965bde878f
The nagios-nrpe role will define those privileges instead.
84 lines
1.7 KiB
YAML
84 lines
1.7 KiB
YAML
---
|
|
- name: packages are installed
|
|
apt:
|
|
name: "{{ item }}"
|
|
state: present
|
|
with_items:
|
|
- nagios-nrpe-server
|
|
- nagios-plugins
|
|
- nagios-plugins-basic
|
|
- nagios-plugins-common
|
|
- nagios-plugins-contrib
|
|
- nagios-plugins-standard
|
|
tags:
|
|
- nagios-nrpe
|
|
|
|
- name: custom configuration is present
|
|
template:
|
|
src: evolix.cfg.j2
|
|
dest: /etc/nagios/nrpe.d/evolix.cfg
|
|
group: nagios
|
|
mode: "0640"
|
|
force: no
|
|
notify: restart nagios-nrpe-server
|
|
tags:
|
|
- nagios-nrpe
|
|
|
|
- name: update allowed_hosts lists
|
|
lineinfile:
|
|
dest: /etc/nagios/nrpe.d/evolix.cfg
|
|
line: "allowed_hosts={{ nagios_nrpe_allowed_hosts | join(',') }}"
|
|
regexp: '^allowed_hosts='
|
|
insertafter: '# Allowed IPs'
|
|
notify: restart nagios-nrpe-server
|
|
when: nagios_nrpe_force_update_allowed_hosts
|
|
tags:
|
|
- nagios-nrpe
|
|
|
|
- name: Nagios config is secured
|
|
file:
|
|
dest: /etc/nagios/
|
|
mode: "0750"
|
|
group: nagios
|
|
state: directory
|
|
notify: restart nagios-nrpe-server
|
|
tags:
|
|
- nagios-nrpe
|
|
|
|
- include_role:
|
|
name: remount-usr
|
|
when: nagios_plugins_directory | search ("/usr")
|
|
tags:
|
|
- nagios-nrpe
|
|
- nagios-plugins
|
|
|
|
- name: Nagios plugins are installed
|
|
copy:
|
|
src: plugins/
|
|
dest: "{{ nagios_plugins_directory }}/"
|
|
mode: "0755"
|
|
notify: restart nagios-nrpe-server
|
|
tags:
|
|
- nagios-nrpe
|
|
- nagios-plugins
|
|
|
|
- name: Nagios lib is secured
|
|
file:
|
|
dest: /usr/local/lib/nagios/
|
|
mode: "0755"
|
|
group: nagios
|
|
recurse: yes
|
|
state: directory
|
|
notify: restart nagios-nrpe-server
|
|
tags:
|
|
- nagios-nrpe
|
|
|
|
- name: Nagios user has proper sudo privileges
|
|
copy:
|
|
src: nagios_sudoers
|
|
dest: /etc/sudoers.d/nagios
|
|
mode: "0440"
|
|
validate: '/usr/sbin/visudo -cf %s'
|
|
tags:
|
|
- nagios-nrpe
|
|
- nagios-plugins |