From 39d2f932cf784d08f850f7f8e2e45c71a5513e77 Mon Sep 17 00:00:00 2001 From: Salt Date: Sun, 8 Aug 2021 13:26:39 -0500 Subject: [PATCH] Add snmpd role --- requirements.yml | 4 + roles/snmpd/.ansible-lint | 3 + roles/snmpd/.github/workflows/ci.yml | 80 ++++++++++++++++++++ roles/snmpd/.github/workflows/release.yml | 20 +++++ roles/snmpd/.gitignore | 30 ++++++++ roles/snmpd/.yamllint | 15 ++++ roles/snmpd/Dockerfile | 20 +++++ roles/snmpd/LICENSE.txt | 19 +++++ roles/snmpd/README.md | 74 ++++++++++++++++++ roles/snmpd/Vagrantfile | 70 +++++++++++++++++ roles/snmpd/defaults/main.yml | 39 ++++++++++ roles/snmpd/files/empty | 0 roles/snmpd/handlers/main.yml | 7 ++ roles/snmpd/meta/.galaxy_install_info | 2 + roles/snmpd/meta/main.yml | 24 ++++++ roles/snmpd/molecule/default/converge.yml | 9 +++ roles/snmpd/molecule/default/molecule.yml | 19 +++++ roles/snmpd/molecule/default/prepare.yml | 9 +++ roles/snmpd/molecule/default/verify.yml | 5 ++ roles/snmpd/tasks/main.yml | 57 ++++++++++++++ roles/snmpd/templates/etc/default/snmpd.j2 | 24 ++++++ roles/snmpd/templates/etc/snmp/snmpd.conf.j2 | 42 ++++++++++ roles/snmpd/tests/inventory | 1 + roles/snmpd/tests/tasks/pre.yml | 14 ++++ roles/snmpd/tests/test.yml | 12 +++ roles/snmpd/tests/vagrant.yml | 10 +++ roles/snmpd/tests/vars/main.yml | 4 + roles/snmpd/vars/main.yml | 6 ++ 28 files changed, 619 insertions(+) create mode 100644 roles/snmpd/.ansible-lint create mode 100644 roles/snmpd/.github/workflows/ci.yml create mode 100644 roles/snmpd/.github/workflows/release.yml create mode 100644 roles/snmpd/.gitignore create mode 100644 roles/snmpd/.yamllint create mode 100644 roles/snmpd/Dockerfile create mode 100644 roles/snmpd/LICENSE.txt create mode 100644 roles/snmpd/README.md create mode 100644 roles/snmpd/Vagrantfile create mode 100644 roles/snmpd/defaults/main.yml create mode 100644 roles/snmpd/files/empty create mode 100644 roles/snmpd/handlers/main.yml create mode 100644 roles/snmpd/meta/.galaxy_install_info create mode 100644 roles/snmpd/meta/main.yml create mode 100644 roles/snmpd/molecule/default/converge.yml create mode 100644 roles/snmpd/molecule/default/molecule.yml create mode 100644 roles/snmpd/molecule/default/prepare.yml create mode 100644 roles/snmpd/molecule/default/verify.yml create mode 100644 roles/snmpd/tasks/main.yml create mode 100644 roles/snmpd/templates/etc/default/snmpd.j2 create mode 100644 roles/snmpd/templates/etc/snmp/snmpd.conf.j2 create mode 100644 roles/snmpd/tests/inventory create mode 100644 roles/snmpd/tests/tasks/pre.yml create mode 100644 roles/snmpd/tests/test.yml create mode 100644 roles/snmpd/tests/vagrant.yml create mode 100644 roles/snmpd/tests/vars/main.yml create mode 100644 roles/snmpd/vars/main.yml diff --git a/requirements.yml b/requirements.yml index ce3d214..599caaf 100644 --- a/requirements.yml +++ b/requirements.yml @@ -53,3 +53,7 @@ roles: - name: factorio src: bplower.factorio version: master + # Upstream: https://github.com/Oefenweb/ansible-snmpd + - name: snmpd + src: oefenweb.snmpd + version: master diff --git a/roles/snmpd/.ansible-lint b/roles/snmpd/.ansible-lint new file mode 100644 index 0000000..148ddda --- /dev/null +++ b/roles/snmpd/.ansible-lint @@ -0,0 +1,3 @@ +--- +warn_list: + - '106' diff --git a/roles/snmpd/.github/workflows/ci.yml b/roles/snmpd/.github/workflows/ci.yml new file mode 100644 index 0000000..e8a0475 --- /dev/null +++ b/roles/snmpd/.github/workflows/ci.yml @@ -0,0 +1,80 @@ +--- +name: CI +'on': + pull_request: + push: + branches: + - master + schedule: + - cron: '30 1 * * 3' + +jobs: + + lint: + name: Lint + runs-on: ubuntu-latest + steps: + - name: Check out the codebase + uses: actions/checkout@v2 + + - name: Set up Python 3 + uses: actions/setup-python@v2 + with: + python-version: '3.x' + + - name: Install test dependencies + run: pip install ansible-lint[community,yamllint] + + - name: Lint code + run: | + yamllint . + ansible-lint + + molecule: + name: Molecule + runs-on: ubuntu-latest + defaults: + run: + working-directory: "${{ github.repository }}" + needs: + - lint + strategy: + fail-fast: false + matrix: + include: + - distro: debian8 + - distro: debian9 + - distro: debian10 + - distro: ubuntu1604 + ansible-version: '>=2.8, <2.9' + - distro: ubuntu1604 + ansible-version: '>=2.9, <2.10' + - distro: ubuntu1604 + ansible-version: '>=2.10, <2.11' + - distro: ubuntu1604 + - distro: ubuntu1804 + - distro: ubuntu2004 + + steps: + - name: Check out the codebase + uses: actions/checkout@v2 + with: + path: "${{ github.repository }}" + + - name: Set up Python 3 + uses: actions/setup-python@v2 + with: + python-version: '3.x' + + - name: Install test dependencies + run: pip install 'ansible${{ matrix.ansible-version }}' molecule[docker] docker + + - name: Run Molecule tests + run: | + molecule test + env: + ANSIBLE_FORCE_COLOR: '1' + ANSIBLE_VERBOSITY: '2' + MOLECULE_DEBUG: '1' + MOLECULE_DISTRO: "${{ matrix.distro }}" + PY_COLORS: '1' diff --git a/roles/snmpd/.github/workflows/release.yml b/roles/snmpd/.github/workflows/release.yml new file mode 100644 index 0000000..2354e68 --- /dev/null +++ b/roles/snmpd/.github/workflows/release.yml @@ -0,0 +1,20 @@ +--- +name: Release +'on': + push: + tags: + - '*' + +jobs: + + release: + name: Release + runs-on: ubuntu-latest + steps: + - name: Check out the codebase + uses: actions/checkout@v2 + + - name: Publish to Galaxy + uses: robertdebock/galaxy-action@1.1.0 + with: + galaxy_api_key: ${{ secrets.GALAXY_API_KEY }} diff --git a/roles/snmpd/.gitignore b/roles/snmpd/.gitignore new file mode 100644 index 0000000..f74c83a --- /dev/null +++ b/roles/snmpd/.gitignore @@ -0,0 +1,30 @@ +# OS generated files # +###################### +.DS_Store +.DS_Store? +._* +.Spotlight-V100 +.Trashes +Icon? +ehthumbs.db +Thumbs.db + +# IDE files # +################# +/.settings +/.buildpath +/.project +/nbproject +*.komodoproject +*.kpf +/.idea + +# Vagrant files # +.virtualbox/ +.vagrant/ +vagrant_ansible_inventory_* +ansible.cfg + +# Other files # +############### +!empty diff --git a/roles/snmpd/.yamllint b/roles/snmpd/.yamllint new file mode 100644 index 0000000..894450c --- /dev/null +++ b/roles/snmpd/.yamllint @@ -0,0 +1,15 @@ +--- +extends: default + +rules: + braces: + max-spaces-inside: 1 + level: error + brackets: + max-spaces-inside: 1 + level: error + line-length: disable + truthy: disable + +ignore: | + .tox/ diff --git a/roles/snmpd/Dockerfile b/roles/snmpd/Dockerfile new file mode 100644 index 0000000..c7cdf41 --- /dev/null +++ b/roles/snmpd/Dockerfile @@ -0,0 +1,20 @@ +FROM ubuntu:16.04 +MAINTAINER Mischa ter Smitten + +# python +RUN apt-get update && \ + DEBIAN_FRONTEND=noninteractive apt-get install -y python-minimal python-dev curl && \ + apt-get clean +RUN curl -sL https://bootstrap.pypa.io/pip/2.7/get-pip.py | python - +RUN rm -rf $HOME/.cache + +# ansible +RUN DEBIAN_FRONTEND=noninteractive apt-get install -y gcc libffi-dev libssl-dev net-tools iproute2 ethtool && \ + apt-get clean +RUN pip install ansible==2.9.15 +RUN rm -rf $HOME/.cache + +# provision +COPY . /etc/ansible/roles/ansible-role +WORKDIR /etc/ansible/roles/ansible-role +RUN ansible-playbook -i tests/inventory tests/test.yml --connection=local diff --git a/roles/snmpd/LICENSE.txt b/roles/snmpd/LICENSE.txt new file mode 100644 index 0000000..5708f35 --- /dev/null +++ b/roles/snmpd/LICENSE.txt @@ -0,0 +1,19 @@ +Copyright (c) Oefenweb.nl + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is furnished +to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. diff --git a/roles/snmpd/README.md b/roles/snmpd/README.md new file mode 100644 index 0000000..0361a0e --- /dev/null +++ b/roles/snmpd/README.md @@ -0,0 +1,74 @@ +## snmpd + +[![CI](https://github.com/Oefenweb/ansible-snmpd/workflows/CI/badge.svg)](https://github.com/Oefenweb/ansible-snmpd/actions?query=workflow%3ACI) +[![Ansible Galaxy](http://img.shields.io/badge/ansible--galaxy-snmpd-blue.svg)](https://galaxy.ansible.com/Oefenweb/snmpd) + +Set up snmp(d) in Debian-like systems. + +#### Requirements + + +On **Debian** the **non-free** repository must be enabled to download the `snmp-mibs-downloader` package, +on **Ubuntu** this package is in **multiverse**. See the *"Recommended"* section below. + +#### Variables + +* `snmpd_install` [default: `[lm-sensors]`]: Additional packages to install +* `snmpd_mibs` [default: `UCD-SNMP-MIB`]: MIBs to load +* `snmpd_run` [default: `true`]: Snmpd control (true means start daemon) +* `snmpd_opts` [default: `'-LS4d -Lf /dev/null -u snmp -g snmp -I -smux -p /var/run/snmpd.pid'`]: Snmpd options (use syslog, close stdin/out/err) +* `snmpd_trapd_run` [default: `false`]: Snmptrapd control (true means start daemon) +* `snmpd_trapd_opts` [default: `'-Lsd -p /var/run/snmptrapd.pid'`]: Snmptrapd options (use syslog) +* `snmpd_snmpd_compat` [default: `false`]: Create symlink on Debian legacy location to official RFC path + +* `snmpd_agent_address` [default: `['udp:161', 'udp6:[::1]:161']: Agent address + +* `snmpd_internal_user`: [default: see defaults.yml]: Internal user. **Make sure to change!** + +* `snmpd_users`: [default: see defaults.yml]: Additional users. **Make sure to change!** +* `snmpd_sys_location` [default: `''`]: System location +* `snmpd_sys_contact` [default: `Root `]: System contact +* `snmpd_sys_description` [default: `{{ inventory_hostname }}`]: System description + +* `snmpd_disks_include_all`: [default: `false`]: Include all disks mounted on the system in the SNMP table +* `snmpd_disks_include_all_threshold_minpercent`: [default: `10%`]: Minimum free space specified as a percentage +* `snmpd_disks`: [default: `[]`]: List of disk paths and their corresponding thresholds to be included in the SNMP table +* `snmpd_disks.{n}.path`: [required]: The disks mountpoint (e.g. `/`) +* `snmpd_disks.{n}.threshold`: [required]: The disks minimum threshold either be specified in kB (MINSPACE) or as a percentage of the total disk (MINPERCENT% with a '%' character) (e.g. `10%`) + +* `snmpd_default_monitors` [default: `true`]: Configure the Event `MIB` tables to monitor the various `UCD-SNMP-MIB` tables for problems +* `snmpd_link_up_down_notifications` [default: `true`]: Configure the Event `MIB` tables to monitor the `fTable` for network interfaces being taken up or down, and triggering a `linkUp` or `linkDown` notification as appropriate + +* `snmpd_extensions`: [default: `[]`]: Extension MIB declaration(s) +* `snmpd_extensions.{n}.name`: [required]: An identifying string for the extension +* `snmpd_extensions.{n}.prog`: [required]: The program to run +* `snmpd_extensions.{n}.args`: [default: `[]`]: The arguments to give the program + +## Dependencies + +None + +## Recommended + +* `ansible-apt` ([see](https://github.com/Oefenweb/ansible-apt), to manage `apt` repositories (in `/etc/apt/sources.list`) + +#### Example + +```yaml +--- +- hosts: all + roles: + - snmpd +``` + +#### License + +MIT + +#### Author Information + +Mischa ter Smitten + +#### Feedback, bug-reports, requests, ... + +Are [welcome](https://github.com/Oefenweb/ansible-snmpd/issues)! diff --git a/roles/snmpd/Vagrantfile b/roles/snmpd/Vagrantfile new file mode 100644 index 0000000..a0182a0 --- /dev/null +++ b/roles/snmpd/Vagrantfile @@ -0,0 +1,70 @@ +# -*- mode: ruby -*- +# vi: set ft=ruby ts=2 sw=2 tw=0 et : + +role = File.basename(File.expand_path(File.dirname(__FILE__))) + +boxes = [ + { + :name => "ubuntu-1604", + :box => "bento/ubuntu-16.04", + :ip => '10.0.0.12', + :cpu => "50", + :ram => "256" + }, + { + :name => "ubuntu-1804", + :box => "bento/ubuntu-18.04", + :ip => '10.0.0.13', + :cpu => "50", + :ram => "384" + }, + { + :name => "ubuntu-2004", + :box => "bento/ubuntu-20.04", + :ip => '10.0.0.14', + :cpu => "50", + :ram => "384" + }, + { + :name => "debian-8", + :box => "bento/debian-8", + :ip => '10.0.0.16', + :cpu => "50", + :ram => "256" + }, + { + :name => "debian-9", + :box => "bento/debian-9", + :ip => '10.0.0.17', + :cpu => "50", + :ram => "256" + }, + { + :name => "debian-10", + :box => "bento/debian-10", + :ip => '10.0.0.18', + :cpu => "50", + :ram => "256" + }, +] + +Vagrant.configure("2") do |config| + boxes.each do |box| + config.vm.define box[:name] do |vms| + vms.vm.box = box[:box] + vms.vm.hostname = "ansible-#{role}-#{box[:name]}" + + vms.vm.provider "virtualbox" do |v| + v.customize ["modifyvm", :id, "--cpuexecutioncap", box[:cpu]] + v.customize ["modifyvm", :id, "--memory", box[:ram]] + end + + vms.vm.network :private_network, ip: box[:ip] + + vms.vm.provision :ansible do |ansible| + ansible.playbook = "tests/vagrant.yml" + ansible.verbose = "vv" + end + end + end +end diff --git a/roles/snmpd/defaults/main.yml b/roles/snmpd/defaults/main.yml new file mode 100644 index 0000000..ffb0f16 --- /dev/null +++ b/roles/snmpd/defaults/main.yml @@ -0,0 +1,39 @@ +# defaults file +--- +snmpd_install: + - lm-sensors +snmpd_mibs: UCD-SNMP-MIB +snmpd_run: true +snmpd_opts: '-LS4d -Lf /dev/null -u snmp -g snmp -I -smux -p /var/run/snmpd.pid' +snmpd_trapd_run: false +snmpd_trapd_opts: '-Lsd -p /var/run/snmptrapd.pid' +snmpd_snmpd_compat: false + +snmpd_agent_address: + - 'udp:161' + - 'udp6:[::1]:161' + +snmpd_internal_user: + username: internalUser + password: '=9zeba&hEpr3799sE_a!' + auth_protocol: MD5 + +snmpd_users: + - username: john-doe + password: '!ahab#ub_uk#2uhEThu6' + type: rouser + auth_protocol: SHA + privacy_passphrase: 'zusTAqEpHacEs9eju44@' + privacy_protocol: AES + +snmpd_sys_location: 'Unknown' +snmpd_sys_contact: Root +snmpd_sys_description: "{{ inventory_hostname }}" +snmpd_sys_services: 72 + +snmpd_disks_include_all: false +snmpd_disks_include_all_threshold: '10%' +snmpd_disks: [] + +snmpd_default_monitors: true +snmpd_link_up_down_notifications: true diff --git a/roles/snmpd/files/empty b/roles/snmpd/files/empty new file mode 100644 index 0000000..e69de29 diff --git a/roles/snmpd/handlers/main.yml b/roles/snmpd/handlers/main.yml new file mode 100644 index 0000000..8cea04d --- /dev/null +++ b/roles/snmpd/handlers/main.yml @@ -0,0 +1,7 @@ +# handlers file +--- +- name: restart snmpd + service: + name: snmpd + state: restarted + when: service_default_state | default('started') == 'started' diff --git a/roles/snmpd/meta/.galaxy_install_info b/roles/snmpd/meta/.galaxy_install_info new file mode 100644 index 0000000..224e0f9 --- /dev/null +++ b/roles/snmpd/meta/.galaxy_install_info @@ -0,0 +1,2 @@ +install_date: 'Sun 08 Aug 2021 06:26:26 PM ' +version: master diff --git a/roles/snmpd/meta/main.yml b/roles/snmpd/meta/main.yml new file mode 100644 index 0000000..f7f6268 --- /dev/null +++ b/roles/snmpd/meta/main.yml @@ -0,0 +1,24 @@ +# meta file +--- +galaxy_info: + namespace: oefenweb + role_name: snmpd + author: Mischa ter Smitten + company: Oefenweb.nl B.V. + description: Set up snmp(d) in Debian-like systems + license: MIT + min_ansible_version: 2.8.0 + platforms: + - name: Ubuntu + versions: + - xenial + - bionic + - focal + - name: Debian + versions: + - jessie + - stretch + - buster + galaxy_tags: + - system +dependencies: [] diff --git a/roles/snmpd/molecule/default/converge.yml b/roles/snmpd/molecule/default/converge.yml new file mode 100644 index 0000000..73043c4 --- /dev/null +++ b/roles/snmpd/molecule/default/converge.yml @@ -0,0 +1,9 @@ +--- +- name: Converge + hosts: all + become: true + pre_tasks: + - name: include vars + include_vars: "{{ playbook_dir }}/../../tests/vars/main.yml" + roles: + - ../../../ diff --git a/roles/snmpd/molecule/default/molecule.yml b/roles/snmpd/molecule/default/molecule.yml new file mode 100644 index 0000000..fbb7120 --- /dev/null +++ b/roles/snmpd/molecule/default/molecule.yml @@ -0,0 +1,19 @@ +--- +dependency: + name: galaxy +driver: + name: docker +platforms: + - name: instance + image: "geerlingguy/docker-${MOLECULE_DISTRO:-ubuntu1604}-ansible:latest" + command: ${MOLECULE_DOCKER_COMMAND:-""} + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:ro + privileged: true + pre_build_image: true +provisioner: + name: ansible + playbooks: + prepare: prepare.yml + converge: converge.yml + verify: verify.yml diff --git a/roles/snmpd/molecule/default/prepare.yml b/roles/snmpd/molecule/default/prepare.yml new file mode 100644 index 0000000..1600dec --- /dev/null +++ b/roles/snmpd/molecule/default/prepare.yml @@ -0,0 +1,9 @@ +--- +- name: Prepare + hosts: all + become: true + pre_tasks: + - name: include vars + include_vars: "{{ playbook_dir }}/../../tests/vars/main.yml" + - name: include tasks + include: "{{ playbook_dir }}/../../tests/tasks/pre.yml" diff --git a/roles/snmpd/molecule/default/verify.yml b/roles/snmpd/molecule/default/verify.yml new file mode 100644 index 0000000..44debad --- /dev/null +++ b/roles/snmpd/molecule/default/verify.yml @@ -0,0 +1,5 @@ +--- +- name: Verify + hosts: all + become: true + tasks: [] diff --git a/roles/snmpd/tasks/main.yml b/roles/snmpd/tasks/main.yml new file mode 100644 index 0000000..52ecc7e --- /dev/null +++ b/roles/snmpd/tasks/main.yml @@ -0,0 +1,57 @@ +# tasks file +--- +- name: install dependencies + apt: + name: "{{ snmpd_dependencies }}" + state: "{{ apt_install_state | default('latest') }}" + update_cache: true + cache_valid_time: "{{ apt_update_cache_valid_time | default(3600) }}" + tags: + - configuration + - snmpd + - snmpd-dependencies + +- name: install + apt: + name: "{{ snmpd_install }}" + state: "{{ apt_install_state | default('latest') }}" + tags: + - configuration + - snmpd + - snmpd-install + +- name: update configuration file - /etc/default/snmpd.conf + template: + src: etc/default/snmpd.j2 + dest: /etc/default/snmpd + owner: root + group: root + mode: 0644 + notify: restart snmpd + tags: + - configuration + - snmpd + - snmpd-configuration + +- name: update configuration file - /etc/snmp/snmpd.conf + template: + src: etc/snmp/snmpd.conf.j2 + dest: /etc/snmp/snmpd.conf + owner: root + group: root + mode: 0600 + notify: restart snmpd + tags: + - configuration + - snmpd + - snmpd-configuration + +- name: start and enable service + service: + name: snmpd + state: "{{ service_default_state | default('started') }}" + enabled: "{{ service_default_enabled | default(true) | bool }}" + tags: + - configuration + - snmpd + - snmpd-start-enable-service diff --git a/roles/snmpd/templates/etc/default/snmpd.j2 b/roles/snmpd/templates/etc/default/snmpd.j2 new file mode 100644 index 0000000..3f28b89 --- /dev/null +++ b/roles/snmpd/templates/etc/default/snmpd.j2 @@ -0,0 +1,24 @@ +# {{ ansible_managed }} + +# This file controls the activity of snmpd and snmptrapd + +# Don't load any MIBs by default. +# You might comment this lines once you have the MIBs downloaded. +export MIBS={{ snmpd_mibs }} + +# snmpd control (yes means start daemon). +SNMPDRUN={{ 'yes' if snmpd_run else 'no' }} + +# snmpd options (use syslog, close stdin/out/err). +SNMPDOPTS='{{ snmpd_opts }}' + +# snmptrapd control (yes means start daemon). As of net-snmp version +# 5.0, master agentx support must be enabled in snmpd before snmptrapd +# can be run. See snmpd.conf(5) for how to do this. +TRAPDRUN={{ 'yes' if snmpd_trapd_run else 'no' }} + +# snmptrapd options (use syslog). +TRAPDOPTS='{{ snmpd_trapd_opts }}' + +# create symlink on Debian legacy location to official RFC path +SNMPDCOMPAT={{ 'yes' if snmpd_snmpd_compat else 'no' }} diff --git a/roles/snmpd/templates/etc/snmp/snmpd.conf.j2 b/roles/snmpd/templates/etc/snmp/snmpd.conf.j2 new file mode 100644 index 0000000..341b471 --- /dev/null +++ b/roles/snmpd/templates/etc/snmp/snmpd.conf.j2 @@ -0,0 +1,42 @@ +# {{ ansible_managed }} + +agentAddress {{ snmpd_agent_address | join(',') }} + +createUser {{ snmpd_internal_user.username }} {{ snmpd_internal_user.auth_protocol }} "{{ snmpd_internal_user.password }}" +{% for snmpd_user in snmpd_users %} +createUser {{ snmpd_user.username }} {{ snmpd_user.auth_protocol }} "{{ snmpd_user.password }}" {{ snmpd_user.privacy_protocol }} "{{ snmpd_user.privacy_passphrase }}" +{% endfor %} + +view systemonly included .1.3.6.1.2.1.1 +view systemonly included .1.3.6.1.2.1.25.1 + +rouser authOnlyUser +{% for snmpd_user in snmpd_users %} +{{ snmpd_user.type }} {{ snmpd_user.username }} +{% endfor %} + +sysLocation {{ snmpd_sys_location }} +sysContact {{ snmpd_sys_contact }} +{% if snmpd_sys_description %} +sysDescr {{ snmpd_sys_description }} +{% endif %} +sysServices {{ snmpd_sys_services }} + +iquerySecName {{ snmpd_internal_user.username }} +rouser {{ snmpd_internal_user.username }} + +{% if snmpd_disks_include_all %} +includeAllDisks {{ snmpd_disks_include_all_threshold_minpercent }} +{% endif %} +{% for snmpd_disk in snmpd_disks %} +disk {{ snmpd_disk.path }} {{ snmpd_disk.threshold }} +{% endfor %} + +defaultMonitors {{ 'yes' if snmpd_default_monitors else 'no' }} +linkUpDownNotifications {{ 'yes' if snmpd_link_up_down_notifications else 'no' }} + +{% for snmpd_extension in snmpd_extensions | default([]) %} +extend {{ snmpd_extension.name }} {{ snmpd_extension.prog }} {{ snmpd_extension.args | default([]) | join(' ') }} +{% endfor %} + +master agentx diff --git a/roles/snmpd/tests/inventory b/roles/snmpd/tests/inventory new file mode 100644 index 0000000..2fbb50c --- /dev/null +++ b/roles/snmpd/tests/inventory @@ -0,0 +1 @@ +localhost diff --git a/roles/snmpd/tests/tasks/pre.yml b/roles/snmpd/tests/tasks/pre.yml new file mode 100644 index 0000000..9bcc66f --- /dev/null +++ b/roles/snmpd/tests/tasks/pre.yml @@ -0,0 +1,14 @@ +# pre test file +--- +- name: enable non-free + apt_repository: + repo: "{{ item.type }} {{ item.url }} {{ item.component }}" + filename: non-free + with_items: + - type: deb + url: "http://ftp.nl.debian.org/debian/ {{ ansible_distribution_release }}" + component: contrib non-free + - type: deb-src + url: "http://ftp.nl.debian.org/debian/ {{ ansible_distribution_release }}" + component: contrib non-free + when: ansible_distribution == 'Debian' diff --git a/roles/snmpd/tests/test.yml b/roles/snmpd/tests/test.yml new file mode 100644 index 0000000..0062d99 --- /dev/null +++ b/roles/snmpd/tests/test.yml @@ -0,0 +1,12 @@ +# tests file for snmpd +--- +- hosts: localhost + connection: local + become: true + pre_tasks: + - name: include vars + include_vars: "{{ playbook_dir }}/vars/main.yml" + - name: include tasks + include: "{{ playbook_dir }}/tasks/pre.yml" + roles: + - ../../ diff --git a/roles/snmpd/tests/vagrant.yml b/roles/snmpd/tests/vagrant.yml new file mode 100644 index 0000000..fed2ce2 --- /dev/null +++ b/roles/snmpd/tests/vagrant.yml @@ -0,0 +1,10 @@ +# test file +--- +- hosts: all + remote_user: vagrant + become: true + pre_tasks: + - name: include tasks + include: "{{ playbook_dir }}/tasks/pre.yml" + roles: + - ../../ diff --git a/roles/snmpd/tests/vars/main.yml b/roles/snmpd/tests/vars/main.yml new file mode 100644 index 0000000..7c673e4 --- /dev/null +++ b/roles/snmpd/tests/vars/main.yml @@ -0,0 +1,4 @@ +# vars file +--- +snmpd_agent_address: + - "udp:{{ ansible_lo['ipv4']['address'] }}:10161" diff --git a/roles/snmpd/vars/main.yml b/roles/snmpd/vars/main.yml new file mode 100644 index 0000000..90ad567 --- /dev/null +++ b/roles/snmpd/vars/main.yml @@ -0,0 +1,6 @@ +# vars file +--- +snmpd_dependencies: + - snmpd + - snmp + - snmp-mibs-downloader