Faidon has uploaded a new change for review.

  https://gerrit.wikimedia.org/r/70407


Change subject: nrpe: revert to the nagios user/paths, clean up
......................................................................

nrpe: revert to the nagios user/paths, clean up

There's no reason that I can see to modify init scripts and config files
all over the place to make nrpe run as the "icinga" user and from
/etc/icinga/nrpe.d rather than the nagios user & paths that the package
installs. There's also no reason to modify nrpe.cfg when there's
nrpe_local.cfg.

Clean all that up, revert to the stock init script & nrpe.cfg and leave
a comment to remove all that calls when puppet has been run everywhere.
This does *not*: rm -rf /etc/icinga, deluser icinga, delgroup icinga, rm
-rf /home/icinga (previously left), as it would also affect neon and
there's no good way to do this in puppet. Left for laters :)

Change-Id: I0e5b55e497c34806426742f002db0631aa006e67
---
M files/icinga/nagios-nrpe-server-init
M files/icinga/nrpe.cfg
M manifests/nrpe.pp
M templates/icinga/nrpe_local.cfg.erb
4 files changed, 35 insertions(+), 34 deletions(-)


  git pull ssh://gerrit.wikimedia.org:29418/operations/puppet 
refs/changes/07/70407/1

diff --git a/files/icinga/nagios-nrpe-server-init 
b/files/icinga/nagios-nrpe-server-init
index 1af139a..c0e62c2 100755
--- a/files/icinga/nagios-nrpe-server-init
+++ b/files/icinga/nagios-nrpe-server-init
@@ -17,8 +17,8 @@
 DAEMON=/usr/sbin/nrpe
 NAME=nagios-nrpe
 DESC=nagios-nrpe
-CONFIG=/etc/icinga/nrpe.cfg
-PIDDIR=/var/run/icinga
+CONFIG=/etc/nagios/nrpe.cfg
+PIDDIR=/var/run/nagios
 
 test -x $DAEMON || exit 0
 
@@ -43,7 +43,7 @@
 #since /var/run can be wiped completly we create our run directory here
 if [ ! -d "$PIDDIR" ]; then 
        mkdir "$PIDDIR"
-       chown icinga "$PIDDIR"
+       chown nagios "$PIDDIR"
 fi
 
 set -e
@@ -59,14 +59,12 @@
        ;;
   stop)
        log_daemon_msg "Stopping $DESC" "$NAME"
-    start-stop-daemon --stop --quiet --oknodo --pidfile $PIDDIR/nrpe.pid 
--retry 15
+       start-stop-daemon --stop --quiet --oknodo --pidfile $PIDDIR/nrpe.pid 
--retry 15
        log_end_msg $?
-    #sometimes deleting the pidfile fails. cleanup afterwards.
-    test -e $PIDDIR/nrpe.pid && rm $PIDDIR/nrpe.pid
        ;;
   reload|force-reload)
        log_daemon_msg "Reloading $DESC configuration files" "$NAME"
-    start-stop-daemon --stop --signal HUP --quiet --pidfile $PIDDIR/nrpe.pid
+       start-stop-daemon --stop --signal HUP --quiet --pidfile $PIDDIR/nrpe.pid
        log_end_msg $?
        ;;
   status)
@@ -74,7 +72,7 @@
     ;;
   restart)
        $0 stop
-       sleep 15
+       sleep 1
        $0 start
        ;;
   *)
diff --git a/files/icinga/nrpe.cfg b/files/icinga/nrpe.cfg
index 010ab9d..40c9e10 100644
--- a/files/icinga/nrpe.cfg
+++ b/files/icinga/nrpe.cfg
@@ -2,6 +2,7 @@
 # Sample NRPE Config File 
 # Written by: Ethan Galstad ([email protected])
 # 
+# Last Modified: 11-23-2007
 #
 # NOTES:
 # This is a sample configuration file for the NRPE daemon.  It needs to be
@@ -22,7 +23,7 @@
 # number.  The file is only written if the NRPE daemon is started by the root
 # user and is running in standalone mode.
 
-pid_file=/var/run/icinga/nrpe.pid
+pid_file=/var/run/nagios/nrpe.pid
 
 
 
@@ -50,7 +51,7 @@
 # 
 # NOTE: This option is ignored if NRPE is running under either inetd or xinetd
 
-nrpe_user=icinga
+nrpe_user=nagios
 
 
 
@@ -75,8 +76,8 @@
 #
 # NOTE: This option is ignored if NRPE is running under either inetd or xinetd
 
-allowed_hosts=127.0.0.1,208.80.154.14,208.80.152.161
-
+allowed_hosts=127.0.0.1
+ 
 
 
 # COMMAND ARGUMENT PROCESSING
@@ -216,11 +217,10 @@
 #
 # local configuration:
 #      if you'd prefer, you can instead place directives here
-include=/etc/icinga/nrpe_local.cfg
+include=/etc/nagios/nrpe_local.cfg
 
 # 
 # you can place your config snipplets into nrpe.d/
+# only snipplets ending in .cfg will get included
 include_dir=/etc/nagios/nrpe.d/
-include_dir=/etc/icinga/nrpe.d/
-
 
diff --git a/manifests/nrpe.pp b/manifests/nrpe.pp
index e2ccc3f..de9373a 100644
--- a/manifests/nrpe.pp
+++ b/manifests/nrpe.pp
@@ -11,7 +11,7 @@
 define nrpe::check($command) {
        Class[nrpe::packages] -> Nrpe::Check[$title]
 
-       file { "/etc/icinga/nrpe.d/${title}.cfg":
+       file { "/etc/nagios/nrpe.d/${title}.cfg":
                owner => root,
                group => root,
                mode => 0444,
@@ -77,6 +77,24 @@
                ensure => present;
        }
 
+       file { "/etc/nagios/nrpe_local.cfg":
+               ensure => present,
+               owner => root,
+               group => root,
+               mode => 0444,
+               content => template("icinga/nrpe_local.cfg.erb"),
+               require => Package[nagios-nrpe-server],
+       }
+
+       file { "/usr/lib/nagios/plugins/check_dpkg":
+               ensure => present,
+               owner => root,
+               group => root,
+               mode => 0555,
+               source => "puppet:///files/icinga/check_dpkg",
+       }
+
+       # TBD: remove all that, completely unneeded
        package { [ "icinga-nrpe-server" ]:
                ensure => absent;
        }
@@ -92,23 +110,12 @@
                        group => root,
                        mode => 0755,
                        ensure => directory;
-               "/etc/icinga/nrpe_local.cfg":
-                       require => Package[nagios-nrpe-server],
-                       owner => root,
-                       group => root,
-                       mode => 0444,
-                       content => template("icinga/nrpe_local.cfg.erb");
-               "/usr/lib/nagios/plugins/check_dpkg":
-                       owner => root,
-                       group => root,
-                       mode => 0555,
-                       source => "puppet:///files/icinga/check_dpkg";
                "/etc/init.d/nagios-nrpe-server":
                        owner => root,
                        group => root,
                        mode => 0755,
                        source => 
"puppet:///files/icinga/nagios-nrpe-server-init";
-               "/etc/icinga/nrpe.cfg":
+               "/etc/nagios/nrpe.cfg":
                        owner => root,
                        group => root,
                        mode => 0644,
@@ -117,13 +124,11 @@
 }
 
 class nrpe::service {
-       include icinga::user
-
        Class[nrpe::packages] -> Class[nrpe::service]
 
        service { nagios-nrpe-server:
-               require => [ Package[nagios-nrpe-server], 
File["/etc/icinga/nrpe_local.cfg"], File["/usr/lib/nagios/plugins/check_dpkg"] 
],
-               subscribe => File["/etc/icinga/nrpe_local.cfg"],
+               require => [ Package[nagios-nrpe-server], 
File["/etc/nagios/nrpe_local.cfg"], File["/usr/lib/nagios/plugins/check_dpkg"] 
],
+               subscribe => File["/etc/nagios/nrpe_local.cfg"],
                pattern => "/usr/sbin/nrpe",
                hasrestart => true,
                restart => "killall nrpe; sleep 2; 
/etc/init.d/nagios-nrpe-server start",
diff --git a/templates/icinga/nrpe_local.cfg.erb 
b/templates/icinga/nrpe_local.cfg.erb
index 33214e8..214741f 100644
--- a/templates/icinga/nrpe_local.cfg.erb
+++ b/templates/icinga/nrpe_local.cfg.erb
@@ -1,4 +1,3 @@
-pid_file=/var/run/icinga/nrpe.pid
 allowed_hosts=<%= scope.lookupvar("nrpe::packages::nrpe_allowed_hosts") %>
 
 command[check_disk_5_2]=/usr/lib/nagios/plugins/check_disk -w 5% -c 2% -l -e
@@ -35,5 +34,4 @@
 # end swift process checks
 
 # this isn't in all /etc/nagios/nrpe.cfg's and is safe to duplicate
-include_dir=/etc/icinga/nrpe.d/
 include_dir=/etc/nagios/nrpe.d/

-- 
To view, visit https://gerrit.wikimedia.org/r/70407
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I0e5b55e497c34806426742f002db0631aa006e67
Gerrit-PatchSet: 1
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Faidon <[email protected]>

_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

Reply via email to