114 lines
3.7 KiB
YAML
114 lines
3.7 KiB
YAML
---
|
|
### oefenweb.ufw
|
|
ufw_rules:
|
|
- rule: allow
|
|
to_port: 22
|
|
protocol: tcp
|
|
comment: 'ssh'
|
|
from_ip: 0.0.0.0/0
|
|
- rule: allow
|
|
to_port: 80
|
|
protocol: tcp
|
|
comment: 'munin'
|
|
|
|
### mgrote_restic
|
|
restic_folders_to_backup: "/usr/local /etc /root /home /var/lib/munin"
|
|
|
|
### geerlingguy.apache
|
|
apache_vhosts:
|
|
# Additional optional properties: 'serveradmin, serveralias, extra_parameters'.
|
|
- servername: "munin.mgrote.net"
|
|
documentroot: "/var/cache/munin/www"
|
|
|
|
### mrlesmithjr.ansible-manage-lvm
|
|
lvm_groups:
|
|
- vgname: vg_munin
|
|
disks:
|
|
- /dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi1
|
|
create: true
|
|
lvnames:
|
|
- lvname: lv_munin
|
|
size: +100%FREE
|
|
create: true
|
|
filesystem: xfs
|
|
mount: true
|
|
mntp: /var/lib/munin
|
|
manage_lvm: true
|
|
pvresize_to_max: true
|
|
|
|
### mgrote_munin_master
|
|
munin_mode: cgi # or cron
|
|
munin_mail_user: munin@mgrote.net
|
|
munin_mail_server: "{{ postfix_smtp_server }}"
|
|
munin_mail_port: "{{ 1025 }}"
|
|
munin_mail_tls: false
|
|
munin_enable_alerts: false
|
|
munin_alerts_to: info@mgrote.net
|
|
|
|
munin_hosts:
|
|
- name: "{{ ansible_fqdn }}.mgrote.net"
|
|
address: "127.0.0.1"
|
|
extra: ["use_node_name yes"]
|
|
- name: fileserver3.mgrote.net
|
|
address: fileserver3.mgrote.net
|
|
extra: ["use_node_name yes"]
|
|
- name: pve5.mgrote.net
|
|
address: pve5.mgrote.net
|
|
extra: ["use_node_name yes"]
|
|
- name: forgejo.mgrote.net
|
|
address: forgejo.mgrote.net
|
|
extra: ["use_node_name yes"]
|
|
- name: docker10.mgrote.net
|
|
address: docker10.mgrote.net
|
|
extra: ["use_node_name yes"]
|
|
- name: pbs.mgrote.net
|
|
address: pbs.mgrote.net
|
|
extra: ["use_node_name yes"]
|
|
- name: blocky.mgrote.net
|
|
address: blocky.mgrote.net
|
|
extra: ["use_node_name yes"]
|
|
- name: ldap.mgrote.net
|
|
address: ldap.mgrote.net
|
|
extra: ["use_node_name yes"]
|
|
|
|
### mgrote_munin_node
|
|
munin_node_bind_host: "127.0.0.1"
|
|
munin_node_bind_port: "4949"
|
|
munin_node_allowed_cidrs: [127.0.0.1]
|
|
munin_node_plugins:
|
|
- name: mikrotik_system_rb5009
|
|
src: https://git.mgrote.net/mirrors/munin-contrib/raw/branch/master/plugins/router/mikrotik_system
|
|
config: |
|
|
[mikrotik_system_rb5009]
|
|
user root
|
|
env.ssh_user munin
|
|
env.ssh_password {{ lookup('viczem.keepass.keepass', 'routeros-munin-user-password', 'password') }}
|
|
env.ssh_host 192.168.2.1
|
|
- name: mikrotik_system_crs305
|
|
src: https://git.mgrote.net/mirrors/munin-contrib/raw/branch/master/plugins/router/mikrotik_system
|
|
config: |
|
|
[mikrotik_system_crs305]
|
|
user root
|
|
env.ssh_user munin
|
|
env.ssh_password {{ lookup('viczem.keepass.keepass', 'routeros-munin-user-password', 'password') }}
|
|
env.ssh_host 192.168.2.225
|
|
- name: mikrotik_system_hex
|
|
src: https://git.mgrote.net/mirrors/munin-contrib/raw/branch/master/plugins/router/mikrotik_system
|
|
config: |
|
|
[mikrotik_system_hex]
|
|
user root
|
|
env.ssh_user munin
|
|
env.ssh_password {{ lookup('viczem.keepass.keepass', 'routeros-munin-user-password', 'password') }}
|
|
env.ssh_host 192.168.3.144
|
|
- name: http_response
|
|
src: https://git.mgrote.net/mirrors/munin-contrib/raw/branch/master/plugins/http/http_response
|
|
config: |
|
|
[http_response]
|
|
env.sites https://git.mgrote.net http://ldap.mgrote.net:17170 https://docker10.mgrote.net:8443 https://registry.mgrote.net/ui/ http://munin.mgrote.net http://192.168.5.1 http://192.168.3.1 http://192.168.3.108:8080 http://192.168.3.204 http://docker10.mgrote.net:6483 https://miniflux.mgrote.net/ https://nextcloud.mgrote.net https://audio.mgrote.net/mg http://wiki.mgrote.net https://s3.mgrote.net
|
|
env.max_time 20
|
|
env.short_label true
|
|
env.follow_redirect true
|
|
|
|
### mgrote.apt_manage_packages
|
|
apt_packages_extra:
|
|
- sshpass # für munin: mikrotik_system
|