You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
97 lines
2.6 KiB
97 lines
2.6 KiB
- name: ensure facts dir exists
|
|
become: yes
|
|
file:
|
|
path: "{{ item }}"
|
|
state: directory
|
|
loop:
|
|
- /etc/ansible
|
|
- /etc/ansible/facts.d
|
|
|
|
- name: deploy custom fact for listening tcp ports
|
|
become: yes
|
|
copy:
|
|
src: listening_tcp_openbsd.sh
|
|
dest: /etc/ansible/facts.d/listening_tcp.fact
|
|
mode: '0755'
|
|
register: fact_deploy
|
|
|
|
- name: reload facts
|
|
setup:
|
|
when: fact_deploy.changed
|
|
|
|
- name: print to be monitored tcp ports
|
|
debug:
|
|
msg: "{{ monitored_tcp_ports }}"
|
|
|
|
- name: copy service check
|
|
become: yes
|
|
copy:
|
|
src: check_services_openbsd.sh
|
|
dest: /usr/local/libexec/nagios/check_services.sh
|
|
mode: '0755'
|
|
|
|
- name: allow list of failed services via doas
|
|
become: yes
|
|
lineinfile:
|
|
path: /etc/doas.conf
|
|
create: yes
|
|
regexp: '^permit.*{{ icinga2_monitoring_master.ssh_user }}.*$'
|
|
line: 'permit nopass {{ icinga2_monitoring_master.ssh_user }} as root cmd /usr/sbin/rcctl args ls failed'
|
|
|
|
- name: set fact with monitoring config
|
|
set_fact:
|
|
api_body: '{ "templates": [ "openbsd" ], "attrs": { "address": "{{ ansible_fqdn }}", "vars.tcp_ipv4": {{ monitored_tcp_ports }} }, "pretty": true }'
|
|
|
|
- name: write monitoring config
|
|
become: yes
|
|
copy:
|
|
dest: /etc/monitoring.conf
|
|
content: "{{ api_body }}"
|
|
register: monitoring_config
|
|
|
|
- name: delete host from icinga
|
|
uri:
|
|
url: "{{ icinga2_api_url }}/v1/objects/hosts/{{ ansible_fqdn }}?cascade=1"
|
|
method: DELETE
|
|
return_content: yes
|
|
headers:
|
|
Accept: application/json
|
|
body_format: json
|
|
validate_certs: no
|
|
url_username: "{{ icinga2_monitoring_master.api_user }}"
|
|
url_password: "{{ icinga2_monitoring_master.api_password }}"
|
|
when: monitoring_config.changed
|
|
failed_when: false
|
|
changed_when: true
|
|
throttle: 1
|
|
|
|
- name: add host to icinga
|
|
uri:
|
|
url: "{{ icinga2_api_url }}/v1/objects/hosts/{{ ansible_fqdn }}"
|
|
method: PUT
|
|
return_content: yes
|
|
headers:
|
|
Accept: application/json
|
|
body_format: json
|
|
body: "{{ api_body }}"
|
|
validate_certs: no
|
|
url_username: "{{ icinga2_monitoring_master.api_user }}"
|
|
url_password: "{{ icinga2_monitoring_master.api_password }}"
|
|
when: monitoring_config.changed
|
|
changed_when: true
|
|
throttle: 1
|
|
|
|
- name: trigger icinga restart
|
|
uri:
|
|
url: "{{ icinga2_api_url }}/v1/actions/restart-process?pretty=1"
|
|
method: POST
|
|
return_content: yes
|
|
headers:
|
|
Accept: application/json
|
|
body_format: json
|
|
validate_certs: no
|
|
url_username: "{{ icinga2_monitoring_master.api_user }}"
|
|
url_password: "{{ icinga2_monitoring_master.api_password }}"
|
|
when: monitoring_config.changed
|
|
changed_when: true
|
|
throttle: 1
|
|
|