-
Notifications
You must be signed in to change notification settings - Fork 30
/
130 - monit.sh
233 lines (208 loc) · 7.24 KB
/
130 - monit.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
#!/bin/bash
#
# Monit system monitoring. See also http://mmonit.com/wiki/Monit/ConfigurationExamples
#
# Copyright (c) 2012 Filip Wasilewski <en@ig.ma>.
#
# My ref: http://www.linode.com/?r=aadfce9845055011e00f0c6c9a5c01158c452deb
function monit_install {
aptitude -y install monit
}
function monit_configure_email {
# system_monit_configure_email(email)
cat <<EOT >/etc/monit/conf.d/email-interface
set mailserver localhost
set alert $1
EOT
}
function monit_configure_web {
# system_monit_configure_web(domain)
cat <<EOT >/etc/monit/conf.d/web-interface
set httpd port 2812 and
use address $1
allow $(randomString 10):$(randomString 30)
allow @sudo readonly
signature disable
EOT
ufw allow 2812/tcp
}
function monit_def_system {
# monit_def_system(hostname)
cat <<EOT >/etc/monit/conf.d/system.cfg
check system $1
if loadavg (1min) > 10 then alert
if loadavg (5min) > 7 then alert
if memory usage > 85% then alert
if swap usage > 25% then alert
if cpu usage (user) > 90% then alert
if cpu usage (system) > 60% then alert
if cpu usage (wait) > 50% then alert
group system
EOT
}
function monit_def_rootfs {
cat <<EOT >/etc/monit/conf.d/rootfs.cfg
check filesystem rootfs with path /
if space usage > 80% for 5 times within 15 cycles then alert
if inode usage > 85% then alert
group system
EOT
}
function monit_def_cron {
cat <<EOT >/etc/monit/conf.d/cron.cfg
check process cron with pidfile /var/run/crond.pid
start program = "/sbin/start cron"
stop program = "/sbin/stop cron"
if 5 restarts within 5 cycles then timeout
depends on cron_rc
group system
check file cron_rc with path /etc/init.d/cron
if failed checksum then unmonitor
if failed permission 755 then unmonitor
if failed uid root then unmonitor
if failed gid root then unmonitor
group system
EOT
}
function monit_def_sshd {
cat <<EOT >/etc/monit/conf.d/sshd.cfg
check process sshd with pidfile /var/run/sshd.pid
start program "/etc/init.d/ssh start"
stop program "/etc/init.d/ssh stop"
# if failed port 22 protocol ssh then restart
# if 3 restarts within 3 cycles then timeout
EOT
}
function monit_def_ping_google {
cat <<EOT >/etc/monit/conf.d/ping_google.cfg
check host google-ping with address google.com
if failed port 80 proto http then alert
group server
EOT
}
function monit_def_postfix {
cat <<EOT >/etc/monit/conf.d/postfix.cfg
check process postfix with pidfile /var/spool/postfix/pid/master.pid
start program = "/etc/init.d/postfix start"
stop program = "/etc/init.d/postfix stop"
if cpu > 60% for 2 cycles then alert
if cpu > 80% for 5 cycles then restart
if totalmem > 200.0 MB for 5 cycles then restart
if children > 250 then restart
if loadavg(5min) greater than 10 for 8 cycles then stop
if failed host localhost port 25 protocol smtp with timeout 15 seconds then alert
if failed host localhost port 25 protocol smtp for 3 cycles then restart
if 3 restarts within 5 cycles then timeout
group mail
check file postfix_rc with path /etc/init.d/postfix
if failed checksum then unmonitor
if failed permission 755 then unmonitor
if failed uid root then unmonitor
if failed gid root then unmonitor
group mail
EOT
}
function monit_def_postgresql {
cat <<EOT >/etc/monit/conf.d/postgresql.cfg
check process postgres with pidfile /var/run/postgresql/9.1-main.pid
start program = "/etc/init.d/postgresql start"
stop program = "/etc/init.d/postgresql stop"
if failed unixsocket /var/run/postgresql/.s.PGSQL.5432 protocol pgsql then restart
if failed host localhost port 5432 protocol pgsql then restart
if 5 restarts within 5 cycles then timeout
depends on postgresql_bin
depends on postgresql_rc
group database
check file postgresql_bin with path /usr/lib/postgresql/9.1/bin/postgres
if failed checksum then unmonitor
if failed permission 755 then unmonitor
if failed uid root then unmonitor
if failed gid root then unmonitor
group database
check file postgresql_rc with path /etc/init.d/postgresql
if failed checksum then unmonitor
if failed permission 755 then unmonitor
if failed uid root then unmonitor
if failed gid root then unmonitor
group database
check file postgresql_log with path /var/log/postgresql/postgresql-9.1-main.log
if size > 100 MB then alert
group database
EOT
}
function monit_def_mysql {
cat <<EOT > /etc/monit/conf.d/mysql.cfg
check process mysqld with pidfile /var/run/mysqld/mysqld.pid
start program = "/sbin/start mysql" with timeout 20 seconds
stop program = "/sbin/stop mysql"
if failed host localhost port 3306 protocol mysql then restart
if failed unixsocket /var/run/mysqld/mysqld.sock protocol mysql then restart
if 5 restarts within 5 cycles then timeout
depends on mysql_bin
depends on mysql_rc
group database
check file mysql_bin with path /usr/sbin/mysqld
if failed checksum then unmonitor
if failed permission 755 then unmonitor
if failed uid root then unmonitor
if failed gid root then unmonitor
group database
check file mysql_rc with path /etc/init.d/mysql
if failed checksum then unmonitor
if failed permission 755 then unmonitor
if failed uid root then unmonitor
if failed gid root then unmonitor
group database
EOT
}
function monit_def_mongodb {
cat <<EOT >/etc/monit/conf.d/mongodb.cfg
check process mongodb with pidfile /var/lib/mongodb/mongod.lock
start program = "/sbin/start mongodb"
stop program = "/sbin/stop mongodb"
if failed host localhost port 28017 protocol http
and request "/" with timeout 10 seconds then restart
if 5 restarts within 5 cycles then timeout
group database
EOT
}
function monit_def_memcached {
cat <<EOT >/etc/monit/conf.d/memcached.cfg
check process memcached with pidfile /var/run/memcached.pid
start program = "/etc/init.d/memcached start"
stop program = "/etc/init.d/memcached stop"
if 5 restarts within 5 cycles then timeout
group database
EOT
}
function monit_def_apache {
cat <<EOT >/etc/monit/conf.d/apache2.cfg
check process apache with pidfile /var/run/apache2.pid
start program = "/etc/init.d/apache2 start"
stop program = "/etc/init.d/apache2 stop"
if cpu > 60% for 2 cycles then alert
if cpu > 80% for 5 cycles then alert
if totalmem > 200.0 MB for 5 cycles then alert
if children > 250 then alert
if loadavg(5min) greater than 10 for 8 cycles then stop
if failed host localhost port 80 protocol HTTP request / within 2 cycles then alert
if failed host localhost port 80 protocol apache-status
dnslimit > 25% or loglimit > 80% or waitlimit < 20% retry 2 within 2 cycles then alert
#if 5 restarts within 5 cycles then timeout
depends on apache_bin
depends on apache_rc
group www
check file apache_bin with path /usr/sbin/apache2
if failed checksum then unmonitor
if failed permission 755 then unmonitor
if failed uid root then unmonitor
if failed gid root then unmonitor
group www
check file apache_rc with path /etc/init.d/apache2
if failed checksum then unmonitor
if failed permission 755 then unmonitor
if failed uid root then unmonitor
if failed gid root then unmonitor
group www
EOT
}