First attempt to setup Matrix notifications

- define Matrix notification commands
- define time periods and CAcert admin user group
- define notification origins
- add beholder host checks on both infra02sat and infra03sat

global-templates/commands.conf

@@ -310,3 +310,152 @@ object CheckCommand "pgsql_socket" {
 object CheckCommand "custom_systemd" {
   command = [ PluginContribDir + "/check_systemd" ]
 }
+
+/* Notification Commands
+ *
+ * Please check the documentation for all required and
+ * optional parameters.
+ */
+
+object NotificationCommand "matrix-host-notification" {
+  import "plugin-notification-command"
+
+  command = [ PluginDir + "/matrix-host-notification" ]
+
+  arguments += {
+    "-4" = "$notification_address$"
+    "-6" = "$notification_address6$"
+    "-b" = "$notification_author$"
+    "-c" = "$notification_comment$"
+    "-d" = {
+      required = true
+      value = "$notification_date$"
+    }
+    "-i" = "$notification_icingaweb2url$"
+    "-l" = {
+      required = true
+      value = "$notification_hostname$"
+    }
+    "-m" = {
+      required = true
+      value = "$notification_matrix_room_id$"
+    }
+    "-n" = {
+      required = true
+      value = "$notification_hostdisplayname$"
+    }
+    "-o" = {
+      required = true
+      value = "$notification_hostoutput$"
+    }
+    "-s" = {
+      required = true
+      value = "$notification_hoststate$"
+    }
+    "-t" = {
+      required = true
+      value = "$notification_type$"
+    }
+    "-x" = {
+      required = true
+      value = "$notification_matrix_server$"
+    }
+    "-y" = {
+      required = true
+      value = "$notification_matrix_token$"
+    }
+  }
+
+  vars.notification_address = "$address$"
+  vars.notification_address6 = "$address6$"
+  vars.notification_author = "$notification.author$"
+  vars.notification_comment = "$notification.comment$"
+  vars.notification_date = "$icinga.long_date_time$"
+  vars.notification_hostdisplayname = "$host.display_name$"
+  vars.notification_hostname = "$host.name$"
+  vars.notification_hostoutput = "$host.output$"
+  vars.notification_hoststate = "$host.state$"
+  vars.notification_type = "$notification.type$"
+  vars.notification_icingaweb2url = Icingaweb2URL
+  vars.notification_matrix_server = MatrixBotServer
+  vars.notification_matrix_token = MatrixBotToken
+  vars.notification_matrix_room_id = "$user.vars.matrix_room_id$"
+}
+
+object NotificationCommand "matrix-service-notification" {
+  import "plugin-notification-command"
+
+  command = [ PluginDir + "/matrix-service-notification" ]
+
+  arguments += {
+    "-4" = {
+      required = true
+      value = "$notification_address$"
+    }
+    "-6" = "$notification_address6$"
+    "-b" = "$notification_author$"
+    "-c" = "$notification_comment$"
+    "-d" = {
+      required = true
+      value = "$notification_date$"
+    }
+    "-e" = {
+      required = true
+      value = "$notification_servicename$"
+    }
+    "-i" = "$notification_icingaweb2url$"
+    "-l" = {
+      required = true
+      value = "$notification_hostname$"
+    }
+    "-m" = {
+      required = true
+      value = "$notification_matrix_room_id$"
+    }
+    "-n" = {
+      required = true
+      value = "$notification_hostdisplayname$"
+    }
+    "-o" = {
+      required = true
+      value = "$notification_serviceoutput$"
+    }
+    "-s" = {
+      required = true
+      value = "$notification_servicestate$"
+    }
+    "-t" = {
+      required = true
+      value = "$notification_type$"
+    }
+    "-u" = {
+      required = true
+      value = "$notification_servicedisplayname$"
+    }
+    "-x" = {
+      required = true
+      value = "$notification_matrix_server$"
+    }
+    "-y" = {
+      required = true
+      value = "$notification_matrix_token$"
+    }
+  }
+
+  vars.notification_address = "$address$"
+  vars.notification_address6 = "$address6$"
+  vars.notification_author = "$notification.author$"
+  vars.notification_comment = "$notification.comment$"
+  vars.notification_date = "$icinga.long_date_time$"
+  vars.notification_hostdisplayname = "$host.display_name$"
+  vars.notification_hostname = "$host.name$"
+  vars.notification_servicedisplayname = "$service.display_name$"
+  vars.notification_servicename = "$service.name$"
+  vars.notification_serviceoutput = "$service.output$"
+  vars.notification_servicestate = "$service.state$"
+  vars.notification_type = "$notification.type$"
+  vars.notification_icingaweb2url = Icingaweb2URL
+  vars.notification_matrix_server = MatrixBotServer
+  vars.notification_matrix_token = MatrixBotToken
+  vars.notification_matrix_room_id = "$user.vars.matrix_room_id$"
+}

global-templates/host-templates.conf

@@ -14,6 +14,8 @@ template Host "generic-host" {
   retry_interval = 30s
 
   check_command = "hostalive"
+
+  vars.notification.from = "master"
 }
 
 template Host "linux-host" {

global-templates/notifications.conf

@@ -0,0 +1,48 @@
+/*
+ * vim: ft=icinga2 ts=2 sw=2 et si ai
+ * Notification templates
+ */
+
+/**
+ * Provides default settings for host notifications.
+ * By convention all host notifications should import
+ * this template.
+ */
+template Notification "matrix-host-notification" {
+  command = "matrix-host-notification"
+
+  states = [ Up, Down ]
+  types = [ Problem, Acknowledgement, Recovery, Custom,
+            FlappingStart, FlappingEnd,
+            DowntimeStart, DowntimeEnd, DowntimeRemoved ]
+
+  vars += {
+    // notification_icingaweb2url = "https://www.example.com/icingaweb2"
+    // notification_from = "Icinga 2 Host Monitoring <icinga@example.com>"
+    notification_logtosyslog = false
+  }
+
+  period = "24x7"
+}
+
+/**
+ * Provides default settings for service notifications.
+ * By convention all service notifications should import
+ * this template.
+ */
+template Notification "matrix-service-notification" {
+  command = "matrix-service-notification"
+
+  states = [ OK, Warning, Critical, Unknown ]
+  types = [ Problem, Acknowledgement, Recovery, Custom,
+            FlappingStart, FlappingEnd,
+            DowntimeStart, DowntimeEnd, DowntimeRemoved ]
+
+  vars += {
+    // notification_icingaweb2url = "https://www.example.com/icingaweb2"
+    // notification_from = "Icinga 2 Service Monitoring <icinga@example.com>"
+    notification_logtosyslog = false
+  }
+
+  period = "24x7"
+}

global-templates/time-periods.conf

@@ -0,0 +1,41 @@
+/*
+ * vim: ft=icinga2
+ *
+ * Global time period definitions
+ */
+
+object TimePeriod "24x7" {
+  import "legacy-timeperiod"
+
+  display_name = "Icinga 2 24x7 TimePeriod"
+  ranges = {
+    "monday" 	= "00:00-24:00"
+    "tuesday" 	= "00:00-24:00"
+    "wednesday" = "00:00-24:00"
+    "thursday" 	= "00:00-24:00"
+    "friday" 	= "00:00-24:00"
+    "saturday" 	= "00:00-24:00"
+    "sunday" 	= "00:00-24:00"
+  }
+}
+
+object TimePeriod "9to5" {
+  import "legacy-timeperiod"
+
+  display_name = "Icinga 2 9to5 TimePeriod"
+  ranges = {
+    "monday" 	= "09:00-17:00"
+    "tuesday" 	= "09:00-17:00"
+    "wednesday" = "09:00-17:00"
+    "thursday" 	= "09:00-17:00"
+    "friday" 	= "09:00-17:00"
+  }
+}
+
+object TimePeriod "never" {
+  import "legacy-timeperiod"
+
+  display_name = "Icinga 2 never TimePeriod"
+  ranges = {
+  }
+}

global-templates/users.conf

@@ -0,0 +1,22 @@
+/*
+ * vim: ft=icinga2
+ *
+ * User configuration.
+ */
+
+template User "generic-user" {
+}
+
+object User "cacert-admins" {
+  import "generic-user"
+
+  display_name = "CAcert Administrators"
+  groups = [ "cacert-admins" ]
+
+  email = "critical-admin@cacert.org"
+  vars.matrix_room_id = MatrixMonitoringRoom
+}
+
+object UserGroup "cacert-admins" {
+  display_name = "CAcert Administrators"
+}

infra02sat.infra.cacert.org/hosts.conf

@@ -17,3 +17,15 @@ object Host "infra02sat.infra.cacert.org" {
     ssl_cert_file = "/var/lib/puppet/ssl/certs/ca.pem"
   }
 }
+
+object Host "beholder.cacert.org" {
+  import "generic-host"o
+  display_name = "beholder from infra02sat"
+
+  groups += [ "monitoring" ]
+
+  address = "49.13.65.97"
+  address6 = "2a01:4f8:c17:7495::1"
+
+  vars.notification.from == "infra02sat"
+}

infra02sat.infra.cacert.org/notifications.conf

@@ -0,0 +1,19 @@
+/*
+ * vim: ft=icinga2 ts=2 sw=2 et si ai
+ */
+apply Notification "matrix-admins" to Host {
+  import "matrix-host-notification"
+
+  user_groups = [ "cacert-admins" ]
+
+  assign where host.vars.notification.from == "infra02sat"
+}
+
+apply Notification "matrix-admin" to Service {
+  import "matrix-service-notification"
+
+  user_groups = [ "cacert-admins" ]
+
+  assign where host.vars.notification.from == "infra02sat"
+}
+

infra03sat.infra.cacert.org/hosts.conf

@@ -17,3 +17,15 @@ object Host "infra03sat.infra.cacert.org" {
     ssl_cert_file = "/var/lib/puppet/ssl/certs/ca.pem"
   }
 }
+
+object Host "beholder.cacert.org" {
+  import "generic-host"o
+  display_name = "beholder from infra03sat"
+
+  groups += [ "monitoring" ]
+
+  address = "49.13.65.97"
+  address6 = "2a01:4f8:c17:7495::1"
+
+  vars.notification.from == "infra03sat"
+}

infra03sat.infra.cacert.org/notifications.conf

@@ -0,0 +1,19 @@
+/*
+ * vim: ft=icinga2 ts=2 sw=2 et si ai
+ */
+apply Notification "matrix-admins" to Host {
+  import "matrix-host-notification"
+
+  user_groups = [ "cacert-admins" ]
+
+  assign where host.vars.notification.from == "infra03sat"
+}
+
+apply Notification "matrix-admin" to Service {
+  import "matrix-service-notification"
+
+  user_groups = [ "cacert-admins" ]
+
+  assign where host.vars.notification.from == "infra03sat"
+}
+

master/notifications.conf

@@ -0,0 +1,18 @@
+/*
+ * vim: ft=icinga2 ts=2 sw=2 et si ai
+ */
+apply Notification "matrix-admins" to Host {
+  import "matrix-host-notification"
+
+  user_groups = [ "cacert-admins" ]
+
+  assign where host.vars.notification.from == "master"
+}
+
+apply Notification "matrix-admin" to Service {
+  import "matrix-service-notification"
+
+  user_groups = [ "cacert-admins" ]
+
+  assign where host.vars.notification.from == "master"
+}