roles/nagios_server/tasks/main.yml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90

- name: install packages
  dnf:
    name: '{{ nagios_packages }}'
    state: present

- name: generate nagios configuration
  template:
    src: '{{ item[1:] }}.j2'
    dest: '{{ item }}'
  loop:
    - /etc/nagios/cgi.cfg
    - /etc/nagios/nagios.cfg
    - /usr/share/nagios/html/config.inc.php
  notify: restart nagios

- name: remove default nagios config files
  copy:
    content: |
      # This file intentionally empty to avoid being clobbered on package updates.
    dest: /etc/nagios/objects/{{ item }}
  loop:
    - printer.cfg
    - switch.cfg
    - windows.cfg
    - localhost.cfg
  notify: reload nagios

- name: clone manubulon repo
  git:
    repo: '{{ nagios_manubulon_repo }}'
    dest: '{{ nagios_manubulon_install_dir }}'
    version: '{{ nagios_manubulon_version }}'
    force: yes
    update: yes
  register: nagios_manubulon_git

- name: install manubulon plugins
  shell: install -o root -g root -m755 {{ nagios_manubulon_install_dir }}/plugins/*.pl {{ nagios_plugin_dir }}/
  when: nagios_manubulon_git.changed

- import_tasks: objects.yml
  tags: nagios_config

- name: download thirdparty plugins
  get_url:
    url: '{{ item.url }}'
    dest: '{{ nagios_plugin_dir }}/{{ item.name }}'
    mode: 0555
  loop: '{{ nagios_thirdparty_plugins | dict2items(key_name="name", value_name="url") }}'
  tags: nagios_config

- name: download thirdparty MIBs
  get_url:
    url: '{{ item.url }}'
    dest: '{{ nagios_mib_dir }}/MIB-{{ item.name | upper }}.txt'
  loop: '{{ nagios_thirdparty_mibs | dict2items(key_name="name", value_name="url") }}'

- name: create nagios ssh directory
  file:
    path: '{{ nagios_home }}/.ssh'
    owner: nagios
    group: nagios
    mode: 0700
    state: directory

- name: copy nagios ssh key
  copy:
    content: '{{ nagios_ssh_privkey }}'
    dest: "{{ nagios_home }}/.ssh/id_{{ nagios_ssh_pubkey | regex_replace('^ssh-(\\w+).*', '\\1') }}"
    owner: nagios
    group: nagios
    mode: 0600

- import_tasks: freeipa.yml

- name: create SELinux policy for php-fpm to access nagios contexts
  include_role:
    name: selinux_policy
    apply:
      tags: selinux
  vars:
    selinux_policy_name: php_nagios
    selinux_policy_te: '{{ nagios_selinux_policy_te }}'
  tags: selinux

- name: enable nagios
  systemd:
    name: nagios
    enabled: yes
    state: started