From a77c779a84eae029c119d05bd587aeba8773e587 Mon Sep 17 00:00:00 2001 From: Nemo Date: Sat, 11 Jul 2020 00:11:21 +0200 Subject: [PATCH] Update Munin server role and all related resources --- group_vars/all/vault.yml.template | 6 +-- group_vars/munin_server.yml.template | 4 +- playbook_munin_server_deploy.yml | 4 +- roles/munin_async_server/README.md | 44 ----------------- roles/munin_async_server/defaults/main.yml | 11 ----- roles/munin_async_server/tasks/main.yml | 6 --- roles/munin_async_server/tasks/package.yml | 5 -- roles/munin_async_server/tasks/service.yml | 6 --- roles/munin_async_server/tasks/user.yml | 20 -------- roles/munin_server/README.md | 48 +++++++++++++++++++ roles/munin_server/defaults/main.yml | 13 +++++ .../meta/main.yml | 3 +- roles/munin_server/tasks/main.yml | 4 ++ roles/munin_server/tasks/user.yml | 22 +++++++++ 14 files changed, 96 insertions(+), 100 deletions(-) delete mode 100644 roles/munin_async_server/README.md delete mode 100644 roles/munin_async_server/defaults/main.yml delete mode 100644 roles/munin_async_server/tasks/main.yml delete mode 100644 roles/munin_async_server/tasks/package.yml delete mode 100644 roles/munin_async_server/tasks/service.yml delete mode 100644 roles/munin_async_server/tasks/user.yml create mode 100644 roles/munin_server/README.md create mode 100644 roles/munin_server/defaults/main.yml rename roles/{munin_async_server => munin_server}/meta/main.yml (81%) create mode 100644 roles/munin_server/tasks/main.yml create mode 100644 roles/munin_server/tasks/user.yml diff --git a/group_vars/all/vault.yml.template b/group_vars/all/vault.yml.template index 78beddd..7a81c8c 100644 --- a/group_vars/all/vault.yml.template +++ b/group_vars/all/vault.yml.template @@ -7,9 +7,9 @@ vault_public_key_: | vault_munin_admin_user: munin vault_munin_admin_password: munin -vault_private_key_munin_async_user_host: | - SSH_PRIV_KEY_OF_munin_async_user_USER_ON_USER_HOST -vault_public_key_munin_async_user_host: SSH_PUB_KEY_OF_munin_async_user_USER_ON_USER_HOST +vault_private_key_munin_user_host: | + SSH_PRIV_KEY_OF_munin_user_USER_ON_USER_HOST +vault_public_key_munin_user_host: SSH_PUB_KEY_OF_munin_user_USER_ON_USER_HOST vault_private_key_backup_user_host: | SSH_PRIV_KEY_OF_backup_user_USER_ON_USER_HOST diff --git a/group_vars/munin_server.yml.template b/group_vars/munin_server.yml.template index 64d4bee..ef86e17 100644 --- a/group_vars/munin_server.yml.template +++ b/group_vars/munin_server.yml.template @@ -9,8 +9,8 @@ munin_hosts: munin_admin_user: "{{ vault_munin_admin_user }}" munin_admin_password: "{{ vault_munin_admin_password }}" -private_key_munin_async_user_host: "{{ vault_private_key_munin_async_user_host }}" -public_key_munin_async_user_host: "{{ vault_public_key_munin_async_user_host }}" +private_key_munin_user_host: "{{ vault_private_key_munin_async_user_host }}" +public_key_munin__user_host: "{{ vault_public_key_munin_async_user_host }}" munin_alerts: [] diff --git a/playbook_munin_server_deploy.yml b/playbook_munin_server_deploy.yml index e7917c0..bf4b456 100644 --- a/playbook_munin_server_deploy.yml +++ b/playbook_munin_server_deploy.yml @@ -2,4 +2,6 @@ - hosts: munin_server roles: - geerlingguy.munin - - munin_async_server + - munin_server + - geerlingguy.certbot + - geerlingguy.nginx diff --git a/roles/munin_async_server/README.md b/roles/munin_async_server/README.md deleted file mode 100644 index 6481170..0000000 --- a/roles/munin_async_server/README.md +++ /dev/null @@ -1,44 +0,0 @@ -Ansible Role: munin async server -========= - -This role set up Munin async server for a GNU/Linux server. - -Requirements ------------- - -The role geerlingguy.munin needs to be deploy on the Munin server before using the current role. - -Roll Variables --------------- - -All variables and default values are defined in `defaults/main.yml` : - - # Name of the munin-async service and munin-async package (depends on your OS, can be munin-async, munin-asyncd...) - munin_async_service_name: munin-async - munin_async_package: munin-async - - # Private/Public SSH keys of Munin async server to access all Munin async client account - private_key_munin_async_user_host: "" - public_key_munin_async_user_host: "" - -Dependencies ------------- - -None. - -Example Playbook ----------------- - - - hosts: munin_server - roles: - - munin_async_server - -License -------- - -BSD - -Author Information ------------------- - -This role was created in 2020 by Nemo. diff --git a/roles/munin_async_server/defaults/main.yml b/roles/munin_async_server/defaults/main.yml deleted file mode 100644 index 88ef02e..0000000 --- a/roles/munin_async_server/defaults/main.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- -# defaults file for munin_async_server - -# Name of the munin-async service and munin-async package (depends on your OS, can be munin-async, munin-asyncd...) -munin_async_service_name: munin-async -munin_async_package: munin-async - -# Private/Public SSH keys of Munin async server to access all Munin async client account -private_key_munin_async_user_host: "" -public_key_munin_async_user_host: "" - diff --git a/roles/munin_async_server/tasks/main.yml b/roles/munin_async_server/tasks/main.yml deleted file mode 100644 index b49f44d..0000000 --- a/roles/munin_async_server/tasks/main.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -# Main tasks file for munin_async_server - -- import_tasks: package.yml -- import_tasks: user.yml -- import_tasks: service.yml diff --git a/roles/munin_async_server/tasks/package.yml b/roles/munin_async_server/tasks/package.yml deleted file mode 100644 index a870d23..0000000 --- a/roles/munin_async_server/tasks/package.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -- name: Munin async installed - package: - name: "{{ munin_async_package }}" - state: present diff --git a/roles/munin_async_server/tasks/service.yml b/roles/munin_async_server/tasks/service.yml deleted file mode 100644 index aa4f5f4..0000000 --- a/roles/munin_async_server/tasks/service.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -- name: Munin async enabled - service: - name: "{{ munin_async_service_name }}" - state: started - enabled: yes diff --git a/roles/munin_async_server/tasks/user.yml b/roles/munin_async_server/tasks/user.yml deleted file mode 100644 index 3820c2c..0000000 --- a/roles/munin_async_server/tasks/user.yml +++ /dev/null @@ -1,20 +0,0 @@ ---- -- name: Create SSH directory for munin-async user - file: - path: /var/spool/munin-async/.ssh - state: directory - mode: '0755' -- name: Deploy private key to access other Munin async node - copy: - dest: /var/spool/munin-async/.ssh/id_rsa - owner: munin-async - group: munin-async - mode: '0600' - content: "{{ private_key_munin_async_user_host }}" -- name: Deploy public key to access other Munin async node - copy: - dest: /var/spool/munin-async/.ssh/id_rsa.pub - owner: munin-async - group: munin-async - mode: '0644' - content: "{{ public_key_munin_async_user_host + '\n' }}" diff --git a/roles/munin_server/README.md b/roles/munin_server/README.md new file mode 100644 index 0000000..ff85bdb --- /dev/null +++ b/roles/munin_server/README.md @@ -0,0 +1,48 @@ +Ansible Role: munin server +========= + +This role set up Munin server for a GNU/Linux server. + +Requirements +------------ + +The role geerlingguy.munin needs to be deploy on the Munin server before using the current role. + +Roll Variables +-------------- + +All variables and default values are defined in `defaults/main.yml` : + + # Private/Public SSH keys of Munin server to access all Munin async client account + private_key_munin_user_host: "" + public_key_munin_user_host: "" + + # Munin user and group + munin_user: "munin" + munin_group: "munin" + + # Munin user home directory + munin_home_directory: "/var/lib/munin" + + +Dependencies +------------ + +None. + +Example Playbook +---------------- + + - hosts: munin_server + roles: + - munin_server + +License +------- + +BSD + +Author Information +------------------ + +This role was created in 2020 by Nemo. diff --git a/roles/munin_server/defaults/main.yml b/roles/munin_server/defaults/main.yml new file mode 100644 index 0000000..41ccb4d --- /dev/null +++ b/roles/munin_server/defaults/main.yml @@ -0,0 +1,13 @@ +--- +# defaults file for munin_async_server + +# Private/Public SSH keys of Munin async server to access all Munin async client account +private_key_munin_user_host: "" +public_key_munin_user_host: "" + +# Munin user and group +munin_user: "munin" +munin_group: "munin" + +# Munin user home directory +munin_home_directory: "/var/lib/munin" diff --git a/roles/munin_async_server/meta/main.yml b/roles/munin_server/meta/main.yml similarity index 81% rename from roles/munin_async_server/meta/main.yml rename to roles/munin_server/meta/main.yml index 3673d79..60d92c8 100644 --- a/roles/munin_async_server/meta/main.yml +++ b/roles/munin_server/meta/main.yml @@ -1,6 +1,6 @@ galaxy_info: author: nemo - description: Set up Munin async server for GNU/Linux. + description: Set up Munin server for GNU/Linux. company: Wirebrass license: license (BSD) @@ -18,7 +18,6 @@ galaxy_info: galaxy_tags: - munin - - munin-async - system - server - auto diff --git a/roles/munin_server/tasks/main.yml b/roles/munin_server/tasks/main.yml new file mode 100644 index 0000000..496773d --- /dev/null +++ b/roles/munin_server/tasks/main.yml @@ -0,0 +1,4 @@ +--- +# Main tasks file for munin_server + + import_tasks: user.yml diff --git a/roles/munin_server/tasks/user.yml b/roles/munin_server/tasks/user.yml new file mode 100644 index 0000000..5317f84 --- /dev/null +++ b/roles/munin_server/tasks/user.yml @@ -0,0 +1,22 @@ +--- +- name: Create SSH directory for Munin user + file: + path: "{{ /var/lib/munin }}"/.ssh + state: directory + owner: "{{ munin_user }}" + group: "{{ munin_user }}" + mode: '0700' +- name: Deploy private key to access other Munin node + copy: + dest: "{{ /var/lib/munin }}"/.ssh/id_rsa + owner: "{{ munin_user }}" + group: "{{ munin_user }}" + mode: '0600' + content: "{{ private_key_munin_async_user_host }}" +- name: Deploy public key to access other Munin node + copy: + dest: "{{ /var/lib/munin }}"/.ssh/id_rsa.pub + owner: "{{ munin_user }}" + group: "{{ munin_user }}" + mode: '0644' + content: "{{ public_key_munin_async_user_host + '\n' }}"