First you need to install the posttls-finger command. This command is included in postfix versions >=2.11. On Debian you may just rebuild the packages from unstable for your distribution.
Then download the check_posttls_finger script and make it executable:
curl -o /usr/local/bin/check_delv https://raw.githubusercontent.com/benningm/nagios-plugins/master/check_posttls_finger
chmod 755 /usr/local/bin/check_posttls_finger
Add a command definition to icinga2 by creating /etc/icinga2/conf.d/check_posttls_finger.conf with the following content:
object CheckCommand "posttls_finger" {
import "plugin-check-command"
command = [ "/usr/local/bin/check_posttls_finger" ]
arguments = {
"--domain" = "$dns_lookup$"
"--wrap-resolvconf" = {
set_if = "$dns_wrap_resolvconf$"
}
}
vars.dns_wrap_resolvconf = false
}
Also add an service definition to /etc/icinga2/conf.d/services.conf:
apply Service "dane-" for (zone => config in host.vars.zones) {
import "generic-service"
check_command = "posttls_finger"
check_interval = 2h
vars += config
assign where host.vars.zones
}
Now configure the domains your want to monitor in your host definitions. For example to monitor markusbenning.de:
vars.zones["markusbenning.de"] = {
dns_lookup = "markusbenning.de"
}