Skip to content
This repository has been archived by the owner on Apr 10, 2024. It is now read-only.

Latest commit

 

History

History
176 lines (146 loc) · 4.17 KB

README.md

File metadata and controls

176 lines (146 loc) · 4.17 KB

yunomonitor

Easy monitoring for YunoHost

Features

This script allow you to monitor easily your servers. You can check outside the server to monitor:

  • Ping of domains you use in your servers
  • Availibility of your web app (HTTP 200 answer)
  • TLS certificate correctly renewed
  • Resolver DNS are up
  • DNS are well configured
  • All mail things are ok (SMTP, IMAP, Blacklist)
  • XMPP is working

And inside the server to monitor:

  • DNS resolution is correctly done
  • Services are up
  • Health of your hard drive disk
  • Free space available
  • Backup are correctly done

If you are using YunoHost, all this things are configured automatically from the configuration of the YunoHost to monitor.

This script supports ipv4 and ipv6.

It is extensible to add other kind of checks plugin and other kinds of actions (alert) plugin.

Usage

On the server to monitor:

*/8 * * * * some_user python3 yunomonitor.py -e MONITORING_SERVER [...]

On the monitoring server:

*/8 * * * * some_user python3 yunomonitor.py [SERVER_TO_MONITOR ...] [-m MAIL [MAIL ...]] [-s URL_SMS] [-c URL_CACHET]

Dependencies

This script is designed to run with these dependencies:

  • python3-yaml
  • python3-dnspython
  • python3-requests-toolbelt
  • python3-spf
  • whois
  • an SMTP server running on the machine

If you want to use the autoconfiguration mechanism, you need to configure on nginx a HTTPS .well-known/yunomonitor/ path. You need also in this case to have on monitoring server a ssh key on /etc/ssh/ssh_host_rsa_key

Checks

Here is a list of all checks methods. Each method return a list of small messages that describe errors append.

ping

NO_IPV4_PING: NO_IPV6_PING:

ip_address

C_DOMAIN_UNCONFIGURED C_DOMAIN_UNCONFIGURED_IN_IPV4 I_DOMAIN_UNCONFIGURED_IN_IPV6

tls(ip_address)

E_CERT_RENEWED_FAILED C_CERT_INVALID C_PORT_CLOSED_OR_SERVICE_DOWN

https_200(tls)

C_TIMEOUT, ip, msg: C_TOO_MANY_REDIRECTS, ip, msg: C_SSO_CAPTURE: C_UNKNOWN_ERROR, ip, msg: C_HTTP_XXX, msg:

domain_renewal

I_DOMAIN_EXPIRATION_NOT_FOUND W_DOMAIN_WILL_EXPIRE E_DOMAIN_NEARLY_EXPIRE C_DOMAIN_EXPIRE

dns_resolver

C_BROKEN_NAMESERVER C_TIMEOUT C_DOMAIN_UNCONFIGURED C_NO_ANSWER C_UNEXPECTED_ANSWER

smtp

E_NO_MX_RECORD C_DOMAIN_UNCONFIGURED C_REVERSE_MISSING C_REVERSE_MISMATCH C_BLACKLISTED E_CERT_RENEWED_FAILED C_PORT_CLOSED_OR_SERVICE_DOWN

imap

pop

xmpp

dns_resolution(dns_resolver)

service_up

C_NOT_FOUND C_DOWN C_FAILED

disk_health

W_SMART_NOT_SUPPORTED E_SMART_DISABLED E_SMART_HALF_WORKING C_DISK_FAILURE

free_space

C_FREE_SPACE E_FREE_SPACE W_FREE_SPACE

backuped

E_NEVER_BACKUP E_MISSING_BACKUP E_BACKUP_NOT_TRIGGERED E_BACKUP_BROKEN

ynh_upgrade

W_APP_NEED_UPGRADE W_PKG_NEED_UPGRADE

Alerts

Mail alerts

This module send one email by failures checks.

SMS alerts

This module send a condensate of all failures on all servers in one sms (sms apis are rarely free).

Cachet update

This module update components in cachet and open incident with information that could be shown publicly.

Why this script is in one file ?

Because in some case, I need to deploy it quickly. An unique file is simple.

I have analyzed solution like nagios and zabbix, and these tools are very powerfull, but the cost to deploy and configure it is to high for my objective to deploy YunoHost with monitoring and backup automatically.

Bypass automatic configuration tools

You can create a configuration file that will be used instead of the one generated by placing it in /etc/yunomonitor/DOMAIN.conf

ping:
    - some.domain.tld
    - other.domain.tld
https_200:
    - wikipedia.org
    - your.website.org
dns_resolver:
    # Your favorite DNS resolver which you want to check is up
    - 11.22.33.44
    - 66.77.88.99
free_dns_service:
    # Will test that a specific resolver correctly resolves a specific domain
    - [ 'your.resolver.org', 'some.somain.tld', '12.34.56.78' ]
disk_health: True
free_space:
    warning: 
    danger: 
__components__:
    - id: nextcloud__2
      name: Nextcloud
      label: Projet Vert
      uris: 
          - other.domain.tld/
      services:
          - nginx
    - id: borg
      name: BorgBackup
      label: Sauvegarde 1
      backup: all
      uris:
      services: