Newer
Older
###############################################################################
###############################################################################
#
# HOST DEFINITION
#
###############################################################################
###############################################################################
# Define a host for the local machine
{% for host in groups['all'] | sort %}
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
{% if host != inventory_hostname %}
define host{
use linux-server
host_name {{ host }}
alias {{ host }}
address {{ hostvars[host].ansible_host }}
}
{% endif %}
{% endfor %}
define host{
use linux-server
host_name {{ inventory_hostname }}
alias {{ inventory_hostname }}
address 192.168.239.1
}
###############################################################################
###############################################################################
#
# HOST GROUP DEFINITION
#
###############################################################################
###############################################################################
# Define an optional hostgroup for Linux machines
define hostgroup{
hostgroup_name servers_no_docker
alias Serveurs Sans Docker
members {{ groups['all'] | difference(groups['docker']) | map('extract', hostvars, ['inventory_hostname']) | sort | join(',') }}
}
define hostgroup{
hostgroup_name servers_docker_internet_access
alias Serveurs Dockers avec accès à Internet
members {{ groups['docker_direct_internet_access'] | map('extract', hostvars, ['inventory_hostname']) | sort | join(',') }}
}
define hostgroup{
hostgroup_name servers_docker_no_internet_access
alias Serveurs Dockers sans accès à Internet
members {{ groups['docker_restrict_internet_access'] | map('extract', hostvars, ['inventory_hostname']) | sort | join(',') }}
}
###############################################################################
###############################################################################
#
# SERVICE DEFINITIONS
#
###############################################################################
###############################################################################
# Define a service to check the Linux version
define service{
use generic-service
host_name {{ groups['all'] | map('extract', hostvars, ['inventory_hostname']) | sort | join(',') }}
service_description Linux Version
check_command check_nrpe!check_version
}
# Define a service to check the Linux packages to be installed
define service{
use generic-service
host_name {{ groups['full_maintenance'] | map('extract', hostvars, ['inventory_hostname']) | sort | join(',') }}
service_description Packages to install
check_command check_nrpe!check_apt
notifications_enabled 0
}
# Define a service to check the disk space of the root partition
# on the local machine.
define service{
use generic-service,graphed-service
host_name {{ groups['all'] | map('extract', hostvars, ['inventory_hostname']) | sort | join(',') }}
service_description Espace Disque
check_command check_nrpe!check_hda1
}
{% for host in groups['all'] | sort %}
{% if hostvars[host].raid_config is defined %}
{% for device in hostvars[host].raid_config.devices %}
define service{
use generic-service
host_name {{ host }}
service_description RAID device {{ device }}
check_command check_nrpe!check_raid_{{ device }}
}
{% endfor %}
{% endif %}
{% endfor %}
define service{
use daily-service,everytime-notification
host_name {{ groups['backup_server'] | map('extract', hostvars, ['inventory_hostname']) | sort | join(',') }}
service_description Backup Odoo Dockers
check_command check_nrpe!check_odoo_storage
}
define service{
use daily-service,everytime-notification
host_name {{ groups['backup_server'] | map('extract', hostvars, ['inventory_hostname']) | sort | join(',') }}
service_description Backup2 Odoo Dockers
check_command check_nrpe!check_odoo2_storage
}
define service{
use daily-service,everytime-notification,graphed-service
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
host_name {{ groups['backup_server'] | map('extract', hostvars, ['inventory_hostname']) | sort | join(',') }}
service_description Backup Cloud Files
check_command check_nrpe!check_cloud_storage
}
# Define a service to check the number of currently logged in
# users on the local machine.
define service{
use generic-service,graphed-service
host_name {{ groups['all'] | map('extract', hostvars, ['inventory_hostname']) | sort | join(',') }}
service_description Utilisateurs Connectes
check_command check_nrpe!check_users
}
# Define a service to check the number of currently running procs
# on the local machine.
define service{
use generic-service,graphed-service
host_name {{ groups['all'] | map('extract', hostvars, ['inventory_hostname']) | sort | join(',') }}
service_description Services en cours
check_command check_nrpe!check_total_procs
}
# Define services to check for running processes
define service{
use generic-service
host_name {{ groups['odoo_server'] | union(groups['owncloud_server']) | map('extract', hostvars, ['inventory_hostname']) | sort | join(',') }}
service_description Nginx Service
check_command check_nrpe!check_procs_nginx
}
define service{
use generic-service
host_name {{ groups['all'] | map('extract', hostvars, ['inventory_hostname']) | sort | join(',') }}
service_description SSHD Service
check_command check_nrpe!check_procs_sshd
}
{% for host in groups['full_maintenance'] | sort %}
{% if hostvars[host].log_collection %}
define service{
use generic-service
host_name {{ host }}
service_description Filebeat Service
check_command check_nrpe!check_procs_filebeat
}
{% endif %}
{% endfor %}
# Define a service to check the load on the local machine.
define service{
use generic-service,graphed-service
host_name {{ groups['all'] | map('extract', hostvars, ['inventory_hostname']) | sort | join(',') }}
service_description Charge CPU
check_command check_nrpe!check_load
}
# Define a service to check the RAM on the local machine.
define service{
use generic-service,graphed-service
host_name {{ groups['all'] | map('extract', hostvars, ['inventory_hostname']) | sort | join(',') }}
service_description Charge RAM
check_command check_nrpe!check_mem
}
# SSH
define service{
use generic-service
host_name {{ groups['all'] | map('extract', hostvars, ['inventory_hostname']) | sort | join(',') }}
service_description SSH
check_command check_ssh_port!{{ default_sshd_port }}
}
# FAIL2BAN
define service{
use generic-service,graphed-service
host_name {{ groups['full_maintenance'] | map('extract', hostvars, ['inventory_hostname']) | sort | join(',') }}
service_description Fail2ban
check_command check_nrpe!check_fail2ban
}
# Docker Proxy
define service{
use generic-service,graphed-service
host_name {{ groups['docker'] | map('extract', hostvars, ['inventory_hostname']) | sort | join(',') }}
service_description Docker Proxy
check_command check_nrpe!check_docker_proxy
}
# Docker LDAP
define service{
use generic-service,graphed-service
host_name {{ groups['docker_auth'] | map('extract', hostvars, ['inventory_hostname']) | sort | join(',') }}
service_description Docker LDAP
check_command check_nrpe!check_docker_ldap
}
# Docker SSO
define service{
use generic-service,graphed-service
host_name {{ groups['docker_auth'] | map('extract', hostvars, ['inventory_hostname']) | sort | join(',') }}
service_description Docker SSO
check_command check_nrpe!check_docker_sso
}
# Docker Cloud
define service{
use generic-service,graphed-service
host_name {{ groups['docker_owncloud'] | union(groups.docker_nextcloud) | map('extract', hostvars, ['inventory_hostname']) | sort | join(',') }}
service_description Docker Cloud
check_command check_nrpe!check_docker_cloud
}
# Docker Draw.io
define service{
use generic-service,graphed-service
host_name {{ groups['docker_drawio'] | map('extract', hostvars, ['inventory_hostname']) | sort | join(',') }}
service_description Docker DrawIo
check_command check_nrpe!check_docker_drawio
}
# Docker Etherpad
define service{
use generic-service,graphed-service
host_name {{ groups['docker_etherpad'] | map('extract', hostvars, ['inventory_hostname']) | sort | join(',') }}
service_description Docker Etherpad
check_command check_nrpe!check_docker_etherpad
}
# Docker Framadate
define service{
use generic-service,graphed-service
host_name {{ groups['docker_framadate'] | map('extract', hostvars, ['inventory_hostname']) | sort | join(',') }}
service_description Docker Framadate
check_command check_nrpe!check_docker_framadate
}
# Docker Jitsi
define service{
use generic-service,graphed-service
host_name {{ groups['docker_jitsi'] | map('extract', hostvars, ['inventory_hostname']) | sort | join(',') }}
service_description Docker Jitsi
check_command check_nrpe!check_docker_jitsi
}
# Docker PrivateBin
define service{
use generic-service,graphed-service
host_name {{ groups['docker_privatebin'] | map('extract', hostvars, ['inventory_hostname']) | sort | join(',') }}
service_description Docker PrivateBin
check_command check_nrpe!check_docker_privatebin
}
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
define service{
use generic-service,graphed-service
host_name {{ groups['gitlab'] | map('extract', hostvars, ['inventory_hostname']) | sort | join(',') }}
service_description GitLab Services
check_command check_nrpe!check_gitlab_services
}
define service{
use generic-service,graphed-service
host_name {{ groups['gitlab'] | map('extract', hostvars, ['inventory_hostname']) | sort | join(',') }}
service_description GitLab Health
check_command check_nrpe!check_gitlab_health
}
# Definition des services HTTP
{% for host in groups['docker_auth'] | sort %}
# {{ host }} Docker Auth
define service{
use generic-service
host_name {{ host }}
service_description PhpLdapAdmin {{ hostvars[host].ldap_url }}
check_command check_https!'{{ hostvars[host].ldap_url }}'!/
}
define service{
use generic-service
host_name {{ host }}
service_description SSO Server {{ hostvars[host].sso_url }}
check_command check_https!'{{ hostvars[host].sso_url }}'!/
}
{% endfor %}
{% for host in groups['docker_odoo'] | sort %}
# {{ host }} Docker Odoo
{% if hostvars[host].restrict_internet_access and hostvars[host].whitelisted_urls is defined %}
# Docker Odoo Whitelists
define service{
use generic-service,graphed-service
host_name {{ host }}
service_description Docker Odoo Whitelists
check_command check_nrpe!check_docker_whitelists
}
{% endif %}
{% if hostvars[host].odoo_prod is defined %}
define service{
use generic-service
host_name {{ host }}
service_description Odoo Server {{ hostvars[host].odoo_prod.url }}
check_command check_https!'{{ hostvars[host].odoo_prod.url }}'!/web/login
}
# Docker Odoo
define service{
use generic-service,graphed-service
host_name {{ host }}
service_description Docker Odoo
check_command check_nrpe!check_docker_odoo
}
{% endif %}
{% for instance in hostvars[host].odoo_nonprod_instances | default([]) %}
define service{
use generic-service
host_name {{ host }}
service_description {{ instance.name }} Server {{ instance['url'] }}
check_command check_https!'{{ instance['url'] }}'!/web/login
}
# Docker Odoo non prod instance
define service{
use generic-service,graphed-service
host_name {{ host }}
service_description Docker {{ instance.name }}
check_command check_nrpe!check_docker_{{ instance.name }}
}
{% endfor %}
{% endfor %}
{% for host in groups['docker_owncloud'] | union(groups['docker_nextcloud']) | sort %}
# {{ host }} Docker Cloud
define service{
use generic-service
host_name {{ host }}
service_description Cloud Server {{ hostvars[host].cloud_url }}
check_command check_https!'{{ hostvars[host].cloud_url }}'!/login
}
{% if hostvars[host].cloud_onlyoffice is defined %}
define service{
use generic-service
host_name {{ host }}
service_description OnlyOffice Server {{ hostvars[host].cloud_onlyoffice_url }}
check_command check_https!'{{ hostvars[host].cloud_onlyoffice_url }}'!/healthcheck
}
{% endif %}
{% endfor %}
{% for host in groups['docker_nagios'] | sort %}
define service{
use daily-service
host_name {{ host }}
service_description Certificate Nagios Server {{ hostvars[host].nagios_url }}
check_command check_certif!'{{ hostvars[host].nagios_url }}'!443
}
{% endfor %}
{% for host in groups['docker_drawio'] | sort %}
# {{ host }} Docker Draw.io
define service{
use generic-service
host_name {{ host }}
service_description Draw.io Server {{ hostvars[host].drawio_url }}
check_command check_https!'{{ hostvars[host].drawio_url }}'!/
}
{% endfor %}
{% for host in groups['docker_etherpad'] | sort %}
# {{ host }} Docker Etherpad
define service{
use generic-service
host_name {{ host }}
service_description Etherpad Server {{ hostvars[host].pad_url }}
check_command check_https!'{{ hostvars[host].pad_url }}'!/
}
{% endfor %}
{% for host in groups['docker_framadate'] | sort %}
# {{ host }} Docker Framadate
define service{
use generic-service
host_name {{ host }}
service_description Framadate Server {{ hostvars[host].date_url }}
check_command check_https!'{{ hostvars[host].date_url }}'!/
}
{% endfor %}
{% for host in groups['gitlab'] | sort %}
# {{ host }} GitLab
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
define service{
use generic-service
host_name {{ host }}
service_description GitLab Server {{ hostvars[host].git_url }}
check_command check_https!'{{ hostvars[host].git_url }}'!/
}
{% endfor %}
{% for host in groups['docker_privatebin'] | sort %}
# {{ host }} Docker PrivateBin
define service{
use generic-service
host_name {{ host }}
service_description PrivateBin Server {{ hostvars[host].privatebin_url }}
check_command check_https!'{{ hostvars[host].privatebin_url }}'!/
}
{% endfor %}
{% for host in groups['odoo_server'] | sort %}
# {{ host }} Odoo
define service{
use generic-service
host_name {{ host }}
service_description Odoo {{ hostvars[host].odoo_url }}
check_command check_https!'{{ hostvars[host].odoo_url }}'!/web/login
}
define service{
use generic-service
host_name {{ host }}
service_description Odoo Service
check_command check_nrpe!check_procs_odoo
}
{% endfor %}
{% for host in groups['owncloud_server'] | sort %}
# {{ host }} Owncloud
define service{
use generic-service
host_name {{ host }}
service_description OwnCloud {{ hostvars[host].cloud_url }}
check_command check_https!'{{ hostvars[host].cloud_url }}'!/index.php/login
}
define service{
use generic-service
host_name {{ host }}
service_description Owncloud Service
check_command check_nrpe!check_procs_owncloud
}
{% endfor %}