diff options
| -rw-r--r-- | README | 35 | ||||
| -rw-r--r--[l---------] | files/configs/Debian/private/resource.cfg.amd64 | 32 | ||||
| -rw-r--r--[l---------] | files/configs/Debian/private/resource.cfg.x86_64 | 32 | ||||
| -rw-r--r-- | files/configs/apache2.conf | 55 | ||||
| -rw-r--r-- | files/irc_bot/riseup-nagios-client.pl | 72 | ||||
| -rw-r--r-- | files/irc_bot/riseup-nagios-server.pl | 157 | ||||
| -rw-r--r-- | files/plugins/check_dns2 | 102 | ||||
| -rw-r--r-- | files/plugins/check_dnsbl | 107 | ||||
| -rw-r--r-- | manifests/apache.pp | 17 | ||||
| -rw-r--r-- | manifests/base.pp | 35 | ||||
| -rw-r--r-- | manifests/centos.pp | 2 | ||||
| -rw-r--r-- | manifests/command/imap_pop3.pp | 14 | ||||
| -rw-r--r-- | manifests/command/smtp.pp | 14 | ||||
| -rw-r--r-- | manifests/defaults/commands.pp | 38 | ||||
| -rw-r--r-- | manifests/defaults/plugins.pp | 9 | ||||
| -rw-r--r-- | manifests/irc_bot.pp | 93 | ||||
| -rw-r--r-- | manifests/service.pp | 20 | ||||
| -rw-r--r-- | manifests/service/http.pp | 4 | ||||
| -rw-r--r-- | manifests/service/smtp.pp | 50 | ||||
| -rw-r--r-- | manifests/service/ssmtp.pp | 32 | ||||
| -rw-r--r-- | templates/irc_bot/CentOS/nagios-nsa.sh.erb | 104 | ||||
| -rw-r--r-- | templates/irc_bot/Debian/nagios-nsa.sh.erb | 71 | ||||
| -rw-r--r-- | templates/irc_bot/nsa.cfg.erb | 13 |
23 files changed, 1075 insertions, 33 deletions
@@ -85,6 +85,18 @@ nagios::target::fqdn instead of nagios::target . previous versions of nagios_host used the parameter named 'ip', that has been changed to 'address' + +IRC bot +======= + +Notifications can easily be sent to an IRC channel by using a bot. To do so, +simply include 'nagios::irc_bot' on the nagios server and define the right +$nagios_nsa_* variables (see the 'Variables' section below). + +You can then use the notification commands 'notify-by-irc' and +'host-notify-by-irc' with service and host definitions to make them report +state changes over IRC. + Caveats ======= @@ -127,6 +139,29 @@ Options to change the behavior of the nagios module: may also need to flip "check_external_commands" in "nagios.cfg" to enable this functionality. +- nagios_nsa_socket: This optional variable can be used to specify the path to + the socket file that the IRC daemon should use. + +- nagios_nsa_server: When using the IRC bot, this defines the server address of + the IRC network on which the bot will connect. + +- nagios_nsa_port: Defines the port number on the IRC server on which the bot + should connect. When this variable is not set, the port used + by default is 6667. + +- nagios_nsa_nickname: This is the nickname that the IRC bot will take. + +- nagios_nsa_password: Some networks require a password to connect to them. + This defines such a password. + +- nagios_nsa_channel: The name of the channel that the IRC bot will join and + will post notifications to. + +- nagios_nsa_pidfile: This optional variable can be used to define the path to + the file that will contain the process ID of the IRC bot + daemon. +- nagios_nsa_realname: The IRC bot user's real name that will be displayed. By + default, the real name is 'Nagios'. Examples ======== diff --git a/files/configs/Debian/private/resource.cfg.amd64 b/files/configs/Debian/private/resource.cfg.amd64 index 4d5f0a3..3ed732b 120000..100644 --- a/files/configs/Debian/private/resource.cfg.amd64 +++ b/files/configs/Debian/private/resource.cfg.amd64 @@ -1 +1,31 @@ -resource.cfg.i386
\ No newline at end of file +########################################################################### +# +# RESOURCE.CFG - Resource File for Nagios +# +# You can define $USERx$ macros in this file, which can in turn be used +# in command definitions in your host config file(s). $USERx$ macros are +# useful for storing sensitive information such as usernames, passwords, +# etc. They are also handy for specifying the path to plugins and +# event handlers - if you decide to move the plugins or event handlers to +# a different directory in the future, you can just update one or two +# $USERx$ macros, instead of modifying a lot of command definitions. +# +# The CGIs will not attempt to read the contents of resource files, so +# you can set restrictive permissions (600 or 660) on them. +# +# Nagios supports up to 32 $USERx$ macros ($USER1$ through $USER32$) +# +# Resource files may also be used to store configuration directives for +# external data sources like MySQL... +# +########################################################################### + +# Sets $USER1$ to be the path to the plugins +$USER1$=/usr/lib/nagios/plugins + +# Sets $USER2$ to be the path to event handlers +#$USER2$=/usr/lib/nagios/plugins/eventhandlers + +# Store some usernames and passwords (hidden from the CGIs) +#$USER3$=someuser +#$USER4$=somepassword diff --git a/files/configs/Debian/private/resource.cfg.x86_64 b/files/configs/Debian/private/resource.cfg.x86_64 index 4d5f0a3..3ed732b 120000..100644 --- a/files/configs/Debian/private/resource.cfg.x86_64 +++ b/files/configs/Debian/private/resource.cfg.x86_64 @@ -1 +1,31 @@ -resource.cfg.i386
\ No newline at end of file +########################################################################### +# +# RESOURCE.CFG - Resource File for Nagios +# +# You can define $USERx$ macros in this file, which can in turn be used +# in command definitions in your host config file(s). $USERx$ macros are +# useful for storing sensitive information such as usernames, passwords, +# etc. They are also handy for specifying the path to plugins and +# event handlers - if you decide to move the plugins or event handlers to +# a different directory in the future, you can just update one or two +# $USERx$ macros, instead of modifying a lot of command definitions. +# +# The CGIs will not attempt to read the contents of resource files, so +# you can set restrictive permissions (600 or 660) on them. +# +# Nagios supports up to 32 $USERx$ macros ($USER1$ through $USER32$) +# +# Resource files may also be used to store configuration directives for +# external data sources like MySQL... +# +########################################################################### + +# Sets $USER1$ to be the path to the plugins +$USER1$=/usr/lib/nagios/plugins + +# Sets $USER2$ to be the path to event handlers +#$USER2$=/usr/lib/nagios/plugins/eventhandlers + +# Store some usernames and passwords (hidden from the CGIs) +#$USER3$=someuser +#$USER4$=somepassword diff --git a/files/configs/apache2.conf b/files/configs/apache2.conf new file mode 100644 index 0000000..14bb38b --- /dev/null +++ b/files/configs/apache2.conf @@ -0,0 +1,55 @@ +# apache configuration for nagios 3.x +# note to users of nagios 1.x and 2.x: +# throughout this file are commented out sections which preserve +# backwards compatibility with bookmarks/config for older nagios versios. +# simply look for lines following "nagios 1.x:" and "nagios 2.x" comments. + +ScriptAlias /cgi-bin/nagios3 /usr/lib/cgi-bin/nagios3 +ScriptAlias /nagios3/cgi-bin /usr/lib/cgi-bin/nagios3 +# nagios 1.x: +#ScriptAlias /cgi-bin/nagios /usr/lib/cgi-bin/nagios3 +#ScriptAlias /nagios/cgi-bin /usr/lib/cgi-bin/nagios3 +# nagios 2.x: +#ScriptAlias /cgi-bin/nagios2 /usr/lib/cgi-bin/nagios3 +#ScriptAlias /nagios2/cgi-bin /usr/lib/cgi-bin/nagios3 + +# Where the stylesheets (config files) reside +Alias /nagios3/stylesheets /etc/nagios3/stylesheets +# nagios 1.x: +#Alias /nagios/stylesheets /etc/nagios3/stylesheets +# nagios 2.x: +#Alias /nagios2/stylesheets /etc/nagios3/stylesheets + +# Where the HTML pages live +Alias /nagios3 /usr/share/nagios3/htdocs +# nagios 2.x: +#Alias /nagios2 /usr/share/nagios3/htdocs +# nagios 1.x: +#Alias /nagios /usr/share/nagios3/htdocs + +<DirectoryMatch (/usr/share/nagios3/htdocs|/usr/lib/cgi-bin/nagios3|/etc/nagios3/stylesheets)> + Options FollowSymLinks + + DirectoryIndex index.php index.html + + AllowOverride AuthConfig + Order Allow,Deny + Allow From All + + AuthName "Nagios Access" + AuthType Basic + AuthUserFile /etc/nagios3/htpasswd.users + # nagios 1.x: + #AuthUserFile /etc/nagios/htpasswd.users + require valid-user +</DirectoryMatch> + +# Enable this ScriptAlias if you want to enable the grouplist patch. +# See http://apan.sourceforge.net/download.html for more info +# It allows you to see a clickable list of all hostgroups in the +# left pane of the Nagios web interface +# XXX This is not tested for nagios 2.x use at your own peril +#ScriptAlias /nagios3/side.html /usr/lib/cgi-bin/nagios3/grouplist.cgi +# nagios 1.x: +#ScriptAlias /nagios/side.html /usr/lib/cgi-bin/nagios3/grouplist.cgi + diff --git a/files/irc_bot/riseup-nagios-client.pl b/files/irc_bot/riseup-nagios-client.pl new file mode 100644 index 0000000..2467058 --- /dev/null +++ b/files/irc_bot/riseup-nagios-client.pl @@ -0,0 +1,72 @@ +#!/usr/bin/perl -w + +# ############################################################################## +# Infrabot-Client - a simple Infrabot client which sends it's whole command +# line arguments to a local UNIX domain socket. +# ############################################################################## + +use strict; +use IO::Socket; + + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# >> CONFIGURATION >> + +# Read a configuration file +# The arg can be a relative or full path, or +# it can be a file located somewhere in @INC. +sub ReadCfg +{ + my $file = $_[0]; + + our $err; + + { # Put config data into a separate namespace + package CFG; + + # Process the contents of the config file + my $rc = do($file); + + # Check for errors + if ($@) { + $::err = "ERROR: Failure compiling '$file' - $@"; + } elsif (! defined($rc)) { + $::err = "ERROR: Failure reading '$file' - $!"; + } elsif (! $rc) { + $::err = "ERROR: Failure processing '$file'"; + } + } + + return ($err); +} + +# Get our configuration information +if (my $err = ReadCfg('/etc/nagios_nsa.cfg')) { + print(STDERR $err, "\n"); + exit(1); +} + +# << CONFIGURATION << +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + +if (@ARGV == 0) { + print "Hey - specify a message, sucker!\n"; + exit(1); +} + +unless (-S $CFG::Nsa{'socket'}) { + die "Socket '$CFG::Nsa{'socket'}' doesn't exist or isn't a socket!\n"; +} + +unless (-r $CFG::Nsa{'socket'}) { + die "Socket '$CFG::Nsa{'socket'}' can't be read!\n"; +} + +my $sock = IO::Socket::UNIX->new ( + Peer => $CFG::Nsa{'socket'}, + Type => SOCK_DGRAM, + Timeout => 10 +) || die "Can't open socket '$CFG::Nsa{'socket'}'!\n"; + +print $sock "@ARGV"; +close($sock); diff --git a/files/irc_bot/riseup-nagios-server.pl b/files/irc_bot/riseup-nagios-server.pl new file mode 100644 index 0000000..7880dde --- /dev/null +++ b/files/irc_bot/riseup-nagios-server.pl @@ -0,0 +1,157 @@ +#!/usr/bin/perl -w + +# ############################################################################## +# a simple IRC bot which dispatches messages received via local domain sockets +# ############################################################################## + +use strict; +use File::Basename; + +BEGIN { + unshift @INC, dirname($0); +} + +my $VERSION = '0.2'; +my $running = 1; + +# Read a configuration file +# The arg can be a relative or full path, or +# it can be a file located somewhere in @INC. +sub ReadCfg +{ + my $file = $_[0]; + + our $err; + + { # Put config data into a separate namespace + package CFG; + + # Process the contents of the config file + my $rc = do($file); + + # Check for errors + if ($@) { + $::err = "ERROR: Failure compiling '$file' - $@"; + } elsif (! defined($rc)) { + $::err = "ERROR: Failure reading '$file' - $!"; + } elsif (! $rc) { + $::err = "ERROR: Failure processing '$file'"; + } + } + + return ($err); +} + +# Get our configuration information +if (my $err = ReadCfg('/etc/nagios_nsa.cfg')) { + print(STDERR $err, "\n"); + exit(1); +} + +use POSIX qw(setsid); +use IO::Socket; +use Net::IRC; + +sub new { + my $self = { + socket => undef, + irc => undef, + conn => undef + }; + + return bless($self, __PACKAGE__); +} + +sub daemonize { + my $self = shift; + my $pid; + + chdir '/' or die "Can't chdir to /: $!"; + + open STDIN, '/dev/null' or die "Can't read /dev/null: $!"; + open STDOUT, '>/dev/null' or die "Can't write to /dev/null: $!"; + + defined ($pid = fork) or die "Can't fork: $!"; + + if ($pid && $CFG::Nsa{'pidfile'}) { # write pid of child + open PID, ">$CFG::Nsa{'pidfile'}" or die "Can't open pid file: $!"; + print PID $pid; + close PID; + } + exit if $pid; + setsid or die "Can't start a new session: $!"; + + #open STDERR, '>&STDOUT' or die "Can't dup stdout: $!"; +} + +sub run { + my $self = shift; + + $self->{irc}->do_one_loop(); +} + +sub shutdown { + my $sig = shift; + + print STDERR "Received SIG$sig, shutting down...\n"; + $running = 0; +} + +sub socket_has_data { + my $self = shift; + + $self->{socket}->recv(my $data, 1024); + $self->{conn}->privmsg($CFG::Nsa{'channel'}, $data); +} + +sub irc_on_connect { + my $self = shift; + + print STDERR "Joining channel '$CFG::Nsa{'channel'}'...\n"; + $self->join($CFG::Nsa{'channel'}); +} + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + +my $bot = &new; + +if (-e $CFG::Nsa{'socket'}) { + die "Socket '$CFG::Nsa{'socket'}' exists!\n"; +} + +$bot->{socket} = IO::Socket::UNIX->new ( + Local => $CFG::Nsa{'socket'}, + Type => SOCK_DGRAM, + Listen => 5 +) || die "Can't create socket '$CFG::Nsa{'socket'}'!\n"; + +$SIG{INT} = $SIG{TERM} = \&shutdown; + +$bot->daemonize(); +$bot->{irc} = new Net::IRC; + +$bot->{conn} = $bot->{irc}->newconn ( + Server => $CFG::Nsa{'server'}, + Port => $CFG::Nsa{'port'}, + Nick => $CFG::Nsa{'nickname'}, + Username => $CFG::Nsa{'nickname'}, + Password => $CFG::Nsa{'password'}, + Ircname => $CFG::Nsa{'realname'} . " (NSA $VERSION)", +) || die "Can't connect to server '$CFG::Nsa{'server'}'!\n"; + +$bot->{conn}->add_global_handler(376, \&irc_on_connect); +$bot->{conn}->add_global_handler('nomotd', \&irc_on_connect); +$bot->{irc}->addfh($bot->{socket}, \&socket_has_data, 'r', $bot); + +while ($running) { + $bot->run(); +} + +close($bot->{socket}); +unlink($CFG::Nsa{'socket'}); + +exit(0); + +1; + +__END__ diff --git a/files/plugins/check_dns2 b/files/plugins/check_dns2 new file mode 100644 index 0000000..2195631 --- /dev/null +++ b/files/plugins/check_dns2 @@ -0,0 +1,102 @@ +#!/bin/bash +# Written by Damien Gy +# damien.gy+nagiosexchange(AT)gmail.com +# 2007-09-28 + +PROGNAME=`basename $0` +REVISION=1.00 +TMP=/tmp/tmpdig +DIG=/usr/bin/dig + +print_revision() { + echo $PROGNAME $REVISION +} + +print_usage() { + echo "Usage:" + echo " $PROGNAME -c|--check <host> <type> <server>" + echo " $PROGNAME -h|--help" + echo " $PROGNAME -v|--version" +} + +print_help() { + print_revision + echo "" + print_usage + echo "Where:" + echo " host the name of the resource record to be looked up" + echo " type indicates the query required (any, a, mx, etc.)" + echo " server the name or IP address of the name server to query" + echo "" + echo " -h|--help prints this help screen" + echo "" + echo " -v|--version prints version and license information" + echo "" + echo " Created by Damien Gy, questions or problems e-mail damien.gy+nagiosexchange(AT)gmail.com" + echo "" +} + +check_dns() { + + if [ $# -ne 3 ] + then + echo "Number of arguments incorrect" + exit 3 + fi + if [ ! -e $DIG ] + then + echo "$DIG not found" + exit 3 + fi + $DIG $1 $2 @$3 > $TMP + + if ( grep "status" $TMP > /dev/null ) + then + # DNS server answered + if ( grep "NOERROR" $TMP > /dev/null ) + then + echo "DNS OK "`grep "time:" $TMP` + rm -f $TMP + exit 0 + else + echo "WARNING "`grep "time:" $TMP` + rm -f $TMP + exit 1 + fi + + else + # no answer + echo "CRITICAL - Connection timed out" + rm -f $TMP + exit 2 + fi +} + +case "$1" in +--help) + print_help + exit 0 + ;; +-h) + print_help + exit 0 + ;; +--version) + print_revision + exit 0 + ;; +-v) + print_revision + exit 0 + ;; +--check) + check_dns $2 $3 $4 + ;; +-c) + check_dns $2 $3 $4 + ;; +*) + print_usage + exit 3 + +esac diff --git a/files/plugins/check_dnsbl b/files/plugins/check_dnsbl new file mode 100644 index 0000000..93cea37 --- /dev/null +++ b/files/plugins/check_dnsbl @@ -0,0 +1,107 @@ +#!/bin/sh +# +# dnsbl-check-nagios.sh +# +# (c) 2009 Damon Tajeddini & heise Netze +# +STATE_OK=0 +STATE_WARNING=1 +STATE_CRITICAL=2 +STATE_UNKNOWN=3 +STATE_DEPENDENT=4 + +FOUND_ADRESS=0 + +DNSBLlist=`grep -v ^# <<! +cbl.abuseat.org +dnsbl.ahbl.org +ircbl.ahbl.org +virbl.dnsbl.bit.nl +blackholes.five-ten-sg.com +dnsbl.inps.de +ix.dnsbl.manitu.net +no-more-funn.moensted.dk +combined.njabl.org +dnsbl.njabl.org +dnsbl.sorbs.net +bl.spamcannibal.org +bl.spamcop.net +sbl.spamhaus.org +xbl.spamhaus.org +pbl.spamhaus.org +dnsbl-1.uceprotect.net +# dnsbl-2.uceprotect.net +# dnsbl-3.uceprotect.net +psbl.surriel.com +l2.apews.org +dnsrbl.swinog.ch +db.wpbl.info +!` + +# reverse IP address +convertIP() +{ + set `IFS=".";echo $1` + echo $4.$3.$2.$1 +} + +usage() +{ + echo "Usage: $0 [-H] <host>] [-p]" + echo " -H check Host " + echo " -p print list of DNSBLs" + exit 3 +} + +# Checks the IP with list of DNSBL servers +check() +{ + count=0; + for i in $DNSBLlist + do + count=$(($count + 1)) + if nslookup $ip_arpa.$i | grep -q "127.0.0." ; + then + FOUND_ADRESS=$(($FOUND_ADRESS + 1)) + echo "DNSBL-Alarm: $ip is listed on $i" + fi + done + if [ $FOUND_ADRESS -ge 1 ] + then + exit 1 + fi + echo "OK - $ip not on $count DNSBLs" + exit 0 +} + +case $1 in + -H) + if [ -z "$2" ] + then + echo "ip address missing" + exit + fi + ip=$2 + ip_arpa=`convertIP $ip` + check;; + + -p) + for i in $DNSBLlist + do + echo $i + done + exit $STATE_WARNING + exit;; + + --help) + usage + exit;; + + *) + if [ -z "$1" ] + then + usage + fi + echo "unknown command: $1" + exit;; +esac diff --git a/manifests/apache.pp b/manifests/apache.pp index c00b1d9..c560e5b 100644 --- a/manifests/apache.pp +++ b/manifests/apache.pp @@ -1,4 +1,21 @@ class nagios::apache inherits ::apache { $nagios_httpd = 'apache' include nagios + + case $operatingsystem { + 'debian': { + file { "${nagios::defaults::vars::int_nagios_cfgdir}/apache2.conf": + ensure => present, + source => ["puppet:///site-nagios/configs/${fqdn}/apache2.conf", + "puppet:///site-nagios/configs/apache2.conf", + "puppet:///nagios/configs/apache2.conf"], + } + + apache::config::global { "nagios3.conf": + ensure => link, + target => "${nagios::defaults::vars::int_nagios_cfgdir}/apache2.conf", + require => File["${nagios::defaults::vars::int_nagios_cfgdir}/apache2.conf"], + } + } + } } diff --git a/manifests/base.pp b/manifests/base.pp index a32edcf..8b96308 100644 --- a/manifests/base.pp +++ b/manifests/base.pp @@ -56,8 +56,8 @@ class nagios::base { file { 'nagios_private_resource_cfg': path => "${nagios::defaults::vars::int_nagios_cfgdir}/private/resource.cfg", - source => [ "puppet:///modules/nagios/configs/${operatingsystem}/private/resource.cfg.${architecture}", - "puppet:///modules/site-nagios/configs/${operatingsystem}/private/resource.cfg.${architecture}" ], + source => [ "puppet:///modules/site-nagios/configs/${operatingsystem}/private/resource.cfg.${architecture}", + "puppet:///modules/nagios/configs/${operatingsystem}/private/resource.cfg.${architecture}" ], notify => Service['nagios'], owner => root, group => nagios, mode => '0640'; } @@ -73,18 +73,19 @@ class nagios::base { } Package <<| tag == 'nagios::plugin::deploy::package' |>> File <<| tag == 'nagios::plugin::deploy::file' |>> - Nagios_plugin <<||>> Nagios_command <<||>> - Nagios_contact <<||>> Nagios_contactgroup <<||>> - Nagios_host <<||>> + Nagios_contact <<||>> + Nagios_hostdependency <<||>> + Nagios_hostescalation <<||>> Nagios_hostextinfo <<||>> Nagios_hostgroup <<||>> - Nagios_hostgroupescalation <<||>> - Nagios_service <<||>> + Nagios_host <<||>> Nagios_servicedependency <<||>> Nagios_serviceescalation <<||>> + Nagios_servicegroup <<||>> Nagios_serviceextinfo <<||>> + Nagios_service <<||>> Nagios_timeperiod <<||>> File <<| tag == 'nagios_plugin' |>> @@ -108,6 +109,14 @@ class nagios::base { require => File['nagios_confd'], notify => Service['nagios'], } + Nagios_hostdependency <||> { + target => "${nagios::defaults::vars::int_nagios_cfgdir}/conf.d/nagios_hostdependency.cfg", + notify => Service['nagios'], + } + Nagios_hostescalation <||> { + target => "${nagios::defaults::vars::int_nagios_cfgdir}/conf.d/nagios_hostescalation.cfg", + notify => Service['nagios'], + } Nagios_hostextinfo <||> { target => "${nagios::defaults::vars::int_nagios_cfgdir}/conf.d/nagios_hostextinfo.cfg", require => File['nagios_confd'], @@ -118,16 +127,15 @@ class nagios::base { require => File['nagios_confd'], notify => Service['nagios'], } - Nagios_hostgroupescalation <||> { - target => "${nagios::defaults::vars::int_nagios_cfgdir}/conf.d/nagios_hostgroupescalation.cfg", - require => File['nagios_confd'], - notify => Service['nagios'], - } Nagios_service <||> { target => "${nagios::defaults::vars::int_nagios_cfgdir}/conf.d/nagios_service.cfg", require => File['nagios_confd'], notify => Service['nagios'], } + Nagios_servicegroup <||> { + target => "${nagios::defaults::vars::int_nagios_cfgdir}/conf.d/nagios_servicegroup.cfg", + notify => Service['nagios'], + } Nagios_servicedependency <||> { target => "${nagios::defaults::vars::int_nagios_cfgdir}/conf.d/nagios_servicedependency.cfg", require => File['nagios_confd'], @@ -153,6 +161,8 @@ class nagios::base { "${nagios::defaults::vars::int_nagios_cfgdir}/conf.d/nagios_contact.cfg", "${nagios::defaults::vars::int_nagios_cfgdir}/conf.d/nagios_contactgroup.cfg", "${nagios::defaults::vars::int_nagios_cfgdir}/conf.d/nagios_host.cfg", + "${nagios::defaults::vars::int_nagios_cfgdir}/conf.d/nagios_hostdependency.cfg", + "${nagios::defaults::vars::int_nagios_cfgdir}/conf.d/nagios_hostescalation.cfg", "${nagios::defaults::vars::int_nagios_cfgdir}/conf.d/nagios_hostextinfo.cfg", "${nagios::defaults::vars::int_nagios_cfgdir}/conf.d/nagios_hostgroup.cfg", "${nagios::defaults::vars::int_nagios_cfgdir}/conf.d/nagios_hostgroupescalation.cfg", @@ -160,6 +170,7 @@ class nagios::base { "${nagios::defaults::vars::int_nagios_cfgdir}/conf.d/nagios_servicedependency.cfg", "${nagios::defaults::vars::int_nagios_cfgdir}/conf.d/nagios_serviceescalation.cfg", "${nagios::defaults::vars::int_nagios_cfgdir}/conf.d/nagios_serviceextinfo.cfg", + "${nagios::defaults::vars::int_nagios_cfgdir}/conf.d/nagios_servicegroup.cfg", "${nagios::defaults::vars::int_nagios_cfgdir}/conf.d/nagios_timeperiod.cfg" ]: ensure => file, replace => false, diff --git a/manifests/centos.pp b/manifests/centos.pp index 4d9507b..35379b8 100644 --- a/manifests/centos.pp +++ b/manifests/centos.pp @@ -1,6 +1,6 @@ class nagios::centos inherits nagios::base { - package { [ 'nagios-plugins', 'nagios-plugins-smtp','nagios-plugins-http', 'nagios-plugins-ssh', 'nagios-plugins-udp', 'nagios-plugins-tcp', 'nagios-plugins-dig', 'nagios-plugins-nrpe', 'nagios-plugins-load', 'nagios-plugins-dns', 'nagios-plugins-ping', 'nagios-plugins-procs', 'nagios-plugins-users', 'nagios-plugins-ldap', 'nagios-plugins-disk', 'nagios-plugins-swap', 'nagios-plugins-nagios', 'nagios-plugins-perl', 'nagios-plugins-ntp', 'nagios-plugins-snmp' ]: + package { [ 'nagios-plugins', 'nagios-plugins-smtp','nagios-plugins-http', 'nagios-plugins-ssh', 'nagios-plugins-tcp', 'nagios-plugins-dig', 'nagios-plugins-nrpe', 'nagios-plugins-load', 'nagios-plugins-dns', 'nagios-plugins-ping', 'nagios-plugins-procs', 'nagios-plugins-users', 'nagios-plugins-ldap', 'nagios-plugins-disk', 'nagios-plugins-swap', 'nagios-plugins-nagios', 'nagios-plugins-perl', 'nagios-plugins-ntp', 'nagios-plugins-snmp' ]: ensure => 'present', notify => Service['nagios'], } diff --git a/manifests/command/imap_pop3.pp b/manifests/command/imap_pop3.pp new file mode 100644 index 0000000..174b09c --- /dev/null +++ b/manifests/command/imap_pop3.pp @@ -0,0 +1,14 @@ +class nagios::command::imap_pop3 { + nagios_command{ + 'check_imap': + command_line => '$USER1$/check_imap -H $ARG1$ -p $ARG2$'; + 'check_imap_ssl': + command_line => '$USER1$/check_imap -H $ARG1$ -p $ARG2$ -S'; + 'check_pop3': + command_line => '$USER1$/check_pop -H $ARG1$ -p $ARG2$'; + 'check_pop3_ssl': + command_line => '$USER1$/check_pop -H $ARG1$ -p $ARG2$ -S'; + 'check_managesieve': + command_line => '$USER1$/check_tcp -H $ARG1$ -p 2000'; + } +} diff --git a/manifests/command/smtp.pp b/manifests/command/smtp.pp new file mode 100644 index 0000000..04f8543 --- /dev/null +++ b/manifests/command/smtp.pp @@ -0,0 +1,14 @@ +class nagios::command::smtp { + nagios_command{ + 'check_smtp': + command_line => '$USER1$/check_smtp -H $ARG1$ -p $ARG2$'; + 'check_smtp_tls': + command_line => '$USER1$/check_smtp -H $ARG1$ -p $ARG2$ -S'; + 'check_smtp_cert': + command_line => '$USER1$/check_smtp -H $ARG1$ -p $ARG2$ -S -D $ARG3$'; + 'check_ssmtp': + command_line => '$USER1$/check_ssmtp -H $ARG1$ -p $ARG2$ -S'; + 'check_ssmtp_cert': + command_line => '$USER1$/check_ssmtp -H $ARG1$ -p $ARG2$ -S -D $ARG3$'; + } +} diff --git a/manifests/defaults/commands.pp b/manifests/defaults/commands.pp index 20e0d7b..0a7ad4f 100644 --- a/manifests/defaults/commands.pp +++ b/manifests/defaults/commands.pp @@ -1,7 +1,9 @@ class nagios::defaults::commands { - # common service commands + include nagios::command::smtp + include nagios::command::imap_pop3 + # common service commands case $operatingsystem { debian,ubuntu: { nagios_command { @@ -49,8 +51,10 @@ class nagios::defaults::commands { command_line => '$USER1$/check_disk -w $ARG1$ -c $ARG2$ -e'; check_ssh: command_line => '$USER1$/check_ssh $HOSTADDRESS$'; - ssh_port: + check_ssh_port: command_line => '$USER1$/check_ssh -p $ARG1$ $HOSTADDRESS$'; + check_ssh_port_host: + command_line => '$USER1$/check_ssh -p $ARG1$ $ARG2$'; check_http: command_line => '$USER1$/check_http -H $HOSTADDRESS$ -I $HOSTADDRESS$'; check_https: @@ -77,6 +81,8 @@ class nagios::defaults::commands { command_line => '$USER1$/check_tcp -H $ARG1$ -p $ARG2$'; check_jabber: command_line => '$USER1$/check_jabber -H $ARG1$'; + check_git: + command_line => '$USER1$/check_tcp -H $ARG1$ -p 9418'; } } } @@ -87,6 +93,16 @@ class nagios::defaults::commands { # from apache module http_port: command_line => '$USER1$/check_http -p $ARG1$ -H $HOSTADDRESS$ -I $HOSTADDRESS$'; + + check_http_port_url_content: + command_line => '$USER1$/check_http -H $ARG1$ -p $ARG2$ -u $ARG3$ -s $ARG4$'; + check_https_port_url_content: + command_line => '$USER1$/check_http --ssl -H $ARG1$ -p $ARG2$ -u $ARG3$ -s $ARG4$'; + check_http_url_content: + command_line => '$USER1$/check_http -H $ARG1$ -u $ARG2$ -s $ARG3$'; + check_https_url_content: + command_line => '$USER1$/check_http --ssl -H $ARG1$ -u $ARG2$ -s $ARG3$'; + # from bind module check_dig2: command_line => '$USER1$/check_dig -H $HOSTADDRESS$ -l $ARG1$ --record_type=$ARG2$'; @@ -94,16 +110,28 @@ class nagios::defaults::commands { # from mysql module check_mysql_health: command_line => '$USER1$/check_mysql_health --hostname $ARG1$ --port $ARG2$ --username $ARG3$ --password $ARG4$ --mode $ARG5$ --database $ARG6$ $ARG7$ $ARG8$'; + + # better check_dns + check_dns2: + command_line => '$USER1$/check_dns2 -c $ARG1$ A $ARG2$'; + + # dnsbl checking + check_dnsbl: + command_line => '$USER1$/check_dnsbl -H $ARG1$'; } # notification commands + $mail_cmd_location = $operatingsystem ? { + centos => '/bin/mail', + default => '/usr/bin/mail' + } + nagios_command { 'notify-host-by-email': - command_line => '/usr/bin/printf "%b" "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\nHost: $HOSTNAME$\nState: $HOSTSTATE$\nAddress: $HOSTADDRESS$\nInfo: $HOSTOUTPUT$\n\nDate/Time: $LONGDATETIME$\n" | /usr/bin/mail -s "** $NOTIFICATIONTYPE$ Host Alert: $HOSTNAME$ is $HOSTSTATE$ **" $CONTACTEMAIL$'; + command_line => "/usr/bin/printf \"%b\" \"***** Nagios *****\\n\\nNotification Type: \$NOTIFICATIONTYPE\$\\nHost: \\$HOSTNAME\\$\\nState: \$HOSTSTATE\$\\nAddress: \$HOSTADDRESS\$\\nInfo: \$HOSTOUTPUT\$\\n\\nDate/Time: \$LONGDATETIME\$\\n\" | ${mail_cmd_location} -s \"** \$NOTIFICATIONTYPE\$ Host Alert: \$HOSTNAME\$ is \$HOSTSTATE\$ **\" \$CONTACTEMAIL\$"; 'notify-service-by-email': - command_line => '/usr/bin/printf "%b" "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\n\nService: $SERVICEDESC$\nHost: $HOSTALIAS$\nAddress: $HOSTADDRESS$\nState: $SERVICESTATE$\n\nDate/Time: $LONGDATETIME$\n\nAdditional Info:\n\n$SERVICEOUTPUT$" | /usr/bin/mail -s "** $NOTIFICATIONTYPE$ Service Alert: $HOSTALIAS$/$SERVICEDESC$ is $SERVICESTATE$ **" $CONTACTEMAIL$' - + command_line => "/usr/bin/printf \"%b\" \"***** Nagios *****\\n\\nNotification Type: \$NOTIFICATIONTYPE\$\\n\\nService: \$SERVICEDESC\$\\nHost: \$HOSTALIAS\$\\nAddress: \$HOSTADDRESS\$\\nState: \$SERVICESTATE\$\\n\\nDate/Time: \$LONGDATETIME\$\\n\\nAdditional Info:\\n\\n\$SERVICEOUTPUT\$\" | ${mail_cmd_location} -s \"** \$NOTIFICATIONTYPE\$ Service Alert: \$HOSTALIAS\$/\$SERVICEDESC\$ is \$SERVICESTATE\$ **\" \$CONTACTEMAIL\$"; } } diff --git a/manifests/defaults/plugins.pp b/manifests/defaults/plugins.pp index 1df8064..18f8161 100644 --- a/manifests/defaults/plugins.pp +++ b/manifests/defaults/plugins.pp @@ -1,5 +1,12 @@ class nagios::defaults::plugins { - nagios::plugin { 'check_mysql_health': source => 'nagios/plugins/check_mysql_health'; } + nagios::plugin { + 'check_mysql_health': + source => 'nagios/plugins/check_mysql_health'; + 'check_dns2': + source => 'nagios/plugins/check_dns2'; + 'check_dnsbl': + source => 'nagios/plugins/check_dnsbl'; + } } diff --git a/manifests/irc_bot.pp b/manifests/irc_bot.pp new file mode 100644 index 0000000..961755a --- /dev/null +++ b/manifests/irc_bot.pp @@ -0,0 +1,93 @@ +class nagios::irc_bot { + if ( ! ($nagios_nsa_server and $nagios_nsa_nickname and $nagios_nsa_channel) ) { + fail("Please provide values at least for \$nagios_nsa_server, \$nagios_nsa_nickname and \$nagios_nsa_channel") + } + + $nagios_nsa_socket = $nagios_nsa_socket ? { + '' => $operatingsystem ? { + centos => '/var/run/nagios-nsa/nsa.socket', + default => '/var/run/nagios3/nsa.socket' + }, + default => $nagios_nsa_socket, + } + $nagios_nsa_pidfile = $nagios_nsa_pidfile ? { + '' => $operatingsystem ? { + centos => '/var/run/nagios-nsa/nsa.pid', + default => '/var/run/nagios3/nsa.pid' + }, + default => $nagios_nsa_pidfile, + } + $nagios_nsa_port = $nagios_nsa_port ? { + '' => '6667', + default => $nagios_nsa_port, + } + $nagios_nsa_realname = $nagios_nsa_realname ? { + '' => 'Nagios', + default => $nagios_nsa_realname, + } + + if (! $nagios_nsa_password) { + $nagios_nsa_password = '' + } + + file { "/usr/local/bin/riseup-nagios-client.pl": + owner => root, group => root, mode => 0755, + source => "puppet:///modules/nagios/irc_bot/riseup-nagios-client.pl", + } + file { "/usr/local/bin/riseup-nagios-server.pl": + owner => root, group => root, mode => 0755, + source => "puppet:///modules/nagios/irc_bot/riseup-nagios-server.pl", + } + file { "/etc/init.d/nagios-nsa": + owner => root, group => root, mode => 0755, + content => template("nagios/irc_bot/${operatingsystem}/nagios-nsa.sh.erb"), + require => File["/usr/local/bin/riseup-nagios-server.pl"], + } + file { "/etc/nagios_nsa.cfg": + ensure => present, + owner => nagios, group => root, mode => 0400, + content => template('nagios/irc_bot/nsa.cfg.erb'), + } + + package { "libnet-irc-perl": + ensure => present, + } + + service { "nagios-nsa": + ensure => "running", + hasstatus => true, + require => [File["/etc/nagios_nsa.cfg"], + Package["libnet-irc-perl"], + Service['nagios'] ], + } + + case $operatingsystem { + centos: { + Package['libnet-irc-perl']{ + name => 'perl-Net-IRC', + } + Service['nagios-nsa']{ + enable => true, + } + } + debian,ubuntu: { + exec { "nagios_nsa_init_script": + command => "/usr/sbin/update-rc.d nagios-nsa defaults", + unless => "/bin/ls /etc/rc3.d/ | /bin/grep nagios-nsa", + require => File["/etc/init.d/nagios-nsa"], + before => Service['nagios-nsa'], + } + } + } + + nagios_command { + "notify-by-irc": + command_line => '/usr/local/bin/riseup-nagios-client.pl "$HOSTNAME$ ($SERVICEDESC$) $NOTIFICATIONTYPE$ n.$SERVICEATTEMPT$ $SERVICESTATETYPE$ $SERVICEEXECUTIONTIME$s $SERVICELATENCY$s $SERVICEOUTPUT$ $SERVICEPERFDATA$"'; + "host-notify-by-irc": + command_line => '/usr/local/bin/riseup-nagios-client.pl "$HOSTNAME$ ($HOSTALIAS$) $NOTIFICATIONTYPE$ n.$HOSTATTEMPT$ $HOSTSTATETYPE$ took $HOSTEXECUTIONTIME$s $HOSTOUTPUT$ $HOSTPERFDATA$ $HOSTLATENCY$s"'; + } + + if $use_shorewall { + include shorewall::rules::out::irc + } +} diff --git a/manifests/service.pp b/manifests/service.pp index 3e732b7..afc8650 100644 --- a/manifests/service.pp +++ b/manifests/service.pp @@ -10,7 +10,7 @@ define nagios::service ( $notification_period = '', $notification_options = '', $contact_groups = '', - $use = 'absent', + $use = 'generic-service', $service_description = 'absent' ) { @@ -22,7 +22,12 @@ define nagios::service ( ensure => $ensure, check_command => $check_command, host_name => $host_name, + use => $use, notify => Service[nagios], + service_description => $service_description ?{ + 'absent' => $name, + default => $service_description + } } if ($check_period != '') { @@ -53,17 +58,8 @@ define nagios::service ( Nagios_service["${real_name}"] { notification_options => $notification_options } } - if ($use == 'absent') { - Nagios_service["${real_name}"] { use => 'generic-service' } - } else { - Nagios_service["${real_name}"] { use => $use } + if ($contact_groups != '') { + Nagios_service["${real_name}"] { contact_groups => $contact_groups } } - - if ($service_description == 'absent') { - Nagios_service["${real_name}"] { service_description => $name } - } else { - Nagios_service["${real_name}"] { service_description => $service_description } - } - } diff --git a/manifests/service/http.pp b/manifests/service/http.pp index 5fd9890..8fd5059 100644 --- a/manifests/service/http.pp +++ b/manifests/service/http.pp @@ -8,6 +8,7 @@ define nagios::service::http( $check_domain = 'absent', $check_url = '/', $check_code = 'OK', + $use = 'generic-service', $ssl_mode = false ){ $real_check_domain = $check_domain ? { @@ -18,12 +19,14 @@ define nagios::service::http( 'force',true,'only': { nagios::service{"https_${name}_${check_code}": ensure => $ensure, + use => $use, check_command => "check_https_url_regex!${real_check_domain}!${check_url}!'${check_code}'", } case $ssl_mode { 'force': { nagios::service{"httprd_${name}": ensure => $ensure, + use => $use, check_command => "check_http_url_regex!${real_check_domain}!${check_url}!'301'", } } @@ -34,6 +37,7 @@ define nagios::service::http( false,true: { nagios::service{"http_${name}_${check_code}": ensure => $ensure, + use => $use, check_command => "check_http_url_regex!${real_check_domain}!${check_url}!'${check_code}'", } } diff --git a/manifests/service/smtp.pp b/manifests/service/smtp.pp new file mode 100644 index 0000000..14237a9 --- /dev/null +++ b/manifests/service/smtp.pp @@ -0,0 +1,50 @@ +# true: +# - true : check tls and plain connect *defualt* +# - false : check plain connection only +# cert_days: +# If tls is used add an additionl check +# to check for validity for cert. +# - 'absent' : do not execute that check +# - INTEGER : Minimum number of days a certificate +# has to be valid. Default: 10 +define nagios::service::smtp( + $ensure = 'present', + $host = 'absent', + $port = '25', + $tls = true, + $cert_days = 10 +){ + $real_host = $host ? { + 'absent' => $name, + default => $host + } + + nagios::service{ + "smtp_${name}_${port}": + ensure => $ensure; + "smtp_tls_${name}_${port}": + ensure => $tls ? { + true => $ensure, + default => 'absent' + }; + "smtp_tls_cert_${name}_${port}": + ensure => $cert_days ? { + 'absent' => 'absent', + default => $ensure + }; + } + + if $ensure != 'absent' { + Nagios::Service["smtp_${name}_${port}"]{ + check_command => "check_smtp!${real_host}!${port}", + } + Nagios::Service["smtp_tls_${name}_${port}"]{ + check_command => "check_smtp_tls!${real_host}!${port}", + } + if $cert_days != 'absent' { + Nagios::Service["smtp_tls_cert_${name}_${port}"]{ + check_command => "check_smtp_cert!${real_host}!${port}!${cert_days}", + } + } + } +} diff --git a/manifests/service/ssmtp.pp b/manifests/service/ssmtp.pp new file mode 100644 index 0000000..b05678a --- /dev/null +++ b/manifests/service/ssmtp.pp @@ -0,0 +1,32 @@ +define nagios::service::ssmtp( + $ensure = 'present', + $host = 'absent', + $port = '465', + $cert_days = 10 +){ + $real_host = $host ? { + 'absent' => $name, + default => $host + } + + nagios::service{ + "ssmtp_${name}_${port}": + ensure => $ensure; + "ssmtp_cert_${name}_${port}": + ensure => $cert_days ? { + 'absent' => 'absent', + default => $ensure + }; + } + + if $ensure != 'absent' { + Nagios::Service["ssmtp_${name}_${port}"]{ + check_command => "check_ssmtp!${real_host}!${port}", + } + if $cert_days != 'absent' { + Nagios::Service["ssmtp_cert_${name}_${port}"]{ + check_command => "check_ssmtp_cert!${real_host}!${port}!${cert_days}", + } + } + } +} diff --git a/templates/irc_bot/CentOS/nagios-nsa.sh.erb b/templates/irc_bot/CentOS/nagios-nsa.sh.erb new file mode 100644 index 0000000..1561afd --- /dev/null +++ b/templates/irc_bot/CentOS/nagios-nsa.sh.erb @@ -0,0 +1,104 @@ +#!/bin/sh +# +# nagios-nsa - manage nagios irc bot +# +# chkconfig: - 99 01 +# description: Nagios Simple IRC Agent + +### BEGIN INIT INFO +# Provides: nagios-nsa +# Required-Start: $nagios +# Required-Stop: $nagios +# Default-Start: 2 3 4 5 +# Default-Stop: 1 6 0 +# Short-Description: Nagios Simple IRC Agent +### END INIT INFO + +# Source function library. +. /etc/rc.d/init.d/functions + +exec="/usr/local/bin/riseup-nagios-server.pl" +prog="nsa" +PIDFILE=<%= nagios_nsa_pidfile %> +SOCKFILE=<%= nagios_nsa_socket %> + +[ -e /etc/sysconfig/$prog ] && . /etc/sysconfig/$prog + +lockfile=/var/lock/subsys/$prog +mkdir -p /var/run/nagios-nsa 2>/dev/null +chown nagios /var/run/nagios-nsa + +start() { + [ -x $exec ] || exit 5 + [ -f $config ] || exit 6 + echo -n $"Starting $prog: " + daemon --pidfile $PIDFILE --user nagios /usr/local/bin/riseup-nagios-server.pl + retval=$? + echo + [ $retval -eq 0 ] && touch $lockfile + return $retval +} + +stop() { + echo -n $"Stopping $prog: " + killproc -p $PIDFILE $prog + retval=$? + echo + [ $retval -eq 0 ] && rm -f $lockfile + return $retval +} + +restart() { + stop + start +} + +reload() { + restart +} + +force_reload() { + restart +} + +rh_status() { + # run checks to determine if the service is running or use generic status + status -p $PIDFILE $prog +} + +rh_status_q() { + rh_status >/dev/null 2>&1 +} + + +case "$1" in + start) + rh_status_q && exit 0 + $1 + ;; + stop) + rh_status_q || exit 0 + $1 + ;; + restart) + $1 + ;; + reload) + rh_status_q || exit 7 + $1 + ;; + force-reload) + force_reload + ;; + status) + rh_status + ;; + condrestart|try-restart) + rh_status_q || exit 0 + restart + ;; + *) + echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}" + exit 2 +esac +exit $? diff --git a/templates/irc_bot/Debian/nagios-nsa.sh.erb b/templates/irc_bot/Debian/nagios-nsa.sh.erb new file mode 100644 index 0000000..6e608db --- /dev/null +++ b/templates/irc_bot/Debian/nagios-nsa.sh.erb @@ -0,0 +1,71 @@ +#! /bin/sh + +### BEGIN INIT INFO +# Provides: nagios-nsa +# Required-Start: $remote_fs $syslog $nagios +# Required-Stop: $remote_fs $syslog $nagios +# Default-Start: 2 3 4 5 +# Default-Stop: 1 6 0 +# Short-Description: Nagios Simple IRC Agent +### END INIT INFO + +PIDFILE=<%= nagios_nsa_pidfile %> +SOCKFILE=<%= nagios_nsa_socket %> + +. /lib/lsb/init-functions + +start() { + log_daemon_msg "Starting nagios IRC bot" "nagios-nsa" + if start-stop-daemon --start --quiet --oknodo --pidfile $PIDFILE --user nagios --chuid nagios --exec /usr/local/bin/riseup-nagios-server.pl; then + log_end_msg 0 + else + log_end_msg 1 + fi +} + +stop () { + log_daemon_msg "Stopping nagios IRC bot" "nagios-nsa" + if start-stop-daemon --stop --quiet --pidfile $PIDFILE; then + log_end_msg 0 + else + log_end_msg 1 + fi +} + +remove_socket() { + [ -e $SOCKFILE ] && rm $SOCKFILE +} + +cleanup() { + if [ -r $PIDFILE ]; then + ps -p `cat $PIDFILE` | grep -v 'PID' || { + echo "not running" + remove_socket + } + else + echo "no pid file" + remove_socket + fi +} + +case $1 +in + start) + start + ;; + stop) + stop + ;; + restart) + stop + cleanup + start + ;; + status) + status_of_proc -p $PIDFILE /usr/local/bin/riseup-nagios-server.pl && exit 0 || exit $? + ;; + *) + log_action_msg "Usage: /etc/init.d/nagios-nsa {start|stop|restart|status}" + exit 1 +esac + diff --git a/templates/irc_bot/nsa.cfg.erb b/templates/irc_bot/nsa.cfg.erb new file mode 100644 index 0000000..7cba62c --- /dev/null +++ b/templates/irc_bot/nsa.cfg.erb @@ -0,0 +1,13 @@ +%Nsa = ( + 'socket' => '<%= nagios_nsa_socket %>', + 'server' => '<%= nagios_nsa_server %>', + 'port' => '<%= nagios_nsa_port %>', + 'nickname' => '<%= nagios_nsa_nickname %>', + 'password' => '<%= nagios_nsa_password %>', + # this needs libio-socket-ssl-perl + # doesn't actually works because Net::IRC is braindead and tries to use IO::Socket::SSL->read/write instead of the builtin print, see http://search.cpan.org/dist/IO-Socket-SSL/SSL.pm + #'SSL' => 0, + 'channel' => '<%= nagios_nsa_channel %>', + 'pidfile' => '<%= nagios_nsa_pidfile %>', # set to undef to disable + 'realname' => "<%= nagios_nsa_realname %>", +); |