Difference between revisions of "Monit"

From Amahi Wiki
Jump to: navigation, search
 
(65 intermediate revisions by the same user not shown)
Line 1: Line 1:
 
[http://mmonit.com/monit Monit] (Amahi's watchdog) is a utility for managing and monitoring processes, programs, files, directories and filesystems on a Unix system.  It is integrated in Amahi and managed using the '''''Servers''''' section of the '''Settings''' tab.   
 
[http://mmonit.com/monit Monit] (Amahi's watchdog) is a utility for managing and monitoring processes, programs, files, directories and filesystems on a Unix system.  It is integrated in Amahi and managed using the '''''Servers''''' section of the '''Settings''' tab.   
  
Monit has an integrated web interface which can exposed using the [http://www.amahi.org/apps/monit Monit] one-click app.  This app (currently BETA status) provides additional detail about the processes currently running on your HDA.
+
Monit has an integrated web interface which can exposed using the [http://www.amahi.org/apps/monit-service-manager Monit Service Manager] one-click app.  This app provides additional detail about the processes currently running on your HDA.
 +
 
 +
Monit configuration file locations:
 +
 
 +
* Main (monitrc):
 +
** Ubuntu - /etc/monit
 +
** Fedora - /etc
 +
 
 +
* Services:
 +
** Ubuntu - /etc/monit/monit.d
 +
** Fedora - /etc/monit.d
  
We will add additional customizations to this page over time.
 
  
 
== Change Hostname ==
 
== Change Hostname ==
Edit /etc/monit/monitrc and change ''localhost.localdomain'' to match your system:
+
Edit monitrc and change ''localhost.localdomain'' to match your system:
{{Text|Text=check system localhost.localdomain}}
+
check system localhost.localdomain
 
 
  
 
== Email Notifications ==
 
== Email Notifications ==
This will only work if you have set up your HDA to send emails. The [[Gmail_As_Relay_On_Ubuntu|Gmail as Relay]] tutorial is one option or you can do it in Monit directly.
+
This will only work if you have set up your HDA to send emails. The [[Gmail_As_Relay_On_Ubuntu|Gmail as Relay]] tutorial is one option.
  
Edit /etc/monit/monitrc and update as follows:
+
You can do it in Monit directly by adding the following to monitrc:
{{Text|Text=set mailserver smtp.gmail.com port 587  
+
set mailserver smtp.gmail.com port 587  
 
     username "MYUSER" password "MYPASSWORD"
 
     username "MYUSER" password "MYPASSWORD"
     using tlsv1}}
+
     using tlsv1
 +
 
 +
 
 
'''NOTE:'''  Replace "MYUSER" and "MYPASSWORD" with your Gmail user name and password.
 
'''NOTE:'''  Replace "MYUSER" and "MYPASSWORD" with your Gmail user name and password.
  
Enable email notifications by editing /etc/monit/monitrc and uncomment (remove #) the following lines (Change as needed to match your system):
+
Enable email notifications by editing monitrc and adding the following lines (Change as needed to match your system):
{{Text|Text=<nowiki>#</nowiki>set mailserver localhost
+
set mailserver localhost
<nowiki>#</nowiki>set mail-format { from: monit@localhost }
+
set mail-format { from: monit@localhost }
<nowiki>#</nowiki>set alert root@localhost}}
+
set alert root@localhost
 +
 
 +
 
 +
Restart Monit:
 +
* Ubuntu
 +
sudo /etc/init.d/monit restart
 +
* Fedora (root user)
 +
systemctl restart monit.service
 +
 
 +
== Change Message Format ==
 +
Edit monitrc and add this text (modify as needed):
 +
set mail-format {
 +
    from: monit@localhost
 +
    subject: [ $SERVICE ] $EVENT - $DATE
 +
    message: This is an $ACTION: $DESCRIPTION [$SERVICE], tested remotely from $HOST }
 +
 
 +
 
 
Restart Monit:
 
Restart Monit:
{{Code|/etc/init.d/monit restart}}
+
* Ubuntu
 +
sudo /etc/init.d/monit restart
 +
* Fedora (root user)
 +
systemctl restart monit.service
  
 
== Change Access Credentials ==
 
== Change Access Credentials ==
Edit Edit /etc/monit/monitrc and change as desired:
+
Edit monitrc and change as desired:
{{Text|Text=allow admin:admin}}
+
allow admin:admin
 +
 
 +
 
 
Restart Monit:
 
Restart Monit:
{{Code|/etc/init.d/monit restart}}
+
* Ubuntu
 +
sudo /etc/init.d/monit restart
 +
* Fedora (root user)
 +
systemctl restart monit.service
 +
 
 +
== Enable Secure access (Fedora) ==
 +
Edit monitrc and add below <u>set httpd port 2812 and</u> (line 116):
 +
SSL ENABLE
 +
PEMFILE  /var/certs/monit.pem
 +
 
  
== Update Certificate ==
+
Create a directory for the certs, then follow "Create New Certificate" guidance:
A default certificate is installed by the Amahi application.  To change the certificate, do the following steps as root user (For Ubuntu, prefix the command lines with <code>sudo</code>):
+
mkdir -p /var/certs
{{Code|cd /var/certs
 
openssl req -new -x509 -days 365 -nodes -config ./monit.cnf -out /var/certs/monit.pem -keyout /var/certs/monit.pem
 
openssl gendh 512 >> /var/certs/monit.pem
 
openssl x509 -subject -dates -fingerprint -noout -in /var/certs/monit.pem
 
chmod 700 /var/certs/monit.pem}}
 
  
'''NOTE:'''  For Ubuntu, the second openssl (openssl gendh) step requires the actual '''''root''''' user environment (<code>sudo su -</code>).
+
== Create New Certificate ==
 +
A default certificate is installed by the Amahi application (Ubuntu).  To create a new certificate, do the following steps as root user (<b>Ubuntu NOTE:</b> prefix commands with <code>sudo</code> except the second openssl requires the actual '''''root''''' user environment <code>sudo su -</code>):
 +
cd /var/certs
 +
openssl req -new -x509 -days 365 -nodes -config ./monit.cnf -out /var/certs \
 +
/monit.pem -keyout /var/certs/monit.pem
 +
openssl gendh 512 >> /var/certs/monit.pem
 +
openssl x509 -subject -dates -fingerprint -noout -in /var/certs/monit.pem
 +
chmod 700 /var/certs/monit.pem
  
 
Restart Monit:
 
Restart Monit:
{{Code|sudo /etc/init.d/monit restart}}
+
* Ubuntu
 +
sudo /etc/init.d/monit restart
 +
* Fedora (root user)
 +
systemctl restart monit.service
  
 
== Configuration Examples ==
 
== Configuration Examples ==
 +
===Amahi 8 or Greater===
 +
'''httpd:'''
 +
<pre>check process apache with pidfile "/var/run/httpd/httpd.pid"
 +
        start program = "/usr/bin/systemctl start httpd.service"
 +
        stop  program = "/usr/bin/systemctl stop httpd.service"</pre>
 +
 +
'''mariadb:'''
 +
<pre>check process mysql with pidfile "/var/run/mariadb/mariadb.pid"
 +
        start program = "/usr/bin/systemctl start mariadb.service"
 +
        stop  program = "/usr/bin/systemctl stop mariadb.service"</pre>
 +
 +
'''dnsmasq:'''
 +
<pre>check process dnsmasq with pidfile /var/run/dnsmasq.pid
 +
        start program = "/usr/bin/systemctl start dnsmasq.service"
 +
        stop  program = "/usr/bin/systemctl stop dnsmasq.service"</pre>
 +
 +
'''sshd:'''
 +
<pre>check process sshd with pidfile /var/run/sshd.pid
 +
  start program  "/etc/init.d/sshd start"
 +
  stop program  "/etc/init.d/sshd stop"
 +
  if failed port 22 protocol ssh then restart</pre>
 +
 +
'''postfix:'''
 +
<pre> check process postfix with pidfile /var/spool/postfix/pid/master.pid
 +
  group mail
 +
  start program = "/etc/init.d/postfix start"
 +
  stop  program = "/etc/init.d/postfix stop"
 +
  if failed port 25 protocol smtp then restart</pre>
 +
 +
'''crond:'''
 +
<pre>check process crond with pidfile /var/run/crond.pid
 +
  group system
 +
  start program = "/usr/bin/systemctl start crond.service"
 +
  stop  program = "/usr/bin/systemctl stop crond.service"
 +
  if 5 restarts within 5 cycles then timeout</pre>
 +
 +
'''hda-ctl:'''
 +
<pre>check process hda-ctl with pidfile /var/run/hda-ctl.pid
 +
  start program = "/usr/bin/systemctl start hda-ctl.service"
 +
  stop  program = "/usr/bin/systemctl stop hda-ctl.service"</pre>
 +
 +
'''syslogd:'''
 +
<pre>check process syslog with pidfile /var/run/syslogd.pid
 +
  start program = "/usr/bin/systemctl start syslog.service"
 +
  stop program = "/usr/bin/systemctl stop syslog.service"
 +
  if 5 restarts within 5 cycles then timeout</pre>
 +
 +
'''storagespace:'''
 +
<pre># add each drive you want to monitor below
 +
check filesystem Boot with path /dev/sda1
 +
    if space usage > 90% then alert
 +
check filesystem Root with path /dev/sda3
 +
    if space usage > 90% then alert
 +
check filesystem Shares with path /dev/sda4</pre>
 +
 +
'''qbittorrent'''
 +
<pre>check process qBittorrent matching "qbittorrent-nox"
 +
    start program = "/usr/bin/systemctl start qbittorrent-nox@bigfoot.service"
 +
    stop program = "/usr/bin/systemctl stop qbittorrent-nox@bigfoot.service"
 +
    if failed host 127.0.0.1 port 8090 type TCP for 2 cycles then restart
 +
    if 2 restarts within 3 cycles then unmonitor</pre>
 +
 +
===Reference===
 
[http://mmonit.com/wiki/Monit/ConfigurationExamples Monit Configuration Examples]:  Covers many common processes that users may want to monitor.  Some minor changes may be needed for Fedora or Ubuntu.
 
[http://mmonit.com/wiki/Monit/ConfigurationExamples Monit Configuration Examples]:  Covers many common processes that users may want to monitor.  Some minor changes may be needed for Fedora or Ubuntu.
  
  
 
[[Category:Apps]]
 
[[Category:Apps]]

Latest revision as of 01:35, 27 August 2019

Monit (Amahi's watchdog) is a utility for managing and monitoring processes, programs, files, directories and filesystems on a Unix system. It is integrated in Amahi and managed using the Servers section of the Settings tab.

Monit has an integrated web interface which can exposed using the Monit Service Manager one-click app. This app provides additional detail about the processes currently running on your HDA.

Monit configuration file locations:

  • Main (monitrc):
    • Ubuntu - /etc/monit
    • Fedora - /etc
  • Services:
    • Ubuntu - /etc/monit/monit.d
    • Fedora - /etc/monit.d


Change Hostname

Edit monitrc and change localhost.localdomain to match your system:

check system localhost.localdomain

Email Notifications

This will only work if you have set up your HDA to send emails. The Gmail as Relay tutorial is one option.

You can do it in Monit directly by adding the following to monitrc:

set mailserver smtp.gmail.com port 587 
   username "MYUSER" password "MYPASSWORD"
   using tlsv1


NOTE: Replace "MYUSER" and "MYPASSWORD" with your Gmail user name and password.

Enable email notifications by editing monitrc and adding the following lines (Change as needed to match your system): set mailserver localhost set mail-format { from: monit@localhost } set alert root@localhost


Restart Monit:

  • Ubuntu
sudo /etc/init.d/monit restart
  • Fedora (root user)
systemctl restart monit.service

Change Message Format

Edit monitrc and add this text (modify as needed):

set mail-format {
    from: monit@localhost
    subject: [ $SERVICE ] $EVENT - $DATE
    message: This is an $ACTION: $DESCRIPTION [$SERVICE], tested remotely from $HOST }


Restart Monit:

  • Ubuntu
sudo /etc/init.d/monit restart
  • Fedora (root user)
systemctl restart monit.service

Change Access Credentials

Edit monitrc and change as desired:

allow admin:admin


Restart Monit:

  • Ubuntu
sudo /etc/init.d/monit restart
  • Fedora (root user)
systemctl restart monit.service

Enable Secure access (Fedora)

Edit monitrc and add below set httpd port 2812 and (line 116):

SSL ENABLE
PEMFILE  /var/certs/monit.pem


Create a directory for the certs, then follow "Create New Certificate" guidance:

mkdir -p /var/certs

Create New Certificate

A default certificate is installed by the Amahi application (Ubuntu). To create a new certificate, do the following steps as root user (Ubuntu NOTE: prefix commands with sudo except the second openssl requires the actual root user environment sudo su -):

cd /var/certs
openssl req -new -x509 -days 365 -nodes -config ./monit.cnf -out /var/certs \
/monit.pem -keyout /var/certs/monit.pem
openssl gendh 512 >> /var/certs/monit.pem
openssl x509 -subject -dates -fingerprint -noout -in /var/certs/monit.pem
chmod 700 /var/certs/monit.pem

Restart Monit:

  • Ubuntu
sudo /etc/init.d/monit restart
  • Fedora (root user)
systemctl restart monit.service

Configuration Examples

Amahi 8 or Greater

httpd:

check process apache with pidfile "/var/run/httpd/httpd.pid"
        start program = "/usr/bin/systemctl start httpd.service"
        stop  program = "/usr/bin/systemctl stop httpd.service"

mariadb:

check process mysql with pidfile "/var/run/mariadb/mariadb.pid"
        start program = "/usr/bin/systemctl start mariadb.service"
        stop  program = "/usr/bin/systemctl stop mariadb.service"

dnsmasq:

check process dnsmasq with pidfile /var/run/dnsmasq.pid
        start program = "/usr/bin/systemctl start dnsmasq.service"
        stop  program = "/usr/bin/systemctl stop dnsmasq.service"

sshd:

check process sshd with pidfile /var/run/sshd.pid
   start program  "/etc/init.d/sshd start"
   stop program  "/etc/init.d/sshd stop"
   if failed port 22 protocol ssh then restart

postfix:

 check process postfix with pidfile /var/spool/postfix/pid/master.pid
   group mail
   start program = "/etc/init.d/postfix start"
   stop  program = "/etc/init.d/postfix stop"
   if failed port 25 protocol smtp then restart

crond:

check process crond with pidfile /var/run/crond.pid
   group system
   start program = "/usr/bin/systemctl start crond.service"
   stop  program = "/usr/bin/systemctl stop crond.service"
   if 5 restarts within 5 cycles then timeout

hda-ctl:

check process hda-ctl with pidfile /var/run/hda-ctl.pid
   start program = "/usr/bin/systemctl start hda-ctl.service"
   stop  program = "/usr/bin/systemctl stop hda-ctl.service"

syslogd:

check process syslog with pidfile /var/run/syslogd.pid
  start program = "/usr/bin/systemctl start syslog.service"
  stop program = "/usr/bin/systemctl stop syslog.service"
  if 5 restarts within 5 cycles then timeout

storagespace:

# add each drive you want to monitor below
check filesystem Boot with path /dev/sda1
    if space usage > 90% then alert
check filesystem Root with path /dev/sda3
    if space usage > 90% then alert
check filesystem Shares with path /dev/sda4

qbittorrent

check process qBittorrent matching "qbittorrent-nox"
    start program = "/usr/bin/systemctl start qbittorrent-nox@bigfoot.service"
    stop program = "/usr/bin/systemctl stop qbittorrent-nox@bigfoot.service"
    if failed host 127.0.0.1 port 8090 type TCP for 2 cycles then restart
    if 2 restarts within 3 cycles then unmonitor

Reference

Monit Configuration Examples: Covers many common processes that users may want to monitor. Some minor changes may be needed for Fedora or Ubuntu.