diff --git a/monitoring/icinga2/conf.d/api-users.conf b/monitoring/icinga2/conf.d/api-users.conf new file mode 100644 index 0000000..5d8b053 --- /dev/null +++ b/monitoring/icinga2/conf.d/api-users.conf @@ -0,0 +1,9 @@ +/** + * The ApiUser objects are used for authentication against the API. + */ +object ApiUser "root" { + password = "pass" + // client_cn = "" + + permissions = [ "*" ] +} diff --git a/monitoring/icinga2/conf.d/app.conf b/monitoring/icinga2/conf.d/app.conf new file mode 100644 index 0000000..3e4be0d --- /dev/null +++ b/monitoring/icinga2/conf.d/app.conf @@ -0,0 +1 @@ +object IcingaApplication "app" { } diff --git a/monitoring/icinga2/conf.d/apt.conf b/monitoring/icinga2/conf.d/apt.conf new file mode 100644 index 0000000..b2c77a0 --- /dev/null +++ b/monitoring/icinga2/conf.d/apt.conf @@ -0,0 +1,7 @@ +apply Service "apt" { + import "generic-service" + + check_command = "apt" + + assign where host.name == NodeName +} diff --git a/monitoring/icinga2/conf.d/commands.conf b/monitoring/icinga2/conf.d/commands.conf new file mode 100644 index 0000000..bd511ce --- /dev/null +++ b/monitoring/icinga2/conf.d/commands.conf @@ -0,0 +1,187 @@ +/* Command objects */ + +/* Notification Commands + * + * Please check the documentation for all required and + * optional parameters. + */ + +object NotificationCommand "mail-host-notification" { + command = [ ConfigDir + "/scripts/mail-host-notification.sh" ] + + arguments += { + "-4" = "$notification_address$" + "-6" = "$notification_address6$" + "-b" = "$notification_author$" + "-c" = "$notification_comment$" + "-d" = { + required = true + value = "$notification_date$" + } + "-f" = { + value = "$notification_from$" + description = "Set from address. Requires GNU mailutils (Debian/Ubuntu) or mailx (RHEL/SUSE)" + } + "-i" = "$notification_icingaweb2url$" + "-l" = { + required = true + value = "$notification_hostname$" + } + "-n" = { + required = true + value = "$notification_hostdisplayname$" + } + "-o" = { + required = true + value = "$notification_hostoutput$" + } + "-r" = { + required = true + value = "$notification_useremail$" + } + "-s" = { + required = true + value = "$notification_hoststate$" + } + "-t" = { + required = true + value = "$notification_type$" + } + "-v" = "$notification_logtosyslog$" + } + + vars += { + notification_address = "$address$" + notification_address6 = "$address6$" + notification_author = "$notification.author$" + notification_comment = "$notification.comment$" + notification_type = "$notification.type$" + notification_date = "$icinga.long_date_time$" + notification_hostname = "$host.name$" + notification_hostdisplayname = "$host.display_name$" + notification_hostoutput = "$host.output$" + notification_hoststate = "$host.state$" + notification_useremail = "$user.email$" + } +} + +object NotificationCommand "mail-service-notification" { + command = [ ConfigDir + "/scripts/mail-service-notification.sh" ] + + arguments += { + "-4" = "$notification_address$" + "-6" = "$notification_address6$" + "-b" = "$notification_author$" + "-c" = "$notification_comment$" + "-d" = { + required = true + value = "$notification_date$" + } + "-e" = { + required = true + value = "$notification_servicename$" + } + "-f" = { + value = "$notification_from$" + description = "Set from address. Requires GNU mailutils (Debian/Ubuntu) or mailx (RHEL/SUSE)" + } + "-i" = "$notification_icingaweb2url$" + "-l" = { + required = true + value = "$notification_hostname$" + } + "-n" = { + required = true + value = "$notification_hostdisplayname$" + } + "-o" = { + required = true + value = "$notification_serviceoutput$" + } + "-r" = { + required = true + value = "$notification_useremail$" + } + "-s" = { + required = true + value = "$notification_servicestate$" + } + "-t" = { + required = true + value = "$notification_type$" + } + "-u" = { + required = true + value = "$notification_servicedisplayname$" + } + "-v" = "$notification_logtosyslog$" + } + + vars += { + notification_address = "$address$" + notification_address6 = "$address6$" + notification_author = "$notification.author$" + notification_comment = "$notification.comment$" + notification_type = "$notification.type$" + notification_date = "$icinga.long_date_time$" + notification_hostname = "$host.name$" + notification_hostdisplayname = "$host.display_name$" + notification_servicename = "$service.name$" + notification_serviceoutput = "$service.output$" + notification_servicestate = "$service.state$" + notification_useremail = "$user.email$" + notification_servicedisplayname = "$service.display_name$" + } +} + +/* + * If you prefer to use the notification scripts with environment + * variables instead of command line parameters, you can use + * the following commands. They have been updated from < 2.7 + * to support the new notification scripts and should help + * with an upgrade. + * Remove the comment blocks and comment the notification commands above. + */ + +/* + +object NotificationCommand "mail-host-notification" { + command = [ ConfigDir + "/scripts/mail-host-notification.sh" ] + + env = { + NOTIFICATIONTYPE = "$notification.type$" + HOSTDISPLAYNAME = "$host.display_name$" + HOSTNAME = "$host.name$" + HOSTADDRESS = "$address$" + HOSTSTATE = "$host.state$" + LONGDATETIME = "$icinga.long_date_time$" + HOSTOUTPUT = "$host.output$" + NOTIFICATIONAUTHORNAME = "$notification.author$" + NOTIFICATIONCOMMENT = "$notification.comment$" + HOSTDISPLAYNAME = "$host.display_name$" + USEREMAIL = "$user.email$" + } +} + +object NotificationCommand "mail-service-notification" { + command = [ ConfigDir + "/scripts/mail-service-notification.sh" ] + + env = { + NOTIFICATIONTYPE = "$notification.type$" + SERVICENAME = "$service.name$" + HOSTNAME = "$host.name$" + HOSTDISPLAYNAME = "$host.display_name$" + HOSTADDRESS = "$address$" + SERVICESTATE = "$service.state$" + LONGDATETIME = "$icinga.long_date_time$" + SERVICEOUTPUT = "$service.output$" + NOTIFICATIONAUTHORNAME = "$notification.author$" + NOTIFICATIONCOMMENT = "$notification.comment$" + HOSTDISPLAYNAME = "$host.display_name$" + SERVICEDISPLAYNAME = "$service.display_name$" + USEREMAIL = "$user.email$" + } +} + +*/ + diff --git a/monitoring/icinga2/conf.d/downtimes.conf b/monitoring/icinga2/conf.d/downtimes.conf new file mode 100644 index 0000000..0bed647 --- /dev/null +++ b/monitoring/icinga2/conf.d/downtimes.conf @@ -0,0 +1,20 @@ +/** + * The example downtime apply rule. + */ + +apply ScheduledDowntime "backup-downtime" to Service { + author = "icingaadmin" + comment = "Scheduled downtime for backup" + + ranges = { + monday = service.vars.backup_downtime + tuesday = service.vars.backup_downtime + wednesday = service.vars.backup_downtime + thursday = service.vars.backup_downtime + friday = service.vars.backup_downtime + saturday = service.vars.backup_downtime + sunday = service.vars.backup_downtime + } + + assign where service.vars.backup_downtime != "" +} diff --git a/monitoring/icinga2/conf.d/groups.conf b/monitoring/icinga2/conf.d/groups.conf new file mode 100644 index 0000000..f842523 --- /dev/null +++ b/monitoring/icinga2/conf.d/groups.conf @@ -0,0 +1,31 @@ +/** + * Host group examples. + */ + +object HostGroup "linux-servers" { + display_name = "Linux Servers" + + assign where host.vars.os == "Linux" +} + +/** + * Service group examples. + */ + +object ServiceGroup "ping" { + display_name = "Ping Checks" + + assign where match("ping*", service.name) +} + +object ServiceGroup "http" { + display_name = "HTTP Checks" + + assign where match("http*", service.check_command) +} + +object ServiceGroup "disk" { + display_name = "Disk Checks" + + assign where match("disk*", service.check_command) +} diff --git a/monitoring/icinga2/conf.d/hosts.conf b/monitoring/icinga2/conf.d/hosts.conf new file mode 100644 index 0000000..0118f03 --- /dev/null +++ b/monitoring/icinga2/conf.d/hosts.conf @@ -0,0 +1,52 @@ +/* + * Host definitions with object attributes + * used for apply rules for Service, Notification, + * Dependency and ScheduledDowntime objects. + * + * Tip: Use `icinga2 object list --type Host` to + * list all host objects after running + * configuration validation (`icinga2 daemon -C`). + */ + +/* + * This is an example host based on your + * local host's FQDN. Specify the NodeName + * constant in `constants.conf` or use your + * own description, e.g. "db-host-1". + */ + +object Host NodeName { + /* Import the default host template defined in `templates.conf`. */ + import "generic-host" + + /* Specify the address attributes for checks e.g. `ssh` or `http`. */ + address = "127.0.0.1" + address6 = "::1" + + /* Set custom variable `os` for hostgroup assignment in `groups.conf`. */ + vars.os = "Linux" + + /* Define http vhost attributes for service apply rules in `services.conf`. */ + vars.http_vhosts["http"] = { + http_uri = "/" + } + /* Uncomment if you've sucessfully installed Icinga Web 2. */ + //vars.http_vhosts["Icinga Web 2"] = { + // http_uri = "/icingaweb2" + //} + + /* Define disks and attributes for service apply rules in `services.conf`. */ + vars.disks["disk"] = { + /* No parameters. */ + } + vars.disks["disk /"] = { + disk_partitions = "/" + } + + /* Define notification mail attributes for notification apply rules in `notifications.conf`. */ + vars.notification["mail"] = { + /* The UserGroup `icingaadmins` is defined in `users.conf`. */ + groups = [ "icingaadmins" ] + } +} + diff --git a/monitoring/icinga2/conf.d/notifications.conf b/monitoring/icinga2/conf.d/notifications.conf new file mode 100644 index 0000000..ac65875 --- /dev/null +++ b/monitoring/icinga2/conf.d/notifications.conf @@ -0,0 +1,33 @@ +/** + * The example notification apply rules. + * + * Only applied if host/service objects have + * the custom variable `notification` defined + * and containing `mail` as key. + * + * Check `hosts.conf` for an example. + */ + +apply Notification "mail-icingaadmin" to Host { + import "mail-host-notification" + user_groups = host.vars.notification.mail.groups + users = host.vars.notification.mail.users + + //interval = 2h + + //vars.notification_logtosyslog = true + + assign where host.vars.notification.mail +} + +apply Notification "mail-icingaadmin" to Service { + import "mail-service-notification" + user_groups = host.vars.notification.mail.groups + users = host.vars.notification.mail.users + + //interval = 2h + + //vars.notification_logtosyslog = true + + assign where host.vars.notification.mail +} diff --git a/monitoring/icinga2/conf.d/satellite.conf b/monitoring/icinga2/conf.d/satellite.conf new file mode 100644 index 0000000..4a6b97a --- /dev/null +++ b/monitoring/icinga2/conf.d/satellite.conf @@ -0,0 +1,33 @@ +/* + * Host and Service templates for the Agent Setup. + */ + + +/** + * Provides settings for satellite hosts managed by 'icinga2 repository'. + * Define your global attributes here, for example custom + * attributes used for notifications, etc. + */ +template Host "satellite-host" { + vars.notification["mail"] = { + groups = [ "icingaadmins" ] + } +} + +/** + * Provides settings for satellite services managed by 'icinga2 repository'. + * Define your global satellite attributes here, for example custom + * attributes used for notifications, etc. + */ +template Service "satellite-service" { + vars.notification["mail"] = { + groups = [ "icingaadmins" ] + } +} + + +apply Dependency "satellite-host" to Host { + parent_host_name = host.zone + + assign where host.zone != "" && "satellite-host" in host.templates +} diff --git a/monitoring/icinga2/conf.d/services.conf b/monitoring/icinga2/conf.d/services.conf new file mode 100644 index 0000000..c8e1b3c --- /dev/null +++ b/monitoring/icinga2/conf.d/services.conf @@ -0,0 +1,117 @@ +/* + * Service apply rules. + * + * The CheckCommand objects `ping4`, `ping6`, etc + * are provided by the plugin check command templates. + * Check the documentation for details. + * + * Tip: Use `icinga2 object list --type Service` to + * list all service objects after running + * configuration validation (`icinga2 daemon -C`). + */ + +/* + * This is an example host based on your + * local host's FQDN. Specify the NodeName + * constant in `constants.conf` or use your + * own description, e.g. "db-host-1". + */ + +/* + * These are generic `ping4` and `ping6` + * checks applied to all hosts having the + * `address` resp. `address6` attribute + * defined. + */ +apply Service "ping4" { + import "generic-service" + + check_command = "ping4" + + assign where host.address +} + +apply Service "ping6" { + import "generic-service" + + check_command = "ping6" + + assign where host.address6 +} + +/* + * Apply the `ssh` service to all hosts + * with the `address` attribute defined and + * the custom variable `os` set to `Linux`. + */ +apply Service "ssh" { + import "generic-service" + + check_command = "ssh" + + assign where (host.address || host.address6) && host.vars.os == "Linux" +} + + + +apply Service for (http_vhost => config in host.vars.http_vhosts) { + import "generic-service" + + check_command = "http" + + vars += config +} + +apply Service for (disk => config in host.vars.disks) { + import "generic-service" + + check_command = "disk" + + vars += config +} + +apply Service "icinga" { + import "generic-service" + + check_command = "icinga" + + assign where host.name == NodeName +} + +apply Service "load" { + import "generic-service" + + check_command = "load" + + /* Used by the ScheduledDowntime apply rule in `downtimes.conf`. */ + vars.backup_downtime = "02:00-03:00" + + assign where host.name == NodeName +} + +apply Service "procs" { + import "generic-service" + + check_command = "procs" + + assign where host.name == NodeName +} + +apply Service "swap" { + import "generic-service" + + check_command = "swap" + + assign where host.name == NodeName +} + +apply Service "users" { + import "generic-service" + + check_command = "users" + + assign where host.name == NodeName +} + + + diff --git a/monitoring/icinga2/conf.d/templates.conf b/monitoring/icinga2/conf.d/templates.conf new file mode 100644 index 0000000..5655e3f --- /dev/null +++ b/monitoring/icinga2/conf.d/templates.conf @@ -0,0 +1,83 @@ +/* + * Generic template examples. + */ + + +/** + * Provides default settings for hosts. By convention + * all hosts should import this template. + * + * The CheckCommand object `hostalive` is provided by + * the plugin check command templates. + * Check the documentation for details. + */ +template Host "generic-host" { + max_check_attempts = 3 + check_interval = 1m + retry_interval = 30s + + check_command = "hostalive" +} + +/** + * Provides default settings for services. By convention + * all services should import this template. + */ +template Service "generic-service" { + max_check_attempts = 5 + check_interval = 1m + retry_interval = 30s +} + +/** + * Provides default settings for users. By convention + * all users should inherit from this template. + */ + +template User "generic-user" { + +} + +/** + * Provides default settings for host notifications. + * By convention all host notifications should import + * this template. + */ +template Notification "mail-host-notification" { + command = "mail-host-notification" + + states = [ Up, Down ] + types = [ Problem, Acknowledgement, Recovery, Custom, + FlappingStart, FlappingEnd, + DowntimeStart, DowntimeEnd, DowntimeRemoved ] + + vars += { + // notification_icingaweb2url = "https://www.example.com/icingaweb2" + // notification_from = "Icinga 2 Host Monitoring " + notification_logtosyslog = false + } + + period = "24x7" +} + +/** + * Provides default settings for service notifications. + * By convention all service notifications should import + * this template. + */ +template Notification "mail-service-notification" { + command = "mail-service-notification" + + states = [ OK, Warning, Critical, Unknown ] + types = [ Problem, Acknowledgement, Recovery, Custom, + FlappingStart, FlappingEnd, + DowntimeStart, DowntimeEnd, DowntimeRemoved ] + + vars += { + // notification_icingaweb2url = "https://www.example.com/icingaweb2" + // notification_from = "Icinga 2 Service Monitoring " + notification_logtosyslog = false + } + + period = "24x7" +} diff --git a/monitoring/icinga2/conf.d/timeperiods.conf b/monitoring/icinga2/conf.d/timeperiods.conf new file mode 100644 index 0000000..ea162ff --- /dev/null +++ b/monitoring/icinga2/conf.d/timeperiods.conf @@ -0,0 +1,35 @@ +/** + * Sample timeperiods for Icinga 2. + * Check the documentation for details. + */ + +object TimePeriod "24x7" { + display_name = "Icinga 2 24x7 TimePeriod" + ranges = { + "monday" = "00:00-24:00" + "tuesday" = "00:00-24:00" + "wednesday" = "00:00-24:00" + "thursday" = "00:00-24:00" + "friday" = "00:00-24:00" + "saturday" = "00:00-24:00" + "sunday" = "00:00-24:00" + } +} + +object TimePeriod "9to5" { + display_name = "Icinga 2 9to5 TimePeriod" + ranges = { + "monday" = "09:00-17:00" + "tuesday" = "09:00-17:00" + "wednesday" = "09:00-17:00" + "thursday" = "09:00-17:00" + "friday" = "09:00-17:00" + } +} + +object TimePeriod "never" { + display_name = "Icinga 2 never TimePeriod" + ranges = { + } +} + diff --git a/monitoring/icinga2/conf.d/users.conf b/monitoring/icinga2/conf.d/users.conf new file mode 100644 index 0000000..aa31e27 --- /dev/null +++ b/monitoring/icinga2/conf.d/users.conf @@ -0,0 +1,17 @@ +/** + * The example user 'icingaadmin' and the example + * group 'icingaadmins'. + */ + +object User "icingaadmin" { + import "generic-user" + + display_name = "Icinga 2 Admin" + groups = [ "icingaadmins" ] + + email = "root@localhost" +} + +object UserGroup "icingaadmins" { + display_name = "Icinga 2 Admin Group" +} diff --git a/monitoring/icinga2/constants.conf b/monitoring/icinga2/constants.conf new file mode 100644 index 0000000..2d32308 --- /dev/null +++ b/monitoring/icinga2/constants.conf @@ -0,0 +1,28 @@ +/** + * This file defines global constants which can be used in + * the other configuration files. + */ + +/* The directory which contains the plugins from the Monitoring Plugins project. */ +const PluginDir = "/usr/lib/nagios/plugins" + +/* The directory which contains the Manubulon plugins. + * Check the documentation, chapter "SNMP Manubulon Plugin Check Commands", for details. + */ +const ManubulonPluginDir = "/usr/lib/nagios/plugins" + +/* The directory which you use to store additional plugins which ITL provides user contributed command definitions for. + * Check the documentation, chapter "Plugins Contribution", for details. + */ +const PluginContribDir = "/usr/lib/nagios/plugins" + +/* Our local instance name. By default this is the server's hostname as returned by `hostname --fqdn`. + * This should be the common name from the API certificate. + */ +const NodeName = "vin.openfest.org" + +/* Our local zone name. */ +const ZoneName = "vin.openfest.org" + +/* Secret key for remote node tickets */ +const TicketSalt = "" diff --git a/monitoring/icinga2/constants.conf.orig b/monitoring/icinga2/constants.conf.orig new file mode 100644 index 0000000..29232d6 --- /dev/null +++ b/monitoring/icinga2/constants.conf.orig @@ -0,0 +1,28 @@ +/** + * This file defines global constants which can be used in + * the other configuration files. + */ + +/* The directory which contains the plugins from the Monitoring Plugins project. */ +const PluginDir = "/usr/lib/nagios/plugins" + +/* The directory which contains the Manubulon plugins. + * Check the documentation, chapter "SNMP Manubulon Plugin Check Commands", for details. + */ +const ManubulonPluginDir = "/usr/lib/nagios/plugins" + +/* The directory which you use to store additional plugins which ITL provides user contributed command definitions for. + * Check the documentation, chapter "Plugins Contribution", for details. + */ +const PluginContribDir = "/usr/lib/nagios/plugins" + +/* Our local instance name. By default this is the server's hostname as returned by `hostname --fqdn`. + * This should be the common name from the API certificate. + */ +//const NodeName = "localhost" + +/* Our local zone name. */ +const ZoneName = NodeName + +/* Secret key for remote node tickets */ +const TicketSalt = "" diff --git a/monitoring/icinga2/features-enabled/checker.conf b/monitoring/icinga2/features-enabled/checker.conf new file mode 100644 index 0000000..6f003b8 --- /dev/null +++ b/monitoring/icinga2/features-enabled/checker.conf @@ -0,0 +1,5 @@ +/** + * The checker component takes care of executing service checks. + */ + +object CheckerComponent "checker" { } diff --git a/monitoring/icinga2/features-enabled/command.conf b/monitoring/icinga2/features-enabled/command.conf new file mode 100644 index 0000000..ffdd143 --- /dev/null +++ b/monitoring/icinga2/features-enabled/command.conf @@ -0,0 +1,7 @@ +/** + * The ExternalCommandListener implements support for the external + * commands pipe. + */ + +object ExternalCommandListener "command" { } + diff --git a/monitoring/icinga2/features-enabled/ido-mysql.conf b/monitoring/icinga2/features-enabled/ido-mysql.conf new file mode 100644 index 0000000..eee072d --- /dev/null +++ b/monitoring/icinga2/features-enabled/ido-mysql.conf @@ -0,0 +1,14 @@ +/** + * The db_ido_mysql library implements IDO functionality + * for MySQL. + */ + +library "db_ido_mysql" + +object IdoMysqlConnection "ido-mysql" { + user = "user", + password = "pass", + host = "localhost", + database = "icinga2" +} + diff --git a/monitoring/icinga2/features-enabled/mainlog.conf b/monitoring/icinga2/features-enabled/mainlog.conf new file mode 100644 index 0000000..a3bb19d --- /dev/null +++ b/monitoring/icinga2/features-enabled/mainlog.conf @@ -0,0 +1,8 @@ +/** + * The FileLogger type writes log information to a file. + */ + +object FileLogger "main-log" { + severity = "information" + path = LogDir + "/icinga2.log" +} diff --git a/monitoring/icinga2/features-enabled/notification.conf b/monitoring/icinga2/features-enabled/notification.conf new file mode 100644 index 0000000..3f9a88e --- /dev/null +++ b/monitoring/icinga2/features-enabled/notification.conf @@ -0,0 +1,5 @@ +/** + * The notification component is responsible for sending notifications. + */ + +object NotificationComponent "notification" { } diff --git a/monitoring/icinga2/icinga2.conf b/monitoring/icinga2/icinga2.conf new file mode 100644 index 0000000..d583d0c --- /dev/null +++ b/monitoring/icinga2/icinga2.conf @@ -0,0 +1,57 @@ +/** + * Icinga 2 configuration file + * - this is where you define settings for the Icinga application including + * which hosts/services to check. + * + * For an overview of all available configuration options please refer + * to the documentation that is distributed as part of Icinga 2. + */ + +/** + * The constants.conf defines global constants. + */ +include "constants.conf" + +/** + * The zones.conf defines zones for a cluster setup. + * Not required for single instance setups. +include "zones.conf" + */ + +/** + * The Icinga Template Library (ITL) provides a number of useful templates + * and command definitions. + * Common monitoring plugin command definitions are included separately. + */ +include +include +include +include + +/** + * This includes the Icinga 2 Windows plugins. These command definitions + * are required on a master node when a client is used as command endpoint. +include + */ + +/** + * This includes the NSClient++ check commands. These command definitions + * are required on a master node when a client is used as command endpoint. + */ +include + +/** + * The features-available directory contains a number of configuration + * files for features which can be enabled and disabled using the + * icinga2 feature enable / icinga2 feature disable CLI commands. + * These commands work by creating and removing symbolic links in + * the features-enabled directory. + */ +include "features-enabled/*.conf" + +/** + * Although in theory you could define all your objects in this file + * the preferred way is to create separate directories and files in the conf.d + * directory. Each of these files must have the file extension ".conf". + */ +include_recursive "conf.d" diff --git a/monitoring/icinga2/init.conf b/monitoring/icinga2/init.conf new file mode 100644 index 0000000..16a9041 --- /dev/null +++ b/monitoring/icinga2/init.conf @@ -0,0 +1,7 @@ +/** + * This file is read by Icinga 2 before the main + * configuration file (icinga2.conf) is processed. + */ + +const RunAsUser = "nagios" +const RunAsGroup = "nagios" diff --git a/monitoring/icinga2/repository.d/README b/monitoring/icinga2/repository.d/README new file mode 100644 index 0000000..a5da082 --- /dev/null +++ b/monitoring/icinga2/repository.d/README @@ -0,0 +1,3 @@ +This directory contains configuration files managed by 'icinga2 repository' +cli commands. Please run 'icinga2 repository --help' to see all available +options. diff --git a/monitoring/icinga2/scripts/mail-host-notification.sh b/monitoring/icinga2/scripts/mail-host-notification.sh new file mode 100755 index 0000000..93f942e --- /dev/null +++ b/monitoring/icinga2/scripts/mail-host-notification.sh @@ -0,0 +1,171 @@ +#!/bin/sh +# Icinga 2 | (c) 2012 Icinga GmbH | GPLv2+ +# Except of function urlencode which is Copyright (C) by Brian White (brian@aljex.com) used under MIT license + +PROG="`basename $0`" +ICINGA2HOST="`hostname`" +MAILBIN="mail" + +if [ -z "`which $MAILBIN`" ] ; then + echo "$MAILBIN not found in \$PATH. Consider installing it." + exit 1 +fi + +## Function helpers +Usage() { +cat << EOF + +Required parameters: + -d LONGDATETIME (\$icinga.long_date_time\$) + -l HOSTNAME (\$host.name\$) + -n HOSTDISPLAYNAME (\$host.display_name\$) + -o HOSTOUTPUT (\$host.output\$) + -r USEREMAIL (\$user.email\$) + -s HOSTSTATE (\$host.state\$) + -t NOTIFICATIONTYPE (\$notification.type\$) + +Optional parameters: + -4 HOSTADDRESS (\$address\$) + -6 HOSTADDRESS6 (\$address6\$) + -b NOTIFICATIONAUTHORNAME (\$notification.author\$) + -c NOTIFICATIONCOMMENT (\$notification.comment\$) + -i ICINGAWEB2URL (\$notification_icingaweb2url\$, Default: unset) + -f MAILFROM (\$notification_mailfrom\$, requires GNU mailutils (Debian/Ubuntu) or mailx (RHEL/SUSE)) + -v (\$notification_sendtosyslog\$, Default: false) + +EOF +} + +Help() { + Usage; + exit 0; +} + +Error() { + if [ "$1" ]; then + echo $1 + fi + Usage; + exit 1; +} + +urlencode() { + local LANG=C i=0 c e s="$1" + + while [ $i -lt ${#1} ]; do + [ "$i" -eq 0 ] || s="${s#?}" + c=${s%"${s#?}"} + [ -z "${c#[[:alnum:].~_-]}" ] || c=$(printf '%%%02X' "'$c") + e="${e}${c}" + i=$((i + 1)) + done + echo "$e" +} + +## Main +while getopts 4:6::b:c:d:f:hi:l:n:o:r:s:t:v: opt +do + case "$opt" in + 4) HOSTADDRESS=$OPTARG ;; + 6) HOSTADDRESS6=$OPTARG ;; + b) NOTIFICATIONAUTHORNAME=$OPTARG ;; + c) NOTIFICATIONCOMMENT=$OPTARG ;; + d) LONGDATETIME=$OPTARG ;; # required + f) MAILFROM=$OPTARG ;; + h) Help ;; + i) ICINGAWEB2URL=$OPTARG ;; + l) HOSTNAME=$OPTARG ;; # required + n) HOSTDISPLAYNAME=$OPTARG ;; # required + o) HOSTOUTPUT=$OPTARG ;; # required + r) USEREMAIL=$OPTARG ;; # required + s) HOSTSTATE=$OPTARG ;; # required + t) NOTIFICATIONTYPE=$OPTARG ;; # required + v) VERBOSE=$OPTARG ;; + \?) echo "ERROR: Invalid option -$OPTARG" >&2 + Error ;; + :) echo "Missing option argument for -$OPTARG" >&2 + Error ;; + *) echo "Unimplemented option: -$OPTARG" >&2 + Error ;; + esac +done + +shift $((OPTIND - 1)) + +## Keep formatting in sync with mail-service-notification.sh +for P in LONGDATETIME HOSTNAME HOSTDISPLAYNAME HOSTOUTPUT HOSTSTATE USEREMAIL NOTIFICATIONTYPE ; do + eval "PAR=\$${P}" + + if [ ! "$PAR" ] ; then + Error "Required parameter '$P' is missing." + fi +done + +## Build the message's subject +SUBJECT="[$NOTIFICATIONTYPE] Host $HOSTDISPLAYNAME is $HOSTSTATE!" + +## Build the notification message +NOTIFICATION_MESSAGE=`cat << EOF +***** Host Monitoring on $ICINGA2HOST ***** + +$HOSTDISPLAYNAME is $HOSTSTATE! + +Info: $HOSTOUTPUT + +When: $LONGDATETIME +Host: $HOSTNAME +EOF +` + +## Check whether IPv4 was specified. +if [ -n "$HOSTADDRESS" ] ; then + NOTIFICATION_MESSAGE="$NOTIFICATION_MESSAGE +IPv4: $HOSTADDRESS" +fi + +## Check whether IPv6 was specified. +if [ -n "$HOSTADDRESS6" ] ; then + NOTIFICATION_MESSAGE="$NOTIFICATION_MESSAGE +IPv6: $HOSTADDRESS6" +fi + +## Check whether author and comment was specified. +if [ -n "$NOTIFICATIONCOMMENT" ] ; then + NOTIFICATION_MESSAGE="$NOTIFICATION_MESSAGE + +Comment by $NOTIFICATIONAUTHORNAME: + $NOTIFICATIONCOMMENT" +fi + +## Check whether Icinga Web 2 URL was specified. +if [ -n "$ICINGAWEB2URL" ] ; then + NOTIFICATION_MESSAGE="$NOTIFICATION_MESSAGE + +$ICINGAWEB2URL/monitoring/host/show?host=$(urlencode "$HOSTNAME")" +fi + +## Check whether verbose mode was enabled and log to syslog. +if [ "$VERBOSE" == "true" ] ; then + logger "$PROG sends $SUBJECT => $USEREMAIL" +fi + +## Send the mail using the $MAILBIN command. +## If an explicit sender was specified, try to set it. +if [ -n "$MAILFROM" ] ; then + + ## Modify this for your own needs! + + ## Debian/Ubuntu use mailutils which requires `-a` to append the header + if [ -f /etc/debian_version ]; then + /usr/bin/printf "%b" "$NOTIFICATION_MESSAGE" | tr -d '\015' \ + | $MAILBIN -a "From: $MAILFROM" -s "$SUBJECT" $USEREMAIL + ## Other distributions (RHEL/SUSE/etc.) prefer mailx which sets a sender address with `-r` + else + /usr/bin/printf "%b" "$NOTIFICATION_MESSAGE" | tr -d '\015' \ + | $MAILBIN -r "$MAILFROM" -s "$SUBJECT" $USEREMAIL + fi + +else + /usr/bin/printf "%b" "$NOTIFICATION_MESSAGE" | tr -d '\015' \ + | $MAILBIN -s "$SUBJECT" $USEREMAIL +fi diff --git a/monitoring/icinga2/scripts/mail-service-notification.sh b/monitoring/icinga2/scripts/mail-service-notification.sh new file mode 100755 index 0000000..8ccb8d4 --- /dev/null +++ b/monitoring/icinga2/scripts/mail-service-notification.sh @@ -0,0 +1,176 @@ +#!/bin/sh +# Icinga 2 | (c) 2012 Icinga GmbH | GPLv2+ +# Except of function urlencode which is Copyright (C) by Brian White (brian@aljex.com) used under MIT license + +PROG="`basename $0`" +ICINGA2HOST="`hostname`" +MAILBIN="mail" + +if [ -z "`which $MAILBIN`" ] ; then + echo "$MAILBIN not found in \$PATH. Consider installing it." + exit 1 +fi + +## Function helpers +Usage() { +cat << EOF + +Required parameters: + -d LONGDATETIME (\$icinga.long_date_time\$) + -e SERVICENAME (\$service.name\$) + -l HOSTNAME (\$host.name\$) + -n HOSTDISPLAYNAME (\$host.display_name\$) + -o SERVICEOUTPUT (\$service.output\$) + -r USEREMAIL (\$user.email\$) + -s SERVICESTATE (\$service.state\$) + -t NOTIFICATIONTYPE (\$notification.type\$) + -u SERVICEDISPLAYNAME (\$service.display_name\$) + +Optional parameters: + -4 HOSTADDRESS (\$address\$) + -6 HOSTADDRESS6 (\$address6\$) + -b NOTIFICATIONAUTHORNAME (\$notification.author\$) + -c NOTIFICATIONCOMMENT (\$notification.comment\$) + -i ICINGAWEB2URL (\$notification_icingaweb2url\$, Default: unset) + -f MAILFROM (\$notification_mailfrom\$, requires GNU mailutils (Debian/Ubuntu) or mailx (RHEL/SUSE)) + -v (\$notification_sendtosyslog\$, Default: false) + +EOF +} + +Help() { + Usage; + exit 0; +} + +Error() { + if [ "$1" ]; then + echo $1 + fi + Usage; + exit 1; +} + +urlencode() { + local LANG=C i=0 c e s="$1" + + while [ $i -lt ${#1} ]; do + [ "$i" -eq 0 ] || s="${s#?}" + c=${s%"${s#?}"} + [ -z "${c#[[:alnum:].~_-]}" ] || c=$(printf '%%%02X' "'$c") + e="${e}${c}" + i=$((i + 1)) + done + echo "$e" +} + +## Main +while getopts 4:6:b:c:d:e:f:hi:l:n:o:r:s:t:u:v: opt +do + case "$opt" in + 4) HOSTADDRESS=$OPTARG ;; + 6) HOSTADDRESS6=$OPTARG ;; + b) NOTIFICATIONAUTHORNAME=$OPTARG ;; + c) NOTIFICATIONCOMMENT=$OPTARG ;; + d) LONGDATETIME=$OPTARG ;; # required + e) SERVICENAME=$OPTARG ;; # required + f) MAILFROM=$OPTARG ;; + h) Usage ;; + i) ICINGAWEB2URL=$OPTARG ;; + l) HOSTNAME=$OPTARG ;; # required + n) HOSTDISPLAYNAME=$OPTARG ;; # required + o) SERVICEOUTPUT=$OPTARG ;; # required + r) USEREMAIL=$OPTARG ;; # required + s) SERVICESTATE=$OPTARG ;; # required + t) NOTIFICATIONTYPE=$OPTARG ;; # required + u) SERVICEDISPLAYNAME=$OPTARG ;; # required + v) VERBOSE=$OPTARG ;; + \?) echo "ERROR: Invalid option -$OPTARG" >&2 + Usage ;; + :) echo "Missing option argument for -$OPTARG" >&2 + Usage ;; + *) echo "Unimplemented option: -$OPTARG" >&2 + Usage ;; + esac +done + +shift $((OPTIND - 1)) + +## Keep formatting in sync with mail-host-notification.sh +for P in LONGDATETIME HOSTNAME HOSTDISPLAYNAME SERVICENAME SERVICEDISPLAYNAME SERVICEOUTPUT SERVICESTATE USEREMAIL NOTIFICATIONTYPE ; do + eval "PAR=\$${P}" + + if [ ! "$PAR" ] ; then + Error "Required parameter '$P' is missing." + fi +done + +## Build the message's subject +SUBJECT="[$NOTIFICATIONTYPE] $SERVICEDISPLAYNAME on $HOSTDISPLAYNAME is $SERVICESTATE!" + +## Build the notification message +NOTIFICATION_MESSAGE=`cat << EOF +***** Service Monitoring on $ICINGA2HOST ***** + +$SERVICEDISPLAYNAME on $HOSTDISPLAYNAME is $SERVICESTATE! + +Info: $SERVICEOUTPUT + +When: $LONGDATETIME +Service: $SERVICENAME +Host: $HOSTNAME +EOF +` + +## Check whether IPv4 was specified. +if [ -n "$HOSTADDRESS" ] ; then + NOTIFICATION_MESSAGE="$NOTIFICATION_MESSAGE +IPv4: $HOSTADDRESS" +fi + +## Check whether IPv6 was specified. +if [ -n "$HOSTADDRESS6" ] ; then + NOTIFICATION_MESSAGE="$NOTIFICATION_MESSAGE +IPv6: $HOSTADDRESS6" +fi + +## Check whether author and comment was specified. +if [ -n "$NOTIFICATIONCOMMENT" ] ; then + NOTIFICATION_MESSAGE="$NOTIFICATION_MESSAGE + +Comment by $NOTIFICATIONAUTHORNAME: + $NOTIFICATIONCOMMENT" +fi + +## Check whether Icinga Web 2 URL was specified. +if [ -n "$ICINGAWEB2URL" ] ; then + NOTIFICATION_MESSAGE="$NOTIFICATION_MESSAGE + +$ICINGAWEB2URL/monitoring/service/show?host=$(urlencode "$HOSTNAME")&service=$(urlencode "$SERVICENAME")" +fi + +## Check whether verbose mode was enabled and log to syslog. +if [ "$VERBOSE" == "true" ] ; then + logger "$PROG sends $SUBJECT => $USEREMAIL" +fi + +## Send the mail using the $MAILBIN command. +## If an explicit sender was specified, try to set it. +if [ -n "$MAILFROM" ] ; then + + ## Modify this for your own needs! + + ## Debian/Ubuntu use mailutils which requires `-a` to append the header + if [ -f /etc/debian_version ]; then + /usr/bin/printf "%b" "$NOTIFICATION_MESSAGE" | tr -d '\015' \ + | $MAILBIN -a "From: $MAILFROM" -s "$SUBJECT" $USEREMAIL + ## Other distributions (RHEL/SUSE/etc.) prefer mailx which sets a sender address with `-r` + else + /usr/bin/printf "%b" "$NOTIFICATION_MESSAGE" | tr -d '\015' \ + | $MAILBIN -r "$MAILFROM" -s "$SUBJECT" $USEREMAIL + fi + +else + /usr/bin/printf "%b" "$NOTIFICATION_MESSAGE" | tr -d '\015' \ + | $MAILBIN -s "$SUBJECT" $USEREMAIL +fi diff --git a/monitoring/icinga2/zones.conf b/monitoring/icinga2/zones.conf new file mode 100644 index 0000000..70ac766 --- /dev/null +++ b/monitoring/icinga2/zones.conf @@ -0,0 +1,63 @@ +/* + * Endpoint and Zone configuration for a cluster setup + * This local example requires `NodeName` defined in + * constants.conf. + */ + +object Endpoint NodeName { + host = NodeName +} + +object Zone ZoneName { + endpoints = [ NodeName ] +} + +/* + * Defines a global zone for distributed setups with masters, + * satellites and clients. + * This is required to sync configuration commands, + * templates, apply rules, etc. to satellite and clients. + * All nodes require the same configuration and must + * have `accept_config` enabled in the `api` feature. + */ + +object Zone "global-templates" { + global = true +} + +/* + * Defines a global zone for the Icinga Director. + * This is required to sync configuration commands, + * templates, apply rules, etc. to satellite and clients. + * All nodes require the same configuration and must + * have `accept_config` enabled in the `api` feature. + */ + +object Zone "director-global" { + global = true +} + +/* + * Read the documentation on how to configure + * a cluster setup with multiple zones. + */ + +/* +object Endpoint "master.example.org" { + host = "master.example.org" +} + +object Endpoint "satellite.example.org" { + host = "satellite.example.org" +} + +object Zone "master" { + endpoints = [ "master.example.org" ] +} + +object Zone "satellite" { + parent = "master" + endpoints = [ "satellite.example.org" ] +} +*/ + diff --git a/monitoring/icinga2/zones.d/README b/monitoring/icinga2/zones.d/README new file mode 100644 index 0000000..e378eae --- /dev/null +++ b/monitoring/icinga2/zones.d/README @@ -0,0 +1,2 @@ +Please check the documentation for more details: +https://icinga.com/docs/icinga2/latest/doc/06-distributed-monitoring/ diff --git a/monitoring/icingaweb2/authentication.ini b/monitoring/icingaweb2/authentication.ini new file mode 100644 index 0000000..6852ece --- /dev/null +++ b/monitoring/icingaweb2/authentication.ini @@ -0,0 +1,3 @@ +[icingaweb2] +backend = "db" +resource = "icingaweb_db" diff --git a/monitoring/icingaweb2/config.ini b/monitoring/icingaweb2/config.ini new file mode 100644 index 0000000..41ba83c --- /dev/null +++ b/monitoring/icingaweb2/config.ini @@ -0,0 +1,10 @@ +[global] +show_stacktraces = "1" +show_application_state_messages = "1" +config_backend = "db" +config_resource = "icingaweb_db" + +[logging] +log = "file" +level = "WARNING" +file = "/var/log/icingaweb2/icingaweb2.log" diff --git a/monitoring/icingaweb2/groups.ini b/monitoring/icingaweb2/groups.ini new file mode 100644 index 0000000..6852ece --- /dev/null +++ b/monitoring/icingaweb2/groups.ini @@ -0,0 +1,3 @@ +[icingaweb2] +backend = "db" +resource = "icingaweb_db" diff --git a/monitoring/icingaweb2/modules/monitoring/backends.ini b/monitoring/icingaweb2/modules/monitoring/backends.ini new file mode 100644 index 0000000..702a1a4 --- /dev/null +++ b/monitoring/icingaweb2/modules/monitoring/backends.ini @@ -0,0 +1,3 @@ +[icinga] +type = "ido" +resource = "icinga_ido" diff --git a/monitoring/icingaweb2/modules/monitoring/commandtransports.ini b/monitoring/icingaweb2/modules/monitoring/commandtransports.ini new file mode 100644 index 0000000..3d5d591 --- /dev/null +++ b/monitoring/icingaweb2/modules/monitoring/commandtransports.ini @@ -0,0 +1,3 @@ +[icinga2] +transport = "local" +path = "/var/run/icinga2/cmd/icinga2.cmd" diff --git a/monitoring/icingaweb2/modules/monitoring/config.ini b/monitoring/icingaweb2/modules/monitoring/config.ini new file mode 100644 index 0000000..9b69fe8 --- /dev/null +++ b/monitoring/icingaweb2/modules/monitoring/config.ini @@ -0,0 +1,2 @@ +[security] +protected_customvars = "*pw*,*pass*,community" diff --git a/monitoring/icingaweb2/resources.ini b/monitoring/icingaweb2/resources.ini new file mode 100644 index 0000000..550b26c --- /dev/null +++ b/monitoring/icingaweb2/resources.ini @@ -0,0 +1,21 @@ +[icingaweb_db] +type = "db" +db = "mysql" +host = "localhost" +port = "" +dbname = "icingaweb2" +username = "user" +password = "pass" +charset = "" +use_ssl = "0" + +[icinga_ido] +type = "db" +db = "mysql" +host = "localhost" +port = "" +dbname = "icinga2" +username = "user" +password = "pass" +charset = "" +use_ssl = "0" diff --git a/monitoring/icingaweb2/roles.ini b/monitoring/icingaweb2/roles.ini new file mode 100644 index 0000000..edf11ae --- /dev/null +++ b/monitoring/icingaweb2/roles.ini @@ -0,0 +1,4 @@ +[Administrators] +users = "openfest" +permissions = "*" +groups = "Administrators" diff --git a/monitoring/nginx-icinga-snippet.conf b/monitoring/nginx-icinga-snippet.conf new file mode 100644 index 0000000..9d742c7 --- /dev/null +++ b/monitoring/nginx-icinga-snippet.conf @@ -0,0 +1,15 @@ +location ~ ^/icingaweb2/index\.php(.*)$ { + fastcgi_pass unix:/run/php/php7.0-fpm.sock; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME /opt/openfest/icingaweb2/public/index.php; + fastcgi_param ICINGAWEB_CONFIGDIR /etc/icingaweb2; + fastcgi_param REMOTE_USER $remote_user; +} + +location ~ ^/icingaweb2(.+)? { + alias /opt/openfest/icingaweb2/public; + index index.php; + try_files $1 $uri $uri/ /icingaweb2/index.php$is_args$args; +} +