diff --git a/home/.chezmoiscripts/universal/run_onchange_after_57-netdata.sh.tmpl b/home/.chezmoiscripts/universal/run_onchange_after_57-netdata.sh.tmpl index b74668da..34787721 100644 --- a/home/.chezmoiscripts/universal/run_onchange_after_57-netdata.sh.tmpl +++ b/home/.chezmoiscripts/universal/run_onchange_after_57-netdata.sh.tmpl @@ -1,63 +1,3 @@ -{{- if ne .host.distro.family "windows" -}} -#!/usr/bin/env bash -# @file Netdata -# @brief Configures Netdata alerts and notifications -# @description -# This script installs additional alerts and enables notifications if Netdata is installed. Email notifications are configured -# using the provided email address. Slack notifications are configured if `SLACK_WEBHOOK_URL` and `SLACK_NETDATA_ALARMS_CHANNEL` -# are provided. Syslog integration is configured if `SYSLOG_NETDATA_ENABLE` and `SYSLOG_NETDATA_RECIPIENTS` are provided. -# If the OS is Debian based, Netdata shows the number of CVEs in currently installed packages. - -{{ includeTemplate "universal/profile" }} -{{ includeTemplate "universal/logg" }} - -### Install additional alerts and enable notifications -if command -v netdata > /dev/null; then - # Copy the additional alert definitions - logg info 'Copying $HOME/.config/netdata/health.d/ to /etc/netdata/' - sudo cp -rf "$HOME/.config/netdata/health.d/" /etc/netdata/ - - logg info 'Copying $HOME/.config/netdata/health_alarm_notify.conf to /usr/lib/netdata/conf.d/health_alarm_notify.conf' - sudo cp -f /usr/lib/netdata/conf.d/health_alarm_notify.conf /usr/lib/netdata/conf.d/health_alarm_notify.conf.bak - sudo cp -f "$HOME/.config/netdata/health_alarm_notify.conf" /usr/lib/netdata/conf.d/health_alarm_notify.conf -else - logg warn '`netdata` is not available in the PATH or is not installed' -fi - -### Configure Netdata to gather information about CVEs in the installed packages -if command -v debsecan > /dev/null; then - - # Installing the script to generate report on CVEs in installed packages - logg info 'Installing script to generate on CVEs in installed packages' - sudo curl -sSL https://raw.githubusercontent.com/nodiscc/netdata-debsecan/master/usr_local_bin_debsecan-by-type -o /usr/local/bin/debsecan-by-type - - # Generate initial debsecan reports in /var/log/debsecan/ - logg info 'Generating initial debsecan reports in /var/log/debsecan/' - /usr/local/bin/debsecan-by-type - - # Configure dpkg to refresh the file after each run - logg info 'Configuring dpkg to refresh the file after each run' - sudo curl -sSL https://github.com/nodiscc/netdata-debsecan/raw/master/etc_apt_apt.conf.d_99debsecan -o /etc/apt/apt.conf.d/99debsecan - - # Add a cron job to refresh the file every hour - logg info 'Adding a cron job to refresh the file every hour' - sudo curl -sSL https://github.com/nodiscc/netdata-debsecan/raw/master/etc_cron.d_debsecan -o /etc/cron.d/debsecan - - # Install the module/configuration file - logg info 'Installing the module and configuration file - sudo curl -sSL https://github.com/nodiscc/netdata-debsecan/raw/master/debsecan.chart.py -o /usr/libexec/netdata/python.d/ - sudo curl -sSL https://github.com/nodiscc/netdata-debsecan/raw/master/debsecan.conf -o /etc/netdata/python.d/ - - # Restart Netdata service - logg info 'Restarting netdata service' - sudo systemctl restart netdata -else - logg warn '`debsecan` is not available in the PATH or is not installed' -fi - - -{{ end -}} - {{- if and (ne .host.distro.family "windows") (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (or (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "NETDATA_TOKEN")) (env "NETDATA_TOKEN")) (or (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "NETDATA_ROOM")) (env "NETDATA_ROOM")) -}} #!/usr/bin/env bash # @file Netdata @@ -66,6 +6,9 @@ fi # This script connects Netdata with Netdata Cloud if Netdata is installed, the `NETDATA_TOKEN` is provided, and the # `NETDATA_ROOM` is defined. This allows you to graphically browse through system metrics on all your connected devices # from a single free web application. +# +# This script installs additional alerts and enables notifications if Netdata is installed. Email notifications are configured +# using the provided primary email address. If the OS is Debian based, Netdata shows the number of CVEs in currently installed packages. {{ includeTemplate "universal/profile" }} {{ includeTemplate "universal/logg" }} @@ -93,6 +36,66 @@ if command -v netdata-claim.sh > /dev/null; then logg info 'The `/sys/kernel/mm/ksm` directory does not exist so Netdata kernel optimizations are not being applied' fi fi + + ### Install additional alerts and enable notifications + if command -v netdata > /dev/null; then + # Copy the additional alert definitions + if [ -d /usr/local/etc/netdata ]; then + NETDATA_ETC='/usr/local/etc/netdata/' + elif [ -d /etc/netdata ]; then + NETDATA_EDC='/etc/netdata' + else + logg error 'No etc location found for netdata' && exit 1 + fi + logg info "Copying ${XDG_CONFIG_HOME:-$HOME/.config}/netdata/health.d/ to $NETDATA_ETC" + sudo cp -rf "Copying ${XDG_CONFIG_HOME:-$HOME/.config}/netdata/health.d/" "$NETDATA_ETC" + + # Backup current health alarm configuration and apply new one + if [ -d /usr/local/lib/netdata ]; then + NETDATA_LIB='/usr/local/lib/netdata' + elif [ -d /usr/lib/netdata ]; then + NETDATA_LIB='/usr/lib/netdata' + else + logg error 'No lib location found for netdata' && exit 1 + fi + logg info "Copying $${XDG_CONFIG_HOME:-$HOME/.config}/netdata/health_alarm_notify.conf to $NETDATA_LIB/conf.d/health_alarm_notify.conf" + sudo cp -f "${XDG_CONFIG_HOME:-$HOME/.config}/netdata/health_alarm_notify.conf" "$NETDATA_LIB/conf.d/health_alarm_notify.conf" + else + logg warn '`netdata` is not available in the PATH or is not installed' + fi + + ### Ensure the apt command is available before running `debsecan` logic + if command -v apt > /dev/null; then + ### Configure Netdata to gather information about CVEs in the installed packages + if command -v debsecan > /dev/null; then + # Installing the script to generate report on CVEs in installed packages + logg info 'Installing script to generate on CVEs in installed packages' + sudo curl -sSL https://raw.githubusercontent.com/nodiscc/netdata-debsecan/master/usr_local_bin_debsecan-by-type -o /usr/local/bin/debsecan-by-type + + # Generate initial debsecan reports in /var/log/debsecan/ + logg info 'Generating initial debsecan reports in /var/log/debsecan/' + /usr/local/bin/debsecan-by-type + + # Configure dpkg to refresh the file after each run + logg info 'Configuring dpkg to refresh the file after each run' + sudo curl -sSL https://github.com/nodiscc/netdata-debsecan/raw/master/etc_apt_apt.conf.d_99debsecan -o /etc/apt/apt.conf.d/99debsecan + + # Add a cron job to refresh the file every hour + logg info 'Adding a cron job to refresh the file every hour' + sudo curl -sSL https://github.com/nodiscc/netdata-debsecan/raw/master/etc_cron.d_debsecan -o /etc/cron.d/debsecan + + # Install the module/configuration file + logg info 'Installing the module and configuration file + sudo curl -sSL https://github.com/nodiscc/netdata-debsecan/raw/master/debsecan.chart.py -o /usr/libexec/netdata/python.d/ + sudo curl -sSL https://github.com/nodiscc/netdata-debsecan/raw/master/debsecan.conf -o /etc/netdata/python.d/ + + # Restart Netdata service + logg info 'Restarting netdata service' + sudo systemctl restart netdata + else + logg warn '`debsecan` is not available in the PATH or is not installed' + fi + fi else logg warn '`netdata-claim.sh` is not available in the PATH' fi