---
### oefenweb.ufw
ufw_rules:
  - rule: allow
    to_port: 22
    protocol: tcp
    comment: 'ssh'
    from_ip: 0.0.0.0/0
  - rule: allow
    to_port: 80
    protocol: tcp
    comment: 'munin'

### mgrote_restic
restic_folders_to_backup: "/usr/local /etc /root /home /var/lib/munin"

### geerlingguy.apache
apache_vhosts:
  # Additional optional properties: 'serveradmin, serveralias, extra_parameters'.
  - servername: "munin.mgrote.net"
    documentroot: "/var/cache/munin/www"

### mrlesmithjr.ansible-manage-lvm
lvm_groups:
  - vgname: vg_munin
    disks:
      - /dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi1
    create: true
    lvnames:
      - lvname: lv_munin
        size: +100%FREE
        create: true
        filesystem: xfs
        mount: true
        mntp: /var/lib/munin
manage_lvm: true
pvresize_to_max: true

###  mgrote_munin_master
munin_mode: cgi # or cron
munin_mail_user: munin@mgrote.net
munin_mail_server: "{{ postfix_smtp_server }}"
munin_mail_port: "{{ 1025 }}"
munin_mail_tls: false
munin_enable_alerts: false
munin_alerts_to: info@mgrote.net

munin_hosts:
  - name: "{{ ansible_fqdn }}.mgrote.net"
    address: "127.0.0.1"
    extra: ["use_node_name yes"]
  - name: fileserver3.mgrote.net
    address: fileserver3.mgrote.net
    extra: ["use_node_name yes"]
  - name: pve5.mgrote.net
    address: pve5.mgrote.net
    extra: ["use_node_name yes"]
  - name: forgejo.mgrote.net
    address: forgejo.mgrote.net
    extra: ["use_node_name yes"]
  - name: docker10.mgrote.net
    address: docker10.mgrote.net
    extra: ["use_node_name yes"]
  - name: pbs.mgrote.net
    address: pbs.mgrote.net
    extra: ["use_node_name yes"]
  - name: blocky.mgrote.net
    address: blocky.mgrote.net
    extra: ["use_node_name yes"]

### mgrote_munin_node
munin_node_bind_host: "127.0.0.1"
munin_node_bind_port: "4949"
munin_node_allowed_cidrs: [127.0.0.1]
munin_node_plugins:
  - name: mikrotik_system_rb5009
    src: https://git.mgrote.net/mirrors/munin-contrib/raw/branch/master/plugins/router/mikrotik_system
    config: |
        [mikrotik_system_rb5009]
        user root
        env.ssh_user munin
        env.ssh_password {{ lookup('viczem.keepass.keepass', 'mikrotik/routeros-munin-user-password', 'password') }}
        env.ssh_host 192.168.2.1
  - name: mikrotik_system_crs305
    src: https://git.mgrote.net/mirrors/munin-contrib/raw/branch/master/plugins/router/mikrotik_system
    config: |
        [mikrotik_system_crs305]
        user root
        env.ssh_user munin
        env.ssh_password {{ lookup('viczem.keepass.keepass', 'mikrotik/routeros-munin-user-password', 'password') }}
        env.ssh_host 192.168.2.225
  - name: mikrotik_system_hex
    src: https://git.mgrote.net/mirrors/munin-contrib/raw/branch/master/plugins/router/mikrotik_system
    config: |
        [mikrotik_system_hex]
        user root
        env.ssh_user munin
        env.ssh_password {{ lookup('viczem.keepass.keepass', 'mikrotik/routeros-munin-user-password', 'password') }}
        env.ssh_host 192.168.3.144
  - name: http_response
    src: https://git.mgrote.net/mirrors/munin-contrib/raw/branch/master/plugins/http/http_response
    config: |
      [http_response]
      env.sites https://git.mgrote.net https://docker10.mgrote.net:8443 https://rui.mgrote.net/ http://munin.mgrote.net http://192.168.5.1 http://192.168.3.1 http://192.168.3.108:8080 http://192.168.3.204 http://docker10.mgrote.net:6483 https://miniflux.mgrote.net/ https://nextcloud.mgrote.net https://audio.mgrote.net/mg http://wiki.mgrote.net https://s3.mgrote.net https://auth.mgrote.net http://docker10.mgrote.net:17170
      env.max_time 20
      env.short_label true
      env.follow_redirect true

### mgrote.apt_manage_packages
apt_packages_extra:
  - sshpass # für munin: mikrotik_system