diff --git a/ANSIBLE/eoq.yml b/ANSIBLE/eoq.yml new file mode 100644 index 0000000..bc71625 --- /dev/null +++ b/ANSIBLE/eoq.yml @@ -0,0 +1,18 @@ +--- +#- import_playbook: httpd.yml + +- name: Install http php and mariadb + hosts: eoq + become: yes + gather_facts: yes + vars_files: + - group_vars/db/vault.yml # This is encrypted + + roles: + - httpd_with_php + #- mariadb + + tasks: + - debug: + msg: "Finished configuring DNS" + diff --git a/ANSIBLE/files/monitor.telos.digital/conf.d/app.conf b/ANSIBLE/files/monitor.telos.digital/conf.d/app.conf new file mode 100644 index 0000000..3e4be0d --- /dev/null +++ b/ANSIBLE/files/monitor.telos.digital/conf.d/app.conf @@ -0,0 +1 @@ +object IcingaApplication "app" { } diff --git a/ANSIBLE/files/monitor.telos.digital/conf.d/apt.conf b/ANSIBLE/files/monitor.telos.digital/conf.d/apt.conf new file mode 100644 index 0000000..a2e0716 --- /dev/null +++ b/ANSIBLE/files/monitor.telos.digital/conf.d/apt.conf @@ -0,0 +1,13 @@ +apply Service "apt" { + import "generic-service" + + check_command = "apt" + + check_interval = 1d + retry_interval = 2h + max_check_attempts = 2 + + + + assign where host.name == NodeName +} diff --git a/ANSIBLE/files/monitor.telos.digital/conf.d/commands.conf b/ANSIBLE/files/monitor.telos.digital/conf.d/commands.conf new file mode 100644 index 0000000..14bb80f --- /dev/null +++ b/ANSIBLE/files/monitor.telos.digital/conf.d/commands.conf @@ -0,0 +1,229 @@ +/* Command objects */ + +/* Notification Commands + * + * Please check the documentation for all required and + * optional parameters. + */ + +object NotificationCommand "mail-host-notification" { + command = [ ConfigDir + "/scripts/mail-host-notification.sh" ] + + arguments += { + "-4" = "$notification_address$" + "-6" = "$notification_address6$" + "-b" = "$notification_author$" + "-c" = "$notification_comment$" + "-d" = { + required = true + value = "$notification_date$" + } + "-f" = { + value = "$notification_from$" + description = "Set from address. Requires GNU mailutils (Debian/Ubuntu) or mailx (RHEL/SUSE)" + } + "-i" = "$notification_icingaweb2url$" + "-l" = { + required = true + value = "$notification_hostname$" + } + "-n" = { + required = true + value = "$notification_hostdisplayname$" + } + "-o" = { + required = true + value = "$notification_hostoutput$" + } + "-r" = { + required = true + value = "$notification_useremail$" + } + "-s" = { + required = true + value = "$notification_hoststate$" + } + "-X" = "$notification_hostnotes$" + "-t" = { + required = true + value = "$notification_type$" + } + "-v" = "$notification_logtosyslog$" + } + + vars += { + notification_address = "$address$" + notification_address6 = "$address6$" + notification_author = "$notification.author$" + notification_comment = "$notification.comment$" + notification_type = "$notification.type$" + notification_date = "$icinga.long_date_time$" + notification_hostname = "$host.name$" + notification_hostdisplayname = "$host.display_name$" + notification_hostoutput = "$host.output$" + notification_hoststate = "$host.state$" + notification_useremail = "$user.email$" + notification_hostnotes = "$host.notes$" + } +} + +object NotificationCommand "mail-service-notification" { + command = [ ConfigDir + "/scripts/mail-service-notification.sh" ] + + arguments += { + "-4" = "$notification_address$" + "-6" = "$notification_address6$" + "-b" = "$notification_author$" + "-c" = "$notification_comment$" + "-d" = { + required = true + value = "$notification_date$" + } + "-e" = { + required = true + value = "$notification_servicename$" + } + "-f" = { + value = "$notification_from$" + description = "Set from address. Requires GNU mailutils (Debian/Ubuntu) or mailx (RHEL/SUSE)" + } + "-i" = "$notification_icingaweb2url$" + "-l" = { + required = true + value = "$notification_hostname$" + } + "-n" = { + required = true + value = "$notification_hostdisplayname$" + } + "-o" = { + required = true + value = "$notification_serviceoutput$" + } + "-r" = { + required = true + value = "$notification_useremail$" + } + "-s" = { + required = true + value = "$notification_servicestate$" + } + "-t" = { + required = true + value = "$notification_type$" + } + "-X" = "$notification_hostnotes$" + "-x" = "$notification_servicenotes$" + "-u" = { + required = true + value = "$notification_servicedisplayname$" + } + "-v" = "$notification_logtosyslog$" + } + + vars += { + notification_address = "$address$" + notification_address6 = "$address6$" + notification_author = "$notification.author$" + notification_comment = "$notification.comment$" + notification_type = "$notification.type$" + notification_date = "$icinga.long_date_time$" + notification_hostname = "$host.name$" + notification_hostdisplayname = "$host.display_name$" + notification_servicename = "$service.name$" + notification_serviceoutput = "$service.output$" + notification_servicestate = "$service.state$" + notification_useremail = "$user.email$" + notification_servicedisplayname = "$service.display_name$" + notification_hostnotes = "$host.notes$" + notification_servicenotes = "$service.notes$" + } +} + +/* + * If you prefer to use the notification scripts with environment + * variables instead of command line parameters, you can use + * the following commands. They have been updated from < 2.7 + * to support the new notification scripts and should help + * with an upgrade. + * Remove the comment blocks and comment the notification commands above. + */ + +/* + +object NotificationCommand "mail-host-notification" { + command = [ ConfigDir + "/scripts/mail-host-notification.sh" ] + + env = { + NOTIFICATIONTYPE = "$notification.type$" + HOSTDISPLAYNAME = "$host.display_name$" + HOSTNAME = "$host.name$" + HOSTADDRESS = "$address$" + HOSTSTATE = "$host.state$" + LONGDATETIME = "$icinga.long_date_time$" + HOSTOUTPUT = "$host.output$" + NOTIFICATIONAUTHORNAME = "$notification.author$" + NOTIFICATIONCOMMENT = "$notification.comment$" + HOSTDISPLAYNAME = "$host.display_name$" + USEREMAIL = "$user.email$" + HOSTNOTES = "$host.notes$" + } +} + +object NotificationCommand "mail-service-notification" { + command = [ ConfigDir + "/scripts/mail-service-notification.sh" ] + + env = { + NOTIFICATIONTYPE = "$notification.type$" + SERVICENAME = "$service.name$" + HOSTNAME = "$host.name$" + HOSTDISPLAYNAME = "$host.display_name$" + HOSTADDRESS = "$address$" + SERVICESTATE = "$service.state$" + LONGDATETIME = "$icinga.long_date_time$" + SERVICEOUTPUT = "$service.output$" + NOTIFICATIONAUTHORNAME = "$notification.author$" + NOTIFICATIONCOMMENT = "$notification.comment$" + HOSTDISPLAYNAME = "$host.display_name$" + SERVICEDISPLAYNAME = "$service.display_name$" + USEREMAIL = "$user.email$" + HOSTNOTES = "$host.notes$" + SERVICENOTES = "$service.notes$" + } +} + +*/ + +object CheckCommand "imap_ssl_cert" { + import "plugin-check-command" + + command = [ PluginDir + "/imap_ssl_cert" ] + + arguments = { + "-H" = { + value = "$imap_ssl_cert_host$" + required = true + } + + "-p" = { + value = "$imap_ssl_cert_port$" + description = "Port to check (usually 993)" + } + + "-w" = { + value = "$imap_ssl_cert_warn_days$" + description = "Warn if cert expires in days" + } + + "-c" = { + value = "$imap_ssl_cert_crit_days$" + description = "Critical if cert expires in days" + } + } + + vars.imap_ssl_cert_port = 993 + vars.imap_ssl_cert_warn_days = 30 + vars.imap_ssl_cert_crit_days = 15 +} + + diff --git a/ANSIBLE/files/monitor.telos.digital/conf.d/downtimes.conf b/ANSIBLE/files/monitor.telos.digital/conf.d/downtimes.conf new file mode 100644 index 0000000..0bed647 --- /dev/null +++ b/ANSIBLE/files/monitor.telos.digital/conf.d/downtimes.conf @@ -0,0 +1,20 @@ +/** + * The example downtime apply rule. + */ + +apply ScheduledDowntime "backup-downtime" to Service { + author = "icingaadmin" + comment = "Scheduled downtime for backup" + + ranges = { + monday = service.vars.backup_downtime + tuesday = service.vars.backup_downtime + wednesday = service.vars.backup_downtime + thursday = service.vars.backup_downtime + friday = service.vars.backup_downtime + saturday = service.vars.backup_downtime + sunday = service.vars.backup_downtime + } + + assign where service.vars.backup_downtime != "" +} diff --git a/ANSIBLE/files/monitor.telos.digital/conf.d/groups.conf b/ANSIBLE/files/monitor.telos.digital/conf.d/groups.conf new file mode 100644 index 0000000..b1e3550 --- /dev/null +++ b/ANSIBLE/files/monitor.telos.digital/conf.d/groups.conf @@ -0,0 +1,63 @@ +/** + * Host group examples. + */ + +object HostGroup "Infrastructure" { + display_name = "Infrastructure systems" +} + +object HostGroup "linux-servers" { + display_name = "Linux Servers" + + assign where host.vars.os == "Linux" +} + +/* Not needed +object HostGroup "windows-servers" { + display_name = "Windows Servers" + + assign where host.vars.os == "Windows" +} +*/ + +object HostGroup "https-checked" { + display_name = "HTTPS web services" +} + +object HostGroup "mail-server" { + display_name = "Mail services" +} + +object HostGroup "Davis" { + display_name = "Services related to the Davis Method" +} + +object HostGroup "Digital" { + display_name = "Digital infrastructure and projects" +} + +object HostGroup "Telos Partners" { + display_name = "Telos Partners infrastructure" +} + +/** + * Service group examples. + */ + +object ServiceGroup "ping" { + display_name = "Ping Checks" + + assign where match("ping*", service.name) +} + +object ServiceGroup "http" { + display_name = "HTTP Checks" + + assign where match("http*", service.check_command) +} + +object ServiceGroup "disk" { + display_name = "Disk Checks" + + assign where match("disk*", service.check_command) +} diff --git a/ANSIBLE/files/monitor.telos.digital/conf.d/hosts.conf b/ANSIBLE/files/monitor.telos.digital/conf.d/hosts.conf new file mode 100644 index 0000000..f5ec6ec --- /dev/null +++ b/ANSIBLE/files/monitor.telos.digital/conf.d/hosts.conf @@ -0,0 +1,196 @@ +/* + * Host definitions with object attributes + * used for apply rules for Service, Notification, + * Dependency and ScheduledDowntime objects. + * + * Tip: Use `icinga2 object list --type Host` to + * list all host objects after running + * configuration validation (`icinga2 daemon -C`). + */ + +/* + * This is an example host based on your + * local host's FQDN. Specify the NodeName + * constant in `constants.conf` or use your + * own description, e.g. "db-host-1". + */ + +object Host NodeName { + /* Import the default host template defined in `templates.conf`. */ + import "generic-host" + + + groups = ["https-checked"] + /* Specify the address attributes for checks e.g. `ssh` or `http`. */ + address = "127.0.0.1" + address6 = "::1" + + /* Set custom variable `os` for hostgroup assignment in `groups.conf`. */ + vars.os = "Linux" + + /* Define http vhost attributes for service apply rules in `services.conf`. */ + vars.http_vhosts["http"] = { + http_uri = "/" + } + /* Uncomment if you've successfully installed Icinga Web 2. */ + //vars.http_vhosts["Icinga Web 2"] = { + // http_uri = "/icingaweb2" + //} + + /* Define disks and attributes for service apply rules in `services.conf`. */ + vars.disks["disk"] = { + /* No parameters. */ + } + vars.disks["disk /"] = { + disk_partitions = "/" + } + + /* Define notification mail attributes for notification apply rules in `notifications.conf`. */ + vars.notification["mail"] = { + /* The UserGroup `icingaadmins` is defined in `users.conf`. */ + groups = [ "icingaadmins" ] + } +} + + +object Host "telos-vhost02.telos.digital" { + import "generic-host" + address = "telos-vhost02.telos.digital" + check_command = "ping4" + check_command = "ssh" + vars.ssh_port = 22022 + vars.ping = true + groups = ["Infrastructure"] +} + +object Host "git.telos.digital" { + import "generic-host" + address = "git.telos.digital" + vars.http_vhost = "git.telos.digital" + check_command = "ssh" + vars.ssh_port = 22 + check_interval = 53m + retry_interval = 3m + max_check_attempts = 2 + groups = ["https-checked","Digital"] +} + +object Host "wiki.telos.digital" { + import "generic-host" + address = "wiki.telos.digital" + vars.http_vhost = "wiki.telos.digital" + check_interval = 57m + retry_interval = 5m + max_check_attempts = 3 + groups = ["https-checked","Digital"] +} + +object Host "www.telospartners.com" { + import "generic-host" + address = "www.telospartners.com" + vars.http_vhost = "www.telospartners.com" + check_interval = 103m + retry_interval = 5m + max_check_attempts = 3 + groups = ["https-checked","Telos Partners"] +} + +object Host "davismethod.com" { + import "generic-host" + address = "davismethod.com" + vars.http_vhost = "davismethod.com" + check_interval = 21m + retry_interval = 7m + max_check_attempts = 2 + groups = ["https-checked","Davis"] +} + +object Host "learn.davismethod.com" { + import "generic-host" + address = "learn.davismethod.com" + vars.http_vhost = "learn.davismethod.com" + check_interval = 22m + retry_interval = 11m + max_check_attempts = 2 + groups = ["https-checked","Davis"] +} + +object Host "know.davismethod.com" { + import "generic-host" + address = "know.davismethod.com" + vars.http_vhost = "know.davismethod.com" + check_interval = 41m + retry_interval = 3m + max_check_attempts = 2 + groups = ["https-checked","Davis"] +} + +object Host "home.davismethod.com" { + import "generic-host" + address = "home.davismethod.com" + vars.http_vhost = "home.davismethod.com" + check_interval = 22m + retry_interval = 4m + max_check_attempts = 2 + groups = ["https-checked","Davis"] +} + +object Host "webmail.davismethod.com" { + import "generic-host" + address = "webmail.davismethod.com" + vars.http_vhost = "webmail.davismethod.com" + groups = ["https-checked","Davis"] +} + +object Host "login.davismethod.com" { + import "generic-host" + address = "login.davismethod.com" + vars.http_vhost = "login.davismethod.com" + check_interval = 10m + retry_interval = 1m + max_check_attempts = 6 + groups = ["https-checked","Davis"] +} + +object Host "support.davismethod.com" { + import "generic-host" + address = "support.davismethod.com" + vars.http_vhost = "support.davismethod.com" + check_interval = 53m + retry_interval = 11m + max_check_attempts = 2 + groups = ["https-checked","Davis"] +} + +object Host "work.davismethod.com" { + import "generic-host" + address = "work.davismethod.com" + vars.http_vhost = "work.davismethod.com" + check_interval = 23m + retry_interval = 5m + max_check_attempts = 2 + groups = ["https-checked","Davis"] +} + +object Host "eoq.telos.digital" { + import "generic-host" + address = "eoq.telos.digital" + vars.http_vhost = "eoq.telos.digital" + vars.ping = false + check_interval = 5m + retry_interval = 1m + max_check_attempts = 2 + groups = ["https-checked","Digital"] +} + + +object Host "imap.davismethod.com" { + import "generic-host" + address = "imap.davismethod.com" + vars.http_vhost = "imap.davismethod.com" + vars.smtp_host = "smtp.davismethod.com" + vars.ping = false + + groups = ["mail-server","Davis"] +} + diff --git a/ANSIBLE/files/monitor.telos.digital/conf.d/notifications.conf b/ANSIBLE/files/monitor.telos.digital/conf.d/notifications.conf new file mode 100644 index 0000000..ac65875 --- /dev/null +++ b/ANSIBLE/files/monitor.telos.digital/conf.d/notifications.conf @@ -0,0 +1,33 @@ +/** + * The example notification apply rules. + * + * Only applied if host/service objects have + * the custom variable `notification` defined + * and containing `mail` as key. + * + * Check `hosts.conf` for an example. + */ + +apply Notification "mail-icingaadmin" to Host { + import "mail-host-notification" + user_groups = host.vars.notification.mail.groups + users = host.vars.notification.mail.users + + //interval = 2h + + //vars.notification_logtosyslog = true + + assign where host.vars.notification.mail +} + +apply Notification "mail-icingaadmin" to Service { + import "mail-service-notification" + user_groups = host.vars.notification.mail.groups + users = host.vars.notification.mail.users + + //interval = 2h + + //vars.notification_logtosyslog = true + + assign where host.vars.notification.mail +} diff --git a/ANSIBLE/files/monitor.telos.digital/conf.d/services.conf b/ANSIBLE/files/monitor.telos.digital/conf.d/services.conf new file mode 100644 index 0000000..4c118d0 --- /dev/null +++ b/ANSIBLE/files/monitor.telos.digital/conf.d/services.conf @@ -0,0 +1,186 @@ +/* + * Service apply rules. + * + * The CheckCommand objects `ping4`, `ping6`, etc + * are provided by the plugin check command templates. + * Check the documentation for details. + * + * Tip: Use `icinga2 object list --type Service` to + * list all service objects after running + * configuration validation (`icinga2 daemon -C`). + */ + +/* + * This is an example host based on your + * local host's FQDN. Specify the NodeName + * constant in `constants.conf` or use your + * own description, e.g. "db-host-1". + */ + +/* + * These are generic `ping4` and `ping6` + * checks applied to all hosts having the + * `address` resp. `address6` attribute + * defined. + */ +apply Service "ping4" { + import "generic-service" + + check_command = "ping4" + + assign where host.vars.ping == true /* Only if the host has vars.ping = true */ +} + +apply Service "ping6" { + import "generic-service" + + check_command = "ping6" + + assign where host.address6 +} + +/* + * Apply the `ssh` service to all hosts + * with the `address` attribute defined and + * the custom variable `os` set to `Linux`. + */ +apply Service "ssh" { + import "generic-service" + + check_command = "ssh" + + assign where (host.address || host.address6) && host.vars.os == "Linux" +} + + + +apply Service for (http_vhost => config in host.vars.http_vhosts) { + import "generic-service" + + check_command = "http" + + vars += config +} + +apply Service for (disk => config in host.vars.disks) { + import "generic-service" + + check_command = "disk" + + vars += config +} + +apply Service "icinga" { + import "generic-service" + + check_command = "icinga" + + assign where host.name == NodeName +} + +apply Service "load" { + import "generic-service" + + check_command = "load" + + /* Used by the ScheduledDowntime apply rule in `downtimes.conf`. */ + vars.backup_downtime = "02:00-03:00" + + assign where host.name == NodeName +} + +apply Service "procs" { + import "generic-service" + + check_command = "procs" + + assign where host.name == NodeName +} + +/* COMMENTED OUT AS NO SWAP ON THIS TINY SERVER +*apply Service "swap" { +* import "generic-service" +* +* check_command = "swap" +* +* assign where host.name == NodeName +*} +*/ + +apply Service "users" { + import "generic-service" + + check_command = "users" + + assign where host.name == NodeName +} + +apply Service "https" { + import "generic-service" + check_command = "http" + + vars.http_ssl = true + vars.http_sni = true + vars.http_address = host.address + vars.http_port = 443 + vars.http_certificate = "20,7" + check_interval = 51m + retry_interval = 5m + max_check_attempts = 2 + + assign where "https-checked" in host.groups +} + +apply Service "ssl-cert-expiry" { + import "generic-service" + check_command = "ssl_cert" + + vars.ssl_cert_host = host.address + vars.ssl_cert_port = 443 + vars.ssl_cert_critical = 3 + vars.ssl_cert_warn = 7 + check_interval = 53m + retry_interval = 3m + max_check_attempts = 3 + assign where "https-checked" in host.groups +} + +apply Service "imap-cert-expiry" { + import "generic-service" + check_command = "ssl_cert" + vars.ssl_cert_host = host.address + vars.ssl_cert_port = 993 + vars.ssl_cert_critical = 3 + vars.ssl_cert_warn = 7 + check_interval = 13m + retry_interval = 3m + max_check_attempts = 3 + assign where "mail-server" in host.groups +} + +/* Not needed as mailserver using the same imap certificate for SMTP +apply Service "smtp-cert-expiry" { + import "generic-service" + check_command = "ssl_cert" + vars.ssl_cert_host = vars.smtp_host + vars.ssl_cert_port = 465 + vars.ssl_cert_critical = 3 + vars.ssl_cert_warn = 7 + check_interval = 13m + retry_interval = 3m + max_check_attempts = 3 + assign where "mail-server" in host.groups +} +*/ + +apply Service "mail_cert_check" { + import "generic-service" + check_command = "imap_ssl_cert" + + vars.imap_ssl_cert_host = host.name + vars.imap_ssl_cert_warn_days = 30 + vars.imap_ssl_cert_crit_days = 10 + + assign where "mail-server" in host.groups +} + diff --git a/ANSIBLE/files/monitor.telos.digital/conf.d/templates.conf b/ANSIBLE/files/monitor.telos.digital/conf.d/templates.conf new file mode 100644 index 0000000..5655e3f --- /dev/null +++ b/ANSIBLE/files/monitor.telos.digital/conf.d/templates.conf @@ -0,0 +1,83 @@ +/* + * Generic template examples. + */ + + +/** + * Provides default settings for hosts. By convention + * all hosts should import this template. + * + * The CheckCommand object `hostalive` is provided by + * the plugin check command templates. + * Check the documentation for details. + */ +template Host "generic-host" { + max_check_attempts = 3 + check_interval = 1m + retry_interval = 30s + + check_command = "hostalive" +} + +/** + * Provides default settings for services. By convention + * all services should import this template. + */ +template Service "generic-service" { + max_check_attempts = 5 + check_interval = 1m + retry_interval = 30s +} + +/** + * Provides default settings for users. By convention + * all users should inherit from this template. + */ + +template User "generic-user" { + +} + +/** + * Provides default settings for host notifications. + * By convention all host notifications should import + * this template. + */ +template Notification "mail-host-notification" { + command = "mail-host-notification" + + states = [ Up, Down ] + types = [ Problem, Acknowledgement, Recovery, Custom, + FlappingStart, FlappingEnd, + DowntimeStart, DowntimeEnd, DowntimeRemoved ] + + vars += { + // notification_icingaweb2url = "https://www.example.com/icingaweb2" + // notification_from = "Icinga 2 Host Monitoring " + notification_logtosyslog = false + } + + period = "24x7" +} + +/** + * Provides default settings for service notifications. + * By convention all service notifications should import + * this template. + */ +template Notification "mail-service-notification" { + command = "mail-service-notification" + + states = [ OK, Warning, Critical, Unknown ] + types = [ Problem, Acknowledgement, Recovery, Custom, + FlappingStart, FlappingEnd, + DowntimeStart, DowntimeEnd, DowntimeRemoved ] + + vars += { + // notification_icingaweb2url = "https://www.example.com/icingaweb2" + // notification_from = "Icinga 2 Service Monitoring " + notification_logtosyslog = false + } + + period = "24x7" +} diff --git a/ANSIBLE/files/monitor.telos.digital/conf.d/timeperiods.conf b/ANSIBLE/files/monitor.telos.digital/conf.d/timeperiods.conf new file mode 100644 index 0000000..ea162ff --- /dev/null +++ b/ANSIBLE/files/monitor.telos.digital/conf.d/timeperiods.conf @@ -0,0 +1,35 @@ +/** + * Sample timeperiods for Icinga 2. + * Check the documentation for details. + */ + +object TimePeriod "24x7" { + display_name = "Icinga 2 24x7 TimePeriod" + ranges = { + "monday" = "00:00-24:00" + "tuesday" = "00:00-24:00" + "wednesday" = "00:00-24:00" + "thursday" = "00:00-24:00" + "friday" = "00:00-24:00" + "saturday" = "00:00-24:00" + "sunday" = "00:00-24:00" + } +} + +object TimePeriod "9to5" { + display_name = "Icinga 2 9to5 TimePeriod" + ranges = { + "monday" = "09:00-17:00" + "tuesday" = "09:00-17:00" + "wednesday" = "09:00-17:00" + "thursday" = "09:00-17:00" + "friday" = "09:00-17:00" + } +} + +object TimePeriod "never" { + display_name = "Icinga 2 never TimePeriod" + ranges = { + } +} + diff --git a/ANSIBLE/files/monitor.telos.digital/conf.d/users.conf b/ANSIBLE/files/monitor.telos.digital/conf.d/users.conf new file mode 100644 index 0000000..aa31e27 --- /dev/null +++ b/ANSIBLE/files/monitor.telos.digital/conf.d/users.conf @@ -0,0 +1,17 @@ +/** + * The example user 'icingaadmin' and the example + * group 'icingaadmins'. + */ + +object User "icingaadmin" { + import "generic-user" + + display_name = "Icinga 2 Admin" + groups = [ "icingaadmins" ] + + email = "root@localhost" +} + +object UserGroup "icingaadmins" { + display_name = "Icinga 2 Admin Group" +} diff --git a/ANSIBLE/host_vars/eoq.telos.digital.yml b/ANSIBLE/host_vars/eoq.telos.digital.yml new file mode 100644 index 0000000..643f029 --- /dev/null +++ b/ANSIBLE/host_vars/eoq.telos.digital.yml @@ -0,0 +1,15 @@ + + site_name: eoq.telos.digital + site_root: /var/www/html + admin_email: peter.edmond@telos.digital + + php_version: 8.3 + +#These are not used but can be used to customise the php-fpm environment if required. + php_upload_max_filesize: 20M + php_post_max_size: 25M + php_memory_limit: 128M + php_max_execution_time: 60 + + + diff --git a/ANSIBLE/hosts b/ANSIBLE/hosts index 0f09528..e0d19a6 100644 --- a/ANSIBLE/hosts +++ b/ANSIBLE/hosts @@ -1,6 +1,8 @@ [web] monitor.telos.digital +[eoq] +eoq.telos.digital [monitor] monitor.telos.digital diff --git a/ANSIBLE/roles/httpd/tasks/main.yml b/ANSIBLE/roles/httpd/tasks/main.yml index dda83c1..a70e075 100644 --- a/ANSIBLE/roles/httpd/tasks/main.yml +++ b/ANSIBLE/roles/httpd/tasks/main.yml @@ -52,7 +52,7 @@ command: > certbot --apache -n --agree-tos --redirect -d {{ site_name }} - --email your-email@example.com + --email {{ admin_email }} args: creates: /etc/letsencrypt/live/{{ site_name }}/fullchain.pem diff --git a/ANSIBLE/roles/httpd_with_php/tasks/main.yml b/ANSIBLE/roles/httpd_with_php/tasks/main.yml index c09f86b..ff2ac2c 100644 --- a/ANSIBLE/roles/httpd_with_php/tasks/main.yml +++ b/ANSIBLE/roles/httpd_with_php/tasks/main.yml @@ -52,7 +52,7 @@ command: > certbot --apache -n --agree-tos --redirect -d {{ site_name }} - --email your-email@example.com + --email {{ admin_email }} args: creates: /etc/letsencrypt/live/{{ site_name }}/fullchain.pem