icinga-zones/master/hosts.conf

// vim: set ft=icinga2 et sw=2 ts=2 si ai:
object Host "beholder" {
  import "debian-host"
  import "postfix-host"

  groups += [ "monitoring" ]

  address = "127.0.0.1"
  address6 = "::1"

  vars.is_container = false
  vars.debian_release = 12

  vars.disks["/boot/efi"] = {
    disk_partitions = "/boot/efi"
  }

  vars.http_vhosts["http redirect v4"] = {
    http_uri = "/"
    http_address = "49.13.65.97"
    http_vhost = "beholder.cacert.org"
    http_headerstring = "Location: https://beholder.cacert.org/"
    http_ipv4 = true
  }
  vars.http_vhosts["http redirect v6"] = {
    http_uri = "/"
    http_address = "2a01:4f8:c17:7495::1"
    http_vhost = "beholder.cacert.org"
    http_headerstring = "Location: https://beholder.cacert.org/"
    http_ipv6 = true
  }
  vars.http_vhosts["carbon.localhost v4"] = {
    http_uri = "/graphite/"
    http_vhost = "carbon.localhost"
    http_string = "Graphite"
    http_ipv4 = true
  }
  vars.http_vhosts["carbon.localhost v6"] = {
    http_uri = "/graphite/"
    http_vhost = "carbon.localhost"
    http_string = "Graphite"
    http_ipv6 = true
  }
  vars.http_vhosts["graphite v4"] = {
    http_uri = "/graphite/"
    http_address = "49.13.65.97"
    http_vhost = "beholder.cacert.org"
    http_string = "Graphite"
    http_ssl = true
    http_sni = true
    http_clientcert = "/etc/ssl/public/beholder-client.crt.pem"
    http_privatekey = "/etc/ssl/private/beholder-client.key.pem"
    http_ipv4 = true
  }
  vars.http_vhosts["graphite v6"] = {
    http_uri = "/graphite/"
    http_address = "2a01:4f8:c17:7495::1"
    http_vhost = "beholder.cacert.org"
    http_string = "Graphite"
    http_ssl = true
    http_sni = true
    http_clientcert = "/etc/ssl/public/beholder-client.crt.pem"
    http_privatekey = "/etc/ssl/private/beholder-client.key.pem"
    http_ipv6 = true
  }
  vars.http_vhosts["icingaweb2 v4"] = {
    http_uri = "/icingaweb2/dashboard"
    http_address = "49.13.65.97"
    http_vhost = "beholder.cacert.org"
    http_string = "Dashboard :: Icinga Web"
    http_ssl = true
    http_sni = true
    http_clientcert = "/etc/ssl/public/beholder-client.crt.pem"
    http_privatekey = "/etc/ssl/private/beholder-client.key.pem"
    http_ipv4 = true
  }
  vars.http_vhosts["icingaweb2 v6"] = {
    http_uri = "/icingaweb2/dashboard"
    http_address = "2a01:4f8:c17:7495::1"
    http_vhost = "beholder.cacert.org"
    http_string = "Dashboard :: Icinga Web"
    http_ssl = true
    http_sni = true
    http_clientcert = "/etc/ssl/public/beholder-client.crt.pem"
    http_privatekey = "/etc/ssl/private/beholder-client.key.pem"
    http_ipv6 = true
  }

  vars.procs["apache2"] = {
    procs_command = "apache2"
    procs_critical = "1:50"
  }
  vars.procs["carbon-cache"] = {
    procs_command = "carbon-cache"
    procs_critical = "1:2"
  }
  vars.procs["incrond"] = {
    procs_command = "incrond"
    procs_critical = "1:2"
  }
  vars.procs["icingadb"] = {
    procs_command = "icingadb"
    procs_critical = "1:2"
  }
  vars.procs["postgres"] = {
    procs_command = "postgres"
    procs_critical = "1:50"
  }

  vars.pgsql_dbs["icingadb"] = {
    pgsql_database = "icingadb"
    pgsql_query = "SELECT COUNT(*) FROM host"
  }

  vars.x509_certs["monitoring client"] = {
    ssl_cert_address = "localhost"
    ssl_cert_file = "/etc/ssl/public/beholder-client.crt.pem"
    ssl_cert_ignore_sct = true
    ssl_cert_warn = 30
  }
  vars.x509_certs["beholder.cacert.org"] = {
    ssl_cert_address = "beholder.cacert.org"
    ssl_cert_sni = "beholder.cacert.org"
    ssl_cert_clientcert = "/etc/ssl/public/beholder-client.crt.pem"
    ssl_cert_clientkey = "/etc/ssl/private/beholder-client.key.pem"
  }

  vars.ca_certs["Icinga master"] = {
    ssl_cert_file = "/var/lib/icinga2/ca/ca.crt"
  }
}