aboutsummaryrefslogtreecommitdiff
path: root/files/usr/local/etc/icinga2/conf.d/services.conf.icinga_server
diff options
context:
space:
mode:
Diffstat (limited to 'files/usr/local/etc/icinga2/conf.d/services.conf.icinga_server')
-rw-r--r--files/usr/local/etc/icinga2/conf.d/services.conf.icinga_server165
1 files changed, 165 insertions, 0 deletions
diff --git a/files/usr/local/etc/icinga2/conf.d/services.conf.icinga_server b/files/usr/local/etc/icinga2/conf.d/services.conf.icinga_server
new file mode 100644
index 0000000..5b00864
--- /dev/null
+++ b/files/usr/local/etc/icinga2/conf.d/services.conf.icinga_server
@@ -0,0 +1,165 @@
+apply Service "ssh" {
+ import "generic-service"
+ check_command = "ssh"
+ assign where host.vars.os in ["FreeBSD","Linux"]
+}
+
+apply Service "icinga" {
+ import "generic-service"
+ check_command = "icinga"
+ assign where host.name == NodeName
+}
+
+apply Service "dns" {
+ import "generic-service"
+ check_command = "dns"
+ vars.dns_lookup = "$address$"
+ vars.dns_server = "$address$"
+ vars.dns_wtime = ResponseTimeWarn
+ vars.dns_ctime = ResponseTimeCrit
+ assign where "idm-servers" in host.groups
+}
+
+apply Service "ldap" {
+ import "generic-service"
+ check_command = "ldap"
+ vars.ldap_port = 389
+ vars.ldap_warning = ResponseTimeWarn
+ vars.ldap_critical = ResponseTimeCrit
+ vars.ldap_v2 = false
+ vars.ldap_v3 = true
+ vars.ldap_starttls = true
+ vars.ldap_bind = IcingaDN
+ vars.ldap_pass = IcingaPassword
+ vars.ldap_base = HostsBaseDn
+ vars.ldap_attr = "(cn=" + NodeName + ")"
+ assign where "idm-servers" in host.groups
+}
+
+apply Service "ldaps" {
+ import "generic-service"
+ check_command = "ldap"
+ vars.ldap_port = 636
+ vars.ldap_warning = ResponseTimeWarn
+ vars.ldap_critical = ResponseTimeCrit
+ vars.ldap_v2 = false
+ vars.ldap_v3 = true
+ vars.ldap_ssl = true
+ vars.ldap_bind = IcingaDN
+ vars.ldap_pass = IcingaPassword
+ vars.ldap_base = HostsBaseDn
+ vars.ldap_attr = "(cn=" + NodeName + ")"
+ assign where "idm-servers" in host.groups
+}
+
+apply Service "imap" {
+ import "generic-service"
+ check_command = "imap"
+ vars.imap_port = 993
+ vars.imap_ssl = true
+ vars.imap_certificate_age = CertDaysWarn
+ vars.imap_warning = ResponseTimeWarn
+ vars.imap_critical = ResponseTimeCrit
+ assign where "imap-servers" in host.groups
+}
+
+apply Service "smtp" {
+ import "generic-service"
+ check_command = "smtp"
+ vars.smtp_port = 25
+ vars.smtp_certificate_age = CertDaysWarn
+ vars.smtp_starttls = true
+ vars.smtp_warning = ResponseTimeWarn
+ vars.smtp_critical = ResponseTimeCrit
+ assign where "smtp-servers" in host.groups
+}
+
+apply Service "submission" {
+ import "generic-service"
+ check_command = "smtp"
+ vars.smtp_port = 587
+ vars.smtp_certificate_age = CertDaysWarn
+ vars.smtp_starttls = true
+ vars.smtp_warning = ResponseTimeWarn
+ vars.smtp_critical = ResponseTimeCrit
+ assign where "smtp-servers" in host.groups
+}
+
+apply Service "postgres" {
+ import "generic-service"
+ check_command = "pgsql"
+ vars.pgsql_warning = ResponseTimeWarn
+ vars.pgsql_critical = ResponseTimeCrit
+ vars.pgsql_username = IcingaUsername
+ vars.pgsql_password = IcingaPassword
+ assign where "postgresql-servers" in host.groups
+}
+
+// Expect HTTP 200
+apply Service "http" {
+ import "generic-service"
+ check_command = "http"
+ vars.http_vhost = "$address$"
+ vars.http_expect = "HTTP/1.1 200 OK"
+ vars.http_ssl = false
+ vars.http_warn_time = ResponseTimeWarn
+ vars.http_critical_time = ResponseTimeCrit
+ assign where ("cups-servers" in host.groups
+ || "pkg-repositories" in host.groups)
+}
+
+// Expect HTTP 301
+apply Service "http" {
+ import "generic-service"
+ check_command = "http"
+ vars.http_vhost = "$address$"
+ vars.http_expect = "HTTP/1.1 301 Moved Permanently"
+ vars.http_ssl = false
+ vars.http_warn_time = ResponseTimeWarn
+ vars.http_critical_time = ResponseTimeCrit
+ assign where ("dav-servers" in host.groups
+ || "smtp-servers" in host.groups
+ || "ttrss-servers" in host.groups
+ || "invidious-servers" in host.groups
+ || "nfs-servers" in host.groups
+ || "pkg-servers" in host.groups
+ || "unifi-controllers" in host.groups
+ || "web-servers" in host.groups
+ || "xmpp-servers" in host.groups
+ || "znc-servers" in host.groups)
+}
+
+// Expect HTTPS 401
+apply Service "https" {
+ import "generic-service"
+ check_command = "http"
+ vars.http_vhost = "$address$"
+ vars.http_expect = "HTTP/1.1 401 Unauthorized"
+ vars.http_ssl = true
+ vars.http_certificate = CertDaysWarn + "," + CertDaysCrit
+ vars.http_warn_time = ResponseTimeWarn
+ vars.http_critical_time = ResponseTimeCrit
+ assign where ("dav-servers" in host.groups
+ || "cups-servers" in host.groups
+ || "smtp-servers" in host.groups
+ || "ttrss-servers" in host.groups)
+}
+
+// Expect HTTPS 200
+apply Service "https" {
+ import "generic-service"
+ check_command = "http"
+ vars.http_vhost = "$address$"
+ vars.http_expect = "HTTP/1.1 200 OK"
+ vars.http_ssl = true
+ vars.http_certificate = CertDaysWarn + "," + CertDaysCrit
+ vars.http_warn_time = ResponseTimeWarn
+ vars.http_critical_time = ResponseTimeCrit
+ assign where ("invidious-servers" in host.groups
+ || "nfs-servers" in host.groups
+ || "pkg-servers" in host.groups
+ || "unifi-controllers" in host.groups
+ || "web-servers" in host.groups
+ || "xmpp-servers" in host.groups
+ || "znc-servers" in host.groups)
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-28 11:10:47 -0500