# todo: git clone to /usr/local/lib/nagios

# A deploy key must be added for this to work!
{{ salt.pillar.get("icinga2:monitoring_plugins_git_url") | yaml_encode }}:
  git.cloned:
    - target: /usr/local/lib/nagios
    - branch: master
    - user: root

monitoring_packages:
  pkg.installed:
    - pkgs:
      # TODO: these are the Debian names. Figure out the others
      - monitoring-plugins-basic
      - smartmontools

nagios:
  user.present:
    - shell: /bin/bash
    - home: /var/lib/nagios
    - system: true
    - createhome: true

/var/lib/nagios/.ssh:
  file.directory:
    - user: nagios
    - group: nagios
    - mode: 700
    - require:
      - user: nagios

/var/lib/nagios/.ssh/authorized_keys:
  file.managed:
    - user: nagios
    - group: nagios
    - mode: 400
    - contents_pillar: icinga2:nagios_rsa_pubkey
    - require:
      - file: /var/lib/nagios/.ssh

/etc/sudoers.d/nagios:
  file.managed:
    - user: root
    - group: root
    - mode: 440
    - template: jinja
    - source: salt://icinga2/files/client_sudo.jinja
    - check_cmd: /usr/sbin/visudo -c -f