confdroid/confdroid_nagios
3
0
Fork 0
Code Issues Projects Wiki Activity

adjusted all params etc

Browse Source
This commit is contained in:
Arne Teuke
2025-05-12 15:56:17 +02:00
parent bfa5f46e2f
commit 4ebbfed5ea
85 changed files with 1880 additions and 20534 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
manifests/server/access.pp
View File

@@ -1,48 +1,28 @@
## cd_nagios::server::access.pp
# Module name: cd_nagios
# Author: Arne Teuke (arne_teuke@ConfDroid.com)
# # License:
# This file is part of cd_nagios.
#
# cd_nagios is used for providing automatic configuration of Nagios
# Copyright (C) 2016 ConfDroid (copyright@ConfDroid.com)
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
# @summary Define manages user- and password rules for accessing nagios.
# @param [string] ng_htpasswd_user user name for the /etc/nagios/passwd file
# @param [string] ng_htpasswd_password the encrypted password for the
# @param [string] ng_htpasswd_user user name for the /etc/nagios/passwd file
# @param [string] ng_htpasswd_password the encrypted password for the
# /etc/nagios/passwd file.
##############################################################################
define cd_nagios::server::access (
$ng_htpasswd_user = undef,
$ng_htpasswd_password = undef,
Optional[String] $ng_htpasswd_user = undef,
Optional[String] $ng_htpasswd_password = undef,
) {
$ng_nagios_server = $::cd_nagios::params::ng_nagios_server
$ng_htpasswd_file = $::cd_nagios::params::ng_htpasswd_file
$ng_htpasswd_rule = $::cd_nagios::params::ng_htpasswd_rule
$ng_service = $::cd_nagios::params::ng_service
$ng_nagios_server = $cd_nagios::params::ng_nagios_server
$ng_htpasswd_file = $cd_nagios::params::ng_htpasswd_file
$ng_htpasswd_rule = $cd_nagios::params::ng_htpasswd_rule
$ng_service = $cd_nagios::params::ng_service
if $::fqdn == $ng_nagios_server {
# create password rules
concat::fragment { $name:
target => $ng_htpasswd_file,
content => template($ng_htpasswd_rule),
target => $ng_htpasswd_file,
content => template($ng_htpasswd_rule),
}
}
}

45
manifests/server/access_rules.pp
View File

@@ -1,49 +1,30 @@
## cd_nagios::server::access_rules.pp
# Module name: cd_nagios
# Author: Arne Teuke (arne_teuke@ConfDroid.com)
# # License:
# This file is part of cd_nagios.
#
# cd_nagios is used for providing automatic configuration of Nagios
# Copyright (C) 2016 ConfDroid (copyright@ConfDroid.com)
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
# @summary Class manages presennce of /etc/nagios/phtpasswd file.
# @summary Class manages presence of /etc/nagios/phtpasswd file.
# @example
# cd_nagios::server::access { 'example':
# ng_htpasswd_user => 'example_user',
# ng_htpasswd_password => 'example_password_encrypted',
# ng_htpasswd_user => 'example_user',
# ng_htpasswd_password => 'example_password_encrypted',
# }
##############################################################################
class cd_nagios::server::access_rules (
) inherits cd_nagios::params {
if $::fqdn == $ng_nagios_server {
# manage /etc/nagios/htpasswd file
concat { $ng_htpasswd_file:
ensure => present,
path => $ng_htpasswd_file,
owner => 'root',
group => 'apache',
mode => '0640',
selrange => s0,
selrole => object_r,
seltype => nagios_etc_t,
seluser => system_u,
notify => Service[$ng_service],
ensure => present,
path => $ng_htpasswd_file,
owner => 'root',
group => 'apache',
mode => '0640',
selrange => s0,
selrole => object_r,
seltype => nagios_etc_t,
seluser => system_u,
notify => Service[$ng_service],
}
}
}

112
manifests/server/files.pp
View File

@@ -1,29 +1,11 @@
## cd_nagios::server::files.pp
# Module name: cd_nagios
# Author: Arne Teuke (arne_teuke@ConfDroid.com)
# # License:
# This file is part of cd_nagios.
#
# cd_nagios is used for providing automatic configuration of Nagios
# Copyright (C) 2016 ConfDroid (copyright@ConfDroid.com)
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
# @summary Class manages all configuration files required for cd_nagios.
##############################################################################
class cd_nagios::server::files (
) inherits cd_nagios::params {
if $::fqdn == $ng_nagios_server {
if $ng_use_https == true {
if $ng_enable_certbot == true {
@@ -36,33 +18,33 @@ class cd_nagios::server::files (
# manage nagios.cfg
file { $ng_nagios_cfg_file:
ensure => file,
path => $ng_nagios_cfg_file,
owner => 'root',
group => 'root',
mode => '0644',
selrange => s0,
selrole => object_r,
seltype => nagios_etc_t,
seluser => system_u,
content => template($ng_nagios_cfg_erb),
notify => Service[$ng_service],
ensure => file,
path => $ng_nagios_cfg_file,
owner => 'root',
group => 'root',
mode => '0644',
selrange => s0,
selrole => object_r,
seltype => nagios_etc_t,
seluser => system_u,
content => template($ng_nagios_cfg_erb),
notify => Service[$ng_service],
}
# manage cgi.cfg
file { $ng_cgi_cfg_file:
ensure => file,
path => $ng_cgi_cfg_file,
owner => 'root',
group => 'root',
mode => '0644',
selrange => s0,
selrole => object_r,
seltype => nagios_etc_t,
seluser => system_u,
content => template($ng_cgi_cfg_erb),
notify => Service[$ng_service],
ensure => file,
path => $ng_cgi_cfg_file,
owner => 'root',
group => 'root',
mode => '0644',
selrange => s0,
selrole => object_r,
seltype => nagios_etc_t,
seluser => system_u,
content => template($ng_cgi_cfg_erb),
notify => Service[$ng_service],
}
## Apache files
@@ -70,48 +52,46 @@ class cd_nagios::server::files (
# after upgrades to avoid conflicts
file { $ng_nagios_conf:
ensure => absent,
ensure => absent,
}
file { $ng_forward_conf:
ensure => file,
path => $ng_forward_conf,
owner => 'root',
group => 'root',
mode => '0644',
selrange => s0,
selrole => object_r,
seltype => httpd_config_t,
seluser => system_u,
content => template($ng_forward_conf_erb),
notify => Service[$ae_service],
ensure => file,
path => $ng_forward_conf,
owner => 'root',
group => 'root',
mode => '0644',
selrange => s0,
selrole => object_r,
seltype => httpd_config_t,
seluser => system_u,
content => template($ng_forward_conf_erb),
notify => Service[$ae_service],
}
if $ng_use_https == true {
# create ssl vhost
file { $ng_ssl_vhost_file:
ensure => file,
path => $ng_ssl_vhost_file,
owner => 'root',
group => 'root',
mode => '0644',
selrange => s0,
selrole => object_r,
seltype => httpd_config_t,
seluser => system_u,
content => template($ng_ssl_vhost_erb),
notify => Service[$ae_service],
ensure => file,
path => $ng_ssl_vhost_file,
owner => 'root',
group => 'root',
mode => '0644',
selrange => s0,
selrole => object_r,
seltype => httpd_config_t,
seluser => system_u,
content => template($ng_ssl_vhost_erb),
notify => Service[$ae_service],
}
}
if $ng_use_https != true {
# remove ssl_vhost
file { $ng_ssl_vhost_file:
ensure => absent,
ensure => absent,
}
}
}

317
manifests/server/service.pp
View File

@@ -1,32 +1,14 @@
## cd_nagios::server::service.pp
# Module name: cd_nagios
# Author: Arne Teuke (arne_teuke@ConfDroid.com)
# # License:
# This file is part of cd_nagios.
#
# cd_nagios is used for providing automatic configuration of Nagios
# Copyright (C) 2016 ConfDroid (copyright@ConfDroid.com)
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
# @summary Class manages the service(s) for cd_nagios.
#############################################################################
class cd_nagios::server::service (
) inherits cd_nagios::params {
if $::fqdn == $ng_nagios_server {
if $ng_include_nrpe == true {
require cd_nrpe
require cd_nrpe
}
require cd_nagios::server::files
@@ -35,185 +17,182 @@ class cd_nagios::server::service (
require cd_nagios::nagios::resources::resource
service { $ng_service:
ensure => running,
hasstatus => true,
hasrestart => true,
enable => true,
ensure => running,
hasstatus => true,
hasrestart => true,
enable => true,
}
@@nagios_host { 'localhost':
ensure => $ng_ping_ensure,
alias => 'localhost',
address => '127.0.0.1',
use => 'linux-server',
target => $ng_target_localhost,
hostgroups => 'linux-servers',
contacts => 'ops',
max_check_attempts => $ng_max_check_attempts,
notification_period => '24x7',
owner => $ng_user,
group => $ng_user,
mode => '0640',
check_command => "check_ping!${ng_ping_warn}!${ng_ping_crit}",
notify => Service[$ng_service],
ensure => $ng_ping_ensure,
alias => 'localhost',
address => '127.0.0.1',
use => 'linux-server',
target => $ng_target_localhost,
hostgroups => 'linux-servers',
contacts => 'ops',
max_check_attempts => $ng_max_check_attempts,
notification_period => '24x7',
owner => $ng_user,
group => $ng_user,
mode => '0640',
check_command => "check_ping!${ng_ping_warn}!${ng_ping_crit}",
notify => Service[$ng_service],
}
@@nagios_service { 'check_nagios_localhost':
check_command => $ng_nagios_service_cmd,
check_command => $ng_nagios_service_cmd,
use => 'generic-service',
host_name => 'localhost',
notification_period => '24x7',
service_description => 'localhost_nagios_service',
target => $ng_target_service,
owner => $ng_user,
group => $ng_user,
mode => '0640',
contacts => 'ops',
}
@@nagios_host { $::fqdn:
ensure => $ng_ping_ensure,
alias => $::hostname,
address => $::fqdn,
use => 'linux-server',
target => $ng_target_host,
hostgroups => 'linux-servers',
contacts => 'ops',
max_check_attempts => $ng_max_check_attempts,
notification_period => '24x7',
owner => $ng_user,
group => $ng_user,
mode => '0640',
check_command => "check_ping!${ng_ping_warn}!${ng_ping_crit}",
notify => Service[$ng_user],
}
@@nagios_service { "root_partition_${::hostname}":
ensure => $ng_disk_ensure,
check_command => "check_nrpe!check_disk!${ng_disk_warn}!${ng_disk_crit}!/",
use => 'generic-service',
host_name => $::fqdn,
contacts => 'ops',
notification_period => '24x7',
service_description => "${::hostname}_root_partition",
servicegroups => 'linux-services',
target => $ng_target_service,
owner => $ng_user,
group => $ng_user,
mode => '0640',
}
if $ng_enable_swap_check == true {
@@nagios_service { "Swap_Usage_${::hostname}":
ensure => $ng_swap_ensure,
check_command => "check_nrpe!check_swap!${ng_swap_warn}!${ng_swap_crit}",
use => 'generic-service',
host_name => 'localhost',
host_name => $::fqdn,
contacts => 'ops',
notification_period => '24x7',
service_description => 'localhost_nagios_service',
service_description => "${::hostname}_swap_usage",
servicegroups => 'linux-services',
target => $ng_target_service,
owner => $ng_user,
group => $ng_user,
mode => '0640',
contacts => 'ops',
}
@@nagios_host { $::fqdn:
ensure => $ng_ping_ensure,
alias => $::hostname,
address => $::fqdn,
use => 'linux-server',
target => $ng_target_host,
hostgroups => 'linux-servers',
contacts => 'ops',
max_check_attempts => $ng_max_check_attempts,
notification_period => '24x7',
owner => $ng_user,
group => $ng_user,
mode => '0640',
check_command => "check_ping!${ng_ping_warn}!${ng_ping_crit}",
notify => Service[$ng_user],
}
@@nagios_service { "root_partition_${::hostname}":
ensure => $ng_disk_ensure,
check_command => "check_nrpe!check_disk!${ng_disk_warn}!${ng_disk_crit}!/",
use => 'generic-service',
host_name => $::fqdn,
contacts => 'ops',
notification_period => '24x7',
service_description => "${::hostname}_root_partition",
servicegroups => 'linux-services',
target => $ng_target_service,
owner => $ng_user,
group => $ng_user,
mode => '0640',
}
if $ng_enable_swap_check == true {
@@nagios_service { "Swap_Usage_${::hostname}":
ensure => $ng_swap_ensure,
check_command => "check_nrpe!check_swap!${ng_swap_warn}!${ng_swap_crit}",
use => 'generic-service',
host_name => $::fqdn,
contacts => 'ops',
notification_period => '24x7',
service_description => "${::hostname}_swap_usage",
servicegroups => 'linux-services',
target => $ng_target_service,
owner => $ng_user,
group => $ng_user,
mode => '0640',
}
}
@@nagios_service { "Local_Users_${::hostname}":
ensure => $ng_users_ensure,
check_command => "check_nrpe!check_users!${ng_users_warn}!${ng_users_crit}",
use => 'generic-service',
host_name => $::fqdn,
contacts => 'ops',
notification_period => '24x7',
service_description => "${::hostname}_local_users",
servicegroups => 'linux-services',
target => $ng_target_service,
owner => $ng_user,
group => $ng_user,
mode => '0640',
ensure => $ng_users_ensure,
check_command => "check_nrpe!check_users!${ng_users_warn}!${ng_users_crit}",
use => 'generic-service',
host_name => $::fqdn,
contacts => 'ops',
notification_period => '24x7',
service_description => "${::hostname}_local_users",
servicegroups => 'linux-services',
target => $ng_target_service,
owner => $ng_user,
group => $ng_user,
mode => '0640',
}
@@nagios_service { "Total Processes_${::hostname}":
ensure => $ng_procs_tot_ens,
check_command => "check_nrpe!check_procs!${ng_procs_tot_warn}!${ng_procs_tot_crit}!${ng_procs_tot_param}",
use => 'generic-service',
host_name => $::fqdn,
contacts => 'ops',
notification_period => '24x7',
service_description => "${::hostname}_total_processes",
servicegroups => 'linux-services',
target => $ng_target_service,
owner => $ng_user,
group => $ng_user,
mode => '0640',
ensure => $ng_procs_tot_ens,
check_command => "check_nrpe!check_procs!${ng_procs_tot_warn}!${ng_procs_tot_crit}!${ng_procs_tot_param}",
use => 'generic-service',
host_name => $::fqdn,
contacts => 'ops',
notification_period => '24x7',
service_description => "${::hostname}_total_processes",
servicegroups => 'linux-services',
target => $ng_target_service,
owner => $ng_user,
group => $ng_user,
mode => '0640',
}
@@nagios_service { "Zombie Processes_${::hostname}":
ensure => $ng_procs_z_ensure,
check_command => "check_nrpe!check_procs!${ng_procs_z_warn}!${ng_procs_z_crit}!${ng_procs_z_param}",
use => 'generic-service',
host_name => $::fqdn,
contacts => 'ops',
notification_period => '24x7',
service_description => "${::hostname}_zombie_processes",
servicegroups => 'linux-services',
target => $ng_target_service,
owner => $ng_user,
group => $ng_user,
mode => '0640',
ensure => $ng_procs_z_ensure,
check_command => "check_nrpe!check_procs!${ng_procs_z_warn}!${ng_procs_z_crit}!${ng_procs_z_param}",
use => 'generic-service',
host_name => $::fqdn,
contacts => 'ops',
notification_period => '24x7',
service_description => "${::hostname}_zombie_processes",
servicegroups => 'linux-services',
target => $ng_target_service,
owner => $ng_user,
group => $ng_user,
mode => '0640',
}
@@nagios_service { "Current_Load_${::hostname}":
ensure => $ng_load_ensure,
check_command => "check_nrpe!check_load!${ng_load_warn}!${ng_load_crit}",
use => 'generic-service',
host_name => $::fqdn,
contacts => 'ops',
notification_period => '24x7',
service_description => "${::hostname}_current_load",
servicegroups => 'linux-services',
target => $ng_target_service,
owner => $ng_user,
group => $ng_user,
mode => '0640',
ensure => $ng_load_ensure,
check_command => "check_nrpe!check_load!${ng_load_warn}!${ng_load_crit}",
use => 'generic-service',
host_name => $::fqdn,
contacts => 'ops',
notification_period => '24x7',
service_description => "${::hostname}_current_load",
servicegroups => 'linux-services',
target => $ng_target_service,
owner => $ng_user,
group => $ng_user,
mode => '0640',
}
resources { [ 'nagios_host',
'nagios_hostgroup',
'nagios_hostdependency',
'nagios_hostescalation',
'nagios_hostextinfo',
'nagios_service',
'nagios_servicegroup',
'nagios_servicedependency',
'nagios_serviceescalation',
'nagios_serviceextinfo',
'nagios_contact',
'nagios_contactgroup',
'nagios_command',
'nagios_timeperiod' ]:
resources { ['nagios_host',
'nagios_hostgroup',
'nagios_hostdependency',
'nagios_hostescalation',
'nagios_hostextinfo',
'nagios_service',
'nagios_servicegroup',
'nagios_servicedependency',
'nagios_serviceescalation',
'nagios_serviceextinfo',
'nagios_contact',
'nagios_contactgroup',
'nagios_command',
'nagios_timeperiod']:
purge => true,
}
# collect resources and populate /etc/nagios/conf.d/nagios_*.cfg
Nagios_host <<||>> { notify => Service['nagios'] }
Nagios_hostgroup <<||>> { notify => Service['nagios'] }
Nagios_hostdependency <<||>> { notify => Service['nagios'] }
Nagios_hostescalation <<||>> { notify => Service['nagios'] }
Nagios_hostextinfo <<||>> { notify => Service['nagios'] }
Nagios_service <<||>> { notify => Service['nagios'] }
Nagios_servicegroup <<||>> { notify => Service['nagios'] }
Nagios_servicedependency <<||>> { notify => Service['nagios'] }
Nagios_serviceescalation <<||>> { notify => Service['nagios'] }
Nagios_serviceextinfo <<||>> { notify => Service['nagios'] }
Nagios_contact <<||>> { notify => Service['nagios'] }
Nagios_contactgroup <<||>> { notify => Service['nagios'] }
Nagios_command <<||>> { notify => Service['nagios'] }
Nagios_timeperiod <<||>> { notify => Service['nagios'] }
# collect resources and populate /etc/nagios/conf.d/nagios_*.cfg
Nagios_host <<||>> { notify => Service['nagios'] }
Nagios_hostgroup <<||>> { notify => Service['nagios'] }
Nagios_hostdependency <<||>> { notify => Service['nagios'] }
Nagios_hostescalation <<||>> { notify => Service['nagios'] }
Nagios_hostextinfo <<||>> { notify => Service['nagios'] }
Nagios_service <<||>> { notify => Service['nagios'] }
Nagios_servicegroup <<||>> { notify => Service['nagios'] }
Nagios_servicedependency <<||>> { notify => Service['nagios'] }
Nagios_serviceescalation <<||>> { notify => Service['nagios'] }
Nagios_serviceextinfo <<||>> { notify => Service['nagios'] }
Nagios_contact <<||>> { notify => Service['nagios'] }
Nagios_contactgroup <<||>> { notify => Service['nagios'] }
Nagios_command <<||>> { notify => Service['nagios'] }
Nagios_timeperiod <<||>> { notify => Service['nagios'] }
}
}