From 5419bf31fb4295ef0893c63274ca2ede509db04d Mon Sep 17 00:00:00 2001 From: Franziska Kunsmann Date: Sat, 21 Nov 2020 10:30:05 +0100 Subject: [PATCH] bundles: fix some icinga checks --- bundles/apt/files/check_unattended_upgrades | 2 +- bundles/apt/files/upgrade-and-reboot | 2 +- bundles/nginx/metadata.py | 7 ++++++- bundles/postfix/metadata.py | 3 ++- bundles/sshmon/metadata.py | 5 +++++ bundles/zfs/metadata.py | 4 ++-- 6 files changed, 17 insertions(+), 6 deletions(-) diff --git a/bundles/apt/files/check_unattended_upgrades b/bundles/apt/files/check_unattended_upgrades index 9c4c1fa..9256fad 100644 --- a/bundles/apt/files/check_unattended_upgrades +++ b/bundles/apt/files/check_unattended_upgrades @@ -1,6 +1,6 @@ #!/bin/bash -statusfile=/var/tmp/unattended_upgrades.status +statusfile="/var/tmp/unattended_upgrades.status" if ! [[ -f "$statusfile" ]] then echo "Status file not found" diff --git a/bundles/apt/files/upgrade-and-reboot b/bundles/apt/files/upgrade-and-reboot index a5ec4fe..82aede0 100644 --- a/bundles/apt/files/upgrade-and-reboot +++ b/bundles/apt/files/upgrade-and-reboot @@ -16,7 +16,7 @@ then fi fi -statusfile=/var/tmp/unattended_upgrades.status +statusfile="/var/tmp/unattended_upgrades.status" # Workaround, because /var/tmp is usually 1777 [[ "$UID" == 0 ]] && chown root:root "$statusfile" diff --git a/bundles/nginx/metadata.py b/bundles/nginx/metadata.py index 70bd599..fffd16d 100644 --- a/bundles/nginx/metadata.py +++ b/bundles/nginx/metadata.py @@ -96,11 +96,16 @@ def monitoring(metadata): for vname, vconfig in metadata.get('nginx/vhosts', {}).items(): domain = vconfig.get('domain', vname) + if metadata.get('nginx/use_ssl_for_all_connections'): + scheme = 'https' + else: + scheme = 'http' + if 'website_check_path' in vconfig and 'website_check_string' in vconfig: services['NGINX VHOST {} CONTENT'.format(vname)] = { 'check_command': 'check_http_wget', 'vars.http_wget_contains': vconfig['website_check_string'], - 'vars.http_wget_url': '{}{}'.format(domain, vconfig['website_check_path']), + 'vars.http_wget_url': '{}://{}{}'.format(scheme, domain, vconfig['website_check_path']), } if vconfig.get('check_ssl', False): diff --git a/bundles/postfix/metadata.py b/bundles/postfix/metadata.py index eafe42e..d229ef4 100644 --- a/bundles/postfix/metadata.py +++ b/bundles/postfix/metadata.py @@ -42,7 +42,8 @@ else: }) -@metadata_reactor +# FIXME find a working, non-shitty check for that +#@metadata_reactor def fill_icinga_spam_blocklist_check_with_hostname(metadata): checks = {} diff --git a/bundles/sshmon/metadata.py b/bundles/sshmon/metadata.py index 371cf3d..b88ae89 100644 --- a/bundles/sshmon/metadata.py +++ b/bundles/sshmon/metadata.py @@ -8,6 +8,11 @@ with open(join(repo.path, 'data', 'sshmon', 'sshmon.pub'), 'r') as fp: pubkey = fp.read().strip() defaults = { + 'apt': { + 'packages': { + 'python3-requests': {}, + }, + }, 'icinga2_api': { 'basic': { 'services': { diff --git a/bundles/zfs/metadata.py b/bundles/zfs/metadata.py index 771c60c..81970cc 100644 --- a/bundles/zfs/metadata.py +++ b/bundles/zfs/metadata.py @@ -72,10 +72,10 @@ if node.has_bundle('sshmon'): 'zfs': { 'services': { 'ZFS AUTO SNAPSHOT': { - 'command_on_monitored_host': '/usr/local/share/icinga/plugins/check_zfs_auto_snapshot', + 'command_on_monitored_host': 'sudo /usr/local/share/icinga/plugins/check_zfs_auto_snapshot', }, 'ZFS MOUNTED VOLUMES': { - 'command_on_monitored_host': '/usr/local/share/icinga/plugins/check_zfs_volumes', + 'command_on_monitored_host': 'sudo /usr/local/share/icinga/plugins/check_zfs_volumes', }, 'ZFS OLD SNAPSHOTS': { 'command_on_monitored_host': 'sudo /usr/local/share/icinga/plugins/check_zfs_old_snapshots',