homeserver/roles/geerlingguy.munin-node
mg e794108547 Munin: fail2ban (#13)
entfernen Playbook erstellt

Typo

fail2ban eingebaut

Co-authored-by: Michael Grote <michael.grote@posteo.de>
Reviewed-on: mg/ansible#13
Co-Authored-By: mg <mg@noreply.git.mgrote.net>
Co-Committed-By: mg <mg@noreply.git.mgrote.net>
2021-03-04 16:31:50 +01:00
..
defaults Munin. weitere Plugins + Umbau (#8) 2021-02-27 17:46:29 +01:00
handlers Munin. weitere Plugins + Umbau (#8) 2021-02-27 17:46:29 +01:00
meta Munin. weitere Plugins + Umbau (#8) 2021-02-27 17:46:29 +01:00
tasks Munin. weitere Plugins + Umbau (#8) 2021-02-27 17:46:29 +01:00
templates Munin: fail2ban (#13) 2021-03-04 16:31:50 +01:00
README.md munin: zfs monitoring (#6) 2021-02-26 17:24:14 +01:00

Ansible Role: Munin Node

CI

Installs munin-node, a monitoring system endpoint, on RedHat/CentOS or Debian/Ubuntu Linux servers.

Requirements

If using RedHat/CentOS, make sure you have the EPEL repository installed prior to using this role (you can install it using the geerlingguy.repo-epel role).

Role Variables

Available variables are listed below, along with default values:

munin_node_bind_host: "*"
munin_node_bind_port: "4949"

The host and port to which munin-node will bind. Common host options are 127.0.0.1 (localhost), or * (bind to all IP addresses). 4949 is the default Munin port.

munin_node_host_name: ''

Set this explicitly if the munin master doesn't report the correct hostname when telnetting in to munin-node. In most cases, the default should work fine.

munin_node_allowed_ips:
  - '^127\.0\.0\.1$'
  - '^::1$'

A list of IP addresses formatted as a python-style regular expression. Must use single quotes to allow the proper regex escaping to pass through to the configuration file. Hosts with these IP addresses will be allowed to connect to the server and get detailed system stats via munin-node.

munin_node_allowed_cidrs: []

A list of IP networks in CIDR format, for instance 10.0.0.0/8. Hosts with an IP address in one of these networks will be allowed to connect to the server and get detailed system stats via munin-node.

munin_node_denied_cidrs: []

A list of IP networks in CIDR format, for instance 10.42.0.0/16. Hosts with an IP address in one of these networks will be denied access to the server. This takes precedence over munin_node_allowed_cidrs: an IP address that matches both a network in munin_node_allowed_cidrs and a network in munin_node_denied_cidrs will be denied access.

Munin Plugin Configuration

You can enable plugins using the munin_node_plugins list, like so:

munin_node_plugins:
  - name: uptime

If the name of the resulting plugin does not match the name of the munin plugin from which it is generated (as is the case, say, with the if_ plugin), you need to add a plugin field to the list item, like so:

munin_node_plugins:
  - name: if_eth0
    plugin: if_

Plugin settings

If you need to add plugin configuration for plugins you've added via munin_node_plugins, you can do so with a simple hashmap that has the plugin name (which will be the [plugin] section in the resulting configuration file), and a list of variable names and values. For example:

munin_node_config: {
  "ps_test": {
    "env.regex": "bash",
    "env.name": "bash"
  }
}

This configuration will generate a configuration file at /etc/munin/plugin-conf.d/ansible.conf with the following contents:

[ps_test]
env.regex bash
env.name bash

Install external plugins

You can install external plugins via munin_node_install_plugins. Those plugins can be copied from local files or downloaded. For example:

munin_node_install_plugins: []
  - src: files/munin/redis_
  - remote_src: https://raw.githubusercontent.com/ohitz/phpfpm-multi-munin-plugin/master/phpfpm-multi

Dependencies

None.

Example Playbook

- hosts: servers
  roles:
    - { role: geerlingguy.munin-node }

License

MIT / BSD

Author Information

This role was created in 2014 by Jeff Geerling, author of Ansible for DevOps.

Munin plugin configuration was added by Rafał Trójniak ansible-galaxy@trojniak.net.