From 9fc4b7d6821b676671375eec065763f5674659eb Mon Sep 17 00:00:00 2001 From: Nemo Date: Sat, 3 Oct 2020 15:32:02 +0200 Subject: [PATCH] Update icinga2 server role --- roles/icinga2_server/defaults/main.yml | 3 ++ .../tasks/postconfigure_icinga2.yml | 49 +++++++++++++++++++ .../templates/conf.d/command-custom.conf.j2 | 2 +- .../templates/conf.d/services.conf.j2 | 14 +++--- 4 files changed, 60 insertions(+), 8 deletions(-) diff --git a/roles/icinga2_server/defaults/main.yml b/roles/icinga2_server/defaults/main.yml index d368536..b994ba6 100644 --- a/roles/icinga2_server/defaults/main.yml +++ b/roles/icinga2_server/defaults/main.yml @@ -91,3 +91,6 @@ icinga2_server_ticket_salt: "" icinga2_server_custom_hostgroup: wirebrass icinga2_server_nagios_plugins_location: "/usr/lib/nagios/plugins/" +icinga2_server_icinga_ssh_pubkey: "" +icinga2_server_icinga_ssh_privkey: "" + diff --git a/roles/icinga2_server/tasks/postconfigure_icinga2.yml b/roles/icinga2_server/tasks/postconfigure_icinga2.yml index 746ba58..529ae0b 100644 --- a/roles/icinga2_server/tasks/postconfigure_icinga2.yml +++ b/roles/icinga2_server/tasks/postconfigure_icinga2.yml @@ -38,3 +38,52 @@ - check_rdns notify: restart icinga2 +- name: Nagios SSH folder created + file: + path: "/home/{{ icinga2_server_user }}/.ssh" + state: directory + owner: "{{ icinga2_server_user }}" + group: "{{ icinga2_server_group }}" + mode: '0755' + +- name: Private key to access supervised servers + copy: + dest: "/home/{{ icinga2_server_user }}/.ssh/id_rsa" + owner: "{{ icinga2_server_user }}" + group: "{{ icinga2_server_group }}" + mode: '0600' + content: "{{ icinga2_server_icinga_ssh_privkey }}" + no_log: True + +- name: Public key to access supervised servers + copy: + dest: "/home/{{ icinga2_server_user }}/.ssh/id_rsa.pub" + owner: "{{ icinga2_server_user }}" + group: "{{ icinga2_server_group }}" + mode: '0644' + content: "{{ icinga2_server_icinga_ssh_pubkey + '\n' }}" + +- name: Icinga2 config hosts folder created + file: + path: "/etc/icinga2/conf.d/hosts" + state: directory + owner: "{{ icinga2_server_user }}" + group: "{{ icinga2_server_group }}" + mode: '0755' + +- name: Python DNS module server installed + package: + name: "python-dns" + state: present + +- name: Python dnspython module server installed + package: + name: "python-dnspython" + state: present + +- name: Icingaweb2 monitoring module folder permissions configured + file: + path: "/usr/share/icingaweb2/modules/monitoring" + state: directory + mode: '0755' + diff --git a/roles/icinga2_server/templates/conf.d/command-custom.conf.j2 b/roles/icinga2_server/templates/conf.d/command-custom.conf.j2 index 6e1ee34..c7979bb 100644 --- a/roles/icinga2_server/templates/conf.d/command-custom.conf.j2 +++ b/roles/icinga2_server/templates/conf.d/command-custom.conf.j2 @@ -110,7 +110,7 @@ object CheckCommand "by_ssh_wirebrass" { vars.by_ssh_custom_plugins_path = "{{ icinga2_server_nagios_plugins_location }}" vars.by_ssh_logname = "nagios" - vars.by_ssh_identity = "/var/lib/icinga2/.ssh/id_rsa" + vars.by_ssh_identity = "/home/nagios/.ssh/id_rsa" vars.by_ssh_options = [ "ControlMaster=auto","ControlPath=/var/run/icinga2/$host.name$","ControlPersist=10m"] } diff --git a/roles/icinga2_server/templates/conf.d/services.conf.j2 b/roles/icinga2_server/templates/conf.d/services.conf.j2 index 82a9448..454f8bd 100644 --- a/roles/icinga2_server/templates/conf.d/services.conf.j2 +++ b/roles/icinga2_server/templates/conf.d/services.conf.j2 @@ -259,13 +259,13 @@ apply Service "procs" { assign where host.name == NodeName } -apply Service "swap" { - import "generic-service" - - check_command = "swap" - - assign where host.name == NodeName -} +#apply Service "swap" { +# import "generic-service" +# +# check_command = "swap" +# +# assign where host.name == NodeName +#} apply Service "users" { import "generic-service"