Fichiers de configuration pour monit

darcs-hash:20080210160447-ffbb2-8583759ed3c260bd81802fb1af5be9bab7a93ed1.gz
2008-02-10 17:04:47 +01:00 · 2008-02-10 17:04:47 +01:00 · c6dcf60124
commit c6dcf60124
parent 8c112e0428
5 changed files with 393 additions and 0 deletions
--- a/Cfg/etc/monit/gen_disques/gen_disques
+++ b/Cfg/etc/monit/gen_disques/gen_disques
@ -0,0 +1,75 @@
+#! /usr/bin/env python
+# -*- coding:iso-8859-15 -*-
+#
+# Fichier gere par BCfg2 (plugin Cfg)
+#
+# A ne modifier que sur vert
+
+
+import commands, sys, sre
+hostname = commands.getoutput("hostname").split('.')[0]
+
+# on ne monitore pas les disques de canard
+if hostname in ['canard'] :
+    sys.exit(0)
+    
+config = ''
+fstab = open("/etc/fstab")
+
+for line in fstab.readlines() :
+    # on supprime les espaces
+    line = line.strip().replace('\t',' ')
+    
+    # on saute les lignes inintérassantes
+    if not line :
+        continue
+    if line[0] == "#" :
+        continue
+
+    # on découpe la ligne
+    line = sre.split(' *',line)
+        
+    # on saute si c'est une partition non montée au démarrage
+    if "noauto" in line[3].split(",") :
+        continue
+    
+    # on saute si c'est une partition bind
+    if "bind" in line[3].split(",") :
+        continue
+    
+    # on saute les système pas intéressants
+    if line[2] in ['swap','proc','tmpfs'] :
+        continue
+    
+    # on saute le nfs
+    if ':' in line[0] :
+        continue
+    
+    # on ajoute les lignes de configuration générale
+    config += '# partition %s\n' % line[1]
+    config += 'check device fs%s with path %s\n' % (line[1], line[0])
+        
+    config += '  if failed permission 660 then alert\n'
+    config += '  if failed uid root then alert\n'
+    config += '  if failed gid disk then alert\n'
+            
+    # place sur les disques
+    if (hostname,line[1]) in [('sila','/var/spool/squid1'),('sila','/var/spool/squid2')] :
+        pass
+    elif (hostname,line[1]) in [('egon','/pubftp')] :
+        config += '  if space usage > 95% then alert\n'
+    elif (hostname,line[1]) in [('sila','/var/log/squid'),('sila','/pubftp')] :
+        config += '  if space usage > 92% then alert\n'
+    elif line[1] in ('/usr', '/var/lib/mailman', '/localhome'):
+	config += '  if space usage > 90% then alert\n'
+    else :
+        config += '  if space usage > 80% then alert\n'
+        
+    # inodes pour les disques
+    if line[2] != 'reiserfs' :
+        config += '  if inode usage > 80% then alert\n'
+            
+    config += '  mode passive\n'
+    config += '\n'
+
+print config
--- a/Cfg/etc/monit/gen_disques/info.xml
+++ b/Cfg/etc/monit/gen_disques/info.xml
@ -0,0 +1,3 @@
+<FileInfo>
+    <Info owner='root' group='root' perms='0755' encoding='base64'/>
+</FileInfo>
--- a/Cfg/etc/monit/monitrc/info.xml
+++ b/Cfg/etc/monit/monitrc/info.xml
@ -0,0 +1,3 @@
+<FileInfo>
+    <Info owner='root' group='root' perms='0600'/>
+</FileInfo>
--- a/Cfg/etc/monit/monitrc/monitrc
+++ b/Cfg/etc/monit/monitrc/monitrc
@ -0,0 +1,24 @@
+# Fichier gere par Bcfg2 (plugin Cfg)
+#
+# A ne modifier que sur vert
+
+set daemon 60
+
+set mailserver localhost, smtp.crans.org
+
+set alert roots@crans.org { uid gid size nonexist data icmp invalid exec timeout resource checksum timestamp connection permission }
+
+set httpd port 2812
+  use address localhost
+  allow localhost
+  allow crans:crans read-only
+
+set mail-format {
+from: roots@crans.org
+subject: Monit $HOST - $SERVICE : $EVENT
+message: Monit $ACTION $SERVICE at $DATE on $HOST.
+
+}
+
+include /etc/monit/disques
+include /etc/monit/services
--- a/Python/etc/monit/services
+++ b/Python/etc/monit/services
@ -0,0 +1,288 @@
+# -*- encoding: utf-8 -*-
+# -*- mode: python -*-
+
+info["owner"] = "root"
+info["group"] = "root"
+info["perms"] = 0644
+
+header()
+
+if has("apache"):
+    @# Apache2
+    @check process apache2 with pidfile /var/run/apache2.pid
+    @    start program = "/etc/init.d/apache2 start"
+    @    stop  program = "/etc/init.d/apache2 stop"
+    if has("http-server"):
+        @    if failed host localhost port 80 protocol http timeout 30 seconds then restart
+    if has("intranet-server"):
+        @    if failed host intranet.crans.org port 443 type tcpssl protocol http timeout 30 seconds then restart
+    if has("https-server"):
+        @    if failed host localhost port 443 type tcpssl protocol http timeout 30 seconds then restart
+    @    if cpu is greater than 60% for 2 cycles then alert
+    @    if cpu > 80% for 5 cycles then restart
+    @    if totalmem > 500.0 MB for 5 cycles then restart
+    @    if children > 250 then restart
+    @    if loadavg(5min) greater than 10 for 8 cycles then restart
+    @    if 3 restarts within 5 cycles then timeout
+    @
+
+@# at
+@check process at with pidfile /var/run/atd.pid
+@    start program = "/etc/init.d/atd start"
+@    stop  program = "/etc/init.d/atd stop"
+@    if 5 restarts within 5 cycles then timeout
+@
+
+if has("cherrypy"):
+    @# intranet (CherryPy)
+    @check process intranet with pidfile /var/run/intranet.pid
+    @    start program = "/etc/init.d/intranet start"
+    @    stop  program = "/etc/init.d/intranet stop"
+    @    if 5 restarts within 5 cycles then timeout
+    @
+
+if has("backuppc-server"):
+    @# backuppc
+    @check process backuppc with pidfile /var/run/backuppc/BackupPC.pid
+    @    start program = "/etc/init.d/backuppc start"
+    @    stop  program = "/etc/init.d/backuppc stop"
+    @    if 5 restarts within 5 cycles then timeout
+    @
+
+if has("bind"):
+    @# Bind 9
+    @check process bind with pidfile /var/run/bind/run/named.pid
+    @    start program = "/etc/init.d/bind9 start"
+    @    stop  program = "/etc/init.d/bind9 stop"
+    @    if 5 restarts within 5 cycles then timeout
+    @
+
+if has("cups"):
+    @# cups
+    @check process cups with pidfile /var/run/cups/cupsd.pid
+    @    start program = "/etc/init.d/cupsys start"
+    @    stop  program = "/etc/init.d/cupsys stop"
+    @    if 5 restarts within 5 cycles then timeout
+    @
+
+@# cron
+@check process cron with pidfile /var/run/crond.pid
+@    start program = "/etc/init.d/cron start"
+@    stop  program = "/etc/init.d/cron stop"
+@    if 5 restarts within 5 cycles then timeout
+@
+
+if has("firewall"):
+    @# netacct
+    @check process netacct with pidfile /var/run/nacctd.pid
+    @    start program = "/etc/init.d/net-acct start"
+    @    stop  program = "/etc/init.d/net-acct stop"
+    @    if 5 restarts within 5 cycles then timeout
+    @
+    @# filtrage netacct
+    @check process filtrage_netacct with pidfile /var/run/filtrage_netacct.pid
+    @    start program = "/etc/init.d/filtrage_netacct start"
+    @    stop  program = "/etc/init.d/filtrage_netacct stop"
+    @    if 5 restarts within 5 cycles then timeout
+    @
+    @# filtrage firewall
+    @check process filtrage_firewall with pidfile /var/run/filtrage_firewall.pid
+    @    start program = "/etc/init.d/filtrage_firewall start"
+    @    stop  program = "/etc/init.d/filtrage_firewall stop"
+    @    if 5 restarts within 5 cycles then timeout
+    @
+
+if has("dhcp-detect"):
+    @# dhcp-detect
+    @check process dhcp-detect with pidfile /var/run/dhcp-detect.pid
+    @    start program = "/etc/init.d/dhcp-detect start"
+    @    stop  program = "/etc/init.d/dhcp-detect stop"
+    @    if 5 restarts within 5 cycles then timeout
+    @
+
+if has("freeradius"):
+    @# freeradius
+    @check process freeradius with pidfile /var/run/freeradius/freeradius.pid
+    @    start program = "/etc/init.d/freeradius start"
+    @    stop  program = "/etc/init.d/freeradius stop"
+    @    if 5 restarts within 5 cycles then timeout
+    @
+
+if has("inn"):
+    @# inn
+    @check process inn with pidfile /var/run/news/innd.pid
+    @    start program = "/etc/init.d/inn2 start"
+    @    stop  program = "/etc/init.d/inn2 stop"
+    @    if 5 restarts within 5 cycles then timeout
+    @
+
+if has("mailman"):
+    @# mailman
+    @check process mailman with pidfile /var/run/mailman/mailman.pid
+    @    start program = "/etc/init.d/mailman start"
+    @    stop  program = "/etc/init.d/mailman stop"
+    @    if 5 restarts within 5 cycles then timeout
+    @
+
+if has("monit-ovh"):
+    @# monit-ovh
+    @check process monit-ovh with pidfile /var/run/monit-ovh.pid
+    @    start program = "/etc/init.d/monit-ovh start"
+    @    stop  program = "/etc/init.d/monit-ovh stop"
+    @    if 5 restarts within 5 cycles then timeout
+    @
+
+@# munin-node
+@check process munin-node with pidfile /var/run/munin/munin-node.pid
+@    start program = "/etc/init.d/munin-node start"
+@    stop  program = "/etc/init.d/munin-node stop"
+@    if 5 restarts within 5 cycles then timeout
+@
+
+if has("mysql"):
+    @# mysql
+    @check process mysql with pidfile /var/run/mysqld/mysqld.pid
+    @  start program = "/etc/init.d/mysql start"
+    @  stop  program = "/etc/init.d/mysql stop"
+    @  if 5 restarts within 5 cycles then timeout
+    @
+
+@# nscd
+@check process nscd with pidfile /var/run/nscd/nscd.pid
+@  start program = "/etc/init.d/nscd start"
+@  stop  program = "/etc/init.d/nscd stop"
+@  if 5 restarts within 5 cycles then timeout
+@  if failed unixsocket /var/run/nscd/socket then restart
+@
+
+if has("openvpn-ovh"):
+    @# openvpn ovh
+    @check process openvpn with pidfile /var/run/openvpn.ovh.pid
+    @    start program = "/etc/init.d/openvpn start ovh"
+    @    stop  program = "/etc/init.d/openvpn stop ovh"
+    @    if 5 restarts within 5 cycles then timeout
+    @
+
+if has("openvpn-komaz"):
+    @# openvpn komaz
+    @check process openvpn-komaz with pidfile /var/run/openvpn.komaz.pid
+    @    start program = "/etc/init.d/openvpn start komaz"
+    @    stop  program = "/etc/init.d/openvpn stop komaz"
+    @    if 5 restarts within 5 cycles then timeout
+    @
+
+if has("openvpn-freebox"):
+    @# openvpn freebox
+    @check process openvpn-freebox with pidfile /var/run/openvpn.freebox.pid
+    @    start program = "/etc/init.d/openvpn start freebox"
+    @    stop  program = "/etc/init.d/openvpn stop freebox"
+    @    depends on openvpn-komaz
+    @    if 5 restarts within 5 cycles then timeout
+    @
+
+@# postfix
+@check process postfix with pidfile /var/spool/postfix/pid/master.pid
+@    start program = "/etc/init.d/postfix start"
+@    stop  program = "/etc/init.d/postfix stop"
+@    if failed port 25 protocol smtp timeout 30 seconds then restart
+@    if 5 restarts within 5 cycles then timeout
+@
+
+if has("pgsql-sqlgrey") or has("pgsql"):
+    @# postgresql
+    @check process postgresql with pidfile /var/lib/postgres/data/postmaster.pid
+    @    start program = "/etc/init.d/postgresql-7.4 start"
+    @    stop  program = "/etc/init.d/postgresql-7.4 stop"
+    @    if failed port 5432 timeout 30 seconds then restart
+    @    if 5 restarts within 5 cycles then timeout
+    @
+
+if has("privoxy"):
+    @# privoxy
+    @check process privoxy with pidfile /var/run/privoxy.pid
+    @    start program = "/etc/init.d/privoxy start"
+    @    stop  program = "/etc/init.d/privoxy stop"
+    @    if failed host localhost port 8117 timeout 30 seconds then restart
+    @    if 5 restarts within 5 cycles then timeout
+    @
+
+if has("proftpd"):
+    @# proftpd
+    @check process proftpd with pidfile /var/run/proftpd.pid
+    @    start program = "/etc/init.d/proftpd start"
+    @    stop  program = "/etc/init.d/proftpd stop"
+    @    if failed port 21 protocol ftp timeout 30 seconds then restart
+    @    if 5 restarts within 5 cycles then timeout
+    @
+
+if has("rsync"):
+    @# rsync
+    @check process rsync with pidfile /var/run/rsync.pid
+    @    start program = "/etc/init.d/rsync start"
+    @    stop  program = "/etc/init.d/rsync stop"
+    @    if 5 restarts within 5 cycles then timeout
+    @
+
+if has("slapd"):
+    @# slapd
+    @check process slapd with pidfile /var/run/slapd/slapd.pid
+    @    start program = "/etc/init.d/slapd start"
+    @    stop  program = "/etc/init.d/slapd stop"
+    @    if failed host localhost port 389 protocol ldap3 timeout 30 seconds then r>
+    @    if 5 restarts within 5 cycles then timeout
+    @
+
+if has("spamassassin"):
+    @# spamd
+    @check process spamd with pidfile /var/run/spamd.pid
+    @    start program = "/etc/init.d/spamassassin start"
+    @    stop  program = "/etc/init.d/spamassassin stop"
+    @    if 5 restarts within 5 cycles then timeout
+    @
+
+if has("sqlgrey"):
+    @# sqlgrey
+    @check process sqlgrey with pidfile /var/run/sqlgrey.pid
+    @    start program = "/etc/init.d/sqlgrey start"
+    @    stop  program = "/etc/init.d/sqlgrey stop"
+    @    if 5 restarts within 5 cycles then timeout
+    @
+
+@# ssh
+@check process ssh with pidfile /var/run/sshd.pid
+@    start program = "/etc/init.d/ssh start"
+@    stop  program = "/etc/init.d/ssh stop"
+@    if failed port 22 protocol ssh timeout 30 seconds then restart
+@    if children > 200 then restart
+@    if 5 restarts within 5 cycles then timeout
+@
+
+@# syslog-ng
+@check process syslog-ng with pidfile /var/run/syslog-ng.pid
+@    start program = "/etc/init.d/syslog-ng start"
+@    stop  program = "/etc/init.d/syslog-ng stop"
+@    if 5 restarts within 5 cycles then timeout
+@    depend on file/var/log/syslog
+@
+@check file file/var/log/syslog with path /var/log/syslog
+@    if timestamp > 15 minutes then alert
+@
+
+if has("vsftpd"):
+    @# vsftpd
+    @check process vsftpd with pidfile /var/run/vsftpd/vsftpd.pid
+    @    start program = "/etc/init.d/vsftpd start"
+    @    stop  program = "/etc/init.d/vsftpd stop"
+    @    if failed host 138.231.136.10 port 21 protocol ftp timeout 30 seconds then restart
+    @    if 5 restarts within 5 cycles then timeout
+    @
+
+if has("vsftpd-federez"):
+    @# vsftpd-federez
+    @check process vsftpd-federez with pidfile /var/run/vsftpd/vsftpd-federez.pid
+    @    start program = "/etc/init.d/vsftpd-federez start"
+    @    stop  program = "/etc/init.d/vsftpd-federez stop"
+    @    if failed host 138.231.136.129 port 21 protocol ftp timeout 30 seconds then restart
+    @    if 5 restarts within 5 cycles then timeout
+    @
+