From 7c77cba51e0a8164b0ad94fc7587bbe97db73de4 Mon Sep 17 00:00:00 2001 From: Nemo Date: Fri, 2 Oct 2020 23:06:01 +0200 Subject: [PATCH] Update icinga2 role --- .../tasks/configure_icingaweb2.yml | 63 +++++++++++++++++++ roles/icinga2_server/tasks/main.yml | 3 +- .../templates/authentication.ini.j2 | 5 ++ roles/icinga2_server/templates/config.ini.j2 | 19 ++++++ roles/icinga2_server/templates/groups.ini.j2 | 5 ++ .../templates/modules_backends.ini.j2 | 5 ++ .../modules_commandtransports.ini.j2 | 5 ++ .../templates/modules_config.ini.j2 | 4 ++ .../icinga2_server/templates/resources.ini.j2 | 23 +++++++ roles/icinga2_server/templates/roles.ini.j2 | 6 ++ 10 files changed, 137 insertions(+), 1 deletion(-) create mode 100644 roles/icinga2_server/tasks/configure_icingaweb2.yml create mode 100644 roles/icinga2_server/templates/authentication.ini.j2 create mode 100644 roles/icinga2_server/templates/config.ini.j2 create mode 100644 roles/icinga2_server/templates/groups.ini.j2 create mode 100644 roles/icinga2_server/templates/modules_backends.ini.j2 create mode 100644 roles/icinga2_server/templates/modules_commandtransports.ini.j2 create mode 100644 roles/icinga2_server/templates/modules_config.ini.j2 create mode 100644 roles/icinga2_server/templates/resources.ini.j2 create mode 100644 roles/icinga2_server/templates/roles.ini.j2 diff --git a/roles/icinga2_server/tasks/configure_icingaweb2.yml b/roles/icinga2_server/tasks/configure_icingaweb2.yml new file mode 100644 index 0000000..1b5c02b --- /dev/null +++ b/roles/icinga2_server/tasks/configure_icingaweb2.yml @@ -0,0 +1,63 @@ +--- +- name: Icingaweb2 config file deployed + template: + src: '{{ item }}.j2' + dest: '/etc/icingaweb2/{{ item }}' + owner: root + group: icingaweb2 + mode: 0660 + loop: + - config.ini + - resources.ini + - roles.ini + - groups.ini + - authentication.ini + no_log: True + +- name: icingaweb2 modules directory created + file: + name: /etc/icingaweb2/modules/monitoring + state: directory + owner: root + group: icingaweb2 + mode: 0750 + +- name: icingaweb2 enabledModules directory created + file: + name: /etc/icingaweb2/enabledModules + state: directory + owner: root + group: icingaweb2 + mode: 0750 + +- name: icingaweb2 monitoring module enabled + file: + src: /usr/share/icingaweb2/modules/monitoring + dest: /etc/icingaweb2/enabledModules/monitoring + state: link + mode: 0750 + +- name: icingaweb2 monitoring module configured + template: + src: modules_config.ini.j2 + dest: /etc/icingaweb2/modules/monitoring/config.ini + owner: root + group: icingaweb2 + mode: 0660 + +- name: icingaweb2 monitoring module commandtransport configured + template: + src: modules_commandtransports.ini.j2 + dest: /etc/icingaweb2/modules/monitoring/commandtransports.ini + owner: root + group: icingaweb2 + mode: 0660 + +- name: icingaweb2 monitoring module backends configured + template: + src: modules_backends.ini.j2 + dest: /etc/icingaweb2/modules/monitoring/backends.ini + owner: root + group: icingaweb2 + mode: 0660 + diff --git a/roles/icinga2_server/tasks/main.yml b/roles/icinga2_server/tasks/main.yml index b0e4815..9b8a565 100644 --- a/roles/icinga2_server/tasks/main.yml +++ b/roles/icinga2_server/tasks/main.yml @@ -4,7 +4,8 @@ #- import_tasks: repository.yml #- import_tasks: install_icinga2.yml -- import_tasks: install_mariadb.yml +#- import_tasks: install_mariadb.yml #- import_tasks: install_ido.yml #- import_tasks: configure_icinga2_api_feature.yml #- import_tasks: install_icingaweb2.yml +- import_tasks: configure_icingaweb2.yml diff --git a/roles/icinga2_server/templates/authentication.ini.j2 b/roles/icinga2_server/templates/authentication.ini.j2 new file mode 100644 index 0000000..24185f9 --- /dev/null +++ b/roles/icinga2_server/templates/authentication.ini.j2 @@ -0,0 +1,5 @@ +;{{ ansible_managed }} + +[icingaweb2] +backend = "db" +resource = "icingaweb_db" diff --git a/roles/icinga2_server/templates/config.ini.j2 b/roles/icinga2_server/templates/config.ini.j2 new file mode 100644 index 0000000..63b9e45 --- /dev/null +++ b/roles/icinga2_server/templates/config.ini.j2 @@ -0,0 +1,19 @@ +;{{ ansible_managed }} + +[global] +show_stacktraces = "1" +show_application_state_messages = "1" +config_backend = "db" +config_resource = "icingaweb_db" +module_path = "/usr/share/icingaweb2/modules" + +[logging] +log = "syslog" +level = "ERROR" +application = "icingaweb2" +facility = "user" + +[themes] + +[authentication] + diff --git a/roles/icinga2_server/templates/groups.ini.j2 b/roles/icinga2_server/templates/groups.ini.j2 new file mode 100644 index 0000000..24185f9 --- /dev/null +++ b/roles/icinga2_server/templates/groups.ini.j2 @@ -0,0 +1,5 @@ +;{{ ansible_managed }} + +[icingaweb2] +backend = "db" +resource = "icingaweb_db" diff --git a/roles/icinga2_server/templates/modules_backends.ini.j2 b/roles/icinga2_server/templates/modules_backends.ini.j2 new file mode 100644 index 0000000..b78583a --- /dev/null +++ b/roles/icinga2_server/templates/modules_backends.ini.j2 @@ -0,0 +1,5 @@ +;{{ ansible_managed }} + +[icinga] +type = "ido" +resource = "icinga_ido" diff --git a/roles/icinga2_server/templates/modules_commandtransports.ini.j2 b/roles/icinga2_server/templates/modules_commandtransports.ini.j2 new file mode 100644 index 0000000..6990451 --- /dev/null +++ b/roles/icinga2_server/templates/modules_commandtransports.ini.j2 @@ -0,0 +1,5 @@ +;{{ ansible_managed }} + +[icinga2] +transport = "local" +path = "/var/run/icinga2/cmd/icinga2.cmd" diff --git a/roles/icinga2_server/templates/modules_config.ini.j2 b/roles/icinga2_server/templates/modules_config.ini.j2 new file mode 100644 index 0000000..916b85f --- /dev/null +++ b/roles/icinga2_server/templates/modules_config.ini.j2 @@ -0,0 +1,4 @@ +;{{ ansible_managed }} + +[security] +protected_customvars = "*pw*,*pass*,community" diff --git a/roles/icinga2_server/templates/resources.ini.j2 b/roles/icinga2_server/templates/resources.ini.j2 new file mode 100644 index 0000000..08eb31d --- /dev/null +++ b/roles/icinga2_server/templates/resources.ini.j2 @@ -0,0 +1,23 @@ +;{{ ansible_managed }} + +[icingaweb_db] +type = "db" +db = "mysql" +host = "localhost" +port = "3306" +dbname = "icingaweb2" +username = "icingaweb2_user" +password = "{{ vault_icinga2_server_mariadb_users_icingaweb2_password }}" +charset = "UTF8" +use_ssl = "0" + +[icinga_ido] +type = "db" +db = "mysql" +host = "localhost" +port = "3306" +dbname = "icinga" +username = "icinga_user" +password = "{{ vault_icinga2_server_mariadb_users_icinga_password }}" +charset = "UTF8" +use_ssl = "0" diff --git a/roles/icinga2_server/templates/roles.ini.j2 b/roles/icinga2_server/templates/roles.ini.j2 new file mode 100644 index 0000000..f789146 --- /dev/null +++ b/roles/icinga2_server/templates/roles.ini.j2 @@ -0,0 +1,6 @@ +;{{ ansible_managed }} + +[Administrators] +users = "john" +permissions = "*" +groups = "Administrators"