33 changed files with 8 additions and 726 deletions
--- a/inventory/group_vars/all.yml
+++ b/inventory/group_vars/all.yml
@ -223,43 +223,6 @@ secret_pleroma_signing_salt: !vault |
          3563396435643363620a646337346561393863366361643536356363626334343264343861663131
          3466
 # For SNMP
 secret_snmp_internal_username: !vault |
          $ANSIBLE_VAULT;1.1;AES256
          65663937306665636134326138643230383632363465363764306131633565323963393532626131
          3338356435396531626530653665383630366538303036310a326338623135613834636364353936
          38643836373138633537666436656666623830363166303666366337333935313530373730353431
          6166636634373062380a346636363234636131333539333232353364656563346438663663303734
          39636263376635313631383262323538316434623065366332363762636562643064
 secret_snmp_internal_password: !vault |
          $ANSIBLE_VAULT;1.1;AES256
          32393365616165636263376636643035316431663334656135623832366265616230343665663362
          3564313266373931363265393465373138373230323030660a633436303339616134643532346533
          31643730353866366231623134356435613231353739383035623162653962323931656465656162
          6135326562313065330a353763396564646238616337313033616639383431633834383831653536
          32353130333634653831316464373465343233336266636561363334333832333036
 secret_snmp_rouser_username: !vault |
          $ANSIBLE_VAULT;1.1;AES256
          62393936313166323437663639376433303131316664613965323031373439633335313331626238
          6265303766663931396438396535623035376531343637630a336138373561396437353331303938
          35623462306638363765363032366365363938633564386162633761623261346661313531373764
          3534613836343738310a613163656139326662373535393935323465393833363861306534386234
          64396130366463323133303566383233356239316362383866336230333037643133
 secret_snmp_rouser_password: !vault |
          $ANSIBLE_VAULT;1.1;AES256
          36343461313133376563383563616562613338613463376535656339636335636336663839323033
          3665656533623938326132646133653431616438373138630a393033373330316236366365633162
          39346663356364356330386562623532343330343133386331356366376366636665366366323833
          3664316436363262390a663530633430303039366465306533363531356231396130316462373365
          33396330393231383833653134396137383436623535636165366664366137626464
 secret_snmp_rouser_privacy_passphrase: !vault |
          $ANSIBLE_VAULT;1.1;AES256
          31616564303237653131393133633232326535333566303538306232613031373536616463306439
          3431633838663261636461393833373961376265343163330a383336333432623136623731386461
          39373436313635353932353963313931646465366538393738623735383635356238313066386533
          3764363538636232630a383730323433343239663461373030383132626532306130363965316661
          64353932376139613765303764313463353366663535653135393637633835353566
 # For Steam games
 steam_username: !vault |
          $ANSIBLE_VAULT;1.1;AES256
--- a/playbooks/snmp.yml
+++ b/playbooks/snmp.yml
@ -1,21 +0,0 @@
 #!/usr/bin/env ansible-playbook
 # vim:ft=ansible:
 ---
 - hosts: tags_snmp
  roles:
    - role: snmpd
      vars:
        snmpd_internal_user:
          username: "{{ secret_snmp_internal_username }}"
          password: "{{ secret_snmp_internal_password }}"
          auth_protocol: SHA
        snmpd_users:
          - username: "{{ secret_snmp_rouser_username }}"
            password: "{{ secret_snmp_rouser_password }}"
            type: rouser
            auth_protocol: SHA
            privacy_passphrase: "{{ secret_snmp_rouser_privacy_passphrase }}"
            privacy_protocol: AES
        snmpd_disks_include_all: yes
        snmpd_disks_include_all_threshold_minpercent: "10%"
      tags: [ snmp ]
--- a/playbooks/tasks/web/nagios-hosts.cfg.j2
+++ b/playbooks/tasks/web/nagios-hosts.cfg.j2
@ -52,7 +52,7 @@ define service {
 # Commands
 # Ain't nobody here but us chickens...
-# Services for all hosts
+# Services
 define service {
 	use			ansible-generic-service
 	service_description	HTTP
@ -66,43 +66,6 @@ define service {
 	hostgroup_name		nagios-checkhttp
 }
 # Services for SNMP-capable hosts
 define service {
 	use			ansible-generic-service
 	service_description	SNMP Check Hostname
 	check_command		check_snmp!-P 3 -a SHA -x AES -o 1.3.6.1.2.1.1.1.0 -U {{ secret_snmp_rouser_username }} -A {{ secret_snmp_rouser_password }} -X {{ secret_snmp_rouser_privacy_passphrase }} -r $HOSTNAME$ -L authPriv
 	hostgroup_name		snmp
 }
 # Manually-defined services for hosts
 # web1.desu.ltd
 {% for site in ["9iron.club","desu.ltd","nc.desu.ltd","git.desu.ltd"] %}
 define service {
 	use			ansible-generic-service
 	service_description	HTTPS - {{ site }}
 	check_command		check_http!--ssl -H {{ site }}
 	host_name		web1.desu.ltd
 }
 {% endfor %}
 # web2.desu.ltd
 {% for site in ["cowfee.moe","tube.cowfee.moe"] %}
 define service {
 	use			ansible-generic-service
 	service_description	HTTPS - {{ site }}
 	check_command		check_http!--ssl -H {{ site }}
 	host_name		web2.desu.ltd
 }
 {% endfor %}
 # web3.desu.ltd
 {% for site in ["netbox.desu.ltd","nagios.desu.ltd -e 401"] %}
 define service {
 	use			ansible-generic-service
 	service_description	HTTPS - {{ site }}
 	check_command		check_http!--ssl -H {{ site }}
 	host_name		web3.desu.ltd
 }
 {% endfor %}
 # Hostgroups
 # Everything here is dynamically-generated based on tags from Netbox
 {% for tag in query('netbox.netbox.nb_lookup', 'tags', api_endpoint='https://netbox.desu.ltd', token=netbox_token) %}
--- a/playbooks/tasks/web/nagios.yml
+++ b/playbooks/tasks/web/nagios.yml
@ -2,9 +2,11 @@
 - name: assure data directory for nagios
  file: path=/data/nagios state=directory mode=0755
  tags: [ nagios ]
 - name: assure ssmtp.conf file for nagios
  file: path=/data/nagios/ssmtp.conf state=file mode=0640
  tags: [ nagios ]
 - name: template out config for nagios
  template: src=nagios-hosts.cfg.j2 dest=/data/nagios/etc/objects/ansible.cfg owner=root group=root mode=0644
  register: config
  tags: [ nagios, template ]
 - name: assure config file is loaded
  lineinfile: path=/data/nagios/etc/nagios.cfg line='cfg_file=/opt/nagios/etc/objects/ansible.cfg'
@ -12,11 +14,11 @@
 - name: docker deploy nagios
  docker_container:
    name: nagios
-    image: jasonrivers/nagios
+    image: manios/nagios
    env:
      NAGIOSADMIN_USER: admin
      NAGIOSADMIN_PASS: "{{ secret_nagios_admin_pass }}"
-      NAGIOS_TIMEZONE: "America/Chicago"
+      TZ: "America/Chicago"
    networks:
      - name: web
        aliases: [ "nagios" ]
@ -24,10 +26,5 @@
      - /data/nagios/etc:/opt/nagios/etc
      - /data/nagios/var:/opt/nagios/var
      - /data/nagios/plugins:/opt/Custom-Nagios-Plugins
-      - /data/nagios/nagiosgraph/var:/opt/nagiosgraph/var
+      - /data/nagios/ssmtp.conf:/etc/ssmtp/ssmtp.conf
      - /data/nagios/nagiosgraph/etc:/opt/nagiosgraph/etc
  tags: [ docker, nagios ]
 - name: restart nagios
  docker_container: name=nagios state=started restart=yes
  when: config and config is changed
  tags: [ docker, nagios ]
--- a/requirements.yml
+++ b/requirements.yml
@ -53,7 +53,3 @@ roles:
  - name: factorio
    src: bplower.factorio
    version: master
  # Upstream: https://github.com/Oefenweb/ansible-snmpd
  - name: snmpd
    src: oefenweb.snmpd
    version: master
--- a/roles/snmpd/.ansible-lint
+++ b/roles/snmpd/.ansible-lint
@ -1,3 +0,0 @@
 ---
 warn_list:
  - '106'
--- a/roles/snmpd/.github/workflows/ci.yml
+++ b/roles/snmpd/.github/workflows/ci.yml
@ -1,80 +0,0 @@
 ---
 name: CI
 'on':
  pull_request:
  push:
    branches:
      - master
  schedule:
    - cron: '30 1 * * 3'
 jobs:
  lint:
    name: Lint
    runs-on: ubuntu-latest
    steps:
      - name: Check out the codebase
        uses: actions/checkout@v2
      - name: Set up Python 3
        uses: actions/setup-python@v2
        with:
          python-version: '3.x'
      - name: Install test dependencies
        run: pip install ansible-lint[community,yamllint]
      - name: Lint code
        run: |
          yamllint .
          ansible-lint
  molecule:
    name: Molecule
    runs-on: ubuntu-latest
    defaults:
      run:
        working-directory: "${{ github.repository }}"
    needs:
      - lint
    strategy:
      fail-fast: false
      matrix:
        include:
          - distro: debian8
          - distro: debian9
          - distro: debian10
          - distro: ubuntu1604
            ansible-version: '>=2.8, <2.9'
          - distro: ubuntu1604
            ansible-version: '>=2.9, <2.10'
          - distro: ubuntu1604
            ansible-version: '>=2.10, <2.11'
          - distro: ubuntu1604
          - distro: ubuntu1804
          - distro: ubuntu2004
    steps:
      - name: Check out the codebase
        uses: actions/checkout@v2
        with:
          path: "${{ github.repository }}"
      - name: Set up Python 3
        uses: actions/setup-python@v2
        with:
          python-version: '3.x'
      - name: Install test dependencies
        run: pip install 'ansible${{ matrix.ansible-version }}' molecule[docker] docker
      - name: Run Molecule tests
        run: |
          molecule test
        env:
          ANSIBLE_FORCE_COLOR: '1'
          ANSIBLE_VERBOSITY: '2'
          MOLECULE_DEBUG: '1'
          MOLECULE_DISTRO: "${{ matrix.distro }}"
          PY_COLORS: '1'
--- a/roles/snmpd/.github/workflows/release.yml
+++ b/roles/snmpd/.github/workflows/release.yml
@ -1,20 +0,0 @@
 ---
 name: Release
 'on':
  push:
    tags:
      - '*'
 jobs:
  release:
    name: Release
    runs-on: ubuntu-latest
    steps:
      - name: Check out the codebase
        uses: actions/checkout@v2
      - name: Publish to Galaxy
        uses: robertdebock/galaxy-action@1.1.0
        with:
          galaxy_api_key: ${{ secrets.GALAXY_API_KEY }}
--- a/roles/snmpd/.gitignore
+++ b/roles/snmpd/.gitignore
@ -1,30 +0,0 @@
 # OS generated files #
 ######################
 .DS_Store
 .DS_Store?
 ._*
 .Spotlight-V100
 .Trashes
 Icon?
 ehthumbs.db
 Thumbs.db
 # IDE files #
 #################
 /.settings
 /.buildpath
 /.project
 /nbproject
 *.komodoproject
 *.kpf
 /.idea
 # Vagrant files #
 .virtualbox/
 .vagrant/
 vagrant_ansible_inventory_*
 ansible.cfg
 # Other files #
 ###############
 !empty
--- a/roles/snmpd/.yamllint
+++ b/roles/snmpd/.yamllint
@ -1,15 +0,0 @@
 ---
 extends: default
 rules:
  braces:
    max-spaces-inside: 1
    level: error
  brackets:
    max-spaces-inside: 1
    level: error
  line-length: disable
  truthy: disable
 ignore: |
  .tox/
--- a/roles/snmpd/Dockerfile
+++ b/roles/snmpd/Dockerfile
@ -1,20 +0,0 @@
 FROM ubuntu:16.04
 MAINTAINER Mischa ter Smitten <mtersmitten@oefenweb.nl>
 # python
 RUN apt-get update && \
  DEBIAN_FRONTEND=noninteractive apt-get install -y python-minimal python-dev curl && \
  apt-get clean
 RUN curl -sL https://bootstrap.pypa.io/pip/2.7/get-pip.py | python -
 RUN rm -rf $HOME/.cache
 # ansible
 RUN DEBIAN_FRONTEND=noninteractive apt-get install -y gcc libffi-dev libssl-dev net-tools iproute2 ethtool && \
  apt-get clean
 RUN pip install ansible==2.9.15
 RUN rm -rf $HOME/.cache
 # provision
 COPY . /etc/ansible/roles/ansible-role
 WORKDIR /etc/ansible/roles/ansible-role
 RUN ansible-playbook -i tests/inventory tests/test.yml --connection=local
--- a/roles/snmpd/LICENSE.txt
+++ b/roles/snmpd/LICENSE.txt
@ -1,19 +0,0 @@
 Copyright (c) Oefenweb.nl <https://github.com/Oefenweb>
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
 in the Software without restriction, including without limitation the rights
 to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 copies of the Software, and to permit persons to whom the Software is furnished
 to do so, subject to the following conditions:
 The above copyright notice and this permission notice shall be included in all
 copies or substantial portions of the Software.
 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 THE SOFTWARE.
--- a/roles/snmpd/README.md
+++ b/roles/snmpd/README.md
@ -1,74 +0,0 @@
 ## snmpd
 [![CI](https://github.com/Oefenweb/ansible-snmpd/workflows/CI/badge.svg)](https://github.com/Oefenweb/ansible-snmpd/actions?query=workflow%3ACI)
 [![Ansible Galaxy](http://img.shields.io/badge/ansible--galaxy-snmpd-blue.svg)](https://galaxy.ansible.com/Oefenweb/snmpd)
 Set up snmp(d) in Debian-like systems.
 #### Requirements
 On **Debian** the **non-free** repository must be enabled to download the `snmp-mibs-downloader` package,
 on **Ubuntu** this package is in **multiverse**. See the *"Recommended"* section below.
 #### Variables
 * `snmpd_install` [default: `[lm-sensors]`]: Additional packages to install
 * `snmpd_mibs` [default: `UCD-SNMP-MIB`]: MIBs to load
 * `snmpd_run` [default: `true`]: Snmpd control (true means start daemon)
 * `snmpd_opts` [default: `'-LS4d -Lf /dev/null -u snmp -g snmp -I -smux -p /var/run/snmpd.pid'`]: Snmpd options (use syslog, close stdin/out/err)
 * `snmpd_trapd_run` [default: `false`]: Snmptrapd control (true means start daemon)
 * `snmpd_trapd_opts` [default: `'-Lsd -p /var/run/snmptrapd.pid'`]: Snmptrapd options (use syslog)
 * `snmpd_snmpd_compat` [default: `false`]: Create symlink on Debian legacy location to official RFC path
 * `snmpd_agent_address` [default: `['udp:161', 'udp6:[::1]:161']: Agent address
 * `snmpd_internal_user`: [default: see defaults.yml]: Internal user. **Make sure to change!**
 * `snmpd_users`: [default: see defaults.yml]: Additional users. **Make sure to change!**
 * `snmpd_sys_location` [default: `''`]: System location
 * `snmpd_sys_contact` [default: `Root <root@localhost>`]: System contact
 * `snmpd_sys_description` [default: `{{ inventory_hostname }}`]: System description
 * `snmpd_disks_include_all`: [default: `false`]: Include all disks mounted on the system in the SNMP table
 * `snmpd_disks_include_all_threshold_minpercent`: [default: `10%`]: Minimum free space specified as a percentage
 * `snmpd_disks`: [default: `[]`]: List of disk paths and their corresponding thresholds to be included in the SNMP table
 * `snmpd_disks.{n}.path`: [required]: The disks mountpoint (e.g. `/`)
 * `snmpd_disks.{n}.threshold`: [required]: The disks minimum threshold either be specified in kB (MINSPACE) or as a percentage of the total disk (MINPERCENT% with a '%' character) (e.g. `10%`)
 * `snmpd_default_monitors` [default: `true`]: Configure the Event `MIB` tables to monitor the various `UCD-SNMP-MIB` tables for problems
 * `snmpd_link_up_down_notifications` [default: `true`]: Configure the Event `MIB` tables to monitor the `fTable` for network interfaces being taken up or down, and triggering a `linkUp` or `linkDown` notification as appropriate
 * `snmpd_extensions`: [default: `[]`]: Extension MIB declaration(s)
 * `snmpd_extensions.{n}.name`: [required]: An identifying string for the extension
 * `snmpd_extensions.{n}.prog`: [required]: The program to run
 * `snmpd_extensions.{n}.args`: [default: `[]`]: The arguments to give the program
 ## Dependencies
 None
 ## Recommended
 * `ansible-apt` ([see](https://github.com/Oefenweb/ansible-apt), to manage `apt` repositories (in `/etc/apt/sources.list`)
 #### Example
 ```yaml
 ---
 - hosts: all
  roles:
    - snmpd
 ```
 #### License
 MIT
 #### Author Information
 Mischa ter Smitten
 #### Feedback, bug-reports, requests, ...
 Are [welcome](https://github.com/Oefenweb/ansible-snmpd/issues)!
--- a/roles/snmpd/Vagrantfile
+++ b/roles/snmpd/Vagrantfile
@ -1,70 +0,0 @@
 # -*- mode: ruby -*-
 # vi: set ft=ruby ts=2 sw=2 tw=0 et :
 role = File.basename(File.expand_path(File.dirname(__FILE__)))
 boxes = [
  {
    :name => "ubuntu-1604",
    :box => "bento/ubuntu-16.04",
    :ip => '10.0.0.12',
    :cpu => "50",
    :ram => "256"
  },
  {
    :name => "ubuntu-1804",
    :box => "bento/ubuntu-18.04",
    :ip => '10.0.0.13',
    :cpu => "50",
    :ram => "384"
  },
  {
    :name => "ubuntu-2004",
    :box => "bento/ubuntu-20.04",
    :ip => '10.0.0.14',
    :cpu => "50",
    :ram => "384"
  },
  {
    :name => "debian-8",
    :box => "bento/debian-8",
    :ip => '10.0.0.16',
    :cpu => "50",
    :ram => "256"
  },
  {
    :name => "debian-9",
    :box => "bento/debian-9",
    :ip => '10.0.0.17',
    :cpu => "50",
    :ram => "256"
  },
  {
    :name => "debian-10",
    :box => "bento/debian-10",
    :ip => '10.0.0.18',
    :cpu => "50",
    :ram => "256"
  },
 ]
 Vagrant.configure("2") do |config|
  boxes.each do |box|
    config.vm.define box[:name] do |vms|
      vms.vm.box = box[:box]
      vms.vm.hostname = "ansible-#{role}-#{box[:name]}"
      vms.vm.provider "virtualbox" do |v|
        v.customize ["modifyvm", :id, "--cpuexecutioncap", box[:cpu]]
        v.customize ["modifyvm", :id, "--memory", box[:ram]]
      end
      vms.vm.network :private_network, ip: box[:ip]
      vms.vm.provision :ansible do |ansible|
        ansible.playbook = "tests/vagrant.yml"
        ansible.verbose = "vv"
      end
    end
  end
 end
--- a/roles/snmpd/defaults/main.yml
+++ b/roles/snmpd/defaults/main.yml
@ -1,39 +0,0 @@
 # defaults file
 ---
 snmpd_install:
  - lm-sensors
 snmpd_mibs: UCD-SNMP-MIB
 snmpd_run: true
 snmpd_opts: '-LS4d -Lf /dev/null -u snmp -g snmp -I -smux -p /var/run/snmpd.pid'
 snmpd_trapd_run: false
 snmpd_trapd_opts: '-Lsd -p /var/run/snmptrapd.pid'
 snmpd_snmpd_compat: false
 snmpd_agent_address:
  - 'udp:161'
  - 'udp6:[::1]:161'
 snmpd_internal_user:
  username: internalUser
  password: '=9zeba&hEpr3799sE_a!'
  auth_protocol: MD5
 snmpd_users:
  - username: john-doe
    password: '!ahab#ub_uk#2uhEThu6'
    type: rouser
    auth_protocol: SHA
    privacy_passphrase: 'zusTAqEpHacEs9eju44@'
    privacy_protocol: AES
 snmpd_sys_location: 'Unknown'
 snmpd_sys_contact: Root <root@localhost>
 snmpd_sys_description: "{{ inventory_hostname }}"
 snmpd_sys_services: 72
 snmpd_disks_include_all: false
 snmpd_disks_include_all_threshold: '10%'
 snmpd_disks: []
 snmpd_default_monitors: true
 snmpd_link_up_down_notifications: true
--- a/roles/snmpd/files/empty
+++ b/roles/snmpd/files/empty
--- a/roles/snmpd/handlers/main.yml
+++ b/roles/snmpd/handlers/main.yml
@ -1,7 +0,0 @@
 # handlers file
 ---
 - name: restart snmpd
  service:
    name: snmpd
    state: restarted
  when: service_default_state | default('started') == 'started'
--- a/roles/snmpd/meta/.galaxy_install_info
+++ b/roles/snmpd/meta/.galaxy_install_info
@ -1,2 +0,0 @@
 install_date: 'Sun 08 Aug 2021 06:26:26 PM '
 version: master
--- a/roles/snmpd/meta/main.yml
+++ b/roles/snmpd/meta/main.yml
@ -1,24 +0,0 @@
 # meta file
 ---
 galaxy_info:
  namespace: oefenweb
  role_name: snmpd
  author: Mischa ter Smitten
  company: Oefenweb.nl B.V.
  description: Set up snmp(d) in Debian-like systems
  license: MIT
  min_ansible_version: 2.8.0
  platforms:
    - name: Ubuntu
      versions:
        - xenial
        - bionic
        - focal
    - name: Debian
      versions:
        - jessie
        - stretch
        - buster
  galaxy_tags:
    - system
 dependencies: []
--- a/roles/snmpd/molecule/default/converge.yml
+++ b/roles/snmpd/molecule/default/converge.yml
@ -1,9 +0,0 @@
 ---
 - name: Converge
  hosts: all
  become: true
  pre_tasks:
    - name: include vars
      include_vars: "{{ playbook_dir }}/../../tests/vars/main.yml"
  roles:
    - ../../../
--- a/roles/snmpd/molecule/default/molecule.yml
+++ b/roles/snmpd/molecule/default/molecule.yml
@ -1,19 +0,0 @@
 ---
 dependency:
  name: galaxy
 driver:
  name: docker
 platforms:
  - name: instance
    image: "geerlingguy/docker-${MOLECULE_DISTRO:-ubuntu1604}-ansible:latest"
    command: ${MOLECULE_DOCKER_COMMAND:-""}
    volumes:
      - /sys/fs/cgroup:/sys/fs/cgroup:ro
    privileged: true
    pre_build_image: true
 provisioner:
  name: ansible
  playbooks:
    prepare: prepare.yml
    converge: converge.yml
    verify: verify.yml
--- a/roles/snmpd/molecule/default/prepare.yml
+++ b/roles/snmpd/molecule/default/prepare.yml
@ -1,9 +0,0 @@
 ---
 - name: Prepare
  hosts: all
  become: true
  pre_tasks:
    - name: include vars
      include_vars: "{{ playbook_dir }}/../../tests/vars/main.yml"
    - name: include tasks
      include: "{{ playbook_dir }}/../../tests/tasks/pre.yml"
--- a/roles/snmpd/molecule/default/verify.yml
+++ b/roles/snmpd/molecule/default/verify.yml
@ -1,5 +0,0 @@
 ---
 - name: Verify
  hosts: all
  become: true
  tasks: []
--- a/roles/snmpd/tasks/main.yml
+++ b/roles/snmpd/tasks/main.yml
@ -1,57 +0,0 @@
 # tasks file
 ---
 - name: install dependencies
  apt:
    name: "{{ snmpd_dependencies }}"
    state: "{{ apt_install_state | default('latest') }}"
    update_cache: true
    cache_valid_time: "{{ apt_update_cache_valid_time | default(3600) }}"
  tags:
    - configuration
    - snmpd
    - snmpd-dependencies
 - name: install
  apt:
    name: "{{ snmpd_install }}"
    state: "{{ apt_install_state | default('latest') }}"
  tags:
    - configuration
    - snmpd
    - snmpd-install
 - name: update configuration file - /etc/default/snmpd.conf
  template:
    src: etc/default/snmpd.j2
    dest: /etc/default/snmpd
    owner: root
    group: root
    mode: 0644
  notify: restart snmpd
  tags:
    - configuration
    - snmpd
    - snmpd-configuration
 - name: update configuration file - /etc/snmp/snmpd.conf
  template:
    src: etc/snmp/snmpd.conf.j2
    dest: /etc/snmp/snmpd.conf
    owner: root
    group: root
    mode: 0600
  notify: restart snmpd
  tags:
    - configuration
    - snmpd
    - snmpd-configuration
 - name: start and enable service
  service:
    name: snmpd
    state: "{{ service_default_state | default('started') }}"
    enabled: "{{ service_default_enabled | default(true) | bool }}"
  tags:
    - configuration
    - snmpd
    - snmpd-start-enable-service
--- a/roles/snmpd/templates/etc/default/snmpd.j2
+++ b/roles/snmpd/templates/etc/default/snmpd.j2
@ -1,24 +0,0 @@
 # {{ ansible_managed }}
 # This file controls the activity of snmpd and snmptrapd
 # Don't load any MIBs by default.
 # You might comment this lines once you have the MIBs downloaded.
 export MIBS={{ snmpd_mibs }}
 # snmpd control (yes means start daemon).
 SNMPDRUN={{ 'yes' if snmpd_run else 'no' }}
 # snmpd options (use syslog, close stdin/out/err).
 SNMPDOPTS='{{ snmpd_opts }}'
 # snmptrapd control (yes means start daemon).  As of net-snmp version
 # 5.0, master agentx support must be enabled in snmpd before snmptrapd
 # can be run.  See snmpd.conf(5) for how to do this.
 TRAPDRUN={{ 'yes' if snmpd_trapd_run else 'no' }}
 # snmptrapd options (use syslog).
 TRAPDOPTS='{{ snmpd_trapd_opts }}'
 # create symlink on Debian legacy location to official RFC path
 SNMPDCOMPAT={{ 'yes' if snmpd_snmpd_compat else 'no' }}
--- a/roles/snmpd/templates/etc/snmp/snmpd.conf.j2
+++ b/roles/snmpd/templates/etc/snmp/snmpd.conf.j2
@ -1,42 +0,0 @@
 # {{ ansible_managed }}
 agentAddress {{ snmpd_agent_address | join(',') }}
 createUser {{ snmpd_internal_user.username }} {{ snmpd_internal_user.auth_protocol }} "{{ snmpd_internal_user.password }}"
 {% for snmpd_user in snmpd_users %}
 createUser {{ snmpd_user.username }} {{ snmpd_user.auth_protocol }} "{{ snmpd_user.password }}" {{ snmpd_user.privacy_protocol }} "{{ snmpd_user.privacy_passphrase }}"
 {% endfor %}
 view systemonly included .1.3.6.1.2.1.1
 view systemonly included .1.3.6.1.2.1.25.1
 rouser authOnlyUser
 {% for snmpd_user in snmpd_users %}
 {{ snmpd_user.type }} {{ snmpd_user.username }}
 {% endfor %}
 sysLocation {{ snmpd_sys_location }}
 sysContact  {{ snmpd_sys_contact }}
 {% if snmpd_sys_description %}
 sysDescr    {{ snmpd_sys_description }}
 {% endif %}
 sysServices {{ snmpd_sys_services }}
 iquerySecName {{ snmpd_internal_user.username }}
 rouser        {{ snmpd_internal_user.username }}
 {% if snmpd_disks_include_all %}
 includeAllDisks {{ snmpd_disks_include_all_threshold_minpercent }}
 {% endif %}
 {% for snmpd_disk in snmpd_disks %}
 disk {{ snmpd_disk.path }} {{ snmpd_disk.threshold }}
 {% endfor %}
 defaultMonitors         {{ 'yes' if snmpd_default_monitors else 'no' }}
 linkUpDownNotifications {{ 'yes' if snmpd_link_up_down_notifications else 'no' }}
 {% for snmpd_extension in snmpd_extensions | default([]) %}
 extend {{ snmpd_extension.name }} {{ snmpd_extension.prog }} {{ snmpd_extension.args | default([]) | join(' ') }}
 {% endfor %}
 master agentx
--- a/roles/snmpd/tests/inventory
+++ b/roles/snmpd/tests/inventory
@ -1 +0,0 @@
 localhost
--- a/roles/snmpd/tests/tasks/pre.yml
+++ b/roles/snmpd/tests/tasks/pre.yml
@ -1,14 +0,0 @@
 # pre test file
 ---
 - name: enable non-free
  apt_repository:
    repo: "{{ item.type }} {{ item.url }} {{ item.component }}"
    filename: non-free
  with_items:
    - type: deb
      url: "http://ftp.nl.debian.org/debian/ {{ ansible_distribution_release }}"
      component: contrib non-free
    - type: deb-src
      url: "http://ftp.nl.debian.org/debian/ {{ ansible_distribution_release }}"
      component: contrib non-free
  when: ansible_distribution == 'Debian'
--- a/roles/snmpd/tests/test.yml
+++ b/roles/snmpd/tests/test.yml
@ -1,12 +0,0 @@
 # tests file for snmpd
 ---
 - hosts: localhost
  connection: local
  become: true
  pre_tasks:
    - name: include vars
      include_vars: "{{ playbook_dir }}/vars/main.yml"
    - name: include tasks
      include: "{{ playbook_dir }}/tasks/pre.yml"
  roles:
    - ../../
--- a/roles/snmpd/tests/vagrant.yml
+++ b/roles/snmpd/tests/vagrant.yml
@ -1,10 +0,0 @@
 # test file
 ---
 - hosts: all
  remote_user: vagrant
  become: true
  pre_tasks:
    - name: include tasks
      include: "{{ playbook_dir }}/tasks/pre.yml"
  roles:
    - ../../
--- a/roles/snmpd/tests/vars/main.yml
+++ b/roles/snmpd/tests/vars/main.yml
@ -1,4 +0,0 @@
 # vars file
 ---
 snmpd_agent_address:
  - "udp:{{ ansible_lo['ipv4']['address'] }}:10161"
--- a/roles/snmpd/vars/main.yml
+++ b/roles/snmpd/vars/main.yml
@ -1,6 +0,0 @@
 # vars file
 ---
 snmpd_dependencies:
  - snmpd
  - snmp
  - snmp-mibs-downloader
--- a/site.yml
+++ b/site.yml
@ -38,8 +38,6 @@
          X11Forwarding: no
      tags: [ sshd, common ]
  # Import specific playbooks
 - import_playbook: playbooks/zerotier.yml
 - import_playbook: playbooks/snmp.yml
 - import_playbook: playbooks/db.yml
 - import_playbook: playbooks/web.yml
 - import_playbook: playbooks/game.yml
@ -47,4 +45,5 @@
 - import_playbook: playbooks/pistorage.yml
 - import_playbook: playbooks/pik8s.yml
 - import_playbook: playbooks/desktop.yml
 - import_playbook: playbooks/zerotier.yml
 - import_playbook: playbooks/ansible-pull.yml
		`@ -1,2 +0,0 @@`
			`install_date: 'Sun 08 Aug 2021 06:26:26 PM '`
			`version: master`