ansible-base/roles/icinga2_server/templates/conf.d/command-custom.conf.j2
2020-10-03 14:19:22 +02:00

144 lines
4.8 KiB
Django/Jinja

object CheckCommand "dane" {
import "plugin-check-command"
command = [ PluginDir + "/check_dane" ]
arguments = {
"--host" = {
value = "$dane_host$"
required = true
description = "Hostname to check"
}
"--port" = {
value = "$dane_port$"
required = true
description = "TCP port to check"
}
"--connect-host" = {
value = "$dane_connect_host$"
description = "Connect to this host instead of $dane_host$"
}
"--connect-port" = {
value = "$dane_connect_port$"
description = "Connect to this host instead of $dane_port$"
}
"--starttls" = {
value = "$dane_starttls$"
description = "Send the protocol-specific messages to enable TLS. Possible values: smtp, imap, xmpp, quassel"
}
"--check-pkix" = {
set_if = "$dane_check_pkix$"
description = "Additionally perform traditional checks on the certificate (ca trust path, hostname, expiry)."
}
"--nameserver" = {
value = "$dane_nameserver$"
description = "Use a custom nameserver."
}
"--min-days-valid" = {
value = "$dane_min_days_valid$"
description = "Minimum number of days a certificate has to be valid. Format: INTEGER[,INTEGER]. 1st is #days for warning, 2nd is critical."
}
"--timeout" = {
value = "$dane_timeout$"
description = "Network timeout in sec. Default: 10"
}
"--no-dnssec" = {
set_if = "$dane_no_dnssec$"
description = "Continue even when DNS replies aren't DNSSEC authenticated."
}
}
}
object CheckCommand "openvpn" {
import "ipv4-or-ipv6"
command = [ PluginDir + "/check_openvpn", "$openvpn_address$" ]
arguments = {
"-p" = {
value = "$openvpn_port$"
description = "set port number (default is 1194)"
}
"-t" = {
set_if = "$openvpn_tcp$"
description = "use tcp instead of udp"
}
"--timeout" = {
value = "$openvpn_timeout$"
description = "set timeout in seconds, for udp counted per packet (default is 2)"
}
"--digest" = {
value = "$openvpn_digest$"
description = "set digest algorithm (default is 'sha1')"
}
"--digest-size" = {
value = "$openvpn_digest_size$"
description = "set HMAC digest size"
}
"--digest-key-client" = {
value = "$openvpn_digest_key_client$"
description = "set client HMAC key"
}
"--digest-key-server" = {
value = "$openvpn_key_server$"
description = "set server HMAC key for packet validation"
}
"--tls-auth" = {
value = "$openvpn_tls_auth$"
description = "set tls-auth file"
}
"--tls-auth-inverse" = {
value = "$openvpn_tls_auth_inverse$"
description = "set tls-auth file direction to inverse (1)"
}
"--retrycount" = {
value = "$openvpn_retrycount$"
description = "number of udp retries before giving up (default is 3)"
}
"--no-validation" = {
value = "$openvpn_no_validation$"
description = "do not validate response"
}
}
vars.openvpn_address = "$check_address$"
vars.openvpn_tls_auth = "$openvpn_takey$"
}
object CheckCommand "by_ssh_wirebrass" {
import "by_ssh"
vars.by_ssh_custom_plugins_path = "{{ icinga2_server_nagios_plugins_location }}"
vars.by_ssh_logname = "nagios"
vars.by_ssh_identity = "/var/lib/icinga2/.ssh/id_rsa"
vars.by_ssh_options = [ "ControlMaster=auto","ControlPath=/var/run/icinga2/$host.name$","ControlPersist=10m"]
}
object CheckCommand "rdns" {
import "plugin-check-command"
command = [ PluginDir + "/check_rdns" ]
arguments = {
"-H" = {
value = "$rdns_address$"
required = true
description = "Address to reverse"
}
"-a" = {
value = "$rdns_expect$"
required = false
description = "Expected result"
}
"-s" = {
value = "$rdns_server$"
required = false
description = "The DNS server to contact"
}
}
}