server: Adding apache/awstats logrotate script ; Adding smartmontools and zfswatcher to monitor harddisk and filesystem health

5 files changed, 347 insertions, 0 deletions

diff --git a/server/setup/05-service-settings/01-SYSTEM.txt b/server/setup/05-service-settings/01-SYSTEM.txt
new file mode 100644
index 0000000..6e368f9
--- /dev/null
+++ b/server/setup/05-service-settings/01-SYSTEM.txt
@@ -0,0 +1,33 @@
+
+Ensure you have followed
+    01-zfs_linux_bringup  
+    02-firewall
+
+- smartmontools
+    - make sure that root email is properly fwd:
+      /etc/aliases:
+        root    ADMIN_USER_NAME
+      /etc/mail/virtusertable
+        [email protected] ADMIN_USER_NAME
+        
+    - apt-get install smartmontools
+    - edit /etc/smartd.conf
+        DEVICESCAN -l error -l selftest -H -m [email protected] -M test
+    
+- zfswatcher
+    Only enable logfile and email notification (no web)
+
+    - apt-get install golang
+    - cd /usr/src
+    - git clone git://github.com/damicon/zfswatcher.git
+    - cd zfswatcher
+    - edit Makefile
+        fix GO location
+    - make
+    - make install
+    - cp etc/debian-startup.sh /etc/init.d/zfswatcher
+    - update-rc.d zfswatcher defaults
+
+    Update/Sync from this folder:
+    - scp etc/zfs/zfswatcher.conf root@server:/etc/zfs/
+    - scp etc/logrotate.d/zfswatcher root@server:/etc/logrotate.d/
diff --git a/server/setup/05-service-settings/README.txt b/server/setup/05-service-settings/02-SERVICES.txt
index b5a0cb8..6adcca3 100644
--- a/server/setup/05-service-settings/README.txt
+++ b/server/setup/05-service-settings/02-SERVICES.txt
@@ -172,6 +172,9 @@ Debian 7.00 (Wheezy)
                 cp -a BACKUP/awstats/awstats.jogamp.org.conf /home/jogamp_web/awstats/config
                 cp -a BACKUP/awstats/awstats-start.sh /home/jogamp_web/awstats/
 
+                cp -a BACKUP etc/logrotate.d/httpd-prerotate /etc/logrotate.d/
+                    this kicks off /home/jogamp_web/awstats/awstats-start.sh before the logrotate
+
             Populate /etc/GeoIP .. 
 
 13 jabot
diff --git a/server/setup/05-service-settings/etc/logrotate.d/httpd-prerotate/awstats b/server/setup/05-service-settings/etc/logrotate.d/httpd-prerotate/awstats
new file mode 100755
index 0000000..037dc3a
--- /dev/null
+++ b/server/setup/05-service-settings/etc/logrotate.d/httpd-prerotate/awstats
@@ -0,0 +1,4 @@
+#! /bin/bash
+
+su - jogamp_web -c /home/jogamp_web/awstats/awstats-start.sh
+
diff --git a/server/setup/05-service-settings/etc/logrotate.d/zfswatcher b/server/setup/05-service-settings/etc/logrotate.d/zfswatcher
new file mode 100644
index 0000000..99ca114
--- /dev/null
+++ b/server/setup/05-service-settings/etc/logrotate.d/zfswatcher
@@ -0,0 +1,12 @@
+/var/log/zfswatcher.log
+{
+	rotate 6
+	monthly
+	missingok
+	notifempty
+	compress
+	delaycompress
+	postrotate
+		kill -HUP `cat /var/run/zfswatcher.pid` 2>/dev/null 2>&1 || true
+	endscript
+}
diff --git a/server/setup/05-service-settings/etc/zfs/zfswatcher.conf b/server/setup/05-service-settings/etc/zfs/zfswatcher.conf
new file mode 100644
index 0000000..aa6fcfc
--- /dev/null
+++ b/server/setup/05-service-settings/etc/zfs/zfswatcher.conf
@@ -0,0 +1,295 @@
+;
+; zfswatcher.conf
+;
+; Copyright © 2012-2013 Damicon Kraa Oy
+;
+; This file is part of zfswatcher.
+;
+; Zfswatcher is free software: you can redistribute it and/or modify
+; it under the terms of the GNU General Public License as published by
+; the Free Software Foundation, either version 3 of the License, or
+; (at your option) any later version.
+;
+; Zfswatcher is distributed in the hope that it will be useful,
+; but WITHOUT ANY WARRANTY; without even the implied warranty of
+; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+; GNU General Public License for more details.
+;
+; You should have received a copy of the GNU General Public License
+; along with zfswatcher. If not, see <http://www.gnu.org/licenses/>.
+;
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+;
+; The general syntax of this file is the same as Git configuration file
+; syntax which is documented in git-config(1). It is very similar to the
+; traditional INI file syntax.
+;
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+; The "main" section is used to define the core settings of zfswatcher.
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+[main]
+;
+; The interval for running "zpool status" command, specified in seconds:
+zpoolstatusrefresh = 5
+;
+; The command for getting zpool status output:
+zpoolstatuscmd = "/sbin/zpool status"
+;
+; The interval for running "zfs list" command, specified in seconds:
+zfslistrefresh = 30
+;
+; The command for getting "zfs list" output for overall pool space usage:
+zfslistcmd = "/sbin/zfs list -H -o name,avail,used,usedsnap,usedds,usedrefreserv,usedchild,refer,mountpoint -d 0"
+;
+; The command for getting "zfs list" output for pool specific space usage
+; (this is only used by the web interface):
+zfslistusagecmd = "/sbin/zfs list -H -o name,avail,used,usedsnap,usedds,usedrefreserv,usedchild,refer,mountpoint -r -t all"
+;
+; Location where we write a pid file if desired:
+pidfile = /var/run/zfswatcher.pid
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+; The "severity" section maps various ZFS states to syslog severity levels.
+;
+; The following severity levels are supported (listed with decreasing
+; importance): emerg, alert, crit, err, warning, notice, info, debug
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+[severity]
+;
+; A map which defines severity levels based on ZFS overall pool 
+; state information:
+poolstatemap = OFFLINE:info REMOVED:crit FAULTED:alert SPLIT:info \
+	UNAVAIL:alert DEGRADED:crit ONLINE:info UNKNOWN:alert
+;
+; The severity of notifications about added ZFS pools:
+pooladded = notice
+;
+; The severity of notifications about removed ZFS pools:
+poolremoved = notice
+;
+; The severity of notifications about ZFS pool "status" text changes:
+poolstatuschanged = err
+;
+; The severity of notifications about cleared ZFS pool "status" text:
+poolstatuscleared = notice
+;
+; The severity of notifications about changed ZFS pool "errors" text:
+poolerrorschanged = err
+;
+; A map of severity levels based on ZFS component device states:
+devstatemap = OFFLINE:info REMOVED:err FAULTED:err SPLIT:info UNAVAIL:err \
+	DEGRADED:err ONLINE:info UNKNOWN:err INUSE:err AVAIL:info
+;
+; The severity of notifications about added pool devices:
+devadded = notice
+;
+; The severity of notifications about removed pool devices:
+devremoved = notice
+;
+; The severity of notifications about pool device read errors:
+devreaderrorsincreased = err
+;
+; The severity of notifications about pool device write errors:
+devwriteerrorsincreased = err
+;
+; The severity of notifications about pool device checksum errors:
+devcksumerrorsincreased = err
+;
+; The severity of notifications about pool device "additional info" text
+; changes (for example "(resilvering)"):
+devadditionalinfochanged = notice
+;
+; The severity of notifications about cleared pool device "additional info"
+; text:
+devadditionalinfocleared = notice
+;
+; Notifications when disk usage reaches defined levels. Several levels
+; can be defined. Disable disk space checking by commenting. This
+; setting also affects the web interface used space bar colours together
+; with www.usedstatecssclassmap.
+usedspace = 80%:info 85%:notice 90%:err 95%:crit
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+; The "leds" section contains settings related to enclosure LED control.
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+[leds]
+;
+; Whether the enclosure LED management should be enabled or not:
+enable = false
+;
+; The external "ledctl" command (distributed as a part of "ledmon" package):
+ledctlcmd = /usr/sbin/ledctl
+;
+; The following maps device states to IBPI blinking patterns.
+; Possible pattern names are: normal, locate, fail, rebuild, rebuild_p,
+; 	rebuild_s, pfa, hotspare, critical_array, failed_array
+; (Supported patterns depends on the used enclosure.)
+devstatemap = OFFLINE:fail REMOVED:fail FAULTED:fail SPLIT:normal \
+	UNAVAIL:fail DEGRADED:fail ONLINE:normal UNKNOWN:fail INUSE:normal \
+	AVAIL:normal
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+; The "logfile" section(s) define file based logging destinations.
+; Multiple "logfile" sections with different parameters may be defined by
+; using different profile names (in quotes after the section name).
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+[logfile "main"]
+;
+; Whether this logging destination should be enabled or not:
+enable = true
+;
+; Which message severity levels to include in this logging destination:
+level = debug
+;
+; The path name of the log file:
+file = /var/log/zfswatcher.log
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+; The "syslog" section(s) define syslog(3) based logging destinations.
+; Multiple "syslog" sections with different parameters may be defined by
+; using different profile names (in quotes after the section name).
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+[syslog "main"]
+;
+; Whether this logging destination should be enabled or not:
+enable = false
+;
+; Which message severity levels to include in this logging destination:
+level = info
+;
+; Which syslog facility code to use for this logging destination:
+; (Facility codes: kern, user, mail, daemon, auth, syslog, lpr, news, uucp,
+; cron, authpriv, ftp, local0, local1, local2, local3, local4, local5,
+; local6, local7)
+facility = daemon
+;
+; The syslog output socket destination. This may be a local UNIX socket
+; such as "/dev/log" or a remote UDP socket listed with IP address or
+; DNS host name followed by a colon and a port number.
+;server = 192.0.2.1:514
+;server = localhost:514
+server = /dev/log
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+; The "email" section(s) define SMTP email based logging destinations.
+; Multiple "email" sections with different parameters may be defined by
+; using different profile names (in quotes after the section name).
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+[email "main"]
+;
+; Whether this logging destination should be enabled or not:
+enable = true
+;
+; Which message severity levels to include in this logging destination:
+; level = err
+level = info
+;
+; The SMTP server name or IP address followed by a column and a port number:
+;server = localhost:587
+;server = 192.0.2.1:25
+;server = smtp.example.com:587
+server = localhost:25
+;
+; The username and password if the SMTP server requires them for
+; authentication:
+;username = exampleuser
+;password = supersecret
+;
+; "From" address for notification messages:
+from = [email protected]
+;
+; "To" address(es) for notification messages (several addresses can
+; be listed, separated by spaces):
+; to = [email protected] [email protected]
+to = [email protected]
+;
+; The "Subject" of notification messages (the severity level is
+; automatically appended at the end):
+subject = "jogamp.org: zfs notification"
+;
+; The time to wait (in seconds) between consecutive e-mail messages
+; (prevents flooding too many e-mails if there are many errors within
+; a short period of time):
+throttle = 60
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+; The "www" section defines settings for the internal web interface.
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+[www]
+;
+; Whether the web server should be enabled or not:
+enable = false
+;
+; Which message severity levels to include in the web interface log display:
+level = debug
+;
+; The size of the web interface log buffer (how many last messages to
+; keep available through the web interface):
+logbuffer = 1000
+;
+; The web server listening address (IP address followed by a colon and
+; a port number, often the IP address is omitted and in that case
+; the server listens on all interfaces):
+bind = :80
+;
+; Enable the following to use a TLS listener:
+;certfile = /some/path/cert.pem
+;keyfile = /some/path/key.pem
+;
+; The directory which contains the web server templates:
+templatedir = /usr/share/zfswatcher/www/templates
+;
+; The directory which contains static resources for the web interface
+; (such as CSS, JS and image files which are referred from the templates):
+resourcedir = /usr/share/zfswatcher/www/resources
+;
+;
+; The following maps log severity levels to CSS class names for the
+; web interface (for highlighting important messages, the available class
+; names depend on the CSS template):
+severitycssclassmap = emerg:error alert:error crit:error err:warning \
+	warning:warning notice:info info: debug:
+;
+; The following maps pool states to CSS class names for the web interface:
+poolstatecssclassmap = OFFLINE:text-warning REMOVED:text-error \
+	FAULTED:text-error SPLIT:text-info UNAVAIL:text-error \
+	DEGRADED:text-warning ONLINE:text-success UNKNOWN:text-error
+;
+; The following maps device states to CSS class names for the web interface:
+devstatecssclassmap = OFFLINE:text-warning REMOVED:text-error \
+	FAULTED:text-error SPLIT:text-info UNAVAIL:text-error \
+	DEGRADED:text-warning ONLINE:text-success UNKNOWN:text-error \
+	INUSE:text-warning AVAIL:text-muted
+;
+; The following maps pool usage severities to CSS classes for the dashboard
+; used space bar display. The pseudo severity "none" can be used to specify
+; the class when none of the usage levels specified in "usedspace" has
+; been reached.
+usedstatecssclassmap = none:bar-info info:bar-info notice:bar-warning \
+	err:bar-warning crit:bar-danger
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+; The "wwwuser" sections define usernames and passwords for the web
+; interface. The username is listed in quotes after the section name.
+; Several users can be specified by repeating the section with different
+; user names.
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+[wwwuser "root"]
+;
+; Whether this user is enabled or not:
+enable = false
+;
+; Password in MD5 crypt (salted hash) format (the hash can be produced 
+; with "mkpasswd -m md5" or "zfswatcher -P"):
+;password = $1$fNF5/E3q$TEYvY1AQae/7rzHQ5fVgD1   ; toor
+
+[wwwuser "otheruser"]
+enable = false
+;password = $1$dlPL2MqE$oQmn16q49SqdmhenQuNgs1	; hello
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+; The end.
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;