from bundlewrap.utils import Fault from os.path import join from re import sub with open(join(repo.path, 'data', 'sshmon', 'sshmon.pub'), 'r') as fp: pubkey = fp.read().strip() defaults = { 'apt': { 'packages': { 'python3-requests': {}, }, }, 'icinga2_api': { 'basic': { 'services': { 'CPU': { 'command_on_monitored_host': '/usr/local/share/icinga/plugins/check_cpu_stats', }, 'LOAD': { 'command_on_monitored_host': '/usr/lib/nagios/plugins/check_load -r -w 4,2,1 -c 8,4,2', } }, }, }, 'users': { 'sshmon': { 'password_hash': 'x', 'ssh_pubkey': { 'command="/usr/local/sbin/sshmon" {}'.format(pubkey), }, 'sudo_commands': [], }, }, } @metadata_reactor def autogenerate_sshmon_command(metadata): result = { 'icinga2_api': {}, } for bundle, bundle_config in metadata.get('icinga2_api', {}).items(): for service, service_config in bundle_config.get('services', {}).items(): # The default for check_command is also set in items.py and # in icinga2 bundle if ( service_config.get('check_command', 'sshmon') == 'sshmon' and 'command_on_monitored_host' in service_config ): service_normalized = sub('[^a-zA-Z0-9]', '_', service) result['icinga2_api'].setdefault(bundle, {}).setdefault('services', {}).setdefault(service, {}) result['icinga2_api'][bundle]['services'][service]['vars.sshmon_command'] = service_normalized return result @metadata_reactor def default_checks(metadata): disk_space_warning = metadata.get('sshmon/disk_space/warning', 15) disk_space_critical = metadata.get('sshmon/disk_space/critical', 5) disk_space_warning_inodes = metadata.get('sshmon/disk_space/warning_inodes', 15) disk_space_critical_inodes = metadata.get('sshmon/disk_space/critical_inodes', 5) disk_space_ignore_patterns = metadata.get('sshmon/disk_space/ignore_patterns', set()) ram_warning = metadata.get('sshmon/ram_usage/warning', 9) ram_critical = metadata.get('sshmon/ram_usage/critical', 8) mounts_options = metadata.get('sshmon/check_mounts_options', '') check_internet_http_url = metadata.get('sshmon/check_internet_http_url', 'https://ftp-stud.hs-esslingen.de') disk_space_extra_args = set() for pattern in disk_space_ignore_patterns: disk_space_extra_args.add(f'-I {pattern}') for pool in metadata.get('zfs/pools', {}).keys(): disk_space_extra_args.add(f'--ignore-ereg-partition={pool}') disk_space_ignore_patterns_string = ' '.join(sorted(disk_space_extra_args)) return { 'icinga2_api': { 'basic': { 'services': { 'DISK SPACE': { 'command_on_monitored_host': str( '/usr/lib/nagios/plugins/check_disk -X nfs -X nfs4 -X squashfs ' f'-w {disk_space_warning} -c {disk_space_critical} ' f'-W {disk_space_warning_inodes} -K {disk_space_critical_inodes} ' '-A -I "^/dev$" -I "^/run" -I "^/sys" -i "/sys/kernel/debug/tracing" ' f'{disk_space_ignore_patterns_string}', ), }, 'MOUNTS': { 'command_on_monitored_host': f'sudo /usr/local/share/icinga/plugins/check_mounts {mounts_options}', }, 'RAM': { 'command_on_monitored_host': f'/usr/local/share/icinga/plugins/check_ram {ram_warning} {ram_critical}', 'max_check_attempts': '12', 'retry_interval': '30m', }, 'INTERNET': { 'command_on_monitored_host': f'/usr/local/share/icinga/plugins/check_http_wget --url {check_internet_http_url}', 'vars.sshmon_timeout': 20, } }, }, }, }