diff --git a/redis/README.md b/redis/README.md index 29ff132f..5a7168b7 100644 --- a/redis/README.md +++ b/redis/README.md @@ -16,6 +16,7 @@ Main variables are : * `redis_conf_path`: config file location ; * `redis_port`: listening TCP port ; * `redis_bind_interface`: listening IP address ; +* `redis_password`: password for redis. Empty means no password ; * `redis_unixsocket`: Unix socket ; * `redis_loglevel`: log verbosity ; * `redis_logfile`: log file location. diff --git a/redis/defaults/main.yml b/redis/defaults/main.yml index cf4e5fef..6526c887 100644 --- a/redis/defaults/main.yml +++ b/redis/defaults/main.yml @@ -7,6 +7,8 @@ redis_bind_interface: 127.0.0.1 redis_unixsocket: '/var/run/redis/redis.sock' redis_timeout: 300 +redis_password: NULL + redis_loglevel: "notice" redis_logfile: /var/log/redis/redis-server.log diff --git a/redis/handlers/main.yml b/redis/handlers/main.yml index 8a416b0e..49b906a1 100644 --- a/redis/handlers/main.yml +++ b/redis/handlers/main.yml @@ -8,3 +8,8 @@ service: name: munin-node state: restarted + +- name: restart nagios-nrpe-server + service: + name: nagios-nrpe-server + state: restarted diff --git a/redis/tasks/main.yml b/redis/tasks/main.yml index 1b0545fa..33a70797 100644 --- a/redis/tasks/main.yml +++ b/redis/tasks/main.yml @@ -1,8 +1,11 @@ --- - name: Redis is installed. apt: - name: redis-server + name: "{{ item }}" state: present + with_items: + - redis-server + - redis-tools tags: - redis - packages @@ -31,3 +34,12 @@ - include: munin.yml when: _munin_installed.stat.exists and _munin_installed.stat.isdir + +- name: is NRPE present ? + stat: + path: /etc/nagios/nrpe.d/evolix.cfg + check_mode: no + register: nrpe_evolix_config + +- include: nrpe_stretch.yml + when: ansible_distribution_release == "stretch" and nrpe_evolix_config.stat.exists == true diff --git a/redis/tasks/munin.yml b/redis/tasks/munin.yml index 07473e2f..74676e07 100644 --- a/redis/tasks/munin.yml +++ b/redis/tasks/munin.yml @@ -60,3 +60,25 @@ - used_memory notify: restart munin-node tags: redis + +- name: Count redis condif blocks in munin-node configuration + command: grep -c "\[redis_" /etc/munin/plugin-conf.d/munin-node + register: munin_redis_blocs_in_config + failed_when: False + changed_when: False + +- name: Add redis password for munin (if no more than 1 config block) + ini_file: + dest: /etc/munin/plugin-conf.d/munin-node + section: 'redis_*' + option: env.password + value: '{{ redis_password }}' + notify: restart munin-node + when: "redis_password != '' and redis_password != None and {{munin_redis_blocs_in_config.stdout | int}} <= 1" + tags: redis + + +- name: Warn if multiple instance in munin-plugins configuration + debug: + msg: "WARNING - It seems you have multiple redis sections in your munin-node configuration - Munin config NOT changed" + when: "redis_password != '' and redis_password != None and {{munin_redis_blocs_in_config.stdout | int}} > 1 " diff --git a/redis/tasks/nrpe_stretch.yml b/redis/tasks/nrpe_stretch.yml new file mode 100644 index 00000000..a2ffba17 --- /dev/null +++ b/redis/tasks/nrpe_stretch.yml @@ -0,0 +1,15 @@ +--- +- name: Install perl lib-redis (needed by check_redis) + apt: + name: libredis-perl + state: present + tags: + - redis + - nrpe + +- name: Replace check_tcp by check_redis for NRPE + replace: + dest: /etc/nagios/nrpe.d/evolix.cfg + regexp: '^command\[check_redis\]=\/usr\/lib\/nagios\/plugins\/check_tcp -p 6379' + replace: 'command[check_redis]=/usr/lib/nagios/plugins/check_redis -H 127.0.0.1' + notify: restart nagios-nrpe-server diff --git a/redis/templates/redis.conf.j2 b/redis/templates/redis.conf.j2 index f7a7c5f0..78dd0c8c 100644 --- a/redis/templates/redis.conf.j2 +++ b/redis/templates/redis.conf.j2 @@ -7,6 +7,10 @@ bind {{ redis_bind_interface }} unixsocket {{ redis_unixsocket }} {% endif %} +{% if redis_password %} +requirepass {{ redis_password }} +{% endif %} + timeout {{ redis_timeout }} loglevel {{ redis_loglevel }}