Make our Nagios SNMP user, apply some changes to its container, and spin up some barebones checks

playbooks/snmp.yml

@@ -3,9 +3,19 @@
 ---
 - hosts: tags_snmp
   roles:
-    - role: snmp
+    - role: snmpd
       vars:
         snmpd_internal_user:
           username: "{{ secret_snmp_internal_username }}"
           password: "{{ secret_snmp_internal_password }}"
+          auth_protocol: SHA
+        snmpd_users:
+          - username: "{{ secret_snmp_rouser_username }}"
+            password: "{{ secret_snmp_rouser_password }}"
+            type: rouser
+            auth_protocol: SHA
+            privacy_passphrase: "{{ secret_snmp_rouser_privacy_passphrase }}"
+            privacy_protocol: AES
+        snmpd_disks_include_all: yes
+        snmpd_disks_include_all_threshold_minpercent: "10%"
       tags: [ snmp ]

playbooks/tasks/web/nagios-hosts.cfg.j2

@@ -52,7 +52,7 @@ define service {
 # Commands
 # Ain't nobody here but us chickens...
 
-# Services
+# Services for all hosts
 define service {
 	use			ansible-generic-service
 	service_description	HTTP
@@ -66,6 +66,14 @@ define service {
 	hostgroup_name		nagios-checkhttp
 }
 
+# Services for SNMP-capable hosts
+define service {
+	use			ansible-generic-service
+	service_description	SNMP Check Hostname
+	check_command		check_snmp!-P 3 -a SHA -x AES -o 1.3.6.1.2.1.1.1.0 -U {{ secret_snmp_rouser_username }} -A {{ secret_snmp_rouser_password }} -X {{ secret_snmp_rouser_privacy_passphrase }} -s $HOSTNAME$ -L authPriv
+	hostgroup_name		snmp
+}
+
 # Manually-defined services for hosts
 # web1.desu.ltd
 {% for site in ["9iron.club","desu.ltd","nc.desu.ltd","git.desu.ltd"] %}

playbooks/tasks/web/nagios.yml

@@ -2,9 +2,6 @@
 - name: assure data directory for nagios
   file: path=/data/nagios state=directory mode=0755
   tags: [ nagios ]
-- name: assure ssmtp.conf file for nagios
-  file: path=/data/nagios/ssmtp.conf state=file mode=0640
-  tags: [ nagios ]
 - name: template out config for nagios
   template: src=nagios-hosts.cfg.j2 dest=/data/nagios/etc/objects/ansible.cfg owner=root group=root mode=0644
   register: config
@@ -15,11 +12,11 @@
 - name: docker deploy nagios
   docker_container:
     name: nagios
-    image: manios/nagios
+    image: jasonrivers/nagios
     env:
       NAGIOSADMIN_USER: admin
       NAGIOSADMIN_PASS: "{{ secret_nagios_admin_pass }}"
-      TZ: "America/Chicago"
+      NAGIOS_TIMEZONE: "America/Chicago"
     networks:
       - name: web
         aliases: [ "nagios" ]
@@ -27,7 +24,8 @@
       - /data/nagios/etc:/opt/nagios/etc
       - /data/nagios/var:/opt/nagios/var
       - /data/nagios/plugins:/opt/Custom-Nagios-Plugins
-      - /data/nagios/ssmtp.conf:/etc/ssmtp/ssmtp.conf
+      - /data/nagios/nagiosgraph/var:/opt/nagiosgraph/var
+      - /data/nagios/nagiosgraph/etc:/opt/nagiosgraph/etc
   tags: [ docker, nagios ]
 - name: restart nagios
   docker_container: name=nagios state=started restart=yes