nemo/ansible-base
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Start working on icinga2 server

Browse source
This commit is contained in:
Nemo 2020-10-02 22:35:00 +02:00
parent 3c526c3fa8
commit 7e1caaa2f4
16 changed files with 407 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
playbook_icinga2_deploy.yml Normal file
View file

@ -0,0 +1,5 @@
---
- hosts: icinga2_server
roles:
- icinga2_server

43
roles/icinga2_server/README.md Normal file
View file

@ -0,0 +1,43 @@
Ansible Role: icinga2_server
=========
This role deploys as208585 webfiles on a GNU/Linux server.
Requirements
------------
None.
Role Variables
--------------
All variables and default values are defined in `defaults/main.yml` :
# Files location for as208585.net website
website_location: "/var/www/html/as208585.net"
# Web user
website_user: "www-data"
website_group: "www-data"
Dependencies
------------
None.
Example Playbook
----------------
- hosts: web_server
roles:
- icinga2_server
License
-------
BSD
Author Information
------------------
This role was created in 2020 by Nemo.

73
roles/icinga2_server/defaults/main.yml Normal file
View file

@ -0,0 +1,73 @@
---
icinga2_server_apt_repository: "deb http://packages.icinga.com/{{ ansible_distribution|lower }} icinga-{{ ansible_distribution_release }} main"
icinga2_server_apt_key: "http://packages.icinga.com/icinga.key"
icinga2_server_icinga2_package: icinga2
icinga2_server_monitoring_plugins_package: monitoring-plugins
icinga2_server_icinga2_service: icinga2
icinga2_server_mariadb_server_package: mariadb-server
icinga2_server_mariadb_client_package: mariadb-client
icinga2_server_mariadb_python_package: python-mysqldb
icinga2_server_icinga2_ido_mysql_package: icinga2-ido-mysql
icinga2_server_icingaweb2_package: icingaweb2
icinga2_server_icingacli_package: icingacli
icinga2_server_apache_httpd_package: apache2
icinga2_server_apache_httpd_service: apache2
icinga2_server_user: nagios
icinga2_server_group: nagios
icinga2_server_mariadb_service: mariadb
icinga2_server_mariadb_root_password: needToBeChanged
icinga2_server_mariadb_bind_address: '127.0.0.1'
icinga2_server_mariadb_performance_schema: on
icinga2_server_mariadb_skip_name_resolve: 1
icinga2_server_mariadb_max_connections: 100
icinga2_server_mariadb_connect_timeout: 2
icinga2_server_mariadb_max_allowed_packet: 10M
icinga2_server_mariadb_innodb_buffer_pool_instances: 1
icinga2_server_mariadb_innodb_buffer_pool_size: 100M
icinga2_server_mariadb_innodb_log_file_size: 25M
icinga2_server_mariadb_table_cache: 1000
icinga2_server_mariadb_tmp_table_size: 50M
icinga2_server_mariadb_max_heap_table_size: 50M
icinga2_server_mariadb_query_cache_limit: 256K
icinga2_server_mariadb_query_cache_type: 0
icinga2_server_mariadb_query_cache_size: 0
icinga2_server_mariadb_query_cache_min_res_unit: 2k
icinga2_server_mariadb_join_buffer_size: 2M
icinga2_server_mariadb_sort_buffer_size: 256K
icinga2_server_mariadb_read_buffer_size: 128K
icinga2_server_mariadb_read_rnd_buffer_size: 4M
icinga2_server_mariadb_key_buffer: 500M
icinga2_server_mariadb_slow_query_log: true
icinga2_server_mariadb_long_query_time: 5
icinga2_server_mariadb_log_slow_admin_statements: true
icinga2_server_mariadb_log_queries_not_using_indexes: true
icinga2_server_mariadb_databases:
- icinga
- icingaweb2
icinga2_server_mariadb_users:
icinga_user:
name: "icinga_user"
password: "needToBeChanged"
priv: "icinga.*:ALL"
icingaweb2_user:
name: "icingaweb2_user"
password: "needToBeChanged"
priv: "icinga.*:ALL"
icinga2_server_mariadb_icinga_schema_location: "/usr/share/icinga2-ido-mysql/schema/mysql.sql"
icinga2_server_api_users:
- username: root
password: 'needToBeChanged'
permissions: '*'

12
roles/icinga2_server/handlers/main.yml Normal file
View file

@ -0,0 +1,12 @@
---
- name: package repository updated
apt:
update_cache: yes
when: ansible_os_family == 'Debian'
- name: "restart icinga2"
service:
name: "{{ icinga2_server_icinga2_service }}"
enabled: yes
state: restarted

38
roles/icinga2_server/tasks/configure_icinga2_api_feature.yml Normal file
View file

@ -0,0 +1,38 @@
---
- name: Apache HTTPD installed
package:
name: "{{ icinga2_server_apache_httpd_package }}"
state: present
- name: Apache HTTPD started and enabled
service:
name: '{{ icinga2_server_apache_httpd_service }}'
enabled: true
state: started
- name: api-users.conf file installed
template:
src: api-users.conf.j2
dest: /etc/icinga2/conf.d/api-users.conf
owner: "{{ icinga2_server_user }}"
group: "{{ icinga2_server_group }}"
mode: 0640
notify: restart icinga2
register: apiusers
no_log: True
- name: execute icinga2 api setup command
command: icinga2 api setup
args:
creates: /var/lib/icinga2/ca/ca.crt
notify: restart icinga2
when: apiusers.changed
- name: Icinga2 api feature enabled
icinga2_feature:
name: api
state: present
notify: restart icinga2
- name: Flush handlers
meta: flush_handlers

17
roles/icinga2_server/tasks/install_icinga2.yml Normal file
View file

@ -0,0 +1,17 @@
---
- name: Icinga2 installed
package:
name: "{{ icinga2_server_icinga2_package }}"
state: present
- name: Monitoring-plugins installed
package:
name: "{{ icinga2_server_monitoring_plugins_package }}"
state: present
- name: Icinga2 started and enabled
service:
name: '{{ icinga2_server_icinga2_service }}'
enabled: true
state: started

10
roles/icinga2_server/tasks/install_icingaweb2.yml Normal file
View file

@ -0,0 +1,10 @@
---
- name: Icingaweb2 installed
package:
name: "{{ icinga2_server_icingaweb2_package }}"
state: present
- name: Icingacli installed
package:
name: "{{ icinga2_server_icingacli_package }}"
state: present

22
roles/icinga2_server/tasks/install_ido.yml Normal file
View file

@ -0,0 +1,22 @@
---
- name: Icinga2 IDO MySQL module installed
package:
name: "{{ icinga2_server_icinga2_ido_mysql_package }}"
state: present
register: idoinstalled
- name: Icinga DB schema imported
mysql_db:
state: import
name: icinga
target: "{{ icinga2_server_mariadb_icinga_schema_location }}"
when: idoinstalled.changed
- name: Icinga2 ido-mysql feature enabled
icinga2_feature:
name: ido-mysql
state: present
notify: restart icinga2
- name: Flush handlers
meta: flush_handlers

76
roles/icinga2_server/tasks/install_mariadb.yml Normal file
View file

@ -0,0 +1,76 @@
---
- name: MariaDB server installed
package:
name: "{{ icinga2_server_mariadb_server_package }}"
state: present
- name: MariaDB client installed
package:
name: "{{ icinga2_server_mariadb_client_package }}"
state: present
- name: MariaDB Python installed
package:
name: "{{ icinga2_server_mariadb_python_package }}"
state: present
- name: MariaDB started and enabled
service:
name: '{{ icinga2_server_mariadb_service }}'
enabled: true
state: started
- name: ~/.my.cnf configured for root user
template:
src: my.cnf.j2
dest: /root/.my.cnf
owner: root
group: root
mode: 0600
no_log: True
- name: root password updated
mysql_user:
name: root
host: "{{ item }}"
password: "{{ icinga2_server_mariadb_root_password }}"
state: present
with_items:
- 127.0.0.1
- ::1
- localhost
no_log: True
- name: test databased deleted
mysql_db:
name: test
state: absent
- name: anonymous users deleted
mysql_user:
name: ''
host: "{{ item }}"
state: absent
with_items:
- localhost
- 127.0.0.1
- ::1
no_log: True
- name: databases created
mysql_db:
name: "{{ item }}"
state: present
with_items:
- "{{ icinga2_server_mariadb_databases }}"
- name: Icinga user created
mysql_user:
name: "{{ item.value.name }}"
password: "{{ item.value.password }}"
priv: "{{ item.value.priv }}"
state: present
with_dict: "{{ icinga2_server_mariadb_users }}"
no_log: True

10
roles/icinga2_server/tasks/main.yml Normal file
View file

@ -0,0 +1,10 @@
---
- name: Include OS-specific variables.
include_vars: "{{ ansible_os_family }}.yml"
#- import_tasks: repository.yml
#- import_tasks: install_icinga2.yml
- import_tasks: install_mariadb.yml
#- import_tasks: install_ido.yml
#- import_tasks: configure_icinga2_api_feature.yml
#- import_tasks: install_icingaweb2.yml

14
roles/icinga2_server/tasks/repository.yml Normal file
View file

@ -0,0 +1,14 @@
---
- name: Icinga apt key installed
apt_key:
url: '{{ icinga2_server_apt_key }}'
state: present
when: ansible_os_family == 'Debian'
- name: Icinga APT repository configured
apt_repository:
repo: '{{ icinga2_server_apt_repository }}'
state: present
when: ansible_os_family == 'Debian'
notify: package repository updated

23
roles/icinga2_server/templates/api-users.conf.j2 Normal file
View file

@ -0,0 +1,23 @@
/**
* {{ ansible_managed }}
*/
{% for user in icinga2_server_api_users %}
object ApiUser "{{ user.username }}" {
password = "{{ user.password }}"
{% if user.permissions is string %}
permissions = [ "{{ user.permissions }}" ]
{% else %}
permissions = [
{% for permission in user.permissions %}
{
permission = "{{ permission.name }}"
{% if permission.filter is defined %}
filter = {{ '{{' }} {{ permission.filter }} {{ '}}' }}
{% endif %}
},
{% endfor %}
]
{% endif %}
}
{% endfor %}

5
roles/icinga2_server/templates/my.cnf.j2 Normal file
View file

@ -0,0 +1,5 @@
# {{ ansible_managed }}
[client]
user=root
password={{ icinga2_server_mariadb_root_password }}

38
roles/icinga2_server/templates/settings.cnf.j2 Normal file
View file

@ -0,0 +1,38 @@
# {{ ansible_managed }}
[client]
user = root
password = {{ icinga2_server_mariadb_root_password }}
[mysqld]
bind_address = {{ icinga2_server_mariadb_bind_address }}
performance_schema = {{ icinga2_server_mariadb_performance_schema }}
skip-name-resolve = {{ icinga2_server_mariadb_skip_name_resolve }}
max_connections = {{ icinga2_server_mariadb_max_connections }}
connect_timeout = {{ icinga2_server_mariadb_connect_timeout }}
max_allowed_packet = {{ icinga2_server_mariadb_max_allowed_packet }}
innodb_buffer_pool_instances = {{ icinga2_server_mariadb_innodb_buffer_pool_instances }}
innodb_buffer_pool_size = {{ icinga2_server_mariadb_innodb_buffer_pool_size }}
innodb_log_file_size = {{ icinga2_server_mariadb_innodb_log_file_size }}
table_cache = {{ icinga2_server_mariadb_table_cache }}
tmp_table_size = {{ icinga2_server_mariadb_tmp_table_size }}
max_heap_table_size = {{ icinga2_server_mariadb_max_heap_table_size }}
query_cache_type = {{ icinga2_server_mariadb_query_cache_type }}
query_cache_limit = {{ icinga2_server_mariadb_query_cache_limit }}
query_cache_size = {{ icinga2_server_mariadb_query_cache_size }}
query_cache_min_res_unit = {{ icinga2_server_mariadb_query_cache_min_res_unit }}
join_buffer_size = {{ icinga2_server_mariadb_join_buffer_size }}
sort_buffer_size = {{ icinga2_server_mariadb_sort_buffer_size }}
read_buffer_size = {{ icinga2_server_mariadb_read_buffer_size }}
read_rnd_buffer_size = {{ icinga2_server_mariadb_read_rnd_buffer_size }}
key_buffer = {{ icinga2_server_mariadb_key_buffer }}
slow_query_log = {{ icinga2_server_mariadb_slow_query_log }}
long_query_time = {{ icinga2_server_mariadb_long_query_time }}
log_slow_admin_statements = {{ icinga2_server_mariadb_log_slow_admin_statements }}
log_queries_not_using_indexes = {{ icinga2_server_mariadb_log_queries_not_using_indexes }}

17
roles/icinga2_server/vars/Debian.yml Normal file
View file

@ -0,0 +1,17 @@
---
icinga2_server_icinga2_package: icinga2
icinga2_server_monitoring_plugins_package: monitoring-plugins
icinga2_server_icinga2_service: icinga2
icinga2_server_mariadb_server_package: mariadb-server
icinga2_server_mariadb_client_package: mariadb-client
icinga2_server_mariadb_service: mariadb
icinga2_server_mariadb_python_package: python-mysqldb
icinga2_server_icinga2_ido_mysql_package: icinga2-ido-mysql
icinga2_server_mariadb_icinga_schema_location: "/usr/share/icinga2-ido-mysql/schema/mysql.sql"
icinga2_server_icingaweb2_package: icingaweb2
icinga2_server_icingacli_package: icingacli
icinga2_server_apache_httpd_package: apache2
icinga2_server_apache_httpd_service: apache2
icinga2_server_user: nagios
icinga2_server_group: nagios

4
roles/web_as208585.net/README.md
View file

@ -15,6 +15,10 @@ All variables and default values are defined in `defaults/main.yml` :
# Files location for as208585.net website # Files location for as208585.net website
website_location: "/var/www/html/as208585.net" website_location: "/var/www/html/as208585.net"
# Web user
website_user: "www-data"
website_group: "www-data"
Dependencies Dependencies
------------ ------------