5 files changed, 290 insertions, 0 deletions
diff --git a/nixos/modules/services/monitoring/nagios/commands.cfg b/nixos/modules/services/monitoring/nagios/commands.cfg
new file mode 100644
index 0000000000000..6efdefcd37dcd
--- /dev/null
+++ b/nixos/modules/services/monitoring/nagios/commands.cfg
@@ -0,0 +1,34 @@
+define command {
+    command_name host-notify-by-email
+    command_line printf "%b" "To: $CONTACTEMAIL$\nSubject: [Nagios] Host $HOSTSTATE$ alert for $HOSTNAME$\n\n***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\nHost: $HOSTNAME$\nState: $HOSTSTATE$\nAddress: $HOSTADDRESS$\nInfo: $HOSTOUTPUT$\n\nDate/Time: $LONGDATETIME$\n" | sendmail $CONTACTEMAIL$
+}
+
+
+define command {
+    command_name notify-by-email
+    command_line printf "%b" "To: $CONTACTEMAIL$\nSubject: [Nagios] $NOTIFICATIONTYPE$ alert - $HOSTALIAS$/$SERVICEDESC$ is $SERVICESTATE$\n\n***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\nService: $SERVICEDESC$\nHost: $HOSTALIAS$\nAddress: $HOSTADDRESS$\nState: $SERVICESTATE$\n\nDate/Time: $LONGDATETIME$\n\nAdditional Info:\n\n$SERVICEOUTPUT$" | sendmail $CONTACTEMAIL$
+}
+
+
+define command {
+    command_name dummy-ok
+    command_line true
+}
+
+
+define command {
+    command_name check-host-alive
+    command_line check_ping -H $HOSTADDRESS$ -w 3000.0,80% -c 5000.0,100% -p 1
+}
+
+
+define command {
+    command_name check_local_disk
+    command_line check_disk -w $ARG1$ -c $ARG2$ -p $ARG3$
+}
+
+
+define command {
+    command_name check_ssh
+    command_line check_ssh $HOSTADDRESS$
+}
diff --git a/nixos/modules/services/monitoring/nagios/default.nix b/nixos/modules/services/monitoring/nagios/default.nix
new file mode 100644
index 0000000000000..c809a3b84573f
--- /dev/null
+++ b/nixos/modules/services/monitoring/nagios/default.nix
@@ -0,0 +1,186 @@
+# Nagios system/network monitoring daemon.
+{ config, pkgs, ... }:
+
+with pkgs.lib;
+
+let
+
+  cfg = config.services.nagios;
+
+  nagiosUser = "nagios";
+  nagiosGroup = "nogroup";
+
+  nagiosState = "/var/lib/nagios";
+  nagiosLogDir = "/var/log/nagios";
+
+  nagiosObjectDefs =
+    [ ./timeperiods.cfg
+      ./host-templates.cfg
+      ./service-templates.cfg
+      ./commands.cfg
+    ] ++ cfg.objectDefs;
+
+  nagiosObjectDefsDir = pkgs.runCommand "nagios-objects" {inherit nagiosObjectDefs;}
+    "ensureDir $out; ln -s $nagiosObjectDefs $out/";
+
+  nagiosCfgFile = pkgs.writeText "nagios.cfg"
+    ''
+      # Paths for state and logs.
+      log_file=${nagiosLogDir}/current
+      log_archive_path=${nagiosLogDir}/archive
+      status_file=${nagiosState}/status.dat
+      object_cache_file=${nagiosState}/objects.cache
+      comment_file=${nagiosState}/comment.dat
+      downtime_file=${nagiosState}/downtime.dat
+      temp_file=${nagiosState}/nagios.tmp
+      lock_file=/var/run/nagios.lock # Not used I think.
+      state_retention_file=${nagiosState}/retention.dat
+
+      # Configuration files.
+      #resource_file=resource.cfg
+      cfg_dir=${nagiosObjectDefsDir}
+
+      # Uid/gid that the daemon runs under.
+      nagios_user=${nagiosUser}
+      nagios_group=${nagiosGroup}
+
+      # Misc. options.
+      illegal_macro_output_chars=`~$&|'"<>
+      retain_state_information=1
+    ''; # "
+
+  # Plain configuration for the Nagios web-interface with no
+  # authentication.
+  nagiosCGICfgFile = pkgs.writeText "nagios.cgi.conf"
+    ''
+      main_config_file=${nagiosCfgFile}
+      use_authentication=0
+      url_html_path=/nagios
+    '';
+
+  urlPath = cfg.urlPath;
+
+  extraHttpdConfig =
+    ''
+      ScriptAlias ${urlPath}/cgi-bin ${pkgs.nagios}/sbin
+
+      <Directory "${pkgs.nagios}/sbin">
+        Options ExecCGI
+        AllowOverride None
+        Order allow,deny
+        Allow from all
+        SetEnv NAGIOS_CGI_CONFIG ${nagiosCGICfgFile}
+      </Directory>
+
+      Alias ${urlPath} ${pkgs.nagios}/share
+
+      <Directory "${pkgs.nagios}/share">
+        Options None
+        AllowOverride None
+        Order allow,deny
+        Allow from all
+      </Directory>
+    '';
+
+in
+
+{
+  ###### interface
+
+  options = {
+
+    services.nagios = {
+
+      enable = mkOption {
+        default = false;
+        description = "
+          Whether to use <link
+          xlink:href='http://www.nagios.org/'>Nagios</link> to monitor
+          your system or network.
+        ";
+      };
+
+      objectDefs = mkOption {
+        description = "
+          A list of Nagios object configuration files that must define
+          the hosts, host groups, services and contacts for the
+          network that you want Nagios to monitor.
+        ";
+      };
+
+      plugins = mkOption {
+        default = [pkgs.nagiosPluginsOfficial pkgs.ssmtp];
+        description = "
+          Packages to be added to the Nagios <envar>PATH</envar>.
+          Typically used to add plugins, but can be anything.
+        ";
+      };
+
+      enableWebInterface = mkOption {
+        default = false;
+        description = "
+          Whether to enable the Nagios web interface.  You should also
+          enable Apache (<option>services.httpd.enable</option>).
+        ";
+      };
+
+      urlPath = mkOption {
+        default = "/nagios";
+        description = "
+          The URL path under which the Nagios web interface appears.
+          That is, you can access the Nagios web interface through
+          <literal>http://<replaceable>server</replaceable>/<replaceable>urlPath</replaceable></literal>.
+        ";
+      };
+
+    };
+
+  };
+
+
+  ###### implementation
+
+  config = mkIf cfg.enable {
+
+    users.extraUsers = singleton
+      { name = nagiosUser;
+        uid = config.ids.uids.nagios;
+        description = "Nagios monitoring daemon";
+        home = nagiosState;
+      };
+
+    # This isn't needed, it's just so that the user can type "nagiostats
+    # -c /etc/nagios.cfg".
+    environment.etc = singleton
+      { source = nagiosCfgFile;
+        target = "nagios.cfg";
+      };
+
+    environment.systemPackages = [ pkgs.nagios ];
+
+    jobs.nagios =
+      { description = "Nagios monitoring daemon";
+
+        startOn = "started network-interfaces";
+        stopOn = "stopping network-interfaces";
+
+        preStart =
+          ''
+            mkdir -m 0755 -p ${nagiosState} ${nagiosLogDir}
+            chown ${nagiosUser} ${nagiosState} ${nagiosLogDir}
+          '';
+
+        script =
+          ''
+            for i in ${toString config.services.nagios.plugins}; do
+              export PATH=$i/bin:$i/sbin:$i/libexec:$PATH
+            done
+            exec ${pkgs.nagios}/bin/nagios ${nagiosCfgFile}
+          '';
+      };
+
+    services.httpd.extraConfig = optionalString cfg.enableWebInterface extraHttpdConfig;
+
+  };
+
+}
diff --git a/nixos/modules/services/monitoring/nagios/host-templates.cfg b/nixos/modules/services/monitoring/nagios/host-templates.cfg
new file mode 100644
index 0000000000000..3a4c269e25721
--- /dev/null
+++ b/nixos/modules/services/monitoring/nagios/host-templates.cfg
@@ -0,0 +1,27 @@
+define host {
+    name                            generic-host
+    notifications_enabled           1
+    event_handler_enabled           1
+    flap_detection_enabled          1
+    failure_prediction_enabled      1
+    process_perf_data               1
+    retain_status_information       1
+    retain_nonstatus_information    1
+    notification_period             24x7
+    register                        0
+}
+
+
+define host {
+    name                            generic-server
+    use                             generic-host
+    check_period                    24x7
+    max_check_attempts              10
+    check_command                   check-host-alive
+    notification_period             24x7
+    notification_interval           120
+    notification_options            d,u,r
+    contact_groups                  admins
+    register                        0
+    #check_interval                 1
+}
diff --git a/nixos/modules/services/monitoring/nagios/service-templates.cfg b/nixos/modules/services/monitoring/nagios/service-templates.cfg
new file mode 100644
index 0000000000000..e729ea77675d3
--- /dev/null
+++ b/nixos/modules/services/monitoring/nagios/service-templates.cfg
@@ -0,0 +1,32 @@
+define service {
+    name                            generic-service
+    active_checks_enabled           1
+    passive_checks_enabled          1
+    parallelize_check               1
+    obsess_over_service             1
+    check_freshness                 0
+    notifications_enabled           1
+    event_handler_enabled           1
+    flap_detection_enabled          1
+    failure_prediction_enabled      1
+    process_perf_data               1
+    retain_status_information       1
+    retain_nonstatus_information    1
+    is_volatile                     0
+    register                        0
+}
+
+
+define service {
+    name                            local-service
+    use                             generic-service
+    check_period                    24x7
+    max_check_attempts              4
+    normal_check_interval           5
+    retry_check_interval            1
+    contact_groups                  admins
+    notification_options            w,u,c,r
+    notification_interval           0 # notify only once
+    notification_period             24x7
+    register                        0
+}
diff --git a/nixos/modules/services/monitoring/nagios/timeperiods.cfg b/nixos/modules/services/monitoring/nagios/timeperiods.cfg
new file mode 100644
index 0000000000000..2669be54d3db1
--- /dev/null
+++ b/nixos/modules/services/monitoring/nagios/timeperiods.cfg
@@ -0,0 +1,11 @@
+define timeperiod {
+    timeperiod_name 24x7
+    alias           24 Hours A Day, 7 Days A Week
+    sunday          00:00-24:00
+    monday          00:00-24:00
+    tuesday         00:00-24:00
+    wednesday       00:00-24:00
+    thursday        00:00-24:00
+    friday          00:00-24:00
+    saturday        00:00-24:00
+}