From 532df976db186b1fc04a00a803a3c2cc5bce3406 Mon Sep 17 00:00:00 2001 From: mwiegand Date: Tue, 16 Aug 2022 23:22:47 +0200 Subject: [PATCH] wip --- bundles/icinga2/files/conf.d/api-users.conf | 4 - bundles/icinga2/files/conf.d/app.conf | 1 + bundles/icinga2/files/conf.d/commands.conf | 186 ++++++++++++++++++ bundles/icinga2/files/conf.d/groups.conf | 37 ++++ .../icinga2/files/conf.d/notifications.conf | 33 ++++ bundles/icinga2/files/conf.d/timeperiods.conf | 34 ++++ bundles/icinga2/files/hosts.d/host.conf | 2 + bundles/icinga2/items.py | 78 +++++++- 8 files changed, 364 insertions(+), 11 deletions(-) create mode 100644 bundles/icinga2/files/conf.d/app.conf create mode 100644 bundles/icinga2/files/conf.d/commands.conf create mode 100644 bundles/icinga2/files/conf.d/groups.conf create mode 100644 bundles/icinga2/files/conf.d/notifications.conf create mode 100644 bundles/icinga2/files/conf.d/timeperiods.conf diff --git a/bundles/icinga2/files/conf.d/api-users.conf b/bundles/icinga2/files/conf.d/api-users.conf index 537c199..e5d6972 100644 --- a/bundles/icinga2/files/conf.d/api-users.conf +++ b/bundles/icinga2/files/conf.d/api-users.conf @@ -1,6 +1,3 @@ -/** - * The ApiUser objects are used for authentication against the API. - */ % for name, conf in sorted(users.items()): object ApiUser "${name}" { password = "${conf['password']}" @@ -10,5 +7,4 @@ object ApiUser "${name}" { % endfor ] } - % endfor diff --git a/bundles/icinga2/files/conf.d/app.conf b/bundles/icinga2/files/conf.d/app.conf new file mode 100644 index 0000000..3e4be0d --- /dev/null +++ b/bundles/icinga2/files/conf.d/app.conf @@ -0,0 +1 @@ +object IcingaApplication "app" { } diff --git a/bundles/icinga2/files/conf.d/commands.conf b/bundles/icinga2/files/conf.d/commands.conf new file mode 100644 index 0000000..588f9f6 --- /dev/null +++ b/bundles/icinga2/files/conf.d/commands.conf @@ -0,0 +1,186 @@ +/* Command objects */ + +/* Notification Commands + * + * Please check the documentation for all required and + * optional parameters. + */ + +object NotificationCommand "mail-host-notification" { + command = [ ConfigDir + "/scripts/mail-host-notification.sh" ] + + arguments += { + "-4" = "$notification_address$" + "-6" = "$notification_address6$" + "-b" = "$notification_author$" + "-c" = "$notification_comment$" + "-d" = { + required = true + value = "$notification_date$" + } + "-f" = { + value = "$notification_from$" + description = "Set from address. Requires GNU mailutils (Debian/Ubuntu) or mailx (RHEL/SUSE)" + } + "-i" = "$notification_icingaweb2url$" + "-l" = { + required = true + value = "$notification_hostname$" + } + "-n" = { + required = true + value = "$notification_hostdisplayname$" + } + "-o" = { + required = true + value = "$notification_hostoutput$" + } + "-r" = { + required = true + value = "$notification_useremail$" + } + "-s" = { + required = true + value = "$notification_hoststate$" + } + "-t" = { + required = true + value = "$notification_type$" + } + "-v" = "$notification_logtosyslog$" + } + + vars += { + notification_address = "$address$" + notification_address6 = "$address6$" + notification_author = "$notification.author$" + notification_comment = "$notification.comment$" + notification_type = "$notification.type$" + notification_date = "$icinga.long_date_time$" + notification_hostname = "$host.name$" + notification_hostdisplayname = "$host.display_name$" + notification_hostoutput = "$host.output$" + notification_hoststate = "$host.state$" + notification_useremail = "$user.email$" + } +} + +object NotificationCommand "mail-service-notification" { + command = [ ConfigDir + "/scripts/mail-service-notification.sh" ] + + arguments += { + "-4" = "$notification_address$" + "-6" = "$notification_address6$" + "-b" = "$notification_author$" + "-c" = "$notification_comment$" + "-d" = { + required = true + value = "$notification_date$" + } + "-e" = { + required = true + value = "$notification_servicename$" + } + "-f" = { + value = "$notification_from$" + description = "Set from address. Requires GNU mailutils (Debian/Ubuntu) or mailx (RHEL/SUSE)" + } + "-i" = "$notification_icingaweb2url$" + "-l" = { + required = true + value = "$notification_hostname$" + } + "-n" = { + required = true + value = "$notification_hostdisplayname$" + } + "-o" = { + required = true + value = "$notification_serviceoutput$" + } + "-r" = { + required = true + value = "$notification_useremail$" + } + "-s" = { + required = true + value = "$notification_servicestate$" + } + "-t" = { + required = true + value = "$notification_type$" + } + "-u" = { + required = true + value = "$notification_servicedisplayname$" + } + "-v" = "$notification_logtosyslog$" + } + + vars += { + notification_address = "$address$" + notification_address6 = "$address6$" + notification_author = "$notification.author$" + notification_comment = "$notification.comment$" + notification_type = "$notification.type$" + notification_date = "$icinga.long_date_time$" + notification_hostname = "$host.name$" + notification_hostdisplayname = "$host.display_name$" + notification_servicename = "$service.name$" + notification_serviceoutput = "$service.output$" + notification_servicestate = "$service.state$" + notification_useremail = "$user.email$" + notification_servicedisplayname = "$service.display_name$" + } +} + +/* + * If you prefer to use the notification scripts with environment + * variables instead of command line parameters, you can use + * the following commands. They have been updated from < 2.7 + * to support the new notification scripts and should help + * with an upgrade. + * Remove the comment blocks and comment the notification commands above. + */ + +/* + +object NotificationCommand "mail-host-notification" { + command = [ ConfigDir + "/scripts/mail-host-notification.sh" ] + + env = { + NOTIFICATIONTYPE = "$notification.type$" + HOSTDISPLAYNAME = "$host.display_name$" + HOSTNAME = "$host.name$" + HOSTADDRESS = "$address$" + HOSTSTATE = "$host.state$" + LONGDATETIME = "$icinga.long_date_time$" + HOSTOUTPUT = "$host.output$" + NOTIFICATIONAUTHORNAME = "$notification.author$" + NOTIFICATIONCOMMENT = "$notification.comment$" + HOSTDISPLAYNAME = "$host.display_name$" + USEREMAIL = "$user.email$" + } +} + +object NotificationCommand "mail-service-notification" { + command = [ ConfigDir + "/scripts/mail-service-notification.sh" ] + + env = { + NOTIFICATIONTYPE = "$notification.type$" + SERVICENAME = "$service.name$" + HOSTNAME = "$host.name$" + HOSTDISPLAYNAME = "$host.display_name$" + HOSTADDRESS = "$address$" + SERVICESTATE = "$service.state$" + LONGDATETIME = "$icinga.long_date_time$" + SERVICEOUTPUT = "$service.output$" + NOTIFICATIONAUTHORNAME = "$notification.author$" + NOTIFICATIONCOMMENT = "$notification.comment$" + HOSTDISPLAYNAME = "$host.display_name$" + SERVICEDISPLAYNAME = "$service.display_name$" + USEREMAIL = "$user.email$" + } +} + +*/ diff --git a/bundles/icinga2/files/conf.d/groups.conf b/bundles/icinga2/files/conf.d/groups.conf new file mode 100644 index 0000000..e6004a3 --- /dev/null +++ b/bundles/icinga2/files/conf.d/groups.conf @@ -0,0 +1,37 @@ +/** + * Host group examples. + */ + +object HostGroup "linux-servers" { + display_name = "Linux Servers" + + assign where host.vars.os == "Linux" +} + +object HostGroup "windows-servers" { + display_name = "Windows Servers" + + assign where host.vars.os == "Windows" +} + +/** + * Service group examples. + */ + +object ServiceGroup "ping" { + display_name = "Ping Checks" + + assign where match("ping*", service.name) +} + +object ServiceGroup "http" { + display_name = "HTTP Checks" + + assign where match("http*", service.check_command) +} + +object ServiceGroup "disk" { + display_name = "Disk Checks" + + assign where match("disk*", service.check_command) +} diff --git a/bundles/icinga2/files/conf.d/notifications.conf b/bundles/icinga2/files/conf.d/notifications.conf new file mode 100644 index 0000000..ac65875 --- /dev/null +++ b/bundles/icinga2/files/conf.d/notifications.conf @@ -0,0 +1,33 @@ +/** + * The example notification apply rules. + * + * Only applied if host/service objects have + * the custom variable `notification` defined + * and containing `mail` as key. + * + * Check `hosts.conf` for an example. + */ + +apply Notification "mail-icingaadmin" to Host { + import "mail-host-notification" + user_groups = host.vars.notification.mail.groups + users = host.vars.notification.mail.users + + //interval = 2h + + //vars.notification_logtosyslog = true + + assign where host.vars.notification.mail +} + +apply Notification "mail-icingaadmin" to Service { + import "mail-service-notification" + user_groups = host.vars.notification.mail.groups + users = host.vars.notification.mail.users + + //interval = 2h + + //vars.notification_logtosyslog = true + + assign where host.vars.notification.mail +} diff --git a/bundles/icinga2/files/conf.d/timeperiods.conf b/bundles/icinga2/files/conf.d/timeperiods.conf new file mode 100644 index 0000000..2d403bb --- /dev/null +++ b/bundles/icinga2/files/conf.d/timeperiods.conf @@ -0,0 +1,34 @@ +/** + * Sample timeperiods for Icinga 2. + * Check the documentation for details. + */ + +object TimePeriod "24x7" { + display_name = "Icinga 2 24x7 TimePeriod" + ranges = { + "monday" = "00:00-24:00" + "tuesday" = "00:00-24:00" + "wednesday" = "00:00-24:00" + "thursday" = "00:00-24:00" + "friday" = "00:00-24:00" + "saturday" = "00:00-24:00" + "sunday" = "00:00-24:00" + } +} + +object TimePeriod "9to5" { + display_name = "Icinga 2 9to5 TimePeriod" + ranges = { + "monday" = "09:00-17:00" + "tuesday" = "09:00-17:00" + "wednesday" = "09:00-17:00" + "thursday" = "09:00-17:00" + "friday" = "09:00-17:00" + } +} + +object TimePeriod "never" { + display_name = "Icinga 2 never TimePeriod" + ranges = { + } +} diff --git a/bundles/icinga2/files/hosts.d/host.conf b/bundles/icinga2/files/hosts.d/host.conf index b62cd62..abba679 100644 --- a/bundles/icinga2/files/hosts.d/host.conf +++ b/bundles/icinga2/files/hosts.d/host.conf @@ -1,4 +1,6 @@ <%! + from bundlewrap.utils import Fault + def render_value(key, value): if isinstance(value, Fault): return render_value(key, value.value) diff --git a/bundles/icinga2/items.py b/bundles/icinga2/items.py index d57b747..3b379f0 100644 --- a/bundles/icinga2/items.py +++ b/bundles/icinga2/items.py @@ -1,4 +1,4 @@ -# Git-Hash for Icinga1: b63bb0ef52bf213715e567c81e3ed097024e61af +from ipaddress import ip_interface directories = { '/etc/icinga2': { @@ -11,7 +11,7 @@ directories = { ], }, '/etc/icinga2/conf.d': { -# 'purge': True, + 'purge': True, 'owner': 'nagios', 'group': 'nagios', 'mode': '0750', @@ -93,10 +93,66 @@ files = { 'svc_systemd:icinga2.service:restart', ], }, - # '/etc/icinga2/conf.d/templates.conf': { - # 'source': 'conf.d/templates.conf', - # 'owner': 'nagios', - # }, + '/etc/icinga2/conf.d/app.conf': { + 'source': 'conf.d/app.conf', + 'content_type': 'mako', + 'owner': 'nagios', + 'group': 'nagios', + 'mode': '0640', + 'triggers': [ + 'svc_systemd:icinga2.service:restart', + ], + }, + '/etc/icinga2/conf.d/commands.conf': { + 'source': 'conf.d/commands.conf', + 'content_type': 'mako', + 'owner': 'nagios', + 'group': 'nagios', + 'mode': '0640', + 'triggers': [ + 'svc_systemd:icinga2.service:restart', + ], + }, + '/etc/icinga2/conf.d/groups.conf': { + 'source': 'conf.d/groups.conf', + 'content_type': 'mako', + 'owner': 'nagios', + 'group': 'nagios', + 'mode': '0640', + 'triggers': [ + 'svc_systemd:icinga2.service:restart', + ], + }, + '/etc/icinga2/conf.d/notifications.conf': { + 'source': 'conf.d/notifications.conf', + 'content_type': 'mako', + 'owner': 'nagios', + 'group': 'nagios', + 'mode': '0640', + 'triggers': [ + 'svc_systemd:icinga2.service:restart', + ], + }, + '/etc/icinga2/conf.d/templates.conf': { + 'source': 'conf.d/templates.conf', + 'content_type': 'mako', + 'owner': 'nagios', + 'group': 'nagios', + 'mode': '0640', + 'triggers': [ + 'svc_systemd:icinga2.service:restart', + ], + }, + '/etc/icinga2/conf.d/timeperiods.conf': { + 'source': 'conf.d/timeperiods.conf', + 'content_type': 'mako', + 'owner': 'nagios', + 'group': 'nagios', + 'mode': '0640', + 'triggers': [ + 'svc_systemd:icinga2.service:restart', + ], + }, '/etc/icinga2/features.d/ido-pgsql.conf': { 'source': 'features/ido-pgsql.conf', 'content_type': 'mako', @@ -139,15 +195,23 @@ files = { } for other_node in repo.nodes: + if other_node.dummy: + continue + files[f'/etc/icinga2/hosts.d/{other_node.name}.conf'] = { 'content_type': 'mako', 'source': 'hosts.d/host.conf', 'owner': 'nagios', 'context': { 'host_name': other_node.name, - 'host_settings': {}, + 'host_settings': { + 'address': str(ip_interface(other_node.metadata.get('network/internal/ipv4', None) or other_node.metadata.get('wireguard/my_ip')).ip), + }, 'services': other_node.metadata.get('monitoring', {}), }, + 'triggers': [ + 'svc_systemd:icinga2.service:restart', + ], } svc_systemd = {