--- ### mgrote.docker-compose-deploy docker_compose_projects: - name: munin-master dir_name: docker-munin-master repository_url: git.mgrote.net/mg/docker-munin-master_production state: present os_username: mg - name: watchtower dir_name: docker-watchtower repository_url: git.mgrote.net/mg/docker-watchtower state: present os_username: mg - name: homer dir_name: docker-homer repository_url: git.mgrote.net/mg/docker-homer state: present os_username: mg - name: unifi-controller dir_name: docker-unifi-controller repository_url: git.mgrote.net/mg/docker-unifi-controller repository_user: mg repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}" state: present os_username: mg ### geerlingguy.munin-node munin_node_allowed_cidrs: [0.0.0.0/0] # weil der munin-server aus einem anderen subnet zugreift munin_node_allowed_ips: # weil der munin-server aus einem anderen subnet zugreift - '^127\.0\.0\.1$' - '^::1$' - ^0\.0\.0\.0$ ### oefenweb.ufw ufw_rules: # ist extra weil bei munin kein subnet angegeben ist - rule: allow to_port: 22 protocol: tcp comment: 'ssh' from_ip: 0.0.0.0/0 - rule: allow to_port: 4949 protocol: tcp comment: 'munin' from_ip: 0.0.0.0/0 ### mgrote.apt_manage_packages apt_packages_extra: - libwww-curl-perl # für munin-plugin: unifi - libjson-perl # für munin-plugin: unifi ### mgrote.munin-node munin_node_plugins: - name: chrony src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/chrony/chrony - name: systemd_status src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/systemd/systemd_status - name: lvm_ src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/disk/lvm_ config: | [lvm_*] user root - name: docker_containers src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/docker/docker_ config: | [docker_*] user root env.DOCKER_HOST unix://run/docker.sock - name: nextcloud_mgrote.next-cloud.org src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/nextcloud/nextcloud_ config: | [nextcloud_mgrote.next-cloud.org] env.username munin env.password {{ lookup('keepass', 'nextcloud_munin_user', 'password') }} env.api_path /ocs/v2.php/apps/serverinfo/api/v1/info env.scheme https - name: docker_cpu src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/docker/docker_ - name: docker_memory src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/docker/docker_ - name: docker_network src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/docker/docker_ - name: docker_volumes src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/docker/docker_ - name: mt_system_crs309 src: https://git.mgrote.net/mg/munin-plugins/raw/branch/master/mikrotik/mt_system config: | [mt_system_crs309] user root env.ssh_user munin env.ssh_password {{ lookup('keepass', 'crs309_munin_user', 'password') }} env.ssh_host 192.168.2.223 - name: mt_system_rb5009 src: https://git.mgrote.net/mg/munin-plugins/raw/branch/master/mikrotik/mt_system config: | [mt_system_rb5009] user root env.ssh_user munin env.ssh_password {{ lookup('keepass', 'rb5009_munin_user', 'password') }} env.ssh_host 192.168.2.1 - name: unifi src: https://git.mgrote.net/mg/munin-plugins/raw/branch/master/extern/unifi config: | [unifi*] # User name to login to unifi controller API. Default is "ubnt". Ideally, this should # point to a read-only account. env.user munin # Password to login to unifi controller API. Default is "ubnt" env.pass {{ lookup('keepass', 'unifi_munin_user', 'password') }} # URL of the API, with port if needed. No trailing slash. env.api_url https://docker2.grote.lan:8443 # Verify SSL certificate name against host. # Note: if using a default cloudkey certificate, this will fail unless you manually add it # to the local keystore. # Default is "yes" env.ssl_verify_host no # Verify Peer's SSL vertiicate. # Note: if using a default cloudkey certificate, this will fail # Default is "yes" env.ssl_verify_peer no # The human readable name of the unifi site - used for graph titles env.name Unifi # By default, Use standard munin well know categories - env.force_category unifi #--- # Show device CPU utilization env.enable_device_cpu yes # Show device memory usage env.enable_device_mem yes # Show device load average (switches and APs only) env.enable_device_load yes # Show device uptime env.enable_device_uptime yes # Show number of clients connected to each device env.enable_clients_device yes # Show detailed graphs for each device (per device graphs) env.enable_detail_clients_device yes # Show number of clients connected to each network type env.enable_clients_type yes # Show detailed graphs for each client type (per type graphs) env.enable_detail_clients_type yes # Show unauthorized / authorized client list # if you are not using the guest portal, this is useless env.show_authorized_clients_type yes # Show transfer statistics on switch ports env.enable_xfer_port yes # Show detailed graphs per switch port env.enable_detail_xfer_port yes # Hide ports that have no link (When set to no, unplugged ports will transfer 0, not be undefined) env.hide_empty_xfer_port no # Show transfer statistics per device env.enable_xfer_device no # Show detailed graphs for each device env.enable_detail_xfer_device yes # Show transfer statistics per named network env.enable_xfer_network no # Show detailed graphs for each named network env.enable_detail_xfer_network no # Show transfer statistics per radio env.enable_xfer_radio no # Show detailed graphs for each radio env.enable_detail_xfer_radio no ### mgrote.restic restic_folders_to_backup: /usr/local /etc /root /home /var/lib/docker