Compare commits
3 Commits
691a934297
...
e968d4a7cf
Author | SHA1 | Date | |
---|---|---|---|
e968d4a7cf | |||
2f06fe61e0 | |||
5d5cab59eb |
@ -7,7 +7,7 @@ before_script:
|
||||
# Get the packages we need
|
||||
- apt-get update
|
||||
- apt-get install gnupg openssh-client python3-cryptography python3-docker python3-pip python-is-python3 wget -y
|
||||
- pip install ansible ansible-lint
|
||||
- pip install ansible ansible-lint pynetbox
|
||||
# Dump our key
|
||||
- eval $(ssh-agent -s)
|
||||
- echo "$ANSIBLE_SSH_KEY" | tr -d '\r' | ssh-add -
|
||||
|
@ -6,6 +6,16 @@ ansible_become: yes
|
||||
ansible_pull_repo: "https://git.desu.ltd/salt/ansible"
|
||||
ansible_pull_commit: master
|
||||
common_ansible_pubkey: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDfXVgMHeD2wtCAIVoDYQ+R19vKfhmR2FgUTkHhAzE2156fB/+IMB+6Qc4X3aFRIcUp+Ls8Vm8JQ3d0jvbcGQkgbAjRExQa71XGBmhxJCxzlCLBoQzBmTSnryL09LExoMynzVgrso8TQP92vZBGJFI/lLGAaop2l9pu+3cgM3sRaK+A11lcRCrS25C3hqPQhKC44zjzOt7sIoaG6RqG3CQ8jhE35bthQdBySOZVDgDKfjDyPuDzVxiKjsuNm4Ojzm0QW5gq6GkLOg2B8OSQ1TGQgBHQu4b8zsKBOUOdbZb0JLM8NdpH1cMntC0QBofy3DzqR/CFaSaBzUx+dnkBH0/pjBOrhHzzqZGOJayfC1igYki67HqzFV5IjhAVa+c4S9L/zbFk0+YZYdgMoKNlMU2LgzrSEastuXHD7NUy3fMP4BZbqg37SjQzFRXoUp5+ctVs9tCoy/qvvjT3UVGcn312eJrRRfWrYagU2nWKGyqbTOpsuOJ5OLlhopy6eP9+yRM= ansible"
|
||||
# This is a token generated post-setup
|
||||
# It is to be used for querying netbox
|
||||
netbox_token: !vault |
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
31656630386363323836663537383930346336393061363461653532323561386632343063353161
|
||||
6630636535373331633762363738613232636366663430330a356333623466623230616433373036
|
||||
35386162633961616438383332346165323930333662376665616531613837316333653361313332
|
||||
3065343761343338340a336266316339616134336332376336326332663435323937343531636238
|
||||
37323530333463383062396363616263386430356438306133393130626365333932323734383165
|
||||
3064663435626339393836353837643730333266366436373033
|
||||
|
||||
# Admin user configuration
|
||||
adminuser_name: salt
|
||||
@ -112,6 +122,15 @@ gitea_internal_token: !vault |
|
||||
62633234313261363537663061373931303832653531356566633739636264666635653936313965
|
||||
623964653936646334313864643030653763
|
||||
|
||||
# For Nagios
|
||||
secret_nagios_admin_pass: !vault |
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
64333231393831303031616363363030613464653161313531316465346263313063626638363437
|
||||
3965303861646232393663633066363039636637343161340a643162633133336335313632383861
|
||||
34616338636630633539353335336631313361656633333539323130626132356263653436343363
|
||||
3930323538613137370a373861376566376631356564623665313662636562626234643862343863
|
||||
61326232633266633262613931303631396163326266386363366639366639613938
|
||||
|
||||
# For Netbox
|
||||
secret_netbox_user_pass: !vault |
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
|
30
playbooks/tasks/web/nagios.yml
Normal file
30
playbooks/tasks/web/nagios.yml
Normal file
@ -0,0 +1,30 @@
|
||||
# vim:ft=ansible:
|
||||
- name: assure data directory for nagios
|
||||
file: path=/data/nagios state=directory mode=0755
|
||||
tags: [ nagios ]
|
||||
- name: assure ssmtp.conf file for nagios
|
||||
file: path=/data/nagios/ssmtp.conf state=file mode=0640
|
||||
tags: [ nagios ]
|
||||
- name: template out config for nagios
|
||||
template: src=nagios-hosts.cfg.j2 dest=/data/nagios/etc/objects/ansible.cfg owner=root group=root mode=0644
|
||||
tags: [ nagios, template ]
|
||||
- name: assure config file is loaded
|
||||
lineinfile: path=/data/nagios/etc/nagios.cfg line='cfg_file=/opt/nagios/etc/objects/ansible.cfg'
|
||||
tags: [ nagios, template ]
|
||||
- name: docker deploy nagios
|
||||
docker_container:
|
||||
name: nagios
|
||||
image: manios/nagios
|
||||
env:
|
||||
NAGIOSADMIN_USER: admin
|
||||
NAGIOSADMIN_PASS: "{{ secret_nagios_admin_pass }}"
|
||||
TZ: "America/Chicago"
|
||||
networks:
|
||||
- name: web
|
||||
aliases: [ "nagios" ]
|
||||
volumes:
|
||||
- /data/nagios/etc:/opt/nagios/etc
|
||||
- /data/nagios/var:/opt/nagios/var
|
||||
- /data/nagios/plugins:/opt/Custom-Nagios-Plugins
|
||||
- /data/nagios/ssmtp.conf:/etc/ssmtp/ssmtp.conf
|
||||
tags: [ docker, nagios ]
|
@ -153,6 +153,19 @@
|
||||
proxy_pass http://netbox:8080;
|
||||
}
|
||||
}
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name nagios.desu.ltd;
|
||||
ssl_certificate /etc/letsencrypt/live/netbox.desu.ltd/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/netbox.desu.ltd/privkey.pem;
|
||||
ssl_trusted_certificate /etc/letsencrypt/live/netbox.desu.ltd/chain.pem;
|
||||
ssl_dhparam /etc/letsencrypt/dhparams/dhparam.pem;
|
||||
location / {
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_pass http://nagios:80;
|
||||
}
|
||||
}
|
||||
tags: [ docker, ingress ]
|
||||
- name: include tasks for apps
|
||||
include_tasks: tasks/app/{{ task }}
|
||||
@ -165,6 +178,8 @@
|
||||
include_tasks: tasks/web/{{ task }}
|
||||
with_items:
|
||||
- netbox.yml
|
||||
- nagios.yml
|
||||
- ingress-generic.yml
|
||||
loop_control:
|
||||
loop_var: task
|
||||
tags: [ always ]
|
||||
|
@ -5,6 +5,7 @@ desktop_pip3_packages:
|
||||
- openshift
|
||||
- pmbootstrap
|
||||
- protontricks
|
||||
- pynetbox
|
||||
- randovania
|
||||
- youtube-dl
|
||||
desktop_pip3_packages_extra: []
|
||||
|
Loading…
Reference in New Issue
Block a user