Compare commits

..

No commits in common. "master" and "main" have entirely different histories.
master ... main

159 changed files with 8671 additions and 693 deletions

53
.gitignore vendored
View File

@ -1,4 +1,24 @@
# Created by .ignore support plugin (hsz.mobi) # Created by .ignore support plugin (hsz.mobi)
### Vim template
# Swap
[._]*.s[a-v][a-z]
[._]*.sw[a-p]
[._]s[a-v][a-z]
[._]sw[a-p]
# Session
Session.vim
# Temporary
.netrwhist
*~
# Auto-generated tag files
tags
# Persistent undo
[._]*.un~
### Ansible template
*.retry
### JetBrains template ### JetBrains template
# Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion, Android Studio and WebStorm # Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion, Android Studio and WebStorm
# Reference: https://intellij-support.jetbrains.com/hc/en-us/articles/206544839 # Reference: https://intellij-support.jetbrains.com/hc/en-us/articles/206544839
@ -6,7 +26,6 @@
# User-specific stuff # User-specific stuff
.idea/**/workspace.xml .idea/**/workspace.xml
.idea/**/tasks.xml .idea/**/tasks.xml
.idea/**/usage.statistics.xml
.idea/**/dictionaries .idea/**/dictionaries
.idea/**/shelf .idea/**/shelf
@ -23,16 +42,9 @@
.idea/**/gradle.xml .idea/**/gradle.xml
.idea/**/libraries .idea/**/libraries
# Gradle and Maven with auto-import
# When using Gradle or Maven with auto-import, you should exclude module files,
# since they will be recreated, and may cause churn. Uncomment if using
# auto-import.
# .idea/modules.xml
# .idea/*.iml
# .idea/modules
# CMake # CMake
cmake-build-*/ cmake-build-debug/
cmake-build-release/
# Mongo Explorer plugin # Mongo Explorer plugin
.idea/**/mongoSettings.xml .idea/**/mongoSettings.xml
@ -60,24 +72,3 @@ fabric.properties
# Editor-based Rest Client # Editor-based Rest Client
.idea/httpRequests .idea/httpRequests
### Ansible template
*.retry
### Vim template
# Swap
[._]*.s[a-v][a-z]
[._]*.sw[a-p]
[._]s[a-rt-v][a-z]
[._]ss[a-gi-z]
[._]sw[a-p]
# Session
Session.vim
# Temporary
.netrwhist
*~
# Auto-generated tag files
tags
# Persistent undo
[._]*.un~

Binary file not shown.

After

Width:  |  Height:  |  Size: 121 KiB

3
PostMortem Normal file
View File

@ -0,0 +1,3 @@
Improvements after 2021:
1. Disable flow control

View File

@ -1,2 +1,2 @@
# OpenFest Networking 2023 # openfest-network-2021
Networking related info/configs/issues for OpenFest 2023 Networking related info/configs/issues for OpenFest 2021

11
TODO.md
View File

@ -1,11 +0,0 @@
# TODO
* Architecture
* Hardware selection
* OpenWisp
* Team selection
* Team Training
* Workshop
* Workshop2
* Staging
* Prep

View File

@ -1 +0,0 @@
ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAG7wmmDaVEFR+ERBE/u4NIFIS+XVaVDX8HBmmP0SI4aiizAicqmjzdUaNv0aCsSaNnLy4zHAATncmFifKeaJlZM7wD9ORlClSacvO2IXqf+XTDjaj5/1R9ILTqEG1sC2T1GpvktdDnT9304WCJKmbtYufAY1y24bqs06R3hjecDTO360Q==

View File

@ -1 +0,0 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCitk7il0b3QqHYm2RexaWDcJcPcjGYOpgvR62vmtuZIl54MySl1bc2Cl0mr0nh6URQB4E0jqNndi/e3KYRaKBCO1wxZNUEqDWNtbg+w3yDbKXjaqNTKYBVf7MLfmOuKDy9lmukTMDNs5zAce3E3cUtSkpOKzsAhtNd7fY6rCfXkbiYoDA0ARxvOfAMGTpTcjWWo+Wo5qj5v6iNeJWkgefH/w3ZBWM/xJyoyI/3eabA0rrLP+Llg/Fnx1X3m5j0UaiMdwyGh3MdfvsL8dTCHz+ClipyZ5OlJQmIu6w2q1Av6tbvZFdXgtj6STGMVKvKHb0dPZNRWPi2daFzI1UvPjTF albert

View File

@ -1 +0,0 @@
ssh-rsa AAAAB3NzaC1yc2EAAAABJQAABAEAoqA8rrhpL/zx+BRI3SjruRizx0LImTTUno0SP+l1ChLpvs3VWAR0aNabQcIDIBOEpJSxaGuxYRrPw/GrYV6LvFjoxIph/LDRrWdu6aVmU3Aq1Y4nZBl49QAFRss+lDN22yjjSOI6/3rugPBbC5Bseo0lYTHHAM3Z3P0S5AXBBs+zN3ylUY0mf30H0km25szl5Ion/AupfVahGHzvamjbBUjYtQMfHgslX6TyDbtz4pyG1tgeg859bk+EE5+AufYsaL0JSHGt95SzXncUY6GRCMu3ZEMFNgwOm4ZHwfL+LRDPCBlf4tu8V2QAxCdgMp592uULy57XsavJofdd1c1xj4BWvc/MCcsHFOq7rX15sQyKcHpP2MFZ7FA3RWVzFYHtUORs96uK9Wlk3PTgUuN7yWKRCv7dl2GuPsvP4Q3R/mnUTxoIYzbYVDnhE56YD0xQ1A3o0sF3RBIV43VE2R8E3smcKhOSfePiaRMdcsOeGhWWNPS+9p69BQsNvyAtXu4d+GAT+iBKmuEiCWtGyvuVIQXkO4Kk1HnqkZuX5aWBkqxfWbXTFkt/+naylK4beeo2dQtQhyYecoGKqSGp5KjQ//looDnVMOHD8Unj5mnw4gKzgWsjjTJB/vAKsGjkPlCI532cHxpdgv7sfm7ncCUqPaIzm8YsWjsV/xIUf0SAbVdt5tq8ESovx8Y8T8NO8o0pNMLEEHAZ8dtRLNMcl/yV/gvDVV6v4MIADEOxB/l2WXMv9YS1YmJ4jickm8qlzOiW4IeI2KZVoy/kCQ9I0xC/+cM6XXH8pBThqEBvNCBBMKnAxcG4q8OcYNyfFtaZeUwwQ0aIuXe+rEh3qDxbH7W3DYPTU1ASzApSIEwWr8GhFmp6LY7vgVOi4BIVxBD4tXAfcNJMHg+8+NARvf6hTi4UHCd5CaTecjcRB//zzor6APzzJZpWEtmilsQmPy5BoJ4c+V+06w9ymHtApdTEwbjoemz8lolWdKTaYZbh5nuzooNZ1WL9XEL4/bkUb9qae7iOnvr8qWVAUNo1HuET8DbweNr8ABwahaingVy8LMFRPTA1i2bVXUVi0y89tjIiVDFhja3oycQpfVrDFqB0kszOAhq9oMQRrYx3tLukFcPuz3KPdfEevaH49JfN913G2lvwwLz4CBPpwWWZXH0vrW0ggBuBdaAGu+GYcp79ND/++IELELJGrRPT2kijG6K+utud9VMq0CxrOTq0t47dJK40P7IYIjSMXO9Cm7/aa0cWaw1TVFbtXnWPeL0qKEp7qGxjZeYAmQ0YHCZOSYAql9ZyYlWu0xN4H9tHvguzED6WqFfmO9RpvIKyVtLc+nmkROR5owdSMlEcY+GTQDwOjWTxjQ== atanas.angelov@devhex.org

View File

@ -1 +0,0 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC8P1BYJRpuyBiwtOxhN7Gz+qze/T7w7Z9dJN5IVh9C0jqoKbhaTMjhWLsNAMA/X2kCtnipeRQWmMXkiU8XuB9n1eVIjDh6nek2rxlUGwOgdpuSMkN//K543jFjWhfRcUhyuh/qtojfxn7k+ETdT6qmGbL8QCFUepcbR9uhudrvrjLQ5Hn8s8pYcL+ZcjLvwk8445x0T5hWVzExSzgLWcBiuYptcEaz1uZa2lc/QfKPqmImAPMiRvRRdlcoht0i5wKfrKlSSbA6VJ/vrP37RebNQ37J7b0kOUL+jP9XeCA2vEg1xKSglz4X+NjzeZi6u+oI2Mw7IUTwHU6cvPMldVMj dexxter00@OpenFest

View File

@ -1 +0,0 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCZN2+YXOEbvRKC1tQJ1D/ULe3h8WNd3eRZPVn//M9IeIHTLZ82HAQY1jlm+RwC37EoP7U22Ae4Nxbam9J7Gjm+BftqesMepWP9ka8K+N6QzZr8bG+H72Ey+UpqiObWMiFCyTpHwWnw130We0eHaTB9qqunOrWwSxConglSm0Rs74o5Hip/gk0hHJbkxwxxbJabdFHE0DLoLb6FscUegRg/ol8/DhMXhyZ0MUV73wxoWEHtaE67JYCbidLvVmjNI8dKwQMsYIv52GkKOQdX1u1GaImQl56akdFYijWEy7dFReDBSWBfrS5dis0JMiUJkpFKeSh/aqCnoLcOUjbTNWVN

View File

@ -1 +0,0 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG1Esx9p/xuZGLmrr4OCTEz3QskqNIZuXKc/keeatuA6

View File

@ -1 +0,0 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEAQDvlwEN7hlxYnumGo2jRisaUUTYbuSoBZA73krHFl+4/7myi/fLZTo5OCbpmoTUwdv/jpNAzQQ+gw1d2o5Hr/i1IezwXI+oKEXTDnl1uj4L/RDdBgqUAWd5zaW4fhCYCb509We9z5hDBCtJnNuTpnLo6uAnmftj0I7zYbLK+h2qiInOVYIvAn1tOuzLkAFDV9fCQyvhLgcaa9NIGJBiwj9oJ1079nPvt/9MWVHrf/zqWigmnDeOhZQ6Wg9A/FbLT9hxtGMOtcG3cPKZscs4+w3sKeHxJjkYck/K7xncJmfI+kE7PK5euFwzCJtsVEfVjnah6tRiChJWXEWDouJFERLCPf3XwLOnC/ngw7UvxzctF7+Dt5fwKlaC7WN5tXcgLzrjSqGpfngxyM8i1yYHpGCvgszYk13WsfjRTV/Bo5cTwUTMxoFx5sXmmXtvPe62/rhtK5GZQz3+6oWI7KwKa6yN6Unyp/Ikc4y1Q7tDE+i79Y5Uu3B1jGOLRAlNuhGWRSjHuMHOUWomOwqmd2qIa4n+DpO/Bj5LOuINgYWlflfbnYQDklP2jTkxS8sSsGEyhaqJ5OrfgkW11rBPM4/GqkuTTpt65DWkhRJUV6pI4XsGg7FPrhZeGROzPoZwqP3b2xoX3CJRwMumqUiERN2eAU2JXMTATWlPa8Xmd8t4jEFFve79JkmDpggCV/knvWW54QtWUAu9sKlcu0Ue9tvcic9zm3NjZIkPCOj+vlA7pdA4+oias/tmj94fGNWkoUpJTQdqK5khma6MZXtMSq6K0ddojrkkPhH4usdsUKqNrFSKUKfXIFkmxrqOK7kpXpe4npzBtZCoe39Oz5spu1BXD3t+ZK3IqmURS/FHdDTst69RagrY0nF/UGkSWCB3rgJp2yW6aQpBucw6C4zhXdCyx+JVbkzK9eORZlOQn8onAOpkqekvt+/mVVI48VQy20kpjMjzPSKP60ZxPR32mgQsEsSZiCNezGOkoCJvygbRKqV4LOULgiuvbU+gsoCvETzHuMry/lSBqR2LvBF9xB1ks+44aMQNQ3BcfGm1fFeP91dnGt0MNnr+v4MIE+WlNTkFcktCU7Q4svu2nDN0qTQk+IyOUdaQLWcv7Z7LNNypRAbW8PM65hItNxaedeNLjFGYKaP7DbfsLp2oRy1UezIWtK/5jSCMrT9CXOw5SjIhKQu6zC8PVcBdCxT9BBUqCmCtOv87j+d+44iuGZuDAKghZbW0qA2YHlGByP+/yLeKxxM5wHyaQn1R7WUVMhVEg/WAQwSuvoYurOoKRC7st4ngcdKZM+MwPs/ImrMo4REl59nGsw+Z/ql12SYE0qKMCEx94uGc8ZC80fx6dNa4Nq/Gfm+L stefan.lekov@devhex.org

View File

@ -1 +0,0 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEAQC77d4Ztbke2bVUdh0rH74MxKitVlS57xNbBbrJqyL8mI44WK0KH5ZdIEgDeOin1d0KGsaU0feDK2KhLL1Mqlp/bza9x8ZzVV1G8NnHzYNUmIPjaIS/kK0o4aTKELzoo0gdf5p0pKw7x7PK0b2IJF46V7f2y1nhq8GWWb0IxsC6okmTX8emoEk2LZUq70Ka71YDNams8RLa6sPXY97bvVrEXTkrEMnaxgnoTLswis05X5b3BvmaWkuDcDoIyHMNy/1Ayap38u8ElD+8+SRx+a5BYt0G5drNMowUOyxIkTtPCRgepAqMMi2ApTX4ZEYCE8MLZY0fEeyNPM+lDVu5YFxca5RUNorWVHy2YJrnPDkjqWqRm+xpAEfh9KVLDj4TtbN2CA9HWPUMRGvI5t3a2qdcWLpaHMrx92SHCa6roCvFceSkB8ncHQ7CZegomnpBmAi3cdhoPf8JpkYUsPwQJyx0GNxlLiHqqDq9DXMkVa1N5dTZolRGMOvCAXG9TEt3/dIutjM/pKw/71yIdOlDyYpKnK3nGG2jsG8zw4b+d9jt6kuGjMmlWiyJAwKDWp0MA/4fLfqJuh94b0788lh06V8NQ5TfkTVZoPbQ6zR6G9DD6BHhlFXwRn+3f+07sjNq9Wp3dfbV6j1bNPcoGPeQVarvkCPwZI7zOMIiNoPAeSLI6YSZN2eNerb0ehP0Mptr7z/pg0wQ3v3QUZ8AwqO+cbSa9UxbGRfUEUxB3z5YicRm31NYGREQk03BzcCpdAY09oEj0STdLRD+GHJx8oISpY3l06IlqxJXKD+FvvQCNTbplx0rbLGcoaYXG/m6/e4HiVHnH8ypN1iisgaSuvQHdYzNrbJ0PX/UQY+710n3hgEGEA2OyCdycHgOIHiVUvsZpMslAvIhUIaCR8Jn9BtU/NIset74378JnCob71JfaIc53Tl/j/Z4fehP/OfR2cM8YmD643bOZ1+oA/7vdWyMVnV40w2+6J89aEKgUERzkd6RvxeE5eMesJq+BQ/zcpSH/9TimLrwdczqlII3m3jdAaiOJsberlfsf/HUDx66sxVOESLvkhExHLAF7lbRiW99F6YZ25gV2W7eCw7nlw/fcBbZkashnB/olY9/HeOnnMKsxMZHse5MYFTHj+wWFU5wee2PqetyAk17q8nJjlYTwEHjiHYoGBJdb4K/AZw/loydablMXn1v4SYGZ5Md6/H1yk9eNJmluhduKVpkzBwMdM6U+o/U2P9UJh6ejGRJhXyohT5WsqkbR4cYtygIW3u4Axy6on9jEF12sGDOXG6CzuMsTBpNBm/RYnnTp/GcB7lCxcJKHLXs6Q4onGhpsRrJbEfZW7to8XTRLEG58CXMV+mJ

View File

@ -1 +0,0 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEAQDAdqMHy1gpVmnUokoUJ0LbqZtFiARVz2p5FRD/vs37MoD0LrCQKf1zylXsh9Vd31TBPL75Uz6xbkZswGwBa5kuPpEpxkhrpTlJ5J6V9xHcnaZQKHal3P4ZRKtvfmeKlncm0MPW53Dkz28xECNBBm8fsXFECDdjFUxO8PD5x4s82o/TUnuC2L5DSTZTZfLekllTjzQkyBatUZSPKaDxghtPz+r7SOTezBjePKr4Z8td5vc9kDCNmBqZzQehjVqB2SjASCoks0ZJ10DQ4MdvuKeLvFcp4T+TLMl1+VgvOSRkahkWYW/W5ljht7MDR9JATn1hs9kL2f6ZAGRnteo3zH0kUjy8OtMitUuFEdf80cUI9vf12wZd7M+Za2ntq/gN9raEGrqsf+d7UTweTp4wm8FiUp8AQp1Og7105B0SCRn+kSHSWzkhzI6GxF1pdD/K80oOVnox4CSmCaWNqWK2Q/8roX/6dQTYbQfe/as67gCse2W75wL7oGR8Lh5DU1/sYAD9Vsk6Ru4Vk6H44mtMXM6JWRqGAB9L+w6mrPo2DO0FZ6S2VFlWfalLbwWK6bnROK63CUuUIcTna1f63eLRXsOES+ilIn/6miwdA2i6qaMhoilJiT+eg/oTikzquNVAUgmVL4gFSWqFKoNTQJut+96MjPN690D23bB5abLb4tEGzASxZUgNoFjv77JeoQx/cSTzEmZk7Jm+e/De1dKfIC9ja1MjPrbsx/nlV0lKI52ruEI0HtE824FchUFtBfkEWi2KRDhmviMye1sGDFjdOayrpNwKpjqjgvkWzAdmqvvYXN/SLGOXrqQi2ggeAYKgV5OBnj57ytQJbZUlpZIBZUwhBcg6hhOZ3wyafe0Yil8wC8NBUDhuxFIsDrHwM4SfxY7KIRlJUeQciXBysfA71DGIIn67KL/JCg+CKBiOl67f6hUwF6RjEnyPJc/wL49iphe3T5MdhYUJ/qW8vfrZ7sB14zFhH4kU4wBlERirg1TcCa/ixGkBO/bzytUmcwTEYPT22L40NIBcXmKeEn89RQedROUtYYp+UwSkYJ2D2tHJTzoeQmMzCGXSZ24QU9FxtSWgyViyTuBsyWSoly2u3czS0FihlTXX/ZQ97HFLRKweuJMw2VTsu6nSOnxZIlsVGxnAbGosMxxdtOS7Tm1CHY6XvEGLnJCvGCj3guQO1eQq1ZaXmUmqaQj7v7wBwjPne1E5gIkJvqLOT61vcwgRNhUN52NzknkpK5cctWUstetQ0nxnckIgu5OPrMiGGip2xotqGmLjMpjCJRjRQbVmYwj5MQzkxGMkGkD57nDKO+UR7sK7yQW7LQfbol+JgNaHUlaLhz3r/o5XUg0n4IfAxRLT yasen.atanasov@devhex.org

View File

@ -1,3 +0,0 @@
ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAH5qtjuBJPNCI8e+/4jD4ono5DnGFl6IOHY0MOCjoU6WLqhy3znEmPBgWla+HBN1JRHc3lKVt/pvDX6qC6D6Tx4VAF81I26axjpMQob8SkpMwGR244bLNWAXZcrMwKxzCjAxHrhzhdrikq68v8DfrGKPHkb+z3CJ8t8taHN+vzh9k5uXA== xb37 / ecdsa / zerdion
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDBe25EHI+RmDiIcMk9m5pcN2zseoLkeGc9CSW48AfBWTJObq0go1mJD70+PT1Dw9MJagWU8DXqA364NBrkjvqWrevv1hQgalGrzTIqe8rOzQdpmWj1hSjYU3UL4lhmkY+Sfdh6vVGCr7rRxZL0XfFG0a60OquiqH7BpKLqHg3UHAT3T5ZrQ/L48jvWX6IXWafJ0Na0w3vZNT674CmeS2PLUB2qT9IijsUrJWl8XcTyCNSoFPjDRRcZwZxA4gNgbsU4O1Sv8Xz5BkqPabH7qWBFBZJiLGklQ47EvvKwY1tfflC47ihlHU58IN0W+LipRyEat1PD6jQF8TbGRAieQ3efLEzJ42q725cnYS6rBLPK+d+9CbtuqV7cnmAMwg4Kr7vHZGjHmlom/mvb0HQE9OF3J5WS7f7gsyeH9TLOZJF+pq1YU3/ZMn4EvKFraW4oH+uXjJXn6+JPYfe9zn/cNHC7c/uMnBk0WITp4XN3GNQQkCWYw8qv0SSPCVl0unaSOVes1FRwFlpu6gwnQ8UnIkqbX0SZmYMG79hH8fbfhn1eR38/FtKiPjH2xhcs1vGOCltolwpkcf8eBJJbM6hX8UcDOR80/MMgE7dNPpxi847z8T0jIInsYZRINWuehiJSqxWAZyNjPWUxBVyKhOFkwQd9t0CJ145BWDFLbYc0E03uYw== calypso / rsa / zeridon
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDCsoBXuJ6SSTkeLCv+IbWvQCcy80cTdtdo8wmtHR87XTeoFJOgioshdL2Z7Id1w9pbnvV+MtPWP6473hirH4QB9iZ4jdjoCHQQdqT/SfsnwAAlSzHs4NNAN8YhsrmQsQI29kzBdJhMqmqAtsnBWEl3HHKD9Iyrpb5q7rT2eTOmITGqs+xV48o57QIP2GHYnOBulWmWr2zbsc/blHfPcJS3UgkWUSuhWlYt0vGu+wilbpJ9F369qN+Tt9FwQgXmSDco2qT8BLdQqdPw8x129SnNKG0M4g6swydcWaNmVGp/ppdhBfOGYtE/HdnSZ43qRWK2wJNGi9KTEkrZVGcFnznkGO01c2JUebV6HS2sqoREMaMAgtbS/UHcekSWroX7ZqjcvJHBtIJMt28UhZDYuv0tb8TQqbRMAJ7S/mgx97uIw3YAxAn+dXACavV1r9qbxqMtTi72hf838Sm3t1WJmj5vxsHDvpLoNZ0kuQEU3HF4qaha1pexmbnjS+89BchhvMpIKRVl4eGrtrGrSo8PFBFM6K9uf3MAhLYjn6FeBchws/LO56wAQ98YgYei/23nnrkPGh7+X3roB5so6CKLVEw1z8iQgg5c14FW7xzy75yIC07KqFt/zASE7pYyYSolhRD9zNjWAOz0fNLLykhiVtpywaBmQfltwx/wo2SRKPCVcw== blackburn / rsa / zeridon

View File

@ -1,53 +0,0 @@
# IP ranges assignments
## VLANs
ID | IP/Range | Name | Notes
---|--------------|------|---------
10 | single ip | external | Provided by ???
20 | 10.20.0.0/24 | mgmt |
21 | 10.21.0.0/22 | wired | wired clients / workshop
22 | 10.22.0.0/22 | wireless | ap
23 | 10.23.0.0/24 | video | video team
24 | 10.24.0.0/24 | overflow | overflow TV's
25 | 10.25.0.0/24 | reception | Reception related
## Assignments
### MGMT
IP | Name | Notes
----|---------|------
.1 | CORESRV | router/services
.11 | coresw | CORE
### Wifi
IP | Name | Notes
--- |---------|------
.50 | ap-fl | ap conf floor left foaier
.51 | ap-fr | ap conf floor right foaier
.52 | ap-voc-a1 | ap room A stage
.53 | ap-voc-a2 | ap room A back
.54 | ap-voc-b | ap room B stage
.55 | ap-ws-c | ap room C zone C3
.56 | ap-team | ap conf floor chillout area
.57 | ap-ws-l | ap workshop floor workshop area
.58 | ap-ws-r | ap workshop floor workshop area
### Video
IP | Name | Notes
---|---------|------
.1 | CORESRV |
### Overflow
IP | Name | Notes
---|---------|------
.1 | CORESRV |
### Wired
IP | Name | Notes
---|---------|------
.1 | CORESRV |
### Reception
IP | Name | Notes
---|---------|------
.1 | CORESRV |

4
misc/ArpCop.sh Executable file
View File

@ -0,0 +1,4 @@
#!/bin/bash
poorguy=$1
echo "Who are we looking for? IP address please!" ; echo ; for AP_TO_CONNECT_TO in `grep ap /etc/hosts | awk {'print $2'}` ; do echo "Looking for ${poorguy} on ${AP_TO_CONNECT_TO}" ; echo "The poor guy MAC address is :" ; echo ; arp -a | grep ${poorguy} | awk {'print $4'} ; MAC_OF_THE_HACKER=$(arp -a | grep ${poorguy} | awk {'print $4'}) ; ssh -q -o BatchMode=yes ${AP_TO_CONNECT_TO} 'iw dev wlan0 station dump ; iw dev wlan1 station dump' | grep Station | grep ${MAC_OF_THE_HACKER} && echo "FOUND AT ${AP_TO_CONNECT_TO}" ; done | grep FOUND

32
misc/arpwatch.conf Normal file
View File

@ -0,0 +1,32 @@
# /etc/arpwatch.conf: Debian-specific way to watch multiple interfaces.
# Format of this configuration file is:
#
#<dev1> <arpwatch options for dev1>
#<dev2> <arpwatch options for dev2>
#...
#<devN> <arpwatch options for devN>
#
# You can set global options for all interfaces by editing
# /etc/default/arpwatch
# For example:
#eth0 -m root
#bond0 -m root
#eth2 -m root
# or, if you have an MTA configured for plussed addressing:
#
#eth0 -m root+eth0
#bond0 -m root+bond0
#eth2 -m root+eth2
# prod setup
#bond0 -m nukemailz
bond0.20 -m nukemailz
bond0.21 -m nukemailz
bond0.22 -m nukemailz
bond0.23 -m nukemailz
bond0.24 -m nukemailz
bond0.25 -m nukemailz
bond0.26 -m nukemailz

2
misc/atftpd Normal file
View File

@ -0,0 +1,2 @@
USE_INETD=false
OPTIONS="--tftpd-timeout 300 --retry-timeout 5 --mcast-port 1758 --mcast-addr 239.239.239.0-255 --mcast-ttl 1 --maxthread 100 --verbose=5 /opt/openfest/tftpd"

88
misc/dhcp/dhcpd.conf Normal file
View File

@ -0,0 +1,88 @@
#
# Sample configuration file for ISC dhcpd for Debian
#
#
# The ddns-updates-style parameter controls whether or not the server will
# attempt to do a DNS update when a lease is confirmed. We default to the
# behavior of the version 2 packages ('none', since DHCP v2 didn't
# have support for DDNS.)
ddns-update-style none;
# option definitions common to all supported networks...
#option domain-name "example.org";
#option domain-name-servers ns1.example.org, ns2.example.org;
default-lease-time 600;
max-lease-time 7200;
# If this DHCP server is the official DHCP server for the local
# network, the authoritative directive should be uncommented.
authoritative;
# Use this to send dhcp log messages to a different log file (you also
# have to hack syslog.conf to complete the redirection).
log-facility local7;
# No service will be given on this subnet, but declaring it helps the
# DHCP server to understand the network topology.
#subnet 10.152.187.0 netmask 255.255.255.0 {
#}
# This is a very basic subnet declaration.
#subnet 10.254.239.0 netmask 255.255.255.224 {
# range 10.254.239.10 10.254.239.20;
# option routers rtr-239-0-1.example.org, rtr-239-0-2.example.org;
#}
# philharmonic
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.10 192.168.1.254;
option routers 192.168.1.1;
option domain-name-servers 192.168.1.1;
}
# MGMT
subnet 10.20.0.0 netmask 255.255.255.0 {
range 10.20.0.20 10.20.0.250;
option routers 10.20.0.1;
option domain-name-servers 10.20.0.1;
}
# VIDEO
subnet 10.23.0.0 netmask 255.255.255.0 {
range 10.23.0.100 10.23.0.250;
option routers 10.23.0.1;
option domain-name-servers 10.23.0.1;
}
# overflow
subnet 10.24.0.0 netmask 255.255.255.0 {
range 10.24.0.10 10.24.0.250;
option routers 10.24.0.1;
option domain-name-servers 10.24.0.1;
}
# wired
subnet 10.21.0.0 netmask 255.255.252.0 {
range 10.21.1.10 10.21.3.250;
option routers 10.21.0.1;
option domain-name-servers 10.21.0.1;
}
# wireless
subnet 10.22.0.0 netmask 255.255.252.0 {
range 10.22.0.10 10.22.3.250;
option routers 10.22.0.1;
option domain-name-servers 10.22.0.1;
}
# phones
subnet 10.25.0.0 netmask 255.255.255.0 {
range 10.25.0.10 10.25.0.200;
option routers 10.25.0.1;
option domain-name-servers 10.25.0.1;
next-server 10.25.0.1;
}

18
misc/dhcp/isc-dhcp-server Normal file
View File

@ -0,0 +1,18 @@
# Defaults for isc-dhcp-server (sourced by /etc/init.d/isc-dhcp-server)
# Path to dhcpd's config file (default: /etc/dhcp/dhcpd.conf).
#DHCPDv4_CONF=/etc/dhcp/dhcpd.conf
#DHCPDv6_CONF=/etc/dhcp/dhcpd6.conf
# Path to dhcpd's PID file (default: /var/run/dhcpd.pid).
#DHCPDv4_PID=/var/run/dhcpd.pid
#DHCPDv6_PID=/var/run/dhcpd6.pid
# Additional options to start dhcpd with.
# Don't use options -cf or -pf here; use DHCPD_CONF/ DHCPD_PID instead
#OPTIONS=""
# On what interfaces should the DHCP server (dhcpd) serve DHCP requests?
# Separate multiple interfaces with spaces, e.g. "eth0 eth1".
INTERFACESv4="bond0.20 bond0.21 bond0.22 bond0.23 bond0.24 bond0.25"
INTERFACESv6=""

View File

@ -0,0 +1,10 @@
blacklist btrfs
blacklist ufs
blacklist hfsplus
blacklist hfs
blacklist ntfs
blacklist jfs
blacklist xfs
blacklist minix
blacklist qnx4
blacklist bluetooth

41
misc/ntp.conf Normal file
View File

@ -0,0 +1,41 @@
#
# Ansible managed
#
# /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help
driftfile /var/lib/ntp/ntp.drift
# Enable this if you want statistics to be logged.
#statsdir /var/log/ntpstats/
statistics loopstats peerstats clockstats
filegen loopstats file loopstats type day enable
filegen peerstats file peerstats type day enable
filegen clockstats file clockstats type day enable
pool 0.bg.pool.ntp.org minpoll 4 maxpoll 10 iburst burst
server marla.ludost.net minpoll 4 maxpoll 10 iburst burst
# hard backup
pool 2.bg.pool.ntp.org minpoll 4 maxpoll 10 iburst burst
# Access control configuration; see /usr/share/doc/ntp-doc/html/accopt.html for
# details. The web page <http://support.ntp.org/bin/view/Support/AccessRestrictions>
# might also be helpful.
#
# Note that "restrict" applies to both servers and clients, so a configuration
# that might be intended to block requests from certain clients could also end
# up blocking replies from your own upstream servers.
# By default, exchange time with everybody, but don't allow configuration.
restrict -4 default kod notrap nomodify nopeer noquery limited
restrict -6 default kod notrap nomodify nopeer noquery limited
# Local users may interrogate the ntp server more closely.
restrict 127.0.0.1
restrict ::1
# Needed for adding pool entries
restrict source notrap nomodify noquery

48
misc/radvd.conf Normal file
View File

@ -0,0 +1,48 @@
interface eth1.21
{
AdvSendAdvert on;
MinRtrAdvInterval 3;
MaxRtrAdvInterval 15;
AdvDefaultPreference low;
AdvHomeAgentFlag off;
prefix 2001:67c:21bc:30::/64
{
AdvOnLink on;
AdvAutonomous on;
AdvRouterAddr off;
};
RDNSS 2001:67c:21bc:30::1
{
AdvRDNSSLifetime 30;
};
};
interface eth1.22
{
AdvSendAdvert on;
MinRtrAdvInterval 3;
MaxRtrAdvInterval 15;
AdvDefaultPreference low;
AdvHomeAgentFlag off;
prefix 2001:67c:21bc:31::/64
{
AdvOnLink on;
AdvAutonomous on;
AdvRouterAddr off;
};
RDNSS 2001:67c:21bc:31::1
{
AdvRDNSSLifetime 30;
};
};

111
misc/rsyslog.conf Normal file
View File

@ -0,0 +1,111 @@
# /etc/rsyslog.conf Configuration file for rsyslog.
#
# For more information see
# /usr/share/doc/rsyslog-doc/html/rsyslog_conf.html
#################
#### MODULES ####
#################
module(load="imuxsock") # provides support for local system logging
module(load="imklog") # provides kernel logging support
#module(load="immark") # provides --MARK-- message capability
# provides UDP syslog reception
module(load="imudp")
input(type="imudp" port="514" address="10.20.0.1" name="management")
input(type="imudp" port="514" address="10.23.0.1" name="video")
input(type="imudp" port="514" address="10.24.0.1" name="overflow")
# provides TCP syslog reception
#module(load="imtcp")
#input(type="imtcp" port="514")
###########################
#### GLOBAL DIRECTIVES ####
###########################
#
# Use traditional timestamp format.
# To enable high precision timestamps, comment out the following line.
#
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
#
# Set the default permissions for all log files.
#
$FileOwner root
$FileGroup adm
$FileCreateMode 0640
$DirCreateMode 0755
$Umask 0022
#
# Where to place spool and state files
#
$WorkDirectory /var/spool/rsyslog
#
# Include all config files in /etc/rsyslog.d/
#
#$IncludeConfig /etc/rsyslog.d/*.conf
# now dump received logs
# will be finicky to look but good for later analisys
$template RemoteLoggers,"/opt/syslog/%hostname%/%programname%.log"
# template for hostapd (associations)
$template RemoteHostapd,"/opt/syslog/hostapd/all-ap-hostapd.log"
# current vlans
if $fromhost-ip startswith '10.20.' then ?RemoteLoggers
if $fromhost-ip startswith '10.23.' then ?RemoteLoggers
if $fromhost-ip startswith '10.24.' then ?RemoteLoggers
# current vlans (hostapd)
if $programname == 'hostapd' and $fromhost-ip startswith '10.20.' then ?RemoteHostapd
if $programname == 'hostapd' and $fromhost-ip startswith '10.23.' then ?RemoteHostapd
if $programname == 'hostapd' and $fromhost-ip startswith '10.24.' then ?RemoteHostapd
###############
#### RULES ####
###############
#
# First some standard log files. Log by facility.
#
auth,authpriv.* /var/log/auth.log
*.*;auth,authpriv.none -/var/log/syslog
#cron.* /var/log/cron.log
daemon.* -/var/log/daemon.log
kern.* -/var/log/kern.log
lpr.* -/var/log/lpr.log
mail.* -/var/log/mail.log
user.* -/var/log/user.log
#
# Logging for the mail system. Split it up so that
# it is easy to write scripts to parse these files.
#
mail.info -/var/log/mail.info
mail.warn -/var/log/mail.warn
mail.err /var/log/mail.err
#
# Some "catch-all" log files.
#
*.=debug;\
auth,authpriv.none;\
news.none;mail.none -/var/log/debug
*.=info;*.=notice;*.=warn;\
auth,authpriv.none;\
cron,daemon.none;\
mail,news.none -/var/log/messages
#
# Emergencies are sent to everybody logged in.
#
*.emerg :omusrmsg:*

2
misc/unbound/.gitignore vendored Normal file
View File

@ -0,0 +1,2 @@
*.key
*.pem

591
misc/unbound/unbound.conf Normal file
View File

@ -0,0 +1,591 @@
#Use this to include other text into the file.
#include: "otherfile.conf"
# The server clause sets the main parameters.
server:
# whitespace is not necessary, but looks cleaner.
# verbosity number, 0 is least verbose. 1 is default.
verbosity: 1
# print statistics to the log (for every thread) every N seconds.
# Set to "" or 0 to disable. Default is disabled.
# statistics-interval: 0
# enable cumulative statistics, without clearing them after printing.
# statistics-cumulative: no
# enable extended statistics (query types, answer codes, status)
# printed from unbound-control. default off, because of speed.
# extended-statistics: no
# number of threads to create. 1 disables threading.
# num-threads: 1
# specify the interfaces to answer queries from by ip-address.
# The default is to listen to localhost (127.0.0.1 and ::1).
# specify 0.0.0.0 and ::0 to bind to all available interfaces.
# specify every interface[@port] on a new 'interface:' labelled line.
# The listen interfaces are not changed on reload, only on restart.
# interface: 192.0.2.153
# interface: 192.0.2.154
# interface: 192.0.2.154@5003
# interface: 2001:DB8::5
interface: 0.0.0.0
interface: ::0
# enable this feature to copy the source address of queries to reply.
# Socket options are not supported on all platforms. experimental.
# interface-automatic: no
# port to answer queries from
# port: 53
# specify the interfaces to send outgoing queries to authoritative
# server from by ip-address. If none, the default (all) interface
# is used. Specify every interface on a 'outgoing-interface:' line.
# outgoing-interface: 192.0.2.153
# outgoing-interface: 2001:DB8::5
# outgoing-interface: 2001:DB8::6
# number of ports to allocate per thread, determines the size of the
# port range that can be open simultaneously. About double the
# num-queries-per-thread, or, use as many as the OS will allow you.
# outgoing-range: 4096
# permit unbound to use this port number or port range for
# making outgoing queries, using an outgoing interface.
# outgoing-port-permit: 32768
# deny unbound the use this of port number or port range for
# making outgoing queries, using an outgoing interface.
# Use this to make sure unbound does not grab a UDP port that some
# other server on this computer needs. The default is to avoid
# IANA-assigned port numbers.
# If multiple outgoing-port-permit and outgoing-port-avoid options
# are present, they are processed in order.
# outgoing-port-avoid: "3200-3208"
# number of outgoing simultaneous tcp buffers to hold per thread.
# outgoing-num-tcp: 10
# number of incoming simultaneous tcp buffers to hold per thread.
# incoming-num-tcp: 10
# buffer size for UDP port 53 incoming (SO_RCVBUF socket option).
# 0 is system default. Use 4m to catch query spikes for busy servers.
# so-rcvbuf: 0
# buffer size for UDP port 53 outgoing (SO_SNDBUF socket option).
# 0 is system default. Use 4m to handle spikes on very busy servers.
# so-sndbuf: 0
# on Linux(3.9+) use SO_REUSEPORT to distribute queries over threads.
# so-reuseport: no
# EDNS reassembly buffer to advertise to UDP peers (the actual buffer
# is set with msg-buffer-size). 1480 can solve fragmentation (timeouts).
# edns-buffer-size: 4096
# Maximum UDP response size (not applied to TCP response).
# Suggested values are 512 to 4096. Default is 4096. 65536 disables it.
# max-udp-size: 4096
# buffer size for handling DNS data. No messages larger than this
# size can be sent or received, by UDP or TCP. In bytes.
# msg-buffer-size: 65552
# the amount of memory to use for the message cache.
# plain value in bytes or you can append k, m or G. default is "4Mb".
# msg-cache-size: 4m
# the number of slabs to use for the message cache.
# the number of slabs must be a power of 2.
# more slabs reduce lock contention, but fragment memory usage.
# msg-cache-slabs: 4
# the number of queries that a thread gets to service.
# num-queries-per-thread: 1024
# if very busy, 50% queries run to completion, 50% get timeout in msec
# jostle-timeout: 200
# msec to wait before close of port on timeout UDP. 0 disables.
# delay-close: 0
# the amount of memory to use for the RRset cache.
# plain value in bytes or you can append k, m or G. default is "4Mb".
# rrset-cache-size: 4m
# the number of slabs to use for the RRset cache.
# the number of slabs must be a power of 2.
# more slabs reduce lock contention, but fragment memory usage.
# rrset-cache-slabs: 4
# the time to live (TTL) value lower bound, in seconds. Default 0.
# If more than an hour could easily give trouble due to stale data.
# cache-min-ttl: 0
# the time to live (TTL) value cap for RRsets and messages in the
# cache. Items are not cached for longer. In seconds.
# cache-max-ttl: 86400
# the time to live (TTL) value for cached roundtrip times, lameness and
# EDNS version information for hosts. In seconds.
# infra-host-ttl: 900
# the number of slabs to use for the Infrastructure cache.
# the number of slabs must be a power of 2.
# more slabs reduce lock contention, but fragment memory usage.
# infra-cache-slabs: 4
# the maximum number of hosts that are cached (roundtrip, EDNS, lame).
# infra-cache-numhosts: 10000
# Enable IPv4, "yes" or "no".
# do-ip4: yes
# Enable IPv6, "yes" or "no".
# do-ip6: yes
# Enable UDP, "yes" or "no".
# do-udp: yes
# Enable TCP, "yes" or "no".
# do-tcp: yes
# upstream connections use TCP only (and no UDP), "yes" or "no"
# useful for tunneling scenarios, default no.
# tcp-upstream: no
# Detach from the terminal, run in background, "yes" or "no".
# do-daemonize: yes
# control which clients are allowed to make (recursive) queries
# to this server. Specify classless netblocks with /size and action.
# By default everything is refused, except for localhost.
# Choose deny (drop message), refuse (polite error reply),
# allow (recursive ok), allow_snoop (recursive and nonrecursive ok)
# deny_non_local (drop queries unless can be answered from local-data)
# refuse_non_local (like deny_non_local but polite error reply).
access-control: 0.0.0.0/0 refuse
access-control: 127.0.0.0/8 allow
access-control: 10.0.0.0/8 allow
access-control: 192.168.0.0/16 allow
access-control: ::0/0 refuse
access-control: ::1 allow
access-control: ::ffff:127.0.0.1 allow
access-control: 2001:67c:21bc:30::/60 allow
# if given, a chroot(2) is done to the given directory.
# i.e. you can chroot to the working directory, for example,
# for extra security, but make sure all files are in that directory.
#
# If chroot is enabled, you should pass the configfile (from the
# commandline) as a full path from the original root. After the
# chroot has been performed the now defunct portion of the config
# file path is removed to be able to reread the config after a reload.
#
# All other file paths (working dir, logfile, roothints, and
# key files) can be specified in several ways:
# o as an absolute path relative to the new root.
# o as a relative path to the working directory.
# o as an absolute path relative to the original root.
# In the last case the path is adjusted to remove the unused portion.
#
# The pid file can be absolute and outside of the chroot, it is
# written just prior to performing the chroot and dropping permissions.
#
# Additionally, unbound may need to access /dev/random (for entropy).
# How to do this is specific to your OS.
#
# If you give "" no chroot is performed. The path must not end in a /.
# chroot: "/etc/unbound"
# if given, user privileges are dropped (after binding port),
# and the given username is assumed. Default is user "unbound".
# If you give "" no privileges are dropped.
# username: "unbound"
# the working directory. The relative files in this config are
# relative to this directory. If you give "" the working directory
# is not changed.
# directory: "/etc/unbound"
# the log file, "" means log to stderr.
# Use of this option sets use-syslog to "no".
# logfile: ""
# Log to syslog(3) if yes. The log facility LOG_DAEMON is used to
# log to, with identity "unbound". If yes, it overrides the logfile.
# use-syslog: yes
# print UTC timestamp in ascii to logfile, default is epoch in seconds.
# log-time-ascii: no
# print one line with time, IP, name, type, class for every query.
# log-queries: no
# the pid file. Can be an absolute path outside of chroot/work dir.
# pidfile: "/etc/unbound/unbound.pid"
# file to read root hints from.
# get one from ftp://FTP.INTERNIC.NET/domain/named.cache
# root-hints: ""
# enable to not answer id.server and hostname.bind queries.
# hide-identity: no
# enable to not answer version.server and version.bind queries.
# hide-version: no
# the identity to report. Leave "" or default to return hostname.
# identity: ""
# the version to report. Leave "" or default to return package version.
# version: ""
# the target fetch policy.
# series of integers describing the policy per dependency depth.
# The number of values in the list determines the maximum dependency
# depth the recursor will pursue before giving up. Each integer means:
# -1 : fetch all targets opportunistically,
# 0: fetch on demand,
# positive value: fetch that many targets opportunistically.
# Enclose the list of numbers between quotes ("").
# target-fetch-policy: "3 2 1 0 0"
# Harden against very small EDNS buffer sizes.
# harden-short-bufsize: no
# Harden against unseemly large queries.
# harden-large-queries: no
# Harden against out of zone rrsets, to avoid spoofing attempts.
# harden-glue: yes
# Harden against receiving dnssec-stripped data. If you turn it
# off, failing to validate dnskey data for a trustanchor will
# trigger insecure mode for that zone (like without a trustanchor).
# Default on, which insists on dnssec data for trust-anchored zones.
# harden-dnssec-stripped: yes
# Harden against queries that fall under dnssec-signed nxdomain names.
# harden-below-nxdomain: no
# Harden the referral path by performing additional queries for
# infrastructure data. Validates the replies (if possible).
# Default off, because the lookups burden the server. Experimental
# implementation of draft-wijngaards-dnsext-resolver-side-mitigation.
# harden-referral-path: no
# Use 0x20-encoded random bits in the query to foil spoof attempts.
# This feature is an experimental implementation of draft dns-0x20.
# use-caps-for-id: no
# Enforce privacy of these addresses. Strips them away from answers.
# It may cause DNSSEC validation to additionally mark it as bogus.
# Protects against 'DNS Rebinding' (uses browser as network proxy).
# Only 'private-domain' and 'local-data' names are allowed to have
# these private addresses. No default.
# private-address: 10.0.0.0/8
# private-address: 172.16.0.0/12
# private-address: 192.168.0.0/16
# private-address: 169.254.0.0/16
# private-address: fd00::/8
# private-address: fe80::/10
# Allow the domain (and its subdomains) to contain private addresses.
# local-data statements are allowed to contain private addresses too.
# private-domain: "example.com"
# If nonzero, unwanted replies are not only reported in statistics,
# but also a running total is kept per thread. If it reaches the
# threshold, a warning is printed and a defensive action is taken,
# the cache is cleared to flush potential poison out of it.
# A suggested value is 10000000, the default is 0 (turned off).
# unwanted-reply-threshold: 0
# Do not query the following addresses. No DNS queries are sent there.
# List one address per entry. List classless netblocks with /size,
# do-not-query-address: 127.0.0.1/8
# do-not-query-address: ::1
# if yes, the above default do-not-query-address entries are present.
# if no, localhost can be queried (for testing and debugging).
# do-not-query-localhost: yes
# if yes, perform prefetching of almost expired message cache entries.
# prefetch: no
# if yes, perform key lookups adjacent to normal lookups.
# prefetch-key: no
# if yes, Unbound rotates RRSet order in response.
# rrset-roundrobin: no
# if yes, Unbound doesn't insert authority/additional sections
# into response messages when those sections are not required.
# minimal-responses: no
# module configuration of the server. A string with identifiers
# separated by spaces. "iterator" or "validator iterator"
# module-config: "validator iterator"
# File with trusted keys, kept uptodate using RFC5011 probes,
# initial file like trust-anchor-file, then it stores metadata.
# Use several entries, one per domain name, to track multiple zones.
#
# If you want to perform DNSSEC validation, run unbound-anchor before
# you start unbound (i.e. in the system boot scripts). And enable:
# Please note usage of unbound-anchor root anchor is at your own risk
# and under the terms of our LICENSE (see that file in the source).
# auto-trust-anchor-file: "/etc/unbound/root.key"
# File with DLV trusted keys. Same format as trust-anchor-file.
# There can be only one DLV configured, it is trusted from root down.
# Download http://ftp.isc.org/www/dlv/dlv.isc.org.key
# dlv-anchor-file: "dlv.isc.org.key"
# File with trusted keys for validation. Specify more than one file
# with several entries, one file per entry.
# Zone file format, with DS and DNSKEY entries.
# Note this gets out of date, use auto-trust-anchor-file please.
# trust-anchor-file: ""
# Trusted key for validation. DS or DNSKEY. specify the RR on a
# single line, surrounded by "". TTL is ignored. class is IN default.
# Note this gets out of date, use auto-trust-anchor-file please.
# (These examples are from August 2007 and may not be valid anymore).
# trust-anchor: "nlnetlabs.nl. DNSKEY 257 3 5 AQPzzTWMz8qSWIQlfRnPckx2BiVmkVN6LPupO3mbz7FhLSnm26n6iG9N Lby97Ji453aWZY3M5/xJBSOS2vWtco2t8C0+xeO1bc/d6ZTy32DHchpW 6rDH1vp86Ll+ha0tmwyy9QP7y2bVw5zSbFCrefk8qCUBgfHm9bHzMG1U BYtEIQ=="
# trust-anchor: "jelte.nlnetlabs.nl. DS 42860 5 1 14D739EB566D2B1A5E216A0BA4D17FA9B038BE4A"
# File with trusted keys for validation. Specify more than one file
# with several entries, one file per entry. Like trust-anchor-file
# but has a different file format. Format is BIND-9 style format,
# the trusted-keys { name flag proto algo "key"; }; clauses are read.
# you need external update procedures to track changes in keys.
# trusted-keys-file: ""
# Ignore chain of trust. Domain is treated as insecure.
# domain-insecure: "example.com"
# Override the date for validation with a specific fixed date.
# Do not set this unless you are debugging signature inception
# and expiration. "" or "0" turns the feature off. -1 ignores date.
# val-override-date: ""
# The time to live for bogus data, rrsets and messages. This avoids
# some of the revalidation, until the time interval expires. in secs.
# val-bogus-ttl: 60
# The signature inception and expiration dates are allowed to be off
# by 10% of the signature lifetime (expir-incep) from our local clock.
# This leeway is capped with a minimum and a maximum. In seconds.
# val-sig-skew-min: 3600
# val-sig-skew-max: 86400
# Should additional section of secure message also be kept clean of
# unsecure data. Useful to shield the users of this validator from
# potential bogus data in the additional section. All unsigned data
# in the additional section is removed from secure messages.
# val-clean-additional: yes
# Turn permissive mode on to permit bogus messages. Thus, messages
# for which security checks failed will be returned to clients,
# instead of SERVFAIL. It still performs the security checks, which
# result in interesting log files and possibly the AD bit in
# replies if the message is found secure. The default is off.
# val-permissive-mode: no
# Ignore the CD flag in incoming queries and refuse them bogus data.
# Enable it if the only clients of unbound are legacy servers (w2008)
# that set CD but cannot validate themselves.
# ignore-cd-flag: no
# Have the validator log failed validations for your diagnosis.
# 0: off. 1: A line per failed user query. 2: With reason and bad IP.
# val-log-level: 0
# It is possible to configure NSEC3 maximum iteration counts per
# keysize. Keep this table very short, as linear search is done.
# A message with an NSEC3 with larger count is marked insecure.
# List in ascending order the keysize and count values.
# val-nsec3-keysize-iterations: "1024 150 2048 500 4096 2500"
# instruct the auto-trust-anchor-file probing to add anchors after ttl.
# add-holddown: 2592000 # 30 days
# instruct the auto-trust-anchor-file probing to del anchors after ttl.
# del-holddown: 2592000 # 30 days
# auto-trust-anchor-file probing removes missing anchors after ttl.
# If the value 0 is given, missing anchors are not removed.
# keep-missing: 31622400 # 366 days
# the amount of memory to use for the key cache.
# plain value in bytes or you can append k, m or G. default is "4Mb".
# key-cache-size: 4m
# the number of slabs to use for the key cache.
# the number of slabs must be a power of 2.
# more slabs reduce lock contention, but fragment memory usage.
# key-cache-slabs: 4
# the amount of memory to use for the negative cache (used for DLV).
# plain value in bytes or you can append k, m or G. default is "1Mb".
# neg-cache-size: 1m
# By default, for a number of zones a small default 'nothing here'
# reply is built-in. Query traffic is thus blocked. If you
# wish to serve such zone you can unblock them by uncommenting one
# of the nodefault statements below.
# You may also have to use domain-insecure: zone to make DNSSEC work,
# unless you have your own trust anchors for this zone.
# local-zone: "localhost." nodefault
# local-zone: "127.in-addr.arpa." nodefault
# local-zone: "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa." nodefault
# local-zone: "10.in-addr.arpa." nodefault
# local-zone: "16.172.in-addr.arpa." nodefault
# local-zone: "17.172.in-addr.arpa." nodefault
# local-zone: "18.172.in-addr.arpa." nodefault
# local-zone: "19.172.in-addr.arpa." nodefault
# local-zone: "20.172.in-addr.arpa." nodefault
# local-zone: "21.172.in-addr.arpa." nodefault
# local-zone: "22.172.in-addr.arpa." nodefault
# local-zone: "23.172.in-addr.arpa." nodefault
# local-zone: "24.172.in-addr.arpa." nodefault
# local-zone: "25.172.in-addr.arpa." nodefault
# local-zone: "26.172.in-addr.arpa." nodefault
# local-zone: "27.172.in-addr.arpa." nodefault
# local-zone: "28.172.in-addr.arpa." nodefault
# local-zone: "29.172.in-addr.arpa." nodefault
# local-zone: "30.172.in-addr.arpa." nodefault
# local-zone: "31.172.in-addr.arpa." nodefault
# local-zone: "168.192.in-addr.arpa." nodefault
# local-zone: "0.in-addr.arpa." nodefault
# local-zone: "254.169.in-addr.arpa." nodefault
# local-zone: "2.0.192.in-addr.arpa." nodefault
# local-zone: "100.51.198.in-addr.arpa." nodefault
# local-zone: "113.0.203.in-addr.arpa." nodefault
# local-zone: "255.255.255.255.in-addr.arpa." nodefault
# local-zone: "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa." nodefault
# local-zone: "d.f.ip6.arpa." nodefault
# local-zone: "8.e.f.ip6.arpa." nodefault
# local-zone: "9.e.f.ip6.arpa." nodefault
# local-zone: "a.e.f.ip6.arpa." nodefault
# local-zone: "b.e.f.ip6.arpa." nodefault
# local-zone: "8.b.d.0.1.0.0.2.ip6.arpa." nodefault
# a number of locally served zones can be configured.
# local-zone: <zone> <type>
# local-data: "<resource record string>"
# o deny serves local data (if any), else, drops queries.
# o refuse serves local data (if any), else, replies with error.
# o static serves local data, else, nxdomain or nodata answer.
# o transparent gives local data, but resolves normally for other names
# o redirect serves the zone data for any subdomain in the zone.
# o nodefault can be used to normally resolve AS112 zones.
# o typetransparent resolves normally for other types and other names
#
# defaults are localhost address, reverse for 127.0.0.1 and ::1
# and nxdomain for AS112 zones. If you configure one of these zones
# the default content is omitted, or you can omit it with 'nodefault'.
#
# If you configure local-data without specifying local-zone, by
# default a transparent local-zone is created for the data.
#
# You can add locally served data with
# local-zone: "local." static
# local-data: "mycomputer.local. IN A 192.0.2.51"
# local-data: 'mytext.local TXT "content of text record"'
#
# You can override certain queries with
# local-data: "adserver.example.com A 127.0.0.1"
#
# You can redirect a domain to a fixed address with
# (this makes example.com, www.example.com, etc, all go to 192.0.2.3)
# local-zone: "example.com" redirect
# local-data: "example.com A 192.0.2.3"
#
# Shorthand to make PTR records, "IPv4 name" or "IPv6 name".
# You can also add PTR records using local-data directly, but then
# you need to do the reverse notation yourself.
# local-data-ptr: "192.0.2.3 www.example.com"
# service clients over SSL (on the TCP sockets), with plain DNS inside
# the SSL stream. Give the certificate to use and private key.
# default is "" (disabled). requires restart to take effect.
# ssl-service-key: "path/to/privatekeyfile.key"
# ssl-service-pem: "path/to/publiccertfile.pem"
# ssl-port: 443
# request upstream over SSL (with plain DNS inside the SSL stream).
# Default is no. Can be turned on and off with unbound-control.
# ssl-upstream: no
# Python config section. To enable:
# o use --with-pythonmodule to configure before compiling.
# o list python in the module-config string (above) to enable.
# o and give a python-script to run.
python:
# Script file to load
# python-script: "/etc/unbound/ubmodule-tst.py"
# Remote control config section.
remote-control:
# Enable remote control with unbound-control(8) here.
# set up the keys and certificates with unbound-control-setup.
# control-enable: no
# what interfaces are listened to for remote control.
# give 0.0.0.0 and ::0 to listen to all interfaces.
# control-interface: 127.0.0.1
# control-interface: ::1
# port number for remote control operations.
# control-port: 8953
# unbound server key file.
# server-key-file: "/etc/unbound/unbound_server.key"
# unbound server certificate file.
# server-cert-file: "/etc/unbound/unbound_server.pem"
# unbound-control key file.
# control-key-file: "/etc/unbound/unbound_control.key"
# unbound-control certificate file.
# control-cert-file: "/etc/unbound/unbound_control.pem"
# Stub zones.
# Create entries like below, to make all queries for 'example.com' and
# 'example.org' go to the given list of nameservers. list zero or more
# nameservers by hostname or by ipaddress. If you set stub-prime to yes,
# the list is treated as priming hints (default is no).
# With stub-first yes, it attempts without the stub if it fails.
# stub-zone:
# name: "example.com"
# stub-addr: 192.0.2.68
# stub-prime: no
# stub-first: no
# stub-zone:
# name: "example.org"
# stub-host: ns.example.com.
# Forward zones
# Create entries like below, to make all queries for 'example.com' and
# 'example.org' go to the given list of servers. These servers have to handle
# recursion to other nameservers. List zero or more nameservers by hostname
# or by ipaddress. Use an entry with name "." to forward all queries.
# If you enable forward-first, it attempts without the forward if it fails.
# forward-zone:
# name: "example.com"
# forward-addr: 192.0.2.68
# forward-addr: 192.0.2.73@5355 # forward to port 5355.
# forward-first: no
# forward-zone:
# name: "example.org"
# forward-host: fwd.example.com
include: "/etc/unbound/unbound.conf.d/*.conf"

View File

@ -0,0 +1,139 @@
server:
local-data: "vin 30 in a 10.20.0.1"
local-data-ptr: "10.20.0.1 30 vin"
local-data: "coresw 30 in a 10.20.0.11"
local-data-ptr: "10.20.0.11 30 coresw"
local-data: "f0sw 30 in a 10.20.0.27"
local-data-ptr: "10.20.0.27 30 f0sw"
local-data: "nocsw 30 in a 10.20.0.28"
local-data-ptr: "10.20.0.28 30 nocsw"
local-data: "receptionsw 30 in a 10.20.0.25"
local-data-ptr: "10.20.0.25 30 receptionsw"
local-data: "teamsw 30 in a 10.20.0.26"
local-data-ptr: "10.20.0.26 30 teamsw"
local-data: "vocsw-a 30 in a 10.20.0.21"
local-data-ptr: "10.20.0.21 30 vocsw-a"
local-data: "vocsw-b 30 in a 10.20.0.22"
local-data-ptr: "10.20.0.22 30 vocsw-b"
local-data: "vocsw-c 30 in a 10.20.0.23"
local-data-ptr: "10.20.0.23 30 vocsw-c"
local-data: "vocsw-d 30 in a 10.20.0.24"
local-data-ptr: "10.20.0.24 30 vocsw-d"
local-data: "ap-cf-srv 30 in a 10.20.0.55"
local-data-ptr: "10.20.0.55 30 ap-cf-srv"
local-data: "ap-cf-f-l 30 in a 10.20.0.50"
local-data-ptr: "10.20.0.50 30 ap-cf-f-l"
local-data: "ap-cf-f-r 30 in a 10.20.0.51"
local-data-ptr: "10.20.0.51 30 ap-cf-f-r"
local-data: "ap-cf-b1 30 in a 10.20.0.54"
local-data-ptr: "10.20.0.54 30 ap-cf-b1"
local-data: "ap-cf-a1 30 in a 10.20.0.52"
local-data-ptr: "10.20.0.52 30 ap-cf-a1"
local-data: "ap-cf-a2 30 in a 10.20.0.53"
local-data-ptr: "10.20.0.53 30 ap-cf-a2"
local-data: "ap-cf-c1 30 in a 10.20.0.55"
local-data-ptr: "10.20.0.55 30 ap-cf-c1"
local-data: "ap-cf-qws 30 in a 10.20.0.59"
local-data-ptr: "10.20.0.59 30 ap-cf-qws"
local-data: "ap-cf-ch 30 in a 10.20.0.58"
local-data-ptr: "10.20.0.58 30 ap-cf-ch"
local-data: "ap-ws-ws1 30 in a 10.20.0.60"
local-data-ptr: "10.20.0.60 30 ap-ws-ws1"
local-data: "ap-ws-ws2 30 in a 10.20.0.61"
local-data-ptr: "10.20.0.61 30 ap-ws-ws2"
local-data: "ap-ws-noc 30 in a 10.20.0.62"
local-data-ptr: "10.20.0.62 30 ap-ws-noc"
local-data: "ap-spare-1 30 in a 10.20.0.63"
local-data-ptr: "10.20.0.63 30 ap-spare-1"
local-data: "ap-spare-2 30 in a 10.20.0.64"
local-data-ptr: "10.20.0.64 30 ap-spare-2"
local-data: "ap-spare-3 30 in a 10.20.0.65"
local-data-ptr: "10.20.0.65 30 ap-spare-3"
local-data: "scaler-A 30 in a 10.23.0.6"
local-data-ptr: "10.23.0.6 30 scaler-A"
local-data: "fbox-camera-C 30 in a 10.23.0.8"
local-data-ptr: "10.23.0.8 30 fbox-camera-C"
local-data: "fbox-slides-C 30 in a 10.23.0.9"
local-data-ptr: "10.23.0.9 30 fbox-slides-C"
local-data: "fbox-camera-B 30 in a 10.23.0.10"
local-data-ptr: "10.23.0.10 30 fbox-camera-B"
local-data: "fbox-slides-B 30 in a 10.23.0.11"
local-data-ptr: "10.23.0.11 30 fbox-slides-B"
local-data: "stream-A 30 in a 10.23.0.21"
local-data-ptr: "10.23.0.21 30 stream-A"
local-data: "stream-B 30 in a 10.23.0.22"
local-data-ptr: "10.23.0.22 30 stream-B"
local-data: "stream-C 30 in a 10.23.0.23"
local-data-ptr: "10.23.0.23 30 stream-C"
local-data: "control-A-1 30 in a 10.23.0.31"
local-data-ptr: "10.23.0.31 30 control-A-1"
local-data: "control-A-2 30 in a 10.23.0.32"
local-data-ptr: "10.23.0.32 30 control-A-2"
local-data: "icom-A-1 30 in a 10.23.0.35"
local-data-ptr: "10.23.0.35 30 icom-A-1"
local-data: "icom-A-2 30 in a 10.23.0.36"
local-data-ptr: "10.23.0.36 30 icom-A-2"
local-data: "icom-A-3 30 in a 10.23.0.37"
local-data-ptr: "10.23.0.37 30 icom-A-3"
local-data: "control-B-1 30 in a 10.23.0.41"
local-data-ptr: "10.23.0.41 30 control-B-1"
local-data: "control-B-2 30 in a 10.23.0.42"
local-data-ptr: "10.23.0.42 30 control-B-2"
local-data: "icom-B-1 30 in a 10.23.0.45"
local-data-ptr: "10.23.0.45 30 icom-B-1"
local-data: "icom-B-2 30 in a 10.23.0.46"
local-data-ptr: "10.23.0.46 30 icom-B-2"
local-data: "icom-B-3 30 in a 10.23.0.47"
local-data-ptr: "10.23.0.47 30 icom-B-3"
local-data: "tv-1 30 in a 10.24.0.11"
local-data-ptr: "10.24.0.11 30 tv-1"
local-data: "tv-2 30 in a 10.24.0.12"
local-data-ptr: "10.24.0.12 30 tv-2"
local-data: "printer-1 30 in a 10.25.0.11"
local-data-ptr: "10.25.0.11 30 printer-1"

View File

@ -0,0 +1,9 @@
server:
# Send minimum amount of information to upstream servers to enhance
# privacy. Only sends minimum required labels of the QNAME and sets
# QTYPE to NS when possible.
# See RFC 7816 "DNS Query Name Minimisation to Improve Privacy" for
# details.
qname-minimisation: yes

View File

@ -0,0 +1,4 @@
server:
# The following line will configure unbound to perform cryptographic
# DNSSEC validation using the root trust anchor.
auto-trust-anchor-file: "/var/lib/unbound/root.key"

1
monitoring/icinga2/.gitignore vendored Normal file
View File

@ -0,0 +1 @@
features-available

View File

@ -0,0 +1,9 @@
/**
* The ApiUser objects are used for authentication against the API.
*/
object ApiUser "root" {
password = "pass"
// client_cn = ""
permissions = [ "*" ]
}

View File

@ -0,0 +1 @@
object IcingaApplication "app" { }

View File

@ -0,0 +1,7 @@
apply Service "apt" {
import "generic-service"
check_command = "apt"
assign where host.name == NodeName
}

View File

@ -0,0 +1,124 @@
object CheckCommand "check_net_int" {
import "by_ssh"
vars.by_ssh_timeout = "420"
timeout = "420"
vars.by_ssh_command = PluginDir + "/check_interface_load.sh -w $int_warn$ -c $int_crit$"
vars.by_ssh_options = [
"StrictHostKeyChecking=no",
"ControlMaster=auto",
"ControlPath=/var/run/icinga2/$host.name$",
"ControlPersist=20m"
]
vars.int_warn=""
vars.int_crit=""
}
object CheckCommand "check_open_ports" {
import "by_ssh"
vars.by_ssh_timeout = "420"
timeout = "420"
vars.by_ssh_command = PluginDir + "/check_network_ports.sh -p \"$ports$\" -H $host$"
vars.by_ssh_options = [
"StrictHostKeyChecking=no",
"ControlMaster=auto",
"ControlPath=/var/run/icinga2/$host.name$",
"ControlPersist=20m"
]
vars.ports=""
vars.host=""
}
object CheckCommand "check_sensors" {
import "plugin-check-command"
command = PluginDir + "/check_sensors_vin"
}
object CheckCommand "check_unbound" {
import "plugin-check-command"
command = PluginDir + "/check_unbound-ng.sh"
}
########################################################################################
# OpenWRT APs
########################################################################################
object CheckCommand "check_bandwidth" {
import "by_ssh"
vars.by_ssh_command = PluginDir + "/check_bandwidth.sh -i $interface$ -w $int_warn$ -c $int_crit$"
vars.by_ssh_timeout = "420"
timeout = "420"
vars.by_ssh_options = [
"StrictHostKeyChecking=no",
"ControlMaster=auto",
"ControlPath=/var/run/icinga2/$host.name$",
"ControlPersist=20m"
]
vars.int_warn="50000"
vars.int_crit="100000"
}
#######################################################################################
# VOC switches
#######################################################################################
object CheckCommand "check_operstatus" {
import "plugin-check-command"
command = PluginDir + "/check_snmp -H $host$ -C openfest --oid $OID$ --miblist=IF-MIB -r $value$"
vars.host=""
vars.OID=""
vars.value=""
timeout = "120"
}
object CheckCommand "check_operstatus_regex" {
import "plugin-check-command"
command = PluginDir + "/check_snmp -H $host$ -C openfest --oid $OID$ -r $value$"
vars.host=""
vars.OID=""
vars.value=""
timeout = "120"
}
object CheckCommand "cisco-poe-check" {
import "plugin-check-command"
command = SysconfDir + "/icinga2/scripts/check_snmp_cisco_poe.pl -H $host.address$ -C openfest -w $host.vars.poe_watts_warning$ -c $host.vars.poe_watts_critical$"
timeout = "10"
}
object CheckCommand "nwc_check" {
import "plugin-check-command"
command = SysconfDir + "/icinga2/scripts/check_nwc_health --hostname $host.address# --community openfest --mode $mode$"
vars.mode = ""
}
object CheckCommand "rtmp-check" {
import "plugin-check-command"
command = SysconfDir + "/icinga2/scripts/check_rtmp.sh -t $timeout$ -u $monitoreduri$"
vars.monitoreduri = ""
vars.timeout = 10
}
object CheckCommand "check-audio-stream" {
import "plugin-check-command"
command = PluginDir + "/check_http -N -H openfest.org -p 8000 -E -u $monitoredpath$"
vars.monitoredpath = ""
}
########################################################################################
# Router services
########################################################################################
object CheckCommand "bgp_sessions_check" {
import "plugin-check-command"
command = PluginDir + "/check_bird_bgp --asn $ASN$ --ebgp --sessions_down_ok $sessions_down$"
vars.ASN = ""
vars.sessions_down = ""
}
#######################################################################################
# UPS checks
#######################################################################################
object CheckCommand "check_ups" {
import "plugin-check-command"
command = PluginDir + "/check_snmp -H $host$ -P 1 -C openfest --oid $OID$ --miblist=UPS-MIB -r $value$"
vars.host=""
vars.OID=""
vars.value=""
timeout = "120"
}

View File

@ -0,0 +1,187 @@
/* Command objects */
/* Notification Commands
*
* Please check the documentation for all required and
* optional parameters.
*/
object NotificationCommand "mail-host-notification" {
command = [ ConfigDir + "/scripts/mail-host-notification.sh" ]
arguments += {
"-4" = "$notification_address$"
"-6" = "$notification_address6$"
"-b" = "$notification_author$"
"-c" = "$notification_comment$"
"-d" = {
required = true
value = "$notification_date$"
}
"-f" = {
value = "$notification_from$"
description = "Set from address. Requires GNU mailutils (Debian/Ubuntu) or mailx (RHEL/SUSE)"
}
"-i" = "$notification_icingaweb2url$"
"-l" = {
required = true
value = "$notification_hostname$"
}
"-n" = {
required = true
value = "$notification_hostdisplayname$"
}
"-o" = {
required = true
value = "$notification_hostoutput$"
}
"-r" = {
required = true
value = "$notification_useremail$"
}
"-s" = {
required = true
value = "$notification_hoststate$"
}
"-t" = {
required = true
value = "$notification_type$"
}
"-v" = "$notification_logtosyslog$"
}
vars += {
notification_address = "$address$"
notification_address6 = "$address6$"
notification_author = "$notification.author$"
notification_comment = "$notification.comment$"
notification_type = "$notification.type$"
notification_date = "$icinga.long_date_time$"
notification_hostname = "$host.name$"
notification_hostdisplayname = "$host.display_name$"
notification_hostoutput = "$host.output$"
notification_hoststate = "$host.state$"
notification_useremail = "$user.email$"
}
}
object NotificationCommand "mail-service-notification" {
command = [ ConfigDir + "/scripts/mail-service-notification.sh" ]
arguments += {
"-4" = "$notification_address$"
"-6" = "$notification_address6$"
"-b" = "$notification_author$"
"-c" = "$notification_comment$"
"-d" = {
required = true
value = "$notification_date$"
}
"-e" = {
required = true
value = "$notification_servicename$"
}
"-f" = {
value = "$notification_from$"
description = "Set from address. Requires GNU mailutils (Debian/Ubuntu) or mailx (RHEL/SUSE)"
}
"-i" = "$notification_icingaweb2url$"
"-l" = {
required = true
value = "$notification_hostname$"
}
"-n" = {
required = true
value = "$notification_hostdisplayname$"
}
"-o" = {
required = true
value = "$notification_serviceoutput$"
}
"-r" = {
required = true
value = "$notification_useremail$"
}
"-s" = {
required = true
value = "$notification_servicestate$"
}
"-t" = {
required = true
value = "$notification_type$"
}
"-u" = {
required = true
value = "$notification_servicedisplayname$"
}
"-v" = "$notification_logtosyslog$"
}
vars += {
notification_address = "$address$"
notification_address6 = "$address6$"
notification_author = "$notification.author$"
notification_comment = "$notification.comment$"
notification_type = "$notification.type$"
notification_date = "$icinga.long_date_time$"
notification_hostname = "$host.name$"
notification_hostdisplayname = "$host.display_name$"
notification_servicename = "$service.name$"
notification_serviceoutput = "$service.output$"
notification_servicestate = "$service.state$"
notification_useremail = "$user.email$"
notification_servicedisplayname = "$service.display_name$"
}
}
/*
* If you prefer to use the notification scripts with environment
* variables instead of command line parameters, you can use
* the following commands. They have been updated from < 2.7
* to support the new notification scripts and should help
* with an upgrade.
* Remove the comment blocks and comment the notification commands above.
*/
/*
object NotificationCommand "mail-host-notification" {
command = [ ConfigDir + "/scripts/mail-host-notification.sh" ]
env = {
NOTIFICATIONTYPE = "$notification.type$"
HOSTDISPLAYNAME = "$host.display_name$"
HOSTNAME = "$host.name$"
HOSTADDRESS = "$address$"
HOSTSTATE = "$host.state$"
LONGDATETIME = "$icinga.long_date_time$"
HOSTOUTPUT = "$host.output$"
NOTIFICATIONAUTHORNAME = "$notification.author$"
NOTIFICATIONCOMMENT = "$notification.comment$"
HOSTDISPLAYNAME = "$host.display_name$"
USEREMAIL = "$user.email$"
}
}
object NotificationCommand "mail-service-notification" {
command = [ ConfigDir + "/scripts/mail-service-notification.sh" ]
env = {
NOTIFICATIONTYPE = "$notification.type$"
SERVICENAME = "$service.name$"
HOSTNAME = "$host.name$"
HOSTDISPLAYNAME = "$host.display_name$"
HOSTADDRESS = "$address$"
SERVICESTATE = "$service.state$"
LONGDATETIME = "$icinga.long_date_time$"
SERVICEOUTPUT = "$service.output$"
NOTIFICATIONAUTHORNAME = "$notification.author$"
NOTIFICATIONCOMMENT = "$notification.comment$"
HOSTDISPLAYNAME = "$host.display_name$"
SERVICEDISPLAYNAME = "$service.display_name$"
USEREMAIL = "$user.email$"
}
}
*/

View File

@ -0,0 +1,12 @@
apply Dependency "disable-host-service-checks" to Service {
disable_checks = true
assign where true
}
apply Dependency "host-depends-on-host" to Host {
parent_host_name = host.vars.parent
disable_checks = true
disable_notifications = true
assign where host.vars.parent
}

View File

@ -0,0 +1,20 @@
/**
* The example downtime apply rule.
*/
apply ScheduledDowntime "backup-downtime" to Service {
author = "icingaadmin"
comment = "Scheduled downtime for backup"
ranges = {
monday = service.vars.backup_downtime
tuesday = service.vars.backup_downtime
wednesday = service.vars.backup_downtime
thursday = service.vars.backup_downtime
friday = service.vars.backup_downtime
saturday = service.vars.backup_downtime
sunday = service.vars.backup_downtime
}
assign where service.vars.backup_downtime != ""
}

View File

@ -0,0 +1,95 @@
/**
* Host group examples.
*/
object HostGroup "linux-servers" {
display_name = "Linux Servers"
assign where host.vars.os == "Linux"
}
/**
* Service group examples.
*/
object ServiceGroup "ping" {
display_name = "Ping Checks"
assign where match("ping*", service.name)
}
object ServiceGroup "http" {
display_name = "HTTP Checks"
assign where match("http*", service.check_command)
}
object ServiceGroup "disk" {
display_name = "Disk Checks"
assign where match("disk*", service.check_command)
}
object ServiceGroup "openwrt" {
display_name = "openwrt APs"
assign where "openwrt" in host.vars.groups
}
object ServiceGroup "vocsw" {
display_name = "Video Team switches"
assign where "vocsw" in host.vars.groups
}
object ServiceGroup "ciscosw" {
display_name = "CISCO Switches"
assign where "ciscosw" in host.vars.groups
}
object HostGroup "vocsw" {
display_name = "Video Team switches"
assign where "vocsw" in host.vars.groups
}
object HostGroup "ciscosw" {
display_name = "CISCO Switches"
assign where "ciscosw" in host.vars.groups
}
object HostGroup "misc" {
display_name = "Misc devices"
assign where "misc" in host.vars.groups
}
object HostGroup "overflow" {
display_name = "Overflow RPIs"
assign where "overflow" in host.vars.groups
}
object HostGroup "equipment" {
display_name = "Video team equipment"
assign where "equipment" in host.vars.groups
}
object HostGroup "phones" {
display_name = "Telephones"
assign where "phone" in host.vars.groups
}
object HostGroup "wifi" {
display_name = "Access points"
assign where "openwrt" in host.vars.groups
}
object HostGroup "ups" {
display_name = "UPS-es"
assign where "ups" in host.vars.groups
}
object HostGroup "routers" {
display_name = "Routers"
assign where "routers" in host.vars.groups
}

View File

@ -0,0 +1,56 @@
/*
* Host definitions with object attributes
* used for apply rules for Service, Notification,
* Dependency and ScheduledDowntime objects.
*
* Tip: Use `icinga2 object list --type Host` to
* list all host objects after running
* configuration validation (`icinga2 daemon -C`).
*/
/*
* This is an example host based on your
* local host's FQDN. Specify the NodeName
* constant in `constants.conf` or use your
* own description, e.g. "db-host-1".
*/
object Host NodeName {
/* Import the default host template defined in `templates.conf`. */
import "generic-host"
/* Specify the address attributes for checks e.g. `ssh` or `http`. */
address = "127.0.0.1"
address6 = "::1"
/* Set custom variable `os` for hostgroup assignment in `groups.conf`. */
vars.os = "Linux"
/* Define http vhost attributes for service apply rules in `services.conf`. */
vars.http_vhosts["http"] = {
http_uri = "/"
}
/* Uncomment if you've sucessfully installed Icinga Web 2. */
//vars.http_vhosts["Icinga Web 2"] = {
// http_uri = "/icingaweb2"
//}
/* Define disks and attributes for service apply rules in `services.conf`. */
vars.disks["disk"] = {
/* No parameters. */
}
vars.disks["disk /"] = {
disk_partitions = "/"
}
/* Define notification mail attributes for notification apply rules in `notifications.conf`. */
vars.notification["mail"] = {
/* The UserGroup `icingaadmins` is defined in `users.conf`. */
groups = [ "icingaadmins" ]
}
vars.notification["slack"] = {
groups = [ "icingaadmins"]
}
}

View File

@ -0,0 +1,31 @@
object Host "dell-ups.openfest.org" {
import "generic-host"
address = "dell-ups"
vars.groups = [ "ups" ]
vars.ups[ "Battery Status" ] = {
OID = "1.3.6.1.2.1.33.1.2.1.0"
value = 2
}
vars.ups[ "Seconds on Battery" ] = {
OID = "1.3.6.1.2.1.33.1.2.2.0"
value = 0
}
vars.ups[ "Estimated Min Remaining" ] = {
OID = "1.3.6.1.2.1.33.1.2.3.0"
}
vars.ups[ "Estimated Charge Remaining" ] = {
OID = "1.3.6.1.2.1.33.1.2.4.0"
}
vars.ups[ "Temperature" ] = {
OID = "1.3.6.1.2.1.33.1.2.7.0"
}
vars.notification["slack"] = {
groups = [ "icingaadmins" ]
}
}

View File

@ -0,0 +1,9 @@
object Host "voc-control-A-1" {
import "generic-host"
# main room laptop/controller [1/2]
address = "control-A-1"
vars.groups = [ "equipment" ]
vars.parent = "vocsw-A.openfest.org"
}

View File

@ -0,0 +1,9 @@
object Host "voc-control-A-2" {
import "generic-host"
# main room laptop/controller [2/2]
address = "control-A-2"
vars.groups = [ "equipment" ]
vars.parent = "vocsw-A.openfest.org"
}

View File

@ -0,0 +1,9 @@
object Host "voc-control-B-1" {
import "generic-host"
# second room laptop/controller [1/2]
address = "control-B-1"
vars.groups = [ "equipment" ]
vars.parent = "vocsw-B.openfest.org"
}

View File

@ -0,0 +1,9 @@
object Host "voc-control-B-2" {
import "generic-host"
# second room laptop/controller [2/2]
address = "control-B-2"
vars.groups = [ "equipment" ]
vars.parent = "vocsw-B.openfest.org"
}

View File

@ -0,0 +1,9 @@
object Host "voc-fbox-camera-B" {
import "generic-host"
# FOSDEM cambox in room B
address = "fbox-camera-B"
vars.groups = [ "equipment" ]
vars.parent = "coresw.openfest.org"
}

View File

@ -0,0 +1,9 @@
object Host "voc-fbox-camera-C" {
import "generic-host"
# FOSDEM cambox in room C
address = "fbox-camera-C"
vars.groups = [ "equipment" ]
vars.parent = "coresw.openfest.org"
}

View File

@ -0,0 +1,9 @@
object Host "voc-fbox-slides-B" {
import "generic-host"
# FOSDEM slidebox in room B
address = "fbox-slides-B"
vars.groups = [ "equipment" ]
vars.parent = "coresw.openfest.org"
}

View File

@ -0,0 +1,9 @@
object Host "voc-fbox-slides-C" {
import "generic-host"
# FOSDEM slidebox in room C
address = "fbox-slides-C"
vars.groups = [ "equipment" ]
vars.parent = "coresw.openfest.org"
}

View File

@ -0,0 +1,9 @@
object Host "voc-icom-A-1" {
import "generic-host"
# RPI intercom receiver 1 - main room [1/3]
address = "icom-A-1"
vars.groups = [ "equipment" ]
vars.parent = "vocsw-A.openfest.org"
}

View File

@ -0,0 +1,9 @@
object Host "voc-icom-A-2" {
import "generic-host"
# RPI intercom receiver 2 - main room [2/3]
address = "icom-A-2"
vars.groups = [ "equipment" ]
vars.parent = "vocsw-A.openfest.org"
}

View File

@ -0,0 +1,9 @@
object Host "voc-icom-A-3" {
import "generic-host"
# RPI intercom receiver 3 - main room [3/3]
address = "icom-A-3"
vars.groups = [ "equipment" ]
vars.parent = "vocsw-A.openfest.org"
}

View File

@ -0,0 +1,9 @@
object Host "voc-icom-B-1" {
import "generic-host"
# RPI intercom receiver 1 - second room [1/3]
address = "icom-B-1"
vars.groups = [ "equipment" ]
vars.parent = "vocsw-B.openfest.org"
}

View File

@ -0,0 +1,9 @@
object Host "voc-icom-B-2" {
import "generic-host"
# RPI intercom receiver 2 - second room [2/3]
address = "icom-B-2"
vars.groups = [ "equipment" ]
vars.parent = "vocsw-B.openfest.org"
}

View File

@ -0,0 +1,9 @@
object Host "voc-icom-B-3" {
import "generic-host"
# RPI intercom receiver 3 - second room [3/3]
address = "icom-B-3"
vars.groups = [ "equipment" ]
vars.parent = "vocsw-B.openfest.org"
}

View File

@ -0,0 +1,9 @@
object Host "voc-scaler-A" {
import "generic-host"
# Atlona scaler in room A
address = "scaler-A"
vars.groups = [ "equipment" ]
vars.parent = "vocsw-A.openfest.org"
}

View File

@ -0,0 +1,9 @@
object Host "voc-stream-A" {
import "generic-host"
# main room streamer
address = "stream-A"
vars.groups = [ "equipment" ]
vars.parent = "vocsw-A.openfest.org"
}

View File

@ -0,0 +1,9 @@
object Host "voc-stream-B" {
import "generic-host"
# second room streamer
address = "stream-B"
vars.groups = [ "equipment" ]
vars.parent = "vocsw-B.openfest.org"
}

View File

@ -0,0 +1,9 @@
object Host "voc-stream-C" {
import "generic-host"
# third room streamer
address = "stream-C"
vars.groups = [ "equipment" ]
vars.parent = "vocsw-C.openfest.org"
}

View File

@ -0,0 +1,9 @@
object Host "voc-videoswitcher-A" {
import "generic-host"
# Atlona scaler in room A
address = "videoswitcher-A"
vars.groups = [ "equipment" ]
vars.parent = "vocsw-A.openfest.org"
}

View File

@ -0,0 +1,9 @@
object Host "printer-1" {
import "generic-host"
# reception printer
address = "printer-1"
vars.groups = [ "misc" ]
vars.parent = "receptionsw.openfest.org"
}

View File

@ -0,0 +1,9 @@
object Host "printer-1" {
import "generic-host"
# reception printer
address = "printer-1"
vars.groups = [ "misc" ]
vars.parent = "receptionsw.openfest.org"
}

View File

@ -0,0 +1,9 @@
object Host "rpi-tv-1" {
import "generic-host"
# Overflow TV-1
address = "tv-1"
vars.groups = [ "overflow" ]
vars.parent = "teamsw.openfest.org"
}

View File

@ -0,0 +1,9 @@
object Host "rpi-tv-2" {
import "generic-host"
# Overflow TV-2
address = "tv-2"
vars.groups = [ "overflow" ]
vars.parent = "teamsw.openfest.org"
}

View File

@ -0,0 +1,13 @@
object Host "phone-A" {
import "generic-host"
address = "phone-A"
vars.groups = [ "phone" ]
vars.parent = "vocsw-A.openfest.org"
# check_command = "xxx_health"
# vars.extra_port_check = ""
# vars.specification = "vocsw"
}

View File

@ -0,0 +1,13 @@
object Host "phone-B" {
import "generic-host"
address = "phone-B"
vars.groups = [ "phone" ]
vars.parent = "vocsw-B.openfest.org"
# check_command = "xxx_health"
# vars.extra_port_check = ""
# vars.specification = "vocsw"
}

View File

@ -0,0 +1,13 @@
object Host "phone-C" {
import "generic-host"
address = "phone-C"
vars.groups = [ "phone" ]
vars.parent = "vocsw-C.openfest.org"
# check_command = "xxx_health"
# vars.extra_port_check = ""
# vars.specification = "vocsw"
}

View File

@ -0,0 +1,13 @@
object Host "phone-D" {
import "generic-host"
address = "phone-D"
vars.groups = [ "phone" ]
vars.parent = "vocsw-D.openfest.org"
# check_command = "xxx_health"
# vars.extra_port_check = ""
# vars.specification = "vocsw"
}

View File

@ -0,0 +1,13 @@
object Host "phone-noc-1" {
import "generic-host"
address = "phone-noc-1"
vars.groups = [ "phone" ]
vars.parent = "nocsw.openfest.org"
# check_command = "xxx_health"
# vars.extra_port_check = ""
# vars.specification = "vocsw"
}

View File

@ -0,0 +1,13 @@
object Host "phone-noc-2" {
import "generic-host"
address = "phone-noc-2"
vars.groups = [ "phone" ]
vars.parent = "nocsw.openfest.org"
# check_command = "xxx_health"
# vars.extra_port_check = ""
# vars.specification = "vocsw"
}

View File

@ -0,0 +1,13 @@
object Host "phone-reception" {
import "generic-host"
address = "phone-reception"
vars.groups = [ "phone" ]
vars.parent = "receptionsw.openfest.org"
# check_command = "xxx_health"
# vars.extra_port_check = ""
# vars.specification = "vocsw"
}

View File

@ -0,0 +1,13 @@
object Host "phone-team" {
import "generic-host"
address = "phone-team"
vars.groups = [ "phone" ]
vars.parent = "teamsw.openfest.org"
# check_command = "xxx_health"
# vars.extra_port_check = ""
# vars.specification = "vocsw"
}

View File

@ -0,0 +1,46 @@
object Host "vin-external.openfest.org" {
import "generic-host"
address = "185.117.82.237"
# check_command = "xxx_health"
# vars.extra_port_check = ""
vars.by_ssh_port = "22"
vars.by_ssh_logname = "nagios"
vars.by_ssh_identity = "/var/lib/nagios/.ssh/id_rsa"
vars.groups = [ "routers" ]
vars.net_interfaces = [ "bond0", "bond0.20", "bond0.21", "bond0.22", "bond0.23", "bond0.24", "bond0.25", "bond0.26", "bond0.4001", "eno1", "enp1s0f4", "enp1s0f4d1" ]
vars.open_ports = "80 179 2004 53 22 7002 8443 443"
vars.ASN = "65500"
vars.sessions_down = "hawk_pri marla_pri marla_tp_v spitfire_pri"
vars.notification["slack"] = {
groups = [ "icingaadmins" ]
}
vars.rtmp_check[ "hall-a" ] = {
monitoreduri = "rtmp://127.0.0.1/st/hall-a"
timeout =15
}
vars.rtmp_check[ "hall-b" ] = {
monitoreduri = "rtmp://127.0.0.1/st/hall-b"
timeout =15
}
vars.rtmp_check[ "hall-c" ] = {
monitoreduri = "rtmp://127.0.0.1/st/hall-c"
timeout =15
}
vars.audiostream_check[ "hall-a-sound" ] = {
monitoredpath = "/halla.mp3"
}
vars.audiostream_check[ "hall-b-sound" ] = {
monitoredpath = "/hallb.mp3"
}
vars.audiostream_check[ "hall-c-sound" ] = {
monitoredpath = "/hallc.mp3"
}
}

View File

@ -0,0 +1,256 @@
object Host "coresw.openfest.org" {
import "generic-host"
address = "coresw"
vars.groups = [ "ciscosw" ]
# check_command = "xxx_health"
# vars.extra_port_check = ""
# vars.specification = "vocsw"
# vin - primary link
vars.snmp_ifaces [ "TenGigabitEthernet1/0/2" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10202"
value = "1"
}
# debug
vars.snmp_ifaces [ "GigabitEthernet1/0/1" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10101"
value = "1|2"
}
# debug/trunk
vars.snmp_ifaces [ "GigabitEthernet1/0/2" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10102"
value = "1|2"
}
# vin/backup
vars.snmp_ifaces [ "GigabitEthernet1/0/3" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10103"
value = "1|2"
}
# aps
vars.snmp_ifaces [ "GigabitEthernet1/0/5" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10105"
value = "1"
}
vars.snmp_ifaces [ "GigabitEthernet1/0/6" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10106"
value = "1"
}
vars.snmp_ifaces [ "GigabitEthernet1/0/7" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10107"
value = "1"
}
vars.snmp_ifaces [ "GigabitEthernet1/0/8" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10108"
value = "1"
}
vars.snmp_ifaces [ "GigabitEthernet1/0/9" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10109"
value = "1"
}
vars.snmp_ifaces [ "GigabitEthernet1/0/10" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10110"
value = "1"
}
vars.snmp_ifaces [ "GigabitEthernet1/0/11" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10111"
value = "1"
}
# dowstream switches
# reception-sw
vars.snmp_ifaces [ "GigabitEthernet1/0/17" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10117"
value = "1"
}
# team-sw
vars.snmp_ifaces [ "GigabitEthernet1/0/18" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10118"
value = "1"
}
# vocsw-A
vars.snmp_ifaces [ "GigabitEthernet1/0/19" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10119"
value = "1"
}
# vocsw-B
vars.snmp_ifaces [ "GigabitEthernet1/0/20" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10120"
value = "1"
}
# vocsw-C
vars.snmp_ifaces [ "GigabitEthernet1/0/21" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10121"
value = "1"
}
# vocsw-D
vars.snmp_ifaces [ "GigabitEthernet1/0/22" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10122"
value = "1"
}
# presenters
vars.snmp_ifaces [ "GigabitEthernet1/0/24" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10124"
value = "1|2"
}
vars.snmp_ifaces [ "GigabitEthernet1/0/25" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10125"
value = "1|2"
}
vars.snmp_ifaces [ "GigabitEthernet1/0/26" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10126"
value = "1|2"
}
# camboxes
vars.snmp_ifaces [ "GigabitEthernet1/0/27" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10127"
value = "1"
}
vars.snmp_ifaces [ "GigabitEthernet1/0/28" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10128"
value = "1"
}
# techpark
vars.snmp_ifaces [ "GigabitEthernet1/0/48" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10148"
value = "1"
}
# f0sw
vars.snmp_ifaces [ "GigabitEthernet1/0/49" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10149"
value = "1"
}
# ipacct
vars.snmp_ifaces [ "GigabitEthernet1/0/50" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10150"
value = "1"
}
# ups
vars.snmp_ifaces [ "GigabitEthernet1/0/41" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10141"
value = "1"
}
# down
vars.snmp_ifaces [ "TenGigabitEthernet1/0/1" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10201"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet1/0/12" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10112"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet1/0/13" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10113"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet1/0/14" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10114"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet1/0/15" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10115"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet1/0/16" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10116"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet1/0/4" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10104"
value = "1|2"
}
vars.snmp_ifaces [ "GigabitEthernet1/0/23" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10123"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet1/0/29" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10129"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet1/0/30" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10130"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet1/0/31" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10131"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet1/0/32" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10132"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet1/0/33" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10133"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet1/0/34" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10134"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet1/0/35" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10135"
value = "1|2"
}
vars.snmp_ifaces [ "GigabitEthernet1/0/36" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10136"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet1/0/37" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10137"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet1/0/38" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10138"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet1/0/39" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10139"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet1/0/40" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10140"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet1/0/42" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10142"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet1/0/43" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10143"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet1/0/44" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10144"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet1/0/45" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10145"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet1/0/46" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10146"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet1/0/47" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10147"
value = "2"
}
vars.snmp_ifaces [ "FastEthernet0" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.14502"
value = "2"
}
vars.snmp_uptime = "true"
vars.poe_watts_warning = "300"
vars.poe_watts_critical = "100"
}

View File

@ -0,0 +1,222 @@
object Host "f0sw.openfest.org" {
import "generic-host"
address = "f0sw"
vars.groups = [ "ciscosw" ]
vars.parent = "coresw.openfest.org"
# check_command = "xxx_health"
# vars.extra_port_check = ""
# vars.specification = "vocsw"
#nocsw
vars.snmp_ifaces [ "GigabitEthernet0/1" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10101"
value = "1"
}
# aps
vars.snmp_ifaces [ "GigabitEthernet0/2" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10102"
value = "1"
}
vars.snmp_ifaces [ "GigabitEthernet0/3" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10103"
value = "1"
}
# wired maybe
vars.snmp_ifaces [ "GigabitEthernet0/11" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10111"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet0/12" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10112"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet0/13" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10113"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet0/14" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10114"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet0/15" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10115"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet0/16" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10116"
value = "2"
}
# Overflow raspberry
vars.snmp_ifaces [ "GigabitEthernet0/20" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10120"
value = "1"
}
# uplink
vars.snmp_ifaces [ "GigabitEthernet0/49" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10149"
value = "1"
}
# down
vars.snmp_ifaces [ "GigabitEthernet0/04" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10104"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet0/05" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10105"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet0/06" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10106"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet0/07" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10107"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet0/08" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10108"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet0/09" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10109"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet0/10" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10110"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet0/17" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10117"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet0/18" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10118"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet0/19" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10119"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet0/21" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10121"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet0/22" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10122"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet0/23" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10123"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet0/24" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10124"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet0/25" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10125"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet0/26" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10126"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet0/27" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10127"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet0/28" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10128"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet0/29" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10129"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet0/30" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10130"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet0/31" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10131"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet0/32" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10132"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet0/33" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10133"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet0/34" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10134"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet0/35" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10135"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet0/36" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10136"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet0/37" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10137"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet0/38" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10138"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet0/39" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10139"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet0/40" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10140"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet0/41" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10141"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet0/42" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10142"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet0/43" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10143"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet0/44" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10144"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet0/45" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10145"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet0/46" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10146"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet0/47" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10147"
value = "2"
}
vars.snmp_ifaces [ "GigabitEthernet0/48" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10148"
value = "2"
}
vars.snmp_uptime = "true"
}

View File

@ -0,0 +1,13 @@
object Host "nocsw.openfest.org" {
import "generic-host"
address = "nocsw"
vars.groups = [ "ciscosw" ]
vars.parent = "f0sw.openfest.org"
# check_command = "xxx_health"
# vars.extra_port_check = ""
# vars.specification = "vocsw"
vars.snmp_uptime = "true"
}

View File

@ -0,0 +1,73 @@
object Host "receptionsw.openfest.org" {
import "generic-host"
address = "receptionsw"
vars.groups = [ "vocsw" ]
vars.parent = "coresw.openfest.org"
# check_command = "xxx_health"
# vars.extra_port_check = ""
# vars.specification = "vocsw"
# vars.net_interfaces = [ "eth0", "eth1" ]
vars.snmp_ifaces [ "gigabitEthernet 1/0/1" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.1"
value = "1" # UP - 1 , 2 - down
}
# printer - on usb
vars.snmp_ifaces [ "gigabitEthernet 1/0/2" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.2"
value = "2"
}
# pc ?
vars.snmp_ifaces [ "gigabitEthernet 1/0/3" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.3"
value = "1|2"
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/4" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.4"
value = "2"
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/5" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.5"
value = "2"
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/6" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.6"
value = "2"
}
# ip camera in reception
vars.snmp_ifaces [ "gigabitEthernet 1/0/7" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.7"
value = "1"
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/8" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.8"
value = "1"
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/9" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.9"
value = "2"
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/10" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10"
value = "2"
}
vars.snmp_uptime = "true"
vars.notification["slack"] = {
groups = [ "icingaadmins" ]
}
}

View File

@ -0,0 +1,70 @@
object Host "teamsw.openfest.org" {
import "generic-host"
address = "teamsw"
vars.groups = [ "vocsw" ]
vars.parent = "coresw.openfest.org"
# check_command = "xxx_health"
# vars.extra_port_check = ""
# vars.specification = "vocsw"
# vars.net_interfaces = [ "eth0", "eth1" ]
vars.snmp_ifaces [ "gigabitEthernet 1/0/1" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.1"
value = "1" # UP - 1 , 2 - down
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/2" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.2"
value = "1"
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/3" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.3"
value = "1|2"
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/4" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.4"
value = "2"
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/5" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.5"
value = "2"
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/6" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.6"
value = "2"
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/7" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.7"
value = "2"
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/8" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.8"
value = "1"
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/9" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.9"
value = "2"
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/10" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10"
value = "2"
}
vars.snmp_uptime = "true"
vars.notification["slack"] = {
groups = [ "icingaadmins" ]
}
}

View File

@ -0,0 +1,130 @@
object Host "uplink-gkc.openfest.org" {
import "generic-host"
address = "uplink-gkc"
vars.groups = [ "vocsw" ]
vars.parent = "coresw.openfest.org"
# check_command = "xxx_health"
# vars.extra_port_check = ""
# vars.specification = "vocsw"
# debug
vars.snmp_ifaces [ "FastEthernet0/1" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10001"
value = "1|2" # UP - 1 , 2 - down
}
# down
vars.snmp_ifaces [ "FastEthernet0/2" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10002"
value = "2"
}
vars.snmp_ifaces [ "FastEthernet0/3" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10003"
value = "2"
}
vars.snmp_ifaces [ "FastEthernet0/4" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10004"
value = "2"
}
vars.snmp_ifaces [ "FastEthernet0/5" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10005"
value = "2"
}
vars.snmp_ifaces [ "FastEthernet0/6" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10006"
value = "2"
}
vars.snmp_ifaces [ "FastEthernet0/7" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10007"
value = "2"
}
vars.snmp_ifaces [ "FastEthernet0/8" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10008"
value = "2"
}
vars.snmp_ifaces [ "FastEthernet0/9" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10009"
value = "2"
}
vars.snmp_ifaces [ "FastEthernet0/10" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10010"
value = "2"
}
vars.snmp_ifaces [ "FastEthernet0/11" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10011"
value = "2"
}
vars.snmp_ifaces [ "FastEthernet0/12" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10012"
value = "2"
}
vars.snmp_ifaces [ "FastEthernet0/13" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10013"
value = "2"
}
vars.snmp_ifaces [ "FastEthernet0/14" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10014"
value = "2"
}
vars.snmp_ifaces [ "FastEthernet0/15" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10015"
value = "2"
}
vars.snmp_ifaces [ "FastEthernet0/16" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10016"
value = "2"
}
vars.snmp_ifaces [ "FastEthernet0/17" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10017"
value = "2"
}
vars.snmp_ifaces [ "FastEthernet0/18" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10018"
value = "2"
}
vars.snmp_ifaces [ "FastEthernet0/19" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10019"
value = "2"
}
vars.snmp_ifaces [ "FastEthernet0/20" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10020"
value = "2"
}
vars.snmp_ifaces [ "FastEthernet0/21" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10021"
value = "2"
}
vars.snmp_ifaces [ "FastEthernet0/22" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10022"
value = "2"
}
vars.snmp_ifaces [ "FastEthernet0/23" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10023"
value = "2"
}
vars.snmp_ifaces [ "FastEthernet0/24" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10024"
value = "2"
}
# to gkc - switchboard
vars.snmp_ifaces [ "GigabitEthernet0/1" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10101"
value = "1"
}
# hall
vars.snmp_ifaces [ "GigabitEthernet0/2" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10102"
value = "1"
}
vars.notification["slack"] = {
groups = [ "icingaadmins" ]
}
vars.snmp_uptime = "true"
}

View File

@ -0,0 +1,72 @@
object Host "uplink-sw.openfest.org" {
import "generic-host"
address = "uplink-sw"
vars.groups = [ "vocsw" ]
vars.parent = "uplink-gkc.openfest.org"
# check_command = "xxx_health"
# vars.extra_port_check = ""
# vars.specification = "vocsw"
# debug
vars.snmp_ifaces [ "gigabitEthernet 1/0/1" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.1"
value = "2" # UP - 1 , 2 - down
}
# down
vars.snmp_ifaces [ "gigabitEthernet 1/0/2" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.2"
value = "2"
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/3" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.3"
value = "2"
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/4" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.4"
value = "2"
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/5" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.5"
value = "2"
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/6" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.6"
value = "2"
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/7" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.7"
value = "2"
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/8" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.8"
value = "2"
}
# uplink - ipacct
vars.snmp_ifaces [ "gigabitEthernet 1/0/9" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.9"
value = "1"
}
# to gkc
vars.snmp_ifaces [ "gigabitEthernet 1/0/10" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10"
value = "1"
}
vars.snmp_uptime = "true"
vars.notification["slack"] = {
groups = [ "icingaadmins" ]
}
}

View File

@ -0,0 +1,69 @@
object Host "vocsw-A.openfest.org" {
import "generic-host"
address = "vocsw-A"
vars.groups = [ "vocsw" ]
vars.parent = "coresw.openfest.org"
# check_command = "xxx_health"
# vars.extra_port_check = ""
# vars.specification = "vocsw"
vars.snmp_ifaces [ "gigabitEthernet 1/0/1" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.1"
value = "1" # UP - 1 , 2 - down
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/2" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.2"
value = "1"
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/3" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.3"
value = "1"
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/4" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.4"
value = "1"
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/5" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.5"
value = "1|2"
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/6" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.6"
value = "1|2"
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/7" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.7"
value = "1|2"
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/8" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.8"
value = "1"
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/9" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.9"
value = "2"
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/10" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10"
value = "2"
}
vars.snmp_uptime = "true"
vars.notification["slack"] = {
groups = [ "icingaadmins" ]
}
}

View File

@ -0,0 +1,69 @@
object Host "vocsw-B.openfest.org" {
import "generic-host"
address = "vocsw-B"
vars.groups = [ "vocsw" ]
vars.parent = "coresw.openfest.org"
# check_command = "xxx_health"
# vars.extra_port_check = ""
# vars.specification = "vocsw"
vars.snmp_ifaces [ "gigabitEthernet 1/0/1" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.1"
value = "1" # UP - 1 , 2 - down
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/2" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.2"
value = "1|2"
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/3" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.3"
value = "2"
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/4" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.4"
value = "1"
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/5" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.5"
value = "1|2"
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/6" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.6"
value = "1|2"
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/7" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.7"
value = "1|2"
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/8" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.8"
value = "1"
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/9" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.9"
value = "2"
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/10" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10"
value = "2"
}
vars.snmp_uptime = "true"
vars.notification["slack"] = {
groups = [ "icingaadmins" ]
}
}

View File

@ -0,0 +1,71 @@
object Host "vocsw-C.openfest.org" {
import "generic-host"
address = "vocsw-C"
vars.groups = [ "vocsw" ]
vars.parent = "coresw.openfest.org"
# check_command = "xxx_health"
# vars.extra_port_check = ""
# vars.specification = "vocsw"
# vars.net_interfaces = [ "eth0", "eth1" ]
vars.snmp_ifaces [ "gigabitEthernet 1/0/1" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.1"
value = "1" # UP - 1 , 2 - down
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/2" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.2"
value = "1"
}
# cambox - moved to core
vars.snmp_ifaces [ "gigabitEthernet 1/0/3" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.3"
value = "2"
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/4" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.4"
value = "1"
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/5" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.5"
value = "1|2"
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/6" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.6"
value = "1|2"
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/7" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.7"
value = "1|2"
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/8" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.8"
value = "1"
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/9" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.9"
value = "2"
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/10" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10"
value = "2"
}
vars.snmp_uptime = "true"
vars.notification["slack"] = {
groups = [ "icingaadmins" ]
}
}

View File

@ -0,0 +1,70 @@
object Host "vocsw-D.openfest.org" {
import "generic-host"
address = "vocsw-D"
vars.groups = [ "vocsw" ]
vars.parent = "coresw.openfest.org"
# check_command = "xxx_health"
# vars.extra_port_check = ""
# vars.specification = "vocsw"
# vars.net_interfaces = [ "eth0", "eth1" ]
vars.snmp_ifaces [ "gigabitEthernet 1/0/1" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.1"
value = "1" # UP - 1 , 2 - down
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/2" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.2"
value = "1"
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/3" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.3"
value = "1"
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/4" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.4"
value = "2"
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/5" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.5"
value = "1|2"
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/6" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.6"
value = "1|2"
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/7" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.7"
value = "1|2"
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/8" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.8"
value = "1"
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/9" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.9"
value = "2"
}
vars.snmp_ifaces [ "gigabitEthernet 1/0/10" ] = {
OID = "1.3.6.1.2.1.2.2.1.8.10"
value = "2"
}
vars.snmp_uptime = "true"
vars.notification["slack"] = {
groups = [ "icingaadmins" ]
}
}

View File

@ -0,0 +1,32 @@
object Host "ap-cf-a1.openfest.org" {
import "generic-host"
address = "ap-cf-a1"
vars.groups = [ "openwrt" ]
vars.parent = "coresw.openfest.org"
vars.os = "Linux"
# check_command = "xxx_health"
# vars.extra_port_check = ""
vars.by_ssh_port = "22"
vars.by_ssh_logname = "root"
vars.by_ssh_identity = "/var/lib/nagios/.ssh/id_rsa"
# vars.specification = "ap"
vars.net_interfaces = [ "eth0", "eth1" ]
vars.ifaces[ "wlan0" ] = {
interface = "wlan0"
}
vars.ifaces[ "wlan1" ] = {
interface = "wlan1"
}
vars.notification["slack"] = {
groups = [ "icingaadmins" ]
}
}

View File

@ -0,0 +1,32 @@
object Host "ap-cf-a2.openfest.org" {
import "generic-host"
address = "ap-cf-a2"
vars.groups = [ "openwrt" ]
vars.parent = "coresw.openfest.org"
vars.os = "Linux"
# check_command = "xxx_health"
# vars.extra_port_check = ""
vars.by_ssh_port = "22"
vars.by_ssh_logname = "root"
vars.by_ssh_identity = "/var/lib/nagios/.ssh/id_rsa"
# vars.specification = "ap"
vars.net_interfaces = [ "eth0", "eth1" ]
vars.ifaces[ "wlan0" ] = {
interface = "wlan0"
}
vars.ifaces[ "wlan1" ] = {
interface = "wlan1"
}
vars.notification["slack"] = {
groups = [ "icingaadmins" ]
}
}

View File

@ -0,0 +1,29 @@
object Host "ap-cf-b1.openfest.org" {
import "generic-host"
address = "ap-cf-b1"
vars.groups = [ "openwrt" ]
vars.parent = "coresw.openfest.org"
vars.os = "Linux"
# check_command = "xxx_health"
# vars.extra_port_check = ""
vars.by_ssh_port = "22"
vars.by_ssh_logname = "root"
vars.by_ssh_identity = "/var/lib/nagios/.ssh/id_rsa"
# vars.specification = "ap"
vars.net_interfaces = [ "eth0", "eth1" ]
vars.ifaces[ "wlan1" ] = {
interface = "wlan1"
}
vars.notification["slack"] = {
groups = [ "icingaadmins" ]
}
}

View File

@ -0,0 +1,29 @@
object Host "ap-cf-c1.openfest.org" {
import "generic-host"
address = "ap-cf-c1"
vars.groups = [ "openwrt" ]
vars.parent = "coresw.openfest.org"
vars.os = "Linux"
# check_command = "xxx_health"
# vars.extra_port_check = ""
vars.by_ssh_port = "22"
vars.by_ssh_logname = "root"
vars.by_ssh_identity = "/var/lib/nagios/.ssh/id_rsa"
# vars.specification = "ap"
vars.net_interfaces = [ "eth0", "eth1" ]
vars.ifaces[ "wlan1" ] = {
interface = "wlan1"
}
vars.notification["slack"] = {
groups = [ "icingaadmins" ]
}
}

View File

@ -0,0 +1,33 @@
object Host "ap-cf-ch.openfest.org" {
import "generic-host"
# ap depends on teamsw
vars.parent = "teamsw.openfest.org"
address = "ap-cf-ch"
vars.groups = [ "openwrt" ]
vars.os = "Linux"
# check_command = "xxx_health"
# vars.extra_port_check = ""
vars.by_ssh_port = "22"
vars.by_ssh_logname = "root"
vars.by_ssh_identity = "/var/lib/nagios/.ssh/id_rsa"
# vars.specification = "ap"
vars.net_interfaces = [ "eth0", "eth1" ]
vars.ifaces[ "wlan0" ] = {
interface = "wlan0"
}
vars.ifaces[ "wlan1" ] = {
interface = "wlan1"
}
vars.notification["slack"] = {
groups = [ "icingaadmins" ]
}
}

View File

@ -0,0 +1,33 @@
object Host "ap-cf-f-l.openfest.org" {
import "generic-host"
address = "ap-cf-f-l"
vars.groups = [ "openwrt" ]
vars.parent = "coresw.openfest.org"
vars.os = "Linux"
# check_command = "xxx_health"
# vars.extra_port_check = ""
vars.by_ssh_port = "22"
vars.by_ssh_logname = "root"
vars.by_ssh_identity = "/var/lib/nagios/.ssh/id_rsa"
# vars.specification = "ap"
vars.net_interfaces = [ "eth0", "eth1" ]
vars.ifaces[ "wlan0" ] = {
interface = "wlan0"
}
vars.ifaces[ "wlan1" ] = {
interface = "wlan1"
}
vars.notification["slack"] = {
groups = [ "icingaadmins" ]
}
}

View File

@ -0,0 +1,29 @@
object Host "ap-cf-f-r.openfest.org" {
import "generic-host"
address = "ap-cf-f-r"
vars.groups = [ "openwrt" ]
vars.parent = "coresw.openfest.org"
vars.os = "Linux"
# check_command = "xxx_health"
# vars.extra_port_check = ""
vars.by_ssh_port = "22"
vars.by_ssh_logname = "root"
vars.by_ssh_identity = "/var/lib/nagios/.ssh/id_rsa"
# vars.specification = "ap"
vars.net_interfaces = [ "eth0", "eth1" ]
vars.ifaces[ "wlan1" ] = {
interface = "wlan1"
}
vars.notification["slack"] = {
groups = [ "icingaadmins" ]
}
}

View File

@ -0,0 +1,32 @@
object Host "ap-cf-qws.openfest.org" {
import "generic-host"
address = "ap-cf-qws"
vars.groups = [ "openwrt" ]
vars.parent = "coresw.openfest.org"
vars.os = "Linux"
# check_command = "xxx_health"
# vars.extra_port_check = ""
vars.by_ssh_port = "22"
vars.by_ssh_logname = "root"
vars.by_ssh_identity = "/var/lib/nagios/.ssh/id_rsa"
# vars.specification = "ap"
vars.net_interfaces = [ "eth0", "eth1" ]
vars.ifaces[ "wlan0" ] = {
interface = "wlan0"
}
vars.ifaces[ "wlan1" ] = {
interface = "wlan1"
}
vars.notification["slack"] = {
groups = [ "icingaadmins" ]
}
}

View File

@ -0,0 +1,32 @@
object Host "ap-cf-srv.openfest.org" {
import "generic-host"
address = "ap-cf-srv"
vars.groups = [ "openwrt" ]
vars.parent = "coresw.openfest.org"
vars.os = "Linux"
# check_command = "xxx_health"
# vars.extra_port_check = ""
vars.by_ssh_port = "22"
vars.by_ssh_logname = "root"
vars.by_ssh_identity = "/var/lib/nagios/.ssh/id_rsa"
# vars.specification = "ap"
vars.net_interfaces = [ "eth0", "eth1" ]
vars.ifaces[ "wlan0" ] = {
interface = "wlan0"
}
vars.ifaces[ "wlan1" ] = {
interface = "wlan1"
}
vars.notification["slack"] = {
groups = [ "icingaadmins" ]
}
}

View File

@ -0,0 +1,29 @@
object Host "ap-ws-noc.openfest.org" {
import "generic-host"
address = "ap-ws-noc"
vars.groups = [ "openwrt" ]
vars.parent = "nocsw.openfest.org"
vars.os = "Linux"
# check_command = "xxx_health"
# vars.extra_port_check = ""
vars.by_ssh_port = "22"
vars.by_ssh_logname = "root"
vars.by_ssh_identity = "/var/lib/nagios/.ssh/id_rsa"
# vars.specification = "ap"
vars.net_interfaces = [ "eth0", "eth1" ]
vars.ifaces[ "wlan1" ] = {
interface = "wlan1"
}
vars.notification["slack"] = {
groups = [ "icingaadmins" ]
}
}

View File

@ -0,0 +1,33 @@
object Host "ap-ws-ws1.openfest.org" {
import "generic-host"
# depends on f0sw
vars.parent = "f0sw.openfest.org"
address = "ap-ws-ws1"
vars.groups = [ "openwrt" ]
vars.os = "Linux"
# check_command = "xxx_health"
# vars.extra_port_check = ""
vars.by_ssh_port = "22"
vars.by_ssh_logname = "root"
vars.by_ssh_identity = "/var/lib/nagios/.ssh/id_rsa"
# vars.specification = "ap"
vars.net_interfaces = [ "eth0", "eth1" ]
vars.ifaces[ "wlan0" ] = {
interface = "wlan0"
}
vars.ifaces[ "wlan1" ] = {
interface = "wlan1"
}
vars.notification["slack"] = {
groups = [ "icingaadmins" ]
}
}

View File

@ -0,0 +1,33 @@
object Host "ap-ws-ws2.openfest.org" {
import "generic-host"
# depends on f0sw
vars.parent = "f0sw.openfest.org"
address = "ap-ws-ws2"
vars.groups = [ "openwrt" ]
vars.os = "Linux"
# check_command = "xxx_health"
# vars.extra_port_check = ""
vars.by_ssh_port = "22"
vars.by_ssh_logname = "root"
vars.by_ssh_identity = "/var/lib/nagios/.ssh/id_rsa"
# vars.specification = "ap"
vars.net_interfaces = [ "eth0", "eth1" ]
vars.ifaces[ "wlan0" ] = {
interface = "wlan0"
}
vars.ifaces[ "wlan1" ] = {
interface = "wlan1"
}
vars.notification["slack"] = {
groups = [ "icingaadmins" ]
}
}

View File

@ -0,0 +1,42 @@
/**
* The example notification apply rules.
*
* Only applied if host/service objects have
* the custom variable `notification` defined
* and containing `mail` as key.
*
* Check `hosts.conf` for an example.
*/
#apply Notification "mail-icingaadmin" to Host {
# import "mail-host-notification"
# user_groups = host.vars.notification.mail.groups
# users = host.vars.notification.mail.users
//interval = 2h
//vars.notification_logtosyslog = true
# assign where host.vars.notification.mail
#}
//apply Notification "mail-icingaadmin" to Service {
// import "mail-service-notification"
// user_groups = host.vars.notification.mail.groups
// users = host.vars.notification.mail.users
//interval = 2h
//vars.notification_logtosyslog = true
// assign where host.vars.notification.mail
//}
apply Notification "slack" to Service {
import "slack-service-notification"
user_groups = host.vars.notification.slack.groups
interval = 10m
vars.notification_logtosyslog = true
assign where host.vars.notification.slack
}

View File

@ -0,0 +1,33 @@
/*
* Host and Service templates for the Agent Setup.
*/
/**
* Provides settings for satellite hosts managed by 'icinga2 repository'.
* Define your global attributes here, for example custom
* attributes used for notifications, etc.
*/
template Host "satellite-host" {
vars.notification["mail"] = {
groups = [ "icingaadmins" ]
}
}
/**
* Provides settings for satellite services managed by 'icinga2 repository'.
* Define your global satellite attributes here, for example custom
* attributes used for notifications, etc.
*/
template Service "satellite-service" {
vars.notification["mail"] = {
groups = [ "icingaadmins" ]
}
}
apply Dependency "satellite-host" to Host {
parent_host_name = host.zone
assign where host.zone != "" && "satellite-host" in host.templates
}

View File

@ -0,0 +1,137 @@
apply Service "network_interfaces_traffic" {
import "generic-service"
check_interval = 5m
retry_interval = 1m
max_check_attempts = 3
check_command = "check_net_int"
vars.int_warn="925"
vars.int_crit="950"
enable_perfdata = true
assign where host.vars.net_interfaces
vars.notif_prio = "high"
}
apply Service "network_open_ports" {
import "generic-service"
max_check_attempts = 3
check_interval = 5m
retry_interval = 1m
check_command = "check_open_ports"
vars.ports=host.vars.open_ports
vars.host=host.address
assign where host.vars.open_ports
vars.notif_prio = "high"
}
apply Service for (iface => config in host.vars.ifaces) {
import "generic-service"
display_name = "bandwidth_" + iface
check_command = "check_bandwidth"
vars += config
# NB: you probably want to use another condition/hostgroup
assign where "openwrt" in host.vars.groups
}
apply Service for (iface => config in host.vars.snmp_ifaces) {
import "generic-service"
display_name = "operstatus_" + iface
check_command = "check_operstatus"
vars.host = host.address
vars += config
# NB: you probably want to use another condition/hostgroup
assign where "vocsw" in host.vars.groups
assign where "ciscosw" in host.vars.groups
}
apply Service "uptime-tp" {
display_name = "Uptime"
import "generic-service"
check_command = "snmp"
vars.snmp_oid = "1.3.6.1.2.1.1.3.0"
vars.snmp_community = "openfest"
assign where "vocsw" in host.vars.groups && host.vars.snmp_uptime
}
apply Service "uptime-cisco" {
display_name = "Uptime"
import "generic-service"
check_command = "snmp"
vars.snmp_oid = "1.3.6.1.6.3.10.2.1.3.0"
vars.snmp_community = "openfest"
vars.snmp_miblist = "SNMP-FRAMEWORK-MIB"
assign where "ciscosw" in host.vars.groups && host.vars.snmp_uptime
}
apply Service "poe-watts-remaining" {
display_name = "POE - Watts Remaining"
import "generic-service"
check_command = "cisco-poe-check"
assign where host.name == "coresw.openfest.org"
}
apply Service for (stream => config in host.vars.rtmp_check) {
import "generic-service"
display_name = "RTMP Check " + stream
check_command = "rtmp-check"
vars += config
### assign where host.name == "vin-external.openfest.org"
assign where host.vars.rtmp_check
}
apply Service "bird_bgp_sessions" {
import "generic-service"
max_check_attempts = 3
check_interval = 5m
retry_interval = 1m
check_command = "bgp_sessions_check"
vars.ASN = host.vars.ASN
vars.sessions_down = host.vars.sessions_down
assign where host.vars.ASN
vars.notif_prio = "high"
}
apply Service "check_sensors" {
import "generic-service"
display_name = "Check LM Sensors "
check_command = "check_sensors"
### vars += config
assign where host.name == "vin-external.openfest.org"
}
apply Service "check_unbound" {
import "generic-service"
display_name = "Check Unbound Status"
check_command = "check_unbound"
assign where host.name == "vin-external.openfest.org"
}
apply Service for (ups_check => config in host.vars.ups) {
import "generic-service"
display_name = "UPS " + ups_check
check_command = "check_ups"
vars.host = host.address
vars += config
assign where host.vars.ups
}
apply Service for (stream => config in host.vars.audiostream_check) {
import "generic-service"
display_name = "Stream check " + stream
check_command = "check-audio-stream"
vars += config
assign where host.vars.audiostream_check
}

View File

@ -0,0 +1,116 @@
/*
* Service apply rules.
*
* The CheckCommand objects `ping4`, `ping6`, etc
* are provided by the plugin check command templates.
* Check the documentation for details.
*
* Tip: Use `icinga2 object list --type Service` to
* list all service objects after running
* configuration validation (`icinga2 daemon -C`).
*/
/*
* This is an example host based on your
* local host's FQDN. Specify the NodeName
* constant in `constants.conf` or use your
* own description, e.g. "db-host-1".
*/
/*
* These are generic `ping4` and `ping6`
* checks applied to all hosts having the
* `address` resp. `address6` attribute
* defined.
*/
apply Service "ping4" {
import "generic-service"
check_command = "ping4"
assign where host.address
}
apply Service "ping6" {
import "generic-service"
check_command = "ping6"
assign where host.address6
}
/*
* Apply the `ssh` service to all hosts
* with the `address` attribute defined and
* the custom variable `os` set to `Linux`.
*/
apply Service "ssh" {
import "generic-service"
check_command = "ssh"
assign where (host.address || host.address6) && host.vars.os == "Linux"
}
apply Service for (http_vhost => config in host.vars.http_vhosts) {
import "generic-service"
check_command = "http"
vars += config
}
apply Service for (disk => config in host.vars.disks) {
import "generic-service"
check_command = "disk"
vars += config
}
apply Service "icinga" {
import "generic-service"
check_command = "icinga"
assign where host.name == NodeName
}
apply Service "load" {
import "generic-service"
check_command = "load"
/* Used by the ScheduledDowntime apply rule in `downtimes.conf`. */
vars.backup_downtime = "02:00-03:00"
assign where host.name == NodeName
}
apply Service "procs" {
import "generic-service"
check_command = "procs"
assign where host.name == NodeName
}
apply Service "swap" {
import "generic-service"
check_command = "swap"
assign where host.vars.swap_size
}
apply Service "users" {
import "generic-service"
check_command = "users"
assign where host.name == NodeName
}

Some files were not shown because too many files have changed in this diff Show More