diff --git a/bundles/postfix/files/check_postfix_queue b/bundles/postfix/files/check_postfix_queue new file mode 100644 index 0000000..5bd7896 --- /dev/null +++ b/bundles/postfix/files/check_postfix_queue @@ -0,0 +1,156 @@ +#!/bin/bash +# created by McArt http://www.mcart.ru/ + +# Uncomment to enable debugging +# set -x + +PROGNAME=`basename $0` +VERSION="Version 2.0" +AUTHOR="McArt (http://www.mcart.ru)" + +STATE_OK=0 +STATE_WARNING=1 +STATE_CRITICAL=2 +STATE_UNKNOWN=3 + +warning=unknown +critical=unknown + +print_version() { + echo "$PROGNAME $VERSION $AUTHOR" +} + +print_help() { + print_version $PROGNAME $VERSION + echo "" + echo "$PROGNAME - Checks postfix mailqueue statistic" + echo "" + echo "$PROGNAME is a Nagios plugin which generates statistics" + echo "for the postfix mailqueue and checks for corrupt messages." + echo "The following values will be checked:" + echo "active: Mails being delivered (should be small)" + echo "deferred: Stuck mails (that will be retried later)" + echo "corrupt: Messages found to not be in correct format (should be 0)" + echo "hold: Recent addition, messages put on hold indefinitly - delete of free" + echo "" + echo "Usage: $PROGNAME -w WARN-Level -c CRIT-Level -d DEF-WARN-Level" + echo "" + echo "Options:" + echo " -w)" + echo " Warning level for active mails" + echo " -c)" + echo " Critical level for active mail" + echo " -d)" + echo " Warning level for deferred mails" + echo " -h)" + echo " This help" + echo " -v)" + echo " Version" + exit $STATE_OK +} + +# Check for parameters +while test -n "$1"; do + case "$1" in + -h) + print_help + exit $STATE_OK;; + -v) + print_version + exit $STATE_OK;; + -w) + warning=$2 + shift + ;; + -c) + critical=$2 + shift + ;; + -d) + warning_deferred=$2 + shift + ;; + *) + echo "Usage: $0 -w -c " + ;; + esac + shift +done + +if [ $warning == "unknown" ] || [ $critical == "unknown" ]; then + echo "You need to specify warning and critical for active mails" + echo "Usage: $0 -w -c " + exit $STATE_UNKNOWN +fi + +# make sure CRIT is larger than WARN +if [ $warning -ge $critical ];then + echo "UNKNOWN: WARN value may not be greater than or equal the CRIT value" + exit $OK +fi + +check_postfix_mailqueue() { +# Can be set via environment, but default is fetched by postconf (if available, +# else /var/spool/postfix) +if which postconf > /dev/null ; then + SPOOLDIR=${spooldir:-`postconf -h queue_directory`} +else + SPOOLDIR=${spooldir:-/var/spool/postfix} +fi + +cd $SPOOLDIR >/dev/null 2>/dev/null || { + echo -n "Cannot cd to $SPOOLDIR" + exit $STATE_CRITICAL +} + +for d in deferred active corrupt hold +do + if [ ! -r $d ] + then + echo -n "queue dir '$d' is not readable" + exit $STATE_CRITICAL + fi +done + +# Get values +deferred=`(test -d deferred && find deferred -type f ) | wc -l` +active=`(test -d active && find active -type f ) | wc -l` +corrupt=`(test -d corrupt && find corrupt -type f ) | wc -l` +hold=`( test -d hold && find hold -type f ) | wc -l` +} + +check_postfix_mailqueue +values="Deferred mails=$deferred Active deliveries=$active Corrupt mails=$corrupt Mails on hold=$hold" +perfdata="deferred=$deferred;; active=$active;; corrupt=$corrupt;; hold=$hold;;" + +if [ $corrupt -gt 0 ]; then + echo -n "WARNING - $corrupt corrupt messages found! | $perfdata" + exit $STATE_WARNING +fi + +if [ $hold -gt 0 ]; then + echo -n "WARNING - $hold hold messages found! | $perfdata" + exit $STATE_WARNING +fi + +if [ $deferred -gt $warning_deferred ]; then + echo -n "WARNING - $deferred deferred messages found! | $perfdata" + exit $STATE_WARNING +fi + +if [ $active -gt $critical ]; then + MES_TO_EXIT="CRITICAL - $values | $perfdata" + STATE_TO_EXIT=$STATE_CRITICAL +elif [ $active -gt $warning ]; then + MES_TO_EXIT="WARNING - $values | $perfdata" + STATE_TO_EXIT=$STATE_WARNING +else + MES_TO_EXIT="OK - $values | $perfdata" + STATE_TO_EXIT=$STATE_OK +fi + + +echo -n $MES_TO_EXIT +echo -e "\n" +exit $STATE_TO_EXIT + diff --git a/bundles/postfix/items.py b/bundles/postfix/items.py index e5f27b0..22ff29b 100644 --- a/bundles/postfix/items.py +++ b/bundles/postfix/items.py @@ -26,6 +26,9 @@ files = { 'svc_systemd:postfix:restart', }, }, + '/usr/local/share/icinga/plugins/check_postfix_queue': { + 'mode': '0755', + }, } actions = { diff --git a/bundles/postfix/metadata.py b/bundles/postfix/metadata.py index 0461d1d..a44c4b3 100644 --- a/bundles/postfix/metadata.py +++ b/bundles/postfix/metadata.py @@ -4,8 +4,60 @@ defaults = { 'postfix': {}, }, }, + 'icinga2_api': { + 'postfix': { + 'services': { + 'POSTFIX PROCESS': { + 'command_on_monitored_host': '/usr/local/share/icinga/plugins/check_systemd_unit postfix@-', + }, + 'POSTFIX QUEUE': { + 'command_on_monitored_host': 'sudo /usr/local/share/icinga/plugins/check_postfix_queue -w 20 -c 40 -d 50', + }, + }, + }, + }, } +if node.has_bundle('postfixadmin'): + defaults['icinga2_api']['postfix']['services'].update({ + 'SPAM BLOCKLIST': { + 'check_command': 'spam_blocklist', + # vars.ip will be filled using a metadata reactor + }, + 'SMTP CONNECT': { + 'check_command': 'check_smtp', + }, + 'SMTP SUBMISSION CONNECT': { + 'check_command': 'check_smtp', + 'vars.port': '587', + }, + }) +else: + defaults['icinga2_api']['postfix']['services'].update({ + 'SMTP CONNECT': { + 'command_on_monitored_host': '/usr/lib/nagios/plugins/check_smtp -H localhost', + }, + }) + + +@metadata_reactor +def fill_icinga_spam_blocklist_check_with_hostname(metadata): + if not node.has_bundle('postfixadmin'): + raise DoNotRunAgain + + return { + 'icinga2_api': { + 'postfix': { + 'services': { + 'SPAM BLOCKLIST': { + 'vars.ip': metadata.get('postfix/myhostname', metadata.get('hostname', node.hostname)), + }, + }, + }, + }, + } + + @metadata_reactor def letsencrypt(metadata): if not node.has_bundle('letsencrypt'):