Suppress monit alerts upon dependency

Alert dependecy is useful for network equiptment, as connectivity often is dependent in a chain. Why get alert that your whole network is down, if the error is realy with your router/link/whatever? Making an alert dependency is possible with monit, but it’s a bit tricky.

This is because monit’s keyword then alert only make use of the depends keyword when the dependency is in state unmonitor. This makes it tricky to create an alert dependecy, as then unmonitor turns of the monitoring (you will not get notified when the error is resolved). A solution is to make another watcher which turns monitoring back on.

Here is an example where failed ICMP/ping turns of notification of failed TCP-services:

# used to turn of alerts with depends keyword
check host seljebuUp with address seljebu.no
    if failed icmp type echo count 3 with timeout 3 seconds then unmonitor

# turns on seljebuUp when error resolved, will also alert upon host up/down
check host seljebu with address seljebu.no
    if failed icmp type echo count 3 with timeout 3 seconds then exec "/bin/true"
    else if succeeded then exec "/usr/sbin/monit start seljebuUp"

# dependent on seljebuUp
check host seljebu-service with address seljebu.no
   if failed port 143 proto imap for 4 times within 5 cycles then alert
   if failed port 465 type tcpssl proto smtp for 4 times within 5 cycles then alert
   if failed url http://seljebu.no/ for 4 times within 5 cycles then alert
   depends seljebuUp

A little drawback here is double alerts upon outage and the extra action alerts (upon monit start seljebuUp). You can filter out the extra alerts by having $event in the subject (here, notifications for seljebuUp can be discarded). You could also turn of the action alerts by using set alert your@email.com but not on { action } in the global config (be careful, as this willl turn off all action alerts).

netatalk 3.0.3 Ubuntu 12.04.2/10.04.3 LTS (Precise Pangolin)

Netatalk for use with Time Machine on MAC OSX Mountain Lion 10.8.3.

sudo -i
apt-get install build-essential pkg-config checkinstall git-core avahi-daemon libavahi-client-dev libdb5.1-dev db-util db5.1-util libgcrypt11 libgcrypt11-dev
wget http://prdownloads.sourceforge.net/netatalk/netatalk-3.0.3.tar.bz2?download
tar jxvf netatalk-3.0.3.tar.bz2?download
mv netatalk-3.0.3 /usr/src
cd /usr/src/netatalk-3.0.3
./configure --with-init-style=debian --with-zeroconf
make
checkinstall
exit

/usr/local/etc/afp.conf:

[Global]
mimic model = TimeCapsule6,106
log level = default:warn
log file = /var/log/afpd.log
hosts allow = 192.168.1.0/16

[TimeMachine]
path = /mnt/timemachine
valid users = tmuser
time machine = yes

For Ubuntu 10.04.03 use this apt-get line instead:

apt-get install build-essential pkg-config checkinstall git-core avahi-daemon libavahi-client-dev libdb4.8-dev db4.8-util libgcrypt11 libgcrypt11-dev

Source:
https://gist.github.com/vena/2856490
https://wiki.archlinux.org/index.php/Netatalk#Netatalk

Parse old gzipped apache(vhost_combined) logs with awstats

Parse all logs to new log-file in chronological order.

zgrep ^blog.seljebu.no `find -name "other_vhosts_access.log.[0-9]*.gz" | sort -n -t . -k 4 -r` | sed 's/./other_vhosts_access.log.[0-9]*.gz:blog.seljebu.no:80 //g' > blog.seljebu.no/old.log
grep ^blog.seljebu.no other_vhosts_access.log.1 | sed 's/blog.seljebu.no:80 //g' >> blog.seljebu.no/old.log
grep ^blog.seljebu.no other_vhosts_access.log | sed 's/blog.seljebu.no:80 //g' >> blog.seljebu.no/old.log

Make config-file for awstats.

#/etc/awstats/awstats.blog.seljebu.no.conf
LogFile="/var/log/apache2/blog.seljebu.no/old.log"
LogFormat=1
SiteDomain="blog.seljebu.no"
HostAliases="blog.seljebu.no"
DirData=/var/lib/awstats

Delete awstats database and update awstats. If you get a lot of corrupted/dropped records, you could use -showcorrupted/-showdropped.

rm /var/lib/awstats/awstats*blog.seljebu.no*
/usr/lib/cgi-bin/awstats.pl -config=blog.seljebu.no -update

Make individual log-files for virtualhosts.


        Servername blog.seljebu.no
        CustomLog /var/log/apache2/blog.seljebu.no/access.log combined
        ...

Add new log files to logrotate.

#/etc/logrotate.d/apache2 
/var/log/apache2/*/*.log /var/log/apache2/*.log {
        weekly
        ...
}

Update awstats config-file.

#/etc/awstats/awstats.blog.seljebu.no.conf
LogFile="/var/log/apache2/blog.seljebu.no/access.log"
...

Add to cron.

#/etc/cron.d/awstats
*/10 * * * * www-data /usr/lib/cgi-bin/awstats.pl -config=blog.seljebu.no -update >/dev/null

Move/convert LXC(Linux Container) to Virtualbox/KVM/real machine

Some adjustments might be needed, but this will guide you trough the concepts of moving a linux container to a bare metal machine/hypervisor.

Backup contents of server with rsync.

lxc-stop -n name
rsync -av /opt/lxc/name/root-filesystem/* /media/usb-stick-with-linux-filesystem

Start virtualbox/real machine with ubuntu server iso, rescue mode. Open a terminal in installer environment, format and mount disk.

fdisk /dev/sdX
mkfs.ext4 /dev/sdX1
mkswap /dev/sdX2
mkdir /target
mount /dev/sdX1 /target

Copy contents of linux container to new root filesystem.

mount /dev/sdb1 /mnt
mount -o bind /target /mnt/mnt
mount -o bind /dev /mnt/dev
mount -o bind /run /mnt/run
mount -o bind /proc /mnt/proc
mount -o bind /sys /mnt/sys
chroot /mnt /bin/bash
rsync -av --exclude 'dev' --exclude 'run' --exclude 'proc' --exclude 'sys' --exclude 'mnt' / /mnt

Exit chroot of lxc container, and chroot into new partition.

exit
cd /target
mkdir dev sys proc run mnt
mount -o bind /dev /target/dev
mount -o bind /run /target/run
mount -o bind /proc /target/proc
mount -o bind /sys /target/sys
chroot /target /bin/bash

Check fstab(normally filesystem is mounted by LXC-instance).

#/etc/fstab
/dev/sda1 / ext4 defaults 0 0
/dev/sda2 none swap defaults 0 0

Install linux kernel and grub(make it bootable). Network is needed for this step, make sure resolv.conf is valid.

apt-get update
apt-get -o DPkg::Options::="--force-confmiss" install linux-image grub2

Since LXC does not use normal init/upstart, we need to make sure configfiles in /etc/init exists. This is done by reinstalling ubuntu-minimal dependencies.

sudo apt-get -o DPkg::Options::="--force-confmiss" --reinstall install adduser bzip2 console-setup dash dhcp3-client eject gnupg ifupdown initramfs-tools iproute iputils-ping kbd less locales lsb-release makedev mawk module-init-tools net-tools netbase netcat-openbsd ntpdate passwd procps python rsyslog sudo tasksel tzdata ubuntu-keyring udev upstart ureadahead vim-tiny whiptail

Make sure SSH is enabled.

update-rc.d ssh defaults

That should be it. Exit chroot, umount and reboot. Remove ubuntu-iso, cross fingers.

nfs4 and all_squash

all_squash does not work when directory/share is on the same filesystem. Example:

/etc/exports:

/media/mount 192.168.0.0/24(rw,async,no_subtree_check,fsid=0)
/media/mount/folder 192.168.0.0/24(all_squash,anonuid=1000,anongid=100,rw,async,no_subtree_check)

We have to mount folder with a bind to get this working. Move folder to new location, here I’m hiding it:

mv /media/mount/folder /media/mount/.folder
mkdir /media/mount/folder

/etc/fstab:

/dev/sdb1 /media/mount ext4 defaults 0 0
/media/mount/.folder /media/mount/folder none bind 0 0

Mount and reload nfs exports:

mount /media/mount/folder
exportfs -r

Reference: http://www.spinics.net/lists/linux-nfs/msg16593.html

roundcube, sqlite2, ubuntu 11.10 and cherokee

Roundcube only supports sqlite2(RC v0.7.1). Unfortunately Ubuntu 11.10 doesn’t have sqlite2 available in the repos(not sure why, security?), and MySQL/PostgreSQL seems like an overkill for a single user roundcube installation.

Fix: install php5-sqlite and get sqlite2 from natty(11.04). The module sqlite.so is actually loaded by default(/etc/php5/cgi/conf.d/sqlite.ini) but missing in the oneiric package.

apt-get install php5-sqlite
wget http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-sqlite_5.3.5-1ubuntu7.7_i386.deb
dpkg -x php5-sqlite_5.3.5-1ubuntu7.7_i386.deb /tmp
cp /tmp/usr/lib/php5/20090626+lfs/sqlite.so /usr/lib/php5/20090626+lfs/
service cherokee restart

Reference: https://bugs.launchpad.net/ubuntu/+source/php5/+bug/875262