gitea-admin
/
ansible-roles
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
collection of ansible roles
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
10 Commits
1 Branch
0 Tags
422 KiB
 
 
 
 
Tag: Branch: Tree: 642a701879
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '642a701879'
${ noResults }
ansible-roles/common/monitoring/add_to_icinga2/tasks/openbsd.yml

97 lines
2.6 KiB
Raw Blame History

- name: ensure facts dir exists
become: yes
file:
path: "{{ item }}"
state: directory
loop:
- /etc/ansible
- /etc/ansible/facts.d
- name: deploy custom fact for listening tcp ports
become: yes
copy:
src: listening_tcp_openbsd.sh
dest: /etc/ansible/facts.d/listening_tcp.fact
mode: '0755'
register: fact_deploy
- name: reload facts
setup:
when: fact_deploy.changed
- name: print to be monitored tcp ports
debug:
msg: "{{ monitored_tcp_ports }}"
- name: copy service check
become: yes
copy:
src: check_services_openbsd.sh
dest: /usr/local/libexec/nagios/check_services.sh
mode: '0755'
- name: allow list of failed services via doas
become: yes
lineinfile:
path: /etc/doas.conf
create: yes
regexp: '^permit.*{{ icinga2_monitoring_master.ssh_user }}.*$'
line: 'permit nopass {{ icinga2_monitoring_master.ssh_user }} as root cmd /usr/sbin/rcctl args ls failed'
- name: set fact with monitoring config
set_fact:
api_body: '{ "templates": [ "openbsd" ], "attrs": { "address": "{{ ansible_fqdn }}", "vars.tcp_ipv4": {{ monitored_tcp_ports }} }, "pretty": true }'
- name: write monitoring config
become: yes
copy:
dest: /etc/monitoring.conf
content: "{{ api_body }}"
register: monitoring_config
- name: delete host from icinga
uri:
url: "{{ icinga2_api_url }}/v1/objects/hosts/{{ ansible_fqdn }}?cascade=1"
method: DELETE
return_content: yes
headers:
Accept: application/json
body_format: json
validate_certs: no
url_username: "{{ icinga2_monitoring_master.api_user }}"
url_password: "{{ icinga2_monitoring_master.api_password }}"
when: monitoring_config.changed
failed_when: false
changed_when: true
throttle: 1
- name: add host to icinga
uri:
url: "{{ icinga2_api_url }}/v1/objects/hosts/{{ ansible_fqdn }}"
method: PUT
return_content: yes
headers:
Accept: application/json
body_format: json
body: "{{ api_body }}"
validate_certs: no
url_username: "{{ icinga2_monitoring_master.api_user }}"
url_password: "{{ icinga2_monitoring_master.api_password }}"
when: monitoring_config.changed
changed_when: true
throttle: 1
- name: trigger icinga restart
uri:
url: "{{ icinga2_api_url }}/v1/actions/restart-process?pretty=1"
method: POST
return_content: yes
headers:
Accept: application/json
body_format: json
validate_certs: no
url_username: "{{ icinga2_monitoring_master.api_user }}"
url_password: "{{ icinga2_monitoring_master.api_password }}"
when: monitoring_config.changed
changed_when: true
throttle: 1