apply Service "ssh" {
  import "generic-service"
  check_command = "ssh"
  assign where host.vars.os in ["FreeBSD","Linux"]
}

apply Service "icinga" {
  import "generic-service"
  check_command = "icinga"
  assign where host.name == NodeName
}

apply Service "dns" {
  import "generic-service"
  check_command = "dns"
  vars.dns_lookup = "$address$"
  vars.dns_server = "$address$"
  vars.dns_wtime = ResponseTimeWarn
  vars.dns_ctime = ResponseTimeCrit
  assign where "idm-servers" in host.groups
}

apply Service "ldap" {
  import "generic-service"
  check_command = "ldap"
  vars.ldap_port = 389
  vars.ldap_warning = ResponseTimeWarn
  vars.ldap_critical = ResponseTimeCrit
  vars.ldap_v2 = false
  vars.ldap_v3 = true
  vars.ldap_starttls = true
  vars.ldap_bind = IcingaDN
  vars.ldap_pass = IcingaPassword
  vars.ldap_base = HostsBaseDn
  vars.ldap_attr = "(cn=" + NodeName + ")"
  assign where "idm-servers" in host.groups
}

apply Service "ldaps" {
  import "generic-service"
  check_command = "ldap"
  vars.ldap_port = 636
  vars.ldap_warning = ResponseTimeWarn
  vars.ldap_critical = ResponseTimeCrit
  vars.ldap_v2 = false
  vars.ldap_v3 = true
  vars.ldap_ssl = true
  vars.ldap_bind = IcingaDN
  vars.ldap_pass = IcingaPassword
  vars.ldap_base = HostsBaseDn
  vars.ldap_attr = "(cn=" + NodeName + ")"
  assign where "idm-servers" in host.groups
}

apply Service "imap" {
  import "generic-service"
  check_command = "imap"
  vars.imap_port = 993
  vars.imap_ssl = true
  vars.imap_certificate_age = CertDaysWarn
  vars.imap_warning = ResponseTimeWarn
  vars.imap_critical = ResponseTimeCrit
  assign where "imap-servers" in host.groups
}

apply Service "smtp" {
  import "generic-service"
  check_command = "smtp"
  vars.smtp_port = 25
  vars.smtp_certificate_age = CertDaysWarn
  vars.smtp_starttls = true
  vars.smtp_warning = ResponseTimeWarn
  vars.smtp_critical = ResponseTimeCrit
  assign where "smtp-servers" in host.groups
}

apply Service "submission" {
  import "generic-service"
  check_command = "smtp"
  vars.smtp_port = 587
  vars.smtp_certificate_age = CertDaysWarn
  vars.smtp_starttls = true
  vars.smtp_warning = ResponseTimeWarn
  vars.smtp_critical = ResponseTimeCrit
  assign where "smtp-servers" in host.groups
}

apply Service "postgres" {
  import "generic-service"
  check_command = "pgsql"
  vars.pgsql_warning = ResponseTimeWarn
  vars.pgsql_critical = ResponseTimeCrit
  vars.pgsql_username = IcingaUsername
  vars.pgsql_password = IcingaPassword
  assign where "postgresql-servers" in host.groups
}

// Expect HTTP 200
apply Service "http" {
  import "generic-service"
  check_command = "http"
  vars.http_vhost = "$address$"
  vars.http_expect = "HTTP/1.1 200 OK"
  vars.http_ssl = false
  vars.http_warn_time = ResponseTimeWarn
  vars.http_critical_time = ResponseTimeCrit
  assign where ("cups-servers"      in host.groups
             || "pkg-repositories"  in host.groups)
}

// Expect HTTP 301
apply Service "http" {
  import "generic-service"
  check_command = "http"
  vars.http_vhost = "$address$"
  vars.http_expect = "HTTP/1.1 301 Moved Permanently"
  vars.http_ssl = false
  vars.http_warn_time = ResponseTimeWarn
  vars.http_critical_time = ResponseTimeCrit
  assign where ("dav-servers"       in host.groups
             || "smtp-servers"      in host.groups
             || "ttrss-servers"     in host.groups
             || "invidious-servers" in host.groups
             || "nfs-servers"       in host.groups
             || "pkg-servers"       in host.groups
             || "unifi-controllers" in host.groups
             || "web-servers"       in host.groups
             || "xmpp-servers"      in host.groups
             || "znc-servers"       in host.groups)
}

// Expect HTTPS 401
apply Service "https" {
  import "generic-service"
  check_command = "http"
  vars.http_vhost = "$address$"
  vars.http_expect = "HTTP/1.1 401 Unauthorized"
  vars.http_ssl = true
  vars.http_certificate = CertDaysWarn + "," + CertDaysCrit
  vars.http_warn_time = ResponseTimeWarn
  vars.http_critical_time = ResponseTimeCrit
  assign where ("dav-servers"   in host.groups
             || "cups-servers"  in host.groups
             || "smtp-servers"  in host.groups
             || "ttrss-servers" in host.groups)
}

// Expect HTTPS 200
apply Service "https" {
  import "generic-service"
  check_command = "http"
  vars.http_vhost = "$address$"
  vars.http_expect = "HTTP/1.1 200 OK"
  vars.http_ssl = true
  vars.http_certificate = CertDaysWarn + "," + CertDaysCrit
  vars.http_warn_time = ResponseTimeWarn
  vars.http_critical_time = ResponseTimeCrit
  assign where ("invidious-servers" in host.groups
             || "nfs-servers"       in host.groups
             || "pkg-servers"       in host.groups
             || "unifi-controllers" in host.groups
             || "web-servers"       in host.groups
             || "xmpp-servers"      in host.groups
             || "znc-servers"       in host.groups)
}