From 6a1ed392b4528f07d19c5cced68909db2a1825d9 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 27 Aug 2013 20:15:21 -0400 Subject: apache headers module needs to be enabled on the monitor server (#3462) Change-Id: Ia4e36e9cb2b37172a148c209c5c07b9eca59d89e --- puppet/modules/site_nagios/manifests/server.pp | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'puppet/modules/site_nagios') diff --git a/puppet/modules/site_nagios/manifests/server.pp b/puppet/modules/site_nagios/manifests/server.pp index c114a39a..5ca04da2 100644 --- a/puppet/modules/site_nagios/manifests/server.pp +++ b/puppet/modules/site_nagios/manifests/server.pp @@ -18,6 +18,10 @@ class site_nagios::server inherits nagios::base { #before => Class ['nagios::defaults'] } + apache::module { + 'headers': ensure => present; + } + File ['nagios_htpasswd'] { source => undef, content => "nagiosadmin:$nagiosadmin_pw", -- cgit v1.2.3 From 323ceff1ea60bd3463821fc2295ffb790d822165 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Thu, 29 Aug 2013 15:05:15 -0400 Subject: create individual classes for the apache modules so they can be included more than once in different locations, depending on what services are configured on a node (#3612) Change-Id: Iff064d3d67baa132fb5198fea741522ab4e71770 --- puppet/modules/site_nagios/manifests/server.pp | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) (limited to 'puppet/modules/site_nagios') diff --git a/puppet/modules/site_nagios/manifests/server.pp b/puppet/modules/site_nagios/manifests/server.pp index 5ca04da2..a088921a 100644 --- a/puppet/modules/site_nagios/manifests/server.pp +++ b/puppet/modules/site_nagios/manifests/server.pp @@ -18,9 +18,7 @@ class site_nagios::server inherits nagios::base { #before => Class ['nagios::defaults'] } - apache::module { - 'headers': ensure => present; - } + include site_apache::module::headers File ['nagios_htpasswd'] { source => undef, -- cgit v1.2.3 From 3388336b57cc59617b6dc8380beeeacfdb2fb5b3 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Wed, 18 Sep 2013 12:05:10 -0400 Subject: Setup a class dependency for every tag 'leap_service' to make sure that shorewall is setup before the service is setup. This is necessary due to the strict initial firewall that stops various service setup operations from happening, but is relaxed once shorewall is setup properly (#3782) Change-Id: Ia9640c4118aa0053cdb99e7bc11860fed5527501 --- puppet/modules/site_nagios/manifests/init.pp | 2 ++ 1 file changed, 2 insertions(+) (limited to 'puppet/modules/site_nagios') diff --git a/puppet/modules/site_nagios/manifests/init.pp b/puppet/modules/site_nagios/manifests/init.pp index cab32905..c3cfa02e 100644 --- a/puppet/modules/site_nagios/manifests/init.pp +++ b/puppet/modules/site_nagios/manifests/init.pp @@ -1,4 +1,6 @@ class site_nagios { tag 'leap_service' + Class['site_config::default'] -> Class['site_nagios'] + include site_nagios::server } -- cgit v1.2.3 From cf9b3a637b4e348cd7c055ccb361e28d737914fd Mon Sep 17 00:00:00 2001 From: varac Date: Mon, 23 Sep 2013 14:15:46 +0200 Subject: nagios: use hash instead of array for hosts (Bug #3909) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Puppet 2.7.19 introduced a change that don't allow resource titles to be something else that a string. from the puppet 2.7.19 changelog: Don’t allow resource titles which aren’t strings It was possible to create resources whose titles weren't strings, by using a variable containing a hash, or the result of a function which doesn't return a string. This can cause problems resolving relationships when the stringified version of the title differs between master and agent. Now we will only accept primitives, and will stringify them. That is: string, symbol, number, boolean. Arrays or nested arrays will still be flattened and used to create multiple resources. Any other value (for instance: a hash) will cause a parse error. currently, it's much easier to iterate over a hash in puppet than over an array, cause every resource you call iterating over an array would need a unique name, and you don't have this in arrays. --- puppet/modules/site_nagios/manifests/add_host.pp | 51 ++++++++++++------------ puppet/modules/site_nagios/manifests/server.pp | 7 ++-- 2 files changed, 30 insertions(+), 28 deletions(-) (limited to 'puppet/modules/site_nagios') diff --git a/puppet/modules/site_nagios/manifests/add_host.pp b/puppet/modules/site_nagios/manifests/add_host.pp index 498552b5..94352de4 100644 --- a/puppet/modules/site_nagios/manifests/add_host.pp +++ b/puppet/modules/site_nagios/manifests/add_host.pp @@ -1,31 +1,32 @@ -define site_nagios::add_host { - $nagios_host = $name - $nagios_hostname = $name['domain_internal'] - $nagios_ip = $name['ip_address'] - $nagios_services = $name['services'] - $nagios_openvpn_gw = $name['openvpn_gateway_address'] +define site_nagios::add_host ( + $domain_internal, + $ip_address, + $services, + $openvpn_gateway_address='' ) { - # Add Nagios host - nagios_host { $nagios_hostname: - address => $nagios_ip, - use => 'generic-host', - } + $nagios_hostname = $domain_internal - # Add Nagios service + # Add Nagios host + nagios_host { $nagios_hostname: + address => $ip_address, + use => 'generic-host', + } - # First, we need to turn the serice array into hash, using a "hash template" - # see https://github.com/ashak/puppet-resource-looping - $nagios_service_hashpart = { - 'hostname' => $nagios_hostname, - 'ip_address' => $nagios_ip, - 'openvpn_gw' => $nagios_openvpn_gw, - } - $dynamic_parameters = { - 'service' => '%s' - } - $nagios_servicename = "${nagios_hostname}_%s" + # Add Nagios service - $nagios_service_hash = create_resources_hash_from($nagios_servicename, $nagios_services, $nagios_service_hashpart, $dynamic_parameters) + # First, we need to turn the serice array into hash, using a "hash template" + # see https://github.com/ashak/puppet-resource-looping + $nagios_service_hashpart = { + 'hostname' => $nagios_hostname, + 'ip_address' => $ip_address, + 'openvpn_gw' => $openvpn_gateway_address, + } + $dynamic_parameters = { + 'service' => '%s' + } + $nagios_servicename = "${nagios_hostname}_%s" - create_resources ( site_nagios::add_service, $nagios_service_hash ) + $nagios_service_hash = create_resources_hash_from($nagios_servicename, $services, $nagios_service_hashpart, $dynamic_parameters) + + create_resources ( site_nagios::add_service, $nagios_service_hash ) } diff --git a/puppet/modules/site_nagios/manifests/server.pp b/puppet/modules/site_nagios/manifests/server.pp index a088921a..3e1ef7e7 100644 --- a/puppet/modules/site_nagios/manifests/server.pp +++ b/puppet/modules/site_nagios/manifests/server.pp @@ -5,9 +5,9 @@ class site_nagios::server inherits nagios::base { stage => setup } - $nagios_hiera=hiera('nagios') + $nagios_hiera = hiera('nagios') $nagiosadmin_pw = htpasswd_sha1($nagios_hiera['nagiosadmin_pw']) - $hosts = $nagios_hiera['hosts'] + $hosts = $nagios_hiera['hosts'] include nagios::defaults include nagios::base @@ -35,6 +35,7 @@ class site_nagios::server inherits nagios::base { group => 'nagios', } - site_nagios::add_host {$hosts:} + create_resources ( site_nagios::add_host, $hosts ) + include site_shorewall::monitor } -- cgit v1.2.3 From 41c5506ef0adc0381bcae99ae1139d2de3a2a858 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 19 Nov 2013 15:51:39 -0500 Subject: added website nagios check (#1629) Change-Id: Icebf9d8849b4440f4f6dbc00a1a8ac0873b62f6a --- .../modules/site_nagios/manifests/add_service.pp | 26 +++++++++++----------- 1 file changed, 13 insertions(+), 13 deletions(-) (limited to 'puppet/modules/site_nagios') diff --git a/puppet/modules/site_nagios/manifests/add_service.pp b/puppet/modules/site_nagios/manifests/add_service.pp index 6ef3cbf5..8d2a310b 100644 --- a/puppet/modules/site_nagios/manifests/add_service.pp +++ b/puppet/modules/site_nagios/manifests/add_service.pp @@ -3,19 +3,19 @@ define site_nagios::add_service ( case $service { 'webapp': { - $check_command = 'check_https_cert' - $service_description = 'Website Certificate' + nagios_service { + "${name}_cert": + use => 'generic-service', + check_command => 'check_https_cert', + service_description => 'Website Certificate', + host_name => $hostname; + "${name}_website": + use => 'generic-service', + check_command => 'check_https', + service_description => 'Website', + host_name => $hostname + } } - default: { - #notice ("No Nagios service check for service \"$service\"") - } - } - - if ( $check_command != '' ) { - nagios_service { $name: - use => 'generic-service', - check_command => $check_command, - service_description => $service_description, - host_name => $hostname } + default: {} } } -- cgit v1.2.3 From dde7b18cc0ad265aa7f7b8ccf4fedd9f0542fc74 Mon Sep 17 00:00:00 2001 From: varac Date: Wed, 5 Feb 2014 16:44:23 +0100 Subject: site_nagios::client: install check_mk agent --- puppet/modules/site_nagios/manifests/client.pp | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 puppet/modules/site_nagios/manifests/client.pp (limited to 'puppet/modules/site_nagios') diff --git a/puppet/modules/site_nagios/manifests/client.pp b/puppet/modules/site_nagios/manifests/client.pp new file mode 100644 index 00000000..ea6062a0 --- /dev/null +++ b/puppet/modules/site_nagios/manifests/client.pp @@ -0,0 +1,5 @@ +class site_nagios::client { + package { [ 'check-mk-agent', 'check-mk-agent-logwatch' ]: + ensure => installed, + } +} -- cgit v1.2.3 From 3d22399b2da5fe010ab15de5c641b67f45dc1982 Mon Sep 17 00:00:00 2001 From: varac Date: Wed, 5 Feb 2014 17:29:01 +0100 Subject: use check_mk::agent to install check-mk-agent --- puppet/modules/site_nagios/manifests/client.pp | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'puppet/modules/site_nagios') diff --git a/puppet/modules/site_nagios/manifests/client.pp b/puppet/modules/site_nagios/manifests/client.pp index ea6062a0..82063dc3 100644 --- a/puppet/modules/site_nagios/manifests/client.pp +++ b/puppet/modules/site_nagios/manifests/client.pp @@ -1,5 +1,9 @@ class site_nagios::client { - package { [ 'check-mk-agent', 'check-mk-agent-logwatch' ]: - ensure => installed, + class { 'check_mk::agent': + agent_package_name => 'check-mk-agent', + agent_logwatch_package_name => 'check-mk-agent-logwatch', + method => 'ssh', + homedir => '/etc/nagios/check_mk', + register_agent => false } } -- cgit v1.2.3 From 166bf4a33123afe5b17db68c22712408ebfb26ad Mon Sep 17 00:00:00 2001 From: varac Date: Thu, 6 Feb 2014 14:00:42 +0100 Subject: added site_nagios::server::check_mk --- .../site_nagios/manifests/server/check_mk.pp | 24 ++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 puppet/modules/site_nagios/manifests/server/check_mk.pp (limited to 'puppet/modules/site_nagios') diff --git a/puppet/modules/site_nagios/manifests/server/check_mk.pp b/puppet/modules/site_nagios/manifests/server/check_mk.pp new file mode 100644 index 00000000..c6676d76 --- /dev/null +++ b/puppet/modules/site_nagios/manifests/server/check_mk.pp @@ -0,0 +1,24 @@ +class site_nagios::server::check_mk { + + # override paths to use the system check_mk rather than OMD + class { 'check_mk::config': + site => '', + etc_dir => '/etc', + bin_dir => '/usr/bin', + host_groups => undef + } + + file { + '/etc/nagios/check_mk': + ensure => directory, + owner => root, + group => root, + mode => '0755'; + + '/etc/nagios/check_mk/.ssh': + ensure => directory, + owner => root, + group => root, + mode => '0755'; + } +} -- cgit v1.2.3 From f7d12c8b3c31891635f188a37844e33288429a9f Mon Sep 17 00:00:00 2001 From: varac Date: Thu, 6 Feb 2014 14:05:38 +0100 Subject: added site_nagios::server::apache --- puppet/modules/site_nagios/manifests/server.pp | 1 + puppet/modules/site_nagios/manifests/server/apache.pp | 7 +++++++ 2 files changed, 8 insertions(+) create mode 100644 puppet/modules/site_nagios/manifests/server/apache.pp (limited to 'puppet/modules/site_nagios') diff --git a/puppet/modules/site_nagios/manifests/server.pp b/puppet/modules/site_nagios/manifests/server.pp index 3e1ef7e7..3cb58f9a 100644 --- a/puppet/modules/site_nagios/manifests/server.pp +++ b/puppet/modules/site_nagios/manifests/server.pp @@ -37,5 +37,6 @@ class site_nagios::server inherits nagios::base { create_resources ( site_nagios::add_host, $hosts ) + include site_nagios::apache include site_shorewall::monitor } diff --git a/puppet/modules/site_nagios/manifests/server/apache.pp b/puppet/modules/site_nagios/manifests/server/apache.pp new file mode 100644 index 00000000..8dbc7e9b --- /dev/null +++ b/puppet/modules/site_nagios/manifests/server/apache.pp @@ -0,0 +1,7 @@ +class site_nagios::server::apache { + include x509::variables + include site_config::x509::commercial::cert + include site_config::x509::commercial::key + include site_config::x509::commercial::ca + +} -- cgit v1.2.3 From 36e5202181452c385b52e183e50166dec6c456d9 Mon Sep 17 00:00:00 2001 From: varac Date: Thu, 6 Feb 2014 15:36:12 +0100 Subject: move leap_webapp.conf template to common.conf which is included by the nagios and webapp node (#5096) --- puppet/modules/site_nagios/manifests/server.pp | 22 ++++++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) (limited to 'puppet/modules/site_nagios') diff --git a/puppet/modules/site_nagios/manifests/server.pp b/puppet/modules/site_nagios/manifests/server.pp index 3e1ef7e7..9f66c8ea 100644 --- a/puppet/modules/site_nagios/manifests/server.pp +++ b/puppet/modules/site_nagios/manifests/server.pp @@ -11,18 +11,32 @@ class site_nagios::server inherits nagios::base { include nagios::defaults include nagios::base - #Class ['nagios'] -> Class ['nagios::defaults'] - class {'nagios::apache': + class {'nagios': + # don't manage apache class from nagios, cause we already include + # it in site_apache::common + httpd => 'absent', allow_external_cmd => true, stored_config => false, - #before => Class ['nagios::defaults'] } + # - [monitor2] err: /Stage[main]/Site_nagios::Server/Apache::Config::Global[nagios3.conf]/Apache::Config::File[nagios3.conf]/File[apache_nagios3.conf]/ensure: change from absent to link failed: Cannot create a symlink without a target at /srv/leap/puppet/modules/apache/manifests/config/file.pp:32 + #apache::config::global { 'nagios3.conf': + # ensure => link, + # target => '/usr/share/doc/nagios3-common/examples/apache2.conf', + #} + + file { '/etc/apache2/conf.d/nagios3.conf': + ensure => link, + target => '/usr/share/doc/nagios3-common/examples/apache2.conf', + notify => Service['apache'] + } + + include site_apache::common include site_apache::module::headers File ['nagios_htpasswd'] { source => undef, - content => "nagiosadmin:$nagiosadmin_pw", + content => "nagiosadmin:${nagiosadmin_pw}", mode => '0640', } -- cgit v1.2.3 From d400d271e616f669cc6383a5893dd992a0efada2 Mon Sep 17 00:00:00 2001 From: varac Date: Fri, 7 Feb 2014 15:42:12 +0100 Subject: deploy check_mk pubkey on clients --- puppet/modules/site_nagios/manifests/client.pp | 13 +++++++++++++ 1 file changed, 13 insertions(+) (limited to 'puppet/modules/site_nagios') diff --git a/puppet/modules/site_nagios/manifests/client.pp b/puppet/modules/site_nagios/manifests/client.pp index 82063dc3..cb72db54 100644 --- a/puppet/modules/site_nagios/manifests/client.pp +++ b/puppet/modules/site_nagios/manifests/client.pp @@ -1,4 +1,9 @@ class site_nagios::client { + + $ssh_hash = hiera('ssh') + $pubkey = $ssh_hash['authorized_keys']['monitor']['key'] + $type = $ssh_hash['authorized_keys']['monitor']['type'] + class { 'check_mk::agent': agent_package_name => 'check-mk-agent', agent_logwatch_package_name => 'check-mk-agent-logwatch', @@ -6,4 +11,12 @@ class site_nagios::client { homedir => '/etc/nagios/check_mk', register_agent => false } + + file { '/root/.ssh/authorized_keys2': + owner => 'root', + group => 'root', + mode => '0600', + content => "command=\"/usr/bin/check_mk_agent\",no-port-forwarding,no-x11-forwarding,no-agent-forwarding ${type} ${pubkey} monitor" + } + } -- cgit v1.2.3 From 65281c7d46a0ebbb7c70eddaef9802ddb1885c65 Mon Sep 17 00:00:00 2001 From: varac Date: Fri, 7 Feb 2014 15:42:46 +0100 Subject: deploy check_mk on monitoring server --- puppet/modules/site_nagios/manifests/server.pp | 3 +- .../site_nagios/manifests/server/check_mk.pp | 48 +++++++++++++++------- 2 files changed, 35 insertions(+), 16 deletions(-) (limited to 'puppet/modules/site_nagios') diff --git a/puppet/modules/site_nagios/manifests/server.pp b/puppet/modules/site_nagios/manifests/server.pp index 6ade7d06..59a3bbb0 100644 --- a/puppet/modules/site_nagios/manifests/server.pp +++ b/puppet/modules/site_nagios/manifests/server.pp @@ -51,6 +51,7 @@ class site_nagios::server inherits nagios::base { create_resources ( site_nagios::add_host, $hosts ) - include site_nagios::apache + include site_nagios::server::apache + include site_nagios::server::check_mk include site_shorewall::monitor } diff --git a/puppet/modules/site_nagios/manifests/server/check_mk.pp b/puppet/modules/site_nagios/manifests/server/check_mk.pp index c6676d76..75bd4538 100644 --- a/puppet/modules/site_nagios/manifests/server/check_mk.pp +++ b/puppet/modules/site_nagios/manifests/server/check_mk.pp @@ -1,24 +1,42 @@ class site_nagios::server::check_mk { + $ssh_hash = hiera('ssh') + $pubkey = $ssh_hash['authorized_keys']['monitor']['key'] + $type = $ssh_hash['authorized_keys']['monitor']['type'] + $seckey = $ssh_hash['monitor']['private_key'] + $all_hosts = '"localhost", "plain1"' + + package { 'check-mk-server': + ensure => installed, + } + # override paths to use the system check_mk rather than OMD class { 'check_mk::config': - site => '', - etc_dir => '/etc', - bin_dir => '/usr/bin', - host_groups => undef + site => '', + etc_dir => '/etc', + nagios_subdir => 'nagios3', + bin_dir => '/usr/bin', + host_groups => undef, + require => Package['check-mk-server'] } file { - '/etc/nagios/check_mk': - ensure => directory, - owner => root, - group => root, - mode => '0755'; - - '/etc/nagios/check_mk/.ssh': - ensure => directory, - owner => root, - group => root, - mode => '0755'; + '/etc/check_mk/conf.d/use_ssh.mk': + source => 'puppet:///modules/site_check_mk/use_ssh.mk', + notify => Exec['check_mk-refresh']; + '/etc/check_mk/all_hosts_static': + content => $all_hosts, + notify => Exec['check_mk-refresh']; + '/etc/check_mk/.ssh': + ensure => directory; + '/etc/check_mk/.ssh/id_rsa': + content => $seckey, + owner => 'nagios', + mode => '0600'; + '/etc/check_mk/.ssh/id_rsa.pub': + content => "${type} ${pubkey} monitor", + owner => 'nagios', + mode => '0644'; } + } -- cgit v1.2.3 From cac0061fe20ab42c9efee4dd80ec6a940c03c54e Mon Sep 17 00:00:00 2001 From: varac Date: Fri, 7 Feb 2014 21:32:19 +0100 Subject: added local check_mk dir /etc/nagios3/local to nagios.cfg --- puppet/modules/site_nagios/files/configs/Debian/nagios.cfg | 3 +++ 1 file changed, 3 insertions(+) (limited to 'puppet/modules/site_nagios') diff --git a/puppet/modules/site_nagios/files/configs/Debian/nagios.cfg b/puppet/modules/site_nagios/files/configs/Debian/nagios.cfg index 753d1610..61d9f2da 100644 --- a/puppet/modules/site_nagios/files/configs/Debian/nagios.cfg +++ b/puppet/modules/site_nagios/files/configs/Debian/nagios.cfg @@ -25,6 +25,9 @@ log_file=/var/log/nagios3/nagios.log # Puppet-managed configuration files cfg_dir=/etc/nagios3/conf.d +# check-mk managed configuration files +cfg_dir=/etc/nagios3/local + # Debian also defaults to using the check commands defined by the debian # nagios-plugins package cfg_dir=/etc/nagios-plugins/config -- cgit v1.2.3 From 313b91b77cf4496d7cc31c46ef1e8e69ed53610c Mon Sep 17 00:00:00 2001 From: varac Date: Sat, 8 Feb 2014 00:04:23 +0100 Subject: restricted check_mk ssh login a bit more --- puppet/modules/site_nagios/manifests/client.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'puppet/modules/site_nagios') diff --git a/puppet/modules/site_nagios/manifests/client.pp b/puppet/modules/site_nagios/manifests/client.pp index cb72db54..ff569142 100644 --- a/puppet/modules/site_nagios/manifests/client.pp +++ b/puppet/modules/site_nagios/manifests/client.pp @@ -16,7 +16,7 @@ class site_nagios::client { owner => 'root', group => 'root', mode => '0600', - content => "command=\"/usr/bin/check_mk_agent\",no-port-forwarding,no-x11-forwarding,no-agent-forwarding ${type} ${pubkey} monitor" + content => "command=\"/usr/bin/check_mk_agent\",no-port-forwarding,no-x11-forwarding,no-agent-forwarding,no-pty,no-user-rc, ${type} ${pubkey} monitor" } } -- cgit v1.2.3 From f2f019d402345d6133cdfb6274d4b78d44e08ec9 Mon Sep 17 00:00:00 2001 From: varac Date: Sat, 8 Feb 2014 13:59:37 +0100 Subject: reload nagios after check_mk --- puppet/modules/site_nagios/manifests/server/check_mk.pp | 2 ++ 1 file changed, 2 insertions(+) (limited to 'puppet/modules/site_nagios') diff --git a/puppet/modules/site_nagios/manifests/server/check_mk.pp b/puppet/modules/site_nagios/manifests/server/check_mk.pp index 75bd4538..02cb8407 100644 --- a/puppet/modules/site_nagios/manifests/server/check_mk.pp +++ b/puppet/modules/site_nagios/manifests/server/check_mk.pp @@ -20,6 +20,8 @@ class site_nagios::server::check_mk { require => Package['check-mk-server'] } + Exec['check_mk-reload'] -> Service['nagios'] + file { '/etc/check_mk/conf.d/use_ssh.mk': source => 'puppet:///modules/site_check_mk/use_ssh.mk', -- cgit v1.2.3 From 6720bdba0c67893de713eee7f753fb582d06aa61 Mon Sep 17 00:00:00 2001 From: varac Date: Sat, 8 Feb 2014 14:00:10 +0100 Subject: disable purging of /etc/nagios3 and /etc/nagios3/conf.d --- puppet/modules/site_nagios/manifests/server/purge.pp | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) (limited to 'puppet/modules/site_nagios') diff --git a/puppet/modules/site_nagios/manifests/server/purge.pp b/puppet/modules/site_nagios/manifests/server/purge.pp index 39735cd3..18993586 100644 --- a/puppet/modules/site_nagios/manifests/server/purge.pp +++ b/puppet/modules/site_nagios/manifests/server/purge.pp @@ -1,7 +1,17 @@ -class site_nagios::server::purge { - exec {'purge_conf.d': - command => '/bin/rm -rf /etc/nagios3/conf.d/*', - onlyif => 'test -e /etc/nagios3/conf.d' +class site_nagios::server::purge inherits nagios::base { + # we don't want to get /etc/nagios3 and /etc/nagios3/conf.d + # purged, cause the check-mk-config-nagios3 package + # places its templates in /etc/nagios3/conf.d/check_mk, + # and check_mk -O updated it's nagios config in /etc/nagios3/conf.d/check_mk + File['nagios_cfgdir'] { + purge => false + } + File['nagios_confd'] { + purge => false } + exec {'purge_conf.d': + command => '/bin/rm -f /etc/nagios3/conf.d/nagios_*', + onlyif => 'find /etc/nagios3/conf.d/ | grep -q "/etc/nagios3/conf.d/nagios_"' + } } -- cgit v1.2.3 From df342b1d4a12ea14aaaede6d876cca16028ba9a2 Mon Sep 17 00:00:00 2001 From: varac Date: Mon, 10 Feb 2014 18:33:05 +0100 Subject: add all nodes to check_mk main.mk config --- puppet/modules/site_nagios/manifests/server/check_mk.pp | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'puppet/modules/site_nagios') diff --git a/puppet/modules/site_nagios/manifests/server/check_mk.pp b/puppet/modules/site_nagios/manifests/server/check_mk.pp index 02cb8407..5e0795c1 100644 --- a/puppet/modules/site_nagios/manifests/server/check_mk.pp +++ b/puppet/modules/site_nagios/manifests/server/check_mk.pp @@ -4,7 +4,10 @@ class site_nagios::server::check_mk { $pubkey = $ssh_hash['authorized_keys']['monitor']['key'] $type = $ssh_hash['authorized_keys']['monitor']['type'] $seckey = $ssh_hash['monitor']['private_key'] - $all_hosts = '"localhost", "plain1"' + + $nagios_hiera = hiera_hash('nagios') + $hosts = $nagios_hiera['hosts'] + $all_hosts = inline_template("<% @hosts.keys.sort.each do |key| -%>\"<%= key %>\", <% end -%>") package { 'check-mk-server': ensure => installed, -- cgit v1.2.3 From 6255e58bf9ff3489bf2707bc2be9759ec5c7db68 Mon Sep 17 00:00:00 2001 From: varac Date: Thu, 6 Feb 2014 15:36:12 +0100 Subject: move leap_webapp.conf template to common.conf which is included by the nagios and webapp node (#5096) --- puppet/modules/site_nagios/manifests/server.pp | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) (limited to 'puppet/modules/site_nagios') diff --git a/puppet/modules/site_nagios/manifests/server.pp b/puppet/modules/site_nagios/manifests/server.pp index 3e1ef7e7..b1e8a8cb 100644 --- a/puppet/modules/site_nagios/manifests/server.pp +++ b/puppet/modules/site_nagios/manifests/server.pp @@ -11,18 +11,26 @@ class site_nagios::server inherits nagios::base { include nagios::defaults include nagios::base - #Class ['nagios'] -> Class ['nagios::defaults'] - class {'nagios::apache': + class {'nagios': + # don't manage apache class from nagios, cause we already include + # it in site_apache::common + httpd => 'absent', allow_external_cmd => true, stored_config => false, - #before => Class ['nagios::defaults'] } + file { '/etc/apache2/conf.d/nagios3.conf': + ensure => link, + target => '/usr/share/doc/nagios3-common/examples/apache2.conf', + notify => Service['apache'] + } + + include site_apache::common include site_apache::module::headers File ['nagios_htpasswd'] { source => undef, - content => "nagiosadmin:$nagiosadmin_pw", + content => "nagiosadmin:${nagiosadmin_pw}", mode => '0640', } -- cgit v1.2.3 From 9a13819dbe7c8e8a51f802356e6fbebe32a7a11f Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 11 Feb 2014 17:39:12 +0100 Subject: use use_ssh.mk as template, include ssh port --- puppet/modules/site_nagios/manifests/server/check_mk.pp | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'puppet/modules/site_nagios') diff --git a/puppet/modules/site_nagios/manifests/server/check_mk.pp b/puppet/modules/site_nagios/manifests/server/check_mk.pp index 5e0795c1..f0fd3a76 100644 --- a/puppet/modules/site_nagios/manifests/server/check_mk.pp +++ b/puppet/modules/site_nagios/manifests/server/check_mk.pp @@ -4,6 +4,7 @@ class site_nagios::server::check_mk { $pubkey = $ssh_hash['authorized_keys']['monitor']['key'] $type = $ssh_hash['authorized_keys']['monitor']['type'] $seckey = $ssh_hash['monitor']['private_key'] + $ssh_port = $ssh_hash['port'] $nagios_hiera = hiera_hash('nagios') $hosts = $nagios_hiera['hosts'] @@ -27,8 +28,8 @@ class site_nagios::server::check_mk { file { '/etc/check_mk/conf.d/use_ssh.mk': - source => 'puppet:///modules/site_check_mk/use_ssh.mk', - notify => Exec['check_mk-refresh']; + content => template('site_check_mk/use_ssh.mk'), + notify => Exec['check_mk-refresh']; '/etc/check_mk/all_hosts_static': content => $all_hosts, notify => Exec['check_mk-refresh']; -- cgit v1.2.3 From 142eee6d9162c762c35fb79312ec572ce274b6d0 Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 11 Feb 2014 17:39:37 +0100 Subject: properly purge nagios3/conf.d dir --- puppet/modules/site_nagios/manifests/server/purge.pp | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'puppet/modules/site_nagios') diff --git a/puppet/modules/site_nagios/manifests/server/purge.pp b/puppet/modules/site_nagios/manifests/server/purge.pp index 18993586..1c12cfb0 100644 --- a/puppet/modules/site_nagios/manifests/server/purge.pp +++ b/puppet/modules/site_nagios/manifests/server/purge.pp @@ -10,8 +10,9 @@ class site_nagios::server::purge inherits nagios::base { purge => false } + # only purge find in the /etc/nagios3/conf.d/ dir, not in any subdir exec {'purge_conf.d': - command => '/bin/rm -f /etc/nagios3/conf.d/nagios_*', - onlyif => 'find /etc/nagios3/conf.d/ | grep -q "/etc/nagios3/conf.d/nagios_"' + command => '/usr/bin/find /etc/nagios3/conf.d/ -maxdepth 1 -type f -exec rm {} \;', + onlyif => '/usr/bin/find /etc/nagios3/conf.d/ -maxdepth 1 -type f | grep -q "/etc/nagios3/conf.d"' } } -- cgit v1.2.3 From efc3e3eaa0788271cf61155d7e9be4d46e6e9d47 Mon Sep 17 00:00:00 2001 From: varac Date: Wed, 12 Feb 2014 16:26:59 +0100 Subject: moved check_mk server and client class to site_check_mk module --- puppet/modules/site_nagios/manifests/client.pp | 22 ---------- puppet/modules/site_nagios/manifests/init.pp | 2 +- puppet/modules/site_nagios/manifests/server.pp | 2 +- .../site_nagios/manifests/server/check_mk.pp | 48 ---------------------- 4 files changed, 2 insertions(+), 72 deletions(-) delete mode 100644 puppet/modules/site_nagios/manifests/client.pp delete mode 100644 puppet/modules/site_nagios/manifests/server/check_mk.pp (limited to 'puppet/modules/site_nagios') diff --git a/puppet/modules/site_nagios/manifests/client.pp b/puppet/modules/site_nagios/manifests/client.pp deleted file mode 100644 index ff569142..00000000 --- a/puppet/modules/site_nagios/manifests/client.pp +++ /dev/null @@ -1,22 +0,0 @@ -class site_nagios::client { - - $ssh_hash = hiera('ssh') - $pubkey = $ssh_hash['authorized_keys']['monitor']['key'] - $type = $ssh_hash['authorized_keys']['monitor']['type'] - - class { 'check_mk::agent': - agent_package_name => 'check-mk-agent', - agent_logwatch_package_name => 'check-mk-agent-logwatch', - method => 'ssh', - homedir => '/etc/nagios/check_mk', - register_agent => false - } - - file { '/root/.ssh/authorized_keys2': - owner => 'root', - group => 'root', - mode => '0600', - content => "command=\"/usr/bin/check_mk_agent\",no-port-forwarding,no-x11-forwarding,no-agent-forwarding,no-pty,no-user-rc, ${type} ${pubkey} monitor" - } - -} diff --git a/puppet/modules/site_nagios/manifests/init.pp b/puppet/modules/site_nagios/manifests/init.pp index c3cfa02e..eb08cdcb 100644 --- a/puppet/modules/site_nagios/manifests/init.pp +++ b/puppet/modules/site_nagios/manifests/init.pp @@ -1,6 +1,6 @@ class site_nagios { tag 'leap_service' Class['site_config::default'] -> Class['site_nagios'] - + include site_nagios::server } diff --git a/puppet/modules/site_nagios/manifests/server.pp b/puppet/modules/site_nagios/manifests/server.pp index d740d8b7..b1795826 100644 --- a/puppet/modules/site_nagios/manifests/server.pp +++ b/puppet/modules/site_nagios/manifests/server.pp @@ -46,6 +46,6 @@ class site_nagios::server inherits nagios::base { create_resources ( site_nagios::add_host, $hosts ) include site_nagios::server::apache - include site_nagios::server::check_mk + include site_check_mk::server include site_shorewall::monitor } diff --git a/puppet/modules/site_nagios/manifests/server/check_mk.pp b/puppet/modules/site_nagios/manifests/server/check_mk.pp deleted file mode 100644 index f0fd3a76..00000000 --- a/puppet/modules/site_nagios/manifests/server/check_mk.pp +++ /dev/null @@ -1,48 +0,0 @@ -class site_nagios::server::check_mk { - - $ssh_hash = hiera('ssh') - $pubkey = $ssh_hash['authorized_keys']['monitor']['key'] - $type = $ssh_hash['authorized_keys']['monitor']['type'] - $seckey = $ssh_hash['monitor']['private_key'] - $ssh_port = $ssh_hash['port'] - - $nagios_hiera = hiera_hash('nagios') - $hosts = $nagios_hiera['hosts'] - $all_hosts = inline_template("<% @hosts.keys.sort.each do |key| -%>\"<%= key %>\", <% end -%>") - - package { 'check-mk-server': - ensure => installed, - } - - # override paths to use the system check_mk rather than OMD - class { 'check_mk::config': - site => '', - etc_dir => '/etc', - nagios_subdir => 'nagios3', - bin_dir => '/usr/bin', - host_groups => undef, - require => Package['check-mk-server'] - } - - Exec['check_mk-reload'] -> Service['nagios'] - - file { - '/etc/check_mk/conf.d/use_ssh.mk': - content => template('site_check_mk/use_ssh.mk'), - notify => Exec['check_mk-refresh']; - '/etc/check_mk/all_hosts_static': - content => $all_hosts, - notify => Exec['check_mk-refresh']; - '/etc/check_mk/.ssh': - ensure => directory; - '/etc/check_mk/.ssh/id_rsa': - content => $seckey, - owner => 'nagios', - mode => '0600'; - '/etc/check_mk/.ssh/id_rsa.pub': - content => "${type} ${pubkey} monitor", - owner => 'nagios', - mode => '0644'; - } - -} -- cgit v1.2.3 From 2436fddb4a63075f74f295bacd23128c766beb4c Mon Sep 17 00:00:00 2001 From: varac Date: Mon, 17 Feb 2014 13:50:42 +0100 Subject: Remove adding of hosts from site_nagios::server (Feature #5132) because now, check_mk will add the hosts --- puppet/modules/site_nagios/manifests/add_host.pp | 32 ---------------------- .../site_nagios/manifests/add_host_services.pp | 26 ++++++++++++++++++ puppet/modules/site_nagios/manifests/server.pp | 2 +- 3 files changed, 27 insertions(+), 33 deletions(-) delete mode 100644 puppet/modules/site_nagios/manifests/add_host.pp create mode 100644 puppet/modules/site_nagios/manifests/add_host_services.pp (limited to 'puppet/modules/site_nagios') diff --git a/puppet/modules/site_nagios/manifests/add_host.pp b/puppet/modules/site_nagios/manifests/add_host.pp deleted file mode 100644 index 94352de4..00000000 --- a/puppet/modules/site_nagios/manifests/add_host.pp +++ /dev/null @@ -1,32 +0,0 @@ -define site_nagios::add_host ( - $domain_internal, - $ip_address, - $services, - $openvpn_gateway_address='' ) { - - $nagios_hostname = $domain_internal - - # Add Nagios host - nagios_host { $nagios_hostname: - address => $ip_address, - use => 'generic-host', - } - - # Add Nagios service - - # First, we need to turn the serice array into hash, using a "hash template" - # see https://github.com/ashak/puppet-resource-looping - $nagios_service_hashpart = { - 'hostname' => $nagios_hostname, - 'ip_address' => $ip_address, - 'openvpn_gw' => $openvpn_gateway_address, - } - $dynamic_parameters = { - 'service' => '%s' - } - $nagios_servicename = "${nagios_hostname}_%s" - - $nagios_service_hash = create_resources_hash_from($nagios_servicename, $services, $nagios_service_hashpart, $dynamic_parameters) - - create_resources ( site_nagios::add_service, $nagios_service_hash ) -} diff --git a/puppet/modules/site_nagios/manifests/add_host_services.pp b/puppet/modules/site_nagios/manifests/add_host_services.pp new file mode 100644 index 00000000..2d615ff1 --- /dev/null +++ b/puppet/modules/site_nagios/manifests/add_host_services.pp @@ -0,0 +1,26 @@ +define site_nagios::add_host_services ( + $domain_internal, + $ip_address, + $services, + $openvpn_gateway_address='' ) { + + $nagios_hostname = $domain_internal + + # Add Nagios service + + # First, we need to turn the serice array into hash, using a "hash template" + # see https://github.com/ashak/puppet-resource-looping + $nagios_service_hashpart = { + 'hostname' => $nagios_hostname, + 'ip_address' => $ip_address, + 'openvpn_gw' => $openvpn_gateway_address, + } + $dynamic_parameters = { + 'service' => '%s' + } + $nagios_servicename = "${nagios_hostname}_%s" + + $nagios_service_hash = create_resources_hash_from($nagios_servicename, $services, $nagios_service_hashpart, $dynamic_parameters) + + create_resources ( site_nagios::add_service, $nagios_service_hash ) +} diff --git a/puppet/modules/site_nagios/manifests/server.pp b/puppet/modules/site_nagios/manifests/server.pp index b1795826..ca38d7fc 100644 --- a/puppet/modules/site_nagios/manifests/server.pp +++ b/puppet/modules/site_nagios/manifests/server.pp @@ -43,7 +43,7 @@ class site_nagios::server inherits nagios::base { group => 'nagios', } - create_resources ( site_nagios::add_host, $hosts ) + create_resources ( site_nagios::add_host_services, $hosts ) include site_nagios::server::apache include site_check_mk::server -- cgit v1.2.3 From 2b875d23a3d2a53c9276dfee1a71085967dec4c0 Mon Sep 17 00:00:00 2001 From: varac Date: Mon, 24 Feb 2014 13:45:50 +0100 Subject: One monitor node for non-local environments and one for local environment (Feature #2981), wip also, use the configured ssh port for every node --- puppet/modules/site_nagios/manifests/add_host_services.pp | 2 ++ puppet/modules/site_nagios/manifests/server.pp | 4 ++-- 2 files changed, 4 insertions(+), 2 deletions(-) (limited to 'puppet/modules/site_nagios') diff --git a/puppet/modules/site_nagios/manifests/add_host_services.pp b/puppet/modules/site_nagios/manifests/add_host_services.pp index 2d615ff1..279809d1 100644 --- a/puppet/modules/site_nagios/manifests/add_host_services.pp +++ b/puppet/modules/site_nagios/manifests/add_host_services.pp @@ -1,7 +1,9 @@ define site_nagios::add_host_services ( + $domain_full_suffix, $domain_internal, $ip_address, $services, + $ssh_port, $openvpn_gateway_address='' ) { $nagios_hostname = $domain_internal diff --git a/puppet/modules/site_nagios/manifests/server.pp b/puppet/modules/site_nagios/manifests/server.pp index ca38d7fc..9aae8ae8 100644 --- a/puppet/modules/site_nagios/manifests/server.pp +++ b/puppet/modules/site_nagios/manifests/server.pp @@ -7,7 +7,7 @@ class site_nagios::server inherits nagios::base { $nagios_hiera = hiera('nagios') $nagiosadmin_pw = htpasswd_sha1($nagios_hiera['nagiosadmin_pw']) - $hosts = $nagios_hiera['hosts'] + $nagios_hosts = $nagios_hiera['hosts'] include nagios::defaults include nagios::base @@ -43,7 +43,7 @@ class site_nagios::server inherits nagios::base { group => 'nagios', } - create_resources ( site_nagios::add_host_services, $hosts ) + create_resources ( site_nagios::add_host_services, $nagios_hosts ) include site_nagios::server::apache include site_check_mk::server -- cgit v1.2.3 From a81ce0750dbd5b000739e28279639e382ce347a2 Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 25 Feb 2014 12:36:36 +0100 Subject: don't use syslog for nagios log, cause it will clutter logwatch with false-positive warnings --- puppet/modules/site_nagios/files/configs/Debian/nagios.cfg | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'puppet/modules/site_nagios') diff --git a/puppet/modules/site_nagios/files/configs/Debian/nagios.cfg b/puppet/modules/site_nagios/files/configs/Debian/nagios.cfg index 61d9f2da..9bd3da28 100644 --- a/puppet/modules/site_nagios/files/configs/Debian/nagios.cfg +++ b/puppet/modules/site_nagios/files/configs/Debian/nagios.cfg @@ -251,7 +251,7 @@ log_archive_path=/var/log/nagios3/archives # If you want messages logged to the syslog facility, as well as the # Nagios log file set this option to 1. If not, set it to 0. -use_syslog=1 +use_syslog=0 -- cgit v1.2.3 From e603adab7cd31177e133487ba817300ce68a1e5c Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 4 Mar 2014 15:49:58 +0100 Subject: fix duplicate declarations in /etc/nagios3/conf.d/ on first deploy (Bug #5129) --- puppet/modules/site_nagios/manifests/server.pp | 4 +--- puppet/modules/site_nagios/manifests/server/purge.pp | 5 +++-- 2 files changed, 4 insertions(+), 5 deletions(-) (limited to 'puppet/modules/site_nagios') diff --git a/puppet/modules/site_nagios/manifests/server.pp b/puppet/modules/site_nagios/manifests/server.pp index 9aae8ae8..7106c36a 100644 --- a/puppet/modules/site_nagios/manifests/server.pp +++ b/puppet/modules/site_nagios/manifests/server.pp @@ -1,9 +1,7 @@ class site_nagios::server inherits nagios::base { # First, purge old nagios config (see #1467) - class { 'site_nagios::server::purge': - stage => setup - } + class { 'site_nagios::server::purge': } $nagios_hiera = hiera('nagios') $nagiosadmin_pw = htpasswd_sha1($nagios_hiera['nagiosadmin_pw']) diff --git a/puppet/modules/site_nagios/manifests/server/purge.pp b/puppet/modules/site_nagios/manifests/server/purge.pp index 1c12cfb0..6815a703 100644 --- a/puppet/modules/site_nagios/manifests/server/purge.pp +++ b/puppet/modules/site_nagios/manifests/server/purge.pp @@ -10,9 +10,10 @@ class site_nagios::server::purge inherits nagios::base { purge => false } - # only purge find in the /etc/nagios3/conf.d/ dir, not in any subdir + # only purge files in the /etc/nagios3/conf.d/ dir, not in any subdir exec {'purge_conf.d': command => '/usr/bin/find /etc/nagios3/conf.d/ -maxdepth 1 -type f -exec rm {} \;', - onlyif => '/usr/bin/find /etc/nagios3/conf.d/ -maxdepth 1 -type f | grep -q "/etc/nagios3/conf.d"' + onlyif => '/usr/bin/find /etc/nagios3/conf.d/ -maxdepth 1 -type f | grep -q "/etc/nagios3/conf.d"', + require => Package['nagios'] } } -- cgit v1.2.3 From 42cd675108ab480787ad821625fa6cccf599d2ce Mon Sep 17 00:00:00 2001 From: varac Date: Thu, 13 Mar 2014 20:14:26 +0100 Subject: removed trailing whitespaces in nagios.cfg --- .../site_nagios/files/configs/Debian/nagios.cfg | 84 +++++++++++----------- 1 file changed, 42 insertions(+), 42 deletions(-) (limited to 'puppet/modules/site_nagios') diff --git a/puppet/modules/site_nagios/files/configs/Debian/nagios.cfg b/puppet/modules/site_nagios/files/configs/Debian/nagios.cfg index 9bd3da28..0bc69bc1 100644 --- a/puppet/modules/site_nagios/files/configs/Debian/nagios.cfg +++ b/puppet/modules/site_nagios/files/configs/Debian/nagios.cfg @@ -1,6 +1,6 @@ ############################################################################## # -# NAGIOS.CFG - Sample Main Config File for Nagios +# NAGIOS.CFG - Sample Main Config File for Nagios # # ############################################################################## @@ -8,7 +8,7 @@ # LOG FILE # This is the main log file where service and host events are logged -# for historical purposes. This should be the first option specified +# for historical purposes. This should be the first option specified # in the config file!!! log_file=/var/log/nagios3/nagios.log @@ -36,7 +36,7 @@ cfg_dir=/etc/nagios-plugins/config # OBJECT CACHE FILE # This option determines where object definitions are cached when -# Nagios starts/restarts. The CGIs read object definitions from +# Nagios starts/restarts. The CGIs read object definitions from # this cache file (rather than looking at the object config files # directly) in order to prevent inconsistencies that can occur # when the config files are modified after Nagios starts. @@ -52,7 +52,7 @@ object_cache_file=/var/cache/nagios3/objects.cache # file. You can then start Nagios with the -u option to have it read # object definitions from this precached file, rather than the standard # object configuration files (see the cfg_file and cfg_dir options above). -# Using a precached object file can speed up the time needed to (re)start +# Using a precached object file can speed up the time needed to (re)start # the Nagios process if you've got a large and/or complex configuration. # Read the documentation section on optimizing Nagios to find our more # about how this feature works. @@ -86,7 +86,7 @@ status_file=/var/cache/nagios3/status.dat # STATUS FILE UPDATE INTERVAL # This option determines the frequency (in seconds) that -# Nagios will periodically dump program, host, and +# Nagios will periodically dump program, host, and # service status data. status_update_interval=10 @@ -94,7 +94,7 @@ status_update_interval=10 # NAGIOS USER -# This determines the effective user that Nagios should run as. +# This determines the effective user that Nagios should run as. # You can either supply a username or a UID. nagios_user=nagios @@ -102,7 +102,7 @@ nagios_user=nagios # NAGIOS GROUP -# This determines the effective group that Nagios should run as. +# This determines the effective group that Nagios should run as. # You can either supply a group name or a GID. nagios_group=nagios @@ -128,7 +128,7 @@ check_external_commands=1 # Nagios to check for external commands every minute. If you specify a # number followed by an "s" (i.e. 15s), this will be interpreted to mean # actual seconds rather than a multiple of the interval_length variable. -# Note: In addition to reading the external command file at regularly +# Note: In addition to reading the external command file at regularly # scheduled intervals, Nagios will also check for external commands after # event handlers are executed. # NOTE: Setting this value to -1 causes Nagios to check the external @@ -143,7 +143,7 @@ command_check_interval=-1 # This is the file that Nagios checks for external command requests. # It is also where the command CGI will write commands that are submitted # by users, so it must be writeable by the user that the web server -# is running as (usually 'nobody'). Permissions should be set at the +# is running as (usually 'nobody'). Permissions should be set at the # directory level instead of on the file, as the file is deleted every # time its contents are processed. # Debian Users: In case you didn't read README.Debian yet, _NOW_ is the @@ -155,9 +155,9 @@ command_file=/var/lib/nagios3/rw/nagios.cmd # EXTERNAL COMMAND BUFFER SLOTS # This settings is used to tweak the number of items or "slots" that -# the Nagios daemon should allocate to the buffer that holds incoming -# external commands before they are processed. As external commands -# are processed by the daemon, they are removed from the buffer. +# the Nagios daemon should allocate to the buffer that holds incoming +# external commands before they are processed. As external commands +# are processed by the daemon, they are removed from the buffer. external_command_buffer_slots=4096 @@ -240,7 +240,7 @@ log_rotation_method=d # LOG ARCHIVE PATH -# This is the directory where archived (rotated) log files should be +# This is the directory where archived (rotated) log files should be # placed (assuming you've chosen to do log rotation). log_archive_path=/var/log/nagios3/archives @@ -403,7 +403,7 @@ max_host_check_spread=30 # MAXIMUM CONCURRENT SERVICE CHECKS -# This option allows you to specify the maximum number of +# This option allows you to specify the maximum number of # service checks that can be run in parallel at any given time. # Specifying a value of 1 for this variable essentially prevents # any service checks from being parallelized. A value of 0 @@ -425,7 +425,7 @@ check_result_reaper_frequency=10 # MAX CHECK RESULT REAPER TIME # This is the max amount of time (in seconds) that a single -# check result reaper event will be allowed to run before +# check result reaper event will be allowed to run before # returning control back to Nagios so it can perform other # duties. @@ -439,7 +439,7 @@ max_check_result_reaper_time=30 # service checks that have not yet been processed. # # Note: Make sure that only one instance of Nagios has access -# to this directory! +# to this directory! check_result_path=/var/lib/nagios3/spool/checkresults @@ -448,7 +448,7 @@ check_result_path=/var/lib/nagios3/spool/checkresults # MAX CHECK RESULT FILE AGE # This option determines the maximum age (in seconds) which check -# result files are considered to be valid. Files older than this +# result files are considered to be valid. Files older than this # threshold will be mercilessly deleted without further processing. max_check_result_file_age=3600 @@ -510,14 +510,14 @@ enable_predictive_service_dependency_checks=1 # SOFT STATE DEPENDENCIES -# This option determines whether or not Nagios will use soft state -# information when checking host and service dependencies. Normally -# Nagios will only use the latest hard host or service state when +# This option determines whether or not Nagios will use soft state +# information when checking host and service dependencies. Normally +# Nagios will only use the latest hard host or service state when # checking dependencies. If you want it to use the latest state (regardless -# of whether its a soft or hard state type), enable this option. +# of whether its a soft or hard state type), enable this option. # Values: -# 0 = Don't use soft state dependencies (default) -# 1 = Use soft state dependencies +# 0 = Don't use soft state dependencies (default) +# 1 = Use soft state dependencies soft_state_dependencies=0 @@ -535,7 +535,7 @@ soft_state_dependencies=0 # This option determines whether or not Nagios will attempt to # automatically reschedule active host and service checks to # "smooth" them out over time. This can help balance the load on -# the monitoring server. +# the monitoring server. # WARNING: THIS IS AN EXPERIMENTAL FEATURE - IT CAN DEGRADE # PERFORMANCE, RATHER THAN INCREASE IT, IF USED IMPROPERLY @@ -598,7 +598,7 @@ perfdata_timeout=5 # This setting determines whether or not Nagios will save state # information for services and hosts before it shuts down. Upon # startup Nagios will reload all saved service and host state -# information before starting to monitor. This is useful for +# information before starting to monitor. This is useful for # maintaining long-term data on state statistics, etc, but will # slow Nagios down a bit when it (re)starts. Since its only # a one-time penalty, I think its well worth the additional @@ -610,7 +610,7 @@ retain_state_information=1 # STATE RETENTION FILE # This is the file that Nagios should use to store host and -# service state information before it shuts down. The state +# service state information before it shuts down. The state # information in this file is also read immediately prior to # starting to monitor the network when Nagios is restarted. # This file is used only if the preserve_state_information @@ -633,7 +633,7 @@ retention_update_interval=60 # USE RETAINED PROGRAM STATE -# This setting determines whether or not Nagios will set +# This setting determines whether or not Nagios will set # program status variables based on the values saved in the # retention file. If you want to use retained program status # information, set this value to 1. If not, set this value @@ -660,7 +660,7 @@ use_retained_scheduling_info=1 # program restarts. # # The values of the masks are bitwise ANDs of values specified -# by the "MODATTR_" definitions found in include/common.h. +# by the "MODATTR_" definitions found in include/common.h. # For example, if you do not want the current enabled/disabled state # of flap detection and event handlers for hosts to be retained, you # would use a value of 24 for the host attribute mask... @@ -711,7 +711,7 @@ use_aggressive_host_checking=0 # SERVICE CHECK EXECUTION OPTION # This determines whether or not Nagios will actively execute -# service checks when it initially starts. If this option is +# service checks when it initially starts. If this option is # disabled, checks are not actively made, but Nagios can still # receive and process passive check results that come in. Unless # you're implementing redundant hosts or have a special need for @@ -733,7 +733,7 @@ accept_passive_service_checks=1 # HOST CHECK EXECUTION OPTION # This determines whether or not Nagios will actively execute -# host checks when it initially starts. If this option is +# host checks when it initially starts. If this option is # disabled, checks are not actively made, but Nagios can still # receive and process passive check results that come in. Unless # you're implementing redundant hosts or have a special need for @@ -790,7 +790,7 @@ process_performance_data=0 # These commands are run after every host and service check is # performed. These commands are executed only if the # enable_performance_data option (above) is set to 1. The command -# argument is the short name of a command definition that you +# argument is the short name of a command definition that you # define in your host configuration file. Read the HTML docs for # more information on performance data. @@ -870,7 +870,7 @@ obsess_over_services=0 # OBSESSIVE COMPULSIVE SERVICE PROCESSOR COMMAND # This is the command that is run for every service check that is # processed by Nagios. This command is executed only if the -# obsess_over_services option (above) is set to 1. The command +# obsess_over_services option (above) is set to 1. The command # argument is the short name of a command definition that you # define in your host configuration file. Read the HTML docs for # more information on implementing distributed monitoring. @@ -894,7 +894,7 @@ obsess_over_hosts=0 # OBSESSIVE COMPULSIVE HOST PROCESSOR COMMAND # This is the command that is run for every host check that is # processed by Nagios. This command is executed only if the -# obsess_over_hosts option (above) is set to 1. The command +# obsess_over_hosts option (above) is set to 1. The command # argument is the short name of a command definition that you # define in your host configuration file. Read the HTML docs for # more information on implementing distributed monitoring. @@ -933,9 +933,9 @@ passive_host_checks_are_soft=0 # ORPHANED HOST/SERVICE CHECK OPTIONS -# These options determine whether or not Nagios will periodically +# These options determine whether or not Nagios will periodically # check for orphaned host service checks. Since service checks are -# not rescheduled until the results of their previous execution +# not rescheduled until the results of their previous execution # instance are processed, there exists a possibility that some # checks may never get rescheduled. A similar situation exists for # host checks, although the exact scheduling details differ a bit @@ -1003,9 +1003,9 @@ additional_freshness_latency=15 # FLAP DETECTION OPTION # This option determines whether or not Nagios will try -# and detect hosts and services that are "flapping". +# and detect hosts and services that are "flapping". # Flapping occurs when a host or service changes between -# states too frequently. When Nagios detects that a +# states too frequently. When Nagios detects that a # host or service is flapping, it will temporarily suppress # notifications for that host/service until it stops # flapping. Flap detection is very experimental, so read @@ -1049,7 +1049,7 @@ date_format=iso8601 # the system configured timezone. # # NOTE: In order to display the correct timezone in the CGIs, you -# will also need to alter the Apache directives for the CGI path +# will also need to alter the Apache directives for the CGI path # to include your timezone. Example: # # @@ -1086,7 +1086,7 @@ enable_embedded_perl=1 # This option determines whether or not Nagios will process Perl plugins # and scripts with the embedded Perl interpreter if the plugins/scripts # do not explicitly indicate whether or not it is okay to do so. Read -# the HTML documentation on the embedded Perl interpreter for more +# the HTML documentation on the embedded Perl interpreter for more # information on how this option works. use_embedded_perl_implicitly=1 @@ -1133,7 +1133,7 @@ use_regexp_matching=0 # "TRUE" REGULAR EXPRESSION MATCHING -# This option controls whether or not "true" regular expression +# This option controls whether or not "true" regular expression # matching takes place in the object config files. This option # only has an effect if regular expression matching is enabled # (see above). If this option is DISABLED, regular expression @@ -1186,7 +1186,7 @@ use_large_installation_tweaks=0 # This option determines whether or not Nagios will make all standard # macros available as environment variables when host/service checks # and system commands (event handlers, notifications, etc.) are -# executed. Enabling this option can cause performance issues in +# executed. Enabling this option can cause performance issues in # large installations, as it will consume a bit more memory and (more # importantly) consume more CPU. # Values: 1 - Enable environment variable macros (default) @@ -1227,7 +1227,7 @@ enable_environment_macros=1 # This option determines how much (if any) debugging information will # be written to the debug file. OR values together to log multiple # types of information. -# Values: +# Values: # -1 = Everything # 0 = Nothing # 1 = Functions -- cgit v1.2.3 From 75d169a2e709c891613cd9ca759469a8b951e580 Mon Sep 17 00:00:00 2001 From: varac Date: Thu, 13 Mar 2014 20:19:07 +0100 Subject: Dont't archive nagios logs (#5324) --- puppet/modules/site_nagios/files/configs/Debian/nagios.cfg | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'puppet/modules/site_nagios') diff --git a/puppet/modules/site_nagios/files/configs/Debian/nagios.cfg b/puppet/modules/site_nagios/files/configs/Debian/nagios.cfg index 0bc69bc1..e46ebf62 100644 --- a/puppet/modules/site_nagios/files/configs/Debian/nagios.cfg +++ b/puppet/modules/site_nagios/files/configs/Debian/nagios.cfg @@ -235,7 +235,7 @@ event_broker_options=-1 # w = Weekly rotation (midnight on Saturday evening) # m = Monthly rotation (midnight last day of month) -log_rotation_method=d +log_rotation_method=n -- cgit v1.2.3 From a7ff480b5946f30445add762839118d878a775de Mon Sep 17 00:00:00 2001 From: varac Date: Thu, 13 Mar 2014 20:32:45 +0100 Subject: Dont't archive nagios logs, use logrotate for it (Feature #5324) --- puppet/modules/site_nagios/manifests/server.pp | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'puppet/modules/site_nagios') diff --git a/puppet/modules/site_nagios/manifests/server.pp b/puppet/modules/site_nagios/manifests/server.pp index 7106c36a..85443917 100644 --- a/puppet/modules/site_nagios/manifests/server.pp +++ b/puppet/modules/site_nagios/manifests/server.pp @@ -46,4 +46,13 @@ class site_nagios::server inherits nagios::base { include site_nagios::server::apache include site_check_mk::server include site_shorewall::monitor + + augeas { + 'logrotate_nagios': + context => '/files/etc/logrotate.d/nagios/rule', + changes => [ 'set file /var/log/nagios3/nagios.log', 'set rotate 7', + 'set schedule daily', 'set compress compress', + 'set missingok missingok', 'set ifempty notifempty', + 'set copytruncate copytruncate' ] + } } -- cgit v1.2.3