cloud-mu 2.1.0beta → 3.0.0beta

data/cookbooks/nagios/recipes/server_package.rb

@@ -1,40 +0,0 @@
-#
-# Author:: Seth Chisamore <schisamo@getchef.com>
-# Author:: Tim Smith <tsmith@chef.io>
-# Cookbook Name:: nagios
-# Recipe:: server_package
-#
-# Copyright 2011-2016, Chef Software, Inc.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-
-case node['platform_family']
-when 'rhel'
-  include_recipe 'yum-epel' if node['nagios']['server']['install_yum-epel']
-when 'debian'
-  # Nagios package requires to enter the admin password
-  # We generate it randomly as it's overwritten later in the config templates
-  random_initial_password = rand(36**16).to_s(36)
-
-  %w(adminpassword adminpassword-repeat).each do |setting|
-    execute "debconf-set-selections::#{node['nagios']['server']['vname']}-cgi::#{node['nagios']['server']['vname']}/#{setting}" do
-      command "echo #{node['nagios']['server']['vname']}-cgi #{node['nagios']['server']['vname']}/#{setting} password #{random_initial_password} | debconf-set-selections"
-      not_if "dpkg -l #{node['nagios']['server']['vname']}"
-    end
-  end
-end
-
-node['nagios']['server']['packages'].each do |pkg|
-  package pkg
-end

data/cookbooks/nagios/recipes/server_source.rb

@@ -1,164 +0,0 @@
-#
-# Author:: Seth Chisamore <schisamo@getchef.com>
-# Author:: Tim Smith <tsmith@chef.io>
-# Cookbook Name:: nagios
-# Recipe:: server_source
-#
-# Copyright 2011-2016, Chef Software, Inc.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-
-# Package pre-reqs
-include_recipe 'php::default'
-include_recipe 'php::module_gd'
-
-build_essential 'name' do
-  compile_time  True
-end
-
-# the source install of nagios from this recipe does not include embedded perl support
-# so unless the user explicitly set the p1_file attribute, we want to clear it
-# Note: the cookbook now defaults to Nagios 4.X which doesn't support embedded perl anyways
-node.default['nagios']['conf']['p1_file'] = nil
-
-pkgs = value_for_platform_family(
-  %w( rhel fedora ) => %w( openssl-devel gd-devel tar ),
-  'debian' => %w( libssl-dev libgd2-xpm-dev bsd-mailx tar ),
-  'default' => %w( libssl-dev libgd2-xpm-dev bsd-mailx tar )
-)
-
-pkgs.each do |pkg|
-  package pkg do
-    action :install
-  end
-end
-
-user node['nagios']['user'] do
-  action :create
-end
-
-web_srv = node['nagios']['server']['web_server']
-
-group node['nagios']['group'] do
-  members [
-    node['nagios']['user'],
-    web_srv == 'nginx' ? node['nginx']['user'] : node['apache']['user'],
-  ]
-  action :create
-end
-
-remote_file "#{Chef::Config[:file_cache_path]}/nagios_core.tar.gz" do
-  source node['nagios']['server']['url']
-  checksum node['nagios']['server']['checksum']
-end
-
-node['nagios']['server']['patches'].each do |patch|
-  remote_file "#{Chef::Config[:file_cache_path]}/#{patch}" do
-    source "#{node['nagios']['server']['patch_url']}/#{patch}"
-  end
-end
-
-execute 'extract-nagios' do
-  cwd Chef::Config[:file_cache_path]
-  command 'tar zxvf nagios_core.tar.gz'
-  not_if { ::File.exist?("#{Chef::Config[:file_cache_path]}/#{node['nagios']['server']['src_dir']}") }
-end
-
-node['nagios']['server']['patches'].each do |patch|
-  bash "patch-#{patch}" do
-    cwd Chef::Config[:file_cache_path]
-    code <<-EOF
-      cd #{node['nagios']['server']['src_dir']}
-      patch -p1 --forward --silent --dry-run < '#{Chef::Config[:file_cache_path]}/#{patch}' >/dev/null
-      if [ $? -eq 0 ]; then
-        patch -p1 --forward < '#{Chef::Config[:file_cache_path]}/#{patch}'
-      else
-        exit 0
-      fi
-    EOF
-    action :nothing
-    subscribes :run, 'execute[extract-nagios]', :immediately
-  end
-end
-
-bash 'compile-nagios' do
-  cwd Chef::Config[:file_cache_path]
-  code <<-EOH
-    cd #{node['nagios']['server']['src_dir']}
-    ./configure --prefix=/usr \
-        --mandir=/usr/share/man \
-        --bindir=/usr/sbin \
-        --sbindir=#{node['nagios']['cgi-bin']} \
-        --datadir=#{node['nagios']['docroot']} \
-        --sysconfdir=#{node['nagios']['conf_dir']} \
-        --infodir=/usr/share/info \
-        --libexecdir=#{node['nagios']['plugin_dir']} \
-        --localstatedir=#{node['nagios']['state_dir']} \
-        --enable-event-broker \
-        --with-nagios-user=#{node['nagios']['user']} \
-        --with-nagios-group=#{node['nagios']['group']} \
-        --with-command-user=#{node['nagios']['user']} \
-        --with-command-group=#{node['nagios']['group']} \
-        --with-init-dir=/etc/init.d \
-        --with-lockfile=#{node['nagios']['run_dir']}/#{node['nagios']['server']['vname']}.pid \
-        --with-mail=/usr/bin/mail \
-        --with-perlcache \
-        --with-htmurl=/ \
-        --with-cgiurl=#{node['nagios']['cgi-path']}
-    make all
-    make install
-    make install-init
-    make install-config
-    make install-commandmode
-    #{node['nagios']['source']['add_build_commands'].join("\n")}
-  EOH
-  action :nothing
-  subscribes :run, 'execute[extract-nagios]', :immediately
-end
-
-directory node['nagios']['config_dir'] do
-  owner 'root'
-  group 'root'
-  mode '0755'
-  recursive true
-end
-
-directory node['nagios']['conf']['check_result_path'] do
-  owner node['nagios']['user']
-  group node['nagios']['group']
-  mode '0755'
-  recursive true
-end
-
-%w( cache_dir log_dir run_dir ).each do |dir|
-  directory "Nagios cookbook #{node['nagios'][dir]}" do
-    path node['nagios'][dir]
-    recursive true
-    owner node['nagios']['user']
-    group node['nagios']['group']
-    mode '0755'
-  end
-end
-
-directory ::File.join(node['nagios']['log_dir'], 'archives') do
-  owner node['nagios']['user']
-  group node['nagios']['group']
-  mode '0755'
-end
-
-directory "/usr/lib/#{node['nagios']['server']['vname']}" do
-  owner node['nagios']['user']
-  group node['nagios']['group']
-  mode '0755'
-end

data/cookbooks/nagios/templates/default/apache2.conf.erb

@@ -1,96 +0,0 @@
-# Autogenerated by Chef.
-
-<% unless node['nagios']['ldap_verify_cert'].nil? %>LDAPVerifyServerCert <%= node['nagios']['ldap_verify_cert'] %><% end %>
-<% unless node['nagios']['ldap_trusted_mode'].nil? -%>LDAPTrustedMode <%= node['nagios']['ldap_trusted_mode'] %> <% end -%>
-<% unless node['nagios']['ldap_trusted_global_cert'].nil? -%>LDAPTrustedGlobalCert <%= node['nagios']['ldap_trusted_global_cert'] %> <% end -%>
-
-<VirtualHost *:<%= node['nagios']['http_port'] %>>
-  ServerAdmin     <%= node['nagios']['sysadmin_email'] %>
-<% if @nagios_url %>
-  ServerName <%= @nagios_url %>
-<% else %>
-  ServerName      <%= node['fqdn'] %>
-<% if node['nagios']['server']['server_alias'] %>
-  ServerAlias     <%= node['nagios']['server']['server_alias'] %>
-<% end %>
-<% end %>
-  DocumentRoot    <%= node['nagios']['docroot'] %>
-  CustomLog       <%= node['apache']['log_dir'] %>/nagios_access.log combined
-  ErrorLog        <%= node['apache']['log_dir'] %>/nagios_error.log
-
-<% if node['platform_family'] == 'debian' && node['nagios']['server']['install_method'] == 'package'-%>
-  Alias /stylesheets /etc/<%= node['nagios']['server']['vname'] %>/stylesheets
-  Alias /nagios3/stylesheets /etc/<%= node['nagios']['server']['vname'] %>/stylesheets
-<% end -%>
-  ScriptAlias <%= node['nagios']['cgi-path'] %> <%= node['nagios']['cgi-bin'] %>
-  ScriptAlias /cgi-bin/statusjson.cgi <%= node['nagios']['cgi-bin'] %>/statusjson.cgi
-  Alias /<%= node['nagios']['server']['vname'] %> <%= node['nagios']['docroot'] %>
-
-  <Directory "<%= node['nagios']['cgi-bin'] %>">
-     Options ExecCGI
-     <% if node['nagios']['default_user_name'] -%>
-     require all granted
-     <% end -%>
-  </Directory>
-
-<% if @https -%>
-  SSLEngine On
-  SSLProtocol all -SSLv3 -SSLv2
-  SSLCertificateFile <%= @ssl_cert_file %>
-<% if node['nagios']['ssl_cert_chain_file'] %>
-  SSLCertificateChainFile <%= node['nagios']['ssl_cert_chain_file'] %>
-<% end -%>
-  SSLCertificateKeyFile <%= @ssl_cert_key %>
-
-<% end -%>
-<% case node['nagios']['server_auth_method'] -%>
-<% when "openid" -%>
-  <Location />
-    AuthName "Nagios Server"
-    AuthType OpenID
-    require user <%= node['apache']['allowed_openids'].join(' ') %>
-    AuthOpenIDDBLocation <%= node['apache']['mod_auth_openid']['dblocation'] %>
-  </Location>
-<% when "cas" -%>
-  CASLoginURL <%= node['nagios']['cas_login_url'] %>
-  CASValidateURL <%= node['nagios']['cas_validate_url'] %>
-  CASValidateServer <%= node['nagios']['cas_validate_server'] %>
-  <% if node['nagios']['cas_root_proxy_url'] -%>
-  CASRootProxiedAs <%= node['nagios']['cas_root_proxy_url'] %>
-  <% end -%>
-
-  <Location />
-    AuthType CAS
-    require <%= node['nagios']['server_auth_require'] %>
-  </Location>
-<% when "ldap" -%>
-  <Location />
-    AuthName "Nagios Server"
-    AuthType Basic
-    AuthBasicProvider ldap
-    <% unless node['nagios']['ldap_group_attribute_is_dn'].nil? %>AuthLDAPGroupAttributeIsDN <%= node['nagios']['ldap_group_attribute_is_dn'] %><% end %>
-    <% unless node['nagios']['ldap_group_attribute'].nil? -%>AuthLDAPGroupAttribute "<%= node['nagios']['ldap_group_attribute'] %>" <% end -%>
-    <% unless node['nagios']['ldap_bind_dn'].nil? -%>AuthLDAPBindDN "<%= node['nagios']['ldap_bind_dn'] %>" <% end -%>
-    <% unless node['nagios']['ldap_bind_password'].nil? -%>AuthLDAPBindPassword "<%= node['nagios']['ldap_bind_password'] %>"<% end -%>
-    AuthLDAPURL "<%= node['nagios']['ldap_url'] %>"
-    <% if node['apache']['version'] < "2.4" and !node['nagios']['ldap_authoritative'].nil? %>AuthzLDAPAuthoritative <%= node['nagios']['ldap_authoritative'] %><% end %>
-    require <%= node['nagios']['server_auth_require'] %>
-  </Location>
-<% else -%>
-  <Location />
-    AuthName "Nagios Server"
-    AuthType Basic
-    AuthUserFile "<%= node['nagios']['conf_dir'] %>/htpasswd.users"
-    require <%= node['nagios']['server_auth_require'] %>
-    <% unless node['nagios']['allowed_ips'].empty? -%>
-    Order Deny,Allow
-    Deny from All
-    Allow from <%=node['nagios']['allowed_ips'].join(' ') %>
-    Satisfy Any
-    <% end -%>
-  </Location>
-<% end -%>
-
-  SetEnv TZ "<%= node['nagios']['conf']['use_timezone'] %>"
-
-</VirtualHost>

data/cookbooks/nagios/templates/default/cgi.cfg.erb

@@ -1,266 +0,0 @@
-# Autogenerated by Chef.
-#
-# MAIN CONFIGURATION FILE
-# This tells the CGIs where to find your main configuration file.
-# The CGIs will read the main and host config files for any other
-# data they might need.
-
-main_config_file=<%= node['nagios']['conf_dir'] %>/<%= node['nagios']['server']['name'] %>.cfg
-
-# PHYSICAL HTML PATH
-# This is the path where the HTML files for Nagios reside.  This
-# value is used to locate the logo images needed by the statusmap
-# and statuswrl CGIs.
-
-physical_html_path=<%= node['nagios']['docroot'] %>
-
-# URL HTML PATH
-# This is the path portion of the URL that corresponds to the
-# physical location of the Nagios HTML files (as defined above).
-# This value is used by the CGIs to locate the online documentation
-# and graphics.  If you access the Nagios pages with an URL like
-# http://www.myhost.com/nagios, this value should be '/nagios'
-# (without the quotes).
-
-url_html_path=/<%= node['nagios']['server']['vname'] %>
-
-# CONTEXT-SENSITIVE HELP
-# This option determines whether or not a context-sensitive
-# help icon will be displayed for most of the CGIs.
-# Values: 0 = disables context-sensitive help
-#         1 = enables context-sensitive help
-
-show_context_help=<%= node['nagios']['cgi']['show_context_help'] %>
-
-# NAGIOS PROCESS CHECK COMMAND
-# This is the full path and filename of the program used to check
-# the status of the Nagios process.  It is used only by the CGIs
-# and is completely optional.  However, if you don't use it, you'll
-# see warning messages in the CGIs about the Nagios process
-# not running and you won't be able to execute any commands from
-# the web interface.  The program should follow the same rules
-# as plugins; the return codes are the same as for the plugins,
-# it should have timeout protection, it should output something
-# to STDIO, etc.
-#
-# Note: The command line for the check_nagios plugin below may
-# have to be tweaked a bit, as different versions of the plugin
-# use different command line arguments/syntaxes.
-
-<%= node['nagios']['server']['name'] %>_check_command=<%= node['nagios']['plugin_dir'] %>/check_nagios <%= node['nagios']['cache_dir'] %>/status.dat 5 '/usr/sbin/<%= @nagios_service_name %>'
-
-# AUTHENTICATION USAGE
-# This option controls whether or not the CGIs will use any
-# authentication when displaying host and service information, as
-# well as committing commands to Nagios for processing.
-#
-# Read the HTML documentation to learn how the authorization works!
-#
-# NOTE: It is a really *bad* idea to disable authorization, unless
-# you plan on removing the command CGI (cmd.cgi)!  Failure to do
-# so will leave you wide open to kiddies messing with Nagios and
-# possibly hitting you with a denial of service attack by filling up
-# your drive by continuously writing to your command file!
-#
-# Setting this value to 0 will cause the CGIs to *not* use
-# authentication (bad idea), while any other value will make them
-# use the authentication functions (the default).
-
-use_authentication=1
-
-# DEFAULT USER
-# Setting this variable will define a default user name that can
-# access pages without authentication.  This allows people within a
-# secure domain (i.e., behind a firewall) to see the current status
-# without authenticating.  You may want to use this to avoid basic
-# authentication if you are not using a secure server since basic
-# authentication transmits passwords in the clear.
-#
-# Important:  Do not define a default username unless you are
-# running a secure web server and are sure that everyone who has
-# access to the CGIs has been authenticated in some manner!  If you
-# define this variable, anyone who has not authenticated to the web
-# server will inherit all rights you assign to this user!
-
-<% if node['nagios']['default_user_name'] -%>
-default_user_name=<%= @node['nagios']['default_user_name'] %>
-<% else -%>
-#default_user_name=guest
-<% end -%>
-
-# SYSTEM/PROCESS INFORMATION ACCESS
-# This option is a comma-delimited list of all usernames that
-# have access to viewing the Nagios process information as
-# provided by the Extended Information CGI (extinfo.cgi).  By
-# default, *no one* has access to this unless you choose to
-# not use authorization.  You may use an asterisk (*) to
-# authorize any user who has authenticated to the web server.
-
-authorized_for_system_information=<%= node['nagios']['cgi']['authorized_for_system_information'] %>
-
-# CONFIGURATION INFORMATION ACCESS
-# This option is a comma-delimited list of all usernames that
-# can view ALL configuration information (hosts, commands, etc).
-# By default, users can only view configuration information
-# for the hosts and services they are contacts for. You may use
-# an asterisk (*) to authorize any user who has authenticated
-# to the web server.
-
-authorized_for_configuration_information=<%= node['nagios']['cgi']['authorized_for_configuration_information'] %>
-
-# SYSTEM/PROCESS COMMAND ACCESS
-# This option is a comma-delimited list of all usernames that
-# can issue shutdown and restart commands to Nagios via the
-# command CGI (cmd.cgi).  Users in this list can also change
-# the program mode to active or standby. By default, *no one*
-# has access to this unless you choose to not use authorization.
-# You may use an asterisk (*) to authorize any user who has
-# authenticated to the web server.
-
-authorized_for_system_commands=<%= node['nagios']['cgi']['authorized_for_system_commands'] %>
-
-# GLOBAL HOST/SERVICE VIEW ACCESS
-# These two options are comma-delimited lists of all usernames that
-# can view information for all hosts and services that are being
-# monitored.  By default, users can only view information
-# for hosts or services that they are contacts for (unless you
-# you choose to not use authorization). You may use an asterisk (*)
-# to authorize any user who has authenticated to the web server.
-
-
-authorized_for_all_services=<%= node['nagios']['cgi']['authorized_for_all_services'] %>
-authorized_for_all_hosts=<%= node['nagios']['cgi']['authorized_for_all_hosts'] %>
-
-# GLOBAL HOST/SERVICE COMMAND ACCESS
-# These two options are comma-delimited lists of all usernames that
-# can issue host or service related commands via the command
-# CGI (cmd.cgi) for all hosts and services that are being monitored.
-# By default, users can only issue commands for hosts or services
-# that they are contacts for (unless you you choose to not use
-# authorization).  You may use an asterisk (*) to authorize any
-# user who has authenticated to the web server.
-
-authorized_for_all_service_commands=<%= node['nagios']['cgi']['authorized_for_all_service_commands'] %>
-authorized_for_all_host_commands=<%= node['nagios']['cgi']['authorized_for_all_host_commands'] %>
-
-# STATUSMAP BACKGROUND IMAGE
-# This option allows you to specify an image to be used as a
-# background in the statusmap CGI.  It is assumed that the image
-# resides in the HTML images path (i.e. /usr/local/nagios/share/images).
-# This path is automatically determined by appending "/images"
-# to the path specified by the 'physical_html_path' directive.
-# Note:  The image file may be in GIF, PNG, JPEG, or GD2 format.
-# However, I recommend that you convert your image to GD2 format
-# (uncompressed), as this will cause less CPU load when the CGI
-# generates the image.
-
-#statusmap_background_image=smbackground.gd2
-
-# DEFAULT STATUSMAP LAYOUT METHOD
-# This option allows you to specify the default layout method
-# the statusmap CGI should use for drawing hosts.  If you do
-# not use this option, the default is to use user-defined
-# coordinates.  Valid options are as follows:
-#       0 = User-defined coordinates
-#       1 = Depth layers
-#       2 = Collapsed tree
-#       3 = Balanced tree
-#       4 = Circular
-#       5 = Circular (Marked Up)
-
-default_statusmap_layout=<%= node['nagios']['cgi']['default_statusmap_layout'] %>
-
-# DEFAULT STATUSWRL LAYOUT METHOD
-# This option allows you to specify the default layout method
-# the statuswrl (VRML) CGI should use for drawing hosts.  If you
-# do not use this option, the default is to use user-defined
-# coordinates.  Valid options are as follows:
-#       0 = User-defined coordinates
-#       2 = Collapsed tree
-#       3 = Balanced tree
-#       4 = Circular
-
-default_statuswrl_layout=<%= node['nagios']['cgi']['default_statuswrl_layout'] %>
-
-# STATUSWRL INCLUDE
-# This option allows you to include your own objects in the
-# generated VRML world.  It is assumed that the file
-# resides in the HTML path (i.e. /usr/local/nagios/share).
-
-#statuswrl_include=myworld.wrl
-
-# PING SYNTAX
-# This option determines what syntax should be used when
-# attempting to ping a host from the WAP interface (using
-# the statuswml CGI.  You must include the full path to
-# the ping binary, along with all required options.  The
-# $HOSTADDRESS$ macro is substituted with the address of
-# the host before the command is executed.
-# Please note that the syntax for the ping binary is
-# notorious for being different on virtually ever *NIX
-# OS and distribution, so you may have to tweak this to
-# work on your system.
-
-ping_syntax=/bin/ping -n -U -c 5 $HOSTADDRESS$
-
-# REFRESH RATE
-# This option allows you to specify the refresh rate in seconds
-# of various CGIs (status, statusmap, extinfo, and outages).
-
-refresh_rate=90
-
-# DEFAULT PAGE LIMIT
-# This option allows you to specify the default number of results
-# displayed on the status.cgi.  This number can be adjusted from
-# within the UI after the initial page load. Setting this to 0
-# will show all results.
-
-result_limit=<%= node['nagios']['cgi']['result_limit'] %>
-
-# ESCAPE HTML TAGS
-# This option determines whether HTML tags in host and service
-# status output is escaped in the web interface.  If enabled,
-# your plugin output will not be able to contain clickable links.
-
-escape_html_tags=<%= node['nagios']['cgi']['escape_html_tags'] %>
-
-# SOUND OPTIONS
-# These options allow you to specify an optional audio file
-# that should be played in your browser window when there are
-# problems on the network.  The audio files are used only in
-# the status CGI.  Only the sound for the most critical problem
-# will be played.  Order of importance (higher to lower) is as
-# follows: unreachable hosts, down hosts, critical services,
-# warning services, and unknown services. If there are no
-# visible problems, the sound file optionally specified by
-# 'normal_sound' variable will be played.
-#
-#
-# <varname>=<sound_file>
-#
-# Note: All audio files must be placed in the /media subdirectory
-# under the HTML path (i.e. /usr/local/nagios/share/media/).
-
-#host_unreachable_sound=hostdown.wav
-#host_down_sound=hostdown.wav
-#service_critical_sound=critical.wav
-#service_warning_sound=warning.wav
-#service_unknown_sound=warning.wav
-#normal_sound=noproblem.wav
-
-# URL TARGET FRAMES
-# These options determine the target frames in which notes and 
-# action URLs will open.
-
-action_url_target=<%= node['nagios']['cgi']['action_url_target'] %>
-notes_url_target=<%= node['nagios']['cgi']['notes_url_target'] %>
-
-
-# LOCK AUTHOR NAMES OPTION
-# This option determines whether users can change the author name 
-# when submitting comments, scheduling downtime.  If disabled, the 
-# author names will be locked into their contact name, as defined in Nagios.
-# Values: 0 = allow editing author names
-#         1 = lock author names (disallow editing)
-
-lock_author_names=<%= node['nagios']['cgi']['lock_author_names'] %>