bundlewrap/bundles/sshmon/metadata.py

115 lines
4.2 KiB
Python

from bundlewrap.utils import Fault
from os.path import join
from re import sub
with open(join(repo.path, 'data', 'sshmon', 'sshmon.pub'), 'r') as fp:
pubkey = fp.read().strip()
defaults = {
'apt': {
'packages': {
'python3-requests': {},
},
},
'icinga2_api': {
'basic': {
'services': {
'CPU': {
'command_on_monitored_host': '/usr/local/share/icinga/plugins/check_cpu_stats',
},
'LOAD': {
'command_on_monitored_host': '/usr/lib/nagios/plugins/check_load -r -w 4,2,1 -c 8,4,2',
}
},
},
},
'users': {
'sshmon': {
'password_hash': 'x',
'ssh_pubkey': {
'command="/usr/local/sbin/sshmon" {}'.format(pubkey),
},
'sudo_commands': [],
},
},
}
@metadata_reactor
def autogenerate_sshmon_command(metadata):
result = {
'icinga2_api': {},
}
for bundle, bundle_config in metadata.get('icinga2_api', {}).items():
for service, service_config in bundle_config.get('services', {}).items():
# The default for check_command is also set in items.py and
# in icinga2 bundle
if (
service_config.get('check_command', 'sshmon') == 'sshmon' and
'command_on_monitored_host' in service_config
):
service_normalized = sub('[^a-zA-Z0-9]', '_', service)
result['icinga2_api'].setdefault(bundle, {}).setdefault('services', {}).setdefault(service, {})
result['icinga2_api'][bundle]['services'][service]['vars.sshmon_command'] = service_normalized
return result
@metadata_reactor
def default_checks(metadata):
disk_space_warning = metadata.get('sshmon/disk_space/warning', 15)
disk_space_critical = metadata.get('sshmon/disk_space/critical', 5)
disk_space_warning_inodes = metadata.get('sshmon/disk_space/warning_inodes', 15)
disk_space_critical_inodes = metadata.get('sshmon/disk_space/critical_inodes', 5)
disk_space_ignore_patterns = metadata.get('sshmon/disk_space/ignore_patterns', set())
ram_warning = metadata.get('sshmon/ram_usage/warning', 9)
ram_critical = metadata.get('sshmon/ram_usage/critical', 8)
mounts_options = metadata.get('sshmon/check_mounts_options', '')
check_internet_http_url = metadata.get('sshmon/check_internet_http_url', 'https://ftp-stud.hs-esslingen.de')
disk_space_extra_args = set()
for pattern in disk_space_ignore_patterns:
disk_space_extra_args.add(f'-I {pattern}')
for pool in metadata.get('zfs/pools', {}).keys():
disk_space_extra_args.add(f'--ignore-ereg-partition={pool}')
disk_space_ignore_patterns_string = ' '.join(sorted(disk_space_extra_args))
return {
'icinga2_api': {
'basic': {
'services': {
'DISK SPACE': {
'command_on_monitored_host': str(
'/usr/lib/nagios/plugins/check_disk -X nfs -X nfs4 -X squashfs '
f'-w {disk_space_warning} -c {disk_space_critical} '
f'-W {disk_space_warning_inodes} -K {disk_space_critical_inodes} '
'-A -I "^/dev$" -I "^/run" -I "^/sys" -i "/sys/kernel/debug/tracing" '
f'{disk_space_ignore_patterns_string}',
),
},
'MOUNTS': {
'command_on_monitored_host': f'sudo /usr/local/share/icinga/plugins/check_mounts {mounts_options}',
},
'RAM': {
'command_on_monitored_host': f'/usr/local/share/icinga/plugins/check_ram {ram_warning} {ram_critical}',
'max_check_attempts': '12',
'retry_interval': '30m',
},
'INTERNET': {
'command_on_monitored_host': f'/usr/local/share/icinga/plugins/check_http_wget --url {check_internet_http_url}',
'vars.sshmon_timeout': 30,
}
},
},
},
}