From 6471032393075b8b0b275d5ae4ea9ebf7be20eec Mon Sep 17 00:00:00 2001 From: Gian Klug Date: Tue, 19 Dec 2023 19:15:12 +0100 Subject: [PATCH 1/5] ci: Fix CI --- .ansible-lint | 5 +- .github/workflows/ansible-ci.yml | 35 ++----- .github/workflows/galaxy-publish.yml | 3 +- defaults/main.yml | 70 ++++++------- handlers/main.yml | 5 +- meta/main.yml | 23 ++-- tasks/configuration.yml | 150 +++++++++++++-------------- tasks/installation.yml | 55 +++++----- tasks/main.yml | 29 +++--- vars/Debian.yml | 12 +-- vars/RedHat.yml | 12 +-- 11 files changed, 186 insertions(+), 213 deletions(-) diff --git a/.ansible-lint b/.ansible-lint index ccdc049..353af18 100644 --- a/.ansible-lint +++ b/.ansible-lint @@ -1,3 +1,4 @@ +--- skip_list: - - '204' - - '201' + - "204" + - "201" diff --git a/.github/workflows/ansible-ci.yml b/.github/workflows/ansible-ci.yml index 6f84d18..22ffb53 100644 --- a/.github/workflows/ansible-ci.yml +++ b/.github/workflows/ansible-ci.yml @@ -1,39 +1,18 @@ --- name: CI - Linting -on: +'on': push: - branches: [ master ] + branches: [master] pull_request: - branches: [ master ] + branches: [master] jobs: - # This workflow contains a single job called "build" lint: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 - with: - path: icinga2_master - - # Checkout Adfinis lint-rules - - uses: actions/checkout@v2 - with: - repository: adfinis-sygroup/ansible-lint-rules - path: lint-rules - - - name: ansible-lint - uses: ansible/ansible-lint-action@master - with: - targets: icinga2_master - args: "-R -r lint-rules" - override-deps: | - ansible~=2.10 - ansible-lint~=5.0 - - - name: yamllint - uses: karancode/yamllint-github-action@v2.0.0 - with: - yamllint_config_filepath: icinga2_master/.testenv/yamllint.yml - yamllint_file_or_dir: icinga2_master + - name: Checkout + uses: actions/checkout@v4 + - name: Run ansible-lint + uses: ansible/ansible-lint@main diff --git a/.github/workflows/galaxy-publish.yml b/.github/workflows/galaxy-publish.yml index 57b00ba..1e503b8 100644 --- a/.github/workflows/galaxy-publish.yml +++ b/.github/workflows/galaxy-publish.yml @@ -13,6 +13,7 @@ jobs: - name: checkout uses: actions/checkout@v2 - name: galaxy - uses: robertdebock/galaxy-action@1.1.0 + uses: robertdebock/galaxy-action@1.2.1 with: galaxy_api_key: ${{ secrets.galaxy_api_key }} + git_branch: master diff --git a/defaults/main.yml b/defaults/main.yml index f96dd78..3b5bb2d 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -11,7 +11,7 @@ icinga2_master_client_parent_zone: "{{ icinga2_master_master_zone }}" # https://icinga.com/docs/icinga2/latest/doc/09-object-types/#user icinga2_master_users: - name: icingaadmin - email: 'alertme@example.com' + email: alertme@example.com groups: - icingaadmins # icinga2_master_users: @@ -47,7 +47,7 @@ icinga2_master_users: # https://icinga.com/docs/icinga2/latest/doc/09-object-types/#usergroup icinga2_master_usergroups: - name: icingaadmins - displayname: 'Icinga2 Admins' + displayname: Icinga2 Admins # icinga2_master_usergroups: # - name: groupname # displayname: 'Group Name' # optional, defaults to an empty string @@ -109,43 +109,43 @@ icinga2_master_timeperiods: - name: holidays display_name: Holidays ranges: - - day: "december 25" - time: 00:00-24:00 + - day: december 25 + time: "00:00-24:00" - name: premium display_name: SLA Premium ranges: - day: monday - time: 00:00-24:00 + time: "00:00-24:00" - day: tuesday - time: 00:00-24:00 + time: "00:00-24:00" - day: wednesday - time: 00:00-24:00 + time: "00:00-24:00" - day: thursday - time: 00:00-24:00 + time: "00:00-24:00" - day: friday - time: 00:00-24:00 + time: "00:00-24:00" - day: saturday - time: 00:00-24:00 + time: "00:00-24:00" - day: sunday - time: 00:00-24:00 + time: "00:00-24:00" - name: standard display_name: SLA Standard ranges: - day: monday - time: 08:00-18:00 + time: "08:00-18:00" - day: tuesday - time: 08:00-18:00 + time: "08:00-18:00" - day: wednesday - time: 08:00-18:00 + time: "08:00-18:00" - day: thursday - time: 08:00-18:00 + time: "08:00-18:00" - day: friday - time: 08:00-18:00 + time: "08:00-18:00" excludes: - holidays # Enable the graphite writer feature -icinga2_master_graphite_enabled: False +icinga2_master_graphite_enabled: false # The Host graphite is running on icinga2_master_graphite_host: 127.0.0.1 @@ -156,7 +156,7 @@ icinga2_master_graphite_port: 2003 ## Icinga2 ido database settings # Enable ido feature -icinga2_master_ido_enabled: False +icinga2_master_ido_enabled: false # icinga2 database name icinga2_master_icinga2_database_name: icinga2 @@ -171,39 +171,38 @@ icinga2_master_icinga2_database_port: 3306 icinga2_master_icinga2_database_user: icinga2 # icinga2 database password -icinga2_master_icinga2_database_pass: 'passw0rd' +icinga2_master_icinga2_database_pass: passw0rd # if the database connection uses ssl or not (true or false) icinga2_master_icinga2_database_ssl: false # the hostpattern which can access and login with the icinga2 user -icinga2_master_icinga2_database_hostpattern: 'localhost' +icinga2_master_icinga2_database_hostpattern: localhost # icinga2 database root user -icinga2_master_db_root_user: "user" +icinga2_master_db_root_user: user # icinga2 database root password -icinga2_master_db_root_pass: "passw0rd" - +icinga2_master_db_root_pass: passw0rd ## Template settings # If you have own templates for the configuration files in /etc/icinga2/conf.d # consider adjusting the names here and add your template to # templates/etc/icinga2/conf.d in the root of your playbook folder. -icinga2_master_template_confd_apiusers: "api-users.conf" -icinga2_master_template_confd_notifications: "notifications.conf" -icinga2_master_template_confd_templates: "templates.conf" -icinga2_master_template_confd_commands: "commands.conf" -icinga2_master_template_confd_groups: "groups.conf" -icinga2_master_template_confd_timeperiods: "timeperiods.conf" -icinga2_master_template_confd_users: "users.conf" +icinga2_master_template_confd_apiusers: api-users.conf +icinga2_master_template_confd_notifications: notifications.conf +icinga2_master_template_confd_templates: templates.conf +icinga2_master_template_confd_commands: commands.conf +icinga2_master_template_confd_groups: groups.conf +icinga2_master_template_confd_timeperiods: timeperiods.conf +icinga2_master_template_confd_users: users.conf # These variables can be adjusted if you have custom templates for the global # templates directory which gets synced to all clients. icinga2_master_template_globaltemplates: - - "services.conf" - - "templates.conf" + - services.conf + - templates.conf # Global Zones to be added to zones.conf icinga2_master_global_zones: @@ -226,7 +225,7 @@ icinga2_master_global_zones: # icinga2_master_twilio_auth_token: 'auth_token' # Whether twilio sms are enabled or not -icinga2_master_twilio_sms_enabled: False +icinga2_master_twilio_sms_enabled: false # The twilio phone numer used to send sms # icinga2_master_twilio_sms_from: '+41123456789' @@ -235,14 +234,13 @@ icinga2_master_twilio_sms_enabled: False # Can be used to execute custom scripts after the SMS is sent # defaults to an empty list, add command lines as necessary # Example: -#icinga2_master_twilio_sms_additional_commands: +# icinga2_master_twilio_sms_additional_commands: # # Execute a custom script after the sms has been sent to also send # # the notification to mattermost # - "/etc/icinga2/scripts/mattermost.sh "${NOTIFICATION_MESSAGE}"" icinga2_master_twilio_sms_additional_commands: [] - # Whether twilio calls are enabled or not -icinga2_master_twilio_phone_enabled: False +icinga2_master_twilio_phone_enabled: false # The twilio phone number used to make calls # icinga2_master_twilio_phone_from: '+41123456789' diff --git a/handlers/main.yml b/handlers/main.yml index c11c6b0..f5bad7e 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -1,6 +1,5 @@ --- - -- name: icinga2_master reload icinga2 - service: +- name: Icinga2_master reload icinga2 + ansible.builtin.service: name: icinga2 state: reloaded diff --git a/meta/main.yml b/meta/main.yml index 9cbc7de..072bb00 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -1,20 +1,21 @@ --- dependencies: - - name: 'adfinis-sygroup.icinga2_agent' + - name: adfinis.icinga2_agent galaxy_info: - role_name: 'icinga2_master' - author: 'Adfinis SyGroup AG' - description: 'This role is used to configure icinga2 in master mode' - company: 'Adfinis SyGroup AG' - license: 'GNU General Public License v3' - min_ansible_version: '2.0.0' + role_name: icinga2_master + namespace: adfinis + author: Adfinis AG + description: This role is used to configure icinga2 in master mode + company: Adfinis AG + license: GNU General Public License v3 + min_ansible_version: 2.0.0 platforms: - name: EL versions: - - 7 + - "7" galaxy_tags: - - 'icinga2' - - 'monitoring' - - 'master' + - icinga2 + - monitoring + - master diff --git a/tasks/configuration.yml b/tasks/configuration.yml index 4134e79..caf669e 100644 --- a/tasks/configuration.yml +++ b/tasks/configuration.yml @@ -1,69 +1,68 @@ --- - -- name: configure icinga2 ido feature - template: +- name: Configure icinga2 ido feature + ansible.builtin.template: src: etc/icinga2/features-available/ido-mysql.conf.j2 dest: /etc/icinga2/features-available/ido-mysql.conf owner: "{{ icinga2_master_owner }}" group: "{{ icinga2_master_group }}" - mode: 0640 + mode: "0640" seuser: system_u serole: object_r setype: icinga2_etc_t selevel: s0 when: icinga2_master_ido_enabled|bool -- name: enable icinga2 ido feature - file: +- name: Enable icinga2 ido feature + ansible.builtin.file: src: /etc/icinga2/features-available/ido-mysql.conf dest: /etc/icinga2/features-enabled/ido-mysql.conf state: link when: icinga2_master_ido_enabled|bool -- name: install icinga2 configuration - template: +- name: Install icinga2 configuration + ansible.builtin.template: src: etc/icinga2/icinga2.conf.j2 dest: /etc/icinga2/icinga2.conf owner: "{{ icinga2_master_owner }}" group: "{{ icinga2_master_group }}" - mode: 0640 + mode: "0640" seuser: system_u serole: object_r setype: icinga2_etc_t selevel: s0 notify: icinga2_master reload icinga2 -- name: install icinga2 constants configuration - template: +- name: Install icinga2 constants configuration + ansible.builtin.template: src: etc/icinga2/constants.conf.j2 dest: /etc/icinga2/constants.conf owner: "{{ icinga2_master_owner }}" group: "{{ icinga2_master_group }}" - mode: 0640 + mode: "0640" seuser: system_u serole: object_r setype: icinga2_etc_t selevel: s0 notify: icinga2_master reload icinga2 -- name: remove files from conf.d which are already defined in global-templates - copy: - dest: '{{ item }}' +- name: Remove files from conf.d which are already defined in global-templates + ansible.builtin.copy: + dest: "{{ item }}" content: "" - force: yes - mode: 0644 + force: true + mode: "0644" loop: - /etc/icinga2/conf.d/services.conf - /etc/icinga2/conf.d/hosts.conf # Twilio configuration -- name: install twilio sms scripts - template: +- name: Install twilio sms scripts + ansible.builtin.template: src: etc/icinga2/scripts/{{ item }}.j2 dest: /etc/icinga2/scripts/{{ item }} owner: "{{ icinga2_master_owner }}" group: "{{ icinga2_master_group }}" - mode: 0755 + mode: "0755" seuser: system_u serole: object_r setype: nagios_notification_plugin_exec_t @@ -73,13 +72,13 @@ - twilio-sms-service-notification.sh when: icinga2_master_twilio_sms_enabled|bool -- name: install twilio phone script - template: +- name: Install twilio phone script + ansible.builtin.template: src: etc/icinga2/scripts/{{ item }}.j2 dest: /etc/icinga2/scripts/{{ item }} owner: "{{ icinga2_master_owner }}" group: "{{ icinga2_master_group }}" - mode: 0755 + mode: "0755" seuser: system_u serole: object_r setype: nagios_notification_plugin_exec_t @@ -88,13 +87,13 @@ - twilio-phone-notification.sh when: icinga2_master_twilio_phone_enabled|bool -- name: install icinga2 conf.d configurations - template: +- name: Install icinga2 conf.d configurations + ansible.builtin.template: src: etc/icinga2/conf.d/{{ item }}.j2 dest: /etc/icinga2/conf.d/{{ item }} owner: "{{ icinga2_master_owner }}" group: "{{ icinga2_master_group }}" - mode: 0640 + mode: "0640" seuser: system_u serole: object_r setype: icinga2_etc_t @@ -109,37 +108,37 @@ - "{{ icinga2_master_template_confd_users }}" notify: icinga2_master reload icinga2 -- name: execute icinga2 api setup command - command: icinga2 api setup +- name: Execute icinga2 api setup command + ansible.builtin.command: icinga2 api setup args: creates: /var/lib/icinga2/ca/ca.crt notify: icinga2_master reload icinga2 -- name: configure icinga2 api feature - template: +- name: Configure icinga2 api feature + ansible.builtin.template: src: etc/icinga2/features-available/api.conf.j2 dest: /etc/icinga2/features-available/api.conf owner: "{{ icinga2_master_owner }}" group: "{{ icinga2_master_group }}" - mode: 0640 + mode: "0640" seuser: system_u serole: object_r setype: icinga2_etc_t selevel: s0 -- name: enable icinga2 api feature - file: +- name: Enable icinga2 api feature + ansible.builtin.file: src: /etc/icinga2/features-available/api.conf dest: /etc/icinga2/features-enabled/api.conf state: link -- name: configure icinga2 graphite feature - template: +- name: Configure icinga2 graphite feature + ansible.builtin.template: src: etc/icinga2/features-available/graphite.conf.j2 dest: /etc/icinga2/features-available/graphite.conf owner: "{{ icinga2_master_owner }}" group: "{{ icinga2_master_group }}" - mode: 0640 + mode: "0640" seuser: system_u serole: object_r setype: icinga2_etc_t @@ -147,8 +146,8 @@ when: icinga2_master_graphite_enabled|bool notify: icinga2_master reload icinga2 -- name: enable icinga2 graphite feature - file: +- name: Enable icinga2 graphite feature + ansible.builtin.file: src: /etc/icinga2/features-available/graphite.conf dest: /etc/icinga2/features-enabled/graphite.conf state: link @@ -156,12 +155,12 @@ notify: icinga2_master reload icinga2 # Global Icinga2 configuration -- name: ensure the global-templates directory is present - file: +- name: Ensure the global-templates directory is present + ansible.builtin.file: dest: /etc/icinga2/zones.d/global-templates owner: "{{ icinga2_master_owner }}" group: "{{ icinga2_master_group }}" - mode: 0755 + mode: "0755" seuser: system_u serole: object_r setype: icinga2_etc_t @@ -169,13 +168,13 @@ state: directory when: inventory_hostname == icinga2_client_monitoring_parents[0] -- name: create global template configurations - template: +- name: Create global template configurations + ansible.builtin.template: src: etc/icinga2/zones.d/global-templates/{{ item }}.j2 dest: /etc/icinga2/zones.d/global-templates/{{ item }} owner: "{{ icinga2_master_owner }}" group: "{{ icinga2_master_group }}" - mode: 0640 + mode: "0640" seuser: system_u serole: object_r setype: icinga2_etc_t @@ -184,26 +183,26 @@ notify: icinga2_master reload icinga2 when: inventory_hostname == icinga2_client_monitoring_parents[0] -- name: create global zones configuration - template: +- name: Create global zones configuration + ansible.builtin.template: src: etc/icinga2/zones.conf.j2 dest: /etc/icinga2/zones.conf owner: "{{ icinga2_master_owner }}" group: "{{ icinga2_master_group }}" - mode: 0640 + mode: "0640" seuser: system_u serole: object_r setype: icinga2_etc_t selevel: s0 notify: icinga2_master reload icinga2 -- name: create zone configuration directory for each host - file: +- name: Create zone configuration directory for each host + ansible.builtin.file: path: /etc/icinga2/zones.d/{{ hostvars[item].inventory_hostname }} state: directory owner: "{{ icinga2_master_owner }}" group: "{{ icinga2_master_group }}" - mode: 0755 + mode: "0755" seuser: system_u serole: object_r setype: icinga2_etc_t @@ -211,16 +210,16 @@ loop: '{{ groups["monitoring_sat"] }}' notify: icinga2_master reload icinga2 when: > - inventory_hostname == icinga2_client_monitoring_parents[0] - and not ('icinga2_client_director_managed' in hostvars[item] and hostvars[item].icinga2_client_director_managed) + inventory_hostname == icinga2_client_monitoring_parents[0] + and not ('icinga2_client_director_managed' in hostvars[item] and hostvars[item].icinga2_client_director_managed) -- name: create zone file for each zone - template: +- name: Create zone file for each zone + ansible.builtin.template: src: etc/icinga2/zones.d/generic_zone.conf.j2 dest: /etc/icinga2/zones.d/{{ hostvars[item].icinga2_master_client_parent_zone }}/{{ hostvars[item].inventory_hostname }}_zone.conf owner: "{{ icinga2_master_owner }}" group: "{{ icinga2_master_group }}" - mode: 0640 + mode: "0640" seuser: system_u serole: object_r setype: icinga2_etc_t @@ -228,17 +227,17 @@ loop: '{{ groups["monitoring_client"] }}' notify: icinga2_master reload icinga2 when: > - inventory_hostname == icinga2_client_monitoring_parents[0] - and hostvars[item].inventory_hostname not in groups["monitoring_sat"] - and not ('icinga2_client_director_managed' in hostvars[item] and hostvars[item].icinga2_client_director_managed) + inventory_hostname == icinga2_client_monitoring_parents[0] + and hostvars[item].inventory_hostname not in groups["monitoring_sat"] + and not ('icinga2_client_director_managed' in hostvars[item] and hostvars[item].icinga2_client_director_managed) -- name: create host file per host - template: +- name: Create host file per host + ansible.builtin.template: src: etc/icinga2/zones.d/generic_host.conf.j2 dest: /etc/icinga2/zones.d/{{ hostvars[item].icinga2_master_client_parent_zone }}/{{ hostvars[item].inventory_hostname }}_host.conf owner: "{{ icinga2_master_owner }}" group: "{{ icinga2_master_group }}" - mode: 0640 + mode: "0640" seuser: system_u serole: object_r setype: icinga2_etc_t @@ -246,15 +245,15 @@ loop: '{{ groups["monitoring_client"] }}' notify: icinga2_master reload icinga2 when: > - inventory_hostname == icinga2_client_monitoring_parents[0] - and not ('icinga2_client_director_managed' in hostvars[item] and hostvars[item].icinga2_client_director_managed) + inventory_hostname == icinga2_client_monitoring_parents[0] + and not ('icinga2_client_director_managed' in hostvars[item] and hostvars[item].icinga2_client_director_managed) -- name: ensure master zone folder exists - file: +- name: Ensure master zone folder exists + ansible.builtin.file: path: /etc/icinga2/zones.d/{{ hostvars[item].icinga2_master_client_parent_zone }}/ owner: "{{ icinga2_master_owner }}" group: "{{ icinga2_master_group }}" - mode: 0640 + mode: "0640" seuser: system_u serole: object_r setype: icinga2_etc_t @@ -262,28 +261,25 @@ state: directory loop: '{{ groups["monitoring_master"] }}' notify: icinga2_master reload icinga2 - when: inventory_hostname == icinga2_client_monitoring_parents[0] - and not ('icinga2_client_director_managed' in hostvars[item] and hostvars[item].icinga2_client_director_managed) + when: inventory_hostname == icinga2_client_monitoring_parents[0] and not ('icinga2_client_director_managed' in hostvars[item] and hostvars[item].icinga2_client_director_managed) # noqa: yaml[line-length] - -- name: add our own host configuration - template: +- name: Add our own host configuration + ansible.builtin.template: src: etc/icinga2/zones.d/generic_host.conf.j2 dest: /etc/icinga2/zones.d/{{ hostvars[item].icinga2_master_client_parent_zone }}/{{ hostvars[item].inventory_hostname }}_host.conf owner: "{{ icinga2_master_owner }}" group: "{{ icinga2_master_group }}" - mode: 0640 + mode: "0640" seuser: system_u serole: object_r setype: icinga2_etc_t selevel: s0 loop: '{{ groups["monitoring_master"] }}' notify: icinga2_master reload icinga2 - when: inventory_hostname == icinga2_client_monitoring_parents[0] - and not ('icinga2_client_director_managed' in hostvars[item] and hostvars[item].icinga2_client_director_managed) + when: inventory_hostname == icinga2_client_monitoring_parents[0] and not ('icinga2_client_director_managed' in hostvars[item] and hostvars[item].icinga2_client_director_managed) # noqa: yaml[line-length] -- name: ensure that icinga2 is started and enabled on boot - service: +- name: Ensure that icinga2 is started and enabled on boot + ansible.builtin.service: name: icinga2 state: started - enabled: yes + enabled: true diff --git a/tasks/installation.yml b/tasks/installation.yml index 0d69caf..f382ff7 100644 --- a/tasks/installation.yml +++ b/tasks/installation.yml @@ -1,8 +1,7 @@ --- - -- name: install packages - package: - name: '{{ icinga2_master_ido_packages }}' +- name: Install packages + ansible.builtin.package: + name: "{{ icinga2_master_ido_packages }}" state: present when: icinga2_master_ido_enabled|bool register: icinga2_master_register_packages_installed @@ -10,8 +9,8 @@ retries: 10 delay: 2 -- name: check if icinga2 ido table and user in mysql exist - shell: > +- name: Check if icinga2 ido table and user in mysql exist + ansible.builtin.shell: > set -o pipefail; mysql --user={{ icinga2_master_db_root_user }} @@ -24,34 +23,32 @@ changed_when: icinga2_master_register_icinga2_imported.rc == 1 failed_when: "'Access denied for' in icinga2_master_register_icinga2_imported.stderr" when: icinga2_master_ido_enabled|bool - check_mode: no + check_mode: false -- name: import icinga2 ido database schema using the root user - mysql_db: - name: '{{ icinga2_master_icinga2_database_name }}' - login_host: '{{ icinga2_master_icinga2_database_host }}' - login_port: '{{ icinga2_master_icinga2_database_port }}' - login_user: '{{ icinga2_master_db_root_user }}' - login_password: '{{ icinga2_master_db_root_pass }}' - ssl_ca: '{{ icinga2_master_ca_path }}' +- name: Import icinga2 ido database schema using the root user + community.mysql.mysql_db: + name: "{{ icinga2_master_icinga2_database_name }}" + login_host: "{{ icinga2_master_icinga2_database_host }}" + login_port: "{{ icinga2_master_icinga2_database_port }}" + login_user: "{{ icinga2_master_db_root_user }}" + login_password: "{{ icinga2_master_db_root_pass }}" + ssl_ca: "{{ icinga2_master_ca_path }}" state: import target: /usr/share/icinga2-ido-mysql/schema/mysql.sql run_once: true - when: icinga2_master_ido_enabled|bool and - icinga2_master_register_icinga2_imported.rc == 1 + when: icinga2_master_ido_enabled|bool and icinga2_master_register_icinga2_imported.rc == 1 -- name: create a user with access only to the ido database using the root user - mysql_user: +- name: Create a user with access only to the ido database using the root user + community.mysql.mysql_user: name: '{{ icinga2_master_icinga2_database_user.split("@")[0] }}' - password: '{{ icinga2_master_icinga2_database_pass }}' - priv: '{{ icinga2_master_icinga2_database_name }}.*:ALL' - host: '{{ icinga2_master_icinga2_database_hostpattern }}' - login_host: '{{ icinga2_master_icinga2_database_host }}' - login_port: '{{ icinga2_master_icinga2_database_port }}' - login_user: '{{ icinga2_master_db_root_user }}' - login_password: '{{ icinga2_master_db_root_pass }}' - ssl_ca: '{{ icinga2_master_ca_path }}' + password: "{{ icinga2_master_icinga2_database_pass }}" + priv: "{{ icinga2_master_icinga2_database_name }}.*:ALL" + host: "{{ icinga2_master_icinga2_database_hostpattern }}" + login_host: "{{ icinga2_master_icinga2_database_host }}" + login_port: "{{ icinga2_master_icinga2_database_port }}" + login_user: "{{ icinga2_master_db_root_user }}" + login_password: "{{ icinga2_master_db_root_pass }}" + ssl_ca: "{{ icinga2_master_ca_path }}" state: present run_once: true - when: icinga2_master_ido_enabled|bool and - icinga2_master_register_icinga2_imported.rc == 1 + when: icinga2_master_ido_enabled|bool and icinga2_master_register_icinga2_imported.rc == 1 diff --git a/tasks/main.yml b/tasks/main.yml index 88a6b46..50b3ef2 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,21 +1,22 @@ --- - -- name: include os specific vars - include_vars: '{{ item }}' +- name: Include os specific vars + ansible.builtin.include_vars: "{{ item }}" with_first_found: - - '{{ ansible_distribution }}_{{ ansible_distribution_major_version }}.yml' - - '{{ ansible_os_family }}.yml' + - "{{ ansible_distribution }}_{{ ansible_distribution_major_version }}.yml" + - "{{ ansible_os_family }}.yml" tags: - - 'role::icinga2_master' - - 'role::icinga2_master:install' - - 'role::icinga2_master:config' + - role::icinga2_master + - role::icinga2_master:install + - role::icinga2_master:config -- import_tasks: installation.yml +- name: Import installation tasks + ansible.builtin.import_tasks: installation.yml tags: - - 'role::icinga2_master' - - 'role::icinga2_master:install' + - role::icinga2_master + - role::icinga2_master:install -- import_tasks: configuration.yml +- name: Iport configuration tasks + ansible.builtin.import_tasks: configuration.yml tags: - - 'role::icinga2_master' - - 'role::icinga2_master:config' + - role::icinga2_master + - role::icinga2_master:config diff --git a/vars/Debian.yml b/vars/Debian.yml index 36e9cf8..9832218 100644 --- a/vars/Debian.yml +++ b/vars/Debian.yml @@ -1,11 +1,11 @@ --- -icinga2_master_owner: "nagios" -icinga2_master_group: "nagios" +icinga2_master_owner: nagios +icinga2_master_group: nagios icinga2_master_ido_packages: - - "python-mysqldb" - - "icinga2-ido-mysql" - - "default-mysql-client" + - python-mysqldb + - icinga2-ido-mysql + - default-mysql-client -icinga2_master_ca_path: "/etc/ssl/certs/ca-certificates.crt" +icinga2_master_ca_path: /etc/ssl/certs/ca-certificates.crt diff --git a/vars/RedHat.yml b/vars/RedHat.yml index 1eb7d20..8109e08 100644 --- a/vars/RedHat.yml +++ b/vars/RedHat.yml @@ -1,11 +1,11 @@ --- -icinga2_master_owner: "icinga" -icinga2_master_group: "icinga" +icinga2_master_owner: icinga +icinga2_master_group: icinga icinga2_master_ido_packages: - - "MySQL-python" - - "icinga2-ido-mysql" - - "mysql" + - MySQL-python + - icinga2-ido-mysql + - mysql -icinga2_master_ca_path: "/etc/ssl/certs/ca-bundle.crt" +icinga2_master_ca_path: /etc/ssl/certs/ca-bundle.crt From c3810a181e15c4cc394e3368ee7d4fc6ae1b55b4 Mon Sep 17 00:00:00 2001 From: Gian Klug Date: Tue, 19 Dec 2023 19:18:11 +0100 Subject: [PATCH 2/5] chore: Rebranding --- README.md | 32 +++++++++---------- .../scripts/twilio-phone-notification.sh.j2 | 4 +-- .../twilio-sms-host-notification.sh.j2 | 4 +-- .../twilio-sms-service-notification.sh.j2 | 6 ++-- 4 files changed, 23 insertions(+), 23 deletions(-) diff --git a/README.md b/README.md index 40f9690..815aead 100644 --- a/README.md +++ b/README.md @@ -1,11 +1,11 @@ ROLE ICINGA2\_MASTER ==================== -[![image](https://img.shields.io/github/license/adfinis-sygroup/ansible-role-icinga2_master.svg?style=flat-square)](https://github.com/adfinis-sygroup/ansible-role-icinga2_master/blob/master/LICENSE) +[![image](https://img.shields.io/github/license/adfinis/ansible-role-icinga2_master.svg?style=flat-square)](https://github.com/adfinis/ansible-role-icinga2_master/blob/master/LICENSE) -[![image](https://img.shields.io/github/workflow/status/adfinis-sygroup/ansible-role-icinga2_master/CI%20-%20Linting?style=flat-square)](https://github.com/adfinis-sygroup/ansible-role-icinga2_master/actions) +[![image](https://img.shields.io/github/actions/workflow/status/adfinis/ansible-role-icinga2_master/CI%20-%20Linting?style=flat-square)](https://github.com/adfinis/ansible-role-icinga2_master/actions) -[![image](https://img.shields.io/badge/galaxy-adfinis--sygroup.icinga2_master-660198.svg?style=flat-square)](https://galaxy.ansible.com/adfinis-sygroup/icinga2_master) +[![image](https://img.shields.io/badge/galaxy-adfinis.icinga2_master-660198.svg?style=flat-square)](https://galaxy.ansible.com/adfinis/icinga2_master) This role configures icinga2 to act as a master. Furthermore, this role takes care of the configuration for all clients. @@ -18,14 +18,14 @@ activate the [IDO feature](https://icinga.com/docs/icinga2/latest/doc/14-features/#db-ido) for icinga2. This needs a running database, either already existing or using the -[adfinis-sygroup.mariadb](https://galaxy.ansible.com/adfinis-sygroup/mariadb) +[adfinis.mariadb](https://galaxy.ansible.com/adfinis/mariadb) role. Note: When using a multi-master setup, only one database must be used for both instances! Role Variables -------------- -``` {.sourceCode .yaml} +```yaml # The icinga2 master zone icinga2_master_master_zone: monitoring-master @@ -41,7 +41,7 @@ icinga2_master_api_users: [] Templates can be adjusted using variables. -``` {.sourceCode .yaml} +```yaml ## Template settings # If you have own templates for the configuration files in /etc/icinga2/conf.d @@ -67,7 +67,7 @@ SID and Auth token from the twilio console. If you plan to make phone calls, please create a [TwiML](https://www.twilio.com/docs/voice/twiml) application. -``` {.sourceCode .yaml} +```yaml ## Twilio alerting # The account sid from https://www.twilio.com/console @@ -98,7 +98,7 @@ icinga2_master_twilio_phone_enabled: False # The twilio phone number used to make calls #icinga2_master_twilio_phone_from: '+41123456789' -# The twilio application on how to handle the call. You can either choose +# The twilio application on how to handle the call. You can either choose # application sid or appication url. Choose only one. default is not defined. # https://www.twilio.com/docs/voice/make-calls #icinga2_master_twilio_phone_application_sid: 'application_sid' @@ -119,29 +119,29 @@ Dependencies ------------ This role depends on the role -[adfinis-sygroup.icinga2\_agent](https://galaxy.ansible.com/adfinis-sygroup/icinga2_agent), +[adfinis.icinga2\_agent](https://galaxy.ansible.com/adfinis/icinga2_agent), which installs the icinga2 binary. Example Playbook ---------------- -``` {.sourceCode .yaml} +```yaml - hosts: monitoring-master roles: - - { role: adfinis-sygroup.icinga2_agent } - - { role: adfinis-sygroup.icinga2_master } + - { role: adfinis.icinga2_agent } + - { role: adfinis.icinga2_master } ``` License ------- -[GPL-3.0](https://github.com/adfinis-sygroup/ansible-role-icinga2_master/blob/master/LICENSE) +[GPL-3.0](https://github.com/adfinis/ansible-role-icinga2_master/blob/master/LICENSE) Author Information ------------------ icinga2\_master role was written by: -- Adfinis SyGroup AG \| [Website](https://www.adfinis-sygroup.ch/) \| - [Twitter](https://twitter.com/adfinissygroup) \| - [GitHub](https://github.com/adfinis-sygroup) +- Adfinis AG \| [Website](https://www.adfinis.com/) \| + [Twitter](https://twitter.com/adfinis) \| + [GitHub](https://github.com/adfinis) diff --git a/templates/etc/icinga2/scripts/twilio-phone-notification.sh.j2 b/templates/etc/icinga2/scripts/twilio-phone-notification.sh.j2 index b2de3d0..80db8ab 100644 --- a/templates/etc/icinga2/scripts/twilio-phone-notification.sh.j2 +++ b/templates/etc/icinga2/scripts/twilio-phone-notification.sh.j2 @@ -1,7 +1,7 @@ #!/usr/bin/env bash # -# Adfinis SyGroup AG -# https://github.com/adfinis-sygroup/ansible-role-icinga2_master +# Adfinis AG +# https://github.com/adfinis/ansible-role-icinga2_master # # This script trigger telephone notifications using Twilio # diff --git a/templates/etc/icinga2/scripts/twilio-sms-host-notification.sh.j2 b/templates/etc/icinga2/scripts/twilio-sms-host-notification.sh.j2 index 522eb6e..4ecb4e2 100644 --- a/templates/etc/icinga2/scripts/twilio-sms-host-notification.sh.j2 +++ b/templates/etc/icinga2/scripts/twilio-sms-host-notification.sh.j2 @@ -1,7 +1,7 @@ #!/usr/bin/env bash # -# Adfinis SyGroup AG -# https://github.com/adfinis-sygroup/ansible-role-icinga2_master +# Adfinis AG +# https://github.com/adfinis/ansible-role-icinga2_master # # This script trigger host SMS notifications using Twilio # diff --git a/templates/etc/icinga2/scripts/twilio-sms-service-notification.sh.j2 b/templates/etc/icinga2/scripts/twilio-sms-service-notification.sh.j2 index 1f62551..356eb23 100644 --- a/templates/etc/icinga2/scripts/twilio-sms-service-notification.sh.j2 +++ b/templates/etc/icinga2/scripts/twilio-sms-service-notification.sh.j2 @@ -1,7 +1,7 @@ #!/usr/bin/env bash # -# Adfinis SyGroup AG -# https://github.com/adfinis-sygroup/ansible-role-icinga2_master +# Adfinis AG +# https://github.com/adfinis/ansible-role-icinga2_master # # This script trigger service SMS notifications using Twilio # @@ -108,7 +108,7 @@ SUBJECT="[$NOTIFICATIONTYPE] $SERVICEDISPLAYNAME on $HOSTDISPLAYNAME is $SERVICE ## Build the notification message NOTIFICATION_MESSAGE=$(cat << EOF -[$SERVICESTATE] $HOSTDISPLAYNAME: $SERVICEDISPLAYNAME +[$SERVICESTATE] $HOSTDISPLAYNAME: $SERVICEDISPLAYNAME $SERVICEOUTPUT EOF ) From 426877b9279a01ed0c85a18501f7a9404c5076aa Mon Sep 17 00:00:00 2001 From: Gian Klug Date: Tue, 19 Dec 2023 19:20:04 +0100 Subject: [PATCH 3/5] fix: Fix tests --- tests/test.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/tests/test.yml b/tests/test.yml index ed88abf..eb933c8 100644 --- a/tests/test.yml +++ b/tests/test.yml @@ -1,6 +1,7 @@ --- -- hosts: localhost +- name: Run Tests + hosts: localhost remote_user: root roles: - - icinga2_master + - adfinis.icinga2_master From 5715815b6423433d9006739b41488b50c2aa580b Mon Sep 17 00:00:00 2001 From: Gian Klug Date: Tue, 19 Dec 2023 19:21:54 +0100 Subject: [PATCH 4/5] docs: Fix status badge --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 815aead..d9a7a68 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,7 @@ ROLE ICINGA2\_MASTER [![image](https://img.shields.io/github/license/adfinis/ansible-role-icinga2_master.svg?style=flat-square)](https://github.com/adfinis/ansible-role-icinga2_master/blob/master/LICENSE) -[![image](https://img.shields.io/github/actions/workflow/status/adfinis/ansible-role-icinga2_master/CI%20-%20Linting?style=flat-square)](https://github.com/adfinis/ansible-role-icinga2_master/actions) +[![image](https://img.shields.io/github/actions/workflow/status/adfinis/ansible-role-icinga2_master/ansible-ci.yml?style=flat-square)](https://github.com/adfinis/ansible-role-icinga2_master/actions) [![image](https://img.shields.io/badge/galaxy-adfinis.icinga2_master-660198.svg?style=flat-square)](https://galaxy.ansible.com/adfinis/icinga2_master) From 0e5d98787a1196229e312a599ad946781cb29794 Mon Sep 17 00:00:00 2001 From: Gian Klug Date: Wed, 20 Dec 2023 14:19:09 +0100 Subject: [PATCH 5/5] fix: Add requirements.yml --- requirements.yml | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 requirements.yml diff --git a/requirements.yml b/requirements.yml new file mode 100644 index 0000000..e35ea5b --- /dev/null +++ b/requirements.yml @@ -0,0 +1,3 @@ +--- +roles: + - name: adfinis.icinga2_agent