diff options
30 files changed, 323 insertions, 284 deletions
@@ -17,6 +17,11 @@ puppetmaster. You need to be running verison 0.25 or later of puppet. +! Upgrade Notice ! + + * the irc bot variables changed, they previously had $nagios_ prepended + but no longer have that. So you will need to change your local config + to use $nsa_server instead of $nagios_nsa_server, for example. Monitor ------- @@ -31,11 +36,11 @@ Hosts ----- On a node which shall be monitored with nagios, include the "nagios::target". -This just creates a host declaration for this host's "$ipaddress" fact. If -the $ipaddress of your target is not the one you wish to modify, you can use -"nagios::target::fqdn" instead, which will use the $fqdn fact of the host instead. +This just creates a host declaration for this host's "$::ipaddress" fact. If +the $::ipaddress of your target is not the one you wish to modify, you can use +"nagios::target::fqdn" instead, which will use the $::fqdn fact of the host instead. -Set the $nagios_parents variable in the node scope for enabling the reachability +Pass the $parents variable to the target class for enabling the reachability features of nagios. If a node needs more customisation, use the native "@@nagios_host" type directly (the double-ampersand declares the object as an exported resource). @@ -68,24 +73,11 @@ files directly. NRPE Services ------------- -Some Nagios services need to be checked via NRPE. The following will make the -nagios server define a service that will check the NRPE command 'check_cpu' on -the current node: - - nagios::service { 'CPU Usage': - use_nrpe => 'true', - check_command => "check_cpu", - nrpe_args => "-t 60" - } - -NRPE Commands -------------- - -To be able to call NRPE commands on a host, one needs to define that command -and what it is going to execute: +NRPE Services can be defines as i.e.: - nagios::nrpe::command { 'debsums': - check_command => '/usr/lib/nagios/plugins/check_debsums openssh-server' + nagios::service { 'CPU Usage': use_nrpe => 'true', + check_command => "check_cpu", + nrpe_args => "-t 60" } @@ -95,14 +87,14 @@ Upgrade Notes The nagios::target bits have been reworked, the notable changes that may affect an upgrade are: -. previous versions had nagios::target::nat which used the $fqdn for +. previous versions had nagios::target::nat which used the $::fqdn for the address part of nagios::target, this has been renamed to nagios::target::fqdn to be more clear. if you were using nagios::target::nat then you will need to change those references to ::fqdn -. previous versions of this module used $fqdn for the nagios::target -address, now it is using $ipaddress. If you need $fqdn, use +. previous versions of this module used $::fqdn for the nagios::target +address, now it is using $::ipaddress. If you need $::fqdn, use nagios::target::fqdn instead of nagios::target . previous versions of nagios_host used the parameter named 'ip', that @@ -114,7 +106,7 @@ IRC bot Notifications can easily be sent to an IRC channel by using a bot. To do so, simply include 'nagios::irc_bot' on the nagios server and define the right -$nagios_nsa_* variables (see the 'Variables' section below). +$nsa_* variables (see the 'Variables' section below). You can then use the notification commands 'notify-by-irc' and 'host-notify-by-irc' with service and host definitions to make them report @@ -155,63 +147,48 @@ See : http://projects.reductivelabs.com/issues/1180 Variables ========= -Options to change the behavior of the nagios module: - -- nagios_parents: Which host(s) are this node's parents in the nagios host map. - -- nagios_allow_external_cmd: Set to true, if you'd like to ensure that your http - daemon can write to the external command file. You - may also need to flip "check_external_commands" in - "nagios.cfg" to enable this functionality. +Options to change the behavior of the nagios class: -- nagios_cfgdir: specify an alternative directory where Nagios configurations - should be managed. Default value depends of the OS of each - node, but is usually something like '/etc/nagios3'. +- allow_external_cmd: Set to true, if you'd like to ensure that your http + daemon can write to the external command file. You + may also need to flip "check_external_commands" in + "nagios.cfg" to enable this functionality. -- nagios_plugin_dir: Change the directory where Nagios plugins should be - deployed and pointed to by commands. +For the irc_bot class: -- nagios_nrpe_cfgdir: Change the directory where NRPE configurations should be - managed. The default value depends on the node's OS but - is usually something like '/etc/nagios'. +- nsa_socket: This optional variable can be used to specify the path to + the socket file that the IRC daemon should use. -- nagios_nrpe_pid_file: Change where the PID file for the Nagios service should - be written to. It's usually a good idea to keep this - file where the init script will find it so that it can - verify the service's status. +- nsa_server: When using the IRC bot, this defines the server address of + the IRC network on which the bot will connect. -- nagios_nrpe_dont_blame: Set this to 1 to allow arguments to be passed along - with NRPE command calls. Set it to 0 to disable - command arguments. +- nsa_port: Defines the port number on the IRC server on which the bot + should connect. When this variable is not set, the port used + by default is 6667. -- nagios_nsa_socket: This optional variable can be used to specify the path to - the socket file that the IRC daemon should use. +- nsa_nickname: This is the nickname that the IRC bot will take. -- nagios_nsa_server: When using the IRC bot, this defines the server address of - the IRC network on which the bot will connect. +- nsa_password: Some networks require a password to connect to them. + This defines such a password. -- nagios_nsa_port: Defines the port number on the IRC server on which the bot - should connect. When this variable is not set, the port used - by default is 6667. +- nsa_channel: The name of the channel that the IRC bot will join and + will post notifications to. -- nagios_nsa_nickname: This is the nickname that the IRC bot will take. +- nsa_pidfile: This optional variable can be used to define the path to + the file that will contain the process ID of the IRC bot + daemon. +- nsa_realname: The IRC bot user's real name that will be displayed. By + default, the real name is 'Nagios'. -- nagios_nsa_password: Some networks require a password to connect to them. - This defines such a password. +- nsa_usenotices: The IRC bot will by default "say" to the channel the + nagios message, but you can switch this variable to + 'notice' if you would prefer them to be sent as IRC + NOTICE messages. -- nagios_nsa_channel: The name of the channel that the IRC bot will join and - will post notifications to. +PNP4Nagios Nagios Grapher integration +===================================== -- nagios_nsa_pidfile: This optional variable can be used to define the path to - the file that will contain the process ID of the IRC bot - daemon. -- nagios_nsa_realname: The IRC bot user's real name that will be displayed. By - default, the real name is 'Nagios'. - -- nagios_nsa_usenotices: The IRC bot will by default "say" to the channel the - nagios message, but you can switch this variable to - 'notice' if you would prefer them to be sent as IRC - NOTICE messages. +see README.pnp4nagios Examples ======== @@ -247,9 +224,10 @@ $HOSTADDRESS$' node target { - # Monitor th () is host - $nagios_parents = 'router01' - include nagios::target + # Monitor this host + class{'nagios::target': + parents = 'router01' + } # monitor a service $apache2_port = 8080 diff --git a/files/plugins/check_jabber_login b/files/plugins/check_jabber_login new file mode 100644 index 0000000..dac0e1f --- /dev/null +++ b/files/plugins/check_jabber_login @@ -0,0 +1,30 @@ +#!/usr/bin/env ruby +require 'rubygems' +require 'xmpp4r' + + +def usage + puts "#{$0} jabberid password" + exit 3 +end + +usage unless ARGV.size == 2 + +begin + my_client = Jabber::Client.new(ARGV[0]) + my_client.connect + my_client.auth(ARGV[1]) +rescue Jabber::ClientAuthenticationFailure => detail + puts "CRITICAL: Login Error" + exit 2 +rescue Errno::ECONNREFUSED => detail + puts "CRITICAL: Connection refused" + exit 2 +rescue SocketError => detail + puts "CRITICAL: Socket Error" + exit 2 +#rescue +# puts "CRITICAL: Unknown Error" +# exit 2 +end +puts "OK: Login for #{ARGV[0]} successfull" diff --git a/manifests/apache.pp b/manifests/apache.pp index c560e5b..a90d0ee 100644 --- a/manifests/apache.pp +++ b/manifests/apache.pp @@ -1,21 +1,29 @@ -class nagios::apache inherits ::apache { - $nagios_httpd = 'apache' - include nagios +class nagios::apache( + $allow_external_cmd = false, + $manage_shorewall = false, + $manage_munin = false +) { + class{'nagios': + httpd => 'apache', + allow_external_cmd => $allow_external_cmd, + manage_munin => $manage_munin, + manage_shorewall => $manage_shorewall, + } - case $operatingsystem { - 'debian': { - file { "${nagios::defaults::vars::int_nagios_cfgdir}/apache2.conf": - ensure => present, - source => ["puppet:///site-nagios/configs/${fqdn}/apache2.conf", - "puppet:///site-nagios/configs/apache2.conf", - "puppet:///nagios/configs/apache2.conf"], - } + case $::operatingsystem { + 'debian': { + file { "${nagios::defaults::vars::int_cfgdir}/apache2.conf": + ensure => present, + source => [ "puppet:///site_nagios/configs/${::fqdn}/apache2.conf", + "puppet:///site_nagios/configs/apache2.conf", + "puppet:///nagios/configs/apache2.conf"], + } - apache::config::global { "nagios3.conf": - ensure => link, - target => "${nagios::defaults::vars::int_nagios_cfgdir}/apache2.conf", - require => File["${nagios::defaults::vars::int_nagios_cfgdir}/apache2.conf"], - } - } + apache::config::global { "nagios3.conf": + ensure => link, + target => "${nagios::defaults::vars::int_cfgdir}/apache2.conf", + require => File["${nagios::defaults::vars::int_cfgdir}/apache2.conf"], + } } + } } diff --git a/manifests/base.pp b/manifests/base.pp index 589e98b..d4d6590 100644 --- a/manifests/base.pp +++ b/manifests/base.pp @@ -4,7 +4,7 @@ class nagios::base { package { 'nagios': alias => 'nagios', - ensure => present, + ensure => present, } service { 'nagios': @@ -16,15 +16,15 @@ class nagios::base { # this file should contain all the nagios_puppet-paths: file { 'nagios_main_cfg': - path => "${nagios::defaults::vars::int_nagios_cfgdir}/nagios.cfg", - source => [ "puppet:///modules/site-nagios/configs/${fqdn}/nagios.cfg", - "puppet:///modules/site-nagios/configs/${operatingsystem}/nagios.cfg", - "puppet:///modules/site-nagios/configs/nagios.cfg", - "puppet:///modules/nagios/configs/${operatingsystem}/nagios.cfg", + path => "${nagios::defaults::vars::int_cfgdir}/nagios.cfg", + source => [ "puppet:///modules/site_nagios/configs/${::fqdn}/nagios.cfg", + "puppet:///modules/site_nagios/configs/${::operatingsystem}/nagios.cfg", + "puppet:///modules/site_nagios/configs/nagios.cfg", + "puppet:///modules/nagios/configs/${::operatingsystem}/nagios.cfg", "puppet:///modules/nagios/configs/nagios.cfg" ], notify => Service['nagios'], mode => 0644, owner => root, group => root; - } + } file { 'nagios_commands_cfg': path => "${nagios::defaults::vars::int_nagios_cfgdir}/commands.cfg", @@ -34,26 +34,25 @@ class nagios::base { } file { 'nagios_cgi_cfg': - path => "${nagios::defaults::vars::int_nagios_cfgdir}/cgi.cfg", - source => [ "puppet:///modules/site-nagios/configs/${fqdn}/cgi.cfg", - "puppet:///modules/site-nagios/configs/${operatingsystem}/cgi.cfg", - "puppet:///modules/site-nagios/configs/cgi.cfg", - "puppet:///modules/nagios/configs/${operatingsystem}/cgi.cfg", + path => "${nagios::defaults::vars::int_cfgdir}/cgi.cfg", + source => [ "puppet:///modules/site_nagios/configs/${::fqdn}/cgi.cfg", + "puppet:///modules/site_nagios/configs/${::operatingsystem}/cgi.cfg", + "puppet:///modules/site_nagios/configs/cgi.cfg", + "puppet:///modules/nagios/configs/${::operatingsystem}/cgi.cfg", "puppet:///modules/nagios/configs/cgi.cfg" ], mode => '0644', owner => 'root', group => 0, notify => Service['apache'], } file { 'nagios_htpasswd': - path => "${nagios::defaults::vars::int_nagios_cfgdir}/htpasswd.users", - source => [ "puppet:///modules/site-nagios/htpasswd.users", + path => "${nagios::defaults::vars::int_cfgdir}/htpasswd.users", + source => [ "puppet:///modules/site_nagios/htpasswd.users", "puppet:///modules/nagios/htpasswd.users" ], mode => 0640, owner => root, group => apache; } file { 'nagios_private': - path => "${nagios::defaults::vars::int_nagios_cfgdir}/private/", - source => "puppet:///modules/common/empty", + path => "${nagios::defaults::vars::int_cfgdir}/private/", ensure => directory, purge => true, recurse => true, @@ -62,24 +61,21 @@ class nagios::base { } file { 'nagios_private_resource_cfg': - path => "${nagios::defaults::vars::int_nagios_cfgdir}/private/resource.cfg", - source => [ "puppet:///modules/site-nagios/configs/${operatingsystem}/private/resource.cfg.${architecture}", - "puppet:///modules/nagios/configs/${operatingsystem}/private/resource.cfg.${architecture}" ], + path => "${nagios::defaults::vars::int_cfgdir}/private/resource.cfg", + source => [ "puppet:///modules/site_nagios/configs/${::operatingsystem}/private/resource.cfg.${::architecture}", + "puppet:///modules/nagios/configs/${::operatingsystem}/private/resource.cfg.${::architecture}" ], notify => Service['nagios'], owner => root, group => nagios, mode => '0640'; } file { 'nagios_confd': - path => "${nagios::defaults::vars::int_nagios_cfgdir}/conf.d/", - source => "puppet:///modules/common/empty", + path => "${nagios::defaults::vars::int_cfgdir}/conf.d/", ensure => directory, purge => true, recurse => true, notify => Service['nagios'], mode => '0750', owner => root, group => nagios; } - Package <<| tag == 'nagios::plugin::deploy::package' |>> - File <<| tag == 'nagios::plugin::deploy::file' |>> Nagios_command <<||>> Nagios_contactgroup <<||>> Nagios_contact <<||>> @@ -94,91 +90,90 @@ class nagios::base { Nagios_serviceextinfo <<||>> Nagios_service <<||>> Nagios_timeperiod <<||>> - File <<| tag == 'nagios_plugin' |>> Nagios_command <||> { - target => "${nagios::defaults::vars::int_nagios_cfgdir}/conf.d/nagios_command.cfg", + target => "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_command.cfg", require => File['nagios_confd'], notify => Service['nagios'], } Nagios_contact <||> { - target => "${nagios::defaults::vars::int_nagios_cfgdir}/conf.d/nagios_contact.cfg", + target => "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_contact.cfg", require => File['nagios_confd'], notify => Service['nagios'], } Nagios_contactgroup <||> { - target => "${nagios::defaults::vars::int_nagios_cfgdir}/conf.d/nagios_contactgroup.cfg", + target => "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_contactgroup.cfg", require => File['nagios_confd'], notify => Service['nagios'], } Nagios_host <||> { - target => "${nagios::defaults::vars::int_nagios_cfgdir}/conf.d/nagios_host.cfg", + target => "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_host.cfg", require => File['nagios_confd'], notify => Service['nagios'], } Nagios_hostdependency <||> { - target => "${nagios::defaults::vars::int_nagios_cfgdir}/conf.d/nagios_hostdependency.cfg", + target => "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_hostdependency.cfg", notify => Service['nagios'], } Nagios_hostescalation <||> { - target => "${nagios::defaults::vars::int_nagios_cfgdir}/conf.d/nagios_hostescalation.cfg", + target => "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_hostescalation.cfg", notify => Service['nagios'], } Nagios_hostextinfo <||> { - target => "${nagios::defaults::vars::int_nagios_cfgdir}/conf.d/nagios_hostextinfo.cfg", + target => "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_hostextinfo.cfg", require => File['nagios_confd'], notify => Service['nagios'], } Nagios_hostgroup <||> { - target => "${nagios::defaults::vars::int_nagios_cfgdir}/conf.d/nagios_hostgroup.cfg", + target => "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_hostgroup.cfg", require => File['nagios_confd'], notify => Service['nagios'], } Nagios_service <||> { - target => "${nagios::defaults::vars::int_nagios_cfgdir}/conf.d/nagios_service.cfg", + target => "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_service.cfg", require => File['nagios_confd'], notify => Service['nagios'], } Nagios_servicegroup <||> { - target => "${nagios::defaults::vars::int_nagios_cfgdir}/conf.d/nagios_servicegroup.cfg", + target => "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_servicegroup.cfg", notify => Service['nagios'], } Nagios_servicedependency <||> { - target => "${nagios::defaults::vars::int_nagios_cfgdir}/conf.d/nagios_servicedependency.cfg", + target => "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_servicedependency.cfg", require => File['nagios_confd'], notify => Service['nagios'], } Nagios_serviceescalation <||> { - target => "${nagios::defaults::vars::int_nagios_cfgdir}/conf.d/nagios_serviceescalation.cfg", + target => "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_serviceescalation.cfg", require => File['nagios_confd'], notify => Service['nagios'], } Nagios_serviceextinfo <||> { - target => "${nagios::defaults::vars::int_nagios_cfgdir}/conf.d/nagios_serviceextinfo.cfg", + target => "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_serviceextinfo.cfg", require => File['nagios_confd'], notify => Service['nagios'], } Nagios_timeperiod <||> { - target => "${nagios::defaults::vars::int_nagios_cfgdir}/conf.d/nagios_timeperiod.cfg", + target => "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_timeperiod.cfg", require => File['nagios_confd'], notify => Service['nagios'], } - file{[ "${nagios::defaults::vars::int_nagios_cfgdir}/conf.d/nagios_command.cfg", - "${nagios::defaults::vars::int_nagios_cfgdir}/conf.d/nagios_contact.cfg", - "${nagios::defaults::vars::int_nagios_cfgdir}/conf.d/nagios_contactgroup.cfg", - "${nagios::defaults::vars::int_nagios_cfgdir}/conf.d/nagios_host.cfg", - "${nagios::defaults::vars::int_nagios_cfgdir}/conf.d/nagios_hostdependency.cfg", - "${nagios::defaults::vars::int_nagios_cfgdir}/conf.d/nagios_hostescalation.cfg", - "${nagios::defaults::vars::int_nagios_cfgdir}/conf.d/nagios_hostextinfo.cfg", - "${nagios::defaults::vars::int_nagios_cfgdir}/conf.d/nagios_hostgroup.cfg", - "${nagios::defaults::vars::int_nagios_cfgdir}/conf.d/nagios_hostgroupescalation.cfg", - "${nagios::defaults::vars::int_nagios_cfgdir}/conf.d/nagios_service.cfg", - "${nagios::defaults::vars::int_nagios_cfgdir}/conf.d/nagios_servicedependency.cfg", - "${nagios::defaults::vars::int_nagios_cfgdir}/conf.d/nagios_serviceescalation.cfg", - "${nagios::defaults::vars::int_nagios_cfgdir}/conf.d/nagios_serviceextinfo.cfg", - "${nagios::defaults::vars::int_nagios_cfgdir}/conf.d/nagios_servicegroup.cfg", - "${nagios::defaults::vars::int_nagios_cfgdir}/conf.d/nagios_timeperiod.cfg" ]: + file{[ "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_command.cfg", + "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_contact.cfg", + "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_contactgroup.cfg", + "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_host.cfg", + "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_hostdependency.cfg", + "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_hostescalation.cfg", + "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_hostextinfo.cfg", + "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_hostgroup.cfg", + "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_hostgroupescalation.cfg", + "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_service.cfg", + "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_servicedependency.cfg", + "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_serviceescalation.cfg", + "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_serviceextinfo.cfg", + "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_servicegroup.cfg", + "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_timeperiod.cfg" ]: ensure => file, replace => false, notify => Service['nagios'], @@ -188,17 +183,11 @@ class nagios::base { # manage nagios cfg files # must be defined after exported resource overrides and cfg file defs file { 'nagios_cfgdir': - path => "${nagios::defaults::vars::int_nagios_cfgdir}/", - source => "puppet:///modules/common/empty", + path => "${nagios::defaults::vars::int_cfgdir}/", ensure => directory, recurse => true, purge => true, notify => Service['nagios'], mode => 0755, owner => root, group => root; } - - if $use_munin { - include nagios::munin - } - } diff --git a/manifests/centos.pp b/manifests/centos.pp index 35379b8..5a2ba23 100644 --- a/manifests/centos.pp +++ b/manifests/centos.pp @@ -9,7 +9,7 @@ class nagios::centos inherits nagios::base { hasstatus => true, } - if ($nagios_allow_external_cmd) { + if $nagios::allow_external_cmd { file { '/var/spool/nagios/cmd': ensure => 'directory', require => Package['nagios'], diff --git a/manifests/debian.pp b/manifests/debian.pp index b9e87ec..bb9bb38 100644 --- a/manifests/debian.pp +++ b/manifests/debian.pp @@ -14,13 +14,13 @@ class nagios::debian inherits nagios::base { File['nagios_htpasswd', 'nagios_cgi_cfg'] { group => 'www-data' } - file { "${nagios::defaults::vars::int_nagios_cfgdir}/stylesheets": + file { "${nagios::defaults::vars::int_cfgdir}/stylesheets": ensure => directory, purge => false, recurse => true, } - if ($nagios_allow_external_cmd) { + if $nagios::allow_external_cmd { exec { 'nagios_external_cmd_perms_overrides': command => 'dpkg-statoverride --update --add nagios www-data 2710 /var/lib/nagios3/rw && dpkg-statoverride --update --add nagios nagios 751 /var/lib/nagios3', unless => 'dpkg-statoverride --list nagios www-data 2710 /var/lib/nagios3/rw && dpkg-statoverride --list nagios nagios 751 /var/lib/nagios3', diff --git a/manifests/defaults/commands.pp b/manifests/defaults/commands.pp index 1213485..bb19638 100644 --- a/manifests/defaults/commands.pp +++ b/manifests/defaults/commands.pp @@ -4,7 +4,7 @@ class nagios::defaults::commands { include nagios::command::imap_pop3 # common service commands - case $operatingsystem { + case $::operatingsystem { debian,ubuntu: { nagios_command { check_dummy: @@ -66,7 +66,7 @@ class nagios::defaults::commands { check_http_url: command_line => '$USER1$/check_http -H $ARG1$ -u $ARG2$'; check_http_url_regex: - command_line => '$USER1$/check_http -H $ARG1$ -u $ARG2$ -e $ARG3$'; + command_line => '$USER1$/check_http -H $ARG1$ -p $ARG2$ -u $ARG3$ -e $ARG4$'; check_https_url: command_line => '$USER1$/check_http --ssl -H $ARG1$ -u $ARG2$'; check_https_url_regex: @@ -124,7 +124,7 @@ class nagios::defaults::commands { # notification commands - $mail_cmd_location = $operatingsystem ? { + $mail_cmd_location = $::operatingsystem ? { centos => '/bin/mail', default => '/usr/bin/mail' } diff --git a/manifests/defaults/plugins.pp b/manifests/defaults/plugins.pp index 18f8161..abd8b52 100644 --- a/manifests/defaults/plugins.pp +++ b/manifests/defaults/plugins.pp @@ -1,5 +1,4 @@ class nagios::defaults::plugins { - nagios::plugin { 'check_mysql_health': source => 'nagios/plugins/check_mysql_health'; @@ -8,5 +7,4 @@ class nagios::defaults::plugins { 'check_dnsbl': source => 'nagios/plugins/check_dnsbl'; } - } diff --git a/manifests/defaults/templates.pp b/manifests/defaults/templates.pp index c97eee4..0e73c97 100644 --- a/manifests/defaults/templates.pp +++ b/manifests/defaults/templates.pp @@ -1,15 +1,15 @@ class nagios::defaults::templates { - include nagios::defaults::vars + include nagios::defaults::vars - file { 'nagios_templates': - path => "${nagios::defaults::vars::int_nagios_cfgdir}/conf.d/nagios_templates.cfg", - source => [ "puppet:///modules/site-nagios/configs/${fqdn}/nagios_templates.cfg", - "puppet:///modules/site-nagios/configs/${operatingsystem}/nagios_templates.cfg", - "puppet:///modules/site-nagios/configs/nagios_templates.cfg", - "puppet:///modules/nagios/configs/${operatingsystem}/nagios_templates.cfg", - "puppet:///modules/nagios/configs/nagios_templates.cfg" ], - notify => Service['nagios'], - mode => 0644, owner => root, group => root; - } + file { 'nagios_templates': + path => "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_templates.cfg", + source => [ "puppet:///modules/site_nagios/configs/${::fqdn}/nagios_templates.cfg", + "puppet:///modules/site_nagios/configs/${::operatingsystem}/nagios_templates.cfg", + "puppet:///modules/site_nagios/configs/nagios_templates.cfg", + "puppet:///modules/nagios/configs/${::operatingsystem}/nagios_templates.cfg", + "puppet:///modules/nagios/configs/nagios_templates.cfg" ], + notify => Service['nagios'], + mode => 0644, owner => root, group => root; + } } diff --git a/manifests/defaults/vars.pp b/manifests/defaults/vars.pp index 6302f13..87f41f8 100644 --- a/manifests/defaults/vars.pp +++ b/manifests/defaults/vars.pp @@ -1,10 +1,10 @@ class nagios::defaults::vars { - case $nagios_cfgdir { - '': { $int_nagios_cfgdir = $operatingsystem ? { + case $nagios::cfgdir { + '': { $int_cfgdir = $::operatingsystem ? { centos => '/etc/nagios/', default => '/etc/nagios3' } } - default: { $int_nagios_cfgdir = $nagios_cfgdir } + default: { $int_cfgdir = $nagios::cfgdir } } } diff --git a/manifests/init.pp b/manifests/init.pp index 1aecc3a..12d3db2 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -8,28 +8,36 @@ # Marcel Härry haerry+puppet(at)puzzle.ch # Simon Josi josi+puppet(at)puzzle.ch # -# This program is free software; you can redistribute -# it and/or modify it under the terms of the GNU -# General Public License version 3 as published by +# This program is free software; you can redistribute +# it and/or modify it under the terms of the GNU +# General Public License version 3 as published by # the Free Software Foundation. # -class nagios { - case $nagios_httpd { - 'absent': { } - 'lighttpd': { include lighttpd } - 'apache': { include apache } - default: { include apache } +class nagios( + $httpd = 'apache', + $allow_external_cmd = false, + $manage_shorewall = false, + $manage_munin = false +) { + case $nagios::httpd { + 'absent': { } + 'lighttpd': { include ::lighttpd } + 'apache': { include ::apache } + default: { include ::apache } + } + case $::operatingsystem { + 'centos': { + $cfgdir = '/etc/nagios' + include nagios::centos } - case $operatingsystem { - 'centos': { - $nagios_cfgdir = '/etc/nagios' - include nagios::centos - } - 'debian': { - $nagios_cfgdir = '/etc/nagios3' - include nagios::debian - } - default: { fail("No such operatingsystem: $operatingsystem yet defined") } + 'debian': { + $cfgdir = '/etc/nagios3' + include nagios::debian } + default: { fail("No such operatingsystem: ${::operatingsystem} yet defined") } + } + if $manage_munin { + include nagios::munin + } } diff --git a/manifests/irc_bot.pp b/manifests/irc_bot.pp index 7629b94..a034fe0 100644 --- a/manifests/irc_bot.pp +++ b/manifests/irc_bot.pp @@ -1,22 +1,22 @@ class nagios::irc_bot { - if ( ! ($nagios_nsa_server and $nagios_nsa_nickname and $nagios_nsa_channel) ) { - fail("Please provide values at least for \$nagios_nsa_server, \$nagios_nsa_nickname and \$nagios_nsa_channel") + if ( ! ($nsa_server and $nsa_nickname and $nsa_channel) ) { + fail("Please provide values at least for \$nsa_server, \$nsa_nickname and \$nsa_channel") } case $operatingsystem { centos: { - $nagios_nsa_default_socket = '/var/run/nagios-nsa/nsa.socket' - $nagios_nsa_default_pidfile = '/var/run/nagios-nsa/nsa.pid' + $nsa_default_socket = '/var/run/nagios-nsa/nsa.socket' + $nsa_default_pidfile = '/var/run/nagios-nsa/nsa.pid' include nagios::irc_bot::centos } default: { - $nagios_nsa_default_socket = '/var/run/nagios3/nsa.socket' - $nagios_nsa_default_pidfile = '/var/run/nagios3/nsa.pid' + $nsa_default_socket = '/var/run/nagios3/nsa.socket' + $nsa_default_pidfile = '/var/run/nagios3/nsa.pid' include nagios::irc_bot::base } } - if $use_shorewall { + if $nagios::manage_shorewall { include shorewall::rules::out::irc } } diff --git a/manifests/irc_bot/base.pp b/manifests/irc_bot/base.pp index c36d8e6..6fab2ac 100644 --- a/manifests/irc_bot/base.pp +++ b/manifests/irc_bot/base.pp @@ -1,29 +1,29 @@ class nagios::irc_bot::base { # Default values for the two first variables are defined in nagios::irc_bot - $nagios_nsa_socket = $nagios_nsa_socket ? { - '' => $nagios_nsa_default_socket, - default => $nagios_nsa_socket, + $nsa_socket = $nsa_socket ? { + '' => $nsa_default_socket, + default => $nsa_socket, } - $nagios_nsa_pidfile = $nagios_nsa_pidfile ? { - '' => $nagios_nsa_default_pidfile, - default => $nagios_nsa_pidfile, + $nsa_pidfile = $nsa_pidfile ? { + '' => $nsa_default_pidfile, + default => $nsa_pidfile, } - $nagios_nsa_port = $nagios_nsa_port ? { + $nsa_port = $nsa_port ? { '' => '6667', - default => $nagios_nsa_port, + default => $nsa_port, } - $nagios_nsa_realname = $nagios_nsa_realname ? { + $nsa_realname = $nsa_realname ? { '' => 'Nagios', - default => $nagios_nsa_realname, + default => $nsa_realname, } - if (! $nagios_nsa_password) { - $nagios_nsa_password = '' + if (! $nsa_password) { + $nsa_password = '' } - if (! $nagios_nsa_usenotices) { - $nagios_nsa_usenotices = '' + if (! $nsa_usenotices) { + $nsa_usenotices = '' } file { "/usr/local/bin/riseup-nagios-client.pl": diff --git a/manifests/lighttpd.pp b/manifests/lighttpd.pp index 27aff43..0f29896 100644 --- a/manifests/lighttpd.pp +++ b/manifests/lighttpd.pp @@ -1,4 +1,12 @@ -class nagios::lighttpd { - $nagios_httpd = 'lighttpd' - include nagios +class nagios::lighttpd( + $allow_external_cmd = false, + $manage_shorewall = false, + $manage_munin = false +) { + class{'nagios': + httpd => 'lighttpd', + allow_external_cmd => $allow_external_cmd, + manage_munin => $manage_munin, + manage_shorewall => $manage_shorewall, + } } diff --git a/manifests/nsca/client.pp b/manifests/nsca/client.pp index 6e2c472..e58721d 100644 --- a/manifests/nsca/client.pp +++ b/manifests/nsca/client.pp @@ -1,10 +1,10 @@ class nagios::nsca::client { package { 'nsca': ensure => installed } - + file { '/etc/send_nsca.cfg': - source => [ "puppet:///modules/site-nagios/nsca/{$fqdn}/send_nsca.cfg", - "puppet:///modules/site-nagios/nsca/send_nsca.cfg", + source => [ "puppet:///modules/site_nagios/nsca/{$::fqdn}/send_nsca.cfg", + "puppet:///modules/site_nagios/nsca/send_nsca.cfg", "puppet:///modules/nagios/nsca/send_nsca.cfg" ], owner => 'nagios', group => 'nogroup', diff --git a/manifests/nsca/server.pp b/manifests/nsca/server.pp index 238e49e..bd5389d 100644 --- a/manifests/nsca/server.pp +++ b/manifests/nsca/server.pp @@ -10,8 +10,8 @@ class nagios::nsca::server { } file { '/etc/nsca.cfg': - source => [ "puppet:///modules/site-nagios/nsca/{$fqdn}/nsca.cfg", - "puppet:///modules/site-nagios/nsca/nsca.cfg", + source => [ "puppet:///modules/site_nagios/nsca/{$::fqdn}/nsca.cfg", + "puppet:///modules/site_nagios/nsca/nsca.cfg", "puppet:///modules/nagios/nsca/nsca.cfg" ], owner => 'nagios', group => 'nogroup', diff --git a/manifests/plugin.pp b/manifests/plugin.pp index abaa6e5..d32606b 100644 --- a/manifests/plugin.pp +++ b/manifests/plugin.pp @@ -2,15 +2,15 @@ define nagios::plugin( $source = 'absent', $ensure = present ){ - @@file{$name: - path => $hardwaremodel ? { - 'x86_64' => "/usr/lib64/nagios/plugins/$name", - default => "/usr/lib/nagios/plugins/$name", + file{$name: + path => $::hardwaremodel ? { + 'x86_64' => "/usr/lib64/nagios/plugins/${name}", + default => "/usr/lib/nagios/plugins/${name}", }, ensure => $ensure, source => $source ? { - 'absent' => "puppet:///modules/nagios/plugins/$name", - default => "puppet:///modules/$source" + 'absent' => "puppet:///modules/nagios/plugins/${name}", + default => "puppet:///modules/${source}" }, tag => 'nagios_plugin', require => Package['nagios-plugins'], diff --git a/manifests/plugin/deploy.pp b/manifests/plugin/deploy.pp index 75f87d7..3f2a1a4 100644 --- a/manifests/plugin/deploy.pp +++ b/manifests/plugin/deploy.pp @@ -5,26 +5,26 @@ define nagios::plugin::deploy($source = '', $ensure = 'present', $config = '', $ default => $ensure } $real_source = $source ? { - '' => "nagios/plugins/$plugin_src", + '' => "nagios/plugins/${plugin_src}", default => $source } if !defined(Package[$require_package]) { - @@package { $require_package: + package { $require_package: ensure => installed, tag => "nagios::plugin::deploy::package"; } } - + include nagios::plugin::scriptpaths - @@file { "nagios_plugin_${name}": + file { "nagios_plugin_${name}": path => "$nagios::plugin::scriptpaths::script_path/${name}", - source => "puppet://$server/modules/$real_source", + source => "puppet:///modules/${real_source}", mode => 0755, owner => root, group => 0, require => Package[$require_package], tag => "nagios::plugin::deploy::file"; } # register the plugin - @@nagios::plugin{$name: ensure => $ensure, require => Package['nagios-plugins'] } + nagios::plugin{$name: ensure => $ensure, require => Package['nagios-plugins'] } } diff --git a/manifests/plugin/scriptpaths.pp b/manifests/plugin/scriptpaths.pp index 6065709..9cd4b5d 100644 --- a/manifests/plugin/scriptpaths.pp +++ b/manifests/plugin/scriptpaths.pp @@ -1,5 +1,5 @@ class nagios::plugin::scriptpaths { - case $hardwaremodel { + case $::hardwaremodel { x86_64: { $script_path = "/usr/lib64/nagios/plugins/" } default: { $script_path = "/usr/lib/nagios/plugins" } } diff --git a/manifests/plugins/jabber.pp b/manifests/plugins/jabber.pp new file mode 100644 index 0000000..380a5c0 --- /dev/null +++ b/manifests/plugins/jabber.pp @@ -0,0 +1,10 @@ +class nagios::plugins::jabber { + + # for check_jabber_login + require rubygems::xmpp4r + + nagios::plugin { 'check_jabber_login': + source => 'nagios/plugins/check_jabber_login' + } +} + diff --git a/manifests/service.pp b/manifests/service.pp index 55b2254..71f78b0 100644 --- a/manifests/service.pp +++ b/manifests/service.pp @@ -1,6 +1,6 @@ define nagios::service ( $ensure = present, - $host_name = $fqdn, + $host_name = $::fqdn, $check_command, $check_period = '', $normal_check_interval = '', @@ -19,7 +19,7 @@ define nagios::service ( # TODO: this resource should normally accept all nagios_host parameters - $real_name = "${hostname}_${name}" + $real_name = "${::hostname}_${name}" if ($use_nrpe == 'true') { include nagios::command::nrpe_timeout diff --git a/manifests/service/http.pp b/manifests/service/http.pp index 8fd5059..ef63abb 100644 --- a/manifests/service/http.pp +++ b/manifests/service/http.pp @@ -6,6 +6,7 @@ define nagios::service::http( $ensure = present, $check_domain = 'absent', + $port = '80', $check_url = '/', $check_code = 'OK', $use = 'generic-service', @@ -27,7 +28,7 @@ define nagios::service::http( nagios::service{"httprd_${name}": ensure => $ensure, use => $use, - check_command => "check_http_url_regex!${real_check_domain}!${check_url}!'301'", + check_command => "check_http_url_regex!${real_check_domain}!${port}!${check_url}!'301'", } } } @@ -38,7 +39,7 @@ define nagios::service::http( nagios::service{"http_${name}_${check_code}": ensure => $ensure, use => $use, - check_command => "check_http_url_regex!${real_check_domain}!${check_url}!'${check_code}'", + check_command => "check_http_url_regex!${real_check_domain}!${port}!${check_url}!'${check_code}'", } } } diff --git a/manifests/service/mysql.pp b/manifests/service/mysql.pp index 2fde402..94881d8 100644 --- a/manifests/service/mysql.pp +++ b/manifests/service/mysql.pp @@ -1,11 +1,11 @@ -# Checks a mysql instance via tcp or socket +# Checks a mysql instance via tcp or socket define nagios::service::mysql( $ensure = present, $check_host = 'absent', $check_port = '3306', $check_username = 'nagios', - $check_password = $nagios_mysql_password, + $check_password = trocla("mysql_nagios_${::fqdn}",'plain','length: 32'), $check_database = 'information_schema', $check_warning = undef, $check_critical = undef, @@ -28,7 +28,7 @@ define nagios::service::mysql( if $check_warning != undef { $real_check_warning = "!--warning $check_warning" } - + if $check_critical != undef { $real_check_critical = "!--critical $check_critical" } @@ -51,7 +51,7 @@ define nagios::service::mysql( } } } - + nagios::service { "mysql_health_${name}": ensure => $ensure, check_command => "check_mysql_health!${real_check_host}!${check_port}!${check_username}!${check_password}!${check_health_mode}!${check_database}${real_check_name}${real_check_warning}${real_check_critical}", diff --git a/manifests/service/ntp.pp b/manifests/service/ntp.pp index eca255a..b3cde2a 100644 --- a/manifests/service/ntp.pp +++ b/manifests/service/ntp.pp @@ -1,9 +1,9 @@ # manifests/service/ntp.pp class nagios::service::ntp { - nagios::service{ "check_ntp": - check_command => "check_ntp_time", - host_name => $fqdn, - } + nagios::service{ "check_ntp": + check_command => "check_ntp_time", + host_name => $::fqdn, + } } diff --git a/manifests/service/ping.pp b/manifests/service/ping.pp index c705c68..f1c8d87 100644 --- a/manifests/service/ping.pp +++ b/manifests/service/ping.pp @@ -1,13 +1,9 @@ define nagios::service::ping( - $ensure = present + $ensure = present, + $ping_rate = '!100.0,20%!500.0,60%' ){ - $real_nagios_ping_rate = $nagios_ping_rate ? { - '' => '!100.0,20%!500.0,60%', - default => $nagios_ping_rate - } - - nagios::service{ "check_ping": - ensure => $ensure, - check_command => "check_ping${real_nagios_ping_rate}", - } + nagios::service{ "check_ping": + ensure => $ensure, + check_command => "check_ping${ping_rate}", + } } diff --git a/manifests/target.pp b/manifests/target.pp index 675ac1a..f9b7e13 100644 --- a/manifests/target.pp +++ b/manifests/target.pp @@ -1,15 +1,22 @@ # manifests/target.pp -class nagios::target { +class nagios::target( + $parents = 'absent', + $address = $::ipaddress, + $nagios_alias = $::hostname, + $hostgroups = 'absent' +){ + @@nagios_host { $::fqdn: + address => $address, + alias => $nagios_alias, + use => 'generic-host', + } - @@nagios_host { "${fqdn}": - address => $ipaddress, - alias => $hostname, - use => 'generic-host', - } - - if ($nagios_parents != '') { - Nagios_host["${fqdn}"] { parents => $nagios_parents } - } + if ($parents != 'absent') { + Nagios_host["${::fqdn}"] { parents => $parents } + } + if ($hostgroups != 'absent') { + Nagios_host["${::fqdn}"] { hostgroups => $hostgroups } + } } diff --git a/manifests/target/fqdn.pp b/manifests/target/fqdn.pp index acac5d6..6bb16c1 100644 --- a/manifests/target/fqdn.pp +++ b/manifests/target/fqdn.pp @@ -1,5 +1,10 @@ -class nagios::target::fqdn inherits nagios::target { - - Nagios_host["${fqdn}"] { address => "${fqdn}" } - +class nagios::target::fqdn( + $hostgroups = 'absent', + $parents = 'absent' +) { + class{'nagios::target': + address => $::fqdn, + hostgroups => $hostgroups, + parents => $parents + } } diff --git a/templates/irc_bot/CentOS/nagios-nsa.sh.erb b/templates/irc_bot/CentOS/nagios-nsa.sh.erb index 1561afd..0f9f87b 100644 --- a/templates/irc_bot/CentOS/nagios-nsa.sh.erb +++ b/templates/irc_bot/CentOS/nagios-nsa.sh.erb @@ -19,8 +19,8 @@ exec="/usr/local/bin/riseup-nagios-server.pl" prog="nsa" -PIDFILE=<%= nagios_nsa_pidfile %> -SOCKFILE=<%= nagios_nsa_socket %> +PIDFILE=<%= scope.lookupvar('nagios::irc_bot::real_nsa_pidfile') %> +SOCKFILE=<%= scope.lookupvar('nagios::irc_bot::real_nsa_socket') %> [ -e /etc/sysconfig/$prog ] && . /etc/sysconfig/$prog diff --git a/templates/irc_bot/Debian/nagios-nsa.sh.erb b/templates/irc_bot/Debian/nagios-nsa.sh.erb index c9d1966..43c0e79 100644 --- a/templates/irc_bot/Debian/nagios-nsa.sh.erb +++ b/templates/irc_bot/Debian/nagios-nsa.sh.erb @@ -9,8 +9,8 @@ # Short-Description: Nagios Simple IRC Agent ### END INIT INFO -PIDFILE=<%= nagios_nsa_pidfile %> -SOCKFILE=<%= nagios_nsa_socket %> +PIDFILE=<%= scope.lookupvar('nagios::irc_bot::real_nsa_pidfile') %> +SOCKFILE=<%= scope.lookupvar('nagios::irc_bot::real_nsa_socket') %> . /lib/lsb/init-functions diff --git a/templates/irc_bot/nsa.cfg.erb b/templates/irc_bot/nsa.cfg.erb index da6b2f0..9109b55 100644 --- a/templates/irc_bot/nsa.cfg.erb +++ b/templates/irc_bot/nsa.cfg.erb @@ -1,14 +1,15 @@ -%Nsa = ( - 'socket' => '<%= nagios_nsa_socket %>', - 'server' => '<%= nagios_nsa_server %>', - 'port' => '<%= nagios_nsa_port %>', - 'nickname' => '<%= nagios_nsa_nickname %>', - 'password' => '<%= nagios_nsa_password %>', +%%Nsa = ( + 'socket' => '<%= scope.lookupvar('nagios::irc_bot::real_nsa_socket') %>', + 'server' => '<%= scope.lookupvar('nagios::irc_bot::nsa_server') %>', + 'port' => '<%= scope.lookupvar('nagios::irc_bot::nsa_port') %>', + 'nickname' => '<%= scope.lookupvar('nagios::irc_bot::nsa_nickname') %>', + 'password' => '<%= scope.lookupvar('nagios::irc_bot::nsa_password') %>', # this needs libio-socket-ssl-perl # doesn't actually works because Net::IRC is braindead and tries to use IO::Socket::SSL->read/write instead of the builtin print, see http://search.cpan.org/dist/IO-Socket-SSL/SSL.pm - #'SSL' => 0, - 'channel' => '<%= nagios_nsa_channel %>', - 'pidfile' => '<%= nagios_nsa_pidfile %>', # set to undef to disable - 'realname' => "<%= nagios_nsa_realname %>", - 'usenotices' => "<%= nagios_nsa_usenotices %>", + #'SSL' => 0, + 'channel' => '<%= scope.lookupvar('nagios::irc_bot::nsa_channel') %>', + 'pidfile' => '<%= scope.lookupvar('nagios::irc_bot::real_nsa_pidfile') %>', # set to undef to disable + 'realname' => "<%= scope.lookupvar('nagios::irc_bot::nsa_realname') %>", + 'realname' => "<%= scope.lookupvar('nagios::irc_bot::nsa_realname') %>", + 'usenotices' => "<%= scope.lookupvar('nagios::irc_bot::nsa_usenotices') %>", ); |