From 660cfad9e72c5bd714b5615b0f813e02b92d9293 Mon Sep 17 00:00:00 2001
From: stuebinm
Date: Mon, 4 Mar 2024 02:14:39 +0100
Subject: monit: some kinda reasonable checks

---
 flora/services/monit.nix | 39 +++++++++++++++++++++++++++++++++++----
 1 file changed, 35 insertions(+), 4 deletions(-)

(limited to 'flora/services')

diff --git a/flora/services/monit.nix b/flora/services/monit.nix
index c8f7b3f..28a0503 100644
--- a/flora/services/monit.nix
+++ b/flora/services/monit.nix
@@ -15,18 +15,49 @@
           localhost
           port 2525
 
-      set httpd port 2812 and use address localhost
+      set httpd port 2812 address localhost
           allow localhost
-          allow admin:obwjoawijerfoijsiwfj29jf2f2jd
 
       check filesystem root with path /
             if space usage > 80% then alert
             if inode usage > 80% then alert
 
       check host stuebinm.eu with address stuebinm.eu
-            if failed
-              port 443 protocol https
+            if failed port 443 with protocol https
             then alert
+
+      check host akkoma with address pleroma.stuebinm.eu
+            if failed port 443 with protocol https
+            then alert
+
+      check host murmur with address meow.noms.ing
+            if failed port 64738 of type tcp using ssl with expect "NixOS"
+            then alert
+
+      check process sshd with pidfile /var/run/sshd.pid
+            start program  "${pkgs.systemd}/bin/systemctl start sshd"
+            stop program  "${pkgs.systemd}/bin/systemctl stop sshd"
+            if failed port 22 protocol ssh for 2 cycles then restart
+
+      check process postfix with pidfile /var/lib/postfix/queue/pid/master.pid
+            start program = "${pkgs.systemd}/bin/systemctl start postfix"
+            stop program = "${pkgs.systemd}/bin/systemctl stop postfix"
+            if failed port 25 protocol smtp for 5 cycles then restart
+
+      check process dovecot with pidfile /var/run/dovecot2/master.pid
+            start program = "${pkgs.systemd}/bin/systemctl start dovecot2"
+            stop program = "${pkgs.systemd}/bin/systemctl stop dovecot2"
+            if failed host mail.stuebinm.eu port 993 type tcpssl sslauto protocol imap for 5 cycles then restart
+
+      check host bahnhof.name with address bahnhof.name
+            if failed port 443 with protocol https
+            then alert
+
+      set mail-format {
+        subject: $SERVICE: $EVENT
+        message: Action: $ACTION $SERVICE: $DESCRIPTION.
+      ($DATE)
+      }
     '';
   };
 }
-- 
cgit v1.2.3