Darragh Elliott
fc9921f872
All checks were successful
continuous-integration/drone/push Build is passing
|
||
---|---|---|
.reuse | ||
conf.d | ||
inventory@22c55ed8d6 | ||
LICENSES | ||
scripts | ||
templates | ||
user_plugins_server | ||
.ansible-lint | ||
.drone.yml | ||
.gitignore | ||
.gitmodules | ||
ansible.cfg | ||
id_rsa.pub | ||
id_rsa.pub.license | ||
playbook.yml | ||
README.md | ||
requirements.yml |
FSFE monitoring
The goal is to deploy incinga 2 and the large part of its server configuration.
What it does?
On the sever
- Install icinga.
- Deploy the configuration
- Deploy the web interface and the apache configuration
Note: As of now the ansible playbook does not handle the configuration of the web interface itself, it's not currently supported by the official ansible role. Furthermore, the official Ansible collection does lots of things and is a great starting point for a fully automated Icinga stack, but, however, is hard to use to replace a previously manually configured Icinga 2. Thus, it will be used for installation, but further work is semi-manually.
On the clients
Note: This playbook does not store the hosts configuration, and does not set up the monitored clients. For workflow reasons this happens via the baseline playbook.
- Deploy the SSH public key
- Create the icinga user
How to use it?
Note: Please make sure you have ssh access to the servers listed in the
icinga2_clients
section of the
inventory.
Clone this repo:
git clone --recurse-submodules git@git.fsfe.org:fsfe-system-hackers/monitoring.git
Update the icinga.icinga
Ansible collection from Ansible Galaxy:
ansible-galaxy install -r requirements.yml --force
Update the inventory submodule to reflect the newest changes to the list of our hosts and the groups that they are in:
git submodule update --remote inventory
The following commands are most used:
Configure only the server:
ansible-playbook playbook.yml -l "icinga2_server"
Only deploy a changed config to the server:
ansible-playbook playbook.yml -l "icinga2_server" -t conf
To update clients and the hosts.conf
file, have a look at the
baseline repository.
Note: You have to manually add sensitive files which are not in this repo but only on the host: /etc/icinga2/id_rsa
and /etc/msmtprc
!
The user facing doc is here. The official documentation is here.
How does it work?
The templates/
directory contains the apache virtual hosts configuration. The
roles/
folder contains the upstream code for icinga2 installation. The
conf.d/
folder contains the icinga2 configuration itself.
The address of the icinga2 server and the clients are configured in the
inventory/inventory.txt
file.