library/roles/postfix-relay: Add the support for nagios nrpe checks.

infrastructure-services: Remove the smtp_relay_nagios_monitoring role, now is all handled by library/roles/postfix-relay.
This commit is contained in:
Andrea Dell'Amico 2016-08-09 18:57:37 +02:00
parent b41a6ad7ed
commit f54c2bb457
6 changed files with 352 additions and 18 deletions

View File

@ -1,4 +1,6 @@
---
postfix_enabled: True
postfix_install_packages: True
# Set it to true when you want configure your machine to send email to a relay
postfix_relay_client: False
postfix_biff: "no"
@ -30,3 +32,13 @@ postfix_message_size_limit: 10240000
postfix_sasl_packages:
- sasl2-bin
postfix_nagios_check: False
postfix_nagios_checks:
- check_postfix_mailqueue
- check_postfix_processed
nagios_postfix_mailq_w: 20
nagios_postfix_mailq_c: 50
nagios_postfix_processed_w: 50
nagios_postfix_processed_c: 150

View File

@ -0,0 +1,181 @@
#!/bin/bash
###################################################################
# check_postfix_mailqueue is developped with GPL Licence 2.0
#
# GPL License: http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt
#
# First version developped by : Bjoern Bongermino
#
###################################################################
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
####################################################################
#
# original https://gist.github.com/alexlehm/8084195
#
# created by McArt <hello@mcart.ru> http://www.mcart.ru/
# Uncomment to enable debugging
# set -x
PROGNAME=`basename $0`
VERSION="Version 2.0"
AUTHOR="McArt (http://www.mcart.ru)"
STATE_OK=0
STATE_WARNING=1
STATE_CRITICAL=2
STATE_UNKNOWN=3
warning=unknown
critical=unknown
print_version() {
echo "$PROGNAME $VERSION $AUTHOR"
}
print_help() {
print_version $PROGNAME $VERSION
echo ""
echo "$PROGNAME - Checks postfix mailqueue statistic"
echo ""
echo "$PROGNAME is a Nagios plugin which generates statistics"
echo "for the postfix mailqueue and checks for corrupt messages."
echo "The following values will be checked:"
echo "active: Mails being delivered (should be small)"
echo "deferred: Stuck mails (that will be retried later)"
echo "corrupt: Messages found to not be in correct format (should be 0)"
echo "hold: Recent addition, messages put on hold indefinitly - delete of free"
echo "bounced: Bounced mails"
echo ""
echo "Usage: $PROGNAME -w WARN-Level -c CRIT-Level"
echo ""
echo "Options:"
echo " -w)"
echo " Warning level for active mails"
echo " -c)"
echo " Critical level for active mail"
echo " -h)"
echo " This help"
echo " -v)"
echo " Version"
exit $STATE_OK
}
# Check for parameters
while test -n "$1"; do
case "$1" in
-h)
print_help
exit $STATE_OK;;
-v)
print_version
exit $STATE_OK;;
-w)
warning=$2
shift
;;
-c)
critical=$2
shift
;;
*)
echo "Usage: ./check_postfix_mailqueue2.sh -w <Warning level for active mails> -c <Critical level for active mail>"
;;
esac
shift
done
if [ $warning == "unknown" ] || [ $critical == "unknown" ]; then
echo "You need to specify warning and critical for active mails"
echo "Usage: ./check_postfix_mailqueue2.sh -w <warn> -c <crit>"
exit $STATE_UNKNOWN
fi
# make sure CRIT is larger than WARN
if [ $warning -ge $critical ];then
echo "UNKNOWN: WARN value may not be greater than or equal the CRIT value"
exit $OK
fi
check_postfix_mailqueue() {
# Can be set via environment, but default is fetched by postconf (if available,
# else /var/spool/postfix)
if which postconf > /dev/null ; then
SPOOLDIR=${spooldir:-`postconf -h queue_directory`}
else
SPOOLDIR=${spooldir:-/var/spool/postfix}
fi
cd $SPOOLDIR >/dev/null 2>/dev/null || {
echo -n "Cannot cd to $SPOOLDIR"
exit $STATE_CRITICAL
}
for d in deferred active corrupt hold
do
if [ ! -r $d ]
then
echo -n "queue dir '$d' is not readable"
exit $STATE_CRITICAL
fi
done
# Get values
deferred=`(test -d deferred && find deferred -type f ) | wc -l`
active=`(test -d active && find active -type f ) | wc -l`
corrupt=`(test -d corrupt && find corrupt -type f ) | wc -l`
hold=`( test -d hold && find hold -type f ) | wc -l`
bounced=`cat /var/log/mail.log | grep bounced | wc -l`
}
check_postfix_mailqueue
values="Deferred mails=$deferred Active deliveries=$active Corrupt mails=$corrupt Mails on hold=$hold Bounced mails=$bounced"
perfdata="deferred=$deferred;; active=$active;; corrupt=$corrupt;; hold=$hold;; bounced=$bounced;;"
if [ $corrupt -gt 0 ]; then
echo -n "Postfix Mailqueue WARNING - $corrupt corrupt messages found! | $perfdata"
exit $STATE_WARNING
fi
if [ $hold -gt 0 ]; then
echo -n "Postfix Mailqueue WARNING - $hold hold messages found! | $perfdata"
exit $STATE_WARNING
fi
if [ $deferred -gt 0 ]; then
echo -n "Postfix Mailqueue WARNING - $deferred deferred messages found! | $perfdata"
exit $STATE_WARNING
fi
if [ $bounced -gt 0 ]; then
echo -n "Postfix Mailqueue WARNING - $bounced bounced messages found! | $perfdata"
exit $STATE_WARNING
fi
if [ $active -gt $critical ]; then
MES_TO_EXIT="Postfix Mailqueue CRITICAL - $values | $perfdata"
STATE_TO_EXIT=$STATE_CRITICAL
elif [ $active -gt $warning ]; then
MES_TO_EXIT="Postfix Mailqueue WARNING - $values | $perfdata"
STATE_TO_EXIT=$STATE_WARNING
else
MES_TO_EXIT="Postfix Mailqueue OK - $values | $perfdata"
STATE_TO_EXIT=$STATE_OK
fi
echo -n $MES_TO_EXIT
echo -e "\n"
exit $STATE_TO_EXIT

View File

@ -0,0 +1,104 @@
#!/usr/bin/env bash
## This program is free software: you can redistribute it and/or modify
## it under the terms of the GNU General Public License as published by
## the Free Software Foundation, either version 3 of the License, or
## (at your option) any later version.
##
## This program is distributed in the hope that it will be useful,
## but WITHOUT ANY WARRANTY; without even the implied warranty of
## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
## GNU General Public License for more details.
##
# ===============
# check_postfixprocessed - plugin to check the number of mail processed by parsing logfiles
# ===============
# * mail processor written by Cecil Westerhof & Modifications for nagios by Frank IJskes
# * Christian Nutz identified the IF as slow on large logfiles, by only checking from the bottom up performance went back to normal
# version 2 uses AWK to improve processing / lower cpu load
# plugin return codes:
# 0 OK
# 1 Warning
# 2 Critical
# 3 Unknown
NO_OF_SECONDS=300
POSTFIX_LOG="/var/log/mail.log"
while getopts "hvw:c:" opt
do
case $opt in
h)
showhelp=1
break
;;
w)
warning="$OPTARG"
;;
c)
critical="$OPTARG"
;;
v)
verbose=1
;;
esac
done
printUsage() {
echo "Usage: $0 [-h] [-v] -w <warning> -c <critical>"
echo ""
echo "Example: $0 -w 50 -c 100"
}
printHelp() {
printUsage
echo ""
echo "This plugin checks the number of messages processed by Postfix in the last 5 minutes."
echo ""
echo "For more details, see inside the script ;)"
echo ""
exit 3
}
if [ "$showhelp" = "1" ]; then
printHelp
exit 3
fi
if [ ! "$warning" ] || [ ! "$critical" ]; then
printUsage
exit 3
fi
if [ $warning -ge $critical ]; then
echo "<warning> has to be smaller than <critical>!"
exit 3
fi
if [ ! "$POSTFIX_LOG" ]; then
echo "Could not find postfix log!"
exit 3
fi
countSentMessages () {
NOW=`date +%s`
DATE_FROM=`awk -v now=$NOW -v seconds=$NO_OF_SECONDS 'BEGIN{print strftime("%b %d %T", now-seconds)}'`
DATE_TO=`awk -v now=$NOW 'BEGIN{print strftime("%b %d %T", now)}'`
echo `awk '$0>=from && $0<=to' from="$DATE_FROM" to="$DATE_TO" ${POSTFIX_LOG} | grep ' postfix/smtp\[.*, status=sent ' | wc -l`
}
sentMessagesCount=`countSentMessages`
echo "Messages processed in the last $NO_OF_SECONDS seconds: $sentMessagesCount | mailsprocessed=$sentMessagesCount"
if [ "$sentMessagesCount" -ge "$critical" ]; then
exit 2
elif [ "$sentMessagesCount" -ge "$warning" ]; then
exit 1
else
exit 0
fi

View File

@ -3,15 +3,19 @@
- name: Reload postfix
service: name=postfix state=reloaded
when: postfix_enabled
- name: Restart postfix
service: name=postfix state=restarted
when: postfix_enabled
- name: Update the network hash table
shell: postmap hash:/etc/postfix/network_table
- name: start saslauth daemon
service: name=saslauthd state=started enabled=yes
when: postfix_enabled
- name: restart saslauth daemon
service: name=saslauthd state=restarted
when: postfix_enabled

View File

@ -1,21 +1,50 @@
---
- name: Install postfix and libsas to do mail relay
action: apt pkg={{ item }} state=present
- block:
- name: Install postfix and libsas to do mail relay
action: apt pkg={{ item }} state=present update_cache=yes cache_valid_time=1800
with_items:
- postfix
- libsasl2-2
tags:
- postfix-relay
- name: Write the postfix main configuration file
- name: Write the postfix main configuration file
template: src=main.cf.j2 dest=/etc/postfix/main.cf owner=root group=root mode=0444
notify: Restart postfix
tags:
- postfix-relay
- name: Activate the submission port on the postfix master file
- name: Activate the submission port on the postfix master file
template: src=postfix-master.cf.j2 dest=/etc/postfix/master.cf owner=root group=root mode=0444
notify: Restart postfix
tags:
- postfix-relay
- name: Install the postfix NRPE nagios check
copy: src={{ item }} dest={{ nagios_plugins_dir }}/{{ item }} owner=root group=nagios mode=0555
with_items: '{{ postfix_nagios_checks }}'
when: postfix_nagios_check
tags: [ 'postfix-relay', 'nagios', 'nrpe' ]
- name: Install the postfix NRPE command configuration
template: src=postfix-nrpe.cfg.j2 dest={{ nrpe_include_dir }}/postfix-nrpe.cfg owner=root group=root mode=0444
notify: Reload NRPE server
when: postfix_nagios_check
tags: [ 'postfix-relay', 'nagios', 'nrpe' ]
- name: Ensure that postfix is started and enabled
service: name=postfix state=started enabled=yes
when: postfix_enabled
- name: Ensure that postfix is stopped and disabled
service: name=postfix state=stopped enabled=no
when: not postfix_enabled
when: postfix_install_packages
tags: postfix-relay
- block:
- name: Remove postfix and libsas
action: apt pkg={{ item }} state=absent
with_items:
- postfix
- libsasl2-2
when: not postfix_install_packages
tags: postfix-relay

View File

@ -0,0 +1,4 @@
# Postfix mailq
command[postfix_check_mailqueue]=/usr/bin/sudo {{ nagios_plugins_dir }}/check_postfix_mailqueue -w {{ nagios_postfix_mailq_w }} -c {{ nagios_postfix_mailq_c }}
# Postfix processed
command[postfix_check_processed]=/usr/bin/sudo {{ nagios_plugins_dir }}/check_postfix_processed -w {{ nagios_postfix_processed_w }} -c {{ nagios_postfix_processed_c }}