diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..ac917d7 --- /dev/null +++ b/Makefile @@ -0,0 +1,13 @@ +build: + sudo docker build -t surveil_image tools/test_env + +kill: + - sudo docker stop surveil + - sudo docker rm surveil + +run: kill build + sudo docker run -d -t --name surveil surveil_image + sudo docker inspect --format='{{.NetworkSettings.IPAddress}}' surveil + +run-interactive: kill build + sudo docker run -i -t --name surveil surveil_image bash diff --git a/tools/test_env/Dockerfile b/tools/test_env/Dockerfile new file mode 100644 index 0000000..76ef15c --- /dev/null +++ b/tools/test_env/Dockerfile @@ -0,0 +1,77 @@ +FROM ubuntu:trusty + +MAINTAINER Alexandre Viau + + +RUN apt-get update +RUN apt-get install -y vim + +### Shinken +RUN apt-get install -y python-pip +RUN useradd shinken && pip install https://github.com/naparuba/shinken/archive/master.tar.gz +RUN apt-get install -y python-pycurl +RUN shinken --init + +## modules +RUN shinken install webui +RUN shinken install auth-cfg-password +RUN pip install influxdb && shinken install mod-influxdb +RUN shinken install ws-arbiter + +## plugins +RUN apt-get install -y nagios-plugins +# run permissions for user `shinken` +RUN chmod u+s /usr/lib/nagios/plugins/check_icmp +RUN chmod u+s /bin/ping +RUN chmod u+s /bin/ping6 + +## configuration +RUN rm -rf /etc/shinken +ADD etc/shinken /etc/shinken +RUN chown -R root:shinken /etc/shinken + +### Influxdb +RUN apt-get install -y wget curl +RUN wget http://s3.amazonaws.com/influxdb/influxdb_latest_amd64.deb +RUN useradd influxdb # We should remove this when issue is fixed (https://github.com/influxdb/influxdb/issues/670) +RUN dpkg -i influxdb_latest_amd64.deb +RUN service influxdb start && sleep 10 && curl -X POST 'http://localhost:8086/db?u=root&p=root' -d '{"name": "grafana"}' && curl -X POST 'http://localhost:8086/db?u=root&p=root' -d '{"name": "db"}' # We should remove the sleep when this issue is fixed: https://github.com/influxdb/influxdb/issues/805 + +### Riemann +RUN wget http://aphyr.com/riemann/riemann_0.2.6_all.deb +RUN sudo dpkg -i riemann_0.2.6_all.deb +RUN sudo apt-get install -y openjdk-7-jre +ADD etc/riemann/riemann.config /etc/riemann/riemann.config + +### Grafana +RUN apt-get install -y apache2 +RUN wget http://grafanarel.s3.amazonaws.com/grafana-1.7.0-rc1.tar.gz +RUN tar xvf grafana-1.7.0-rc1.tar.gz +RUN mv grafana-1.7.0-rc1 /var/www/html/grafana +ADD etc/apache2/sites-available/grafana.conf /etc/apache2/sites-available/grafana.conf +ADD var/www/html/grafana/config.js /var/www/html/grafana/config.js + +## Influxdb reverse proxy for grafana +RUN apt-get install -y libapache2-mod-proxy-html +RUN a2enmod proxy_http +ADD etc/apache2/conf-enabled/influxdb.conf /etc/apache2/conf-enabled/influxdb.conf + +### Supervisor +RUN apt-get -y install supervisor +ADD etc/supervisor /etc/supervisor + +# Shinken WEBUI +EXPOSE 7767 + +# Influxdb +EXPOSE 8083 +EXPOSE 8084 +EXPOSE 8086 + +# Grafana +EXPOSE 80 + +# Riemann +EXPOSE 5555 + +CMD ["/usr/bin/supervisord"] diff --git a/tools/test_env/etc/apache2/conf-enabled/influxdb.conf b/tools/test_env/etc/apache2/conf-enabled/influxdb.conf new file mode 100644 index 0000000..240799b --- /dev/null +++ b/tools/test_env/etc/apache2/conf-enabled/influxdb.conf @@ -0,0 +1,6 @@ +# ProxyPass /influxdb/db/db http://localhost:8086/db/db +# ProxyPass /influxdb/db/grafana http://localhost:8086/db/grafana + +ProxyRequests Off +ProxyPass /influxdb/ http://localhost:8086/ +ProxyPassReverse /influxdb/ http://localhost:8086/ diff --git a/tools/test_env/etc/apache2/sites-available/grafana.conf b/tools/test_env/etc/apache2/sites-available/grafana.conf new file mode 100644 index 0000000..8c4425d --- /dev/null +++ b/tools/test_env/etc/apache2/sites-available/grafana.conf @@ -0,0 +1,8 @@ +Alias /grafana /var/www/html/grafana/ + + + Order allow,deny + Allow from 127.0.0.1 + Allow from ::1 + Allow from all + diff --git a/tools/test_env/etc/riemann/riemann.config b/tools/test_env/etc/riemann/riemann.config new file mode 100644 index 0000000..60d4475 --- /dev/null +++ b/tools/test_env/etc/riemann/riemann.config @@ -0,0 +1,25 @@ +; -*- mode: clojure; -*- +; vim: filetype=clojure + +(logging/init {:file "/var/log/riemann/riemann.log"}) + +; Listen on the local interface over TCP (5555), UDP (5555), and websockets +; (5556) +(let [host "0.0.0.0"] + (tcp-server {:host host}) + (udp-server {:host host}) + (ws-server {:host host})) + +; Expire old events from the index every 5 seconds. +(periodically-expire 5) + +(let [index (index)] + ; Inbound events will be passed to these streams: + (streams + (default :ttl 60 + ; Index all events immediately. + index + + ; Log expired events. + (expired + (fn [event] (info "expired" event)))))) diff --git a/tools/test_env/etc/shinken/arbiters/arbiter-master.cfg b/tools/test_env/etc/shinken/arbiters/arbiter-master.cfg new file mode 100644 index 0000000..f621cc5 --- /dev/null +++ b/tools/test_env/etc/shinken/arbiters/arbiter-master.cfg @@ -0,0 +1,53 @@ +#=============================================================================== +# ARBITER +#=============================================================================== +# Description: The Arbiter is responsible for: +# - Loading, manipulating and dispatching the configuration +# - Validating the health of all other Shinken daemons +# - Issuing global directives to Shinken daemons (kill, activate-spare, etc.) +# https://shinken.readthedocs.org/en/latest/08_configobjects/arbiter.html +#=============================================================================== +# IMPORTANT: If you use several arbiters you MUST set the host_name on each +# servers to its real DNS name ('hostname' command). +#=============================================================================== +define arbiter { + arbiter_name arbiter-master + #host_name node1 ; CHANGE THIS if you have several Arbiters + address localhost ; DNS name or IP + port 7770 + spare 0 ; 1 = is a spare, 0 = is not a spare + + ## Interesting modules: + # - named-pipe = Open the named pipe nagios.cmd + # - mongodb = Load hosts from a mongodb database + # - PickleRetentionArbiter = Save data before exiting + # - nsca = NSCA server + # - VMWare_auto_linking = Lookup at Vphere server for dependencies + # - import-glpi = Import configuration from GLPI (need plugin monitoring for GLPI in server side) + # - TSCA = TSCA server + # - MySQLImport = Load configuration from a MySQL database + # - ws-arbiter = WebService for pushing results to the arbiter + # - Collectd = Receive collectd perfdata + # - SnmpBooster = Snmp bulk polling module, configuration linker + # - import-landscape = Import hosts from Landscape (Ubuntu/Canonical management tool) + # - AWS = Import hosts from Amazon AWS (here EC2) + # - ip-tag = Tag an host based on it's IP range + # - FileTag = Tag an host if it's on a flat file + # - CSVTag = Tag an host from the content of a CSV file + + modules named-pipe + #modules named-pipe, mongodb, nsca, VMWare_auto_linking, ws-arbiter, Collectd, mport-landscape, SnmpBooster, AWS + + # Enable https or not + use_ssl 0 + # enable certificate/hostname check, will avoid man in the middle attacks + hard_ssl_name_check 0 + + ## Uncomment these lines in a HA architecture so the master and slaves know + ## how long they may wait for each other. + #timeout 3 ; Ping timeout + #data_timeout 120 ; Data send timeout + #max_check_attempts 3 ; If ping fails N or more, then the node is dead + #check_interval 60 ; Ping node every N seconds + accept_passive_unknown_check_results 1 +} diff --git a/tools/test_env/etc/shinken/brokers/broker-master.cfg b/tools/test_env/etc/shinken/brokers/broker-master.cfg new file mode 100644 index 0000000..b5d6bf4 --- /dev/null +++ b/tools/test_env/etc/shinken/brokers/broker-master.cfg @@ -0,0 +1,50 @@ +#=============================================================================== +# BROKER (S1_Broker) +#=============================================================================== +# Description: The broker is responsible for: +# - Exporting centralized logs of all Shinken daemon processes +# - Exporting status data +# - Exporting performance data +# - Exposing Shinken APIs: +# - Status data +# - Performance data +# - Configuration data +# - Command interface +# https://shinken.readthedocs.org/en/latest/08_configobjects/broker.html +#=============================================================================== +define broker { + broker_name broker-master + address localhost + port 7772 + spare 0 + + ## Optional + manage_arbiters 1 ; Take data from Arbiter. There should be only one + ; broker for the arbiter. + manage_sub_realms 1 ; Does it take jobs from schedulers of sub-Realms? + timeout 3 ; Ping timeout + data_timeout 120 ; Data send timeout + max_check_attempts 3 ; If ping fails N or more, then the node is dead + check_interval 60 ; Ping node every N seconds + + ## Modules + # Default: None + # Interesting modules that can be used: + # - simple-log = just all logs into one file + # - livestatus = livestatus listener + # - ToNdodb_Mysql = NDO DB support + # - npcdmod = Use the PNP addon + # - graphite = Use a Graphite time series DB for perfdata + # - webui = Shinken Web interface + # - glpidb = Save data in GLPI MySQL database + modules WebUI,mod-influxdb + + # Enable https or not + use_ssl 0 + # enable certificate/hostname check, will avoid man in the middle attacks + hard_ssl_name_check 0 + + ## Advanced + realm All + accept_passive_unknown_check_results 1 +} diff --git a/tools/test_env/etc/shinken/certs/02.pem b/tools/test_env/etc/shinken/certs/02.pem new file mode 100644 index 0000000..3c3ab22 --- /dev/null +++ b/tools/test_env/etc/shinken/certs/02.pem @@ -0,0 +1,59 @@ +Certificate: + Data: + Version: 1 (0x0) + Serial Number: 2 (0x2) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=FR, ST=Some-State, O=CAShinken, CN=CAShinken Certificate Master/emailAddress=none@localhost + Validity + Not Before: Apr 17 09:23:00 2014 GMT + Not After : Apr 14 09:23:00 2024 GMT + Subject: C=FR, ST=Some-State, O=CAShinken, OU=MAIN, CN=shinken + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:ec:11:44:a8:e2:a2:1f:32:ea:ca:33:bb:a8:71: + e8:fd:37:2c:b1:73:e2:1e:a0:db:b4:b4:cb:ed:a0: + d7:80:31:46:25:d0:78:16:0c:59:9f:bf:27:03:69: + c2:99:de:42:6f:75:e9:9d:23:b7:7d:65:b6:66:cc: + 17:2d:3d:3d:94:54:56:04:52:b3:50:53:e5:2b:97: + 80:57:4e:58:43:7f:17:a5:8c:80:e8:a8:32:ec:db: + ea:61:54:d5:99:89:2d:4f:03:ca:f6:60:d7:3a:dc: + 07:3c:16:bd:07:7e:53:9c:0e:e6:2a:b7:78:a6:ce: + 6e:5f:69:02:a4:03:7c:6c:d0:08:e1:3c:83:ce:ca: + 79:59:c7:4f:55:82:0d:59:2d:d5:99:5a:6a:81:fa: + e4:c8:b0:1a:72:c5:28:1a:57:98:7a:d0:d2:5e:0a: + 8e:7e:75:fd:a9:8f:95:8a:72:42:29:b1:ed:f6:8d: + c7:36:47:a6:b9:4f:2a:64:84:43:06:5d:89:63:cb: + cb:fb:57:a3:b7:c0:85:fe:00:84:d9:be:31:f4:ab: + 77:b2:d8:ef:79:78:9b:ef:45:8d:ea:41:80:ed:84: + 10:4a:3d:b5:0a:0f:54:78:9e:c8:ea:fb:9f:88:76: + fb:bf:23:80:26:14:12:f1:49:31:b5:8b:32:a3:a1: + ed:bb + Exponent: 65537 (0x10001) + Signature Algorithm: sha1WithRSAEncryption + 18:7a:c2:89:67:35:1c:7d:de:58:be:ef:c1:48:01:48:ca:35: + e6:77:c7:64:03:cd:4c:ec:e8:5e:74:dc:0d:fb:fa:c0:e6:31: + 03:9c:79:5b:cd:6a:8b:54:fb:e7:82:b0:29:87:73:5c:6f:25: + 9c:20:e2:1f:fd:39:d7:ae:25:70:8a:33:83:bd:b7:1c:d2:fb: + d4:f0:e9:ae:63:74:ec:36:f7:4c:7a:93:f4:7e:d6:66:a3:95: + 2f:8a:41:12:75:c1:cb:65:54:81:92:07:41:2e:d6:6c:0e:ae: + a1:a6:bb:c9:e8:be:48:a4:ec:f2:eb:55:67:98:6e:c1:8b:1a: + 13:09 +-----BEGIN CERTIFICATE----- +MIICxjCCAi8CAQIwDQYJKoZIhvcNAQEFBQAwfDELMAkGA1UEBhMCRlIxEzARBgNV +BAgTClNvbWUtU3RhdGUxEjAQBgNVBAoTCUNBU2hpbmtlbjElMCMGA1UEAxMcQ0FT +aGlua2VuIENlcnRpZmljYXRlIE1hc3RlcjEdMBsGCSqGSIb3DQEJARYObm9uZUBs +b2NhbGhvc3QwHhcNMTQwNDE3MDkyMzAwWhcNMjQwNDE0MDkyMzAwWjBXMQswCQYD +VQQGEwJGUjETMBEGA1UECBMKU29tZS1TdGF0ZTESMBAGA1UEChMJQ0FTaGlua2Vu +MQ0wCwYDVQQLEwRNQUlOMRAwDgYDVQQDEwdzaGlua2VuMIIBIjANBgkqhkiG9w0B +AQEFAAOCAQ8AMIIBCgKCAQEA7BFEqOKiHzLqyjO7qHHo/TcssXPiHqDbtLTL7aDX +gDFGJdB4FgxZn78nA2nCmd5Cb3XpnSO3fWW2ZswXLT09lFRWBFKzUFPlK5eAV05Y +Q38XpYyA6Kgy7NvqYVTVmYktTwPK9mDXOtwHPBa9B35TnA7mKrd4ps5uX2kCpAN8 +bNAI4TyDzsp5WcdPVYINWS3VmVpqgfrkyLAacsUoGleYetDSXgqOfnX9qY+VinJC +KbHt9o3HNkemuU8qZIRDBl2JY8vL+1ejt8CF/gCE2b4x9Kt3stjveXib70WN6kGA +7YQQSj21Cg9UeJ7I6vufiHb7vyOAJhQS8UkxtYsyo6HtuwIDAQABMA0GCSqGSIb3 +DQEBBQUAA4GBABh6wolnNRx93li+78FIAUjKNeZ3x2QDzUzs6F503A37+sDmMQOc +eVvNaotU++eCsCmHc1xvJZwg4h/9OdeuJXCKM4O9txzS+9Tw6a5jdOw290x6k/R+ +1majlS+KQRJ1wctlVIGSB0Eu1mwOrqGmu8novkik7PLrVWeYbsGLGhMJ +-----END CERTIFICATE----- diff --git a/tools/test_env/etc/shinken/certs/README b/tools/test_env/etc/shinken/certs/README new file mode 100644 index 0000000..7cac7f7 --- /dev/null +++ b/tools/test_env/etc/shinken/certs/README @@ -0,0 +1,11 @@ +The CA pass phase is: +iloveshinken + +To generate new certificate with this CA, launch: +openssl req -new -nodes -out server.req -keyout server.key -config ./shinken_openssl_cnf +openssl ca -out server.pem -config ./shinken_openssl_cnf -infiles server.req +cp server.pem server.pem.bkp +cp server.key server.pem +cat server.pem.bkp >> server.pem +cp server.pem client.pem + diff --git a/tools/test_env/etc/shinken/certs/ca.pem b/tools/test_env/etc/shinken/certs/ca.pem new file mode 100755 index 0000000..bae94d1 --- /dev/null +++ b/tools/test_env/etc/shinken/certs/ca.pem @@ -0,0 +1,64 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + ec:5b:5d:da:d5:1b:e4:a8 + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=FR, ST=Some-State, O=CAShinken, CN=CAShinken Certificate Master/emailAddress=none@localhost + Validity + Not Before: Jan 12 10:04:58 2011 GMT + Not After : Jan 11 10:04:58 2014 GMT + Subject: C=FR, ST=Some-State, O=CAShinken, CN=CAShinken Certificate Master/emailAddress=none@localhost + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public Key: (1024 bit) + Modulus (1024 bit): + 00:c1:33:c6:fb:5b:33:fb:7f:26:90:0e:2d:5a:41: + ba:49:5d:3a:68:62:aa:99:0d:f9:ad:44:2c:4d:c2: + ae:6a:28:3e:5f:29:0f:68:ef:13:f3:b2:43:55:fa: + e7:71:74:29:19:e6:03:3f:c8:e1:f2:76:00:ed:ef: + 5b:92:1b:c6:92:db:56:f9:64:6c:97:f6:90:e3:94: + 42:14:ea:9c:f2:5a:a5:b8:d0:8f:b1:3b:79:2a:fe: + a7:d9:75:c9:38:72:5c:27:c0:c3:b6:7f:52:af:7a: + 2a:c3:35:1a:98:b7:ca:b0:5b:7e:3f:ce:bf:9c:37: + 69:46:ca:35:b2:38:c0:5b:f9 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 6F:9F:42:67:73:D0:3C:91:BC:39:EF:95:53:36:3A:B9:E3:09:53:DC + X509v3 Authority Key Identifier: + keyid:6F:9F:42:67:73:D0:3C:91:BC:39:EF:95:53:36:3A:B9:E3:09:53:DC + DirName:/C=FR/ST=Some-State/O=CAShinken/CN=CAShinken Certificate Master/emailAddress=none@localhost + serial:EC:5B:5D:DA:D5:1B:E4:A8 + + X509v3 Basic Constraints: + CA:TRUE + Signature Algorithm: sha1WithRSAEncryption + 25:ba:e5:78:da:29:0a:ce:97:0e:de:34:9f:e4:80:2b:aa:b5: + 91:24:e0:7c:69:89:a1:a4:9a:be:cf:63:39:6a:1f:6b:71:fa: + 7f:25:b5:34:fe:ae:20:9b:d9:47:66:9f:60:53:ef:d5:8f:70: + fb:b7:fc:fe:8c:6d:dc:81:1d:45:5a:c2:2f:a7:fa:f6:b3:28: + 52:75:c9:09:b7:c8:d1:40:cc:08:5d:a2:b1:fb:8a:1a:6c:ad: + 51:80:22:20:97:c2:cb:3f:8d:f4:c6:29:55:68:e6:ec:53:bd: + bd:a4:3c:94:af:54:48:f8:8c:4f:3f:8b:91:e7:1b:cd:26:59: + f9:2d +-----BEGIN CERTIFICATE----- +MIIDWTCCAsKgAwIBAgIJAOxbXdrVG+SoMA0GCSqGSIb3DQEBBQUAMHwxCzAJBgNV +BAYTAkZSMRMwEQYDVQQIEwpTb21lLVN0YXRlMRIwEAYDVQQKEwlDQVNoaW5rZW4x +JTAjBgNVBAMTHENBU2hpbmtlbiBDZXJ0aWZpY2F0ZSBNYXN0ZXIxHTAbBgkqhkiG +9w0BCQEWDm5vbmVAbG9jYWxob3N0MB4XDTExMDExMjEwMDQ1OFoXDTE0MDExMTEw +MDQ1OFowfDELMAkGA1UEBhMCRlIxEzARBgNVBAgTClNvbWUtU3RhdGUxEjAQBgNV +BAoTCUNBU2hpbmtlbjElMCMGA1UEAxMcQ0FTaGlua2VuIENlcnRpZmljYXRlIE1h +c3RlcjEdMBsGCSqGSIb3DQEJARYObm9uZUBsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN +AQEBBQADgY0AMIGJAoGBAMEzxvtbM/t/JpAOLVpBukldOmhiqpkN+a1ELE3Crmoo +Pl8pD2jvE/OyQ1X653F0KRnmAz/I4fJ2AO3vW5IbxpLbVvlkbJf2kOOUQhTqnPJa +pbjQj7E7eSr+p9l1yThyXCfAw7Z/Uq96KsM1Gpi3yrBbfj/Ov5w3aUbKNbI4wFv5 +AgMBAAGjgeIwgd8wHQYDVR0OBBYEFG+fQmdz0DyRvDnvlVM2OrnjCVPcMIGvBgNV +HSMEgacwgaSAFG+fQmdz0DyRvDnvlVM2OrnjCVPcoYGApH4wfDELMAkGA1UEBhMC +RlIxEzARBgNVBAgTClNvbWUtU3RhdGUxEjAQBgNVBAoTCUNBU2hpbmtlbjElMCMG +A1UEAxMcQ0FTaGlua2VuIENlcnRpZmljYXRlIE1hc3RlcjEdMBsGCSqGSIb3DQEJ +ARYObm9uZUBsb2NhbGhvc3SCCQDsW13a1RvkqDAMBgNVHRMEBTADAQH/MA0GCSqG +SIb3DQEBBQUAA4GBACW65XjaKQrOlw7eNJ/kgCuqtZEk4HxpiaGkmr7PYzlqH2tx ++n8ltTT+riCb2Udmn2BT79WPcPu3/P6MbdyBHUVawi+n+vazKFJ1yQm3yNFAzAhd +orH7ihpsrVGAIiCXwss/jfTGKVVo5uxTvb2kPJSvVEj4jE8/i5HnG80mWfkt +-----END CERTIFICATE----- diff --git a/tools/test_env/etc/shinken/certs/certindex.txt b/tools/test_env/etc/shinken/certs/certindex.txt new file mode 100644 index 0000000..6849ea2 --- /dev/null +++ b/tools/test_env/etc/shinken/certs/certindex.txt @@ -0,0 +1 @@ +V 210110132759Z 01 unknown /C=FR/ST=Some-State/O=CAShinken/OU=MAIN/CN=localhost diff --git a/tools/test_env/etc/shinken/certs/certindex.txt.attr b/tools/test_env/etc/shinken/certs/certindex.txt.attr new file mode 100644 index 0000000..8f7e63a --- /dev/null +++ b/tools/test_env/etc/shinken/certs/certindex.txt.attr @@ -0,0 +1 @@ +unique_subject = yes diff --git a/tools/test_env/etc/shinken/certs/certindex.txt.old b/tools/test_env/etc/shinken/certs/certindex.txt.old new file mode 100644 index 0000000..6849ea2 --- /dev/null +++ b/tools/test_env/etc/shinken/certs/certindex.txt.old @@ -0,0 +1 @@ +V 210110132759Z 01 unknown /C=FR/ST=Some-State/O=CAShinken/OU=MAIN/CN=localhost diff --git a/tools/test_env/etc/shinken/certs/client.pem b/tools/test_env/etc/shinken/certs/client.pem new file mode 100755 index 0000000..28c2019 --- /dev/null +++ b/tools/test_env/etc/shinken/certs/client.pem @@ -0,0 +1,86 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEowIBAAKCAQEAvw3smzbZuY3u0/JNPbYv3iNMlbYoSBCFX6yToqCIsgRS8JxF +SAUd44CQFvry+HxB0D2/mhDkCzWgQWoNZfmU6NihDg6DreTvmloz6J9ucu+uXUO6 +9CFmexfrj7nsHw3Z46fA/beTttsJ8k1NhDHD9tloUrI5rNCFVL0C0VyJ7YNigVvo +MPn9n88bR/cLNeO9Jx3acO8rjEuLE8kiXao1k3WwgBIk1fK/JKOMedmqA7V7ziK7 +o2pYsDBWs87hvOv2vWWr3BmeTeqvx6QFJKEGfC5BLPXIJCySZ4sda3idestseFjl +n7kfwRndPmYECmM8qCu97piiE0RcdaUtk3tI9wIDAQABAoIBAGUfeZyt64/LEB4e +ocOIKs3o4SBcyfVayT1amsn5LmEK6Ntx2znDe45u/dUr/m6HVk5iYIeraQiF2czF +1VGkSKz1/Ej0Zb4k7q1EETWPLWaodiHnN40AIL4GaygnwFKvgiR9JikkgYrHZPxa +7iyKKq79Y7phmyVdOTUg1dz6ngaYGQvlalyUDv1WyFdcj6O78ImI4KjC/l8ekC8I +/WycWjbtbJPsS4OYXOQz9KW1uCo0aebNM5zJVdfmp+4NJtxSO6TnqEoECP1mw2BS +wi+6xoKVVBJyKeIHoSP1xn8G6EKl98iDIrslz+wA1u8SOJIDY/Om7bo7odmhAzp+ +nhJOGAECgYEA8Tl4fSfqhEJO5PX9B/NF9QaANmqFM7QGCQK4axJzK04XDafEj2IP +3B0A247teN6F5+wXNgsC1IhngzlCzcYm9qKnHfbOMZ6+8yYYV6qsDPZWlUoSdUCi +Yd+A9GPnX3eifgrn35xBAr59fkRpYu4Rsh0hrV3SZ85nYZ//P7isic8CgYEAysHC +bWHegMtGEwcTs+hRHZPpX6TaF7YM88vri+qrp2muq1Y67l5d7IBtIo76nRJvqlqN +sERaY8rDKNEQLLDqnAl66hrQAe2jOrB/JHveYAlqZbBNn7qN8dzjlrEIc1CEIZFg +LEjWfx9MhsVBS9MjU9HOxxxG9wq/Aqk8a15CoFkCgYEA16h4tvPbrziUzg+5ksUE +cyXHtF6RDYNRrfaXp2oMOtgKtjOaAFI8OZ5YaPIkDl5qusiQi8lWU2pLmL61ocAY +j4ElBR3kg+oXbsxNEPtN7BzDlZ5uWBNb2UJ3SIaUkP4k8KiRWpGYcXqaOSuySDbs +7R8sP5FUjWezd00SZwaUgnMCgYBPw4Xvbg8Qb+dzWNdhcUVn82Zd4AaESXQy/Mf/ +VSSOSb8TXGr2l10vyx4j+EeTP0t6owEWlO1SUNQR3J0WV8sT847NRhsKhygt0H1U +Jv7GnS2kL4V6DvQEcDeAcsi2RLiWVBCXm1f2zqNWaYdUgw1kzicgoXkxeqLGMzm3 +q29ekQKBgHGYjB51j0NwV6RgrEGPpOpBF6yrSkwwE7Ysjy01NNYf5AS7HneCM4ND +vmYGh+NDTLYw62ogQRbUKL4p70ibh6nng90Y/cAewr3aS5z+bFxuJdAH+/nTmCFy +MHjdMxdflt7mA2Sxg0S22UDBSV+PGtslNRKWKmFKL17Tub8uMx5l +-----END RSA PRIVATE KEY----- +Certificate: + Data: + Version: 1 (0x0) + Serial Number: 3 (0x3) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=FR, ST=Some-State, O=CAShinken, CN=CAShinken Certificate Master/emailAddress=none@localhost + Validity + Not Before: Jan 12 12:54:43 2011 GMT + Not After : Jan 9 12:54:43 2021 GMT + Subject: C=FR, ST=Some-State, O=CAShinken, OU=MAIN, CN=localhost + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public Key: (2048 bit) + Modulus (2048 bit): + 00:bf:0d:ec:9b:36:d9:b9:8d:ee:d3:f2:4d:3d:b6: + 2f:de:23:4c:95:b6:28:48:10:85:5f:ac:93:a2:a0: + 88:b2:04:52:f0:9c:45:48:05:1d:e3:80:90:16:fa: + f2:f8:7c:41:d0:3d:bf:9a:10:e4:0b:35:a0:41:6a: + 0d:65:f9:94:e8:d8:a1:0e:0e:83:ad:e4:ef:9a:5a: + 33:e8:9f:6e:72:ef:ae:5d:43:ba:f4:21:66:7b:17: + eb:8f:b9:ec:1f:0d:d9:e3:a7:c0:fd:b7:93:b6:db: + 09:f2:4d:4d:84:31:c3:f6:d9:68:52:b2:39:ac:d0: + 85:54:bd:02:d1:5c:89:ed:83:62:81:5b:e8:30:f9: + fd:9f:cf:1b:47:f7:0b:35:e3:bd:27:1d:da:70:ef: + 2b:8c:4b:8b:13:c9:22:5d:aa:35:93:75:b0:80:12: + 24:d5:f2:bf:24:a3:8c:79:d9:aa:03:b5:7b:ce:22: + bb:a3:6a:58:b0:30:56:b3:ce:e1:bc:eb:f6:bd:65: + ab:dc:19:9e:4d:ea:af:c7:a4:05:24:a1:06:7c:2e: + 41:2c:f5:c8:24:2c:92:67:8b:1d:6b:78:9d:7a:cb: + 6c:78:58:e5:9f:b9:1f:c1:19:dd:3e:66:04:0a:63: + 3c:a8:2b:bd:ee:98:a2:13:44:5c:75:a5:2d:93:7b: + 48:f7 + Exponent: 65537 (0x10001) + Signature Algorithm: sha1WithRSAEncryption + b1:ca:15:5a:86:94:6c:fd:e0:46:d9:ae:13:e7:a1:8a:9d:5e: + e0:37:36:b6:c9:67:1f:eb:30:4c:47:60:00:5b:c4:41:39:d3: + 70:a3:8b:98:ca:c4:29:21:ee:2d:c8:cd:47:f6:0d:09:04:3c: + dc:fa:6e:dd:b5:cb:26:38:1a:31:5c:48:83:cc:ce:cd:fe:3b: + 4d:6d:73:5d:20:93:42:3c:d5:5a:8f:24:33:da:e5:f2:7e:08: + fd:03:ab:1d:6d:9c:11:6d:f9:99:d5:08:5c:22:36:9a:0b:4e: + 8c:59:8c:4e:be:55:b4:32:9c:1e:ce:05:e2:20:ab:1f:c3:03: + c6:94 +-----BEGIN CERTIFICATE----- +MIICyDCCAjECAQMwDQYJKoZIhvcNAQEFBQAwfDELMAkGA1UEBhMCRlIxEzARBgNV +BAgTClNvbWUtU3RhdGUxEjAQBgNVBAoTCUNBU2hpbmtlbjElMCMGA1UEAxMcQ0FT +aGlua2VuIENlcnRpZmljYXRlIE1hc3RlcjEdMBsGCSqGSIb3DQEJARYObm9uZUBs +b2NhbGhvc3QwHhcNMTEwMTEyMTI1NDQzWhcNMjEwMTA5MTI1NDQzWjBZMQswCQYD +VQQGEwJGUjETMBEGA1UECBMKU29tZS1TdGF0ZTESMBAGA1UEChMJQ0FTaGlua2Vu +MQ0wCwYDVQQLEwRNQUlOMRIwEAYDVQQDEwlsb2NhbGhvc3QwggEiMA0GCSqGSIb3 +DQEBAQUAA4IBDwAwggEKAoIBAQC/DeybNtm5je7T8k09ti/eI0yVtihIEIVfrJOi +oIiyBFLwnEVIBR3jgJAW+vL4fEHQPb+aEOQLNaBBag1l+ZTo2KEODoOt5O+aWjPo +n25y765dQ7r0IWZ7F+uPuewfDdnjp8D9t5O22wnyTU2EMcP22WhSsjms0IVUvQLR +XIntg2KBW+gw+f2fzxtH9ws1470nHdpw7yuMS4sTySJdqjWTdbCAEiTV8r8ko4x5 +2aoDtXvOIrujaliwMFazzuG86/a9ZavcGZ5N6q/HpAUkoQZ8LkEs9cgkLJJnix1r +eJ16y2x4WOWfuR/BGd0+ZgQKYzyoK73umKITRFx1pS2Te0j3AgMBAAEwDQYJKoZI +hvcNAQEFBQADgYEAscoVWoaUbP3gRtmuE+ehip1e4Dc2tslnH+swTEdgAFvEQTnT +cKOLmMrEKSHuLcjNR/YNCQQ83Ppu3bXLJjgaMVxIg8zOzf47TW1zXSCTQjzVWo8k +M9rl8n4I/QOrHW2cEW35mdUIXCI2mgtOjFmMTr5VtDKcHs4F4iCrH8MDxpQ= +-----END CERTIFICATE----- diff --git a/tools/test_env/etc/shinken/certs/demoCA/cacert.pem b/tools/test_env/etc/shinken/certs/demoCA/cacert.pem new file mode 100644 index 0000000..bae94d1 --- /dev/null +++ b/tools/test_env/etc/shinken/certs/demoCA/cacert.pem @@ -0,0 +1,64 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + ec:5b:5d:da:d5:1b:e4:a8 + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=FR, ST=Some-State, O=CAShinken, CN=CAShinken Certificate Master/emailAddress=none@localhost + Validity + Not Before: Jan 12 10:04:58 2011 GMT + Not After : Jan 11 10:04:58 2014 GMT + Subject: C=FR, ST=Some-State, O=CAShinken, CN=CAShinken Certificate Master/emailAddress=none@localhost + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public Key: (1024 bit) + Modulus (1024 bit): + 00:c1:33:c6:fb:5b:33:fb:7f:26:90:0e:2d:5a:41: + ba:49:5d:3a:68:62:aa:99:0d:f9:ad:44:2c:4d:c2: + ae:6a:28:3e:5f:29:0f:68:ef:13:f3:b2:43:55:fa: + e7:71:74:29:19:e6:03:3f:c8:e1:f2:76:00:ed:ef: + 5b:92:1b:c6:92:db:56:f9:64:6c:97:f6:90:e3:94: + 42:14:ea:9c:f2:5a:a5:b8:d0:8f:b1:3b:79:2a:fe: + a7:d9:75:c9:38:72:5c:27:c0:c3:b6:7f:52:af:7a: + 2a:c3:35:1a:98:b7:ca:b0:5b:7e:3f:ce:bf:9c:37: + 69:46:ca:35:b2:38:c0:5b:f9 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 6F:9F:42:67:73:D0:3C:91:BC:39:EF:95:53:36:3A:B9:E3:09:53:DC + X509v3 Authority Key Identifier: + keyid:6F:9F:42:67:73:D0:3C:91:BC:39:EF:95:53:36:3A:B9:E3:09:53:DC + DirName:/C=FR/ST=Some-State/O=CAShinken/CN=CAShinken Certificate Master/emailAddress=none@localhost + serial:EC:5B:5D:DA:D5:1B:E4:A8 + + X509v3 Basic Constraints: + CA:TRUE + Signature Algorithm: sha1WithRSAEncryption + 25:ba:e5:78:da:29:0a:ce:97:0e:de:34:9f:e4:80:2b:aa:b5: + 91:24:e0:7c:69:89:a1:a4:9a:be:cf:63:39:6a:1f:6b:71:fa: + 7f:25:b5:34:fe:ae:20:9b:d9:47:66:9f:60:53:ef:d5:8f:70: + fb:b7:fc:fe:8c:6d:dc:81:1d:45:5a:c2:2f:a7:fa:f6:b3:28: + 52:75:c9:09:b7:c8:d1:40:cc:08:5d:a2:b1:fb:8a:1a:6c:ad: + 51:80:22:20:97:c2:cb:3f:8d:f4:c6:29:55:68:e6:ec:53:bd: + bd:a4:3c:94:af:54:48:f8:8c:4f:3f:8b:91:e7:1b:cd:26:59: + f9:2d +-----BEGIN CERTIFICATE----- +MIIDWTCCAsKgAwIBAgIJAOxbXdrVG+SoMA0GCSqGSIb3DQEBBQUAMHwxCzAJBgNV +BAYTAkZSMRMwEQYDVQQIEwpTb21lLVN0YXRlMRIwEAYDVQQKEwlDQVNoaW5rZW4x +JTAjBgNVBAMTHENBU2hpbmtlbiBDZXJ0aWZpY2F0ZSBNYXN0ZXIxHTAbBgkqhkiG +9w0BCQEWDm5vbmVAbG9jYWxob3N0MB4XDTExMDExMjEwMDQ1OFoXDTE0MDExMTEw +MDQ1OFowfDELMAkGA1UEBhMCRlIxEzARBgNVBAgTClNvbWUtU3RhdGUxEjAQBgNV +BAoTCUNBU2hpbmtlbjElMCMGA1UEAxMcQ0FTaGlua2VuIENlcnRpZmljYXRlIE1h +c3RlcjEdMBsGCSqGSIb3DQEJARYObm9uZUBsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN +AQEBBQADgY0AMIGJAoGBAMEzxvtbM/t/JpAOLVpBukldOmhiqpkN+a1ELE3Crmoo +Pl8pD2jvE/OyQ1X653F0KRnmAz/I4fJ2AO3vW5IbxpLbVvlkbJf2kOOUQhTqnPJa +pbjQj7E7eSr+p9l1yThyXCfAw7Z/Uq96KsM1Gpi3yrBbfj/Ov5w3aUbKNbI4wFv5 +AgMBAAGjgeIwgd8wHQYDVR0OBBYEFG+fQmdz0DyRvDnvlVM2OrnjCVPcMIGvBgNV +HSMEgacwgaSAFG+fQmdz0DyRvDnvlVM2OrnjCVPcoYGApH4wfDELMAkGA1UEBhMC +RlIxEzARBgNVBAgTClNvbWUtU3RhdGUxEjAQBgNVBAoTCUNBU2hpbmtlbjElMCMG +A1UEAxMcQ0FTaGlua2VuIENlcnRpZmljYXRlIE1hc3RlcjEdMBsGCSqGSIb3DQEJ +ARYObm9uZUBsb2NhbGhvc3SCCQDsW13a1RvkqDAMBgNVHRMEBTADAQH/MA0GCSqG +SIb3DQEBBQUAA4GBACW65XjaKQrOlw7eNJ/kgCuqtZEk4HxpiaGkmr7PYzlqH2tx ++n8ltTT+riCb2Udmn2BT79WPcPu3/P6MbdyBHUVawi+n+vazKFJ1yQm3yNFAzAhd +orH7ihpsrVGAIiCXwss/jfTGKVVo5uxTvb2kPJSvVEj4jE8/i5HnG80mWfkt +-----END CERTIFICATE----- diff --git a/tools/test_env/etc/shinken/certs/demoCA/careq.pem b/tools/test_env/etc/shinken/certs/demoCA/careq.pem new file mode 100644 index 0000000..05fa1bb --- /dev/null +++ b/tools/test_env/etc/shinken/certs/demoCA/careq.pem @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIBvDCCASUCAQAwfDELMAkGA1UEBhMCRlIxEzARBgNVBAgTClNvbWUtU3RhdGUx +EjAQBgNVBAoTCUNBU2hpbmtlbjElMCMGA1UEAxMcQ0FTaGlua2VuIENlcnRpZmlj +YXRlIE1hc3RlcjEdMBsGCSqGSIb3DQEJARYObm9uZUBsb2NhbGhvc3QwgZ8wDQYJ +KoZIhvcNAQEBBQADgY0AMIGJAoGBAMEzxvtbM/t/JpAOLVpBukldOmhiqpkN+a1E +LE3CrmooPl8pD2jvE/OyQ1X653F0KRnmAz/I4fJ2AO3vW5IbxpLbVvlkbJf2kOOU +QhTqnPJapbjQj7E7eSr+p9l1yThyXCfAw7Z/Uq96KsM1Gpi3yrBbfj/Ov5w3aUbK +NbI4wFv5AgMBAAGgADANBgkqhkiG9w0BAQUFAAOBgQA7yAvCcMIll91W78NsUFL4 ++1yqxcG2lsSxObPkPiurrLp4I9KwdOLLsTLSD+kOwS+4cMPD4uXUlN1XTlzsB3TP +XvV+RXpLarjQNr5Vz9Yt/P93UOQ3dC47ZlZbZ9bySIhqBF+3/uH0wVucB5bVDAIE +0pKRXhDP5wxUnplLTgR/mg== +-----END CERTIFICATE REQUEST----- diff --git a/tools/test_env/etc/shinken/certs/demoCA/crlnumber b/tools/test_env/etc/shinken/certs/demoCA/crlnumber new file mode 100644 index 0000000..8a0f05e --- /dev/null +++ b/tools/test_env/etc/shinken/certs/demoCA/crlnumber @@ -0,0 +1 @@ +01 diff --git a/tools/test_env/etc/shinken/certs/demoCA/index.txt b/tools/test_env/etc/shinken/certs/demoCA/index.txt new file mode 100644 index 0000000..dcf082b --- /dev/null +++ b/tools/test_env/etc/shinken/certs/demoCA/index.txt @@ -0,0 +1,2 @@ +V 140111100458Z EC5B5DDAD51BE4A8 unknown /C=FR/ST=Some-State/O=CAShinken/CN=CAShinken Certificate Master/emailAddress=none@localhost +V 120112100837Z EC5B5DDAD51BE4A9 unknown /C=FR/ST=Some-State/O=M2Crypto/CN=localhost/emailAddress=none@localhost diff --git a/tools/test_env/etc/shinken/certs/demoCA/index.txt.attr b/tools/test_env/etc/shinken/certs/demoCA/index.txt.attr new file mode 100644 index 0000000..8f7e63a --- /dev/null +++ b/tools/test_env/etc/shinken/certs/demoCA/index.txt.attr @@ -0,0 +1 @@ +unique_subject = yes diff --git a/tools/test_env/etc/shinken/certs/demoCA/index.txt.attr.old b/tools/test_env/etc/shinken/certs/demoCA/index.txt.attr.old new file mode 100644 index 0000000..8f7e63a --- /dev/null +++ b/tools/test_env/etc/shinken/certs/demoCA/index.txt.attr.old @@ -0,0 +1 @@ +unique_subject = yes diff --git a/tools/test_env/etc/shinken/certs/demoCA/index.txt.old b/tools/test_env/etc/shinken/certs/demoCA/index.txt.old new file mode 100644 index 0000000..59fbeb6 --- /dev/null +++ b/tools/test_env/etc/shinken/certs/demoCA/index.txt.old @@ -0,0 +1 @@ +V 140111100458Z EC5B5DDAD51BE4A8 unknown /C=FR/ST=Some-State/O=CAShinken/CN=CAShinken Certificate Master/emailAddress=none@localhost diff --git a/tools/test_env/etc/shinken/certs/demoCA/newcerts/EC5B5DDAD51BE4A8.pem b/tools/test_env/etc/shinken/certs/demoCA/newcerts/EC5B5DDAD51BE4A8.pem new file mode 100644 index 0000000..bae94d1 --- /dev/null +++ b/tools/test_env/etc/shinken/certs/demoCA/newcerts/EC5B5DDAD51BE4A8.pem @@ -0,0 +1,64 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + ec:5b:5d:da:d5:1b:e4:a8 + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=FR, ST=Some-State, O=CAShinken, CN=CAShinken Certificate Master/emailAddress=none@localhost + Validity + Not Before: Jan 12 10:04:58 2011 GMT + Not After : Jan 11 10:04:58 2014 GMT + Subject: C=FR, ST=Some-State, O=CAShinken, CN=CAShinken Certificate Master/emailAddress=none@localhost + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public Key: (1024 bit) + Modulus (1024 bit): + 00:c1:33:c6:fb:5b:33:fb:7f:26:90:0e:2d:5a:41: + ba:49:5d:3a:68:62:aa:99:0d:f9:ad:44:2c:4d:c2: + ae:6a:28:3e:5f:29:0f:68:ef:13:f3:b2:43:55:fa: + e7:71:74:29:19:e6:03:3f:c8:e1:f2:76:00:ed:ef: + 5b:92:1b:c6:92:db:56:f9:64:6c:97:f6:90:e3:94: + 42:14:ea:9c:f2:5a:a5:b8:d0:8f:b1:3b:79:2a:fe: + a7:d9:75:c9:38:72:5c:27:c0:c3:b6:7f:52:af:7a: + 2a:c3:35:1a:98:b7:ca:b0:5b:7e:3f:ce:bf:9c:37: + 69:46:ca:35:b2:38:c0:5b:f9 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 6F:9F:42:67:73:D0:3C:91:BC:39:EF:95:53:36:3A:B9:E3:09:53:DC + X509v3 Authority Key Identifier: + keyid:6F:9F:42:67:73:D0:3C:91:BC:39:EF:95:53:36:3A:B9:E3:09:53:DC + DirName:/C=FR/ST=Some-State/O=CAShinken/CN=CAShinken Certificate Master/emailAddress=none@localhost + serial:EC:5B:5D:DA:D5:1B:E4:A8 + + X509v3 Basic Constraints: + CA:TRUE + Signature Algorithm: sha1WithRSAEncryption + 25:ba:e5:78:da:29:0a:ce:97:0e:de:34:9f:e4:80:2b:aa:b5: + 91:24:e0:7c:69:89:a1:a4:9a:be:cf:63:39:6a:1f:6b:71:fa: + 7f:25:b5:34:fe:ae:20:9b:d9:47:66:9f:60:53:ef:d5:8f:70: + fb:b7:fc:fe:8c:6d:dc:81:1d:45:5a:c2:2f:a7:fa:f6:b3:28: + 52:75:c9:09:b7:c8:d1:40:cc:08:5d:a2:b1:fb:8a:1a:6c:ad: + 51:80:22:20:97:c2:cb:3f:8d:f4:c6:29:55:68:e6:ec:53:bd: + bd:a4:3c:94:af:54:48:f8:8c:4f:3f:8b:91:e7:1b:cd:26:59: + f9:2d +-----BEGIN CERTIFICATE----- +MIIDWTCCAsKgAwIBAgIJAOxbXdrVG+SoMA0GCSqGSIb3DQEBBQUAMHwxCzAJBgNV +BAYTAkZSMRMwEQYDVQQIEwpTb21lLVN0YXRlMRIwEAYDVQQKEwlDQVNoaW5rZW4x +JTAjBgNVBAMTHENBU2hpbmtlbiBDZXJ0aWZpY2F0ZSBNYXN0ZXIxHTAbBgkqhkiG +9w0BCQEWDm5vbmVAbG9jYWxob3N0MB4XDTExMDExMjEwMDQ1OFoXDTE0MDExMTEw +MDQ1OFowfDELMAkGA1UEBhMCRlIxEzARBgNVBAgTClNvbWUtU3RhdGUxEjAQBgNV +BAoTCUNBU2hpbmtlbjElMCMGA1UEAxMcQ0FTaGlua2VuIENlcnRpZmljYXRlIE1h +c3RlcjEdMBsGCSqGSIb3DQEJARYObm9uZUBsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN +AQEBBQADgY0AMIGJAoGBAMEzxvtbM/t/JpAOLVpBukldOmhiqpkN+a1ELE3Crmoo +Pl8pD2jvE/OyQ1X653F0KRnmAz/I4fJ2AO3vW5IbxpLbVvlkbJf2kOOUQhTqnPJa +pbjQj7E7eSr+p9l1yThyXCfAw7Z/Uq96KsM1Gpi3yrBbfj/Ov5w3aUbKNbI4wFv5 +AgMBAAGjgeIwgd8wHQYDVR0OBBYEFG+fQmdz0DyRvDnvlVM2OrnjCVPcMIGvBgNV +HSMEgacwgaSAFG+fQmdz0DyRvDnvlVM2OrnjCVPcoYGApH4wfDELMAkGA1UEBhMC +RlIxEzARBgNVBAgTClNvbWUtU3RhdGUxEjAQBgNVBAoTCUNBU2hpbmtlbjElMCMG +A1UEAxMcQ0FTaGlua2VuIENlcnRpZmljYXRlIE1hc3RlcjEdMBsGCSqGSIb3DQEJ +ARYObm9uZUBsb2NhbGhvc3SCCQDsW13a1RvkqDAMBgNVHRMEBTADAQH/MA0GCSqG +SIb3DQEBBQUAA4GBACW65XjaKQrOlw7eNJ/kgCuqtZEk4HxpiaGkmr7PYzlqH2tx ++n8ltTT+riCb2Udmn2BT79WPcPu3/P6MbdyBHUVawi+n+vazKFJ1yQm3yNFAzAhd +orH7ihpsrVGAIiCXwss/jfTGKVVo5uxTvb2kPJSvVEj4jE8/i5HnG80mWfkt +-----END CERTIFICATE----- diff --git a/tools/test_env/etc/shinken/certs/demoCA/newcerts/EC5B5DDAD51BE4A9.pem b/tools/test_env/etc/shinken/certs/demoCA/newcerts/EC5B5DDAD51BE4A9.pem new file mode 100644 index 0000000..84073ed --- /dev/null +++ b/tools/test_env/etc/shinken/certs/demoCA/newcerts/EC5B5DDAD51BE4A9.pem @@ -0,0 +1,62 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + ec:5b:5d:da:d5:1b:e4:a9 + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=FR, ST=Some-State, O=CAShinken, CN=CAShinken Certificate Master/emailAddress=none@localhost + Validity + Not Before: Jan 12 10:08:37 2011 GMT + Not After : Jan 12 10:08:37 2012 GMT + Subject: C=FR, ST=Some-State, O=M2Crypto, CN=localhost/emailAddress=none@localhost + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public Key: (1024 bit) + Modulus (1024 bit): + 00:b9:43:24:01:ff:89:c5:dd:29:5f:a7:90:8e:12: + 6d:bc:c5:16:98:f3:e0:46:5d:5b:6e:ea:89:fb:36: + 11:6d:15:2e:d0:d5:3d:ed:e7:5a:fc:2c:d6:9e:f6: + 23:04:67:38:fa:89:c9:b3:d3:4e:cf:35:71:94:2b: + d7:d5:43:2e:d0:b5:bd:91:78:32:4c:f2:bd:40:3b: + 38:1f:d6:69:50:28:96:0a:24:4e:4b:6f:7d:43:90: + 97:f8:05:12:09:a9:49:d9:9d:4f:69:4a:6b:03:6a: + 0a:d0:dc:3f:7c:19:f2:51:b1:2f:f4:6a:72:7c:5a: + 67:f9:1f:8e:5e:55:70:79:75 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + Netscape Comment: + OpenSSL Generated Certificate + X509v3 Subject Key Identifier: + D1:D4:DE:6D:F4:11:69:66:C8:ED:AC:57:E2:FF:AB:66:E1:08:4E:72 + X509v3 Authority Key Identifier: + keyid:6F:9F:42:67:73:D0:3C:91:BC:39:EF:95:53:36:3A:B9:E3:09:53:DC + + Signature Algorithm: sha1WithRSAEncryption + 69:8a:93:33:a9:00:d5:05:4e:bf:b4:9a:8c:6b:c9:b6:b9:6d: + 66:7d:0c:25:c2:3f:f7:a1:61:2b:40:98:c2:1f:26:17:cf:d5: + 76:16:76:a6:72:1b:0f:2a:1b:a5:b9:ec:89:57:88:d0:06:f4: + 48:b3:5d:92:84:ea:fa:f4:e3:12:7b:d9:8a:0c:17:1b:db:99: + b3:42:e1:8b:b2:d0:4a:d0:c2:ae:58:67:b6:6d:5b:a4:63:e4: + 00:85:30:79:51:5c:3c:35:a0:03:b0:44:9f:05:a1:fa:d9:56: + f6:2e:af:75:ec:42:b2:45:21:d9:21:71:13:66:ae:94:ab:f3: + 94:b0 +-----BEGIN CERTIFICATE----- +MIIC3TCCAkagAwIBAgIJAOxbXdrVG+SpMA0GCSqGSIb3DQEBBQUAMHwxCzAJBgNV +BAYTAkZSMRMwEQYDVQQIEwpTb21lLVN0YXRlMRIwEAYDVQQKEwlDQVNoaW5rZW4x +JTAjBgNVBAMTHENBU2hpbmtlbiBDZXJ0aWZpY2F0ZSBNYXN0ZXIxHTAbBgkqhkiG +9w0BCQEWDm5vbmVAbG9jYWxob3N0MB4XDTExMDExMjEwMDgzN1oXDTEyMDExMjEw +MDgzN1owaDELMAkGA1UEBhMCRlIxEzARBgNVBAgTClNvbWUtU3RhdGUxETAPBgNV +BAoTCE0yQ3J5cHRvMRIwEAYDVQQDEwlsb2NhbGhvc3QxHTAbBgkqhkiG9w0BCQEW +Dm5vbmVAbG9jYWxob3N0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC5QyQB +/4nF3Slfp5COEm28xRaY8+BGXVtu6on7NhFtFS7Q1T3t51r8LNae9iMEZzj6icmz +007PNXGUK9fVQy7Qtb2ReDJM8r1AOzgf1mlQKJYKJE5Lb31DkJf4BRIJqUnZnU9p +SmsDagrQ3D98GfJRsS/0anJ8Wmf5H45eVXB5dQIDAQABo3sweTAJBgNVHRMEAjAA +MCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAd +BgNVHQ4EFgQU0dTebfQRaWbI7axX4v+rZuEITnIwHwYDVR0jBBgwFoAUb59CZ3PQ +PJG8Oe+VUzY6ueMJU9wwDQYJKoZIhvcNAQEFBQADgYEAaYqTM6kA1QVOv7SajGvJ +trltZn0MJcI/96FhK0CYwh8mF8/VdhZ2pnIbDyobpbnsiVeI0Ab0SLNdkoTq+vTj +EnvZigwXG9uZs0Lhi7LQStDCrlhntm1bpGPkAIUweVFcPDWgA7BEnwWh+tlW9i6v +dexCskUh2SFxE2aulKvzlLA= +-----END CERTIFICATE----- diff --git a/tools/test_env/etc/shinken/certs/demoCA/private/cakey.pem b/tools/test_env/etc/shinken/certs/demoCA/private/cakey.pem new file mode 100644 index 0000000..faf2597 --- /dev/null +++ b/tools/test_env/etc/shinken/certs/demoCA/private/cakey.pem @@ -0,0 +1,18 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: DES-EDE3-CBC,A43281D60FF99A94 + +0lPuQTBP3jqyOO1UD5C+GHv97mLYB7m5BBJb02ZNK8J8xQ2y2DUEZ3Oq8xy9g2iD +XNeAyeaWwQfeug6cx+H159OpJ9WGPAIXMTfMkxaREWg/YkxDONsMkLrj1+gcjzGY +fEWbu4MCGrjlwHDzFzgajlLlzAYA0TBmuvO+5Qv62jE2rCIy+Q8mmsAPstIMfyt2 +bvNSB2w126HttSOrf6K1FWb6QXUMHpPmqhUNYqBcV/O8HHwB8RufjYdErHJva/s8 +eriyE3ddrFeGXaP05GwKP746PzpyKRV9AOlHz61WZ0DRRg48ruIN5mzvjyz1PuJe +vHRQYNmt2sbvbTfytjVwvZO1SAXFkNZRY0tD+YYaqclheF19JJw0jVvi9VlP0Csc +BBDuJba6a/xLGecF8zx219X1rJjLcdkwBS7nfdNd6EX4e4KSNKAeusm/Z7js7d49 +RteX6lDgO8+lgaexeK9lO4lNqkZMqcuxR+dWLTwMuxgrdpJD0UqPsHfhDw03n1Mf +M3rBzSEy5Gnq/lc/7IdM+NL/8Q8a3QL+CTPRylmAcNdosooW1n058O/YuwVpL+lX +VvUvo1kfVO8d/XHBOGDbFR2F0F2hFh8xtGnu/3+tish+p4c8Cdqf+4QfNGLE8YUD +fEVIuN6T/HwvaeTIsm7GmqPQEcX3lrMq1TB4Zl5td4RHowSe9D32cUU1O9QudKRC +kQTSfWHxsklhyx9Hm7ViYh0WXD+zEUUot8RzGKLaz41y+JqiV9pWx/pIx3L0UK1e +WmUo24cwIBqbQi3dU56c8Mnhedo9iH0W66D8qNJAXE4OszSYsqJulg== +-----END RSA PRIVATE KEY----- diff --git a/tools/test_env/etc/shinken/certs/demoCA/serial b/tools/test_env/etc/shinken/certs/demoCA/serial new file mode 100644 index 0000000..0a23187 --- /dev/null +++ b/tools/test_env/etc/shinken/certs/demoCA/serial @@ -0,0 +1 @@ +EC5B5DDAD51BE4AA diff --git a/tools/test_env/etc/shinken/certs/demoCA/serial.old b/tools/test_env/etc/shinken/certs/demoCA/serial.old new file mode 100644 index 0000000..4d9efa4 --- /dev/null +++ b/tools/test_env/etc/shinken/certs/demoCA/serial.old @@ -0,0 +1 @@ +EC5B5DDAD51BE4A9 diff --git a/tools/test_env/etc/shinken/certs/serial b/tools/test_env/etc/shinken/certs/serial new file mode 100644 index 0000000..9e22bcb --- /dev/null +++ b/tools/test_env/etc/shinken/certs/serial @@ -0,0 +1 @@ +02 diff --git a/tools/test_env/etc/shinken/certs/serial.old b/tools/test_env/etc/shinken/certs/serial.old new file mode 100644 index 0000000..9e22bcb --- /dev/null +++ b/tools/test_env/etc/shinken/certs/serial.old @@ -0,0 +1 @@ +02 diff --git a/tools/test_env/etc/shinken/certs/server.cert b/tools/test_env/etc/shinken/certs/server.cert new file mode 100644 index 0000000..3c3ab22 --- /dev/null +++ b/tools/test_env/etc/shinken/certs/server.cert @@ -0,0 +1,59 @@ +Certificate: + Data: + Version: 1 (0x0) + Serial Number: 2 (0x2) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=FR, ST=Some-State, O=CAShinken, CN=CAShinken Certificate Master/emailAddress=none@localhost + Validity + Not Before: Apr 17 09:23:00 2014 GMT + Not After : Apr 14 09:23:00 2024 GMT + Subject: C=FR, ST=Some-State, O=CAShinken, OU=MAIN, CN=shinken + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:ec:11:44:a8:e2:a2:1f:32:ea:ca:33:bb:a8:71: + e8:fd:37:2c:b1:73:e2:1e:a0:db:b4:b4:cb:ed:a0: + d7:80:31:46:25:d0:78:16:0c:59:9f:bf:27:03:69: + c2:99:de:42:6f:75:e9:9d:23:b7:7d:65:b6:66:cc: + 17:2d:3d:3d:94:54:56:04:52:b3:50:53:e5:2b:97: + 80:57:4e:58:43:7f:17:a5:8c:80:e8:a8:32:ec:db: + ea:61:54:d5:99:89:2d:4f:03:ca:f6:60:d7:3a:dc: + 07:3c:16:bd:07:7e:53:9c:0e:e6:2a:b7:78:a6:ce: + 6e:5f:69:02:a4:03:7c:6c:d0:08:e1:3c:83:ce:ca: + 79:59:c7:4f:55:82:0d:59:2d:d5:99:5a:6a:81:fa: + e4:c8:b0:1a:72:c5:28:1a:57:98:7a:d0:d2:5e:0a: + 8e:7e:75:fd:a9:8f:95:8a:72:42:29:b1:ed:f6:8d: + c7:36:47:a6:b9:4f:2a:64:84:43:06:5d:89:63:cb: + cb:fb:57:a3:b7:c0:85:fe:00:84:d9:be:31:f4:ab: + 77:b2:d8:ef:79:78:9b:ef:45:8d:ea:41:80:ed:84: + 10:4a:3d:b5:0a:0f:54:78:9e:c8:ea:fb:9f:88:76: + fb:bf:23:80:26:14:12:f1:49:31:b5:8b:32:a3:a1: + ed:bb + Exponent: 65537 (0x10001) + Signature Algorithm: sha1WithRSAEncryption + 18:7a:c2:89:67:35:1c:7d:de:58:be:ef:c1:48:01:48:ca:35: + e6:77:c7:64:03:cd:4c:ec:e8:5e:74:dc:0d:fb:fa:c0:e6:31: + 03:9c:79:5b:cd:6a:8b:54:fb:e7:82:b0:29:87:73:5c:6f:25: + 9c:20:e2:1f:fd:39:d7:ae:25:70:8a:33:83:bd:b7:1c:d2:fb: + d4:f0:e9:ae:63:74:ec:36:f7:4c:7a:93:f4:7e:d6:66:a3:95: + 2f:8a:41:12:75:c1:cb:65:54:81:92:07:41:2e:d6:6c:0e:ae: + a1:a6:bb:c9:e8:be:48:a4:ec:f2:eb:55:67:98:6e:c1:8b:1a: + 13:09 +-----BEGIN CERTIFICATE----- +MIICxjCCAi8CAQIwDQYJKoZIhvcNAQEFBQAwfDELMAkGA1UEBhMCRlIxEzARBgNV +BAgTClNvbWUtU3RhdGUxEjAQBgNVBAoTCUNBU2hpbmtlbjElMCMGA1UEAxMcQ0FT +aGlua2VuIENlcnRpZmljYXRlIE1hc3RlcjEdMBsGCSqGSIb3DQEJARYObm9uZUBs +b2NhbGhvc3QwHhcNMTQwNDE3MDkyMzAwWhcNMjQwNDE0MDkyMzAwWjBXMQswCQYD +VQQGEwJGUjETMBEGA1UECBMKU29tZS1TdGF0ZTESMBAGA1UEChMJQ0FTaGlua2Vu +MQ0wCwYDVQQLEwRNQUlOMRAwDgYDVQQDEwdzaGlua2VuMIIBIjANBgkqhkiG9w0B +AQEFAAOCAQ8AMIIBCgKCAQEA7BFEqOKiHzLqyjO7qHHo/TcssXPiHqDbtLTL7aDX +gDFGJdB4FgxZn78nA2nCmd5Cb3XpnSO3fWW2ZswXLT09lFRWBFKzUFPlK5eAV05Y +Q38XpYyA6Kgy7NvqYVTVmYktTwPK9mDXOtwHPBa9B35TnA7mKrd4ps5uX2kCpAN8 +bNAI4TyDzsp5WcdPVYINWS3VmVpqgfrkyLAacsUoGleYetDSXgqOfnX9qY+VinJC +KbHt9o3HNkemuU8qZIRDBl2JY8vL+1ejt8CF/gCE2b4x9Kt3stjveXib70WN6kGA +7YQQSj21Cg9UeJ7I6vufiHb7vyOAJhQS8UkxtYsyo6HtuwIDAQABMA0GCSqGSIb3 +DQEBBQUAA4GBABh6wolnNRx93li+78FIAUjKNeZ3x2QDzUzs6F503A37+sDmMQOc +eVvNaotU++eCsCmHc1xvJZwg4h/9OdeuJXCKM4O9txzS+9Tw6a5jdOw290x6k/R+ +1majlS+KQRJ1wctlVIGSB0Eu1mwOrqGmu8novkik7PLrVWeYbsGLGhMJ +-----END CERTIFICATE----- diff --git a/tools/test_env/etc/shinken/certs/server.key b/tools/test_env/etc/shinken/certs/server.key new file mode 100644 index 0000000..238fb31 --- /dev/null +++ b/tools/test_env/etc/shinken/certs/server.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDsEUSo4qIfMurK +M7uocej9Nyyxc+IeoNu0tMvtoNeAMUYl0HgWDFmfvycDacKZ3kJvdemdI7d9ZbZm +zBctPT2UVFYEUrNQU+Url4BXTlhDfxeljIDoqDLs2+phVNWZiS1PA8r2YNc63Ac8 +Fr0HflOcDuYqt3imzm5faQKkA3xs0AjhPIPOynlZx09Vgg1ZLdWZWmqB+uTIsBpy +xSgaV5h60NJeCo5+df2pj5WKckIpse32jcc2R6a5TypkhEMGXYljy8v7V6O3wIX+ +AITZvjH0q3ey2O95eJvvRY3qQYDthBBKPbUKD1R4nsjq+5+Idvu/I4AmFBLxSTG1 +izKjoe27AgMBAAECggEBALxhQ1MqF4miDi7xfYz76Zs3jljFSup6HxljNWEZex73 +My014L5neJW76pwUp5A2Bvn/ND+Lov9UTWxW7R/SwPM/Ia0teZ5edICG04nYISMr +pmkbaDtBDfJpw+2LzzBIgXmOY0adHOQBdVyEILB8JKhiU1Y/Nu6VyQomOE894OrK +yAzWeSlgA3Fi2JDmmpbesmWoFhWnNzmjdeq/F3Rt02alHbKyR/b+lxrT5Ivl3Abf +zpL7hoox5CpNRY2tHqe6o4fYQ8z1iFaaMEwf0hWssLxzMCJ9c+9njql0ZhJlpEdY +qIlr41u4V6NekFBrNjB1NW8l728iEGqSMVUS5A5F72ECgYEA+EhP6pYNAhjBhDeu ++91e0OWy0RojH04XM/LujM85d9GjQJva0sWYOhuTHPlijKGKqfiB3ft/ix7o6qhj +0/ZnoBPkmfIIPbsEcACHeOT3hyZHkgeWPpzwE338aNHn0mWvxzHlt0t2t1xXzSIG +8UcCNJWIzN27qVmq04t4SvmZwpMCgYEA82fBirkrhYVil/H1lytZBcHjFbiQs32K +bE8KLfrmy4i4sa9PtFCKcLbOS1ty9gPrhQYX7QAKDUUA6bH9nmmkEffDqMie6qbL +ijxTCmvtS/bkW/u6GReH2OvrpHg0wprqTc3AUebVr+smWtdwBcVDNiQJbsbBxnKg ++3RyoGMN2TkCgYEAmaevBcBNVqHZiakoeylaV7AARZaGbAZZJ8ZNygkpSLUN8ptC +BrVQ641LM2BHlD8ZYO2x+Z5/JatAfJEwDurs4M3O6VM3tHR8X5CERtZ1NkgDfSWC +30ci8P1Ea96UOMrDyWRhBVoHo5zbndFUOJg4jjCJFDiZvkoHBZrIHKZyeU8CgYAM +1Ph4FsD7ngePmRroaEmeKxWMrJk8TS8B/Ly9pc+LBV8vRt291M0nmguQH3cVDynY +bnTOcsUU5AFjUJXdRxZ2OAihmkn+duKeHAYIs53j9lUdoEy0S/BGeFGI7ylg5Qfb +KDCuYKv9RTlVaqwmMbsUXJv+sg2/J4XjG8V7PR2ayQKBgQDsr+qSrvAftAjlMi3z +eNPGKnqMf/V4io3ILDjnJfB1roaRavkBreKyFkDADRv79+zCFZI7hh64H3oM/6pw +9UF84hqS1YGrYys7pJ5N9P4Hbe8tXZfTJ/pYADdXSByqneY+cdb4ow3YTME37USs +pdxjy1fV6htAKF4/sQIhlnKL1w== +-----END PRIVATE KEY----- diff --git a/tools/test_env/etc/shinken/certs/server.pem b/tools/test_env/etc/shinken/certs/server.pem new file mode 100644 index 0000000..3c3ab22 --- /dev/null +++ b/tools/test_env/etc/shinken/certs/server.pem @@ -0,0 +1,59 @@ +Certificate: + Data: + Version: 1 (0x0) + Serial Number: 2 (0x2) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=FR, ST=Some-State, O=CAShinken, CN=CAShinken Certificate Master/emailAddress=none@localhost + Validity + Not Before: Apr 17 09:23:00 2014 GMT + Not After : Apr 14 09:23:00 2024 GMT + Subject: C=FR, ST=Some-State, O=CAShinken, OU=MAIN, CN=shinken + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:ec:11:44:a8:e2:a2:1f:32:ea:ca:33:bb:a8:71: + e8:fd:37:2c:b1:73:e2:1e:a0:db:b4:b4:cb:ed:a0: + d7:80:31:46:25:d0:78:16:0c:59:9f:bf:27:03:69: + c2:99:de:42:6f:75:e9:9d:23:b7:7d:65:b6:66:cc: + 17:2d:3d:3d:94:54:56:04:52:b3:50:53:e5:2b:97: + 80:57:4e:58:43:7f:17:a5:8c:80:e8:a8:32:ec:db: + ea:61:54:d5:99:89:2d:4f:03:ca:f6:60:d7:3a:dc: + 07:3c:16:bd:07:7e:53:9c:0e:e6:2a:b7:78:a6:ce: + 6e:5f:69:02:a4:03:7c:6c:d0:08:e1:3c:83:ce:ca: + 79:59:c7:4f:55:82:0d:59:2d:d5:99:5a:6a:81:fa: + e4:c8:b0:1a:72:c5:28:1a:57:98:7a:d0:d2:5e:0a: + 8e:7e:75:fd:a9:8f:95:8a:72:42:29:b1:ed:f6:8d: + c7:36:47:a6:b9:4f:2a:64:84:43:06:5d:89:63:cb: + cb:fb:57:a3:b7:c0:85:fe:00:84:d9:be:31:f4:ab: + 77:b2:d8:ef:79:78:9b:ef:45:8d:ea:41:80:ed:84: + 10:4a:3d:b5:0a:0f:54:78:9e:c8:ea:fb:9f:88:76: + fb:bf:23:80:26:14:12:f1:49:31:b5:8b:32:a3:a1: + ed:bb + Exponent: 65537 (0x10001) + Signature Algorithm: sha1WithRSAEncryption + 18:7a:c2:89:67:35:1c:7d:de:58:be:ef:c1:48:01:48:ca:35: + e6:77:c7:64:03:cd:4c:ec:e8:5e:74:dc:0d:fb:fa:c0:e6:31: + 03:9c:79:5b:cd:6a:8b:54:fb:e7:82:b0:29:87:73:5c:6f:25: + 9c:20:e2:1f:fd:39:d7:ae:25:70:8a:33:83:bd:b7:1c:d2:fb: + d4:f0:e9:ae:63:74:ec:36:f7:4c:7a:93:f4:7e:d6:66:a3:95: + 2f:8a:41:12:75:c1:cb:65:54:81:92:07:41:2e:d6:6c:0e:ae: + a1:a6:bb:c9:e8:be:48:a4:ec:f2:eb:55:67:98:6e:c1:8b:1a: + 13:09 +-----BEGIN CERTIFICATE----- +MIICxjCCAi8CAQIwDQYJKoZIhvcNAQEFBQAwfDELMAkGA1UEBhMCRlIxEzARBgNV +BAgTClNvbWUtU3RhdGUxEjAQBgNVBAoTCUNBU2hpbmtlbjElMCMGA1UEAxMcQ0FT +aGlua2VuIENlcnRpZmljYXRlIE1hc3RlcjEdMBsGCSqGSIb3DQEJARYObm9uZUBs +b2NhbGhvc3QwHhcNMTQwNDE3MDkyMzAwWhcNMjQwNDE0MDkyMzAwWjBXMQswCQYD +VQQGEwJGUjETMBEGA1UECBMKU29tZS1TdGF0ZTESMBAGA1UEChMJQ0FTaGlua2Vu +MQ0wCwYDVQQLEwRNQUlOMRAwDgYDVQQDEwdzaGlua2VuMIIBIjANBgkqhkiG9w0B +AQEFAAOCAQ8AMIIBCgKCAQEA7BFEqOKiHzLqyjO7qHHo/TcssXPiHqDbtLTL7aDX +gDFGJdB4FgxZn78nA2nCmd5Cb3XpnSO3fWW2ZswXLT09lFRWBFKzUFPlK5eAV05Y +Q38XpYyA6Kgy7NvqYVTVmYktTwPK9mDXOtwHPBa9B35TnA7mKrd4ps5uX2kCpAN8 +bNAI4TyDzsp5WcdPVYINWS3VmVpqgfrkyLAacsUoGleYetDSXgqOfnX9qY+VinJC +KbHt9o3HNkemuU8qZIRDBl2JY8vL+1ejt8CF/gCE2b4x9Kt3stjveXib70WN6kGA +7YQQSj21Cg9UeJ7I6vufiHb7vyOAJhQS8UkxtYsyo6HtuwIDAQABMA0GCSqGSIb3 +DQEBBQUAA4GBABh6wolnNRx93li+78FIAUjKNeZ3x2QDzUzs6F503A37+sDmMQOc +eVvNaotU++eCsCmHc1xvJZwg4h/9OdeuJXCKM4O9txzS+9Tw6a5jdOw290x6k/R+ +1majlS+KQRJ1wctlVIGSB0Eu1mwOrqGmu8novkik7PLrVWeYbsGLGhMJ +-----END CERTIFICATE----- diff --git a/tools/test_env/etc/shinken/certs/server.req b/tools/test_env/etc/shinken/certs/server.req new file mode 100644 index 0000000..a76a2be --- /dev/null +++ b/tools/test_env/etc/shinken/certs/server.req @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIC5zCCAc8CAQAwZzESMBAGA1UEChMJQ0FTaGlua2VuMQ0wCwYDVQQLEwRNQUlO +MQ4wDAYDVQQHEwVXb3JsZDETMBEGA1UECBMKU29tZS1TdGF0ZTELMAkGA1UEBhMC +RlIxEDAOBgNVBAMTB3NoaW5rZW4wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK +AoIBAQDsEUSo4qIfMurKM7uocej9Nyyxc+IeoNu0tMvtoNeAMUYl0HgWDFmfvycD +acKZ3kJvdemdI7d9ZbZmzBctPT2UVFYEUrNQU+Url4BXTlhDfxeljIDoqDLs2+ph +VNWZiS1PA8r2YNc63Ac8Fr0HflOcDuYqt3imzm5faQKkA3xs0AjhPIPOynlZx09V +gg1ZLdWZWmqB+uTIsBpyxSgaV5h60NJeCo5+df2pj5WKckIpse32jcc2R6a5Typk +hEMGXYljy8v7V6O3wIX+AITZvjH0q3ey2O95eJvvRY3qQYDthBBKPbUKD1R4nsjq ++5+Idvu/I4AmFBLxSTG1izKjoe27AgMBAAGgOzA5BgkqhkiG9w0BCQ4xLDAqMAkG +A1UdEwQCMAAwHQYDVR0OBBYEFIOXdYFXypE2dLPMWUfVt/r7QY70MA0GCSqGSIb3 +DQEBBQUAA4IBAQCKNgKpI2VOeKlPl1yaBCFN1Ld3xWQHrDJipNs/lh0T0IkvEfZk +Fnjowy/+iXpG5nSDVRdEaTc4Eswr2Xwtba0YR/yExkTuduLHCkusdmtysbwWLYVY +hFzkeBz3dzDdKCyxMq72ioGjQFcKJubEuo4Rq3hqgT07jeYyn8/qC4JJO9mevL+i +Wr2v9ojCoXAeSYden3tB5hWYUGVGJSbAHlMRuLHCSydeP+i8Ek7DO45FvnKlpLhX +iYR+FzMxJXRJM8tyn9V47Ax0ZQ9hrvGppABVOrPKLI/hSmIx5x6VeAy3wG9hJYTn +W9rSjiJhpZNHLW/UXDzgLpwjNpfcBJ4216i4 +-----END CERTIFICATE REQUEST----- diff --git a/tools/test_env/etc/shinken/certs/shinken_openssl_cnf b/tools/test_env/etc/shinken/certs/shinken_openssl_cnf new file mode 100644 index 0000000..d562dbf --- /dev/null +++ b/tools/test_env/etc/shinken/certs/shinken_openssl_cnf @@ -0,0 +1,91 @@ + +# OpenSSL configuration file. +# + +# Establish working directory. + +dir = . + +[ ca ] +default_ca = CA_default + +[ CA_default ] +serial = $dir/serial +database = $dir/certindex.txt +certs = $dir/certs +new_certs_dir = $dir/ +certificate = $dir/demoCA/cacert.pem +private_key = $dir/demoCA/private/cakey.pem +default_days = 3650 +default_md = sha1 +preserve = no +email_in_dn = no +#nameopt = default_ca +#certopt = default_ca +copy_extensions = none +policy = policy_match + +basicConstraints = critical, CA:true +authorityKeyIdentifier = keyid:always,issuer:always +subjectKeyIdentifier = hash +keyUsage = critical, keyCertSign, cRLSign + +[ policy_match ] +countryName = match +stateOrProvinceName = match +organizationName = match +organizationalUnitName = optional +commonName = supplied +emailAddress = optional + +[ req ] +default_bits = 2048 # Size of keys +default_keyfile = key.pem # name of generated keys +default_md = sha1 # message digest algorithm +string_mask = nombstr # permitted characters +distinguished_name = req_distinguished_name +req_extensions = v3_req +#x509_extensions = subca_req + + +[ req_distinguished_name ] +# Variable name Prompt string +#------------------------- ---------------------------------- +organizationName = Organisation + +organizationalUnitName = Nom de l'unite organisationnelle (department, division) + +emailAddress = Adresse e-mail +emailAddress_max = 40 + +localityName = Ville + +stateOrProvinceName = Region + +countryName = Pays (en 2 lettres) +countryName_min = 2 +countryName_max = 2 + +commonName = Nom du certificat (hostname, IP, ou nom) +commonName_max = 64 + +# Default values for the above, for consistency and less typing. +# Variable name Value +#------------------------ ------------------------------ +organizationName_default = CAShinken +organizationalUnitName_default = MAIN +localityName_default = World +stateOrProvinceName_default = Some-State +countryName_default = FR + + +[ v3_ca ] +basicConstraints = CA:TRUE +subjectKeyIdentifier = hash +authorityKeyIdentifier = keyid:always,issuer:always + +[ v3_req ] +basicConstraints = CA:FALSE +subjectKeyIdentifier = hash + + diff --git a/tools/test_env/etc/shinken/commands/check_dig.cfg b/tools/test_env/etc/shinken/commands/check_dig.cfg new file mode 100644 index 0000000..01c17b3 --- /dev/null +++ b/tools/test_env/etc/shinken/commands/check_dig.cfg @@ -0,0 +1,9 @@ +## Check a DNS entry +## This plugin test the DNS service on the specified host using dig +# check_dig -l [-H ] [-p ] [-T ] +# [-w ] [-c ] [-t ] [-a ] [-v] +define command { + command_name check_dig + command_line $NAGIOSPLUGINSDIR$/check_dig -H $HOSTADDRESS$ -l $ARG1$ +} diff --git a/tools/test_env/etc/shinken/commands/check_host_alive.cfg b/tools/test_env/etc/shinken/commands/check_host_alive.cfg new file mode 100644 index 0000000..8cb07e8 --- /dev/null +++ b/tools/test_env/etc/shinken/commands/check_host_alive.cfg @@ -0,0 +1,5 @@ +define command { + command_name check_host_alive + command_line $NAGIOSPLUGINSDIR$/check_icmp -H $HOSTADDRESS$ -w 1000,100% -c 3000,100% -p 1 +} + diff --git a/tools/test_env/etc/shinken/commands/check_http_url.cfg b/tools/test_env/etc/shinken/commands/check_http_url.cfg new file mode 100644 index 0000000..3a83f1e --- /dev/null +++ b/tools/test_env/etc/shinken/commands/check_http_url.cfg @@ -0,0 +1,5 @@ +# Simple web check +define command { + command_name check_http_url + command_line $NAGIOSPLUGINSDIR$/check_http -H $HOSTADDRESS$ -u $ARG1$ +} diff --git a/tools/test_env/etc/shinken/commands/check_nrpe.cfg b/tools/test_env/etc/shinken/commands/check_nrpe.cfg new file mode 100644 index 0000000..2aa4e49 --- /dev/null +++ b/tools/test_env/etc/shinken/commands/check_nrpe.cfg @@ -0,0 +1,9 @@ +## Ask a NRPE agent +## Requires that you have the NRPE daemon running on the remote host. +# check_nrpe -H [-n] [-u] [-p ] [-t ] [-c ] [-a +# ] +define command { + command_name check_nrpe + command_line $NAGIOSPLUGINSDIR$/check_nrpe -H $HOSTADDRESS$ -t 9 -u -c $ARG1$ +} + diff --git a/tools/test_env/etc/shinken/commands/check_nrpe_args.cfg b/tools/test_env/etc/shinken/commands/check_nrpe_args.cfg new file mode 100644 index 0000000..c008447 --- /dev/null +++ b/tools/test_env/etc/shinken/commands/check_nrpe_args.cfg @@ -0,0 +1,8 @@ +## Ask a NRPE agent with arguments (passing arguments may be a security risk) +## Requires that you have the NRPE daemon running on the remote host. +# check_nrpe -H [-n] [-u] [-p ] [-t ] [-c ] [-a +# ] +define command { + command_name check_nrpe_args + command_line $NAGIOSPLUGINSDIR$/check_nrpe -H $HOSTADDRESS$ -t 9 -u -c $ARG1$ -a $ARG2$ $ARG3$ $ARG4$ $ARG5$ +} diff --git a/tools/test_env/etc/shinken/commands/check_ping.cfg b/tools/test_env/etc/shinken/commands/check_ping.cfg new file mode 100644 index 0000000..4326aeb --- /dev/null +++ b/tools/test_env/etc/shinken/commands/check_ping.cfg @@ -0,0 +1,10 @@ + +## Check ping command +## Use ping to check connection statistics for a remote host. +# check_ping -H -w ,% -c ,% [-p packets] +# [-t timeout] [-4|-6] +define command { + command_name check_ping + command_line $NAGIOSPLUGINSDIR$/check_icmp -H $HOSTADDRESS$ -w 3000,100% -c 5000,100% -p 10 +} + diff --git a/tools/test_env/etc/shinken/commands/check_snmp_service.cfg b/tools/test_env/etc/shinken/commands/check_snmp_service.cfg new file mode 100644 index 0000000..804660f --- /dev/null +++ b/tools/test_env/etc/shinken/commands/check_snmp_service.cfg @@ -0,0 +1,7 @@ + +# Check SNMP service presence on target +define command { + command_name check_snmp_service + command_line $NAGIOSPLUGINSDIR$/check_snmp_service -H $HOSTADDRESS$ -C $SNMPCOMMUNITYREAD$ +} + diff --git a/tools/test_env/etc/shinken/commands/check_snmp_storage.cfg b/tools/test_env/etc/shinken/commands/check_snmp_storage.cfg new file mode 100644 index 0000000..d4db335 --- /dev/null +++ b/tools/test_env/etc/shinken/commands/check_snmp_storage.cfg @@ -0,0 +1,8 @@ + +# default command to check storage by snmp +# Others commands are in os pack. +define command { + command_name check_snmp_storage + command_line $NAGIOSPLUGINSDIR$/check_snmp_storage.pl -H $HOSTADDRESS$ -C $SNMPCOMMUNITYREAD$ -m $ARG1$ -f -w $ARG2$ -c $ARG3$ -S0,1 -o 65535 +} + diff --git a/tools/test_env/etc/shinken/commands/check_snmp_time.cfg b/tools/test_env/etc/shinken/commands/check_snmp_time.cfg new file mode 100644 index 0000000..0a0b8a2 --- /dev/null +++ b/tools/test_env/etc/shinken/commands/check_snmp_time.cfg @@ -0,0 +1,8 @@ + +# Compare time between target and shinken +# Doc : http://nagios.frank4dd.com/plugins/manual/check_snmp_time.htm +# Plugin : http://nagios.frank4dd.com/plugins/source/check_snmp_time.pl +define command { + command_name check_snmp_time + command_line $NAGIOSPLUGINSDIR$/check_snmp_time.pl -H $HOSTADDRESS$ -C $SNMPCOMMUNITYREAD$ -f -w $ARG1$ -c $ARG2$ +} diff --git a/tools/test_env/etc/shinken/commands/check_tcp.cfg b/tools/test_env/etc/shinken/commands/check_tcp.cfg new file mode 100644 index 0000000..a74c183 --- /dev/null +++ b/tools/test_env/etc/shinken/commands/check_tcp.cfg @@ -0,0 +1,11 @@ +## Check a TCP port +# This plugin tests TCP connections with the specified host (or unix socket). +# check_tcp -H host -p port [-w ] [-c ] [-s ] [-e ] [-q ][-m ] [-d +# ] [-t ] [-r ] [-M ] +# [-v] [-4|-6] [-j] [-D [,]] [-S +# ] [-E] +define command { + command_name check_tcp + command_line $NAGIOSPLUGINSDIR$/check_tcp -H $HOSTADDRESS$ -p $ARG1$ +} diff --git a/tools/test_env/etc/shinken/commands/configuration-check.cfg b/tools/test_env/etc/shinken/commands/configuration-check.cfg new file mode 100644 index 0000000..806f70e --- /dev/null +++ b/tools/test_env/etc/shinken/commands/configuration-check.cfg @@ -0,0 +1,5 @@ +define command { + command_name configuration-check + command_line sudo /etc/init.d/shinken check +} + diff --git a/tools/test_env/etc/shinken/commands/detailled-host-by-email.cfg b/tools/test_env/etc/shinken/commands/detailled-host-by-email.cfg new file mode 100644 index 0000000..5ad510d --- /dev/null +++ b/tools/test_env/etc/shinken/commands/detailled-host-by-email.cfg @@ -0,0 +1,6 @@ +## Notify Host by Email with detailled informations +# Service have appropriate macros. Look at unix-fs pack to get an example +define command { + command_name detailled-host-by-email + command_line /usr/bin/printf "%b" "Shinken Notification\n\nType:$NOTIFICATIONTYPE$\nHost: $HOSTNAME$\nState: $HOSTSTATE$\nAddress: $HOSTADDRESS$\nDate/Time: $DATE$/$TIME$\n Host Output : $HOSTOUTPUT$\n\nHost description: $_HOSTDESC$\nHost Impact: $_HOSTIMPACT$" | /usr/bin/mail -s "Host $HOSTSTATE$ alert for $HOSTNAME$" $CONTACTEMAIL$ +} diff --git a/tools/test_env/etc/shinken/commands/detailled-service-by-email.cfg b/tools/test_env/etc/shinken/commands/detailled-service-by-email.cfg new file mode 100644 index 0000000..3f6c9d6 --- /dev/null +++ b/tools/test_env/etc/shinken/commands/detailled-service-by-email.cfg @@ -0,0 +1,7 @@ + +## Notify Service by Email with detailled informations +# Service have appropriate macros. Look at unix-fs pack to get an example +define command { + command_name detailled-service-by-email + command_line /usr/bin/printf "%b" "Shinken Notification\n\nNotification Type: $NOTIFICATIONTYPE$\n\nService: $SERVICEDESC$\nHost: $HOSTALIAS$\nAddress: $HOSTADDRESS$\nState: $SERVICESTATE$\n\nDate/Time: $DATE$ at $TIME$\nService Output : $SERVICEOUTPUT$\n\nService Description: $_SERVICEDETAILLEDESC$\nService Impact: $_SERVICEIMPACT$\nFix actions: $_SERVICEFIXACTIONS$" | /usr/bin/mail -s "$SERVICESTATE$ on Host : $HOSTALIAS$/Service : $SERVICEDESC$" $CONTACTEMAIL$ +} diff --git a/tools/test_env/etc/shinken/commands/notify-host-by-android-sms.cfg b/tools/test_env/etc/shinken/commands/notify-host-by-android-sms.cfg new file mode 100644 index 0000000..e5606e4 --- /dev/null +++ b/tools/test_env/etc/shinken/commands/notify-host-by-android-sms.cfg @@ -0,0 +1,9 @@ + +## Notify Host by SMS (through an Android phone) +# You need both reactionner_tag and module_type in most cases! +define command { + command_name notify-host-by-android-sms + command_line android_sms $CONTACTPAGER$ Host: $HOSTNAME$\nAddress: $HOSTADDRESS$\nState: $HOSTSTATE$\nInfo: $OUTPUT$\nDate: $DATETIME$ + reactionner_tag android_sms + module_type android_sms +} diff --git a/tools/test_env/etc/shinken/commands/notify-host-by-email.cfg b/tools/test_env/etc/shinken/commands/notify-host-by-email.cfg new file mode 100644 index 0000000..47aa6a3 --- /dev/null +++ b/tools/test_env/etc/shinken/commands/notify-host-by-email.cfg @@ -0,0 +1,5 @@ +## Notify Host by Email +define command { + command_name notify-host-by-email + command_line /usr/bin/printf "%b" "Shinken Notification\n\nType:$NOTIFICATIONTYPE$\nHost: $HOSTNAME$\nState: $HOSTSTATE$\nAddress: $HOSTADDRESS$\nInfo: $HOSTOUTPUT$\nDate/Time: $DATE$ $TIME$\n" | /usr/bin/mail -s "Host $HOSTSTATE$ alert for $HOSTNAME$" $CONTACTEMAIL$ +} diff --git a/tools/test_env/etc/shinken/commands/notify-host-by-xmpp.cfg b/tools/test_env/etc/shinken/commands/notify-host-by-xmpp.cfg new file mode 100644 index 0000000..12321f8 --- /dev/null +++ b/tools/test_env/etc/shinken/commands/notify-host-by-xmpp.cfg @@ -0,0 +1,5 @@ +## Notify Host by XMPP +define command { + command_name notify-host-by-xmpp + command_line $PLUGINSDIR$/notify_by_xmpp.py -a $PLUGINSDIR$/notify_by_xmpp.ini "Host '$HOSTNAME$' is $HOSTSTATE$ - Info : $HOSTOUTPUT$" $CONTACTEMAIL$ +} diff --git a/tools/test_env/etc/shinken/commands/notify-service-by-android-sms.cfg b/tools/test_env/etc/shinken/commands/notify-service-by-android-sms.cfg new file mode 100644 index 0000000..a709a83 --- /dev/null +++ b/tools/test_env/etc/shinken/commands/notify-service-by-android-sms.cfg @@ -0,0 +1,9 @@ +## Notify Service by SMS (through an Android phone) +# You need both reactionner_tag and module_type in most cases! +define command { + command_name notify-service-by-android-sms + command_line android_sms $CONTACTPAGER$ Service: $SERVICEDESC$\nHost: $HOSTNAME$\nAddress: $HOSTADDRESS$\nState: $SERVICESTATE$\nInfo: $OUTPUT$\nDate: $DATETIME$ + reactionner_tag android_sms + module_type android_sms +} + diff --git a/tools/test_env/etc/shinken/commands/notify-service-by-email.cfg b/tools/test_env/etc/shinken/commands/notify-service-by-email.cfg new file mode 100644 index 0000000..a3e6699 --- /dev/null +++ b/tools/test_env/etc/shinken/commands/notify-service-by-email.cfg @@ -0,0 +1,6 @@ +## Notify Service by Email +define command { + command_name notify-service-by-email + command_line /usr/bin/printf "%b" "Shinken Notification\n\nNotification Type: $NOTIFICATIONTYPE$\n\nService: $SERVICEDESC$\nHost: $HOSTNAME$\nAddress: $HOSTADDRESS$\nState: $SERVICESTATE$\n\nDate/Time: $DATE$ $TIME$\nAdditional Info : $SERVICEOUTPUT$\n" | /usr/bin/mail -s "** $NOTIFICATIONTYPE$ alert - $HOSTNAME$/$SERVICEDESC$ is $SERVICESTATE$ **" $CONTACTEMAIL$ +} + diff --git a/tools/test_env/etc/shinken/commands/notify-service-by-xmpp.cfg b/tools/test_env/etc/shinken/commands/notify-service-by-xmpp.cfg new file mode 100644 index 0000000..7a61a0e --- /dev/null +++ b/tools/test_env/etc/shinken/commands/notify-service-by-xmpp.cfg @@ -0,0 +1,6 @@ +## Notify Service by XMPP +define command { + command_name notify-service-by-xmpp + command_line $PLUGINSDIR$/notify_by_xmpp.py -a $PLUGINSDIR$/notify_by_xmpp.ini "$NOTIFICATIONTYPE$ $HOSTNAME$ $SERVICEDESC$ $SERVICESTATE$ $SERVICEOUTPUT$ $LONGDATETIME$" $CONTACTEMAIL$ +} + diff --git a/tools/test_env/etc/shinken/commands/reload-shinken.cfg b/tools/test_env/etc/shinken/commands/reload-shinken.cfg new file mode 100644 index 0000000..228d299 --- /dev/null +++ b/tools/test_env/etc/shinken/commands/reload-shinken.cfg @@ -0,0 +1,5 @@ +define command { + command_name reload-shinken + command_line sudo /etc/init.d/shinken reload +} + diff --git a/tools/test_env/etc/shinken/commands/restart-shinken.cfg b/tools/test_env/etc/shinken/commands/restart-shinken.cfg new file mode 100644 index 0000000..5fdcba7 --- /dev/null +++ b/tools/test_env/etc/shinken/commands/restart-shinken.cfg @@ -0,0 +1,5 @@ +define command { + command_name restart-shinken + command_line sudo /etc/init.d/shinken restart +} + diff --git a/tools/test_env/etc/shinken/contactgroups/admins.cfg b/tools/test_env/etc/shinken/contactgroups/admins.cfg new file mode 100644 index 0000000..3e204af --- /dev/null +++ b/tools/test_env/etc/shinken/contactgroups/admins.cfg @@ -0,0 +1,6 @@ +define contactgroup{ + contactgroup_name admins + alias admins + members admin +} + diff --git a/tools/test_env/etc/shinken/contactgroups/users.cfg b/tools/test_env/etc/shinken/contactgroups/users.cfg new file mode 100644 index 0000000..80ba135 --- /dev/null +++ b/tools/test_env/etc/shinken/contactgroups/users.cfg @@ -0,0 +1,5 @@ +define contactgroup{ + contactgroup_name users + alias users + members admin +} diff --git a/tools/test_env/etc/shinken/contacts/admin.cfg b/tools/test_env/etc/shinken/contacts/admin.cfg new file mode 100644 index 0000000..5ecb516 --- /dev/null +++ b/tools/test_env/etc/shinken/contacts/admin.cfg @@ -0,0 +1,12 @@ +# This is a default admin +# CHANGE ITS PASSWORD! + +define contact{ + use generic-contact + contact_name admin + email shinken@localhost + pager 0600000000 ; contact phone number + password admin + is_admin 1 +} + diff --git a/tools/test_env/etc/shinken/daemons/brokerd.ini b/tools/test_env/etc/shinken/daemons/brokerd.ini new file mode 100644 index 0000000..4cc8d2e --- /dev/null +++ b/tools/test_env/etc/shinken/daemons/brokerd.ini @@ -0,0 +1,48 @@ +[daemon] + +# The daemon will chdir into the directory workdir when launched +workdir = /var/run/shinken +logdir = /var/log/shinken + +pidfile=%(workdir)s/brokerd.pid + +# Using default values for following config variables value: +# Paths, if not absolute paths, are relative to workdir. + +#user=shinken ; by default it's the current user +#group=shinken ; by default it's the current group + + +#host=0.0.0.0 +#port=7772 + +#idontcareaboutsecurity=0 + +# Set to 0 if you want to make this daemon NOT run +daemon_enabled=1 + +#-- SSL configuration -- +use_ssl=0 +#ca_cert=/etc/shinken/certs/ca.pem +#server_cert=/etc/shinken/certs/server.cert +#server_key=/etc/shinken/certs/server.key +#hard_ssl_name_check=0 +http_backend=auto + +#-- Local log management -- +# Enabled by default to ease troubleshooting +use_local_log=1 +local_log=%(logdir)s/brokerd.log +# Accepted log level values: DEBUG,INFO,WARNING,ERROR,CRITICAL +log_level=WARNING + + +#-- External modules watchdog -- +# If a module got a brok queue() higher than this value, it will be +# killed and restart. Put to 0 to disable it +max_queue_size=100000 + + +modules_dir=/var/lib/shinken/modules +user=shinken +group=shinken diff --git a/tools/test_env/etc/shinken/daemons/pollerd.ini b/tools/test_env/etc/shinken/daemons/pollerd.ini new file mode 100644 index 0000000..d4e202d --- /dev/null +++ b/tools/test_env/etc/shinken/daemons/pollerd.ini @@ -0,0 +1,41 @@ +[daemon] + +#-- Global Configuration +#user=shinken ; if not set then by default it's the current user. +#group=shinken ; if not set then by default it's the current group. +# Set to 0 if you want to make this daemon NOT run +daemon_enabled=1 + +#-- Path Configuration +# The daemon will chdir into the directory workdir when launched +# paths variables values, if not absolute paths, are relative to workdir. +# using default values for following config variables value: +workdir = /var/run/shinken +logdir = /var/log/shinken +pidfile=%(workdir)s/pollerd.pid + +#-- Network configuration +# host=0.0.0.0 +# port=7771 +# http_backend=auto +# idontcareaboutsecurity=0 + +#-- SSL configuration -- +use_ssl=0 +# WARNING : Put full paths for certs +#ca_cert=/etc/shinken/certs/ca.pem +#server_cert=/etc/shinken/certs/server.cert +#server_key=/etc/shinken/certs/server.key +#hard_ssl_name_check=0 + +#-- Local log management -- +# Enabled by default to ease troubleshooting +use_local_log=1 +local_log=%(logdir)s/pollerd.log +# accepted log level values= DEBUG,INFO,WARNING,ERROR,CRITICAL +log_level=WARNING + + +modules_dir=/var/lib/shinken/modules +user=shinken +group=shinken diff --git a/tools/test_env/etc/shinken/daemons/reactionnerd.ini b/tools/test_env/etc/shinken/daemons/reactionnerd.ini new file mode 100644 index 0000000..12c7ae9 --- /dev/null +++ b/tools/test_env/etc/shinken/daemons/reactionnerd.ini @@ -0,0 +1,36 @@ +[daemon] + +# The daemon will chdir into the directory workdir when launched +workdir = /var/run/shinken +logdir = /var/log/shinken + +pidfile=%(workdir)s/reactionnerd.pid + +port=7769 +#host=0.0.0.0 +#user=shinken +#group=shinken +idontcareaboutsecurity=0 + +# Set to 0 if you want to make this daemon NOT run +daemon_enabled=1 + +#-- SSL configuration -- +use_ssl=0 +#ca_cert=/etc/shinken/certs/ca.pem +#server_cert=/etc/shinken/certs/server.cert +#server_key=/etc/shinken/certs/server.key +#hard_ssl_name_check=0 +http_backend=auto + +#-- Local log management -- +# Enabled by default to ease troubleshooting +use_local_log=1 +local_log=%(logdir)s/reactionnerd.log + +# accepted log level values= DEBUG,INFO,WARNING,ERROR,CRITICAL +log_level=WARNING + +modules_dir=/var/lib/shinken/modules +user=shinken +group=shinken diff --git a/tools/test_env/etc/shinken/daemons/receiverd.ini b/tools/test_env/etc/shinken/daemons/receiverd.ini new file mode 100644 index 0000000..b58c89f --- /dev/null +++ b/tools/test_env/etc/shinken/daemons/receiverd.ini @@ -0,0 +1,36 @@ +[daemon] + +# The daemon will chdir into the directory workdir when launched +workdir = /var/run/shinken +logdir = /var/log/shinken + +pidfile=%(workdir)s/receiverd.pid + +port=7773 +#host=0.0.0.0 +#user=shinken +#group=shinken +idontcareaboutsecurity=0 + +# Set to 0 if you want to make this daemon NOT run +daemon_enabled=1 + +#-- SSL configuration -- +use_ssl=0 +#ca_cert=/etc/shinken/certs/ca.pem +#server_cert=/etc/shinken/certs/server.cert +#server_key=/etc/shinken/certs/server.key +#hard_ssl_name_check=0 +http_backend=auto + +#-- Local log management -- +# Enabled by default to ease troubleshooting +use_local_log=1 +local_log=%(logdir)s/receiverd.log + +# accepted log level values= DEBUG,INFO,WARNING,ERROR,CRITICAL +log_level=WARNING + +modules_dir=/var/lib/shinken/modules +user=shinken +group=shinken diff --git a/tools/test_env/etc/shinken/daemons/schedulerd.ini b/tools/test_env/etc/shinken/daemons/schedulerd.ini new file mode 100644 index 0000000..9425ce2 --- /dev/null +++ b/tools/test_env/etc/shinken/daemons/schedulerd.ini @@ -0,0 +1,41 @@ +[daemon] + +# The daemon will chdir into the directory workdir when launched +workdir = /var/run/shinken +logdir = /var/log/shinken + +pidfile=%(workdir)s/schedulerd.pid + +port=7768 +#host=0.0.0.0 +#user=shinken +#group=shinken +idontcareaboutsecurity=0 + +# To be changed, to match your real modules directory installation +#modulesdir=modules + +# Set to 0 if you want to make this daemon NOT run +daemon_enabled=1 + + +#-- SSL configuration -- +use_ssl=0 +# WARNING : Use full paths for certs +#ca_cert=/etc/shinken/certs/ca.pem +#server_cert=/etc/shinken/certs/server.cert +#server_key=/etc/shinken/certs/server.key +hard_ssl_name_check=0 +http_backend=auto + +#-- Local log management -- +# Enabled by default to ease troubleshooting +use_local_log=1 +local_log=%(logdir)s/schedulerd.log + +# accepted log level values= DEBUG,INFO,WARNING,ERROR,CRITICAL +log_level=WARNING + +modules_dir=/var/lib/shinken/modules +user=shinken +group=shinken diff --git a/tools/test_env/etc/shinken/dependencies/sample.cfg b/tools/test_env/etc/shinken/dependencies/sample.cfg new file mode 100644 index 0000000..8871be4 --- /dev/null +++ b/tools/test_env/etc/shinken/dependencies/sample.cfg @@ -0,0 +1,22 @@ +# Dependencies + +# This is the HARD way for define dependencies. Please look at the +# service_dependencies property for the services instead! + +#define servicedependency { +# host_name dc01 +# service_description ActiveDirectory +# dependent_host_name dc07 +# dependent_service_description ActiveDirectory +# execution_failure_criteria o +# notification_failure_criteria w,u +# dependency_period 24x7 +# } + +#define hostdependency{ +# host_name dc01 +# dependent_host_name localhost +# execution_failure_criteria o +# notification_failure_criteria u +# dependency_period 24x7 +# } diff --git a/tools/test_env/etc/shinken/discovery/discovery.cfg b/tools/test_env/etc/shinken/discovery/discovery.cfg new file mode 100644 index 0000000..cf8afe3 --- /dev/null +++ b/tools/test_env/etc/shinken/discovery/discovery.cfg @@ -0,0 +1,33 @@ + +# Log file of the discovery command +log_file=/var/log/shinken/discovery.log + + +# Configuration files with common discovery objects +# like discoveryrules or runners +cfg_dir=../packs + +# Default discovery rules and runners. Should be AFTER +# the packs ones ;) +cfg_file=discovery_rules.cfg +cfg_file=discovery_runs.cfg + +# Load modules, for possible bdd connection +cfg_file=../shinken.cfg + +# Load all commands that will be used +cfg_dir=../commands + +# Some important macros +cfg_dir=../resource.d + +# Lock file (with pid) for Arbiterd +lock_file=discovery.pid + +# Strip FQDN of the name ID to keep only the +# basename of the element +strip_idname_fqdn=1 + +# Change this value to increase the discovery +# scripts timeout. Start with a quite huge value, one hour. +runners_timeout=3600 diff --git a/tools/test_env/etc/shinken/discovery/discovery_rules.cfg b/tools/test_env/etc/shinken/discovery/discovery_rules.cfg new file mode 100644 index 0000000..7c231fe --- /dev/null +++ b/tools/test_env/etc/shinken/discovery/discovery_rules.cfg @@ -0,0 +1,65 @@ +# Here are some examples for tagging hosts with classic templates + +# The generic-host should be AT THE END, because templates are built +# from more specific to generic +define discoveryrule { + discoveryrule_name HostGeneric + creation_type host + # Generic host should be the last template use, so we give it the + # last order + discoveryrule_order 999 + + isup 1 + +use generic-host +} + +################################################################# +# Unix Filesystem discovery rules +################################################################# +define discoveryrule { + discoveryrule_name fs_root + creation_type host + fs ^_root$ + fqdn ^.{6}p\d$ + +use fs_root +} + +define discoveryrule { + discoveryrule_name fs_var + creation_type host + fs var$ + fqdn ^.{6}p\d$ + +use fs_var +} + +define discoveryrule { + discoveryrule_name fs_usr + creation_type host + fs usr$ + fqdn ^.{6}p\d$ + +use fs_usr +} + +define discoveryrule { + discoveryrule_name fs_opt + creation_type host + fs opt$ + fqdn ^.{6}p\d$ + +use fs_opt +} + +define discoveryrule { + discoveryrule_name fs_home + creation_type host + fs home$ + fqdn ^.{6}p\d$ + +use fs_home +} + +define discoveryrule { + discoveryrule_name fs_tmp + creation_type host + fs tmp$ + fqdn ^.{6}p\d$ + +use fs_tmp +} diff --git a/tools/test_env/etc/shinken/discovery/discovery_runs.cfg b/tools/test_env/etc/shinken/discovery/discovery_runs.cfg new file mode 100644 index 0000000..c6cff1a --- /dev/null +++ b/tools/test_env/etc/shinken/discovery/discovery_runs.cfg @@ -0,0 +1,37 @@ +################################################################################ +# Discovery_commands +#=============================================================================== +# Download: +# - nmap_discovery, vmware_esx_discovery: +# Shinken's sources (in libexec) +# - fs_discovery, cluster_discovery: +# ??? +################################################################################ + +## NMAP Discovery +# nmap_discovery_runner.py [options] -t nmap scanning targets +define command { + command_name nmap_discovery + command_line $PLUGINSDIR$/discovery/nmap_discovery_runner.py --min-rate $NMAPMINRATE$ --max-retries $NMAPMAXRETRIES$ -t $NMAPTARGETS$ +} + + +# nmap runner, the will use the nmap_discovery command. +define discoveryrun { + discoveryrun_name nmap + discoveryrun_command nmap_discovery +} + + +## VMWare ESX Discovery +# vmware_discovery_runner.py [options] +define command { + command_name vmware_esx_discovery + command_line $PLUGINSDIR$/discovery/vmware_discovery_runner.py -V $VCENTER$ -u $VCENTERLOGIN$ -p $VCENTERPASSWORD$ -r "lower|nofqdn" +} + +# vsphere runner ,that will as the vmware_esx_discovery command +define discoveryrun { + discoveryrun_name vsphere + discoveryrun_command vmware_esx_discovery +} diff --git a/tools/test_env/etc/shinken/escalations/sample.cfg b/tools/test_env/etc/shinken/escalations/sample.cfg new file mode 100644 index 0000000..8dbde3f --- /dev/null +++ b/tools/test_env/etc/shinken/escalations/sample.cfg @@ -0,0 +1,17 @@ + + +# Define escalation the OLD school way. +# Better use the simple "escalation" way! (in shinken-specific.cfg) + +#define serviceescalation{ +# host_name localhost +# hostgroup_name windows-servers +# service_description Root Partition +# contacts GNULinux_Administrator +# contact_groups admins +# first_notification 2 +# last_notification 5 +# notification_interval 1 +# escalation_period 24x7 +# escalation_options w,u,c,r +# } diff --git a/tools/test_env/etc/shinken/hostgroups/linux.cfg b/tools/test_env/etc/shinken/hostgroups/linux.cfg new file mode 100644 index 0000000..5728251 --- /dev/null +++ b/tools/test_env/etc/shinken/hostgroups/linux.cfg @@ -0,0 +1,5 @@ +define hostgroup{ + hostgroup_name linux ; The name of the hostgroup + alias Linux Servers ; Long name of the group + #members +} diff --git a/tools/test_env/etc/shinken/hosts/localhost.cfg b/tools/test_env/etc/shinken/hosts/localhost.cfg new file mode 100644 index 0000000..5772ade --- /dev/null +++ b/tools/test_env/etc/shinken/hosts/localhost.cfg @@ -0,0 +1,7 @@ +define host{ + use generic-host + contact_groups admins + host_name localhost + address localhost + } + diff --git a/tools/test_env/etc/shinken/modules/auth_cfg_password.cfg b/tools/test_env/etc/shinken/modules/auth_cfg_password.cfg new file mode 100644 index 0000000..48b73da --- /dev/null +++ b/tools/test_env/etc/shinken/modules/auth_cfg_password.cfg @@ -0,0 +1,7 @@ +## Module: auth-cfg-password +## Loaded by: WebUI +# Check authentification using password parameter in contact definition. +define module { + module_name auth-cfg-password + module_type cfg_password_webui +} diff --git a/tools/test_env/etc/shinken/modules/influxdb.cfg b/tools/test_env/etc/shinken/modules/influxdb.cfg new file mode 100644 index 0000000..bfb1394 --- /dev/null +++ b/tools/test_env/etc/shinken/modules/influxdb.cfg @@ -0,0 +1,18 @@ +## Module: mod-influxdb +## Loaded by: Broker +# Export host and service performance data and events to InfluxDB. +# InfluxDB is an open-source distributed time series database with no external +# dependencies. http://influxdb.com/ +define module { + module_name mod-influxdb + module_type influxdb_perfdata + host localhost + port 8086 + user root + password root + database db + #use_udp 1 ; default value is 0, 1 to use udp + udp_port 4444 + #tick_limit 300 ; Default value 300 +} + diff --git a/tools/test_env/etc/shinken/modules/webui.cfg b/tools/test_env/etc/shinken/modules/webui.cfg new file mode 100644 index 0000000..b9314b0 --- /dev/null +++ b/tools/test_env/etc/shinken/modules/webui.cfg @@ -0,0 +1,41 @@ +define module{ + module_name WebUI + module_type webui + + host 0.0.0.0 ; mean all interfaces of your broker server + port 7767 + + # CHANGE THIS VALUE or someone may forge your cookies + auth_secret o2vzcwI62xaEt09xGZ8XBmDtJJWw0j + + # Allow or not the html characters in plugins output + # WARNING: so far, it can be a security issue + allow_html_output 0 + + # Option welcome message + #login_text Welcome to ACME Shinken WebUI. + + #http_backend auto + # ; can be also: wsgiref, cherrypy, paste, tornado, twisted + # ; or gevent. auto means best match in the system. + modules Cfg_password + + # Modules available for the WebUI: + # + # Note: Choose one or more authentication methods. + # + # Apache_passwd: use an Apache htpasswd files for auth + # ActiveDir_UI: use AD for auth and photo collect + # Cfg_password: use passwords in contacts configuration for authentication + # + # PNP_UI: Use PNP graphs in the UI + # GRAPHITE_UI: Use graphs from Graphite + # + # Mongodb: Necessary for enabling user preferences in WebUI +} + +define module{ + module_name Cfg_password + module_type cfg_password_webui +} + diff --git a/tools/test_env/etc/shinken/modules/ws_arbiter.cfg b/tools/test_env/etc/shinken/modules/ws_arbiter.cfg new file mode 100644 index 0000000..0cd4ef8 --- /dev/null +++ b/tools/test_env/etc/shinken/modules/ws_arbiter.cfg @@ -0,0 +1,13 @@ +## Module: ws-arbiter +## Loaded by: Arbiter, Receiver +# WebService module for the Arbiter and Receiver so you can send (POST) passive +# checks to it :) +define module { + module_name ws-arbiter + module_type ws_arbiter + host 0.0.0.0 + port 7760 + username admin ; If you want auth, set username and password. + password admin +} + diff --git a/tools/test_env/etc/shinken/notificationways/detailled-email.cfg b/tools/test_env/etc/shinken/notificationways/detailled-email.cfg new file mode 100644 index 0000000..ce7ed71 --- /dev/null +++ b/tools/test_env/etc/shinken/notificationways/detailled-email.cfg @@ -0,0 +1,11 @@ +# This is how emails are sent, 24x7 way. +define notificationway{ + notificationway_name detailled-email + service_notification_period 24x7 + host_notification_period 24x7 + service_notification_options c,w,r + host_notification_options d,u,r,f,s + service_notification_commands detailled-service-by-email ; send service notifications via email + host_notification_commands detailled-host-by-email ; send host notifications via email +} + diff --git a/tools/test_env/etc/shinken/notificationways/email.cfg b/tools/test_env/etc/shinken/notificationways/email.cfg new file mode 100644 index 0000000..2595efe --- /dev/null +++ b/tools/test_env/etc/shinken/notificationways/email.cfg @@ -0,0 +1,11 @@ +# This is how emails are sent, 24x7 way. +define notificationway{ + notificationway_name email + service_notification_period 24x7 + host_notification_period 24x7 + service_notification_options c,w,r + host_notification_options d,u,r,f,s + service_notification_commands notify-service-by-email ; send service notifications via email + host_notification_commands notify-host-by-email ; send host notifications via email +} + diff --git a/tools/test_env/etc/shinken/notificationways/sms-android.cfg b/tools/test_env/etc/shinken/notificationways/sms-android.cfg new file mode 100644 index 0000000..fa67398 --- /dev/null +++ b/tools/test_env/etc/shinken/notificationways/sms-android.cfg @@ -0,0 +1,12 @@ +# This is how sms are sent, 24x7 way. +# Tweak it to fit your needs. +define notificationway{ + notificationway_name android-sms + service_notification_period 24x7 + host_notification_period 24x7 + service_notification_options c,w,r + host_notification_options d,u,r,f,s + service_notification_commands notify-service-by-android-sms ; send service notifications via SMS + host_notification_commands notify-host-by-android-sms ; send host notifications via SMS +} + diff --git a/tools/test_env/etc/shinken/packs/readme.cfg b/tools/test_env/etc/shinken/packs/readme.cfg new file mode 100644 index 0000000..07300d8 --- /dev/null +++ b/tools/test_env/etc/shinken/packs/readme.cfg @@ -0,0 +1,4 @@ +#In this place you will find all your packs downloaded from shinken.iowebsite. +# +#you can freely adapt them to your own needs. + diff --git a/tools/test_env/etc/shinken/pollers/poller-master.cfg b/tools/test_env/etc/shinken/pollers/poller-master.cfg new file mode 100644 index 0000000..5b7518f --- /dev/null +++ b/tools/test_env/etc/shinken/pollers/poller-master.cfg @@ -0,0 +1,51 @@ +#=============================================================================== +# POLLER (S1_Poller) +#=============================================================================== +# Description: The poller is responsible for: +# - Active data acquisition +# - Local passive data acquisition +# https://shinken.readthedocs.org/en/latest/08_configobjects/poller.html +#=============================================================================== +define poller { + poller_name poller-master + address localhost + port 7771 + + ## Optional + spare 0 ; 1 = is a spare, 0 = is not a spare + manage_sub_realms 0 ; Does it take jobs from schedulers of sub-Realms? + min_workers 0 ; Starts with N processes (0 = 1 per CPU) + max_workers 0 ; No more than N processes (0 = 1 per CPU) + processes_by_worker 256 ; Each worker manages N checks + polling_interval 1 ; Get jobs from schedulers each N seconds + timeout 3 ; Ping timeout + data_timeout 120 ; Data send timeout + max_check_attempts 3 ; If ping fails N or more, then the node is dead + check_interval 60 ; Ping node every N seconds + + ## Interesting modules that can be used: + # - booster-nrpe = Replaces the check_nrpe binary. Therefore it + # enhances performances when there are lot of NRPE + # calls. + # - named-pipe = Allow the poller to read a nagios.cmd named pipe. + # This permits the use of distributed check_mk checks + # should you desire it. + # - SnmpBooster = Snmp bulk polling module + modules + + ## Advanced Features + #passive 0 ; For DMZ monitoring, set to 1 so the connections + ; will be from scheduler -> poller. + + # Poller tags are the tag that the poller will manage. Use None as tag name to manage + # untaggued checks + #poller_tags None + + # Enable https or not + use_ssl 0 + # enable certificate/hostname check, will avoid man in the middle attacks + hard_ssl_name_check 0 + + + realm All +} diff --git a/tools/test_env/etc/shinken/reactionners/reactionner-android-sms.cfg b/tools/test_env/etc/shinken/reactionners/reactionner-android-sms.cfg new file mode 100644 index 0000000..487b4bc --- /dev/null +++ b/tools/test_env/etc/shinken/reactionners/reactionner-android-sms.cfg @@ -0,0 +1,30 @@ +#=============================================================================== +# REACTIONNER +# Sample of an Android SMS reactionner +# Uncomment this reactionner to enable it +#=============================================================================== +# 2 requirements: +# - "modules AndroidSMS" = in order to load SMS sending code +# - "reactionner_tags android_sms" = so ONLY commands with this tag will be +# sent to this reactionner, not mail things. +#=============================================================================== +#define reactionner { +# reactionner_name reactionner-Android +# address WIFI-IP-OF-YOUR-ANDROID-PHONE +# port 7769 +# spare 0 +# ## Optional +# manage_sub_realms 0 ; Does it take jobs from schedulers of sub-Realms? +# min_workers 1 ; Starts with N processes (0 = 1 per CPU) +# max_workers 15 ; No more than N processes (0 = 1 per CPU) +# polling_interval 1 ; Get jobs from schedulers each 1 second +# timeout 3 ; Ping timeout +# data_timeout 120 ; Data send timeout +# max_check_attempts 3 ; If ping fails N or more, then the node is dead +# check_interval 60 ; Ping node every N seconds +# ## Modules +# modules AndroidSMS +# reactionner_tags android_sms +# ## Advanced Feature +# realm All +#} diff --git a/tools/test_env/etc/shinken/reactionners/reactionner-master.cfg b/tools/test_env/etc/shinken/reactionners/reactionner-master.cfg new file mode 100644 index 0000000..d4c57f8 --- /dev/null +++ b/tools/test_env/etc/shinken/reactionners/reactionner-master.cfg @@ -0,0 +1,39 @@ +#=============================================================================== +# REACTIONNER (S1_Reactionner) +#=============================================================================== +# Description: The reactionner is responsible for: +# - Executing notification actions +# - Executing event handler actions +# https://shinken.readthedocs.org/en/latest/08_configobjects/reactionner.html +#=============================================================================== +define reactionner { + reactionner_name reactionner-master + address localhost + port 7769 + spare 0 + + ## Optionnal + manage_sub_realms 0 ; Does it take jobs from schedulers of sub-Realms? + min_workers 1 ; Starts with N processes (0 = 1 per CPU) + max_workers 15 ; No more than N processes (0 = 1 per CPU) + polling_interval 1 ; Get jobs from schedulers each 1 second + timeout 3 ; Ping timeout + data_timeout 120 ; Data send timeout + max_check_attempts 3 ; If ping fails N or more, then the node is dead + check_interval 60 ; Ping node every N seconds + + ## Modules + modules + + # Reactionner tags are the tag that the reactionner will manage. Use None as tag name to manage + # untaggued notification/event handlers + #reactionner_tags None + + # Enable https or not + use_ssl 0 + # enable certificate/hostname check, will avoid man in the middle attacks + hard_ssl_name_check 0 + + ## Advanced + realm All +} diff --git a/tools/test_env/etc/shinken/realms/all.cfg b/tools/test_env/etc/shinken/realms/all.cfg new file mode 100644 index 0000000..6d83ca7 --- /dev/null +++ b/tools/test_env/etc/shinken/realms/all.cfg @@ -0,0 +1,6 @@ +# Very advanced feature for multisite management. +# Read the docs VERY CAREFULLY before changing these settings :) +define realm { + realm_name All + default 1 +} diff --git a/tools/test_env/etc/shinken/receivers/receiver-master.cfg b/tools/test_env/etc/shinken/receivers/receiver-master.cfg new file mode 100644 index 0000000..7067a8f --- /dev/null +++ b/tools/test_env/etc/shinken/receivers/receiver-master.cfg @@ -0,0 +1,38 @@ +#=============================================================================== +# RECEIVER +#=============================================================================== +# The receiver manages passive information. It's just a "buffer" which will +# load passive modules (like NSCA) and be read by the arbiter to dispatch data. +#=============================================================================== +define receiver { + receiver_name receiver-master + address localhost + port 7773 + spare 0 + + ## Optional parameters + timeout 3 ; Ping timeout + data_timeout 120 ; Data send timeout + max_check_attempts 3 ; If ping fails N or more, then the node is dead + check_interval 60 ; Ping node every N seconds + + ## Modules for Receiver + # - named-pipe = Open the named pipe nagios.cmd + # - nsca = NSCA server + # - TSCA = TSCA server + # - ws-arbiter = WebService for pushing results to the arbiter + # - Collectd = Receive collectd perfdata + modules ws-arbiter + + # Enable https or not + use_ssl 0 + # enable certificate/hostname check, will avoid man in the middle attacks + hard_ssl_name_check 0 + + ## Advanced Feature + direct_routing 1 ; If enabled, it will directly send commands to the + ; schedulers if it knows about the hostname in the + ; command. + realm All + accept_passive_unknown_check_results 1 +} diff --git a/tools/test_env/etc/shinken/resource.d/active-directory.cfg b/tools/test_env/etc/shinken/resource.d/active-directory.cfg new file mode 100644 index 0000000..12e501a --- /dev/null +++ b/tools/test_env/etc/shinken/resource.d/active-directory.cfg @@ -0,0 +1,6 @@ +# Active Directory and LDAP +$DOMAIN$=MYDOMAIN +$DOMAINUSERSHORT$=shinken_user +$DOMAINUSER$=$DOMAIN$\\$DOMAINUSERSHORT$ +$DOMAINPASSWORD$=superpassword +$LDAPBASE$=dc=eu,dc=society,dc=com diff --git a/tools/test_env/etc/shinken/resource.d/nmap.cfg b/tools/test_env/etc/shinken/resource.d/nmap.cfg new file mode 100644 index 0000000..6d1be24 --- /dev/null +++ b/tools/test_env/etc/shinken/resource.d/nmap.cfg @@ -0,0 +1,6 @@ +# what to discover by default +$NMAPTARGETS$=www.google.fr www.bing.com +# If your scans are too slow, try to increase minrate (number of packet in parallel +# and reduce the number of retries. +$NMAPMINRATE$=1000 +$NMAPMAXRETRIES$=3 diff --git a/tools/test_env/etc/shinken/resource.d/paths.cfg b/tools/test_env/etc/shinken/resource.d/paths.cfg new file mode 100644 index 0000000..a332b25 --- /dev/null +++ b/tools/test_env/etc/shinken/resource.d/paths.cfg @@ -0,0 +1,7 @@ +# Nagios legacy macros +$USER1$=$NAGIOSPLUGINSDIR$ +$NAGIOSPLUGINSDIR$=/usr/lib/nagios/plugins + +#-- Location of the plugins for Shinken +$PLUGINSDIR$=/var/lib/shinken/libexec + diff --git a/tools/test_env/etc/shinken/resource.d/snmp.cfg b/tools/test_env/etc/shinken/resource.d/snmp.cfg new file mode 100644 index 0000000..cc2899b --- /dev/null +++ b/tools/test_env/etc/shinken/resource.d/snmp.cfg @@ -0,0 +1,3 @@ +# default snmp community +$SNMPCOMMUNITYREAD$=public + diff --git a/tools/test_env/etc/shinken/schedulers/scheduler-master.cfg b/tools/test_env/etc/shinken/schedulers/scheduler-master.cfg new file mode 100644 index 0000000..06c6ef9 --- /dev/null +++ b/tools/test_env/etc/shinken/schedulers/scheduler-master.cfg @@ -0,0 +1,55 @@ +#=============================================================================== +# SCHEDULER (S1_Scheduler) +#=============================================================================== +# The scheduler is a "Host manager". It gets the hosts and their services, +# schedules the checks and transmit them to the pollers. +# Description: The scheduler is responsible for: +# - Creating the dependancy tree +# - Scheduling checks +# - Calculating states +# - Requesting actions from a reactionner +# - Buffering and forwarding results its associated broker +# https://shinken.readthedocs.org/en/latest/08_configobjects/scheduler.html +#=============================================================================== +define scheduler { + scheduler_name scheduler-master ; Just the name + address localhost ; IP or DNS address of the daemon + port 7768 ; TCP port of the daemon + ## Optional + spare 0 ; 1 = is a spare, 0 = is not a spare + weight 1 ; Some schedulers can manage more hosts than others + timeout 3 ; Ping timeout + data_timeout 120 ; Data send timeout + max_check_attempts 3 ; If ping fails N or more, then the node is dead + check_interval 60 ; Ping node every N seconds + + ## Interesting modules that can be used: + # - pickle-retention-file = Save data before exiting in flat-file + # - MemcacheRetention = Same, but in a MemCache server + # - RedisRetention = Same, but in a Redis server + # - retention-mongodb = Same, but in a MongoDB server + # - NagiosRetention = Read retention info from a Nagios retention file + # (does not save, only read) + # - SnmpBooster = Snmp bulk polling module + #modules pickle-retention-file + modules + + ## Advanced Features + # Realm is for multi-datacenters + realm All + + # Skip initial broks creation. Boot fast, but some broker modules won't + # work with it! + skip_initial_broks 0 + + # In NATted environments, you declare each satellite ip[:port] as seen by + # *this* scheduler (if port not set, the port declared by satellite itself + # is used) + #satellitemap poller-1=1.2.3.4:1772, reactionner-1=1.2.3.5:1773, ... + + # Enable https or not + use_ssl 0 + # enable certificate/hostname check, will avoid man in the middle attacks + hard_ssl_name_check 0 + accept_passive_unknown_check_results 1 +} diff --git a/tools/test_env/etc/shinken/servicegroups/sample.cfg b/tools/test_env/etc/shinken/servicegroups/sample.cfg new file mode 100644 index 0000000..291fc5c --- /dev/null +++ b/tools/test_env/etc/shinken/servicegroups/sample.cfg @@ -0,0 +1,15 @@ + +# Service groups are less important than hosts group, but can be useful + +#define servicegroup{ +# servicegroup_name LocalServices +# alias Local service +# members localhost,Root Partition +# } + +#define servicegroup{ +# servicegroup_name WebService +# alias All http service +# members srv-web-1,Http +# } + diff --git a/tools/test_env/etc/shinken/services/services.cfg b/tools/test_env/etc/shinken/services/services.cfg new file mode 100644 index 0000000..7aa6433 --- /dev/null +++ b/tools/test_env/etc/shinken/services/services.cfg @@ -0,0 +1,2 @@ +## In this directory you can put all your specific service +# definitions \ No newline at end of file diff --git a/tools/test_env/etc/shinken/shinken.cfg b/tools/test_env/etc/shinken/shinken.cfg new file mode 100644 index 0000000..3717ee7 --- /dev/null +++ b/tools/test_env/etc/shinken/shinken.cfg @@ -0,0 +1,135 @@ +# Configuration files with common objects like commands, timeperiods, +# or templates that are used by the host/service/contacts +cfg_dir=commands +cfg_dir=timeperiods +cfg_dir=escalations +cfg_dir=dependencies + +# Now templates of hosts, services and contacts +cfg_dir=templates + +# notification things +cfg_dir=notificationways + +# Now groups +cfg_dir=servicegroups +cfg_dir=hostgroups +cfg_dir=contactgroups + +# And now real hosts, services, packs and discovered hosts +# They are directory, and we will load all .cfg file into them, and +# their sub-directory +cfg_dir=hosts +cfg_dir=services +cfg_dir=contacts +cfg_dir=packs +cfg_dir=modules + +cfg_dir=arbiters +cfg_dir=schedulers +cfg_dir=pollers +cfg_dir=reactionners +cfg_dir=brokers +cfg_dir=receivers +cfg_dir=realms + +# You will find global MACROS into this file +#resource_file=resource.cfg +cfg_dir=resource.d + +# Number of minutes between 2 retention save, here 1hour +retention_update_interval=60 + +# Number of interval (5min by default) to spread the first checks +# for hosts and services +max_service_check_spread=5 +max_host_check_spread=5 + +# after 10s, checks are killed and exit with CRITICAL state (RIP) +service_check_timeout=60 +timeout_exit_status=2 + +# flap_history is the lengh of history states we keep to look for +# flapping. +# 20 by default, can be useful to increase it. Each flap_history +# increases cost: +# flap_history cost = 4Bytes * flap_history * (nb hosts + nb services) +# Example: 4 * 20 * (1000+10000) ~ 900Ko for a quite big conf. So, go for it! +flap_history=20 + + +# Max plugin output for the plugins launched by the pollers, in bytes +max_plugins_output_length=65536 + + +# Enable or not the state change on impact detection (like +# an host going unreach if a parent is DOWN for example). It's for +# services and hosts. +# Remark: if this option is absent, the default is 0 (for Nagios +# old behavior compatibility) +enable_problem_impacts_states_change=1 + + +# if 1, disable all notice and warning messages at +# configuration checking +disable_old_nagios_parameters_whining=0 + + +# If you need to set a specific timezone to your deamons, uncomment it +#use_timezone=FR/Paris + +# Disabling env macros is good for performances. If you really need it, enable it. +enable_environment_macros=0 + +# If not need, don't dump initial states into logs +log_initial_states=0 + +# By default don't launch even handlers during downtime. Put 0 to +# get back the default nagios behavior +no_event_handlers_during_downtimes=1 + + +# [Optionnal], a pack distribution file is a local file near the arbiter +# that will keep host pack id association, and so push same host on the same +# scheduler if possible between restarts. +pack_distribution_file=/var/lib/shinken/pack_distribution.dat + + + +## Arbiter daemon part, similar to ini + +#If not specified will use lockfile direname +workdir=/var/lib/shinken/ + +# Lock file (with pid) for Arbiterd +lock_file=/var/run/shinken/arbiterd.pid + +# The arbiter can have it's own local log +local_log=/var/log/shinken/arbiterd.log + +# Accepted log level values: DEBUG,INFO,WARNING,ERROR,CRITICAL +#log_level=WARNING + +# User that will be used by the arbiter. +# If commented, run as current user (root?) +shinken_user=shinken +shinken_group=shinken + +# The path to the modules directory +modules_dir=/var/lib/shinken/modules + +# Set to 0 if you want to make this daemon (arbiter) NOT run +daemon_enabled=1 + +#-- Security using SSL -- +use_ssl=0 +# WARNING : Put full paths for certs +ca_cert=/etc/shinken/certs/ca.pem +server_cert=/etc/shinken/certs/server.cert +server_key=/etc/shinken/certs/server.key +hard_ssl_name_check=0 + +# If cherrypy3 is not available, it will fail back to swsgiref +http_backend=auto + + diff --git a/tools/test_env/etc/shinken/templates/generic-contact.cfg b/tools/test_env/etc/shinken/templates/generic-contact.cfg new file mode 100644 index 0000000..b4ad904 --- /dev/null +++ b/tools/test_env/etc/shinken/templates/generic-contact.cfg @@ -0,0 +1,11 @@ +# Contact definition +# By default the contact will ask notification by mails +define contact{ + name generic-contact + register 0 + host_notifications_enabled 1 + service_notifications_enabled 1 + email shinken@localhost + can_submit_commands 1 + notificationways email + } diff --git a/tools/test_env/etc/shinken/templates/generic-host.cfg b/tools/test_env/etc/shinken/templates/generic-host.cfg new file mode 100644 index 0000000..39c4a9f --- /dev/null +++ b/tools/test_env/etc/shinken/templates/generic-host.cfg @@ -0,0 +1,43 @@ +# Generic host definition template - This is NOT a real host, just a template! +# Most hosts should inherit from this one +define host{ + name generic-host + + # Checking part + check_command check_host_alive + max_check_attempts 2 + check_interval 5 + + # Check every time + active_checks_enabled 1 + check_period 24x7 + + # Notification part + # One notification each day (1440 = 60min* 24h) + # every time, and for all 'errors' + # notify the admins contactgroups by default + contact_groups admins,users + notification_interval 1440 + notification_period 24x7 + notification_options d,u,r,f + notifications_enabled 1 + + # Advanced option. Look at the wiki for more informations + event_handler_enabled 0 + flap_detection_enabled 1 + process_perf_data 1 + + # Maintenance period + #maintenance_period workhours + + # Dispatching + #poller_tag DMZ + #realm All + + # For the WebUI + #icon_set server ; can be database, disk, network_service, server + + # This said that it's a template + register 0 +} + diff --git a/tools/test_env/etc/shinken/templates/generic-service.cfg b/tools/test_env/etc/shinken/templates/generic-service.cfg new file mode 100644 index 0000000..e9dcb1f --- /dev/null +++ b/tools/test_env/etc/shinken/templates/generic-service.cfg @@ -0,0 +1,32 @@ +# Generic service definition template - This is NOT a real service, just a template! +define service{ + name generic-service ; The 'name' of this service template + active_checks_enabled 1 ; Active service checks are enabled + passive_checks_enabled 1 ; Passive service checks are enabled/accepted + parallelize_check 1 ; Active service checks should be parallelized (disabling this can lead to major performance problems) + obsess_over_service 1 ; We should obsess over this service (if necessary) + check_freshness 1 ; Default is to NOT check service 'freshness' + freshness_threshold 3600 + notifications_enabled 1 ; Service notifications are enabled + notification_interval 1440 + notification_period workhours + event_handler_enabled 0 ; Service event handler is enabled + flap_detection_enabled 1 ; Flap detection is enabled + failure_prediction_enabled 1 ; Failure prediction is enabled + process_perf_data 1 ; Process performance data + retain_status_information 1 ; Retain status information across program restarts + retain_nonstatus_information 1 ; Retain non-status information across program restarts + is_volatile 0 ; The service is not volatile + check_period 24x7 ; The service can be checked at any time of the day + max_check_attempts 3 ; Re-check the service up to 3 times in order to determine its final (hard) state + check_interval 10 ; Check the service every 10 minutes under normal conditions + retry_interval 2 ; Re-check the service every two minutes until a hard state can be determined + notification_options w,u,c,r ; Send notifications about warning, unknown, critical, and recovery events + contact_groups admins,users + stalking_options o,w,u,c + register 0 ; DONT REGISTER THIS DEFINITION - ITS NOT A REAL SERVICE, JUST A TEMPLATE! + + #Shinken specific +# resultmodulations critical_is_warning +# escalations ToLevel2 + } diff --git a/tools/test_env/etc/shinken/templates/srv-pnp.cfg b/tools/test_env/etc/shinken/templates/srv-pnp.cfg new file mode 100644 index 0000000..0f45b7e --- /dev/null +++ b/tools/test_env/etc/shinken/templates/srv-pnp.cfg @@ -0,0 +1,5 @@ +define service { + name srv-pnp + action_url /pnp4nagios/index.php/graph?host=$HOSTNAME$&srv=$SERVICEDESC$' class='tips' rel='/pnp4nagios/index.php/popup?host=$HOSTNAME$&srv=$SERVICEDESC$ + register 0 +} diff --git a/tools/test_env/etc/shinken/templates/time_templates.cfg b/tools/test_env/etc/shinken/templates/time_templates.cfg new file mode 100644 index 0000000..b114d2e --- /dev/null +++ b/tools/test_env/etc/shinken/templates/time_templates.cfg @@ -0,0 +1,231 @@ +############################################################################## +############################################################################## +# +# Different Time Check Interval Services +# +############################################################################## +############################################################################## + +############################################################################## +# Purpose of time templates : +# Simply define checks behavior of services with time template to avoid +# false alerts. +# There are three time template type : short, medium, long +# - short means that it will be no retry check for service to be in hard state +# - medium let a time period in soft state for service that can have peak load +# - long let a greater time period in soft state, meant to service where +# great variation and long charge time period are usual. +############################################################################## + +# Check every 5min with immediate hard state +define service{ + name 5min_short + use generic-service + max_check_attempts 1 + normal_check_interval 5 + retry_interval 2 + register 0 +} + +# Check every 5min with hard state 3min after first non-OK detection +define service{ + name 5min_medium + use generic-service + max_check_attempts 2 + normal_check_interval 5 + retry_interval 3 + register 0 +} + +# Check every 5min with hard state after 30min +define service{ + name 5min_long + use generic-service + max_check_attempts 6 + normal_check_interval 5 + retry_interval 5 + register 0 +} + +# Check every 10min with immediate hard state +define service{ + name 10min_short + use generic-service + max_check_attempts 1 + normal_check_interval 10 + retry_interval 5 + register 0 +} + +# Check every 10min with hard state 10min after first non-OK detection +define service{ + name 10min_medium + use generic-service + max_check_attempts 2 + normal_check_interval 10 + retry_interval 10 + register 0 +} + +# Check every 10min with hard state after 1hour +define service{ + name 10min_long + use generic-service + max_check_attempts 6 + normal_check_interval 10 + retry_interval 10 + register 0 +} + +# Check every 20min with immediate hard state +define service{ + name 20min_short + use generic-service + max_check_attempts 1 + normal_check_interval 20 + retry_interval 1 + register 0 +} + +# Check every 20min with hard state 20min after first non-OK detection +define service{ + name 20min_medium + use generic-service + max_check_attempts 2 + normal_check_interval 20 + retry_interval 20 + register 0 +} + +# Check every 20min with hard state after 2hours +define service{ + name 20min_long + use generic-service + max_check_attempts 6 + normal_check_interval 20 + retry_interval 20 + register 0 +} + +# Check every 30min with immediate hard state +define service{ + name 30min_short + use generic-service + max_check_attempts 1 + normal_check_interval 30 + retry_interval 15 + register 0 +} + +# Check every 30min with hard state 30min after first non-OK detection +define service{ + name 30min_medium + use generic-service + max_check_attempts 2 + normal_check_interval 30 + retry_interval 30 + register 0 +} + +# Check every 30min with hard state after 6hours +define service{ + name 30min_long + use generic-service + max_check_attempts 6 + normal_check_interval 30 + retry_interval 30 + register 0 +} + +# Check every 1hour with immediate hard state +define service{ + name 1hour_short + use generic-service + max_check_attempts 1 + normal_check_interval 60 + retry_interval 20 + register 0 + +} + +# Check every 1hour with hard state 1hour after first non-OK detection +define service{ + name 1hour_medium + use generic-service + max_check_attempts 2 + normal_check_interval 60 + retry_interval 60 + register 0 + +} + +# Check every 1hour with hard state after 6hours +define service{ + name 1hour_long + use generic-service + max_check_attempts 6 + normal_check_interval 60 + retry_interval 60 + register 0 + +} + +# Check every 12hours with immediate hard state +define service{ + name 12hours_short + use generic-service + max_check_attempts 1 + normal_check_interval 720 + retry_interval 360 + register 0 +} + +# Check every 12hours with hard state 12hours after first non-OK detection +define service{ + name 12hours_medium + use generic-service + max_check_attempts 2 + normal_check_interval 720 + retry_interval 720 + register 0 +} + +# Check every 12hours with hard state after 3days +define service{ + name 12hours_long + use generic-service + max_check_attempts 6 + normal_check_interval 720 + retry_interval 720 + register 0 +} + +# Check every weeks with immediate hard state +define service{ + name 1week_short + use generic-service + max_check_attempts 1 + normal_check_interval 10080 + retry_interval 10 + register 0 +} + +# Check every weeks with hard state 1 week after first non-OK detection +define service{ + name 1week_medium + use generic-service + max_check_attempts 2 + normal_check_interval 10080 + retry_interval 10080 + register 0 +} + +# Check every weeks with hard state after 4 weeks +define service{ + name 1week_long + use generic-service + max_check_attempts 6 + normal_check_interval 10080 + retry_interval 10080 + register 0 +} diff --git a/tools/test_env/etc/shinken/timeperiods/24x7.cfg b/tools/test_env/etc/shinken/timeperiods/24x7.cfg new file mode 100644 index 0000000..d88f701 --- /dev/null +++ b/tools/test_env/etc/shinken/timeperiods/24x7.cfg @@ -0,0 +1,12 @@ +define timeperiod{ + timeperiod_name 24x7 + alias Always + sunday 00:00-24:00 + monday 00:00-24:00 + tuesday 00:00-24:00 + wednesday 00:00-24:00 + thursday 00:00-24:00 + friday 00:00-24:00 + saturday 00:00-24:00 +} + diff --git a/tools/test_env/etc/shinken/timeperiods/none.cfg b/tools/test_env/etc/shinken/timeperiods/none.cfg new file mode 100644 index 0000000..ef14ddc --- /dev/null +++ b/tools/test_env/etc/shinken/timeperiods/none.cfg @@ -0,0 +1,5 @@ +# 'none' timeperiod definition +define timeperiod{ + timeperiod_name none + alias No Time Is A Good Time + } diff --git a/tools/test_env/etc/shinken/timeperiods/us-holidays.cfg b/tools/test_env/etc/shinken/timeperiods/us-holidays.cfg new file mode 100644 index 0000000..826d9df --- /dev/null +++ b/tools/test_env/etc/shinken/timeperiods/us-holidays.cfg @@ -0,0 +1,16 @@ +# Some U.S. holidays +# Note: The timeranges for each holiday are meant to *exclude* the holidays from being +# treated as a valid time for notifications, etc. You probably don't want your pager +# going off on New Year's. Although you're employer might... :-) +define timeperiod{ + name us-holidays + timeperiod_name us-holidays + alias U.S. Holidays + + january 1 00:00-00:00 ; New Years + monday -1 may 00:00-00:00 ; Memorial Day (last Monday in May) + july 4 00:00-00:00 ; Independence Day + monday 1 september 00:00-00:00 ; Labor Day (first Monday in September) + thursday -1 november 00:00-00:00 ; Thanksgiving (last Thursday in November) + december 25 00:00-00:00 ; Christmas + } diff --git a/tools/test_env/etc/shinken/timeperiods/workhours.cfg b/tools/test_env/etc/shinken/timeperiods/workhours.cfg new file mode 100644 index 0000000..6ca1e63 --- /dev/null +++ b/tools/test_env/etc/shinken/timeperiods/workhours.cfg @@ -0,0 +1,10 @@ +# 'workhours' timeperiod definition +define timeperiod{ + timeperiod_name workhours + alias Normal Work Hours + monday 09:00-17:00 + tuesday 09:00-17:00 + wednesday 09:00-17:00 + thursday 09:00-17:00 + friday 09:00-17:00 + } diff --git a/tools/test_env/etc/supervisor/conf.d/supervisor.conf b/tools/test_env/etc/supervisor/conf.d/supervisor.conf new file mode 100644 index 0000000..3fc8b99 --- /dev/null +++ b/tools/test_env/etc/supervisor/conf.d/supervisor.conf @@ -0,0 +1,14 @@ +[supervisord] +nodaemon=true + +[program:shinken] +command=/bin/sh -c "service shinken start" + +[program:influxdb] +command=/bin/sh -c "service influxdb start" + +[program:apache2] +command=/bin/sh -c "service apache2 start" + +[program:riemann] +command=/bin/sh -c "service riemann start" diff --git a/tools/test_env/var/www/html/grafana/config.js b/tools/test_env/var/www/html/grafana/config.js new file mode 100644 index 0000000..1a3678c --- /dev/null +++ b/tools/test_env/var/www/html/grafana/config.js @@ -0,0 +1,49 @@ +/** @scratch /configuration/config.js/1 + * == Configuration + * config.js is where you will find the core Grafana configuration. This file contains parameter that + * must be set before Grafana is run for the first time. + */ +define(['settings'], +function (Settings) { + + + return new Settings({ + + // datasources, you can add multiple + datasources: { + influxdb: { + type: 'influxdb', + url: "/influxdb/db/db", + // url: "http://localhost:8086/db/db", + username: 'root', + password: 'root', + default: true + }, + grafana: { + type: 'influxdb', + url: "/influxdb/db/grafana", + // url: "http://localhost:8086/db/grafana", + username: 'root', + password: 'root', + grafanaDB: true + }, + }, + + // default start dashboard + default_route: '/dashboard/file/default.json', + + // set to false to disable unsaved changes warning + unsaved_changes_warning: true, + + // set the default timespan for the playlist feature + // Example: "1m", "1h" + playlist_timespan: "1m", + + // Add your own custom pannels + plugins: { + panels: [] + } + + }); +}); +