commit 6cfa38ce7d5bae41e32f50c82efafa98c3ba34f4 · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

nagios: significant upgrades

- Upgrade Nagios Core to 4.x
- Expose mainConfigFile and cgiConfigFile in module for finer
configuration control.
- Upgrade Plugins to 2.x
- Remove default objectDefs, which users probably want to customize.
- Systemd-ify Nagios module and simplify directory structure
- Upgrade Nagios package with more modern patch, and ensure the
statedir is set to /var/lib/nagios

Signed-off-by: Austin Seipp <aseipp@pobox.com>

Austin Seipp 11 years ago 6cfa38ce b8ede68b

+128 -215

11 changed files

expand all

unified split

nixos

modules

module-list.nix

services

monitoring

nagios

commands.cfg

host-templates.cfg

service-templates.cfg

timeperiods.cfg

nagios.nix

pkgs

servers

monitoring

nagios

default.nix

nagios.patch

plugins

official

default.nix

official-2.x.nix

top-level

all-packages.nix

+1 -1

nixos/modules/module-list.nix

··· 160 160 ./services/monitoring/graphite.nix 161 161 ./services/monitoring/monit.nix 162 162 ./services/monitoring/munin.nix 163 - ./services/monitoring/nagios/default.nix 163 + ./services/monitoring/nagios.nix 164 164 ./services/monitoring/smartd.nix 165 165 ./services/monitoring/statsd.nix 166 166 ./services/monitoring/systemhealth.nix

-34

nixos/modules/services/monitoring/nagios/commands.cfg

··· 1 - define command { 2 - command_name host-notify-by-email 3 - command_line printf "%b" "To: $CONTACTEMAIL$\nSubject: [Nagios] Host $HOSTSTATE$ alert for $HOSTNAME$\n\n***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\nHost: $HOSTNAME$\nState: $HOSTSTATE$\nAddress: $HOSTADDRESS$\nInfo: $HOSTOUTPUT$\n\nDate/Time: $LONGDATETIME$\n" | sendmail $CONTACTEMAIL$ 4 - } 5 - 6 - 7 - define command { 8 - command_name notify-by-email 9 - command_line printf "%b" "To: $CONTACTEMAIL$\nSubject: [Nagios] $NOTIFICATIONTYPE$ alert - $HOSTALIAS$/$SERVICEDESC$ is $SERVICESTATE$\n\n***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\nService: $SERVICEDESC$\nHost: $HOSTALIAS$\nAddress: $HOSTADDRESS$\nState: $SERVICESTATE$\n\nDate/Time: $LONGDATETIME$\n\nAdditional Info:\n\n$SERVICEOUTPUT$" | sendmail $CONTACTEMAIL$ 10 - } 11 - 12 - 13 - define command { 14 - command_name dummy-ok 15 - command_line true 16 - } 17 - 18 - 19 - define command { 20 - command_name check-host-alive 21 - command_line check_ping -H $HOSTADDRESS$ -w 3000.0,80% -c 5000.0,100% -p 1 22 - } 23 - 24 - 25 - define command { 26 - command_name check_local_disk 27 - command_line check_disk -w $ARG1$ -c $ARG2$ -p $ARG3$ 28 - } 29 - 30 - 31 - define command { 32 - command_name check_ssh 33 - command_line check_ssh $HOSTADDRESS$ 34 - }

+58 -60

nixos/modules/services/monitoring/nagios/default.nix nixos/modules/services/monitoring/nagios.nix

··· 4 4 with lib; 5 5 6 6 let 7 - 8 7 cfg = config.services.nagios; 9 - 10 - nagiosUser = "nagios"; 11 - nagiosGroup = "nogroup"; 12 8 13 9 nagiosState = "/var/lib/nagios"; 14 10 nagiosLogDir = "/var/log/nagios"; 15 11 16 - nagiosObjectDefs = 17 - [ ./timeperiods.cfg 18 - ./host-templates.cfg 19 - ./service-templates.cfg 20 - ./commands.cfg 21 - ] ++ cfg.objectDefs; 12 + nagiosObjectDefs = cfg.objectDefs; 22 13 23 14 nagiosObjectDefsDir = pkgs.runCommand "nagios-objects" {inherit nagiosObjectDefs;} 24 15 "ensureDir $out; ln -s $nagiosObjectDefs $out/"; ··· 30 21 log_archive_path=${nagiosLogDir}/archive 31 22 status_file=${nagiosState}/status.dat 32 23 object_cache_file=${nagiosState}/objects.cache 33 - comment_file=${nagiosState}/comment.dat 34 - downtime_file=${nagiosState}/downtime.dat 35 24 temp_file=${nagiosState}/nagios.tmp 36 25 lock_file=/var/run/nagios.lock # Not used I think. 37 26 state_retention_file=${nagiosState}/retention.dat 27 + query_socket=${nagiosState}/nagios.qh 28 + check_result_path=${nagiosState} 29 + command_file=${nagiosState}/nagios.cmd 38 30 39 31 # Configuration files. 40 32 #resource_file=resource.cfg 41 33 cfg_dir=${nagiosObjectDefsDir} 42 34 43 35 # Uid/gid that the daemon runs under. 44 - nagios_user=${nagiosUser} 45 - nagios_group=${nagiosGroup} 36 + nagios_user=nagios 37 + nagios_group=nogroup 46 38 47 39 # Misc. options. 48 40 illegal_macro_output_chars=`~$&|'"<> ··· 53 45 # authentication. 54 46 nagiosCGICfgFile = pkgs.writeText "nagios.cgi.conf" 55 47 '' 56 - main_config_file=${nagiosCfgFile} 48 + main_config_file=${cfg.mainConfigFile} 57 49 use_authentication=0 58 - url_html_path=/nagios 50 + url_html_path=${cfg.urlPath} 59 51 ''; 60 52 61 - urlPath = cfg.urlPath; 62 - 63 53 extraHttpdConfig = 64 54 '' 65 - ScriptAlias ${urlPath}/cgi-bin ${pkgs.nagios}/sbin 55 + ScriptAlias ${cfg.urlPath}/cgi-bin ${pkgs.nagios}/sbin 66 56 67 57 <Directory "${pkgs.nagios}/sbin"> 68 58 Options ExecCGI 69 59 AllowOverride None 70 60 Order allow,deny 71 61 Allow from all 72 - SetEnv NAGIOS_CGI_CONFIG ${nagiosCGICfgFile} 62 + SetEnv NAGIOS_CGI_CONFIG ${cfg.cgiConfigFile} 73 63 </Directory> 74 64 75 - Alias ${urlPath} ${pkgs.nagios}/share 65 + Alias ${cfg.urlPath} ${pkgs.nagios}/share 76 66 77 67 <Directory "${pkgs.nagios}/share"> 78 68 Options None ··· 83 73 ''; 84 74 85 75 in 86 - 87 76 { 88 - ###### interface 89 - 90 77 options = { 91 - 92 78 services.nagios = { 93 - 94 79 enable = mkOption { 95 80 default = false; 96 81 description = " ··· 116 101 "; 117 102 }; 118 103 104 + mainConfigFile = mkOption { 105 + default = nagiosCfgFile; 106 + description = " 107 + Derivation for the main configuration file of Nagios. 108 + "; 109 + }; 110 + 111 + cgiConfigFile = mkOption { 112 + default = nagiosCGICfgFile; 113 + description = " 114 + Derivation for the configuration file of Nagios CGI scripts 115 + that can be used in web servers for running the Nagios web interface. 116 + "; 117 + }; 118 + 119 119 enableWebInterface = mkOption { 120 120 default = false; 121 121 description = " ··· 132 132 <literal>http://<replaceable>server</replaceable>/<replaceable>urlPath</replaceable></literal>. 133 133 "; 134 134 }; 135 - 136 135 }; 137 - 138 136 }; 139 137 140 - 141 - ###### implementation 142 138 143 139 config = mkIf cfg.enable { 144 - 145 - users.extraUsers = singleton 146 - { name = nagiosUser; 147 - uid = config.ids.uids.nagios; 148 - description = "Nagios monitoring daemon"; 149 - home = nagiosState; 150 - }; 140 + users.extraUsers.nagios = { 141 + description = "Nagios user "; 142 + uid = config.ids.uids.nagios; 143 + home = nagiosState; 144 + createHome = true; 145 + }; 151 146 152 147 # This isn't needed, it's just so that the user can type "nagiostats 153 148 # -c /etc/nagios.cfg". 154 - environment.etc = singleton 155 - { source = nagiosCfgFile; 149 + environment.etc = [ 150 + { source = cfg.mainConfigFile; 156 151 target = "nagios.cfg"; 157 - }; 152 + } 153 + ]; 158 154 159 155 environment.systemPackages = [ pkgs.nagios ]; 156 + systemd.services.nagios = { 157 + description = "Nagios monitoring daemon"; 158 + path = [ pkgs.nagios ]; 159 + wantedBy = [ "multi-user.target" ]; 160 + after = [ "network-interfaces.target" ]; 160 161 161 - jobs.nagios = 162 - { description = "Nagios monitoring daemon"; 162 + serviceConfig = { 163 + User = "nagios"; 164 + Restart = "always"; 165 + RestartSec = 2; 166 + PermissionsStartOnly = true; 167 + }; 163 168 164 - startOn = "started network-interfaces"; 165 - stopOn = "stopping network-interfaces"; 169 + preStart = '' 170 + mkdir -m 0755 -p ${nagiosState} ${nagiosLogDir} 171 + chown nagios ${nagiosState} ${nagiosLogDir} 172 + ''; 166 173 167 - preStart = 168 - '' 169 - mkdir -m 0755 -p ${nagiosState} ${nagiosLogDir} 170 - chown ${nagiosUser} ${nagiosState} ${nagiosLogDir} 171 - ''; 172 - 173 - script = 174 - '' 175 - for i in ${toString config.services.nagios.plugins}; do 176 - export PATH=$i/bin:$i/sbin:$i/libexec:$PATH 177 - done 178 - exec ${pkgs.nagios}/bin/nagios ${nagiosCfgFile} 179 - ''; 180 - }; 174 + script = '' 175 + for i in ${toString cfg.plugins}; do 176 + export PATH=$i/bin:$i/sbin:$i/libexec:$PATH 177 + done 178 + exec ${pkgs.nagios}/bin/nagios ${cfg.mainConfigFile} 179 + ''; 180 + }; 181 181 182 182 services.httpd.extraConfig = optionalString cfg.enableWebInterface extraHttpdConfig; 183 - 184 183 }; 185 - 186 184 }

-27

nixos/modules/services/monitoring/nagios/host-templates.cfg

··· 1 - define host { 2 - name generic-host 3 - notifications_enabled 1 4 - event_handler_enabled 1 5 - flap_detection_enabled 1 6 - failure_prediction_enabled 1 7 - process_perf_data 1 8 - retain_status_information 1 9 - retain_nonstatus_information 1 10 - notification_period 24x7 11 - register 0 12 - } 13 - 14 - 15 - define host { 16 - name generic-server 17 - use generic-host 18 - check_period 24x7 19 - max_check_attempts 10 20 - check_command check-host-alive 21 - notification_period 24x7 22 - notification_interval 120 23 - notification_options d,u,r 24 - contact_groups admins 25 - register 0 26 - #check_interval 1 27 - }

-32

nixos/modules/services/monitoring/nagios/service-templates.cfg

··· 1 - define service { 2 - name generic-service 3 - active_checks_enabled 1 4 - passive_checks_enabled 1 5 - parallelize_check 1 6 - obsess_over_service 1 7 - check_freshness 0 8 - notifications_enabled 1 9 - event_handler_enabled 1 10 - flap_detection_enabled 1 11 - failure_prediction_enabled 1 12 - process_perf_data 1 13 - retain_status_information 1 14 - retain_nonstatus_information 1 15 - is_volatile 0 16 - register 0 17 - } 18 - 19 - 20 - define service { 21 - name local-service 22 - use generic-service 23 - check_period 24x7 24 - max_check_attempts 4 25 - normal_check_interval 5 26 - retry_check_interval 1 27 - contact_groups admins 28 - notification_options w,u,c,r 29 - notification_interval 0 # notify only once 30 - notification_period 24x7 31 - register 0 32 - }

-11

nixos/modules/services/monitoring/nagios/timeperiods.cfg

··· 1 - define timeperiod { 2 - timeperiod_name 24x7 3 - alias 24 Hours A Day, 7 Days A Week 4 - sunday 00:00-24:00 5 - monday 00:00-24:00 6 - tuesday 00:00-24:00 7 - wednesday 00:00-24:00 8 - thursday 00:00-24:00 9 - friday 00:00-24:00 10 - saturday 00:00-24:00 11 - }

+17 -10

pkgs/servers/monitoring/nagios/default.nix

··· 1 - { stdenv, fetchurl, perl, gdSupport ? false 2 - , gd ? null, libpng ? null, zlib ? null 3 - }: 1 + { stdenv, fetchurl, perl, php, gd, libpng, zlib }: 4 2 5 3 stdenv.mkDerivation { 6 - name = "nagios-2.10"; 4 + name = "nagios-4.0.7"; 7 5 8 6 src = fetchurl { 9 - url = mirror://sourceforge/nagios/nagios-2.10.tar.gz; 10 - md5 = "8c3a29e138f2ff8c8abbd3dd8a40c4b6"; 7 + url = mirror://sourceforge/nagios/nagios-4.x/nagios-4.0.7/nagios-4.0.7.tar.gz; 8 + sha256 = "1687qnbsag84r57y9745g2klypacfixd6gkzaj42lmzn0v8y27gg"; 11 9 }; 12 10 13 - patches = [./nagios.patch]; 14 - buildInputs = [perl] ++ (if gdSupport then [gd libpng zlib] else []); 11 + patches = [ ./nagios.patch ]; 12 + buildInputs = [ php perl gd libpng zlib ]; 13 + 14 + configureFlags = [ "--localstatedir=/var/lib/nagios" ]; 15 15 buildFlags = "all"; 16 + 17 + # Do not create /var directories 18 + preInstall = '' 19 + substituteInPlace Makefile --replace '$(MAKE) install-basic' "" 20 + ''; 16 21 installTargets = "install install-config"; 17 22 18 23 meta = { 19 24 description = "A host, service and network monitoring program"; 20 - homepage = http://www.nagios.org/; 21 - license = "GPL"; 25 + homepage = http://www.nagios.org/; 26 + license = stdenv.lib.licenses.gpl2; 27 + platforms = stdenv.lib.platforms.linux; 28 + maintainers = with stdenv.lib.maintainers; [ thoughtpolice relrod ]; 22 29 }; 23 30 }

+14 -4

pkgs/servers/monitoring/nagios/nagios.patch

··· 1 - diff -ruN nagios-2.6/configure nagios-2.6.new/configure 2 - --- nagios-2.6/configure 2006-11-28 03:29:04.000000000 +0100 3 - +++ nagios-2.6.new/configure 2006-12-28 01:22:56.000000000 +0100 4 - @@ -4810,7 +4810,8 @@ 1 + diff -ruN nagios-4.0.7.orig/configure nagios-4.0.7/configure 2 + --- nagios-4.0.7.orig/configure 2014-06-03 10:41:42.000000000 -0400 3 + +++ nagios-4.0.7/configure 2014-06-12 00:30:17.516468583 -0400 4 + @@ -6014,7 +6014,8 @@ 5 5 #define DEFAULT_NAGIOS_GROUP "$nagios_grp" 6 6 _ACEOF 7 7 ··· 11 11 12 12 13 13 14 + @@ -6035,7 +6036,8 @@ 15 + 16 + 17 + 18 + -COMMAND_OPTS="-o $command_user -g $command_grp" 19 + +#COMMAND_OPTS="-o $command_user -g $command_grp" 20 + +COMMAND_OPTS="" 21 + 22 + 23 + MAIL_PROG=no

+36

pkgs/servers/monitoring/nagios/plugins/official-2.x.nix

··· 1 + { stdenv, fetchurl, openssh }: 2 + 3 + stdenv.mkDerivation rec { 4 + name = "nagios-plugins-${version}"; 5 + version = "2.0"; 6 + 7 + src = fetchurl { 8 + url = "http://nagios-plugins.org/download/${name}.tar.gz"; 9 + sha256 = "113nv9jqpbqpdjqilqbj1iyshxyvcmq8w94bq5ajz4dxi9j8045s"; 10 + }; 11 + 12 + # !!! Awful hack. Grrr... this of course only works on NixOS. 13 + # Anyway the check that configure performs to figure out the ping 14 + # syntax is totally impure, because it runs an actual ping to 15 + # localhost (which won't work for ping6 if IPv6 support isn't 16 + # configured on the build machine). 17 + preConfigure= " 18 + configureFlagsArray=( 19 + --with-ping-command='/var/setuid-wrappers/ping -n -U -w %d -c %d %s' 20 + --with-ping6-command='/var/setuid-wrappers/ping6 -n -U -w %d -c %d %s' 21 + ) 22 + "; 23 + 24 + postInstall = "ln -s libexec $out/bin"; 25 + 26 + # !!! make openssh a runtime dependency only 27 + buildInputs = [ openssh ]; 28 + 29 + meta = { 30 + description = "Official plugins for Nagios"; 31 + homepage = http://www.nagios.org/download/plugins; 32 + license = stdenv.lib.licenses.gpl2; 33 + platforms = stdenv.lib.platforms.linux; 34 + maintainers = with stdenv.lib.maintainers; [ thoughtpolice relrod ]; 35 + }; 36 + }

-32

pkgs/servers/monitoring/nagios/plugins/official/default.nix

··· 1 - {stdenv, fetchurl, openssh}: 2 - 3 - stdenv.mkDerivation { 4 - name = "nagios-plugins-1.4.10"; 5 - 6 - src = fetchurl { 7 - url = https://www.monitoring-plugins.org/download/nagios-plugins-1.4.10.tar.gz; 8 - sha256 = "0vm7sjiygxbfc5vbsi1g0dakpvynfzi86fhqx4yxd61brn0g8ghr"; 9 - }; 10 - 11 - # !!! Awful hack. Grrr... this of course only works on NixOS. 12 - # Anyway the check that configure performs to figure out the ping 13 - # syntax is totally impure, because it runs an actual ping to 14 - # localhost (which won't work for ping6 if IPv6 support isn't 15 - # configured on the build machine). 16 - preConfigure= " 17 - configureFlagsArray=( 18 - --with-ping-command='/var/setuid-wrappers/ping -n -U -w %d -c %d %s' 19 - --with-ping6-command='/var/setuid-wrappers/ping6 -n -U -w %d -c %d %s' 20 - ) 21 - "; 22 - 23 - postInstall = "ln -s libexec $out/bin"; 24 - 25 - buildInputs = [openssh]; # !!! make openssh a runtime dependency only 26 - 27 - meta = { 28 - description = "Plugins for Nagios"; 29 - homepage = http://www.monitoring-plugins.org; 30 - license = "GPL"; 31 - }; 32 - }

+2 -4

pkgs/top-level/all-packages.nix

··· 6756 6756 6757 6757 mysql_jdbc = callPackage ../servers/sql/mysql/jdbc { }; 6758 6758 6759 - nagios = callPackage ../servers/monitoring/nagios { 6760 - gdSupport = true; 6761 - }; 6759 + nagios = callPackage ../servers/monitoring/nagios { }; 6762 6760 6763 6761 munin = callPackage ../servers/monitoring/munin { }; 6764 6762 6765 - nagiosPluginsOfficial = callPackage ../servers/monitoring/nagios/plugins/official { }; 6763 + nagiosPluginsOfficial = callPackage ../servers/monitoring/nagios/plugins/official-2.x.nix { }; 6766 6764 6767 6765 net_snmp = callPackage ../servers/monitoring/net-snmp { }; 6768 6766