How do I monitor Pi-hole with monit?

vmb · March 16, 2018, 7:37pm

I would like to monitor Pi-hole through Monit. I'm already monitoring Domoticz through Monit. Can anyone tell how to do this?

In an older topic @Sjonnie mentions he has a solution. @Sjonnie can you DM me your solution or Monitrsc?

Thx!

mibere · March 17, 2018, 9:20am

Good topic

I think I would do the checks via port monitoring:

pihole-FTL: port 4711 (tcp)
lighttpd: port 80 (tcp)
dnsmasq: port 53 (tcp), port 67 (udp)
dhcpcd: port 68 (udp)

Sjonnie · March 17, 2018, 12:39pm

Hi @vmb

I thought I'd best post a reply here so others might benefit from the terrible solution I used.

I edited the file /etc/monit/monitrc and added a few lines. The more knowledgeable users will create separate files for each service they want to monitor but I did not get that to work.

This is what I added at the end of the file to monitor Domoticz and the (core) components for Pi-hole:

## Added to monitor the Domoticz service
#
  check process domoticz with pidfile /var/run/domoticz.pid
  start program = "/etc/init.d/domoticz.sh start"
  stop  program = "/etc/init.d/domoticz.sh stop"
#
## Added to monitor Pi-Hole
#
  check process pihole-FTL with pidfile /var/run/pihole-FTL.pid
  start program = "/etc/init.d/pihole-FTL start"
  stop  program = "/etc/init.d/pihole-FTL stop"
#
## Check status of DHCP
#
  check process dhcpcd with pidfile /var/run/dhcpcd.pid
  start program = "/etc/init.d/dhcpcd start"
  stop  program = "/etc/init.d/dhcpcd stop"
#
## Check dnsmasq
#
  check process dnsmasq with pidfile /var/run/dnsmasq/dnsmasq.pid
  start program = "/etc/init.d/dnsmasq start"
  stop  program = "/etc/init.d/dnsmasq stop"
#
## Check Pi-Hole web interface
  check process lighttpd with pidfile /var/run/lighttpd.pid
  start program = "/etc/init.d/lighttpd start"
  stop  program = "/etc/init.d/lighttpd stop"
#

HTH

Greetz,

Sjonnie

PS. If other have additions or better solutions please post them in this thread!

vmb · March 17, 2018, 5:19pm

@Sjonnie: thx for your quick answer and solution. Happy with it!

I'm a beginner with Raspbian, so I'm not sure if I can help you very much.
I have one addition to the script to monitor Domoticz. From the Domoticz wiki I pasted these lines. These lines work perfect for me...

check process domoticz with pidfile /var/run/domoticz.pid
start program = "/etc/init.d/domoticz.sh start"
stop program = "/etc/init.d/domoticz.sh stop"
if failed
url http://127.0.0.1:8080/json.htm?type=command&param=getversion
and content = '"status" : "OK"'
for 2 cycles
then restart
if 5 restarts within 5 cycles then exec "/sbin/reboot"

Is it possible to add something like that to the lines regarding Pi-hole? Whats your opinion on this?

Thx/Bedankt!

Sjonnie · March 17, 2018, 5:37pm

Hi @vmb,

I believe the "if failed" statement is not necessary for the services mentioned. It might be needed for the web service but I am not sure. Maybe a more knowledgeable user might enlighten us

Truth be told: Domoticz and Pi-Hole run like a charm on my RPi3. I haven't looked at the logs recently but I think all is well. You might want to play around with the settings in monitrc for a bit and let us know what you have found out.

You're welcome / Blij dat ik je kon helpen

Greetz,

Sjonnie

mibere · March 17, 2018, 5:55pm

You should not rely on pid files, they are not reliable. A daemon/process can crash, without deleting its pid file.
Better to check for the real existence (is it running) of the process or for its (open) ports.

vmb · March 17, 2018, 5:57pm

@Sjonnnie: Will do.
Thanks for you addition (regarding your 'if failed' statement), think your right. I looked in the adminpage of monit, overthere I saw that Monit itself check the state of the process every 30 seconds. So thats good enough for me.

Also agree to what you say. It works like a charm over here. Yesterday evening I installed Pi-hole on my Pi3 with Domoticz/Monit and Pivpn. All these programs work great. No problems and Pi stil running smooth!

Thanks again for your help, will report back later.

vmb · March 17, 2018, 5:59pm

Hi @mibere thanks for your comment.
Do you have any suggestions how to translate these checks of the processes and ports into Monit-language?

mibere · March 17, 2018, 6:54pm

This is my solution for lighttpd:

cd /etc/monit/conf-enabled
sudo nano lighttpd

check host lighttpd with address 127.0.0.1
  start program = "/etc/init.d/lighttpd start" with timeout 20 seconds
  stop  program = "/etc/init.d/lighttpd stop"
  if failed port 80 type tcp with timeout 5 seconds for 2 cycles then restart
  if 4 restarts within 5 cycles then unmonitor

sudo /etc/init.d/monit restart

with these settings in /etc/monit/monitrc

#
  set daemon 120            # check services at 2-minute intervals
    with start delay 60     # optional: delay the first check by 60-seconds (by
#                           # default Monit check immediately after Monit start)

mibere · March 18, 2018, 2:43pm

See this feature request

mibere · March 18, 2018, 3:50pm

Here my other configuration files

check host dhcpcd with address 127.0.0.1
  start program = "/etc/init.d/dhcpcd start" with timeout 20 seconds
  stop  program = "/etc/init.d/dhcpcd stop"
  if failed port 68 type udp with timeout 5 seconds for 2 cycles then restart
  if 4 restarts within 5 cycles then unmonitor

check host dnsmasq with address 127.0.0.1
  start program = "/etc/init.d/dnsmasq start" with timeout 20 seconds
  stop  program = "/etc/init.d/dnsmasq stop"
  if failed port 53 type udp with timeout 5 seconds for 2 cycles then restart
  if 4 restarts within 5 cycles then unmonitor

check host pihole-FTL with address 127.0.0.1
  start program = "/etc/init.d/pihole-FTL start" with timeout 20 seconds
  stop  program = "/etc/init.d/pihole-FTL stop"
  if failed port 4711 type tcp with timeout 5 seconds for 2 cycles then restart
  if 4 restarts within 5 cycles then unmonitor

vmb · March 18, 2018, 6:35pm

Great, thanks a lot!

deHakkelaar · March 20, 2018, 1:48pm

Below one is missing UDP as initially, the clients will talk UDP first:

mibere:

check host dnsmasq with address 127.0.0.1
  start program = "/etc/init.d/dnsmasq start" with timeout 20 seconds
  stop  program = "/etc/init.d/dnsmasq stop"
  if failed port 53 type tcp with timeout 5 seconds for 2 cycles then restart
  if 4 restarts within 5 cycles then unmonitor

And for below one, the proper port is 67 UDP (server) and not 68 UDP (client):

mibere:

check host dhcpcd with address 127.0.0.1
  start program = "/etc/init.d/dhcpcd start" with timeout 20 seconds
  stop  program = "/etc/init.d/dhcpcd stop"
  if failed port 68 type udp with timeout 5 seconds for 2 cycles then restart
  if 4 restarts within 5 cycles then unmonitor

All those heuristics only test the IP stack.
Thats ok but not a real test to check if the services/daemons are still working/responding as should.
Proper heuristics for lighttpd would be to access a web file.
Proper heuristics for dnsmasq would be to do a DNS query.

Some examples here:

mibere · March 20, 2018, 4:52pm

The dhcpcd on my system is just listening on UDP 0.0.0.0:68.
0.0.0.0:67 UDP is dnsmasq.

deHakkelaar · March 20, 2018, 8:41pm

dnsmasq does the DHCP server bit for Pi-hole.
dhcpcd does the DHCP client bit (suppose Pi-hole were configured to acquire IP through DHCP).

netstat -nltup

And this:

$ man dnsmasq
DNSMASQ(8)                                               System Manager's Manual                                              DNSMASQ(8)

NAME
       dnsmasq - A lightweight DHCP and caching DNS server.

And:

$ man dhcpcd
DHCPCD(8)                                              BSD System Manager's Manual                                             DHCPCD(8)

NAME
     dhcpcd — a DHCP client

system · April 10, 2018, 8:42pm

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.