ansible-role-icinga2/README.md

# Ansible role: Icinga2

Install and configure Icinga2

## Requirements

* Ansible >= 2.9
* Debian Buster

## Role variables

- `icinga2_db_type` - set the database type mysql or postgresql (default: `mysql`)
- `icinga2_ido_host` - set the database host (default: `127.0.0.1`)
- `icinga2_ido_database` - set the database name (default: `icinga2`)
- `icinga2_ido_user` - set the database user (default: `icinga2`)
- `icinga2_ido_password` - set the database password
- `icinga2_master` - set if the server is a master node (default: `false`)
- `icinga2_endpoints` - hash with the endpoint name and address

```
  local.loc: 127.0.0.1
  satellite.loc: 10.121.30.20
```

- `icinga2_zones` - hash with zone configuration

```
  master:
    endpoints:
      - loca.loc
  satellite:
    parent: master
    endpoints:
      - satellite.loc
```

- `icinga2_templates` - hash with template configuration

```
  generic-host:
    type: host
    vars:
      os: Linux
    options:
      check_command: hostalive
      check_interval: 1m
      retry_interval: 30s
      max_check_attempts: 3
  generic-service:
    type: service
    options:
      max_check_attempts: 5
      check_interval: 1m
      retry_interval: 30s
```

- `icinga2_service_groups` - hash with service group configuration

```
  smnp:
    display_name: SMNP
    match: 'snmp-*'
```

- `icinga2_services` - hash with service configuration

```
  ping:
    check_command: ping
    assign: host.address
  ssh:
    check_command: ssh
    assign: (host.address || host.address6) && host.vars.os == "Linux"
    vars:
      timeout: 5
```

- `icinga2_host_groups` - hash with host group configuration

```
  tomcat:
    assign: host.vars.tomcat_port
  influxdb:
    display_name: InfluxDB
    assign: match("influx-*", host.name)
```

- `icinga2_hosts` - hash with host configuration

```
  localhost:
    template: generic-host
    address: 127.0.0.1
    vars:
      dist: Debian
```

- `icinga2_user_groups` - hash with user group configuration

```
  admin:
    display_name: Administrateur
```

- `icinga2_users` - hash with the user configuration

```
  johndoe:
    display_name: John Doe
    email: john@doe.loc
    groups:
      - admin
```

- `icinga2_api_users` - hash with the user configuration for the API access 

```
  icingaweb2:
    password: secret
    permissions:
      - '*'
```

- `icinga2_timeperiods` - hash with timeperiods configuration

```
  24x7:
    ranges:
      monday: 00:00-24:00
      tuesday: 00:00-24:00
      wednesday: 00:00-24:00
      thursday: 00:00-24:00
      friday: 00:00-24:00
      saturday: 00:00-24:00
      sunday: 00:00-24:00
    excludes:
      monday: 00:05-00:10
  default_exclude:
    prefer_includes: false
    ranges:
      monday: 00:00-01:00
    includes:
      monday: 00:05-00:10
```

- `icinga2_notifications` - hash with notifications configuration

```
  mail-icingaadmin-host:
    type: Host
    import: mail-host-notification
    assign: host.vars.notification.mail
    user_groups: host.vars.notification.mail.groups
    users: host.vars.notification.mail.users
  mail-icingaadmin-service:
    type: Service
    import: mail-service-notification
    assign: host.vars.notification.mail
    user_groups: host.vars.notification.mail.groups
    users: host.vars.notification.mail.users
    options:
      period: $service.vars.period$
```

- `icinga2_check_commands` - hash with check command configuration

```
  ping-ha:
    command: '"/bin/ping"'
    arguments:
      packet:
        value: 10
        required: true
    vars:
      timeout: 10
```

- `icinga2_event_commands` - hash with event command configuration (see check command config)
- `icinga2_features` - hash with the features to enable and thier configuration

```
  api:
    object: ApiListener
    config:
      accept_config: false
      accept_commands: true
```

## How to use

```
- hosts: server
  roles:
    - icinga2
```

## Development

### Test with molecule and docker

* install [docker](https://docs.docker.com/engine/installation/)
* install `python3` and `python3-pip`
* install molecule and dependencies `pip3 install molecule molecule-docker docker ansible-lint testinfra yamllint`
* run `molecule test`

## License

```
Copyright (c) 2019 Adrien Waksberg

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

    http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
```
first version 2021-01-03 15:10:04 +00:00			`# Ansible role: Icinga2`

			`Install and configure Icinga2`

			`## Requirements`

			`* Ansible >= 2.9`
			`* Debian Buster`

			`## Role variables`

			- `icinga2_db_type` - set the database type mysql or postgresql (default: `mysql`)
			- `icinga2_ido_host` - set the database host (default: `127.0.0.1`)
			- `icinga2_ido_database` - set the database name (default: `icinga2`)
			- `icinga2_ido_user` - set the database user (default: `icinga2`)
			- `icinga2_ido_password` - set the database password
			- `icinga2_master` - set if the server is a master node (default: `false`)
			- `icinga2_endpoints` - hash with the endpoint name and address

			```
			`local.loc: 127.0.0.1`
			`satellite.loc: 10.121.30.20`
			```

			- `icinga2_zones` - hash with zone configuration

			```
			`master:`
			`endpoints:`
			`- loca.loc`
			`satellite:`
			`parent: master`
			`endpoints:`
			`- satellite.loc`
			```

			- `icinga2_templates` - hash with template configuration

			```
			`generic-host:`
			`type: host`
			`vars:`
			`os: Linux`
			`options:`
			`check_command: hostalive`
			`check_interval: 1m`
			`retry_interval: 30s`
			`max_check_attempts: 3`
			`generic-service:`
			`type: service`
			`options:`
			`max_check_attempts: 5`
			`check_interval: 1m`
			`retry_interval: 30s`
			```

			- `icinga2_service_groups` - hash with service group configuration

			```
			`smnp:`
			`display_name: SMNP`
			`match: 'snmp-*'`
			```

			- `icinga2_services` - hash with service configuration

			```
			`ping:`
			`check_command: ping`
			`assign: host.address`
			`ssh:`
			`check_command: ssh`
			`assign: (host.address \|\| host.address6) && host.vars.os == "Linux"`
			`vars:`
			`timeout: 5`
			```

			- `icinga2_host_groups` - hash with host group configuration

			```
			`tomcat:`
			`assign: host.vars.tomcat_port`
			`influxdb:`
			`display_name: InfluxDB`
			`assign: match("influx-*", host.name)`
			```

			- `icinga2_hosts` - hash with host configuration

			```
			`localhost:`
			`template: generic-host`
			`address: 127.0.0.1`
			`vars:`
			`dist: Debian`
			```

			- `icinga2_user_groups` - hash with user group configuration

			```
			`admin:`
			`display_name: Administrateur`
			```

			- `icinga2_users` - hash with the user configuration

			```
			`johndoe:`
			`display_name: John Doe`
			`email: john@doe.loc`
			`groups:`
			`- admin`
			```

			- `icinga2_api_users` - hash with the user configuration for the API access

			```
			`icingaweb2:`
			`password: secret`
			`permissions:`
			`- '*'`
			```

			- `icinga2_timeperiods` - hash with timeperiods configuration

			```
			`24x7:`
			`ranges:`
			`monday: 00:00-24:00`
			`tuesday: 00:00-24:00`
			`wednesday: 00:00-24:00`
			`thursday: 00:00-24:00`
			`friday: 00:00-24:00`
			`saturday: 00:00-24:00`
			`sunday: 00:00-24:00`
			`excludes:`
			`monday: 00:05-00:10`
			`default_exclude:`
			`prefer_includes: false`
			`ranges:`
			`monday: 00:00-01:00`
			`includes:`
			`monday: 00:05-00:10`
			```

			- `icinga2_notifications` - hash with notifications configuration

			```
			`mail-icingaadmin-host:`
			`type: Host`
			`import: mail-host-notification`
			`assign: host.vars.notification.mail`
			`user_groups: host.vars.notification.mail.groups`
			`users: host.vars.notification.mail.users`
			`mail-icingaadmin-service:`
			`type: Service`
			`import: mail-service-notification`
			`assign: host.vars.notification.mail`
			`user_groups: host.vars.notification.mail.groups`
			`users: host.vars.notification.mail.users`
			`options:`
			`period: $service.vars.period$`
			```

			- `icinga2_check_commands` - hash with check command configuration

			```
			`ping-ha:`
			`command: '"/bin/ping"'`
			`arguments:`
			`packet:`
			`value: 10`
			`required: true`
			`vars:`
			`timeout: 10`
			```

			- `icinga2_event_commands` - hash with event command configuration (see check command config)
			- `icinga2_features` - hash with the features to enable and thier configuration

			```
			`api:`
			`object: ApiListener`
			`config:`
			`accept_config: false`
			`accept_commands: true`
			```

			`## How to use`

			```
			`- hosts: server`
			`roles:`
			`- icinga2`
			```

			`## Development`

			`### Test with molecule and docker`

			`* install [docker](https://docs.docker.com/engine/installation/)`
			* install `python3` and `python3-pip`
			* install molecule and dependencies `pip3 install molecule molecule-docker docker ansible-lint testinfra yamllint`
			* run `molecule test`

			`## License`

			```
			`Copyright (c) 2019 Adrien Waksberg`

			`Licensed under the Apache License, Version 2.0 (the "License");`
			`you may not use this file except in compliance with the License.`
			`You may obtain a copy of the License at`

			`http://www.apache.org/licenses/LICENSE-2.0`

			`Unless required by applicable law or agreed to in writing, software`
			`distributed under the License is distributed on an "AS IS" BASIS,`
			`WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
			`See the License for the specific language governing permissions and`
			`limitations under the License.`
			```