From a2fecf9d6449ddb2b093f026070d928254d8f96b Mon Sep 17 00:00:00 2001
From: DarkFeather <ircs://aninix.net:6697/DarkFeather>
Date: Fri, 20 Jan 2023 08:49:56 -0600
Subject: [PATCH] Adding DHParam generation for IRC ssl_openssl

---
 roles/IRC/tasks/daemon.yml                        | 15 +++++++++++++++
 .../files/monit/checks/watcher-of-watchers        |  8 ++++++++
 roles/Sharingan/files/monit/hostdefs/Core         |  3 ++-
 .../suricata.yaml => templates/suricata.yaml.j2}  |  0
 4 files changed, 25 insertions(+), 1 deletion(-)
 create mode 100644 roles/Sharingan/files/monit/checks/watcher-of-watchers
 rename roles/Sharingan/{files/suricata/suricata.yaml => templates/suricata.yaml.j2} (100%)

diff --git a/roles/IRC/tasks/daemon.yml b/roles/IRC/tasks/daemon.yml
index 98cba5a..2bb57eb 100644
--- a/roles/IRC/tasks/daemon.yml
+++ b/roles/IRC/tasks/daemon.yml
@@ -12,6 +12,21 @@
      - "/var/log/inspircd"
      - "/etc/inspircd"
 
+ - name: Generate dhparam
+   become: yes
+   command:
+     cmd: openssl dhparam -out /etc/inspircd/dhparams.pem 2048
+     creates: /etc/inspircd/dhparams.pem
+
+ - name: Permissions on dhparam
+   become: yes
+   file:
+     state: file
+     path: /etc/inspircd/dhparams.pem
+     owner: ircd
+     group: ircd
+     mode: 0640
+
  - name: Copy config and fill in attributes
    register: templatefiles
    become: yes
diff --git a/roles/Sharingan/files/monit/checks/watcher-of-watchers b/roles/Sharingan/files/monit/checks/watcher-of-watchers
new file mode 100644
index 0000000..b54e081
--- /dev/null
+++ b/roles/Sharingan/files/monit/checks/watcher-of-watchers
@@ -0,0 +1,8 @@
+check program graylog_remote with path "/usr/lib/monitoring-plugins/check_http -p 9000 sharingan.msn0.aninix.net"
+    if status != 0 for 3 times within 5 cycles then exec "/usr/local/bin/ravensend -c #sharingan -m 'CRITICAL: Sharingan Graylog is not responding.'"
+
+check program elasticsearch_remote with path "/usr/lib/monitoring-plugins/check_http -u /_cluster/health -p 9200 -s green sharingan.msn0.aninix.net"
+    if status != 0 for 3 times within 5 cycles then exec "/usr/local/bin/ravensend -c #sharingan -m 'CRITICAL: Sharingan Elasticsearch is not responding.'"
+
+check program dns_remote with path "/usr/lib/monitoring-plugins/check_dns -H 10.0.1.1 -s 10.0.1.2"
+    if status != 0 for 3 times within 5 cycles then exec "/usr/local/bin/ravensend -c #sharingan -m 'CRITICAL: Nazara DNS is not responding.'"
diff --git a/roles/Sharingan/files/monit/hostdefs/Core b/roles/Sharingan/files/monit/hostdefs/Core
index f1cde60..6fa1c5f 100644
--- a/roles/Sharingan/files/monit/hostdefs/Core
+++ b/roles/Sharingan/files/monit/hostdefs/Core
@@ -1,2 +1,3 @@
-include "/etc/monit.d/checks/system"
+include "/etc/monit.d/checks/watcher-of-watchers"
 include "/etc/monit.d/checks/warrant-canary"
+include "/etc/monit.d/checks/system"
diff --git a/roles/Sharingan/files/suricata/suricata.yaml b/roles/Sharingan/templates/suricata.yaml.j2
similarity index 100%
rename from roles/Sharingan/files/suricata/suricata.yaml
rename to roles/Sharingan/templates/suricata.yaml.j2