configuration-templates
/monit/debian/monitrc |
@@ -0,0 +1,21 @@ |
########################################################################### |
## Copyright (C) Wizardry and Steamworks 2017 - License: GNU GPLv3 ## |
########################################################################### |
|
set daemon 120 # check services at 2-minute intervals |
set logfile /var/log/monit.log |
set idfile /var/lib/monit/id |
set statefile /var/lib/monit/state |
set eventqueue |
basedir /var/lib/monit/events # set the base directory where events will be stored |
slots 100 # optionally limit the queue size |
set httpd port 2812 and |
use address localhost # only accept connection from localhost |
allow localhost # allow localhost to connect to the server and |
|
# Enable only if using mmonit and set the IP and credentials accordingly. |
# set mmonit http://monit:monit@192.168.0.1:8080/collector |
# and register without credentials # Don't register credentials |
|
# Include all templates from this directory. |
include /etc/monit/conf.d/* |
/monit/debian/templates/apache |
@@ -0,0 +1,16 @@ |
########################################################################### |
## Copyright (C) Wizardry and Steamworks 2017 - License: GNU GPLv3 ## |
########################################################################### |
|
check process apache with pidfile /var/run/apache2/apache2.pid |
group www-data |
start program = "/etc/init.d/apache2 start" |
stop program = "/etc/init.d/apache2 stop" |
# if failed host www-data.example.com port 80 protocol http |
# and request "/monit/token" then restart |
if cpu is greater than 60% for 2 cycles then alert |
if cpu > 80% for 5 cycles then restart |
if totalmem > 500 MB for 5 cycles then restart |
if children > 250 then restart |
if loadavg(5min) greater than 10 for 8 cycles then stop |
# if 3 restarts within 5 cycles then timeout |
/monit/debian/templates/bind |
@@ -0,0 +1,10 @@ |
########################################################################### |
## Copyright (C) Wizardry and Steamworks 2017 - License: GNU GPLv3 ## |
########################################################################### |
|
check process named with pidfile /var/run/named/named.pid |
start program = "/etc/init.d/bind9 start" |
stop program = "/etc/init.d/bind9 stop" |
if failed host 127.0.0.1 port 53 type tcp protocol dns then restart |
if failed host 127.0.0.1 port 53 type udp protocol dns then restart |
# if 5 restarts within 5 cycles then timeout |
/monit/debian/templates/corrade |
@@ -0,0 +1,12 @@ |
########################################################################### |
## Copyright (C) Wizardry and Steamworks 2017 - License: GNU GPLv3 ## |
########################################################################### |
|
# This is a monit service file for the Second Life Corrade scripted agent. |
# You will most likely need to change /home/corrade/Corrade.exe.lock to |
# point to Corrade.exe.lock where you have placed the rest of the Corrade files. |
|
check process corrade with pidfile /home/corrade/Corrade.exe.lock |
start program = "/etc/init.d/corrade start" |
stop program = "/etc/init.d/corrade stop" |
# if 5 restarts within 5 cycles then timeout |
/monit/debian/templates/dhcpd |
@@ -0,0 +1,9 @@ |
########################################################################### |
## Copyright (C) Wizardry and Steamworks 2017 - License: GNU GPLv3 ## |
########################################################################### |
|
check process dhcpd with pidfile /var/run/dhcpd.pid |
start program = "/etc/init.d/isc-dhcp-server start" |
stop program = "/etc/init.d/isc-dhcp-server stop" |
if failed host 127.0.0.1 port 67 type udp then restart |
# if 5 restarts within 5 cycles then timeout |
/monit/debian/templates/dovecot |
@@ -0,0 +1,17 @@ |
########################################################################### |
## Copyright (C) Wizardry and Steamworks 2017 - License: GNU GPLv3 ## |
########################################################################### |
|
check process dovecot with pidfile /var/run/dovecot/master.pid |
start program = "/etc/init.d/dovecot start" |
stop program = "/etc/init.d/dovecot stop" |
group mail |
if failed host mail.grimore.org port 993 type tcpssl sslauto protocol |
imap for 5 cycles then restart |
# if 3 restarts within 5 cycles then timeout |
depends dovecot_init |
depends dovecot_bin |
check file dovecot_init with path /etc/init.d/dovecot |
group mail |
check file dovecot_bin with path /usr/sbin/dovecot |
group mail |
/monit/debian/templates/fail2ban |
@@ -0,0 +1,10 @@ |
########################################################################### |
## Copyright (C) Wizardry and Steamworks 2017 - License: GNU GPLv3 ## |
########################################################################### |
|
check process fail2ban with pidfile /var/run/fail2ban/fail2ban.pid |
group services |
start program = "/etc/init.d/fail2ban force-start" |
stop program = "/etc/init.d/fail2ban stop" |
if failed unixsocket /var/run/fail2ban/fail2ban.sock then restart |
if 5 restarts within 5 cycles then timeout |
/monit/debian/templates/freeradius |
@@ -0,0 +1,13 @@ |
########################################################################### |
## Copyright (C) Wizardry and Steamworks 2017 - License: GNU GPLv3 ## |
########################################################################### |
|
# The monit file assumes that freeradius is listening on localhost |
# and that the shared secret is radpass. |
|
check process freeradius with pidfile /var/run/freeradius/freeradius.pid |
start program = "/etc/init.d/freeradius start" |
stop program = "/etc/init.d/freeradius stop" |
if failed host 127.0.0.1 port 1812 type udp protocol radius secret "radpass" then alert |
if failed host 127.0.0.1 port 1812 type udp protocol radius secret "radpass" then alert |
# if 5 restarts within 5 cycles then timeout |
/monit/debian/templates/i2p |
@@ -0,0 +1,8 @@ |
########################################################################### |
## Copyright (C) Wizardry and Steamworks 2017 - License: GNU GPLv3 ## |
########################################################################### |
|
check process i2p with pidfile /opt/i2p/i2p.pid |
start program "/etc/init.d/i2p restart" |
stop program "/etc/init.d/i2p stop" |
# if 5 restarts within 5 cycles then timeout |
/monit/debian/templates/libvirt-domain |
@@ -0,0 +1,16 @@ |
########################################################################### |
## Copyright (C) Wizardry and Steamworks 2017 - License: GNU GPLv3 ## |
########################################################################### |
|
# It is surprisingly easy to check virsh qemu-kvm processes using monit. |
# It suffices to supply the PID file and to stop and restart the virtual |
# machine using virsh. |
|
check process example.domain with pidfile /var/run/libvirt/qemu/example.domain.pid |
start program "/usr/bin/virsh start example.domain" |
stop program "/usr/bin/virsh stop example.domain" |
|
check host example.domain with address example.domain |
start program "/usr/bin/virsh start example.domain" |
stop program "/usr/bin/virsh stop example.domain" |
if failed icmp type echo count 5 with timeout 15 seconds then restart |
/monit/debian/templates/lighttpd |
@@ -0,0 +1,18 @@ |
########################################################################### |
## Copyright (C) Wizardry and Steamworks 2017 - License: GNU GPLv3 ## |
########################################################################### |
|
check process lighttpd with pidfile /var/run/lighttpd.pid |
start program = "/etc/init.d/lighttpd start" |
stop program = "/etc/init.d/lighttpd stop" |
if cpu > 60% for 2 cycles then alert |
if cpu > 80% for 5 cycles then restart |
if totalmem > 200.0 MB for 5 cycles then restart |
if children > 250 then restart |
if loadavg(5min) greater than 10 for 8 cycles then stop |
if failed host 127.0.0.1 port 82 protocol http then restart |
# enable for SSL |
# if failed host 127.0.0.1 port 443 type tcpssl protocol http |
with timeout 15 seconds |
then restart |
# if 3 restarts within 5 cycles then timeout |
/monit/debian/templates/mangosd |
@@ -0,0 +1,10 @@ |
########################################################################### |
## Copyright (C) Wizardry and Steamworks 2017 - License: GNU GPLv3 ## |
########################################################################### |
|
check process mangos with pidfile /srv/MaNGOS/bin/mangosd.pid |
group mangos |
start program = "/etc/init.d/mangosd start" |
stop program = "/etc/init.d/mangosd stop" |
if failed port 8085 type tcp then restart |
# if 5 restarts within 5 cycles then timeout |
/monit/debian/templates/minidlna |
@@ -0,0 +1,9 @@ |
########################################################################### |
## Copyright (C) Wizardry and Steamworks 2017 - License: GNU GPLv3 ## |
########################################################################### |
|
check process minidlna with pidfile /var/run/minidlna/minidlna.pid |
start program = "/etc/init.d/minidlna start" |
stop program = "/etc/init.d/minidlna stop" |
if failed host 127.0.0.1 port 8200 type tcp then restart |
# if 5 restarts within 5 cycles then timeout |
/monit/debian/templates/miniupnpd |
@@ -0,0 +1,9 @@ |
########################################################################### |
## Copyright (C) Wizardry and Steamworks 2017 - License: GNU GPLv3 ## |
########################################################################### |
|
check process miniupnpd with pidfile /var/run/miniupnpd.pid |
start program = "/etc/init.d/miniupnpd start" |
stop program = "/etc/init.d/miniupnpd stop" |
# if failed host 127.0.0.1 port 123 type udp then restart |
# if 5 restarts within 5 cycles then timeout |
/monit/debian/templates/mysqld |
@@ -0,0 +1,26 @@ |
########################################################################### |
## Copyright (C) Wizardry and Steamworks 2017 - License: GNU GPLv3 ## |
########################################################################### |
|
check process mysql with pidfile /var/run/mysqld/mysqld.pid |
group mysql |
start program = "/etc/init.d/mysql start" |
stop program = "/etc/init.d/mysql stop" |
if failed host 127.0.0.1 port 3306 protocol mysql then restart |
# if 5 restarts within 5 cycles then timeout |
depends on mysql_bin |
depends on mysql_rc |
|
check file mysql_bin with path /usr/sbin/mysqld |
group mysql |
if failed checksum then unmonitor |
if failed permission 755 then unmonitor |
if failed uid root then unmonitor |
if failed gid root then unmonitor |
|
check file mysql_rc with path /etc/init.d/mysql |
group mysql |
if failed checksum then unmonitor |
if failed permission 755 then unmonitor |
if failed uid root then unmonitor |
if failed gid root then unmonitor |
/monit/debian/templates/ntpd |
@@ -0,0 +1,12 @@ |
########################################################################### |
## Copyright (C) Wizardry and Steamworks 2017 - License: GNU GPLv3 ## |
########################################################################### |
|
# The monit file works assuming that /etc/init.d/ntp exists - |
# on some distributions, the init file is located at /etc/init.d/ntpd. |
|
check process ntpd with pidfile /var/run/ntpd.pid |
start program = "/etc/init.d/ntp start" |
stop program = "/etc/init.d/ntp stop" |
if failed host 127.0.0.1 port 123 type udp then restart |
# if 5 restarts within 5 cycles then timeout |
/monit/debian/templates/opensim |
@@ -0,0 +1,10 @@ |
########################################################################### |
## Copyright (C) Wizardry and Steamworks 2017 - License: GNU GPLv3 ## |
########################################################################### |
|
check process opensim with pidfile /srv/OpenSim/bin/OpenSim.pid |
group opensim |
start program "/etc/init.d/opensim start" |
stop program "/etc/init.d/opensim stop" |
if failed port 9000 type tcp then restart |
# if 5 restarts within 5 cycles then timeout |
/monit/debian/templates/openvpn |
@@ -0,0 +1,19 @@ |
########################################################################### |
## Copyright (C) Wizardry and Steamworks 2017 - License: GNU GPLv3 ## |
########################################################################### |
|
# The file assumes the following configuration: |
# * vpn-network.com is the network configured in /etc/openvpn/. |
# * tap0 is the TAP interface. |
# * 1.1.1.1 is the point-to-point VPN gateway. |
|
check process vpn-network with pidfile /var/run/vpn-network.pid |
start program = "/etc/init.d/openvpn start vpn-network.com" |
stop program = "/etc/init.d/openvpn stop vpn-network.com" |
|
check host tap0 with address 1.1.1.1 |
start program = "/etc/init.d/openvpn start vpn-network.com" |
stop program = "/etc/init.d/openvpn stop vpn-network.com" |
if failed |
icmp type echo count 5 with timeout 15 seconds |
then restart |
/monit/debian/templates/pdnsd |
@@ -0,0 +1,9 @@ |
########################################################################### |
## Copyright (C) Wizardry and Steamworks 2017 - License: GNU GPLv3 ## |
########################################################################### |
|
check process pdnsd with pidfile /var/run/pdnsd.pid |
start program "/etc/init.d/pdnsd start" |
stop program "/etc/init.d/pdnsd stop" |
if failed host 127.0.0.2 port 53 type tcp then restart |
# if 5 restarts within 5 cycles then timeout |
/monit/debian/templates/php5-fpm |
@@ -0,0 +1,8 @@ |
########################################################################### |
## Copyright (C) Wizardry and Steamworks 2017 - License: GNU GPLv3 ## |
########################################################################### |
|
check process php-fpm with pidfile /var/run/php5-fpm.pid |
start program = "/bin/systemctl start php5-fpm" |
stop program = "/bin/systemctl stop php5-fpm" |
# if 5 restarts within 5 cycles then timeout |
/monit/debian/templates/polipo |
@@ -0,0 +1,9 @@ |
########################################################################### |
## Copyright (C) Wizardry and Steamworks 2017 - License: GNU GPLv3 ## |
########################################################################### |
|
check process polipo with pidfile /var/run/polipo/polipo.pid |
start program "/etc/init.d/polipo start" |
stop program "/etc/init.d/polipo stop" |
if failed host 127.0.0.1 port 8123 type tcp then restart |
# if 5 restarts within 5 cycles then timeout |
/monit/debian/templates/postfix |
@@ -0,0 +1,18 @@ |
########################################################################### |
## Copyright (C) Wizardry and Steamworks 2017 - License: GNU GPLv3 ## |
########################################################################### |
|
check process postfix with pidfile /var/spool/postfix/pid/master.pid |
group mail |
start program = "/etc/init.d/postfix start" |
stop program = "/etc/init.d/postfix stop" |
if failed port 25 protocol smtp then restart |
# if 5 restarts within 5 cycles then timeout |
depends on postfix_rc |
|
check file postfix_rc with path /etc/init.d/postfix |
group mail |
if failed checksum then unmonitor |
if failed permission 755 then unmonitor |
if failed uid root then unmonitor |
if failed gid root then unmonitor |
/monit/debian/templates/privoxy |
@@ -0,0 +1,26 @@ |
########################################################################### |
## Copyright (C) Wizardry and Steamworks 2017 - License: GNU GPLv3 ## |
########################################################################### |
|
check process privoxy with pidfile /opt/privoxy/var/privoxy.pid |
group proxy |
start program = "/etc/init.d/privoxy start" |
stop program = "/etc/init.d/privoxy stop" |
# if 5 restarts within 5 cycles then timeout |
if failed host 192.168.1.1 port 8118 then restart |
depends on privoxy_bin |
depends on privoxy_rc |
|
check file privoxy_bin with path /opt/privoxy/sbin/privoxy |
group proxy |
if failed checksum then unmonitor |
if failed permission 755 then unmonitor |
if failed uid root then unmonitor |
if failed gid root then unmonitor |
|
check file privoxy_rc with path /etc/init.d/privoxy |
group proxy |
if failed checksum then unmonitor |
if failed permission 755 then unmonitor |
if failed uid root then unmonitor |
if failed gid root then unmonitor |
/monit/debian/templates/realmd |
@@ -0,0 +1,10 @@ |
########################################################################### |
## Copyright (C) Wizardry and Steamworks 2017 - License: GNU GPLv3 ## |
########################################################################### |
|
check process realm with pidfile /srv/MaNGOS/bin/realmd.pid |
group mangos |
start program = "/etc/init.d/realmd start" |
stop program = "/etc/init.d/realmd stop" |
if failed port 3724 type tcp then restart |
# if 5 restarts within 5 cycles then timeout |
/monit/debian/templates/samba |
@@ -0,0 +1,32 @@ |
########################################################################### |
## Copyright (C) Wizardry and Steamworks 2017 - License: GNU GPLv3 ## |
########################################################################### |
|
check file smbd_bin with path /usr/sbin/smbd |
if failed uid root then unmonitor |
if failed gid root then unmonitor |
group samba |
|
check process smbd with pidfile /var/run/samba/smbd.pid |
start program = "/etc/init.d/samba restart" |
stop program = "/etc/init.d/samba stop" |
if failed host 127.0.0.1 port 139 type TCP then restart |
# if 5 restarts within 5 cycles then timeout |
depends on smbd_bin |
group samba |
|
check process nmbd with pidfile /var/run/samba/nmbd.pid |
group samba |
start program = "/etc/init.d/samba restart" |
stop program = "/etc/init.d/samba stop" |
if failed host 127.0.0.1 port 138 type UDP then restart |
if failed host 127.0.0.1 port 137 type UDP then restart |
# if 5 restarts within 5 cycles then timeout |
depends on nmbd_bin |
|
check file nmbd_bin with path /usr/sbin/nmbd |
group samba |
if failed checksum then unmonitor |
if failed permission 755 then unmonitor |
if failed uid root then unmonitor |
if failed gid root then unmonitor |
/monit/debian/templates/squid |
@@ -0,0 +1,31 @@ |
########################################################################### |
## Copyright (C) Wizardry and Steamworks 2017 - License: GNU GPLv3 ## |
########################################################################### |
|
# The following configuration is assumed: |
# * proxy is the effective username running squid. |
# * 192.168.1.1 is the IP that squid is listening to. |
# * 3128 is the port that squid is listening on. |
|
check process squid with pidfile /var/run/squid3.pid |
group proxy |
start program = "/etc/init.d/squid3 start" |
stop program = "/etc/init.d/squid3 stop" |
if failed host proxy.internal port 8123 then restart |
#if 5 restarts within 5 cycles then timeout |
depends on squid_bin |
depends on squid_rc |
|
check file squid_bin with path /usr/sbin/squid3 |
group proxy |
if failed checksum then unmonitor |
if failed permission 755 then unmonitor |
if failed uid root then unmonitor |
if failed gid root then unmonitor |
|
check file squid_rc with path /etc/init.d/squid3 |
group proxy |
if failed checksum then unmonitor |
if failed permission 755 then unmonitor |
if failed uid root then unmonitor |
if failed gid root then unmonitor |
/monit/debian/templates/sshd |
@@ -0,0 +1,9 @@ |
########################################################################### |
## Copyright (C) Wizardry and Steamworks 2017 - License: GNU GPLv3 ## |
########################################################################### |
|
check process sshd with pidfile /var/run/sshd.pid |
start program "/etc/init.d/ssh start" |
stop program "/etc/init.d/ssh stop" |
if failed port 22 protocol ssh then restart |
# if 5 restarts within 5 cycles then timeout |
/monit/debian/templates/sshguard |
@@ -0,0 +1,9 @@ |
########################################################################### |
## Copyright (C) Wizardry and Steamworks 2017 - License: GNU GPLv3 ## |
########################################################################### |
|
check process sshguard with pidfile /var/run/sshguard.pid |
start program "/etc/init.d/sshguard start" |
stop program "/etc/init.d/sshguard stop" |
# if failed port 22 protocol ssh then restart |
# if 5 restarts within 5 cycles then timeout |
/monit/debian/templates/tinyproxy |
@@ -0,0 +1,9 @@ |
########################################################################### |
## Copyright (C) Wizardry and Steamworks 2017 - License: GNU GPLv3 ## |
########################################################################### |
|
check process tinyproxy with pidfile /var/run/tinyproxy/tinyproxy.pid |
start program "/etc/init.d/tinyproxy restart" |
stop program "/etc/init.d/tinyproxy stop" |
if failed host 127.0.0.1 port 8888 type tcp then restart |
# if 5 restarts within 5 cycles then timeout |
/monit/debian/templates/tor |
@@ -0,0 +1,9 @@ |
########################################################################### |
## Copyright (C) Wizardry and Steamworks 2017 - License: GNU GPLv3 ## |
########################################################################### |
|
check process tor with pidfile /var/run/tor/tor.pid |
start program "/etc/init.d/tor restart" |
stop program "/etc/init.d/tor stop" |
if failed host 127.0.0.1 port 9040 type tcp then restart |
# if 5 restarts within 5 cycles then timeout |
/monit/debian/templates/varnish |
@@ -0,0 +1,16 @@ |
########################################################################### |
## Copyright (C) Wizardry and Steamworks 2017 - License: GNU GPLv3 ## |
########################################################################### |
|
check process varnish with pidfile /var/run/varnishd.pid |
start program = "/etc/init.d/varnish start" |
stop program = "/etc/init.d/varnish stop" |
if cpu > 60% for 2 cycles then alert |
if cpu > 80% for 5 cycles then restart |
if totalmem > 200.0 MB for 5 cycles then restart |
if children > 250 then restart |
if loadavg(5min) greater than 10 for 8 cycles then stop |
# set to ip and port of varnish |
if failed host 127.0.0.1 port 80 protocol http then restart |
# enable only if you wish monit to stop trying to restart |
# if 3 restarts within 5 cycles then timeout |