From 6f8b247425326dc1be585123fe6fb91fcf0d718c Mon Sep 17 00:00:00 2001
From: Tunui Franken <tfranken@protonmail.com>
Date: Sun, 16 Mar 2025 13:22:12 +0100
Subject: [PATCH] Add check_rbl

---
 .../zones.d/global-templates/commands.conf.j2        | 11 +++++++++++
 roles/mailserver_monitoring/tasks/main.yml           | 12 +++++++-----
 .../zones.d/master/services/mailserver.conf.j2       | 10 ++++++++++
 3 files changed, 28 insertions(+), 5 deletions(-)

diff --git a/roles/icinga2_master/templates/zones.d/global-templates/commands.conf.j2 b/roles/icinga2_master/templates/zones.d/global-templates/commands.conf.j2
index a333a74..13e7765 100644
--- a/roles/icinga2_master/templates/zones.d/global-templates/commands.conf.j2
+++ b/roles/icinga2_master/templates/zones.d/global-templates/commands.conf.j2
@@ -15,6 +15,17 @@ object CheckCommand "sudo_smart" {
     command = [ "sudo" ] + command
 }
 
+object CheckCommand "rbl_extra_opts" {
+    import "rbl"
+    arguments += {
+        "--extra-opts" = {
+            value = "rbl@/etc/nagios-plugins/check_rbl.ini"
+            required = true
+        }
+    }
+    arguments["-s"]["required"] = false
+}
+
 # the original "systemd" CheckCommand uses /check_systemd.py as executable
 object CheckCommand "check_systemd" {
     import "systemd"
diff --git a/roles/mailserver_monitoring/tasks/main.yml b/roles/mailserver_monitoring/tasks/main.yml
index 0839938..0431c84 100644
--- a/roles/mailserver_monitoring/tasks/main.yml
+++ b/roles/mailserver_monitoring/tasks/main.yml
@@ -1,5 +1,12 @@
 ---
 
+- name: Install packages
+  become: true
+  ansible.builtin.apt:
+    name:
+      - monitoring-plugins-check-logfiles
+      - libnet-ip-perl
+
 - name: Copy mailserver services on icinga2 Master
   delegate_to: "{{ icinga2_master }}"
   become: true
@@ -21,11 +28,6 @@
     mode: 0440
     validate: 'visudo -cf %s'
 
-- name: Install packages
-  become: true
-  ansible.builtin.apt:
-    name: monitoring-plugins-check-logfiles
-
 - name: Copy sudoers file for nagios as root (for check_logfiles)
   become: true
   ansible.builtin.copy:
diff --git a/roles/mailserver_monitoring/templates/zones.d/master/services/mailserver.conf.j2 b/roles/mailserver_monitoring/templates/zones.d/master/services/mailserver.conf.j2
index c02ac60..23fc4cf 100644
--- a/roles/mailserver_monitoring/templates/zones.d/master/services/mailserver.conf.j2
+++ b/roles/mailserver_monitoring/templates/zones.d/master/services/mailserver.conf.j2
@@ -47,3 +47,13 @@ apply Service "mail-activity" {
     vars.logfiles_rotation = "mail.log.*"
     vars.logfiles_critical_pattern = "!relay="
 }
+
+apply Service "rbl" {
+    import "generic-service"
+    check_command = "rbl_extra_opts"
+    check_interval = 1h
+    command_endpoint = host.name
+    assign where host.name == "{{ inventory_hostname }}"
+    vars.rbl_hostame = "{{ ipv4_addr }}"
+    vars.rbl_timeout = 120
+}