Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions
ansible/roles/nagios_server/tasks/main.yml
Stephen Smoogen 9a062828b9 and we have a set of hosts
2017-01-10 22:58:42 +00:00

332 lines
8.6 KiB
YAML
Raw Blame History

##
## A playbook to set up a Nagios 4 server
##
## Setup the initial user and groups.
- name: Add nagios group as 420
group: name=nagios gid=420 state=present system=yes
tags:
- nagios_server
- name: Add nagios user as 420
user: name=nagios uid=420 state=present home=/var/spool/nagios comment="Nagios Monitoring User" createhome=yes system=yes shell=/bin/bash
tags:
- nagios_server
# Add the apache user to the nagios group so that it has permissions
# to do stuff in /var/spool/nagios/*
- name: Add apache to nagios group
user: name=apache append=yes groups=nagios
tags:
- nagios_server
## Install the initial packages for the group.
- name: Install nagios packages
yum: name={{ item }} state=present
with_items:
- php
- nagios.x86_64
- nagios-plugins
- nagios-plugins-dig
- nagios-plugins-disk
- nagios-plugins-dns
- nagios-plugins-dummy
- nagios-plugins-file_age
- nagios-plugins-http
- nagios-plugins-load
- nagios-plugins-nagios
- nagios-plugins-nrpe
- nagios-plugins-perl
- nagios-plugins-pgsql
- nagios-plugins-ping
- nagios-plugins-procs
- nagios-plugins-smtp
- nagios-plugins-ssh
- nagios-plugins-swap
- nagios-plugins-tcp
- nagios-plugins-users
- perl-Mail-IMAPClient
- stunnel
- mod_auth_gssapi
tags:
- nagios_server
## Setup directories for files to be copied
- name: Create or confirm directories to be made
file: dest={{item}} mode=0755 owner=root group=root state=directory
with_items:
- /etc/nagios/commands
- /etc/nagios/contacts
- /etc/nagios/contactgroups
- /etc/nagios/hosts
- /etc/nagios/hostgroups
- /etc/nagios/services
- /etc/nagios/servicegroups
- /etc/nagios/conf.d
- /usr/lib64/nagios/plugins/
- /usr/lib64/nagios/plugins/eventhandlers/
## Remove the items we don't want
- name: Nuke default nagios passwd
file: dest=/etc/nagios/passwd state=absent
tags:
- nagios_server
- name: Nuke default nagios objects
file: dest=/etc/nagios/objects state=absent
tags:
- nagios_server
## Copy over system configs
# TODO: Make this a template once they're closer together
- name: Copy httpd config (production)
copy: src=httpd/nagios.conf dest=/etc/httpd/conf.d/nagios.conf
when: env == "production"
tags:
- nagios_server
- name: Copy httpd config (staging)
copy: src=httpd/nagios-new.conf dest=/etc/httpd/conf.d/nagios.conf
when: env == "staging"
tags:
- nagios_server
- name: Copy specialized nrpe.cfg for nagios server
copy: src=nrpe/nrpe.cfg dest=/etc/nagios/nrpe.cfg mode=0644 group=root owner=root
notify:
- restart nrpe
tags:
- config
- nagios_server
## Copy over the nagios configs
- name: Copy /etc/nagios/conf.d/*cfg files
copy: src=nagios/configs/{{ item }} dest=/etc/nagios/conf.d/{{ item }}
with_items:
- escalations.cfg
- timeperiods.cfg
tags:
- config
- nagios_server
- name: Copy over the main conf file
copy: src=nagios/configs/nagios.cfg dest=/etc/nagios mode=0644 group=root owner=root
tags:
- config
- nagios_server
## Copy over the command scripts
- name: Copy /etc/nagios/commands
synchronize: src=nagios/commands/ dest=/etc/nagios/commands/
tags:
- nagios-config
- nagios_server
notify: restart nagios
## Copy over the contacts
- name: Copy /etc/nagios/contacts
synchronize: src=nagios/contacts/ dest=/etc/nagios/contacts/
tags:
- nagios-config
- nagios_server
notify: restart nagios
## Copy over the contactgroups
- name: Copy /etc/nagios/contactgroups
synchronize: src=nagios/contactgroups/ dest=/etc/nagios/contactgroups/
tags:
- nagios-config
- nagios_server
notify: restart nagios
## Copy over the hosts
- name: Copy /etc/nagios/hosts
copy: src=nagios/hosts/ dest=/etc/nagios/hosts/
tags:
- nagios-config
- nagios_server
notify: restart nagios
## Copy over the services
- name: Copy /etc/nagios/services (production)
copy: src=nagios/services/{{ item }} dest=/etc/nagios/services/{{ item }}
with_items:
- autocloud.cfg
- basset.cfg
- copr.cfg
- db_backups.cfg
- disk.cfg
- dns.cfg
- fedmsg.cfg
- file_age.cfg
- fmn.cfg
- haproxy.cfg
- haproxy_mirrorlist.cfg
- hosted.cfg
- ipa.cfg
- koji.cfg
- koschei.cfg
- locking.cfg
- mail_queue.cfg
- memcached.cfg
- nagios.cfg
- nrpe.cfg
- osbs.cfg
- pgsql.cfg
- ping.cfg
- procs.cfg
- raid.cfg
- smtp-mm.cfg
- ssh.cfg
- ssl.cfg
- swap.cfg
- unbound.cfg
- vpnclients.cfg
- websites.cfg
- templates.cfg
tags:
- nagios-config
- nagios_server
when: env == "production"
notify: restart nagios
## Copy over the services
- name: Copy /etc/nagios/services (staging)
copy: src=nagios/services/{{ item }} dest=/etc/nagios/services/{{ item }}
with_items:
- mail_queue.cfg
- ping.cfg
- templates.cfg
tags:
- nagios-config
- nagios_server
when: env == "staging"
notify: restart nagios
## Copy over the servicegroups
- name: Copy /etc/nagios/servicegroups
synchronize: src=nagios/servicegroups/ dest=/etc/nagios/servicegroups/
tags:
- nagios-config
- nagios_server
notify: restart nagios
## Copy over the plugins
- name: Copy plugins
copy: src=nagios/plugins/ dest=/usr/lib64/nagios/plugins/ mode=0755 owner=root group=root
tags:
- nagios_server
## Copy over the programs
- name: Copy irc-colorize.py
copy: src=nagios/scripts/irc-colorize.py dest=/usr/local/bin/irc-colorize.py mode=0755 group=root owner=root
tags:
- nagios_server
- name: Copy check_nagios_notifications.py
copy: src=nagios/scripts/check_nagios_notifications.py dest=/usr/local/bin/check_nagios_notifications.py mode=0755 group=root owner=root
tags:
- nagios_server
## Build template files
# This one may go to being just a regular config file if we can make remote monitoring work
- name: Template out the cgi.cfg
template: src=nagios/configs/cgi.cfg.j2 dest=/etc/nagios/cgi.cfg mode=0644 owner=root group=root
tags:
- nagios_server
- name: Override config.inc.php for the given environment
template: src=nagios/config.inc.php.j2 dest=/usr/share/nagios/html/config.inc.php mode=0640 owner=root group=apache
tags:
- nagios_server
- name: Template over services
template: src=nagios/services/{{item}}.j2 dest=/etc/nagios/services/{{item}} mode=0644 owner=root group=root
with_items:
- phx2-mgmt.cfg
tags:
- nagios_server
- name: Build out nagios host templates (production)
template: src=nagios/hosts/{{item}}.j2 dest=/etc/nagios/hosts/{{item}} mode=0644 owner=root group=root
with_items:
- bodhost-hosts.cfg
- cloud-hosts.cfg
- coloamer-hosts.cfg
- dedicatedsolutions-hosts.cfg
- host1plus-hosts.cfg
- ibiblio-hosts.cfg
- internetx-hosts.cfg
- osuosl-hosts.cfg
- phx2-hosts.cfg
- staging-hosts.cfg
- phx2-mgmt-hosts.cfg
- rdu-cc-hosts.cfg
- rdu-hosts.cfg
- tummy-hosts.cfg
when: env == "production"
tags:
- nagios_server
- name: Build out nagios host templates (staging)
template: src=nagios/hosts/{{item}}.j2 dest=/etc/nagios/hosts/{{item}} mode=0644 owner=root group=root
with_items:
- phx2-hosts.cfg
- staging-hosts.cfg
- phx2-mgmt-hosts.cfg
when: env == "staging"
tags:
- nagios_server
- name: Build out nagios hostgroup templates
template: src=nagios/hostgroups/{{item}}.j2 dest=/etc/nagios/hostgroups/{{item}} mode=0644 owner=root group=root
with_items:
- all.cfg
# - name: Build out nagios servicegroup templates
# template: src=nagios/servicegroups/{{item}}.j2 dest=/etc/nagios/servicegroups/{{item}} mode=0644 owner=root group=root
# with_items:
# - bodhi.cfg
# - fedorahosted.org.cfg
# - freemedia.cfg
# - kvmHosts.cfg
# - mgmt-https.cfg
# - pkgdb.cfg
# - fas.cfg
# - fp-wiki.cfg
# - ipa.cfg
# - mgmt-http.cfg
# - mirrorlist.cfg
# - retrace.cfg
# - zanata2fedmsg.cfg
tags:
- nagios_server
## Copy over the servicedeps
## Setup the cron jobs
- name: Install check_nagios_notifications cron
cron: name="check_nagios_notifications" minute=0 hour=0 weekday=1 user=nagios job="/usr/local/bin/check_nagios_notifications.py"
tags:
- nagios_server
## Handle selinux annoyances - roughly copied from fedmsg role
- name: Ensure a directory exists for our custom selinux module
file: dest=/usr/local/share/nagios-policy state=directory
tags:
- nagios_server
- name: Copy over our custom selinux module
copy: src=selinux/nagios_hostname.pp dest=/usr/local/share/nagios-policy/nagios_hostname.pp
register: selinux_module
tags:
- nagios_server
- name: Install our custom selinux module
command: semodule -i /usr/local/share/nagios-policy/nagios_hostname.pp
when: selinux_module|changed
tags:
- nagios_server
Reference in a new issue View git blame Copy permalink