icinga: features.d -> features-enabled (compat with debian packages)

bundles/icinga2/files/icinga2.conf

@@ -5,6 +5,6 @@ include <itl>
 include <plugins>
 include <plugins-contrib>
 
-include "features.d/*.conf"
+include "features-enabled/*.conf"
 include_recursive "conf.d"
 include "hosts.d/*.conf"

bundles/icinga2/items.py

@@ -28,7 +28,16 @@ directories = {
             'svc_systemd:icinga2.service:restart',
         ],
     },
-    '/etc/icinga2/features.d': {
+    '/etc/icinga2/features-available': {
+        'purge': True,
+        'owner': 'nagios',
+        'group': 'nagios',
+        'mode': '0750',
+        'triggers': [
+            'svc_systemd:icinga2.service:restart',
+        ],
+    },
+    '/etc/icinga2/features-enabled': {
         'purge': True,
         'owner': 'nagios',
         'group': 'nagios',
@@ -169,50 +178,6 @@ files = {
             'svc_systemd:icinga2.service:restart',
         ],
     },
-    '/etc/icinga2/features.d/ido-pgsql.conf': {
-        'source': 'features/ido-pgsql.conf',
-        'content_type': 'mako',
-        'owner': 'nagios',
-        'group': 'nagios',
-        'context': {
-            'db_password': node.metadata.get('postgresql/roles/icinga2/password')
-        },
-        'triggers': [
-            'svc_systemd:icinga2.service:restart',
-        ],
-    },
-    '/etc/icinga2/features.d/syslog.conf': {
-        'source': 'features/syslog.conf',
-        'owner': 'nagios',
-        'group': 'nagios',
-        'triggers': [
-            'svc_systemd:icinga2.service:restart',
-        ],
-    },
-    '/etc/icinga2/features.d/notification.conf': {
-        'source': 'features/notification.conf',
-        'owner': 'nagios',
-        'group': 'nagios',
-        'triggers': [
-            'svc_systemd:icinga2.service:restart',
-        ],
-    },
-    '/etc/icinga2/features.d/checker.conf': {
-        'source': 'features/checker.conf',
-        'owner': 'nagios',
-        'group': 'nagios',
-        'triggers': [
-            'svc_systemd:icinga2.service:restart',
-        ],
-    },
-    '/etc/icinga2/features.d/api.conf': {
-        'source': 'features/api.conf',
-        'owner': 'nagios',
-        'group': 'nagios',
-        'triggers': [
-            'svc_systemd:icinga2.service:restart',
-        ],
-    },
     '/var/lib/icinga2/certs/ca.crt': {
         'content_type': 'download',
         'source': f'https://letsencrypt.org/certs/isrg-root-x1-cross-signed.pem',
@@ -227,6 +192,38 @@ files = {
     },
 }
 
+# FEATURES
+
+for feature, context in {
+    'syslog': {},
+    'notification': {},
+    'checker': {},
+    'api': {},
+    'ido-pgsql': {
+        'db_password': node.metadata.get('postgresql/roles/icinga2/password'),
+    },
+}.items():
+    files[f'/etc/icinga2/features-available/{feature}.conf'] = {
+        'content_type': 'mako' if context else 'text',
+        'context':  context,
+        'source': f'features/{feature}.conf',
+        'owner': 'nagios',
+        'group': 'nagios',
+        'triggers': [
+            'svc_systemd:icinga2.service:restart',
+        ],
+    }
+    symlinks[f'/etc/icinga2/features-enabled/{feature}.conf'] = {
+        'target': f'/etc/icinga2/features-available/{feature}.conf',
+        'owner': 'nagios',
+        'group': 'nagios',
+        'triggers': [
+            'svc_systemd:icinga2.service:restart',
+        ],
+    }
+
+# HOSTS
+
 for other_node in repo.nodes:
     if other_node.dummy:
         continue

bundles/mailserver-autoconfig/metadata.py

@@ -24,6 +24,7 @@ def nginx(metadata):
                     'context': {
                         'root': f"/var/www/{metadata.get('mailserver/autoconfig_hostname')}",
                     },
+                    'check_path': '/mail/config-v1.1.xml',
                 },
             },
         },
@@ -59,7 +60,7 @@ def letsencrypt(metadata):
 )
 def autoconfig(metadata):
     dns = {}
-    
+
     for domain in metadata.get('mailserver/domains'):
         dns.update({
             f'autoconfig.{domain}': {
@@ -87,7 +88,7 @@ def autoconfig(metadata):
                 'SRV': {f"0 1 993 {metadata.get('mailserver/hostname')}."},
             },
         })
-    
+
     return {
         'dns': dns,
     }

bundles/nginx/metadata.py

@@ -1,5 +1,7 @@
+from shlex import quote
 from ipaddress import ip_interface
 
+
 defaults = {
     'apt': {
         'packages': {
@@ -62,7 +64,7 @@ def includes(metadata):
 )
 def vhosts(metadata):
     vhosts = {}
-    
+
     for name, config in metadata.get('nginx/vhosts').items():
         vhosts[name] = {
             'server_name': name,
@@ -76,7 +78,7 @@ def vhosts(metadata):
                 'alias': '/var/lib/dehydrated/acme-challenges/',
             },
         }
-    
+
     return {
         'nginx': {
             'vhosts': vhosts,
@@ -111,3 +113,19 @@ def letsencrypt(metadata):
             },
         },
     }
+
+
+@metadata_reactor.provides(
+    'monitoring/services',
+)
+def monitoring(metadata):
+    return {
+        'monitoring': {
+            'services': {
+                f'HTTP {hostname}': {
+                    'vars.command': f"""/usr/bin/curl {quote(hostname + vhost.get('check_path', ''))} -IL --fail"""
+                }
+                    for hostname, vhost in metadata.get('nginx/vhosts').items()
+            },
+        },
+    }