From: mhoellein Date: Wed, 8 Jul 2020 12:24:06 +0000 (+0200) Subject: committing changes in /etc made by "apt-get install icinga2" X-Git-Url: https://git.hoellein.online/?a=commitdiff_plain;h=9126226cbfb3312407f2a5c723ca57d9ce87fa25;p=vserver committing changes in /etc made by "apt-get install icinga2" Package changes: +icinga2 2.11.2-1ubuntu3 amd64 +icinga2-bin 2.11.2-1ubuntu3 amd64 +icinga2-common 2.11.2-1ubuntu3 all +icinga2-doc 2.11.2-1ubuntu3 all +libboost-context1.71.0 1.71.0-6ubuntu6 amd64 +libboost-coroutine1.71.0 1.71.0-6ubuntu6 amd64 +libboost-filesystem1.71.0 1.71.0-6ubuntu6 amd64 +libboost-program-options1.71.0 1.71.0-6ubuntu6 amd64 +libboost-regex1.71.0 1.71.0-6ubuntu6 amd64 +libboost-thread1.71.0 1.71.0-6ubuntu6 amd64 +monitoring-plugins-basic 2.2-6ubuntu1.1 amd64 +monitoring-plugins-common 2.2-6ubuntu1.1 amd64 --- diff --git a/.etckeeper b/.etckeeper index 8bf766ad9..6c6b78451 100755 --- a/.etckeeper +++ b/.etckeeper @@ -13,6 +13,7 @@ mkdir -p './dovecot/private' mkdir -p './dpkg/dpkg.cfg.d' mkdir -p './fail2ban/fail2ban.d' mkdir -p './gss/mech.d' +mkdir -p './icinga2/pki' mkdir -p './initramfs-tools/conf.d' mkdir -p './initramfs-tools/hooks' mkdir -p './initramfs-tools/scripts/init-bottom' @@ -839,6 +840,7 @@ maybe chmod 0644 'default/fail2ban' maybe chmod 0644 'default/grub' maybe chmod 0755 'default/grub.d' maybe chmod 0644 'default/grub.d/init-select.cfg' +maybe chmod 0644 'default/icinga2' maybe chmod 0644 'default/intel-microcode' maybe chmod 0644 'default/irqbalance' maybe chmod 0644 'default/keyboard' @@ -1205,6 +1207,52 @@ maybe chmod 0644 'hostname' maybe chmod 0644 'hosts' maybe chmod 0644 'hosts.allow' maybe chmod 0644 'hosts.deny' +maybe chown 'nagios' 'icinga2' +maybe chgrp 'nagios' 'icinga2' +maybe chmod 0750 'icinga2' +maybe chmod 0755 'icinga2/conf.d' +maybe chmod 0644 'icinga2/conf.d/app.conf' +maybe chmod 0644 'icinga2/conf.d/apt.conf' +maybe chmod 0644 'icinga2/conf.d/commands.conf' +maybe chmod 0644 'icinga2/conf.d/downtimes.conf' +maybe chmod 0644 'icinga2/conf.d/groups.conf' +maybe chmod 0644 'icinga2/conf.d/hosts.conf' +maybe chmod 0644 'icinga2/conf.d/notifications.conf' +maybe chmod 0644 'icinga2/conf.d/services.conf' +maybe chmod 0644 'icinga2/conf.d/templates.conf' +maybe chmod 0644 'icinga2/conf.d/timeperiods.conf' +maybe chmod 0644 'icinga2/conf.d/users.conf' +maybe chmod 0644 'icinga2/constants.conf' +maybe chmod 0755 'icinga2/features-available' +maybe chmod 0644 'icinga2/features-available/api.conf' +maybe chmod 0644 'icinga2/features-available/checker.conf' +maybe chmod 0644 'icinga2/features-available/command.conf' +maybe chmod 0644 'icinga2/features-available/compatlog.conf' +maybe chmod 0644 'icinga2/features-available/debuglog.conf' +maybe chmod 0644 'icinga2/features-available/elasticsearch.conf' +maybe chmod 0644 'icinga2/features-available/gelf.conf' +maybe chmod 0644 'icinga2/features-available/graphite.conf' +maybe chmod 0644 'icinga2/features-available/influxdb.conf' +maybe chmod 0644 'icinga2/features-available/livestatus.conf' +maybe chmod 0644 'icinga2/features-available/mainlog.conf' +maybe chmod 0644 'icinga2/features-available/notification.conf' +maybe chmod 0644 'icinga2/features-available/opentsdb.conf' +maybe chmod 0644 'icinga2/features-available/perfdata.conf' +maybe chmod 0644 'icinga2/features-available/statusdata.conf' +maybe chmod 0644 'icinga2/features-available/syslog.conf' +maybe chown 'nagios' 'icinga2/features-enabled' +maybe chgrp 'nagios' 'icinga2/features-enabled' +maybe chmod 0750 'icinga2/features-enabled' +maybe chmod 0644 'icinga2/icinga2.conf' +maybe chown 'nagios' 'icinga2/pki' +maybe chgrp 'nagios' 'icinga2/pki' +maybe chmod 0700 'icinga2/pki' +maybe chmod 0755 'icinga2/scripts' +maybe chmod 0755 'icinga2/scripts/mail-host-notification.sh' +maybe chmod 0755 'icinga2/scripts/mail-service-notification.sh' +maybe chmod 0644 'icinga2/zones.conf' +maybe chmod 0755 'icinga2/zones.d' +maybe chmod 0644 'icinga2/zones.d/README' maybe chmod 0755 'init' maybe chmod 0755 'init.d' maybe chmod 0755 'init.d/acpid' @@ -1222,6 +1270,7 @@ maybe chmod 0755 'init.d/dovecot' maybe chmod 0755 'init.d/fail2ban' maybe chmod 0755 'init.d/grub-common' maybe chmod 0755 'init.d/hwclock.sh' +maybe chmod 0755 'init.d/icinga2' maybe chmod 0755 'init.d/ipsec' maybe chmod 0755 'init.d/irqbalance' maybe chmod 0755 'init.d/keyboard-setup.sh' @@ -5669,6 +5718,7 @@ maybe chmod 0644 'logrotate.d/certbot' maybe chmod 0644 'logrotate.d/dbconfig-common' maybe chmod 0644 'logrotate.d/dpkg' maybe chmod 0644 'logrotate.d/fail2ban' +maybe chmod 0644 'logrotate.d/icinga2' maybe chmod 0644 'logrotate.d/mysql-server' maybe chmod 0644 'logrotate.d/razor' maybe chmod 0644 'logrotate.d/redis-server' @@ -5745,6 +5795,25 @@ maybe chmod 0644 'mysql/mysql.conf.d/mysqld.cnf' maybe chmod 0644 'mysql/mysql.conf.d/mysqld_safe_syslog.cnf' maybe chmod 0755 'myssl' maybe chmod 0600 'myssl/dh2048.pem' +maybe chmod 0755 'nagios-plugins' +maybe chmod 0755 'nagios-plugins/config' +maybe chmod 0644 'nagios-plugins/config/apt.cfg' +maybe chmod 0644 'nagios-plugins/config/dhcp.cfg' +maybe chmod 0644 'nagios-plugins/config/disk.cfg' +maybe chmod 0644 'nagios-plugins/config/dummy.cfg' +maybe chmod 0644 'nagios-plugins/config/ftp.cfg' +maybe chmod 0644 'nagios-plugins/config/http.cfg' +maybe chmod 0644 'nagios-plugins/config/load.cfg' +maybe chmod 0644 'nagios-plugins/config/mail.cfg' +maybe chmod 0644 'nagios-plugins/config/news.cfg' +maybe chmod 0644 'nagios-plugins/config/ntp.cfg' +maybe chmod 0644 'nagios-plugins/config/ping.cfg' +maybe chmod 0644 'nagios-plugins/config/procs.cfg' +maybe chmod 0644 'nagios-plugins/config/real.cfg' +maybe chmod 0644 'nagios-plugins/config/ssh.cfg' +maybe chmod 0644 'nagios-plugins/config/tcp_udp.cfg' +maybe chmod 0644 'nagios-plugins/config/telnet.cfg' +maybe chmod 0644 'nagios-plugins/config/users.cfg' maybe chmod 0644 'nanorc' maybe chmod 0755 'netplan' maybe chmod 0644 'netplan/01-netcfg.yaml' diff --git a/default/icinga2 b/default/icinga2 new file mode 100644 index 000000000..c4524088a --- /dev/null +++ b/default/icinga2 @@ -0,0 +1,3 @@ +# default settings for icinga2's initscript + +#DAEMON_ARGS="-e /var/log/icinga2/icinga2.err" diff --git a/group b/group index 9feb3eee5..567861a31 100644 --- a/group +++ b/group @@ -68,3 +68,4 @@ kvm:x:126: render:x:127: tcpdump:x:128: systemd-coredump:x:999: +nagios:x:129: diff --git a/group- b/group- index 8af28409c..9feb3eee5 100644 --- a/group- +++ b/group- @@ -67,3 +67,4 @@ systemd-timesync:x:125: kvm:x:126: render:x:127: tcpdump:x:128: +systemd-coredump:x:999: diff --git a/gshadow b/gshadow index fe905afef..df947a68c 100644 --- a/gshadow +++ b/gshadow @@ -68,3 +68,4 @@ kvm:!:: render:!:: tcpdump:!:: systemd-coredump:!!:: +nagios:!:: diff --git a/gshadow- b/gshadow- index f997e4ee5..fe905afef 100644 --- a/gshadow- +++ b/gshadow- @@ -67,3 +67,4 @@ systemd-timesync:!:: kvm:!:: render:!:: tcpdump:!:: +systemd-coredump:!!:: diff --git a/icinga2/conf.d/app.conf b/icinga2/conf.d/app.conf new file mode 100644 index 000000000..3e4be0dcf --- /dev/null +++ b/icinga2/conf.d/app.conf @@ -0,0 +1 @@ +object IcingaApplication "app" { } diff --git a/icinga2/conf.d/apt.conf b/icinga2/conf.d/apt.conf new file mode 100644 index 000000000..b2c77a0c1 --- /dev/null +++ b/icinga2/conf.d/apt.conf @@ -0,0 +1,7 @@ +apply Service "apt" { + import "generic-service" + + check_command = "apt" + + assign where host.name == NodeName +} diff --git a/icinga2/conf.d/commands.conf b/icinga2/conf.d/commands.conf new file mode 100644 index 000000000..bd511cebc --- /dev/null +++ b/icinga2/conf.d/commands.conf @@ -0,0 +1,187 @@ +/* Command objects */ + +/* Notification Commands + * + * Please check the documentation for all required and + * optional parameters. + */ + +object NotificationCommand "mail-host-notification" { + command = [ ConfigDir + "/scripts/mail-host-notification.sh" ] + + arguments += { + "-4" = "$notification_address$" + "-6" = "$notification_address6$" + "-b" = "$notification_author$" + "-c" = "$notification_comment$" + "-d" = { + required = true + value = "$notification_date$" + } + "-f" = { + value = "$notification_from$" + description = "Set from address. Requires GNU mailutils (Debian/Ubuntu) or mailx (RHEL/SUSE)" + } + "-i" = "$notification_icingaweb2url$" + "-l" = { + required = true + value = "$notification_hostname$" + } + "-n" = { + required = true + value = "$notification_hostdisplayname$" + } + "-o" = { + required = true + value = "$notification_hostoutput$" + } + "-r" = { + required = true + value = "$notification_useremail$" + } + "-s" = { + required = true + value = "$notification_hoststate$" + } + "-t" = { + required = true + value = "$notification_type$" + } + "-v" = "$notification_logtosyslog$" + } + + vars += { + notification_address = "$address$" + notification_address6 = "$address6$" + notification_author = "$notification.author$" + notification_comment = "$notification.comment$" + notification_type = "$notification.type$" + notification_date = "$icinga.long_date_time$" + notification_hostname = "$host.name$" + notification_hostdisplayname = "$host.display_name$" + notification_hostoutput = "$host.output$" + notification_hoststate = "$host.state$" + notification_useremail = "$user.email$" + } +} + +object NotificationCommand "mail-service-notification" { + command = [ ConfigDir + "/scripts/mail-service-notification.sh" ] + + arguments += { + "-4" = "$notification_address$" + "-6" = "$notification_address6$" + "-b" = "$notification_author$" + "-c" = "$notification_comment$" + "-d" = { + required = true + value = "$notification_date$" + } + "-e" = { + required = true + value = "$notification_servicename$" + } + "-f" = { + value = "$notification_from$" + description = "Set from address. Requires GNU mailutils (Debian/Ubuntu) or mailx (RHEL/SUSE)" + } + "-i" = "$notification_icingaweb2url$" + "-l" = { + required = true + value = "$notification_hostname$" + } + "-n" = { + required = true + value = "$notification_hostdisplayname$" + } + "-o" = { + required = true + value = "$notification_serviceoutput$" + } + "-r" = { + required = true + value = "$notification_useremail$" + } + "-s" = { + required = true + value = "$notification_servicestate$" + } + "-t" = { + required = true + value = "$notification_type$" + } + "-u" = { + required = true + value = "$notification_servicedisplayname$" + } + "-v" = "$notification_logtosyslog$" + } + + vars += { + notification_address = "$address$" + notification_address6 = "$address6$" + notification_author = "$notification.author$" + notification_comment = "$notification.comment$" + notification_type = "$notification.type$" + notification_date = "$icinga.long_date_time$" + notification_hostname = "$host.name$" + notification_hostdisplayname = "$host.display_name$" + notification_servicename = "$service.name$" + notification_serviceoutput = "$service.output$" + notification_servicestate = "$service.state$" + notification_useremail = "$user.email$" + notification_servicedisplayname = "$service.display_name$" + } +} + +/* + * If you prefer to use the notification scripts with environment + * variables instead of command line parameters, you can use + * the following commands. They have been updated from < 2.7 + * to support the new notification scripts and should help + * with an upgrade. + * Remove the comment blocks and comment the notification commands above. + */ + +/* + +object NotificationCommand "mail-host-notification" { + command = [ ConfigDir + "/scripts/mail-host-notification.sh" ] + + env = { + NOTIFICATIONTYPE = "$notification.type$" + HOSTDISPLAYNAME = "$host.display_name$" + HOSTNAME = "$host.name$" + HOSTADDRESS = "$address$" + HOSTSTATE = "$host.state$" + LONGDATETIME = "$icinga.long_date_time$" + HOSTOUTPUT = "$host.output$" + NOTIFICATIONAUTHORNAME = "$notification.author$" + NOTIFICATIONCOMMENT = "$notification.comment$" + HOSTDISPLAYNAME = "$host.display_name$" + USEREMAIL = "$user.email$" + } +} + +object NotificationCommand "mail-service-notification" { + command = [ ConfigDir + "/scripts/mail-service-notification.sh" ] + + env = { + NOTIFICATIONTYPE = "$notification.type$" + SERVICENAME = "$service.name$" + HOSTNAME = "$host.name$" + HOSTDISPLAYNAME = "$host.display_name$" + HOSTADDRESS = "$address$" + SERVICESTATE = "$service.state$" + LONGDATETIME = "$icinga.long_date_time$" + SERVICEOUTPUT = "$service.output$" + NOTIFICATIONAUTHORNAME = "$notification.author$" + NOTIFICATIONCOMMENT = "$notification.comment$" + HOSTDISPLAYNAME = "$host.display_name$" + SERVICEDISPLAYNAME = "$service.display_name$" + USEREMAIL = "$user.email$" + } +} + +*/ + diff --git a/icinga2/conf.d/downtimes.conf b/icinga2/conf.d/downtimes.conf new file mode 100644 index 000000000..0bed6475f --- /dev/null +++ b/icinga2/conf.d/downtimes.conf @@ -0,0 +1,20 @@ +/** + * The example downtime apply rule. + */ + +apply ScheduledDowntime "backup-downtime" to Service { + author = "icingaadmin" + comment = "Scheduled downtime for backup" + + ranges = { + monday = service.vars.backup_downtime + tuesday = service.vars.backup_downtime + wednesday = service.vars.backup_downtime + thursday = service.vars.backup_downtime + friday = service.vars.backup_downtime + saturday = service.vars.backup_downtime + sunday = service.vars.backup_downtime + } + + assign where service.vars.backup_downtime != "" +} diff --git a/icinga2/conf.d/groups.conf b/icinga2/conf.d/groups.conf new file mode 100644 index 000000000..e6004a324 --- /dev/null +++ b/icinga2/conf.d/groups.conf @@ -0,0 +1,37 @@ +/** + * Host group examples. + */ + +object HostGroup "linux-servers" { + display_name = "Linux Servers" + + assign where host.vars.os == "Linux" +} + +object HostGroup "windows-servers" { + display_name = "Windows Servers" + + assign where host.vars.os == "Windows" +} + +/** + * Service group examples. + */ + +object ServiceGroup "ping" { + display_name = "Ping Checks" + + assign where match("ping*", service.name) +} + +object ServiceGroup "http" { + display_name = "HTTP Checks" + + assign where match("http*", service.check_command) +} + +object ServiceGroup "disk" { + display_name = "Disk Checks" + + assign where match("disk*", service.check_command) +} diff --git a/icinga2/conf.d/hosts.conf b/icinga2/conf.d/hosts.conf new file mode 100644 index 000000000..0118f033e --- /dev/null +++ b/icinga2/conf.d/hosts.conf @@ -0,0 +1,52 @@ +/* + * Host definitions with object attributes + * used for apply rules for Service, Notification, + * Dependency and ScheduledDowntime objects. + * + * Tip: Use `icinga2 object list --type Host` to + * list all host objects after running + * configuration validation (`icinga2 daemon -C`). + */ + +/* + * This is an example host based on your + * local host's FQDN. Specify the NodeName + * constant in `constants.conf` or use your + * own description, e.g. "db-host-1". + */ + +object Host NodeName { + /* Import the default host template defined in `templates.conf`. */ + import "generic-host" + + /* Specify the address attributes for checks e.g. `ssh` or `http`. */ + address = "127.0.0.1" + address6 = "::1" + + /* Set custom variable `os` for hostgroup assignment in `groups.conf`. */ + vars.os = "Linux" + + /* Define http vhost attributes for service apply rules in `services.conf`. */ + vars.http_vhosts["http"] = { + http_uri = "/" + } + /* Uncomment if you've sucessfully installed Icinga Web 2. */ + //vars.http_vhosts["Icinga Web 2"] = { + // http_uri = "/icingaweb2" + //} + + /* Define disks and attributes for service apply rules in `services.conf`. */ + vars.disks["disk"] = { + /* No parameters. */ + } + vars.disks["disk /"] = { + disk_partitions = "/" + } + + /* Define notification mail attributes for notification apply rules in `notifications.conf`. */ + vars.notification["mail"] = { + /* The UserGroup `icingaadmins` is defined in `users.conf`. */ + groups = [ "icingaadmins" ] + } +} + diff --git a/icinga2/conf.d/notifications.conf b/icinga2/conf.d/notifications.conf new file mode 100644 index 000000000..ac6587546 --- /dev/null +++ b/icinga2/conf.d/notifications.conf @@ -0,0 +1,33 @@ +/** + * The example notification apply rules. + * + * Only applied if host/service objects have + * the custom variable `notification` defined + * and containing `mail` as key. + * + * Check `hosts.conf` for an example. + */ + +apply Notification "mail-icingaadmin" to Host { + import "mail-host-notification" + user_groups = host.vars.notification.mail.groups + users = host.vars.notification.mail.users + + //interval = 2h + + //vars.notification_logtosyslog = true + + assign where host.vars.notification.mail +} + +apply Notification "mail-icingaadmin" to Service { + import "mail-service-notification" + user_groups = host.vars.notification.mail.groups + users = host.vars.notification.mail.users + + //interval = 2h + + //vars.notification_logtosyslog = true + + assign where host.vars.notification.mail +} diff --git a/icinga2/conf.d/services.conf b/icinga2/conf.d/services.conf new file mode 100644 index 000000000..c8e1b3cc6 --- /dev/null +++ b/icinga2/conf.d/services.conf @@ -0,0 +1,117 @@ +/* + * Service apply rules. + * + * The CheckCommand objects `ping4`, `ping6`, etc + * are provided by the plugin check command templates. + * Check the documentation for details. + * + * Tip: Use `icinga2 object list --type Service` to + * list all service objects after running + * configuration validation (`icinga2 daemon -C`). + */ + +/* + * This is an example host based on your + * local host's FQDN. Specify the NodeName + * constant in `constants.conf` or use your + * own description, e.g. "db-host-1". + */ + +/* + * These are generic `ping4` and `ping6` + * checks applied to all hosts having the + * `address` resp. `address6` attribute + * defined. + */ +apply Service "ping4" { + import "generic-service" + + check_command = "ping4" + + assign where host.address +} + +apply Service "ping6" { + import "generic-service" + + check_command = "ping6" + + assign where host.address6 +} + +/* + * Apply the `ssh` service to all hosts + * with the `address` attribute defined and + * the custom variable `os` set to `Linux`. + */ +apply Service "ssh" { + import "generic-service" + + check_command = "ssh" + + assign where (host.address || host.address6) && host.vars.os == "Linux" +} + + + +apply Service for (http_vhost => config in host.vars.http_vhosts) { + import "generic-service" + + check_command = "http" + + vars += config +} + +apply Service for (disk => config in host.vars.disks) { + import "generic-service" + + check_command = "disk" + + vars += config +} + +apply Service "icinga" { + import "generic-service" + + check_command = "icinga" + + assign where host.name == NodeName +} + +apply Service "load" { + import "generic-service" + + check_command = "load" + + /* Used by the ScheduledDowntime apply rule in `downtimes.conf`. */ + vars.backup_downtime = "02:00-03:00" + + assign where host.name == NodeName +} + +apply Service "procs" { + import "generic-service" + + check_command = "procs" + + assign where host.name == NodeName +} + +apply Service "swap" { + import "generic-service" + + check_command = "swap" + + assign where host.name == NodeName +} + +apply Service "users" { + import "generic-service" + + check_command = "users" + + assign where host.name == NodeName +} + + + diff --git a/icinga2/conf.d/templates.conf b/icinga2/conf.d/templates.conf new file mode 100644 index 000000000..5655e3f2d --- /dev/null +++ b/icinga2/conf.d/templates.conf @@ -0,0 +1,83 @@ +/* + * Generic template examples. + */ + + +/** + * Provides default settings for hosts. By convention + * all hosts should import this template. + * + * The CheckCommand object `hostalive` is provided by + * the plugin check command templates. + * Check the documentation for details. + */ +template Host "generic-host" { + max_check_attempts = 3 + check_interval = 1m + retry_interval = 30s + + check_command = "hostalive" +} + +/** + * Provides default settings for services. By convention + * all services should import this template. + */ +template Service "generic-service" { + max_check_attempts = 5 + check_interval = 1m + retry_interval = 30s +} + +/** + * Provides default settings for users. By convention + * all users should inherit from this template. + */ + +template User "generic-user" { + +} + +/** + * Provides default settings for host notifications. + * By convention all host notifications should import + * this template. + */ +template Notification "mail-host-notification" { + command = "mail-host-notification" + + states = [ Up, Down ] + types = [ Problem, Acknowledgement, Recovery, Custom, + FlappingStart, FlappingEnd, + DowntimeStart, DowntimeEnd, DowntimeRemoved ] + + vars += { + // notification_icingaweb2url = "https://www.example.com/icingaweb2" + // notification_from = "Icinga 2 Host Monitoring " + notification_logtosyslog = false + } + + period = "24x7" +} + +/** + * Provides default settings for service notifications. + * By convention all service notifications should import + * this template. + */ +template Notification "mail-service-notification" { + command = "mail-service-notification" + + states = [ OK, Warning, Critical, Unknown ] + types = [ Problem, Acknowledgement, Recovery, Custom, + FlappingStart, FlappingEnd, + DowntimeStart, DowntimeEnd, DowntimeRemoved ] + + vars += { + // notification_icingaweb2url = "https://www.example.com/icingaweb2" + // notification_from = "Icinga 2 Service Monitoring " + notification_logtosyslog = false + } + + period = "24x7" +} diff --git a/icinga2/conf.d/timeperiods.conf b/icinga2/conf.d/timeperiods.conf new file mode 100644 index 000000000..ea162ff89 --- /dev/null +++ b/icinga2/conf.d/timeperiods.conf @@ -0,0 +1,35 @@ +/** + * Sample timeperiods for Icinga 2. + * Check the documentation for details. + */ + +object TimePeriod "24x7" { + display_name = "Icinga 2 24x7 TimePeriod" + ranges = { + "monday" = "00:00-24:00" + "tuesday" = "00:00-24:00" + "wednesday" = "00:00-24:00" + "thursday" = "00:00-24:00" + "friday" = "00:00-24:00" + "saturday" = "00:00-24:00" + "sunday" = "00:00-24:00" + } +} + +object TimePeriod "9to5" { + display_name = "Icinga 2 9to5 TimePeriod" + ranges = { + "monday" = "09:00-17:00" + "tuesday" = "09:00-17:00" + "wednesday" = "09:00-17:00" + "thursday" = "09:00-17:00" + "friday" = "09:00-17:00" + } +} + +object TimePeriod "never" { + display_name = "Icinga 2 never TimePeriod" + ranges = { + } +} + diff --git a/icinga2/conf.d/users.conf b/icinga2/conf.d/users.conf new file mode 100644 index 000000000..aa31e272e --- /dev/null +++ b/icinga2/conf.d/users.conf @@ -0,0 +1,17 @@ +/** + * The example user 'icingaadmin' and the example + * group 'icingaadmins'. + */ + +object User "icingaadmin" { + import "generic-user" + + display_name = "Icinga 2 Admin" + groups = [ "icingaadmins" ] + + email = "root@localhost" +} + +object UserGroup "icingaadmins" { + display_name = "Icinga 2 Admin Group" +} diff --git a/icinga2/constants.conf b/icinga2/constants.conf new file mode 100644 index 000000000..29232d618 --- /dev/null +++ b/icinga2/constants.conf @@ -0,0 +1,28 @@ +/** + * This file defines global constants which can be used in + * the other configuration files. + */ + +/* The directory which contains the plugins from the Monitoring Plugins project. */ +const PluginDir = "/usr/lib/nagios/plugins" + +/* The directory which contains the Manubulon plugins. + * Check the documentation, chapter "SNMP Manubulon Plugin Check Commands", for details. + */ +const ManubulonPluginDir = "/usr/lib/nagios/plugins" + +/* The directory which you use to store additional plugins which ITL provides user contributed command definitions for. + * Check the documentation, chapter "Plugins Contribution", for details. + */ +const PluginContribDir = "/usr/lib/nagios/plugins" + +/* Our local instance name. By default this is the server's hostname as returned by `hostname --fqdn`. + * This should be the common name from the API certificate. + */ +//const NodeName = "localhost" + +/* Our local zone name. */ +const ZoneName = NodeName + +/* Secret key for remote node tickets */ +const TicketSalt = "" diff --git a/icinga2/features-available/api.conf b/icinga2/features-available/api.conf new file mode 100644 index 000000000..b072a4406 --- /dev/null +++ b/icinga2/features-available/api.conf @@ -0,0 +1,10 @@ +/** + * The API listener is used for distributed monitoring setups. + */ + +object ApiListener "api" { + //accept_config = false + //accept_commands = false + + ticket_salt = TicketSalt +} diff --git a/icinga2/features-available/checker.conf b/icinga2/features-available/checker.conf new file mode 100644 index 000000000..6f003b8f3 --- /dev/null +++ b/icinga2/features-available/checker.conf @@ -0,0 +1,5 @@ +/** + * The checker component takes care of executing service checks. + */ + +object CheckerComponent "checker" { } diff --git a/icinga2/features-available/command.conf b/icinga2/features-available/command.conf new file mode 100644 index 000000000..ffdd143a9 --- /dev/null +++ b/icinga2/features-available/command.conf @@ -0,0 +1,7 @@ +/** + * The ExternalCommandListener implements support for the external + * commands pipe. + */ + +object ExternalCommandListener "command" { } + diff --git a/icinga2/features-available/compatlog.conf b/icinga2/features-available/compatlog.conf new file mode 100644 index 000000000..6f5cf5f52 --- /dev/null +++ b/icinga2/features-available/compatlog.conf @@ -0,0 +1,7 @@ +/** + * The CompatLogger type is responsible for writing log files in a format + * that is compatible with Icinga 1.x. + */ + +object CompatLogger "compatlog" { } + diff --git a/icinga2/features-available/debuglog.conf b/icinga2/features-available/debuglog.conf new file mode 100644 index 000000000..e66518fe1 --- /dev/null +++ b/icinga2/features-available/debuglog.conf @@ -0,0 +1,10 @@ +/** + * The FileLogger type writes log information to a log file. + * Unlike the mainlog feature this sets up a logger + * with severity "debug". + */ + +object FileLogger "debug-file" { + severity = "debug" + path = LogDir + "/debug.log" +} diff --git a/icinga2/features-available/elasticsearch.conf b/icinga2/features-available/elasticsearch.conf new file mode 100644 index 000000000..8014913a7 --- /dev/null +++ b/icinga2/features-available/elasticsearch.conf @@ -0,0 +1,8 @@ +object ElasticsearchWriter "elasticsearch" { + //host = "127.0.0.1" + //port = 9200 + //index = "icinga2" + //enable_send_perfdata = false + //flush_threshold = 1024 + //flush_interval = 10s +} diff --git a/icinga2/features-available/gelf.conf b/icinga2/features-available/gelf.conf new file mode 100644 index 000000000..c14c86408 --- /dev/null +++ b/icinga2/features-available/gelf.conf @@ -0,0 +1,10 @@ +/** + * The GelfWriter type writes event log entries + * to a GELF tcp socket provided by Graylog, + * Logstash or any other receiver. + */ + +object GelfWriter "gelf" { + //host = "127.0.0.1" + //port = 12201 +} diff --git a/icinga2/features-available/graphite.conf b/icinga2/features-available/graphite.conf new file mode 100644 index 000000000..ae8a9288f --- /dev/null +++ b/icinga2/features-available/graphite.conf @@ -0,0 +1,9 @@ +/** + * The GraphiteWriter type writes check result metrics and + * performance data to a graphite tcp socket. + */ + +object GraphiteWriter "graphite" { + //host = "127.0.0.1" + //port = 2003 +} diff --git a/icinga2/features-available/influxdb.conf b/icinga2/features-available/influxdb.conf new file mode 100644 index 000000000..af8423577 --- /dev/null +++ b/icinga2/features-available/influxdb.conf @@ -0,0 +1,25 @@ +/** + * The InfluxdbWriter type writes check result metrics and + * performance data to an InfluxDB HTTP API + */ + +object InfluxdbWriter "influxdb" { + //host = "127.0.0.1" + //port = 8086 + //database = "icinga2" + //flush_threshold = 1024 + //flush_interval = 10s + //host_template = { + // measurement = "$host.check_command$" + // tags = { + // hostname = "$host.name$" + // } + //} + //service_template = { + // measurement = "$service.check_command$" + // tags = { + // hostname = "$host.name$" + // service = "$service.name$" + // } + //} +} diff --git a/icinga2/features-available/livestatus.conf b/icinga2/features-available/livestatus.conf new file mode 100644 index 000000000..246c085e3 --- /dev/null +++ b/icinga2/features-available/livestatus.conf @@ -0,0 +1,6 @@ +/** + * The LivestatusListener type implements the Livestatus query protocol. + */ + +object LivestatusListener "livestatus" { } + diff --git a/icinga2/features-available/mainlog.conf b/icinga2/features-available/mainlog.conf new file mode 100644 index 000000000..a3bb19dab --- /dev/null +++ b/icinga2/features-available/mainlog.conf @@ -0,0 +1,8 @@ +/** + * The FileLogger type writes log information to a file. + */ + +object FileLogger "main-log" { + severity = "information" + path = LogDir + "/icinga2.log" +} diff --git a/icinga2/features-available/notification.conf b/icinga2/features-available/notification.conf new file mode 100644 index 000000000..3f9a88edf --- /dev/null +++ b/icinga2/features-available/notification.conf @@ -0,0 +1,5 @@ +/** + * The notification component is responsible for sending notifications. + */ + +object NotificationComponent "notification" { } diff --git a/icinga2/features-available/opentsdb.conf b/icinga2/features-available/opentsdb.conf new file mode 100644 index 000000000..540556c10 --- /dev/null +++ b/icinga2/features-available/opentsdb.conf @@ -0,0 +1,9 @@ +/** + * The OpenTsdbWriter type writes check result metrics and + * performance data to a OpenTSDB tcp socket. + */ + +object OpenTsdbWriter "opentsdb" { + //host = "127.0.0.1" + //port = 4242 +} diff --git a/icinga2/features-available/perfdata.conf b/icinga2/features-available/perfdata.conf new file mode 100644 index 000000000..3ba863540 --- /dev/null +++ b/icinga2/features-available/perfdata.conf @@ -0,0 +1,6 @@ +/** + * The PerfdataWriter type writes performance data files and rotates + * them in a regular interval. + */ + +object PerfdataWriter "perfdata" { } diff --git a/icinga2/features-available/statusdata.conf b/icinga2/features-available/statusdata.conf new file mode 100644 index 000000000..bb81c9617 --- /dev/null +++ b/icinga2/features-available/statusdata.conf @@ -0,0 +1,8 @@ +/** + * The StatusDataWriter type periodically updates the status.dat and objects.cache + * files. These are used by the Icinga 1.x CGIs to display the state of + * hosts and services. + */ + +object StatusDataWriter "status" { } + diff --git a/icinga2/features-available/syslog.conf b/icinga2/features-available/syslog.conf new file mode 100644 index 000000000..3b794b429 --- /dev/null +++ b/icinga2/features-available/syslog.conf @@ -0,0 +1,8 @@ +/** + * The SyslogLogger type writes log information to syslog. + */ + +object SyslogLogger "syslog" { + severity = "warning" +} + diff --git a/icinga2/features-enabled/checker.conf b/icinga2/features-enabled/checker.conf new file mode 120000 index 000000000..d51cf79f5 --- /dev/null +++ b/icinga2/features-enabled/checker.conf @@ -0,0 +1 @@ +../features-available/checker.conf \ No newline at end of file diff --git a/icinga2/features-enabled/mainlog.conf b/icinga2/features-enabled/mainlog.conf new file mode 120000 index 000000000..6bda4a5d3 --- /dev/null +++ b/icinga2/features-enabled/mainlog.conf @@ -0,0 +1 @@ +../features-available/mainlog.conf \ No newline at end of file diff --git a/icinga2/features-enabled/notification.conf b/icinga2/features-enabled/notification.conf new file mode 120000 index 000000000..c31d3b4c2 --- /dev/null +++ b/icinga2/features-enabled/notification.conf @@ -0,0 +1 @@ +../features-available/notification.conf \ No newline at end of file diff --git a/icinga2/icinga2.conf b/icinga2/icinga2.conf new file mode 100644 index 000000000..17513a346 --- /dev/null +++ b/icinga2/icinga2.conf @@ -0,0 +1,57 @@ +/** + * Icinga 2 configuration file + * - this is where you define settings for the Icinga application including + * which hosts/services to check. + * + * For an overview of all available configuration options please refer + * to the documentation that is distributed as part of Icinga 2. + */ + +/** + * The constants.conf defines global constants. + */ +include "constants.conf" + +/** + * The zones.conf defines zones for a cluster setup. + * Not required for single instance setups. + */ +include "zones.conf" + +/** + * The Icinga Template Library (ITL) provides a number of useful templates + * and command definitions. + * Common monitoring plugin command definitions are included separately. + */ +include +include +include +include + +/** + * This includes the Icinga 2 Windows plugins. These command definitions + * are required on a master node when a client is used as command endpoint. + */ +include + +/** + * This includes the NSClient++ check commands. These command definitions + * are required on a master node when a client is used as command endpoint. + */ +include + +/** + * The features-available directory contains a number of configuration + * files for features which can be enabled and disabled using the + * icinga2 feature enable / icinga2 feature disable CLI commands. + * These commands work by creating and removing symbolic links in + * the features-enabled directory. + */ +include "features-enabled/*.conf" + +/** + * Although in theory you could define all your objects in this file + * the preferred way is to create separate directories and files in the conf.d + * directory. Each of these files must have the file extension ".conf". + */ +include_recursive "conf.d" diff --git a/icinga2/scripts/mail-host-notification.sh b/icinga2/scripts/mail-host-notification.sh new file mode 100755 index 000000000..93f942e13 --- /dev/null +++ b/icinga2/scripts/mail-host-notification.sh @@ -0,0 +1,171 @@ +#!/bin/sh +# Icinga 2 | (c) 2012 Icinga GmbH | GPLv2+ +# Except of function urlencode which is Copyright (C) by Brian White (brian@aljex.com) used under MIT license + +PROG="`basename $0`" +ICINGA2HOST="`hostname`" +MAILBIN="mail" + +if [ -z "`which $MAILBIN`" ] ; then + echo "$MAILBIN not found in \$PATH. Consider installing it." + exit 1 +fi + +## Function helpers +Usage() { +cat << EOF + +Required parameters: + -d LONGDATETIME (\$icinga.long_date_time\$) + -l HOSTNAME (\$host.name\$) + -n HOSTDISPLAYNAME (\$host.display_name\$) + -o HOSTOUTPUT (\$host.output\$) + -r USEREMAIL (\$user.email\$) + -s HOSTSTATE (\$host.state\$) + -t NOTIFICATIONTYPE (\$notification.type\$) + +Optional parameters: + -4 HOSTADDRESS (\$address\$) + -6 HOSTADDRESS6 (\$address6\$) + -b NOTIFICATIONAUTHORNAME (\$notification.author\$) + -c NOTIFICATIONCOMMENT (\$notification.comment\$) + -i ICINGAWEB2URL (\$notification_icingaweb2url\$, Default: unset) + -f MAILFROM (\$notification_mailfrom\$, requires GNU mailutils (Debian/Ubuntu) or mailx (RHEL/SUSE)) + -v (\$notification_sendtosyslog\$, Default: false) + +EOF +} + +Help() { + Usage; + exit 0; +} + +Error() { + if [ "$1" ]; then + echo $1 + fi + Usage; + exit 1; +} + +urlencode() { + local LANG=C i=0 c e s="$1" + + while [ $i -lt ${#1} ]; do + [ "$i" -eq 0 ] || s="${s#?}" + c=${s%"${s#?}"} + [ -z "${c#[[:alnum:].~_-]}" ] || c=$(printf '%%%02X' "'$c") + e="${e}${c}" + i=$((i + 1)) + done + echo "$e" +} + +## Main +while getopts 4:6::b:c:d:f:hi:l:n:o:r:s:t:v: opt +do + case "$opt" in + 4) HOSTADDRESS=$OPTARG ;; + 6) HOSTADDRESS6=$OPTARG ;; + b) NOTIFICATIONAUTHORNAME=$OPTARG ;; + c) NOTIFICATIONCOMMENT=$OPTARG ;; + d) LONGDATETIME=$OPTARG ;; # required + f) MAILFROM=$OPTARG ;; + h) Help ;; + i) ICINGAWEB2URL=$OPTARG ;; + l) HOSTNAME=$OPTARG ;; # required + n) HOSTDISPLAYNAME=$OPTARG ;; # required + o) HOSTOUTPUT=$OPTARG ;; # required + r) USEREMAIL=$OPTARG ;; # required + s) HOSTSTATE=$OPTARG ;; # required + t) NOTIFICATIONTYPE=$OPTARG ;; # required + v) VERBOSE=$OPTARG ;; + \?) echo "ERROR: Invalid option -$OPTARG" >&2 + Error ;; + :) echo "Missing option argument for -$OPTARG" >&2 + Error ;; + *) echo "Unimplemented option: -$OPTARG" >&2 + Error ;; + esac +done + +shift $((OPTIND - 1)) + +## Keep formatting in sync with mail-service-notification.sh +for P in LONGDATETIME HOSTNAME HOSTDISPLAYNAME HOSTOUTPUT HOSTSTATE USEREMAIL NOTIFICATIONTYPE ; do + eval "PAR=\$${P}" + + if [ ! "$PAR" ] ; then + Error "Required parameter '$P' is missing." + fi +done + +## Build the message's subject +SUBJECT="[$NOTIFICATIONTYPE] Host $HOSTDISPLAYNAME is $HOSTSTATE!" + +## Build the notification message +NOTIFICATION_MESSAGE=`cat << EOF +***** Host Monitoring on $ICINGA2HOST ***** + +$HOSTDISPLAYNAME is $HOSTSTATE! + +Info: $HOSTOUTPUT + +When: $LONGDATETIME +Host: $HOSTNAME +EOF +` + +## Check whether IPv4 was specified. +if [ -n "$HOSTADDRESS" ] ; then + NOTIFICATION_MESSAGE="$NOTIFICATION_MESSAGE +IPv4: $HOSTADDRESS" +fi + +## Check whether IPv6 was specified. +if [ -n "$HOSTADDRESS6" ] ; then + NOTIFICATION_MESSAGE="$NOTIFICATION_MESSAGE +IPv6: $HOSTADDRESS6" +fi + +## Check whether author and comment was specified. +if [ -n "$NOTIFICATIONCOMMENT" ] ; then + NOTIFICATION_MESSAGE="$NOTIFICATION_MESSAGE + +Comment by $NOTIFICATIONAUTHORNAME: + $NOTIFICATIONCOMMENT" +fi + +## Check whether Icinga Web 2 URL was specified. +if [ -n "$ICINGAWEB2URL" ] ; then + NOTIFICATION_MESSAGE="$NOTIFICATION_MESSAGE + +$ICINGAWEB2URL/monitoring/host/show?host=$(urlencode "$HOSTNAME")" +fi + +## Check whether verbose mode was enabled and log to syslog. +if [ "$VERBOSE" == "true" ] ; then + logger "$PROG sends $SUBJECT => $USEREMAIL" +fi + +## Send the mail using the $MAILBIN command. +## If an explicit sender was specified, try to set it. +if [ -n "$MAILFROM" ] ; then + + ## Modify this for your own needs! + + ## Debian/Ubuntu use mailutils which requires `-a` to append the header + if [ -f /etc/debian_version ]; then + /usr/bin/printf "%b" "$NOTIFICATION_MESSAGE" | tr -d '\015' \ + | $MAILBIN -a "From: $MAILFROM" -s "$SUBJECT" $USEREMAIL + ## Other distributions (RHEL/SUSE/etc.) prefer mailx which sets a sender address with `-r` + else + /usr/bin/printf "%b" "$NOTIFICATION_MESSAGE" | tr -d '\015' \ + | $MAILBIN -r "$MAILFROM" -s "$SUBJECT" $USEREMAIL + fi + +else + /usr/bin/printf "%b" "$NOTIFICATION_MESSAGE" | tr -d '\015' \ + | $MAILBIN -s "$SUBJECT" $USEREMAIL +fi diff --git a/icinga2/scripts/mail-service-notification.sh b/icinga2/scripts/mail-service-notification.sh new file mode 100755 index 000000000..8ccb8d456 --- /dev/null +++ b/icinga2/scripts/mail-service-notification.sh @@ -0,0 +1,176 @@ +#!/bin/sh +# Icinga 2 | (c) 2012 Icinga GmbH | GPLv2+ +# Except of function urlencode which is Copyright (C) by Brian White (brian@aljex.com) used under MIT license + +PROG="`basename $0`" +ICINGA2HOST="`hostname`" +MAILBIN="mail" + +if [ -z "`which $MAILBIN`" ] ; then + echo "$MAILBIN not found in \$PATH. Consider installing it." + exit 1 +fi + +## Function helpers +Usage() { +cat << EOF + +Required parameters: + -d LONGDATETIME (\$icinga.long_date_time\$) + -e SERVICENAME (\$service.name\$) + -l HOSTNAME (\$host.name\$) + -n HOSTDISPLAYNAME (\$host.display_name\$) + -o SERVICEOUTPUT (\$service.output\$) + -r USEREMAIL (\$user.email\$) + -s SERVICESTATE (\$service.state\$) + -t NOTIFICATIONTYPE (\$notification.type\$) + -u SERVICEDISPLAYNAME (\$service.display_name\$) + +Optional parameters: + -4 HOSTADDRESS (\$address\$) + -6 HOSTADDRESS6 (\$address6\$) + -b NOTIFICATIONAUTHORNAME (\$notification.author\$) + -c NOTIFICATIONCOMMENT (\$notification.comment\$) + -i ICINGAWEB2URL (\$notification_icingaweb2url\$, Default: unset) + -f MAILFROM (\$notification_mailfrom\$, requires GNU mailutils (Debian/Ubuntu) or mailx (RHEL/SUSE)) + -v (\$notification_sendtosyslog\$, Default: false) + +EOF +} + +Help() { + Usage; + exit 0; +} + +Error() { + if [ "$1" ]; then + echo $1 + fi + Usage; + exit 1; +} + +urlencode() { + local LANG=C i=0 c e s="$1" + + while [ $i -lt ${#1} ]; do + [ "$i" -eq 0 ] || s="${s#?}" + c=${s%"${s#?}"} + [ -z "${c#[[:alnum:].~_-]}" ] || c=$(printf '%%%02X' "'$c") + e="${e}${c}" + i=$((i + 1)) + done + echo "$e" +} + +## Main +while getopts 4:6:b:c:d:e:f:hi:l:n:o:r:s:t:u:v: opt +do + case "$opt" in + 4) HOSTADDRESS=$OPTARG ;; + 6) HOSTADDRESS6=$OPTARG ;; + b) NOTIFICATIONAUTHORNAME=$OPTARG ;; + c) NOTIFICATIONCOMMENT=$OPTARG ;; + d) LONGDATETIME=$OPTARG ;; # required + e) SERVICENAME=$OPTARG ;; # required + f) MAILFROM=$OPTARG ;; + h) Usage ;; + i) ICINGAWEB2URL=$OPTARG ;; + l) HOSTNAME=$OPTARG ;; # required + n) HOSTDISPLAYNAME=$OPTARG ;; # required + o) SERVICEOUTPUT=$OPTARG ;; # required + r) USEREMAIL=$OPTARG ;; # required + s) SERVICESTATE=$OPTARG ;; # required + t) NOTIFICATIONTYPE=$OPTARG ;; # required + u) SERVICEDISPLAYNAME=$OPTARG ;; # required + v) VERBOSE=$OPTARG ;; + \?) echo "ERROR: Invalid option -$OPTARG" >&2 + Usage ;; + :) echo "Missing option argument for -$OPTARG" >&2 + Usage ;; + *) echo "Unimplemented option: -$OPTARG" >&2 + Usage ;; + esac +done + +shift $((OPTIND - 1)) + +## Keep formatting in sync with mail-host-notification.sh +for P in LONGDATETIME HOSTNAME HOSTDISPLAYNAME SERVICENAME SERVICEDISPLAYNAME SERVICEOUTPUT SERVICESTATE USEREMAIL NOTIFICATIONTYPE ; do + eval "PAR=\$${P}" + + if [ ! "$PAR" ] ; then + Error "Required parameter '$P' is missing." + fi +done + +## Build the message's subject +SUBJECT="[$NOTIFICATIONTYPE] $SERVICEDISPLAYNAME on $HOSTDISPLAYNAME is $SERVICESTATE!" + +## Build the notification message +NOTIFICATION_MESSAGE=`cat << EOF +***** Service Monitoring on $ICINGA2HOST ***** + +$SERVICEDISPLAYNAME on $HOSTDISPLAYNAME is $SERVICESTATE! + +Info: $SERVICEOUTPUT + +When: $LONGDATETIME +Service: $SERVICENAME +Host: $HOSTNAME +EOF +` + +## Check whether IPv4 was specified. +if [ -n "$HOSTADDRESS" ] ; then + NOTIFICATION_MESSAGE="$NOTIFICATION_MESSAGE +IPv4: $HOSTADDRESS" +fi + +## Check whether IPv6 was specified. +if [ -n "$HOSTADDRESS6" ] ; then + NOTIFICATION_MESSAGE="$NOTIFICATION_MESSAGE +IPv6: $HOSTADDRESS6" +fi + +## Check whether author and comment was specified. +if [ -n "$NOTIFICATIONCOMMENT" ] ; then + NOTIFICATION_MESSAGE="$NOTIFICATION_MESSAGE + +Comment by $NOTIFICATIONAUTHORNAME: + $NOTIFICATIONCOMMENT" +fi + +## Check whether Icinga Web 2 URL was specified. +if [ -n "$ICINGAWEB2URL" ] ; then + NOTIFICATION_MESSAGE="$NOTIFICATION_MESSAGE + +$ICINGAWEB2URL/monitoring/service/show?host=$(urlencode "$HOSTNAME")&service=$(urlencode "$SERVICENAME")" +fi + +## Check whether verbose mode was enabled and log to syslog. +if [ "$VERBOSE" == "true" ] ; then + logger "$PROG sends $SUBJECT => $USEREMAIL" +fi + +## Send the mail using the $MAILBIN command. +## If an explicit sender was specified, try to set it. +if [ -n "$MAILFROM" ] ; then + + ## Modify this for your own needs! + + ## Debian/Ubuntu use mailutils which requires `-a` to append the header + if [ -f /etc/debian_version ]; then + /usr/bin/printf "%b" "$NOTIFICATION_MESSAGE" | tr -d '\015' \ + | $MAILBIN -a "From: $MAILFROM" -s "$SUBJECT" $USEREMAIL + ## Other distributions (RHEL/SUSE/etc.) prefer mailx which sets a sender address with `-r` + else + /usr/bin/printf "%b" "$NOTIFICATION_MESSAGE" | tr -d '\015' \ + | $MAILBIN -r "$MAILFROM" -s "$SUBJECT" $USEREMAIL + fi + +else + /usr/bin/printf "%b" "$NOTIFICATION_MESSAGE" | tr -d '\015' \ + | $MAILBIN -s "$SUBJECT" $USEREMAIL +fi diff --git a/icinga2/zones.conf b/icinga2/zones.conf new file mode 100644 index 000000000..70ac766d8 --- /dev/null +++ b/icinga2/zones.conf @@ -0,0 +1,63 @@ +/* + * Endpoint and Zone configuration for a cluster setup + * This local example requires `NodeName` defined in + * constants.conf. + */ + +object Endpoint NodeName { + host = NodeName +} + +object Zone ZoneName { + endpoints = [ NodeName ] +} + +/* + * Defines a global zone for distributed setups with masters, + * satellites and clients. + * This is required to sync configuration commands, + * templates, apply rules, etc. to satellite and clients. + * All nodes require the same configuration and must + * have `accept_config` enabled in the `api` feature. + */ + +object Zone "global-templates" { + global = true +} + +/* + * Defines a global zone for the Icinga Director. + * This is required to sync configuration commands, + * templates, apply rules, etc. to satellite and clients. + * All nodes require the same configuration and must + * have `accept_config` enabled in the `api` feature. + */ + +object Zone "director-global" { + global = true +} + +/* + * Read the documentation on how to configure + * a cluster setup with multiple zones. + */ + +/* +object Endpoint "master.example.org" { + host = "master.example.org" +} + +object Endpoint "satellite.example.org" { + host = "satellite.example.org" +} + +object Zone "master" { + endpoints = [ "master.example.org" ] +} + +object Zone "satellite" { + parent = "master" + endpoints = [ "satellite.example.org" ] +} +*/ + diff --git a/icinga2/zones.d/README b/icinga2/zones.d/README new file mode 100644 index 000000000..e378eae9d --- /dev/null +++ b/icinga2/zones.d/README @@ -0,0 +1,2 @@ +Please check the documentation for more details: +https://icinga.com/docs/icinga2/latest/doc/06-distributed-monitoring/ diff --git a/init.d/icinga2 b/init.d/icinga2 new file mode 100755 index 000000000..3abca95d2 --- /dev/null +++ b/init.d/icinga2 @@ -0,0 +1,239 @@ +#! /bin/sh +### BEGIN INIT INFO +# Provides: icinga2 +# Required-Start: $remote_fs $syslog +# Required-Stop: $remote_fs $syslog +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: icinga2 host/service/network monitoring and management system +# Description: icinga2 is a monitoring and management system for hosts, services and networks. +### END INIT INFO + +# Author: Alexander Wirt +# Markus Frosch + +# PATH should only include /usr/* if it runs after the mountnfs.sh script +PATH=/sbin:/usr/sbin:/bin:/usr/bin +DESC="icinga2 monitoring daemon" +NAME=icinga2 +DAEMON=/usr/sbin/icinga2 +DAEMON_CONFIG="/etc/icinga2/icinga2.conf" +DAEMON_USER=nagios +DAEMON_GROUP=nagios +DAEMON_CMDGROUP=www-data +DAEMON_ARGS="-e /var/log/icinga2/icinga2.err" +STARTUP_LOG="/var/log/icinga2/startup.log" +PIDFILE=/run/icinga2/$NAME.pid +SCRIPTNAME=/etc/init.d/$NAME + +# Block/ignore SIGPIPE inside Icinga2 +# Workaround for a known bug in 2.6.0 +# see https://github.com/Icinga/icinga2/issues/4867#issuecomment-273109525 +trap '' 13 # SIGPIPE + +# Exit if the package is not installed +[ -x "$DAEMON" ] || exit 0 + +# Read configuration variable file if it is present +[ -r /etc/default/$NAME ] && . /etc/default/$NAME + +# Load the VERBOSE setting and other rcS variables +. /lib/init/vars.sh + +# Define LSB log_* functions. +# Depend on lsb-base (>= 3.2-14) to ensure that this file is present +# and status_of_proc is working. +. /lib/lsb/init-functions + +# check run directory +check_run () { + test -d '/run/icinga2' || mkdir /run/icinga2 + test -d '/run/icinga2/cmd' || mkdir /run/icinga2/cmd + + chown "$DAEMON_USER":"$DAEMON_GROUP" /run/icinga2 + chmod 0755 /run/icinga2 + + chown "$DAEMON_USER":"$DAEMON_CMDGROUP" /run/icinga2/cmd + chmod 2710 /run/icinga2/cmd +} + +check_config () { + $DAEMON daemon --validate +} + +# +# Function that starts the daemon/service +# +do_start() +{ + check_run + # Return + # 0 if daemon has been started + # 1 if daemon was already running + # 2 if daemon could not be started + start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \ + || return 1 + start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \ + daemon -d $DAEMON_ARGS \ + || return 2 + # Add code here, if necessary, that waits for the process to be ready + # to handle requests from services started subsequently which depend + # on this one. As a last resort, sleep for some time. +} + +# +# Function that starts the daemon/service in foreground for debugging +# +do_foreground() +{ + start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test \ + || return 1 + start-stop-daemon --start --pidfile $PIDFILE --exec $DAEMON -- \ + daemon $DAEMON_ARGS \ + || return 2 +} + +# +# Function that stops the daemon/service +# +do_stop() +{ + # Return + # 0 if daemon has been stopped + # 1 if daemon was already stopped + # 2 if daemon could not be stopped + # other if a failure occurred + start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --name $NAME + RETVAL="$?" + [ "$RETVAL" = 2 ] && return 2 + # Wait for children to finish too if this is a daemon that forks + # and if the daemon is only ever run from this initscript. + # If the above conditions are not satisfied then add some other code + # that waits for the process to drop all resources that could be + # needed by services started subsequently. A last resort is to + # sleep for some time. + start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --exec $DAEMON + [ "$?" = 2 ] && return 2 + # Many daemons don't delete their pidfiles when they exit. + rm -f $PIDFILE + return "$RETVAL" +} + +# +# Function that sends a SIGHUP to the daemon/service +# +do_reload() { + # + # If the daemon can reload its configuration without + # restarting (for example, when it is sent a SIGHUP), + # then implement that here. + # + start-stop-daemon --stop --signal 1 --quiet --pidfile $PIDFILE --name $NAME + return 0 +} + +do_check_config () { + DOEXITONOK="$1" + log_begin_msg "checking Icinga2 configuration" + if ! check_config >$STARTUP_LOG 2>&1; then + echo + [ -n "$DOEXITONOK" ] && cat $STARTUP_LOG + log_failure_msg "checking Icinga2 configuration. Check '$STARTUP_LOG' for details." + exit 1 + else + log_end_msg 0 + [ -n "$DOEXITONOK" ] && exit 0 + fi +} + +case "$1" in + start) + do_check_config + log_daemon_msg "Starting $DESC" "$NAME" + do_start + case "$?" in + 0|1) log_end_msg 0 ;; + 2) log_end_msg 1 ;; + esac + ;; + foreground) + do_check_config + log_action_msg "Starting $DESC in foreground" + status=0 + trap 'status=2;' INT # handle intr here + for i in 1 2; do + do_foreground || status="$?" + case "$status" in + 0) + log_success_msg "$NAME ended graceful" + break + ;; + 1) + if [ "$i" -eq 1 ]; then + log_warning_msg "$NAME already running!" + log_begin_msg "Do you want to stop $NAME before going foreground? [y/N] " + read -r question + if [ "$question" = "y" ] || [ "$question" = "yes" ]; then + do_stop + continue + fi + fi + log_failure_msg "$NAME already running! Please stop before starting in foreground!" + break + ;; + 2) + log_failure_msg "$NAME ended" + break + ;; + esac + done + exit $status + ;; + stop) + log_daemon_msg "Stopping $DESC" "$NAME" + do_stop + case "$?" in + 0|1) log_end_msg 0 ;; + 2) log_end_msg 1 ;; + esac + ;; + status) + status_of_proc -p "$PIDFILE" "$DAEMON" "$NAME" && exit 0 || exit $? + ;; + reload|force-reload) + do_check_config + status_of_proc -p "$PIDFILE" "$DAEMON" "$NAME" || exit $? + log_daemon_msg "Reloading $DESC" "$NAME" + do_reload + log_end_msg $? + ;; + restart) + do_check_config + log_daemon_msg "Restarting $DESC" "$NAME" + do_stop + case "$?" in + 0|1) + do_start + case "$?" in + 0) log_end_msg 0 ;; + 1) log_end_msg 1 ;; # Old process is still running + *) log_end_msg 1 ;; # Failed to start + esac + ;; + *) + # Failed to stop + log_end_msg 1 + ;; + esac + ;; + checkconfig) + do_check_config 1 + ;; + *) + echo "Usage: $SCRIPTNAME {start|stop|status|reload|force-reload|restart|checkconfig|foreground}" >&2 + exit 3 + ;; +esac + +# vi: ts=2 sw=2 expandtab : +: diff --git a/logrotate.d/icinga2 b/logrotate.d/icinga2 new file mode 100644 index 000000000..df45df74a --- /dev/null +++ b/logrotate.d/icinga2 @@ -0,0 +1,23 @@ +/var/log/icinga2/icinga2.log /var/log/icinga2/debug.log { + daily + rotate 7 + compress + delaycompress + missingok + notifempty + create 644 nagios nagios + postrotate + /bin/kill -USR1 $(cat /run/icinga2/icinga2.pid 2> /dev/null) 2> /dev/null || true + endscript +} + +/var/log/icinga2/error.log { + daily + rotate 90 + compress + delaycompress + missingok + notifempty + create 644 nagios nagios + # TODO: figure out how to get Icinga to re-open this log file +} diff --git a/nagios-plugins/config/apt.cfg b/nagios-plugins/config/apt.cfg new file mode 100644 index 000000000..d3ceb7c18 --- /dev/null +++ b/nagios-plugins/config/apt.cfg @@ -0,0 +1,12 @@ +# 'check_apt' command definition +define command{ + command_name check_apt + command_line /usr/lib/nagios/plugins/check_apt + } + +# 'check_apt_distupgrade' command definition +define command{ + command_name check_apt_distupgrade + command_line /usr/lib/nagios/plugins/check_apt -d + } + diff --git a/nagios-plugins/config/dhcp.cfg b/nagios-plugins/config/dhcp.cfg new file mode 100644 index 000000000..a6c0c02c0 --- /dev/null +++ b/nagios-plugins/config/dhcp.cfg @@ -0,0 +1,15 @@ +# note: these plugins require root privilege. see README.Debian for +# more information on how it is recommended that you do this. + +# 'check_dhcp' command definition +define command{ + command_name check_dhcp + command_line /usr/lib/nagios/plugins/check_dhcp -s '$HOSTADDRESS$' '$ARG1$' + } + +# 'check_dhcp_interface' command definition +define command{ + command_name check_dhcp_interface + command_line /usr/lib/nagios/plugins/check_dhcp -s '$HOSTADDRESS$' -i '$ARG1$' '$ARG2$' + } + diff --git a/nagios-plugins/config/disk.cfg b/nagios-plugins/config/disk.cfg new file mode 100644 index 000000000..3f5fcaf96 --- /dev/null +++ b/nagios-plugins/config/disk.cfg @@ -0,0 +1,27 @@ +# 'check_disk' command definition +define command{ + command_name check_disk + command_line /usr/lib/nagios/plugins/check_disk -w '$ARG1$' -c '$ARG2$' -e -p '$ARG3$' + } + +# 'check_all_disks' command definition +define command{ + command_name check_all_disks + command_line /usr/lib/nagios/plugins/check_disk -w '$ARG1$' -c '$ARG2$' -e + } + +# 'ssh_disk' command definition +define command{ + command_name ssh_disk + command_line /usr/lib/nagios/plugins/check_by_ssh -H '$HOSTADDRESS$' -C "/usr/lib/nagios/plugins/check_disk -w '$ARG1$' -c '$ARG2$' -e -p '$ARG3$'" + } + +#### +# use these checks, if you want to test IPv4 connectivity on IPv6 enabled systems +#### + +# 'ssh_disk_4' command definition +define command{ + command_name ssh_disk_4 + command_line /usr/lib/nagios/plugins/check_by_ssh -H '$HOSTADDRESS$' -C "/usr/lib/nagios/plugins/check_disk -w '$ARG1$' -c '$ARG2$' -e -p '$ARG3$'" -4 + } diff --git a/nagios-plugins/config/dummy.cfg b/nagios-plugins/config/dummy.cfg new file mode 100644 index 000000000..bfb7ef4e2 --- /dev/null +++ b/nagios-plugins/config/dummy.cfg @@ -0,0 +1,29 @@ +# return-ok definition +define command { + command_name return-ok + command_line /usr/lib/nagios/plugins/check_dummy 0 +} + +# return-warning definition +define command { + command_name return-warning + command_line /usr/lib/nagios/plugins/check_dummy 1 +} + +# return-critical definition +define command { + command_name return-critical + command_line /usr/lib/nagios/plugins/check_dummy 2 +} + +# return-unknown definition +define command { + command_name return-unknown + command_line /usr/lib/nagios/plugins/check_dummy 3 +} + +# return-numeric definition +define command { + command_name return-numeric + command_line /usr/lib/nagios/plugins/check_dummy '$ARG1$' +} diff --git a/nagios-plugins/config/ftp.cfg b/nagios-plugins/config/ftp.cfg new file mode 100644 index 000000000..79bf2fd75 --- /dev/null +++ b/nagios-plugins/config/ftp.cfg @@ -0,0 +1,15 @@ +# 'check_ftp' command definition +define command{ + command_name check_ftp + command_line /usr/lib/nagios/plugins/check_ftp -H '$HOSTADDRESS$' '$ARG1$' + } + +#### +# use these checks, if you want to test IPv4 connectivity on IPv6 enabled systems +#### + +# 'check_ftp_4' command definition +define command{ + command_name check_ftp_4 + command_line /usr/lib/nagios/plugins/check_ftp -H '$HOSTADDRESS$' -4 '$ARG1$' + } diff --git a/nagios-plugins/config/http.cfg b/nagios-plugins/config/http.cfg new file mode 100644 index 000000000..16072de12 --- /dev/null +++ b/nagios-plugins/config/http.cfg @@ -0,0 +1,111 @@ +# 'check_http' command definition +define command{ + command_name check_http + command_line /usr/lib/nagios/plugins/check_http -H '$HOSTADDRESS$' -I '$HOSTADDRESS$' '$ARG1$' + } + +# 'check_http_hostname' command definition +define command{ + command_name check_httpname + command_line /usr/lib/nagios/plugins/check_http -H '$HOSTNAME$' -I '$HOSTADDRESS$' '$ARG1$' + } + +# 'check_http2' command definition +define command{ + command_name check_http2 + command_line /usr/lib/nagios/plugins/check_http -H '$ARG1$' -I '$HOSTADDRESS$' -w '$ARG2$' -c '$ARG3$' '$ARG4$' + } + +# 'check_squid' command definition +define command{ + command_name check_squid + command_line /usr/lib/nagios/plugins/check_http -H '$HOSTADDRESS$' -p '$ARG1$' -u '$ARG2$' + } + +# 'check_https' command definition +define command{ + command_name check_https + command_line /usr/lib/nagios/plugins/check_http --ssl -H '$HOSTADDRESS$' -I '$HOSTADDRESS$' '$ARG1$' + } + +# 'check_https_hostname' command definition +define command{ + command_name check_https_hostname + command_line /usr/lib/nagios/plugins/check_http --ssl -H '$HOSTNAME$' -I '$HOSTADDRESS$' '$ARG1$' + } + +# 'check_https_auth' command definition +define command{ + command_name check_https_auth + command_line /usr/lib/nagios/plugins/check_http --ssl -H '$HOSTADDRESS$' -I '$HOSTADDRESS$' -a '$ARG1$' '$ARG2$' + } + +# 'check_https_auth_hostname' command definition +define command{ + command_name check_https_auth_hostname + command_line /usr/lib/nagios/plugins/check_http --ssl -H '$HOSTNAME$' -I '$HOSTADDRESS$' -a '$ARG1$' '$ARG2$' + } + +# 'check_cups' command definition +define command{ + command_name check_cups + command_line /usr/lib/nagios/plugins/check_http -I '$HOSTADDRESS$' -p 631 '$ARG1$' + } + +#### +# use these checks, if you want to test IPv4 connectivity on IPv6 enabled systems +#### + +# 'check_http_4' command definition +define command{ + command_name check_http_4 + command_line /usr/lib/nagios/plugins/check_http -H '$HOSTADDRESS$' -I '$HOSTADDRESS$' -4 '$ARG1$' + } + +# 'check_http_hostname_4' command definition +define command{ + command_name check_httpname_4 + command_line /usr/lib/nagios/plugins/check_http -H '$HOSTNAME$' -I '$HOSTADDRESS$' -4 '$ARG1$' + } + +# 'check_http2_4' command definition +define command{ + command_name check_http2_4 + command_line /usr/lib/nagios/plugins/check_http -H '$ARG1$' -I '$HOSTADDRESS$' -w '$ARG2$' -c '$ARG3$' -4 '$ARG4$' + } + +# 'check_squid_4' command definition +define command{ + command_name check_squid_4 + command_line /usr/lib/nagios/plugins/check_http -H '$HOSTADDRESS$' -p '$ARG1$' -u '$ARG2$' -4 + } + +# 'check_https_4' command definition +define command{ + command_name check_https_4 + command_line /usr/lib/nagios/plugins/check_http --ssl -H '$HOSTADDRESS$' -I '$HOSTADDRESS$' -4 '$ARG1$' + } + +# 'check_https_hostname_4' command definition +define command{ + command_name check_https_hostname_4 + command_line /usr/lib/nagios/plugins/check_http --ssl -H '$HOSTNAME$' -I '$HOSTADDRESS$' -4 '$ARG1$' + } + +# 'check_https_auth_4' command definition +define command{ + command_name check_https_auth_4 + command_line /usr/lib/nagios/plugins/check_http --ssl -H '$HOSTADDRESS$' -I '$HOSTADDRESS$' -a '$ARG1$' -4 '$ARG2$' + } + +# 'check_https_auth_hostname_4' command definition +define command{ + command_name check_https_auth_hostname_4 + command_line /usr/lib/nagios/plugins/check_http --ssl -H '$HOSTNAME' -I '$HOSTADDRESS$' -a '$ARG1$' -4 '$ARG2$' + } + +# 'check_cups_4' command definition +define command{ + command_name check_cups_4 + command_line /usr/lib/nagios/plugins/check_http -I '$HOSTADDRESS$' -p 631 -4 '$ARG1$' + } diff --git a/nagios-plugins/config/load.cfg b/nagios-plugins/config/load.cfg new file mode 100644 index 000000000..c87efdefe --- /dev/null +++ b/nagios-plugins/config/load.cfg @@ -0,0 +1,6 @@ +# 'check_load' command definition +define command{ + command_name check_load + command_line /usr/lib/nagios/plugins/check_load --warning='$ARG1$,$ARG2$,$ARG3$' --critical='$ARG4$,$ARG5$,$ARG6$' + } + diff --git a/nagios-plugins/config/mail.cfg b/nagios-plugins/config/mail.cfg new file mode 100644 index 000000000..1da80503e --- /dev/null +++ b/nagios-plugins/config/mail.cfg @@ -0,0 +1,77 @@ +# 'check_pop' command definition +define command { + command_name check_pop + command_line /usr/lib/nagios/plugins/check_pop -H '$HOSTADDRESS$' '$ARG1$' +} + + +# 'check_smtp' command definition +define command { + command_name check_smtp + command_line /usr/lib/nagios/plugins/check_smtp -H '$HOSTADDRESS$' '$ARG1$' +} + +# 'check_ssmtp' command definition +define command { + command_name check_ssmtp + command_line /usr/lib/nagios/plugins/check_ssmtp -H '$HOSTADDRESS$' '$ARG1$' +} + +# 'check_imap' command definition +define command { + command_name check_imap + command_line /usr/lib/nagios/plugins/check_imap -H '$HOSTADDRESS$' '$ARG1$' +} + +# 'check_spop' command definition +define command { + command_name check_spop + command_line /usr/lib/nagios/plugins/check_pop -p 995 -H '$HOSTADDRESS$' -S '$ARG1$' +} + + +# 'check_simap' command definition +define command { + command_name check_simap + command_line /usr/lib/nagios/plugins/check_imap -p 993 -H '$HOSTADDRESS$' -S '$ARG1$' +} + +#### +# use these checks, if you want to test IPv4 connectivity on IPv6 enabled systems +#### + +# 'check_pop_4' command definition +define command { + command_name check_pop_4 + command_line /usr/lib/nagios/plugins/check_pop -H '$HOSTADDRESS$' -4 '$ARG1$' +} + +# 'check_smtp_4' command definition +define command { + command_name check_smtp_4 + command_line /usr/lib/nagios/plugins/check_smtp -H '$HOSTADDRESS$' -4 '$ARG1$' +} + +# 'check_ssmtp_4' command definition +define command { + command_name check_ssmtp_4 + command_line /usr/lib/nagios/plugins/check_ssmtp -H '$HOSTADDRESS$' -4 '$ARG1$' +} + +# 'check_imap_4' command definition +define command { + command_name check_imap_4 + command_line /usr/lib/nagios/plugins/check_imap -H '$HOSTADDRESS$' -4 '$ARG1$' +} + +# 'check_spop_4' command definition +define command { + command_name check_spop_4 + command_line /usr/lib/nagios/plugins/check_pop -p 995 -H '$HOSTADDRESS$' -S -4 '$ARG1$' +} + +# 'check_simap_4' command definition +define command { + command_name check_simap_4 + command_line /usr/lib/nagios/plugins/check_imap -p 993 -H '$HOSTADDRESS$' -S -4 '$ARG1$' +} diff --git a/nagios-plugins/config/news.cfg b/nagios-plugins/config/news.cfg new file mode 100644 index 000000000..065b395b8 --- /dev/null +++ b/nagios-plugins/config/news.cfg @@ -0,0 +1,15 @@ +# 'check_nntp' command definition +define command{ + command_name check_nntp + command_line /usr/lib/nagios/plugins/check_nntp -H '$HOSTADDRESS$' '$ARG1$' + } + +#### +# use these checks, if you want to test IPv4 connectivity on IPv6 enabled systems +#### + +# 'check_nntp_4' command definition +define command{ + command_name check_nntp_4 + command_line /usr/lib/nagios/plugins/check_nntp -H '$HOSTADDRESS$' -4 '$ARG1$' + } diff --git a/nagios-plugins/config/ntp.cfg b/nagios-plugins/config/ntp.cfg new file mode 100644 index 000000000..866871805 --- /dev/null +++ b/nagios-plugins/config/ntp.cfg @@ -0,0 +1,17 @@ +# 'check_ntp' command definition +define command{ + command_name check_ntp + command_line /usr/lib/nagios/plugins/check_ntp_peer -H '$HOSTADDRESS$' '$ARG1$' + } + +# 'check_ntp_ntpq' command definition +define command{ + command_name check_ntp_ntpq + command_line /usr/lib/nagios/plugins/check_ntp_peer -H '$HOSTADDRESS$' -j 10 -k 15 '$ARG1$' + } + +# 'check_time' command definition +define command{ + command_name check_time + command_line /usr/lib/nagios/plugins/check_time -H '$HOSTADDRESS$' '$ARG1$' + } diff --git a/nagios-plugins/config/ping.cfg b/nagios-plugins/config/ping.cfg new file mode 100644 index 000000000..4d76cab6a --- /dev/null +++ b/nagios-plugins/config/ping.cfg @@ -0,0 +1,72 @@ +# 'check_ping' command definition +define command{ + command_name check_ping + command_line /usr/lib/nagios/plugins/check_ping -H '$HOSTADDRESS$' -w '$ARG1$' -c '$ARG2$' + } + + +# 'check-host-alive' command definition +define command{ + command_name check-host-alive + command_line /usr/lib/nagios/plugins/check_ping -H '$HOSTADDRESS$' -w 5000,100% -c 5000,100% -p 1 + } + + +# 'check-printer-alive' command definition +define command{ + command_name check-printer-alive + command_line /usr/lib/nagios/plugins/check_ping -H '$HOSTADDRESS$' -w 5000,100% -c 5000,100% -p 1 + } + + +# 'check-switch-alive' command definition +define command{ + command_name check-switch-alive + command_line /usr/lib/nagios/plugins/check_ping -H '$HOSTADDRESS$' -w 5000,100% -c 5000,100% -p 1 + } + + +# 'check-router-alive' command definition +define command{ + command_name check-router-alive + command_line /usr/lib/nagios/plugins/check_ping -H '$HOSTADDRESS$' -w 5000,100% -c 5000,100% -p 1 + } + +#### +# use these checks, if you want to test IPv4 connectivity on IPv6 enabled systems +#### + +# 'check_ping_4' command definition +define command{ + command_name check_ping_4 + command_line /usr/lib/nagios/plugins/check_ping -H '$HOSTADDRESS$' -w '$ARG1$' -c '$ARG2$' -4 + } + + +# 'check-host-alive_4' command definition +define command{ + command_name check-host-alive_4 + command_line /usr/lib/nagios/plugins/check_ping -H '$HOSTADDRESS$' -w 5000,100% -c 5000,100% -p 1 -4 + } + + +# 'check-printer-alive_4' command definition +define command{ + command_name check-printer-alive_4 + command_line /usr/lib/nagios/plugins/check_ping -H '$HOSTADDRESS$' -w 5000,100% -c 5000,100% -p 1 -4 + } + + +# 'check-switch-alive_4' command definition +define command{ + command_name check-switch-alive_4 + command_line /usr/lib/nagios/plugins/check_ping -H '$HOSTADDRESS$' -w 5000,100% -c 5000,100% -p 1 -4 + } + + +# 'check-router-alive_4' command definition +define command{ + command_name check-router-alive_4 + command_line /usr/lib/nagios/plugins/check_ping -H '$HOSTADDRESS$' -w 5000,100% -c 5000,100% -p 1 -4 + } + diff --git a/nagios-plugins/config/procs.cfg b/nagios-plugins/config/procs.cfg new file mode 100644 index 000000000..47158e4aa --- /dev/null +++ b/nagios-plugins/config/procs.cfg @@ -0,0 +1,20 @@ +# 'check_procs' command definition +define command{ + command_name check_procs + command_line /usr/lib/nagios/plugins/check_procs -w '$ARG1$' -c '$ARG2$' + } + + +# 'check_procs_zombie' command definition +define command{ + command_name check_procs_zombie + command_line /usr/lib/nagios/plugins/check_procs -w '$ARG1$' -c '$ARG2$' -s Z + } + + +# 'check_procs_httpd' command definition +define command{ + command_name check_procs_httpd + command_line /usr/lib/nagios/plugins/check_procs -w 5:'$ARG1$' -c 1:'$ARG2$' -C httpd + } + diff --git a/nagios-plugins/config/real.cfg b/nagios-plugins/config/real.cfg new file mode 100644 index 000000000..3afb59c7e --- /dev/null +++ b/nagios-plugins/config/real.cfg @@ -0,0 +1,13 @@ +# 'check_real_url' command definition +define command{ + command_name check_real_url + command_line /usr/lib/nagios/plugins/check_real '$HOSTADDRESS$' -p '$ARG1$' -wt '$ARG2$' -ct '$ARG3$' -to 5 -u '$ARG4$' + } + + +# 'check_real' command definition +define command{ + command_name check_real + command_line /usr/lib/nagios/plugins/check_real '$HOSTADDRESS$' -p '$ARG1$' -wt '$ARG2$' -ct '$ARG3$' -to 5 + } + diff --git a/nagios-plugins/config/ssh.cfg b/nagios-plugins/config/ssh.cfg new file mode 100644 index 000000000..29a6d1773 --- /dev/null +++ b/nagios-plugins/config/ssh.cfg @@ -0,0 +1,27 @@ +# 'check_ssh' command definition +define command{ + command_name check_ssh + command_line /usr/lib/nagios/plugins/check_ssh '$HOSTADDRESS$' + } + +# 'check_ssh_port' command definition +define command{ + command_name check_ssh_port + command_line /usr/lib/nagios/plugins/check_ssh -p '$ARG1$' '$HOSTADDRESS$' + } + +#### +# use these checks, if you want to test IPv4 connectivity on IPv6 enabled systems +#### + +# 'check_ssh_4' command definition +define command{ + command_name check_ssh_4 + command_line /usr/lib/nagios/plugins/check_ssh -4 '$HOSTADDRESS$' + } + +# 'check_ssh_port_4' command definition +define command{ + command_name check_ssh_port_4 + command_line /usr/lib/nagios/plugins/check_ssh -4 -p '$ARG1$' '$HOSTADDRESS$' + } diff --git a/nagios-plugins/config/tcp_udp.cfg b/nagios-plugins/config/tcp_udp.cfg new file mode 100644 index 000000000..140e84c4e --- /dev/null +++ b/nagios-plugins/config/tcp_udp.cfg @@ -0,0 +1,27 @@ +# 'check_tcp' command definition +define command{ + command_name check_tcp + command_line /usr/lib/nagios/plugins/check_tcp -H '$HOSTADDRESS$' -p '$ARG1$' '$ARG2$' + } + +# 'check_udp' command definition +define command{ + command_name check_udp + command_line /usr/lib/nagios/plugins/check_udp -H '$HOSTADDRESS$' -p '$ARG1$' '$ARG2$' + } + +#### +# use these checks, if you want to test IPv4 connectivity on IPv6 enabled systems +#### + +# 'check_tcp_4' command definition +define command{ + command_name check_tcp_4 + command_line /usr/lib/nagios/plugins/check_tcp -H '$HOSTADDRESS$' -p '$ARG1$' -4 '$ARG2$' + } + +# 'check_udp_4' command definition +define command{ + command_name check_udp_4 + command_line /usr/lib/nagios/plugins/check_udp -H '$HOSTADDRESS$' -p '$ARG1$' -4 '$ARG2$' + } diff --git a/nagios-plugins/config/telnet.cfg b/nagios-plugins/config/telnet.cfg new file mode 100644 index 000000000..a87f84248 --- /dev/null +++ b/nagios-plugins/config/telnet.cfg @@ -0,0 +1,15 @@ +# 'check_telnet' command definition +define command{ + command_name check_telnet + command_line /usr/lib/nagios/plugins/check_tcp -H '$HOSTADDRESS$' -p 23 '$ARG1$' + } + +#### +# use these checks, if you want to test IPv4 connectivity on IPv6 enabled systems +#### + +# 'check_telnet_4' command definition +define command{ + command_name check_telnet_4 + command_line /usr/lib/nagios/plugins/check_tcp -H '$HOSTADDRESS$' -p 23 -4 '$ARG1$' + } diff --git a/nagios-plugins/config/users.cfg b/nagios-plugins/config/users.cfg new file mode 100644 index 000000000..614a6221e --- /dev/null +++ b/nagios-plugins/config/users.cfg @@ -0,0 +1,6 @@ +# 'check_users' command definition +define command{ + command_name check_users + command_line /usr/lib/nagios/plugins/check_users -w '$ARG1$' -c '$ARG2$' + } + diff --git a/passwd b/passwd index ef2cf3be0..ba540ab52 100644 --- a/passwd +++ b/passwd @@ -41,3 +41,4 @@ policyd-spf:x:119:124::/nonexistent:/usr/sbin/nologin systemd-timesync:x:120:125:systemd Time Synchronization,,,:/run/systemd:/usr/sbin/nologin tcpdump:x:121:128::/nonexistent:/usr/sbin/nologin systemd-coredump:x:999:999:systemd Core Dumper:/:/usr/sbin/nologin +nagios:x:122:129::/var/lib/nagios:/usr/sbin/nologin diff --git a/passwd- b/passwd- index d5aaaf985..ef2cf3be0 100644 --- a/passwd- +++ b/passwd- @@ -40,3 +40,4 @@ strongswan:x:118:65534::/var/lib/strongswan:/usr/sbin/nologin policyd-spf:x:119:124::/nonexistent:/usr/sbin/nologin systemd-timesync:x:120:125:systemd Time Synchronization,,,:/run/systemd:/usr/sbin/nologin tcpdump:x:121:128::/nonexistent:/usr/sbin/nologin +systemd-coredump:x:999:999:systemd Core Dumper:/:/usr/sbin/nologin diff --git a/rc0.d/K01icinga2 b/rc0.d/K01icinga2 new file mode 120000 index 000000000..005f4ff18 --- /dev/null +++ b/rc0.d/K01icinga2 @@ -0,0 +1 @@ +../init.d/icinga2 \ No newline at end of file diff --git a/rc1.d/K01icinga2 b/rc1.d/K01icinga2 new file mode 120000 index 000000000..005f4ff18 --- /dev/null +++ b/rc1.d/K01icinga2 @@ -0,0 +1 @@ +../init.d/icinga2 \ No newline at end of file diff --git a/rc2.d/S01icinga2 b/rc2.d/S01icinga2 new file mode 120000 index 000000000..005f4ff18 --- /dev/null +++ b/rc2.d/S01icinga2 @@ -0,0 +1 @@ +../init.d/icinga2 \ No newline at end of file diff --git a/rc3.d/S01icinga2 b/rc3.d/S01icinga2 new file mode 120000 index 000000000..005f4ff18 --- /dev/null +++ b/rc3.d/S01icinga2 @@ -0,0 +1 @@ +../init.d/icinga2 \ No newline at end of file diff --git a/rc4.d/S01icinga2 b/rc4.d/S01icinga2 new file mode 120000 index 000000000..005f4ff18 --- /dev/null +++ b/rc4.d/S01icinga2 @@ -0,0 +1 @@ +../init.d/icinga2 \ No newline at end of file diff --git a/rc5.d/S01icinga2 b/rc5.d/S01icinga2 new file mode 120000 index 000000000..005f4ff18 --- /dev/null +++ b/rc5.d/S01icinga2 @@ -0,0 +1 @@ +../init.d/icinga2 \ No newline at end of file diff --git a/rc6.d/K01icinga2 b/rc6.d/K01icinga2 new file mode 120000 index 000000000..005f4ff18 --- /dev/null +++ b/rc6.d/K01icinga2 @@ -0,0 +1 @@ +../init.d/icinga2 \ No newline at end of file diff --git a/shadow b/shadow index 6329896d7..e2d7f7f04 100644 --- a/shadow +++ b/shadow @@ -41,3 +41,4 @@ policyd-spf:*:18067:0:99999:7::: systemd-timesync:*:18450:0:99999:7::: tcpdump:*:18450:0:99999:7::: systemd-coredump:!!:18450:::::: +nagios:!:18451:0:99999:7::: diff --git a/shadow- b/shadow- index 2f42a927f..e2d7f7f04 100644 --- a/shadow- +++ b/shadow- @@ -40,3 +40,5 @@ strongswan:*:17894:0:99999:7::: policyd-spf:*:18067:0:99999:7::: systemd-timesync:*:18450:0:99999:7::: tcpdump:*:18450:0:99999:7::: +systemd-coredump:!!:18450:::::: +nagios:!:18451:0:99999:7::: diff --git a/systemd/system/multi-user.target.wants/icinga2.service b/systemd/system/multi-user.target.wants/icinga2.service new file mode 120000 index 000000000..563c749ea --- /dev/null +++ b/systemd/system/multi-user.target.wants/icinga2.service @@ -0,0 +1 @@ +/lib/systemd/system/icinga2.service \ No newline at end of file