Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

add crl check to nagios + nrpe + facl perms for nrpe

Browse source 
Signed-off-by: Rick Elrod <relrod@redhat.com>
This commit is contained in:
Rick Elrod 2020-08-06 15:21:48 -05:00 committed by Rick Elrod
parent efcb0adbe0
commit dcc53bd63b
4 changed files with 28 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

17
roles/nagios_client/tasks/main.yml
View file

@ -49,6 +49,7 @@
- check_ipa_replication
- check_redis_queue.sh
- check_timestamp_from_file
- check_crl_next_update
when: not inventory_hostname.startswith('noc')
tags:
- nagios_client
@ -239,6 +240,22 @@
tags:
- nagios_client
- name: install CRL check for bastions
when: inventory_hostname.startswith('bastion')
tags:
- nagios_client
block:
- name: Install the nrpe template
template: src=check_crl_next_update.cfg.j2 dest=/etc/nrpe.d/check_crl_next_update.cfg owner=root group=root mode=0644
notify:
- restart nrpe
- name: Set facls so nrpe can check the crl (dir)
acl: default=no etype=user entity=nrpe permissions="rx" name=/etc/openvpn/server state=present
- name: Set facls so nrpe can check the crl (file)
acl: default=no etype=user entity=nrpe permissions="r" name=/etc/openvpn/server/crl.pem state=present
- name: install nrpe config for the RabbitMQ checks
template:
src: "rabbitmq_args.ini.j2"