Mirrors/Munin-Contrib
1
0
Fork 0
mirror of https://github.com/munin-monitoring/contrib.git synced 2025-07-21 02:33:18 +00:00
Code Issues Releases Wiki Activity
4781 commits 2 branches 1 tag 28 MiB
Commit graph

43 commits

Author SHA1 Message Date
Andreas Perhab
d9701b4f6a certificate_file_expiry: add option to ignore unexpanded patterns 
this helps use the same configs on multiple nodes where not all the
patterns expand to existing files on all of them or when files are not
yet existing
 2022-02-21 10:34:31 +01:00
Andreas Perhab
4b8b098288 certificate_file_expiry: enable checking openvpn in config certificates 2022-02-21 10:34:31 +01:00
Andreas Perhab
f0d5df2902 certificate_file_expiry: re-enable old defaults for warning and critical 
those were accidentially removed in
76170d2745
 2022-02-21 10:19:41 +01:00
Olivier Mehani
94066132ce
[ssl-certificate-expiry] add env.skip_cert_hashes to skip certificates 
This fix allows to skip validity checks on any intermediate certificate
which subject hash appears in the list.

Let's Encrypt certificates are cross-signed by both DST Root CA X3 and
ISRG Root X1. DST Root CA X3 has expired on 2021-09-30 [0], which causes
the plugin to incorrectly report some full-chain LE certificates as
expired.

[0] https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021/

Signed-off-by: Olivier Mehani <shtrom@ssji.net>
 2021-12-31 19:26:58 +01:00
Andreas Perhab
fea81596eb certificate_file_expiry: optional logarithmic view for long lived certs 
logarithmic was removed in d885a314ad
but still has it's benefits for openvpn CA and CRL certs. when enabling
logarithmic we keep the SI units now instead of rrdtools default
scientific notation.
 2021-12-04 02:30:02 +01:00
Kim B. Heino
31db64fefe certificate_file_expiry: label "50" instead of "5e+01" 
Scale values were "4e+01, 5e+01, ...". Using linear scale and "48, 50, 52, ..." is much more readable.

Also use shorter vlabel, old one is too long.
 2021-12-02 16:38:17 +01:00
Andreas Perhab
c6590b6715 letsencrypt_weekly: display by registered domain 2021-10-25 21:18:47 +02:00
Adam Mizerski
09974133b3 ssl-certificate-expiry: fix handling domains starting with digits 
resolves #1224
 2021-07-14 21:25:22 +02:00
Lars Kruse
2c9121708a Fix some spelling mistakes 
Thanks, codespell!
 2021-04-05 23:24:50 +02:00
Lars Kruse
da87fcd6c7 Fix spelling issues 2021-03-31 20:39:12 +02:00
Andreas Perhab
9c995590b2 certificate_file_expiry: add pattern support for CERT env variable 2020-12-28 20:42:30 +01:00
JTSage
eb7a1e7276 Add some sane defaults, some enviromental variable overrides, fix autoconf, and add more error trapping 2020-11-28 20:31:45 +01:00
JTSage
36c291110d Change proposed name, certbot_certs -> certbot_expiry 2020-11-28 20:31:45 +01:00
JTSage
2f7d94071d Add "certbot-certs" 
This plugin will semi-auto discover certbot (letsencrypt) certificates and output their expiry in days.
 2020-11-28 20:31:45 +01:00
Nazdravi
f0479a9a7d
[ssl-certificate-expiry] host name verification + proxy connection (#1126) 
* optional verification of request to certificate hostname match (env.checkname yes)
* optional openssl proxy usage (env.proxy PROXYHOST:PORT)
 2020-10-31 23:41:06 +01:00
Thomas Heidrich
8542c09283 fixup file mode 755 2020-10-28 21:54:42 +01:00
Thomas Heidrich
f6ea58d5f5 avoid blocking in ssl_ 
Just in case there is a firewall dropping packages, this plugin
would block until the plugin timeout is reached. This change introduces
the possibility to configure a much lower individual timeout.
 2020-10-28 21:54:42 +01:00
Lars Kruse
09b88141b3 Improve documantion of many plugins 
Specifically the configuration examples are now indented properly.
 2020-10-24 17:29:08 +02:00
Martin Schobert
bba98f95b3
ssl-certificate-expiry: Feature added: checking intermediate certs as well (#1088) 2020-09-06 22:19:12 +02:00
Lars Kruse
8713eb3722 Fix spelling mistakes in comments and descriptions 
Thanks, codespell!
 2020-03-26 04:23:21 +01:00
Lars Kruse
52144bc277 ssl-certificate-expiry: remove hardcoded CA directory path 
This should allow the plugin to be usable on all platforms.
 2020-02-06 00:54:29 +01:00
Lars Kruse
292cfb955a ssl-certificate-expiry: add support for FreeBSD's "date" 
Thanks to oz42

Closes: #1038
 2020-01-25 01:22:11 +01:00
Olivier Mehani
0b4725d69d [ssl/ssl-certificate-expiry] Fix unset starttls parameter 
Signed-off-by: Olivier Mehani <shtrom@ssji.net>
 2019-10-03 17:28:04 +02:00
ruliane
3aa213d497 Add support for StartTLS in ssl-certificate-expiry (#1018) 
* Add support for StartTLS in ssl-certificate-expiry

Added support for StartTLS in ssl-certificate-expiry
Use env.services foo.example.net_25_smtp to enable StartTLS on a SMTP server.
 2019-09-17 19:37:37 +02:00
RenWal
4e7c45fdc9 Fix typos in certificate_file_expiry 
Typos broke the sample configuration
 2019-09-02 23:07:45 +02:00
Lars Kruse
7fed3b9765 Fix multiple shellcheck issues 2019-08-13 05:16:13 +02:00
Andreas Perhab
d6d5fa80be Added plugins for certificates 
* plugin to monitor certificiate lifetime
* plugin to monitor letsencrypt certificate issue limit
 2019-07-31 03:13:21 +02:00
Olivier Mehani
7e995a0210 squash! squash! [ssl-certificate-expiry] Add asynchronous update via cron 
* use find to detect only recent cache files
* reduce cron periodicity to an hour
* use variable instead of TMP file
 2019-07-22 22:15:20 +10:00
Olivier Mehani
793b75b9ee squash! [ssl-certificate-expiry] Add asynchronous update via cron 
revert local
 2019-07-22 22:07:43 +10:00
Olivier Mehani
59f057f88b [ssl-certificate-expiry] Add asynchronous update via cron 
Also, cleanup the script to be better POSIX sh compatible, and add -u to
the shebang.
 2019-07-20 22:51:56 +10:00
Lars Kruse
e7eb28869c plugins ssl_ and ssl-certificate-expiry: various improvements 
* simplify date parsing: use "date" instead of awk's "mktime" (requires gawk)
* simplify structure
* use the same function (copy'n'paste) for both plugins

Closes: #893
 2018-03-30 01:53:48 +02:00
Olivier Mehani
81e1966814 [ssl] Remove legacy ssl, and replacement ssl-certificate-expiry 
Signed-off-by: Olivier Mehani <shtrom@ssji.net>
 2017-07-23 13:19:40 +10:00
Olivier Mehani
332396976b fixup! [multi-ssl] Backward compatibility with ssl_ 2017-06-21 21:32:48 +10:00
Olivier Mehani
21cc6fc458 [ssl-certificate-expiry] Rename from multi_ssl 
Signed-off-by: Olivier Mehani <shtrom@ssji.net>
 2017-06-20 21:15:17 +10:00
Olivier Mehani
47ef218263 [multi-ssl] Backward compatibility with ssl_ 
Signed-off-by: Olivier Mehani <shtrom@ssji.net>
 2017-06-20 21:14:24 +10:00
Olivier Mehani
f31fe9a6c3 [multi-ssl] POSIX shell compatibility 
Signed-off-by: Olivier Mehani <shtrom@ssji.net>
 2017-06-16 21:09:50 +10:00
Olivier Mehani
91fe427bfc [ssl_/multi_ssl] More legible cert-parsing code 
Signed-off-by: Olivier Mehani <shtrom@ssji.net>
 2017-06-16 20:46:12 +10:00
Olivier Mehani
a4c308081c [multi_ssl] New plugin showing multiple SSL Cert expiry in one graph 
Signed-off-by: Olivier Mehani <shtrom@ssji.net>
 2017-06-13 10:51:36 +10:00
dipohl
eaf6c2d7ce Category Tree: Reduce number of categories 
mogilefs -> fs (mogilefs)
moodle -> cms (moodle)
openvz -> virtualization (openvz)
wowza -> streaming (wowza)
varnish -> webserver (varnish)
xbnbt -> torrent (xbnbt)
 2017-02-23 15:31:40 +01:00
Olivier Mehani
43e67ac747 [ssl_] Can't use colon in plugin names 
Signed-off-by: Olivier Mehani <shtrom@ssji.net>
 2016-08-05 14:04:58 +10:00
Olivier Mehani
21dfe488c0 [ssl_] Allow to specify ports other than HTTPS 
Signed-off-by: Olivier Mehani <shtrom@ssji.net>
 2016-08-05 13:22:49 +10:00
Simon Tennant
f3917e1595 Support SNI in the certificate checking 
plugin was checking the first vhost rather than the correct vhost's ssl certificate validity.
 2013-10-03 09:50:57 +02:00
Simon Tennant
33cf24ad79 more sensible subdirectory name (ssl_certificates -> ssl) 2013-08-11 08:00:41 +02:00