Permalink
Browse files

nagios: fixes, fewer service definitions, encrypted credentials

fcgiwrap: add recipe
  • Loading branch information...
1 parent 50e6460 commit 56211c058871ed4f3b193a6e765cd687ec6b01c0 @jsierles committed Aug 22, 2011
View
5 fcgiwrap/attributes/fcgiwrap.rb
@@ -0,0 +1,5 @@
+default.fcgiwrap[:user] = "www-data"
+default.fcgiwrap[:group] = "www-data"
+default.fcgiwrap[:pid_file] = "/var/run/fastcgi-c.pid"
+default.fcgiwrap[:port] = "47000"
+default.fcgiwrap[:version] = "fcgiwrap_1.0.3-1ppa1_amd64"
View
BIN fcgiwrap/files/default/fcgiwrap.tar.gz
Binary file not shown.
View
5 fcgiwrap/metadata.rb
@@ -0,0 +1,5 @@
+maintainer "fcgiwrap"
+maintainer_email "joshua@diluvia.net"
+description "Configures fcgiwrap"
+version "0.2"
+depends "bluepill"
View
15 fcgiwrap/recipes/default.rb
@@ -0,0 +1,15 @@
+require_recipe "bluepill"
+
+remote_file "/tmp/#{node.fcgiwrap[:version]}.deb" do
+ source "#{node[:package_url]}/#{node.fcgiwrap[:version]}.deb"
+ not_if { File.exists?("/tmp/#{node.fcgiwrap[:version]}.deb") }
+end
+
+dpkg_package "fcgiwrap" do
+ source "/tmp/#{node.fcgiwrap[:version]}.deb"
+ only_if { File.exists?("/tmp/#{node.fcgiwrap[:version]}.deb") }
+end
+
+service "fcgiwrap" do
+ action [:enable, :start]
+end
View
8 fcgiwrap/templates/default/bluepill.conf.erb
@@ -0,0 +1,8 @@
+Bluepill.application("fcgiwrap") do |app|
+ app.process("fcgiwrap") do |process|
+ process.start_command = "/usr/bin/spawn-fcgi -f /usr/local/sbin/fcgiwrap -a 127.0.0.1 -p <%= @port %> -P <%= @pid_file %> -u <%= @user %> -g <%= @group %>"
+ process.pid_file = "<%= @pid_file %>"
+ process.stdout = process.stderr = "/var/log/fcgiwrap.log"
+ process.daemonize = true
+ end
+end
View
36 nagios/recipes/server.rb
@@ -1,6 +1,5 @@
require_recipe "nginx"
require_recipe "fcgiwrap"
-require_recipe "runit"
require_recipe "ssl_certificates"
include_recipe "users"
@@ -15,6 +14,7 @@
gem_package "xml-simple"
gem_package "choice"
+gem_package "addressable"
gem_package "tinder"
gem_package "twilio"
gem_package "xmpp4r-simple"
@@ -28,15 +28,15 @@
shell "/bin/bash"
end
-execute "copy distribution init.d script" do
- command "mv /etc/init.d/nagios3 /etc/init.d/nagios3.dist"
- creates "/etc/init.d/nagios3.dist"
+service "nagios3" do
+ supports [:reload, :restart]
end
directory "/u/nagios/.ssh" do
mode 0700
owner "nagios"
group "nagios"
+ recursive true
end
htpasswd_file "/etc/nagios3/htpasswd.users" do
@@ -64,17 +64,15 @@
to "/usr/bin/mailx"
end
-runit_service "nagios3"
-
-notifiers = search(:credentials, "id:notifiers").first
-sysadmin = search(:credentials, "id:sysadmin").first
-pager_duty_credentials = search(:credentials, "id:pager_duty").first
+sysadmin = Chef::EncryptedDataBagItem.load(:credentials, "sysadmin")
+pagerduty = Chef::EncryptedDataBagItem.load(:credentials, "pagerduty")
+campfire = Chef::EncryptedDataBagItem.load(:credentials, "campfire")
sysadmin_users = search(:users, "groups:admin")
nagios_conf "nagios" do
config_subdir false
- variables({:sysadmin => sysadmin})
+ variables :sysadmin => sysadmin
end
directory "#{node[:nagios][:root]}/dist" do
@@ -88,7 +86,6 @@
owner "nagios"
group "nagios"
mode 0755
-
end
end
@@ -115,6 +112,8 @@
{}
end
+# TODO: find a better way to enumerate these without depending on their existence
+
# device_types = [ "apc_pdu", "fortigate_firewall", "cisco_switch", "isilon_storage", "rac", "osx_server", "cisco_router"]
# devices = search(:devices, "*:*")
# cisco_switches = search(:devices, "type:cisco_switch")
@@ -125,12 +124,13 @@
# snmp = search(:credentials, "id:snmp").first
# other_hosts = search(:nagios_hosts, "*:*")
# no_ping_devices = search(:devices, "disable_ping:true")
-# proxy_servers = search(:node, "roles:proxy")
# free_disk_disable_servers = search(:node, "nagios_free_disk_enable:false")
# free_memory_disable_servers = search(:node, "nagios_free_memory_enable:false")
# load_disable_servers = search(:node, "nagios_load_enable:false")
# mysql_servers = search(:node, 'roles:shr-db')
-# apps = search(:apps, 'monitoring_enable:true')
+
+proxy_servers = search(:node, "roles:proxy")
+apps = search(:apps, 'monitoring_enable:true')
nagios_conf "hostgroups" do
variables({:roles => role_list, :device_types => device_types})
@@ -158,7 +158,6 @@
nagios_conf "commands" do
variables :campfire => campfire
-
end
nagios_conf "timeperiods"
@@ -168,7 +167,7 @@
end
nagios_conf "pagerduty_nagios" do
- variables(:credentials => pager_duty_credentials)
+ variables(:pagerduty => pagerduty)
end
proxy_instances = []
@@ -204,7 +203,6 @@
:fortigate_firewalls => fortigate_firewalls,
:apc_pdus => apc_pdus,
:isilon_storage_clusters => isilon_storage_clusters,
- :community => snmp['community'],
:devices => devices,
:nodes => nodes,
:other_hosts => other_hosts,
@@ -225,7 +223,7 @@
end
# install the wildcard cert for this domain
-ssl_certificate "*.#{node[:domain]}"
+#ssl_certificate "*.#{node[:domain]}"
link "/usr/share/nagios3/htdocs/stylesheets" do
to "/etc/nagios3/stylesheets"
@@ -234,3 +232,7 @@
nginx_site "nagios" do
config_path "/etc/nagios3/nginx.conf"
end
+
+service "nagios3" do
+ action [:enable, :start]
+end
View
4 nagios/templates/default/commands.cfg.erb
@@ -325,7 +325,7 @@ define command{
define command{
command_name check_smtp_relay
- command_line $USER1$/check_smtp -H $HOSTADDRESS$ -e ESMTP -C "MAIL FROM: nagios@37signals.com" -R "250" -C "RCPT TO: system@highrisehq.com" -R "250"
+ command_line $USER1$/check_smtp -H $HOSTADDRESS$ -e ESMTP -C "MAIL FROM: nagios@slash7.com" -R "250" -C "RCPT TO: system@highrisehq.com" -R "250"
}
define command{
@@ -546,7 +546,7 @@ define command{
command_name service-notify-by-sms-email
command_line /usr/bin/printf "%b" "$SERVICEDESC$ $SERVICESTATE$ $HOSTNAME$ $NOTIFICATIONTYPE$ $SERVICEOUTPUT$ : $NOTIFICATIONCOMMENT$" | /bin/mail -s "" $CONTACTPAGER$
}
-g
+
define command {
command_name service-notify-by-jabber
command_line <%= @node[:nagios][:notifiers_dir] %>/jabber -j $CONTACTADDRESS1$ -m "$SERVICEDESC$ $SERVICESTATE$ $HOSTALIAS$ $NOTIFICATIONTYPE$ $SERVICEOUTPUT$ : $NOTIFICATIONCOMMENT$"
View
3 nagios/templates/default/nagios.cfg.erb
@@ -1,8 +1,5 @@
log_file=/var/log/nagios3/nagios.log
-admin_email=<%= @sysadmin[:email] %>
-admin_pager=<%= @sysadmin[:sms_email] %>
-
cfg_dir=/etc/nagios3/conf.d
object_cache_file=/var/cache/nagios3/objects.cache
View
4 nagios/templates/default/pagerduty_nagios.cfg.erb
@@ -6,8 +6,8 @@ define contact {
host_notification_options d,r
service_notification_commands notify-service-by-pagerduty
host_notification_commands notify-host-by-pagerduty
- address1 <%= @credentials[:subdomain] %>
- address2 <%= @credentials[:service_key] %>
+ address1 <%= @pagerduty[:subdomain] %>
+ address2 <%= @pagerduty[:service_key] %>
contactgroups sysadmin-pagerduty
}
View
7 nagios/templates/default/sec_services.cfg.erb
@@ -32,10 +32,3 @@ define service{
service_description Dell Hardware Status
check_command check_nrpe!check_openmanage
}
-
-define service {
- use default-service
- host_name noc-01
- service_description Nagios HTTPS
- check_command check_https_content!nagios.sc-chi-int.37signals.com!'/cgi-bin/nagios3/status.cgi?hostgroup=all&style=hostdetail'!Updated
-}
View
35 nagios/templates/default/services.cfg.erb
@@ -31,41 +31,6 @@ define service{
check_command check_mem
}
-define service {
- use default-service
- hostgroup_name dell, dell-perc-h700
- service_description Dell Hardware Status
- check_command check_nrpe!check_openmanage
-}
-
-
-# Fortigate Checks
-
-<% @fortigate_firewalls.each do |firewall| %>
- define service{
- use default-service
- host_name <%= firewall['fqdn'] %>
- service_description Fortigate Firewall CPU
- check_command check_fortigate_cpu!<%= @community %>!70!85
- }
-
- define service{
- use default-service
- host_name <%= firewall['fqdn'] %>
- service_description Fortigate Firewall Memory
- check_command check_fortigate_memory!<%= @community %>!70!85
- }
- <% firewall['active_ports'].each do |port| %>
-
- define service {
- use default-service
- host_name <%= firewall['fqdn'] %>
- service_description Fortigate Firewall Port <%= port %> Status
- check_command check_fortigate_port!<%= @community %>!<%= port %>
- }
- <% end %>
-<% end %>
-
# Cisco Checks
<% @cisco_switches.each do |switch| %>

0 comments on commit 56211c0

Please sign in to comment.