Monit -- Quick Download and Config

monit-setup.sh

#!/bin/bash

# Must run this as sudo. How to make sure of that??
if [ "$EUID" -ne 0 ]
  then 
  	# Turn off history expansion to make it easier to echo exlaimation points
	set +H
  	
  	printf "%s\n" "Error: Monit installation and setup must be run as root. Type 'sudo !!' at the prompt, enter your password, in order to try again."
  	
  	# ... and turn it back on.
  	set -H

  exit
fi

# Update packages index.
printf "%s\n" "Updating packages index..."
apt-get update

# Pass the no variable to answer the question fo cleaning up (apt-get autoremove) extra files that get downloaded.
# It's only 771kB, so not worth it.
printf "%s\n" "Installing Monit ..."
apt-get install --assume-no monit
printf "%s\n" "Done!"

# Backup the original monit file
printf "%s\n" "Backing up the default configuration file..."
cd /etc/monit/
mv monitrc monitrc.orig.backup

### DOWNLOAD YOUR MONIT CONFIG FILES FROM GIST.
printf "%s\n" "Downloading custom config files..."
BASE_PATH="https://gist.githubusercontent.com/eightygrit/7a1616bedc517bbb50546400a91b3169/raw"
CURL="curl -sL"

# Ubuntu 14.04 Global Settings
$CURL "${BASE_PATH}/ubuntu-1404.conf" > conf.d/ubuntu1404

# Monit's Web UI Settings
$CURL "${BASE_PATH}/monit-web.conf" > conf.d/monit-web

# ServerPilot LAMP/LEMP Stack Configs
$CURL "${BASE_PATH}/php5.4-fpm-serverpilot.monitrc" > monitrc.d/php5.4-fpm-serverpilot
$CURL "${BASE_PATH}/php5.5-fpm-serverpilot.monitrc" > monitrc.d/php5.5-fpm-serverpilot
$CURL "${BASE_PATH}/php5.6-fpm-serverpilot.monitrc" > monitrc.d/php5.6-fpm-serverpilot
$CURL "${BASE_PATH}/php7.0-fpm-serverpilot.monitrc" > monitrc.d/php7.0-fpm-serverpilot
$CURL "${BASE_PATH}/nginx-serverpilot.monitrc" > monitrc.d/nginx-serverpilot
$CURL "${BASE_PATH}/apache-serverpilot.monitrc" > monitrc.d/apache-serverpilot

# Other Custom Configs
$CURL "${BASE_PATH}/php5-fpm.monitrc" > monitrc.d/php5-fpm
$CURL "${BASE_PATH}/newrelic.monitrc" > monitrc.d/newrelic

# The Main monitrc File
$CURL "${BASE_PATH}/monitrc" > monitrc

# Monit requires the permissions of the monitrc file to be -rwx------ (0700)
chmod 0700 monitrc
printf "%s\n" "Done!"

# Return user to their original directory.
cd -

# Advise user to add custom web UI settings.
printf "%s\n" "All done." ""
printf "%s\n" "You need to edit the 'monitrc' file in /etc/monit/"
printf "%s\n" "Uncomment the programs you want to monitor." ""
printf "%s\n" "IMPORTANT: Edit the 'monit-web' file in /etc/monit/conf.d/ by setting a non-default password, and the domain name to listen on."

apache-serverpilot.monitrc

check process apache-sp with pidfile /opt/sp/apache/var/logs/httpd.pid
  group www
  group apache
  group serverpilot
  start program = "/etc/init.d/apache-sp start"
  stop program  = "/etc/init.d/apache-sp stop"
  if 4 restarts within 20 cycles then timeout
  if failed host localhost port 80 with protocol http and request "/server-status" with timeout 25 seconds for 4 times within 5 cycles then restart
  depend serverpilot_agent

check file serverpilot_agent with path /opt/sp/serverpilot/agent/bin/sp-agent
  group serverpilot

monit-web.conf

## Monit has an embedded web server which can be used to view status of
## services monitored and manage services from a web interface. See the
## Monit Wiki if you want to enable SSL for the web server.
#
  set httpd port 2812
    use address do.domain.com
    allow 0.0.0.0/0.0.0.0
    allow admin:monit			## Change Default Password!!!

#    use address localhost  # only accept connection from localhost
#    allow localhost        # allow localhost to connect to the server and
#    allow admin:monit      # require user 'admin' with password 'monit'
#    allow @monit           # allow users of group 'monit' to connect (rw)
#    allow @users readonly  # allow users of group 'users' to connect readonly
#
#

monitrc

### BASIC SETTINGS FOR THIS SERVER
###################################################################
include /etc/monit/conf.d/ubuntu1404

# Optionally, include all files in the directory
# include /etc/monit/conf.d/*



### APP-SPECIFIC MONITORS – Just uncomment the ones you want.
###################################################################

## Default LAMP/LEMP Stack
# include /etc/monit/monitrc.d/apache2
# include /etc/monit/monitrc.d/nginx
# include /etc/monit/monitrc.d/mysql
# include /etc/monit/monitrc.d/php5-fpm

## ServerPilot LEMP Stack
# include /etc/monit/monitrc.d/apache-serverpilot
# include /etc/monit/monitrc.d/nginx-serverpilot
# include /etc/monit/monitrc.d/mysql 			# Same as default
# include /etc/monit/monitrc.d/php5.4-fpm-serverpilot
# include /etc/monit/monitrc.d/php5.5-fpm-serverpilot
# include /etc/monit/monitrc.d/php5.6-fpm-serverpilot
# include /etc/monit/monitrc.d/php7.0-fpm-serverpilot

## Other Default Monitors
# include /etc/monit/monitrc.d/acpid
# include /etc/monit/monitrc.d/at
# include /etc/monit/monitrc.d/cron
# include /etc/monit/monitrc.d/mdam
# include /etc/monit/monitrc.d/memcached
# include /etc/monit/monitrc.d/openntpd
# include /etc/monit/monitrc.d/openssh-server
# include /etc/monit/monitrc.d/pdns-recursor
# include /etc/monit/monitrc.d/postfix
# include /etc/monit/monitrc.d/rsyslog
# include /etc/monit/monitrc.d/smartmontools
# include /etc/monit/monitrc.d/snmpd

## Other Custom Monitors
# include /etc/monit/monitrc.d/newrelic




### MONIT WEBPAGE SETTINGS – Update the default password!!!
###################################################################

# include /etc/monit/conf.d/monit-web

newrelic.monitrc

check process newrelic with pidfile /var/run/newrelic-daemon.pid
	group newrelic
	group www
    start program = "/etc/init.d/newrelic-daemon start"
    stop program = "/etc/init.d/newrelic-daemon stop"
    depend newrelic_daemon
    # Also depends on PHP, but you could have one of several versions. Update as you see fit.

check file newrelic_daemon with path /usr/bin/newrelic-daemon
  group newrelic

nginx-serverpilot.monitrc

check process nginx-sp with pidfile /var/run/nginx-sp.pid
   group www
   group nginx
   group serverpilot
   start program = "/etc/init.d/nginx-sp start"
   stop program  = "/etc/init.d/nginx-sp stop"
#  if failed port 80 protocol http request "/" then restart
   if 5 restarts with 5 cycles then timeout

check file serverpilot_agent with path /opt/sp/serverpilot/agent/bin/sp-agent
  group serverpilot

php5-fpm.monitrc

check process php5-fpm with pidfile /var/run/php5-fpm.pid
	group www
	group php
    start program = "/etc/init.d/php5-fpm start"
    stop program = "/etc/init.d/php5-fpm stop"
    depend php5_bin

check file php5_bin with path /usr/bin/php
  group www
  group php

php5.4-fpm-serverpilot.monitrc

check process php5.4-fpm-sp with pidfile /var/run/php5.4-fpm-sp.pid
	group www
	group php
	group serverpilot
	start program = "/etc/init.d/php5.4-fpm-sp start"
	stop program = "/etc/init.d/php5.4-fpm-sp stop"

check file serverpilot_agent with path /opt/sp/serverpilot/agent/bin/sp-agent
  group serverpilot

php5.5-fpm-serverpilot.monitrc

check process php5.5-fpm-sp with pidfile /var/run/php5.5-fpm-sp.pid
	group www
	group php
	group serverpilot
    start program = "/etc/init.d/php5.5-fpm-sp start"
    stop program = "/etc/init.d/php5.5-fpm-sp stop"

check file serverpilot_agent with path /opt/sp/serverpilot/agent/bin/sp-agent
  group serverpilot

php5.6-fpm-serverpilot.monitrc

check process php5.6-fpm-sp with pidfile /var/run/php5.6-fpm-sp.pid
	group www
	group php
	group serverpilot
	start program = "/etc/init.d/php5.6-fpm-sp start"
	stop program = "/etc/init.d/php5.6-fpm-sp stop"

check file serverpilot_agent with path /opt/sp/serverpilot/agent/bin/sp-agent
  group serverpilot

php7.0-fpm-serverpilot.monitrc

check process php7.0-fpm-sp with pidfile /var/run/php7.0-fpm-sp.pid
	group www
	group php
	group serverpilot
	start program = "/etc/init.d/php7.0-fpm-sp start"
	stop program = "/etc/init.d/php7.0-fpm-sp stop"
	depend serverpilot_agent

check file serverpilot_agent with path /opt/sp/serverpilot/agent/bin/sp-agent
	group serverpilot

ubuntu-1404.conf

###############################################################################
## Monit control file
###############################################################################
##
## Comments begin with a '#' and extend through the end of the line. Keywords
## are case insensitive. All path's MUST BE FULLY QUALIFIED, starting with '/'.
##
## Below you will find examples of some frequently used statements. For
## information about the control file and a complete list of statements and
## options, please have a look in the Monit manual.
##
##
###############################################################################
## Global section
###############################################################################
##
## Start Monit in the background (run as a daemon):
#
  set daemon 120            # check services at 2-minute intervals
#   with start delay 240    # optional: delay the first check by 4-minutes (by
#                           # default Monit check immediately after Monit start)
#
#
## Set syslog logging with the 'daemon' facility. If the FACILITY option is
## omitted, Monit will use 'user' facility by default. If you want to log to
## a standalone log file instead, specify the full path to the log file
#
# set logfile syslog facility log_daemon
  set logfile /var/log/monit.log
#
#
## Set the location of the Monit id file which stores the unique id for the
## Monit instance. The id is generated and stored on first Monit start. By
## default the file is placed in $HOME/.monit.id.
#
# set idfile /var/.monit.id
  set idfile /var/lib/monit/id
#
## Set the location of the Monit state file which saves monitoring states
## on each cycle. By default the file is placed in $HOME/.monit.state. If
## the state file is stored on a persistent filesystem, Monit will recover
## the monitoring state across reboots. If it is on temporary filesystem, the
## state will be lost on reboot which may be convenient in some situations.
#
  set statefile /var/lib/monit/state
#
#
## Set the list of mail servers for alert delivery. Multiple servers may be
## specified using a comma separator. If the first mail server fails, Monit
# will use the second mail server in the list and so on. By default Monit uses
# port 25 - it is possible to override this with the PORT option.
#
# set mailserver mail.bar.baz,               # primary mailserver
#                backup.bar.baz port 10025,  # backup mailserver on port 10025
#                localhost                   # fallback relay
#
#
## By default Monit will drop alert events if no mail servers are available.
## If you want to keep the alerts for later delivery retry, you can use the
## EVENTQUEUE statement. The base directory where undelivered alerts will be
## stored is specified by the BASEDIR option. You can limit the maximal queue
## size using the SLOTS option (if omitted, the queue is limited by space
## available in the back end filesystem).
#
#  set eventqueue
#      basedir /var/lib/monit/events # set the base directory where events will be stored
#      slots 100                     # optionally limit the queue size
#
#
## Send status and events to M/Monit (for more informations about M/Monit
## see http://mmonit.com/). By default Monit registers credentials with
## M/Monit so M/Monit can smoothly communicate back to Monit and you don't
## have to register Monit credentials manually in M/Monit. It is possible to
## disable credential registration using the commented out option below.
## Though, if safety is a concern we recommend instead using https when
## communicating with M/Monit and send credentials encrypted.
#
# set mmonit http://monit:[email protected]:8080/collector
#     # and register without credentials     # Don't register credentials
#
#
## Monit by default uses the following format for alerts if the the mail-format
## statement is missing::
## --8<--
## set mail-format {
##      from: monit@$HOST
##   subject: monit alert --  $EVENT $SERVICE
##   message: $EVENT Service $SERVICE
##                 Date:        $DATE
##                 Action:      $ACTION
##                 Host:        $HOST
##                 Description: $DESCRIPTION
##
##            Your faithful employee,
##            Monit
## }
## --8<--
##
## You can override this message format or parts of it, such as subject
## or sender using the MAIL-FORMAT statement. Macros such as $DATE, etc.
## are expanded at runtime. For example, to override the sender, use:
#
# set mail-format { from: [email protected] }
#
#
## You can set alert recipients whom will receive alerts if/when a
## service defined in this file has errors. Alerts may be restricted on
## events by using a filter as in the second example below.
#
# set alert [email protected]                       # receive all alerts
## Do not alert when Monit start,stop or perform a user initiated action
# set alert [email protected] not on { instance, action }
#
#
###############################################################################
## Services
###############################################################################
##
## Check general system resources such as load average, cpu and memory
## usage. Each test specifies a resource, conditions and the action to be
## performed should a test fail.
#
#  check system myhost.mydomain.tld
#    if loadavg (1min) > 4 then alert
#    if loadavg (5min) > 2 then alert
#    if memory usage > 75% then alert
#    if swap usage > 25% then alert
#    if cpu usage (user) > 70% then alert
#    if cpu usage (system) > 30% then alert
#    if cpu usage (wait) > 20% then alert
#
#
## Check if a file exists, checksum, permissions, uid and gid. In addition
## to alert recipients in the global section, customized alert can be sent to
## additional recipients by specifying a local alert handler. The service may
## be grouped using the GROUP option. More than one group can be specified by
## repeating the 'group name' statement.
#
#  check file apache_bin with path /usr/local/apache/bin/httpd
#    if failed checksum and
#       expect the sum 8f7f419955cefa0b33a2ba316cba3659 then unmonitor
#    if failed permission 755 then unmonitor
#    if failed uid root then unmonitor
#    if failed gid root then unmonitor
#    alert [email protected] on {
#           checksum, permission, uid, gid, unmonitor
#        } with the mail-format { subject: Alarm! }
#    group server
#
#
## Check that a process is running, in this case Apache, and that it respond
## to HTTP and HTTPS requests. Check its resource usage such as cpu and memory,
## and number of children. If the process is not running, Monit will restart
## it by default. In case the service is restarted very often and the
## problem remains, it is possible to disable monitoring using the TIMEOUT
## statement. This service depends on another service (apache_bin) which
## is defined above.
#
#  check process apache with pidfile /usr/local/apache/logs/httpd.pid
#    start program = "/etc/init.d/httpd start" with timeout 60 seconds
#    stop program  = "/etc/init.d/httpd stop"
#    if cpu > 60% for 2 cycles then alert
#    if cpu > 80% for 5 cycles then restart
#    if totalmem > 200.0 MB for 5 cycles then restart
#    if children > 250 then restart
#    if loadavg(5min) greater than 10 for 8 cycles then stop
#    if failed host www.tildeslash.com port 80 protocol http
#       and request "/somefile.html"
#       then restart
#    if failed port 443 type tcpssl protocol http
#       with timeout 15 seconds
#       then restart
#    if 3 restarts within 5 cycles then timeout
#    depends on apache_bin
#    group server
#
# This is all implemented in includes files.
#
#
#
## Check filesystem permissions, uid, gid, space and inode usage. Other services,
## such as databases, may depend on this resource and an automatically graceful
## stop may be cascaded to them before the filesystem will become full and data
## lost.
#
#  check filesystem datafs with path /dev/sdb1
#    start program  = "/bin/mount /data"
#    stop program  = "/bin/umount /data"
#    if failed permission 660 then unmonitor
#    if failed uid root then unmonitor
#    if failed gid disk then unmonitor
#    if space usage > 80% for 5 times within 15 cycles then alert
#    if space usage > 99% then stop
#    if inode usage > 30000 then alert
#    if inode usage > 99% then stop
#    group server
#
#
## Check a file's timestamp. In this example, we test if a file is older
## than 15 minutes and assume something is wrong if its not updated. Also,
## if the file size exceed a given limit, execute a script
#
#  check file database with path /data/mydatabase.db
#    if failed permission 700 then alert
#    if failed uid data then alert
#    if failed gid data then alert
#    if timestamp > 15 minutes then alert
#    if size > 100 MB then exec "/my/cleanup/script" as uid dba and gid dba
#
#
## Check directory permission, uid and gid.  An event is triggered if the
## directory does not belong to the user with uid 0 and gid 0.  In addition,
## the permissions have to match the octal description of 755 (see chmod(1)).
#
#  check directory bin with path /bin
#    if failed permission 755 then unmonitor
#    if failed uid 0 then unmonitor
#    if failed gid 0 then unmonitor
#
#
## Check a remote host availability by issuing a ping test and check the
## content of a response from a web server. Up to three pings are sent and
## connection to a port and an application level network check is performed.
#
#  check host myserver with address 192.168.1.1
#    if failed icmp type echo count 3 with timeout 3 seconds then alert
#    if failed port 3306 protocol mysql with timeout 15 seconds then alert
#    if failed url http://user:[email protected]:8080/?querystring
#       and content == 'action="j_security_check"'
#       then alert
#
#