Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
nagios: fixes, fewer service definitions, encrypted credentials
fcgiwrap: add recipe
  • Loading branch information
jsierles committed Aug 22, 2011
1 parent 50e6460 commit 56211c0
Show file tree
Hide file tree
Showing 11 changed files with 56 additions and 66 deletions.
5 changes: 5 additions & 0 deletions fcgiwrap/attributes/fcgiwrap.rb
@@ -0,0 +1,5 @@
default.fcgiwrap[:user] = "www-data"
default.fcgiwrap[:group] = "www-data"
default.fcgiwrap[:pid_file] = "/var/run/fastcgi-c.pid"
default.fcgiwrap[:port] = "47000"
default.fcgiwrap[:version] = "fcgiwrap_1.0.3-1ppa1_amd64"
Binary file added fcgiwrap/files/default/fcgiwrap.tar.gz
Binary file not shown.
5 changes: 5 additions & 0 deletions fcgiwrap/metadata.rb
@@ -0,0 +1,5 @@
maintainer "fcgiwrap"
maintainer_email "joshua@diluvia.net"
description "Configures fcgiwrap"
version "0.2"
depends "bluepill"
15 changes: 15 additions & 0 deletions fcgiwrap/recipes/default.rb
@@ -0,0 +1,15 @@
require_recipe "bluepill"

remote_file "/tmp/#{node.fcgiwrap[:version]}.deb" do
source "#{node[:package_url]}/#{node.fcgiwrap[:version]}.deb"
not_if { File.exists?("/tmp/#{node.fcgiwrap[:version]}.deb") }
end

dpkg_package "fcgiwrap" do
source "/tmp/#{node.fcgiwrap[:version]}.deb"
only_if { File.exists?("/tmp/#{node.fcgiwrap[:version]}.deb") }
end

service "fcgiwrap" do
action [:enable, :start]
end
8 changes: 8 additions & 0 deletions fcgiwrap/templates/default/bluepill.conf.erb
@@ -0,0 +1,8 @@
Bluepill.application("fcgiwrap") do |app|
app.process("fcgiwrap") do |process|
process.start_command = "/usr/bin/spawn-fcgi -f /usr/local/sbin/fcgiwrap -a 127.0.0.1 -p <%= @port %> -P <%= @pid_file %> -u <%= @user %> -g <%= @group %>"
process.pid_file = "<%= @pid_file %>"
process.stdout = process.stderr = "/var/log/fcgiwrap.log"
process.daemonize = true
end
end
36 changes: 19 additions & 17 deletions nagios/recipes/server.rb
@@ -1,6 +1,5 @@
require_recipe "nginx"
require_recipe "fcgiwrap"
require_recipe "runit"
require_recipe "ssl_certificates"

include_recipe "users"
Expand All @@ -15,6 +14,7 @@
gem_package "xml-simple"
gem_package "choice"

gem_package "addressable"
gem_package "tinder"
gem_package "twilio"
gem_package "xmpp4r-simple"
Expand All @@ -28,15 +28,15 @@
shell "/bin/bash"
end

execute "copy distribution init.d script" do
command "mv /etc/init.d/nagios3 /etc/init.d/nagios3.dist"
creates "/etc/init.d/nagios3.dist"
service "nagios3" do
supports [:reload, :restart]
end

directory "/u/nagios/.ssh" do
mode 0700
owner "nagios"
group "nagios"
recursive true
end

htpasswd_file "/etc/nagios3/htpasswd.users" do
Expand Down Expand Up @@ -64,17 +64,15 @@
to "/usr/bin/mailx"
end

runit_service "nagios3"

notifiers = search(:credentials, "id:notifiers").first
sysadmin = search(:credentials, "id:sysadmin").first
pager_duty_credentials = search(:credentials, "id:pager_duty").first
sysadmin = Chef::EncryptedDataBagItem.load(:credentials, "sysadmin")
pagerduty = Chef::EncryptedDataBagItem.load(:credentials, "pagerduty")
campfire = Chef::EncryptedDataBagItem.load(:credentials, "campfire")

sysadmin_users = search(:users, "groups:admin")

nagios_conf "nagios" do
config_subdir false
variables({:sysadmin => sysadmin})
variables :sysadmin => sysadmin
end

directory "#{node[:nagios][:root]}/dist" do
Expand All @@ -88,7 +86,6 @@
owner "nagios"
group "nagios"
mode 0755

end
end

Expand All @@ -115,6 +112,8 @@
{}
end

# TODO: find a better way to enumerate these without depending on their existence

# device_types = [ "apc_pdu", "fortigate_firewall", "cisco_switch", "isilon_storage", "rac", "osx_server", "cisco_router"]
# devices = search(:devices, "*:*")
# cisco_switches = search(:devices, "type:cisco_switch")
Expand All @@ -125,12 +124,13 @@
# snmp = search(:credentials, "id:snmp").first
# other_hosts = search(:nagios_hosts, "*:*")
# no_ping_devices = search(:devices, "disable_ping:true")
# proxy_servers = search(:node, "roles:proxy")
# free_disk_disable_servers = search(:node, "nagios_free_disk_enable:false")
# free_memory_disable_servers = search(:node, "nagios_free_memory_enable:false")
# load_disable_servers = search(:node, "nagios_load_enable:false")
# mysql_servers = search(:node, 'roles:shr-db')
# apps = search(:apps, 'monitoring_enable:true')

proxy_servers = search(:node, "roles:proxy")
apps = search(:apps, 'monitoring_enable:true')

nagios_conf "hostgroups" do
variables({:roles => role_list, :device_types => device_types})
Expand Down Expand Up @@ -158,7 +158,6 @@

nagios_conf "commands" do
variables :campfire => campfire

end

nagios_conf "timeperiods"
Expand All @@ -168,7 +167,7 @@
end

nagios_conf "pagerduty_nagios" do
variables(:credentials => pager_duty_credentials)
variables(:pagerduty => pagerduty)
end

proxy_instances = []
Expand Down Expand Up @@ -204,7 +203,6 @@
:fortigate_firewalls => fortigate_firewalls,
:apc_pdus => apc_pdus,
:isilon_storage_clusters => isilon_storage_clusters,
:community => snmp['community'],
:devices => devices,
:nodes => nodes,
:other_hosts => other_hosts,
Expand All @@ -225,7 +223,7 @@
end

# install the wildcard cert for this domain
ssl_certificate "*.#{node[:domain]}"
#ssl_certificate "*.#{node[:domain]}"

link "/usr/share/nagios3/htdocs/stylesheets" do
to "/etc/nagios3/stylesheets"
Expand All @@ -234,3 +232,7 @@
nginx_site "nagios" do
config_path "/etc/nagios3/nginx.conf"
end

service "nagios3" do
action [:enable, :start]
end
4 changes: 2 additions & 2 deletions nagios/templates/default/commands.cfg.erb
Expand Up @@ -325,7 +325,7 @@ define command{

define command{
command_name check_smtp_relay
command_line $USER1$/check_smtp -H $HOSTADDRESS$ -e ESMTP -C "MAIL FROM: nagios@37signals.com" -R "250" -C "RCPT TO: system@highrisehq.com" -R "250"
command_line $USER1$/check_smtp -H $HOSTADDRESS$ -e ESMTP -C "MAIL FROM: nagios@slash7.com" -R "250" -C "RCPT TO: system@highrisehq.com" -R "250"
}

define command{
Expand Down Expand Up @@ -546,7 +546,7 @@ define command{
command_name service-notify-by-sms-email
command_line /usr/bin/printf "%b" "$SERVICEDESC$ $SERVICESTATE$ $HOSTNAME$ $NOTIFICATIONTYPE$ $SERVICEOUTPUT$ : $NOTIFICATIONCOMMENT$" | /bin/mail -s "" $CONTACTPAGER$
}
g

define command {
command_name service-notify-by-jabber
command_line <%= @node[:nagios][:notifiers_dir] %>/jabber -j $CONTACTADDRESS1$ -m "$SERVICEDESC$ $SERVICESTATE$ $HOSTALIAS$ $NOTIFICATIONTYPE$ $SERVICEOUTPUT$ : $NOTIFICATIONCOMMENT$"
Expand Down
3 changes: 0 additions & 3 deletions nagios/templates/default/nagios.cfg.erb
@@ -1,8 +1,5 @@
log_file=/var/log/nagios3/nagios.log

admin_email=<%= @sysadmin[:email] %>
admin_pager=<%= @sysadmin[:sms_email] %>

cfg_dir=/etc/nagios3/conf.d

object_cache_file=/var/cache/nagios3/objects.cache
Expand Down
4 changes: 2 additions & 2 deletions nagios/templates/default/pagerduty_nagios.cfg.erb
Expand Up @@ -6,8 +6,8 @@ define contact {
host_notification_options d,r
service_notification_commands notify-service-by-pagerduty
host_notification_commands notify-host-by-pagerduty
address1 <%= @credentials[:subdomain] %>
address2 <%= @credentials[:service_key] %>
address1 <%= @pagerduty[:subdomain] %>
address2 <%= @pagerduty[:service_key] %>
contactgroups sysadmin-pagerduty
}

Expand Down
7 changes: 0 additions & 7 deletions nagios/templates/default/sec_services.cfg.erb
Expand Up @@ -32,10 +32,3 @@ define service{
service_description Dell Hardware Status
check_command check_nrpe!check_openmanage
}

define service {
use default-service
host_name noc-01
service_description Nagios HTTPS
check_command check_https_content!nagios.sc-chi-int.37signals.com!'/cgi-bin/nagios3/status.cgi?hostgroup=all&style=hostdetail'!Updated
}
35 changes: 0 additions & 35 deletions nagios/templates/default/services.cfg.erb
Expand Up @@ -31,41 +31,6 @@ define service{
check_command check_mem
}

define service {
use default-service
hostgroup_name dell, dell-perc-h700
service_description Dell Hardware Status
check_command check_nrpe!check_openmanage
}


# Fortigate Checks

<% @fortigate_firewalls.each do |firewall| %>
define service{
use default-service
host_name <%= firewall['fqdn'] %>
service_description Fortigate Firewall CPU
check_command check_fortigate_cpu!<%= @community %>!70!85
}

define service{
use default-service
host_name <%= firewall['fqdn'] %>
service_description Fortigate Firewall Memory
check_command check_fortigate_memory!<%= @community %>!70!85
}
<% firewall['active_ports'].each do |port| %>

define service {
use default-service
host_name <%= firewall['fqdn'] %>
service_description Fortigate Firewall Port <%= port %> Status
check_command check_fortigate_port!<%= @community %>!<%= port %>
}
<% end %>
<% end %>

# Cisco Checks

<% @cisco_switches.each do |switch| %>
Expand Down

0 comments on commit 56211c0

Please sign in to comment.