No Description
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

monit.yml 11KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316
  1. - name: Add monitoring vhost to apache
  2. template: src=etc_apache2_sites-available_00-status.conf dest=/etc/apache2/sites-available/00-status.conf
  3. notify: restart apache
  4. when: default_http_redirect
  5. - name: Enable the status vhost
  6. command: a2ensite 00-status.conf creates=/etc/apache2/sites-enabled/00-status.conf
  7. notify: restart apache
  8. when: default_http_redirect
  9. - name: add buster-backport for Monit
  10. apt_repository: repo='deb http://deb.debian.org/debian buster-backports main' state=present update_cache=yes
  11. tags:
  12. - dependencies
  13. when: ansible_distribution_version == '10'
  14. - name: Install monit
  15. apt:
  16. name: monit
  17. state: present
  18. default_release: buster-backports
  19. tags:
  20. - dependencies
  21. when: ansible_distribution_version == '10'
  22. - name: Install monit
  23. apt:
  24. name: monit
  25. state: present
  26. tags:
  27. - dependencies
  28. when: ansible_distribution_version != '10'
  29. - name: Copy monit master config file into place
  30. template: src=etc_monit_monitrc.j2 dest=/etc/monit/monitrc
  31. notify: restart monit
  32. # ---------------------------------------
  33. - name: Determine if ZNC is installed
  34. stat: path=/usr/lib/znc/configs/znc.conf
  35. register: znc_config_file
  36. - name: Determine if XMPP is installed
  37. stat: path=/etc/prosody/prosody.cfg.lua
  38. register: prosody_config_file
  39. - name: Determine if Fathom is installed
  40. stat: path=/usr/local/bin/fathom
  41. register: fathom_config_file
  42. - name: Determine if Redis is installed
  43. stat: path=/etc/redis/redis.conf
  44. register: redis_config_file
  45. - name: Determine if RSpamD is installed
  46. stat: path=/etc/rspamd/rspamd.conf
  47. register: rspamd_config_file
  48. - name: Determine if gitea is installed
  49. stat: path=/etc/gitea/app.ini
  50. register: gitea_config_file
  51. - name: Determine if Synapse is installed
  52. stat: path=/etc/matrix-synapse/homeserver.yaml
  53. register: synapse_config_file
  54. - name: Determine if Mastodon is installed
  55. stat: path=/home/mastodon/mastodon
  56. register: mastodon_config_file
  57. - name: Determine if Commento is installed
  58. stat: path=/home/{{ main_user_name }}/commento/commento
  59. register: commento_config_file
  60. - name: Determine if Grafana is installed
  61. stat: path=/etc/grafana/grafana.ini
  62. register: grafana_config_file
  63. - name: Determine if InfluxDB is installed
  64. stat: path=/etc/influxdb/influxdb.conf
  65. register: influxdb_config_file
  66. - name: Determine if Telegraf is installed
  67. stat: path=/etc/telegraf/telegraf.conf
  68. register: telegraf_config_file
  69. - name: Determine if Mosquitto is installed
  70. stat: path=/etc/mosquitto/mosquitto.conf
  71. register: mosquitto_config_file
  72. - name: Determine if OpenVPN is installed
  73. stat: path=/etc/openvpn/server.conf
  74. register: openvpn_config_file
  75. - name: Determine if Jitsi is installed
  76. stat: path=/etc/jitsi/jicofo/config
  77. register: jitsi_config_file
  78. - name: Determine if MongoDB is installed
  79. stat: path=/etc/mongod.conf
  80. register: mongodb_config_file
  81. - name: Determine if Rocket.Chat is installed
  82. stat: path=/usr/local/bin/Rocket.Chat/main.js
  83. register: rocketchat_config_file
  84. - name: Determine if Apache2 is installed
  85. stat: path=/etc/apache2/apache2.conf
  86. register: apache2_config_file
  87. - name: Determine if Dovecot is installed
  88. stat: path=/etc/dovecot/dovecot.conf
  89. register: dovecot_config_file
  90. - name: Determine if Postfix is installed
  91. stat: path=/etc/postfix/main.cf
  92. register: postfix_config_file
  93. - name: Determine if sshd is installed
  94. stat: path=/etc/ssh/sshd_config
  95. register: sshd_config_file
  96. - name: Determine if slapd is installed
  97. stat: path=/usr/sbin/slapd
  98. register: slapd_config_file
  99. - name: Determine if pgsql_deb9 is installed
  100. stat: path=/etc/postgresql/9.6/main/pg_ctl.conf
  101. register: pgsql9_config_file
  102. - name: Determine if pgsql_deb10 is installed
  103. stat: path=/etc/postgresql/11/main/pg_ctl.conf
  104. register: pgsql10_config_file
  105. - name: Determine if pgsql_deb11 is installed
  106. stat: path=/etc/postgresql/13/main/pg_ctl.conf
  107. register: pgsql11_config_file
  108. - name: Determine if tomcat_deb9 is installed
  109. stat: path=/etc/tomcat8/server.xml
  110. register: tomcat9_config_file
  111. - name: Determine if tomcat_deb10 is installed
  112. stat: path=/etc/tomcat9/server.xml
  113. register: tomcat10_config_file
  114. - name: Determine if gpodder is installed
  115. stat: path=/home/gpodder/gpodder/manage.py
  116. register: gpodder_config_file
  117. # ---------------------------------------
  118. - name: Copy ZNC monit service config files into place
  119. copy: src=etc_monit_conf.d_znc dest=/etc/monit/conf.d/znc
  120. notify: restart monit
  121. when: znc_config_file.stat.exists == True
  122. - name: Copy XMPP monit service config files into place
  123. copy: src=etc_monit_conf.d_prosody dest=/etc/monit/conf.d/prosody
  124. notify: restart monit
  125. when: prosody_config_file.stat.exists == True
  126. - name: Copy Jitsi monit service config files into place
  127. copy: src=etc_monit_conf.d_jitsi dest=/etc/monit/conf.d/jitsi
  128. notify: restart monit
  129. when: jitsi_config_file.stat.exists == True
  130. - name: Copy Fathom monit service config files into place
  131. copy: src=etc_monit_conf.d_fathom dest=/etc/monit/conf.d/fathom
  132. notify: restart monit
  133. when: fathom_config_file.stat.exists == True
  134. - name: Copy Redis monit service config files into place
  135. copy: src=etc_monit_conf.d_redis dest=/etc/monit/conf.d/redis
  136. notify: restart monit
  137. when: redis_config_file.stat.exists == True
  138. - name: Copy RSpamD monit service config files into place
  139. copy: src=etc_monit_conf.d_rspamd dest=/etc/monit/conf.d/rspamd
  140. notify: restart monit
  141. when: rspamd_config_file.stat.exists == True
  142. - name: Copy gitea monit service config files into place
  143. copy: src=etc_monit_conf.d_gitea dest=/etc/monit/conf.d/gitea
  144. notify: restart monit
  145. when: gitea_config_file.stat.exists == True
  146. - name: Copy Synapse monit service config files into place
  147. copy: src=etc_monit_conf.d_matrix dest=/etc/monit/conf.d/matrix
  148. notify: restart monit
  149. when: synapse_config_file.stat.exists == True
  150. - name: Copy Mastodon monit service config files into place
  151. copy: src=etc_monit_conf.d_mastodon dest=/etc/monit/conf.d/mastodon
  152. notify: restart monit
  153. when: mastodon_config_file.stat.exists == True
  154. - name: Copy Commento monit service config files into place
  155. copy: src=etc_monit_conf.d_commento dest=/etc/monit/conf.d/commento
  156. notify: restart monit
  157. when: commento_config_file.stat.exists == True
  158. - name: Copy Grafana monit service config files into place
  159. copy: src=etc_monit_conf.d_grafana dest=/etc/monit/conf.d/grafana
  160. notify: restart monit
  161. when: grafana_config_file.stat.exists == True
  162. - name: Copy InfluxDB monit service config files into place
  163. copy: src=etc_monit_conf.d_influxdb dest=/etc/monit/conf.d/influxdb
  164. notify: restart monit
  165. when: influxdb_config_file.stat.exists == True
  166. - name: Copy Telegraf monit service config files into place
  167. copy: src=etc_monit_conf.d_telegraf dest=/etc/monit/conf.d/telegraf
  168. notify: restart monit
  169. when: telegraf_config_file.stat.exists == True
  170. - name: Copy Mosquitto monit service config files into place
  171. copy: src=etc_monit_conf.d_mosquitto dest=/etc/monit/conf.d/mosquitto
  172. notify: restart monit
  173. when: mosquitto_config_file.stat.exists == True
  174. - name: Copy OpenVPN monit service config files into place
  175. copy: src=etc_monit_conf.d_openvpn dest=/etc/monit/conf.d/openvpn
  176. notify: restart monit
  177. when: openvpn_config_file.stat.exists == True
  178. - name: Copy dnsmasq monit service config files into place
  179. copy: src=etc_monit_conf.d_dnsmasq dest=/etc/monit/conf.d/dnsmasq
  180. notify: restart monit
  181. when: openvpn_config_file.stat.exists == True
  182. - name: Copy MongoDB monit service config files into place
  183. copy: src=etc_monit_conf.d_mongodb dest=/etc/monit/conf.d/mongodb
  184. notify: restart monit
  185. when: mongodb_config_file.stat.exists == True
  186. - name: Copy Rocket.Chat monit service config files into place
  187. copy: src=etc_monit_conf.d_rocketchat dest=/etc/monit/conf.d/rocketchat
  188. notify: restart monit
  189. when: rocketchat_config_file.stat.exists == True
  190. - name: Copy apache2 monit service config files into place
  191. copy: src=etc_monit_conf.d_apache2 dest=/etc/monit/conf.d/apache2
  192. notify: restart monit
  193. when: apache2_config_file.stat.exists == True
  194. - name: Copy dovecot monit service config files into place
  195. copy: src=etc_monit_conf.d_dovecot dest=/etc/monit/conf.d/dovecot
  196. notify: restart monit
  197. when: dovecot_config_file.stat.exists == True
  198. - name: Copy postfix monit service config files into place
  199. copy: src=etc_monit_conf.d_postfix dest=/etc/monit/conf.d/postfix
  200. notify: restart monit
  201. when: postfix_config_file.stat.exists == True
  202. - name: Copy sshd monit service config files into place
  203. copy: src=etc_monit_conf.d_sshd dest=/etc/monit/conf.d/sshd
  204. notify: restart monit
  205. when: sshd_config_file.stat.exists == True
  206. - name: Copy slapd monit service config files into place
  207. copy: src=etc_monit_conf.d_slapd dest=/etc/monit/conf.d/slapd
  208. notify: restart monit
  209. when: slapd_config_file.stat.exists == True
  210. - name: Copy pgsql deb9 monit service config files into place
  211. copy: src=etc_monit_conf.d_pgsql_deb9 dest=/etc/monit/conf.d/pgsql_deb9
  212. notify: restart monit
  213. when: pgsql9_config_file.stat.exists == True
  214. - name: Copy tomcat deb9 monit service config files into place
  215. copy: src=etc_monit_conf.d_tomcat_deb9 dest=/etc/monit/conf.d/tomcat_deb9
  216. notify: restart monit
  217. when: tomcat9_config_file.stat.exists == True
  218. - name: Copy pgsql deb10 monit service config files into place
  219. copy: src=etc_monit_conf.d_pgsql_deb10 dest=/etc/monit/conf.d/pgsql_deb10
  220. notify: restart monit
  221. when: pgsql10_config_file.stat.exists == True
  222. - name: Copy tomcat deb10 monit service config files into place
  223. copy: src=etc_monit_conf.d_tomcat_deb10 dest=/etc/monit/conf.d/tomcat_deb10
  224. notify: restart monit
  225. when: tomcat10_config_file.stat.exists == True
  226. - name: Copy pgsql deb11 monit service config files into place
  227. copy: src=etc_monit_conf.d_pgsql_deb11 dest=/etc/monit/conf.d/pgsql_deb11
  228. notify: restart monit
  229. when: pgsql11_config_file.stat.exists == True
  230. - name: Copy gpodder monit service config files into place
  231. copy: src=etc_monit_conf.d_gpodder dest=/etc/monit/conf.d/gpodder
  232. notify: restart monit
  233. when: gpodder_config_file.stat.exists == True
  234. # ---------------------------------------
  235. # TODO add to fail2ban when monit_page_public == 1
  236. - name: Create the Apache monit sites config files
  237. template:
  238. src=etc_apache2_sites-available_monit.j2
  239. dest=/etc/apache2/sites-available/monit_{{ item.name }}.conf
  240. owner=root
  241. group=root
  242. with_items: "{{ virtual_domains }}"
  243. when: monit_page_public == 1
  244. - name: Enable Apache sites (creates new sites-enabled symlinks)
  245. command: a2ensite monit_{{ item }}.conf creates=/etc/apache2/sites-enabled/monit_{{ item }}.conf
  246. notify: restart apache
  247. with_items: "{{ virtual_domains | json_query('[*].name') }}"
  248. when: monit_page_public == 1