mirror of
https://github.com/munin-monitoring/contrib.git
synced 2025-07-21 18:41:03 +00:00
Added support for optional TLS connections thanks to Hector Solans
This commit is contained in:
Rowan Wookey
parent
8ca0c1c5ec
commit
e599ab4274
1 changed files with 32 additions and 12 deletions
44
plugins/redis/redis
Executable file → Normal file
44
plugins/redis/redis
Executable file → Normal file
|
|
@ -15,6 +15,8 @@
|
||||||
[redis]
|
[redis]
|
||||||
env.host1 127.0.0.1
|
env.host1 127.0.0.1
|
||||||
env.port1 6379
|
env.port1 6379
|
||||||
|
env.tls1 on
|
||||||
|
env.tls_verify1 on
|
||||||
env.password1 password
|
env.password1 password
|
||||||
env.title_prefix1 redis-1
|
env.title_prefix1 redis-1
|
||||||
env.host2 /run/redis.sock
|
env.host2 /run/redis.sock
|
||||||
|
|
@ -26,6 +28,8 @@
|
||||||
* port - the redis port to connect to
|
* port - the redis port to connect to
|
||||||
* password - the password to use with the AUTH command
|
* password - the password to use with the AUTH command
|
||||||
* title_prefix - a prefix to put before the title of the graph, this is strongly recommended for multiple instances
|
* title_prefix - a prefix to put before the title of the graph, this is strongly recommended for multiple instances
|
||||||
|
* tls enable TLS connections if "on"
|
||||||
|
* tls_verify verify the certificate in TLS connections if "on" (defaults to on if TLS is "on")
|
||||||
|
|
||||||
Graphs:
|
Graphs:
|
||||||
This generates multigraphs for:
|
This generates multigraphs for:
|
||||||
|
|
@ -40,7 +44,8 @@
|
||||||
|
|
||||||
=head COPYRIGHT
|
=head COPYRIGHT
|
||||||
|
|
||||||
Copyright (C) 2020 Rowan Wookey <https://www.rwky.net/>
|
Copyright (C) 2024 Rowan Wookey <https://www.rwky.net/>
|
||||||
|
Copyright (C) 2024 Hector Solans <https://www.bekodo.com>
|
||||||
Copyright (C) 2009 Gleb Voronich <http://stanly.net.ua/>
|
Copyright (C) 2009 Gleb Voronich <http://stanly.net.ua/>
|
||||||
|
|
||||||
=head LICENSE
|
=head LICENSE
|
||||||
|
|
@ -69,17 +74,22 @@
|
||||||
use strict;
|
use strict;
|
||||||
use IO::Socket::INET;
|
use IO::Socket::INET;
|
||||||
use IO::Socket::UNIX;
|
use IO::Socket::UNIX;
|
||||||
|
use IO::Socket::SSL;
|
||||||
|
|
||||||
my %INSTANCES;
|
my %INSTANCES;
|
||||||
my $HOST;
|
my $HOST;
|
||||||
my $PORT;
|
my $PORT;
|
||||||
my $PASSWORD;
|
my $PASSWORD;
|
||||||
|
my $TLS;
|
||||||
|
my $TLS_VERIFY;
|
||||||
|
|
||||||
for (my $i = 1; $ENV{"host$i"}; $i++)
|
for (my $i = 1; $ENV{"host$i"}; $i++)
|
||||||
{
|
{
|
||||||
$HOST = exists $ENV{"host$i"} ? $ENV{"host$i"} : "127.0.0.1";
|
$HOST = exists $ENV{"host$i"} ? $ENV{"host$i"} : "127.0.0.1";
|
||||||
$PORT = exists $ENV{"port$i"} ? $ENV{"port$i"} : 6379;
|
$PORT = exists $ENV{"port$i"} ? $ENV{"port$i"} : 6379;
|
||||||
$PASSWORD = exists $ENV{"password$i"} ? $ENV{"password$i"} : undef;
|
$PASSWORD = exists $ENV{"password$i"} ? $ENV{"password$i"} : undef;
|
||||||
|
$TLS = exists $ENV{"tls$i"} ? $ENV{"tls$i"} : "off";
|
||||||
|
$TLS_VERIFY = exists $ENV{"tls_verify$i"} ? $ENV{"tls_verify$i"} : "on";
|
||||||
my $TITLE_PREFIX = exists $ENV{"title_prefix$i"} ? $ENV{"title_prefix$i"} . ": " : "";
|
my $TITLE_PREFIX = exists $ENV{"title_prefix$i"} ? $ENV{"title_prefix$i"} . ": " : "";
|
||||||
my $SOCK = &get_conn();
|
my $SOCK = &get_conn();
|
||||||
$INSTANCES{"instance$i"} = {
|
$INSTANCES{"instance$i"} = {
|
||||||
|
|
@ -87,7 +97,9 @@ for (my $i = 1; $ENV{"host$i"}; $i++)
|
||||||
PORT => $PORT,
|
PORT => $PORT,
|
||||||
PASSWORD => $PASSWORD,
|
PASSWORD => $PASSWORD,
|
||||||
TITLE_PREFIX => $TITLE_PREFIX,
|
TITLE_PREFIX => $TITLE_PREFIX,
|
||||||
SOCK => $SOCK
|
SOCK => $SOCK,
|
||||||
|
TLS => $TLS,
|
||||||
|
TLS_VERIFY => $TLS_VERIFY,
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -410,19 +422,26 @@ sub get_conn {
|
||||||
Type => SOCK_STREAM(),
|
Type => SOCK_STREAM(),
|
||||||
Peer => $HOST,
|
Peer => $HOST,
|
||||||
);
|
);
|
||||||
}else{
|
} elsif ($TLS eq "on") {
|
||||||
|
my $verify = $TLS_VERIFY eq "on" ? SSL_VERIFY_PEER : SSL_VERIFY_NONE;
|
||||||
|
$sock = IO::Socket::SSL->new(
|
||||||
|
PeerAddr => $HOST,
|
||||||
|
PeerPort => $PORT,
|
||||||
|
Timeout => 10,
|
||||||
|
Proto => 'tcp',
|
||||||
|
SSL_verify_mode => $verify,
|
||||||
|
) or die "Unable to connect to $HOST:$PORT TLS: $SSL_ERROR";
|
||||||
|
} else {
|
||||||
$sock = IO::Socket::INET->new(
|
$sock = IO::Socket::INET->new(
|
||||||
PeerAddr => $HOST,
|
PeerAddr => $HOST,
|
||||||
PeerPort => $PORT,
|
PeerPort => $PORT,
|
||||||
Timeout => 10,
|
Timeout => 10,
|
||||||
Proto => 'tcp'
|
Proto => 'tcp',
|
||||||
);
|
) or die "Unable to connect to $HOST:$PORT TLS: $SSL_ERROR";
|
||||||
|
}
|
||||||
|
if (! defined($sock)) {
|
||||||
|
die "can't read socket: $!";
|
||||||
}
|
}
|
||||||
|
|
||||||
if (! defined($sock)) {
|
|
||||||
die "can't read socket: $!";
|
|
||||||
}
|
|
||||||
|
|
||||||
if ( defined( $PASSWORD ) ) {
|
if ( defined( $PASSWORD ) ) {
|
||||||
print $sock "AUTH ", $PASSWORD, "\r\n";
|
print $sock "AUTH ", $PASSWORD, "\r\n";
|
||||||
|
|
@ -435,6 +454,7 @@ sub get_conn {
|
||||||
sub get_info{
|
sub get_info{
|
||||||
my $sock = $_[0];
|
my $sock = $_[0];
|
||||||
print $sock "INFO\r\n";
|
print $sock "INFO\r\n";
|
||||||
|
# Reply is in the format $<length>\r\n<data>\r\n
|
||||||
my $result = <$sock> || die "can't read socket: $!";
|
my $result = <$sock> || die "can't read socket: $!";
|
||||||
|
|
||||||
my $rep;
|
my $rep;
|
||||||
|
|
@ -442,7 +462,7 @@ sub get_info{
|
||||||
read($sock, $rep, substr($result,1)+2) || die "can't read from socket: $!";
|
read($sock, $rep, substr($result,1)+2) || die "can't read from socket: $!";
|
||||||
|
|
||||||
my $hash;
|
my $hash;
|
||||||
foreach (split(/\r\n/, substr($rep, 0, -2))) {
|
foreach (split(/\r\n/, substr($rep, 0, -2))) { #Delete the lasts \r\n
|
||||||
my ($key,$val) = split(/:/, $_, 2);
|
my ($key,$val) = split(/:/, $_, 2);
|
||||||
if (defined($key)) {
|
if (defined($key)) {
|
||||||
$hash->{$key} = $val;
|
$hash->{$key} = $val;
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue