class nagios::client inherits nagios {
+ package { 'dsa-nagios-nrpe-config':
+ ensure => purged
+ }
+ package { 'dsa-nagios-checks':
+ ensure => installed,
+ tag => extra_repo,
+ }
- package { 'dsa-nagios-nrpe-config':
- ensure => purged
- }
- package { 'dsa-nagios-checks':
- ensure => installed,
- tag => extra_repo,
- }
+ service { 'nagios-nrpe-server':
+ ensure => running,
+ hasstatus => false,
+ pattern => 'nrpe',
+ }
- service { 'nagios-nrpe-server':
- ensure => running,
- hasstatus => false,
- pattern => 'nrpe',
- }
+ ferm::rule { 'dsa-nagios-v4':
+ description => 'Allow nrpe from nagios master',
+ rule => 'proto tcp mod state state (NEW) dport (5666) @subchain \'nagios\' { saddr ($HOST_NAGIOS_V4) ACCEPT; }',
+ notarule => true,
+ }
+ ferm::rule { 'dsa-nagios-v6':
+ description => 'Allow nrpe from nagios master',
+ domain => 'ip6',
+ rule => 'proto tcp mod state state (NEW) dport (5666) @subchain \'nagios\' { saddr ($HOST_NAGIOS_V6) ACCEPT; }',
+ notarule => true,
+ }
- ferm::rule { 'dsa-nagios-v4':
- description => 'Allow nrpe from nagios master',
- rule => 'proto tcp mod state state (NEW) dport (5666) @subchain \'nagios\' { saddr ($HOST_NAGIOS_V4) ACCEPT; }',
- notarule => true,
- }
- ferm::rule { 'dsa-nagios-v6':
- description => 'Allow nrpe from nagios master',
- domain => 'ip6',
- rule => 'proto tcp mod state state (NEW) dport (5666) @subchain \'nagios\' { saddr ($HOST_NAGIOS_V6) ACCEPT; }',
- notarule => true,
- }
+ file { '/etc/default/nagios-nrpe-server':
+ source => 'puppet:///modules/nagios/common/default',
+ require => Package['nagios-nrpe-server'],
+ notify => Service['nagios-nrpe-server'],
+ }
+ file { '/etc/default/nagios-nrpe':
+ ensure => absent,
+ notify => Service['nagios-nrpe-server'],
+ }
+ file { '/etc/nagios/':
+ ensure => directory,
+ recurse => remote,
+ source => 'puppet:///files/empty/',
+ require => Package['nagios-nrpe-server'],
+ notify => Service['nagios-nrpe-server'],
+ }
+ file { '/etc/nagios/nrpe.cfg':
+ content => template('nagios/nrpe.cfg.erb'),
+ notify => Service['nagios-nrpe-server'],
+ }
+ file { '/etc/nagios/nrpe.d':
+ ensure => directory,
+ recurse => remote,
+ source => 'puppet:///files/empty/',
+ notify => Service['nagios-nrpe-server'],
+ }
+ file { '/etc/nagios/nrpe.d/debianorg.cfg':
+ content => template('nagios/inc-debian.org.erb'),
+ notify => Service['nagios-nrpe-server'],
+ }
+ file { '/etc/nagios/nrpe.d/nrpe_dsa.cfg':
+ source => 'puppet:///modules/nagios/dsa-nagios/generated/nrpe_dsa.cfg',
+ notify => Service['nagios-nrpe-server'],
+ }
+ file { '/etc/nagios/obsolete-packages-ignore':
+ source => 'puppet:///modules/nagios/common/obsolete-packages-ignore',
+ require => Package['dsa-nagios-checks'],
+ }
+ file { '/etc/nagios/check-libs.conf':
+ source => 'puppet:///modules/nagios/common/check-libs.conf',
+ require => Package['dsa-nagios-checks'],
+ }
+ file { '/etc/nagios/obsolete-packages-ignore.d/hostspecific':
+ content => template('nagios/obsolete-packages-ignore.d-hostspecific.erb'),
+ require => Package['dsa-nagios-checks'],
+ }
+ file { '/usr/local/sbin/dsa-check-libs':
+ ensure => absent,
+ }
- file { '/etc/default/nagios-nrpe-server':
- source => 'puppet:///modules/nagios/common/default',
- require => Package['nagios-nrpe-server'],
- notify => Service['nagios-nrpe-server'],
- }
- file { '/etc/default/nagios-nrpe':
- ensure => absent,
- notify => Service['nagios-nrpe-server'],
- }
- file { '/etc/nagios/':
- ensure => directory,
- recurse => remote,
- source => 'puppet:///files/empty/',
- require => Package['nagios-nrpe-server'],
- notify => Service['nagios-nrpe-server'],
- }
- file { '/etc/nagios/nrpe.cfg':
- content => template('nagios/nrpe.cfg.erb'),
- notify => Service['nagios-nrpe-server'],
- }
- file { '/etc/nagios/nrpe.d':
- ensure => directory,
- recurse => remote,
- source => 'puppet:///files/empty/',
- notify => Service['nagios-nrpe-server'],
- }
- file { '/etc/nagios/nrpe.d/debianorg.cfg':
- content => template('nagios/inc-debian.org.erb'),
- notify => Service['nagios-nrpe-server'],
- }
- file { '/etc/nagios/nrpe.d/nrpe_dsa.cfg':
- source => 'puppet:///modules/nagios/dsa-nagios/generated/nrpe_dsa.cfg',
- notify => Service['nagios-nrpe-server'],
- }
- file { '/etc/nagios/obsolete-packages-ignore':
- source => 'puppet:///modules/nagios/common/obsolete-packages-ignore',
- require => Package['dsa-nagios-checks'],
- }
- file { '/etc/nagios/check-libs.conf':
- source => 'puppet:///modules/nagios/common/check-libs.conf',
- require => Package['dsa-nagios-checks'],
- }
- file { '/etc/nagios/obsolete-packages-ignore.d/hostspecific':
- content => template('nagios/obsolete-packages-ignore.d-hostspecific.erb'),
- require => Package['dsa-nagios-checks'],
- }
- file { '/usr/local/sbin/dsa-check-libs':
- ensure => absent,
- }
-
- file { '/etc/cron.d/puppet-nagios-wraps': ensure => absent, }
- concat::fragment { 'puppet-crontab--nagios--dsa-check-puppet-agent':
- target => '/etc/cron.d/puppet-crontab',
- order => '010',
- content => @(EOF)
- 47 * * * * root dsa-wrap-nagios-check -s puppet-agent dsa-check-puppet_agent -d0 -c 28800 -w 18000
- | EOF
- }
+ file { '/etc/cron.d/puppet-nagios-wraps': ensure => absent, }
+ concat::fragment { 'puppet-crontab--nagios--dsa-check-puppet-agent':
+ target => '/etc/cron.d/puppet-crontab',
+ order => '010',
+ content => @(EOF)
+ 47 * * * * root dsa-wrap-nagios-check -s puppet-agent dsa-check-puppet_agent -d0 -c 28800 -w 18000
+ | EOF
+ }
}
class nagios::server {
- include apache2
- include apache2::ssl
- include apache2::authn_anon
+ include apache2
+ include apache2::ssl
+ include apache2::authn_anon
- ssl::service { 'nagios.debian.org':
- notify => Exec['service apache2 reload'],
- key => true,
- }
- apache2::site { "10-nagios.debian.org":
- site => "nagios.debian.org",
- content => template('nagios/nagios.debian.org.conf.erb'),
- }
+ ssl::service { 'nagios.debian.org':
+ notify => Exec['service apache2 reload'],
+ key => true,
+ }
+ apache2::site { '10-nagios.debian.org':
+ site => 'nagios.debian.org',
+ content => template('nagios/nagios.debian.org.conf.erb'),
+ }
- ensure_packages( [
- 'icinga',
- 'make',
- 'monitoring-plugins',
- 'nagios-nrpe-plugin',
- ], { ensure => 'installed' })
+ ensure_packages( [
+ 'icinga',
+ 'make',
+ 'monitoring-plugins',
+ 'nagios-nrpe-plugin',
+ ], { ensure => 'installed' })
- service { 'icinga':
- ensure => running,
- require => Package['icinga'],
- }
+ service { 'icinga':
+ ensure => running,
+ require => Package['icinga'],
+ }
- file { '/etc/icinga/apache2.conf':
- content => template('nagios/icinga-apache2.conf.erb'),
- notify => Exec['service apache2 reload'],
- }
- file { '/srv/nagios.debian.org/htpasswd':
- mode => '0640',
- owner => 'root',
- group => 'www-data',
- }
- file { '/etc/icinga/cgi.cfg':
- ensure => symlink,
- target => 'config-pushed/static/cgi.cfg',
- notify => Exec['service apache2 reload'],
- }
- file { '/etc/icinga/icinga.cfg':
- ensure => symlink,
- target => 'config-pushed/static/icinga.cfg',
- notify => Service['icinga'],
- }
- file { '/etc/icinga/objects':
- ensure => directory,
- mode => '755',
- purge => true,
- recurse => true,
- force => true,
- source => "puppet:///files/empty/",
- notify => Service['icinga'],
- }
- file { '/etc/icinga/objects/contacts.cfg':
- ensure => symlink,
- target => '../config-pushed/static/objects/contacts.cfg',
- notify => Service['icinga'],
- }
- file { '/etc/icinga/objects/generic-host.cfg':
- ensure => symlink,
- target => '../config-pushed/static/objects/generic-host.cfg',
- notify => Service['icinga'],
- }
- file { '/etc/icinga/objects/generic-service.cfg':
- ensure => symlink,
- target => '../config-pushed/static/objects/generic-service.cfg',
- notify => Service['icinga'],
- }
- file { '/etc/icinga/objects/timeperiods.cfg':
- ensure => symlink,
- target => '../config-pushed/static/objects/timeperiods.cfg',
- notify => Service['icinga'],
- }
+ file { '/etc/icinga/apache2.conf':
+ content => template('nagios/icinga-apache2.conf.erb'),
+ notify => Exec['service apache2 reload'],
+ }
+ file { '/srv/nagios.debian.org/htpasswd':
+ mode => '0640',
+ owner => 'root',
+ group => 'www-data',
+ }
+ file { '/etc/icinga/cgi.cfg':
+ ensure => symlink,
+ target => 'config-pushed/static/cgi.cfg',
+ notify => Exec['service apache2 reload'],
+ }
+ file { '/etc/icinga/icinga.cfg':
+ ensure => symlink,
+ target => 'config-pushed/static/icinga.cfg',
+ notify => Service['icinga'],
+ }
+ file { '/etc/icinga/objects':
+ ensure => directory,
+ mode => '0755',
+ purge => true,
+ recurse => true,
+ force => true,
+ source => 'puppet:///files/empty/',
+ notify => Service['icinga'],
+ }
+ file { '/etc/icinga/objects/contacts.cfg':
+ ensure => symlink,
+ target => '../config-pushed/static/objects/contacts.cfg',
+ notify => Service['icinga'],
+ }
+ file { '/etc/icinga/objects/generic-host.cfg':
+ ensure => symlink,
+ target => '../config-pushed/static/objects/generic-host.cfg',
+ notify => Service['icinga'],
+ }
+ file { '/etc/icinga/objects/generic-service.cfg':
+ ensure => symlink,
+ target => '../config-pushed/static/objects/generic-service.cfg',
+ notify => Service['icinga'],
+ }
+ file { '/etc/icinga/objects/timeperiods.cfg':
+ ensure => symlink,
+ target => '../config-pushed/static/objects/timeperiods.cfg',
+ notify => Service['icinga'],
+ }
- file { '/etc/icinga/objects/xauto-dependencies.cfg':
- ensure => symlink,
- target => '../config-pushed/generated/auto-dependencies.cfg',
- notify => Service['icinga'],
- }
- file { '/etc/icinga/objects/xauto-hostgroups.cfg':
- ensure => symlink,
- target => '../config-pushed/generated/auto-hostgroups.cfg',
- notify => Service['icinga'],
- }
- file { '/etc/icinga/objects/xauto-hosts.cfg':
- ensure => symlink,
- target => '../config-pushed/generated/auto-hosts.cfg',
- notify => Service['icinga'],
- }
- file { '/etc/icinga/objects/xauto-servicegroups.cfg':
- ensure => symlink,
- target => '../config-pushed/generated/auto-servicegroups.cfg',
- notify => Service['icinga'],
- }
- file { '/etc/icinga/objects/xauto-services.cfg':
- ensure => symlink,
- target => '../config-pushed/generated/auto-services.cfg',
- notify => Service['icinga'],
- }
+ file { '/etc/icinga/objects/xauto-dependencies.cfg':
+ ensure => symlink,
+ target => '../config-pushed/generated/auto-dependencies.cfg',
+ notify => Service['icinga'],
+ }
+ file { '/etc/icinga/objects/xauto-hostgroups.cfg':
+ ensure => symlink,
+ target => '../config-pushed/generated/auto-hostgroups.cfg',
+ notify => Service['icinga'],
+ }
+ file { '/etc/icinga/objects/xauto-hosts.cfg':
+ ensure => symlink,
+ target => '../config-pushed/generated/auto-hosts.cfg',
+ notify => Service['icinga'],
+ }
+ file { '/etc/icinga/objects/xauto-servicegroups.cfg':
+ ensure => symlink,
+ target => '../config-pushed/generated/auto-servicegroups.cfg',
+ notify => Service['icinga'],
+ }
+ file { '/etc/icinga/objects/xauto-services.cfg':
+ ensure => symlink,
+ target => '../config-pushed/generated/auto-services.cfg',
+ notify => Service['icinga'],
+ }
- file { '/etc/nagios-plugins/config/local-dsa-checkcommands.cfg':
- ensure => symlink,
- target => '../../icinga/config-pushed/static/checkcommands.cfg',
- notify => Service['icinga'],
- }
- file { '/etc/nagios-plugins/config/local-dsa-eventhandlers.cfg':
- ensure => symlink,
- target => '../../icinga/config-pushed/static/eventhandlers.cfg',
- notify => Service['icinga'],
- }
+ file { '/etc/nagios-plugins/config/local-dsa-checkcommands.cfg':
+ ensure => symlink,
+ target => '../../icinga/config-pushed/static/checkcommands.cfg',
+ notify => Service['icinga'],
+ }
+ file { '/etc/nagios-plugins/config/local-dsa-eventhandlers.cfg':
+ ensure => symlink,
+ target => '../../icinga/config-pushed/static/eventhandlers.cfg',
+ notify => Service['icinga'],
+ }
- file { '/etc/icinga/config-pushed':
- ensure => symlink,
- target => '/srv/nagios.debian.org/config-pushed'
- }
+ file { '/etc/icinga/config-pushed':
+ ensure => symlink,
+ target => '/srv/nagios.debian.org/config-pushed'
+ }
- file { '/srv/nagios.debian.org':
- ensure => directory,
- mode => '0755',
- }
- file { '/srv/nagios.debian.org/config-pushed':
- ensure => directory,
- mode => '0755',
- owner => 'nagiosadm',
- group => 'nagiosadm',
- }
+ file { '/srv/nagios.debian.org':
+ ensure => directory,
+ mode => '0755',
+ }
+ file { '/srv/nagios.debian.org/config-pushed':
+ ensure => directory,
+ mode => '0755',
+ owner => 'nagiosadm',
+ group => 'nagiosadm',
+ }
- concat::fragment { 'puppet-crontab--nagios--restart-stale-icinga':
- target => '/etc/cron.d/puppet-crontab',
- order => '010',
- content => @(EOF)
- */15 * * * * root find /var/lib/icinga/status.dat -mmin +20 | grep -q . && service icinga restart
- | EOF
- }
+ concat::fragment { 'puppet-crontab--nagios--restart-stale-icinga':
+ target => '/etc/cron.d/puppet-crontab',
+ order => '010',
+ content => @(EOF)
+ */15 * * * * root find /var/lib/icinga/status.dat -mmin +20 | grep -q . && service icinga restart
+ | EOF
+ }
}
projects / mirror / dsa-puppet.git / commitdiff