Merge branch 'dev' into customize_fstab

evolixisation.yml

@@ -1,3 +1,4 @@
+# yamllint disable rule:line-length
 # Playbook command
 # First use (become_method: su, and var_files uncommented) :
 # ansible-playbook evolixisation.yml --ask-vault-pass -CDki hosts -l HOSTNAME -u root
@@ -40,5 +41,4 @@
         tasks_from: exec.yml
 
 #  environment:
-# yamllint disable-line rule:line-length
 # PKG_PATH: "http://ftp.openbsd.org/pub/OpenBSD/{{ ansible_distribution_version }}/packages/{{ ansible_architecture }}/"

roles/base/tasks/evobackup.yml

@@ -10,6 +10,15 @@
   tags:
     - evobackup
 
+- name: Fetch daily.local content
+  command: 'grep "sh /usr/share/scripts/zzz_evobackup" /etc/daily.local'
+  check_mode: false
+  register: daily_local_content
+  failed_when: false
+  changed_when: false
+  tags:
+    - evobackup
+
 - name: Add evobackup cron (disabled)
   lineinfile:
     path: /etc/daily.local
@@ -17,6 +26,9 @@
     owner: root
     mode: "0644"
     create: true
+  when:
+    - not (daily_local_content.stdout
+      | regex_search('sh /usr/share/scripts/zzz_evobackup'))
   tags:
     - evobackup
 

roles/etc-git/tasks/main.yml

@@ -79,25 +79,35 @@
 - name: cron job for /etc/.git status is installed
   lineinfile:
     path: /etc/daily.local
-    line: "{{ item }}"
+    line:
+      '/usr/local/bin/git --git-dir=/etc/.git --work-tree=/etc status --short'
     owner: root
     mode: "0644"
     create: true
   when: etc_git_monitor_status
   tags:
     - etc-git
-  with_items:
+
-    - 'next_part "Checking /etc git status:"'
+- name: cron job for /etc/.git status is installed - next_part
-    - '/usr/local/bin/git --git-dir=/etc/.git --work-tree=/etc status --short'
+  lineinfile:
+    path: /etc/daily.local
+    line: 'next_part "Checking /etc git status:"'
+    insertbefore:
+      '/usr/local/bin/git --git-dir=/etc/.git --work-tree=/etc status --short'
+  when: etc_git_monitor_status
+  tags:
+    - etc-git
 
 - name: cron job for /etc/.git status is removed
   lineinfile:
     path: /etc/daily.local
-    line:
+    line: "{{ item }}"
-      '/usr/local/bin/git --git-dir=/etc/.git --work-tree=/etc status --short'
     owner: root
     mode: "0644"
     state: absent
+  with_items:
+    - 'next_part "Checking /etc git status:"'
+    - '/usr/local/bin/git --git-dir=/etc/.git --work-tree=/etc status --short'
   when: not etc_git_monitor_status
   tags:
     - etc-git

roles/nagios-nrpe/tasks/main.yml

@@ -32,23 +32,34 @@
 
 - name: Nagios plugins are installed
   copy:
-    src: plugins_bsd/
+    src: plugins_bsd/{{ item.name }}
-    dest: /usr/local/libexec/nagios/plugins/
+    dest: /usr/local/libexec/nagios/plugins/{{ item.name }}
     owner: root
     group: wheel
     mode: "0755"
+    force: "{{ item.force }}"
+  with_items:
+    - {name: 'check_carp_if', force: true}
+    - {name: 'check_connections_state.sh', force: false}
+    - {name: 'check_ipsecctl.sh', force: false}
+    - {name: 'check_openbgpd', force: true}
+    - {name: 'check_openvpn', force: false}
+    - {name: 'check_openvpn.pl', force: true}
+    - {name: 'check_ospfd_simple', force: true}
+    - {name: 'check_packetfilter', force: true}
   notify: restart nrpe
 
 - name: Nagios plugins are installed - template
   template:
-    src: plugins_bsd/{{ item }}.j2
+    src: plugins_bsd/{{ item.name }}.j2
-    dest: /usr/local/libexec/nagios/plugins/{{ item }}
+    dest: /usr/local/libexec/nagios/plugins/{{ item.name }}
     owner: root
     group: wheel
     mode: "0755"
+    force: "{{ item.force }}"
   with_items:
-    - 'check_pf_states'
+    - {name: 'check_pf_states', force: false}
-    - 'check_free_mem.sh'
+    - {name: 'check_free_mem.sh', force: true}
   notify: restart nrpe
 
 - name: Starting and enabling nrpe