- 追加された行はこの色です。
- 削除された行はこの色です。
#author("2019-02-08T09:28:23+09:00","default:kuji","kuji")
CONTENTS
#contents
----
Lastmodified &lastmod;
----
*Monit [#rdd4c6ef]
【参考URL】http://freebsd.fkimura.com/monit-a0.html
Monitとは、プロセスを監視して、例えばApacheのプロセス監視をして、何らかの原因で落ちたら自動的(60秒後)に起動して登録メールアドレスへ報告するというもの。
設定や監視プロセスの状態はGUIで確認できる。
http(s)://FQDN:portNo ← portNoは
https://FQDN:portNo ← portNoは
設定ファイル:/usr/local/etc/monitrc で設定したもの。デフォルトは、2812
*** monit のGUIページへのアクセス [#e5b3175d]
https://www.kuji-clinic.net:2812/
https://piano2nd.smb.net:2812/
&ref(monit.PNG);
**作業履歴 [#vf2096ec]
999 8:42 locate monit
1000 8:55 portinstall sysutils/monit
1001 8:58 cp /usr/local/etc/monitrc.sample /usr/local/etc/monitrc
monit_enable="YES" to rc.conf file
1003 9:06 /usr/local/etc/rc.d/monit start
1006 9:37 top
1007 9:39 /usr/local/etc/rc.d/monit restart
1012 9:55 /usr/local/etc/rc.d/monit restart
1014 10:11 apachectl -v
1015 11:08 openssl req -new -x509 -days 3650 -nodes -out ./monit.pem -keyout ./monit.pem
1016 11:10 openssl gendh 512 >> ./monit.pem
1017 11:11 openssl x509 -subject -dates -fingerprint -noout -in ./monit.pem
1018 11:13 chmod 600 /usr/local/etc/monit.pem
1019 11:14 ll
1020 11:14 cp monit.pem /usr/local/etc/
1021 11:14 chmod 600 /usr/local/etc/monit.pem
1022 11:18 /usr/local/etc/rc.d/monit restart
1025 12:43 history
**/usr/local/etc/monitrc 【Monit:設定ファイル】 [#ye605eea]
ssl化:letsencryptで取得した.pem を chmod 600 として利用した。
###############################################################################
## Monit control file
###############################################################################
set daemon 30 # check services at 30 seconds intervals
set logfile syslog
set mailserver localhost # primary mailserver
set alert root@smb.net # receive all alerts
set httpd port 2812 and
#SSL ENABLE
#PEMFILE /usr/local/etc/monit.pem
SSL ENABLE
PEMFILE /usr/local/etc/letsencrypt/live/piano2nd.smb.net/cert.pem
#use address localhost # only accept connection from localhost
allow localhost
allow 192.168.1.139
allow 219.117.246.193/27
allow 210.255.122.209/28 # allow localhost to connect to the server and
#allow admin:monit # require user 'admin' with password 'monit'
allow foo:hogehoge
###############################################################################
## Services
###############################################################################
### Apache ###
check process apache with pidfile /var/run/httpd.pid
start program = "/usr/local/etc/rc.d/apache22 start" with timeout 60 seconds
stop program = "/usr/local/etc/rc.d/apache22 stop"
start program = "/usr/local/etc/rc.d/apache24 start" with timeout 60 seconds
stop program = "/usr/local/etc/rc.d/apache24 stop"
### amavisd ###
check process amavisd with pidfile /var/amavis/amavisd.pid
start program = "/usr/local/etc/rc.d/amavisd start" with timeout 60 seconds
stop program = "/usr/local/etc/rc.d/amavisd stop"
### clamav ###
check process clamav-clamd with pidfile /var/run/clamav/clamd.pid
start program = "/usr/local/etc/rc.d/clamav-clamd start" with timeout 60 seconds
stop program = "/usr/local/etc/rc.d/clamav-clamd stop"
### freshclam ###
check process clamav-freshclam with pidfile /var/run/clamav/freshclam.pid
start program = "/usr/local/etc/rc.d/clamav-freshclam start" with timeout 60 seconds
stop program = "/usr/local/etc/rc.d/clamav-freshclam stop"
### munin ###
check process munin with pidfile /var/run/munin/munin-node.pid
start program = "/usr/local/etc/rc.d/munin-node start" with timeout 60 seconds
stop program = "/usr/local/etc/rc.d/munin-node stop"
# /usr/local/etc/rc.d/monit restart
* Monit の起動順 [#maeeecbc]
サーバを再起動した際、monitの起動が、監視プロセスよりも早いと、monitがプロセスを起動するため、アラートメールが発生し、システムがプロセスを起動させようとするとエラーがでるなど、なにかと五月蝿いので、monit は、なるべく起動シークエンスの後の方で、ってのがヨサゲです。
ということで、
/usr/local/etc/rc.d/monit の # REQUIRE: NETWORKING SERVERS 行に postfix apache22 cron を追加。
/usr/local/etc/rc.d/monit の # REQUIRE: NETWORKING SERVERS 行に postfix apache24 cron を追加。
#!/bin/sh
#
# $FreeBSD: head/sysutils/monit/files/monit.in 340872 2014-01-24 00:14:07Z mat $
#
# PROVIDE: monit
# REQUIRE: NETWORKING SERVERS postfix apache22 cron
# REQUIRE: NETWORKING SERVERS postfix apache24 cron
# BEFORE: DAEMON
# KEYWORD: shutdown
----
Total access &counter(total);:本日 &counter(today);:昨日 &counter(yesterday);
#counter([total|today|yesterday]);