diff options
Diffstat (limited to 'manifests')
| -rw-r--r-- | manifests/apache.pp | 3 | ||||
| -rw-r--r-- | manifests/base.pp | 358 | ||||
| -rw-r--r-- | manifests/centos.pp | 49 | ||||
| -rw-r--r-- | manifests/command/imap_pop3.pp | 5 | ||||
| -rw-r--r-- | manifests/debian/apache.pp | 3 | ||||
| -rw-r--r-- | manifests/defaults/commands.pp | 247 | ||||
| -rw-r--r-- | manifests/defaults/templates.pp | 15 | ||||
| -rw-r--r-- | manifests/defaults/vars.pp | 3 | ||||
| -rw-r--r-- | manifests/init.pp | 20 | ||||
| -rw-r--r-- | manifests/nrpe.pp | 41 | ||||
| -rw-r--r-- | manifests/plugin.pp | 5 | ||||
| -rw-r--r-- | manifests/plugins/gpg.pp | 30 | ||||
| -rw-r--r-- | manifests/plugins/horde_login.pp | 11 | ||||
| -rw-r--r-- | manifests/pnp4nagios.pp | 7 | ||||
| -rw-r--r-- | manifests/service.pp | 117 | ||||
| -rw-r--r-- | manifests/service/gpgkey.pp | 47 | ||||
| -rw-r--r-- | manifests/service/horde_login.pp | 18 | ||||
| -rw-r--r-- | manifests/service/http.pp | 76 | ||||
| -rw-r--r-- | manifests/target.pp | 25 | ||||
| -rw-r--r-- | manifests/target/fqdn.pp | 8 |
20 files changed, 615 insertions, 473 deletions
diff --git a/manifests/apache.pp b/manifests/apache.pp index 1e4224e..8da9c11 100644 --- a/manifests/apache.pp +++ b/manifests/apache.pp @@ -1,9 +1,10 @@ +# setup naguis together with apache class nagios::apache( $allow_external_cmd = false, $manage_shorewall = false, $manage_munin = false ) { - class{'nagios': + class{'::nagios': httpd => 'apache', allow_external_cmd => $allow_external_cmd, manage_munin => $manage_munin, diff --git a/manifests/base.pp b/manifests/base.pp index 687261d..4922cdb 100644 --- a/manifests/base.pp +++ b/manifests/base.pp @@ -1,202 +1,182 @@ +# basic stuff for nagios class nagios::base { - # include the variables - include nagios::defaults::vars + # include the variables + include ::nagios::defaults::vars - package { 'nagios': - alias => 'nagios', - ensure => present, - } - - service { 'nagios': - ensure => running, - enable => true, - #hasstatus => true, #fixme! - require => Package['nagios'], - } + package { 'nagios': + ensure => present, + } - # this file should contain all the nagios_puppet-paths: - file { 'nagios_main_cfg': - path => "${nagios::defaults::vars::int_cfgdir}/nagios.cfg", - source => [ "puppet:///modules/site_nagios/configs/${::fqdn}/nagios.cfg", - "puppet:///modules/site_nagios/configs/${::operatingsystem}/nagios.cfg", - "puppet:///modules/site_nagios/configs/nagios.cfg", - "puppet:///modules/nagios/configs/${::operatingsystem}/nagios.cfg", - "puppet:///modules/nagios/configs/nagios.cfg" ], - notify => Service['nagios'], - require => Package['nagios'], - mode => 0644, owner => root, group => root; - } + service { 'nagios': + ensure => running, + enable => $nagios::service_at_boot, + require => Package['nagios'], + } - file { 'nagios_cgi_cfg': - path => "${nagios::defaults::vars::int_cfgdir}/cgi.cfg", - source => [ "puppet:///modules/site_nagios/configs/${::fqdn}/cgi.cfg", + $cfg_dir = $nagios::defaults::vars::int_cfgdir + # this file should contain all the nagios_puppet-paths: + file{ + 'nagios_cfgdir': + ensure => directory, + path => $cfg_dir, + alias => nagios_confd, + recurse => true, + purge => true, + force => true, + require => Package['nagios'], + notify => Service['nagios'], + owner => root, + group => root, + mode => '0755'; + 'nagios_main_cfg': + path => "${cfg_dir}/nagios.cfg", + source => [ "puppet:///modules/site_nagios/configs/${::fqdn}/nagios.cfg", + "puppet:///modules/site_nagios/configs/${::operatingsystem}/nagios.cfg", + 'puppet:///modules/site_nagios/configs/nagios.cfg', + "puppet:///modules/nagios/configs/${::operatingsystem}/nagios.cfg", + 'puppet:///modules/nagios/configs/nagios.cfg' ], + notify => Service['nagios'], + owner => root, + group => root, + mode => '0644'; + 'nagios_cgi_cfg': + path => "${cfg_dir}/cgi.cfg", + source => [ "puppet:///modules/site_nagios/configs/${::fqdn}/cgi.cfg", "puppet:///modules/site_nagios/configs/${::operatingsystem}/cgi.cfg", - "puppet:///modules/site_nagios/configs/cgi.cfg", + 'puppet:///modules/site_nagios/configs/cgi.cfg', "puppet:///modules/nagios/configs/${::operatingsystem}/cgi.cfg", - "puppet:///modules/nagios/configs/cgi.cfg" ], - mode => '0644', owner => 'root', group => 0, - notify => Service['apache'], - require => Package['nagios'], - } - - file { 'nagios_htpasswd': - path => "${nagios::defaults::vars::int_cfgdir}/htpasswd.users", - source => [ "puppet:///modules/site_nagios/htpasswd.users", - "puppet:///modules/nagios/htpasswd.users" ], - require => Package['nagios'], - mode => 0640, owner => root, group => apache; - } - - if $::operatingsystem == 'Centos' { - file { 'nagios_private': - ensure => directory, - path => "${nagios::defaults::vars::int_cfgdir}/private/", - purge => true, - recurse => true, - mode => '0750', - owner => 'root', - group => 'nagios', - require => Package['nagios'], - notify => Service['nagios'], - } - - $resource_cfg_dir = "${nagios::defaults::vars::int_cfgdir}/private" - } - else { - $resource_cfg_dir = $nagios::defaults::vars::int_cfgdir - } - - file { 'nagios_private_resource_cfg': - path => "${resource_cfg_dir}/resource.cfg", - source => [ "puppet:///modules/site_nagios/configs/${::operatingsystem}/private/resource.cfg.${::architecture}", + 'puppet:///modules/nagios/configs/cgi.cfg' ], + notify => Service['apache'], + owner => 'root', + group => 0, + mode => '0644'; + 'nagios_htpasswd': + path => "${cfg_dir}/htpasswd.users", + source => [ 'puppet:///modules/site_nagios/htpasswd.users', + 'puppet:///modules/nagios/htpasswd.users' ], + owner => root, + group => apache, + mode => '0640'; + 'nagios_resource_cfg': + path => "${cfg_dir}/resource.cfg", + source => [ "puppet:///modules/site_nagios/configs/${::operatingsystem}/private/resource.cfg.${::architecture}", "puppet:///modules/nagios/configs/${::operatingsystem}/private/resource.cfg.${::architecture}" ], - notify => Service['nagios'], - owner => root, group => nagios, mode => '0640'; - } + notify => Service['nagios'], + owner => root, + group => nagios, + mode => '0640'; + } - file { 'nagios_confd': - path => "${nagios::defaults::vars::int_cfgdir}/conf.d/", - ensure => directory, - purge => true, - recurse => true, - notify => Service['nagios'], - require => Package['nagios'], - mode => '0750', owner => root, group => nagios; + if $cfg_dir == '/etc/nagios3' { + file{'/etc/nagios': + ensure => link, + target => $cfg_dir, + require => Package['nagios'], } - Nagios_command <<||>> - Nagios_contactgroup <<||>> - Nagios_contact <<||>> - Nagios_hostdependency <<||>> - Nagios_hostescalation <<||>> - Nagios_hostextinfo <<||>> - Nagios_hostgroup <<||>> - Nagios_host <<||>> - Nagios_servicedependency <<||>> - Nagios_serviceescalation <<||>> - Nagios_servicegroup <<||>> - Nagios_serviceextinfo <<||>> - Nagios_service <<||>> - Nagios_timeperiod <<||>> + } - Nagios_command <||> { - target => "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_command.cfg", - require => File['nagios_confd'], - notify => Service['nagios'], - } - Nagios_contact <||> { - target => "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_contact.cfg", - require => File['nagios_confd'], - notify => Service['nagios'], - } - Nagios_contactgroup <||> { - target => "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_contactgroup.cfg", - require => File['nagios_confd'], - notify => Service['nagios'], - } - Nagios_host <||> { - target => "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_host.cfg", - require => File['nagios_confd'], - notify => Service['nagios'], - } - Nagios_hostdependency <||> { - target => "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_hostdependency.cfg", - notify => Service['nagios'], - } - Nagios_hostescalation <||> { - target => "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_hostescalation.cfg", - notify => Service['nagios'], - } - Nagios_hostextinfo <||> { - target => "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_hostextinfo.cfg", - require => File['nagios_confd'], - notify => Service['nagios'], - } - Nagios_hostgroup <||> { - target => "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_hostgroup.cfg", - require => File['nagios_confd'], - notify => Service['nagios'], - } - Nagios_service <||> { - target => "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_service.cfg", - require => File['nagios_confd'], - notify => Service['nagios'], - } - Nagios_servicegroup <||> { - target => "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_servicegroup.cfg", - notify => Service['nagios'], - } - Nagios_servicedependency <||> { - target => "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_servicedependency.cfg", - require => File['nagios_confd'], - notify => Service['nagios'], - } - Nagios_serviceescalation <||> { - target => "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_serviceescalation.cfg", - require => File['nagios_confd'], - notify => Service['nagios'], - } - Nagios_serviceextinfo <||> { - target => "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_serviceextinfo.cfg", - require => File['nagios_confd'], - notify => Service['nagios'], - } - Nagios_timeperiod <||> { - target => "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_timeperiod.cfg", - require => File['nagios_confd'], - notify => Service['nagios'], - } + Nagios_command <<||>> + Nagios_contactgroup <<||>> + Nagios_contact <<||>> + Nagios_hostdependency <<||>> + Nagios_hostescalation <<||>> + Nagios_hostextinfo <<||>> + Nagios_hostgroup <<||>> + Nagios_host <<||>> + Nagios_servicedependency <<||>> + Nagios_serviceescalation <<||>> + Nagios_servicegroup <<||>> + Nagios_serviceextinfo <<||>> + Nagios_service <<||>> + Nagios_timeperiod <<||>> - file{[ "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_command.cfg", - "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_contact.cfg", - "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_contactgroup.cfg", - "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_host.cfg", - "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_hostdependency.cfg", - "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_hostescalation.cfg", - "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_hostextinfo.cfg", - "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_hostgroup.cfg", - "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_hostgroupescalation.cfg", - "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_service.cfg", - "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_servicedependency.cfg", - "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_serviceescalation.cfg", - "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_serviceextinfo.cfg", - "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_servicegroup.cfg", - "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_timeperiod.cfg" ]: - ensure => file, - replace => false, - notify => Service['nagios'], - require => Package['nagios'], - mode => 0644, owner => root, group => 0; - } + Nagios_command <||> { + notify => Service['nagios'], + } + Nagios_contact <||> { + notify => Service['nagios'], + } + Nagios_contactgroup <||> { + notify => Service['nagios'], + } + Nagios_host <||> { + notify => Service['nagios'], + } + Nagios_hostdependency <||> { + notify => Service['nagios'], + } + Nagios_hostescalation <||> { + notify => Service['nagios'], + } + Nagios_hostextinfo <||> { + notify => Service['nagios'], + } + Nagios_hostgroup <||> { + notify => Service['nagios'], + } + Nagios_service <||> { + notify => Service['nagios'], + } + Nagios_servicegroup <||> { + notify => Service['nagios'], + } + Nagios_servicedependency <||> { + notify => Service['nagios'], + } + Nagios_serviceescalation <||> { + notify => Service['nagios'], + } + Nagios_serviceextinfo <||> { + notify => Service['nagios'], + } + Nagios_timeperiod <||> { + notify => Service['nagios'], + } - # manage nagios cfg files - # must be defined after exported resource overrides and cfg file defs - file { 'nagios_cfgdir': - path => "${nagios::defaults::vars::int_cfgdir}/", - ensure => directory, - recurse => true, - purge => true, - notify => Service['nagios'], - require => Package['nagios'], - mode => 0755, owner => root, group => root; - } + file{ + [ "${cfg_dir}/nagios_command.cfg", + "${cfg_dir}/nagios_contact.cfg", + "${cfg_dir}/nagios_contactgroup.cfg", + "${cfg_dir}/nagios_host.cfg", + "${cfg_dir}/nagios_hostdependency.cfg", + "${cfg_dir}/nagios_hostescalation.cfg", + "${cfg_dir}/nagios_hostextinfo.cfg", + "${cfg_dir}/nagios_hostgroup.cfg", + "${cfg_dir}/nagios_hostgroupescalation.cfg", + "${cfg_dir}/nagios_service.cfg", + "${cfg_dir}/nagios_servicedependency.cfg", + "${cfg_dir}/nagios_serviceescalation.cfg", + "${cfg_dir}/nagios_serviceextinfo.cfg", + "${cfg_dir}/nagios_servicegroup.cfg", + "${cfg_dir}/nagios_timeperiod.cfg" ]: + ensure => file, + replace => false, + notify => Service['nagios'], + owner => root, + group => 0, + mode => '0644'; + } + + if $nagios::purge_resources { + resources { + [ + 'nagios_command', + 'nagios_contactgroup', + 'nagios_contact', + 'nagios_hostdependency', + 'nagios_hostescalation', + 'nagios_hostextinfo', + 'nagios_hostgroup', + 'nagios_host', + 'nagios_servicedependency', + 'nagios_serviceescalation', + 'nagios_servicegroup', + 'nagios_serviceextinfo', + 'nagios_service', + 'nagios_timeperiod', + ]: + notify => Service['nagios'], + purge => true; + } + } } diff --git a/manifests/centos.pp b/manifests/centos.pp index 5a2ba23..f41d46d 100644 --- a/manifests/centos.pp +++ b/manifests/centos.pp @@ -1,19 +1,42 @@ +# centos specific changes class nagios::centos inherits nagios::base { - package { [ 'nagios-plugins', 'nagios-plugins-smtp','nagios-plugins-http', 'nagios-plugins-ssh', 'nagios-plugins-tcp', 'nagios-plugins-dig', 'nagios-plugins-nrpe', 'nagios-plugins-load', 'nagios-plugins-dns', 'nagios-plugins-ping', 'nagios-plugins-procs', 'nagios-plugins-users', 'nagios-plugins-ldap', 'nagios-plugins-disk', 'nagios-plugins-swap', 'nagios-plugins-nagios', 'nagios-plugins-perl', 'nagios-plugins-ntp', 'nagios-plugins-snmp' ]: - ensure => 'present', - notify => Service['nagios'], - } + package { [ 'nagios-plugins', 'nagios-plugins-smtp','nagios-plugins-http', + 'nagios-plugins-ssh', 'nagios-plugins-tcp', 'nagios-plugins-dig', + 'nagios-plugins-nrpe', 'nagios-plugins-load', 'nagios-plugins-dns', + 'nagios-plugins-ping', 'nagios-plugins-procs', 'nagios-plugins-users', + 'nagios-plugins-ldap', 'nagios-plugins-disk', 'nagios-plugins-swap', + 'nagios-plugins-nagios', 'nagios-plugins-perl', 'nagios-plugins-ntp', + 'nagios-plugins-snmp' ]: + ensure => 'present', + notify => Service['nagios'], + } - Service[nagios]{ - hasstatus => true, - } + Service['nagios']{ + hasstatus => true, + } - if $nagios::allow_external_cmd { - file { '/var/spool/nagios/cmd': - ensure => 'directory', - require => Package['nagios'], - mode => 2660, owner => apache, group => nagios, - } + file{ + 'nagios_private': + ensure => directory, + path => "${nagios::base::cfg_dir}/private", + purge => true, + recurse => true, + notify => Service['nagios'], + owner => root, + group => nagios, + mode => '0750'; + } + File['nagios_resource_cfg']{ + path => "${nagios::base::cfg_dir}/private/resource.cfg", + } + if $nagios::allow_external_cmd { + file{'/var/spool/nagios/cmd': + ensure => 'directory', + require => Package['nagios'], + owner => apache, + group => nagios, + mode => '2660', } + } } diff --git a/manifests/command/imap_pop3.pp b/manifests/command/imap_pop3.pp index 3735136..f3637a7 100644 --- a/manifests/command/imap_pop3.pp +++ b/manifests/command/imap_pop3.pp @@ -1,5 +1,6 @@ +# manage mail checks class nagios::command::imap_pop3 { - case $operatingsystem { + case $::operatingsystem { debian,ubuntu: { } # Debian/Ubuntu already define those checks default: { nagios_command { @@ -17,6 +18,8 @@ class nagios::command::imap_pop3 { 'check_pop3_ssl': command_line => '$USER1$/check_pop -H $ARG1$ -p $ARG2$ -S'; 'check_managesieve': + command_line => '$USER1$/check_tcp -H $ARG1$ -p 4190'; + 'check_managesieve_legacy': command_line => '$USER1$/check_tcp -H $ARG1$ -p 2000'; } } diff --git a/manifests/debian/apache.pp b/manifests/debian/apache.pp index 095091e..17b60c6 100644 --- a/manifests/debian/apache.pp +++ b/manifests/debian/apache.pp @@ -5,10 +5,9 @@ # class nagios::debian::apache { - include nagios::defaults::vars + include ::nagios::defaults::vars file { "${nagios::defaults::vars::int_cfgdir}/apache2.conf": - ensure => present, source => [ "puppet:///modules/site_nagios/configs/${::fqdn}/apache2.conf", 'puppet:///modules/site_nagios/configs/apache2.conf', 'puppet:///modules/nagios/configs/apache2.conf'], diff --git a/manifests/defaults/commands.pp b/manifests/defaults/commands.pp index 3521d94..e80e147 100644 --- a/manifests/defaults/commands.pp +++ b/manifests/defaults/commands.pp @@ -1,144 +1,145 @@ +# defaults commands we wanna have available class nagios::defaults::commands { - include nagios::command::smtp - include nagios::command::imap_pop3 + include ::nagios::command::smtp + include ::nagios::command::imap_pop3 + include ::nagios::plugins::horde_login # common service commands case $::operatingsystem { - debian,ubuntu: { - nagios_command { - check_dummy: - command_line => '$USER1$/check_dummy $ARG1$'; - check_https_cert: - command_line => '$USER1$/check_http --ssl --sni -C 20 -H $HOSTADDRESS$ -I $HOSTADDRESS$'; - check_http_url: - command_line => '$USER1$/check_http -H $ARG1$ -u $ARG2$'; - check_http_url_regex: - command_line => '$USER1$/check_http -H $ARG1$ -p $ARG2$ -u $ARG3$ -e $ARG4$'; - check_https_url: - command_line => '$USER1$/check_http --ssl --sni -H $ARG1$ -u $ARG2$'; - check_https_url_regex: - command_line => '$USER1$/check_http --ssl --sni -H $ARG1$ -u $ARG2$ -e $ARG3$'; - check_mysql_db: - command_line => '$USER1$/check_mysql -H $ARG1$ -P $ARG2$ -u $ARG3$ -p $ARG4$ -d $ARG5$'; - check_ntp_time: - command_line => '$USER1$/check_ntp_time -H $HOSTADDRESS$ -w 0.5 -c 1'; - check_silc: - command_line => '$USER1$/check_tcp -p 706 -H $ARG1$'; - check_sobby: - command_line => '$USER1$/check_tcp -H $ARG1$ -p $ARG2$'; - check_jabber: - command_line => '$USER1$/check_jabber -H $ARG1$'; - check_git: - command_line => '$USER1$/check_tcp -H $ARG1$ -p 9418'; - } + 'Debian','Ubuntu': { + nagios_command { + 'check_dummy': + command_line => '$USER1$/check_dummy $ARG1$'; + 'check_https_cert': + command_line => '$USER1$/check_http --ssl -C 20 -H $HOSTADDRESS$ -I $HOSTADDRESS$'; + 'check_http_url': + command_line => '$USER1$/check_http -H $ARG1$ -u $ARG2$'; + 'check_http_url_regex': + command_line => '$USER1$/check_http -H $ARG1$ -p $ARG2$ -u $ARG3$ -e $ARG4$'; + 'check_https_url': + command_line => '$USER1$/check_http --ssl -H $ARG1$ -u $ARG2$'; + 'check_https_url_regex': + command_line => '$USER1$/check_http --ssl -H $ARG1$ -u $ARG2$ -e $ARG3$'; + 'check_mysql_db': + command_line => '$USER1$/check_mysql -H $ARG1$ -P $ARG2$ -u $ARG3$ -p $ARG4$ -d $ARG5$'; + 'check_ntp_time': + command_line => '$USER1$/check_ntp_time -H $HOSTADDRESS$ -w 0.5 -c 1'; + 'check_silc': + command_line => '$USER1$/check_tcp -p 706 -H $ARG1$'; + 'check_sobby': + command_line => '$USER1$/check_tcp -H $ARG1$ -p $ARG2$'; + 'check_jabber': + command_line => '$USER1$/check_jabber -H $ARG1$'; + 'check_git': + command_line => '$USER1$/check_tcp -H $ARG1$ -p 9418'; } - default: { - nagios_command { - check_dummy: - command_line => '$USER1$/check_dummy $ARG1$'; - check_ping: - command_line => '$USER1$/check_ping -H $HOSTADDRESS$ -w $ARG1$ -c $ARG2$'; - check-host-alive: - command_line => '$USER1$/check_ping -H $HOSTADDRESS$ -w 5000,100% -c 5000,100% -p 1'; - check_tcp: - command_line => '$USER1$/check_tcp -H $HOSTADDRESS$ -p $ARG1$'; - check_udp: - command_line => '$USER1$/check_udp -H $HOSTADDRESS$ -p $ARG1$'; - check_load: - command_line => '$USER1$/check_load --warning=$ARG1$,$ARG2$,$ARG3$ --critical=$ARG4$,$ARG5$,$ARG6$'; - check_disk: - command_line => '$USER1$/check_disk -w $ARG1$ -c $ARG2$ -e -p $ARG3$'; - check_all_disks: - command_line => '$USER1$/check_disk -w $ARG1$ -c $ARG2$ -e'; - check_ssh: - command_line => '$USER1$/check_ssh $HOSTADDRESS$'; - check_ssh_port: - command_line => '$USER1$/check_ssh -p $ARG1$ $HOSTADDRESS$'; - check_ssh_port_host: - command_line => '$USER1$/check_ssh -p $ARG1$ $ARG2$'; - check_http: - command_line => '$USER1$/check_http -H $HOSTADDRESS$ -I $HOSTADDRESS$'; - check_https: - command_line => '$USER1$/check_http --ssl --sni -H $HOSTADDRESS$ -I $HOSTADDRESS$'; - check_https_cert: - command_line => '$USER1$/check_http --ssl --sni -C 20 -H $HOSTADDRESS$ -I $HOSTADDRESS$'; - check_http_url: - command_line => '$USER1$/check_http -H $ARG1$ -u $ARG2$'; - check_http_url_regex: - command_line => '$USER1$/check_http -H $ARG1$ -p $ARG2$ -u $ARG3$ -e $ARG4$'; - check_https_url: - command_line => '$USER1$/check_http --ssl --sni -H $ARG1$ -u $ARG2$'; - check_https_url_regex: - command_line => '$USER1$/check_http --ssl --sni -H $ARG1$ -u $ARG2$ -e $ARG3$'; - check_mysql: - command_line => '$USER1$/check_mysql -H $ARG1$ -P $ARG2$ -u $ARG3$ -p $ARG4$'; - check_mysql_db: - command_line => '$USER1$/check_mysql -H $ARG1$ -P $ARG2$ -u $ARG3$ -p $ARG4$ -d $ARG5$'; - check_ntp_time: - command_line => '$USER1$/check_ntp_time -H $HOSTADDRESS$ -w 0.5 -c 1'; - check_silc: - command_line => '$USER1$/check_tcp -p 706 -H $ARG1$'; - check_sobby: - command_line => '$USER1$/check_tcp -H $ARG1$ -p $ARG2$'; - check_jabber: - command_line => '$USER1$/check_jabber -H $ARG1$'; - check_git: - command_line => '$USER1$/check_tcp -H $ARG1$ -p 9418'; - } + } + default: { + nagios_command { + 'check_dummy': + command_line => '$USER1$/check_dummy $ARG1$'; + 'check_ping': + command_line => '$USER1$/check_ping -H $HOSTADDRESS$ -w $ARG1$ -c $ARG2$'; + 'check-host-alive': + command_line => '$USER1$/check_ping -H $HOSTADDRESS$ -w 5000,100% -c 5000,100% -p 1'; + 'check_tcp': + command_line => '$USER1$/check_tcp -H $HOSTADDRESS$ -p $ARG1$'; + 'check_udp': + command_line => '$USER1$/check_udp -H $HOSTADDRESS$ -p $ARG1$'; + 'check_load': + command_line => '$USER1$/check_load --warning=$ARG1$,$ARG2$,$ARG3$ --critical=$ARG4$,$ARG5$,$ARG6$'; + 'check_disk': + command_line => '$USER1$/check_disk -w $ARG1$ -c $ARG2$ -e -p $ARG3$'; + 'check_all_disks': + command_line => '$USER1$/check_disk -w $ARG1$ -c $ARG2$ -e'; + 'check_ssh': + command_line => '$USER1$/check_ssh $HOSTADDRESS$'; + 'check_ssh_port': + command_line => '$USER1$/check_ssh -p $ARG1$ $HOSTADDRESS$'; + 'check_ssh_port_host': + command_line => '$USER1$/check_ssh -p $ARG1$ $ARG2$'; + 'check_http': + command_line => '$USER1$/check_http -H $HOSTADDRESS$ -I $HOSTADDRESS$'; + 'check_https': + command_line => '$USER1$/check_http --ssl -H $HOSTADDRESS$ -I $HOSTADDRESS$'; + 'check_https_cert': + command_line => '$USER1$/check_http --ssl -C 20 -H $HOSTADDRESS$ -I $HOSTADDRESS$'; + 'check_http_url': + command_line => '$USER1$/check_http -H $ARG1$ -u $ARG2$'; + 'check_http_url_regex': + command_line => '$USER1$/check_http -H $ARG1$ -p $ARG2$ -u $ARG3$ -e $ARG4$'; + 'check_https_url': + command_line => '$USER1$/check_http --ssl -H $ARG1$ -u $ARG2$'; + 'check_https_url_regex': + command_line => '$USER1$/check_http --ssl -H $ARG1$ -u $ARG2$ -e $ARG3$'; + 'check_mysql': + command_line => '$USER1$/check_mysql -H $ARG1$ -P $ARG2$ -u $ARG3$ -p $ARG4$'; + 'check_mysql_db': + command_line => '$USER1$/check_mysql -H $ARG1$ -P $ARG2$ -u $ARG3$ -p $ARG4$ -d $ARG5$'; + 'check_ntp_time': + command_line => '$USER1$/check_ntp_time -H $HOSTADDRESS$ -w 0.5 -c 1'; + 'check_silc': + command_line => '$USER1$/check_tcp -p 706 -H $ARG1$'; + 'check_sobby': + command_line => '$USER1$/check_tcp -H $ARG1$ -p $ARG2$'; + 'check_jabber': + command_line => '$USER1$/check_jabber -H $ARG1$'; + 'check_git': + command_line => '$USER1$/check_tcp -H $ARG1$ -p 9418'; } + } } - # commands for services defined by other modules + # commands for services defined by other modules - nagios_command { - # from apache module - http_port: - command_line => '$USER1$/check_http -p $ARG1$ -H $HOSTADDRESS$ -I $HOSTADDRESS$'; + nagios_command { + # from apache module + 'http_port': + command_line => '$USER1$/check_http -p $ARG1$ -H $HOSTADDRESS$ -I $HOSTADDRESS$'; - check_http_port_url_content: - command_line => '$USER1$/check_http -H $ARG1$ -p $ARG2$ -u $ARG3$ -s $ARG4$'; - check_https_port_url_content: - command_line => '$USER1$/check_http --ssl -H $ARG1$ -p $ARG2$ -u $ARG3$ -s $ARG4$'; - check_http_url_content: - command_line => '$USER1$/check_http -H $ARG1$ -u $ARG2$ -s $ARG3$'; - check_https_url_content: - command_line => '$USER1$/check_http --ssl -H $ARG1$ -u $ARG2$ -s $ARG3$'; + 'check_http_port_url_content': + command_line => '$USER1$/check_http -H $ARG1$ -p $ARG2$ -u $ARG3$ -s $ARG4$'; + 'check_https_port_url_content': + command_line => '$USER1$/check_http --ssl -H $ARG1$ -p $ARG2$ -u $ARG3$ -s $ARG4$'; + 'check_http_url_content': + command_line => '$USER1$/check_http -H $ARG1$ -u $ARG2$ -s $ARG3$'; + 'check_https_url_content': + command_line => '$USER1$/check_http --ssl -H $ARG1$ -u $ARG2$ -s $ARG3$'; - # from bind module - check_dig2: - command_line => '$USER1$/check_dig -H $HOSTADDRESS$ -l $ARG1$ --record_type=$ARG2$'; + # from bind module + 'check_dig2': + command_line => '$USER1$/check_dig -H $HOSTADDRESS$ -l $ARG1$ --record_type=$ARG2$'; - # from mysql module - check_mysql_health: - command_line => '$USER1$/check_mysql_health --hostname $ARG1$ --port $ARG2$ --username $ARG3$ --password $ARG4$ --mode $ARG5$ --database $ARG6$ $ARG7$ $ARG8$'; + # from mysql module + 'check_mysql_health': + command_line => '$USER1$/check_mysql_health --hostname $ARG1$ --port $ARG2$ --username $ARG3$ --password $ARG4$ --mode $ARG5$ --database $ARG6$ $ARG7$ $ARG8$'; - # better check_dns - check_dns2: - command_line => '$USER1$/check_dns2 -c $ARG1$ A $ARG2$'; + # better check_dns + 'check_dns2': + command_line => '$USER1$/check_dns2 -c $ARG1$ A $ARG2$'; - # dnsbl checking - check_dnsbl: - command_line => '$USER1$/check_dnsbl -H $ARG1$'; - } + # dnsbl checking + 'check_dnsbl': + command_line => '$USER1$/check_dnsbl -H $ARG1$'; + } - # notification commands + # notification commands - $mail_cmd_location = $::operatingsystem ? { - centos => '/bin/mail', - default => '/usr/bin/mail' - } + $mail_cmd_location = $::operatingsystem ? { + 'CentOS' => '/bin/mail', + default => '/usr/bin/mail' + } - case $::lsbdistcodename { - 'wheezy': { } - default: { - nagios_command { - 'notify-host-by-email': - command_line => "/usr/bin/printf \"%b\" \"***** Nagios *****\\n\\nNotification Type: \$NOTIFICATIONTYPE\$\\nHost: \$HOSTNAME\$\\nState: \$HOSTSTATE\$\\nAddress: \$HOSTADDRESS\$\\nInfo: \$HOSTOUTPUT\$\\n\\nDate/Time: \$LONGDATETIME\$\\n\" | ${mail_cmd_location} -s \"** \$NOTIFICATIONTYPE\$ Host Alert: \$HOSTNAME\$ is \$HOSTSTATE\$ **\" \$CONTACTEMAIL\$"; - 'notify-service-by-email': - command_line => "/usr/bin/printf \"%b\" \"***** Nagios *****\\n\\nNotification Type: \$NOTIFICATIONTYPE\$\\n\\nService: \$SERVICEDESC\$\\nHost: \$HOSTALIAS\$\\nAddress: \$HOSTADDRESS\$\\nState: \$SERVICESTATE\$\\n\\nDate/Time: \$LONGDATETIME\$\\n\\nAdditional Info:\\n\\n\$SERVICEOUTPUT\$\" | ${mail_cmd_location} -s \"** \$NOTIFICATIONTYPE\$ Service Alert: \$HOSTALIAS\$/\$SERVICEDESC\$ is \$SERVICESTATE\$ **\" \$CONTACTEMAIL\$"; - } + case $::lsbdistcodename { + 'wheezy': { } + default: { + nagios_command { + 'notify-host-by-email': + command_line => "/usr/bin/printf \"%b\" \"***** Nagios *****\\n\\nNotification Type: \$NOTIFICATIONTYPE\$\\nHost: \$HOSTNAME\$\\nState: \$HOSTSTATE\$\\nAddress: \$HOSTADDRESS\$\\nInfo: \$HOSTOUTPUT\$\\n\\nDate/Time: \$LONGDATETIME\$\\n\" | ${mail_cmd_location} -s \"** \$NOTIFICATIONTYPE\$ Host Alert: \$HOSTNAME\$ is \$HOSTSTATE\$ **\" \$CONTACTEMAIL\$"; + 'notify-service-by-email': + command_line => "/usr/bin/printf \"%b\" \"***** Nagios *****\\n\\nNotification Type: \$NOTIFICATIONTYPE\$\\n\\nService: \$SERVICEDESC\$\\nHost: \$HOSTALIAS\$\\nAddress: \$HOSTADDRESS\$\\nState: \$SERVICESTATE\$\\n\\nDate/Time: \$LONGDATETIME\$\\n\\nAdditional Info:\\n\\n\$SERVICEOUTPUT\$\" | ${mail_cmd_location} -s \"** \$NOTIFICATIONTYPE\$ Service Alert: \$HOSTALIAS\$/\$SERVICEDESC\$ is \$SERVICESTATE\$ **\" \$CONTACTEMAIL\$"; } } - + } } diff --git a/manifests/defaults/templates.pp b/manifests/defaults/templates.pp index 9711dd4..5158189 100644 --- a/manifests/defaults/templates.pp +++ b/manifests/defaults/templates.pp @@ -1,14 +1,17 @@ +# manage nagios_templates class nagios::defaults::templates { include nagios::defaults::vars file { 'nagios_templates': - path => "${nagios::defaults::vars::int_cfgdir}/conf.d/nagios_templates.cfg", - source => [ "puppet:///modules/site_nagios/configs/${::fqdn}/nagios_templates.cfg", + path => "${nagios::defaults::vars::int_cfgdir}/nagios_templates.cfg", + source => [ "puppet:///modules/site_nagios/configs/${::fqdn}/nagios_templates.cfg", "puppet:///modules/site_nagios/configs/${::operatingsystem}/nagios_templates.cfg", - "puppet:///modules/site_nagios/configs/nagios_templates.cfg", + 'puppet:///modules/site_nagios/configs/nagios_templates.cfg', "puppet:///modules/nagios/configs/${::operatingsystem}/nagios_templates.cfg", - "puppet:///modules/nagios/configs/nagios_templates.cfg" ], - notify => Service['nagios'], - mode => 0644, owner => root, group => root; + 'puppet:///modules/nagios/configs/nagios_templates.cfg' ], + notify => Service['nagios'], + owner => root, + group => root, + mode => '0644'; } } diff --git a/manifests/defaults/vars.pp b/manifests/defaults/vars.pp index 87f41f8..e1a6224 100644 --- a/manifests/defaults/vars.pp +++ b/manifests/defaults/vars.pp @@ -1,7 +1,8 @@ +# some default vars class nagios::defaults::vars { case $nagios::cfgdir { '': { $int_cfgdir = $::operatingsystem ? { - centos => '/etc/nagios/', + centos => '/etc/nagios', default => '/etc/nagios3' } } diff --git a/manifests/init.pp b/manifests/init.pp index c800637..c4d7725 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -16,18 +16,21 @@ # manage nagios class nagios( - $httpd = 'apache', + $httpd = 'apache', $allow_external_cmd = false, - $manage_shorewall = false, - $manage_munin = false + $manage_shorewall = false, + $manage_munin = false, + $service_atboot = true, + $purge_resources = true, + $gpgkey_checks = {}, ) { case $nagios::httpd { 'absent': { } 'lighttpd': { include ::lighttpd } 'apache': { include ::apache - if $::operatingsystem == 'debian' { - include nagios::debian::apache + if $::operatingsystem == 'Debian' { + include ::nagios::debian::apache } } default: { include ::apache } @@ -35,17 +38,18 @@ class nagios( case $::operatingsystem { 'centos': { $cfgdir = '/etc/nagios' - include nagios::centos + include ::nagios::centos } 'debian': { $cfgdir = '/etc/nagios3' - include nagios::debian + include ::nagios::debian } default: { fail("No such operatingsystem: ${::operatingsystem} yet defined") } } if $manage_munin { - include nagios::munin + include ::nagios::munin } + create_resources('nagios::service::gpgkey',$gpgkey_checks) } diff --git a/manifests/nrpe.pp b/manifests/nrpe.pp index 3ef7d07..ad7dbbb 100644 --- a/manifests/nrpe.pp +++ b/manifests/nrpe.pp @@ -1,27 +1,28 @@ +# setup nrpe stuff class nagios::nrpe { - case $operatingsystem { - 'FreeBSD': { - if $nagios_nrpe_cfgdir == '' { $nagios_nrpe_cfgdir = '/usr/local/etc' } - if $nagios_nrpe_pid_file == '' { $nagios_nrpe_pid_file = '/var/spool/nagios/nrpe2.pid' } - if $nagios_plugin_dir == '' { $nagios_plugin_dir = '/usr/local/libexec/nagios' } + case $::operatingsystem { + 'FreeBSD': { + if $nagios_nrpe_cfgdir == '' { $nagios_nrpe_cfgdir = '/usr/local/etc' } + if $nagios_nrpe_pid_file == '' { $nagios_nrpe_pid_file = '/var/spool/nagios/nrpe2.pid' } + if $nagios_plugin_dir == '' { $nagios_plugin_dir = '/usr/local/libexec/nagios' } - include nagios::nrpe::freebsd - } - 'Debian': { - if $nagios_nrpe_pid_file == '' { $nagios_nrpe_pid_file = '/var/run/nagios/nrpe.pid' } - if $nagios_plugin_dir == '' { $nagios_plugin_dir = '/usr/lib/nagios/plugins' } - include nagios::nrpe::linux - } - default: { - if $nagios_nrpe_pid_file == '' { $nagios_nrpe_pid_file = '/var/run/nrpe.pid' } - if $nagios_plugin_dir == '' { $nagios_plugin_dir = '/usr/lib/nagios/plugins' } + include ::nagios::nrpe::freebsd + } + 'Debian': { + if $nagios_nrpe_pid_file == '' { $nagios_nrpe_pid_file = '/var/run/nagios/nrpe.pid' } + if $nagios_plugin_dir == '' { $nagios_plugin_dir = '/usr/lib/nagios/plugins' } + include ::nagios::nrpe::linux + } + default: { + if $nagios_nrpe_pid_file == '' { $nagios_nrpe_pid_file = '/var/run/nrpe.pid' } + if $nagios_plugin_dir == '' { $nagios_plugin_dir = '/usr/lib/nagios/plugins' } - case $kernel { - linux: { include nagios::nrpe::linux } - default: { include nagios::nrpe::base } - } - } + case $::kernel { + 'Linux': { include ::nagios::nrpe::linux } + default: { include ::nagios::nrpe::base } + } } + } } diff --git a/manifests/plugin.pp b/manifests/plugin.pp index f2e4ed2..07938cd 100644 --- a/manifests/plugin.pp +++ b/manifests/plugin.pp @@ -1,8 +1,9 @@ +# a wrapper for syncing a plugin define nagios::plugin( $source = 'absent', - $ensure = present + $ensure = present, ){ - if $::hardwaremodel == 'x86_64' and $::operatingsystem != 'debian' { + if $::hardwaremodel == 'x86_64' and $::operatingsystem != 'Debian' { $real_path = "/usr/lib64/nagios/plugins/${name}" } else { diff --git a/manifests/plugins/gpg.pp b/manifests/plugins/gpg.pp new file mode 100644 index 0000000..a09736a --- /dev/null +++ b/manifests/plugins/gpg.pp @@ -0,0 +1,30 @@ +# check_gpg from +# https://github.com/lelutin/nagios-plugins/blob/master/check_gpg +class nagios::plugins::gpg { + require ::gpg + nagios::plugin{'check_gpg': + source => 'nagios/plugins/check_gpg', + } + + $gpg_home = '/var/local/nagios_gpg_homedir' + file{ + $gpg_home: + ensure => 'directory', + owner => nagios, + group => nagios, + mode => '0600', + require => Nagios::Plugin['check_gpg']; + "${gpg_home}/sks-keyservers.netCA.pem": + source => 'puppet:///modules/nagios/plugin_data/sks-keyservers.netCA.pem', + owner => nagios, + group => 0, + mode => '0400', + before => Nagios_command['check_gpg']; + } + nagios_command { + 'check_gpg': + command_line => "\$USER1\$/check_gpg --gnupg-homedir ${gpg_home} -w \$ARG1\$ \$ARG2\$", + require => Nagios::Plugin['check_gpg'], + } +} + diff --git a/manifests/plugins/horde_login.pp b/manifests/plugins/horde_login.pp new file mode 100644 index 0000000..4274b4c --- /dev/null +++ b/manifests/plugins/horde_login.pp @@ -0,0 +1,11 @@ +# check_horde_login +class nagios::plugins::horde_login { + ensure_packages(['python-requests']) + nagios::plugin { 'check_horde_login': + source => 'nagios/plugins/check_horde_login', + require => Package['python-requests'], + } -> nagios_command { + 'check_horde_login': + command_line => "\$USER1\$/check_horde_login -s \$ARG1\$ -u \$ARG2\$ -p \$ARG3\$", + } +} diff --git a/manifests/pnp4nagios.pp b/manifests/pnp4nagios.pp index 5ade74f..3faaae3 100644 --- a/manifests/pnp4nagios.pp +++ b/manifests/pnp4nagios.pp @@ -1,3 +1,4 @@ +# manage pnp4nagios class nagios::pnp4nagios { include nagios::defaults::pnp4nagios @@ -10,7 +11,7 @@ class nagios::pnp4nagios { # see http://projects.reductivelabs.com/issues/1180 for this limitation file { 'pnp4nagios-templates.cfg': - path => "${nagios::defaults::vars::int_cfgdir}/conf.d/pnp4nagios-templates.cfg", + path => "${nagios::defaults::vars::int_cfgdir}/pnp4nagios-templates.cfg", source => [ 'puppet:///modules/site_nagios/pnp4nagios/pnp4nagios-templates.cfg', 'puppet:///modules/nagios/pnp4nagios/pnp4nagios-templates.cfg' ], mode => '0644', @@ -21,8 +22,8 @@ class nagios::pnp4nagios { file { 'apache.conf': path => '/etc/pnp4nagios/apache.conf', - source => [ 'puppet:///modules/site_nagios/pnp4nagios/apache.conf', - 'puppet:///modules/nagios/pnp4nagios/apache.conf' ], + source => ['puppet:///modules/site_nagios/pnp4nagios/apache.conf', + 'puppet:///modules/nagios/pnp4nagios/apache.conf' ], mode => '0644', owner => root, group => root, diff --git a/manifests/service.pp b/manifests/service.pp index 3e8f6c8..d53fd24 100644 --- a/manifests/service.pp +++ b/manifests/service.pp @@ -1,87 +1,90 @@ +# a wrapper around nagios_service to make it more convenient and +# also automatically an exported resource. define nagios::service ( - $ensure = present, - $host_name = $::fqdn, - $check_command = 'absent', - $check_period = '', - $normal_check_interval = '', - $retry_check_interval = '', - $max_check_attempts = '', - $notification_interval = '', - $notification_period = '', - $notification_options = '', - $contact_groups = '', - $use = 'generic-service', - $service_description = 'absent', - $use_nrpe = '', - $nrpe_args = '', - $nrpe_timeout = 10 + $ensure = present, + $host_name = $::fqdn, + $check_command = 'absent', + $check_period = undef, + $normal_check_interval = undef, + $retry_check_interval = undef, + $max_check_attempts = undef, + $notification_interval = undef, + $notification_period = undef, + $notification_options = undef, + $contact_groups = undef, + $use = 'generic-service', + $service_description = 'absent', + $use_nrpe = undef, + $nrpe_args = undef, + $nrpe_timeout = 10, ) { # TODO: this resource should normally accept all nagios_host parameters $real_name = "${::hostname}_${name}" - @@nagios_service { "${real_name}": + @@nagios_service {$real_name: ensure => $ensure, - notify => Service[nagios]; + notify => Service['nagios']; } if $ensure != 'absent' { if $check_command == 'absent' { fail("Must pass a check_command to ${name} if it should be present") } - if ($use_nrpe == true) { - include nagios::command::nrpe_timeout + if str2bool($use_nrpe) { + include ::nagios::command::nrpe_timeout - if ($nrpe_args != '') { - $real_check_command = "check_nrpe_timeout!$nrpe_timeout!$check_command!\"$nrpe_args\"" - } else { - $real_check_command = "check_nrpe_1arg_timeout!$nrpe_timeout!$check_command" - } + if $nrpe_args { + $real_check_command = "check_nrpe_timeout!${nrpe_timeout}!${check_command}!\"${nrpe_args}\"" + } else { + $real_check_command = "check_nrpe_1arg_timeout!${nrpe_timeout}!${check_command}" + } } else { - $real_check_command = "$check_command" + $real_check_command = $check_command } - Nagios_service["${real_name}"] { - check_command => $check_command, - host_name => $host_name, - use => $use, - service_description => $service_description ?{ - 'absent' => $name, - default => $service_description - } + $real_service_description = $service_description ? { + 'absent' => $name, + default => $service_description + } + Nagios_service[$real_name] { + check_command => $check_command, + host_name => $host_name, + use => $use, + service_description => $real_service_description, } - if ($check_period != '') { - Nagios_service["${real_name}"] { check_period => $check_period } + if $check_period { + Nagios_service[$real_name] { check_period => $check_period } } - - if ($normal_check_interval != '') { - Nagios_service["${real_name}"] { normal_check_interval => $normal_check_interval } + + if $normal_check_interval { + Nagios_service[$real_name] { normal_check_interval => $normal_check_interval } } - - if ($retry_check_interval != '') { - Nagios_service["${real_name}"] { retry_check_interval => $retry_check_interval } + + if $retry_check_interval { + Nagios_service[$real_name] { retry_check_interval => $retry_check_interval } } - - if ($max_check_attempts != '') { - Nagios_service["${real_name}"] { max_check_attempts => $max_check_attempts } + + if $max_check_attempts { + Nagios_service[$real_name] { max_check_attempts => $max_check_attempts } } - - if ($notification_interval != '') { - Nagios_service["${real_name}"] { notification_interval => $notification_interval } + + if $notification_interval { + Nagios_service[$real_name] { notification_interval => $notification_interval } } - - if ($notification_period != '') { - Nagios_service["${real_name}"] { notification_period => $notification_period } + + if $notification_period { + Nagios_service[$real_name] { notification_period => $notification_period } } - - if ($notification_options != '') { - Nagios_service["${real_name}"] { notification_options => $notification_options } + + if $notification_options { + Nagios_service[$real_name] { notification_options => $notification_options } } - - if ($contact_groups != '') { - Nagios_service["${real_name}"] { contact_groups => $contact_groups } + + if $contact_groups { + Nagios_service[$real_name] { contact_groups => $contact_groups } } } } diff --git a/manifests/service/gpgkey.pp b/manifests/service/gpgkey.pp new file mode 100644 index 0000000..f04352a --- /dev/null +++ b/manifests/service/gpgkey.pp @@ -0,0 +1,47 @@ +# define a gpgkey to be watched +define nagios::service::gpgkey( + $ensure = 'present', + $warning = '14', + $key_info = undef, +){ + validate_slength($name,40,40) + require ::nagios::plugins::gpg + $gpg_home = $nagios::plugins::gpg::gpg_home + $gpg_cmd = "gpg --homedir ${gpg_home}" + + exec{"manage_key_${name}": + user => nagios, + group => nagios, + } + nagios::service{ + "check_gpg_${name}": + ensure => $ensure; + } + + if $ensure == 'present' { + Exec["manage_key_${name}"]{ + command => "${gpg_cmd} --keyserver hkps://hkps.pool.sks-keyservers.net --keyserver-options ca-cert-file=${gpg_home}/sks-keyservers.netCA.pem --recv-keys ${name}", + unless => "${gpg_cmd} --list-keys ${name}", + before => Nagios::Service["check_gpg_${name}"], + } + + Nagios::Service["check_gpg_${name}"]{ + check_command => "check_gpg!${warning}!${name}", + } + if $key_info { + Nagios::Service["check_gpg_${name}"]{ + service_description => "Keyfingerprint: ${name} - Info: ${key_info}", + } + } else { + Nagios::Service["check_gpg_${name}"]{ + service_description => "Keyfingerprint: ${name}", + } + } + } else { + Exec["manage_key_${name}"]{ + command => "${gpg_cmd} --batch --delete-key ${name}", + onlyif => "${gpg_cmd} --list-keys ${name}", + require => Nagios::Service["check_gpg_${name}"], + } + } +} diff --git a/manifests/service/horde_login.pp b/manifests/service/horde_login.pp new file mode 100644 index 0000000..6cab59e --- /dev/null +++ b/manifests/service/horde_login.pp @@ -0,0 +1,18 @@ +# a horde login check +define nagios::service::horde_login( + $password, + $url, + $username = $name, + $ensure = 'present', +){ + nagios::service{ + "horde_${name}": + ensure => $ensure; + } + + if $ensure != 'absent' { + Nagios::Service["horde_${name}"]{ + check_command => "check_horde_login!${url}!${username}!${password}", + } + } +} diff --git a/manifests/service/http.pp b/manifests/service/http.pp index ef63abb..b80c140 100644 --- a/manifests/service/http.pp +++ b/manifests/service/http.pp @@ -4,43 +4,51 @@ # - force: http is permanent redirect to https # - only: check only https define nagios::service::http( - $ensure = present, - $check_domain = 'absent', - $port = '80', - $check_url = '/', - $check_code = 'OK', - $use = 'generic-service', - $ssl_mode = false + $ensure = present, + $check_domain = 'absent', + $port = '80', + $check_url = '/', + $check_code = '200,301,302', + $use = 'generic-service', + $ssl_mode = false ){ - $real_check_domain = $check_domain ? { - 'absent' => $name, - default => $check_domain + $real_check_domain = $check_domain ? { + 'absent' => $name, + default => $check_domain + } + if is_hash($check_code) { + $check_code_hash = $check_code + } else { + $check_code_hash = { + http => $check_code, + https => $check_code, } - case $ssl_mode { - 'force',true,'only': { - nagios::service{"https_${name}_${check_code}": - ensure => $ensure, - use => $use, - check_command => "check_https_url_regex!${real_check_domain}!${check_url}!'${check_code}'", - } - case $ssl_mode { - 'force': { - nagios::service{"httprd_${name}": - ensure => $ensure, - use => $use, - check_command => "check_http_url_regex!${real_check_domain}!${port}!${check_url}!'301'", - } - } - } + } + case $ssl_mode { + 'force',true,'only': { + nagios::service{"https_${name}": + ensure => $ensure, + use => $use, + check_command => "check_https_url_regex!${real_check_domain}!${check_url}!'${check_code_hash[https]}'", + } + case $ssl_mode { + 'force': { + nagios::service{"http_${name}": + ensure => $ensure, + use => $use, + check_command => "check_http_url_regex!${real_check_domain}!${port}!${check_url}!'301'", + } } + } } - case $ssl_mode { - false,true: { - nagios::service{"http_${name}_${check_code}": - ensure => $ensure, - use => $use, - check_command => "check_http_url_regex!${real_check_domain}!${port}!${check_url}!'${check_code}'", - } - } + } + case $ssl_mode { + false,true: { + nagios::service{"http_${name}": + ensure => $ensure, + use => $use, + check_command => "check_http_url_regex!${real_check_domain}!${port}!${check_url}!'${check_code_hash[http]}'", + } } + } } diff --git a/manifests/target.pp b/manifests/target.pp index be6c40e..2036e01 100644 --- a/manifests/target.pp +++ b/manifests/target.pp @@ -1,28 +1,33 @@ -# manifests/target.pp - +# a simple nagios target to monitor class nagios::target( - $parents = 'absent', - $address = $::ipaddress, + $parents = 'absent', + $address = $::ipaddress, $nagios_alias = false, - $hostgroups = 'absent' + $hostgroups = 'absent', + $use = 'generic-host', ){ @@nagios_host { $::fqdn: address => $address, - use => 'generic-host', + alias => $nagios_alias, + use => $use, } # Watch out with using aliases: they need to be unique throughout *all* # resources in a given host's catalogue. if $nagios_alias { - Nagios_host[$::fqdn] { - alias => $nagios_alias, + Nagios_host[$::fqdn]{ + alias => $nagios_alias } } if ($parents != 'absent') { - Nagios_host["${::fqdn}"] { parents => $parents } + Nagios_host[$::fqdn]{ + parents => $parents + } } if ($hostgroups != 'absent') { - Nagios_host["${::fqdn}"] { hostgroups => $hostgroups } + Nagios_host[$::fqdn]{ + hostgroups => $hostgroups + } } } diff --git a/manifests/target/fqdn.pp b/manifests/target/fqdn.pp index 6bb16c1..31fc4b7 100644 --- a/manifests/target/fqdn.pp +++ b/manifests/target/fqdn.pp @@ -1,10 +1,12 @@ +# monitor a host by fqdn class nagios::target::fqdn( + $address = $::fqdn, $hostgroups = 'absent', - $parents = 'absent' + $parents = 'absent' ) { class{'nagios::target': - address => $::fqdn, + address => $address, hostgroups => $hostgroups, - parents => $parents + parents => $parents } } |