icinga2: Work around different CheckCommand definitions for check_ssl_cert.

  Old Icinga2 doesn't ship with check command for ssl_cert check
  and new version have a different arguments definitions, so we
  hack this by adding our own CheckCommand.

Signed-off-by: Maximilian Wilhelm <max@sdn.clinic>

icinga2/commands.d/ssl_cert.conf

@@ -1,30 +1,19 @@
 #
 # Old Icinga2 doesn't ship with check command for ssl_cert check
+# and new version have a different arguments definitions, so we
+# hack this by adding our own CheckCommand \o/
 #
 
-{%- if grains['oscodename'] == 'jessie' or grains['oscodename'] == 'stretch' %}
-object CheckCommand "ssl_cert" {
+object CheckCommand "ssl_host_cert" {
 	import "plugin-check-command"
 	command = [ PluginDir + "/check_ssl_cert" ]
 
 	arguments = {
-		"-H" = "$ssl_cert_H$"
-		"-A" = "$ssl_cert_A$"
-		"-C" = "$ssl_cert_C$"
-		"-e" = "$ssl_cert_e$"
-		"-f" = "$ssl_cert_f$"
-		"-i" = "$ssl_cert_i$"
-		"-n" = "$ssl_cert_n$"
-		"-N" = "$ssl_cert_N$"
-		"-o" = "$ssl_cert_o$"
-		"-p" = "$ssl_cert_p$"
-		"-P" = "$ssl_cert_P$"
-		"-s" = "$ssl_cert_s$"
-		"-S" = "$ssl_cert_S$"
-		"-r" = "$ssl_cert_r$"
-		"-t" = "$ssl_cert_t$"
-		"-w" = "$ssl_cert_w$"
-		"-d" = "$ssl_cert_d$"
+		"-H" = "$ssl_cert_host$"
+		"-f" = "$ssl_cert_file$"
+		"-w" = "$ssl_cert_warn$"
+		"-c" = "$ssl_cert_crit$"
 	}
+
+	vars.ssl_cert_host = "localhost"
 }
-{%- endif %}

icinga2/services/ssl_cert.conf

@@ -0,0 +1,14 @@
+apply Service "SSL Host Cert" {
+	import "generic-service"
+
+	check_command = "ssl_host_cert"
+	command_endpoint = host.name
+
+	check_interval = 1d
+
+	vars.ssl_cert_file = "/etc/icinga2/pki/ffhohost.cert.pem"
+	vars.ssl_cert_warn = 14
+	vars.ssl_cert_critical = 7
+
+	assign where host.address && host.vars.os == "Linux"
+}