mirror of
https://github.com/skoobasteeve/ansible-server-setup.git
synced 2026-03-20 11:28:57 +00:00
174 lines
5.0 KiB
YAML
174 lines
5.0 KiB
YAML
---
|
|
- name: Check for pihole
|
|
ansible.builtin.stat:
|
|
path: "/usr/local/bin/pihole"
|
|
register: pihole
|
|
|
|
- name: Install latest snmpd - debian
|
|
ansible.builtin.package:
|
|
name: snmpd
|
|
state: present
|
|
when: ansible_os_family == "Debian"
|
|
|
|
- name: Install latest snmpd - centos
|
|
ansible.builtin.package:
|
|
name: net-snmp
|
|
state: present
|
|
when: ansible_distribution_file_variety == "RedHat"
|
|
|
|
- name: Install latest jq
|
|
ansible.builtin.package:
|
|
name: jq
|
|
state: present
|
|
|
|
- name: Install latest rsyslog
|
|
ansible.builtin.package:
|
|
name: rsyslog
|
|
state: present
|
|
|
|
- name: Fix extend serial permissions
|
|
ansible.builtin.file:
|
|
path: "/sys/devices/virtual/dmi/id/product_serial"
|
|
mode: '444'
|
|
when: ansible_architecture == "x86_64" and ansible_virtualization_role != "guest"
|
|
|
|
- name: Cron job for extend serial permissions
|
|
ansible.builtin.lineinfile:
|
|
path: /etc/crontab
|
|
line: "@reboot chmod 444 /sys/devices/virtual/dmi/id/product_serial"
|
|
when: ansible_architecture == "x86_64"
|
|
|
|
- name: Download script for extend distro
|
|
ansible.builtin.get_url:
|
|
url: "https://raw.githubusercontent.com/librenms/librenms-agent/master/snmp/distro"
|
|
dest: "/usr/bin/distro"
|
|
mode: '755'
|
|
|
|
- name: Download script for extend osupdates
|
|
ansible.builtin.get_url:
|
|
url: "https://raw.githubusercontent.com/librenms/librenms-agent/master/snmp/osupdate"
|
|
dest: "/etc/snmp/osupdate"
|
|
mode: '755'
|
|
|
|
- name: Download script for extend zfs
|
|
ansible.builtin.get_url:
|
|
url: "https://github.com/librenms/librenms-agent/raw/master/snmp/zfs-linux"
|
|
dest: "/etc/snmp/zfs-linux"
|
|
mode: '755'
|
|
when: "'zfs-zed' in ansible_facts.packages"
|
|
|
|
- name: Download script for extend docker
|
|
ansible.builtin.get_url:
|
|
url: "https://github.com/librenms/librenms-agent/raw/master/snmp/docker-stats.sh"
|
|
dest: "/etc/snmp/docker-stats.sh"
|
|
mode: '755'
|
|
when: "'docker' in services"
|
|
|
|
- name: Download script for extend pihole
|
|
ansible.builtin.get_url:
|
|
url: "https://github.com/librenms/librenms-agent/raw/master/snmp/pi-hole"
|
|
dest: "/etc/snmp/pi-hole"
|
|
mode: '755'
|
|
when: pihole.stat.exists
|
|
|
|
- name: Download script for extend raspberrypi
|
|
ansible.builtin.get_url:
|
|
url: "https://raw.githubusercontent.com/librenms/librenms-agent/master/snmp/raspberry.sh"
|
|
dest: "/etc/snmp/raspberry.sh"
|
|
mode: '755'
|
|
when: ansible_os_family == "Debian" and ansible_lsb.id == 'Raspbian'
|
|
|
|
- name: Add api key to pihole script for pihole01
|
|
ansible.builtin.lineinfile:
|
|
path: "/etc/snmp/pi-hole"
|
|
regexp: '^API_AUTH_KEY='
|
|
line: 'API_AUTH_KEY="{{ pihole01_key }}"'
|
|
backrefs: true
|
|
when: ansible_hostname == "pihole01"
|
|
|
|
- name: Add api key to pihole script for pihole02
|
|
ansible.builtin.lineinfile:
|
|
path: "/etc/snmp/pi-hole"
|
|
regexp: '^API_AUTH_KEY='
|
|
line: 'API_AUTH_KEY="{{ pihole02_key }}"'
|
|
backrefs: true
|
|
when: ansible_hostname == "pihole02"
|
|
|
|
- name: Set ExecStart options in service file - ubuntu
|
|
ansible.builtin.lineinfile:
|
|
path: "/lib/systemd/system/snmpd.service"
|
|
regexp: '^ExecStart='
|
|
line: "ExecStart=/usr/sbin/snmpd -LS4d -Lf /dev/null -u Debian-snmp -g Debian-snmp -I -smux,mteTrigger,mteTriggerConf -f"
|
|
backrefs: true
|
|
when: ansible_os_family == "Debian"
|
|
notify: Reload systemd configs
|
|
|
|
- name: Set snmpdopts - centos
|
|
ansible.builtin.lineinfile:
|
|
path: "/etc/sysconfig/snmpd"
|
|
regexp: '^# OPTIONS=|^OPTIONS='
|
|
line: 'OPTIONS="-LS4-6d"'
|
|
when: ansible_distribution_file_variety == "RedHat"
|
|
|
|
- name: Copy snmpd.conf from template
|
|
ansible.builtin.template:
|
|
src: snmpd.conf.j2
|
|
dest: "/etc/snmp/snmpd.conf"
|
|
owner: root
|
|
group: root
|
|
mode: '0644'
|
|
register: snmpd_config
|
|
notify:
|
|
- Enable and restart snmpd.service
|
|
|
|
- name: Add host to librenms
|
|
block:
|
|
- name: Try adding by hostname
|
|
ansible.builtin.command:
|
|
cmd: "/usr/bin/lnms device:add --v2c -c {{ snmp_community }} {{ inventory_hostname }}"
|
|
become: true
|
|
become_user: librenms
|
|
delegate_to: nms.lyon
|
|
register: lnms_add_by_hostname
|
|
notify:
|
|
- Check librenms add by hostname status
|
|
rescue:
|
|
- name: Add by IP when hostname fails
|
|
ansible.builtin.command:
|
|
cmd: "/opt/librenms/snmp-scan.py -v -r {{ ansible_default_ipv4.address }}/32"
|
|
become: true
|
|
become_user: librenms
|
|
delegate_to: nms.lyon
|
|
register: lnms_add_by_ip
|
|
notify:
|
|
- Check librenms add by ip status
|
|
|
|
- name: Copy sudoers from template
|
|
ansible.builtin.template:
|
|
src: sudoers.j2
|
|
dest: "/etc/sudoers.d/80-snmp"
|
|
owner: root
|
|
group: root
|
|
mode: '0440'
|
|
|
|
- name: Copy rsyslog config from template
|
|
ansible.builtin.template:
|
|
src: rsyslog.conf.j2
|
|
dest: "/etc/rsyslog.d/librenms.conf"
|
|
owner: root
|
|
group: root
|
|
mode: '0644'
|
|
notify:
|
|
- Enable and restart the rsyslog service
|
|
- Restart syslog-ng for LibreNMS
|
|
|
|
- name: Verify the rsyslog service is running
|
|
ansible.builtin.systemd:
|
|
state: started
|
|
name: rsyslog
|
|
|
|
- name: Verify the snmpd service is running
|
|
ansible.builtin.systemd:
|
|
state: started
|
|
name: snmpd
|