docker-entrypoint.sh 6.81 KB
Newer Older
Marian Babik's avatar
Marian Babik committed
1
2
3
4
#!/bin/bash
set -e

_term() {
Marian Babik's avatar
Marian Babik committed
5
  if [[ -f /var/run/crond.pid ]]; then
6
7
8
    kill -9 `cat /var/run/crond.pid`
    rm -f /var/run/crond.pid
  fi
Marian Babik's avatar
Marian Babik committed
9
  rm -rf /opt/omd/sites/etf/etc/nagios/conf.d/wlcg/
Marian Babik's avatar
Marian Babik committed
10
  omd stop
Marian Babik's avatar
Marian Babik committed
11
  /usr/sbin/httpd -k stop
Marian Babik's avatar
Marian Babik committed
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
}

trap _term SIGINT SIGTERM

cat << "EOF"
 _____ _____ _____    ____ __  __ ____
| ____|_   _|  ___|  / ___|  \/  / ___|
|  _|   | | | |_    | |   | |\/| \___ \
| |___  | | |  _|   | |___| |  | |___) |
|_____| |_| |_|      \____|_|  |_|____/
========================================
EOF
ncgx_version=`rpm -q --qf "%{VERSION}-%{RELEASE}" ncgx`
echo "ETF version: ${ncgx_version} Copyright CERN 2016"
echo "License: https://gitlab.cern.ch/etf/ncgx/blob/master/LICENSE"
echo "Check_MK version: $CHECK_MK_VERSION"
echo "Copyright by Mathias Kettner (https://mathias-kettner.de/check_mk.html)"
plugins=`rpm -qa | grep nagios-plugins`
echo "Plugins:" 
echo "${plugins}"
echo ""
echo "Starting xinetd ..."
export XINETD_LANG="en_US" && /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid
Marian Babik's avatar
Marian Babik committed
35
if [[ -n ${CHECK_MK_USER_ID} ]] ; then
Marian Babik's avatar
Marian Babik committed
36
   echo "Changing $CHECK_MK_SITE uid to $CHECK_MK_USER_ID"
Marian Babik's avatar
Marian Babik committed
37
38
39
   /usr/sbin/usermod -u ${CHECK_MK_USER_ID} ${CHECK_MK_SITE}
   chown -R ${CHECK_MK_SITE} /etc/ncgx /var/cache/ncgx /var/cache/nap
   chown -R ${CHECK_MK_SITE} /usr/libexec/grid-monitoring/probes/
Marian Babik's avatar
Marian Babik committed
40
fi
Marian Babik's avatar
Marian Babik committed
41
if [[ -n ${CHECK_MK_GROUP_ID} ]] ; then
Marian Babik's avatar
Marian Babik committed
42
   echo "Creating group with gid $CHECK_MK_GROUP_ID"
Marian Babik's avatar
Marian Babik committed
43
44
45
46
47
48
49
   /usr/sbin/groupadd -g ${CHECK_MK_GROUP_ID} sec
   /usr/sbin/groupmems -g sec -a ${CHECK_MK_SITE}
fi

echo "Initialising ..."
if [[ -d /opt/omd/sites/etf/etc/nagios/conf.d/wlcg/ ]]; then
    rm -rf /opt/omd/sites/etf/etc/nagios/conf.d/wlcg/
Marian Babik's avatar
Marian Babik committed
50
51
fi

Marian Babik's avatar
Marian Babik committed
52
53
/usr/bin/omd stop

Marian Babik's avatar
Marian Babik committed
54
55
56
57
echo "Starting crond ..."
/usr/sbin/crond -m off -p -s

echo "Copying certificates ..."
Marian Babik's avatar
Marian Babik committed
58
if [[ ! -f /etc/grid-security/hostcert.pem ]]; then
Marian Babik's avatar
Marian Babik committed
59
60
61
62
63
64
65
66
67
68
    echo "Failed to find certificates in /etc/grid-security"
    exit
fi
mkdir -p /opt/omd/sites/etf/etc/nagios/globus/
cp /etc/grid-security/host*.pem /opt/omd/sites/etf/etc/nagios/globus/
cp /etc/grid-security/etf_srv*.pem /opt/omd/sites/etf/etc/nagios/globus/
chown -R ${CHECK_MK_SITE}.${CHECK_MK_SITE} /opt/omd/sites/etf/etc/nagios/globus/

echo "Configuring access ..."
echo "Configured admins: $CHECK_MK_ADMINS"
Marian Babik's avatar
Marian Babik committed
69
sed -i "s|admin_users.*|admin_users = [$CHECK_MK_ADMINS]|" /opt/omd/sites/${CHECK_MK_SITE}/etc/check_mk/multisite.mk
Marian Babik's avatar
Marian Babik committed
70

Marian Babik's avatar
Marian Babik committed
71
72
if [[ -f /etc/check_mk/contacts.mk ]]; then
    cp /etc/check_mk/contacts.mk /opt/omd/sites/${CHECK_MK_SITE}/etc/check_mk/conf.d/wato/
Marian Babik's avatar
Marian Babik committed
73
fi
Marian Babik's avatar
Marian Babik committed
74
75
if [[ -g /etc/check_mk/users.mk ]]; then
    cp /etc/check_mk/users.mk /opt/omd/sites/${CHECK_MK_SITE}/etc/check_mk/conf.d/wato/
Marian Babik's avatar
Marian Babik committed
76
fi
Marian Babik's avatar
alerts    
Marian Babik committed
77
78
79
80
81
82
if [[ "${ETF_ALERTS_ENABLED}" -eq "1" ]] && [[ -f /etc/check_mk/notifications.mk ]]; then
    echo "Enabling notifications ..."
    cp /etc/check_mk/notifications.mk /opt/omd/sites/${CHECK_MK_SITE}/etc/check_mk/conf.d/wato/
    sed -i "s/ETF_HOSTED_BY/${ETF_HOSTED_BY}/" /opt/omd/sites/${CHECK_MK_SITE}/etc/check_mk/conf.d/wato/notifications.mk
    sed -i "s/ETF_NAGIOS_HOST/${ETF_NAGIOS_HOST}/" /opt/omd/sites/${CHECK_MK_SITE}/etc/check_mk/conf.d/wato/notifications.mk
fi
83
touch /var/www/html/status_snapshot.json && chown etf.etf /var/www/html/status_snapshot.json
84
mkdir -p /var/www/html/etf-raw && chown etf.etf /var/www/html/etf-raw
85
86
87
88
89
90
91
92
93
94

echo "Configuring HT-Condor ..."
if [[ -f /usr/bin/condor_status ]]; then
    /usr/bin/condor_status -schedd -af MyAddress -pool $(hostname) > /var/lib/condor/spool/.schedd_address
fi
if [[ ! -s /var/lib/condor/spool/.schedd_address ]]; then
    echo "Schedd address file empty, waiting 5 seconds before restarting ..."
    sleep 5
    exit 1
fi
Marian Babik's avatar
Marian Babik committed
95
96
97
98
99

cp /etc/ncgx/templates/generic/handlers.cfg /opt/omd/sites/etf/etc/nagios/conf.d/

omd start
rm -f /opt/omd/sites/etf/etc/nagios/conf.d/handlers.cfg
Marian Babik's avatar
Marian Babik committed
100

Marian Babik's avatar
Marian Babik committed
101
echo "Configuring main.mk: $ETF_HOSTED_BY"
Marian Babik's avatar
Marian Babik committed
102
if [[ -z "${ETF_HOSTED_BY}" ]]; then
Marian Babik's avatar
Marian Babik committed
103
104
   echo "   Variable ETF_HOSTED_BY is not defined, not touching main.mk"
else
Marian Babik's avatar
Marian Babik committed
105
   grep -qF "${ETF_HOSTED_BY}" /opt/omd/sites/${CHECK_MK_SITE}/etc/check_mk/main.mk || echo "all_hosts += [ \"${ETF_HOSTED_BY}\" ]" >> /opt/omd/sites/${CHECK_MK_SITE}/etc/check_mk/main.mk
Marian Babik's avatar
Marian Babik committed
106
107
108
fi

echo "Configuring ETF ..."
Marian Babik's avatar
Marian Babik committed
109
if [[ -z "${ETF_NAGIOS_HOST}" ]]; then
Marian Babik's avatar
Marian Babik committed
110
111
112
113
    echo "   Variable ETF_NAGIOS_HOST is not defined, using hostname"
    ETF_NAGIOS_HOST=`hostname`
fi

114
115
116
117
grep -qF "${ETF_NAGIOS_HOST}" /etc/ncgx/ncgx.cfg || echo "NAGIOS_HOST = \"${ETF_NAGIOS_HOST}\"" >> /etc/ncgx/ncgx.cfg
sed -i "s/ETF_NAGIOS_HOST/${ETF_NAGIOS_HOST}/" /etc/httpd/conf.d/welcome.conf
sed -i "s/ETF_NAGIOS_HOST/${ETF_NAGIOS_HOST}/" /var/www/html/index.html

Marian Babik's avatar
Marian Babik committed
118
119
su etf -c "ncgx --log | tee /opt/omd/sites/etf/var/log/ncgx.log"
su - etf -c "cmk -II; cmk -O"
Marian Babik's avatar
Marian Babik committed
120
if [[ "${NSTREAM_ENABLED}" -eq "1" ]] ; then
Marian Babik's avatar
Marian Babik committed
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
    echo "Nagios stream enabled ..."
else
    echo "Nagios stream disabled ..."
    /usr/bin/disable_nstream
fi

echo "Fetching CMS credentials ..."
su etf -c "/usr/lib/nagios/plugins/globus/refresh_proxy --vo-fqan /cms/Role=lcgadmin --myproxyuser nagios -H myproxy.cern.ch -t 120 --key /opt/omd/sites/etf/etc/nagios/globus/etf_srv_key.pem --vo cms --lifetime 24 --name NagiosRetrieve-ETF-cms -x /opt/omd/sites/etf/etc/nagios/globus/userproxy.pem--cms-Role_lcgadmin --cert /opt/omd/sites/etf/etc/nagios/globus/etf_srv_cert.pem"
su etf -c "/usr/lib/nagios/plugins/globus/refresh_proxy --vo-fqan /cms/Role=production --myproxyuser nagios -H myproxy.cern.ch -t 120 --key /opt/omd/sites/etf/etc/nagios/globus/etf_srv_key.pem --vo cms --lifetime 24 --name NagiosRetrieve-ETF-cms -x /opt/omd/sites/etf/etc/nagios/globus/userproxy.pem--cms-Role_production --cert /opt/omd/sites/etf/etc/nagios/globus/etf_srv_cert.pem"
su etf -c "/usr/lib/nagios/plugins/globus/refresh_proxy --myproxyuser nagios -H myproxy.cern.ch -t 120 --key /opt/omd/sites/etf/etc/nagios/globus/etf_srv_key.pem --vo cms --lifetime 24 --name NagiosRetrieve-ETF-cms -x /opt/omd/sites/etf/etc/nagios/globus/userproxy.pem--cms --cert /opt/omd/sites/etf/etc/nagios/globus/etf_srv_cert.pem"

echo "Copying credentials ..."
/bin/cp -f /opt/omd/sites/etf/etc/nagios/globus/userproxy.pem--cms /usr/libexec/grid-monitoring/probes/org.cms/wnjob/org.cms.glexec/probes/org.cms.glexec/testjob/tests/payloadproxy-t2
/bin/chown ${CHECK_MK_SITE} /usr/libexec/grid-monitoring/probes/org.cms/wnjob/org.cms.glexec/probes/org.cms.glexec/testjob/tests/payloadproxy-t2
/bin/chmod go+r /usr/libexec/grid-monitoring/probes/org.cms/wnjob/org.cms.glexec/probes/org.cms.glexec/testjob/tests/payloadproxy-t2
/bin/cp -f /opt/omd/sites/etf/etc/nagios/globus/userproxy.pem--cms-Role_production /usr/libexec/grid-monitoring/probes/org.cms/wnjob/org.cms/probes/org.cms/testjob/tests/prodproxy
/bin/chown ${CHECK_MK_SITE} /usr/libexec/grid-monitoring/probes/org.cms/wnjob/org.cms/probes/org.cms/testjob/tests/prodproxy
/bin/chmod go+r /usr/libexec/grid-monitoring/probes/org.cms/wnjob/org.cms/probes/org.cms/testjob/tests/prodproxy

echo "Reloading crontab ..."
su etf -c "omd reload crontab"

echo "Starting Apache ..."
Marian Babik's avatar
Marian Babik committed
144
145
146
/usr/sbin/httpd -DFOREGROUND &
wait $!

Marian Babik's avatar
Marian Babik committed
147