Compare commits
5 commits
monitoring
...
stable
Author | SHA1 | Date | |
---|---|---|---|
8ad55d9a84 | |||
f7ceaf2fb6 | |||
Jérémy Lecour | fe1e66f79c | ||
Jérémy Lecour | 145b279a12 | ||
Jérémy Lecour | 2a856d579e |
|
@ -13,10 +13,6 @@ The **patch** part is incremented if multiple releases happen the same month
|
|||
|
||||
### Added
|
||||
|
||||
* evolinux-base: install evobackup-client (default: true)
|
||||
* munin: add linux_psi contrib plugin
|
||||
* evolinux-base: Create custom SSH configuration file
|
||||
|
||||
### Changed
|
||||
|
||||
### Fixed
|
||||
|
|
|
@ -243,6 +243,3 @@ evolinux_utils_include: True
|
|||
|
||||
# Autosysadmin
|
||||
evolinux_autosysadmin_include: false
|
||||
|
||||
# Evobackup client
|
||||
evolinux_evobackup_client_include: True
|
||||
|
|
|
@ -158,11 +158,6 @@
|
|||
name: 'evolix/autosysadmin-restart_nrpe'
|
||||
when: evolinux_autosysadmin_include | bool
|
||||
|
||||
- name: Evobackup (client)
|
||||
ansible.builtin.include_role:
|
||||
name: 'evolix/evobackup-client'
|
||||
when: evolinux_evobackup_client_include | bool
|
||||
|
||||
- name: fail2ban
|
||||
ansible.builtin.include_role:
|
||||
name: evolix/fail2ban
|
||||
|
|
|
@ -16,14 +16,6 @@
|
|||
dest: /etc/ssh/sshd_config.d/z-evolinux-defaults.conf
|
||||
mode: "0644"
|
||||
|
||||
- name: create custom SSH server configuration file
|
||||
ansible.builtin.file:
|
||||
path: /etc/ssh/sshd_config.d/zzz-evolinux-custom.conf
|
||||
state: touch
|
||||
mode: "0644"
|
||||
modification_time: preserve
|
||||
access_time: preserve
|
||||
|
||||
# Should we allow the current user?
|
||||
- name: Allow the current user
|
||||
block:
|
||||
|
|
|
@ -1,11 +1,11 @@
|
|||
---
|
||||
|
||||
- name: "{{ lxc_php_container_name }} - Install PHP packages"
|
||||
- name: "{{ lxc_php_version }} - Install PHP packages"
|
||||
community.general.lxc_container:
|
||||
name: "{{ lxc_php_container_name }}"
|
||||
name: "{{ lxc_php_version }}"
|
||||
container_command: "DEBIAN_FRONTEND=noninteractive apt install --yes --force-yes php5-fpm php5-cli php5-gd php5-imap php5-ldap php5-mcrypt php5-mysql php5-pgsql php5-sqlite php-gettext php5-intl php5-curl php5-ssh2 libphp-phpmailer"
|
||||
|
||||
- name: "{{ lxc_php_container_name }} - Copy evolinux PHP configuration"
|
||||
- name: "{{ lxc_php_version }} - Copy evolinux PHP configuration"
|
||||
ansible.builtin.template:
|
||||
src: z-evolinux-defaults.ini.j2
|
||||
dest: "{{ line_item }}"
|
||||
|
|
|
@ -1,11 +1,11 @@
|
|||
---
|
||||
|
||||
- name: "{{ lxc_php_container_name }} - Install PHP packages"
|
||||
- name: "{{ lxc_php_version }} - Install PHP packages"
|
||||
community.general.lxc_container:
|
||||
name: "{{ lxc_php_container_name }}"
|
||||
name: "{{ lxc_php_version }}"
|
||||
container_command: "DEBIAN_FRONTEND=noninteractive apt install -y php-fpm php-cli php-gd php-intl php-imap php-ldap php-mcrypt php-mysql php-pgsql php-sqlite3 php-gettext php-curl php-ssh2 php-zip php-mbstring composer libphp-phpmailer"
|
||||
|
||||
- name: "{{ lxc_php_container_name }} - Copy evolinux PHP configuration"
|
||||
- name: "{{ lxc_php_version }} - Copy evolinux PHP configuration"
|
||||
ansible.builtin.template:
|
||||
src: z-evolinux-defaults.ini.j2
|
||||
dest: "{{ line_item }}"
|
||||
|
|
|
@ -1,17 +1,17 @@
|
|||
---
|
||||
|
||||
- name: "{{ lxc_php_container_name }} - Install PHP packages"
|
||||
- name: "{{ lxc_php_version }} - Install PHP packages"
|
||||
community.general.lxc_container:
|
||||
name: "{{ lxc_php_container_name }}"
|
||||
name: "{{ lxc_php_version }}"
|
||||
container_command: "DEBIAN_FRONTEND=noninteractive apt install -y php-fpm php-cli php-gd php-intl php-imap php-ldap php-mysql php-pgsql php-sqlite3 php-curl php-zip php-mbstring php-xml php-zip composer libphp-phpmailer"
|
||||
|
||||
- name: "{{ lxc_php_container_name }} - fix bullseye repository"
|
||||
- name: "{{ lxc_php_version }} - fix bullseye repository"
|
||||
ansible.builtin.replace:
|
||||
dest: "{{ lxc_rootfs }}/etc/apt/sources.list"
|
||||
regexp: 'bullseye/updates'
|
||||
replace: 'bullseye-security'
|
||||
|
||||
- name: "{{ lxc_php_container_name }} - Copy evolinux PHP configuration"
|
||||
- name: "{{ lxc_php_version }} - Copy evolinux PHP configuration"
|
||||
ansible.builtin.template:
|
||||
src: z-evolinux-defaults.ini.j2
|
||||
dest: "{{ line_item }}"
|
||||
|
|
|
@ -5,18 +5,18 @@
|
|||
lxc_apt_keyring_dir: /etc/apt/trusted.gpg.d
|
||||
|
||||
|
||||
- name: "{{ lxc_php_container_name }} - Install dependency packages"
|
||||
- name: "{{ lxc_php_version }} - Install dependency packages"
|
||||
community.general.lxc_container:
|
||||
name: "{{ lxc_php_container_name }}"
|
||||
name: "{{ lxc_php_version }}"
|
||||
container_command: "DEBIAN_FRONTEND=noninteractive apt install -y wget gnupg"
|
||||
|
||||
- name: "{{ lxc_php_container_name }} - fix bullseye repository"
|
||||
- name: "{{ lxc_php_version }} - fix bullseye repository"
|
||||
ansible.builtin.replace:
|
||||
dest: "{{ lxc_rootfs }}/etc/apt/sources.list"
|
||||
regexp: 'bullseye/updates'
|
||||
replace: 'bullseye-security'
|
||||
|
||||
- name: "{{ lxc_php_container_name }} - Add sury repo"
|
||||
- name: "{{ lxc_php_version }} - Add sury repo"
|
||||
ansible.builtin.lineinfile:
|
||||
dest: "{{ lxc_rootfs }}/etc/apt/sources.list.d/sury.list"
|
||||
line: "{{ item }}"
|
||||
|
@ -51,17 +51,17 @@
|
|||
owner: root
|
||||
group: root
|
||||
|
||||
- name: "{{ lxc_php_container_name }} - Update APT cache"
|
||||
- name: "{{ lxc_php_version }} - Update APT cache"
|
||||
community.general.lxc_container:
|
||||
name: "{{ lxc_php_container_name }}"
|
||||
name: "{{ lxc_php_version }}"
|
||||
container_command: "DEBIAN_FRONTEND=noninteractive apt update"
|
||||
|
||||
- name: "{{ lxc_php_container_name }} - Install PHP packages"
|
||||
- name: "{{ lxc_php_version }} - Install PHP packages"
|
||||
community.general.lxc_container:
|
||||
name: "{{ lxc_php_container_name }}"
|
||||
name: "{{ lxc_php_version }}"
|
||||
container_command: "DEBIAN_FRONTEND=noninteractive apt install -y php-fpm php-cli php-gd php-intl php-imap php-ldap php-mysql php-pgsql php-sqlite3 php-curl php-zip php-mbstring php-xml php-zip composer libphp-phpmailer"
|
||||
|
||||
- name: "{{ lxc_php_container_name }} - Copy evolinux PHP configuration"
|
||||
- name: "{{ lxc_php_version }} - Copy evolinux PHP configuration"
|
||||
ansible.builtin.template:
|
||||
src: z-evolinux-defaults.ini.j2
|
||||
dest: "{{ line_item }}"
|
||||
|
|
|
@ -4,18 +4,18 @@
|
|||
ansible.builtin.set_fact:
|
||||
lxc_apt_keyring_dir: /etc/apt/trusted.gpg.d
|
||||
|
||||
- name: "{{ lxc_php_container_name }} - Install dependency packages"
|
||||
- name: "{{ lxc_php_version }} - Install dependency packages"
|
||||
community.general.lxc_container:
|
||||
name: "{{ lxc_php_container_name }}"
|
||||
name: "{{ lxc_php_version }}"
|
||||
container_command: "DEBIAN_FRONTEND=noninteractive apt install -y wget gnupg"
|
||||
|
||||
- name: "{{ lxc_php_container_name }} - fix bullseye repository"
|
||||
- name: "{{ lxc_php_version }} - fix bullseye repository"
|
||||
ansible.builtin.replace:
|
||||
dest: "{{ lxc_rootfs }}/etc/apt/sources.list"
|
||||
regexp: 'bullseye/updates'
|
||||
replace: 'bullseye-security'
|
||||
|
||||
- name: "{{ lxc_php_container_name }} - Add sury repo"
|
||||
- name: "{{ lxc_php_version }} - Add sury repo"
|
||||
ansible.builtin.lineinfile:
|
||||
dest: "{{ lxc_rootfs }}/etc/apt/sources.list.d/sury.list"
|
||||
line: "{{ item }}"
|
||||
|
@ -50,17 +50,17 @@
|
|||
owner: root
|
||||
group: root
|
||||
|
||||
- name: "{{ lxc_php_container_name }} - Update APT cache"
|
||||
- name: "{{ lxc_php_version }} - Update APT cache"
|
||||
community.general.lxc_container:
|
||||
name: "{{ lxc_php_container_name }}"
|
||||
name: "{{ lxc_php_version }}"
|
||||
container_command: "DEBIAN_FRONTEND=noninteractive apt update"
|
||||
|
||||
- name: "{{ lxc_php_container_name }} - Install PHP packages"
|
||||
- name: "{{ lxc_php_version }} - Install PHP packages"
|
||||
community.general.lxc_container:
|
||||
name: "{{ lxc_php_container_name }}"
|
||||
name: "{{ lxc_php_version }}"
|
||||
container_command: "DEBIAN_FRONTEND=noninteractive apt install -y php-fpm php-cli php-gd php-intl php-imap php-ldap php-mysql php-pgsql php-sqlite3 php-curl php-zip php-mbstring php-xml php-zip composer libphp-phpmailer"
|
||||
|
||||
- name: "{{ lxc_php_container_name }} - Copy evolinux PHP configuration"
|
||||
- name: "{{ lxc_php_version }} - Copy evolinux PHP configuration"
|
||||
ansible.builtin.template:
|
||||
src: z-evolinux-defaults.ini.j2
|
||||
dest: "{{ line_item }}"
|
||||
|
|
|
@ -4,24 +4,24 @@
|
|||
ansible.builtin.set_fact:
|
||||
lxc_apt_keyring_dir: /etc/apt/trusted.gpg.d
|
||||
|
||||
- name: "{{ lxc_php_container_name }} - Install dependency packages"
|
||||
- name: "{{ lxc_php_version }} - Install dependency packages"
|
||||
community.general.lxc_container:
|
||||
name: "{{ lxc_php_container_name }}"
|
||||
name: "{{ lxc_php_version }}"
|
||||
container_command: "DEBIAN_FRONTEND=noninteractive apt install -y wget gnupg"
|
||||
|
||||
- name: "{{ lxc_php_container_name }} - delete sources.list bookworm repository"
|
||||
- name: "{{ lxc_php_version }} - delete sources.list bookworm repository"
|
||||
ansible.builtin.file:
|
||||
path: "{{ lxc_rootfs }}/etc/apt/sources.list"
|
||||
state: absent
|
||||
|
||||
- name: "{{ lxc_php_container_name }} - system bookworm repository"
|
||||
- name: "{{ lxc_php_version }} - system bookworm repository"
|
||||
ansible.builtin.template:
|
||||
src: bookworm_basics.sources.j2
|
||||
dest: "{{ lxc_rootfs }}/etc/apt/sources.list.d/system.sources"
|
||||
force: true
|
||||
mode: "0644"
|
||||
|
||||
- name: "{{ lxc_php_container_name }} - security bookworm repository"
|
||||
- name: "{{ lxc_php_version }} - security bookworm repository"
|
||||
ansible.builtin.template:
|
||||
src: bookworm_security.sources.j2
|
||||
dest: "{{ lxc_rootfs }}/etc/apt/sources.list.d/security.sources"
|
||||
|
@ -44,17 +44,17 @@
|
|||
owner: root
|
||||
group: root
|
||||
|
||||
- name: "{{ lxc_php_container_name }} - Update APT cache"
|
||||
- name: "{{ lxc_php_version }} - Update APT cache"
|
||||
community.general.lxc_container:
|
||||
name: "{{ lxc_php_container_name }}"
|
||||
name: "{{ lxc_php_version }}"
|
||||
container_command: "DEBIAN_FRONTEND=noninteractive apt update"
|
||||
|
||||
- name: "{{ lxc_php_container_name }} - Install PHP packages"
|
||||
- name: "{{ lxc_php_version }} - Install PHP packages"
|
||||
community.general.lxc_container:
|
||||
name: "{{ lxc_php_container_name }}"
|
||||
name: "{{ lxc_php_version }}"
|
||||
container_command: "DEBIAN_FRONTEND=noninteractive apt install -y php-fpm php-cli php-gd php-intl php-imap php-ldap php-mysql php-pgsql php-sqlite3 php-curl php-zip php-mbstring php-xml php-zip composer libphp-phpmailer"
|
||||
|
||||
- name: "{{ lxc_php_container_name }} - Copy evolinux PHP configuration"
|
||||
- name: "{{ lxc_php_version }} - Copy evolinux PHP configuration"
|
||||
ansible.builtin.template:
|
||||
src: z-evolinux-defaults.ini.j2
|
||||
dest: "{{ line_item }}"
|
||||
|
|
|
@ -4,38 +4,38 @@
|
|||
ansible.builtin.set_fact:
|
||||
lxc_apt_keyring_dir: /etc/apt/trusted.gpg.d
|
||||
|
||||
- name: "{{ lxc_php_container_name }} - Install dependency packages"
|
||||
- name: "{{ lxc_php_version }} - Install dependency packages"
|
||||
community.general.lxc_container:
|
||||
name: "{{ lxc_php_container_name }}"
|
||||
name: "{{ lxc_php_version }}"
|
||||
container_command: "DEBIAN_FRONTEND=noninteractive apt install -y wget gnupg"
|
||||
|
||||
- name: "{{ lxc_php_container_name }} - delete sources.list bookworm repository"
|
||||
- name: "{{ lxc_php_version }} - delete sources.list bookworm repository"
|
||||
ansible.builtin.file:
|
||||
path: "{{ lxc_rootfs }}/etc/apt/sources.list"
|
||||
state: absent
|
||||
|
||||
- name: "{{ lxc_php_container_name }} - system bookworm repository"
|
||||
- name: "{{ lxc_php_version }} - system bookworm repository"
|
||||
ansible.builtin.template:
|
||||
src: bookworm_basics.sources.j2
|
||||
dest: "{{ lxc_rootfs }}/etc/apt/sources.list.d/system.sources"
|
||||
force: true
|
||||
mode: "0644"
|
||||
|
||||
- name: "{{ lxc_php_container_name }} - security bookworm repository"
|
||||
- name: "{{ lxc_php_version }} - security bookworm repository"
|
||||
ansible.builtin.template:
|
||||
src: bookworm_security.sources.j2
|
||||
dest: "{{ lxc_rootfs }}/etc/apt/sources.list.d/security.sources"
|
||||
force: true
|
||||
mode: "0644"
|
||||
|
||||
- name: "{{ lxc_php_container_name }} - Add sury repo"
|
||||
- name: "{{ lxc_php_version }} - Add sury repo"
|
||||
ansible.builtin.template:
|
||||
src: sury.sources.j2
|
||||
dest: "{{ lxc_rootfs }}/etc/apt/sources.list.d/sury.sources"
|
||||
force: true
|
||||
mode: "0644"
|
||||
|
||||
- name: "{{ lxc_php_container_name }} - Add sury failsafe repo"
|
||||
- name: "{{ lxc_php_version }} - Add sury failsafe repo"
|
||||
ansible.builtin.template:
|
||||
src: evolix_sury.sources.j2
|
||||
dest: "{{ lxc_rootfs }}/etc/apt/sources.list.d/evolix_sury.sources"
|
||||
|
@ -66,17 +66,17 @@
|
|||
owner: root
|
||||
group: root
|
||||
|
||||
- name: "{{ lxc_php_container_name }} - Update APT cache"
|
||||
- name: "{{ lxc_php_version }} - Update APT cache"
|
||||
community.general.lxc_container:
|
||||
name: "{{ lxc_php_container_name }}"
|
||||
name: "{{ lxc_php_version }}"
|
||||
container_command: "DEBIAN_FRONTEND=noninteractive apt update"
|
||||
|
||||
- name: "{{ lxc_php_container_name }} - Install PHP packages"
|
||||
- name: "{{ lxc_php_version }} - Install PHP packages"
|
||||
community.general.lxc_container:
|
||||
name: "{{ lxc_php_container_name }}"
|
||||
name: "{{ lxc_php_version }}"
|
||||
container_command: "DEBIAN_FRONTEND=noninteractive apt install -y php-fpm php-cli php-gd php-intl php-imap php-ldap php-mysql php-pgsql php-sqlite3 php-curl php-zip php-mbstring php-xml php-zip composer libphp-phpmailer"
|
||||
|
||||
- name: "{{ lxc_php_container_name }} - Copy evolinux PHP configuration"
|
||||
- name: "{{ lxc_php_version }} - Copy evolinux PHP configuration"
|
||||
ansible.builtin.template:
|
||||
src: z-evolinux-defaults.ini.j2
|
||||
dest: "{{ line_item }}"
|
||||
|
|
|
@ -1,360 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
|
||||
: << =cut
|
||||
|
||||
=head1 NAME
|
||||
|
||||
linux_psi - Plugin to monitor the pressure stall information for CPU, Memory and
|
||||
IO as reported by the Linux kernel.
|
||||
|
||||
This plugin monitors the pressure stall information (psi) as reported by the
|
||||
Linux Kernel. By default it reports all average intervals (10 seconds,
|
||||
60 seconds and 300 seconds) as well as the total values as a rate of change
|
||||
(DERIVE) for all resources (cpu, memory, io). The average intervals can be
|
||||
configured if you only deem some of them useful. See CONFIGURATION for
|
||||
explanations on that.
|
||||
|
||||
This is a multigraph plugin that, by default, will create six detail graphs and
|
||||
one summary graph (so seven in total). The summary graph will contain the 300
|
||||
seconds average percentages of all resources. The detail graphs are split in two
|
||||
graphs per resource. One combining all average intervals and one for the
|
||||
"totals" (rate of change) for the given resource.
|
||||
|
||||
There are no defaults for warnings and criticals, because this highly depends on
|
||||
the system, so you need to configure them yourself (if you want any). It is
|
||||
recommended that you first lookup the meaning of the different values.
|
||||
|
||||
For more information on psi see:
|
||||
https://www.kernel.org/doc/html/latest/accounting/psi.html
|
||||
|
||||
=head1 CONFIGURATION
|
||||
|
||||
Simply create a symlink in your plugins directory like with any other plugin.
|
||||
No additional configuration needed, no specific user required (typically).
|
||||
|
||||
If you want to configure alerts, just add "warn_" or "crit_" in front of the
|
||||
internal name.
|
||||
|
||||
Optional configuration examples:
|
||||
|
||||
[linux_psi]
|
||||
env.resources cpu io memory - Specify the resources to monitor. Leave one
|
||||
out if you don't want this one to be
|
||||
monitored.
|
||||
env.intervals avg10 avg60 avg300 - Sepcify the average intervals to monitor.
|
||||
Leave one out if you don't want this one to
|
||||
be monitored
|
||||
env.scopes some full - Specify the scopes to monitor. Leave one out
|
||||
If you don't want it to be monitored.
|
||||
env.summary_interval avg300 - Specify the interval to be used for the
|
||||
summary-graph.
|
||||
env.warn_psi_cpu_avg300_some 5 - Set a warning-level of 5 for
|
||||
"psi_cpu_avg300_some"
|
||||
env.crit_psi_io_total_full 2000 - Set a critical-level of 2000 for
|
||||
"psi_io_total_full"
|
||||
|
||||
=head1 AUTHOR
|
||||
|
||||
2022, HaseHarald
|
||||
|
||||
=head1 LICENSE
|
||||
|
||||
LGPLv3
|
||||
|
||||
=head1 BUGS
|
||||
|
||||
=head1 TODO
|
||||
|
||||
=head1 MAGIC MARKERS
|
||||
|
||||
#%# family=auto
|
||||
#%# capabilities=autoconf
|
||||
|
||||
=cut
|
||||
|
||||
|
||||
# This file contains a munin-plugin to graph the psi (pressure) for CPU, Memory
|
||||
# and IO, as reported by the Linux kernel.
|
||||
#
|
||||
# This is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU Lesser General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# This is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU Lesser General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU Lesser General Public License
|
||||
# along with this plugin. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
|
||||
resource_defaults=('cpu' 'io' 'memory')
|
||||
interval_defaults=('avg10' 'avg60' 'avg300')
|
||||
scope_defaults=('some' 'full')
|
||||
pressure_dir=${pressure_dir:-'/proc/pressure/'}
|
||||
pressure_resources=( "${resources[@]:-${resource_defaults[@]}}" )
|
||||
pressure_intervals=( "${intervals[@]:-${interval_defaults[@]}}" )
|
||||
pressure_scopes=( "${scopes[@]:-${scope_defaults[@]}}" )
|
||||
summary_interval="${summary_interval:-avg300}"
|
||||
|
||||
check_autoconf() {
|
||||
if [ -d "${pressure_dir}" ]; then
|
||||
printf "yes\n"
|
||||
else
|
||||
printf "no (%s not found)\n" "${pressure_dir}"
|
||||
fi
|
||||
}
|
||||
|
||||
get_pressure_value() {
|
||||
local resource
|
||||
local interval
|
||||
local scope
|
||||
|
||||
resource="$1"
|
||||
interval="$2"
|
||||
scope="${3:-some}"
|
||||
|
||||
grep "$scope" "${pressure_dir}/${resource}" | grep -o -E "${interval}=[0-9]{1,}(\.[0-9]{1,}){0,1}" | cut -d '=' -f 2
|
||||
}
|
||||
|
||||
get_printable_name() {
|
||||
local kind
|
||||
local value
|
||||
local printable_name
|
||||
kind="$1"
|
||||
value="$2"
|
||||
printable_name=""
|
||||
|
||||
case "$kind" in
|
||||
|
||||
interval)
|
||||
case "$interval" in
|
||||
avg10)
|
||||
printable_name="10sec"
|
||||
;;
|
||||
avg60)
|
||||
printable_name="60sec"
|
||||
;;
|
||||
avg300)
|
||||
printable_name="5min"
|
||||
;;
|
||||
total)
|
||||
printable_name="Total"
|
||||
;;
|
||||
*)
|
||||
printf "ERROR: Could not determine interval %s ! Must be one of 'avg10' 'avg60' 'avg300' 'total'\n" "$value" >&2
|
||||
exit 2
|
||||
;;
|
||||
esac
|
||||
;;
|
||||
|
||||
scope)
|
||||
case "$value" in
|
||||
some)
|
||||
printable_name="Some"
|
||||
;;
|
||||
full)
|
||||
printable_name="Full"
|
||||
;;
|
||||
*)
|
||||
printf "ERROR: Could not determine scope %s ! Must be one of 'full' 'some'.\n" "$value" >&2
|
||||
exit 2
|
||||
;;
|
||||
esac
|
||||
;;
|
||||
|
||||
resource)
|
||||
case "$value" in
|
||||
cpu)
|
||||
printable_name="CPU"
|
||||
;;
|
||||
io)
|
||||
printable_name="IO"
|
||||
;;
|
||||
memory)
|
||||
printable_name="Memory"
|
||||
;;
|
||||
*)
|
||||
printf "ERROR: Could not determine resource-type %s ! Must be one of 'cpu' 'io' 'memory'.\n" "$value" >&2
|
||||
exit 2
|
||||
;;
|
||||
esac
|
||||
;;
|
||||
|
||||
*)
|
||||
printf "ERROR: Could not determine kind %s ! Must be one of 'interval' 'scope' 'resource'\n" "$kind" >&2
|
||||
exit 2
|
||||
;;
|
||||
esac
|
||||
|
||||
printf "%s" "$printable_name"
|
||||
}
|
||||
|
||||
iterate_config() {
|
||||
for resource in "${pressure_resources[@]}"; do
|
||||
local printable_resource
|
||||
printable_resource=$( get_printable_name resource "$resource" )
|
||||
printf "multigraph linux_psi.%s_avg\n" "$resource"
|
||||
printf "graph_title %s Pressure Stall Information - Average\n" "$printable_resource"
|
||||
printf "graph_category system\n"
|
||||
printf "graph_info Average PSI based latency caused by lack of %s resources.\n" "$printable_resource"
|
||||
printf "graph_vlabel %%\n"
|
||||
printf "graph_scale no\n"
|
||||
for interval in "${pressure_intervals[@]}"; do
|
||||
local printable_interval
|
||||
printable_interval=$( get_printable_name interval "$interval" )
|
||||
output_config "$resource" "$interval"
|
||||
done
|
||||
echo ""
|
||||
done
|
||||
|
||||
for resource in "${pressure_resources[@]}"; do
|
||||
local interval
|
||||
local printable_resource
|
||||
interval="total"
|
||||
printable_resource=$( get_printable_name resource "$resource" )
|
||||
|
||||
printf "multigraph linux_psi.%s_total\n" "$resource"
|
||||
printf "graph_title %s Pressure Stall Information - Rate\n" "$printable_resource"
|
||||
printf "graph_category system\n"
|
||||
printf "graph_info Total PSI based latency rate caused by lack of %s resources.\n" "$printable_resource"
|
||||
printf "graph_vlabel rate\n"
|
||||
output_config "$resource" "$interval"
|
||||
echo ""
|
||||
done
|
||||
|
||||
printf "multigraph linux_psi\n"
|
||||
printf "graph_title Pressure Stall Information - Average\n"
|
||||
printf "graph_vlabel %%\n"
|
||||
printf "graph_scale no\n"
|
||||
printf "graph_category system\n"
|
||||
printf "graph_info Average PSI based latency caused by lack of resources.\n"
|
||||
for resource in "${pressure_resources[@]}"; do
|
||||
output_config "$resource" "$summary_interval"
|
||||
done
|
||||
echo ""
|
||||
}
|
||||
|
||||
iterate_values() {
|
||||
for resource in "${pressure_resources[@]}"; do
|
||||
printf "multigraph linux_psi.%s_avg\n" "$resource"
|
||||
for interval in "${pressure_intervals[@]}"; do
|
||||
output_values "$resource" "$interval"
|
||||
done
|
||||
echo ""
|
||||
done
|
||||
|
||||
for resource in "${pressure_resources[@]}"; do
|
||||
local interval
|
||||
interval="total"
|
||||
printf "multigraph linux_psi.%s_total\n" "$resource"
|
||||
output_values "$resource" "$interval"
|
||||
echo ""
|
||||
done
|
||||
|
||||
printf "multigraph linux_psi\n"
|
||||
for resource in "${pressure_resources[@]}"; do
|
||||
output_values "$resource" "$summary_interval"
|
||||
done
|
||||
echo ""
|
||||
}
|
||||
|
||||
output_config() {
|
||||
local resource
|
||||
local interval
|
||||
local printable_resource
|
||||
local printable_interval
|
||||
|
||||
resource="$1"
|
||||
interval="$2"
|
||||
printable_resource=$( get_printable_name resource "$resource" )
|
||||
printable_interval=$( get_printable_name interval "$interval" )
|
||||
|
||||
for scope in "${pressure_scopes[@]}"; do
|
||||
if [ "${resource}" == "cpu" ] && [ "${scope}" != "some" ]; then
|
||||
continue
|
||||
else
|
||||
local printable_scope
|
||||
local this_warn_var
|
||||
local this_crit_var
|
||||
|
||||
printable_scope=$( get_printable_name scope "$scope" )
|
||||
this_warn_var=$( echo "warn_psi_${resource}_${interval}_${scope}" | sed 's/[^A-Za-z0-9_]/_/g' )
|
||||
this_crit_var=$( echo "crit_psi_${resource}_${interval}_${scope}" | sed 's/[^A-Za-z0-9_]/_/g' )
|
||||
|
||||
printf "psi_%s_%s_%s.min 0\n" "$resource" "$interval" "$scope"
|
||||
printf "psi_%s_%s_%s.label %s %s %s\n" "$resource" "$interval" "$scope" "$printable_resource" "$printable_interval" "$printable_scope"
|
||||
if [ -n "${!this_warn_var}" ]; then
|
||||
printf "psi_%s_%s_%s.warning %s\n" "$resource" "$interval" "$scope" "${!this_warn_var}"
|
||||
fi
|
||||
if [ -n "${!this_crit_var}" ]; then
|
||||
printf "psi_%s_%s_%s.critical %s\n" "$resource" "$interval" "$scope" "${!this_crit_var}"
|
||||
fi
|
||||
if [ "$interval" == "total" ]; then
|
||||
printf "psi_%s_%s_%s.type DERIVE\n" "$resource" "$interval" "$scope"
|
||||
fi
|
||||
fi
|
||||
done
|
||||
}
|
||||
|
||||
output_values() {
|
||||
local resource
|
||||
local interval
|
||||
resource="$1"
|
||||
interval="$2"
|
||||
|
||||
for scope in "${pressure_scopes[@]}"; do
|
||||
if [ "${resource}" == "cpu" ] && [ "${scope}" != "some" ]; then
|
||||
continue
|
||||
else
|
||||
printf "psi_%s_%s_%s.value %s\n" "$resource" "$interval" "$scope" "$(get_pressure_value "$resource" "$interval" "$scope")"
|
||||
fi
|
||||
done
|
||||
}
|
||||
|
||||
output_usage() {
|
||||
printf >&2 "%s - munin plugin to graph pressure stall information for CPU, Memory and IO as reported by the Linux kernel.\n" "${0##*/}"
|
||||
printf >&2 "Usage: %s [config]\n" "${0##*/}"
|
||||
printf >&2 "You may use environment settings in a plugin-config file, used by munin (for example /etc/munin/plugin-conf.d/munin-node) to further adjust settings.\n"
|
||||
printf >&2 "You can use these settings to configure which resources, intervals or scopes are monitored or to configure warning and critical levels.\n"
|
||||
printf >&2 "To do so use a syntax like this:\n"
|
||||
printf >&2 "[linux_psi]\n"
|
||||
printf >&2 "env.resources cpu io memory\n"
|
||||
printf >&2 "env.intervals avg10 avg60 avg300\n"
|
||||
printf >&2 "env.scopes some full\n"
|
||||
printf >&2 "env.summary_interval avg300\n"
|
||||
printf >&2 "env.warn_psi_cpu_avg300_some 5\n"
|
||||
printf >&2 "env.crit_psi_io_total_full 2000\n"
|
||||
}
|
||||
|
||||
case "$#" in
|
||||
0)
|
||||
iterate_values
|
||||
;;
|
||||
|
||||
1)
|
||||
case "$1" in
|
||||
autoconf)
|
||||
check_autoconf
|
||||
;;
|
||||
config)
|
||||
iterate_config
|
||||
;;
|
||||
fetch)
|
||||
iterate_values
|
||||
;;
|
||||
*)
|
||||
output_usage
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
;;
|
||||
|
||||
*)
|
||||
output_usage
|
||||
exit 1
|
||||
;;
|
||||
esac
|
|
@ -46,7 +46,6 @@
|
|||
dest: '/usr/share/munin/plugins/{{ item }}'
|
||||
loop:
|
||||
- dhcp_pool
|
||||
- linux-psi
|
||||
tags:
|
||||
- munin
|
||||
|
||||
|
@ -78,7 +77,6 @@
|
|||
- postfix_mailqueue
|
||||
- postfix_mailstats
|
||||
- postfix_mailvolume
|
||||
- linux-psi
|
||||
notify: restart munin-node
|
||||
tags:
|
||||
- munin
|
||||
|
|
196
nagios-nrpe/files/alerts_switch
Executable file → Normal file
196
nagios-nrpe/files/alerts_switch
Executable file → Normal file
|
@ -1,143 +1,83 @@
|
|||
#!/bin/bash
|
||||
|
||||
# https://forge.evolix.org/projects/evolix-private/repository
|
||||
#
|
||||
# Source:
|
||||
# https://gitea.evolix.org/evolix/ansible-roles/src/branch/stable/nagios-nrpe
|
||||
#
|
||||
# You should not alter this file.
|
||||
# If you need to, create and customize a copy.
|
||||
|
||||
set -e
|
||||
|
||||
readonly PROGNAME=$(basename $0)
|
||||
readonly VERSION="24.04.00"
|
||||
readonly PROGDIR=$(readlink -m $(dirname $0))
|
||||
readonly ARGS="$@"
|
||||
|
||||
# Load common functions and vars
|
||||
readonly lib_dir="/usr/local/lib/monitoringctl"
|
||||
if [ -r "${lib_dir}/common" ]; then
|
||||
# shellcheck source=monitoringctl_common
|
||||
source "${lib_dir}/common"
|
||||
else
|
||||
>&2 echo "Error: missing ${lib_dir}/common file."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [ ! -e "${var_dir}" ]; then
|
||||
install --mode=0755 --directory "${var_dir}"
|
||||
fi
|
||||
|
||||
function show_help() {
|
||||
cat <<END
|
||||
$PROGNAME disables or enables NRPE alerts wrapped by the script 'alerts_wrapper' in NRPE configuration.
|
||||
|
||||
Usage: $PROGNAME disable [-d|--during <DURATION>] [--message '<DISABLE_MESSAGE>'] <WRAPPER_NAME|all>
|
||||
$PROGNAME enable [--message '<ENABLE_MESSAGE>'] <WRAPPER_NAME|all>
|
||||
$PROGNAME help
|
||||
|
||||
WRAPPER_NAME: The name given to '--name' option of 'alerts_wrapper'.
|
||||
DURATION: Duration of alert disabling.
|
||||
Can be '1d' for 1 day, '5m' for 5 minutes or more complex
|
||||
expressions like '1w2d10m42s' (if no time unit is provided,
|
||||
hour is assumed)
|
||||
Default value: 1h
|
||||
DISABLE_MESSAGE: Message that will be logged and printed by alerts_wrapper
|
||||
when alert is disabled.
|
||||
ENABLE_MESSAGE: Message that will be logged when alert is enabled
|
||||
END
|
||||
usage() {
|
||||
echo "$PROGNAME action prefix"
|
||||
}
|
||||
|
||||
function disable_alerts() {
|
||||
# $1: wrapper name, $2: duration_sec, $3: disable message
|
||||
now_secs=$(date +"%s")
|
||||
disable_until_secs=$(( now_secs + ${2} ))
|
||||
disable_file_path="$(get_disable_file_path "${1}")"
|
||||
echo "${disable_until_secs}" > "${disable_file_path}"
|
||||
echo "$(logname || echo unknown): \"${3}\"" >> "${disable_file_path}"
|
||||
chmod 0644 "${disable_file_path}"
|
||||
log "${1} alerts disabled by $(logname || echo unknown)"
|
||||
log "Disable message: ${3}"
|
||||
}
|
||||
disable_alerts () {
|
||||
disabled_file="$1_disabled"
|
||||
enabled_file="$1_enabled"
|
||||
|
||||
function enable_alerts() {
|
||||
# $1: wrapper name, $2: enable message
|
||||
disable_file_path="$(get_disable_file_path "${1}")"
|
||||
if [ -e "${disable_file_path}" ]; then
|
||||
rm "${disable_file_path}"
|
||||
fi
|
||||
log "${1} alerts enabled by $(logname || echo unknown)"
|
||||
log "Enable message: ${2}"
|
||||
}
|
||||
|
||||
function main() {
|
||||
if [ "${action}" == 'enable' ]; then
|
||||
if [ "${wrapper_name}" == "all" ]; then
|
||||
for wrapper in $(get_wrappers_names); do
|
||||
enable_alerts "${wrapper}" "${message}"
|
||||
done
|
||||
else
|
||||
enable_alerts "${wrapper_name}" "${message}"
|
||||
fi
|
||||
elif [ "${action}" == 'disable' ]; then
|
||||
duration_sec=$(time_to_seconds "${duration}")
|
||||
if [ "${wrapper_name}" == "all" ]; then
|
||||
for wrapper in $(get_wrappers_names); do
|
||||
disable_alerts "${wrapper}" "${duration_sec}" "${message}"
|
||||
done
|
||||
else
|
||||
disable_alerts "${wrapper_name}" "${duration_sec}" "${message}"
|
||||
fi
|
||||
elif [ "${action}" == 'help' ]; then
|
||||
show_help
|
||||
if [ -e "${enabled_file}" ]; then
|
||||
mv "${enabled_file}" "${disabled_file}"
|
||||
else
|
||||
touch "${disabled_file}"
|
||||
chmod 0644 "${disabled_file}"
|
||||
fi
|
||||
}
|
||||
|
||||
enable_alerts () {
|
||||
disabled_file="$1_disabled"
|
||||
enabled_file="$1_enabled"
|
||||
|
||||
while :; do
|
||||
case "${1}" in
|
||||
enable|disable|help)
|
||||
action="${1}"
|
||||
shift;;
|
||||
-d|--during)
|
||||
if [ "$#" -gt 1 ]; then
|
||||
if filter_duration "${2}"; then
|
||||
duration="${2}"
|
||||
else
|
||||
usage_error "Option --during: \"${2}\" is not a valid duration."
|
||||
fi
|
||||
else
|
||||
error "Missing --during argument."
|
||||
fi
|
||||
shift; shift;;
|
||||
-m|--message)
|
||||
if [ "$#" -gt 1 ]; then
|
||||
message="${2}"
|
||||
else
|
||||
error "Missing --message argument."
|
||||
fi
|
||||
shift; shift;;
|
||||
*)
|
||||
if [ -n "${1}" ]; then
|
||||
if is_wrapper "${1}" || [ "${1}" == "all" ]; then
|
||||
wrapper_name="${1}"
|
||||
else
|
||||
error "Unknown argument '${1}', or NAME not defined in NRPE configuration."
|
||||
fi
|
||||
else
|
||||
if [ -z "${action}" ]; then
|
||||
error "Missing action argument."
|
||||
elif [ -z "${1}" ]; then
|
||||
break
|
||||
fi
|
||||
fi
|
||||
if [ -e "${disabled_file}" ]; then
|
||||
mv "${disabled_file}" "${enabled_file}"
|
||||
else
|
||||
touch "${enabled_file}"
|
||||
chmod 0644 "${enabled_file}"
|
||||
fi
|
||||
}
|
||||
|
||||
shift;;
|
||||
now () {
|
||||
date --iso-8601=seconds
|
||||
}
|
||||
|
||||
log_disable () {
|
||||
echo "$(now) - alerts disabled by $(logname || echo unknown)" >> $1
|
||||
}
|
||||
|
||||
log_enable () {
|
||||
echo "$(now) - alerts enabled by $(logname || echo unknown)" >> $1
|
||||
}
|
||||
|
||||
main () {
|
||||
local action=$1
|
||||
local prefix=$2
|
||||
|
||||
local base_dir="/var/lib/misc"
|
||||
mkdir -p "${base_dir}"
|
||||
|
||||
local file_path="${base_dir}/${prefix}_alerts"
|
||||
local log_file="/var/log/${prefix}_alerts.log"
|
||||
|
||||
case "$action" in
|
||||
enable)
|
||||
enable_alerts ${file_path}
|
||||
log_enable ${log_file}
|
||||
;;
|
||||
disable)
|
||||
disable_alerts ${file_path}
|
||||
log_disable ${log_file}
|
||||
;;
|
||||
help)
|
||||
usage
|
||||
;;
|
||||
*)
|
||||
>&2 echo "Unknown action '$action'"
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
done
|
||||
|
||||
if [ -z "${wrapper_name}" ] && [ "${action}" != 'help' ] ; then
|
||||
error "Missing WRAPPER_NAME."
|
||||
fi
|
||||
|
||||
if [ -z "${duration}" ]; then
|
||||
duration="${default_disabled_time}"
|
||||
fi
|
||||
|
||||
readonly wrapper_name duration action
|
||||
|
||||
main
|
||||
}
|
||||
|
||||
main $ARGS
|
||||
|
|
209
nagios-nrpe/files/alerts_wrapper
Executable file → Normal file
209
nagios-nrpe/files/alerts_wrapper
Executable file → Normal file
|
@ -1,101 +1,114 @@
|
|||
#!/bin/bash
|
||||
|
||||
# https://forge.evolix.org/projects/evolix-private/repository
|
||||
#
|
||||
# Source:
|
||||
# https://gitea.evolix.org/evolix/ansible-roles/src/branch/stable/nagios-nrpe
|
||||
#
|
||||
# You should not alter this file.
|
||||
# If you need to, create and customize a copy.
|
||||
|
||||
readonly PROGNAME=$(basename $0)
|
||||
readonly VERSION="24.04.00"
|
||||
VERSION="21.04"
|
||||
readonly VERSION
|
||||
|
||||
# Load common functions and vars
|
||||
readonly lib_dir="/usr/local/lib/monitoringctl"
|
||||
if [ -r "${lib_dir}/common" ]; then
|
||||
# shellcheck source=monitoringctl_common
|
||||
source "${lib_dir}/common"
|
||||
else
|
||||
>&2 echo "Error: missing ${lib_dir}/common file."
|
||||
exit 1
|
||||
fi
|
||||
# base functions
|
||||
|
||||
if [ ! -e "${var_dir}" ]; then
|
||||
install --mode=0755 --directory "${var_dir}"
|
||||
fi
|
||||
|
||||
|
||||
function show_help() {
|
||||
show_version() {
|
||||
cat <<END
|
||||
alerts_wrapper wraps an NRPE command and overrides the return code.
|
||||
alerts_wrapper version ${VERSION}
|
||||
|
||||
Usage: alerts_wrapper --name <WRAPPER_NAME> <CHECK_COMMAND>
|
||||
Usage: alerts_wrapper <WRAPPER_NAME> <CHECK_COMMAND> (deprecated)
|
||||
Copyright 2018-2021 Evolix <info@evolix.fr>,
|
||||
Jérémy Lecour <jlecour@evolix.fr>
|
||||
and others.
|
||||
|
||||
alerts_wrapper comes with ABSOLUTELY NO WARRANTY.This is free software,
|
||||
and you are welcome to redistribute it under certain conditions.
|
||||
See the GNU General Public License v3.0 for details.
|
||||
END
|
||||
}
|
||||
show_help() {
|
||||
cat <<END
|
||||
alerts_wrapper is supposed to wrap an NRPE command and overrides the return code.
|
||||
|
||||
Usage: alerts_wrapper --limit=1d --name=check_name command with optional arguments
|
||||
or alerts_wrapper --name=check_name command with optional arguments
|
||||
or alerts_wrapper check_name command with optional arguments
|
||||
|
||||
Options
|
||||
--name Wrapper name, it is very recommended to use the check name (like load, disk1…).
|
||||
Special name: 'all' is already hard-coded.
|
||||
-h, --help Print this message and exit.
|
||||
-V, --version Print version and exit.
|
||||
--limit max age of the "check file" ;
|
||||
can be "1d" for 1 day, "5m" for 5 minutes…
|
||||
or more complex expressions like "1w2d10m42s"
|
||||
--name check name
|
||||
-h, --help print this message and exit
|
||||
-V, --version print version and exit
|
||||
END
|
||||
}
|
||||
|
||||
function enable_wrapper() {
|
||||
# $1: wrapper name
|
||||
if [ "$(id -u)" -eq "0" ] ; then
|
||||
/usr/local/bin/alerts_switch enable "${1}"
|
||||
time_in_seconds() {
|
||||
if echo "${1}" | grep -E -q '^([0-9]+[wdhms])+$'; then
|
||||
echo "${1}" | sed 's/w/ * 604800 + /g; s/d/ * 86400 + /g; s/h/ * 3600 + /g; s/m/ * 60 + /g; s/s/ + /g; s/+ $//' | xargs expr
|
||||
elif echo "${1}" | grep -E -q '^([0-9]+$)'; then
|
||||
echo "${1} * 3600" | xargs expr
|
||||
else
|
||||
sudo /usr/local/bin/alerts_switch enable "${1}"
|
||||
return 1
|
||||
fi
|
||||
}
|
||||
|
||||
function main() {
|
||||
is_disabled="$(is_disabled_wrapper "${wrapper_name}")"
|
||||
delay_from_alerts_disabled_file() {
|
||||
last_change=$(stat -c %Z "${alerts_disabled_file}")
|
||||
limit_seconds=$(time_in_seconds "${wrapper_limit}" || time_in_seconds "${wrapper_limit_default}")
|
||||
limit_date=$(date --date "${limit_seconds} seconds ago" +"%s")
|
||||
|
||||
if [ -e "${disable_file}" ] && [ "${is_disabled}" = "False" ]; then
|
||||
enable_wrapper "${wrapper_name}"
|
||||
echo $(( last_change - limit_date ))
|
||||
}
|
||||
|
||||
enable_check() {
|
||||
if [ "$(id -u)" -eq "0" ] ; then
|
||||
/usr/local/bin/alerts_switch enable "${check_name}"
|
||||
else
|
||||
sudo /usr/local/bin/alerts_switch enable "${check_name}"
|
||||
fi
|
||||
}
|
||||
|
||||
timeout_command=""
|
||||
if [ "${is_disabled}" = "True" ]; then
|
||||
timeout_command="timeout 8"
|
||||
fi
|
||||
|
||||
check_stdout="$(${timeout_command} ${check_command})"
|
||||
main() {
|
||||
${check_command} > "${check_stdout}"
|
||||
check_rc=$?
|
||||
readonly check_rc
|
||||
|
||||
if [ "${is_disabled}" = "True" ] && [ "${check_rc}" -eq 124 ] && [ -z "${check_stdout}" ]; then
|
||||
check_stdout="Check timeout (> 8 sec)"
|
||||
fi
|
||||
delay=0
|
||||
|
||||
if [ "${is_disabled}" = "True" ]; then
|
||||
enable_time="$(get_enable_time "${wrapper_name}")"
|
||||
enable_delay="$(enable_delay "${enable_time}")"
|
||||
delay_str="$(delay_to_string "${enable_delay}")"
|
||||
enable_date="$(date --date "+${enable_delay} seconds" "+%d %h %Y at %H:%M:%S")"
|
||||
disable_msg="$(get_disable_message "${wrapper_name}")"
|
||||
if [ -n "${disable_msg}" ]; then
|
||||
disable_msg="- ${disable_msg} "
|
||||
if [ -e "${alerts_disabled_file}" ]; then
|
||||
delay=$(delay_from_alerts_disabled_file)
|
||||
|
||||
if [ "${delay}" -le "0" ]; then
|
||||
enable_check
|
||||
fi
|
||||
echo "ALERT DISABLED until ${enable_date} (${delay_str} left) ${disable_msg}- Check output: ${check_stdout}"
|
||||
else
|
||||
echo "${check_stdout}"
|
||||
fi
|
||||
|
||||
if [ "${is_disabled}" = "True" ]; then
|
||||
if [ -e "${alerts_disabled_file}" ]; then
|
||||
formatted_last_change=$(date --date "@$(stat -c %Z "${alerts_disabled_file}")" +'%c')
|
||||
readonly formatted_last_change
|
||||
|
||||
echo "ALERTS DISABLED for ${check_name} (since ${formatted_last_change}, delay: ${delay} sec) - $(cat "${check_stdout}")"
|
||||
if [ ${check_rc} = 0 ]; then
|
||||
exit 0 # Nagios OK
|
||||
# Nagios OK
|
||||
exit 0
|
||||
else
|
||||
exit 1 # Nagios WARNING
|
||||
# Nagios WARNING
|
||||
exit 1
|
||||
fi
|
||||
else
|
||||
cat "${check_stdout}"
|
||||
exit ${check_rc}
|
||||
fi
|
||||
}
|
||||
|
||||
# Default: 1 day before re-enabling the check
|
||||
wrapper_limit_default="1d"
|
||||
readonly wrapper_limit_default
|
||||
|
||||
if [[ "${1}" =~ -.* ]]; then
|
||||
# parse options
|
||||
# based on https://gist.github.com/deshion/10d3cb5f88a21671e17a
|
||||
while :; do
|
||||
case "${1}" in
|
||||
case $1 in
|
||||
-h|-\?|--help)
|
||||
show_help
|
||||
exit 0
|
||||
|
@ -104,25 +117,47 @@ if [[ "${1}" =~ -.* ]]; then
|
|||
show_version
|
||||
exit 0
|
||||
;;
|
||||
-n|--name)
|
||||
|
||||
--limit)
|
||||
# with value separated by space
|
||||
if [ -n "${2}" ]; then
|
||||
wrapper_name="${2}"
|
||||
if [ -n "$2" ]; then
|
||||
wrapper_limit=$2
|
||||
shift
|
||||
else
|
||||
printf 'ERROR: "--limit" requires a non-empty option argument.\n' >&2
|
||||
exit 1
|
||||
fi
|
||||
;;
|
||||
--limit=?*)
|
||||
# with value speparated by =
|
||||
wrapper_limit=${1#*=}
|
||||
;;
|
||||
--limit=)
|
||||
# without value
|
||||
printf 'ERROR: "--limit" requires a non-empty option argument.\n' >&2
|
||||
exit 1
|
||||
;;
|
||||
|
||||
--name)
|
||||
# with value separated by space
|
||||
if [ -n "$2" ]; then
|
||||
check_name=$2
|
||||
shift
|
||||
else
|
||||
printf 'ERROR: "--name" requires a non-empty option argument.\n' >&2
|
||||
exit 2
|
||||
exit 1
|
||||
fi
|
||||
;;
|
||||
-n|--name=?*)
|
||||
# with value separated by =
|
||||
wrapper_name="${1#*=}"
|
||||
--name=?*)
|
||||
# with value speparated by =
|
||||
check_name=${1#*=}
|
||||
;;
|
||||
-n|--name=)
|
||||
--name=)
|
||||
# without value
|
||||
printf 'ERROR: "--name" requires a non-empty option argument.\n' >&2
|
||||
exit 2
|
||||
exit 1
|
||||
;;
|
||||
|
||||
--)
|
||||
# End of all options.
|
||||
shift
|
||||
|
@ -130,8 +165,8 @@ if [[ "${1}" =~ -.* ]]; then
|
|||
;;
|
||||
-?*)
|
||||
# ignore unknown options
|
||||
printf 'ERROR: Unknown option : %s\n' "${1}" >&2
|
||||
exit 2
|
||||
printf 'WARN: Unknown option : %s\n' "$1" >&2
|
||||
exit 1
|
||||
;;
|
||||
*)
|
||||
# Default case: If no more options then break out of the loop.
|
||||
|
@ -145,22 +180,38 @@ if [[ "${1}" =~ -.* ]]; then
|
|||
check_command="$*"
|
||||
else
|
||||
# no option is passed (backward compatibility with previous version)
|
||||
# treat the first argument as wrapper_name and the rest as the command
|
||||
wrapper_name="${1}"
|
||||
# treat the first argument as check_name and the rest as the command
|
||||
check_name="${1}"
|
||||
shift
|
||||
check_command="$*"
|
||||
fi
|
||||
|
||||
if [ -z "${wrapper_name}" ]; then
|
||||
printf 'ERROR: You must specify a wrapper name, with --names.\n' >&2
|
||||
exit 2
|
||||
# Default values or errors
|
||||
if [ -z "${wrapper_limit}" ]; then
|
||||
wrapper_limit="${wrapper_limit_default}"
|
||||
fi
|
||||
if [ -z "${check_name}" ]; then
|
||||
printf 'ERROR: You must specify a check name, with --name.\n' >&2
|
||||
exit 1
|
||||
fi
|
||||
if [ -z "${check_command}" ]; then
|
||||
printf 'ERROR: You must specify a command to execute.\n' >&2
|
||||
exit 2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
disable_file="$(get_disable_file_path "${wrapper_name}")"
|
||||
readonly wrapper_name check_command disable_file
|
||||
readonly check_name
|
||||
readonly check_command
|
||||
readonly wrapper_limit
|
||||
alerts_disabled_file="/var/lib/misc/${check_name}_alerts_disabled"
|
||||
readonly alerts_disabled_file
|
||||
|
||||
check_file="/var/lib/misc/${check_name}_alerts_disabled"
|
||||
readonly check_file
|
||||
|
||||
check_stdout=$(mktemp --tmpdir=/tmp "${check_name}_stdout.XXXX")
|
||||
readonly check_stdout
|
||||
|
||||
# shellcheck disable=SC2064
|
||||
trap "rm ${check_stdout}" EXIT
|
||||
|
||||
main
|
||||
|
|
36
nagios-nrpe/files/check-local
Executable file
36
nagios-nrpe/files/check-local
Executable file
|
@ -0,0 +1,36 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
CHECK_BIN=/usr/lib/nagios/plugins/check_nrpe
|
||||
|
||||
server_address="127.0.0.1"
|
||||
|
||||
if ! test -f "${CHECK_BIN}"; then
|
||||
echo "${CHECK_BIN} is missing, please install nagios-nrpe-plugin package."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
for file in /etc/nagios/{nrpe.cfg,nrpe_local.cfg,nrpe.d/evolix.cfg}; do
|
||||
if [ -r ${file} ]; then
|
||||
command_search=$(grep "\[check_$1\]" "${file}" | grep -v '^[[:blank:]]*#' | tail -n1 | cut -d'=' -f2-)
|
||||
fi
|
||||
if [ -n "${command_search}" ]; then
|
||||
command="${command_search}"
|
||||
fi
|
||||
|
||||
if [ -r ${file} ]; then
|
||||
server_address_search=$(grep "server_address" "${file}" | grep -v '^[[:blank:]]*#' | cut -d'=' -f2)
|
||||
fi
|
||||
if [ -n "${server_address_search}" ]; then
|
||||
server_address="${server_address_search}"
|
||||
fi
|
||||
done
|
||||
|
||||
if [ -n "${command}" ]; then
|
||||
echo "Found command in /etc/nagios (take care, in some cases, Nagios can play another command):"
|
||||
echo " ${command}"
|
||||
fi
|
||||
|
||||
echo "NRPE daemon output:"
|
||||
"${CHECK_BIN}" -H "${server_address}" -c "check_$1"
|
||||
|
||||
|
5
nagios-nrpe/files/check-local_completion
Executable file → Normal file
5
nagios-nrpe/files/check-local_completion
Executable file → Normal file
|
@ -1,6 +1,5 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
# List of available checks
|
||||
_check_local_dynamic_completion() {
|
||||
local cur;
|
||||
cur=${COMP_WORDS[COMP_CWORD]};
|
||||
|
@ -8,10 +7,6 @@ _check_local_dynamic_completion() {
|
|||
COMPREPLY=( $( compgen -W '$(grep "\[check_" -Rs /etc/nagios/ | grep -vE "^[[:blank:]]*#" | awk -F"[\\\[\\\]=]" "{print \$2}" | sed "s/check_//" | sort | uniq)' -- $cur ) );
|
||||
}
|
||||
|
||||
# List of available disable names of alerts_wrapper
|
||||
# grep "alerts_wrapper" -Rs /etc/nagios/ | grep -vE "^\s*#" | awk '{ for (i=1; i<=NF; i++) { if ($i ~ /--name[s]?/) print $(i+1) } }' | tr ',' '\n' | sort | uniq
|
||||
# + ajouter all
|
||||
|
||||
complete -F _check_local_dynamic_completion check-local
|
||||
|
||||
|
||||
|
|
0
nagios-nrpe/files/check_async
Executable file → Normal file
0
nagios-nrpe/files/check_async
Executable file → Normal file
|
@ -1,586 +0,0 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
#set -x
|
||||
|
||||
readonly PROGNAME=$(basename $0)
|
||||
readonly VERSION="24.04.00"
|
||||
|
||||
readonly red="\e[0;31m"
|
||||
readonly green="\e[0;32m"
|
||||
readonly orange="\e[0;33m"
|
||||
readonly lightgreen="\e[1;32m"
|
||||
readonly yellow="\e[1;33m"
|
||||
readonly lightblue="\e[1;34m"
|
||||
readonly purple="\e[0;35m"
|
||||
readonly nocolor="\e[0m"
|
||||
|
||||
# Load common functions and vars
|
||||
readonly lib_dir="/usr/local/lib/monitoringctl"
|
||||
if [ -r "${lib_dir}/common" ]; then
|
||||
# shellcheck source=monitoringctl_common
|
||||
source "${lib_dir}/common"
|
||||
else
|
||||
>&2 echo "Error: missing ${lib_dir}/common file."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
function show_help() {
|
||||
cat <<EOF
|
||||
monitoringctl version ${VERSION}.
|
||||
|
||||
monitoringctl gives some control over NRPE checks and alerts.
|
||||
|
||||
Usage: monitoringctl [OPTIONS] ACTION ARGUMENTS
|
||||
|
||||
GENERAL OPTIONS:
|
||||
|
||||
-h, --help Print this message and exit.
|
||||
-V, --version Print version number and exit.
|
||||
|
||||
ACTIONS:
|
||||
|
||||
status [CHECK_NAME|all]
|
||||
|
||||
Print whether alerts are enabled or not (silenced).
|
||||
If alerts are disabled (silenced), show disable message and time left before automatic re-enabling.
|
||||
|
||||
check [--bypass-nrpe] CHECK_NAME
|
||||
|
||||
Ask CHECK_NAME status to NRPE as an HTTP request.
|
||||
Indicates which command NRPE has supposedly run (from its configuration).
|
||||
-b, --bypass-nrpe Execute directly command from NRPE configuration,
|
||||
as user nagios, without passing the request to NRPE.
|
||||
|
||||
disable CHECK_NAME|all [--during DURATION] [--message 'DISABLE MESSAGE']
|
||||
|
||||
Disable (silence) CHECK_NAME or all alerts for DURATION and write DISABLE MESSAGE into the log.
|
||||
Checks output is still printed, so alerts history won't be lost.
|
||||
|
||||
enable CHECK_NAME|all [--message 'ENABLE MESSAGE']
|
||||
|
||||
Re-enable CHECK_NAME or all alerts
|
||||
|
||||
show CHECK_NAME
|
||||
|
||||
Show NPRE command(s) configured for CHECK_NAME
|
||||
|
||||
MESSAGE:
|
||||
|
||||
Message to be written in log and disabled check output (mandatory, will be asked dynamically if not provided).
|
||||
|
||||
DURATION:
|
||||
|
||||
Time (string) during which alerts will be disabled (optional, default: "1h").
|
||||
|
||||
Format:
|
||||
You can use 'd' (day), 'h' (hour) and 'm' (minute) , or a combination of them, to specify a duration.
|
||||
Examples: '2d', '1h', '10m', '1h10' ('m' is guessed).
|
||||
|
||||
NOTES
|
||||
|
||||
For actions disable, enable and status, CHECK_NAME is actually the --name option passed to alerts_wrapper, and not the NRPE check name. Both check name and alerts_wrapper --name option should be equal in NRPE configuration to avoid confusion.
|
||||
|
||||
Log path: ${log_file}
|
||||
|
||||
EOF
|
||||
}
|
||||
|
||||
function check() {
|
||||
# $1: check name, "all" or empty
|
||||
readonly check_nrpe_bin="/usr/lib/nagios/plugins/check_nrpe"
|
||||
if [ ! -f "${check_nrpe_bin}" ]; then
|
||||
>&2 echo "${check_nrpe_bin} is missing, please install nagios-nrpe-plugin package."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
conf_lines="$(get_nrpe_conf "${nrpe_conf_path}")"
|
||||
|
||||
server_address=$(echo "$conf_lines" | grep "server_address" | tail -n1 | cut -d'=' -f2)
|
||||
if [ -z "${server_address}" ]; then server_address="127.0.0.1"; fi
|
||||
|
||||
server_port=$(echo "$conf_lines" | grep "server_port" | tail -n1 | cut -d'=' -f2)
|
||||
if [ -z "${server_port}" ]; then server_port="5666"; fi
|
||||
|
||||
if [ -z "${1}" ] || [ "${1}" = "all" ]; then
|
||||
# Array header for multi-checks
|
||||
checks="$(get_checks_names)"
|
||||
header="Check\tStatus\tOutput (truncated)"
|
||||
underline="-----\t------\t------------------"
|
||||
str_out="\n${header}\n${underline}\n"
|
||||
else
|
||||
checks="${1}"
|
||||
fi
|
||||
|
||||
for check in $checks; do
|
||||
printf "\033[KChecking %s…\r" "${check}"
|
||||
err_msg=""
|
||||
if [ "${bypass_nrpe}" = "False" ]; then
|
||||
request_command="${check_nrpe_bin} -H ${server_address} -p ${server_port} -c check_${check} 2&>1"
|
||||
else
|
||||
check_commands="$(get_check_commands "${check}")"
|
||||
if [ -n "${check_commands}" ]; then
|
||||
check_command="$(echo "${check_commands}" | tail -n1)"
|
||||
request_command="sudo -u nagios -- ${check_command}"
|
||||
else
|
||||
if [ -z "${1}" ] || [ "${1}" = "all" ]; then
|
||||
err_msg="Check command not found in NRPE configuration."
|
||||
else
|
||||
err_msg="Error: no command found in NRPE configuration for check '${check}'. Aborted."
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
if [ -z "${err_msg}" ]; then
|
||||
check_output="$(${request_command})"
|
||||
rc="$?"
|
||||
check_output="$(echo "${check_output}" | tr '\n' ' ')"
|
||||
if [ -z "${1}" ] || [ "${1}" = "all" ]; then
|
||||
if [ "${#check_output}" -gt 60 ]; then
|
||||
check_output="$(echo "${check_output}" | cut -c-80) [...]"
|
||||
fi
|
||||
fi
|
||||
else
|
||||
check_output="${err_msg}"
|
||||
rc="3"
|
||||
fi
|
||||
|
||||
case "${rc}" in
|
||||
0)
|
||||
rc_str="OK"
|
||||
color="${green}"
|
||||
;;
|
||||
1)
|
||||
rc_str="Warning"
|
||||
color="${orange}"
|
||||
;;
|
||||
2)
|
||||
rc_str="Critical"
|
||||
color="${red}"
|
||||
;;
|
||||
3)
|
||||
rc_str="Unknown"
|
||||
color="${purple}"
|
||||
;;
|
||||
*)
|
||||
rc_str="Unknown"
|
||||
color="${purple}"
|
||||
esac
|
||||
|
||||
if [ -z "${1}" ] || [ "${1}" = "all" ]; then
|
||||
str_out="${str_out}${color}${check}\t${rc_str}${nocolor}\t${check_output}\n"
|
||||
fi
|
||||
done
|
||||
|
||||
if [ -z "${1}" ] || [ "${1}" = "all" ]; then
|
||||
echo -e "${str_out}" | column -t -s $'\t'
|
||||
else
|
||||
printf "\033[K\n" # erase tmp line « Checking check_toto…»
|
||||
if [ "${bypass_nrpe}" = "False" ]; then
|
||||
echo -e "NRPE service output (on ${server_address}:${server_port}):\n"
|
||||
else
|
||||
echo -e "Direct check output (bypassing NRPE):\n"
|
||||
fi
|
||||
echo -e "${color}${check_output}${nocolor}\n" | sed 's/|/\n/g'
|
||||
exit "${rc}"
|
||||
fi
|
||||
}
|
||||
|
||||
# Print error message and exit if not installed
|
||||
function alerts_switch_is_installed() {
|
||||
if ! command -v alerts_switch &> /dev/null; then
|
||||
error "Error: script 'alerts_switch' is not installed. Aborted."
|
||||
fi
|
||||
}
|
||||
|
||||
function disable_alerts() {
|
||||
# $1: check name | all
|
||||
# $2: disable message
|
||||
alerts_switch_is_installed
|
||||
|
||||
if [ "${1}" = "all" ]; then
|
||||
checks="$(get_checks_names)"
|
||||
else
|
||||
checks="${1}"
|
||||
fi
|
||||
|
||||
warn_not_wrapped "${checks}"
|
||||
warn_wrapper_names "${checks}"
|
||||
|
||||
if [ -z "${2}" ]; then
|
||||
echo -n "> Please provide a disable message (for logging and check output): "
|
||||
read -r message
|
||||
echo ''
|
||||
if [ -z "${message}" ]; then
|
||||
error "${red}Error:${nocolor} disable message is mandatory."
|
||||
fi
|
||||
else
|
||||
message="${2}"
|
||||
fi
|
||||
|
||||
default_msg=""
|
||||
if [ "${default_duration}" = "True" ]; then
|
||||
default_msg=" (use --during to change default time)"
|
||||
fi
|
||||
|
||||
if [ "${1}" = "all" ]; then
|
||||
check_txt="All checks"
|
||||
else
|
||||
check_txt="Check ${1}"
|
||||
fi
|
||||
|
||||
echo_box "${check_txt} will be disabled for ${duration}${default_msg}."
|
||||
cat <<EOF
|
||||
|
||||
Additional information:
|
||||
* Alerts history is kept in our monitoring system.
|
||||
* To re-enable alert(s) before ${duration}, execute as root or with sudo: 'monitoringctl enable ${1}'
|
||||
|
||||
EOF
|
||||
|
||||
if [ "${1}" != "all" ]; then
|
||||
if is_check "${1}"; then
|
||||
wrapper="$(get_check_wrapper_name "${1}")"
|
||||
else
|
||||
wrapper="${1}"
|
||||
fi
|
||||
checks="$(get_wrapper_checks "${wrapper}")"
|
||||
n_checks="$(echo "${checks}" | wc -w)"
|
||||
if [ "${n_checks}" -gt 1 ]; then
|
||||
>&2 echo -e "${orange}Warning:${nocolor} because they have the same configuration, disabling ${1} will disable: ${checks}.\n"
|
||||
log "Warning: disabling ${1} will disable ${checks} (which have the same wrapper name)."
|
||||
fi
|
||||
else
|
||||
wrapper="all"
|
||||
fi
|
||||
|
||||
echo -n "> Confirm (y/N)? "
|
||||
read -r answer
|
||||
if [ "${answer}" != "Y" ] && [ "${answer}" != "y" ]; then
|
||||
echo -e "${orange}Canceled.${nocolor}" && exit 0
|
||||
fi
|
||||
|
||||
log "Action disable ${1} requested for ${duration} by user $(logname || echo unknown)."
|
||||
|
||||
alerts_switch disable "${wrapper}" --during "${duration}" --message "${message}"
|
||||
|
||||
if [ "${1}" != "all" ]; then
|
||||
if [ "${n_checks}" -eq 1 ]; then
|
||||
echo -e "${orange}Check ${1} alerts are now disabled for ${duration}.${nocolor}"
|
||||
else
|
||||
echo -e "${orange}Alerts are now disabled for ${duration} for checks: ${checks}.${nocolor}"
|
||||
fi
|
||||
else
|
||||
echo -e "${orange}All alerts are now disabled for ${duration}.${nocolor}"
|
||||
fi
|
||||
}
|
||||
|
||||
function enable_alerts() {
|
||||
# $1: check name, $2: enable message
|
||||
alerts_switch_is_installed
|
||||
|
||||
if [ "${1}" != "all" ]; then
|
||||
# Verify that check is not already enabled
|
||||
is_disabled="$(is_disabled_check "${1}")"
|
||||
if [ "${is_disabled}" = "False" ]; then
|
||||
echo "${1} is already enabled, see 'monitoringctl status'"
|
||||
exit 0
|
||||
fi
|
||||
fi
|
||||
|
||||
if [ -z "${2}" ]; then
|
||||
echo -n "> Please provide an enable message (for logging): "
|
||||
read -r message
|
||||
echo ''
|
||||
if [ -z "${message}" ]; then
|
||||
error "${red}Error:${nocolor} disable message is mandatory."
|
||||
fi
|
||||
else
|
||||
message="${2}"
|
||||
fi
|
||||
|
||||
log "Action enable ${1} requested by user $(logname || echo unknown)."
|
||||
|
||||
if [ "${1}" != "all" ]; then
|
||||
if is_check "${1}"; then
|
||||
wrapper="$(get_check_wrapper_name "${1}")"
|
||||
else
|
||||
wrapper="${1}"
|
||||
fi
|
||||
checks="$(get_wrapper_checks "${wrapper}")"
|
||||
n_checks="$(echo "${checks}" | wc -w)"
|
||||
if [ "${n_checks}" -gt 1 ]; then
|
||||
>&2 echo -e "${orange}Warning:${nocolor} because they have the same configuration, enabling ${1} will enable: ${checks}.\n"
|
||||
log "Warning: check ${1} will enable ${checks} (which have the same wrapper name)."
|
||||
fi
|
||||
else
|
||||
wrapper="all"
|
||||
fi
|
||||
|
||||
alerts_switch enable "${wrapper}" --message "${message}"
|
||||
|
||||
if [ "${1}" != "all" ]; then
|
||||
if [ "${n_checks}" -eq 1 ]; then
|
||||
echo -e "${green}Check ${1} alerts are now enabled.${nocolor}"
|
||||
else
|
||||
echo -e "${green}Alerts are now enabled for checks: ${checks}.${nocolor}"
|
||||
fi
|
||||
else
|
||||
echo -e "${green}All alerts are now enabled.${nocolor}"
|
||||
fi
|
||||
}
|
||||
|
||||
# Show NRPE command(s) configured for a check
|
||||
function show_check_commands() {
|
||||
# $1: check name
|
||||
check_commands=$(get_check_commands "${1}")
|
||||
|
||||
if [ -z "${check_commands}" ]; then
|
||||
usage_error "Error: no command found in NRPE configuration for check '${1}."
|
||||
fi
|
||||
|
||||
n_commands="$(echo "${check_commands}" | wc -l)"
|
||||
if [ "${n_commands}" -ne 1 ]; then
|
||||
echo "Available commands (in config order, the last one overwrites the others):"
|
||||
echo " $check_commands"
|
||||
fi
|
||||
|
||||
check_command=$(echo "${check_commands}" | tail -n1)
|
||||
echo "Command used by NRPE:"
|
||||
echo " ${check_command}"
|
||||
}
|
||||
|
||||
# Print a warning if some wrappers have the same name
|
||||
# or if a name is different from the check.
|
||||
function warn_wrapper_names() {
|
||||
#$1: checks to verify
|
||||
warned="False"
|
||||
for check in ${1}; do
|
||||
wrapper_name="$(get_check_wrapper_name "${check}")"
|
||||
if [ -n "${wrapper_name}" ] && [ "${wrapper_name}" != "${check}" ]; then
|
||||
>&2 echo -e "${orange}Warning:${nocolor} ${check} check has wrapper name ${wrapper_name}."
|
||||
warned="True"
|
||||
fi
|
||||
done
|
||||
if [ "${warned}" = "True" ]; then
|
||||
>&2 echo -e "${orange}It is recommanded to name the wrappers the same as the checks.${nocolor}\n"
|
||||
fi
|
||||
}
|
||||
|
||||
# Print a warning if some checks are not wrapped
|
||||
function warn_not_wrapped() {
|
||||
#$1: checks to verify
|
||||
unwrappeds="$(not_wrapped_checks)"
|
||||
unwrapped_checks="$(comm -12 <(echo "${1}") <(echo "${unwrappeds}"))"
|
||||
if [ -n "${unwrapped_checks}" ]; then
|
||||
n_checks="$(echo "${1}" | wc -w)"
|
||||
n_unwrapped="$(echo "${unwrapped_checks}" | wc -w)"
|
||||
if [ "${n_unwrapped}" == "${n_checks}" ]; then
|
||||
if [ "${n_unwrapped}" -eq 1 ]; then
|
||||
error "${red}Error:${nocolor} ${1} check is not wrapped, it cannot be disabled."
|
||||
else
|
||||
error "${red}Error:${nocolor} these checks are not wrapped, they cannot be disabled: $(echo "${unwrapped_checks}" | xargs)"
|
||||
fi
|
||||
else
|
||||
if [ "${n_unwrapped}" -eq 1 ]; then
|
||||
>&2 echo -e "${orange}Warning:${nocolor} ${unwrapped_checks} check is not wrapped, it will not be disabled."
|
||||
else
|
||||
>&2 echo -e -n "${orange}Warning:${nocolor} some checks are not configured, they will not be disabled: $(echo "${unwrapped_checks}" | xargs)\n\n"
|
||||
fi
|
||||
fi
|
||||
|
||||
log "Warning: some checks have no alerts_wrapper, they will not be disabled: $(echo "${unwrapped_checks}" | xargs)"
|
||||
fi
|
||||
}
|
||||
|
||||
# Echo a message in a box
|
||||
function echo_box() {
|
||||
# $1: message
|
||||
msg_len="${#1}"
|
||||
line="$(printf '─%.0s' $(eval "echo {1.."${msg_len}"}"))"
|
||||
cat <<EOF
|
||||
┌${line}┐
|
||||
│${1}│
|
||||
└${line}┘
|
||||
EOF
|
||||
}
|
||||
|
||||
# Echo which checks are enabled or disabled and time left
|
||||
function alerts_status() {
|
||||
# $1: check name, "all" or empty
|
||||
if [ -z "${1}" ] || [ "${1}" = "all" ]; then
|
||||
checks="$(get_checks_names)"
|
||||
else
|
||||
checks="${1}"
|
||||
fi
|
||||
|
||||
warn_wrapper_names "${checks}"
|
||||
|
||||
header="Check\tStatus\tRe-enable time\tDisable message"
|
||||
underline="-----\t------\t--------------\t---------------"
|
||||
str_out="${header}\n${underline}\n"
|
||||
|
||||
for check in $checks; do
|
||||
enable_str=""
|
||||
status_str="Enabled"
|
||||
disable_msg=""
|
||||
if ! is_wrapped "${check}"; then
|
||||
status_str="Not configured"
|
||||
else
|
||||
is_disabled="$(is_disabled_check "${check}")"
|
||||
wrapper_name="$(get_check_wrapper_name "${check}")"
|
||||
if [ "${is_disabled}" = "True" ]; then
|
||||
status_str="Disabled"
|
||||
enable_time="$(get_enable_time "${wrapper_name}")"
|
||||
enable_delay="$(enable_delay "${enable_time}")"
|
||||
delay_str="$(delay_to_string "${enable_delay}")"
|
||||
enable_date="$(date --date "+${enable_delay} seconds" "+%d %h %Y at %H:%M:%S")"
|
||||
enable_str="${enable_date} (${delay_str} left)"
|
||||
disable_msg="$(get_disable_message "${wrapper_name}")"
|
||||
fi
|
||||
fi
|
||||
case "${status_str}" in
|
||||
"Enabled")
|
||||
color="${green}"
|
||||
;;
|
||||
"Disabled")
|
||||
color="${orange}"
|
||||
;;
|
||||
*)
|
||||
color="${red}"
|
||||
esac
|
||||
str_out="${str_out}${color}${check}\t${status_str}${nocolor}\t${enable_str}\t${disable_msg}\n"
|
||||
done
|
||||
|
||||
echo -e "${str_out}" | column -t -s $'\t'
|
||||
}
|
||||
|
||||
|
||||
### MAIN #########################################
|
||||
|
||||
# No root
|
||||
if [ "$(id -u)" -ne 0 ]; then
|
||||
>&2 echo "You need to be root (or use sudo) to run ${0}!"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# No argument
|
||||
if [ "$#" = "0" ]; then
|
||||
show_help
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Default arguments and options
|
||||
action=""
|
||||
message=""
|
||||
duration="${default_disabled_time}"
|
||||
bypass_nrpe="False"
|
||||
default_duration="True"
|
||||
|
||||
# Parse arguments and options
|
||||
while :; do
|
||||
case "${1}" in
|
||||
-h|-\?|--help)
|
||||
show_help
|
||||
exit 0;;
|
||||
-V|--version)
|
||||
show_version
|
||||
exit 0;;
|
||||
-b|--bypass-nrpe)
|
||||
bypass_nrpe="True"
|
||||
shift;;
|
||||
-d|--during)
|
||||
if [ "${default_duration}" = "False" ]; then
|
||||
usage_error "Option --during: defined multiple times."
|
||||
fi
|
||||
if [ "$#" -lt 2 ]; then
|
||||
usage_error "Option --during: missing value."
|
||||
fi
|
||||
if filter_duration "${2}"; then
|
||||
duration="${2}"
|
||||
else
|
||||
usage_error "Option --during: \"${2}\" is not a valid duration."
|
||||
fi
|
||||
default_duration="False"
|
||||
shift; shift;;
|
||||
-m|--message)
|
||||
if [ "$#" -lt 2 ]; then
|
||||
usage_error "Option --message: missing message string."
|
||||
fi
|
||||
message="${2}"
|
||||
shift; shift;;
|
||||
status|check|enable|disable|show)
|
||||
action="${1}"
|
||||
shift;;
|
||||
*)
|
||||
if [ -z "${1}" ]; then
|
||||
break
|
||||
fi
|
||||
|
||||
case "${action}" in
|
||||
status|check)
|
||||
if is_check "${1}" || [ "${1}" = "all" ]; then
|
||||
check_name="${1}"
|
||||
else
|
||||
usage_error "Action ${action}: unknown check '${1}'."
|
||||
fi
|
||||
;;
|
||||
show)
|
||||
if is_check "${1}"; then
|
||||
check_name="${1}"
|
||||
else
|
||||
usage_error "Action ${action}: unknown check '${1}'."
|
||||
fi
|
||||
;;
|
||||
enable|disable)
|
||||
if is_wrapper "${1}" || is_check "${1}" || [ "${1}" = "all" ]; then
|
||||
check_name="${1}"
|
||||
else
|
||||
# We use the word "check" for the end user,
|
||||
# but this is actually "unknown wrapper"
|
||||
usage_error "Action ${action}: unknown check '${1}'."
|
||||
fi
|
||||
;;
|
||||
*)
|
||||
usage_error "Missing or invalid ACTION argument."
|
||||
;;
|
||||
esac
|
||||
shift;;
|
||||
esac
|
||||
done
|
||||
|
||||
|
||||
if [ "$#" -gt 0 ]; then
|
||||
usage_error "Too many arguments."
|
||||
fi
|
||||
|
||||
case "${action}" in
|
||||
disable|enable|show)
|
||||
if [ -z "${check_name}" ]; then
|
||||
usage_error "Action ${action}: missing CHECK_NAME argument."
|
||||
fi
|
||||
;;
|
||||
esac
|
||||
|
||||
if [ ! "${action}" = "disable" ]; then
|
||||
if [ "${default_duration}" = "False" ]; then
|
||||
usage_error "Action ${action}: there is no --during option."
|
||||
fi
|
||||
fi
|
||||
|
||||
case "${action}" in
|
||||
status)
|
||||
alerts_status "${check_name}"
|
||||
;;
|
||||
check)
|
||||
check "${check_name}"
|
||||
;;
|
||||
show)
|
||||
show_check_commands "${check_name}"
|
||||
;;
|
||||
enable)
|
||||
enable_alerts "${check_name}" "${message}"
|
||||
;;
|
||||
disable)
|
||||
disable_alerts "${check_name}" "${message}"
|
||||
;;
|
||||
esac
|
||||
|
|
@ -1,292 +0,0 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
# Location of disable files
|
||||
readonly var_dir="/var/lib/monitoringctl"
|
||||
|
||||
readonly log_file="/var/log/monitoringctl.log"
|
||||
|
||||
readonly nrpe_conf_path="/etc/nagios/nrpe.cfg"
|
||||
|
||||
debian_major_version="$(cut -d "." -f 1 < /etc/debian_version)"
|
||||
readonly debian_major_version
|
||||
|
||||
# If no time limit is provided in CLI or found in file, this value is used
|
||||
readonly default_disabled_time="1h"
|
||||
|
||||
_nrpe_conf_lines='' # populated at the end of the file
|
||||
|
||||
|
||||
function error() {
|
||||
# $1: error message
|
||||
>&2 echo -e "${1}"
|
||||
exit 1
|
||||
}
|
||||
|
||||
function usage_error() {
|
||||
# $1: error message
|
||||
>&2 echo "${1}"
|
||||
>&2 echo "Execute \"${PROGNAME} --help\" for information on usage."
|
||||
exit 1
|
||||
}
|
||||
|
||||
function log() {
|
||||
# $1: message
|
||||
echo "$(now_iso) - ${PROGNAME}: ${1}" >> "${log_file}"
|
||||
}
|
||||
|
||||
function show_version() {
|
||||
cat <<END
|
||||
${PROGNAME} version ${VERSION}.
|
||||
|
||||
Copyright 2018-2024 Evolix <info@evolix.fr>,
|
||||
Jérémy Lecour <jlecour@evolix.fr>
|
||||
and others.
|
||||
|
||||
${PROGNAME} comes with ABSOLUTELY NO WARRANTY.This is free software,
|
||||
and you are welcome to redistribute it under certain conditions.
|
||||
See the GNU General Public License v3.0 for details.
|
||||
END
|
||||
}
|
||||
|
||||
# Fail if argument does not respect format: XwXdXhXmXs, XhX, XmX
|
||||
function filter_duration() {
|
||||
# $1: duration in format specified above
|
||||
_time_regex="^([0-9]+d)?(([0-9]+h(([0-9]+m?)|([0-9]+m([0-9]+s?)?))?)|(([0-9]+m([0-9]+s?)?)?))?$"
|
||||
if [[ "${1}" =~ ${_time_regex} ]]; then
|
||||
return 0
|
||||
fi
|
||||
return 1
|
||||
}
|
||||
|
||||
# Convert human writable duration into seconds
|
||||
function time_to_seconds() {
|
||||
# $1: formated time string
|
||||
if echo "${1}" | grep -E -q '^([0-9]+[wdhms])+$'; then
|
||||
echo "${1}" | sed 's/w/ * 604800 + /g; s/d/ * 86400 + /g; s/h/ * 3600 + /g; s/m/ * 60 + /g; s/s/ + /g; s/+ $//' | xargs expr
|
||||
elif echo "${1}" | grep -E -q '^([0-9]+h[0-9]+$)'; then
|
||||
echo "${1}" | sed 's/h/ * 3600 + /g; s/$/ * 60/' | xargs expr
|
||||
elif echo "${1}" | grep -E -q '^([0-9]+m[0-9]+$)'; then
|
||||
echo "${1}" | sed 's/m/ * 60 + /g' | xargs expr
|
||||
else
|
||||
error "Invalid duration: '${1}'."
|
||||
fi
|
||||
}
|
||||
|
||||
# Print re-enable time in secs
|
||||
function get_enable_time() {
|
||||
# $1: wrapper name
|
||||
_disable_file_path="$(get_disable_file_path "${1}")"
|
||||
if [ ! -e "${_disable_file_path}" ]; then
|
||||
return
|
||||
fi
|
||||
|
||||
_enable_secs="$(grep -v -E "^\s*#" "${_disable_file_path}" | sed '/^$/d' | head -n1 | awk '/^[0-9]+$/ {print $1}')"
|
||||
# If file is empty, use file last change date plus default disabled time
|
||||
if [ -z "${_enable_secs}" ]; then
|
||||
_file_last_change_secs="$(stat -c %Z "${_disable_file_path}")"
|
||||
_default_disabled_time_secs="$(time_to_seconds "${default_disabled_time}")"
|
||||
_enable_secs="$(( _file_last_change_secs + _default_disabled_time_secs ))"
|
||||
fi
|
||||
echo "${_enable_secs}"
|
||||
}
|
||||
|
||||
# Print disable message
|
||||
function get_disable_message() {
|
||||
# $1: wrapper name
|
||||
_disable_file_path="$(get_disable_file_path "${1}")"
|
||||
if [ ! -e "${_disable_file_path}" ]; then
|
||||
return
|
||||
fi
|
||||
|
||||
_disable_msg="$(sed '/^$/d' "${_disable_file_path}" | tail -n+2 | tr '\n' ' ' | awk '{$1=$1;print}')"
|
||||
echo "${_disable_msg}"
|
||||
}
|
||||
|
||||
function now_secs() {
|
||||
date +"%s"
|
||||
}
|
||||
|
||||
function now_iso() {
|
||||
date --iso-8601=seconds
|
||||
}
|
||||
|
||||
# Print delay before re-enable in secs
|
||||
function enable_delay() {
|
||||
# $1: re-enable time in secs
|
||||
echo $(( ${1} - $(now_secs) ))
|
||||
}
|
||||
|
||||
# Converts delay (in seconds) into human readable duration
|
||||
function delay_to_string() {
|
||||
# $1: delay in secs
|
||||
_delay_days="$(( ${1} /86400 ))"
|
||||
if [ "${_delay_days}" -eq 0 ]; then _delay_days=""
|
||||
else _delay_days="${_delay_days}d"; fi
|
||||
|
||||
_delay_hours="$(( (${1} %86400) /3600 ))"
|
||||
if [ "${_delay_hours}" -eq 0 ]; then _delay_hours=""
|
||||
else _delay_hours="${_delay_hours}h"; fi
|
||||
|
||||
_delay_minutes="$(( ((${1} %86400) %3600) /60 ))"
|
||||
if [ "${_delay_minutes}" -eq 0 ]; then _delay_minutes=""
|
||||
else _delay_minutes="${_delay_minutes}m"; fi
|
||||
|
||||
_delay_seconds="$(( ((${1} %86400) %3600) %60 ))"
|
||||
if [ "${_delay_seconds}" -eq 0 ]; then _delay_seconds=""
|
||||
else _delay_seconds="${_delay_seconds}s"; fi
|
||||
|
||||
echo "${_delay_days}${_delay_hours}${_delay_minutes}${_delay_seconds}"
|
||||
}
|
||||
|
||||
function is_disabled_check() {
|
||||
# $1: check name
|
||||
_wrapper="$(get_check_wrapper_name "${1}")"
|
||||
is_disabled_wrapper "${_wrapper}"
|
||||
}
|
||||
|
||||
function is_disabled_wrapper() {
|
||||
# $1: wrapper name
|
||||
_wrapper="${1}"
|
||||
_disable_file_path="$(get_disable_file_path "${_wrapper}")"
|
||||
if [ -e "${_disable_file_path}" ]; then
|
||||
_enable_time="$(get_enable_time "${_wrapper}")"
|
||||
_enable_delay="$(enable_delay "${_enable_time}")"
|
||||
if [ "${_enable_delay}" -le "0" ]; then
|
||||
echo "False"
|
||||
else
|
||||
echo "True"
|
||||
fi
|
||||
else
|
||||
echo False
|
||||
fi
|
||||
}
|
||||
|
||||
function get_disable_file_path() {
|
||||
# $1: wrapper name
|
||||
echo "${var_dir}/${1}_alerts_disabled"
|
||||
}
|
||||
|
||||
|
||||
|
||||
### Nagios configuration functions ####################
|
||||
|
||||
# Print NRPE configuration, with includes, without comments
|
||||
# and in the same order than NRPE does (taking account that
|
||||
# order changes from Deb10)
|
||||
function get_nrpe_conf() {
|
||||
echo "${_nrpe_conf_lines}"
|
||||
}
|
||||
|
||||
# Private function to recursively get NRPE conf from file
|
||||
function _get_conf_from_file() {
|
||||
# $1: NRPE conf file (.cfg)
|
||||
if [ ! -f "${1}" ]; then return; fi
|
||||
|
||||
_conf_lines=$(grep -E -R -v --no-filename "^\s*(#.*|)$" "${1}")
|
||||
while read -r _line; do
|
||||
if [[ "${_line}" =~ .*'include='.* ]]; then
|
||||
_conf_file=$(echo "${_line}" | cut -d= -f2)
|
||||
_get_conf_from_file "${_conf_file}"
|
||||
elif [[ "${_line}" =~ .*'include_dir='.* ]]; then
|
||||
_conf_dir=$(echo "${_line}" | cut -d= -f2)
|
||||
_get_conf_from_dir "${_conf_dir}"
|
||||
else
|
||||
echo "${_line}"
|
||||
fi
|
||||
done <<< "${_conf_lines}"
|
||||
}
|
||||
|
||||
# Private function to recursively get NRPE conf from directory
|
||||
function _get_conf_from_dir() {
|
||||
# $1: NRPE conf dir
|
||||
if [ ! -d "${1}" ]; then return; fi
|
||||
|
||||
if [ "${debian_major_version}" -ge 10 ]; then
|
||||
# From Deb10, NRPE use scandir() with alphasort() function
|
||||
_sort_command="sort"
|
||||
else
|
||||
# Before Deb10, NRPE use loaddir(), like find utility
|
||||
_sort_command="cat -"
|
||||
fi
|
||||
|
||||
# Add conf files in dir to be processed recursively
|
||||
for _file in $(find "${1}" -maxdepth 1 -name "*.cfg" 2> /dev/null | ${_sort_command}); do
|
||||
if [ -f "${_file}" ]; then
|
||||
_get_conf_from_file "${_file}"
|
||||
elif [ -d "${_file}" ]; then
|
||||
_get_conf_from_dir "${_file}"
|
||||
fi
|
||||
done
|
||||
}
|
||||
|
||||
# Print the checks that are configured in NRPE
|
||||
function get_checks_names() {
|
||||
echo "${_nrpe_conf_lines}" | grep -E "command\[check_.*\]=" | awk -F"[\\\[\\\]=]" '{sub("check_", "", $2); print $2}' | sort | uniq
|
||||
}
|
||||
|
||||
# Print the commands defined for check $1 in NRPE configuration
|
||||
function get_check_commands() {
|
||||
# $1: check name
|
||||
echo "${_nrpe_conf_lines}" | grep -E "command\[check_${1}\]" | cut -d'=' -f2-
|
||||
}
|
||||
|
||||
# Print the checks that have no alerts_wrapper in NRPE configuration
|
||||
function not_wrapped_checks() {
|
||||
for _check in $(get_checks_names); do
|
||||
if ! is_wrapped "${_check}"; then
|
||||
echo "${_check}"
|
||||
fi
|
||||
done
|
||||
}
|
||||
|
||||
# Fail if check is not wrapped
|
||||
function is_wrapped() {
|
||||
# $1: check name
|
||||
_cmd=$(get_check_commands "${1}" | tail -n1)
|
||||
if echo "${_cmd}" | grep --quiet --no-messages alerts_wrapper; then
|
||||
return 0
|
||||
fi
|
||||
return 1
|
||||
}
|
||||
|
||||
# Print the names that are defined in the wrappers of the checks
|
||||
function get_wrappers_names() {
|
||||
echo "${_nrpe_conf_lines}" | grep -s "alerts_wrapper" | awk '{ for (i=1 ; i<=NF; i++) { if ($i ~ /^(-n|--name)$/) { print $(i+1); break } } }' | tr ',' '\n' | sort | uniq
|
||||
}
|
||||
|
||||
# Print the wrapper name of the check
|
||||
function get_check_wrapper_name() {
|
||||
# $1: check name
|
||||
_cmd=$(get_check_commands "${1}" | tail -n1)
|
||||
if echo "${_cmd}" | grep --quiet --no-messages alerts_wrapper; then
|
||||
echo "${_cmd}" | awk '/--name/ {match($0, /--name\s*([a-zA-Z0-9_\-]*)\s*/, m); print m[1]}'
|
||||
fi
|
||||
}
|
||||
|
||||
function is_check() {
|
||||
# $1: check name
|
||||
_checks="$(get_checks_names)"
|
||||
if echo "${_checks}" | grep --quiet -E "^${1}$"; then
|
||||
return 0
|
||||
fi
|
||||
return 1
|
||||
}
|
||||
|
||||
function is_wrapper() {
|
||||
# $1: wrapper name
|
||||
_wrappers="$(get_wrappers_names)"
|
||||
if echo "${_wrappers}" | grep --quiet -E "^${1}$"; then
|
||||
return 0
|
||||
fi
|
||||
return 1
|
||||
}
|
||||
|
||||
# Print the checks that name this wrapper
|
||||
function get_wrapper_checks() {
|
||||
# $1: wrapper name
|
||||
echo "${_nrpe_conf_lines}" | grep -E "command\[check_.*\]=" | grep -E "\-\-name\s*${1}" | awk -F"[\\\[\\\]=]" '{sub("check_", "", $2); print $2}' | sort | uniq | xargs
|
||||
}
|
||||
|
||||
|
||||
# Load NRPE configuration
|
||||
_nrpe_conf_lines="$(_get_conf_from_file "${nrpe_conf_path}")"
|
|
@ -1,88 +0,0 @@
|
|||
#!/usr/bin/bash
|
||||
#
|
||||
|
||||
function _get_wrappers_names() {
|
||||
grep "alerts_wrapper" --no-filename --no-messages -R /etc/nagios/ | grep --invert-match --extended-regexp "^\s*#" | awk '{ for (i=1 ; i<=NF; i++) { if ($i ~ /^(-n|--name)$/) { print $(i+1); break } } }' | tr ',' '\n' | sort | uniq
|
||||
}
|
||||
|
||||
function _get_checks_names() {
|
||||
grep --extended-regexp --no-filename --no-messages -R "command\[check_.*\]=" /etc/nagios/ | grep --invert-match --extended-regexp "^\s*#" | awk -F"[\\\[\\\]=]" '{sub("check_", "", $2); print $2}' | sort | uniq
|
||||
}
|
||||
|
||||
function _monitoringctl_completion() {
|
||||
local cur=${COMP_WORDS[COMP_CWORD]};
|
||||
local prev=${COMP_WORDS[COMP_CWORD-1]};
|
||||
|
||||
local action=""
|
||||
for w in "${COMP_WORDS[@]}"; do
|
||||
case "$w" in
|
||||
status|check|enable|disable|show)
|
||||
action="${w}"
|
||||
;;
|
||||
esac
|
||||
done
|
||||
|
||||
local words="--help"
|
||||
case "${action}" in
|
||||
check|show)
|
||||
checks="$(_get_checks_names)"
|
||||
check=""
|
||||
for w in "${COMP_WORDS[@]}"; do
|
||||
for c in ${checks}; do
|
||||
if [ "${c}" == "${w}" ]; then
|
||||
check="${w}"
|
||||
break
|
||||
fi
|
||||
done
|
||||
done
|
||||
if [ -z "${check}" ]; then
|
||||
words="${checks} ${words}"
|
||||
fi
|
||||
if [ "${action}" == "check" ]; then
|
||||
words="all --bypass-nrpe ${words}"
|
||||
fi
|
||||
;;
|
||||
status)
|
||||
if [ "${prev}" == "enable" ]; then
|
||||
words="all $(_get_checks_names)"
|
||||
fi
|
||||
;;
|
||||
enable)
|
||||
if [ "${prev}" == "enable" ]; then
|
||||
words="all $(_get_wrappers_names)"
|
||||
else
|
||||
words="--comment ${words}"
|
||||
fi
|
||||
;;
|
||||
disable)
|
||||
if [ "${prev}" == "disable" ]; then
|
||||
words="all $(_get_wrappers_names)"
|
||||
elif [ "${prev}" == "-d" ] || [ "${prev}" == "--during" ]; then
|
||||
words="1d 1d12h 1h 1h30m 1m 1m30s 30s"
|
||||
else
|
||||
words="--during --comment ${words}"
|
||||
fi
|
||||
;;
|
||||
*)
|
||||
words="status check enable disable show ${words}"
|
||||
;;
|
||||
esac
|
||||
|
||||
# Avoid double
|
||||
opts=();
|
||||
for i in ${words}; do
|
||||
for j in "${COMP_WORDS[@]}"; do
|
||||
if [[ "$i" == "$j" ]]; then
|
||||
continue 2
|
||||
fi
|
||||
done
|
||||
opts+=("$i")
|
||||
done
|
||||
|
||||
COMPREPLY=($(compgen -W "${opts[*]}" -- "${cur}"))
|
||||
return 0
|
||||
|
||||
}
|
||||
|
||||
complete -F _monitoringctl_completion monitoringctl
|
||||
|
|
@ -93,5 +93,4 @@
|
|||
|
||||
- ansible.builtin.include_tasks: wrapper.yml
|
||||
|
||||
- ansible.builtin.include_tasks: monitoringctl.yml
|
||||
|
||||
- ansible.builtin.include_tasks: check-local.yml
|
||||
|
|
|
@ -1,44 +0,0 @@
|
|||
---
|
||||
|
||||
- name: "Remount /usr if needed"
|
||||
ansible.builtin.include_role:
|
||||
name: remount-usr
|
||||
|
||||
- name: "dir /usr/local/lib/monitoringctl/ exists"
|
||||
ansible.builtin.file:
|
||||
path: /usr/local/lib/monitoringctl/
|
||||
state: directory
|
||||
mode: '0755'
|
||||
|
||||
- name: "monitoringctl is not in /usr/local/sbin/"
|
||||
ansible.builtin.file:
|
||||
path: /usr/local/sbin/monitoringctl
|
||||
state: absent
|
||||
|
||||
- name: "copy monitoringctl"
|
||||
ansible.builtin.copy:
|
||||
src: monitoringctl
|
||||
dest: /usr/local/bin/monitoringctl
|
||||
owner: root
|
||||
group: root
|
||||
mode: "0750"
|
||||
force: true
|
||||
|
||||
- name: "copy monitoringctl_common lib"
|
||||
ansible.builtin.copy:
|
||||
src: monitoringctl_common
|
||||
dest: /usr/local/lib/monitoringctl/common
|
||||
owner: root
|
||||
group: root
|
||||
mode: "0644"
|
||||
force: true
|
||||
|
||||
- name: "copy monitoringctl_completion script"
|
||||
ansible.builtin.copy:
|
||||
src: monitoringctl_completion
|
||||
dest: /etc/bash_completion.d/monitoringctl
|
||||
owner: root
|
||||
group: root
|
||||
mode: "0644"
|
||||
force: true
|
||||
|
|
@ -1,21 +1,16 @@
|
|||
---
|
||||
|
||||
|
||||
- name: "Remount /usr if needed"
|
||||
ansible.builtin.include_role:
|
||||
name: remount-usr
|
||||
|
||||
- name: "dir /usr/local/lib/monitoringctl/ exists"
|
||||
ansible.builtin.file:
|
||||
path: /usr/local/lib/monitoringctl/
|
||||
state: directory
|
||||
mode: '0755'
|
||||
|
||||
- name: "check if old alerts_switch script is present"
|
||||
- name: check if old script is present
|
||||
ansible.builtin.stat:
|
||||
path: /usr/share/scripts/alerts_switch
|
||||
register: old_alerts_switch
|
||||
|
||||
- name: "alerts_switch is at the right place"
|
||||
- name: alerts_switch is at the right place
|
||||
ansible.builtin.command:
|
||||
cmd: "mv /usr/share/scripts/alerts_switch /usr/local/bin/alerts_switch"
|
||||
args:
|
||||
|
@ -31,56 +26,18 @@
|
|||
mode: "0750"
|
||||
force: true
|
||||
|
||||
- name: "alerts_switch symlink for backward compatibility"
|
||||
- name: "symlink for backward compatibility"
|
||||
ansible.builtin.file:
|
||||
src: /usr/local/bin/alerts_switch
|
||||
path: /usr/share/scripts/alerts_switch
|
||||
dest: /usr/share/scripts/alerts_switch
|
||||
state: link
|
||||
when: old_alerts_switch.stat.exists
|
||||
|
||||
- name: "Nagios user can run alerts_switch with sudo (used by alerts_wrapper)"
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/sudoers.d/evolinux
|
||||
regexp: "nagios.*alerts_switch"
|
||||
line: "nagios ALL = NOPASSWD:/usr/local/bin/alerts_switch *"
|
||||
owner: root
|
||||
group: root
|
||||
mode: "640"
|
||||
validate: "visudo -c -f %s"
|
||||
|
||||
- name: "check if old alerts_wrapper script is present"
|
||||
ansible.builtin.stat:
|
||||
path: "{{ nagios_plugins_directory }}/alerts_wrapper"
|
||||
register: old_alerts_wrapper
|
||||
|
||||
- name: "alerts_wrapper is at the right place"
|
||||
ansible.builtin.command:
|
||||
cmd: "mv {{ nagios_plugins_directory }}/alerts_wrapper /usr/local/lib/monitoringctl/alerts_wrapper"
|
||||
creates: /usr/local/lib/monitoringctl/alerts_wrapper
|
||||
when: old_alerts_wrapper.stat.exists
|
||||
|
||||
- name: "copy alerts_wrapper"
|
||||
ansible.builtin.copy:
|
||||
src: alerts_wrapper
|
||||
dest: "/usr/local/lib/monitoringctl/alerts_wrapper"
|
||||
dest: "{{ nagios_plugins_directory }}/alerts_wrapper"
|
||||
owner: root
|
||||
group: staff
|
||||
mode: "0755"
|
||||
force: true
|
||||
|
||||
- name: "alerts_wrapper symlink for backward compatibility"
|
||||
ansible.builtin.file:
|
||||
src: /usr/local/lib/monitoringctl/alerts_wrapper
|
||||
path: "{{ nagios_plugins_directory }}/alerts_wrapper"
|
||||
state: link
|
||||
when: old_alerts_wrapper.stat.exists
|
||||
|
||||
- name: "copy monitoringctl_common lib"
|
||||
ansible.builtin.copy:
|
||||
src: monitoringctl_common
|
||||
dest: /usr/local/lib/monitoringctl/common
|
||||
owner: root
|
||||
group: root
|
||||
mode: "0644"
|
||||
force: true
|
||||
|
||||
force: true
|
Loading…
Reference in a new issue