salt/ansible
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Make our Nagios SNMP user, apply some changes to its container, and spin up some barebones checks

Browse Source
This commit is contained in:
Salt 2021-08-08 14:46:58 -05:00
parent a254910cdc
commit da432c0dcc
3 changed files with 24 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
playbooks/snmp.yml
View File

@ -3,9 +3,19 @@
--- ---
- hosts: tags_snmp - hosts: tags_snmp
roles: roles:
- role: snmp - role: snmpd
vars: vars:
snmpd_internal_user: snmpd_internal_user:
username: "{{ secret_snmp_internal_username }}" username: "{{ secret_snmp_internal_username }}"
password: "{{ secret_snmp_internal_password }}" password: "{{ secret_snmp_internal_password }}"
auth_protocol: SHA
snmpd_users:
- username: "{{ secret_snmp_rouser_username }}"
password: "{{ secret_snmp_rouser_password }}"
type: rouser
auth_protocol: SHA
privacy_passphrase: "{{ secret_snmp_rouser_privacy_passphrase }}"
privacy_protocol: AES
snmpd_disks_include_all: yes
snmpd_disks_include_all_threshold_minpercent: "10%"
tags: [ snmp ] tags: [ snmp ]

10
playbooks/tasks/web/nagios-hosts.cfg.j2
View File

@ -52,7 +52,7 @@ define service {
# Commands # Commands
# Ain't nobody here but us chickens... # Ain't nobody here but us chickens...
# Services # Services for all hosts
define service { define service {
use ansible-generic-service use ansible-generic-service
service_description HTTP service_description HTTP
@ -66,6 +66,14 @@ define service {
hostgroup_name nagios-checkhttp hostgroup_name nagios-checkhttp
} }
# Services for SNMP-capable hosts
define service {
use ansible-generic-service
service_description SNMP Check Hostname
check_command check_snmp!-P 3 -a SHA -x AES -o 1.3.6.1.2.1.1.1.0 -U {{ secret_snmp_rouser_username }} -A {{ secret_snmp_rouser_password }} -X {{ secret_snmp_rouser_privacy_passphrase }} -s $HOSTNAME$ -L authPriv
hostgroup_name snmp
}
# Manually-defined services for hosts # Manually-defined services for hosts
# web1.desu.ltd # web1.desu.ltd
{% for site in ["9iron.club","desu.ltd","nc.desu.ltd","git.desu.ltd"] %} {% for site in ["9iron.club","desu.ltd","nc.desu.ltd","git.desu.ltd"] %}

10
playbooks/tasks/web/nagios.yml
View File

@ -2,9 +2,6 @@
- name: assure data directory for nagios - name: assure data directory for nagios
file: path=/data/nagios state=directory mode=0755 file: path=/data/nagios state=directory mode=0755
tags: [ nagios ] tags: [ nagios ]
- name: assure ssmtp.conf file for nagios
file: path=/data/nagios/ssmtp.conf state=file mode=0640
tags: [ nagios ]
- name: template out config for nagios - name: template out config for nagios
template: src=nagios-hosts.cfg.j2 dest=/data/nagios/etc/objects/ansible.cfg owner=root group=root mode=0644 template: src=nagios-hosts.cfg.j2 dest=/data/nagios/etc/objects/ansible.cfg owner=root group=root mode=0644
register: config register: config
@ -15,11 +12,11 @@
- name: docker deploy nagios - name: docker deploy nagios
docker_container: docker_container:
name: nagios name: nagios
image: manios/nagios image: jasonrivers/nagios
env: env:
NAGIOSADMIN_USER: admin NAGIOSADMIN_USER: admin
NAGIOSADMIN_PASS: "{{ secret_nagios_admin_pass }}" NAGIOSADMIN_PASS: "{{ secret_nagios_admin_pass }}"
TZ: "America/Chicago" NAGIOS_TIMEZONE: "America/Chicago"
networks: networks:
- name: web - name: web
aliases: [ "nagios" ] aliases: [ "nagios" ]
@ -27,7 +24,8 @@
- /data/nagios/etc:/opt/nagios/etc - /data/nagios/etc:/opt/nagios/etc
- /data/nagios/var:/opt/nagios/var - /data/nagios/var:/opt/nagios/var
- /data/nagios/plugins:/opt/Custom-Nagios-Plugins - /data/nagios/plugins:/opt/Custom-Nagios-Plugins
- /data/nagios/ssmtp.conf:/etc/ssmtp/ssmtp.conf - /data/nagios/nagiosgraph/var:/opt/nagiosgraph/var
- /data/nagios/nagiosgraph/etc:/opt/nagiosgraph/etc
tags: [ docker, nagios ] tags: [ docker, nagios ]
- name: restart nagios - name: restart nagios
docker_container: name=nagios state=started restart=yes docker_container: name=nagios state=started restart=yes