Puppet: Icinga SSH client module

Enable Pluginsync on client
sed -i '/\[main\]/a\pluginsync=true\' /etc/puppet/puppet.conf

create Nullmailer module
http://www.panticz.de/Puppet-Nullmailer-module

create module structure
mkdir -p /etc/puppet/modules/icinga_ssh_client/manifests
mkdir -p /etc/puppet/modules/icinga_ssh_client/files

download module definiction
wget -q https://raw.githubusercontent.com/panticz/puppet/master/modules/icinga_ssh_client/init.pp -O /etc/puppet/modules/icinga_ssh_client/manifests/init.pp

class icinga_ssh_client {
    package { "nagios-plugins-basic":
        ensure => installed,
    }

    # http://raw.github.com/justintime/nagios-plugins/master/check_mem/check_mem.pl
    file { "/usr/lib/nagios/plugins/check_mem":
        mode => 755,
        owner => root,
        group => root,
        require => Package['nagios-plugins-basic'],
        source => "puppet:///modules/icinga_ssh_client/check_mem",
    }

    # apt-get install -y nagios-plugins-contrib --no-install-recommends
    file { "/usr/lib/nagios/plugins/check_raid":
        mode => 755,
        owner => root,
        group => root,
        require => Package['nagios-plugins-basic'],
        source => "puppet:///modules/icinga_ssh_client/check_raid",
    }

    # TODO: relative path to id_rsa.pub
    # extract data from public key file (e.g. /var/lib/nagios/.ssh/id_rsa.pub)
    $ssh = split(file("/etc/puppet/modules/icinga_ssh_client/files/id_rsa.pub"), ' ')
    $ssh_type = values_at($ssh, 0)
    $ssh_key = values_at($ssh, 1)
    $ssh_id = values_at($ssh, 2)
    ssh_authorized_key { $ssh_id:
        ensure => present,
        user => root,
        type => $ssh_type,
        key => $ssh_key,
    }

    # alternatively, read key from file and remove line break
    # ssh_authorized_key { 'nagios@icinga':
    #    ensure => present,
    #    user => root,
    #    type => ssh-rsa,
    #    key => chomp(file("/etc/puppet/modules/icinga_ssh_client/files/id_rsa.pub")),
    # }
}

add include to your client in /etc/puppet/manifests/site.pp
node "client1.local" inherits default {
...
include icinga_ssh_client
include nullmailer
...
}

Example: /etc/puppet/modules/icinga_ssh_client/files/id_rsa.pub
ssh-rsa ADAAB3NzaC3yc2EAAAADAEulgMUFyT9y2DaZYXHUdLWvkE9TKE+OVO8jYhmGG2BMmL5Ad3D+flpTMQfpp7EVJg2vTBSiVG4kCVicvb nagios@icinga

# (auto) create new host / object on icinga
cat /etc/icinga/objects/puppet.cfg
define host {
host_name puppet
address 192.168.1.173
use generic-host
hostgroups debian
}

TODO
# (auto) remove old hosts from /var/lib/nagios/.ssh/known_hosts on icinga
# (auto) import new host to /var/lib/nagios/.ssh/known_hosts on icinga

# add raid check
#apt-get install -y hddtemp
#wget -q "http://exchange.nagios.org/components/com_mtree/attachment.php?link_id=341&cf_id=24" -O /usr/lib/nagios/plugins/check_hddtemp
#chmod go+x /usr/lib/nagios/plugins/check_hddtemp

Links
http://serverfault.com/questions/411245/puppetlabs-file-line-type-not-working
http://serverfault.com/questions/238708/adding-lines-to-etc-profile-with-puppet