From 9602eb550c41f178a3e9c438c2139b4ed550c704 Mon Sep 17 00:00:00 2001 From: Arne Teuke Date: Mon, 24 Jul 2017 16:00:07 +0100 Subject: [PATCH 1/3] adding more parameters --- README.md | 5 +- manifests/params.pp | 467 ++++++++++++----- manifests/server/files.pp | 27 +- manifests/server/service.pp | 50 ++ templates/httpd/nagios_conf.erb | 87 ---- templates/nagios/nagios_cfg.erb | 861 ++++++++++++++++++++++++++++++++ 6 files changed, 1268 insertions(+), 229 deletions(-) delete mode 100644 templates/httpd/nagios_conf.erb create mode 100644 templates/nagios/nagios_cfg.erb diff --git a/README.md b/README.md index 9811da6..12c5a67 100644 --- a/README.md +++ b/README.md @@ -43,6 +43,7 @@ Configuration * configure all aspects of Nagios on server * manage directories (filesystem permissions, selinux ) * manage cgi.cfg through parameters +* manage nagios.cfg through parameters * manage nagios users through external Puppet rules via define * configure NRPE on clients (optional) * configure firewall (optional) @@ -94,10 +95,10 @@ The following parameters must be set to make the module logic work properly: #### Optional Parameters * `$ng_include_nrpe` : Whether to include NRPE as means for the Nagios server to connect to clients. Defaults to `true`. -* `$ng_include_fw` : Whether to include firewall management. Requires [puppetlabs firewall](https://github.com/puppetlabs/puppetlabs-firewall) or [cd_firewall](https://gitlab.puppetsoft.com/12WW1160/cd_firewall), which is a clone of the puppetlabs firewall but tested to be fully functioning with all our features. +* `$ng_include_fw` : Whether to include firewall management. Requires [puppetlabs firewall](https://github.com/puppetlabs/puppetlabs-firewall) or [cd_firewall](https://gitlab.puppetsoft.com/12WW1160/cd_firewall), which is a backdated clone of the puppetlabs firewall but tested to be fully functioning with all our features. -See the [full list of all available parameters](https://confdroid.com/2017/07/cd_nagios-parameters/) +See the [full list of all available parameters](https://confdroid.com/2017/07/cd_nagios-parameters/). ### PuppetDB A working instance of PuppetDBconnected to the Puppet master is required for this to work. Installation and configuration of PuppetDB is out of scope for this module, however [cd_puppetdb](https://gitlab.puppetsoft.com/12WW1160/cd_puppetdb) is available to automate this task for you as well within a few minutes. diff --git a/manifests/params.pp b/manifests/params.pp index 6c251fe..b1d84a8 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -212,123 +212,314 @@ # listen to, i.e. 'nagios.example.net'. Unlike `ng_nagios_server`, this # should not be the FQDN of the nagios host, but a web server domain name. # required for certbot and used in the web templates. +# @param [string] ng_log_file main log file where service- and host events +# are logged. +# @param [string] ng_max_check_attempts maximum amount of checks done by nagios +# @param [string] ng_object_cache_file determines where object definitions are +# cached when # Nagios starts/restarts. +# @param [string] ng_precached_obj_file determines the location of the +# precached object file. +# @param [string] optional resource file that contains $USERx$ macro definitions. +# @param [string] ng_status_file. where the current status of all monitored +# services and hosts is stored. +# @param [string] ng_status_upd_interval status file update interval. +# determines the frequency (in seconds) that # Nagios will periodically dump +# program, host, and # service status data. +# @param [string] ng_check_ext_commands allows you to specify whether or not +# Nagios should check # for external commands in the command file specified +# by `ng_command_file`. +# @param [string] ng_command_file file that Nagios checks for external command +# requests. It is also where the command CGI will write commands that are +# submitted # by users, so it must be writeable by the user that the web server +# is running as. +# @param [boolean] ng_enable_query_handler Whether to enable the query handler +# for running nagios in cluster mode. +# @param [string] ng_query_socket the socket for the query handler +# @param [string] ng_lock_file lockfile that Nagios will use to store its PID +# number in when it is running in daemon mode. +# @param [string] ng_temp_file temporary file that is used as scratch space +# when Nagios # updates the status log, cleans the comment file, etc. +# @param [string] ng_temp_path path where Nagios can create temp files for +# service and # host check results, etc. +# @param [string] event_broker_options Controls what (if any) data gets sent +# to the event broker. +# @param [string] ng_event_broker_module specify an event broker +# (including full path) module that should # by loaded by Nagios at startup. +# Specify multiple modules as array ['path/to/module1','/path/to/module2'] +# @param [string] ng_log_rotation_method. Valid options: +# n = None - don't rotate the log +# h = Hourly rotation (top of the hour) +# d = Daily rotation (midnight every day) +# w = Weekly rotation (midnight on Saturday evening) +# m = Monthly rotation (midnight last day of month) +# @param [string] ng_log_archive_path directory where archived (rotated) +# log files should be # placed (assuming you've chosen to do log rotation). +# @param [string] ng_use_syslog whether to log messages to the syslog +# facility, as well as the Nagios log file. Valid options are `0` and `1`. +# @param [string] ng_log_notifications Whether to log notifications in addition +# to regular messages. Valid options are `0` and `1`. +# @param [string] ng_log_service_retries Whether to log service retries. +# Valid options are `0` and `1`. +# @param [string] ng_log_host_retries Whether to log host retries. +# Valid options are `0` and `1`. +# @param [string] ng_log_event_handlers. Whether to log host and service event +# handlers. Valid options are `0` and `1`. +# @param [string] ng_log_initial_states Whether to log initial states. +# Valid options are `0` and `1`. +# @param [string] ng_log_current_states Whether to log all current host and +# service states to the main log file after log has been rotated. +# Valid options are `0` and `1`. +# @param [string] ng_log_external_commands Whether to log external commands. +# Valid options are `0` and `1`. +# @param [string] ng_log_passive_checks Whether to log passive checks. +# Valid options are `0` and `1`. +# @param [string] ng_glob_host_evt_handler Specify a global host event +# handler # command that is to be run for every host or service state change. +# The global event handler is executed immediately prior to the event +# handler that you have optionally specified in each host or # service +# definition. The command argument is the short name of a # command definition +# that you define in your host configuration file. +# @param [string] ng_glob_svc_evt_handler Specify a global service event +# handler # command that is to be run for every host or service state change. +# The global event handler is executed immediately prior to the event +# handler that you have optionally specified in each host or # service +# definition. The command argument is the short name of a # command definition +# that you define in your host configuration file. +# @param [string] ng_svc_int_check_delay method that Nagios should use when +# initially "spreading out" service checks when it starts monitoring. +# Valid options: +# n = None - don't use any delay between checks +# d = Use a "dumb" delay of 1 second between checks +# s = Use "smart" inter-check delay calculation +# x.xx = Use an inter-check delay of x.xx seconds +# @param [string] ng_max_service_check_spread timeframe (in minutes) from the +# program start time that an initial check of all services should be completed +# @param [string] ng_svc_interleave_factor determines how service checks are +# interleaved. Valid options: s = Use "smart" interleave factor calculation +# x = Use an interleave factor of x, where x is greater than or equal to 1. +# @param [string] ng_host_int_check_delay method that Nagios should use when +# initially "spreading out" host checks when it starts monitoring. +# Valid options: +# n = None - don't use any delay between checks +# d = Use a "dumb" delay of 1 second between checks +# s = Use "smart" inter-check delay calculation +# x.xx = Use an inter-check delay of x.xx seconds +# @param [string] ng_max_host_check_spread timeframe (in minutes) from the +# program start time that an initial check of all hosts should # be completed. +# @param [string] ng_max_concurrent_checks specify the maximum number of +# service checks that can be run in parallel at any given time. A value of 0 +# will not restrict the number of concurrent checks that are being executed. +# @param [string] ng_check_res_reaper_freq frequency (in seconds!) in which +# Nagios will process the results of host and service checks. +# @param [string] ng_check_result_path directory where Nagios stores the +# results of host and service checks that have not yet been processed. +# @param [string] ng_max_check_res_file_age maximum age (in seconds) which +# check result files are considered to be valid. +# @param [string] ng_cached_h_check_horizon maximum amount of time (in seconds) +# that the state of a previous host check is considered current. +# Cached host states (from host checks that were performed more recently +# that the timeframe specified by this value) can immensely improve +# performance in regards to the host check logic. Too high of a value for +# this option may result in inaccurate host states being used by Nagios, +# while a lower value may result in a performance hit for host checks. +# Use a value of 0 to disable host check caching. +# @param [string] ng_cached_s_check_horizon maximum amount of time (in seconds) +# that the state of a previous service check is considered current. +# Cached service states (from service checks that were performed more recently +# that the timeframe specified by this value) can immensely improve +# performance in regards to the service check logic. Too high of a value for +# this option may result in inaccurate service states being used by Nagios, +# while a lower value may result in a performance hit for service checks. +# Use a value of 0 to disable service check caching. +# @param [string] ng_pred_host_dep_checks Whether Nagios will attempt to execute +# checks of hosts when it predicts that future dependency logic test may be +# needed. Valid options are `0` and `1`. +# @param [string] ng_pred_svc_dep_checks Whether Nagios will attempt to execute +# checks of services when it predicts that future dependency logic test may be +# needed. Valid options are `0` and `1`. +# @param [string] ng_soft_state_dependencies Whether or not Nagios will use +# soft state information when checking host and service dependencies. +# Valid options are `0` and `1`. +# @param [string] ng_time_change_threshold when Nagios will react to detected +# changes in system time (either forward or backwards). +# @param [string] ng_auto_reschedule_checks Whether Nagios will attempt to +# automatically reschedule active host and service checks to +# "smooth" them out over time. Experimental feature. +# Valid options are `0` and `1`. +# @param [string] ng_auto_reschedule_intval how often (in seconds) Nagios will +# attempt to automatically reschedule checks. only has an effect if +# `ng_auto_reschedule_checks` is set to `1`. +# @param [string] ng_auto_reschedule_window determines the "window" of time +# (in seconds) that # Nagios will look at when automatically rescheduling +# checks. Only host and service checks that occur in the next X seconds +# (determined by this variable) will be rescheduled. ############################################################################### class cd_nagios::params ( -$pkg_ensure = 'latest', +$pkg_ensure = 'latest', -$ng_nagios_server = "nagios.${::domain}", -$ng_nagios_ext_ip = undef, -$ng_mail_user = "admin@${::domain}", +$ng_nagios_server = "nagios.${::domain}", +$ng_nagios_ext_ip = undef, +$ng_mail_user = "admin@${::domain}", -$ng_include_nrpe = true, +$ng_include_nrpe = true, # firewall -$ng_include_fw = true, -$ng_use_https = true, -$ng_http_https_fw = true, -$ng_fw_order = '50', -$ng_http_port = '80', -$ng_https_port = '443', +$ng_include_fw = true, +$ng_use_https = true, +$ng_http_https_fw = true, +$ng_fw_order = '50', +$ng_http_port = '80', +$ng_https_port = '443', # check command parameters ## ping -$ng_ping_warn = '100.0,20%', -$ng_ping_crit = '500.0,60%', -$ng_ping_ensure = 'present', +$ng_ping_warn = '100.0,20%', +$ng_ping_crit = '500.0,60%', +$ng_ping_ensure = 'present', ## disk -$ng_disk_warn = '20%', -$ng_disk_crit = '10%' , -$ng_disk_ensure = 'present', +$ng_disk_warn = '20%', +$ng_disk_crit = '10%' , +$ng_disk_ensure = 'present', # swap -$ng_swap_warn = '20', -$ng_swap_crit = '10', -$ng_swap_ensure = 'present', +$ng_swap_warn = '20', +$ng_swap_crit = '10', +$ng_swap_ensure = 'present', # users -$ng_users_warn = '20', -$ng_users_crit = '50', -$ng_users_ensure = 'present', +$ng_users_warn = '20', +$ng_users_crit = '50', +$ng_users_ensure = 'present', #total procs -$ng_procs_tot_warn = '330', -$ng_procs_tot_crit = '400', -$ng_procs_tot_param = 'RDST', -$ng_procs_tot_ens = 'present', +$ng_procs_tot_warn = '330', +$ng_procs_tot_crit = '400', +$ng_procs_tot_param = 'RDST', +$ng_procs_tot_ens = 'present', # zombie procs -$ng_procs_z_warn = '10', -$ng_procs_z_crit = '30', -$ng_procs_z_param = 'Z', -$ng_procs_z_ensure = 'present', +$ng_procs_z_warn = '10', +$ng_procs_z_crit = '30', +$ng_procs_z_param = 'Z', +$ng_procs_z_ensure = 'present', # load -$ng_load_warn = '5.00,4.00,3.00', -$ng_load_crit = '10.00,6.00,4.00', -$ng_load_ensure = 'present', +$ng_load_warn = '5.00,4.00,3.00', +$ng_load_crit = '10.00,6.00,4.00', +$ng_load_ensure = 'present', # user settings -$ng_user = 'nagios', -$ng_u_comment = 'Nagios service user', -$ng_u_uid = '1004', -$ng_user_home = '/var/spool/nagios', -$ng_u_groups = undef, -$ng_user_shell = '/bin/bash', +$ng_user = 'nagios', +$ng_u_comment = 'Nagios service user', +$ng_u_uid = '1004', +$ng_user_home = '/var/spool/nagios', +$ng_u_groups = undef, +$ng_user_shell = '/bin/bash', # cgi settings -$ng_context_help = '1', -$ng_pending_state = '1', -$ng_use_auth = '1', -$ng_use_ssl_auth = '0', -$ng_enable_def_user = false, -$ng_def_user_name = 'nagios_insecure', -$ng_nagios_admin = 'nagios_sec_adm', -$ng_sysinfo_auth = '', -$ng_confinfo_auth = '', -$ng_command_auth = '', -$ng_hostview_auth = '', -$ng_serviceview_auth = '', -$ng_host_cmd_auth = '', -$ng_svc_cmd_auth = '', -$ng_readonly_auth = '' , -$ng_statusmap_img = 'smbackground.gd2', -$ng_use_colormap = false, -$ng_colormap_red = '255', -$ng_colormap_green = '255', -$ng_colormap_blue = '255', -$ng_statusmap_layout = '6', -$ng_wrl_layout = '4', -$ng_incl_own_wrl = false, -$ng_statuswrl_include = '', -$ng_ping_syntax = '/bin/ping -n -U -c 5 $HOSTADDRESS$', -$ng_refresh_rate = '90', -$ng_result_limit = '100', -$ng_escape_html = '1', -$ng_use_sound = false, -$ng_host_unreachable = 'hostdown.wav', -$ng_host_down = 'hostdown.wav', -$ng_svc_critical = 'critical.wav', -$ng_svc_warn = 'warning.wav', -$ng_svc_unknown = 'warning.wav', -$ng_normal_sound = 'noproblem.wav', -$ng_action_url_target = '_blank', -$ng_notes_url_target = '_blank', -$ng_lock_author_names = '1', -$ng_enable_splunk = false, -$ng_splunk_url = 'http://127.0.0.1:8000/', -$ng_navbar_addresses = '1', -$ng_navbar_aliases = '1', -$ng_ack_no_sticky = '0', -$ng_ack_no_send = '0', +$ng_context_help = '1', +$ng_pending_state = '1', +$ng_use_auth = '1', +$ng_use_ssl_auth = '0', +$ng_enable_def_user = false, +$ng_def_user_name = 'nagios_insecure', +$ng_nagios_admin = 'nagios_sec_adm', +$ng_sysinfo_auth = '', +$ng_confinfo_auth = '', +$ng_command_auth = '', +$ng_hostview_auth = '', +$ng_serviceview_auth = '', +$ng_host_cmd_auth = '', +$ng_svc_cmd_auth = '', +$ng_readonly_auth = '' , +$ng_statusmap_img = 'smbackground.gd2', +$ng_use_colormap = false, +$ng_colormap_red = '255', +$ng_colormap_green = '255', +$ng_colormap_blue = '255', +$ng_statusmap_layout = '6', +$ng_wrl_layout = '4', +$ng_incl_own_wrl = false, +$ng_statuswrl_include = '', +$ng_ping_syntax = '/bin/ping -n -U -c 5 $HOSTADDRESS$', +$ng_refresh_rate = '90', +$ng_result_limit = '100', +$ng_escape_html = '1', +$ng_use_sound = false, +$ng_host_unreachable = 'hostdown.wav', +$ng_host_down = 'hostdown.wav', +$ng_svc_critical = 'critical.wav', +$ng_svc_warn = 'warning.wav', +$ng_svc_unknown = 'warning.wav', +$ng_normal_sound = 'noproblem.wav', +$ng_action_url_target = '_blank', +$ng_notes_url_target = '_blank', +$ng_lock_author_names = '1', +$ng_enable_splunk = false, +$ng_splunk_url = 'http://127.0.0.1:8000/', +$ng_navbar_addresses = '1', +$ng_navbar_aliases = '1', +$ng_ack_no_sticky = '0', +$ng_ack_no_send = '0', # selinux -$ng_use_selinux_tools = true, +$ng_use_selinux_tools = true, # httpd -$ng_required_hosts = '', -$ng_required_ips = '127.0.0.0/8', -$ng_enable_index = true, +$ng_required_hosts = '', +$ng_required_ips = '127.0.0.0/8', +$ng_enable_index = true, # certbot -$ng_enable_certbot = true, -$ng_certbot_webroot = '/var/www/html', -$ng_webserver_name = "nagios.${::domain}", +$ng_enable_certbot = true, +$ng_certbot_webroot = '/var/www/html', +$ng_webserver_name = "nagios.${::domain}", + +# main settings +$ng_log_file = '/var/log/nagios/nagios.log', +$ng_max_check_attempts = '10', +$ng_object_cache_file = '/var/spool/nagios/objects.cache', +$ng_precached_obj_file = '/var/spool/nagios/objects.precache', +$ng_resource_file = '/etc/nagios/private/resource.cfg', +$ng_status_file = '/var/log/nagios/status.dat', +$ng_status_upd_interval = '10', +$ng_check_ext_commands = '1', +$ng_command_file = '/var/spool/nagios/cmd/nagios.cmd', +$ng_enable_query_handler = false, +$ng_query_socket = '/var/spool/nagios/cmd/nagios.qh', +$ng_lock_file = '/var/run/nagios/nagios.pid', +$ng_temp_file = '/var/spool/nagios/nagios.tmp', +$ng_temp_path = '/tmp', +$ng_event_broker_options = '-1', +$ng_event_broker_module = '', +$ng_log_rotation_method = 'h', +$ng_log_archive_path = '/var/log/nagios/archives', +$ng_use_syslog = '1', +$ng_log_notifications = '1', +$ng_log_service_retries = '1', +$ng_log_host_retries = '1', +$ng_log_event_handlers = '1', +$ng_log_initial_states = '0', +$ng_log_current_states = '1', +$ng_log_external_commands = '1', +$ng_log_passive_checks = '1', +$ng_glob_host_evt_handler = '', +$ng_glob_svc_evt_handler = '', +$ng_svc_int_check_delay = 's', +$ng_max_svc_check_spread = '30', +$ng_svc_interleave_factor = 's', +$ng_host_int_check_delay = 's', +$ng_max_host_check_spread = '30', +$ng_max_concurrent_checks = '0', +$ng_check_res_reaper_freq = '10', +$ng_max_check_res_reap_time = '30', +$ng_check_result_path = '/var/spool/nagios/checkresults', +$ng_max_check_res_file_age = '3600', +$ng_cached_h_check_horizon = '15', +$ng_cached_s_check_horizon = '15', +$ng_pred_host_dep_checks = '1', +$ng_pred_svc_dep_checks = '1', +$ng_soft_state_dependencies = '0', +$ng_time_change_threshold = '900', +$ng_auto_reschedule_checks = '0', +$ng_auto_reschedule_intval = '30', +$ng_auto_reschedule_window = '180', ) { @@ -345,50 +536,68 @@ $ng_webserver_name = "nagios.${::domain}", } # service -$ng_service = 'nagios' -$ae_service = 'httpd' +$ng_service = 'nagios' +$ae_service = 'httpd' # directories -$ng_main_dir = '/etc/nagios' -$ng_conf_d_dir = "${ng_main_dir}/conf.d" -$ng_objects_dir = "${ng_main_dir}/objects" -$ng_private_dir = "${ng_main_dir}/private" -$ng_usr_incl = '/usr/include/nagios' -$ng_lib_dir = '/usr/lib64/nagios' -$ng_log_dir = '/var/log/nagios' -$ng_log_archives = "${ng_log_dir}/archives" -$ng_spool_dir = '/var/spool/nagios' -$ng_usr_share = '/usr/share/nagios' -$ng_share_html = "${ng_usr_share}/html" +$ng_main_dir = '/etc/nagios' +$ng_conf_d_dir = "${ng_main_dir}/conf.d" +$ng_objects_dir = "${ng_main_dir}/objects" +$ng_private_dir = "${ng_main_dir}/private" +$ng_usr_incl = '/usr/include/nagios' +$ng_lib_dir = '/usr/lib64/nagios' +$ng_log_dir = '/var/log/nagios' +$ng_log_archives = "${ng_log_dir}/archives" +$ng_spool_dir = '/var/spool/nagios' +$ng_usr_share = '/usr/share/nagios' +$ng_share_html = "${ng_usr_share}/html" # files -$ng_main_config = "${ng_main_dir}/nagios.cfg" -$ng_cgi_cfg_file = "${ng_main_dir}/cgi.cfg" -$ng_cgi_cfg_erb = 'cd_nagios/nagios/cgi_cfg.erb' -$ng_htpasswd_file = "${ng_main_dir}/passwd" -$ng_htpasswd_head = 'cd_nagios/nagios/htpasswd_head.erb' -$ng_htpasswd_rule = 'cd_nagios/nagios/htpasswd_rule.erb' -$ng_taccgi_erb = 'cd_nagios/selinux/taccgi.erb' -$ng_statcgi_erb = 'cd_nagios/selinux/statuscgi.erb' -$ng_nagios_conf = '/etc/httpd/conf.d/nagios.conf' -$ng_nagios_conf_erb = 'cd_nagios/httpd/nagios_conf.erb' -$ng_welcome_conf = '/etc/httpd/conf.d/welcome.conf' -$ng_welcome_conf_erb = 'cd_nagios/httpd/welcome_conf.erb' -$ng_forward_conf = '/etc/httpd/conf.d/nagios_forward.conf' -$ng_forward_conf_erb = 'cd_nagios/httpd/forward_conf.erb' -$ng_get_cert_erb = 'cd_nagios/certbot/get_cert.erb' -$ng_unless_get_cert = 'cd_nagios/certbot/unless_get_cert.erb' -$ng_unless_renew_erb = 'cd_nagios/certbot/unless_renew_cert.erb' -$ng_index_html_file = '/var/www/html/index.html' -$ng_index_html_erb = 'cd_nagios/httpd/index_html.erb' -$ng_ssl_vhost_file = '/etc/httpd/conf.d/nagios_ssl.conf' -$ng_ssl_vhost_erb = 'cd_nagios/httpd/nagios_ssl_vhost.erb' +$ng_main_config = "${ng_main_dir}/nagios.cfg" +$ng_cgi_cfg_file = "${ng_main_dir}/cgi.cfg" +$ng_cgi_cfg_erb = 'cd_nagios/nagios/cgi_cfg.erb' +$ng_htpasswd_file = "${ng_main_dir}/passwd" +$ng_htpasswd_head = 'cd_nagios/nagios/htpasswd_head.erb' +$ng_htpasswd_rule = 'cd_nagios/nagios/htpasswd_rule.erb' +$ng_taccgi_erb = 'cd_nagios/selinux/taccgi.erb' +$ng_statcgi_erb = 'cd_nagios/selinux/statuscgi.erb' +$ng_nagios_conf = '/etc/httpd/conf.d/nagios.conf' +$ng_nagios_conf_erb = 'cd_nagios/httpd/nagios_conf.erb' +$ng_welcome_conf = '/etc/httpd/conf.d/welcome.conf' +$ng_welcome_conf_erb = 'cd_nagios/httpd/welcome_conf.erb' +$ng_forward_conf = '/etc/httpd/conf.d/nagios_forward.conf' +$ng_forward_conf_erb = 'cd_nagios/httpd/forward_conf.erb' +$ng_get_cert_erb = 'cd_nagios/certbot/get_cert.erb' +$ng_unless_get_cert = 'cd_nagios/certbot/unless_get_cert.erb' +$ng_unless_renew_erb = 'cd_nagios/certbot/unless_renew_cert.erb' +$ng_index_html_file = '/var/www/html/index.html' +$ng_index_html_erb = 'cd_nagios/httpd/index_html.erb' +$ng_ssl_vhost_file = '/etc/httpd/conf.d/nagios_ssl.conf' +$ng_ssl_vhost_erb = 'cd_nagios/httpd/nagios_ssl_vhost.erb' +$ng_nagios_cfg_file = "${ng_main_dir}/nagios.cfg" +$ng_nagios_cfg_erb = 'cd_nagios/nagios/nagios_cfg.erb' # certbot -$ng_certbot_main_dir = '/etc/letsencrypt' -$ng_certbot_archive = "${ng_certbot_main_dir}/archive" -$ng_certbot_check = "${ng_certbot_archive}/${ng_webserver_name}/cert1.pem" -$ng_certbot_live = "${ng_certbot_main_dir}/live" +$ng_certbot_main_dir = '/etc/letsencrypt' +$ng_certbot_archive = "${ng_certbot_main_dir}/archive" +$ng_certbot_check = "${ng_certbot_archive}/${ng_webserver_name}/cert1.pem" +$ng_certbot_live = "${ng_certbot_main_dir}/live" + +# nagios + +$ng_target_templates = "${ng_conf_d_dir}/templates.cfg" +$ng_target_timeperiods = "${ng_conf_d_dir}/timeperiods.cfg" +$ng_target_localhost = "${ng_conf_d_dir}/nagios_localhost.cfg" +$ng_target_host = "${ng_conf_d_dir}/nagios_host.cfg" +$ng_target_hostgroup = "${ng_conf_d_dir}/nagios_hostgroup.cfg" +$ng_target_hostdep = "${ng_conf_d_dir}/nagios_hostdependency.cfg" +$ng_target_hostesc = "${ng_conf_d_dir}/nagios_hostescalation.cfg" +$ng_target_hostext = "${ng_conf_d_dir}/nagios_hostextinfo.cfg" +$ng_target_service = "${ng_conf_d_dir}/nagios_service.cfg" +$ng_target_servicegroup = "${ng_conf_d_dir}/nagios_servicegroup.cfg" +$ng_target_contact = "${ng_conf_d_dir}/nagios_contact.cfg" +$ng_target_contactgroup = "${ng_conf_d_dir}/nagios_contactgroup.cfg" +$ng_target_command = "${ng_conf_d_dir}/nagios_command.cfg" # includes must be last diff --git a/manifests/server/files.pp b/manifests/server/files.pp index 21847ac..aea971a 100644 --- a/manifests/server/files.pp +++ b/manifests/server/files.pp @@ -37,6 +37,20 @@ class cd_nagios::server::files ( # manage nagios.cfg + file { $ng_nagios_cfg_file: + ensure => file, + path => $ng_nagios_cfg_file, + owner => 'root', + group => 'root', + mode => '0644', + selrange => s0, + selrole => object_r, + seltype => nagios_etc_t, + seluser => system_u, + content => template($ng_nagios_cfg_erb), + notify => Service[$ng_service], + } + # manage cgi.cfg file { $ng_cgi_cfg_file: @@ -53,20 +67,11 @@ class cd_nagios::server::files ( notify => Service[$ng_service], } - # manage nagios.conf for httpd + # since we use vhost files, we do not want the regular file to appear + # after upgrades to avoid conflicts file { $ng_nagios_conf: ensure => absent, -# path => $ng_nagios_conf, -# owner => 'root', -# group => 'root', -# mode => '0644', -# selrange => s0, -# selrole => object_r, -# seltype => httpd_config_t, -# seluser => system_u, -# content => template($ng_nagios_conf_erb), -# notify => Service[$ae_service], } file { $ng_forward_conf: diff --git a/manifests/server/service.pp b/manifests/server/service.pp index 1c7b828..467e1fc 100644 --- a/manifests/server/service.pp +++ b/manifests/server/service.pp @@ -35,5 +35,55 @@ class cd_nagios::server::service ( hasrestart => true, enable => true, } + + @@nagios_service { "check_nagios${::hostname}": + check_command => 'check_nagios!/var/log/nagios/status.dat!5!/usr/sbin/nagios', + use => 'generic-service', + host_name => $::fqdn, + notification_period => '24x7', + target => $ng_target_service, + owner => 'nagios', + group => 'nagios', + mode => '660', + contacts => 'DevOps', + } + + resources { [ 'nagios_host', + 'nagios_hostgroup', + 'nagios_hostdependency', + 'nagios_hostescalation', + 'nagios_hostextinfo', + 'nagios_service', + 'nagios_servicegroup', + 'nagios_servicedependency', + 'nagios_serviceescalation', + 'nagios_serviceextinfo', + 'nagios_contact', + 'nagios_contactgroup', + 'nagios_command', + 'nagios_timeperiod' ]: + purge => true, + } + + + # collect resources and populate /etc/nagios/conf.d/nagios_*.cfg + Nagios_host <<||>> { notify => Service['nagios'] } + Nagios_hostgroup <<||>> { notify => Service['nagios'] } + Nagios_hostdependency <<||>> { notify => Service['nagios'] } + Nagios_hostescalation <<||>> { notify => Service['nagios'] } + Nagios_hostextinfo <<||>> { notify => Service['nagios'] } + Nagios_service <<||>> { notify => Service['nagios'] } + Nagios_servicegroup <<||>> { notify => Service['nagios'] } + Nagios_servicedependency <<||>> { notify => Service['nagios'] } + Nagios_serviceescalation <<||>> { notify => Service['nagios'] } + Nagios_serviceextinfo <<||>> { notify => Service['nagios'] } + Nagios_contact <<||>> { notify => Service['nagios'] } + Nagios_contactgroup <<||>> { notify => Service['nagios'] } + Nagios_command <<||>> { notify => Service['nagios'] } + Nagios_timeperiod <<||>> { notify => Service['nagios'] } + } + + + } } diff --git a/templates/httpd/nagios_conf.erb b/templates/httpd/nagios_conf.erb deleted file mode 100644 index 3d1ad3a..0000000 --- a/templates/httpd/nagios_conf.erb +++ /dev/null @@ -1,87 +0,0 @@ -################################################################################ -########## /etc/httpd/conf.d/nagios.conf created by Puppet ########### -########## manual changes will be overwritten !!! ########### -################################################################################ -########## full reference is available at ########### -########## https://confdroid.com/2017/07/nagios-nagios-conf/ ########### -################################################################################ - -ScriptAlias /nagios/cgi-bin/ "/usr/lib64/nagios/cgi-bin/" - - -<% if @ng_use_https == true -%> - SSLRequireSSL -<% else -%> -# SSLRequireSSL -<% end -%> - Options ExecCGI - AllowOverride None - = 2.3> - - Require all granted -<% unless @ng_required_hosts.empty? -%> - Require host <%= @ng_required_hosts %> -<% end -%> -<% unless @ng_required_ips.empty? -%> - Require ip <%= @ng_required_ips %> -<% end -%> - AuthName "Nagios Access" - AuthType Basic - AuthUserFile /etc/nagios/passwd - Require valid-user - - - - Order allow,deny -<% unless @ng_required_hosts.empty? -%> - Allow from <%= @ng_required_hosts %> -<% end -%> -<% unless @ng_required_ips.empty? -%> - Allow from <%= @ng_required_ips %> -<% end -%> - AuthName "Nagios Access" - AuthType Basic - AuthUserFile /etc/nagios/passwd - Require valid-user - - - -Alias /nagios "/usr/share/nagios/html" - - -<% if @ng_use_https == true -%> - SSLRequireSSL -<% else -%> -# SSLRequireSSL -<% end -%> - Options None - AllowOverride None - = 2.3> - - Require all granted -<% unless @ng_required_hosts.empty? -%> - Require host <%= @ng_required_hosts %> -<% end -%> -<% unless @ng_required_ips.empty? -%> - Require ip <%= @ng_required_ips %> -<% end -%> - AuthName "Nagios Access" - AuthType Basic - AuthUserFile /etc/nagios/passwd - Require valid-user - - - - Order allow,deny -<% unless @ng_required_hosts.empty? -%> - Allow from <%= @ng_required_hosts %> -<% end -%> -<% unless @ng_required_ips.empty? -%> - Allow from <%= @ng_required_ips %> -<% end -%> - AuthName "Nagios Access" - AuthType Basic - AuthUserFile /etc/nagios/passwd - Require valid-user - - diff --git a/templates/nagios/nagios_cfg.erb b/templates/nagios/nagios_cfg.erb new file mode 100644 index 0000000..16fe9f5 --- /dev/null +++ b/templates/nagios/nagios_cfg.erb @@ -0,0 +1,861 @@ +################################################################################ +##### nagios.cfg created by Puppet | manual changes will be overwritten ##### +################################################################################ +##### full reference for the original available at ##### +##### https://confdroid.com/2017/07/nagios-nagios-cfg-v-4-3-2/ ##### +################################################################################ + +log_file=<%= @ng_log_file %> + +cfg_dir=<%= @ng_conf_d_dir %> + +object_cache_file=<%= @ng_object_cache_file %> + +precached_object_file=<%= @ng_precached_obj_file %> + +resource_file=<%= @ng_resource_file %> + +status_file=<%= @ng_status_file %> + +status_update_interval=<%= @ng_status_upd_interval %> + +nagios_user=<%= @ng_user %> +nagios_group=<%= @ng_user %> + +check_external_commands=<%= @ng_check_ext_commands %> +command_file=<%= @ng_command_file %> + +<% if @ng_enable_query_handler == true -%> +query_socket=<%= @ng_query_socket %> +<% end -%> + +lock_file=<%= @ng_lock_file %> +temp_file=<%= @ng_temp_file %> +temp_path=<%= @ng_temp_path %> + +event_broker_options=<%= @ng_event_broker_options %> + +<% unless @ng_event_broker_module.empty? -%> +<% @ng_event_broker_module.each do |broker_module| -%> +broker_module=<%= broker_module %> +<% end end -%> + +log_rotation_method=<%= @ng_log_rotation_method %> +log_archive_path=<%= @ng_log_archive_path %> +use_syslog=<%= @ng_use_syslog %> +log_notifications=<%= @ng_log_notifications %> +log_service_retries=<%= @ng_log_service_retries %> +log_host_retries=<%= @ng_log_host_retries %> +log_event_handlers=<%= @ng_log_event_handlers %> +log_initial_states=<%= @ng_log_initial_states %> +log_current_states=<%= @ng_log_current_states %> +log_external_commands=<%= @ng_log_external_commands %> +log_passive_checks=<%= @ng_log_passive_checks %> + +<% unless @ng_glob_host_evt_handler.empty? -%> +<% @ng_glob_host_evt_handler.each do |global_host_event_handler| -%> +global_host_event_handler=<%= @ng_glob_host_evt_handler %> +<% end end -%> +<% unless @ng_glob_svc_evt_handler.empty? -%> +<% @ng_glob_svc_evt_handler.each do |global_service_event_handler| -%> +global_service_event_handler=<%= @ng_glob_svc_evt_handler %> +<% end end -%> + +service_inter_check_delay_method=<%= @ng_svc_int_check_delay %> +max_service_check_spread=<%= @ng_max_svc_check_spread %> +service_interleave_factor=<%= @ng_svc_interleave_factor %> + +host_inter_check_delay_method=<%= @ng_host_int_check_delay %> +max_host_check_spread=<%= @ng_max_host_check_spread %> + +max_concurrent_checks=<%= @ng_max_concurrent_checks %> +check_result_reaper_frequency=<%= @ng_check_res_reaper_freq %> +max_check_result_reaper_time=<%= @ng_max_check_res_reap_time %> + +check_result_path=<%= @ng_check_result_path %> +max_check_result_file_age=<%= @ng_max_check_res_file_age %> +cached_host_check_horizon=<%= @ng_cached_h_check_horizon %> +cached_service_check_horizon=<%= @ng_cached_s_check_horizon %> + +enable_predictive_host_dependency_checks=<%= @ng_pred_host_dep_checks %> +enable_predictive_service_dependency_checks=<%= @ng_pred_svc_dep_checks %> + +soft_state_dependencies=<%= @ng_soft_state_dependencies %> + +time_change_threshold=<%= @ng_time_change_threshold %> + +auto_reschedule_checks=<%= @ng_auto_reschedule_checks %> +auto_rescheduling_interval=<%= @ng_auto_reschedule_intval %> +auto_rescheduling_window=<%= @ng_auto_reschedule_window %> + + + +# TIMEOUT VALUES +# These options control how much time Nagios will allow various +# types of commands to execute before killing them off. Options +# are available for controlling maximum time allotted for +# service checks, host checks, event handlers, notifications, the +# ocsp command, and performance data commands. All values are in +# seconds. + +service_check_timeout=60 +host_check_timeout=30 +event_handler_timeout=30 +notification_timeout=30 +ocsp_timeout=5 +perfdata_timeout=5 + + + +# RETAIN STATE INFORMATION +# This setting determines whether or not Nagios will save state +# information for services and hosts before it shuts down. Upon +# startup Nagios will reload all saved service and host state +# information before starting to monitor. This is useful for +# maintaining long-term data on state statistics, etc, but will +# slow Nagios down a bit when it (re)starts. Since its only +# a one-time penalty, I think its well worth the additional +# startup delay. + +retain_state_information=1 + + + +# STATE RETENTION FILE +# This is the file that Nagios should use to store host and +# service state information before it shuts down. The state +# information in this file is also read immediately prior to +# starting to monitor the network when Nagios is restarted. +# This file is used only if the retain_state_information +# variable is set to 1. + +state_retention_file=/var/spool/nagios/retention.dat + + + +# RETENTION DATA UPDATE INTERVAL +# This setting determines how often (in minutes) that Nagios +# will automatically save retention data during normal operation. +# If you set this value to 0, Nagios will not save retention +# data at regular interval, but it will still save retention +# data before shutting down or restarting. If you have disabled +# state retention, this option has no effect. + +retention_update_interval=60 + + + +# USE RETAINED PROGRAM STATE +# This setting determines whether or not Nagios will set +# program status variables based on the values saved in the +# retention file. If you want to use retained program status +# information, set this value to 1. If not, set this value +# to 0. + +use_retained_program_state=1 + + + +# USE RETAINED SCHEDULING INFO +# This setting determines whether or not Nagios will retain +# the scheduling info (next check time) for hosts and services +# based on the values saved in the retention file. If you +# If you want to use retained scheduling info, set this +# value to 1. If not, set this value to 0. + +use_retained_scheduling_info=1 + + + +# RETAINED ATTRIBUTE MASKS (ADVANCED FEATURE) +# The following variables are used to specify specific host and +# service attributes that should *not* be retained by Nagios during +# program restarts. +# +# The values of the masks are bitwise ANDs of values specified +# by the "MODATTR_" definitions found in include/common.h. +# For example, if you do not want the current enabled/disabled state +# of flap detection and event handlers for hosts to be retained, you +# would use a value of 24 for the host attribute mask... +# MODATTR_EVENT_HANDLER_ENABLED (8) + MODATTR_FLAP_DETECTION_ENABLED (16) = 24 + +# This mask determines what host attributes are not retained +retained_host_attribute_mask=0 + +# This mask determines what service attributes are not retained +retained_service_attribute_mask=0 + +# These two masks determine what process attributes are not retained. +# There are two masks, because some process attributes have host and service +# options. For example, you can disable active host checks, but leave active +# service checks enabled. +retained_process_host_attribute_mask=0 +retained_process_service_attribute_mask=0 + +# These two masks determine what contact attributes are not retained. +# There are two masks, because some contact attributes have host and +# service options. For example, you can disable host notifications for +# a contact, but leave service notifications enabled for them. +retained_contact_host_attribute_mask=0 +retained_contact_service_attribute_mask=0 + + + +# INTERVAL LENGTH +# This is the seconds per unit interval as used in the +# host/contact/service configuration files. Setting this to 60 means +# that each interval is one minute long (60 seconds). Other settings +# have not been tested much, so your mileage is likely to vary... + +interval_length=60 + + + +# CHECK FOR UPDATES +# This option determines whether Nagios will automatically check to +# see if new updates (releases) are available. It is recommend that you +# enable this option to ensure that you stay on top of the latest critical +# patches to Nagios. Nagios is critical to you - make sure you keep it in +# good shape. Nagios will check once a day for new updates. Data collected +# by Nagios Enterprises from the update check is processed in accordance +# with our privacy policy - see https://api.nagios.org for details. + +check_for_updates=1 + + + +# BARE UPDATE CHECK +# This option determines what data Nagios will send to api.nagios.org when +# it checks for updates. By default, Nagios will send information on the +# current version of Nagios you have installed, as well as an indicator as +# to whether this was a new installation or not. Nagios Enterprises uses +# this data to determine the number of users running specific version of +# Nagios. Enable this option if you do not want this information to be sent. + +bare_update_check=0 + + + +# AGGRESSIVE HOST CHECKING OPTION +# If you don't want to turn on aggressive host checking features, set +# this value to 0 (the default). Otherwise set this value to 1 to +# enable the aggressive check option. Read the docs for more info +# on what aggressive host check is or check out the source code in +# base/checks.c + +use_aggressive_host_checking=0 + + + +# SERVICE CHECK EXECUTION OPTION +# This determines whether or not Nagios will actively execute +# service checks when it initially starts. If this option is +# disabled, checks are not actively made, but Nagios can still +# receive and process passive check results that come in. Unless +# you're implementing redundant hosts or have a special need for +# disabling the execution of service checks, leave this enabled! +# Values: 1 = enable checks, 0 = disable checks + +execute_service_checks=1 + + + +# PASSIVE SERVICE CHECK ACCEPTANCE OPTION +# This determines whether or not Nagios will accept passive +# service checks results when it initially (re)starts. +# Values: 1 = accept passive checks, 0 = reject passive checks + +accept_passive_service_checks=1 + + + +# HOST CHECK EXECUTION OPTION +# This determines whether or not Nagios will actively execute +# host checks when it initially starts. If this option is +# disabled, checks are not actively made, but Nagios can still +# receive and process passive check results that come in. Unless +# you're implementing redundant hosts or have a special need for +# disabling the execution of host checks, leave this enabled! +# Values: 1 = enable checks, 0 = disable checks + +execute_host_checks=1 + + + +# PASSIVE HOST CHECK ACCEPTANCE OPTION +# This determines whether or not Nagios will accept passive +# host checks results when it initially (re)starts. +# Values: 1 = accept passive checks, 0 = reject passive checks + +accept_passive_host_checks=1 + + + +# NOTIFICATIONS OPTION +# This determines whether or not Nagios will sent out any host or +# service notifications when it is initially (re)started. +# Values: 1 = enable notifications, 0 = disable notifications + +enable_notifications=1 + + + +# EVENT HANDLER USE OPTION +# This determines whether or not Nagios will run any host or +# service event handlers when it is initially (re)started. Unless +# you're implementing redundant hosts, leave this option enabled. +# Values: 1 = enable event handlers, 0 = disable event handlers + +enable_event_handlers=1 + + + +# PROCESS PERFORMANCE DATA OPTION +# This determines whether or not Nagios will process performance +# data returned from service and host checks. If this option is +# enabled, host performance data will be processed using the +# host_perfdata_command (defined below) and service performance +# data will be processed using the service_perfdata_command (also +# defined below). Read the HTML docs for more information on +# performance data. +# Values: 1 = process performance data, 0 = do not process performance data + +process_performance_data=0 + + + +# HOST AND SERVICE PERFORMANCE DATA PROCESSING COMMANDS +# These commands are run after every host and service check is +# performed. These commands are executed only if the +# enable_performance_data option (above) is set to 1. The command +# argument is the short name of a command definition that you +# define in your host configuration file. Read the HTML docs for +# more information on performance data. + +#host_perfdata_command=process-host-perfdata +#service_perfdata_command=process-service-perfdata + + + +# HOST AND SERVICE PERFORMANCE DATA FILES +# These files are used to store host and service performance data. +# Performance data is only written to these files if the +# enable_performance_data option (above) is set to 1. + +#host_perfdata_file=/var/spool/nagios/host-perfdata +#service_perfdata_file=/var/spool/nagios/service-perfdata + + + +# HOST AND SERVICE PERFORMANCE DATA FILE TEMPLATES +# These options determine what data is written (and how) to the +# performance data files. The templates may contain macros, special +# characters (\t for tab, \r for carriage return, \n for newline) +# and plain text. A newline is automatically added after each write +# to the performance data file. Some examples of what you can do are +# shown below. + +#host_perfdata_file_template=[HOSTPERFDATA]\t$TIMET$\t$HOSTNAME$\t$HOSTEXECUTIONTIME$\t$HOSTOUTPUT$\t$HOSTPERFDATA$ +#service_perfdata_file_template=[SERVICEPERFDATA]\t$TIMET$\t$HOSTNAME$\t$SERVICEDESC$\t$SERVICEEXECUTIONTIME$\t$SERVICELATENCY$\t$SERVICEOUTPUT$\t$SERVICEPERFDATA$ + + + +# HOST AND SERVICE PERFORMANCE DATA FILE MODES +# This option determines whether or not the host and service +# performance data files are opened in write ("w") or append ("a") +# mode. If you want to use named pipes, you should use the special +# pipe ("p") mode which avoid blocking at startup, otherwise you will +# likely want the default append ("a") mode. + +#host_perfdata_file_mode=a +#service_perfdata_file_mode=a + + + +# HOST AND SERVICE PERFORMANCE DATA FILE PROCESSING INTERVAL +# These options determine how often (in seconds) the host and service +# performance data files are processed using the commands defined +# below. A value of 0 indicates the files should not be periodically +# processed. + +#host_perfdata_file_processing_interval=0 +#service_perfdata_file_processing_interval=0 + + + +# HOST AND SERVICE PERFORMANCE DATA FILE PROCESSING COMMANDS +# These commands are used to periodically process the host and +# service performance data files. The interval at which the +# processing occurs is determined by the options above. + +#host_perfdata_file_processing_command=process-host-perfdata-file +#service_perfdata_file_processing_command=process-service-perfdata-file + + + +# HOST AND SERVICE PERFORMANCE DATA PROCESS EMPTY RESULTS +# These options determine wether the core will process empty perfdata +# results or not. This is needed for distributed monitoring, and intentionally +# turned on by default. +# If you don't require empty perfdata - saving some cpu cycles +# on unwanted macro calculation - you can turn that off. Be careful! +# Values: 1 = enable, 0 = disable + +#host_perfdata_process_empty_results=1 +#service_perfdata_process_empty_results=1 + + +# OBSESS OVER SERVICE CHECKS OPTION +# This determines whether or not Nagios will obsess over service +# checks and run the ocsp_command defined below. Unless you're +# planning on implementing distributed monitoring, do not enable +# this option. Read the HTML docs for more information on +# implementing distributed monitoring. +# Values: 1 = obsess over services, 0 = do not obsess (default) + +obsess_over_services=0 + + + +# OBSESSIVE COMPULSIVE SERVICE PROCESSOR COMMAND +# This is the command that is run for every service check that is +# processed by Nagios. This command is executed only if the +# obsess_over_services option (above) is set to 1. The command +# argument is the short name of a command definition that you +# define in your host configuration file. Read the HTML docs for +# more information on implementing distributed monitoring. + +#ocsp_command=somecommand + + + +# OBSESS OVER HOST CHECKS OPTION +# This determines whether or not Nagios will obsess over host +# checks and run the ochp_command defined below. Unless you're +# planning on implementing distributed monitoring, do not enable +# this option. Read the HTML docs for more information on +# implementing distributed monitoring. +# Values: 1 = obsess over hosts, 0 = do not obsess (default) + +obsess_over_hosts=0 + + + +# OBSESSIVE COMPULSIVE HOST PROCESSOR COMMAND +# This is the command that is run for every host check that is +# processed by Nagios. This command is executed only if the +# obsess_over_hosts option (above) is set to 1. The command +# argument is the short name of a command definition that you +# define in your host configuration file. Read the HTML docs for +# more information on implementing distributed monitoring. + +#ochp_command=somecommand + + + +# TRANSLATE PASSIVE HOST CHECKS OPTION +# This determines whether or not Nagios will translate +# DOWN/UNREACHABLE passive host check results into their proper +# state for this instance of Nagios. This option is useful +# if you have distributed or failover monitoring setup. In +# these cases your other Nagios servers probably have a different +# "view" of the network, with regards to the parent/child relationship +# of hosts. If a distributed monitoring server thinks a host +# is DOWN, it may actually be UNREACHABLE from the point of +# this Nagios instance. Enabling this option will tell Nagios +# to translate any DOWN or UNREACHABLE host states it receives +# passively into the correct state from the view of this server. +# Values: 1 = perform translation, 0 = do not translate (default) + +translate_passive_host_checks=0 + + + +# PASSIVE HOST CHECKS ARE SOFT OPTION +# This determines whether or not Nagios will treat passive host +# checks as being HARD or SOFT. By default, a passive host check +# result will put a host into a HARD state type. This can be changed +# by enabling this option. +# Values: 0 = passive checks are HARD, 1 = passive checks are SOFT + +passive_host_checks_are_soft=0 + + + +# ORPHANED HOST/SERVICE CHECK OPTIONS +# These options determine whether or not Nagios will periodically +# check for orphaned host service checks. Since service checks are +# not rescheduled until the results of their previous execution +# instance are processed, there exists a possibility that some +# checks may never get rescheduled. A similar situation exists for +# host checks, although the exact scheduling details differ a bit +# from service checks. Orphaned checks seem to be a rare +# problem and should not happen under normal circumstances. +# If you have problems with service checks never getting +# rescheduled, make sure you have orphaned service checks enabled. +# Values: 1 = enable checks, 0 = disable checks + +check_for_orphaned_services=1 +check_for_orphaned_hosts=1 + + + +# SERVICE FRESHNESS CHECK OPTION +# This option determines whether or not Nagios will periodically +# check the "freshness" of service results. Enabling this option +# is useful for ensuring passive checks are received in a timely +# manner. +# Values: 1 = enabled freshness checking, 0 = disable freshness checking + +check_service_freshness=1 + + + +# SERVICE FRESHNESS CHECK INTERVAL +# This setting determines how often (in seconds) Nagios will +# check the "freshness" of service check results. If you have +# disabled service freshness checking, this option has no effect. + +service_freshness_check_interval=60 + + + +# SERVICE CHECK TIMEOUT STATE +# This setting determines the state Nagios will report when a +# service check times out - that is does not respond within +# service_check_timeout seconds. This can be useful if a +# machine is running at too high a load and you do not want +# to consider a failed service check to be critical (the default). +# Valid settings are: +# c - Critical (default) +# u - Unknown +# w - Warning +# o - OK + +service_check_timeout_state=c + + + +# HOST FRESHNESS CHECK OPTION +# This option determines whether or not Nagios will periodically +# check the "freshness" of host results. Enabling this option +# is useful for ensuring passive checks are received in a timely +# manner. +# Values: 1 = enabled freshness checking, 0 = disable freshness checking + +check_host_freshness=0 + + + +# HOST FRESHNESS CHECK INTERVAL +# This setting determines how often (in seconds) Nagios will +# check the "freshness" of host check results. If you have +# disabled host freshness checking, this option has no effect. + +host_freshness_check_interval=60 + + + + +# ADDITIONAL FRESHNESS THRESHOLD LATENCY +# This setting determines the number of seconds that Nagios +# will add to any host and service freshness thresholds that +# it calculates (those not explicitly specified by the user). + +additional_freshness_latency=15 + + + + +# FLAP DETECTION OPTION +# This option determines whether or not Nagios will try +# and detect hosts and services that are "flapping". +# Flapping occurs when a host or service changes between +# states too frequently. When Nagios detects that a +# host or service is flapping, it will temporarily suppress +# notifications for that host/service until it stops +# flapping. Flap detection is very experimental, so read +# the HTML documentation before enabling this feature! +# Values: 1 = enable flap detection +# 0 = disable flap detection (default) + +enable_flap_detection=1 + + + +# FLAP DETECTION THRESHOLDS FOR HOSTS AND SERVICES +# Read the HTML documentation on flap detection for +# an explanation of what this option does. This option +# has no effect if flap detection is disabled. + +low_service_flap_threshold=5.0 +high_service_flap_threshold=20.0 +low_host_flap_threshold=5.0 +high_host_flap_threshold=20.0 + + + +# DATE FORMAT OPTION +# This option determines how short dates are displayed. Valid options +# include: +# us (MM-DD-YYYY HH:MM:SS) +# euro (DD-MM-YYYY HH:MM:SS) +# iso8601 (YYYY-MM-DD HH:MM:SS) +# strict-iso8601 (YYYY-MM-DDTHH:MM:SS) +# + +date_format=us + + + + +# TIMEZONE OFFSET +# This option is used to override the default timezone that this +# instance of Nagios runs in. If not specified, Nagios will use +# the system configured timezone. +# +# NOTE: In order to display the correct timezone in the CGIs, you +# will also need to alter the Apache directives for the CGI path +# to include your timezone. Example: +# +# +# SetEnv TZ "Australia/Brisbane" +# ... +# + +#use_timezone=US/Mountain +#use_timezone=Australia/Brisbane + + + +# ILLEGAL OBJECT NAME CHARACTERS +# This option allows you to specify illegal characters that cannot +# be used in host names, service descriptions, or names of other +# object types. + +illegal_object_name_chars=`~!$%^&*|'"<>?,()= + + + +# ILLEGAL MACRO OUTPUT CHARACTERS +# This option allows you to specify illegal characters that are +# stripped from macros before being used in notifications, event +# handlers, etc. This DOES NOT affect macros used in service or +# host check commands. +# The following macros are stripped of the characters you specify: +# $HOSTOUTPUT$ +# $LONGHOSTOUTPUT$ +# $HOSTPERFDATA$ +# $HOSTACKAUTHOR$ +# $HOSTACKCOMMENT$ +# $SERVICEOUTPUT$ +# $LONGSERVICEOUTPUT$ +# $SERVICEPERFDATA$ +# $SERVICEACKAUTHOR$ +# $SERVICEACKCOMMENT$ + +illegal_macro_output_chars=`~$&|'"<> + + + +# REGULAR EXPRESSION MATCHING +# This option controls whether or not regular expression matching +# takes place in the object config files. Regular expression +# matching is used to match host, hostgroup, service, and service +# group names/descriptions in some fields of various object types. +# Values: 1 = enable regexp matching, 0 = disable regexp matching + +use_regexp_matching=0 + + + +# "TRUE" REGULAR EXPRESSION MATCHING +# This option controls whether or not "true" regular expression +# matching takes place in the object config files. This option +# only has an effect if regular expression matching is enabled +# (see above). If this option is DISABLED, regular expression +# matching only occurs if a string contains wildcard characters +# (* and ?). If the option is ENABLED, regexp matching occurs +# all the time (which can be annoying). +# Values: 1 = enable true matching, 0 = disable true matching + +use_true_regexp_matching=0 + + + +# ADMINISTRATOR EMAIL/PAGER ADDRESSES +# The email and pager address of a global administrator (likely you). +# Nagios never uses these values itself, but you can access them by +# using the $ADMINEMAIL$ and $ADMINPAGER$ macros in your notification +# commands. + +admin_email=nagios@localhost +admin_pager=pagenagios@localhost + + + +# DAEMON CORE DUMP OPTION +# This option determines whether or not Nagios is allowed to create +# a core dump when it runs as a daemon. Note that it is generally +# considered bad form to allow this, but it may be useful for +# debugging purposes. Enabling this option doesn't guarantee that +# a core file will be produced, but that's just life... +# Values: 1 - Allow core dumps +# 0 - Do not allow core dumps (default) + +daemon_dumps_core=0 + + + +# LARGE INSTALLATION TWEAKS OPTION +# This option determines whether or not Nagios will take some shortcuts +# which can save on memory and CPU usage in large Nagios installations. +# Read the documentation for more information on the benefits/tradeoffs +# of enabling this option. +# Values: 1 - Enabled tweaks +# 0 - Disable tweaks (default) + +use_large_installation_tweaks=0 + + + +# ENABLE ENVIRONMENT MACROS +# This option determines whether or not Nagios will make all standard +# macros available as environment variables when host/service checks +# and system commands (event handlers, notifications, etc.) are +# executed. +# Enabling this is a very bad idea for anything but very small setups, +# as it means plugins, notification scripts and eventhandlers may run +# out of environment space. It will also cause a significant increase +# in CPU- and memory usage and drastically reduce the number of checks +# you can run. +# Values: 1 - Enable environment variable macros +# 0 - Disable environment variable macros (default) + +enable_environment_macros=0 + + + +# CHILD PROCESS MEMORY OPTION +# This option determines whether or not Nagios will free memory in +# child processes (processed used to execute system commands and host/ +# service checks). If you specify a value here, it will override +# program defaults. +# Value: 1 - Free memory in child processes +# 0 - Do not free memory in child processes + +#free_child_process_memory=1 + + + +# CHILD PROCESS FORKING BEHAVIOR +# This option determines how Nagios will fork child processes +# (used to execute system commands and host/service checks). Normally +# child processes are fork()ed twice, which provides a very high level +# of isolation from problems. Fork()ing once is probably enough and will +# save a great deal on CPU usage (in large installs), so you might +# want to consider using this. If you specify a value here, it will +# program defaults. +# Value: 1 - Child processes fork() twice +# 0 - Child processes fork() just once + +#child_processes_fork_twice=1 + + + +# DEBUG LEVEL +# This option determines how much (if any) debugging information will +# be written to the debug file. OR values together to log multiple +# types of information. +# Values: +# -1 = Everything +# 0 = Nothing +# 1 = Functions +# 2 = Configuration +# 4 = Process information +# 8 = Scheduled events +# 16 = Host/service checks +# 32 = Notifications +# 64 = Event broker +# 128 = External commands +# 256 = Commands +# 512 = Scheduled downtime +# 1024 = Comments +# 2048 = Macros + +debug_level=0 + + + +# DEBUG VERBOSITY +# This option determines how verbose the debug log out will be. +# Values: 0 = Brief output +# 1 = More detailed +# 2 = Very detailed + +debug_verbosity=1 + + + +# DEBUG FILE +# This option determines where Nagios should write debugging information. + +debug_file=/var/spool/nagios/nagios.debug + + + +# MAX DEBUG FILE SIZE +# This option determines the maximum size (in bytes) of the debug file. If +# the file grows larger than this size, it will be renamed with a .old +# extension. If a file already exists with a .old extension it will +# automatically be deleted. This helps ensure your disk space usage doesn't +# get out of control when debugging Nagios. + +max_debug_file_size=1000000 + + + +# Should we allow hostgroups to have no hosts, we default this to off since +# that was the old behavior + +allow_empty_hostgroup_assignment=0 + + + +# Normally worker count is dynamically allocated based on 1.5 * number of cpu's +# with a minimum of 4 workers. This value will override the defaults + +#check_workers=3 + + + +# DISABLE SERVICE CHECKS WHEN HOST DOWN +# This option will disable all service checks if the host is not in an UP state +# +# While desirable in some environments, enabling this value can distort report +# values as the expected quantity of checks will not have been performed + +#host_down_disable_service_checks=0 + + + +# EXPERIMENTAL load controlling options +# To get current defaults based on your system issue a command to +# the query handler. Please note that this is an experimental feature +# and not meant for production use. Used incorrectly it can induce +# enormous latency. +# #core loadctl +# jobs_max - The maximum amount of jobs to run at one time +# jobs_min - The minimum amount of jobs to run at one time +# jobs_limit - The maximum amount of jobs the current load lets us run +# backoff_limit - The minimum backoff_change +# backoff_change - # of jobs to remove from jobs_limit when backing off +# rampup_limit - Minimum rampup_change +# rampup_change - # of jobs to add to jobs_limit when ramping up +# NOTE: The backoff_limit and rampup_limit are NOT used by anything currently, +# so if your system is under load nothing will actively modify the jobs +# even if you have these options enabled, they are for external +# connector information only. However, if you change the jobs_max or +# jobs_min manually here or through the query handler interface that +# WILL affect your system +#loadctl_options=jobs_max=100;backoff_limit=10;rampup_change=5 From 20d67e00bc493b5f52b2d6da2f7113c30841d6e0 Mon Sep 17 00:00:00 2001 From: Arne Teuke Date: Mon, 24 Jul 2017 16:04:06 +0100 Subject: [PATCH 2/3] adding more parameters --- manifests/server/service.pp | 84 ++++++++++++++++++------------------- 1 file changed, 40 insertions(+), 44 deletions(-) diff --git a/manifests/server/service.pp b/manifests/server/service.pp index 467e1fc..5d8cbd2 100644 --- a/manifests/server/service.pp +++ b/manifests/server/service.pp @@ -37,53 +37,49 @@ class cd_nagios::server::service ( } @@nagios_service { "check_nagios${::hostname}": - check_command => 'check_nagios!/var/log/nagios/status.dat!5!/usr/sbin/nagios', - use => 'generic-service', - host_name => $::fqdn, - notification_period => '24x7', - target => $ng_target_service, - owner => 'nagios', - group => 'nagios', - mode => '660', - contacts => 'DevOps', - } - - resources { [ 'nagios_host', - 'nagios_hostgroup', - 'nagios_hostdependency', - 'nagios_hostescalation', - 'nagios_hostextinfo', - 'nagios_service', - 'nagios_servicegroup', - 'nagios_servicedependency', - 'nagios_serviceescalation', - 'nagios_serviceextinfo', - 'nagios_contact', - 'nagios_contactgroup', - 'nagios_command', - 'nagios_timeperiod' ]: - purge => true, - } - - - # collect resources and populate /etc/nagios/conf.d/nagios_*.cfg - Nagios_host <<||>> { notify => Service['nagios'] } - Nagios_hostgroup <<||>> { notify => Service['nagios'] } - Nagios_hostdependency <<||>> { notify => Service['nagios'] } - Nagios_hostescalation <<||>> { notify => Service['nagios'] } - Nagios_hostextinfo <<||>> { notify => Service['nagios'] } - Nagios_service <<||>> { notify => Service['nagios'] } - Nagios_servicegroup <<||>> { notify => Service['nagios'] } - Nagios_servicedependency <<||>> { notify => Service['nagios'] } - Nagios_serviceescalation <<||>> { notify => Service['nagios'] } - Nagios_serviceextinfo <<||>> { notify => Service['nagios'] } - Nagios_contact <<||>> { notify => Service['nagios'] } - Nagios_contactgroup <<||>> { notify => Service['nagios'] } - Nagios_command <<||>> { notify => Service['nagios'] } - Nagios_timeperiod <<||>> { notify => Service['nagios'] } + check_command => 'check_nagios!/var/log/nagios/status.dat!5!/usr/sbin/nagios', + use => 'generic-service', + host_name => $::fqdn, + notification_period => '24x7', + target => $ng_target_service, + owner => 'nagios', + group => 'nagios', + mode => '660', + contacts => 'DevOps', } + resources { [ 'nagios_host', + 'nagios_hostgroup', + 'nagios_hostdependency', + 'nagios_hostescalation', + 'nagios_hostextinfo', + 'nagios_service', + 'nagios_servicegroup', + 'nagios_servicedependency', + 'nagios_serviceescalation', + 'nagios_serviceextinfo', + 'nagios_contact', + 'nagios_contactgroup', + 'nagios_command', + 'nagios_timeperiod' ]: + purge => true, + } + # collect resources and populate /etc/nagios/conf.d/nagios_*.cfg + Nagios_host <<||>> { notify => Service['nagios'] } + Nagios_hostgroup <<||>> { notify => Service['nagios'] } + Nagios_hostdependency <<||>> { notify => Service['nagios'] } + Nagios_hostescalation <<||>> { notify => Service['nagios'] } + Nagios_hostextinfo <<||>> { notify => Service['nagios'] } + Nagios_service <<||>> { notify => Service['nagios'] } + Nagios_servicegroup <<||>> { notify => Service['nagios'] } + Nagios_servicedependency <<||>> { notify => Service['nagios'] } + Nagios_serviceescalation <<||>> { notify => Service['nagios'] } + Nagios_serviceextinfo <<||>> { notify => Service['nagios'] } + Nagios_contact <<||>> { notify => Service['nagios'] } + Nagios_contactgroup <<||>> { notify => Service['nagios'] } + Nagios_command <<||>> { notify => Service['nagios'] } + Nagios_timeperiod <<||>> { notify => Service['nagios'] } } } From f4daf7fcf0ae6fa99218f4e02d5a873f26107489 Mon Sep 17 00:00:00 2001 From: Jenkins Server Date: Mon, 24 Jul 2017 17:04:22 +0200 Subject: [PATCH 3/3] recommit for updates in build 67 --- CHANGELOG.md | 10 + REPOSTRUCTURE.md | 4 +- doc/_index.html | 2 +- doc/file.README.html | 28 +- doc/index.html | 28 +- doc/puppet_classes/cd_nagios.html | 2 +- .../cd_nagios_3A_3Acertbot_3A_3Acerts.html | 2 +- .../cd_nagios_3A_3Aclient_3A_3Atarget.html | 2 +- ...cd_nagios_3A_3Afirewall_3A_3Aiptables.html | 2 +- .../cd_nagios_3A_3Amain_3A_3Aconfig.html | 2 +- .../cd_nagios_3A_3Amain_3A_3Adirs.html | 2 +- .../cd_nagios_3A_3Amain_3A_3Ainstall.html | 2 +- .../cd_nagios_3A_3Amain_3A_3Auser.html | 2 +- doc/puppet_classes/cd_nagios_3A_3Aparams.html | 1779 ++++++++++++++--- .../cd_nagios_3A_3Aselinux_3A_3Aconfig.html | 2 +- ..._nagios_3A_3Aserver_3A_3Aaccess_rules.html | 2 +- .../cd_nagios_3A_3Aserver_3A_3Afiles.html | 36 +- .../cd_nagios_3A_3Aserver_3A_3Aservice.html | 96 +- .../cd_nagios_3A_3Aserver_3A_3Aaccess.html | 2 +- doc/top-level-namespace.html | 2 +- tests/UTF_Files | 1 + 21 files changed, 1679 insertions(+), 329 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index d43c4ab..9d4a42d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,16 @@ Changelog of Git Changelog.

No issue

+5ff13eb48507109 Jenkins Server 2017-07-24 11:07:40 +

+

recommit for updates in build 65

+ +

+62c755dcd38020c Arne Teuke 2017-07-24 11:07:29 +

+

fixed forwarding

+ +

0812a3559d254ee Jenkins Server 2017-07-23 13:13:13

recommit for updates in build 64

diff --git a/REPOSTRUCTURE.md b/REPOSTRUCTURE.md index d728652..acf8c42 100644 --- a/REPOSTRUCTURE.md +++ b/REPOSTRUCTURE.md @@ -61,11 +61,11 @@ | |-- httpd | | |-- forward_conf.erb | | |-- index_html.erb -| | |-- nagios_conf.erb | | `-- nagios_ssl_vhost.erb | |-- nagios | | |-- cgi_cfg.erb -| | `-- htpasswd_rule.erb +| | |-- htpasswd_rule.erb +| | `-- nagios_cfg.erb | `-- selinux | |-- statuscgi.erb | `-- taccgi.erb diff --git a/doc/_index.html b/doc/_index.html index eda3270..0aaddc3 100644 --- a/doc/_index.html +++ b/doc/_index.html @@ -186,7 +186,7 @@ diff --git a/doc/file.README.html b/doc/file.README.html index e91987a..3f0c3c2 100644 --- a/doc/file.README.html +++ b/doc/file.README.html @@ -140,16 +140,18 @@ install client binaries on clients

directories (filesystem permissions, selinux ) * manage cgi.cfg through parameters -* manage nagios users through external Puppet rules via define -* -configure NRPE on clients (optional) +* manage nagios.cfg through parameters +* manage nagios users +through external Puppet rules via define +* configure NRPE on clients +(optional) * configure firewall (optional) -* -configure selinux policies (optional) -* configure forwarding http to https -including accesing the /nagios url directly (optional) -* manage TLS -certificates through certbot (optional)

+* configure selinux policies +(optional) +* configure forwarding http to https including accesing the +/nagios url directly (optional) +* manage TLS certificates through certbot +(optional)

Service * manage Nagios service on server @@ -231,12 +233,12 @@ Requires puppetlabs firewall or cd_firewall, -which is a clone of the puppetlabs firewall but tested to be fully -functioning with all our features.

+which is a backdated clone of the puppetlabs firewall but tested to be +fully functioning with all our features.

See the full -list of all available parameters

+list of all available parameters.

PuppetDB

@@ -331,7 +333,7 @@ environments.

diff --git a/doc/index.html b/doc/index.html index 97e0e94..c49dab0 100644 --- a/doc/index.html +++ b/doc/index.html @@ -140,16 +140,18 @@ install client binaries on clients

directories (filesystem permissions, selinux ) * manage cgi.cfg through parameters -* manage nagios users through external Puppet rules via define -* -configure NRPE on clients (optional) +* manage nagios.cfg through parameters +* manage nagios users +through external Puppet rules via define +* configure NRPE on clients +(optional) * configure firewall (optional) -* -configure selinux policies (optional) -* configure forwarding http to https -including accesing the /nagios url directly (optional) -* manage TLS -certificates through certbot (optional)

+* configure selinux policies +(optional) +* configure forwarding http to https including accesing the +/nagios url directly (optional) +* manage TLS certificates through certbot +(optional)

Service * manage Nagios service on server @@ -231,12 +233,12 @@ Requires puppetlabs firewall or cd_firewall, -which is a clone of the puppetlabs firewall but tested to be fully -functioning with all our features.

+which is a backdated clone of the puppetlabs firewall but tested to be +fully functioning with all our features.

See the full -list of all available parameters

+list of all available parameters.

PuppetDB

@@ -331,7 +333,7 @@ environments.

diff --git a/doc/puppet_classes/cd_nagios.html b/doc/puppet_classes/cd_nagios.html index 22bd6ce..e061ed5 100644 --- a/doc/puppet_classes/cd_nagios.html +++ b/doc/puppet_classes/cd_nagios.html @@ -139,7 +139,7 @@ class cd_nagios { diff --git a/doc/puppet_classes/cd_nagios_3A_3Acertbot_3A_3Acerts.html b/doc/puppet_classes/cd_nagios_3A_3Acertbot_3A_3Acerts.html index 4cc1350..3a43c1a 100644 --- a/doc/puppet_classes/cd_nagios_3A_3Acertbot_3A_3Acerts.html +++ b/doc/puppet_classes/cd_nagios_3A_3Acertbot_3A_3Acerts.html @@ -230,7 +230,7 @@ class cd_nagios::certbot::certs ( diff --git a/doc/puppet_classes/cd_nagios_3A_3Aclient_3A_3Atarget.html b/doc/puppet_classes/cd_nagios_3A_3Aclient_3A_3Atarget.html index 4b8e5ae..56d9a3f 100644 --- a/doc/puppet_classes/cd_nagios_3A_3Aclient_3A_3Atarget.html +++ b/doc/puppet_classes/cd_nagios_3A_3Aclient_3A_3Atarget.html @@ -368,7 +368,7 @@ class cd_nagios::client::target ( diff --git a/doc/puppet_classes/cd_nagios_3A_3Afirewall_3A_3Aiptables.html b/doc/puppet_classes/cd_nagios_3A_3Afirewall_3A_3Aiptables.html index 944a69e..0c015ed 100644 --- a/doc/puppet_classes/cd_nagios_3A_3Afirewall_3A_3Aiptables.html +++ b/doc/puppet_classes/cd_nagios_3A_3Afirewall_3A_3Aiptables.html @@ -207,7 +207,7 @@ class cd_nagios::firewall::iptables ( diff --git a/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Aconfig.html b/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Aconfig.html index 2b6b52a..bedea58 100644 --- a/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Aconfig.html +++ b/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Aconfig.html @@ -195,7 +195,7 @@ class cd_nagios::main::config ( diff --git a/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Adirs.html b/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Adirs.html index 0147c1d..79726d6 100644 --- a/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Adirs.html +++ b/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Adirs.html @@ -468,7 +468,7 @@ class cd_nagios::main::dirs ( diff --git a/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Ainstall.html b/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Ainstall.html index 6fa9ff4..f4b7951 100644 --- a/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Ainstall.html +++ b/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Ainstall.html @@ -235,7 +235,7 @@ class cd_nagios::main::install ( diff --git a/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Auser.html b/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Auser.html index 77f90d9..7d2a64d 100644 --- a/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Auser.html +++ b/doc/puppet_classes/cd_nagios_3A_3Amain_3A_3Auser.html @@ -200,7 +200,7 @@ class cd_nagios::main::user ( diff --git a/doc/puppet_classes/cd_nagios_3A_3Aparams.html b/doc/puppet_classes/cd_nagios_3A_3Aparams.html index 27d2451..7bc6170 100644 --- a/doc/puppet_classes/cd_nagios_3A_3Aparams.html +++ b/doc/puppet_classes/cd_nagios_3A_3Aparams.html @@ -1962,6 +1962,1103 @@ required for certbot and used in the web templates.

+
  • + + ng_log_file + + + (string) + + + (defaults to: '/var/log/nagios/nagios.log') + + + — +
    +

    main log file where service- and host events +are logged.

    +
    + +
    • + +
  • + + ng_max_check_attempts + + + (string) + + + (defaults to: '10') + + + — +
    +

    maximum amount of checks done by nagios

    +
    + +
    • + +
  • + + ng_object_cache_file + + + (string) + + + (defaults to: '/var/spool/nagios/objects.cache') + + + — +
    +

    determines where object definitions are +cached when # Nagios +starts/restarts.

    +
    + +
    • + +
  • + + ng_precached_obj_file + + + (string) + + + (defaults to: '/var/spool/nagios/objects.precache') + + + — +
    +

    determines the location of the +precached object file.

    +
    + +
    • + +
  • + + optional + + + (string) + + + + — +
    +

    resource file that contains $USERx$ macro definitions.

    +
    + +
    • + +
  • + + ng_status_file. + + + (string) + + + + — +
    +

    where the current status of all monitored +services and hosts is stored.

    +
    + +
    • + +
  • + + ng_status_upd_interval + + + (string) + + + (defaults to: '10') + + + — +
    +

    status file update interval. +determines the frequency (in seconds) that # +Nagios will periodically dump +program, host, and # service status data.

    +
    + +
    • + +
  • + + ng_check_ext_commands + + + (string) + + + (defaults to: '1') + + + — +
    +

    allows you to specify whether or not +Nagios should check # for external +commands in the command file specified +by ng_command_file.

    +
    + +
    • + +
  • + + ng_command_file + + + (string) + + + (defaults to: '/var/spool/nagios/cmd/nagios.cmd') + + + — +
    +

    file that Nagios checks for external command +requests. It is also where the +command CGI will write commands that are +submitted # by users, so it must +be writeable by the user that the web server +is running as.

    +
    + +
    • + +
  • + + ng_enable_query_handler + + + (boolean) + + + (defaults to: false) + + + — +
    +

    Whether to enable the query handler +for running nagios in cluster mode.

    +
    + +
    • + +
  • + + ng_query_socket + + + (string) + + + (defaults to: '/var/spool/nagios/cmd/nagios.qh') + + + — +
    +

    the socket for the query handler

    +
    + +
    • + +
  • + + ng_lock_file + + + (string) + + + (defaults to: '/var/run/nagios/nagios.pid') + + + — +
    +

    lockfile that Nagios will use to store its PID +number in when it is running +in daemon mode.

    +
    + +
    • + +
  • + + ng_temp_file + + + (string) + + + (defaults to: '/var/spool/nagios/nagios.tmp') + + + — +
    +

    temporary file that is used as scratch space +when Nagios # updates the +status log, cleans the comment file, etc.

    +
    + +
    • + +
  • + + ng_temp_path + + + (string) + + + (defaults to: '/tmp') + + + — +
    +

    path where Nagios can create temp files for +service and # host check +results, etc.

    +
    + +
    • + +
  • + + event_broker_options + + + (string) + + + + — +
    +

    Controls what (if any) data gets sent +to the event broker.

    +
    + +
    • + +
  • + + ng_event_broker_module + + + (string) + + + (defaults to: '') + + + — +
    +

    specify an event broker +(including full path) module that should # by +loaded by Nagios at startup. +Specify multiple modules as array +['path/to/module1','/path/to/module2']

    +
    + +
    • + +
  • + + ng_log_rotation_method. + + + (string) + + + + — +
    +

    Valid options: +n = None - don't rotate the log +h = Hourly rotation (top +of the hour) +d = Daily rotation (midnight every day) +w = Weekly rotation +(midnight on Saturday evening) +m = Monthly rotation (midnight last day of +month)

    +
    + +
    • + +
  • + + ng_log_archive_path + + + (string) + + + (defaults to: '/var/log/nagios/archives') + + + — +
    +

    directory where archived (rotated) +log files should be # placed (assuming +you've chosen to do log rotation).

    +
    + +
    • + +
  • + + ng_use_syslog + + + (string) + + + (defaults to: '1') + + + — +
    +

    whether to log messages to the syslog +facility, as well as the Nagios log +file. Valid options are 0 and 1.

    +
    + +
    • + +
  • + + ng_log_notifications + + + (string) + + + (defaults to: '1') + + + — +
    +

    Whether to log notifications in addition +to regular messages. Valid options +are 0 and 1.

    +
    + +
    • + +
  • + + ng_log_service_retries + + + (string) + + + (defaults to: '1') + + + — +
    +

    Whether to log service retries. +Valid options are 0 and +1.

    +
    + +
    • + +
  • + + ng_log_host_retries + + + (string) + + + (defaults to: '1') + + + — +
    +

    Whether to log host retries. +Valid options are 0 and +1.

    +
    + +
    • + +
  • + + ng_log_event_handlers. + + + (string) + + + + — +
    +

    Whether to log host and service event +handlers. Valid options are +0 and 1.

    +
    + +
    • + +
  • + + ng_log_initial_states + + + (string) + + + (defaults to: '0') + + + — +
    +

    Whether to log initial states. +Valid options are 0 and +1.

    +
    + +
    • + +
  • + + ng_log_current_states + + + (string) + + + (defaults to: '1') + + + — +
    +

    Whether to log all current host and +service states to the main log file +after log has been rotated. +Valid options are 0 and +1.

    +
    + +
    • + +
  • + + ng_log_external_commands + + + (string) + + + (defaults to: '1') + + + — +
    +

    Whether to log external commands. +Valid options are 0 and +1.

    +
    + +
    • + +
  • + + ng_log_passive_checks + + + (string) + + + (defaults to: '1') + + + — +
    +

    Whether to log passive checks. +Valid options are 0 and +1.

    +
    + +
    • + +
  • + + ng_glob_host_evt_handler + + + (string) + + + (defaults to: '') + + + — +
    +

    Specify a global host event +handler # command that is to be run for every +host or service state change. +The global event handler is executed +immediately prior to the event +handler that you have optionally specified +in each host or # service +definition. The command argument is the short +name of a # command definition +that you define in your host configuration +file.

    +
    + +
    • + +
  • + + ng_glob_svc_evt_handler + + + (string) + + + (defaults to: '') + + + — +
    +

    Specify a global service event +handler # command that is to be run for +every host or service state change. +The global event handler is executed +immediately prior to the event +handler that you have optionally specified +in each host or # service +definition. The command argument is the short +name of a # command definition +that you define in your host configuration +file.

    +
    + +
    • + +
  • + + ng_svc_int_check_delay + + + (string) + + + (defaults to: 's') + + + — +
    +

    method that Nagios should use when +initially "spreading out" +service checks when it starts monitoring. +Valid options: +n = None - +don't use any delay between checks +d = Use a "dumb" delay of +1 second between checks +s = Use "smart" inter-check delay +calculation +x.xx = Use an inter-check delay of x.xx seconds

    +
    + +
    • + +
  • + + ng_max_service_check_spread + + + (string) + + + + — +
    +

    timeframe (in minutes) from the +program start time that an initial check of +all services should be completed

    +
    + +
    • + +
  • + + ng_svc_interleave_factor + + + (string) + + + (defaults to: 's') + + + — +
    +

    determines how service checks are +interleaved. Valid options: s = Use +"smart" interleave factor calculation +x = Use an interleave +factor of x, where x is greater than or equal to 1.

    +
    + +
    • + +
  • + + ng_host_int_check_delay + + + (string) + + + (defaults to: 's') + + + — +
    +

    method that Nagios should use when +initially "spreading out" host +checks when it starts monitoring. +Valid options: +n = None - don't use +any delay between checks +d = Use a "dumb" delay of 1 second +between checks +s = Use "smart" inter-check delay calculation +x.xx += Use an inter-check delay of x.xx seconds

    +
    + +
    • + +
  • + + ng_max_host_check_spread + + + (string) + + + (defaults to: '30') + + + — +
    +

    timeframe (in minutes) from the +program start time that an initial check of +all hosts should # be completed.

    +
    + +
    • + +
  • + + ng_max_concurrent_checks + + + (string) + + + (defaults to: '0') + + + — +
    +

    specify the maximum number of +service checks that can be run in parallel at +any given time. A value of 0 +will not restrict the number of concurrent +checks that are being executed.

    +
    + +
    • + +
  • + + ng_check_res_reaper_freq + + + (string) + + + (defaults to: '10') + + + — +
    +

    frequency (in seconds!) in which +Nagios will process the results of host +and service checks.

    +
    + +
    • + +
  • + + ng_check_result_path + + + (string) + + + (defaults to: '/var/spool/nagios/checkresults') + + + — +
    +

    directory where Nagios stores the +results of host and service checks that +have not yet been processed.

    +
    + +
    • + +
  • + + ng_max_check_res_file_age + + + (string) + + + (defaults to: '3600') + + + — +
    +

    maximum age (in seconds) which +check result files are considered to be +valid.

    +
    + +
    • + +
  • + + ng_cached_h_check_horizon + + + (string) + + + (defaults to: '15') + + + — +
    +

    maximum amount of time (in seconds) +that the state of a previous host check +is considered current. +Cached host states (from host checks that were +performed more recently +that the timeframe specified by this value) can +immensely improve +performance in regards to the host check logic. Too high +of a value for +this option may result in inaccurate host states being used +by Nagios, +while a lower value may result in a performance hit for host +checks. +Use a value of 0 to disable host check caching.

    +
    + +
    • + +
  • + + ng_cached_s_check_horizon + + + (string) + + + (defaults to: '15') + + + — +
    +

    maximum amount of time (in seconds) +that the state of a previous service +check is considered current. +Cached service states (from service checks +that were performed more recently +that the timeframe specified by this +value) can immensely improve +performance in regards to the service check +logic. Too high of a value for +this option may result in inaccurate service +states being used by Nagios, +while a lower value may result in a +performance hit for service checks. +Use a value of 0 to disable service +check caching.

    +
    + +
    • + +
  • + + ng_pred_host_dep_checks + + + (string) + + + (defaults to: '1') + + + — +
    +

    Whether Nagios will attempt to execute +checks of hosts when it predicts +that future dependency logic test may be +needed. Valid options are +0 and 1.

    +
    + +
    • + +
  • + + ng_pred_svc_dep_checks + + + (string) + + + (defaults to: '1') + + + — +
    +

    Whether Nagios will attempt to execute +checks of services when it predicts +that future dependency logic test may be +needed. Valid options are +0 and 1.

    +
    + +
    • + +
  • + + ng_soft_state_dependencies + + + (string) + + + (defaults to: '0') + + + — +
    +

    Whether or not Nagios will use +soft state information when checking host +and service dependencies. +Valid options are 0 and +1.

    +
    + +
    • + +
  • + + ng_time_change_threshold + + + (string) + + + (defaults to: '900') + + + — +
    +

    when Nagios will react to detected +changes in system time (either forward +or backwards).

    +
    + +
    • + +
  • + + ng_auto_reschedule_checks + + + (string) + + + (defaults to: '0') + + + — +
    +

    Whether Nagios will attempt to +automatically reschedule active host and +service checks to +"smooth" them out over time. Experimental +feature. +Valid options are 0 and 1.

    +
    + +
    • + +
  • + + ng_auto_reschedule_intval + + + (string) + + + (defaults to: '30') + + + — +
    +

    how often (in seconds) Nagios will +attempt to automatically reschedule +checks. only has an effect if +ng_auto_reschedule_checks is set +to 1.

    +
    + +
    • + +
  • + + ng_auto_reschedule_window + + + (string) + + + (defaults to: '180') + + + — +
    +

    determines the “window” of time +(in seconds) that # Nagios will look at +when automatically rescheduling +checks. Only host and service checks that +occur in the next X seconds +(determined by this variable) will be +rescheduled.

    +
    + +
    • + +
  • + + ng_resource_file + + + (Any) + + + (defaults to: '/etc/nagios/private/resource.cfg') + + +
    • + +
  • + + ng_status_file + + + (Any) + + + (defaults to: '/var/log/nagios/status.dat') + + +
    • + +
  • + + ng_event_broker_options + + + (Any) + + + (defaults to: '-1') + + +
    • + +
  • + + ng_log_rotation_method + + + (Any) + + + (defaults to: 'h') + + +
    • + +
  • + + ng_log_event_handlers + + + (Any) + + + (defaults to: '1') + + +
    • + +
  • + + ng_max_svc_check_spread + + + (Any) + + + (defaults to: '30') + + +
    • + +
  • + + ng_max_check_res_reap_time + + + (Any) + + + (defaults to: '30') + + +
    • + @@ -1979,147 +3076,6 @@ required for certbot and used in the web templates.

     
 
-216
-217
-218
-219
-220
-221
-222
-223
-224
-225
-226
-227
-228
-229
-230
-231
-232
-233
-234
-235
-236
-237
-238
-239
-240
-241
-242
-243
-244
-245
-246
-247
-248
-249
-250
-251
-252
-253
-254
-255
-256
-257
-258
-259
-260
-261
-262
-263
-264
-265
-266
-267
-268
-269
-270
-271
-272
-273
-274
-275
-276
-277
-278
-279
-280
-281
-282
-283
-284
-285
-286
-287
-288
-289
-290
-291
-292
-293
-294
-295
-296
-297
-298
-299
-300
-301
-302
-303
-304
-305
-306
-307
-308
-309
-310
-311
-312
-313
-314
-315
-316
-317
-318
-319
-320
-321
-322
-323
-324
-325
-326
-327
-328
-329
-330
-331
-332
-333
-334
-335
-336
-337
-338
-339
-340
-341
-342
-343
-344
-345
-346
-347
-348
-349
-350
-351
-352
-353
-354
-355
-356
 357
 358
 359
@@ -2161,127 +3117,386 @@ required for certbot and used in the web templates.
    
 395
 396
 397
-398
    +398 +399 +400 +401 +402 +403 +404 +405 +406 +407 +408 +409 +410 +411 +412 +413 +414 +415 +416 +417 +418 +419 +420 +421 +422 +423 +424 +425 +426 +427 +428 +429 +430 +431 +432 +433 +434 +435 +436 +437 +438 +439 +440 +441 +442 +443 +444 +445 +446 +447 +448 +449 +450 +451 +452 +453 +454 +455 +456 +457 +458 +459 +460 +461 +462 +463 +464 +465 +466 +467 +468 +469 +470 +471 +472 +473 +474 +475 +476 +477 +478 +479 +480 +481 +482 +483 +484 +485 +486 +487 +488 +489 +490 +491 +492 +493 +494 +495 +496 +497 +498 +499 +500 +501 +502 +503 +504 +505 +506 +507 +508 +509 +510 +511 +512 +513 +514 +515 +516 +517 +518 +519 +520 +521 +522 +523 +524 +525 +526 +527 +528 +529 +530 +531 +532 +533 +534 +535 +536 +537 +538 +539 +540 +541 +542 +543 +544 +545 +546 +547 +548 +549 +550 +551 +552 +553 +554 +555 +556 +557 +558 +559 +560 +561 +562 +563 +564 +565 +566 +567 +568 +569 +570 +571 +572 +573 +574 +575 +576 +577 +578 +579 +580 +581 +582 +583 +584 +585 +586 +587 +588 +589 +590 +591 +592 +593 +594 +595 +596 +597 +598 +599 +600 +601 +602 +603 +604 +605 +606 +607 - 
    # File 'manifests/params.pp', line 216
+        
    # File 'manifests/params.pp', line 357
 
 class cd_nagios::params (
 
-$pkg_ensure           = 'latest',
+$pkg_ensure                 = 'latest',
 
-$ng_nagios_server     = "nagios.${::domain}",
-$ng_nagios_ext_ip     = undef,
-$ng_mail_user         = "admin@${::domain}",
+$ng_nagios_server           = "nagios.${::domain}",
+$ng_nagios_ext_ip           = undef,
+$ng_mail_user               = "admin@${::domain}",
 
-$ng_include_nrpe      = true,
+$ng_include_nrpe            = true,
 
 # firewall
-$ng_include_fw        = true,
-$ng_use_https         = true,
-$ng_http_https_fw     = true,
-$ng_fw_order          = '50',
-$ng_http_port         = '80',
-$ng_https_port        = '443',
+$ng_include_fw              = true,
+$ng_use_https               = true,
+$ng_http_https_fw           = true,
+$ng_fw_order                = '50',
+$ng_http_port               = '80',
+$ng_https_port              = '443',
 
 # check command parameters
 ## ping
-$ng_ping_warn         = '100.0,20%',
-$ng_ping_crit         = '500.0,60%',
-$ng_ping_ensure       = 'present',
+$ng_ping_warn               = '100.0,20%',
+$ng_ping_crit               = '500.0,60%',
+$ng_ping_ensure             = 'present',
 ## disk
-$ng_disk_warn         = '20%',
-$ng_disk_crit         = '10%' ,
-$ng_disk_ensure       = 'present',
+$ng_disk_warn               = '20%',
+$ng_disk_crit               = '10%' ,
+$ng_disk_ensure             = 'present',
 # swap
-$ng_swap_warn         = '20',
-$ng_swap_crit         = '10',
-$ng_swap_ensure       = 'present',
+$ng_swap_warn               = '20',
+$ng_swap_crit               = '10',
+$ng_swap_ensure             = 'present',
 # users
-$ng_users_warn        = '20',
-$ng_users_crit        = '50',
-$ng_users_ensure      = 'present',
+$ng_users_warn              = '20',
+$ng_users_crit              = '50',
+$ng_users_ensure            = 'present',
 #total procs
-$ng_procs_tot_warn    = '330',
-$ng_procs_tot_crit    = '400',
-$ng_procs_tot_param   = 'RDST',
-$ng_procs_tot_ens     = 'present',
+$ng_procs_tot_warn          = '330',
+$ng_procs_tot_crit          = '400',
+$ng_procs_tot_param         = 'RDST',
+$ng_procs_tot_ens           = 'present',
 # zombie procs
-$ng_procs_z_warn      = '10',
-$ng_procs_z_crit      = '30',
-$ng_procs_z_param     = 'Z',
-$ng_procs_z_ensure    = 'present',
+$ng_procs_z_warn            = '10',
+$ng_procs_z_crit            = '30',
+$ng_procs_z_param           = 'Z',
+$ng_procs_z_ensure          = 'present',
 # load
-$ng_load_warn         = '5.00,4.00,3.00',
-$ng_load_crit         = '10.00,6.00,4.00',
-$ng_load_ensure       = 'present',
+$ng_load_warn               = '5.00,4.00,3.00',
+$ng_load_crit               = '10.00,6.00,4.00',
+$ng_load_ensure             = 'present',
 
 # user settings
-$ng_user              = 'nagios',
-$ng_u_comment         = 'Nagios service user',
-$ng_u_uid             = '1004',
-$ng_user_home         = '/var/spool/nagios',
-$ng_u_groups          = undef,
-$ng_user_shell        = '/bin/bash',
+$ng_user                    = 'nagios',
+$ng_u_comment               = 'Nagios service user',
+$ng_u_uid                   = '1004',
+$ng_user_home               = '/var/spool/nagios',
+$ng_u_groups                = undef,
+$ng_user_shell              = '/bin/bash',
 
 # cgi settings
-$ng_context_help      = '1',
-$ng_pending_state     = '1',
-$ng_use_auth          = '1',
-$ng_use_ssl_auth      = '0',
-$ng_enable_def_user   = false,
-$ng_def_user_name     = 'nagios_insecure',
-$ng_nagios_admin      = 'nagios_sec_adm',
-$ng_sysinfo_auth      = '',
-$ng_confinfo_auth     = '',
-$ng_command_auth      = '',
-$ng_hostview_auth     = '',
-$ng_serviceview_auth  = '',
-$ng_host_cmd_auth     = '',
-$ng_svc_cmd_auth      = '',
-$ng_readonly_auth     = '' ,
-$ng_statusmap_img     = 'smbackground.gd2',
-$ng_use_colormap      = false,
-$ng_colormap_red      = '255',
-$ng_colormap_green    = '255',
-$ng_colormap_blue     = '255',
-$ng_statusmap_layout  = '6',
-$ng_wrl_layout        = '4',
-$ng_incl_own_wrl      = false,
-$ng_statuswrl_include = '',
-$ng_ping_syntax       = '/bin/ping -n -U -c 5 $HOSTADDRESS$',
-$ng_refresh_rate      = '90',
-$ng_result_limit      = '100',
-$ng_escape_html       = '1',
-$ng_use_sound         = false,
-$ng_host_unreachable  = 'hostdown.wav',
-$ng_host_down         = 'hostdown.wav',
-$ng_svc_critical      = 'critical.wav',
-$ng_svc_warn          = 'warning.wav',
-$ng_svc_unknown       = 'warning.wav',
-$ng_normal_sound      = 'noproblem.wav',
-$ng_action_url_target = '_blank',
-$ng_notes_url_target  = '_blank',
-$ng_lock_author_names = '1',
-$ng_enable_splunk     = false,
-$ng_splunk_url        = 'http://127.0.0.1:8000/',
-$ng_navbar_addresses  = '1',
-$ng_navbar_aliases    = '1',
-$ng_ack_no_sticky     = '0',
-$ng_ack_no_send       = '0',
+$ng_context_help            = '1',
+$ng_pending_state           = '1',
+$ng_use_auth                = '1',
+$ng_use_ssl_auth            = '0',
+$ng_enable_def_user         = false,
+$ng_def_user_name           = 'nagios_insecure',
+$ng_nagios_admin            = 'nagios_sec_adm',
+$ng_sysinfo_auth            = '',
+$ng_confinfo_auth           = '',
+$ng_command_auth            = '',
+$ng_hostview_auth           = '',
+$ng_serviceview_auth        = '',
+$ng_host_cmd_auth           = '',
+$ng_svc_cmd_auth            = '',
+$ng_readonly_auth           = '' ,
+$ng_statusmap_img           = 'smbackground.gd2',
+$ng_use_colormap            = false,
+$ng_colormap_red            = '255',
+$ng_colormap_green          = '255',
+$ng_colormap_blue           = '255',
+$ng_statusmap_layout        = '6',
+$ng_wrl_layout              = '4',
+$ng_incl_own_wrl            = false,
+$ng_statuswrl_include       = '',
+$ng_ping_syntax             = '/bin/ping -n -U -c 5 $HOSTADDRESS$',
+$ng_refresh_rate            = '90',
+$ng_result_limit            = '100',
+$ng_escape_html             = '1',
+$ng_use_sound               = false,
+$ng_host_unreachable        = 'hostdown.wav',
+$ng_host_down               = 'hostdown.wav',
+$ng_svc_critical            = 'critical.wav',
+$ng_svc_warn                = 'warning.wav',
+$ng_svc_unknown             = 'warning.wav',
+$ng_normal_sound            = 'noproblem.wav',
+$ng_action_url_target       = '_blank',
+$ng_notes_url_target        = '_blank',
+$ng_lock_author_names       = '1',
+$ng_enable_splunk           = false,
+$ng_splunk_url              = 'http://127.0.0.1:8000/',
+$ng_navbar_addresses        = '1',
+$ng_navbar_aliases          = '1',
+$ng_ack_no_sticky           = '0',
+$ng_ack_no_send             = '0',
 
 # selinux
-$ng_use_selinux_tools = true,
+$ng_use_selinux_tools       = true,
 
 # httpd
-$ng_required_hosts    = '',
-$ng_required_ips      = '127.0.0.0/8',
-$ng_enable_index      = true,
+$ng_required_hosts          = '',
+$ng_required_ips            = '127.0.0.0/8',
+$ng_enable_index            = true,
 
 # certbot
-$ng_enable_certbot    = true,
-$ng_certbot_webroot   = '/var/www/html',
-$ng_webserver_name    = "nagios.${::domain}",
+$ng_enable_certbot          = true,
+$ng_certbot_webroot         = '/var/www/html',
+$ng_webserver_name          = "nagios.${::domain}",
+
+# main settings
+$ng_log_file                = '/var/log/nagios/nagios.log',
+$ng_max_check_attempts      = '10',
+$ng_object_cache_file       = '/var/spool/nagios/objects.cache',
+$ng_precached_obj_file      = '/var/spool/nagios/objects.precache',
+$ng_resource_file           = '/etc/nagios/private/resource.cfg',
+$ng_status_file             = '/var/log/nagios/status.dat',
+$ng_status_upd_interval     = '10',
+$ng_check_ext_commands      = '1',
+$ng_command_file            = '/var/spool/nagios/cmd/nagios.cmd',
+$ng_enable_query_handler    = false,
+$ng_query_socket            = '/var/spool/nagios/cmd/nagios.qh',
+$ng_lock_file               = '/var/run/nagios/nagios.pid',
+$ng_temp_file               = '/var/spool/nagios/nagios.tmp',
+$ng_temp_path               = '/tmp',
+$ng_event_broker_options    = '-1',
+$ng_event_broker_module     = '',
+$ng_log_rotation_method     = 'h',
+$ng_log_archive_path        = '/var/log/nagios/archives',
+$ng_use_syslog              = '1',
+$ng_log_notifications       = '1',
+$ng_log_service_retries     = '1',
+$ng_log_host_retries        = '1',
+$ng_log_event_handlers      = '1',
+$ng_log_initial_states      = '0',
+$ng_log_current_states      = '1',
+$ng_log_external_commands   = '1',
+$ng_log_passive_checks      = '1',
+$ng_glob_host_evt_handler   = '',
+$ng_glob_svc_evt_handler    = '',
+$ng_svc_int_check_delay     = 's',
+$ng_max_svc_check_spread    = '30',
+$ng_svc_interleave_factor   = 's',
+$ng_host_int_check_delay    = 's',
+$ng_max_host_check_spread   = '30',
+$ng_max_concurrent_checks   = '0',
+$ng_check_res_reaper_freq   = '10',
+$ng_max_check_res_reap_time = '30',
+$ng_check_result_path       = '/var/spool/nagios/checkresults',
+$ng_max_check_res_file_age  = '3600',
+$ng_cached_h_check_horizon  = '15',
+$ng_cached_s_check_horizon  = '15',
+$ng_pred_host_dep_checks    = '1',
+$ng_pred_svc_dep_checks     = '1',
+$ng_soft_state_dependencies = '0',
+$ng_time_change_threshold   = '900',
+$ng_auto_reschedule_checks  = '0',
+$ng_auto_reschedule_intval  = '30',
+$ng_auto_reschedule_window  = '180',
 
 ) {
 
@@ -2298,50 +3513,68 @@ $ng_webserver_name    = "nagios.${::domain}",
   }
 
 # service
-$ng_service           = 'nagios'
-$ae_service           = 'httpd'
+$ng_service               = 'nagios'
+$ae_service               = 'httpd'
 
 # directories
-$ng_main_dir          = '/etc/nagios'
-$ng_conf_d_dir        = "${ng_main_dir}/conf.d"
-$ng_objects_dir       = "${ng_main_dir}/objects"
-$ng_private_dir       = "${ng_main_dir}/private"
-$ng_usr_incl          = '/usr/include/nagios'
-$ng_lib_dir           = '/usr/lib64/nagios'
-$ng_log_dir           = '/var/log/nagios'
-$ng_log_archives      = "${ng_log_dir}/archives"
-$ng_spool_dir         = '/var/spool/nagios'
-$ng_usr_share         = '/usr/share/nagios'
-$ng_share_html        = "${ng_usr_share}/html"
+$ng_main_dir              = '/etc/nagios'
+$ng_conf_d_dir            = "${ng_main_dir}/conf.d"
+$ng_objects_dir           = "${ng_main_dir}/objects"
+$ng_private_dir           = "${ng_main_dir}/private"
+$ng_usr_incl              = '/usr/include/nagios'
+$ng_lib_dir               = '/usr/lib64/nagios'
+$ng_log_dir               = '/var/log/nagios'
+$ng_log_archives          = "${ng_log_dir}/archives"
+$ng_spool_dir             = '/var/spool/nagios'
+$ng_usr_share             = '/usr/share/nagios'
+$ng_share_html            = "${ng_usr_share}/html"
 
 # files
-$ng_main_config       = "${ng_main_dir}/nagios.cfg"
-$ng_cgi_cfg_file      = "${ng_main_dir}/cgi.cfg"
-$ng_cgi_cfg_erb       = 'cd_nagios/nagios/cgi_cfg.erb'
-$ng_htpasswd_file     = "${ng_main_dir}/passwd"
-$ng_htpasswd_head     = 'cd_nagios/nagios/htpasswd_head.erb'
-$ng_htpasswd_rule     = 'cd_nagios/nagios/htpasswd_rule.erb'
-$ng_taccgi_erb        = 'cd_nagios/selinux/taccgi.erb'
-$ng_statcgi_erb       = 'cd_nagios/selinux/statuscgi.erb'
-$ng_nagios_conf       = '/etc/httpd/conf.d/nagios.conf'
-$ng_nagios_conf_erb   = 'cd_nagios/httpd/nagios_conf.erb'
-$ng_welcome_conf      = '/etc/httpd/conf.d/welcome.conf'
-$ng_welcome_conf_erb  = 'cd_nagios/httpd/welcome_conf.erb'
-$ng_forward_conf      = '/etc/httpd/conf.d/nagios_forward.conf'
-$ng_forward_conf_erb  = 'cd_nagios/httpd/forward_conf.erb'
-$ng_get_cert_erb      = 'cd_nagios/certbot/get_cert.erb'
-$ng_unless_get_cert   = 'cd_nagios/certbot/unless_get_cert.erb'
-$ng_unless_renew_erb  = 'cd_nagios/certbot/unless_renew_cert.erb'
-$ng_index_html_file   = '/var/www/html/index.html'
-$ng_index_html_erb    = 'cd_nagios/httpd/index_html.erb'
-$ng_ssl_vhost_file    = '/etc/httpd/conf.d/nagios_ssl.conf'
-$ng_ssl_vhost_erb     = 'cd_nagios/httpd/nagios_ssl_vhost.erb'
+$ng_main_config           = "${ng_main_dir}/nagios.cfg"
+$ng_cgi_cfg_file          = "${ng_main_dir}/cgi.cfg"
+$ng_cgi_cfg_erb           = 'cd_nagios/nagios/cgi_cfg.erb'
+$ng_htpasswd_file         = "${ng_main_dir}/passwd"
+$ng_htpasswd_head         = 'cd_nagios/nagios/htpasswd_head.erb'
+$ng_htpasswd_rule         = 'cd_nagios/nagios/htpasswd_rule.erb'
+$ng_taccgi_erb            = 'cd_nagios/selinux/taccgi.erb'
+$ng_statcgi_erb           = 'cd_nagios/selinux/statuscgi.erb'
+$ng_nagios_conf           = '/etc/httpd/conf.d/nagios.conf'
+$ng_nagios_conf_erb       = 'cd_nagios/httpd/nagios_conf.erb'
+$ng_welcome_conf          = '/etc/httpd/conf.d/welcome.conf'
+$ng_welcome_conf_erb      = 'cd_nagios/httpd/welcome_conf.erb'
+$ng_forward_conf          = '/etc/httpd/conf.d/nagios_forward.conf'
+$ng_forward_conf_erb      = 'cd_nagios/httpd/forward_conf.erb'
+$ng_get_cert_erb          = 'cd_nagios/certbot/get_cert.erb'
+$ng_unless_get_cert       = 'cd_nagios/certbot/unless_get_cert.erb'
+$ng_unless_renew_erb      = 'cd_nagios/certbot/unless_renew_cert.erb'
+$ng_index_html_file       = '/var/www/html/index.html'
+$ng_index_html_erb        = 'cd_nagios/httpd/index_html.erb'
+$ng_ssl_vhost_file        = '/etc/httpd/conf.d/nagios_ssl.conf'
+$ng_ssl_vhost_erb         = 'cd_nagios/httpd/nagios_ssl_vhost.erb'
+$ng_nagios_cfg_file       = "${ng_main_dir}/nagios.cfg"
+$ng_nagios_cfg_erb        = 'cd_nagios/nagios/nagios_cfg.erb'
 
 # certbot
-$ng_certbot_main_dir  = '/etc/letsencrypt'
-$ng_certbot_archive   = "${ng_certbot_main_dir}/archive"
-$ng_certbot_check     = "${ng_certbot_archive}/${ng_webserver_name}/cert1.pem"
-$ng_certbot_live      = "${ng_certbot_main_dir}/live"
+$ng_certbot_main_dir      = '/etc/letsencrypt'
+$ng_certbot_archive       = "${ng_certbot_main_dir}/archive"
+$ng_certbot_check         = "${ng_certbot_archive}/${ng_webserver_name}/cert1.pem"
+$ng_certbot_live          = "${ng_certbot_main_dir}/live"
+
+# nagios
+
+$ng_target_templates      = "${ng_conf_d_dir}/templates.cfg"
+$ng_target_timeperiods    = "${ng_conf_d_dir}/timeperiods.cfg"
+$ng_target_localhost      = "${ng_conf_d_dir}/nagios_localhost.cfg"
+$ng_target_host           = "${ng_conf_d_dir}/nagios_host.cfg"
+$ng_target_hostgroup      = "${ng_conf_d_dir}/nagios_hostgroup.cfg"
+$ng_target_hostdep        = "${ng_conf_d_dir}/nagios_hostdependency.cfg"
+$ng_target_hostesc        = "${ng_conf_d_dir}/nagios_hostescalation.cfg"
+$ng_target_hostext        = "${ng_conf_d_dir}/nagios_hostextinfo.cfg"
+$ng_target_service        = "${ng_conf_d_dir}/nagios_service.cfg"
+$ng_target_servicegroup   = "${ng_conf_d_dir}/nagios_servicegroup.cfg"
+$ng_target_contact        = "${ng_conf_d_dir}/nagios_contact.cfg"
+$ng_target_contactgroup   = "${ng_conf_d_dir}/nagios_contactgroup.cfg"
+$ng_target_command        = "${ng_conf_d_dir}/nagios_command.cfg"
 
 
 # includes must be last
@@ -2356,7 +3589,7 @@ $ng_certbot_live      = "${ng_certbot_main_dir}/live"
 
 
       
diff --git a/doc/puppet_classes/cd_nagios_3A_3Aselinux_3A_3Aconfig.html b/doc/puppet_classes/cd_nagios_3A_3Aselinux_3A_3Aconfig.html
index 6b4a233..568d40c 100644
--- a/doc/puppet_classes/cd_nagios_3A_3Aselinux_3A_3Aconfig.html
+++ b/doc/puppet_classes/cd_nagios_3A_3Aselinux_3A_3Aconfig.html
@@ -249,7 +249,7 @@ class cd_nagios::selinux::config (
 
 
       
diff --git a/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Aaccess_rules.html b/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Aaccess_rules.html
index 97a60a4..2591d9e 100644
--- a/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Aaccess_rules.html
+++ b/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Aaccess_rules.html
@@ -195,7 +195,7 @@ class cd_nagios::server::access_rules (
 
 
       
diff --git a/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Afiles.html b/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Afiles.html
index c1e65c0..6c67318 100644
--- a/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Afiles.html
+++ b/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Afiles.html
@@ -220,7 +220,12 @@ href="http://www.gnu.org/licenses">www.gnu.org/licenses/.
    
 111
 112
 113
-114
    
+114
+115
+116
+117
+118
+119
    # File 'manifests/server/files.pp', line 23
@@ -242,6 +247,20 @@ class cd_nagios::server::files (
 
     # manage nagios.cfg
 
+    file { $ng_nagios_cfg_file:
+      ensure    =>  file,
+      path      =>  $ng_nagios_cfg_file,
+      owner     =>  'root',
+      group     =>  'root',
+      mode      =>  '0644',
+      selrange  =>  s0,
+      selrole   =>  object_r,
+      seltype   =>  nagios_etc_t,
+      seluser   =>  system_u,
+      content   =>  template($ng_nagios_cfg_erb),
+      notify    =>  Service[$ng_service],
+    }
+
     # manage cgi.cfg
 
     file { $ng_cgi_cfg_file:
@@ -258,20 +277,11 @@ class cd_nagios::server::files (
       notify    =>  Service[$ng_service],
     }
 
-    # manage nagios.conf for httpd
+    # since we use vhost files, we do not want the regular file to appear
+    # after upgrades to avoid conflicts
 
     file { $ng_nagios_conf:
       ensure    =>  absent,
-#      path      =>  $ng_nagios_conf,
-#      owner     =>  'root',
-#      group     =>  'root',
-#      mode      =>  '0644',
-#      selrange  =>  s0,
-#      selrole   =>  object_r,
-#      seltype   =>  httpd_config_t,
-#      seluser   =>  system_u,
-#      content   =>  template($ng_nagios_conf_erb),
-#      notify    =>  Service[$ae_service],
     }
 
     file { $ng_forward_conf:
@@ -324,7 +334,7 @@ class cd_nagios::server::files (
 
 
       
diff --git a/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Aservice.html b/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Aservice.html
index 953649f..f36cbab 100644
--- a/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Aservice.html
+++ b/doc/puppet_classes/cd_nagios_3A_3Aserver_3A_3Aservice.html
@@ -145,7 +145,53 @@ href="http://www.gnu.org/licenses">www.gnu.org/licenses/.
    
 36
 37
 38
-39
    +39 +40 +41 +42 +43 +44 +45 +46 +47 +48 +49 +50 +51 +52 +53 +54 +55 +56 +57 +58 +59 +60 +61 +62 +63 +64 +65 +66 +67 +68 +69 +70 +71 +72 +73 +74 +75 +76 +77 +78 +79 +80 +81 +82 +83 +84 +85 
    # File 'manifests/server/service.pp', line 23
@@ -165,6 +211,52 @@ class cd_nagios::server::service (
       hasrestart  => true,
       enable      => true,
     }
+
+    @@nagios_service { "check_nagios${::hostname}":
+        check_command       => 'check_nagios!/var/log/nagios/status.dat!5!/usr/sbin/nagios',
+        use                 => 'generic-service',
+        host_name           => $::fqdn,
+        notification_period => '24x7',
+        target              =>  $ng_target_service,
+        owner               => 'nagios',
+        group               => 'nagios',
+        mode                => '660',
+        contacts            => 'DevOps',
+    }
+
+      resources { [ 'nagios_host',
+                    'nagios_hostgroup',
+                    'nagios_hostdependency',
+                    'nagios_hostescalation',
+                    'nagios_hostextinfo',
+                    'nagios_service',
+                    'nagios_servicegroup',
+                    'nagios_servicedependency',
+                    'nagios_serviceescalation',
+                    'nagios_serviceextinfo',
+                    'nagios_contact',
+                    'nagios_contactgroup',
+                    'nagios_command',
+                    'nagios_timeperiod' ]:
+        purge  => true,
+    }
+
+      # collect resources and populate /etc/nagios/conf.d/nagios_*.cfg
+      Nagios_host <<||>> { notify  => Service['nagios'] }
+      Nagios_hostgroup <<||>> { notify  => Service['nagios'] }
+      Nagios_hostdependency <<||>> { notify  => Service['nagios'] }
+      Nagios_hostescalation <<||>> { notify  => Service['nagios'] }
+      Nagios_hostextinfo <<||>> { notify  => Service['nagios'] }
+      Nagios_service <<||>> { notify  => Service['nagios'] }
+      Nagios_servicegroup <<||>> { notify  => Service['nagios'] }
+      Nagios_servicedependency <<||>> { notify  => Service['nagios'] }
+      Nagios_serviceescalation <<||>> { notify  => Service['nagios'] }
+      Nagios_serviceextinfo <<||>> { notify  => Service['nagios'] }
+      Nagios_contact <<||>> { notify  => Service['nagios'] }
+      Nagios_contactgroup <<||>> { notify  => Service['nagios'] }
+      Nagios_command <<||>> { notify  => Service['nagios'] }
+      Nagios_timeperiod <<||>> { notify  => Service['nagios'] }
+
   }
 }
    @@ -174,7 +266,7 @@ class cd_nagios::server::service ( diff --git a/doc/puppet_defined_types/cd_nagios_3A_3Aserver_3A_3Aaccess.html b/doc/puppet_defined_types/cd_nagios_3A_3Aserver_3A_3Aaccess.html index 4c27851..edb95a1 100644 --- a/doc/puppet_defined_types/cd_nagios_3A_3Aserver_3A_3Aaccess.html +++ b/doc/puppet_defined_types/cd_nagios_3A_3Aserver_3A_3Aaccess.html @@ -220,7 +220,7 @@ $ng_service = $::cd_nagios::params::ng_service diff --git a/doc/top-level-namespace.html b/doc/top-level-namespace.html index 38fc31c..83c2d6b 100644 --- a/doc/top-level-namespace.html +++ b/doc/top-level-namespace.html @@ -90,7 +90,7 @@ diff --git a/tests/UTF_Files b/tests/UTF_Files index ef73186..b087bd2 100644 --- a/tests/UTF_Files +++ b/tests/UTF_Files @@ -4,4 +4,5 @@ ./.yardoc/objects/root.dat: data ./doc/css/style.css: HTML document, UTF-8 Unicode text, with very long lines ./doc/js/jquery.js: HTML document, UTF-8 Unicode text, with very long lines +./doc/puppet_classes/cd_nagios_3A_3Aparams.html: HTML document, UTF-8 Unicode text ./templates/httpd/index_html.erb: empty