nagios-nrpe: configure allowed_hosts in template and make use of the 'nagios_nrpe_additional_allowed_hosts' var in inventory for additional IP
This commit is contained in:
parent
8e18b6972a
commit
7dd930afcb
|
@ -84,6 +84,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
||||||
* evomaintenance: upstream release 23.10.1
|
* evomaintenance: upstream release 23.10.1
|
||||||
* accounts, etc-git, evocheck, nagios-nrpe: multiple changes to not fail when run in check mode
|
* accounts, etc-git, evocheck, nagios-nrpe: multiple changes to not fail when run in check mode
|
||||||
* base: configure "/var/log" for servers that have a mount on it
|
* base: configure "/var/log" for servers that have a mount on it
|
||||||
|
* nagios-nrpe: configure allowed_hosts in template and make use of the 'nagios_nrpe_additional_allowed_hosts' var in inventory for additional IP
|
||||||
|
|
||||||
### Fixed
|
### Fixed
|
||||||
|
|
||||||
|
|
|
@ -52,50 +52,6 @@
|
||||||
tags:
|
tags:
|
||||||
- nagios-nrpe
|
- nagios-nrpe
|
||||||
|
|
||||||
- name: "Fetch nrpe config content"
|
|
||||||
ansible.builtin.command: 'grep "allowed_hosts=" /etc/nrpe.d/evolix.cfg'
|
|
||||||
check_mode: false
|
|
||||||
register: nrpe_config_content
|
|
||||||
failed_when: false
|
|
||||||
changed_when: false
|
|
||||||
tags:
|
|
||||||
- nagios-nrpe
|
|
||||||
|
|
||||||
- name: "Allow NRPE hosts - if no allowed_hosts configured"
|
|
||||||
ansible.builtin.lineinfile:
|
|
||||||
dest: /etc/nrpe.d/evolix.cfg
|
|
||||||
insertbefore: BOF
|
|
||||||
regex: "allowed_hosts={{ nagios_nrpe_allowed_hosts | join(',') }}"
|
|
||||||
line: 'allowed_hosts={{ nagios_nrpe_allowed_hosts | join(",") }}'
|
|
||||||
create: true
|
|
||||||
mode: "0644"
|
|
||||||
when: nrpe_config_content.rc != 0
|
|
||||||
tags:
|
|
||||||
- nagios-nrpe
|
|
||||||
|
|
||||||
- name: "Allow NRPE hosts - if allowed_hosts already configured : keep added IP"
|
|
||||||
ansible.builtin.lineinfile:
|
|
||||||
dest: /etc/nrpe.d/evolix.cfg
|
|
||||||
backrefs: true
|
|
||||||
insertbefore: BOF
|
|
||||||
regex: "allowed_hosts={{ nagios_nrpe_allowed_hosts | join(',') }}(.*)*"
|
|
||||||
line: 'allowed_hosts={{ nagios_nrpe_allowed_hosts | join(",") }}\1'
|
|
||||||
create: true
|
|
||||||
mode: "0644"
|
|
||||||
when: nrpe_config_content.rc == 0
|
|
||||||
tags:
|
|
||||||
- nagios-nrpe
|
|
||||||
|
|
||||||
- name: "Allow NRPE hosts - add comment"
|
|
||||||
ansible.builtin.lineinfile:
|
|
||||||
dest: /etc/nrpe.d/evolix.cfg
|
|
||||||
insertbefore: BOF
|
|
||||||
line: "# Allowed IPs"
|
|
||||||
create: true
|
|
||||||
mode: "0644"
|
|
||||||
tags:
|
|
||||||
- nagios-nrpe
|
|
||||||
|
|
||||||
- name: "Create nrpe plugins dir"
|
- name: "Create nrpe plugins dir"
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
path: /usr/local/libexec/nagios/plugins/
|
path: /usr/local/libexec/nagios/plugins/
|
||||||
|
|
|
@ -1,3 +1,6 @@
|
||||||
|
# Allowed IPs
|
||||||
|
allowed_hosts={{ nagios_nrpe_allowed_hosts | join(',') }}
|
||||||
|
|
||||||
{% if ansible_distribution_version is version_compare("7.2",'>=') %}
|
{% if ansible_distribution_version is version_compare("7.2",'>=') %}
|
||||||
# Allow older cipher suites for older Icinga version
|
# Allow older cipher suites for older Icinga version
|
||||||
ssl_cipher_list=ALL:!MD5:@STRENGTH:@SECLEVEL=0
|
ssl_cipher_list=ALL:!MD5:@STRENGTH:@SECLEVEL=0
|
||||||
|
|
Loading…
Reference in a new issue