2021-07-16 12:38:15 +02:00
|
|
|
---
|
2022-03-08 16:55:05 +01:00
|
|
|
### mgrote.apt_manage_packages
|
|
|
|
apt_packages_extra:
|
|
|
|
- libwww-curl-perl # für munin-plugin: unifi
|
|
|
|
- libjson-perl # für munin-plugin: unifi
|
|
|
|
- sshpass # fur munin mt_system_*
|
2021-07-16 12:38:15 +02:00
|
|
|
### mgrote.docker-compose-deploy
|
|
|
|
docker_compose_projects:
|
2021-07-19 20:18:48 +02:00
|
|
|
- name: watchtower
|
|
|
|
dir_name: docker-watchtower
|
|
|
|
repository_url: git.mgrote.net/mg/docker-watchtower
|
2022-03-08 16:55:05 +01:00
|
|
|
state: present
|
|
|
|
os_username: docker-user
|
2021-07-19 20:18:48 +02:00
|
|
|
repository_user: mg
|
|
|
|
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
|
2022-03-08 16:55:05 +01:00
|
|
|
- name: homer
|
|
|
|
dir_name: docker-homer
|
|
|
|
repository_url: git.mgrote.net/mg/docker-homer
|
2021-07-20 10:14:07 +02:00
|
|
|
state: present
|
2022-03-08 16:55:05 +01:00
|
|
|
os_username: docker-user
|
|
|
|
repository_user: mg
|
|
|
|
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
|
|
|
|
- name: munin-test
|
|
|
|
dir_name: docker-munin-test
|
2021-09-24 10:11:54 +02:00
|
|
|
repository_url: git.mgrote.net/mg/docker-munin-master_test
|
|
|
|
state: present
|
2022-03-08 16:55:05 +01:00
|
|
|
os_username: docker-user
|
|
|
|
repository_user: mg
|
|
|
|
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
|
2021-09-24 10:11:54 +02:00
|
|
|
### oefenweb.ufw
|
|
|
|
ufw_rules: # ist extra weil bei munin kein subnet angegeben ist
|
|
|
|
- rule: allow
|
|
|
|
to_port: 22
|
|
|
|
protocol: tcp
|
|
|
|
comment: 'ssh'
|
2021-10-06 10:18:23 +02:00
|
|
|
from_ip: 0.0.0.0/0
|
2021-09-24 10:11:54 +02:00
|
|
|
- rule: allow
|
|
|
|
to_port: 4949
|
|
|
|
protocol: tcp
|
|
|
|
comment: 'munin'
|
2021-10-06 10:18:23 +02:00
|
|
|
from_ip: 0.0.0.0/0
|
2022-03-08 16:55:05 +01:00
|
|
|
### geerlingguy.pip
|
|
|
|
pip_package: python3-pip
|
|
|
|
pip_install_packages:
|
|
|
|
- name: docker # für munin-plugin docker_
|
2022-06-12 22:24:12 +02:00
|
|
|
### mgrote.munin-node
|
2022-03-06 14:10:30 +01:00
|
|
|
munin_node_allowed_cidrs: [0.0.0.0/0] # weil der munin-server aus einem anderen subnet zugreift
|
|
|
|
munin_node_plugins:
|
|
|
|
- name: timesync
|
|
|
|
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/systemd/timesync_status
|
|
|
|
- name: systemd_status
|
|
|
|
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/systemd/systemd_status
|
2022-06-12 22:24:12 +02:00
|
|
|
- name: systemd_mem
|
|
|
|
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/systemd/systemd_mem
|
|
|
|
config: |
|
|
|
|
[systemd_mem]
|
|
|
|
env.all_services true
|
2022-03-06 14:10:30 +01:00
|
|
|
- name: lvm_
|
|
|
|
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/disk/lvm_
|
|
|
|
config: |
|
|
|
|
[lvm_*]
|
|
|
|
user root
|
|
|
|
- name: fail2ban
|
|
|
|
src: https://git.mgrote.net/mg/munin-plugins/raw/branch/master/extern/fail2ban
|
|
|
|
config: |
|
|
|
|
[fail2ban]
|
|
|
|
env.client /usr/bin/fail2ban-client
|
|
|
|
env.config_dir /etc/fail2ban
|
|
|
|
user root
|
|
|
|
- name: docker_containers
|
|
|
|
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/docker/docker_
|
|
|
|
config: |
|
|
|
|
[docker_*]
|
|
|
|
user root
|
|
|
|
env.DOCKER_HOST unix://run/docker.sock
|
|
|
|
- name: docker_cpu
|
|
|
|
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/docker/docker_
|
|
|
|
- name: docker_memory
|
|
|
|
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/docker/docker_
|
|
|
|
- name: docker_network
|
|
|
|
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/docker/docker_
|
|
|
|
- name: docker_volumes
|
|
|
|
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/docker/docker_
|
2022-09-03 19:59:02 +02:00
|
|
|
### mgrote.docker-compose-inline
|
|
|
|
compose_owner: "docker-user"
|
|
|
|
compose_group: "docker-user"
|
|
|
|
compose_file_permissions: "644"
|
|
|
|
compose_dir_permissions: "755"
|
|
|
|
compose_dest_basedir: "/docker"
|
|
|
|
compose_src_basedir: "{{ inventory_dir }}/docker-compose"
|
|
|
|
compose_files:
|
|
|
|
- name: hastebin
|
|
|
|
state: present
|
|
|
|
- name: ara
|
|
|
|
state: present
|