thomas
/
sovereign
Seguir 1
Destacar 0
Cuchillo 0
Código Incidencias 0 Peticiones pull 0 Lanzamientos 0 Wiki Actividad
Sin descripción
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1093 Commits
1 Rama
Árbol: da2578d190
Ramas Etiquetas
${ item.name }
Crear rama ${ searchTerm }
desde 'da2578d190'
${ noResults }
sovereign/roles/monitoring/tasks/monit.yml

monit.yml 10.0KB
Histórico Original

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298 
  1. - name: Add monitoring vhost to apache

  2.   template: src=etc_apache2_sites-available_00-status.conf dest=/etc/apache2/sites-available/00-status.conf

  3.   notify: restart apache

  4.   when: default_http_redirect

  5. 

  6. - name: Enable the status vhost

  7.   command: a2ensite 00-status.conf creates=/etc/apache2/sites-enabled/00-status.conf

  8.   notify: restart apache

  9.   when: default_http_redirect

  10. 

  11. - name: add buster-backport for Monit

  12.   apt_repository: repo='deb http://deb.debian.org/debian buster-backports main' state=present update_cache=yes

  13.   tags:

  14.     - dependencies

  15.   when: ansible_distribution_version == '10'

  16. 

  17. - name: Install monit

  18.   apt:

  19.     name: monit

  20.     state: present

  21.     default_release: buster-backports

  22.   tags:

  23.     - dependencies

  24.   when: ansible_distribution_version == '10'

  25. 

  26. - name: Install monit

  27.   apt:

  28.     name: monit

  29.     state: present

  30.   tags:

  31.     - dependencies

  32.   when: ansible_distribution_version != '10'

  33. 

  34. - name: Copy monit master config file into place

  35.   template: src=etc_monit_monitrc.j2 dest=/etc/monit/monitrc

  36.   notify: restart monit

  37. 

  38. # ---------------------------------------

  39. 

  40. - name: Determine if ZNC is installed

  41.   stat: path=/usr/lib/znc/configs/znc.conf

  42.   register: znc_config_file

  43. 

  44. - name: Determine if XMPP is installed

  45.   stat: path=/etc/prosody/prosody.cfg.lua

  46.   register: prosody_config_file

  47. 

  48. - name: Determine if Fathom is installed

  49.   stat: path=/usr/local/bin/fathom

  50.   register: fathom_config_file

  51. 

  52. - name: Determine if Redis is installed

  53.   stat: path=/etc/redis/redis.conf

  54.   register: redis_config_file

  55. 

  56. - name: Determine if RSpamD is installed

  57.   stat: path=/etc/rspamd/rspamd.conf

  58.   register: rspamd_config_file

  59. 

  60. - name: Determine if gitea is installed

  61.   stat: path=/etc/gitea/app.ini

  62.   register: gitea_config_file

  63. 

  64. - name: Determine if Synapse is installed

  65.   stat: path=/etc/matrix-synapse/homeserver.yaml

  66.   register: synapse_config_file

  67. 

  68. - name: Determine if Mastodon is installed

  69.   stat: path=/home/mastodon/mastodon

  70.   register: mastodon_config_file

  71. 

  72. - name: Determine if Commento is installed

  73.   stat: path=/home/{{ main_user_name }}/commento/commento

  74.   register: commento_config_file

  75. 

  76. - name: Determine if Grafana is installed

  77.   stat: path=/etc/grafana/grafana.ini

  78.   register: grafana_config_file

  79. 

  80. - name: Determine if InfluxDB is installed

  81.   stat: path=/etc/influxdb/influxdb.conf

  82.   register: influxdb_config_file

  83. 

  84. - name: Determine if Telegraf is installed

  85.   stat: path=/etc/telegraf/telegraf.conf

  86.   register: telegraf_config_file

  87. 

  88. - name: Determine if Mosquitto is installed

  89.   stat: path=/etc/mosquitto/mosquitto.conf

  90.   register: mosquitto_config_file

  91. 

  92. - name: Determine if OpenVPN is installed

  93.   stat: path=/etc/openvpn/server.conf

  94.   register: openvpn_config_file

  95. 

  96. - name: Determine if Jitsi is installed

  97.   stat: path=/etc/jitsi/jicofo/config

  98.   register: jitsi_config_file

  99. 

  100. - name: Determine if MongoDB is installed

  101.   stat: path=/etc/mongod.conf

  102.   register: mongodb_config_file

  103. 

  104. - name: Determine if Rocket.Chat is installed

  105.   stat: path=/usr/local/bin/Rocket.Chat/main.js

  106.   register: rocketchat_config_file

  107. 

  108. - name: Determine if Apache2 is installed

  109.   stat: path=/etc/apache2/apache2.conf

  110.   register: apache2_config_file

  111. 

  112. - name: Determine if Dovecot is installed

  113.   stat: path=/etc/dovecot/dovecot.conf

  114.   register: dovecot_config_file

  115. 

  116. - name: Determine if Postfix is installed

  117.   stat: path=/etc/postfix/main.cf

  118.   register: postfix_config_file

  119. 

  120. - name: Determine if sshd is installed

  121.   stat: path=/etc/ssh/sshd_config

  122.   register: sshd_config_file

  123. 

  124. - name: Determine if pgsql_deb9 is installed

  125.   stat: path=/etc/postgresql/9.6/main/pg_ctl.conf

  126.   register: pgsql9_config_file

  127. 

  128. - name: Determine if pgsql_deb10 is installed

  129.   stat: path=/etc/postgresql/11/main/pg_ctl.conf

  130.   register: pgsql10_config_file

  131. 

  132. - name: Determine if pgsql_deb11 is installed

  133.   stat: path=/etc/postgresql/13/main/pg_ctl.conf

  134.   register: pgsql11_config_file

  135. 

  136. - name: Determine if tomcat_deb9 is installed

  137.   stat: path=/etc/tomcat8/server.xml

  138.   register: tomcat9_config_file

  139. 

  140. - name: Determine if tomcat_deb10 is installed

  141.   stat: path=/etc/tomcat9/server.xml

  142.   register: tomcat10_config_file

  143. 

  144. # ---------------------------------------

  145. 

  146. - name: Copy ZNC monit service config files into place

  147.   copy: src=etc_monit_conf.d_znc dest=/etc/monit/conf.d/znc

  148.   notify: restart monit

  149.   when: znc_config_file.stat.exists == True

  150. 

  151. - name: Copy XMPP monit service config files into place

  152.   copy: src=etc_monit_conf.d_prosody dest=/etc/monit/conf.d/prosody

  153.   notify: restart monit

  154.   when: prosody_config_file.stat.exists == True

  155. 

  156. - name: Copy Jitsi monit service config files into place

  157.   copy: src=etc_monit_conf.d_jitsi dest=/etc/monit/conf.d/jitsi

  158.   notify: restart monit

  159.   when: jitsi_config_file.stat.exists == True

  160. 

  161. - name: Copy Fathom monit service config files into place

  162.   copy: src=etc_monit_conf.d_fathom dest=/etc/monit/conf.d/fathom

  163.   notify: restart monit

  164.   when: fathom_config_file.stat.exists == True

  165. 

  166. - name: Copy Redis monit service config files into place

  167.   copy: src=etc_monit_conf.d_redis dest=/etc/monit/conf.d/redis

  168.   notify: restart monit

  169.   when: redis_config_file.stat.exists == True

  170. 

  171. - name: Copy RSpamD monit service config files into place

  172.   copy: src=etc_monit_conf.d_rspamd dest=/etc/monit/conf.d/rspamd

  173.   notify: restart monit

  174.   when: rspamd_config_file.stat.exists == True

  175. 

  176. - name: Copy gitea monit service config files into place

  177.   copy: src=etc_monit_conf.d_gitea dest=/etc/monit/conf.d/gitea

  178.   notify: restart monit

  179.   when: gitea_config_file.stat.exists == True

  180. 

  181. - name: Copy Synapse monit service config files into place

  182.   copy: src=etc_monit_conf.d_matrix dest=/etc/monit/conf.d/matrix

  183.   notify: restart monit

  184.   when: synapse_config_file.stat.exists == True

  185. 

  186. - name: Copy Mastodon monit service config files into place

  187.   copy: src=etc_monit_conf.d_mastodon dest=/etc/monit/conf.d/mastodon

  188.   notify: restart monit

  189.   when: mastodon_config_file.stat.exists == True

  190. 

  191. - name: Copy Commento monit service config files into place

  192.   copy: src=etc_monit_conf.d_commento dest=/etc/monit/conf.d/commento

  193.   notify: restart monit

  194.   when: commento_config_file.stat.exists == True

  195. 

  196. - name: Copy Grafana monit service config files into place

  197.   copy: src=etc_monit_conf.d_grafana dest=/etc/monit/conf.d/grafana

  198.   notify: restart monit

  199.   when: grafana_config_file.stat.exists == True

  200. 

  201. - name: Copy InfluxDB monit service config files into place

  202.   copy: src=etc_monit_conf.d_influxdb dest=/etc/monit/conf.d/influxdb

  203.   notify: restart monit

  204.   when: influxdb_config_file.stat.exists == True

  205. 

  206. - name: Copy Telegraf monit service config files into place

  207.   copy: src=etc_monit_conf.d_telegraf dest=/etc/monit/conf.d/telegraf

  208.   notify: restart monit

  209.   when: telegraf_config_file.stat.exists == True

  210. 

  211. - name: Copy Mosquitto monit service config files into place

  212.   copy: src=etc_monit_conf.d_mosquitto dest=/etc/monit/conf.d/mosquitto

  213.   notify: restart monit

  214.   when: mosquitto_config_file.stat.exists == True

  215. 

  216. - name: Copy OpenVPN monit service config files into place

  217.   copy: src=etc_monit_conf.d_openvpn dest=/etc/monit/conf.d/openvpn

  218.   notify: restart monit

  219.   when: openvpn_config_file.stat.exists == True

  220. 

  221. - name: Copy dnsmasq monit service config files into place

  222.   copy: src=etc_monit_conf.d_dnsmasq dest=/etc/monit/conf.d/dnsmasq

  223.   notify: restart monit

  224.   when: openvpn_config_file.stat.exists == True

  225. 

  226. - name: Copy MongoDB monit service config files into place

  227.   copy: src=etc_monit_conf.d_mongodb dest=/etc/monit/conf.d/mongodb

  228.   notify: restart monit

  229.   when: mongodb_config_file.stat.exists == True

  230. 

  231. - name: Copy Rocket.Chat monit service config files into place

  232.   copy: src=etc_monit_conf.d_rocketchat dest=/etc/monit/conf.d/rocketchat

  233.   notify: restart monit

  234.   when: rocketchat_config_file.stat.exists == True

  235. 

  236. - name: Copy apache2 monit service config files into place

  237.   copy: src=etc_monit_conf.d_apache2 dest=/etc/monit/conf.d/apache2

  238.   notify: restart monit

  239.   when: apache2_config_file.stat.exists == True

  240. 

  241. - name: Copy dovecot monit service config files into place

  242.   copy: src=etc_monit_conf.d_dovecot dest=/etc/monit/conf.d/dovecot

  243.   notify: restart monit

  244.   when: dovecot_config_file.stat.exists == True

  245. 

  246. - name: Copy postfix monit service config files into place

  247.   copy: src=etc_monit_conf.d_postfix dest=/etc/monit/conf.d/postfix

  248.   notify: restart monit

  249.   when: postfix_config_file.stat.exists == True

  250. 

  251. - name: Copy sshd monit service config files into place

  252.   copy: src=etc_monit_conf.d_sshd dest=/etc/monit/conf.d/sshd

  253.   notify: restart monit

  254.   when: sshd_config_file.stat.exists == True

  255. 

  256. - name: Copy pgsql deb9 monit service config files into place

  257.   copy: src=etc_monit_conf.d_pgsql_deb9 dest=/etc/monit/conf.d/pgsql_deb9

  258.   notify: restart monit

  259.   when: pgsql9_config_file.stat.exists == True

  260. 

  261. - name: Copy tomcat deb9 monit service config files into place

  262.   copy: src=etc_monit_conf.d_tomcat_deb9 dest=/etc/monit/conf.d/tomcat_deb9

  263.   notify: restart monit

  264.   when: tomcat9_config_file.stat.exists == True

  265. 

  266. - name: Copy pgsql deb10 monit service config files into place

  267.   copy: src=etc_monit_conf.d_pgsql_deb10 dest=/etc/monit/conf.d/pgsql_deb10

  268.   notify: restart monit

  269.   when: pgsql10_config_file.stat.exists == True

  270. 

  271. - name: Copy tomcat deb10 monit service config files into place

  272.   copy: src=etc_monit_conf.d_tomcat_deb10 dest=/etc/monit/conf.d/tomcat_deb10

  273.   notify: restart monit

  274.   when: tomcat10_config_file.stat.exists == True

  275. 

  276. - name: Copy pgsql deb11 monit service config files into place

  277.   copy: src=etc_monit_conf.d_pgsql_deb11 dest=/etc/monit/conf.d/pgsql_deb11

  278.   notify: restart monit

  279.   when: pgsql11_config_file.stat.exists == True

  280. 

  281. # ---------------------------------------

  282. 

  283. # TODO add to fail2ban when monit_page_public == 1

  284. 

  285. - name: Create the Apache monit sites config files

  286.   template:

  287.     src=etc_apache2_sites-available_monit.j2

  288.     dest=/etc/apache2/sites-available/monit_{{ item.name }}.conf

  289.     owner=root

  290.     group=root

  291.   with_items: "{{ virtual_domains }}"

  292.   when: monit_page_public == 1

  293. 

  294. - name: Enable Apache sites (creates new sites-enabled symlinks)

  295.   command: a2ensite monit_{{ item }}.conf creates=/etc/apache2/sites-enabled/monit_{{ item }}.conf

  296.   notify: restart apache

  297.   with_items: "{{ virtual_domains | json_query('[*].name') }}"

  298.   when: monit_page_public == 1