public
/
nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #76551 from symphorien/nagios2 

nagios: various improvements
This commit is contained in:
Aaron Andersen 2019-12-30 14:21:03 -05:00 committed by GitHub
parent d835f229f4 cb38bf33e7
commit 66bf75415f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 192 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

113
nixos/modules/services/monitoring/nagios.nix
View File

@ -17,32 +17,39 @@ let
preferLocalBuild = true; preferLocalBuild = true;
} "mkdir -p $out; ln -s $nagiosObjectDefs $out/"; } "mkdir -p $out; ln -s $nagiosObjectDefs $out/";
nagiosCfgFile = pkgs.writeText "nagios.cfg" nagiosCfgFile = let
'' default = {
# Paths for state and logs. log_file="${nagiosLogDir}/current";
log_file=${nagiosLogDir}/current log_archive_path="${nagiosLogDir}/archive";
log_archive_path=${nagiosLogDir}/archive status_file="${nagiosState}/status.dat";
status_file=${nagiosState}/status.dat object_cache_file="${nagiosState}/objects.cache";
object_cache_file=${nagiosState}/objects.cache temp_file="${nagiosState}/nagios.tmp";
temp_file=${nagiosState}/nagios.tmp lock_file="/run/nagios.lock";
lock_file=/run/nagios.lock # Not used I think. state_retention_file="${nagiosState}/retention.dat";
state_retention_file=${nagiosState}/retention.dat query_socket="${nagiosState}/nagios.qh";
query_socket=${nagiosState}/nagios.qh check_result_path="${nagiosState}";
check_result_path=${nagiosState} command_file="${nagiosState}/nagios.cmd";
command_file=${nagiosState}/nagios.cmd cfg_dir="${nagiosObjectDefsDir}";
nagios_user="nagios";
# Configuration files. nagios_group="nagios";
#resource_file=resource.cfg illegal_macro_output_chars="`~$&|'\"<>";
cfg_dir=${nagiosObjectDefsDir} retain_state_information="1";
};
# Uid/gid that the daemon runs under. lines = mapAttrsToList (key: value: "${key}=${value}") (default // cfg.extraConfig);
nagios_user=nagios content = concatStringsSep "\n" lines;
nagios_group=nagios file = pkgs.writeText "nagios.cfg" content;
validated = pkgs.runCommand "nagios-checked.cfg" {preferLocalBuild=true;} ''
# Misc. options. cp ${file} nagios.cfg
illegal_macro_output_chars=`~$&|'"<> # nagios checks the existence of /var/lib/nagios, but
retain_state_information=1 # it does not exists in the build sandbox, so we fake it
''; # " mkdir lib
lib=$(readlink -f lib)
sed -i s@=${nagiosState}@=$lib@ nagios.cfg
${pkgs.nagios}/bin/nagios -v nagios.cfg && cp ${file} $out
'';
defaultCfgFile = if cfg.validateConfig then validated else file;
in
if cfg.mainConfigFile == null then defaultCfgFile else cfg.mainConfigFile;
# Plain configuration for the Nagios web-interface with no # Plain configuration for the Nagios web-interface with no
# authentication. # authentication.
@ -77,16 +84,11 @@ in
(mkRemovedOptionModule [ "services" "nagios" "urlPath" ] "The urlPath option has been removed as it is hard coded to /nagios in the nagios package.") (mkRemovedOptionModule [ "services" "nagios" "urlPath" ] "The urlPath option has been removed as it is hard coded to /nagios in the nagios package.")
]; ];
meta.maintainers = with lib.maintainers; [ symphorien ];
options = { options = {
services.nagios = { services.nagios = {
enable = mkOption { enable = mkEnableOption "<link xlink:href='http://www.nagios.org/'>Nagios</link> to monitor your system or network.";
default = false;
description = "
Whether to use <link
xlink:href='http://www.nagios.org/'>Nagios</link> to monitor
your system or network.
";
};
objectDefs = mkOption { objectDefs = mkOption {
description = " description = "
@ -94,12 +96,14 @@ in
the hosts, host groups, services and contacts for the the hosts, host groups, services and contacts for the
network that you want Nagios to monitor. network that you want Nagios to monitor.
"; ";
type = types.listOf types.path;
example = literalExample "[ ./objects.cfg ]";
}; };
plugins = mkOption { plugins = mkOption {
type = types.listOf types.package; type = types.listOf types.package;
default = [pkgs.nagiosPluginsOfficial pkgs.ssmtp]; default = with pkgs; [ nagiosPluginsOfficial ssmtp mailutils ];
defaultText = "[pkgs.nagiosPluginsOfficial pkgs.ssmtp]"; defaultText = "[pkgs.nagiosPluginsOfficial pkgs.ssmtp pkgs.mailutils]";
description = " description = "
Packages to be added to the Nagios <envar>PATH</envar>. Packages to be added to the Nagios <envar>PATH</envar>.
Typically used to add plugins, but can be anything. Typically used to add plugins, but can be anything.
@ -107,14 +111,29 @@ in
}; };
mainConfigFile = mkOption { mainConfigFile = mkOption {
type = types.package; type = types.nullOr types.package;
default = nagiosCfgFile; default = null;
defaultText = "nagiosCfgFile";
description = " description = "
Derivation for the main configuration file of Nagios. If non-null, overrides the main configuration file of Nagios.
"; ";
}; };
extraConfig = mkOption {
type = types.attrsOf types.str;
example = {
debug_level = "-1";
debug_file = "/var/log/nagios/debug.log";
};
default = {};
description = "Configuration to add to /etc/nagios.cfg";
};
validateConfig = mkOption {
type = types.bool;
default = pkgs.stdenv.hostPlatform == pkgs.stdenv.buildPlatform;
description = "if true, the syntax of the nagios configuration file is checked at build time";
};
cgiConfigFile = mkOption { cgiConfigFile = mkOption {
type = types.package; type = types.package;
default = nagiosCGICfgFile; default = nagiosCGICfgFile;
@ -126,6 +145,7 @@ in
}; };
enableWebInterface = mkOption { enableWebInterface = mkOption {
type = types.bool;
default = false; default = false;
description = " description = "
Whether to enable the Nagios web interface. You should also Whether to enable the Nagios web interface. You should also
@ -165,7 +185,7 @@ in
# This isn't needed, it's just so that the user can type "nagiostats # This isn't needed, it's just so that the user can type "nagiostats
# -c /etc/nagios.cfg". # -c /etc/nagios.cfg".
environment.etc = [ environment.etc = [
{ source = cfg.mainConfigFile; { source = nagiosCfgFile;
target = "nagios.cfg"; target = "nagios.cfg";
} }
]; ];
@ -173,7 +193,7 @@ in
environment.systemPackages = [ pkgs.nagios ]; environment.systemPackages = [ pkgs.nagios ];
systemd.services.nagios = { systemd.services.nagios = {
description = "Nagios monitoring daemon"; description = "Nagios monitoring daemon";
path = [ pkgs.nagios ]; path = [ pkgs.nagios ] ++ cfg.plugins;
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
after = [ "network.target" ]; after = [ "network.target" ];
@ -184,14 +204,9 @@ in
RestartSec = 2; RestartSec = 2;
LogsDirectory = "nagios"; LogsDirectory = "nagios";
StateDirectory = "nagios"; StateDirectory = "nagios";
ExecStart = "${pkgs.nagios}/bin/nagios /etc/nagios.cfg";
X-ReloadIfChanged = nagiosCfgFile;
}; };
script = ''
for i in ${toString cfg.plugins}; do
export PATH=$i/bin:$i/sbin:$i/libexec:$PATH
done
exec ${pkgs.nagios}/bin/nagios ${cfg.mainConfigFile}
'';
}; };
services.httpd.virtualHosts = optionalAttrs cfg.enableWebInterface { services.httpd.virtualHosts = optionalAttrs cfg.enableWebInterface {

1
nixos/tests/all-tests.nix
View File

@ -179,6 +179,7 @@ in
mysql = handleTest ./mysql.nix {}; mysql = handleTest ./mysql.nix {};
mysqlBackup = handleTest ./mysql-backup.nix {}; mysqlBackup = handleTest ./mysql-backup.nix {};
mysqlReplication = handleTest ./mysql-replication.nix {}; mysqlReplication = handleTest ./mysql-replication.nix {};
nagios = handleTest ./nagios.nix {};
nat.firewall = handleTest ./nat.nix { withFirewall = true; }; nat.firewall = handleTest ./nat.nix { withFirewall = true; };
nat.firewall-conntrack = handleTest ./nat.nix { withFirewall = true; withConntrackHelpers = true; }; nat.firewall-conntrack = handleTest ./nat.nix { withFirewall = true; withConntrackHelpers = true; };
nat.standalone = handleTest ./nat.nix { withFirewall = false; }; nat.standalone = handleTest ./nat.nix { withFirewall = false; };

116
nixos/tests/nagios.nix Normal file
View File

@ -0,0 +1,116 @@
import ./make-test-python.nix (
{ pkgs, ... }: {
name = "nagios";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ symphorien ];
};
machine = { lib, ... }: let
writer = pkgs.writeShellScript "write" ''
set -x
echo "$@" >> /tmp/notifications
'';
in
{
# tested service
services.sshd.enable = true;
# nagios
services.nagios = {
enable = true;
# make state transitions faster
extraConfig.interval_length = "5";
objectDefs =
(map (x: "${pkgs.nagios}/etc/objects/${x}.cfg") [ "templates" "timeperiods" "commands" ]) ++ [
(
pkgs.writeText "objects.cfg" ''
# notifications are written to /tmp/notifications
define command {
command_name notify-host-by-file
command_line ${writer} "$HOSTNAME is $HOSTSTATE$"
}
define command {
command_name notify-service-by-file
command_line ${writer} "$SERVICEDESC$ is $SERVICESTATE$"
}
# nagios boilerplate
define contact {
contact_name alice
alias alice
host_notifications_enabled 1
service_notifications_enabled 1
service_notification_period 24x7
host_notification_period 24x7
service_notification_options w,u,c,r,f,s
host_notification_options d,u,r,f,s
service_notification_commands notify-service-by-file
host_notification_commands notify-host-by-file
email foo@example.com
}
define contactgroup {
contactgroup_name admins
alias Admins
members alice
}
define hostgroup{
hostgroup_name allhosts
alias All hosts
}
# monitored objects
define host {
use generic-host
host_name localhost
alias localhost
address localhost
hostgroups allhosts
contact_groups admins
# make state transitions faster.
max_check_attempts 2
check_interval 1
retry_interval 1
}
define service {
use generic-service
host_name localhost
service_description ssh
check_command check_ssh
# make state transitions faster.
max_check_attempts 2
check_interval 1
retry_interval 1
}
''
)
];
};
};
testScript = { ... }: ''
with subtest("ensure sshd starts"):
machine.wait_for_unit("sshd.service")
with subtest("ensure nagios starts"):
machine.wait_for_file("/var/log/nagios/current")
def assert_notify(text):
machine.wait_for_file("/tmp/notifications")
real = machine.succeed("cat /tmp/notifications").strip()
print(f"got {real!r}, expected {text!r}")
assert text == real
with subtest("ensure we get a notification when sshd is down"):
machine.succeed("systemctl stop sshd")
assert_notify("ssh is CRITICAL")
with subtest("ensure tests can succeed"):
machine.succeed("systemctl start sshd")
machine.succeed("rm /tmp/notifications")
assert_notify("ssh is OK")
'';
}
)

12
pkgs/servers/monitoring/nagios/default.nix
View File

@ -1,4 +1,4 @@
{ stdenv, fetchurl, perl, php, gd, libpng, zlib, unzip }: { stdenv, fetchurl, perl, php, gd, libpng, zlib, unzip, nixosTests }:
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "nagios"; pname = "nagios";
@ -20,6 +20,16 @@ stdenv.mkDerivation rec {
substituteInPlace Makefile --replace '$(MAKE) install-basic' "" substituteInPlace Makefile --replace '$(MAKE) install-basic' ""
''; '';
installTargets = "install install-config"; installTargets = "install install-config";
postInstall = ''
# don't make default files use hardcoded paths to commands
sed -i 's@command_line *[^ ]*/\([^/]*\) @command_line \1 @' $out/etc/objects/commands.cfg
sed -i 's@/usr/bin/@@g' $out/etc/objects/commands.cfg
sed -i 's@/bin/@@g' $out/etc/objects/commands.cfg
'';
passthru.tests = {
inherit (nixosTests) nagios;
};
meta = { meta = {
description = "A host, service and network monitoring program"; description = "A host, service and network monitoring program";