Sin descripción
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

monit.yml 10KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307
  1. - name: Add monitoring vhost to apache
  2. template: src=etc_apache2_sites-available_00-status.conf dest=/etc/apache2/sites-available/00-status.conf
  3. notify: restart apache
  4. when: default_http_redirect
  5. - name: Enable the status vhost
  6. command: a2ensite 00-status.conf creates=/etc/apache2/sites-enabled/00-status.conf
  7. notify: restart apache
  8. when: default_http_redirect
  9. - name: add buster-backport for Monit
  10. apt_repository: repo='deb http://deb.debian.org/debian buster-backports main' state=present update_cache=yes
  11. tags:
  12. - dependencies
  13. when: ansible_distribution_version == '10'
  14. - name: Install monit
  15. apt:
  16. name: monit
  17. state: present
  18. default_release: buster-backports
  19. tags:
  20. - dependencies
  21. when: ansible_distribution_version == '10'
  22. - name: Install monit
  23. apt:
  24. name: monit
  25. state: present
  26. tags:
  27. - dependencies
  28. when: ansible_distribution_version != '10'
  29. - name: Copy monit master config file into place
  30. template: src=etc_monit_monitrc.j2 dest=/etc/monit/monitrc
  31. notify: restart monit
  32. # ---------------------------------------
  33. - name: Determine if ZNC is installed
  34. stat: path=/usr/lib/znc/configs/znc.conf
  35. register: znc_config_file
  36. - name: Determine if XMPP is installed
  37. stat: path=/etc/prosody/prosody.cfg.lua
  38. register: prosody_config_file
  39. - name: Determine if Fathom is installed
  40. stat: path=/usr/local/bin/fathom
  41. register: fathom_config_file
  42. - name: Determine if Redis is installed
  43. stat: path=/etc/redis/redis.conf
  44. register: redis_config_file
  45. - name: Determine if RSpamD is installed
  46. stat: path=/etc/rspamd/rspamd.conf
  47. register: rspamd_config_file
  48. - name: Determine if gitea is installed
  49. stat: path=/etc/gitea/app.ini
  50. register: gitea_config_file
  51. - name: Determine if Synapse is installed
  52. stat: path=/etc/matrix-synapse/homeserver.yaml
  53. register: synapse_config_file
  54. - name: Determine if Mastodon is installed
  55. stat: path=/home/mastodon/mastodon
  56. register: mastodon_config_file
  57. - name: Determine if Commento is installed
  58. stat: path=/home/{{ main_user_name }}/commento/commento
  59. register: commento_config_file
  60. - name: Determine if Grafana is installed
  61. stat: path=/etc/grafana/grafana.ini
  62. register: grafana_config_file
  63. - name: Determine if InfluxDB is installed
  64. stat: path=/etc/influxdb/influxdb.conf
  65. register: influxdb_config_file
  66. - name: Determine if Telegraf is installed
  67. stat: path=/etc/telegraf/telegraf.conf
  68. register: telegraf_config_file
  69. - name: Determine if Mosquitto is installed
  70. stat: path=/etc/mosquitto/mosquitto.conf
  71. register: mosquitto_config_file
  72. - name: Determine if OpenVPN is installed
  73. stat: path=/etc/openvpn/server.conf
  74. register: openvpn_config_file
  75. - name: Determine if Jitsi is installed
  76. stat: path=/etc/jitsi/jicofo/config
  77. register: jitsi_config_file
  78. - name: Determine if MongoDB is installed
  79. stat: path=/etc/mongod.conf
  80. register: mongodb_config_file
  81. - name: Determine if Rocket.Chat is installed
  82. stat: path=/usr/local/bin/Rocket.Chat/main.js
  83. register: rocketchat_config_file
  84. - name: Determine if Apache2 is installed
  85. stat: path=/etc/apache2/apache2.conf
  86. register: apache2_config_file
  87. - name: Determine if Dovecot is installed
  88. stat: path=/etc/dovecot/dovecot.conf
  89. register: dovecot_config_file
  90. - name: Determine if Postfix is installed
  91. stat: path=/etc/postfix/main.cf
  92. register: postfix_config_file
  93. - name: Determine if sshd is installed
  94. stat: path=/etc/ssh/sshd_config
  95. register: sshd_config_file
  96. - name: Determine if slapd is installed
  97. stat: path=/usr/sbin/slapd
  98. register: slapd_config_file
  99. - name: Determine if pgsql_deb9 is installed
  100. stat: path=/etc/postgresql/9.6/main/pg_ctl.conf
  101. register: pgsql9_config_file
  102. - name: Determine if pgsql_deb10 is installed
  103. stat: path=/etc/postgresql/11/main/pg_ctl.conf
  104. register: pgsql10_config_file
  105. - name: Determine if pgsql_deb11 is installed
  106. stat: path=/etc/postgresql/13/main/pg_ctl.conf
  107. register: pgsql11_config_file
  108. - name: Determine if tomcat_deb9 is installed
  109. stat: path=/etc/tomcat8/server.xml
  110. register: tomcat9_config_file
  111. - name: Determine if tomcat_deb10 is installed
  112. stat: path=/etc/tomcat9/server.xml
  113. register: tomcat10_config_file
  114. # ---------------------------------------
  115. - name: Copy ZNC monit service config files into place
  116. copy: src=etc_monit_conf.d_znc dest=/etc/monit/conf.d/znc
  117. notify: restart monit
  118. when: znc_config_file.stat.exists == True
  119. - name: Copy XMPP monit service config files into place
  120. copy: src=etc_monit_conf.d_prosody dest=/etc/monit/conf.d/prosody
  121. notify: restart monit
  122. when: prosody_config_file.stat.exists == True
  123. - name: Copy Jitsi monit service config files into place
  124. copy: src=etc_monit_conf.d_jitsi dest=/etc/monit/conf.d/jitsi
  125. notify: restart monit
  126. when: jitsi_config_file.stat.exists == True
  127. - name: Copy Fathom monit service config files into place
  128. copy: src=etc_monit_conf.d_fathom dest=/etc/monit/conf.d/fathom
  129. notify: restart monit
  130. when: fathom_config_file.stat.exists == True
  131. - name: Copy Redis monit service config files into place
  132. copy: src=etc_monit_conf.d_redis dest=/etc/monit/conf.d/redis
  133. notify: restart monit
  134. when: redis_config_file.stat.exists == True
  135. - name: Copy RSpamD monit service config files into place
  136. copy: src=etc_monit_conf.d_rspamd dest=/etc/monit/conf.d/rspamd
  137. notify: restart monit
  138. when: rspamd_config_file.stat.exists == True
  139. - name: Copy gitea monit service config files into place
  140. copy: src=etc_monit_conf.d_gitea dest=/etc/monit/conf.d/gitea
  141. notify: restart monit
  142. when: gitea_config_file.stat.exists == True
  143. - name: Copy Synapse monit service config files into place
  144. copy: src=etc_monit_conf.d_matrix dest=/etc/monit/conf.d/matrix
  145. notify: restart monit
  146. when: synapse_config_file.stat.exists == True
  147. - name: Copy Mastodon monit service config files into place
  148. copy: src=etc_monit_conf.d_mastodon dest=/etc/monit/conf.d/mastodon
  149. notify: restart monit
  150. when: mastodon_config_file.stat.exists == True
  151. - name: Copy Commento monit service config files into place
  152. copy: src=etc_monit_conf.d_commento dest=/etc/monit/conf.d/commento
  153. notify: restart monit
  154. when: commento_config_file.stat.exists == True
  155. - name: Copy Grafana monit service config files into place
  156. copy: src=etc_monit_conf.d_grafana dest=/etc/monit/conf.d/grafana
  157. notify: restart monit
  158. when: grafana_config_file.stat.exists == True
  159. - name: Copy InfluxDB monit service config files into place
  160. copy: src=etc_monit_conf.d_influxdb dest=/etc/monit/conf.d/influxdb
  161. notify: restart monit
  162. when: influxdb_config_file.stat.exists == True
  163. - name: Copy Telegraf monit service config files into place
  164. copy: src=etc_monit_conf.d_telegraf dest=/etc/monit/conf.d/telegraf
  165. notify: restart monit
  166. when: telegraf_config_file.stat.exists == True
  167. - name: Copy Mosquitto monit service config files into place
  168. copy: src=etc_monit_conf.d_mosquitto dest=/etc/monit/conf.d/mosquitto
  169. notify: restart monit
  170. when: mosquitto_config_file.stat.exists == True
  171. - name: Copy OpenVPN monit service config files into place
  172. copy: src=etc_monit_conf.d_openvpn dest=/etc/monit/conf.d/openvpn
  173. notify: restart monit
  174. when: openvpn_config_file.stat.exists == True
  175. - name: Copy dnsmasq monit service config files into place
  176. copy: src=etc_monit_conf.d_dnsmasq dest=/etc/monit/conf.d/dnsmasq
  177. notify: restart monit
  178. when: openvpn_config_file.stat.exists == True
  179. - name: Copy MongoDB monit service config files into place
  180. copy: src=etc_monit_conf.d_mongodb dest=/etc/monit/conf.d/mongodb
  181. notify: restart monit
  182. when: mongodb_config_file.stat.exists == True
  183. - name: Copy Rocket.Chat monit service config files into place
  184. copy: src=etc_monit_conf.d_rocketchat dest=/etc/monit/conf.d/rocketchat
  185. notify: restart monit
  186. when: rocketchat_config_file.stat.exists == True
  187. - name: Copy apache2 monit service config files into place
  188. copy: src=etc_monit_conf.d_apache2 dest=/etc/monit/conf.d/apache2
  189. notify: restart monit
  190. when: apache2_config_file.stat.exists == True
  191. - name: Copy dovecot monit service config files into place
  192. copy: src=etc_monit_conf.d_dovecot dest=/etc/monit/conf.d/dovecot
  193. notify: restart monit
  194. when: dovecot_config_file.stat.exists == True
  195. - name: Copy postfix monit service config files into place
  196. copy: src=etc_monit_conf.d_postfix dest=/etc/monit/conf.d/postfix
  197. notify: restart monit
  198. when: postfix_config_file.stat.exists == True
  199. - name: Copy sshd monit service config files into place
  200. copy: src=etc_monit_conf.d_sshd dest=/etc/monit/conf.d/sshd
  201. notify: restart monit
  202. when: sshd_config_file.stat.exists == True
  203. - name: Copy slapd monit service config files into place
  204. copy: src=etc_monit_conf.d_slapd dest=/etc/monit/conf.d/slapd
  205. notify: restart monit
  206. when: slapd_config_file.stat.exists == True
  207. - name: Copy pgsql deb9 monit service config files into place
  208. copy: src=etc_monit_conf.d_pgsql_deb9 dest=/etc/monit/conf.d/pgsql_deb9
  209. notify: restart monit
  210. when: pgsql9_config_file.stat.exists == True
  211. - name: Copy tomcat deb9 monit service config files into place
  212. copy: src=etc_monit_conf.d_tomcat_deb9 dest=/etc/monit/conf.d/tomcat_deb9
  213. notify: restart monit
  214. when: tomcat9_config_file.stat.exists == True
  215. - name: Copy pgsql deb10 monit service config files into place
  216. copy: src=etc_monit_conf.d_pgsql_deb10 dest=/etc/monit/conf.d/pgsql_deb10
  217. notify: restart monit
  218. when: pgsql10_config_file.stat.exists == True
  219. - name: Copy tomcat deb10 monit service config files into place
  220. copy: src=etc_monit_conf.d_tomcat_deb10 dest=/etc/monit/conf.d/tomcat_deb10
  221. notify: restart monit
  222. when: tomcat10_config_file.stat.exists == True
  223. - name: Copy pgsql deb11 monit service config files into place
  224. copy: src=etc_monit_conf.d_pgsql_deb11 dest=/etc/monit/conf.d/pgsql_deb11
  225. notify: restart monit
  226. when: pgsql11_config_file.stat.exists == True
  227. # ---------------------------------------
  228. # TODO add to fail2ban when monit_page_public == 1
  229. - name: Create the Apache monit sites config files
  230. template:
  231. src=etc_apache2_sites-available_monit.j2
  232. dest=/etc/apache2/sites-available/monit_{{ item.name }}.conf
  233. owner=root
  234. group=root
  235. with_items: "{{ virtual_domains }}"
  236. when: monit_page_public == 1
  237. - name: Enable Apache sites (creates new sites-enabled symlinks)
  238. command: a2ensite monit_{{ item }}.conf creates=/etc/apache2/sites-enabled/monit_{{ item }}.conf
  239. notify: restart apache
  240. with_items: "{{ virtual_domains | json_query('[*].name') }}"
  241. when: monit_page_public == 1