--- ### oefenweb.ufw ufw_rules: - rule: allow to_port: 22 protocol: tcp comment: 'ssh' from_ip: 0.0.0.0/0 - rule: allow to_port: 80 protocol: tcp comment: 'munin' ### mgrote_restic restic_folders_to_backup: "/usr/local /etc /root /home /var/lib/munin" ### geerlingguy.apache apache_vhosts: # Additional optional properties: 'serveradmin, serveralias, extra_parameters'. - servername: "munin.mgrote.net" documentroot: "/var/cache/munin/www" ### mrlesmithjr.ansible-manage-lvm lvm_groups: - vgname: vg_munin disks: - /dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi1 create: true lvnames: - lvname: lv_munin size: +100%FREE create: true filesystem: xfs mount: true mntp: /var/lib/munin manage_lvm: true pvresize_to_max: true ### mgrote_munin_master munin_mode: cgi # or cron munin_mail_user: munin@mgrote.net munin_mail_server: "{{ postfix_smtp_server }}" munin_mail_port: "{{ 1025 }}" munin_mail_tls: false munin_enable_alerts: false munin_alerts_to: info@mgrote.net munin_hosts: - name: "{{ ansible_fqdn }}.mgrote.net" address: "127.0.0.1" extra: ["use_node_name yes"] - name: fileserver3.mgrote.net address: fileserver3.mgrote.net extra: ["use_node_name yes"] - name: pve5.mgrote.net address: pve5.mgrote.net extra: ["use_node_name yes"] - name: forgejo.mgrote.net address: forgejo.mgrote.net extra: ["use_node_name yes"] - name: docker10.mgrote.net address: docker10.mgrote.net extra: ["use_node_name yes"] - name: pbs.mgrote.net address: pbs.mgrote.net extra: ["use_node_name yes"] - name: blocky.mgrote.net address: blocky.mgrote.net extra: ["use_node_name yes"] ### mgrote_munin_node munin_node_bind_host: "127.0.0.1" munin_node_bind_port: "4949" munin_node_allowed_cidrs: [127.0.0.1] munin_node_plugins: - name: chrony src: https://git.mgrote.net/mirrors/munin-contrib/raw/branch/master/plugins/chrony/chrony - name: systemd_status src: https://git.mgrote.net/mirrors/munin-contrib/raw/branch/master/plugins/systemd/systemd_status - name: systemd_mem src: https://git.mgrote.net/mirrors/munin-contrib/raw/branch/master/plugins/systemd/systemd_mem config: | [systemd_mem] env.all_services true - name: fail2ban src: https://git.mgrote.net/mg/munin-plugins/raw/branch/master/extern/fail2ban config: | [fail2ban] env.client /usr/bin/fail2ban-client env.config_dir /etc/fail2ban user root - name: cpu_by_group src: https://git.mgrote.net/mirrors/munin-contrib/raw/branch/master/plugins/cpu/cpu_by_group config: | [cpu_by_group] user root - name: mikrotik_system_rb5009 src: https://git.mgrote.net/mirrors/munin-contrib/raw/branch/master/plugins/router/mikrotik_system config: | [mikrotik_system_rb5009] user root env.ssh_user munin env.ssh_password {{ lookup('viczem.keepass.keepass', 'mikrotik/routeros-munin-user-password', 'password') }} env.ssh_host 192.168.2.1 - name: mikrotik_system_crs305 src: https://git.mgrote.net/mirrors/munin-contrib/raw/branch/master/plugins/router/mikrotik_system config: | [mikrotik_system_crs305] user root env.ssh_user munin env.ssh_password {{ lookup('viczem.keepass.keepass', 'mikrotik/routeros-munin-user-password', 'password') }} env.ssh_host 192.168.2.225 - name: mikrotik_system_hex src: https://git.mgrote.net/mirrors/munin-contrib/raw/branch/master/plugins/router/mikrotik_system config: | [mikrotik_system_hex] user root env.ssh_user munin env.ssh_password {{ lookup('viczem.keepass.keepass', 'mikrotik/routeros-munin-user-password', 'password') }} env.ssh_host 192.168.3.144 - name: http_response src: https://git.mgrote.net/mirrors/munin-contrib/raw/branch/master/plugins/http/http_response config: | [http_response] env.sites https://git.mgrote.net https://docker10.mgrote.net:8443 http://munin.mgrote.net http://192.168.5.1 http://192.168.3.1 http://192.168.3.108:8080 http://192.168.3.204 http://docker10.mgrote.net:6483 https://miniflux.mgrote.net/ https://nextcloud.mgrote.net https://audio.mgrote.net/mg http://wiki.mgrote.net https://auth.mgrote.net http://docker10.mgrote.net:17170 env.max_time 20 env.short_label true env.follow_redirect true ### mgrote.apt_manage_packages apt_packages_extra: - sshpass # für munin: mikrotik_system