From: Frank Brehm Date: Fri, 13 Oct 2017 13:35:27 +0000 (+0200) Subject: committing changes in /etc after apt run X-Git-Url: https://git.uhu-banane.org/?a=commitdiff_plain;h=cf069039ac02ec66290d7dfe98b9884e5fea7ba8;p=config%2Fsarah%2Fetc.git committing changes in /etc after apt run Package changes: +icinga2 2.6.0-2 amd64 +icinga2-bin 2.6.0-2 amd64 +icinga2-common 2.6.0-2 all +libboost-atomic1.62.0 1.62.0+dfsg-4 amd64 +libboost-chrono1.62.0 1.62.0+dfsg-4 amd64 +libboost-date-time1.62.0 1.62.0+dfsg-4 amd64 +libboost-program-options1.62.0 1.62.0+dfsg-4 amd64 +libboost-regex1.62.0 1.62.0+dfsg-4 amd64 +libboost-thread1.62.0 1.62.0+dfsg-4 amd64 +libicinga2 2.6.0-2 amd64 +libruby2.3 2.3.3-1+deb9u1 amd64 +libyajl2 2.1.0-2+b3 amd64 +monitoring-plugins-basic 2.2-3 amd64 +monitoring-plugins-common 2.2-3 amd64 +monitoring-plugins-standard 2.2-3 amd64 +rake 10.5.0-2 all +ruby 1:2.3.3 amd64 +ruby-did-you-mean 1.0.0-2 all +ruby-minitest 5.9.0-1 all +ruby-net-telnet 0.1.1-2 all +ruby-power-assert 0.3.0-1 all +ruby-test-unit 3.1.7-2 all +ruby2.3 2.3.3-1+deb9u1 amd64 +rubygems-integration 1.11 all +vim-addon-manager 0.5.6 all +vim-icinga2 2.6.0-2 all --- diff --git a/.etckeeper b/.etckeeper index 372fe7f..31a30a4 100755 --- a/.etckeeper +++ b/.etckeeper @@ -14,6 +14,7 @@ mkdir -p './dbus-1/session.d' mkdir -p './dovecot/private' mkdir -p './dpkg/dpkg.cfg.d' mkdir -p './fail2ban/fail2ban.d' +mkdir -p './icinga2/pki' mkdir -p './initramfs-tools/conf.d' mkdir -p './initramfs-tools/hooks' mkdir -p './initramfs-tools/scripts/init-bottom' @@ -269,6 +270,7 @@ maybe chmod 0644 'default/grub' maybe chmod 0644 'default/halt' maybe chmod 0644 'default/haveged' maybe chmod 0644 'default/hwclock' +maybe chmod 0644 'default/icinga2' maybe chmod 0600 'default/iptables' maybe chmod 0644 'default/iptables.bak' maybe chmod 0644 'default/keyboard' @@ -621,6 +623,53 @@ maybe chmod 0644 'hostname' maybe chmod 0644 'hosts' maybe chmod 0644 'hosts.allow' maybe chmod 0644 'hosts.deny' +maybe chown 'nagios' 'icinga2' +maybe chgrp 'nagios' 'icinga2' +maybe chmod 0750 'icinga2' +maybe chmod 0755 'icinga2/conf.d' +maybe chmod 0644 'icinga2/conf.d/app.conf' +maybe chmod 0644 'icinga2/conf.d/apt.conf' +maybe chmod 0644 'icinga2/conf.d/commands.conf' +maybe chmod 0644 'icinga2/conf.d/downtimes.conf' +maybe chmod 0644 'icinga2/conf.d/groups.conf' +maybe chmod 0644 'icinga2/conf.d/hosts.conf' +maybe chmod 0644 'icinga2/conf.d/notifications.conf' +maybe chmod 0644 'icinga2/conf.d/satellite.conf' +maybe chmod 0644 'icinga2/conf.d/services.conf' +maybe chmod 0644 'icinga2/conf.d/templates.conf' +maybe chmod 0644 'icinga2/conf.d/timeperiods.conf' +maybe chmod 0644 'icinga2/conf.d/users.conf' +maybe chmod 0644 'icinga2/constants.conf' +maybe chmod 0755 'icinga2/features-available' +maybe chmod 0644 'icinga2/features-available/api.conf' +maybe chmod 0644 'icinga2/features-available/checker.conf' +maybe chmod 0644 'icinga2/features-available/command.conf' +maybe chmod 0644 'icinga2/features-available/compatlog.conf' +maybe chmod 0644 'icinga2/features-available/debuglog.conf' +maybe chmod 0644 'icinga2/features-available/gelf.conf' +maybe chmod 0644 'icinga2/features-available/graphite.conf' +maybe chmod 0644 'icinga2/features-available/influxdb.conf' +maybe chmod 0644 'icinga2/features-available/livestatus.conf' +maybe chmod 0644 'icinga2/features-available/mainlog.conf' +maybe chmod 0644 'icinga2/features-available/notification.conf' +maybe chmod 0644 'icinga2/features-available/opentsdb.conf' +maybe chmod 0644 'icinga2/features-available/perfdata.conf' +maybe chmod 0644 'icinga2/features-available/statusdata.conf' +maybe chmod 0644 'icinga2/features-available/syslog.conf' +maybe chmod 0755 'icinga2/features-enabled' +maybe chmod 0644 'icinga2/icinga2.conf' +maybe chmod 0644 'icinga2/init.conf' +maybe chown 'nagios' 'icinga2/pki' +maybe chgrp 'nagios' 'icinga2/pki' +maybe chmod 0700 'icinga2/pki' +maybe chmod 0755 'icinga2/repository.d' +maybe chmod 0644 'icinga2/repository.d/README' +maybe chmod 0755 'icinga2/scripts' +maybe chmod 0755 'icinga2/scripts/mail-host-notification.sh' +maybe chmod 0755 'icinga2/scripts/mail-service-notification.sh' +maybe chmod 0644 'icinga2/zones.conf' +maybe chmod 0755 'icinga2/zones.d' +maybe chmod 0644 'icinga2/zones.d/README' maybe chmod 0755 'init' maybe chmod 0755 'init.d' maybe chmod 0644 'init.d/README' @@ -646,6 +695,7 @@ maybe chmod 0755 'init.d/halt' maybe chmod 0755 'init.d/haveged' maybe chmod 0755 'init.d/hostname.sh' maybe chmod 0755 'init.d/hwclock.sh' +maybe chmod 0755 'init.d/icinga2' maybe chmod 0755 'init.d/iptables' maybe chmod 0755 'init.d/iredapd' maybe chmod 0755 'init.d/kbd' @@ -806,6 +856,7 @@ maybe chmod 0644 'logrotate.d/dbconfig-common' maybe chmod 0644 'logrotate.d/dovecot' maybe chmod 0644 'logrotate.d/dpkg' maybe chmod 0644 'logrotate.d/fail2ban' +maybe chmod 0644 'logrotate.d/icinga2' maybe chmod 0644 'logrotate.d/mail' maybe chmod 0644 'logrotate.d/mysql-server' maybe chmod 0644 'logrotate.d/nginx' @@ -875,6 +926,43 @@ maybe chmod 0644 'mysql/mariadb.conf.d/50-server.cnf' maybe chmod 0644 'mysql/my.cnf.2016.07.20.08.58.54' maybe chmod 0644 'mysql/my.cnf.fallback' maybe chmod 0644 'mysql/my.cnf.migrated' +maybe chmod 0755 'nagios-plugins' +maybe chmod 0755 'nagios-plugins/config' +maybe chmod 0644 'nagios-plugins/config/apt.cfg' +maybe chmod 0644 'nagios-plugins/config/breeze.cfg' +maybe chmod 0644 'nagios-plugins/config/dhcp.cfg' +maybe chmod 0644 'nagios-plugins/config/disk-smb.cfg' +maybe chmod 0644 'nagios-plugins/config/disk.cfg' +maybe chmod 0644 'nagios-plugins/config/dns.cfg' +maybe chmod 0644 'nagios-plugins/config/dummy.cfg' +maybe chmod 0644 'nagios-plugins/config/flexlm.cfg' +maybe chmod 0644 'nagios-plugins/config/fping.cfg' +maybe chmod 0644 'nagios-plugins/config/ftp.cfg' +maybe chmod 0644 'nagios-plugins/config/games.cfg' +maybe chmod 0644 'nagios-plugins/config/hppjd.cfg' +maybe chmod 0644 'nagios-plugins/config/http.cfg' +maybe chmod 0644 'nagios-plugins/config/ifstatus.cfg' +maybe chmod 0644 'nagios-plugins/config/ldap.cfg' +maybe chmod 0644 'nagios-plugins/config/load.cfg' +maybe chmod 0644 'nagios-plugins/config/mail.cfg' +maybe chmod 0644 'nagios-plugins/config/mailq.cfg' +maybe chmod 0644 'nagios-plugins/config/mrtg.cfg' +maybe chmod 0644 'nagios-plugins/config/mysql.cfg' +maybe chmod 0644 'nagios-plugins/config/netware.cfg' +maybe chmod 0644 'nagios-plugins/config/news.cfg' +maybe chmod 0644 'nagios-plugins/config/nt.cfg' +maybe chmod 0644 'nagios-plugins/config/ntp.cfg' +maybe chmod 0644 'nagios-plugins/config/pgsql.cfg' +maybe chmod 0644 'nagios-plugins/config/ping.cfg' +maybe chmod 0644 'nagios-plugins/config/procs.cfg' +maybe chmod 0644 'nagios-plugins/config/radius.cfg' +maybe chmod 0644 'nagios-plugins/config/real.cfg' +maybe chmod 0644 'nagios-plugins/config/rpc-nfs.cfg' +maybe chmod 0644 'nagios-plugins/config/snmp.cfg' +maybe chmod 0644 'nagios-plugins/config/ssh.cfg' +maybe chmod 0644 'nagios-plugins/config/tcp_udp.cfg' +maybe chmod 0644 'nagios-plugins/config/telnet.cfg' +maybe chmod 0644 'nagios-plugins/config/users.cfg' maybe chmod 0644 'nail.rc' maybe chmod 0644 'nanorc' maybe chmod 0755 'network' diff --git a/default/icinga2 b/default/icinga2 new file mode 100644 index 0000000..c452408 --- /dev/null +++ b/default/icinga2 @@ -0,0 +1,3 @@ +# default settings for icinga2's initscript + +#DAEMON_ARGS="-e /var/log/icinga2/icinga2.err" diff --git a/group b/group index 42bec92..8d08e5a 100644 --- a/group +++ b/group @@ -64,3 +64,4 @@ ulog:x:121: wireshark:x:122: opendkim:x:123: _chrony:x:124: +nagios:x:125: diff --git a/group- b/group- index 03f3a50..42bec92 100644 --- a/group- +++ b/group- @@ -63,3 +63,4 @@ iredapd:x:2002: ulog:x:121: wireshark:x:122: opendkim:x:123: +_chrony:x:124: diff --git a/gshadow b/gshadow index f3e9dcb..3161bcb 100644 --- a/gshadow +++ b/gshadow @@ -64,3 +64,4 @@ ulog:!:: wireshark:!:: opendkim:!:: _chrony:!:: +nagios:!:: diff --git a/gshadow- b/gshadow- index 7d69447..f3e9dcb 100644 --- a/gshadow- +++ b/gshadow- @@ -63,3 +63,4 @@ iredapd:!:: ulog:!:: wireshark:!:: opendkim:!:: +_chrony:!:: diff --git a/icinga2/conf.d/app.conf b/icinga2/conf.d/app.conf new file mode 100644 index 0000000..3e4be0d --- /dev/null +++ b/icinga2/conf.d/app.conf @@ -0,0 +1 @@ +object IcingaApplication "app" { } diff --git a/icinga2/conf.d/apt.conf b/icinga2/conf.d/apt.conf new file mode 100644 index 0000000..b2c77a0 --- /dev/null +++ b/icinga2/conf.d/apt.conf @@ -0,0 +1,7 @@ +apply Service "apt" { + import "generic-service" + + check_command = "apt" + + assign where host.name == NodeName +} diff --git a/icinga2/conf.d/commands.conf b/icinga2/conf.d/commands.conf new file mode 100644 index 0000000..e97b087 --- /dev/null +++ b/icinga2/conf.d/commands.conf @@ -0,0 +1,38 @@ +/* Command objects */ + +object NotificationCommand "mail-host-notification" { + command = [ SysconfDir + "/icinga2/scripts/mail-host-notification.sh" ] + + env = { + NOTIFICATIONTYPE = "$notification.type$" + HOSTALIAS = "$host.display_name$" + HOSTADDRESS = "$address$" + HOSTSTATE = "$host.state$" + LONGDATETIME = "$icinga.long_date_time$" + HOSTOUTPUT = "$host.output$" + NOTIFICATIONAUTHORNAME = "$notification.author$" + NOTIFICATIONCOMMENT = "$notification.comment$" + HOSTDISPLAYNAME = "$host.display_name$" + USEREMAIL = "$user.email$" + } +} + +object NotificationCommand "mail-service-notification" { + command = [ SysconfDir + "/icinga2/scripts/mail-service-notification.sh" ] + + env = { + NOTIFICATIONTYPE = "$notification.type$" + SERVICEDESC = "$service.name$" + HOSTALIAS = "$host.display_name$" + HOSTADDRESS = "$address$" + SERVICESTATE = "$service.state$" + LONGDATETIME = "$icinga.long_date_time$" + SERVICEOUTPUT = "$service.output$" + NOTIFICATIONAUTHORNAME = "$notification.author$" + NOTIFICATIONCOMMENT = "$notification.comment$" + HOSTDISPLAYNAME = "$host.display_name$" + SERVICEDISPLAYNAME = "$service.display_name$" + USEREMAIL = "$user.email$" + } +} + diff --git a/icinga2/conf.d/downtimes.conf b/icinga2/conf.d/downtimes.conf new file mode 100644 index 0000000..0bed647 --- /dev/null +++ b/icinga2/conf.d/downtimes.conf @@ -0,0 +1,20 @@ +/** + * The example downtime apply rule. + */ + +apply ScheduledDowntime "backup-downtime" to Service { + author = "icingaadmin" + comment = "Scheduled downtime for backup" + + ranges = { + monday = service.vars.backup_downtime + tuesday = service.vars.backup_downtime + wednesday = service.vars.backup_downtime + thursday = service.vars.backup_downtime + friday = service.vars.backup_downtime + saturday = service.vars.backup_downtime + sunday = service.vars.backup_downtime + } + + assign where service.vars.backup_downtime != "" +} diff --git a/icinga2/conf.d/groups.conf b/icinga2/conf.d/groups.conf new file mode 100644 index 0000000..e6004a3 --- /dev/null +++ b/icinga2/conf.d/groups.conf @@ -0,0 +1,37 @@ +/** + * Host group examples. + */ + +object HostGroup "linux-servers" { + display_name = "Linux Servers" + + assign where host.vars.os == "Linux" +} + +object HostGroup "windows-servers" { + display_name = "Windows Servers" + + assign where host.vars.os == "Windows" +} + +/** + * Service group examples. + */ + +object ServiceGroup "ping" { + display_name = "Ping Checks" + + assign where match("ping*", service.name) +} + +object ServiceGroup "http" { + display_name = "HTTP Checks" + + assign where match("http*", service.check_command) +} + +object ServiceGroup "disk" { + display_name = "Disk Checks" + + assign where match("disk*", service.check_command) +} diff --git a/icinga2/conf.d/hosts.conf b/icinga2/conf.d/hosts.conf new file mode 100644 index 0000000..5ff1f9b --- /dev/null +++ b/icinga2/conf.d/hosts.conf @@ -0,0 +1,52 @@ +/* + * Host definitions with object attributes + * used for apply rules for Service, Notification, + * Dependency and ScheduledDowntime objects. + * + * Tip: Use `icinga2 object list --type Host` to + * list all host objects after running + * configuration validation (`icinga2 daemon -C`). + */ + +/* + * This is an example host based on your + * local host's FQDN. Specify the NodeName + * constant in `constants.conf` or use your + * own description, e.g. "db-host-1". + */ + +object Host NodeName { + /* Import the default host template defined in `templates.conf`. */ + import "generic-host" + + /* Specify the address attributes for checks e.g. `ssh` or `http`. */ + address = "127.0.0.1" + address6 = "::1" + + /* Set custom attribute `os` for hostgroup assignment in `groups.conf`. */ + vars.os = "Linux" + + /* Define http vhost attributes for service apply rules in `services.conf`. */ + vars.http_vhosts["http"] = { + http_uri = "/" + } + /* Uncomment if you've sucessfully installed Icinga Web 2. */ + //vars.http_vhosts["Icinga Web 2"] = { + // http_uri = "/icingaweb2" + //} + + /* Define disks and attributes for service apply rules in `services.conf`. */ + vars.disks["disk"] = { + /* No parameters. */ + } + vars.disks["disk /"] = { + disk_partitions = "/" + } + + /* Define notification mail attributes for notification apply rules in `notifications.conf`. */ + vars.notification["mail"] = { + /* The UserGroup `icingaadmins` is defined in `users.conf`. */ + groups = [ "icingaadmins" ] + } +} + diff --git a/icinga2/conf.d/notifications.conf b/icinga2/conf.d/notifications.conf new file mode 100644 index 0000000..73f0f5f --- /dev/null +++ b/icinga2/conf.d/notifications.conf @@ -0,0 +1,27 @@ +/** + * The example notification apply rules. + * + * Only applied if host/service objects have + * the custom attribute `notification` defined + * and containing `mail` as key. + * + * Check `hosts.conf` for an example. + */ + +apply Notification "mail-icingaadmin" to Host { + import "mail-host-notification" + + user_groups = host.vars.notification.mail.groups + users = host.vars.notification.mail.users + + assign where host.vars.notification.mail +} + +apply Notification "mail-icingaadmin" to Service { + import "mail-service-notification" + + user_groups = host.vars.notification.mail.groups + users = host.vars.notification.mail.users + + assign where host.vars.notification.mail +} diff --git a/icinga2/conf.d/satellite.conf b/icinga2/conf.d/satellite.conf new file mode 100644 index 0000000..4a6b97a --- /dev/null +++ b/icinga2/conf.d/satellite.conf @@ -0,0 +1,33 @@ +/* + * Host and Service templates for the Agent Setup. + */ + + +/** + * Provides settings for satellite hosts managed by 'icinga2 repository'. + * Define your global attributes here, for example custom + * attributes used for notifications, etc. + */ +template Host "satellite-host" { + vars.notification["mail"] = { + groups = [ "icingaadmins" ] + } +} + +/** + * Provides settings for satellite services managed by 'icinga2 repository'. + * Define your global satellite attributes here, for example custom + * attributes used for notifications, etc. + */ +template Service "satellite-service" { + vars.notification["mail"] = { + groups = [ "icingaadmins" ] + } +} + + +apply Dependency "satellite-host" to Host { + parent_host_name = host.zone + + assign where host.zone != "" && "satellite-host" in host.templates +} diff --git a/icinga2/conf.d/services.conf b/icinga2/conf.d/services.conf new file mode 100644 index 0000000..416915b --- /dev/null +++ b/icinga2/conf.d/services.conf @@ -0,0 +1,117 @@ +/* + * Service apply rules. + * + * The CheckCommand objects `ping4`, `ping6`, etc + * are provided by the plugin check command templates. + * Check the documentation for details. + * + * Tip: Use `icinga2 object list --type Service` to + * list all service objects after running + * configuration validation (`icinga2 daemon -C`). + */ + +/* + * This is an example host based on your + * local host's FQDN. Specify the NodeName + * constant in `constants.conf` or use your + * own description, e.g. "db-host-1". + */ + +/* + * These are generic `ping4` and `ping6` + * checks applied to all hosts having the + * `address` resp. `address6` attribute + * defined. + */ +apply Service "ping4" { + import "generic-service" + + check_command = "ping4" + + assign where host.address +} + +apply Service "ping6" { + import "generic-service" + + check_command = "ping6" + + assign where host.address6 +} + +/* + * Apply the `ssh` service to all hosts + * with the `address` attribute defined and + * the custom attribute `os` set to `Linux`. + */ +apply Service "ssh" { + import "generic-service" + + check_command = "ssh" + + assign where (host.address || host.address6) && host.vars.os == "Linux" +} + + + +apply Service for (http_vhost => config in host.vars.http_vhosts) { + import "generic-service" + + check_command = "http" + + vars += config +} + +apply Service for (disk => config in host.vars.disks) { + import "generic-service" + + check_command = "disk" + + vars += config +} + +apply Service "icinga" { + import "generic-service" + + check_command = "icinga" + + assign where host.name == NodeName +} + +apply Service "load" { + import "generic-service" + + check_command = "load" + + /* Used by the ScheduledDowntime apply rule in `downtimes.conf`. */ + vars.backup_downtime = "02:00-03:00" + + assign where host.name == NodeName +} + +apply Service "procs" { + import "generic-service" + + check_command = "procs" + + assign where host.name == NodeName +} + +apply Service "swap" { + import "generic-service" + + check_command = "swap" + + assign where host.name == NodeName +} + +apply Service "users" { + import "generic-service" + + check_command = "users" + + assign where host.name == NodeName +} + + + diff --git a/icinga2/conf.d/templates.conf b/icinga2/conf.d/templates.conf new file mode 100644 index 0000000..3588f7f --- /dev/null +++ b/icinga2/conf.d/templates.conf @@ -0,0 +1,72 @@ +/* + * Generic template examples. + */ + + +/** + * Provides default settings for hosts. By convention + * all hosts should import this template. + * + * The CheckCommand object `hostalive` is provided by + * the plugin check command templates. + * Check the documentation for details. + */ +template Host "generic-host" { + max_check_attempts = 3 + check_interval = 1m + retry_interval = 30s + + check_command = "hostalive" +} + +/** + * Provides default settings for services. By convention + * all services should import this template. + */ +template Service "generic-service" { + max_check_attempts = 5 + check_interval = 1m + retry_interval = 30s +} + +/** + * Provides default settings for users. By convention + * all users should inherit from this template. + */ + +template User "generic-user" { + +} + +/** + * Provides default settings for host notifications. + * By convention all host notifications should import + * this template. + */ +template Notification "mail-host-notification" { + command = "mail-host-notification" + + states = [ Up, Down ] + types = [ Problem, Acknowledgement, Recovery, Custom, + FlappingStart, FlappingEnd, + DowntimeStart, DowntimeEnd, DowntimeRemoved ] + + period = "24x7" +} + +/** + * Provides default settings for service notifications. + * By convention all service notifications should import + * this template. + */ +template Notification "mail-service-notification" { + command = "mail-service-notification" + + states = [ OK, Warning, Critical, Unknown ] + types = [ Problem, Acknowledgement, Recovery, Custom, + FlappingStart, FlappingEnd, + DowntimeStart, DowntimeEnd, DowntimeRemoved ] + + period = "24x7" +} + diff --git a/icinga2/conf.d/timeperiods.conf b/icinga2/conf.d/timeperiods.conf new file mode 100644 index 0000000..21fac52 --- /dev/null +++ b/icinga2/conf.d/timeperiods.conf @@ -0,0 +1,43 @@ +/** + * Sample timeperiods for Icinga 2 requiring + * 'legacy-timeperiod' template from the Icinga + * Template Library (ITL). + * Check the documentation for details. + */ + +object TimePeriod "24x7" { + import "legacy-timeperiod" + + display_name = "Icinga 2 24x7 TimePeriod" + ranges = { + "monday" = "00:00-24:00" + "tuesday" = "00:00-24:00" + "wednesday" = "00:00-24:00" + "thursday" = "00:00-24:00" + "friday" = "00:00-24:00" + "saturday" = "00:00-24:00" + "sunday" = "00:00-24:00" + } +} + +object TimePeriod "9to5" { + import "legacy-timeperiod" + + display_name = "Icinga 2 9to5 TimePeriod" + ranges = { + "monday" = "09:00-17:00" + "tuesday" = "09:00-17:00" + "wednesday" = "09:00-17:00" + "thursday" = "09:00-17:00" + "friday" = "09:00-17:00" + } +} + +object TimePeriod "never" { + import "legacy-timeperiod" + + display_name = "Icinga 2 never TimePeriod" + ranges = { + } +} + diff --git a/icinga2/conf.d/users.conf b/icinga2/conf.d/users.conf new file mode 100644 index 0000000..aa31e27 --- /dev/null +++ b/icinga2/conf.d/users.conf @@ -0,0 +1,17 @@ +/** + * The example user 'icingaadmin' and the example + * group 'icingaadmins'. + */ + +object User "icingaadmin" { + import "generic-user" + + display_name = "Icinga 2 Admin" + groups = [ "icingaadmins" ] + + email = "root@localhost" +} + +object UserGroup "icingaadmins" { + display_name = "Icinga 2 Admin Group" +} diff --git a/icinga2/constants.conf b/icinga2/constants.conf new file mode 100644 index 0000000..29232d6 --- /dev/null +++ b/icinga2/constants.conf @@ -0,0 +1,28 @@ +/** + * This file defines global constants which can be used in + * the other configuration files. + */ + +/* The directory which contains the plugins from the Monitoring Plugins project. */ +const PluginDir = "/usr/lib/nagios/plugins" + +/* The directory which contains the Manubulon plugins. + * Check the documentation, chapter "SNMP Manubulon Plugin Check Commands", for details. + */ +const ManubulonPluginDir = "/usr/lib/nagios/plugins" + +/* The directory which you use to store additional plugins which ITL provides user contributed command definitions for. + * Check the documentation, chapter "Plugins Contribution", for details. + */ +const PluginContribDir = "/usr/lib/nagios/plugins" + +/* Our local instance name. By default this is the server's hostname as returned by `hostname --fqdn`. + * This should be the common name from the API certificate. + */ +//const NodeName = "localhost" + +/* Our local zone name. */ +const ZoneName = NodeName + +/* Secret key for remote node tickets */ +const TicketSalt = "" diff --git a/icinga2/features-available/api.conf b/icinga2/features-available/api.conf new file mode 100644 index 0000000..0136de0 --- /dev/null +++ b/icinga2/features-available/api.conf @@ -0,0 +1,11 @@ +/** + * The API listener is used for distributed monitoring setups. + */ + +object ApiListener "api" { + cert_path = SysconfDir + "/icinga2/pki/" + NodeName + ".crt" + key_path = SysconfDir + "/icinga2/pki/" + NodeName + ".key" + ca_path = SysconfDir + "/icinga2/pki/ca.crt" + + ticket_salt = TicketSalt +} diff --git a/icinga2/features-available/checker.conf b/icinga2/features-available/checker.conf new file mode 100644 index 0000000..1139e62 --- /dev/null +++ b/icinga2/features-available/checker.conf @@ -0,0 +1,7 @@ +/** + * The checker component takes care of executing service checks. + */ + +library "checker" + +object CheckerComponent "checker" { } diff --git a/icinga2/features-available/command.conf b/icinga2/features-available/command.conf new file mode 100644 index 0000000..3583056 --- /dev/null +++ b/icinga2/features-available/command.conf @@ -0,0 +1,9 @@ +/** + * The ExternalCommandListener implements support for the external + * commands pipe. + */ + +library "compat" + +object ExternalCommandListener "command" { } + diff --git a/icinga2/features-available/compatlog.conf b/icinga2/features-available/compatlog.conf new file mode 100644 index 0000000..58c5df7 --- /dev/null +++ b/icinga2/features-available/compatlog.conf @@ -0,0 +1,9 @@ +/** + * The CompatLogger type is responsible for writing log files in a format + * that is compatible with Icinga 1.x. + */ + +library "compat" + +object CompatLogger "compatlog" { } + diff --git a/icinga2/features-available/debuglog.conf b/icinga2/features-available/debuglog.conf new file mode 100644 index 0000000..6e8e581 --- /dev/null +++ b/icinga2/features-available/debuglog.conf @@ -0,0 +1,11 @@ +/** + * The FileLogger type writes log information to a log file. + * Unlike the mainlog feature this sets up a logger + * with severity "debug". + */ + +object FileLogger "debug-file" { + severity = "debug" + path = LocalStateDir + "/log/icinga2/debug.log" +} + diff --git a/icinga2/features-available/gelf.conf b/icinga2/features-available/gelf.conf new file mode 100644 index 0000000..2db44ef --- /dev/null +++ b/icinga2/features-available/gelf.conf @@ -0,0 +1,12 @@ +/** + * The GelfWriter type writes event log entries + * to a GELF tcp socket provided by Graylog, + * Logstash or any other receiver. + */ + +library "perfdata" + +object GelfWriter "gelf" { + //host = "127.0.0.1" + //port = 12201 +} diff --git a/icinga2/features-available/graphite.conf b/icinga2/features-available/graphite.conf new file mode 100644 index 0000000..f2e59d9 --- /dev/null +++ b/icinga2/features-available/graphite.conf @@ -0,0 +1,11 @@ +/** + * The GraphiteWriter type writes check result metrics and + * performance data to a graphite tcp socket. + */ + +library "perfdata" + +object GraphiteWriter "graphite" { + //host = "127.0.0.1" + //port = 2003 +} diff --git a/icinga2/features-available/influxdb.conf b/icinga2/features-available/influxdb.conf new file mode 100644 index 0000000..058568b --- /dev/null +++ b/icinga2/features-available/influxdb.conf @@ -0,0 +1,25 @@ +/** + * The InfluxdbWriter type writes check result metrics and + * performance data to an InfluxDB HTTP API + */ + +library "perfdata" + +object InfluxdbWriter "influxdb" { + //host = "127.0.0.1" + //port = 8086 + //database = "icinga2" + //host_template = { + // measurement = "$host.check_command$" + // tags = { + // hostname = "$host.name$" + // } + //} + //service_template = { + // measurement = "$service.check_command$" + // tags = { + // hostname = "$host.name$" + // service = "$service.name$" + // } + //} +} diff --git a/icinga2/features-available/livestatus.conf b/icinga2/features-available/livestatus.conf new file mode 100644 index 0000000..45d44d6 --- /dev/null +++ b/icinga2/features-available/livestatus.conf @@ -0,0 +1,8 @@ +/** + * The livestatus library implements the livestatus query protocol. + */ + +library "livestatus" + +object LivestatusListener "livestatus" { } + diff --git a/icinga2/features-available/mainlog.conf b/icinga2/features-available/mainlog.conf new file mode 100644 index 0000000..ded9a7c --- /dev/null +++ b/icinga2/features-available/mainlog.conf @@ -0,0 +1,9 @@ +/** + * The FileLogger type writes log information to a file. + */ + +object FileLogger "main-log" { + severity = "information" + path = LocalStateDir + "/log/icinga2/icinga2.log" +} + diff --git a/icinga2/features-available/notification.conf b/icinga2/features-available/notification.conf new file mode 100644 index 0000000..aa22f60 --- /dev/null +++ b/icinga2/features-available/notification.conf @@ -0,0 +1,7 @@ +/** + * The notification component takes care of executing service checks. + */ + +library "notification" + +object NotificationComponent "notification" { } diff --git a/icinga2/features-available/opentsdb.conf b/icinga2/features-available/opentsdb.conf new file mode 100644 index 0000000..fcb547d --- /dev/null +++ b/icinga2/features-available/opentsdb.conf @@ -0,0 +1,11 @@ +/** + * The OpenTsdbWriter type writes check result metrics and + * performance data to a OpenTSDB tcp socket. + */ + +library "perfdata" + +object OpenTsdbWriter "opentsdb" { + //host = "127.0.0.1" + //port = 4242 +} diff --git a/icinga2/features-available/perfdata.conf b/icinga2/features-available/perfdata.conf new file mode 100644 index 0000000..356431f --- /dev/null +++ b/icinga2/features-available/perfdata.conf @@ -0,0 +1,8 @@ +/** + * The PerfdataWriter type writes performance data files and rotates + * them in a regular interval. + */ + +library "perfdata" + +object PerfdataWriter "perfdata" { } diff --git a/icinga2/features-available/statusdata.conf b/icinga2/features-available/statusdata.conf new file mode 100644 index 0000000..af02aa5 --- /dev/null +++ b/icinga2/features-available/statusdata.conf @@ -0,0 +1,10 @@ +/** + * The StatusDataWriter type periodically updates the status.dat and objects.cache + * files. These are used by the Icinga 1.x CGIs to display the state of + * hosts and services. + */ + +library "compat" + +object StatusDataWriter "status" { } + diff --git a/icinga2/features-available/syslog.conf b/icinga2/features-available/syslog.conf new file mode 100644 index 0000000..3b794b4 --- /dev/null +++ b/icinga2/features-available/syslog.conf @@ -0,0 +1,8 @@ +/** + * The SyslogLogger type writes log information to syslog. + */ + +object SyslogLogger "syslog" { + severity = "warning" +} + diff --git a/icinga2/features-enabled/checker.conf b/icinga2/features-enabled/checker.conf new file mode 120000 index 0000000..d51cf79 --- /dev/null +++ b/icinga2/features-enabled/checker.conf @@ -0,0 +1 @@ +../features-available/checker.conf \ No newline at end of file diff --git a/icinga2/features-enabled/mainlog.conf b/icinga2/features-enabled/mainlog.conf new file mode 120000 index 0000000..6bda4a5 --- /dev/null +++ b/icinga2/features-enabled/mainlog.conf @@ -0,0 +1 @@ +../features-available/mainlog.conf \ No newline at end of file diff --git a/icinga2/features-enabled/notification.conf b/icinga2/features-enabled/notification.conf new file mode 120000 index 0000000..c31d3b4 --- /dev/null +++ b/icinga2/features-enabled/notification.conf @@ -0,0 +1 @@ +../features-available/notification.conf \ No newline at end of file diff --git a/icinga2/icinga2.conf b/icinga2/icinga2.conf new file mode 100644 index 0000000..a809b96 --- /dev/null +++ b/icinga2/icinga2.conf @@ -0,0 +1,63 @@ +/** + * Icinga 2 configuration file + * - this is where you define settings for the Icinga application including + * which hosts/services to check. + * + * For an overview of all available configuration options please refer + * to the documentation that is distributed as part of Icinga 2. + */ + +/** + * The constants.conf defines global constants. + */ +include "constants.conf" + +/** + * The zones.conf defines zones for a cluster setup. + * Not required for single instance setups. + */ +include "zones.conf" + +/** + * The Icinga Template Library (ITL) provides a number of useful templates + * and command definitions. + * Common monitoring plugin command definitions are included separately. + */ +include +include +include +include + +/** + * This includes the Icinga 2 Windows plugins. These command definitions + * are required on a master node when a client is used as command endpoint. + */ +include + +/** + * This includes the NSClient++ check commands. These command definitions + * are required on a master node when a client is used as command endpoint. + */ +include + +/** + * The features-available directory contains a number of configuration + * files for features which can be enabled and disabled using the + * icinga2 feature enable / icinga2 feature disable CLI commands. + * These commands work by creating and removing symbolic links in + * the features-enabled directory. + */ +include "features-enabled/*.conf" + +/** + * The repository.d directory contains all configuration objects + * managed by the 'icinga2 repository' CLI commands. + */ +include_recursive "repository.d" + +/** + * Although in theory you could define all your objects in this file + * the preferred way is to create separate directories and files in the conf.d + * directory. Each of these files must have the file extension ".conf". + */ +include_recursive "conf.d" diff --git a/icinga2/init.conf b/icinga2/init.conf new file mode 100644 index 0000000..16a9041 --- /dev/null +++ b/icinga2/init.conf @@ -0,0 +1,7 @@ +/** + * This file is read by Icinga 2 before the main + * configuration file (icinga2.conf) is processed. + */ + +const RunAsUser = "nagios" +const RunAsGroup = "nagios" diff --git a/icinga2/repository.d/README b/icinga2/repository.d/README new file mode 100644 index 0000000..a5da082 --- /dev/null +++ b/icinga2/repository.d/README @@ -0,0 +1,3 @@ +This directory contains configuration files managed by 'icinga2 repository' +cli commands. Please run 'icinga2 repository --help' to see all available +options. diff --git a/icinga2/scripts/mail-host-notification.sh b/icinga2/scripts/mail-host-notification.sh new file mode 100755 index 0000000..e1ac716 --- /dev/null +++ b/icinga2/scripts/mail-host-notification.sh @@ -0,0 +1,20 @@ +#!/bin/sh +template=`cat <