icinga: features.d -> features-enabled (compat with debian packages)

bundles/nginx/metadata.pybasic http check
2022-09-05 13:49:47 +02:00 · 2022-09-05 13:48:54 +02:00
4 changed files with 66 additions and 50 deletions
--- a/bundles/icinga2/files/icinga2.conf
+++ b/bundles/icinga2/files/icinga2.conf
@ -5,6 +5,6 @@ include <itl>
 include <plugins>
 include <plugins-contrib>

-include "features.d/*.conf"
+include "features-enabled/*.conf"
 include_recursive "conf.d"
 include "hosts.d/*.conf"
--- a/bundles/icinga2/items.py
+++ b/bundles/icinga2/items.py
@ -28,7 +28,16 @@ directories = {
            'svc_systemd:icinga2.service:restart',
        ],
    },
-    '/etc/icinga2/features.d': {
+    '/etc/icinga2/features-available': {
+        'purge': True,
+        'owner': 'nagios',
+        'group': 'nagios',
+        'mode': '0750',
+        'triggers': [
+            'svc_systemd:icinga2.service:restart',
+        ],
+    },
+    '/etc/icinga2/features-enabled': {
        'purge': True,
        'owner': 'nagios',
        'group': 'nagios',
@ -169,50 +178,6 @@ files = {
            'svc_systemd:icinga2.service:restart',
        ],
    },
-    '/etc/icinga2/features.d/ido-pgsql.conf': {
-        'source': 'features/ido-pgsql.conf',
-        'content_type': 'mako',
-        'owner': 'nagios',
-        'group': 'nagios',
-        'context': {
-            'db_password': node.metadata.get('postgresql/roles/icinga2/password')
-        },
-        'triggers': [
-            'svc_systemd:icinga2.service:restart',
-        ],
-    },
-    '/etc/icinga2/features.d/syslog.conf': {
-        'source': 'features/syslog.conf',
-        'owner': 'nagios',
-        'group': 'nagios',
-        'triggers': [
-            'svc_systemd:icinga2.service:restart',
-        ],
-    },
-    '/etc/icinga2/features.d/notification.conf': {
-        'source': 'features/notification.conf',
-        'owner': 'nagios',
-        'group': 'nagios',
-        'triggers': [
-            'svc_systemd:icinga2.service:restart',
-        ],
-    },
-    '/etc/icinga2/features.d/checker.conf': {
-        'source': 'features/checker.conf',
-        'owner': 'nagios',
-        'group': 'nagios',
-        'triggers': [
-            'svc_systemd:icinga2.service:restart',
-        ],
-    },
-    '/etc/icinga2/features.d/api.conf': {
-        'source': 'features/api.conf',
-        'owner': 'nagios',
-        'group': 'nagios',
-        'triggers': [
-            'svc_systemd:icinga2.service:restart',
-        ],
-    },
    '/var/lib/icinga2/certs/ca.crt': {
        'content_type': 'download',
        'source': f'https://letsencrypt.org/certs/isrg-root-x1-cross-signed.pem',
@ -227,6 +192,38 @@ files = {
    },
 }

+# FEATURES
+
+for feature, context in {
+    'syslog': {},
+    'notification': {},
+    'checker': {},
+    'api': {},
+    'ido-pgsql': {
+        'db_password': node.metadata.get('postgresql/roles/icinga2/password'),
+    },
+}.items():
+    files[f'/etc/icinga2/features-available/{feature}.conf'] = {
+        'content_type': 'mako' if context else 'text',
+        'context':  context,
+        'source': f'features/{feature}.conf',
+        'owner': 'nagios',
+        'group': 'nagios',
+        'triggers': [
+            'svc_systemd:icinga2.service:restart',
+        ],
+    }
+    symlinks[f'/etc/icinga2/features-enabled/{feature}.conf'] = {
+        'target': f'/etc/icinga2/features-available/{feature}.conf',
+        'owner': 'nagios',
+        'group': 'nagios',
+        'triggers': [
+            'svc_systemd:icinga2.service:restart',
+        ],
+    }
+
+# HOSTS
+
 for other_node in repo.nodes:
    if other_node.dummy:
        continue
--- a/bundles/mailserver-autoconfig/metadata.py
+++ b/bundles/mailserver-autoconfig/metadata.py
@ -24,6 +24,7 @@ def nginx(metadata):
                    'context': {
                        'root': f"/var/www/{metadata.get('mailserver/autoconfig_hostname')}",
                    },
+                    'check_path': '/mail/config-v1.1.xml',
                },
            },
        },
--- a/bundles/nginx/metadata.py
+++ b/bundles/nginx/metadata.py
@ -1,5 +1,7 @@
+from shlex import quote
 from ipaddress import ip_interface

+
 defaults = {
    'apt': {
        'packages': {
@ -111,3 +113,19 @@ def letsencrypt(metadata):
            },
        },
    }
+
+
+@metadata_reactor.provides(
+    'monitoring/services',
+)
+def monitoring(metadata):
+    return {
+        'monitoring': {
+            'services': {
+                f'HTTP {hostname}': {
+                    'vars.command': f"""/usr/bin/curl {quote(hostname + vhost.get('check_path', ''))} -IL --fail"""
+                }
+                    for hostname, vhost in metadata.get('nginx/vhosts').items()
+            },
+        },
+    }
Author	SHA1	Message	Date
mwiegand	6abfd868db	icinga: features.d -> features-enabled (compat with debian packages)	2022-09-05 13:49:47 +02:00
mwiegand	1e2e63405a	bundles/nginx/metadata.pybasic http check	2022-09-05 13:48:54 +02:00