269 lines
6.4 KiB
Markdown
269 lines
6.4 KiB
Markdown
# Ansible role: Icinga2
|
|
|
|
[![Version](https://img.shields.io/badge/latest_version-1.0.0-green.svg)](https://code.waks.be/nishiki/ansible-role-icinga2/releases)
|
|
[![License](https://img.shields.io/badge/license-Apache--2.0-blue.svg)](https://code.waks.be/nishiki/ansible-role-icinga2/src/branch/main/LICENSE)
|
|
[![Build](https://code.waks.be/nishiki/ansible-role-icinga2/actions/workflows/molecule.yml/badge.svg?branch=main)](https://code.waks.be/nishiki/ansible-role-icinga2/actions?workflow=molecule.yml)
|
|
|
|
Install and configure Icinga2
|
|
|
|
## Requirements
|
|
|
|
- Ansible >= 2.9
|
|
- Debian
|
|
- Bookworm
|
|
|
|
## Role variables
|
|
|
|
- `icinga2_db_type` - set the database type mysql or postgresql (default: `mysql`)
|
|
- `icinga2_ido_host` - set the database host (default: `127.0.0.1`)
|
|
- `icinga2_ido_database` - set the database name (default: `icinga2`)
|
|
- `icinga2_ido_user` - set the database user (default: `icinga2`)
|
|
- `icinga2_ido_password` - set the database password
|
|
- `icinga2_master` - set if the server is a master node (default: `false`)
|
|
- `icinga2_endpoints` - hash with the endpoint name and address
|
|
|
|
```
|
|
local.loc: 127.0.0.1
|
|
satellite.loc: 10.121.30.20
|
|
```
|
|
|
|
- `icinga2_zones` - hash with zone configuration
|
|
|
|
```
|
|
master:
|
|
endpoints:
|
|
- loca.loc
|
|
satellite:
|
|
parent: master
|
|
endpoints:
|
|
- satellite.loc
|
|
```
|
|
|
|
- `icinga2_templates` - hash with template configuration
|
|
|
|
```
|
|
generic-host:
|
|
type: host
|
|
vars:
|
|
os: Linux
|
|
options:
|
|
check_command: hostalive
|
|
check_interval: 1m
|
|
retry_interval: 30s
|
|
max_check_attempts: 3
|
|
generic-service:
|
|
type: service
|
|
options:
|
|
max_check_attempts: 5
|
|
check_interval: 1m
|
|
retry_interval: 30s
|
|
```
|
|
|
|
- `icinga2_service_groups` - hash with service group configuration
|
|
|
|
```
|
|
smnp:
|
|
display_name: SMNP
|
|
match: 'snmp-*'
|
|
```
|
|
|
|
- `icinga2_services` - hash with service configuration
|
|
|
|
```
|
|
ping:
|
|
check_command: ping
|
|
assign: host.address
|
|
ssh:
|
|
check_command: ssh
|
|
assign: (host.address || host.address6) && host.vars.os == "Linux"
|
|
vars:
|
|
timeout: 5
|
|
```
|
|
|
|
- `icinga2_host_groups` - hash with host group configuration
|
|
|
|
```
|
|
tomcat:
|
|
assign: host.vars.tomcat_port
|
|
influxdb:
|
|
display_name: InfluxDB
|
|
assign: match("influx-*", host.name)
|
|
```
|
|
|
|
- `icinga2_hosts` - hash with host configuration
|
|
|
|
```
|
|
localhost:
|
|
template: generic-host
|
|
address: 127.0.0.1
|
|
vars:
|
|
dist: Debian
|
|
```
|
|
|
|
- `icinga2_user_groups` - hash with user group configuration
|
|
|
|
```
|
|
admin:
|
|
display_name: Administrateur
|
|
```
|
|
|
|
- `icinga2_users` - hash with the user configuration
|
|
|
|
```
|
|
johndoe:
|
|
display_name: John Doe
|
|
email: john@doe.loc
|
|
groups:
|
|
- admin
|
|
```
|
|
|
|
- `icinga2_api_users` - hash with the user configuration for the API access
|
|
|
|
```
|
|
icingaweb2:
|
|
password: secret
|
|
permissions:
|
|
- '*'
|
|
```
|
|
|
|
- `icinga2_timeperiods` - hash with timeperiods configuration
|
|
|
|
```
|
|
24x7:
|
|
ranges:
|
|
monday: 00:00-24:00
|
|
tuesday: 00:00-24:00
|
|
wednesday: 00:00-24:00
|
|
thursday: 00:00-24:00
|
|
friday: 00:00-24:00
|
|
saturday: 00:00-24:00
|
|
sunday: 00:00-24:00
|
|
excludes:
|
|
monday: 00:05-00:10
|
|
default_exclude:
|
|
prefer_includes: false
|
|
ranges:
|
|
monday: 00:00-01:00
|
|
includes:
|
|
monday: 00:05-00:10
|
|
```
|
|
|
|
- `icinga2_dependencies` - hash with dependencies configuration ([view all options](https://icinga.com/docs/icinga-2/latest/doc/09-object-types/#dependency))
|
|
|
|
```
|
|
postgresql-port:
|
|
parent_host_name: host.name
|
|
parent_service_name: postgresql-service
|
|
child_service_name: postgresql-port
|
|
disable_notifications: true
|
|
states:
|
|
- DOWN
|
|
assign: '"postgresql" in host.groups'
|
|
```
|
|
|
|
- `icinga2_notifications` - hash with notifications configuration
|
|
|
|
```
|
|
mail-icingaadmin-host:
|
|
type: Host
|
|
import: mail-host-notification
|
|
assign: host.vars.notification.mail
|
|
user_groups: host.vars.notification.mail.groups
|
|
users: host.vars.notification.mail.users
|
|
mail-icingaadmin-service:
|
|
type: Service
|
|
import: mail-service-notification
|
|
assign: host.vars.notification.mail
|
|
user_groups: host.vars.notification.mail.groups
|
|
users: host.vars.notification.mail.users
|
|
options:
|
|
period: $service.vars.period$
|
|
```
|
|
|
|
- `icinga2_notification_commands` - hash with notification command configuration
|
|
|
|
```
|
|
mail-service-notification:
|
|
script: mail-service-notification.sh
|
|
env:
|
|
NOTIFICATIONTYPE: $notification.type$
|
|
SERVICENAME: $service.name$
|
|
HOSTNAME: $host.name$
|
|
HOSTDISPLAYNAME: $host.display_name$
|
|
HOSTADDRESS: $address$
|
|
SERVICESTATE: $service.state$
|
|
LONGDATETIME: $icinga.long_date_time$
|
|
SERVICEOUTPUT: $service.output$
|
|
NOTIFICATIONAUTHORNAME: $notification.author$
|
|
NOTIFICATIONCOMMENT: $notification.comment$
|
|
SERVICEDISPLAYNAME: $service.display_name$
|
|
USEREMAIL: $user.email$
|
|
MAILFROM: $notification_from$
|
|
```
|
|
|
|
- `icinga2_check_commands` - hash with check command configuration
|
|
|
|
```
|
|
ping-ha:
|
|
command: '"/bin/ping"'
|
|
arguments:
|
|
packet:
|
|
value: 10
|
|
required: true
|
|
vars:
|
|
timeout: 10
|
|
```
|
|
|
|
- `icinga2_event_commands` - hash with event command configuration (see check command config)
|
|
- `icinga2_features` - hash with the features to enable and thier configuration
|
|
|
|
```
|
|
api:
|
|
object: ApiListener
|
|
config:
|
|
accept_config: false
|
|
accept_commands: true
|
|
```
|
|
|
|
- `icinga2_scripts` - hash with the scripts to use by icinga
|
|
|
|
```
|
|
log-file: |
|
|
#!/bin/bash
|
|
echo "$(date) $HOSTDISPLAYNAME" >> /tmp/notification.log
|
|
```
|
|
|
|
## How to use
|
|
|
|
```
|
|
- hosts: server
|
|
roles:
|
|
- icinga2
|
|
```
|
|
|
|
## Development
|
|
|
|
### Test with molecule and docker
|
|
|
|
- install [docker](https://docs.docker.com/engine/installation/)
|
|
- install `python3` and `python3-pip`
|
|
- install molecule and dependencies `pip3 install molecule molecule-docker docker ansible-lint testinfra yamllint`
|
|
- run `molecule test`
|
|
|
|
## License
|
|
|
|
```
|
|
Copyright (c) 2019 Adrien Waksberg
|
|
|
|
Licensed under the Apache License, Version 2.0 (the "License");
|
|
you may not use this file except in compliance with the License.
|
|
You may obtain a copy of the License at
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
Unless required by applicable law or agreed to in writing, software
|
|
distributed under the License is distributed on an "AS IS" BASIS,
|
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
See the License for the specific language governing permissions and
|
|
limitations under the License.
|
|
```
|