Jérémy Dubois
fe3d2035f5
Different ipsecctl checks are currently used one the servers with no convention, so I created one template with all that has to be checked.
80 lines
1.9 KiB
YAML
80 lines
1.9 KiB
YAML
---
|
|
- name: Install nrpe
|
|
openbsd_pkg:
|
|
name:
|
|
- nrpe--
|
|
state: present
|
|
|
|
- name: Install monitoring-plugins
|
|
openbsd_pkg:
|
|
name:
|
|
- monitoring-plugins
|
|
state: present
|
|
|
|
- name: Create nrpe.d dir
|
|
file:
|
|
path: /etc/nrpe.d
|
|
state: directory
|
|
owner: root
|
|
group: wheel
|
|
mode: "0755"
|
|
|
|
- name: Include nrpe.d dir in nrpe.cfg
|
|
lineinfile:
|
|
dest: /etc/nrpe.cfg
|
|
line: 'include_dir=/etc/nrpe.d'
|
|
|
|
- name: custom configuration is present
|
|
template:
|
|
src: evolix_bsd.cfg.j2
|
|
dest: /etc/nrpe.d/evolix.cfg
|
|
notify: restart nrpe
|
|
|
|
- name: Create nrpe plugins dir
|
|
file:
|
|
path: /usr/local/libexec/nagios/plugins/
|
|
state: directory
|
|
owner: root
|
|
group: wheel
|
|
mode: "0755"
|
|
|
|
- name: Nagios plugins are installed
|
|
copy:
|
|
src: plugins_bsd/{{ item.name }}
|
|
dest: /usr/local/libexec/nagios/plugins/{{ item.name }}
|
|
owner: root
|
|
group: wheel
|
|
mode: "0755"
|
|
force: "{{ item.force }}"
|
|
with_items:
|
|
- {name: 'check_carp_if', force: true}
|
|
- {name: 'check_connections_state.sh', force: false}
|
|
- {name: 'check_ipsecctl.sh', force: false}
|
|
- {name: 'check_ipsecctl_critiques.sh', force: false}
|
|
- {name: 'check_openbgpd', force: true}
|
|
- {name: 'check_openvpn', force: false}
|
|
- {name: 'check_openvpn.pl', force: true}
|
|
- {name: 'check_ospfd_simple', force: true}
|
|
- {name: 'check_packetfilter.sh', force: true}
|
|
- {name: 'check_pf_states', force: false}
|
|
- {name: 'check_mailq.pl', force: true}
|
|
notify: restart nrpe
|
|
|
|
- name: Nagios plugins are installed - template
|
|
template:
|
|
src: plugins_bsd/{{ item.name }}.j2
|
|
dest: /usr/local/libexec/nagios/plugins/{{ item.name }}
|
|
owner: root
|
|
group: wheel
|
|
mode: "0755"
|
|
force: "{{ item.force }}"
|
|
with_items:
|
|
- {name: 'check_free_mem.sh', force: true}
|
|
notify: restart nrpe
|
|
|
|
- name: Starting and enabling nrpe
|
|
service:
|
|
name: nrpe
|
|
enabled: true
|
|
state: started
|