add new status page to icinga

2023-09-10 09:48:20 +02:00 · 2023-09-10 09:48:20 +02:00 · 563735d31a
commit 563735d31a
parent b38bc67a60
5 changed files with 107 additions and 43 deletions
--- a/PORT_MAP.md
+++ b/PORT_MAP.md
@ -47,6 +47,7 @@ Rule of thumb: keep ports below 10000 free for stuff that reserves ports.
 | 22080       | netbox               | gunicorn |
 | 22090       | jugendhackt_tools    | gunicorn |
 | 22100       | powerdnsadmin        | gunicorn |
+| 22110       | icinga2-statuspage   | gunicorn |
 | 22999       | nginx                | stub_status |
 | 22100       | ntfy                 | http |

--- a/bundles/icinga2-statuspage/files/icinga2-statuspage.service
+++ b/bundles/icinga2-statuspage/files/icinga2-statuspage.service
@ -0,0 +1,16 @@
+[Unit]
+Description=icinga2-statuspage
+After=network.target
+Requires=postgresql.service
+
+[Service]
+User=www-data
+Group=www-data
+Environment=APP_CONFIG=/opt/icinga2-statuspage/config.json
+WorkingDirectory=/opt/icinga2-statuspage/src
+ExecStart=/usr/bin/gunicorn statuspage:app --workers 4 --max-requests 1200  --max-requests-jitter 50 --log-level=info --bind=127.0.0.1:22110
+Restart=always
+RestartSec=10
+
+[Install]
+WantedBy=multi-user.target
--- a/bundles/icinga2-statuspage/items.py
+++ b/bundles/icinga2-statuspage/items.py
@ -0,0 +1,34 @@
+directories['/opt/icinga2-statuspage/src'] = {}
+
+git_deploy['/opt/icinga2-statuspage/src'] = {
+    'repo': 'https://git.franzi.business/kunsi/icinga-dynamic-statuspage.git',
+    'rev': 'main',
+    'triggers': {
+        'svc_systemd:icinga2-statuspage:restart',
+    },
+}
+
+files['/opt/icinga2-statuspage/config.json'] = {
+    'content': repo.libs.faults.dict_as_json(node.metadata.get('icinga2-statuspage')),
+    'triggers': {
+        'svc_systemd:icinga2-statuspage:restart',
+    },
+}
+
+files['/usr/local/lib/systemd/system/icinga2-statuspage.service'] = {
+    'triggers': {
+        'action:systemd-reload',
+        'svc_systemd:icinga2-statuspage:restart',
+    },
+}
+
+
+svc_systemd['icinga2-statuspage'] = {
+    'needs': {
+        'file:/opt/icinga2-statuspage/config.json',
+        'git_deploy:/opt/icinga2-statuspage/src',
+        'pkg_apt:gunicorn',
+        'pkg_apt:python3-flask',
+        'pkg_apt:python3-psycopg2',
+    },
+}
--- a/bundles/icinga2-statuspage/metadata.py
+++ b/bundles/icinga2-statuspage/metadata.py
@ -0,0 +1,47 @@
+defaults = {
+    'apt': {
+        'packages': {
+            'gunicorn': {},
+            'python3-flask': {},
+            'python3-psycopg2': {},
+        },
+    },
+}
+
+
+@metadata_reactor.provides(
+    'icinga2-statuspage',
+)
+def import_db_settings_from_icinga(metadata):
+    return {
+        'icinga2-statuspage': {
+            'DB_USER': 'icinga2',
+            'DB_PASS': metadata.get('postgresql/roles/icinga2/password'),
+            'DB_NAME': 'icinga2',
+        },
+    }
+
+
+@metadata_reactor.provides(
+    'nginx/vhosts/icinga2-statuspage',
+)
+def nginx(metadata):
+    if not node.has_bundle('nginx'):
+        raise DoNotRunAgain
+
+    return {
+        'nginx': {
+            'vhosts': {
+                'icinga2-statuspage': {
+                    'domain': metadata.get('icinga2-statuspage/DOMAIN'),
+                    'locations': {
+                        '/': {
+                            'target': 'http://127.0.0.1:22110',
+                        },
+                    },
+                    'website_check_path': '/',
+                    'website_check_string': 'status page',
+                },
+            },
+        },
+    }
--- a/nodes/icinga2.toml
+++ b/nodes/icinga2.toml
@ -2,6 +2,7 @@ hostname = "217.160.71.39"
 bundles = [
    "bird",
    "icinga2",
+    "icinga2-statuspage",
    "php",
    "postgresql",
 #        'simple-icinga-dashboard',
@ -15,6 +16,7 @@ groups = [

 [metadata]
 location = "ionos"
+icinga_options.pretty_name = "icinga.franzi.business"

 [metadata.interfaces.ens192]
 ips = [
@ -49,53 +51,17 @@ permissions = [
    "objects/query/Service",
 ]

-#        'icinga2_api': {
-#            'custom': {
-#                # redundant monitoring of services/hosts
-#                'services': {
-#                    'flauschekatze.space CERTIFICATE': {
-#                        'check_command': 'check_https_cert_at_url',
-#                        'vars.domain': 'flauschekatze.space',
-#                    },
-#                    'matrix.flauschekatze.space CERTIFICATE': {
-#                        'check_command': 'check_https_cert_at_url',
-#                        'vars.domain': 'matrix.flauschekatze.space',
-#                    },
-#                },
-#            },
-#        },
-#        'nginx': {
-#            'vhosts': {
-#                'statuspage': {
-#                    'domain': 'status.franzi.business',
-#                    'ssl': '_.franzi.business',
-#                    'webroot': '/opt/simple-icinga-dashboard/out',
-#                },
-#            },
-#        },
+[metadata.icinga2-statuspage]
+DOMAIN = "status.franzi.business"
+SERVICEGROUP_ID = 80
+
+[metadata.icinga2-statuspage.NAME_REPLACEMENTS]
+" PROCESS$" = " SERVICE"
+".+ VHOST (.+) CONTENT" = "WEB ACCESS \\1"

 [metadata.postgresql]
 version = 15

-#        'simple-icinga-dashboard': {
-#            'icinga2_api': {
-#                'baseurl': 'https://127.0.0.1:5665',
-#                'username': 'dashboard',
-#                'password': vault.password_for('ovh.icinga2 icinga2 api_user dashboard'),
-#            },
-#            'filters': {
-#                'services': '"statuspage" in service.groups',
-#            },
-#            'output': {
-#                'page_title': 'franzi.business Service Status',
-#            },
-#            'prettify': {
-#                'CONTENT': '',
-#                'NGINX':  'WEBSERVER',
-#                'PROCESS': 'SERVICE',
-#            },
-#        },
-
 [metadata.wireguard.peers.'home.router']
 snat_to = "172.19.136.4"