cloud-mu 3.6.10 → 3.6.11

data/cookbooks/nagios/LICENSE

@@ -0,0 +1,201 @@
+                              Apache License
+                        Version 2.0, January 2004
+                     http://www.apache.org/licenses/
+
+TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+1. Definitions.
+
+   "License" shall mean the terms and conditions for use, reproduction,
+   and distribution as defined by Sections 1 through 9 of this document.
+
+   "Licensor" shall mean the copyright owner or entity authorized by
+   the copyright owner that is granting the License.
+
+   "Legal Entity" shall mean the union of the acting entity and all
+   other entities that control, are controlled by, or are under common
+   control with that entity. For the purposes of this definition,
+   "control" means (i) the power, direct or indirect, to cause the
+   direction or management of such entity, whether by contract or
+   otherwise, or (ii) ownership of fifty percent (50%) or more of the
+   outstanding shares, or (iii) beneficial ownership of such entity.
+
+   "You" (or "Your") shall mean an individual or Legal Entity
+   exercising permissions granted by this License.
+
+   "Source" form shall mean the preferred form for making modifications,
+   including but not limited to software source code, documentation
+   source, and configuration files.
+
+   "Object" form shall mean any form resulting from mechanical
+   transformation or translation of a Source form, including but
+   not limited to compiled object code, generated documentation,
+   and conversions to other media types.
+
+   "Work" shall mean the work of authorship, whether in Source or
+   Object form, made available under the License, as indicated by a
+   copyright notice that is included in or attached to the work
+   (an example is provided in the Appendix below).
+
+   "Derivative Works" shall mean any work, whether in Source or Object
+   form, that is based on (or derived from) the Work and for which the
+   editorial revisions, annotations, elaborations, or other modifications
+   represent, as a whole, an original work of authorship. For the purposes
+   of this License, Derivative Works shall not include works that remain
+   separable from, or merely link (or bind by name) to the interfaces of,
+   the Work and Derivative Works thereof.
+
+   "Contribution" shall mean any work of authorship, including
+   the original version of the Work and any modifications or additions
+   to that Work or Derivative Works thereof, that is intentionally
+   submitted to Licensor for inclusion in the Work by the copyright owner
+   or by an individual or Legal Entity authorized to submit on behalf of
+   the copyright owner. For the purposes of this definition, "submitted"
+   means any form of electronic, verbal, or written communication sent
+   to the Licensor or its representatives, including but not limited to
+   communication on electronic mailing lists, source code control systems,
+   and issue tracking systems that are managed by, or on behalf of, the
+   Licensor for the purpose of discussing and improving the Work, but
+   excluding communication that is conspicuously marked or otherwise
+   designated in writing by the copyright owner as "Not a Contribution."
+
+   "Contributor" shall mean Licensor and any individual or Legal Entity
+   on behalf of whom a Contribution has been received by Licensor and
+   subsequently incorporated within the Work.
+
+2. Grant of Copyright License. Subject to the terms and conditions of
+   this License, each Contributor hereby grants to You a perpetual,
+   worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+   copyright license to reproduce, prepare Derivative Works of,
+   publicly display, publicly perform, sublicense, and distribute the
+   Work and such Derivative Works in Source or Object form.
+
+3. Grant of Patent License. Subject to the terms and conditions of
+   this License, each Contributor hereby grants to You a perpetual,
+   worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+   (except as stated in this section) patent license to make, have made,
+   use, offer to sell, sell, import, and otherwise transfer the Work,
+   where such license applies only to those patent claims licensable
+   by such Contributor that are necessarily infringed by their
+   Contribution(s) alone or by combination of their Contribution(s)
+   with the Work to which such Contribution(s) was submitted. If You
+   institute patent litigation against any entity (including a
+   cross-claim or counterclaim in a lawsuit) alleging that the Work
+   or a Contribution incorporated within the Work constitutes direct
+   or contributory patent infringement, then any patent licenses
+   granted to You under this License for that Work shall terminate
+   as of the date such litigation is filed.
+
+4. Redistribution. You may reproduce and distribute copies of the
+   Work or Derivative Works thereof in any medium, with or without
+   modifications, and in Source or Object form, provided that You
+   meet the following conditions:
+
+   (a) You must give any other recipients of the Work or
+       Derivative Works a copy of this License; and
+
+   (b) You must cause any modified files to carry prominent notices
+       stating that You changed the files; and
+
+   (c) You must retain, in the Source form of any Derivative Works
+       that You distribute, all copyright, patent, trademark, and
+       attribution notices from the Source form of the Work,
+       excluding those notices that do not pertain to any part of
+       the Derivative Works; and
+
+   (d) If the Work includes a "NOTICE" text file as part of its
+       distribution, then any Derivative Works that You distribute must
+       include a readable copy of the attribution notices contained
+       within such NOTICE file, excluding those notices that do not
+       pertain to any part of the Derivative Works, in at least one
+       of the following places: within a NOTICE text file distributed
+       as part of the Derivative Works; within the Source form or
+       documentation, if provided along with the Derivative Works; or,
+       within a display generated by the Derivative Works, if and
+       wherever such third-party notices normally appear. The contents
+       of the NOTICE file are for informational purposes only and
+       do not modify the License. You may add Your own attribution
+       notices within Derivative Works that You distribute, alongside
+       or as an addendum to the NOTICE text from the Work, provided
+       that such additional attribution notices cannot be construed
+       as modifying the License.
+
+   You may add Your own copyright statement to Your modifications and
+   may provide additional or different license terms and conditions
+   for use, reproduction, or distribution of Your modifications, or
+   for any such Derivative Works as a whole, provided Your use,
+   reproduction, and distribution of the Work otherwise complies with
+   the conditions stated in this License.
+
+5. Submission of Contributions. Unless You explicitly state otherwise,
+   any Contribution intentionally submitted for inclusion in the Work
+   by You to the Licensor shall be under the terms and conditions of
+   this License, without any additional terms or conditions.
+   Notwithstanding the above, nothing herein shall supersede or modify
+   the terms of any separate license agreement you may have executed
+   with Licensor regarding such Contributions.
+
+6. Trademarks. This License does not grant permission to use the trade
+   names, trademarks, service marks, or product names of the Licensor,
+   except as required for reasonable and customary use in describing the
+   origin of the Work and reproducing the content of the NOTICE file.
+
+7. Disclaimer of Warranty. Unless required by applicable law or
+   agreed to in writing, Licensor provides the Work (and each
+   Contributor provides its Contributions) on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+   implied, including, without limitation, any warranties or conditions
+   of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+   PARTICULAR PURPOSE. You are solely responsible for determining the
+   appropriateness of using or redistributing the Work and assume any
+   risks associated with Your exercise of permissions under this License.
+
+8. Limitation of Liability. In no event and under no legal theory,
+   whether in tort (including negligence), contract, or otherwise,
+   unless required by applicable law (such as deliberate and grossly
+   negligent acts) or agreed to in writing, shall any Contributor be
+   liable to You for damages, including any direct, indirect, special,
+   incidental, or consequential damages of any character arising as a
+   result of this License or out of the use or inability to use the
+   Work (including but not limited to damages for loss of goodwill,
+   work stoppage, computer failure or malfunction, or any and all
+   other commercial damages or losses), even if such Contributor
+   has been advised of the possibility of such damages.
+
+9. Accepting Warranty or Additional Liability. While redistributing
+   the Work or Derivative Works thereof, You may choose to offer,
+   and charge a fee for, acceptance of support, warranty, indemnity,
+   or other liability obligations and/or rights consistent with this
+   License. However, in accepting such obligations, You may act only
+   on Your own behalf and on Your sole responsibility, not on behalf
+   of any other Contributor, and only if You agree to indemnify,
+   defend, and hold each Contributor harmless for any liability
+   incurred by, or claims asserted against, such Contributor by reason
+   of your accepting any such warranty or additional liability.
+
+END OF TERMS AND CONDITIONS
+
+APPENDIX: How to apply the Apache License to your work.
+
+   To apply the Apache License to your work, attach the following
+   boilerplate notice, with the fields enclosed by brackets "[]"
+   replaced with your own identifying information. (Don't include
+   the brackets!)  The text should be enclosed in the appropriate
+   comment syntax for the file format. We also recommend that a
+   file or class name and description of purpose be included on the
+   same "printed page" as the copyright notice for easier
+   identification within third-party archives.
+
+Copyright [yyyy] [name of copyright owner]
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.

data/cookbooks/nagios/README.md

@@ -0,0 +1,340 @@
+# nagios cookbook
+
+[![Cookbook Version](https://img.shields.io/cookbook/v/nagios.svg)](https://supermarket.chef.io/cookbooks/nagios)
+[![CI State](https://github.com/sous-chefs/nagios/workflows/ci/badge.svg)](https://github.com/sous-chefs/nagios/actions?query=workflow%3Aci)
+[![OpenCollective](https://opencollective.com/sous-chefs/backers/badge.svg)](#backers)
+[![OpenCollective](https://opencollective.com/sous-chefs/sponsors/badge.svg)](#sponsors)
+[![License](https://img.shields.io/badge/License-Apache%202.0-green.svg)](https://opensource.org/licenses/Apache-2.0)
+
+Installs and configures Nagios server. Chef nodes are automatically discovered using search, and Nagios host groups are created based on Chef roles and optionally environments as well.
+
+## Maintainers
+
+This cookbook is maintained by the Sous Chefs. The Sous Chefs are a community of Chef cookbook maintainers working together to maintain important cookbooks. If you’d like to know more please visit [sous-chefs.org](https://sous-chefs.org/) or come chat with us on the Chef Community Slack in [#sous-chefs](https://chefcommunity.slack.com/messages/C2V7B88SF).
+
+## Requirements
+
+### Chef
+
+Chef Infra Client version 15.3+ is required
+
+Because of the heavy use of search, this recipe will not work with Chef Solo, as it cannot do any searches without a server.
+
+This cookbook relies heavily on multiple data bags. See --Data Bag-- below.
+
+The system running this cookbooks should have a role named 'monitoring' so that NRPE clients can authorize monitoring from that system. This role name is configurable via an attribute. See --Attributes-- below.
+
+The functionality that was previously in the nagios::client recipe has been moved to its own NRPE cookbook at <https://github.com/sous-chefs/nrpe>
+
+### Platform
+
+- Debian 10+
+- Ubuntu 18.04+
+- Red Hat Enterprise Linux (CentOS) 7+
+
+--Notes--: This cookbook has been tested on the listed platforms. It may work on other platforms with or without modification.
+
+### Cookbooks
+
+- apache2
+- nginx
+- nrpe
+- php
+- yum-epel
+- zap
+
+## Attributes
+
+### config
+
+[The config file](https://github.com/sous-chefs/nagios/blob/master/attributes/config.rb) contains the Nagios configuration options. Consult the [nagios documentation](http://nagios.sourceforge.net/docs/3_0/configmain.html) for available settings and allowed options. Configuration entries of which multiple entries are allowed, need to be specified as an Array.
+
+Example: `default['nagios']['conf']['cfg_dir'] = [ '/etc/nagios/conf.d' , '/usr/local/nagios/conf.d' ]`
+
+### default attributes
+
+- `node['nagios']['user']` - Nagios user, default 'nagios'.
+- `node['nagios']['group']` - Nagios group, default 'nagios'.
+- `node['nagios']['plugin_dir']` - location where Nagios plugins go, default '/usr/lib/nagios/plugins'.
+- `node['nagios']['multi_environment_monitoring']` - Chef server will monitor hosts in all environments, not just its own, default 'false'
+- `node['nagios']['monitored_environments']` - If multi_environment_monitoring is 'true' nagios will monitor nodes in all environments. If monitored_environments is defined then nagios will monitor only hosts in the list of environments defined. For ex: ['prod', 'beta'] will monitor only hosts in 'prod' and 'beta' chef_environments. Defaults to '[]' - and all chef environments will be monitored by default.
+- `node['nagios']['monitoring_interface']` - If set, will use the specified interface for all nagios monitoring network traffic. Defaults to `nil`
+- `node['nagios']['exclude_tag_host']` - If set, hosts tagged with this value will be excluded from nagios monitoring.  Defaults to ''
+
+- `node['nagios']['server']['install_method']` - whether to install from package or source. Default chosen by platform based on known packages available for Nagios: debian/ubuntu 'package', redhat/centos/scientific: source
+- `node['nagios']['server']['install_yum-epel']` - whether to install the EPEL repo or not (only applies to RHEL platform family). The default value is `true`. Set this to `false` if you do not wish to install the EPEL RPM; in this scenario you will need to make the relevant packages available via another method e.g. local repo, or install from source.
+- `node['nagios']['server']['service_name']` - name of the service used for Nagios, default chosen by platform, debian/ubuntu "nagios3", redhat family "nagios", all others, "nagios"
+- `node['nagios']['home']` - Nagios main home directory, default "/usr/lib/nagios3"
+- `node['nagios']['conf_dir']` - location where main Nagios config lives, default "/etc/nagios3"
+- `node['nagios']['resource_dir']` - location for recources, default "/etc/nagios3"
+- `node['nagios']['config_dir']` - location where included configuration files live, default "/etc/nagios3/conf.d"
+- `node['nagios']['log_dir']` - location of Nagios logs, default "/var/log/nagios3"
+- `node['nagios']['cache_dir']` - location of cached data, default "/var/cache/nagios3"
+- `node['nagios']['state_dir']` - Nagios runtime state information, default "/var/lib/nagios3"
+- `node['nagios']['run_dir']` - where pidfiles are stored, default "/var/run/nagios3"
+- `node['nagios']['docroot']` - Nagios webui docroot, default "/usr/share/nagios3/htdocs"
+- `node['nagios']['enable_ssl']` - boolean for whether Nagios web server should be https, default false
+- `node['nagios']['ssl_cert_file']` = Location of SSL Certificate File. default "/etc/nagios3/certificates/nagios-server.pem"
+- `node['nagios']['ssl_cert_chain_file']` = Optional location of SSL Intermediate Certificate File. No default.
+- `node['nagios']['ssl_cert_key']`  = Location of SSL Certificate Key. default "/etc/nagios3/certificates/nagios-server.pem"
+- `node['nagios']['ssl_protocols']` = The SSLProtocol string to pass to apache, defaults to "all -SSL3 -SSL2"
+- `node['nagios']['ssl_ciphers']` = The SSLCipherSuite string to pass to apache, defaults to empty (which will result in this setting not being included in the apache config)
+- `node['nagios']['http_port']` - port that the Apache/Nginx virtual site should listen on, determined whether ssl is enabled (443 if so, otherwise 80). Note:  You will also need to configure the listening port for either NGINX or Apache within those cookbooks.
+- `node['nagios']['server_name']` - common name to use in a server cert, default "nagios"
+- `node['nagios']['server']['server_alias']` - alias name for the webserver for use with Apache.  Defaults to nil
+- `node['nagios']['ssl_req']` - info to use in a cert, default `/C=US/ST=Several/L=Locality/O=Example/OU=Operations/CN=#{node['nagios']['server_name']}/emailAddress=ops@#{node['nagios']['server_name']}`
+
+- `node['nagios']['server']['version']` - version of the server source to download
+- `node['nagios']['server']['checksum']` - checksum of the source files
+- `node['nagios']['server']['source_url']` - nagios core source url
+- `node['nagios']['server']['patch_url']` - url to download patches from if installing from source
+- `node['nagios']['server']['patches']` - array of patch filenames to apply if installing from source
+- `node['nagios']['url']` - URL to host Nagios from - defaults to nil and instead uses  FQDN
+
+- `node['nagios']['conf']['enable_notifications']` - set to 1 to enable notification.
+- `node['nagios']['conf']['interval_length']` - minimum interval. Defaults to '1'.
+- `node['nagios']['conf']['use_timezone']` - set the timezone for nagios AND apache.  Defaults to UTC.
+- `node['nagios']['conf']['use_large_installation_tweaks']` - Attribute to enable [large installation tweaks](http://nagios.sourceforge.net/docs/3_0/largeinstalltweaks.html). Defaults to 0.
+
+- `node['nagios']['check_external_commands']`
+- `node['nagios']['default_contact_groups']`
+- `node['nagios']['default_user_name']` - Specify a defaut guest user to allow page access without authentication.  --Only-- use this if nagios is running behind a secure webserver and users have been authenticated in some manner.  You'll likely want to change `node['nagios']['server_auth_require']` to `all granted`.  Defaults to `nil`.
+- `node['nagios']['sysadmin_email']` - default notification email.
+- `node['nagios']['sysadmin_sms_email']` - default notification sms.
+- `node['nagios']['server_auth_method']` - authentication with the server can be done with openid (using `apache2::mod_auth_openid`), cas (using `apache2::mod_auth_cas`),ldap (using `apache2::mod_authnz_ldap`), or htauth (basic). The default is htauth. "openid" will utilize openid authentication, "cas" will utilize cas authentication, "ldap" will utilize LDAP authentication, and any other value will use htauth (basic).
+- `node['nagios']['cas_login_url']` - login url for cas if using cas authentication.
+- `node['nagios']['cas_validate_url']` - validation url for cas if using cas authentication.
+- `node['nagios']['cas_validate_server']` - whether to validate the server cert. Defaults to off.
+- `node['nagios']['cas_root_proxy_url']` - if set, sets the url that the cas server redirects to after auth.
+- `node['nagios']['ldap_bind_dn']` - DN used to bind to the server when searching for ldap entries.
+- `node['nagios']['ldap_bind_password']` - bind password used with the DN provided for searching ldap.
+- `node['nagios']['ldap_url']` - ldap url and search parameters.
+- `node['nagios']['ldap_authoritative']` - accepts "on" or "off". controls other authentication modules from authenticating the user if this one fails.
+- `node['nagios']['ldap_group_attribute']` - Set the Apache AuthLDAPGroupAttribute directive to a non-default value.
+- `node['nagios']['ldap_group_attribute_is_dn']` - accepts "on" or "off". Set the Apache AuthLDAPGroupAttributeIsDN directive. Apache's default behavior is currently "on."
+- `node['nagios']['ldap_verify_cert']` - accepts "on" or "off". Set the Apache mod_ldap LDAPVerifyServerCert directive. Apache's default behavior is currently "on."
+- `node['nagios']['ldap_trusted_mode']` - Set the Apache mod_ldap LDAPTrustedMode directive.
+- `node['nagios']['ldap_trusted_global_cert']` - Set the Apache mod_ldap LDAPTrustedGlobalCert directive.
+- `node['nagios']['users_databag']` - the databag containing users to search for. defaults to users
+- `node['nagios']['users_databag_group']` - users databag group considered Nagios admins.  defaults to sysadmin
+- `node['nagios']['services_databag']` - the databag containing services to search for. defaults to nagios_services
+- `node['nagios']['servicegroups_databag']` - the databag containing servicegroups to search for. defaults to nagios_servicegroups
+- `node['nagios']['templates_databag']` - the databag containing templates to search for. defaults to nagios_templates
+- `node['nagios']['hostgroups_databag']` - the databag containing hostgroups to search for. defaults to nagios_hostgroups
+- `node['nagios']['hosttemplates_databag']` - the databag containing host templates to search for. defaults to nagios_hosttemplates
+- `node['nagios']['eventhandlers_databag']` - the databag containing eventhandlers to search for. defaults to nagios_eventhandlers
+- `node['nagios']['unmanagedhosts_databag']` - the databag containing unmanagedhosts to search for. defaults to nagios_unmanagedhosts
+- `node['nagios']['serviceescalations_databag']` - the databag containing serviceescalations to search for. defaults to nagios_serviceescalations
+- `node['nagios']['hostescalations_databag']` - the databag containing hostescalations to search for. defaults to nagios_hostescalations
+- `node['nagios']['contacts_databag']` - the databag containing contacts to search for. defaults to nagios_contacts
+- `node['nagios']['contactgroups_databag']` - the databag containing contactgroups to search for. defaults to nagios_contactgroups
+- `node['nagios']['servicedependencies_databag']` - the databag containing servicedependencies to search for. defaults to nagios_servicedependencies
+- `node['nagios']['host_name_attribute']` - node attribute to use for naming the host. Must be unique across monitored nodes. Defaults to hostname
+- `node['nagios']['regexp_matching']` - Attribute to enable [regexp matching](http://nagios.sourceforge.net/docs/3_0/configmain.html#use_regexp_matching). Defaults to 0.
+- `node['nagios']['templates']` - These set directives in the default host template. Unless explicitly overridden, they will be inherited by the host definitions for each discovered node and `nagios_unmanagedhosts` data bag. For more information about these directives, see the Nagios documentation for [host definitions](http://nagios.sourceforge.net/docs/3_0/objectdefinitions.html#host).
+- `node['nagios']['hosts_template']` - Host template you want to inherit properties/variables from, default 'server'. For more information, see the nagios doc on [Object Inheritance](http://nagios.sourceforge.net/docs/3_0/objectinheritance.html).
+- `node['nagios']['brokers']` - Hash of broker modules to include in the config. Hash key is the path to the broker module, the value is any parameters to pass to it.
+- `node['nagios']['nagios_config']['template_cookbook']` - Look for template file in the cookbook mentioned in the attribute. Defaults to nagios
+- `node['nagios']['resources']['template_cookbook']` - Look for template file in the cookbook mentioned in the attribute. Defaults to nagios
+- `node['nagios']['htauth']['template_cookbook']` - Look for template file in the cookbook mentioned in the attribute. Defaults to nagios
+- `node['nagios']['nagios_config']['template_file']` - Template file to be rendered. Defaults to nagios.cfg.erb
+- `node['nagios']['resources']['template_file']` - Template file to be rendered. Defaults to resource.cfg.erb
+- `node['nagios']['htauth']['template_file']` - Template file to be rendered. Defaults to htpasswd.users.erb
+
+- `node['nagios']['default_host']['flap_detection']` - Defaults to `true`.
+- `node['nagios']['default_host']['process_perf_data']` - Defaults to `false`.
+- `node['nagios']['default_host']['check_period']` - Defaults to `'24x7'`.
+- `node['nagios']['default_host']['check_interval']` - In seconds. Must be divisible by `node['nagios']['interval_length']`. Defaults to `15`.
+- `node['nagios']['default_host']['retry_interval']` - In seconds. Must be divisible by `node['nagios']['interval_length']`. Defaults to `15`.
+- `node['nagios']['default_host']['max_check_attempts']` - Defaults to `1`.
+- `node['nagios']['default_host']['check_command']` - Defaults to the pre-defined command `'check-host-alive'`.
+- `node['nagios']['default_host']['notification_interval']` - In seconds. Must be divisible by `node['nagios']['interval_length']`. Defaults to `300`.
+- `node['nagios']['default_host']['notification_options']` - Defaults to `'d,u,r'`.
+- `node['nagios']['default_host']['action_url']` - Defines a action url.  Defaults to `nil`.
+
+- `node['nagios']['default_service']['process_perf_data']` - Defaults to `false`.
+- `node['nagios']['default_service']['action_url']` - Defines a action url. Defaults to `nil`.
+
+- `node['nagios']['server']['web_server']` - web server to use. supports Apache or Nginx, default "apache"
+- `node['nagios']['server']['nginx_dispatch']` - nginx dispatch method. supports cgi or php, default "cgi"
+- `node['nagios']['server']['stop_apache']` - stop apache service if using nginx, default false
+- `node['nagios']['server']['redirect_root']` - if using Apache, should `http://server/` redirect to `http://server/nagios3` automatically, default false
+- `node['nagios']['server']['normalize_hostname']` - If set to true, normalize all hostnames in hosts.cfg to lowercase. Defaults to false.
+
+ These are nagios cgi.config options.
+
+- `node['nagios']['cgi']['show_context_help']`                         - Defaults to 1
+- `node['nagios']['cgi']['authorized_for_system_information']`         - Defaults to '-'
+- `node['nagios']['cgi']['authorized_for_configuration_information']`  - Defaults to '-'
+- `node['nagios']['cgi']['authorized_for_system_commands']`            - Defaults to '-'
+- `node['nagios']['cgi']['authorized_for_all_services']`               - Defaults to '-'
+- `node['nagios']['cgi']['authorized_for_all_hosts']`                  - Defaults to '-'
+- `node['nagios']['cgi']['authorized_for_all_service_commands']`       - Defaults to '-'
+- `node['nagios']['cgi']['authorized_for_all_host_commands']`          - Defaults to '-'
+- `node['nagios']['cgi']['default_statusmap_layout']`                  - Defaults to 5
+- `node['nagios']['cgi']['default_statuswrl_layout']`                  - Defaults to 4
+- `node['nagios']['cgi']['result_limit']`                              - Defaults to 100
+- `node['nagios']['cgi']['escape_html_tags']`                          - Defaults to 0
+- `node['nagios']['cgi']['action_url_target']`                         - Defaults to '_blank'
+- `node['nagios']['cgi']['notes_url_target']`                          - Defaults to '_blank'
+- `node['nagios']['cgi']['lock_author_names']`                         - Defaults to 1
+- `node['nagios']['cgi']['template_cookbook']`                         - Look for template file in the cookbook mentioned in the attribute. Defaults to nagios
+- `node['nagios']['cgi']['template_file']`                             - Template file to be rendered. Defaults to cgi.cfg.erb
+
+## Recipes
+
+### default recipe
+
+Includes the correct client installation recipe based on platform, either `nagios::server_package` or `nagios::server_source`.
+
+The server recipe sets up Apache as the web front end by default. This recipe also does a number of searches to dynamically build the hostgroups to monitor, hosts that belong to them and admins to notify of events/alerts.
+
+Searches are confined to the node's `chef_environment` unless multi-environment monitoring is enabled.
+
+The recipe does the following:
+
+1. Searches for users in 'users' databag belonging to a 'sysadmin' group, and authorizes them to access the Nagios web UI and also to receive notification e-mails.
+1. Searches all available roles/environments and builds a list which will become the Nagios hostgroups.
+1. Places nodes in Nagios hostgroups by role / environment membership.
+1. Installs various packages required for the server.
+1. Sets up configuration directories.
+1. Moves the package-installed Nagios configuration to a 'dist' directory.
+1. Disables the 000-default VirtualHost present on Debian/Ubuntu Apache2 package installations.
+1. Templates configuration files for services, contacts, contact groups, templates, hostgroups and hosts.
+1. Enables the Nagios web UI.
+1. Starts the Nagios server service
+
+### server_package
+
+Installs the Nagios server from packages. Default for Debian / Ubuntu systems.
+
+### server_source
+
+Installs the Nagios server from source. Default for Red Hat based systems as native packages for Nagios are not available in the default repositories.
+
+### pagerduty
+
+Installs pagerduty plugin for nagios. If you only have a single pagerduty key, you can simply set a `node['nagios']['pagerduty_key']` attribute on your server. For multiple pagerduty key configuration see Pager Duty under Data Bags.
+
+This recipe was written based on the [Nagios Integration Guide](http://www.pagerduty.com/docs/guides/nagios-integration-guide) from PagerDuty which explains how to get an API key for your Nagios server.
+
+## Data Bags
+
+[See Wiki for more databag information](https://github.com/sous-chefs/nagios/wiki/config)
+
+### Pager Duty
+
+You can define pagerduty contacts and keys by creating nagios_pagerduty data bags that contain the contact and the relevant key. Setting admin_contactgroup to "true" will add this pagerduty contact to the admin contact group created by this cookbook.
+
+```javascript
+{
+  "id": "pagerduty_critical",
+  "admin_contactgroup": "true",
+  "key": "a33e5ef0ac96772fbd771ddcccd3ccd0"
+}
+```
+
+You can add these contacts to any contactgroups you create.
+
+## Monitoring Role
+
+Create a role to use for the monitoring server. The role name should match the value of the attribute "`node['nrpe']['server_role']`" on your clients. By default, this is '`monitoring`'. For example:
+
+```ruby
+# roles/monitoring.rb
+name 'monitoring'
+description 'Monitoring server'
+run_list(
+  'recipe[nagios::default]'
+)
+
+default_attributes(
+  'nagios' => {
+    'server_auth_method' => 'htauth'
+  }
+)
+```
+
+```bash
+knife role from file monitoring.rb
+```
+
+## Usage
+
+### server setup
+
+Create a role named '`monitoring`', and add the nagios server recipe to the `run_list`. See --Monitoring Role-- above for an example.
+
+Apply the nrpe cookbook to nodes in order to install the NRPE client
+
+By default the Nagios server will only monitor systems in its same environment. To change this set the `multi_environment_monitoring` attribute. See --Attributes--
+
+Create data bag items in the `users` data bag for each administer you would like to be able to login to the Nagios server UI. Pay special attention to the method you would like to use to authorization users (openid or htauth). See --Users-- and --Atttributes--
+
+At this point you now have a minimally functional Nagios server, however the server will lack any service checks outside of the single Nagios Server health check.
+
+### defining checks
+
+NRPE commands are defined in recipes using the nrpe_check LWRP provider in the nrpe cookbooks. For base system monitoring such as load, ssh, memory, etc you may want to create a cookbook in your environment that defines each monitoring command via the LWRP.
+
+With NRPE commands created using the LWRP you will need to define Nagios services to use those commands. These services are defined using the `nagios_services` data bag and applied to roles and/or environments. See --Services--
+
+### enabling notifications
+
+You need to set `default['nagios']['notifications_enabled'] = 1` attribute on your Nagios server to enable email notifications.
+
+For email notifications to work an appropriate mail program package and local MTA need to be installed so that /usr/bin/mail or /bin/mail is available on the system.
+
+Example:
+
+Include [postfix cookbook](https://github.com/opscode-cookbooks/postfix) to be installed on your Nagios server node.
+
+Add override_attributes to your `monitoring` role:
+
+```ruby
+# roles/monitoring.rb
+name 'monitoring'
+description 'Monitoring Server'
+run_list(
+  'recipe[nagios:default]',
+  'recipe[postfix]'
+)
+
+override_attributes(
+  'nagios' => { 'notifications_enabled' => '1' },
+  'postfix' => { 'myhostname':'your_hostname', 'mydomain':'example.com' }
+)
+
+default_attributes(
+  'nagios' => { 'server_auth_method' => 'htauth' }
+)
+```
+
+```bash
+knife role from file monitoring.rb
+```
+
+## Contributors
+
+This project exists thanks to all the people who [contribute.](https://opencollective.com/sous-chefs/contributors.svg?width=890&button=false)
+
+### Backers
+
+Thank you to all our backers!
+
+![https://opencollective.com/sous-chefs#backers](https://opencollective.com/sous-chefs/backers.svg?width=600&avatarHeight=40)
+
+### Sponsors
+
+Support this project by becoming a sponsor. Your logo will show up here with a link to your website.
+
+![https://opencollective.com/sous-chefs/sponsor/0/website](https://opencollective.com/sous-chefs/sponsor/0/avatar.svg?avatarHeight=100)
+![https://opencollective.com/sous-chefs/sponsor/1/website](https://opencollective.com/sous-chefs/sponsor/1/avatar.svg?avatarHeight=100)
+![https://opencollective.com/sous-chefs/sponsor/2/website](https://opencollective.com/sous-chefs/sponsor/2/avatar.svg?avatarHeight=100)
+![https://opencollective.com/sous-chefs/sponsor/3/website](https://opencollective.com/sous-chefs/sponsor/3/avatar.svg?avatarHeight=100)
+![https://opencollective.com/sous-chefs/sponsor/4/website](https://opencollective.com/sous-chefs/sponsor/4/avatar.svg?avatarHeight=100)
+![https://opencollective.com/sous-chefs/sponsor/5/website](https://opencollective.com/sous-chefs/sponsor/5/avatar.svg?avatarHeight=100)
+![https://opencollective.com/sous-chefs/sponsor/6/website](https://opencollective.com/sous-chefs/sponsor/6/avatar.svg?avatarHeight=100)
+![https://opencollective.com/sous-chefs/sponsor/7/website](https://opencollective.com/sous-chefs/sponsor/7/avatar.svg?avatarHeight=100)
+![https://opencollective.com/sous-chefs/sponsor/8/website](https://opencollective.com/sous-chefs/sponsor/8/avatar.svg?avatarHeight=100)
+![https://opencollective.com/sous-chefs/sponsor/9/website](https://opencollective.com/sous-chefs/sponsor/9/avatar.svg?avatarHeight=100)