monitrc configuration for Debian ISPConfig 3 server

Discussion in 'Tips/Tricks/Mods' started by Hans, Jan 31, 2010.

  1. Hans

    Hans Moderator Moderator HowtoForge Supporter ISPConfig Developer

    Hi all,

    Because the architecture of an ISPConfig 3 server is quiet different then an ISPConfig 2 server, there are also different services to monitor.
    So if you use monit, you need to change the configuration file /etc/monit/monitrc as well.

    I found out how to monit almost all the services on an ISPConfig 3 server, like Spamassassin, Amavis, MyDNS, PureFTP and all the rest.

    So here is the info you need for the monit configuration file:

    Code:
    # Amavis
    #check process amavisd with pidfile /var/run/amavis/amavisd.pid
    #   group mail
    #   start program = "/etc/init.d/amavis start"
    #   stop  program = "/etc/init.d/amavis stop"
    #   if failed port 10024 protocol smtp then restart
    #   if 5 restarts within 5 cycles then timeout
    
    check process amavisd with pidfile /var/run/amavis/amavisd.pid
       group mail
       start program = "/etc/init.d/amavis start"
       stop  program = "/etc/init.d/amavis stop"
       if failed port 10024 protocol smtp then restart
       if 5 restarts within 5 cycles then timeout
       depends on amavisd_bin
       depends on amavisd_rc
    
    check file amavisd_bin with path  /usr/sbin/amavisd-new
       group mail
       if failed checksum then unmonitor
       if failed permission 755 then unmonitor
       if failed uid root then unmonitor
       if failed gid root then unmonitor
    
    check file amavisd_rc with path /etc/init.d/amavis
       group mail
       if failed checksum then unmonitor
       if failed permission 755 then unmonitor
       if failed uid root then unmonitor
       if failed gid root then unmonitor
    
    # Apache2
    check process apache with pidfile /var/run/apache2.pid
       group www
       start program = "/etc/init.d/apache2 start"
       stop program  = "/etc/init.d/apache2 stop"
       if failed port 80 protocol http then restart
       if cpu is greater than 60% for 2 cycles then alert
       if cpu > 80% for 5 cycles then restart
       if totalmem > 1500 MB for 5 cycles then restart
       if children > 512 then restart
       if loadavg(5min) greater than 10 for 8 cycles then stop
       if 3 restarts within 5 cycles then timeout
    
    # Clamd
    check process clamd with pidfile /var/run/clamav/clamd.pid
       group virus
       start program = "/etc/init.d/clamav-daemon start"
       stop  program = "/etc/init.d/clamav-daemon stop"
       if failed unixsocket /var/run/clamav/clamd.ctl then restart
       if 5 restarts within 5 cycles then timeout
       depends on clamavd_bin
       depends on clamavd_rc
    
    check file clamavd_bin with path /usr/sbin/clamd
       group virus
       if failed checksum then unmonitor
       if failed permission 755 then unmonitor
       if failed uid root then unmonitor
       if failed gid root then unmonitor
    
    check file clamavd_rc with path /etc/init.d/clamav-daemon
       group virus
       if failed checksum then unmonitor
       if failed permission 755 then unmonitor
       if failed uid root then unmonitor
       if failed gid root then unmonitor
    
    # Courier_authdaemon
    check process authdaemon with pidfile /var/run/courier/authdaemon/pid
       group services
       start program = "/etc/init.d/courier-authdaemon start"
       stop  program = "/etc/init.d/courier-authdaemon stop"
       if 5 restarts within 5 cycles then timeout
    
    # Cron
    check process cron with pidfile /var/run/crond.pid
       start program = "/etc/init.d/cron start"
       stop  program = "/etc/init.d/cron stop"
       group system
       depends cron_init, cron_bin
    
    check file cron_init with path /etc/init.d/cron
       group system
    
    check file cron_bin with path /usr/sbin/cron
       group system
    
    # fail2ban
    check process fail2ban with pidfile /var/run/fail2ban/fail2ban.pid
       group services
       start program = "/etc/init.d/fail2ban start"
       stop  program = "/etc/init.d/fail2ban stop"
       if 5 restarts within 5 cycles then timeout
    
    # Courier_imapd
    check process imap with pidfile /var/run/courier/imapd.pid
       group mail
       start program = "/etc/init.d/courier-imap start"
       stop  program = "/etc/init.d/courier-imap stop"
       if failed port 143 then restart
       if 5 restarts within 5 cycles then timeout
    
    # Courier_immapd-ssl
    check process imapd-ssl with pidfile /var/run/courier/imapd-ssl.pid
       group mail
       start program = "/etc/init.d/courier-imap-ssl start"
       stop  program = "/etc/init.d/courier-imap-ssl stop"
       if failed port 143 then restart
       if 5 restarts within 5 cycles then timeout
    
    # Munin-node
    check process munin-node with pidfile /var/run/munin/munin-node.pid
       group services
       start program = "/etc/init.d/munin-node start"
       stop  program = "/etc/init.d/munin-node stop"
       if 5 restarts within 5 cycles then timeout
    
    #MyDNS
    check process named with pidfile /var/run/mydns.pid
       start program = "/etc/init.d/mydns start"
       stop program = "/etc/init.d/mydns stop"
       if failed host 127.0.0.1 port 53 then alert
       if 5 restarts within 5 cycles then timeout
    
    # MySQL
    check process mysql with pidfile /var/run/mysqld/mysqld.pid
       group database
       start program = "/etc/init.d/mysql start"
       stop program = "/etc/init.d/mysql stop"
       if failed host 127.0.0.1 port 3306 protocol mysql then restart
       if 5 restarts within 5 cycles then timeout
    
    # Courier_pop3d
    check process pop3 with pidfile /var/run/courier/pop3d.pid
       group mail
       start program = "/etc/init.d/courier-pop start"
       stop  program = "/etc/init.d/courier-pop stop"
       if failed port 110 then restart
       if 5 restarts within 5 cycles then timeout
    
    # Courier_pop3-ssl
    check process pop3-ssl with pidfile /var/run/courier/pop3d-ssl.pid
       group mail
       start program = "/etc/init.d/courier-pop-ssl start"
       stop  program = "/etc/init.d/courier-pop-ssl stop"
       if failed port 995 then restart
       if 5 restarts within 5 cycles then timeout
    
    #postfix
    check process postfix with pidfile /var/spool/postfix/pid/master.pid
       group mail
       start program = "/etc/init.d/postfix start"
       stop  program = "/etc/init.d/postfix stop"
       if failed port 25 protocol smtp then restart
       if 5 restarts within 5 cycles then timeout
       depends on postfix_rc
    
    check file postfix_rc with path /etc/init.d/postfix
       group mail
       if failed checksum then unmonitor
       if failed permission 755 then unmonitor
       if failed uid root then unmonitor
       if failed gid root then unmonitor
    
    #PureFTPd
    check process pure-ftpd with pidfile /var/run/pure-ftpd/pure-ftpd.pid
       start program  "/etc/init.d/pure-ftpd-mysql start"
       stop program  "/etc/init.d/pure-ftpd-mysql stop"
       if failed host 127.0.0.1 port 21 then restart
       if 5 restarts within 5 cycles then timeout
    
    # SSHd
    check process sshd with pidfile /var/run/sshd.pid
       start program  "/etc/init.d/ssh start"
       stop program  "/etc/init.d/ssh stop"
       #if failed port 22 protocol ssh then restart
       if failed port 22 then restart
       if 5 restarts within 5 cycles then timeout
    
    # Spamassassin
    check process spamd with pidfile /var/run/spamd.pid
       group mail
       start program = "/etc/init.d/spamassassin start"
       stop  program = "/etc/init.d/spamassassin stop"
       if 5 restarts within 5 cycles then timeout
       if cpu usage > 99% for 5 cycles then alert
       if mem usage > 99% for 5 cycles then alert
    
    check file spamd_bin with path /usr/sbin/spamd
       group mail
       if failed checksum then unmonitor
       if failed permission 755 then unmonitor
       if failed uid root then unmonitor
       if failed gid root then unmonitor
    
     check file spamd_rc with path /etc/init.d/spamassassin
       group mail
       if failed checksum then unmonitor
       if failed permission 755 then unmonitor
       if failed uid root then unmonitor
       if failed gid root then unmonitor
    
    # Rsyslogd
    check process syslogd with pidfile /var/run/rsyslogd.pid
       start program = "/etc/init.d/rsyslog start"
       stop program = "/etc/init.d/rsyslog stop"
       if 5 restarts within 5 cycles then timeout
       check file syslogd_file with path /var/log/syslog
    
    
    Have fun with monit! :)
     
    Last edited: Jan 31, 2010
  2. Norman

    Norman Member HowtoForge Supporter

    This is a useful config.
    Might just want to mention that the 1500MB restart limit on apache is a bit slim for big hosts.
     
  3. vogelor

    vogelor ISPConfig Developer ISPConfig Developer

    yesterday i commited the first version of the rescue-module.
    This is a module integrated into ISPConfig which tries to rescue (restart) the services, if they are down.
    The first release only supports apache, but i am working at the other services...

    maybe somebody can help me with ideas...

    Olli
     

Share This Page