service/http: Monitor https and https certificates

Check that https endpoints are reachable, and that the certificat is not about to expire. Signed-off-by: Tobias Wiese <tobias@tobiaswiese.com>
author: Tobias Wiese <tobias@tobiaswiese.com> 2020-05-13 16:12:10 +0200
committer: Tobias Wiese <tobias@tobiaswiese.com> 2020-05-14 12:15:16 +0200
commit: 71c820054059b801ed53ef5c12bef57d975879fa (patch)
tree: 7ed3c6cb4d6ea11afa337a1a8417a7de22946825 /zones.d/master/services.conf
parent: 0ca93dff41ff3a9889a5847ff0f854cf5cef1185 (diff)
1 files changed, 30 insertions, 0 deletions
diff --git a/zones.d/master/services.conf b/zones.d/master/services.conf
index 25ca1c5..2b31393 100644
--- a/zones.d/master/services.conf
+++ b/zones.d/master/services.conf
@@ -32,3 +32,33 @@ apply Service "ssh" {
 
 	assign where (host.address || host.address6) && host.vars.kernel == "linux"
 }
+
+/**
+ * Network Service checks
+ */
+
+template Service "http" {
+	import "generic-network-service"
+
+	check_command = "http"
+
+	vars += {
+		http_vhost = http_vhost
+		http_sni = true
+		http_warn_time = 0.2s
+		http_critical_time = 0.3s
+	}
+	vars += config
+}
+
+apply Service "https-" for (http_vhost => config in host.vars.http_vhosts) {
+	import "http"
+
+	vars.http_ssl = true
+}
+
+apply Service "https-cert-" for (http_vhost => config in host.vars.http_vhosts) {
+	import "http"
+
+	vars.http_certificate = "25,10"
+}
author	Tobias Wiese <tobias@tobiaswiese.com>	2020-05-13 16:12:10 +0200
committer	Tobias Wiese <tobias@tobiaswiese.com>	2020-05-14 12:15:16 +0200
commit	71c820054059b801ed53ef5c12bef57d975879fa (patch)
tree	7ed3c6cb4d6ea11afa337a1a8417a7de22946825 /zones.d/master/services.conf
parent	0ca93dff41ff3a9889a5847ff0f854cf5cef1185 (diff)