monit の変更点

• 追加された行はこの色です。
• 削除された行はこの色です。
• monit へ行く。
• monit の差分を削除

#author("2024-01-22T08:20:53+09:00","default:kuji","kuji")
#author("2024-01-22T08:21:12+09:00","default:kuji","kuji")
CONTENTS
#contents
----
Lastmodified　&lastmod;
----
*Monit [#rdd4c6ef]

【参考URL】http://freebsd.fkimura.com/monit-a0.html

Monitとは、プロセスを監視して、例えばApacheのプロセス監視をして、何らかの原因で落ちたら自動的（60秒後）に起動して登録メールアドレスへ報告するというもの。

設定や監視プロセスの状態はGUIで確認できる。

https://FQDN:portNo ←　portNoは

設定ファイル：/usr/local/etc/monitrc　で設定したもの。デフォルトは、2812

*** monit のGUIページへのアクセス [#e5b3175d]
 https://piano2nd.smb.net:2812/

&ref(monit.PNG);

**作業履歴 [#vf2096ec]
   999  8:42    locate monit
  1000  8:55    portinstall sysutils/monit
  1001  8:58    cp /usr/local/etc/monitrc.sample /usr/local/etc/monitrc
                monit_enable="YES" to rc.conf file
  1003  9:06    /usr/local/etc/rc.d/monit start
  1006  9:37    top
  1007  9:39    /usr/local/etc/rc.d/monit restart
  1012  9:55    /usr/local/etc/rc.d/monit restart
  1014  10:11   apachectl -v


**/usr/local/etc/monitrc 【Monit：設定ファイル】 [#ye605eea]

ssl化：letsencryptで取得した.pem を chmod 600 として利用した。

 ###############################################################################
 ## Monit control file
 ###############################################################################
 set daemon  30              # check services at 30 seconds intervals 
 set logfile syslog
 set mailserver localhost    # primary mailserver
 set alert root@smb.net      # receive all alerts 
 set httpd port 2812 and
 SSL ENABLE
 PEMFILE  /usr/local/etc/letsencrypt/live/piano2nd.smb.net/cert.pem
 
    #use address localhost   # only accept connection from localhost
    allow localhost
    allow 192.168.1.139
    allow 219.117.246.193/27
    allow 210.255.122.209/28 # allow localhost to connect to the server and
    #allow admin:monit       # require user 'admin' with password 'monit'
    allow foo:hogehoge
 ###############################################################################
 ## Services
 ###############################################################################
 ### Apache ###
 check process apache with pidfile /var/run/httpd.pid
 start program = "/usr/local/etc/rc.d/apache24 start" with timeout 60 seconds
 stop program = "/usr/local/etc/rc.d/apache24 stop"
 
 ### amavisd ###
 check process amavisd with pidfile /var/amavis/amavisd.pid
 start program = "/usr/local/etc/rc.d/amavisd start" with timeout 60 seconds
 stop program = "/usr/local/etc/rc.d/amavisd stop"
 
 ### clamav ###
 check process clamav-clamd with pidfile /var/run/clamav/clamd.pid
 start program = "/usr/local/etc/rc.d/clamav-clamd start" with timeout 60 seconds
 stop program = "/usr/local/etc/rc.d/clamav-clamd stop"
 
 ### freshclam ###
 check process clamav-freshclam with pidfile /var/run/clamav/freshclam.pid
 start program = "/usr/local/etc/rc.d/clamav-freshclam start" with timeout 60 seconds
 stop program = "/usr/local/etc/rc.d/clamav-freshclam stop"
 
 ### munin ###
 check process munin with pidfile /var/run/munin/munin-node.pid
 start program = "/usr/local/etc/rc.d/munin-node start" with timeout 60 seconds
 stop program = "/usr/local/etc/rc.d/munin-node stop"
 
 ### named bind ###
 check process bind with pidfile /var/run/named/pid
 start program = "/usr/local/etc/rc.d/named start" with timeout 60 seconds
 stop program = "/usr/local/etc/rc.d/named stop"
 
 # /usr/local/etc/rc.d/monit restart

* Monit の起動順 [#maeeecbc]

サーバを再起動した際、monitの起動が、監視プロセスよりも早いと、monitがプロセスを起動するため、アラートメールが発生し、システムがプロセスを起動させようとするとエラーがでるなど、なにかと五月蝿いので、monit　は、なるべく起動シークエンスの後の方で、ってのがヨサゲです。

ということで、

/usr/local/etc/rc.d/monit の　# REQUIRE: NETWORKING SERVERS　行に　postfix apache24 cron　を追加。

 #!/bin/sh
 #
 # $FreeBSD: head/sysutils/monit/files/monit.in 340872 2014-01-24 00:14:07Z mat $
 #
 
 # PROVIDE: monit
 # REQUIRE: NETWORKING SERVERS postfix apache24 cron
 # BEFORE: DAEMON
 # KEYWORD: shutdown

*NICが落ちると [#s974fc01]
console log
 Jun  5 04:17:59 sun1 kernel: Jun  5 04:17:59 sun1 monit[461]: Cannot translate 'sun1.smb.net' to IP address -- Name does not resolve
 Jun  5 04:17:59 sun1 kernel: Jun  5 04:17:59 sun1 monit[461]: 'httpd' failed protocol test [HTTP] at [sun1.smb.net]:80/nextcloud [TCP/IP] -- Cannot resolve [sun1.smb.net]:80

** The control file '/usr/local/etc/monitrc' permission 0644 is wrong, maximum 0700 allowed [#xd8abbea]
* The control file '/usr/local/etc/monitrc' permission 0644 is wrong, maximum 0700 allowed [#xd8abbea]

 Jan 22 07:50:57 kernel: The control file '/usr/local/etc/monitrc' permission 0644 is wrong, maximum 0700 allowed
 Jan 22 07:50:57 kernel: Jan 22 07:50:57 kuji monit[838]: The control file '/usr/local/etc/monitrc' permission 0644 is wrong, maximum 0700 allowed
 Jan 22 07:50:57 kernel: /etc/rc: WARNING: failed to start monit



オリジナルマシンの設定をコピペしてクローン機に移したときに、パーミッションが変わってしまったらしい。
----
Total access &counter(total);：本日 &counter(today);：昨日 &counter(yesterday);
#counter([total|today|yesterday]);