap_pop3.pp
new file mode 100644
index 00000000..42e4092b
--- /dev/null
+++ b/puppet/modules/nagios/manifests/command/imap_pop3.pp
@@ -0,0 +1,30 @@
+# manage mail checks
+class nagios::command::imap_pop3 {
+ require ::nagios::plugins::mail_login
+ case $::operatingsystem {
+ 'Debian','Ubuntu': { } # Debian/Ubuntu already define those checks
+ default: {
+ nagios_command {
+ 'check_imap':
+ command_line => '$USER1$/check_imap -H $ARG1$ -p $ARG2$';
+ }
+ }
+ }
+
+ nagios_command {
+ 'check_imap_ssl':
+ command_line => '$USER1$/check_imap -H $ARG1$ -p $ARG2$ -S';
+ 'check_pop3':
+ command_line => '$USER1$/check_pop -H $ARG1$ -p $ARG2$';
+ 'check_pop3_ssl':
+ command_line => '$USER1$/check_pop -H $ARG1$ -p $ARG2$ -S';
+ 'check_managesieve':
+ command_line => '$USER1$/check_tcp -H $ARG1$ -p 4190';
+ 'check_managesieve_legacy':
+ command_line => '$USER1$/check_tcp -H $ARG1$ -p 2000';
+ 'check_imap_login':
+ command_line => '$USER1$/check_imap_login -s -H $ARG1$ -u $ARG2$ -p $ARG3$ -w $ARG4$ -c $ARG5$';
+ 'check_pop3_login':
+ command_line => '$USER1$/check_pop3_login -s -H $ARG1$ -u $ARG2$ -p $ARG3$ -w $ARG4$ -c $ARG5$';
+ }
+}
diff --git a/puppet/modules/nagios/manifests/command/nrpe.pp b/puppet/modules/nagios/manifests/command/nrpe.pp
new file mode 100644
index 00000000..7539a266
--- /dev/null
+++ b/puppet/modules/nagios/manifests/command/nrpe.pp
@@ -0,0 +1,14 @@
+class nagios::command::nrpe {
+
+ # this command runs a program $ARG1$ with arguments $ARG2$
+ nagios_command {
+ 'check_nrpe':
+ command_line => '/usr/lib/nagios/plugins/check_nrpe -H $HOSTADDRESS$ -c $ARG1$ -a $ARG2$'
+ }
+
+ # this command runs a program $ARG1$ with no arguments
+ nagios_command {
+ 'check_nrpe_1arg':
+ command_line => '/usr/lib/nagios/plugins/check_nrpe -H $HOSTADDRESS$ -c $ARG1$'
+ }
+}
diff --git a/puppet/modules/nagios/manifests/command/nrpe_timeout.pp b/puppet/modules/nagios/manifests/command/nrpe_timeout.pp
new file mode 100644
index 00000000..799f2fc3
--- /dev/null
+++ b/puppet/modules/nagios/manifests/command/nrpe_timeout.pp
@@ -0,0 +1,11 @@
+class nagios::command::nrpe_timeout {
+ nagios_command {
+ 'check_nrpe_timeout':
+ command_line => '/usr/lib/nagios/plugins/check_nrpe -t $ARG1$ -H $HOSTADDRESS$ -c $ARG2$ -a $ARG3$',
+ require => Package['nagios-nrpe-server'];
+
+ 'check_nrpe_1arg_timeout':
+ command_line => '/usr/lib/nagios/plugins/check_nrpe -t $ARG1$ -H $HOSTADDRESS$ -c $ARG2$',
+ require => Package['nagios-nrpe-server']
+ }
+}
diff --git a/puppet/modules/nagios/manifests/command/smtp.pp b/puppet/modules/nagios/manifests/command/smtp.pp
new file mode 100644
index 00000000..29d97f8b
--- /dev/null
+++ b/puppet/modules/nagios/manifests/command/smtp.pp
@@ -0,0 +1,22 @@
+class nagios::command::smtp {
+ case $operatingsystem {
+ debian,ubuntu: { } # Debian/Ubuntu already define those checks
+ default: {
+ nagios_command {
+ 'check_smtp':
+ command_line => '$USER1$/check_smtp -H $ARG1$ -p $ARG2$';
+ 'check_ssmtp':
+ command_line => '$USER1$/check_ssmtp -H $ARG1$ -p $ARG2$ -S';
+ }
+ }
+ }
+
+ nagios_command {
+ 'check_smtp_tls':
+ command_line => '$USER1$/check_smtp -H $ARG1$ -p $ARG2$ -S';
+ 'check_smtp_cert':
+ command_line => '$USER1$/check_smtp -H $ARG1$ -p $ARG2$ -S -D $ARG3$';
+ 'check_ssmtp_cert':
+ command_line => '$USER1$/check_ssmtp -H $ARG1$ -p $ARG2$ -S -D $ARG3$';
+ }
+}
diff --git a/puppet/modules/nagios/manifests/debian.pp b/puppet/modules/nagios/manifests/debian.pp
new file mode 100644
index 00000000..39af973e
--- /dev/null
+++ b/puppet/modules/nagios/manifests/debian.pp
@@ -0,0 +1,54 @@
+# debian specific things
+class nagios::debian inherits nagios::base {
+
+ Package['nagios'] { name => 'nagios3' }
+
+ package { [ 'nagios-plugins', 'nagios-snmp-plugins','nagios-nrpe-plugin' ]:
+ ensure => 'present',
+ notify => Service['nagios'],
+ }
+
+ Service['nagios'] {
+ name => 'nagios3',
+ hasstatus => true,
+ }
+
+ File['nagios_htpasswd', 'nagios_cgi_cfg'] { group => 'www-data' }
+
+ file{
+ 'nagios_commands_cfg':
+ path => "${nagios::defaults::vars::int_cfgdir}/commands.cfg",
+ notify => Service['nagios'],
+ owner => root,
+ group => root,
+ mode => '0644',
+ require => Package['nagios'];
+ "${nagios::defaults::vars::int_cfgdir}/stylesheets":
+ ensure => directory,
+ purge => false,
+ recurse => true,
+ require => Package['nagios'];
+ }
+
+ if $nagios::allow_external_cmd {
+ exec { 'nagios_external_cmd_perms_overrides':
+ command => 'dpkg-statoverride --update --add nagios www-data 2710 /var/lib/nagios3/rw && dpkg-statoverride --update --add nagios nagios 751 /var/lib/nagios3',
+ unless => 'dpkg-statoverride --list nagios www-data 2710 /var/lib/nagios3/rw && dpkg-statoverride --list nagios nagios 751 /var/lib/nagios3',
+ logoutput => false,
+ notify => Service['nagios'],
+ require => Package['nagios'],
+ }
+ exec { 'nagios_external_cmd_perms_1':
+ command => 'chmod 0751 /var/lib/nagios3 && chown nagios:nagios /var/lib/nagios3',
+ unless => 'test "`stat -c "%a %U %G" /var/lib/nagios3`" = "751 nagios nagios"',
+ notify => Service['nagios'],
+ require => Package['nagios'],
+ }
+ exec { 'nagios_external_cmd_perms_2':
+ command => 'chmod 2751 /var/lib/nagios3/rw && chown nagios:www-data /var/lib/nagios3/rw',
+ unless => 'test "`stat -c "%a %U %G" /var/lib/nagios3/rw`" = "2751 nagios www-data"',
+ notify => Service['nagios'],
+ require => Package['nagios'],
+ }
+ }
+}
diff --git a/puppet/modules/nagios/manifests/debian/apache.pp b/puppet/modules/nagios/manifests/debian/apache.pp
new file mode 100644
index 00000000..17b60c60
--- /dev/null
+++ b/puppet/modules/nagios/manifests/debian/apache.pp
@@ -0,0 +1,22 @@
+# Handle files that are specifically needed for nagios with apache on debian
+#
+# Do not include this class directly. It is included by the nagios class and
+# needs variables from it.
+#
+class nagios::debian::apache {
+
+ include ::nagios::defaults::vars
+
+ file { "${nagios::defaults::vars::int_cfgdir}/apache2.conf":
+ source => [ "puppet:///modules/site_nagios/configs/${::fqdn}/apache2.conf",
+ 'puppet:///modules/site_nagios/configs/apache2.conf',
+ 'puppet:///modules/nagios/configs/apache2.conf'],
+ }
+
+ apache::config::global { 'nagios3.conf':
+ ensure => link,
+ target => "${nagios::defaults::vars::int_cfgdir}/apache2.conf",
+ require => File["${nagios::defaults::vars::int_cfgdir}/apache2.conf"],
+ }
+
+}
diff --git a/puppet/modules/nagios/manifests/defaults.pp b/puppet/modules/nagios/manifests/defaults.pp
new file mode 100644
index 00000000..7c25ac94
--- /dev/null
+++ b/puppet/modules/nagios/manifests/defaults.pp
@@ -0,0 +1,12 @@
+class nagios::defaults {
+
+ # include some default nagios objects
+
+ include nagios::defaults::commands
+ include nagios::defaults::contactgroups
+ include nagios::defaults::contacts
+ include nagios::defaults::hostgroups
+ include nagios::defaults::templates
+ include nagios::defaults::timeperiods
+ include nagios::defaults::plugins
+}
diff --git a/puppet/modules/nagios/manifests/defaults/commands.pp b/puppet/modules/nagios/manifests/defaults/commands.pp
new file mode 100644
index 00000000..0f24411f
--- /dev/null
+++ b/puppet/modules/nagios/manifests/defaults/commands.pp
@@ -0,0 +1,145 @@
+# defaults commands we wanna have available
+class nagios::defaults::commands {
+
+ include ::nagios::command::smtp
+ include ::nagios::command::imap_pop3
+ include ::nagios::plugins::horde_login
+
+ # common service commands
+ case $::operatingsystem {
+ 'Debian','Ubuntu': {
+ nagios_command {
+ 'check_dummy':
+ command_line => '$USER1$/check_dummy $ARG1$';
+ 'check_https_cert':
+ command_line => '$USER1$/check_http --ssl -C 20 -H $HOSTADDRESS$ -I $HOSTADDRESS$';
+ 'check_http_url':
+ command_line => '$USER1$/check_http -H $ARG1$ -u $ARG2$';
+ 'check_http_url_regex':
+ command_line => '$USER1$/check_http -H $ARG1$ -p $ARG2$ -u $ARG3$ -e $ARG4$';
+ 'check_https_url':
+ command_line => '$USER1$/check_http --ssl -H $ARG1$ -u $ARG2$';
+ 'check_https_url_regex':
+ command_line => '$USER1$/check_http --ssl -H $ARG1$ -u $ARG2$ -e $ARG3$';
+ 'check_mysql_db':
+ command_line => '$USER1$/check_mysql -H $ARG1$ -P $ARG2$ -u $ARG3$ -p $ARG4$ -d $ARG5$';
+ 'check_ntp_time':
+ command_line => '$USER1$/check_ntp_time -H $HOSTADDRESS$ -w 0.5 -c 1';
+ 'check_silc':
+ command_line => '$USER1$/check_tcp -p 706 -H $ARG1$';
+ 'check_sobby':
+ command_line => '$USER1$/check_tcp -H $ARG1$ -p $ARG2$';
+ 'check_jabber':
+ command_line => '$USER1$/check_jabber -H $ARG1$';
+ 'check_git':
+ command_line => '$USER1$/check_tcp -H $ARG1$ -p 9418';
+ }
+ }
+ default: {
+ nagios_command {
+ 'check_dummy':
+ command_line => '$USER1$/check_dummy $ARG1$';
+ 'check_ping':
+ command_line => '$USER1$/check_ping -H $HOSTADDRESS$ -w $ARG1$ -c $ARG2$';
+ 'check-host-alive':
+ command_line => '$USER1$/check_ping -H $HOSTADDRESS$ -w 5000,100% -c 5000,100% -p 1';
+ 'check_tcp':
+ command_line => '$USER1$/check_tcp -H $HOSTADDRESS$ -p $ARG1$';
+ 'check_udp':
+ command_line => '$USER1$/check_udp -H $HOSTADDRESS$ -p $ARG1$';
+ 'check_load':
+ command_line => '$USER1$/check_load --warning=$ARG1$,$ARG2$,$ARG3$ --critical=$ARG4$,$ARG5$,$ARG6$';
+ 'check_disk':
+ command_line => '$USER1$/check_disk -w $ARG1$ -c $ARG2$ -e -p $ARG3$';
+ 'check_all_disks':
+ command_line => '$USER1$/check_disk -w $ARG1$ -c $ARG2$ -e';
+ 'check_ssh':
+ command_line => '$USER1$/check_ssh $HOSTADDRESS$';
+ 'check_ssh_port':
+ command_line => '$USER1$/check_ssh -p $ARG1$ $HOSTADDRESS$';
+ 'check_ssh_port_host':
+ command_line => '$USER1$/check_ssh -p $ARG1$ $ARG2$';
+ 'check_http':
+ command_line => '$USER1$/check_http -H $HOSTADDRESS$ -I $HOSTADDRESS$';
+ 'check_https':
+ command_line => '$USER1$/check_http --ssl -H $HOSTADDRESS$ -I $HOSTADDRESS$';
+ 'check_https_cert':
+ command_line => '$USER1$/check_http --ssl -C 20 -H $HOSTADDRESS$ -I $HOSTADDRESS$';
+ 'check_http_url':
+ command_line => '$USER1$/check_http -H $ARG1$ -u $ARG2$';
+ 'check_http_url_regex':
+ command_line => '$USER1$/check_http -H $ARG1$ -p $ARG2$ -u $ARG3$ -e $ARG4$';
+ 'check_https_url':
+ command_line => '$USER1$/check_http --ssl -H $ARG1$ -u $ARG2$';
+ 'check_https_url_regex':
+ command_line => '$USER1$/check_http --ssl -H $ARG1$ -u $ARG2$ -e $ARG3$';
+ 'check_mysql':
+ command_line => '$USER1$/check_mysql -H $ARG1$ -P $ARG2$ -u $ARG3$ -p $ARG4$';
+ 'check_mysql_db':
+ command_line => '$USER1$/check_mysql -H $ARG1$ -P $ARG2$ -u $ARG3$ -p $ARG4$ -d $ARG5$';
+ 'check_ntp_time':
+ command_line => '$USER1$/check_ntp_time -H $HOSTADDRESS$ -w 0.5 -c 1';
+ 'check_silc':
+ command_line => '$USER1$/check_tcp -p 706 -H $ARG1$';
+ 'check_sobby':
+ command_line => '$USER1$/check_tcp -H $ARG1$ -p $ARG2$';
+ 'check_jabber':
+ command_line => '$USER1$/check_jabber -H $ARG1$';
+ 'check_git':
+ command_line => '$USER1$/check_tcp -H $ARG1$ -p 9418';
+ }
+ }
+ }
+
+ # commands for services defined by other modules
+
+ nagios_command {
+ # from apache module
+ 'http_port':
+ command_line => '$USER1$/check_http -p $ARG1$ -H $HOSTADDRESS$ -I $HOSTADDRESS$';
+
+ 'check_http_port_url_content':
+ command_line => '$USER1$/check_http -H $ARG1$ -p $ARG2$ -u $ARG3$ -s $ARG4$';
+ 'check_https_port_url_content':
+ command_line => '$USER1$/check_http --ssl -H $ARG1$ -p $ARG2$ -u $ARG3$ -s $ARG4$';
+ 'check_http_url_content':
+ command_line => '$USER1$/check_http -H $ARG1$ -u $ARG2$ -s $ARG3$';
+ 'check_https_url_content':
+ command_line => '$USER1$/check_http --ssl -H $ARG1$ -u $ARG2$ -s $ARG3$';
+
+ # from bind module
+ 'check_dig2':
+ command_line => '$USER1$/check_dig -H $HOSTADDRESS$ -l $ARG1$ --record_type=$ARG2$';
+
+ # from mysql module
+ 'check_mysql_health':
+ command_line => '$USER1$/check_mysql_health --hostname $ARG1$ --port $ARG2$ --username $ARG3$ --password $ARG4$ --mode $ARG5$ --database $ARG6$ $ARG7$ $ARG8$';
+
+ # better check_dns
+ 'check_dns2':
+ command_line => '$USER1$/check_dns2 -c $ARG1$ A $ARG2$';
+
+ # dnsbl checking
+ 'check_dnsbl':
+ command_line => '$USER1$/check_dnsbl -H $ARG1$';
+ }
+
+ # notification commands
+
+ $mail_cmd_location = $::operatingsystem ? {
+ 'CentOS' => '/bin/mail',
+ default => '/usr/bin/mail'
+ }
+
+ case $::lsbdistcodename {
+ 'wheezy': { }
+ default: {
+ nagios_command {
+ 'notify-host-by-email':
+ command_line => "/usr/bin/printf \"%b\" \"***** Nagios *****\\n\\nNotification Type: \$NOTIFICATIONTYPE\$\\n\\nHost: \$HOSTNAME\$ (\$HOSTALIAS\$)\\nAddress: \$HOSTADDRESS\$\\nState: \$HOSTSTATE\$\\nDuration: \$HOSTDURATION\$\\n\\nDate/Time: \$LONGDATETIME\$\\n\\nOutput: \$HOSTOUTPUT\$\" | ${mail_cmd_location} -s \"\$NOTIFICATIONTYPE\$: \$HOSTSTATE\$ - \$HOSTNAME\$\" \$CONTACTEMAIL\$";
+ 'notify-service-by-email':
+ command_line => "/usr/bin/printf \"%b\" \"***** Nagios *****\\n\\nNotification Type: \$NOTIFICATIONTYPE\$\\n\\nHost: \$HOSTNAME\$ (\$HOSTALIAS\$)\\nAddress: \$HOSTADDRESS\$\\n\\nService: \$SERVICEDESC\$\\nState: \$SERVICESTATE\$\\nDuration: \$SERVICEDURATION\$\\n\\nDate/Time: \$LONGDATETIME\$\\n\\nOutput: \$SERVICEOUTPUT\$\" | ${mail_cmd_location} -s \"\$NOTIFICATIONTYPE\$: \$SERVICESTATE\$ - \$HOSTALIAS\$/\$SERVICEDESC\$\" \$CONTACTEMAIL\$";
+ }
+ }
+ }
+}
diff --git a/puppet/modules/nagios/manifests/defaults/contactgroups.pp b/puppet/modules/nagios/manifests/defaults/contactgroups.pp
new file mode 100644
index 00000000..f5affc60
--- /dev/null
+++ b/puppet/modules/nagios/manifests/defaults/contactgroups.pp
@@ -0,0 +1,9 @@
+class nagios::defaults::contactgroups {
+
+ nagios_contactgroup {
+ 'admins':
+ alias => 'Nagios Administrators',
+ members => 'root',
+ }
+
+}
diff --git a/puppet/modules/nagios/manifests/defaults/contacts.pp b/puppet/modules/nagios/manifests/defaults/contacts.pp
new file mode 100644
index 00000000..0252b5a8
--- /dev/null
+++ b/puppet/modules/nagios/manifests/defaults/contacts.pp
@@ -0,0 +1,15 @@
+class nagios::defaults::contacts {
+
+ nagios_contact {
+ 'root':
+ alias => 'Root',
+ service_notification_period => '24x7',
+ host_notification_period => '24x7',
+ service_notification_options => 'w,u,c,r',
+ host_notification_options => 'd,r',
+ service_notification_commands => 'notify-service-by-email',
+ host_notification_commands => 'notify-host-by-email',
+ email => 'root@localhost',
+ }
+
+}
diff --git a/puppet/modules/nagios/manifests/defaults/host_templates.pp b/puppet/modules/nagios/manifests/defaults/host_templates.pp
new file mode 100644
index 00000000..0f47324a
--- /dev/null
+++ b/puppet/modules/nagios/manifests/defaults/host_templates.pp
@@ -0,0 +1,24 @@
+class nagios::defaults::host_templates {
+
+ # this inoperative for the moment, see :
+ # http://projects.reductivelabs.com/issues/1180
+
+ nagios_host {
+ 'generic-host':
+ notifications_enabled => '1',
+ event_handler_enabled => '1',
+ flap_detection_enabled => '1',
+ failure_prediction_enabled => '1',
+ process_perf_data => '1',
+ retain_status_information => '1',
+ retain_nonstatus_information => '1',
+ check_command => 'check-host-alive',
+ max_check_attempts => '10',
+ notification_interval => '0',
+ notification_period => '24x7',
+ notification_options => 'd,u,r',
+ contact_groups => 'admins',
+ register => '0',
+ }
+
+}
diff --git a/puppet/modules/nagios/manifests/defaults/hostgroups.pp b/puppet/modules/nagios/manifests/defaults/hostgroups.pp
new file mode 100644
index 00000000..8715adee
--- /dev/null
+++ b/puppet/modules/nagios/manifests/defaults/hostgroups.pp
@@ -0,0 +1,11 @@
+class nagios::defaults::hostgroups {
+ nagios_hostgroup {
+ 'all':
+ alias => 'All Servers',
+ members => '*';
+ 'debian-servers':
+ alias => 'Debian GNU/Linux Servers';
+ 'centos-servers':
+ alias => 'CentOS GNU/Linux Servers';
+ }
+}
diff --git a/puppet/modules/nagios/manifests/defaults/plugins.pp b/puppet/modules/nagios/manifests/defaults/plugins.pp
new file mode 100644
index 00000000..abd8b528
--- /dev/null
+++ b/puppet/modules/nagios/manifests/defaults/plugins.pp
@@ -0,0 +1,10 @@
+class nagios::defaults::plugins {
+ nagios::plugin {
+ 'check_mysql_health':
+ source => 'nagios/plugins/check_mysql_health';
+ 'check_dns2':
+ source => 'nagios/plugins/check_dns2';
+ 'check_dnsbl':
+ source => 'nagios/plugins/check_dnsbl';
+ }
+}
diff --git a/puppet/modules/nagios/manifests/defaults/pnp4nagios.pp b/puppet/modules/nagios/manifests/defaults/pnp4nagios.pp
new file mode 100644
index 00000000..58676c5a
--- /dev/null
+++ b/puppet/modules/nagios/manifests/defaults/pnp4nagios.pp
@@ -0,0 +1,14 @@
+# configure default cmds for pnp4nagios
+class nagios::defaults::pnp4nagios {
+
+ # performance data cmds
+ # http://docs.pnp4nagios.org/de/pnp-0.6/config#bulk_mode_mit_npcd
+ nagios_command {
+ 'process-service-perfdata-file-pnp4nagios-bulk-npcd':
+ command_line => '/bin/mv /var/lib/nagios3/service-perfdata /var/spool/pnp4nagios/npcd/service-perfdata.$TIMET$',
+ require => Package['nagios'];
+ 'process-host-perfdata-file-pnp4nagios-bulk-npcd':
+ command_line => '/bin/mv /var/lib/nagios3/host-perfdata /var/spool/pnp4nagios/npcd/host-perfdata.$TIMET$',
+ require => Package['nagios'];
+ }
+}
diff --git a/puppet/modules/nagios/manifests/defaults/service_templates.pp b/puppet/modules/nagios/manifests/defaults/service_templates.pp
new file mode 100644
index 00000000..e39441a1
--- /dev/null
+++ b/puppet/modules/nagios/manifests/defaults/service_templates.pp
@@ -0,0 +1,32 @@
+# define the generic service template
+class nagios::defaults::service_templates {
+
+ # this inoperative for the moment, see :
+ # http://projects.reductivelabs.com/issues/1180
+
+ nagios_service {
+ 'generic-service':
+ active_checks_enabled => '1',
+ passive_checks_enabled => '1',
+ parallelize_check => '1',
+ obsess_over_service => '1',
+ check_freshness => '0',
+ notifications_enabled => '1',
+ event_handler_enabled => '1',
+ flap_detection_enabled => '1',
+ failure_prediction_enabled => '1',
+ process_perf_data => '1',
+ retain_status_information => '1',
+ retain_nonstatus_information => '1',
+ notification_interval => '0',
+ is_volatile => '0',
+ check_period => '24x7',
+ check_interval => '5',
+ retry_check_interval => '1',
+ max_check_attempts => '4',
+ notification_period => '24x7',
+ notification_options => 'w,u,c,r',
+ contact_groups => 'admins',
+ register => '0',
+ }
+}
diff --git a/puppet/modules/nagios/manifests/defaults/templates.pp b/puppet/modules/nagios/manifests/defaults/templates.pp
new file mode 100644
index 00000000..5158189c
--- /dev/null
+++ b/puppet/modules/nagios/manifests/defaults/templates.pp
@@ -0,0 +1,17 @@
+# manage nagios_templates
+class nagios::defaults::templates {
+ include nagios::defaults::vars
+
+ file { 'nagios_templates':
+ path => "${nagios::defaults::vars::int_cfgdir}/nagios_templates.cfg",
+ source => [ "puppet:///modules/site_nagios/configs/${::fqdn}/nagios_templates.cfg",
+ "puppet:///modules/site_nagios/configs/${::operatingsystem}/nagios_templates.cfg",
+ 'puppet:///modules/site_nagios/configs/nagios_templates.cfg',
+ "puppet:///modules/nagios/configs/${::operatingsystem}/nagios_templates.cfg",
+ 'puppet:///modules/nagios/configs/nagios_templates.cfg' ],
+ notify => Service['nagios'],
+ owner => root,
+ group => root,
+ mode => '0644';
+ }
+}
diff --git a/puppet/modules/nagios/manifests/defaults/timeperiods.pp b/puppet/modules/nagios/manifests/defaults/timeperiods.pp
new file mode 100644
index 00000000..0d05118a
--- /dev/null
+++ b/puppet/modules/nagios/manifests/defaults/timeperiods.pp
@@ -0,0 +1,33 @@
+class nagios::defaults::timeperiods {
+
+ nagios_timeperiod {
+ '24x7':
+ alias => '24 Hours A Day, 7 Days A Week',
+ sunday => '00:00-24:00',
+ monday => '00:00-24:00',
+ tuesday => '00:00-24:00',
+ wednesday => '00:00-24:00',
+ thursday => '00:00-24:00',
+ friday => '00:00-24:00',
+ saturday => '00:00-24:00';
+ 'workhours':
+ alias => 'Standard Work Hours',
+ monday => '09:00-17:00',
+ tuesday => '09:00-17:00',
+ wednesday => '09:00-17:00',
+ thursday => '09:00-17:00',
+ friday => '09:00-17:00';
+ 'nonworkhours':
+ alias => 'Non-Work Hours',
+ sunday => '00:00-24:00',
+ monday => '00:00-09:00,17:00-24:00',
+ tuesday => '00:00-09:00,17:00-24:00',
+ wednesday => '00:00-09:00,17:00-24:00',
+ thursday => '00:00-09:00,17:00-24:00',
+ friday => '00:00-09:00,17:00-24:00',
+ saturday => '00:00-24:00';
+ 'never':
+ alias => 'Never';
+ }
+
+}
diff --git a/puppet/modules/nagios/manifests/defaults/vars.pp b/puppet/modules/nagios/manifests/defaults/vars.pp
new file mode 100644
index 00000000..e1a62245
--- /dev/null
+++ b/puppet/modules/nagios/manifests/defaults/vars.pp
@@ -0,0 +1,11 @@
+# some default vars
+class nagios::defaults::vars {
+ case $nagios::cfgdir {
+ '': { $int_cfgdir = $::operatingsystem ? {
+ centos => '/etc/nagios',
+ default => '/etc/nagios3'
+ }
+ }
+ default: { $int_cfgdir = $nagios::cfgdir }
+ }
+}
diff --git a/puppet/modules/nagios/manifests/headless.pp b/puppet/modules/nagios/manifests/headless.pp
new file mode 100644
index 00000000..ba8af8f4
--- /dev/null
+++ b/puppet/modules/nagios/manifests/headless.pp
@@ -0,0 +1,5 @@
+class nagios::headless {
+ class { 'nagios':
+ httpd => 'absent',
+ }
+}
diff --git a/puppet/modules/nagios/manifests/init.pp b/puppet/modules/nagios/manifests/init.pp
new file mode 100644
index 00000000..e3421a0a
--- /dev/null
+++ b/puppet/modules/nagios/manifests/init.pp
@@ -0,0 +1,56 @@
+#
+# nagios module
+# nagios.pp - everything nagios related
+#
+# Copyright (C) 2007 David Schmitt <david@schmitt.edv-bus.at>
+# Copyright 2008, admin(at)immerda.ch
+# Copyright 2008, Puzzle ITC GmbH
+# Marcel Haerry haerry+puppet(at)puzzle.ch
+# Simon Josi josi+puppet(at)puzzle.ch
+#
+# This program is free software; you can redistribute
+# it and/or modify it under the terms of the GNU
+# General Public License version 3 as published by
+# the Free Software Foundation.
+#
+
+# manage nagios
+class nagios(
+ $httpd = 'apache',
+ $allow_external_cmd = false,
+ $manage_shorewall = false,
+ $manage_munin = false,
+ $service_atboot = true,
+ $purge_resources = true,
+ $gpgkey_checks = {},
+ $storeconfigs = true
+) {
+ case $nagios::httpd {
+ 'absent': { }
+ 'lighttpd': { include ::lighttpd }
+ 'apache': {
+ include ::apache
+ if $::operatingsystem == 'Debian' {
+ include ::nagios::debian::apache
+ }
+ }
+ default: { include ::apache }
+ }
+ case $::operatingsystem {
+ 'centos': {
+ $cfgdir = '/etc/nagios'
+ include ::nagios::centos
+ }
+ 'debian': {
+ $cfgdir = '/etc/nagios3'
+ include ::nagios::debian
+ }
+ default: {
+ fail("No such operatingsystem: ${::operatingsystem} yet defined")
+ }
+ }
+ if $manage_munin {
+ include ::nagios::munin
+ }
+ create_resources('nagios::service::gpgkey',$gpgkey_checks)
+}
diff --git a/puppet/modules/nagios/manifests/irc_bot.pp b/puppet/modules/nagios/manifests/irc_bot.pp
new file mode 100644
index 00000000..7e934ef1
--- /dev/null
+++ b/puppet/modules/nagios/manifests/irc_bot.pp
@@ -0,0 +1,50 @@
+class nagios::irc_bot(
+ $nsa_socket = 'absent',
+ $nsa_server,
+ $nsa_port = 6667,
+ $nsa_nickname,
+ $nsa_password = '',
+ $nsa_channel,
+ $nsa_pidfile = 'absent',
+ $nsa_realname = 'Nagios',
+ $nsa_usenotices = false,
+ $nsa_commandfile = 'absent'
+) {
+ $real_nsa_socket = $nsa_socket ? {
+ 'absent' => $::operatingsystem ? {
+ centos => '/var/run/nagios-nsa/nsa.socket',
+ default => '/var/run/nagios3/nsa.socket'
+ },
+ default => $nsa_socket,
+ }
+ $real_nsa_pidfile = $nsa_pidfile ? {
+ 'absent' => $::operatingsystem ? {
+ centos => '/var/run/nagios-nsa/nsa.pid',
+ default => '/var/run/nagios3/nsa.pid'
+ },
+ default => $nsa_pidfile,
+ }
+ $real_nsa_commandfile = $nsa_commandfile ? {
+ 'absent' => $::operatingsystem ? {
+ centos => '/var/spool/nagios/cmd/nagios.cmd',
+ default => '/var/lib/nagios3/rw/nagios.cmd'
+ },
+ default => $nsa_commandfile,
+ }
+
+ case $::operatingsystem {
+ centos: {
+ include nagios::irc_bot::centos
+ }
+ debian,ubuntu: {
+ include nagios::irc_bot::debian
+ }
+ default: {
+ include nagios::irc_bot::base
+ }
+ }
+
+ if $nagios::manage_shorewall {
+ include shorewall::rules::out::irc
+ }
+}
diff --git a/puppet/modules/nagios/manifests/irc_bot/base.pp b/puppet/modules/nagios/manifests/irc_bot/base.pp
new file mode 100644
index 00000000..fff9da4f
--- /dev/null
+++ b/puppet/modules/nagios/manifests/irc_bot/base.pp
@@ -0,0 +1,41 @@
+class nagios::irc_bot::base {
+ file {
+ '/usr/local/bin/riseup-nagios-client.pl':
+ source => 'puppet:///modules/nagios/irc_bot/riseup-nagios-client.pl',
+ owner => root, group => 0, mode => '0755';
+
+ '/usr/local/bin/riseup-nagios-server.pl':
+ source => 'puppet:///modules/nagios/irc_bot/riseup-nagios-server.pl',
+ owner => root, group => 0, mode => '0755';
+
+ '/etc/init.d/nagios-nsa':
+ content => template("nagios/irc_bot/${::operatingsystem}/nagios-nsa.sh.erb"),
+ require => File['/usr/local/bin/riseup-nagios-server.pl'],
+ owner => root, group => 0, mode => '0755';
+
+ '/etc/nagios_nsa.cfg':
+ ensure => present,
+ content => template('nagios/irc_bot/nsa.cfg.erb'),
+ owner => nagios, group => 0, mode => '0400',
+ notify => Service['nagios-nsa'];
+ }
+
+ package { 'libnet-irc-perl':
+ ensure => present,
+ }
+
+ service { 'nagios-nsa':
+ ensure => 'running',
+ hasstatus => true,
+ require => [ File['/etc/nagios_nsa.cfg'],
+ Package['libnet-irc-perl'],
+ Service['nagios'] ],
+ }
+
+ nagios_command {
+ 'notify-by-irc':
+ command_line => '/usr/local/bin/riseup-nagios-client.pl "$HOSTNAME$ ($SERVICEDESC$) $NOTIFICATIONTYPE$ n.$SERVICEATTEMPT$ $SERVICESTATETYPE$ $SERVICEEXECUTIONTIME$s $SERVICELATENCY$s $SERVICEOUTPUT$ $SERVICEPERFDATA$"';
+ 'host-notify-by-irc':
+ command_line => '/usr/local/bin/riseup-nagios-client.pl "$HOSTNAME$ ($HOSTALIAS$) $NOTIFICATIONTYPE$ n.$HOSTATTEMPT$ $HOSTSTATETYPE$ took $HOSTEXECUTIONTIME$s $HOSTOUTPUT$ $HOSTPERFDATA$ $HOSTLATENCY$s"';
+ }
+}
diff --git a/puppet/modules/nagios/manifests/irc_bot/centos.pp b/puppet/modules/nagios/manifests/irc_bot/centos.pp
new file mode 100644
index 00000000..d7b19063
--- /dev/null
+++ b/puppet/modules/nagios/manifests/irc_bot/centos.pp
@@ -0,0 +1,9 @@
+class nagios::irc_bot::centos inherits nagios::irc_bot::base {
+ Package['libnet-irc-perl']{
+ name => 'perl-Net-IRC',
+ }
+
+ Service['nagios-nsa']{
+ enable => true,
+ }
+}
diff --git a/puppet/modules/nagios/manifests/irc_bot/debian.pp b/puppet/modules/nagios/manifests/irc_bot/debian.pp
new file mode 100644
index 00000000..93ea64b8
--- /dev/null
+++ b/puppet/modules/nagios/manifests/irc_bot/debian.pp
@@ -0,0 +1,8 @@
+class nagios::irc_bot::debian inherits nagios::irc_bot::base {
+ exec { "nagios_nsa_init_script":
+ command => "/usr/sbin/update-rc.d nagios-nsa defaults",
+ unless => "/bin/ls /etc/rc3.d/ | /bin/grep nagios-nsa",
+ require => File["/etc/init.d/nagios-nsa"],
+ before => Service['nagios-nsa'],
+ }
+}
diff --git a/puppet/modules/nagios/manifests/irc_bot/disable.pp b/puppet/modules/nagios/manifests/irc_bot/disable.pp
new file mode 100644
index 00000000..d6b7c551
--- /dev/null
+++ b/puppet/modules/nagios/manifests/irc_bot/disable.pp
@@ -0,0 +1,8 @@
+class nagios::irc_bot::disable inherits nagios::irc_bot::base {
+
+ Service['nagios-nsa'] {
+ ensure => stopped,
+ enable => false,
+ }
+
+}
diff --git a/puppet/modules/nagios/manifests/lighttpd.pp b/puppet/modules/nagios/manifests/lighttpd.pp
new file mode 100644
index 00000000..0f298964
--- /dev/null
+++ b/puppet/modules/nagios/manifests/lighttpd.pp
@@ -0,0 +1,12 @@
+class nagios::lighttpd(
+ $allow_external_cmd = false,
+ $manage_shorewall = false,
+ $manage_munin = false
+) {
+ class{'nagios':
+ httpd => 'lighttpd',
+ allow_external_cmd => $allow_external_cmd,
+ manage_munin => $manage_munin,
+ manage_shorewall => $manage_shorewall,
+ }
+}
diff --git a/puppet/modules/nagios/manifests/munin.pp b/puppet/modules/nagios/manifests/munin.pp
new file mode 100644
index 00000000..dc5cc4c3
--- /dev/null
+++ b/puppet/modules/nagios/manifests/munin.pp
@@ -0,0 +1,19 @@
+class nagios::munin {
+ include munin::plugins::base
+
+ munin::plugin::deploy {
+ 'nagios_hosts':
+ source => 'nagios/munin/nagios_hosts',
+ config => 'user nagios';
+ 'nagios_svc':
+ source => 'nagios/munin/nagios_svc',
+ config => 'user nagios';
+ 'nagios_perf_hosts':
+ source => 'nagios/munin/nagios_perf',
+ config => 'user nagios';
+ 'nagios_perf_svc':
+ source => 'nagios/munin/nagios_perf',
+ config => 'user nagios';
+ }
+
+}
diff --git a/puppet/modules/nagios/manifests/nrpe.pp b/puppet/modules/nagios/manifests/nrpe.pp
new file mode 100644
index 00000000..b7984b6e
--- /dev/null
+++ b/puppet/modules/nagios/manifests/nrpe.pp
@@ -0,0 +1,41 @@
+# setup nrpe stuff
+class nagios::nrpe (
+ $cfg_dir = '',
+ $pid_file = '',
+ $plugin_dir = '',
+ $server_address = '',
+ $allowed_hosts = '',
+ $dont_blame = '0',
+) {
+
+ if !($dont_blame in ['0', '1']) {
+ fail('Unrecognized value for $dont_blame, must be one of "0", or "1".')
+ }
+
+ case $::operatingsystem {
+ 'FreeBSD': {
+ if $cfg_dir == '' { $real_cfg_dir = '/usr/local/etc' }
+ if $pid_file == '' { $real_pid_file = '/var/spool/nagios/nrpe2.pid' }
+ if $plugin_dir == '' { $real_plugin_dir = '/usr/local/libexec/nagios' }
+
+ include ::nagios::nrpe::freebsd
+ }
+ 'Debian': {
+ if $cfg_dir == '' { $real_cfg_dir = '/etc/nagios' }
+ if $pid_file == '' { $real_pid_file = '/var/run/nagios/nrpe.pid' }
+ if $plugin_dir == '' { $real_plugin_dir = '/usr/lib/nagios/plugins' }
+ include ::nagios::nrpe::linux
+ }
+ default: {
+ if $cfg_dir == '' { $real_cfg_dir = '/etc/nagios' }
+ if $pid_file == '' { $real_pid_file = '/var/run/nrpe.pid' }
+ if $plugin_dir == '' { $real_plugin_dir = '/usr/lib/nagios/plugins' }
+
+ case $::kernel {
+ 'Linux': { include ::nagios::nrpe::linux }
+ default: { include ::nagios::nrpe::base }
+ }
+ }
+ }
+
+}
diff --git a/puppet/modules/nagios/manifests/nrpe/base.pp b/puppet/modules/nagios/manifests/nrpe/base.pp
new file mode 100644
index 00000000..e48e87b4
--- /dev/null
+++ b/puppet/modules/nagios/manifests/nrpe/base.pp
@@ -0,0 +1,58 @@
+# basic nrpe stuff
+class nagios::nrpe::base {
+
+ # Import all variables from entry point
+ $cfg_dir = $::nagios::nrpe::real_cfg_dir
+ $pid_file = $::nagios::nrpe::real_pid_file
+ $plugin_dir = $::nagios::nrpe::real_plugin_dir
+ $server_address = $::nagios::nrpe::server_address
+ $allowed_hosts = $::nagios::nrpe::allowed_hosts
+ $dont_blame = $::nagios::nrpe::dont_blame
+
+ package{['nagios-nrpe-server', 'nagios-plugins-basic', 'libwww-perl']:
+ ensure => installed;
+ }
+
+ # Special-case lenny. the package doesn't exist
+ if $::lsbdistcodename != 'lenny' {
+ package{'libnagios-plugin-perl': ensure => installed; }
+ }
+
+ file{
+ [ $cfg_dir, "${cfg_dir}/nrpe.d" ]:
+ ensure => directory;
+ }
+
+ file { "${cfg_dir}/nrpe.cfg":
+ content => template('nagios/nrpe/nrpe.cfg'),
+ owner => root,
+ group => 0,
+ mode => '0644';
+ }
+
+ # default commands
+ nagios::nrpe::command{'basic_nrpe':
+ source => [ "puppet:///modules/site_nagios/configs/nrpe/nrpe_commands.${::fqdn}.cfg",
+ 'puppet:///modules/site_nagios/configs/nrpe/nrpe_commands.cfg',
+ 'puppet:///modules/nagios/nrpe/nrpe_commands.cfg' ],
+ }
+ # the check for load should be customized for each server based on number
+ # of CPUs and the type of activity.
+ $warning_1_threshold = 7 * $::processorcount
+ $warning_5_threshold = 6 * $::processorcount
+ $warning_15_threshold = 5 * $::processorcount
+ $critical_1_threshold = 10 * $::processorcount
+ $critical_5_threshold = 9 * $::processorcount
+ $critical_15_threshold = 8 * $::processorcount
+ nagios::nrpe::command {'check_load':
+ command_line => "${plugin_dir}/check_load -w ${warning_1_threshold},${warning_5_threshold},${warning_15_threshold} -c ${critical_1_threshold},${critical_5_threshold},${critical_15_threshold}",
+ }
+
+ service{'nagios-nrpe-server':
+ ensure => running,
+ enable => true,
+ pattern => 'nrpe',
+ subscribe => File["${cfg_dir}/nrpe.cfg"],
+ require => Package['nagios-nrpe-server'],
+ }
+}
diff --git a/puppet/modules/nagios/manifests/nrpe/command.pp b/puppet/modules/nagios/manifests/nrpe/command.pp
new file mode 100644
index 00000000..c66ab986
--- /dev/null
+++ b/puppet/modules/nagios/manifests/nrpe/command.pp
@@ -0,0 +1,34 @@
+# manage an nrpe command
+define nagios::nrpe::command (
+ $ensure = present,
+ $command_line = '',
+ $source = '',
+){
+ if ($command_line == '' and $source == '') {
+ fail('Either one of $command_line or $source must be given to nagios::nrpe::command.' )
+ }
+
+ $cfg_dir = $nagios::nrpe::real_cfg_dir
+
+ file{"${cfg_dir}/nrpe.d/${name}_command.cfg":
+ ensure => $ensure,
+ notify => Service['nagios-nrpe-server'],
+ require => File["${cfg_dir}/nrpe.d" ],
+ owner => 'root',
+ group => 0,
+ mode => '0644';
+ }
+
+ case $source {
+ '': {
+ File["${cfg_dir}/nrpe.d/${name}_command.cfg"] {
+ content => template('nagios/nrpe/nrpe_command.erb'),
+ }
+ }
+ default: {
+ File["${cfg_dir}/nrpe.d/${name}_command.cfg"] {
+ source => $source,
+ }
+ }
+ }
+}
diff --git a/puppet/modules/nagios/manifests/nrpe/debian.pp b/puppet/modules/nagios/manifests/nrpe/debian.pp
new file mode 100644
index 00000000..fcaf8514
--- /dev/null
+++ b/puppet/modules/nagios/manifests/nrpe/debian.pp
@@ -0,0 +1,6 @@
+class nagios::nrpe::debian inherits nagios::nrpe::base {
+ include nagios::nrpe::linux
+ Service['nagios-nrpe-server'] {
+ hasstatus => false,
+ }
+}
diff --git a/puppet/modules/nagios/manifests/nrpe/freebsd.pp b/puppet/modules/nagios/manifests/nrpe/freebsd.pp
new file mode 100644
index 00000000..063b79bc
--- /dev/null
+++ b/puppet/modules/nagios/manifests/nrpe/freebsd.pp
@@ -0,0 +1,16 @@
+class nagios::nrpe::freebsd inherits nagios::nrpe::base {
+
+ Package["nagios-nrpe-server"] { name => "nrpe" }
+ Package["nagios-plugins-basic"] { name => "nagios-plugins" }
+ Package["libnagios-plugin-perl"] { name => "p5-Nagios-Plugin" }
+ Package["libwww-perl"] { name => "p5-libwww" }
+
+ # TODO check_cpustats.sh is probably not working as of now. the package 'sysstat' is not available under FreeBSD
+
+ Service["nagios-nrpe-server"] {
+ pattern => "^/usr/local/sbin/nrpe2",
+ path => "/usr/local/etc/rc.d",
+ name => "nrpe2",
+ hasstatus => "false",
+ }
+}
diff --git a/puppet/modules/nagios/manifests/nrpe/linux.pp b/puppet/modules/nagios/manifests/nrpe/linux.pp
new file mode 100644
index 00000000..14e007f3
--- /dev/null
+++ b/puppet/modules/nagios/manifests/nrpe/linux.pp
@@ -0,0 +1,9 @@
+class nagios::nrpe::linux inherits nagios::nrpe::base {
+
+ package {
+ "nagios-plugins-standard": ensure => present;
+ "ksh": ensure => present; # for check_cpustats.sh
+ "sysstat": ensure => present; # for check_cpustats.sh
+ }
+
+}
diff --git a/puppet/modules/nagios/manifests/nrpe/xinetd.pp b/puppet/modules/nagios/manifests/nrpe/xinetd.pp
new file mode 100644
index 00000000..4de0bac6
--- /dev/null
+++ b/puppet/modules/nagios/manifests/nrpe/xinetd.pp
@@ -0,0 +1,11 @@
+# This is created only to cope with cases where we're not the only ones
+# administering a machine and NRPE is running in xinetd.
+class nagios::nrpe::xinetd inherits base {
+
+ Service["nagios-nrpe-server"] {
+ ensure => stopped,
+ }
+
+ # TODO manage the xinetd config file that glues with NRPE
+
+}
diff --git a/puppet/modules/nagios/manifests/nsca.pp b/puppet/modules/nagios/manifests/nsca.pp
new file mode 100644
index 00000000..d5be298c
--- /dev/null
+++ b/puppet/modules/nagios/manifests/nsca.pp
@@ -0,0 +1,3 @@
+class nagios::nsca {
+ include nagios::nsca::server
+}
diff --git a/puppet/modules/nagios/manifests/nsca/client.pp b/puppet/modules/nagios/manifests/nsca/client.pp
new file mode 100644
index 00000000..6aa8c0b1
--- /dev/null
+++ b/puppet/modules/nagios/manifests/nsca/client.pp
@@ -0,0 +1,18 @@
+# manage nsca client
+class nagios::nsca::client {
+
+ package{'nsca':
+ ensure => installed
+ }
+
+ file{'/etc/send_nsca.cfg':
+ source => [ "puppet:///modules/site_nagios/nsca/${::fqdn}/send_nsca.cfg",
+ 'puppet:///modules/site_nagios/nsca/send_nsca.cfg',
+ 'puppet:///modules/nagios/nsca/send_nsca.cfg' ],
+ owner => 'nagios',
+ group => 'nogroup',
+ mode => '0400',
+ require => Package['nsca'];
+ }
+
+}
diff --git a/puppet/modules/nagios/manifests/nsca/server.pp b/puppet/modules/nagios/manifests/nsca/server.pp
new file mode 100644
index 00000000..8163eec1
--- /dev/null
+++ b/puppet/modules/nagios/manifests/nsca/server.pp
@@ -0,0 +1,24 @@
+# an nsca server
+class nagios::nsca::server {
+ package{'nsca':
+ ensure => installed
+ }
+
+ service { 'nsca':
+ ensure => running,
+ hasstatus => false,
+ hasrestart => true,
+ require => Package['nsca'],
+ }
+
+ file { '/etc/nsca.cfg':
+ source => [ "puppet:///modules/site_nagios/nsca/${::fqdn}/nsca.cfg",
+ 'puppet:///modules/site_nagios/nsca/nsca.cfg',
+ 'puppet:///modules/nagios/nsca/nsca.cfg' ],
+ owner => 'nagios',
+ group => 'nogroup',
+ mode => '0400',
+ notify => Service['nsca'],
+ }
+
+}
diff --git a/puppet/modules/nagios/manifests/plugin.pp b/puppet/modules/nagios/manifests/plugin.pp
new file mode 100644
index 00000000..07938cd2
--- /dev/null
+++ b/puppet/modules/nagios/manifests/plugin.pp
@@ -0,0 +1,28 @@
+# a wrapper for syncing a plugin
+define nagios::plugin(
+ $source = 'absent',
+ $ensure = present,
+){
+ if $::hardwaremodel == 'x86_64' and $::operatingsystem != 'Debian' {
+ $real_path = "/usr/lib64/nagios/plugins/${name}"
+ }
+ else {
+ $real_path = "/usr/lib/nagios/plugins/${name}"
+ }
+
+ $real_source = $source ? {
+ 'absent' => "puppet:///modules/nagios/plugins/${name}",
+ default => "puppet:///modules/${source}"
+ }
+
+ file{$name:
+ ensure => $ensure,
+ path => $real_path,
+ source => $real_source,
+ tag => 'nagios_plugin',
+ require => Package['nagios-plugins'],
+ owner => 'root',
+ group => 0,
+ mode => '0755';
+ }
+}
diff --git a/puppet/modules/nagios/manifests/plugin/deploy.pp b/puppet/modules/nagios/manifests/plugin/deploy.pp
new file mode 100644
index 00000000..76815909
--- /dev/null
+++ b/puppet/modules/nagios/manifests/plugin/deploy.pp
@@ -0,0 +1,41 @@
+# deploy a specific plugin
+define nagios::plugin::deploy(
+ $source = '',
+ $ensure = 'present',
+ $config = '',
+ $require_package = 'nagios-plugins'
+) {
+ $plugin_src = $ensure ? {
+ 'present' => $name,
+ 'absent' => $name,
+ default => $ensure
+ }
+ $real_source = $source ? {
+ '' => "nagios/plugins/${plugin_src}",
+ default => $source
+ }
+
+ if !defined(Package[$require_package]) {
+ package { $require_package:
+ ensure => installed,
+ tag => 'nagios::plugin::deploy::package';
+ }
+ }
+
+ include ::nagios::plugin::scriptpaths
+ file{"nagios_plugin_${name}":
+ path => "${nagios::plugin::scriptpaths::script_path}/${name}",
+ source => "puppet:///modules/${real_source}",
+ require => Package[$require_package],
+ tag => 'nagios::plugin::deploy::file',
+ owner => root,
+ group => 0,
+ mode => '0755';
+ }
+
+ # register the plugin
+ nagios::plugin{$name:
+ ensure => $ensure,
+ require => Package['nagios-plugins']
+ }
+}
diff --git a/puppet/modules/nagios/manifests/plugin/scriptpaths.pp b/puppet/modules/nagios/manifests/plugin/scriptpaths.pp
new file mode 100644
index 00000000..9cd4b5d6
--- /dev/null
+++ b/puppet/modules/nagios/manifests/plugin/scriptpaths.pp
@@ -0,0 +1,6 @@
+class nagios::plugin::scriptpaths {
+ case $::hardwaremodel {
+ x86_64: { $script_path = "/usr/lib64/nagios/plugins/" }
+ default: { $script_path = "/usr/lib/nagios/plugins" }
+ }
+}
diff --git a/puppet/modules/nagios/manifests/plugins/gpg.pp b/puppet/modules/nagios/manifests/plugins/gpg.pp
new file mode 100644
index 00000000..a09736a8
--- /dev/null
+++ b/puppet/modules/nagios/manifests/plugins/gpg.pp
@@ -0,0 +1,30 @@
+# check_gpg from
+# https://github.com/lelutin/nagios-plugins/blob/master/check_gpg
+class nagios::plugins::gpg {
+ require ::gpg
+ nagios::plugin{'check_gpg':
+ source => 'nagios/plugins/check_gpg',
+ }
+
+ $gpg_home = '/var/local/nagios_gpg_homedir'
+ file{
+ $gpg_home:
+ ensure => 'directory',
+ owner => nagios,
+ group => nagios,
+ mode => '0600',
+ require => Nagios::Plugin['check_gpg'];
+ "${gpg_home}/sks-keyservers.netCA.pem":
+ source => 'puppet:///modules/nagios/plugin_data/sks-keyservers.netCA.pem',
+ owner => nagios,
+ group => 0,
+ mode => '0400',
+ before => Nagios_command['check_gpg'];
+ }
+ nagios_command {
+ 'check_gpg':
+ command_line => "\$USER1\$/check_gpg --gnupg-homedir ${gpg_home} -w \$ARG1\$ \$ARG2\$",
+ require => Nagios::Plugin['check_gpg'],
+ }
+}
+
diff --git a/puppet/modules/nagios/manifests/plugins/horde_login.pp b/puppet/modules/nagios/manifests/plugins/horde_login.pp
new file mode 100644
index 00000000..4274b4cf
--- /dev/null
+++ b/puppet/modules/nagios/manifests/plugins/horde_login.pp
@@ -0,0 +1,11 @@
+# check_horde_login
+class nagios::plugins::horde_login {
+ ensure_packages(['python-requests'])
+ nagios::plugin { 'check_horde_login':
+ source => 'nagios/plugins/check_horde_login',
+ require => Package['python-requests'],
+ } -> nagios_command {
+ 'check_horde_login':
+ command_line => "\$USER1\$/check_horde_login -s \$ARG1\$ -u \$ARG2\$ -p \$ARG3\$",
+ }
+}
diff --git a/puppet/modules/nagios/manifests/plugins/jabber.pp b/puppet/modules/nagios/manifests/plugins/jabber.pp
new file mode 100644
index 00000000..380a5c0a
--- /dev/null
+++ b/puppet/modules/nagios/manifests/plugins/jabber.pp
@@ -0,0 +1,10 @@
+class nagios::plugins::jabber {
+
+ # for check_jabber_login
+ require rubygems::xmpp4r
+
+ nagios::plugin { 'check_jabber_login':
+ source => 'nagios/plugins/check_jabber_login'
+ }
+}
+
diff --git a/puppet/modules/nagios/manifests/plugins/mail_login.pp b/puppet/modules/nagios/manifests/plugins/mail_login.pp
new file mode 100644
index 00000000..a86cdc24
--- /dev/null
+++ b/puppet/modules/nagios/manifests/plugins/mail_login.pp
@@ -0,0 +1,10 @@
+# simple mail login check
+class nagios::plugins::mail_login {
+ nagios::plugin {
+ 'check_imap_login':
+ source => 'nagios/plugins/check_imap_login';
+ 'check_pop3_login':
+ source => 'nagios/plugins/check_pop3_login';
+ }
+}
+
diff --git a/puppet/modules/nagios/manifests/pnp4nagios.pp b/puppet/modules/nagios/manifests/pnp4nagios.pp
new file mode 100644
index 00000000..bd7ab0ca
--- /dev/null
+++ b/puppet/modules/nagios/manifests/pnp4nagios.pp
@@ -0,0 +1,68 @@
+# manage pnp4nagios
+class nagios::pnp4nagios {
+ include nagios::defaults::pnp4nagios
+
+ package { [ 'pnp4nagios', 'pnp4nagios-web-config-nagios3']:
+ ensure => installed,
+ require => Package['nagios']
+ }
+
+ # unfortunatly we can't use the nagios_host and nagios_service
+ # definition to define templates, so we need to copy a file here.
+ # see http://projects.reductivelabs.com/issues/1180 for this limitation
+
+ file { 'pnp4nagios-templates.cfg':
+ path => "${nagios::defaults::vars::int_cfgdir}/pnp4nagios-templates.cfg",
+ source => [ 'puppet:///modules/site_nagios/pnp4nagios/pnp4nagios-templates.cfg',
+ 'puppet:///modules/nagios/pnp4nagios/pnp4nagios-templates.cfg' ],
+ mode => '0644',
+ owner => root,
+ group => root,
+ notify => Service['nagios'],
+ require => Package['nagios'];
+ }
+
+ file { 'apache.conf':
+ path => '/etc/pnp4nagios/apache.conf',
+ source => ['puppet:///modules/site_nagios/pnp4nagios/apache.conf',
+ 'puppet:///modules/nagios/pnp4nagios/apache.conf' ],
+ mode => '0644',
+ owner => root,
+ group => root,
+ notify => Service['apache'],
+ require => [ Package['apache2'], Package['pnp4nagios'] ],
+ }
+
+ # run npcd as daemon
+
+ file { '/etc/default/npcd':
+ path => '/etc/default/npcd',
+ source => [ 'puppet:///modules/site_nagios/pnp4nagios/npcd',
+ 'puppet:///modules/nagios/pnp4nagios/npcd' ],
+ mode => '0644',
+ owner => root,
+ group => root,
+ notify => Service['npcd'],
+ require => [ Package['nagios'], Package['pnp4nagios'] ];
+ }
+
+ service { 'npcd':
+ ensure => running,
+ enable => true,
+ hasstatus => true,
+ require => Package['pnp4nagios'],
+ }
+
+ # modify action.gif
+
+ file { '/usr/share/nagios3/htdocs/images/action.gif':
+ path => '/usr/share/nagios3/htdocs/images/action.gif',
+ source => [ 'puppet:///modules/site_nagios/pnp4nagios/action.gif',
+ 'puppet:///modules/nagios/pnp4nagios/action.gif' ],
+ mode => '0644',
+ owner => root,
+ group => root,
+ notify => Service['nagios'],
+ require => Package['nagios'];
+ }
+}
diff --git a/puppet/modules/nagios/manifests/pnp4nagios/popup.pp b/puppet/modules/nagios/manifests/pnp4nagios/popup.pp
new file mode 100644
index 00000000..91136ccb
--- /dev/null
+++ b/puppet/modules/nagios/manifests/pnp4nagios/popup.pp
@@ -0,0 +1,24 @@
+class nagios::pnp4nagios::popup inherits nagios::pnp4nagios {
+ File['pnp4nagios-templates.cfg']{
+ source => [
+ 'puppet:///modules/site-nagios/pnp4nagios/pnp4nagios-popup-templates.cfg',
+ 'puppet:///modules/nagios/pnp4nagios/pnp4nagios-popup-templates.cfg' ],
+ }
+
+ file { '/usr/share/nagios3/htdocs/ssi':
+ ensure => directory,
+ require => Package['nagios'],
+ }
+
+ file { 'status-header.ssi':
+ path => '/usr/share/nagios3/htdocs/ssi/status-header.ssi',
+ source => [
+ 'puppet:///modules/site-nagios/pnp4nagios/status-header.ssi',
+ 'puppet:///modules/nagios/pnp4nagios/status-header.ssi'],
+ mode => '0644',
+ owner => root,
+ group => root,
+ notify => Service['nagios'],
+ require => Package['nagios'],
+ }
+}
diff --git a/puppet/modules/nagios/manifests/service.pp b/puppet/modules/nagios/manifests/service.pp
new file mode 100644
index 00000000..e2c08e99
--- /dev/null
+++ b/puppet/modules/nagios/manifests/service.pp
@@ -0,0 +1,91 @@
+# a wrapper around nagios_service to make it more convenient and
+# also automatically an exported resource.
+define nagios::service (
+ $ensure = present,
+ $host_name = $::fqdn,
+ $check_command = 'absent',
+ $check_period = undef,
+ $check_interval = undef,
+ $retry_check_interval = undef,
+ $max_check_attempts = undef,
+ $notification_interval = undef,
+ $notification_period = undef,
+ $notification_options = undef,
+ $contact_groups = undef,
+ $use = 'generic-service',
+ $service_description = 'absent',
+ $use_nrpe = undef,
+ $nrpe_args = undef,
+ $nrpe_timeout = 10,
+) {
+
+ # TODO: this resource should normally accept all nagios_host parameters
+
+ $real_name = "${::hostname}_${name}"
+
+ @@nagios_service {$real_name:
+ ensure => $ensure,
+ notify => Service['nagios'];
+ }
+
+ if $ensure != 'absent' {
+ if $check_command == 'absent' {
+ fail("Must pass a check_command to ${name} if it should be present")
+ }
+ if str2bool($use_nrpe) {
+ include ::nagios::command::nrpe_timeout
+
+ if $nrpe_args {
+ $real_check_command = "check_nrpe_timeout!${nrpe_timeout}!${check_command}!\"${nrpe_args}\""
+ } else {
+ $real_check_command = "check_nrpe_1arg_timeout!${nrpe_timeout}!${check_command}"
+ }
+ } else {
+ $real_check_command = $check_command
+ }
+
+ $real_service_description = $service_description ? {
+ 'absent' => $name,
+ default => $service_description
+ }
+ Nagios_service[$real_name] {
+ check_command => $check_command,
+ host_name => $host_name,
+ use => $use,
+ service_description => $real_service_description,
+ }
+
+ if $check_period {
+ Nagios_service[$real_name] { check_period => $check_period }
+ }
+
+ if $check_interval {
+ Nagios_service[$real_name] { check_interval => $check_interval }
+ }
+
+ if $retry_check_interval {
+ Nagios_service[$real_name] { retry_check_interval => $retry_check_interval }
+ }
+
+ if $max_check_attempts {
+ Nagios_service[$real_name] { max_check_attempts => $max_check_attempts }
+ }
+
+ if $notification_interval {
+ Nagios_service[$real_name] { notification_interval => $notification_interval }
+ }
+
+ if $notification_period {
+ Nagios_service[$real_name] { notification_period => $notification_period }
+ }
+
+ if $notification_options {
+ Nagios_service[$real_name] { notification_options => $notification_options }
+ }
+
+ if $contact_groups {
+ Nagios_service[$real_name] { contact_groups => $contact_groups }
+ }
+ }
+}
+
diff --git a/puppet/modules/nagios/manifests/service/dns.pp b/puppet/modules/nagios/manifests/service/dns.pp
new file mode 100644
index 00000000..5ef6e3e8
--- /dev/null
+++ b/puppet/modules/nagios/manifests/service/dns.pp
@@ -0,0 +1,19 @@
+define nagios::service::dns(
+ $host_name = $::fqdn,
+ $comment = $name,
+ $check_domain = $name,
+ $ip
+){
+ if $name != $comment {
+ $check_name = "${comment}_${name}_${::hostname}"
+ } else {
+ $check_name = "${name}_${::hostname}"
+ }
+
+ nagios::service{
+ $check_name:
+ check_command => "check_dns2!${check_domain}!${ip}",
+ host_name => $host_name,
+ service_description => "check if ${::host_name} is resolving ${check_domain}";
+ }
+}
diff --git a/puppet/modules/nagios/manifests/service/dns_host.pp b/puppet/modules/nagios/manifests/service/dns_host.pp
new file mode 100644
index 00000000..d88f3735
--- /dev/null
+++ b/puppet/modules/nagios/manifests/service/dns_host.pp
@@ -0,0 +1,22 @@
+# add a special host and monitor
+# it's dns service
+define nagios::service::dns_host(
+ $check_domain,
+ $host_alias,
+ $parent,
+ $ip
+){
+ @@nagios_host{$name:
+ address => $ip,
+ alias => $host_alias,
+ use => 'generic-host',
+ parents => $parent,
+ }
+
+ nagios::service::dns{$name:
+ host_name => $name,
+ comment => 'public_ns',
+ check_domain => $check_domain,
+ ip => $ip,
+ }
+}
diff --git a/puppet/modules/nagios/manifests/service/gpgkey.pp b/puppet/modules/nagios/manifests/service/gpgkey.pp
new file mode 100644
index 00000000..df13ca88
--- /dev/null
+++ b/puppet/modules/nagios/manifests/service/gpgkey.pp
@@ -0,0 +1,49 @@
+# define a gpgkey to be watched
+define nagios::service::gpgkey(
+ $ensure = 'present',
+ $warning = '14',
+ $key_info = undef,
+ $check_interval = 60,
+){
+ validate_slength($name,40,40)
+ require ::nagios::plugins::gpg
+ $gpg_home = $nagios::plugins::gpg::gpg_home
+ $gpg_cmd = "gpg --homedir ${gpg_home}"
+
+ exec{"manage_key_${name}":
+ user => nagios,
+ group => nagios,
+ }
+ nagios::service{
+ "check_gpg_${name}":
+ ensure => $ensure;
+ }
+
+ if $ensure == 'present' {
+ Exec["manage_key_${name}"]{
+ command => "${gpg_cmd} --keyserver hkps://hkps.pool.sks-keyservers.net --keyserver-options ca-cert-file=${gpg_home}/sks-keyservers.netCA.pem --recv-keys ${name}",
+ unless => "${gpg_cmd} --list-keys ${name}",
+ before => Nagios::Service["check_gpg_${name}"],
+ }
+
+ Nagios::Service["check_gpg_${name}"]{
+ check_command => "check_gpg!${warning}!${name}",
+ check_interval => $check_interval,
+ }
+ if $key_info {
+ Nagios::Service["check_gpg_${name}"]{
+ service_description => "Keyfingerprint: ${name} - Info: ${key_info}",
+ }
+ } else {
+ Nagios::Service["check_gpg_${name}"]{
+ service_description => "Keyfingerprint: ${name}",
+ }
+ }
+ } else {
+ Exec["manage_key_${name}"]{
+ command => "${gpg_cmd} --batch --delete-key ${name}",
+ onlyif => "${gpg_cmd} --list-keys ${name}",
+ require => Nagios::Service["check_gpg_${name}"],
+ }
+ }
+}
diff --git a/puppet/modules/nagios/manifests/service/horde_login.pp b/puppet/modules/nagios/manifests/service/horde_login.pp
new file mode 100644
index 00000000..6cab59e9
--- /dev/null
+++ b/puppet/modules/nagios/manifests/service/horde_login.pp
@@ -0,0 +1,18 @@
+# a horde login check
+define nagios::service::horde_login(
+ $password,
+ $url,
+ $username = $name,
+ $ensure = 'present',
+){
+ nagios::service{
+ "horde_${name}":
+ ensure => $ensure;
+ }
+
+ if $ensure != 'absent' {
+ Nagios::Service["horde_${name}"]{
+ check_command => "check_horde_login!${url}!${username}!${password}",
+ }
+ }
+}
diff --git a/puppet/modules/nagios/manifests/service/http.pp b/puppet/modules/nagios/manifests/service/http.pp
new file mode 100644
index 00000000..b80c140e
--- /dev/null
+++ b/puppet/modules/nagios/manifests/service/http.pp
@@ -0,0 +1,54 @@
+# ssl_mode:
+# - false: only check http
+# - true: check http and https
+# - force: http is permanent redirect to https
+# - only: check only https
+define nagios::service::http(
+ $ensure = present,
+ $check_domain = 'absent',
+ $port = '80',
+ $check_url = '/',
+ $check_code = '200,301,302',
+ $use = 'generic-service',
+ $ssl_mode = false
+){
+ $real_check_domain = $check_domain ? {
+ 'absent' => $name,
+ default => $check_domain
+ }
+ if is_hash($check_code) {
+ $check_code_hash = $check_code
+ } else {
+ $check_code_hash = {
+ http => $check_code,
+ https => $check_code,
+ }
+ }
+ case $ssl_mode {
+ 'force',true,'only': {
+ nagios::service{"https_${name}":
+ ensure => $ensure,
+ use => $use,
+ check_command => "check_https_url_regex!${real_check_domain}!${check_url}!'${check_code_hash[https]}'",
+ }
+ case $ssl_mode {
+ 'force': {
+ nagios::service{"http_${name}":
+ ensure => $ensure,
+ use => $use,
+ check_command => "check_http_url_regex!${real_check_domain}!${port}!${check_url}!'301'",
+ }
+ }
+ }
+ }
+ }
+ case $ssl_mode {
+ false,true: {
+ nagios::service{"http_${name}":
+ ensure => $ensure,
+ use => $use,
+ check_command => "check_http_url_regex!${real_check_domain}!${port}!${check_url}!'${check_code_hash[http]}'",
+ }
+ }
+ }
+}
diff --git a/puppet/modules/nagios/manifests/service/imap.pp b/puppet/modules/nagios/manifests/service/imap.pp
new file mode 100644
index 00000000..45b667ab
--- /dev/null
+++ b/puppet/modules/nagios/manifests/service/imap.pp
@@ -0,0 +1,34 @@
+# check an imap service
+define nagios::service::imap(
+ $ensure = 'present',
+ $host = 'absent',
+ $port = '143',
+ $tls = true,
+ $tls_port = '993'
+){
+
+ $real_host = $host ? {
+ 'absent' => $name,
+ default => $host
+ }
+
+ $tls_ensure = $tls ? {
+ true => $ensure,
+ default => 'absent'
+ }
+ nagios::service{
+ "imap_${name}_${port}":
+ ensure => $ensure;
+ "imaps_${name}_${tls_port}":
+ ensure => $tls_ensure;
+ }
+
+ if $ensure != 'absent' {
+ Nagios::Service["imap_${name}_${port}"]{
+ check_command => "check_imap!${real_host}!${port}",
+ }
+ Nagios::Service["imaps_${name}_${tls_port}"]{
+ check_command => "check_imap_ssl!${real_host}!${tls_port}",
+ }
+ }
+}
diff --git a/puppet/modules/nagios/manifests/service/imap_login.pp b/puppet/modules/nagios/manifests/service/imap_login.pp
new file mode 100644
index 00000000..25303a3f
--- /dev/null
+++ b/puppet/modules/nagios/manifests/service/imap_login.pp
@@ -0,0 +1,22 @@
+# a imap login check
+define nagios::service::imap_login(
+ $username,
+ $password,
+ $warning = 5,
+ $critical = 10,
+ $host = $::fqdn,
+ $host_name = $::fqdn,
+ $ensure = 'present',
+){
+ nagios::service{
+ "imap_login_${name}":
+ ensure => $ensure;
+ }
+
+ if $ensure != 'absent' {
+ Nagios::Service["imap_login_${name}"]{
+ check_command => "check_imap_login!${host}!${username}!${password}!${warning}!${critical}",
+ host_name => $host_name,
+ }
+ }
+}
diff --git a/puppet/modules/nagios/manifests/service/mysql.pp b/puppet/modules/nagios/manifests/service/mysql.pp
new file mode 100644
index 00000000..9559b17c
--- /dev/null
+++ b/puppet/modules/nagios/manifests/service/mysql.pp
@@ -0,0 +1,58 @@
+# Checks a mysql instance via tcp or socket
+define nagios::service::mysql(
+ $ensure = present,
+ $check_host = 'absent',
+ $check_port = '3306',
+ $check_username = 'nagios',
+ $check_password,
+ $check_database = 'information_schema',
+ $check_warning = undef,
+ $check_critical = undef,
+ $check_health_mode = $name,
+ $check_name = undef,
+ $check_name2 = undef,
+ $check_regexp = undef,
+ $check_units = undef,
+ $check_mode = 'tcp' )
+{
+
+ if ($check_host == 'absent') {
+ fail("Please specify a hostname, ip address or socket to check a mysql instance.")
+ }
+
+ if $check_name != undef {
+ $real_check_name = "!--name $check_name"
+ }
+
+ if $check_warning != undef {
+ $real_check_warning = "!--warning $check_warning"
+ }
+
+ if $check_critical != undef {
+ $real_check_critical = "!--critical $check_critical"
+ }
+
+ case $check_mode {
+ 'tcp': {
+ if ($check_host == 'localhost') {
+ $real_check_host = '127.0.0.1'
+ }
+ else {
+ $real_check_host = $check_host
+ }
+ }
+ default: {
+ if ($check_host == '127.0.0.1') {
+ $real_check_host = 'localhost'
+ }
+ else {
+ $real_check_host = $check_host
+ }
+ }
+ }
+
+ nagios::service { "mysql_health_${name}":
+ ensure => $ensure,
+ check_command => "check_mysql_health!${real_check_host}!${check_port}!${check_username}!'${check_password}'!${check_health_mode}!${check_database}${real_check_name}${real_check_warning}${real_check_critical}",
+ }
+}
diff --git a/puppet/modules/nagios/manifests/service/ntp.pp b/puppet/modules/nagios/manifests/service/ntp.pp
new file mode 100644
index 00000000..b3cde2ab
--- /dev/null
+++ b/puppet/modules/nagios/manifests/service/ntp.pp
@@ -0,0 +1,9 @@
+# manifests/service/ntp.pp
+
+class nagios::service::ntp {
+ nagios::service{ "check_ntp":
+ check_command => "check_ntp_time",
+ host_name => $::fqdn,
+ }
+}
+
diff --git a/puppet/modules/nagios/manifests/service/passive.pp b/puppet/modules/nagios/manifests/service/passive.pp
new file mode 100644
index 00000000..f3df1e8b
--- /dev/null
+++ b/puppet/modules/nagios/manifests/service/passive.pp
@@ -0,0 +1,18 @@
+define nagios::service::passive(
+ $ensure = present,
+ $notification_interval = '',
+ $notification_period = '',
+ $notification_options = '',
+ $contact_groups = ''
+) {
+
+ nagios::service { $name:
+ use => 'passive-service',
+ check_command => 'check_dummy!0',
+ notification_interval => $notification_interval,
+ notification_period => $notification_period,
+ notification_options => $notification_options,
+ contact_groups => $contact_groups,
+ }
+
+}
diff --git a/puppet/modules/nagios/manifests/service/ping.pp b/puppet/modules/nagios/manifests/service/ping.pp
new file mode 100644
index 00000000..f1c8d878
--- /dev/null
+++ b/puppet/modules/nagios/manifests/service/ping.pp
@@ -0,0 +1,9 @@
+define nagios::service::ping(
+ $ensure = present,
+ $ping_rate = '!100.0,20%!500.0,60%'
+){
+ nagios::service{ "check_ping":
+ ensure => $ensure,
+ check_command => "check_ping${ping_rate}",
+ }
+}
diff --git a/puppet/modules/nagios/manifests/service/pop.pp b/puppet/modules/nagios/manifests/service/pop.pp
new file mode 100644
index 00000000..9ec4aec1
--- /dev/null
+++ b/puppet/modules/nagios/manifests/service/pop.pp
@@ -0,0 +1,32 @@
+define nagios::service::pop(
+ $ensure = 'present',
+ $host = 'absent',
+ $port = '110',
+ $tls = true,
+ $tls_port = '995'
+){
+
+ $real_host = $host ? {
+ 'absent' => $name,
+ default => $host
+ }
+
+ nagios::service{
+ "pop_${name}_${port}":
+ ensure => $ensure;
+ "pops_${name}_${tls_port}":
+ ensure => $tls ? {
+ true => $ensure,
+ default => 'absent'
+ };
+ }
+
+ if $ensure != 'absent' {
+ Nagios::Service["pop_${name}_${port}"]{
+ check_command => "check_pop3!${real_host}!${port}",
+ }
+ Nagios::Service["pops_${name}_${tls_port}"]{
+ check_command => "check_pop3_ssl!${real_host}!${tls_port}",
+ }
+ }
+}
diff --git a/puppet/modules/nagios/manifests/service/pop3_login.pp b/puppet/modules/nagios/manifests/service/pop3_login.pp
new file mode 100644
index 00000000..74535289
--- /dev/null
+++ b/puppet/modules/nagios/manifests/service/pop3_login.pp
@@ -0,0 +1,22 @@
+# a pop3 login check
+define nagios::service::pop3_login(
+ $username,
+ $password,
+ $warning = 5,
+ $critical = 10,
+ $host = $::fqdn,
+ $host_name = $::fqdn,
+ $ensure = 'present',
+){
+ nagios::service{
+ "pop3_login_${name}":
+ ensure => $ensure;
+ }
+
+ if $ensure != 'absent' {
+ Nagios::Service["pop3_login_${name}"]{
+ check_command => "check_pop3_login!${host}!${username}!${password}!${warning}!${critical}",
+ host_name => $host_name,
+ }
+ }
+}
diff --git a/puppet/modules/nagios/manifests/service/smtp.pp b/puppet/modules/nagios/manifests/service/smtp.pp
new file mode 100644
index 00000000..14237a9e
--- /dev/null
+++ b/puppet/modules/nagios/manifests/service/smtp.pp
@@ -0,0 +1,50 @@
+# true:
+# - true : check tls and plain connect *defualt*
+# - false : check plain connection only
+# cert_days:
+# If tls is used add an additionl check
+# to check for validity for cert.
+# - 'absent' : do not execute that check
+# - INTEGER : Minimum number of days a certificate
+# has to be valid. Default: 10
+define nagios::service::smtp(
+ $ensure = 'present',
+ $host = 'absent',
+ $port = '25',
+ $tls = true,
+ $cert_days = 10
+){
+ $real_host = $host ? {
+ 'absent' => $name,
+ default => $host
+ }
+
+ nagios::service{
+ "smtp_${name}_${port}":
+ ensure => $ensure;
+ "smtp_tls_${name}_${port}":
+ ensure => $tls ? {
+ true => $ensure,
+ default => 'absent'
+ };
+ "smtp_tls_cert_${name}_${port}":
+ ensure => $cert_days ? {
+ 'absent' => 'absent',
+ default => $ensure
+ };
+ }
+
+ if $ensure != 'absent' {
+ Nagios::Service["smtp_${name}_${port}"]{
+ check_command => "check_smtp!${real_host}!${port}",
+ }
+ Nagios::Service["smtp_tls_${name}_${port}"]{
+ check_command => "check_smtp_tls!${real_host}!${port}",
+ }
+ if $cert_days != 'absent' {
+ Nagios::Service["smtp_tls_cert_${name}_${port}"]{
+ check_command => "check_smtp_cert!${real_host}!${port}!${cert_days}",
+ }
+ }
+ }
+}
diff --git a/puppet/modules/nagios/manifests/service/ssmtp.pp b/puppet/modules/nagios/manifests/service/ssmtp.pp
new file mode 100644
index 00000000..b05678a6
--- /dev/null
+++ b/puppet/modules/nagios/manifests/service/ssmtp.pp
@@ -0,0 +1,32 @@
+define nagios::service::ssmtp(
+ $ensure = 'present',
+ $host = 'absent',
+ $port = '465',
+ $cert_days = 10
+){
+ $real_host = $host ? {
+ 'absent' => $name,
+ default => $host
+ }
+
+ nagios::service{
+ "ssmtp_${name}_${port}":
+ ensure => $ensure;
+ "ssmtp_cert_${name}_${port}":
+ ensure => $cert_days ? {
+ 'absent' => 'absent',
+ default => $ensure
+ };
+ }
+
+ if $ensure != 'absent' {
+ Nagios::Service["ssmtp_${name}_${port}"]{
+ check_command => "check_ssmtp!${real_host}!${port}",
+ }
+ if $cert_days != 'absent' {
+ Nagios::Service["ssmtp_cert_${name}_${port}"]{
+ check_command => "check_ssmtp_cert!${real_host}!${port}!${cert_days}",
+ }
+ }
+ }
+}
diff --git a/puppet/modules/nagios/manifests/storeconfigs.pp b/puppet/modules/nagios/manifests/storeconfigs.pp
new file mode 100644
index 00000000..96c30dd5
--- /dev/null
+++ b/puppet/modules/nagios/manifests/storeconfigs.pp
@@ -0,0 +1,61 @@
+# collect exported resources when using 'storeconfigs => true'
+class nagios::storeconfigs {
+
+ Nagios_command <<||>>
+ Nagios_contactgroup <<||>>
+ Nagios_contact <<||>>
+ Nagios_hostdependency <<||>>
+ Nagios_hostescalation <<||>>
+ Nagios_hostextinfo <<||>>
+ Nagios_hostgroup <<||>>
+ Nagios_host <<||>>
+ Nagios_servicedependency <<||>>
+ Nagios_serviceescalation <<||>>
+ Nagios_servicegroup <<||>>
+ Nagios_serviceextinfo <<||>>
+ Nagios_service <<||>>
+ Nagios_timeperiod <<||>>
+
+ Nagios_command <||> {
+ notify => Service['nagios'],
+ }
+ Nagios_contact <||> {
+ notify => Service['nagios'],
+ }
+ Nagios_contactgroup <||> {
+ notify => Service['nagios'],
+ }
+ Nagios_host <||> {
+ notify => Service['nagios'],
+ }
+ Nagios_hostdependency <||> {
+ notify => Service['nagios'],
+ }
+ Nagios_hostescalation <||> {
+ notify => Service['nagios'],
+ }
+ Nagios_hostextinfo <||> {
+ notify => Service['nagios'],
+ }
+ Nagios_hostgroup <||> {
+ notify => Service['nagios'],
+ }
+ Nagios_service <||> {
+ notify => Service['nagios'],
+ }
+ Nagios_servicegroup <||> {
+ notify => Service['nagios'],
+ }
+ Nagios_servicedependency <||> {
+ notify => Service['nagios'],
+ }
+ Nagios_serviceescalation <||> {
+ notify => Service['nagios'],
+ }
+ Nagios_serviceextinfo <||> {
+ notify => Service['nagios'],
+ }
+ Nagios_timeperiod <||> {
+ notify => Service['nagios'],
+ }
+}
diff --git a/puppet/modules/nagios/manifests/stored_config.pp b/puppet/modules/nagios/manifests/stored_config.pp
new file mode 100644
index 00000000..5afda04f
--- /dev/null
+++ b/puppet/modules/nagios/manifests/stored_config.pp
@@ -0,0 +1,19 @@
+class nagios::stored_config {
+ # collect exported resources
+
+ Nagios_command <<||>>
+ Nagios_contactgroup <<||>>
+ Nagios_contact <<||>>
+ Nagios_hostdependency <<||>>
+ Nagios_hostescalation <<||>>
+ Nagios_hostextinfo <<||>>
+ Nagios_hostgroup <<||>>
+ Nagios_host <<||>>
+ Nagios_servicedependency <<||>>
+ Nagios_serviceescalation <<||>>
+ Nagios_servicegroup <<||>>
+ Nagios_serviceextinfo <<||>>
+ Nagios_service <<||>>
+ Nagios_timeperiod <<||>>
+
+}
diff --git a/puppet/modules/nagios/manifests/target.pp b/puppet/modules/nagios/manifests/target.pp
new file mode 100644
index 00000000..760d7d47
--- /dev/null
+++ b/puppet/modules/nagios/manifests/target.pp
@@ -0,0 +1,32 @@
+# a simple nagios target to monitor
+class nagios::target(
+ $parents = 'absent',
+ $address = $::ipaddress,
+ $nagios_alias = false,
+ $hostgroups = 'absent',
+ $use = 'generic-host',
+){
+ @@nagios_host { $::fqdn:
+ address => $address,
+ use => $use,
+ }
+ # Watch out with using aliases: they need to be unique throughout *all*
+ # resources in a given host's catalogue.
+ if $nagios_alias {
+ Nagios_host[$::fqdn]{
+ alias => $nagios_alias
+ }
+ }
+
+ if ($parents != 'absent') {
+ Nagios_host[$::fqdn]{
+ parents => $parents
+ }
+ }
+
+ if ($hostgroups != 'absent') {
+ Nagios_host[$::fqdn]{
+ hostgroups => $hostgroups
+ }
+ }
+}
diff --git a/puppet/modules/nagios/manifests/target/fqdn.pp b/puppet/modules/nagios/manifests/target/fqdn.pp
new file mode 100644
index 00000000..31fc4b71
--- /dev/null
+++ b/puppet/modules/nagios/manifests/target/fqdn.pp
@@ -0,0 +1,12 @@
+# monitor a host by fqdn
+class nagios::target::fqdn(
+ $address = $::fqdn,
+ $hostgroups = 'absent',
+ $parents = 'absent'
+) {
+ class{'nagios::target':
+ address => $address,
+ hostgroups => $hostgroups,
+ parents => $parents
+ }
+}
diff --git a/puppet/modules/nagios/templates/irc_bot/CentOS/nagios-nsa.sh.erb b/puppet/modules/nagios/templates/irc_bot/CentOS/nagios-nsa.sh.erb
new file mode 100644
index 00000000..0f9f87b4
--- /dev/null
+++ b/puppet/modules/nagios/templates/irc_bot/CentOS/nagios-nsa.sh.erb
@@ -0,0 +1,104 @@
+#!/bin/sh
+#
+# nagios-nsa - manage nagios irc bot
+#
+# chkconfig: - 99 01
+# description: Nagios Simple IRC Agent
+
+### BEGIN INIT INFO
+# Provides: nagios-nsa
+# Required-Start: $nagios
+# Required-Stop: $nagios
+# Default-Start: 2 3 4 5
+# Default-Stop: 1 6 0
+# Short-Description: Nagios Simple IRC Agent
+### END INIT INFO
+
+# Source function library.
+. /etc/rc.d/init.d/functions
+
+exec="/usr/local/bin/riseup-nagios-server.pl"
+prog="nsa"
+PIDFILE=<%= scope.lookupvar('nagios::irc_bot::real_nsa_pidfile') %>
+SOCKFILE=<%= scope.lookupvar('nagios::irc_bot::real_nsa_socket') %>
+
+[ -e /etc/sysconfig/$prog ] && . /etc/sysconfig/$prog
+
+lockfile=/var/lock/subsys/$prog
+mkdir -p /var/run/nagios-nsa 2>/dev/null
+chown nagios /var/run/nagios-nsa
+
+start() {
+ [ -x $exec ] || exit 5
+ [ -f $config ] || exit 6
+ echo -n $"Starting $prog: "
+ daemon --pidfile $PIDFILE --user nagios /usr/local/bin/riseup-nagios-server.pl
+ retval=$?
+ echo
+ [ $retval -eq 0 ] && touch $lockfile
+ return $retval
+}
+
+stop() {
+ echo -n $"Stopping $prog: "
+ killproc -p $PIDFILE $prog
+ retval=$?
+ echo
+ [ $retval -eq 0 ] && rm -f $lockfile
+ return $retval
+}
+
+restart() {
+ stop
+ start
+}
+
+reload() {
+ restart
+}
+
+force_reload() {
+ restart
+}
+
+rh_status() {
+ # run checks to determine if the service is running or use generic status
+ status -p $PIDFILE $prog
+}
+
+rh_status_q() {
+ rh_status >/dev/null 2>&1
+}
+
+
+case "$1" in
+ start)
+ rh_status_q && exit 0
+ $1
+ ;;
+ stop)
+ rh_status_q || exit 0
+ $1
+ ;;
+ restart)
+ $1
+ ;;
+ reload)
+ rh_status_q || exit 7
+ $1
+ ;;
+ force-reload)
+ force_reload
+ ;;
+ status)
+ rh_status
+ ;;
+ condrestart|try-restart)
+ rh_status_q || exit 0
+ restart
+ ;;
+ *)
+ echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}"
+ exit 2
+esac
+exit $?
diff --git a/puppet/modules/nagios/templates/irc_bot/Debian/nagios-nsa.sh.erb b/puppet/modules/nagios/templates/irc_bot/Debian/nagios-nsa.sh.erb
new file mode 100644
index 00000000..43c0e794
--- /dev/null
+++ b/puppet/modules/nagios/templates/irc_bot/Debian/nagios-nsa.sh.erb
@@ -0,0 +1,72 @@
+#! /bin/sh
+
+### BEGIN INIT INFO
+# Provides: nagios-nsa
+# Required-Start: $remote_fs $syslog nagios3
+# Required-Stop: $remote_fs $syslog nagios3
+# Default-Start: 2 3 4 5
+# Default-Stop: 1 6 0
+# Short-Description: Nagios Simple IRC Agent
+### END INIT INFO
+
+PIDFILE=<%= scope.lookupvar('nagios::irc_bot::real_nsa_pidfile') %>
+SOCKFILE=<%= scope.lookupvar('nagios::irc_bot::real_nsa_socket') %>
+
+. /lib/lsb/init-functions
+
+start() {
+ log_daemon_msg "Starting nagios IRC bot" "nagios-nsa"
+ if start-stop-daemon --start --quiet --oknodo --pidfile $PIDFILE --user nagios --chuid nagios --exec /usr/local/bin/riseup-nagios-server.pl; then
+ log_end_msg 0
+ else
+ log_end_msg 1
+ fi
+}
+
+stop () {
+ log_daemon_msg "Stopping nagios IRC bot" "nagios-nsa"
+ if start-stop-daemon --stop --quiet --pidfile $PIDFILE; then
+ log_end_msg 0
+ else
+ log_end_msg 1
+ fi
+}
+
+remove_socket() {
+ [ -e $SOCKFILE ] && rm $SOCKFILE
+}
+
+cleanup() {
+ if [ -r $PIDFILE ]; then
+ ps -p `cat $PIDFILE` | grep -v 'PID' || {
+ echo "not running"
+ remove_socket
+ }
+ else
+ echo "no pid file"
+ remove_socket
+ fi
+}
+
+case $1
+in
+ start)
+ cleanup
+ start
+ ;;
+ stop)
+ stop
+ ;;
+ restart)
+ stop
+ cleanup
+ start
+ ;;
+ status)
+ status_of_proc -p $PIDFILE /usr/local/bin/riseup-nagios-server.pl && exit 0 || exit $?
+ ;;
+ *)
+ log_action_msg "Usage: /etc/init.d/nagios-nsa {start|stop|restart|status}"
+ exit 1
+esac
+
diff --git a/puppet/modules/nagios/templates/irc_bot/nsa.cfg.erb b/puppet/modules/nagios/templates/irc_bot/nsa.cfg.erb
new file mode 100644
index 00000000..c4091e8a
--- /dev/null
+++ b/puppet/modules/nagios/templates/irc_bot/nsa.cfg.erb
@@ -0,0 +1,15 @@
+%Nsa = (
+ 'socket' => '<%= scope.lookupvar('nagios::irc_bot::real_nsa_socket') %>',
+ 'server' => '<%= scope.lookupvar('nagios::irc_bot::nsa_server') %>',
+ 'port' => '<%= scope.lookupvar('nagios::irc_bot::nsa_port') %>',
+ 'nickname' => '<%= scope.lookupvar('nagios::irc_bot::nsa_nickname') %>',
+ 'password' => '<%= scope.lookupvar('nagios::irc_bot::nsa_password') %>',
+ # this needs libio-socket-ssl-perl
+ # doesn't actually works because Net::IRC is braindead and tries to use IO::Socket::SSL->read/write instead of the builtin print, see http://search.cpan.org/dist/IO-Socket-SSL/SSL.pm
+ #'SSL' => 0,
+ 'channel' => '<%= scope.lookupvar('nagios::irc_bot::nsa_channel') %>',
+ 'pidfile' => '<%= scope.lookupvar('nagios::irc_bot::real_nsa_pidfile') %>', # set to undef to disable
+ 'realname' => '<%= scope.lookupvar('nagios::irc_bot::nsa_realname') %>',
+ 'usenotices' => '<%= scope.lookupvar('nagios::irc_bot::nsa_usenotices') %>',
+ 'commandfile' => '<%= scope.lookupvar('nagios::irc_bot::real_nsa_commandfile') %>',
+);
diff --git a/puppet/modules/nagios/templates/nrpe/nrpe.cfg b/puppet/modules/nagios/templates/nrpe/nrpe.cfg
new file mode 100644
index 00000000..d4ad9a4d
--- /dev/null
+++ b/puppet/modules/nagios/templates/nrpe/nrpe.cfg
@@ -0,0 +1,203 @@
+#############################################################################
+# Sample NRPE Config File
+# Written by: Ethan Galstad (nagios@nagios.org)
+#
+# Last Modified: 02-23-2006
+#
+# NOTES:
+# This is a sample configuration file for the NRPE daemon. It needs to be
+# located on the remote host that is running the NRPE daemon, not the host
+# from which the check_nrpe client is being executed.
+#############################################################################
+
+
+# PID FILE
+# The name of the file in which the NRPE daemon should write it's process ID
+# number. The file is only written if the NRPE daemon is started by the root
+# user and is running in standalone mode.
+
+pid_file=<%= @pid_file %>
+
+
+
+# PORT NUMBER
+# Port number we should wait for connections on.
+# NOTE: This must be a non-priviledged port (i.e. > 1024).
+# NOTE: This option is ignored if NRPE is running under either inetd or xinetd
+
+server_port=5666
+
+
+
+# SERVER ADDRESS
+# Address that nrpe should bind to in case there are more than one interface
+# and you do not want nrpe to bind on all interfaces.
+# NOTE: This option is ignored if NRPE is running under either inetd or xinetd
+
+<%- if not @server_address.to_s.empty? then %>
+server_address=<%= @server_address %>
+<%- end %>
+
+
+# NRPE USER
+# This determines the effective user that the NRPE daemon should run as.
+# You can either supply a username or a UID.
+#
+# NOTE: This option is ignored if NRPE is running under either inetd or xinetd
+
+nrpe_user=nagios
+
+
+
+# NRPE GROUP
+# This determines the effective group that the NRPE daemon should run as.
+# You can either supply a group name or a GID.
+#
+# NOTE: This option is ignored if NRPE is running under either inetd or xinetd
+
+nrpe_group=nagios
+
+
+
+# ALLOWED HOST ADDRESSES
+# This is an optional comma-delimited list of IP address or hostnames
+# that are allowed to talk to the NRPE daemon.
+#
+# Note: The daemon only does rudimentary checking of the client's IP
+# address. I would highly recommend adding entries in your /etc/hosts.allow
+# file to allow only the specified host to connect to the port
+# you are running this daemon on.
+#
+# NOTE: This option is ignored if NRPE is running under either inetd or xinetd
+
+<%- if @allowed_hosts.to_s.empty? then %>
+allowed_hosts=127.0.0.1
+<%- else %>
+allowed_hosts=127.0.0.1,<%= @allowed_hosts %>
+<%- end %>
+
+# COMMAND ARGUMENT PROCESSING
+# This option determines whether or not the NRPE daemon will allow clients
+# to specify arguments to commands that are executed. This option only works
+# if the daemon was configured with the --enable-command-args configure script
+# option.
+#
+# *** ENABLING THIS OPTION IS A SECURITY RISK! ***
+# Read the SECURITY file for information on some of the security implications
+# of enabling this variable.
+#
+# Values: 0=do not allow arguments, 1=allow command arguments
+
+dont_blame_nrpe=<%= @dont_blame %>
+
+
+# COMMAND PREFIX
+# This option allows you to prefix all commands with a user-defined string.
+# A space is automatically added between the specified prefix string and the
+# command line from the command definition.
+#
+# *** THIS EXAMPLE MAY POSE A POTENTIAL SECURITY RISK, SO USE WITH CAUTION! ***
+# Usage scenario:
+# Execute restricted commmands using sudo. For this to work, you need to add
+# the nagios user to your /etc/sudoers. An example entry for alllowing
+# execution of the plugins from might be:
+#
+# nagios ALL=(ALL) NOPASSWD: /usr/lib/nagios/plugins/
+#
+# This lets the nagios user run all commands in that directory (and only them)
+# without asking for a password. If you do this, make sure you don't give
+# random users write access to that directory or its contents!
+
+# command_prefix=/usr/bin/sudo
+
+
+
+# DEBUGGING OPTION
+# This option determines whether or not debugging messages are logged to the
+# syslog facility.
+# Values: 0=debugging off, 1=debugging on
+
+debug=0
+
+
+
+# COMMAND TIMEOUT
+# This specifies the maximum number of seconds that the NRPE daemon will
+# allow plugins to finish executing before killing them off.
+
+command_timeout=60
+
+
+
+# WEEK RANDOM SEED OPTION
+# This directive allows you to use SSL even if your system does not have
+# a /dev/random or /dev/urandom (on purpose or because the necessary patches
+# were not applied). The random number generator will be seeded from a file
+# which is either a file pointed to by the environment valiable $RANDFILE
+# or $HOME/.rnd. If neither exists, the pseudo random number generator will
+# be initialized and a warning will be issued.
+# Values: 0=only seed from /dev/[u]random, 1=also seed from weak randomness
+
+#allow_weak_random_seed=1
+
+
+
+# INCLUDE CONFIG FILE
+# This directive allows you to include definitions from an external config file.
+
+#include=<somefile.cfg>
+
+
+
+# INCLUDE CONFIG DIRECTORY
+# This directive allows you to include definitions from config files (with a
+# .cfg extension) in one or more directories (with recursion).
+
+#include_dir=<somedirectory>
+#include_dir=<someotherdirectory>
+include_dir=<%= @cfg_dir %>/nrpe.d
+
+
+
+# COMMAND DEFINITIONS
+# Command definitions that this daemon will run. Definitions
+# are in the following format:
+#
+# command[<command_name>]=<command_line>
+#
+# When the daemon receives a request to return the results of <command_name>
+# it will execute the command specified by the <command_line> argument.
+#
+# Unlike Nagios, the command line cannot contain macros - it must be
+# typed exactly as it should be executed.
+#
+# Note: Any plugins that are used in the command lines must reside
+# on the machine that this daemon is running on! The examples below
+# assume that you have plugins installed in a /usr/local/nagios/libexec
+# directory. Also note that you will have to modify the definitions below
+# to match the argument format the plugins expect. Remember, these are
+# examples only!
+
+# The following examples use hardcoded command arguments...
+
+#command[check_users]=/usr/lib/nagios/plugins/check_users -w 5 -c 10
+#command[check_load]=/usr/lib/nagios/plugins/check_load -w 15,10,5 -c 30,25,20
+#command[check_disk1]=/usr/lib/nagios/plugins/check_disk -w 20 -c 10 -p /dev/hda1
+#command[check_disk2]=/usr/lib/nagios/plugins/check_disk -w 20 -c 10 -p /dev/hdb1
+#command[check_zombie_procs]=/usr/lib/nagios/plugins/check_procs -w 5 -c 10 -s Z
+#command[check_total_procs]=/usr/lib/nagios/plugins/check_procs -w 150 -c 200
+
+# The following examples allow user-supplied arguments and can
+# only be used if the NRPE daemon was compiled with support for
+# command arguments *AND* the dont_blame_nrpe directive in this
+# config file is set to '1'...
+
+#command[check_users]=/usr/lib/nagios/plugins/check_users -w $ARG1$ -c $ARG2$
+#command[check_load]=/usr/lib/nagios/plugins/check_load -w $ARG1$ -c $ARG2$
+#command[check_disk]=/usr/lib/nagios/plugins/check_disk -w $ARG1$ -c $ARG2$ -p $ARG3$
+#command[check_procs]=/usr/lib/nagios/plugins/check_procs -w $ARG1$ -c $ARG2$ -s $ARG3$
+
+#
+# local configuration:
+# if you'd prefer, you can instead place directives here
+
diff --git a/puppet/modules/nagios/templates/nrpe/nrpe_command.erb b/puppet/modules/nagios/templates/nrpe/nrpe_command.erb
new file mode 100644
index 00000000..99f4601b
--- /dev/null
+++ b/puppet/modules/nagios/templates/nrpe/nrpe_command.erb
@@ -0,0 +1,2 @@
+# generated by puppet, do not edit
+command[<%= name -%>]=<%= command_line %>