fsfe-system-hackers/monitoring
16
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Configure the icinga 2 server https://monitoring.fsfe.org
165 Commits 1 Branch 0 Tags 322 KiB
Shell 94.8%
Python 4.2%
Jinja 1%
master
Go to file
Darragh Elliott fc9921f872
All checks were successful
continuous-integration/drone/push Build is passing
Details
Update inventory
2024-06-06 15:00:33 +02:00
.reuse Initial commit 2020-03-13 22:32:55 +01:00
conf.d Switch from IDO to Icinga DB 2024-03-24 00:48:54 +01:00
inventory@22c55ed8d6 Update inventory 2024-06-06 15:00:33 +02:00
LICENSES REUSE compliance 2020-04-01 19:38:05 +02:00
scripts enable reply-to, and make hosts topics for mailing lists 2020-10-02 13:50:39 +02:00
templates virtual_host_ssl.j2: bump PHP-FPM version 2024-03-21 22:24:00 +01:00
user_plugins_server allow to specify host to inquire 2021-10-18 11:31:53 +02:00
.ansible-lint make reuse compliant 2020-12-08 13:12:32 +01:00
.drone.yml add docs-centralizer CI job 2023-01-13 15:01:11 +01:00
.gitignore ignore hosts.conf if present 2021-07-28 12:59:33 +02:00
.gitmodules Switch from IDO to Icinga DB 2024-03-24 00:48:54 +01:00
ansible.cfg make REUSE compliant 2021-04-26 13:33:21 +02:00
id_rsa.pub Initial commit 2020-03-13 22:32:55 +01:00
id_rsa.pub.license Initial commit 2020-03-13 22:32:55 +01:00
playbook.yml Switch from IDO to Icinga DB 2024-03-24 00:48:54 +01:00
README.md Switch from IDO to Icinga DB 2024-03-24 00:48:54 +01:00
requirements.yml Switch from IDO to Icinga DB 2024-03-24 00:48:54 +01:00

README.md

FSFE monitoring

in docs.fsfe.org REUSE status Build Status

The goal is to deploy incinga 2 and the large part of its server configuration.

What it does?

On the sever

  1. Install icinga.
  2. Deploy the configuration
  3. Deploy the web interface and the apache configuration

Note: As of now the ansible playbook does not handle the configuration of the web interface itself, it's not currently supported by the official ansible role. Furthermore, the official Ansible collection does lots of things and is a great starting point for a fully automated Icinga stack, but, however, is hard to use to replace a previously manually configured Icinga 2. Thus, it will be used for installation, but further work is semi-manually.

On the clients

Note: This playbook does not store the hosts configuration, and does not set up the monitored clients. For workflow reasons this happens via the baseline playbook.

  1. Deploy the SSH public key
  2. Create the icinga user

How to use it?

Note: Please make sure you have ssh access to the servers listed in the icinga2_clients section of the inventory.

Clone this repo:

git clone --recurse-submodules git@git.fsfe.org:fsfe-system-hackers/monitoring.git

Update the icinga.icinga Ansible collection from Ansible Galaxy:

ansible-galaxy install -r requirements.yml --force

Update the inventory submodule to reflect the newest changes to the list of our hosts and the groups that they are in:

git submodule update --remote inventory

The following commands are most used:

Configure only the server:

ansible-playbook playbook.yml -l "icinga2_server"

Only deploy a changed config to the server:

ansible-playbook playbook.yml -l "icinga2_server" -t conf

To update clients and the hosts.conf file, have a look at the baseline repository.

Note: You have to manually add sensitive files which are not in this repo but only on the host: /etc/icinga2/id_rsa and /etc/msmtprc!

The user facing doc is here. The official documentation is here.

How does it work?

The templates/ directory contains the apache virtual hosts configuration. The roles/ folder contains the upstream code for icinga2 installation. The conf.d/ folder contains the icinga2 configuration itself.

The address of the icinga2 server and the clients are configured in the inventory/inventory.txt file.