Rework Nagios inventory template

This new template, instead of querying out Netbox direct, assumes you run the nb_inventory plugin and pulls all of its service configuration from there.

Also config context service checks are no longer a thing; formalize your shit.
This commit is contained in:
Salt 2022-02-23 21:03:19 -06:00
parent 6707ce48bd
commit 295927e1ab
2 changed files with 217 additions and 1 deletions

View File

@ -33,7 +33,7 @@
- notify-by-matrix
tags: [ nagios, template, plugins ]
- name: template out config for nagios
template: src=nagios-ansible.cfg.j2 dest="{{ nagios_data_dir }}/etc/objects/ansible.cfg" owner=root group=root mode=0644
template: src=nagios-ansible-inventory.cfg.j2 dest="{{ nagios_data_dir }}/etc/objects/ansible.cfg" owner=root group=root mode=0644
tags: [ nagios, template ]
notify: restart nagios
- name: assure config file is loaded

View File

@ -0,0 +1,216 @@
# {{ ansible_managed }}
# Templates
define host {
name ansible-linux-server
check_period 24x7
check_interval 10
retry_interval 3
max_check_attempts 10
check_command check-host-alive
notification_period 24x7
notification_interval 120
hostgroups ansible
check_period 24x7
contacts salt
register 0
}
define service {
use generic-service
name ansible-generic-service
max_check_attempts 10
check_interval 10
retry_interval 2
register 0
}
# Default hostgroup
define hostgroup {
hostgroup_name ansible
alias Ansible-managed Hosts
}
# Additional timeperiods for convenience
define timeperiod {
timeperiod_name ansible-not-late-at-night
alias Not Late at Night
sunday 07:00-22:00
monday 07:00-22:00
tuesday 07:00-22:00
wednesday 07:00-22:00
thursday 07:00-22:00
friday 07:00-22:00
saturday 07:00-22:00
}
{% if nagios_contacts is defined %}
# Contacts
# Everything here is defined in nagios_contacts
{% for contact in nagios_contacts %}
define contact {
contact_name {{ contact.name }}
alias {{ contact.alias | default(contact.name, true ) }}
host_notifications_enabled {{ contact.host_notifications_enabled | default('1', true) }}
host_notification_period {{ contact.host_notification_period | default('24x7', true) }}
host_notification_options {{ contact.host_notification_options | default('d,u,r,f', true ) }}
host_notification_commands {{ contact.host_notification_commands }}
service_notifications_enabled {{ contact.service_notifications_enabled | default('1', true) }}
service_notification_period {{ contact.service_notification_period | default('24x7', true) }}
service_notification_options {{ contact.service_notification_options | default('w,c,r,f', true ) }}
service_notification_commands {{ contact.service_notification_commands }}
{% if contact.extra is defined %}
{% for kvp in contact.extra %}
{{ kvp.key }} {{ kvp.value }}
{% endfor %}
{% endif %}
}
{% endfor %}
{% endif %}
# And a contactgroup
define contactgroup {
contactgroup_name ansible
alias Ansible notification contacts
members nagiosadmin
}
{% if nagios_commands is defined %}
# Commands
# Everything here is defined in nagios_commands
{% for command in nagios_commands %}
define command {
command_name {{ command.name }}
command_line {{ command.command }}
{% if command.extra is defined %}
{% for kvp in command.extra %}
{{ kvp.key }} {{ kvp.value }}
{% endfor %}
{% endif %}
}
{% endfor %}
{% endif %}
{% if nagios_services is defined %}
# Services
# Everything here is defined in nagios_services
{% for service in nagios_services %}
define service {
use ansible-generic-service
service_description {{ service.name }}
check_command {{ service.command }}
hostgroup_name {{ service.hostgroup | default('ansible', true) }}
contact_groups ansible
{% if service.extra is defined %}
{% for kvp in service.extra %}
{{ kvp.key }} {{ kvp.value }}
{% endfor %}
{% endif %}
}
{% endfor %}
{% endif %}
# Hostgroups
{% for role in query('netbox.netbox.nb_lookup', 'device-roles', api_endpoint='https://netbox.desu.ltd', token=netbox_token) %}
# Device Role: {{ role.value.name }}
# Description: {{ role.value.description }}
# Created: {{ role.value.created }}
# Updated: {{ role.value.last_updated }}
define hostgroup {
hostgroup_name role-{{ role.value.slug }}
alias {{ role.value.display }}
}
{% endfor %}
{% for tag in query('netbox.netbox.nb_lookup', 'tags', api_endpoint='https://netbox.desu.ltd', token=netbox_token) %}
# Tag: {{ tag.value.name }}
# Description: {{ tag.value.description }}
define hostgroup {
hostgroup_name tag-{{ tag.value.slug }}
alias {{ tag.value.display }}
}
{% endfor %}
{% for type in query('netbox.netbox.nb_lookup', 'device-types', api_endpoint='https://netbox.desu.ltd', token=netbox_token) %}
# Type: {{ type.value.display }}
define hostgroup {
hostgroup_name device-type-{{ type.value.slug }}
alias {{ type.value.display }}
}
{% endfor %}
# Inventory Hosts and related services
{% for host in groups['tags_nagios'] %}
{% set vars = hostvars[host] %}
define host {
use ansible-linux-server
host_name {{ host }}
alias {{ host }}
address {{ vars.ansible_host }}
hostgroups ansible{% for tag in vars.tags %},tag-{{ tag }}{% endfor %}{% for role in vars.device_roles %},role-{{ role }}{% endfor %}{% if vars.device_types is defined %}{% for type in vars.device_types %},device-type-{{ type }}{% endfor %}{% endif %}
contact_groups ansible
}
{% for service in vars.services %}
{% for tag in service.tags %}
{# #}
{% if tag.slug == "nagios-checkmatrix" %}
{% for port in service.ports %}
define service {
use ansible-generic-service
service_description Matrix Synapse - {{ service.name }} - {{ port }}
check_command check_http!--ssl -H {{ service.name }} -u https://{{ service.name }}/health -s OK -p {{ port }} -f sticky
host_name {{ host }}
contact_groups ansible
}
{% endfor %}
{% endif %}
{# #}
{% if tag.slug == "nagios-checkminecraft" %}
{% for port in service.ports %}
define service {
use ansible-generic-service
service_description Minecraft - {{ service.name }} - {{ port }}
check_command check_by_ssh!/usr/local/bin/monitoring-scripts/check_minecraft -H {{ host }} -p {{ port }} -m "{{ service.description }}" -f -w 3 -c 5
host_name {{ host }}
contact_groups ansible
}
{% endfor %}
{% endif %}
{# #}
{% if tag.slug == "nagios-checkhttp" %}
{% for port in service.ports %}
define service {
use ansible-generic-service
service_description HTTP - {{ service.name }} - {{ port }}
check_command check_http!-H {{ service.name }} -p {{ port }} -f sticky
host_name {{ host }}
contact_groups ansible
}
{% endfor %}
{% endif %}
{# #}
{% if tag.slug == "nagios-checkhttps" %}
{% for port in service.ports %}
define service {
use ansible-generic-service
service_description HTTPS - {{ service.name }} - {{ port }}
check_command check_http!--ssl -H {{ service.name }} -p {{ port }} -f sticky
host_name {{ host }}
contact_groups ansible
}
{% endfor %}
{% endif %}
{# #}
{% if tag.slug == "nagios-checktcp" %}
{% for port in service.ports %}
define service {
use ansible-generic-service
service_description TCP {{ service.name }} - {{ port }}
check_command check_tcp!{{ port }}
host_name {{ host }}
contact_groups ansible
}
{% endfor %}
{% endif %}
{# #}
{% endfor %}
{% endfor %}
{% endfor %}