From c624514dccf12f0427c9448bcd782678339168f0 Mon Sep 17 00:00:00 2001 From: Jan Dittberner Date: Fri, 27 Sep 2024 10:16:38 +0200 Subject: [PATCH] First attempt to setup Matrix notifications - define Matrix notification commands - define time periods and CAcert admin user group - define notification origins - add beholder host checks on both infra02sat and infra03sat --- global-templates/commands.conf | 149 ++++++++++++++++++ global-templates/host-templates.conf | 2 + global-templates/notifications.conf | 48 ++++++ global-templates/time-periods.conf | 41 +++++ global-templates/users.conf | 22 +++ infra02sat.infra.cacert.org/hosts.conf | 12 ++ .../notifications.conf | 19 +++ infra03sat.infra.cacert.org/hosts.conf | 12 ++ .../notifications.conf | 19 +++ master/notifications.conf | 18 +++ 10 files changed, 342 insertions(+) create mode 100644 global-templates/notifications.conf create mode 100644 global-templates/time-periods.conf create mode 100644 global-templates/users.conf create mode 100644 infra02sat.infra.cacert.org/notifications.conf create mode 100644 infra03sat.infra.cacert.org/notifications.conf create mode 100644 master/notifications.conf diff --git a/global-templates/commands.conf b/global-templates/commands.conf index 343fa94..3ceae9a 100644 --- a/global-templates/commands.conf +++ b/global-templates/commands.conf @@ -310,3 +310,152 @@ object CheckCommand "pgsql_socket" { object CheckCommand "custom_systemd" { command = [ PluginContribDir + "/check_systemd" ] } + +/* Notification Commands + * + * Please check the documentation for all required and + * optional parameters. + */ + +object NotificationCommand "matrix-host-notification" { + import "plugin-notification-command" + + command = [ PluginDir + "/matrix-host-notification" ] + + arguments += { + "-4" = "$notification_address$" + "-6" = "$notification_address6$" + "-b" = "$notification_author$" + "-c" = "$notification_comment$" + "-d" = { + required = true + value = "$notification_date$" + } + "-i" = "$notification_icingaweb2url$" + "-l" = { + required = true + value = "$notification_hostname$" + } + "-m" = { + required = true + value = "$notification_matrix_room_id$" + } + "-n" = { + required = true + value = "$notification_hostdisplayname$" + } + "-o" = { + required = true + value = "$notification_hostoutput$" + } + "-s" = { + required = true + value = "$notification_hoststate$" + } + "-t" = { + required = true + value = "$notification_type$" + } + "-x" = { + required = true + value = "$notification_matrix_server$" + } + "-y" = { + required = true + value = "$notification_matrix_token$" + } + } + + vars.notification_address = "$address$" + vars.notification_address6 = "$address6$" + vars.notification_author = "$notification.author$" + vars.notification_comment = "$notification.comment$" + vars.notification_date = "$icinga.long_date_time$" + vars.notification_hostdisplayname = "$host.display_name$" + vars.notification_hostname = "$host.name$" + vars.notification_hostoutput = "$host.output$" + vars.notification_hoststate = "$host.state$" + vars.notification_type = "$notification.type$" + vars.notification_icingaweb2url = Icingaweb2URL + vars.notification_matrix_server = MatrixBotServer + vars.notification_matrix_token = MatrixBotToken + vars.notification_matrix_room_id = "$user.vars.matrix_room_id$" +} + +object NotificationCommand "matrix-service-notification" { + import "plugin-notification-command" + + command = [ PluginDir + "/matrix-service-notification" ] + + arguments += { + "-4" = { + required = true + value = "$notification_address$" + } + "-6" = "$notification_address6$" + "-b" = "$notification_author$" + "-c" = "$notification_comment$" + "-d" = { + required = true + value = "$notification_date$" + } + "-e" = { + required = true + value = "$notification_servicename$" + } + "-i" = "$notification_icingaweb2url$" + "-l" = { + required = true + value = "$notification_hostname$" + } + "-m" = { + required = true + value = "$notification_matrix_room_id$" + } + "-n" = { + required = true + value = "$notification_hostdisplayname$" + } + "-o" = { + required = true + value = "$notification_serviceoutput$" + } + "-s" = { + required = true + value = "$notification_servicestate$" + } + "-t" = { + required = true + value = "$notification_type$" + } + "-u" = { + required = true + value = "$notification_servicedisplayname$" + } + "-x" = { + required = true + value = "$notification_matrix_server$" + } + "-y" = { + required = true + value = "$notification_matrix_token$" + } + } + + vars.notification_address = "$address$" + vars.notification_address6 = "$address6$" + vars.notification_author = "$notification.author$" + vars.notification_comment = "$notification.comment$" + vars.notification_date = "$icinga.long_date_time$" + vars.notification_hostdisplayname = "$host.display_name$" + vars.notification_hostname = "$host.name$" + vars.notification_servicedisplayname = "$service.display_name$" + vars.notification_servicename = "$service.name$" + vars.notification_serviceoutput = "$service.output$" + vars.notification_servicestate = "$service.state$" + vars.notification_type = "$notification.type$" + vars.notification_icingaweb2url = Icingaweb2URL + vars.notification_matrix_server = MatrixBotServer + vars.notification_matrix_token = MatrixBotToken + vars.notification_matrix_room_id = "$user.vars.matrix_room_id$" +} diff --git a/global-templates/host-templates.conf b/global-templates/host-templates.conf index 17d69ab..1ae40e2 100644 --- a/global-templates/host-templates.conf +++ b/global-templates/host-templates.conf @@ -14,6 +14,8 @@ template Host "generic-host" { retry_interval = 30s check_command = "hostalive" + + vars.notification.from = "master" } template Host "linux-host" { diff --git a/global-templates/notifications.conf b/global-templates/notifications.conf new file mode 100644 index 0000000..284f9ae --- /dev/null +++ b/global-templates/notifications.conf @@ -0,0 +1,48 @@ +/* + * vim: ft=icinga2 ts=2 sw=2 et si ai + * Notification templates + */ + +/** + * Provides default settings for host notifications. + * By convention all host notifications should import + * this template. + */ +template Notification "matrix-host-notification" { + command = "matrix-host-notification" + + states = [ Up, Down ] + types = [ Problem, Acknowledgement, Recovery, Custom, + FlappingStart, FlappingEnd, + DowntimeStart, DowntimeEnd, DowntimeRemoved ] + + vars += { + // notification_icingaweb2url = "https://www.example.com/icingaweb2" + // notification_from = "Icinga 2 Host Monitoring " + notification_logtosyslog = false + } + + period = "24x7" +} + +/** + * Provides default settings for service notifications. + * By convention all service notifications should import + * this template. + */ +template Notification "matrix-service-notification" { + command = "matrix-service-notification" + + states = [ OK, Warning, Critical, Unknown ] + types = [ Problem, Acknowledgement, Recovery, Custom, + FlappingStart, FlappingEnd, + DowntimeStart, DowntimeEnd, DowntimeRemoved ] + + vars += { + // notification_icingaweb2url = "https://www.example.com/icingaweb2" + // notification_from = "Icinga 2 Service Monitoring " + notification_logtosyslog = false + } + + period = "24x7" +} diff --git a/global-templates/time-periods.conf b/global-templates/time-periods.conf new file mode 100644 index 0000000..84ff132 --- /dev/null +++ b/global-templates/time-periods.conf @@ -0,0 +1,41 @@ +/* + * vim: ft=icinga2 + * + * Global time period definitions + */ + +object TimePeriod "24x7" { + import "legacy-timeperiod" + + display_name = "Icinga 2 24x7 TimePeriod" + ranges = { + "monday" = "00:00-24:00" + "tuesday" = "00:00-24:00" + "wednesday" = "00:00-24:00" + "thursday" = "00:00-24:00" + "friday" = "00:00-24:00" + "saturday" = "00:00-24:00" + "sunday" = "00:00-24:00" + } +} + +object TimePeriod "9to5" { + import "legacy-timeperiod" + + display_name = "Icinga 2 9to5 TimePeriod" + ranges = { + "monday" = "09:00-17:00" + "tuesday" = "09:00-17:00" + "wednesday" = "09:00-17:00" + "thursday" = "09:00-17:00" + "friday" = "09:00-17:00" + } +} + +object TimePeriod "never" { + import "legacy-timeperiod" + + display_name = "Icinga 2 never TimePeriod" + ranges = { + } +} diff --git a/global-templates/users.conf b/global-templates/users.conf new file mode 100644 index 0000000..21f898c --- /dev/null +++ b/global-templates/users.conf @@ -0,0 +1,22 @@ +/* + * vim: ft=icinga2 + * + * User configuration. + */ + +template User "generic-user" { +} + +object User "cacert-admins" { + import "generic-user" + + display_name = "CAcert Administrators" + groups = [ "cacert-admins" ] + + email = "critical-admin@cacert.org" + vars.matrix_room_id = MatrixMonitoringRoom +} + +object UserGroup "cacert-admins" { + display_name = "CAcert Administrators" +} diff --git a/infra02sat.infra.cacert.org/hosts.conf b/infra02sat.infra.cacert.org/hosts.conf index f2a8100..cf8478f 100644 --- a/infra02sat.infra.cacert.org/hosts.conf +++ b/infra02sat.infra.cacert.org/hosts.conf @@ -17,3 +17,15 @@ object Host "infra02sat.infra.cacert.org" { ssl_cert_file = "/var/lib/puppet/ssl/certs/ca.pem" } } + +object Host "beholder.cacert.org" { + import "generic-host"o + display_name = "beholder from infra02sat" + + groups += [ "monitoring" ] + + address = "49.13.65.97" + address6 = "2a01:4f8:c17:7495::1" + + vars.notification.from == "infra02sat" +} diff --git a/infra02sat.infra.cacert.org/notifications.conf b/infra02sat.infra.cacert.org/notifications.conf new file mode 100644 index 0000000..cf2f232 --- /dev/null +++ b/infra02sat.infra.cacert.org/notifications.conf @@ -0,0 +1,19 @@ +/* + * vim: ft=icinga2 ts=2 sw=2 et si ai + */ +apply Notification "matrix-admins" to Host { + import "matrix-host-notification" + + user_groups = [ "cacert-admins" ] + + assign where host.vars.notification.from == "infra02sat" +} + +apply Notification "matrix-admin" to Service { + import "matrix-service-notification" + + user_groups = [ "cacert-admins" ] + + assign where host.vars.notification.from == "infra02sat" +} + diff --git a/infra03sat.infra.cacert.org/hosts.conf b/infra03sat.infra.cacert.org/hosts.conf index de06fd1..0cb06a9 100644 --- a/infra03sat.infra.cacert.org/hosts.conf +++ b/infra03sat.infra.cacert.org/hosts.conf @@ -17,3 +17,15 @@ object Host "infra03sat.infra.cacert.org" { ssl_cert_file = "/var/lib/puppet/ssl/certs/ca.pem" } } + +object Host "beholder.cacert.org" { + import "generic-host"o + display_name = "beholder from infra03sat" + + groups += [ "monitoring" ] + + address = "49.13.65.97" + address6 = "2a01:4f8:c17:7495::1" + + vars.notification.from == "infra03sat" +} diff --git a/infra03sat.infra.cacert.org/notifications.conf b/infra03sat.infra.cacert.org/notifications.conf new file mode 100644 index 0000000..f6fe964 --- /dev/null +++ b/infra03sat.infra.cacert.org/notifications.conf @@ -0,0 +1,19 @@ +/* + * vim: ft=icinga2 ts=2 sw=2 et si ai + */ +apply Notification "matrix-admins" to Host { + import "matrix-host-notification" + + user_groups = [ "cacert-admins" ] + + assign where host.vars.notification.from == "infra03sat" +} + +apply Notification "matrix-admin" to Service { + import "matrix-service-notification" + + user_groups = [ "cacert-admins" ] + + assign where host.vars.notification.from == "infra03sat" +} + diff --git a/master/notifications.conf b/master/notifications.conf new file mode 100644 index 0000000..0807405 --- /dev/null +++ b/master/notifications.conf @@ -0,0 +1,18 @@ +/* + * vim: ft=icinga2 ts=2 sw=2 et si ai + */ +apply Notification "matrix-admins" to Host { + import "matrix-host-notification" + + user_groups = [ "cacert-admins" ] + + assign where host.vars.notification.from == "master" +} + +apply Notification "matrix-admin" to Service { + import "matrix-service-notification" + + user_groups = [ "cacert-admins" ] + + assign where host.vars.notification.from == "master" +}