cronekorkn/bundlewrap
1
0
Fork 0
Code Issues Pull requests 8 Projects Releases Wiki Activity

wip

Browse source
This commit is contained in:
mwiegand 2022-08-18 01:41:32 +02:00
parent 125669c767
commit 9c26233321
8 changed files with 86 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

31
bundles/icinga2/files/check_by_sshmon Normal file
View file

@ -0,0 +1,31 @@
#!/bin/sh
UNKNOWN=3
if [ -z "$SSHMON_TEST" ]
then
echo 'check_by_sshmon: Env SSHMON_TEST missing' >&2
exit $UNKNOWN
elif [ -z "$SSHMON_COMMAND" ]
then
echo 'check_by_sshmon: Env SSHMON_COMMAND missing' >&2
exit $UNKNOWN
elif [ -z "$SSHMON_HOST" ]
then
echo 'check_by_sshmon: Env SSHMON_HOST missing' >&2
exit $UNKNOWN
fi
ssh sshmon@"$SSHMON_HOST" "$SSHMON_COMMAND"
if [ "$exitcode" = 124 ]
then
echo 'check_by_sshmon: Timeout while running check remotely' >&2
exit $UNKNOWN
elif [ "$exitcode" = 255 ]
then
echo 'check_by_sshmon: SSH error' >&2
exit $UNKNOWN
else
exit $exitcode
fi

12
bundles/icinga2/files/conf.d/commands.conf
View file

@ -6,6 +6,18 @@
* optional parameters.
*/
object CheckCommand "sshmon" {
import "ipv4-or-ipv6"
command = [ "/usr/lib/nagios/plugins/check_by_sshmon" ]
env.SSHMON_TEST = "1234"
env.SSHMON_COMMAND = "$command$"
env.SSHMON_HOST = "$address$"
}
object NotificationCommand "mail-host-notification" {
command = [ ConfigDir + "/scripts/mail-host-notification.sh" ]

2
bundles/icinga2/files/hosts.d/host.conf
View file

@ -28,7 +28,7 @@ object Host "${host_name}" {
% endfor
}
% for service_name, service_config in sorted(services.items(), key=lambda e: [e[1]['vars.bundle'], e[0]]):
% for service_name, service_config in sorted(services.items()):
object Service "${service_name}" {
import "generic-service"
% for key, value in sorted(service_config.items()):

7
bundles/icinga2/items.py
View file

@ -222,11 +222,16 @@ files = {
'svc_systemd:icinga2.service:restart',
],
},
'/usr/lib/nagios/plugins/check_by_sshmon': {
'mode': '0755',
},
}
for other_node in repo.nodes:
if other_node.dummy:
continue
elif not other_node.in_group('monitored'):
continue
files[f'/etc/icinga2/hosts.d/{other_node.name}.conf'] = {
'content_type': 'mako',
@ -237,7 +242,7 @@ for other_node in repo.nodes:
'host_settings': {
'address': str(ip_interface(other_node.metadata.get('network/internal/ipv4', None) or other_node.metadata.get('wireguard/my_ip')).ip),
},
'services': other_node.metadata.get('monitoring', {}),
'services': other_node.metadata.get('monitoring/services'),
},
'triggers': [
'svc_systemd:icinga2.service:restart',

6
bundles/icinga2/metadata.py
View file

@ -32,6 +32,12 @@ defaults = {
},
},
},
'users': {
'nagios': {
'home': '/var/lib/nagios',
'shell': '/usr/sbin/nologin',
},
},
'zfs': {
'datasets': {
'tank/icinga2': {

25
bundles/monitored/metadata.py Normal file
View file

@ -0,0 +1,25 @@
defaults = {
'monitoring': {
'services': {
'test': {
'vars.command': '/bin/ls /',
'check_command': 'sshmon',
'host_name': node.name,
},
},
},
}
@metadata_reactor.provides(
'users/sshmon/authorized_users'
)
def user(metadata):
return {
'users': {
'sshmon': {
'authorized_users': {
'nagios@' + metadata.get('monitoring/icinga2_node'),
}
},
},
}

2
bundles/zsh/items.py
View file

@ -36,7 +36,7 @@ files = {
}
for name, user_config in node.metadata.get('users').items():
if user_config.get('shell', None) != '/usr/bin/zsh':
if user_config.get('shell', None) == '/usr/bin/zsh':
files[join(user_config['home'], '.zshrc')] = {
'owner': name,
'group': name,

4
groups/applications/monitored.py
View file

@ -1,10 +1,14 @@
{
'bundles': [
'telegraf',
'monitored',
],
'metadata': {
'telegraf': {
'influxdb_node': 'home.server',
},
'monitoring': {
'icinga2_node': 'home.server',
},
},
}