Skip to content
Snippets Groups Projects
Commit 88486110 authored by jurgenhaas's avatar jurgenhaas
Browse files

ansible-playbooks/general#85 Linting

parent ad73aed4
No related branches found
No related tags found
No related merge requests found
netdata_version: 'v1.15.0'
netdata_version: v1.15.0
netdata_force_reset: false
netdata_fluentd_buffer:
green: 75
red: 100
netdata_silent_alerts:
- 'softnet'
- 'tcp_listen'
- 'tcp_resets'
- 'udp_errors'
- softnet
- tcp_listen
- tcp_resets
- udp_errors
local:
host: '127.0.0.1'
port: '9200'
host: 127.0.0.1
port: 9200
cluster_health: True
cluster_stats: True
via_socket:
socket: '/run/haproxy/admin.sock'
socket: /run/haproxy/admin.sock
---
# file: roles/netdata/handlers/main.yml
- name: "Include NetData to Boot-List"
- name: Include NetData to Boot-List
command: update-rc.d netdata defaults
- name: "Restart NetData"
- name: Restart NetData
service:
name='netdata'
state='restarted'
- name: "Restart Apache"
- name: Restart Apache
service:
name='apache2'
state='restarted'
---
# file: roles/netdata/tasks/apache.yml
- name: "Enable Apache Status Module"
- name: Enable Apache Status Module
apache2_module:
name: 'status'
state: 'present'
name: status
state: present
notify: "Restart Apache"
- name: "Apache Status Site"
- name: Apache Status Site
template:
src: 'apache.conf'
dest: '/etc/apache2/sites-available/status{{ apache_conf_ext|default(".conf") }}'
owner: 'root'
group: 'root'
mode: '644'
src: apache.conf
dest: /etc/apache2/sites-available/status{{ apache_conf_ext|default(".conf") }}
owner: root
group: root
mode: 644
notify: "Restart Apache"
- name: "Enable Apache Status Site"
- name: Enable Apache Status Site
command: a2ensite status creates=/etc/apache2/sites-enabled/status{{ apache_conf_ext|default('.conf') }}
notify: "Restart Apache"
- name: "Weblog Module Configuration"
- name: Weblog Module Configuration
template:
src: 'web_log.conf'
dest: '/etc/netdata/python.d/web_log.conf'
owner: 'netdata'
group: 'netdata'
mode: '660'
src: web_log.conf
dest: /etc/netdata/python.d/web_log.conf
owner: netdata
group: netdata
mode: 660
- name: "Install Custom Alerts"
- name: Install Custom Alerts
template:
src: 'health/web_log.conf'
dest: '/etc/netdata/health.d/web_log.conf'
src: health/web_log.conf
dest: /etc/netdata/health.d/web_log.conf
notify:
- "Restart NetData"
---
# file: roles/netdata/tasks/configure.yml
- name: "Add User to Admins"
- name: Add User to Admins
user:
name: 'netdata'
groups: 'adm'
name: netdata
groups: adm
append: yes
- name: "Configure Registry"
- name: Configure Registry
ini_file:
dest: '/etc/netdata/netdata.conf'
dest: /etc/netdata/netdata.conf
create: yes
section: 'registry'
section: registry
option: '{{ item.option }}'
value: '{{ item.value }}'
with_items:
- option: 'enabled'
- option: enabled
value: '{{ (netdata_registry|default("pmon1") == inventory_hostname)|ternary("yes", "no") }}'
- option: 'registry to announce'
value: 'http://{{ netdata_registry|default("pmon1") }}:19999'
- option: registry to announce
value: http://{{ netdata_registry|default("pmon1") }}:19999
notify:
- "Restart NetData"
- name: "Configure NetData"
- name: Configure NetData
template:
src: '{{ item }}'
dest: '/etc/netdata/{{ item }}'
owner: 'netdata'
group: 'netdata'
mode: '644'
dest: /etc/netdata/{{ item }}
owner: netdata
group: netdata
mode: 644
backup: yes
with_items:
- 'health_alarm_notify.conf'
- 'python.d.conf'
- health_alarm_notify.conf
- python.d.conf
notify:
- "Restart NetData"
- name: "Configure Python Plugins"
- name: Configure Python Plugins
template:
src: '{{ item }}'
dest: '/etc/netdata/python.d/{{ item }}'
owner: 'netdata'
group: 'netdata'
mode: '644'
dest: /etc/netdata/python.d/{{ item }}
owner: netdata
group: netdata
mode: 644
backup: yes
with_items:
- 'httpcheck.conf'
- httpcheck.conf
notify:
- "Restart NetData"
- name: "Get a list of all health config files"
shell: 'ls /usr/lib/netdata/conf.d/health.d/*.conf -1'
- name: Get a list of all health config files
shell: ls /usr/lib/netdata/conf.d/health.d/*.conf -1
register: health_list
- name: "Remove all options that prevent clear notifications"
- name: Remove all options that prevent clear notifications
lineinfile:
path: '{{ item }}'
state: absent
regexp: 'no-clear-notification'
regexp: no-clear-notification
with_items: '{{ health_list.stdout_lines }}'
notify:
- "Restart NetData"
- name: "Patch Startup Script"
- name: Patch Startup Script
lineinfile:
dest: '/etc/init.d/netdata'
regexp: 'killproc -p \$\{PIDFILE\} \$DAEMON_PATH/\$DAEMON'
line: ' killproc -p ${PIDFILE} $DAEMON_PATH/$DAEMON && sleep 3'
dest: /etc/init.d/netdata
regexp: killproc -p \$\{PIDFILE\} \$DAEMON_PATH/\$DAEMON
line: killproc -p ${PIDFILE} $DAEMON_PATH/$DAEMON && sleep 3
when: ansible_lsb.major_release == '12'
- name: "Check if KSM is available"
- name: Check if KSM is available
stat: path='/sys/kernel/mm/ksm'
register: ksm
# Note: copy module doesn't work here because parent directory /sys
# is not writable, not even by root
- name: "Configure KSM"
- name: Configure KSM
shell: echo {{ item.value }} >/sys/kernel/mm/ksm/{{ item.file }}
with_items:
- file: 'run'
value: '1'
- file: 'sleep_millisecs'
value: '1000'
- file: run
value: 1
- file: sleep_millisecs
value: 1000
when: ksm.stat.exists
notify:
- "Restart NetData"
---
# file: roles/netdata/tasks/elasticsearch.yml
- name: "Configure ElasticSearch Plugin"
- name: Configure ElasticSearch Plugin
copy:
src: 'elasticsearch.conf'
dest: '/etc/netdata/python.d/elasticsearch.conf'
owner: 'netdata'
group: 'netdata'
mode: '660'
src: elasticsearch.conf
dest: /etc/netdata/python.d/elasticsearch.conf
owner: netdata
group: netdata
mode: 660
---
# file: roles/netdata/tasks/haproxy.yml
- name: "Add NetData User to HaProxy Group"
- name: Add NetData User to HaProxy Group
user:
name: 'netdata'
groups: 'haproxy'
name: netdata
groups: haproxy
append: yes
- name: "Configure HaProxy Plugin"
- name: Configure HaProxy Plugin
copy:
src: 'haproxy.conf'
dest: '/etc/netdata/python.d/haproxy.conf'
owner: 'netdata'
group: 'netdata'
mode: '660'
src: haproxy.conf
dest: /etc/netdata/python.d/haproxy.conf
owner: netdata
group: netdata
mode: 660
---
# file: roles/netdata/tasks/heartbeat.yml
- name: "Crontab for heartbeat"
- name: Crontab for heartbeat
cron:
name: 'Heartbeat'
job: '/usr/bin/curl -XPOST {{ netdata_alerta_webhook }}/heartbeat -H ''Authorization: Key {{ netdata_alerta_apikey }}'' -H ''Content-type: application/json'' -d ''{"origin":"{{ inventory_hostname }}","timeout":120,"tags":["environment:{{ netdata_alerta_environment|default(''production'') }}"]}'' >/dev/null 2>&1'
tags: 'cron'
name: Heartbeat
job: /usr/bin/curl -XPOST {{ netdata_alerta_webhook }}/heartbeat -H ''Authorization: Key {{ netdata_alerta_apikey }}'' -H ''Content-type: application/json'' -d ''{"origin":"{{ inventory_hostname }}","timeout":120,"tags":["environment:{{ netdata_alerta_environment|default(''production'') }}"]}'' >/dev/null 2>&1
tags:
- cron
---
# file: roles/netdata/tasks/install.yml
- name: "Clone NetData"
- name: Clone NetData
git:
accept_hostkey: true
repo: "https://github.com/netdata/netdata.git"
......@@ -13,37 +13,37 @@
notify:
- "Restart NetData"
- name: "Extract NetData Archive"
- name: Extract NetData Archive
unarchive:
src: '/opt/{{ netdata_local_archive }}.zip'
dest: '/opt'
src: /opt/{{ netdata_local_archive }}.zip
dest: /opt
remote_src: yes
register: netdata_extract
when: netdata_local_archive is defined
notify:
- "Restart NetData"
- name: "Install and configure NetData"
- name: Install and configure NetData
shell: ./netdata-installer.sh --dont-wait
args:
chdir: /opt/{{ netdata_local_archive|default('netdata') }}
when: netdata_clone.changed or netdata_extract.changed
- name: "Install Custom Charts"
- name: Install Custom Charts
template:
src: '{{ item }}.chart.sh'
dest: '/usr/libexec/netdata/charts.d/{{ item }}.chart.sh'
dest: /usr/libexec/netdata/charts.d/{{ item }}.chart.sh
with_items:
- 'fluentd_buffer'
- fluentd_buffer
notify:
- "Restart NetData"
- name: "Install Custom Alerts"
- name: Install Custom Alerts
template:
src: 'health/{{ item }}.conf'
dest: '/etc/netdata/health.d/{{ item }}.conf'
src: health/{{ item }}.conf
dest: /etc/netdata/health.d/{{ item }}.conf
with_items:
- 'fluentd_buffer'
- 'httpcheck'
- fluentd_buffer
- httpcheck
notify:
- "Restart NetData"
---
# file: roles/netdata/tasks/main.yml
- name: "NetData Role"
set_fact: role_netdata_started=true
tags: 'always'
- name: NetData Role
set_fact:
role_netdata_started: yes
tags:
- always
- block:
......@@ -33,4 +35,4 @@
- import_tasks: heartbeat.yml
when: netdata_heartbeat|default(true)
when: '"netdata" not in excluded_roles'
when: not excluded_roles or "netdata" not in excluded_roles
---
# file: roles/netdata/tasks/mysql.yml
- name: "Configure Plugin: MySQL"
- name: Configure Plugin: MySQL
replace:
dest: '/usr/lib/netdata/conf.d/python.d/mysql.conf'
regexp: '#[\s]*pass[\s]*:[\s]*'''''
replace: 'pass : ''{{ mysql_root_password|default("root") }}'''
dest: /usr/lib/netdata/conf.d/python.d/mysql.conf
regexp: #[\s]*pass[\s]*:[\s]*''''
replace: pass : ''{{ mysql_root_password|default("root") }}''
notify:
- "Restart NetData"
---
# file: roles/netdata/tasks/prepare.yml
- name: "Install required packages"
- name: Install required packages
apt:
pkg: '{{ packages }}'
state: 'present'
state: present
update_cache: yes
vars:
packages:
- 'zlib1g-dev'
- 'gcc'
- 'make'
- 'git'
- 'autoconf'
- 'autogen'
- 'automake'
- 'pkg-config'
- 'uuid-dev'
- 'python-dev'
- 'python-yaml'
- 'python3-dev'
- 'librsync-dev'
- zlib1g-dev
- gcc
- make
- git
- autoconf
- autogen
- automake
- pkg-config
- uuid-dev
- python-dev
- python-yaml
- python3-dev
- librsync-dev
- name: "Remove existing components"
- name: Remove existing components
file:
path: '{{ item }}'
state: 'absent'
state: absent
with_items:
- '/opt/{{ netdata_local_archive|default("netdata") }}'
- '/etc/netdata'
- '/etc/init.d/netdata'
- '/etc/logrotate.d/netdata'
- /opt/{{ netdata_local_archive|default("netdata") }}
- /etc/netdata
- /etc/init.d/netdata
- /etc/logrotate.d/netdata
when: netdata_force_reset
- name: "Ensure Directory"
- name: Ensure Directory
file:
path: '/etc/netdata/python.d'
state: 'directory'
path: /etc/netdata/python.d
state: directory
---
# file: roles/netdata/tasks/silent.yml
- name: "Make alerts silent"
- name: Make alerts silent
replace:
dest: '/usr/lib/netdata/conf.d/health.d/{{ item }}.conf'
regexp: ' to: .*$'
replace: ' to: silent'
dest: /usr/lib/netdata/conf.d/health.d/{{ item }}.conf
regexp: to: .*$
replace: to: silent
backup: yes
with_items: '{{ netdata_silent_alerts }}'
notify:
......
---
# file: roles/netdata/tasks/varnish.yml
- name: "Add NetData User to Varnish Group"
- name: Add NetData User to Varnish Group
user:
name: 'netdata'
groups: 'varnish'
name: netdata
groups: varnish
append: yes
......@@ -64,7 +64,7 @@ redirect: no
# priority: 60000 # [optional] the JOB's order on the dashboard
# retries: 60 # [optional] the JOB's number of restoration attempts
# timeout: 1 # [optional] the timeout when connecting, supports decimals (e.g. 0.5s)
# url: 'http[s]://host-ip-or-dns[:port][path]'
# url: http[s]://host-ip-or-dns[:port][path]
# # [required] the remote host url to connect to. If [:port] is missing, it defaults to 80
# # for HTTP and 443 for HTTPS. [path] is optional too, defaults to /
# redirect: yes # [optional] If the remote host returns 3xx status codes, the redirection url will be
......@@ -83,13 +83,13 @@ redirect: no
# Simple example:
#
# jira:
# url: 'https://jira.localdomain/'
# url: https://jira.localdomain/
# Complex example:
#
# cool_website:
# url: 'http://cool.website:8080/home'
# url: http://cool.website:8080/home
# status_accepted:
# - 200
# - 204
......@@ -101,8 +101,8 @@ redirect: no
{% if not item.disabled|default(false) and item.username is not defined %}
{{ item.name|to_uuid }}:
name: '{{ item.name }}'
url: '{{ item.url }}'
name: {{ item.name }}
url: {{ item.url }}
{% if item.regex is defined %}
regex: {{ item.regex|regex_escape() }}
{% endif %}
......@@ -119,8 +119,8 @@ redirect: no
{% if site.uptime is defined and not site.uptime.disabled|default(false) and site.apache_auth is not defined %}
{{ site.uptime.name|to_uuid }}:
name: '{{ site.uptime.name }}'
url: '{{ site.protocol|default('https') }}://{% if site.apache_auth is defined %}{{ site.apache_auth.user }}:{{ site.apache_auth.password }}@{% endif %}{{ site.domain }}{% if site.uptime.path is defined %}/{{ site.uptime.path }}{% endif %}'
name: {{ site.uptime.name }}
url: {{ site.protocol|default('https') }}://{% if site.apache_auth is defined %}{{ site.apache_auth.user }}:{{ site.apache_auth.password }}@{% endif %}{{ site.domain }}{% if site.uptime.path is defined %}/{{ site.uptime.path }}{% endif %}
{% if site.uptime.pollerParams|default(false) and site.uptime.pollerParams.body|default(false) %}
regex: {{ site.uptime.pollerParams.body|regex_escape() }}
{% endif %}
......@@ -134,8 +134,8 @@ redirect: no
{% if site.uptime is defined and not site.uptime.disabled|default(false) and site.apache_auth is not defined %}
{{ site.uptime.name|to_uuid }}:
name: '{{ site.uptime.name }}'
url: '{{ site.protocol|default('https') }}://{% if site.apache_auth is defined %}{{ site.apache_auth.user }}:{{ site.apache_auth.password }}@{% endif %}{{ site.domain }}{% if site.uptime.path is defined %}/{{ site.uptime.path }}{% endif %}'
name: {{ site.uptime.name }}
url: {{ site.protocol|default('https') }}://{% if site.apache_auth is defined %}{{ site.apache_auth.user }}:{{ site.apache_auth.password }}@{% endif %}{{ site.domain }}{% if site.uptime.path is defined %}/{{ site.uptime.path }}{% endif %}
{% if site.uptime.pollerParams|default(false) and site.uptime.pollerParams.body|default(false) %}
regex: {{ site.uptime.pollerParams.body|regex_escape() }}
{% endif %}
......
update_every: 5
local:
user: 'root'
password: '{{ mysql_root_password|default("root") }}'
host: '127.0.0.1'
port: '3306'
user: root
password: {{ mysql_root_password|default("root") }}
host: 127.0.0.1
port: 3306
apache_log:
name: 'apache'
path: '/var/log/apache2/access.log'
name: apache
path: /var/log/apache2/access.log
apache_ssl_log:
name: 'apache_ssl'
path: '/var/log/apache2/ssl_access.log'
name: apache_ssl
path: /var/log/apache2/ssl_access.log
apache_vhosts_log:
name: 'apache_vhosts'
path: '/var/log/apache2/other_vhosts_access.log'
name: apache_vhosts
path: /var/log/apache2/other_vhosts_access.log
{% for drupal in drupal_settings|default([]) %}
{% for drupal_domain in drupal.domains|default([]) %}
apache_log_{{ drupal_domain.domain|regex_replace('[\.\-]', '_') }}:
name: 'apache_{{ drupal_domain.domain|regex_replace('[\.\-]', '_') }}'
path: '{% if drupal.jail is defined %}{{ jailroot|default('/jails') }}/{{ drupal.jail.name }}{% endif %}/var/log/apache2/{{ drupal_domain.domain }}-access.log'
name: apache_{{ drupal_domain.domain|regex_replace('[\.\-]', '_') }}
path: {% if drupal.jail is defined %}{{ jailroot|default('/jails') }}/{{ drupal.jail.name }}{% endif %}/var/log/apache2/{{ drupal_domain.domain }}-access.log
{% endfor %}
{% endfor %}
{% for nextcloud in nextcloud_settings|default([]) %}
apache_log_{{ nextcloud.domain|regex_replace('[\.\-]', '_') }}:
name: 'apache_{{ nextcloud.domain|regex_replace('[\.\-]', '_') }}'
path: '{% if nextcloud.jail is defined %}{{ jailroot|default('/jails') }}/{{ nextcloud.jail.name }}{% endif %}/var/log/apache2/{{ nextcloud.domain }}-access.log'
name: apache_{{ nextcloud.domain|regex_replace('[\.\-]', '_') }}
path: {% if nextcloud.jail is defined %}{{ jailroot|default('/jails') }}/{{ nextcloud.jail.name }}{% endif %}/var/log/apache2/{{ nextcloud.domain }}-access.log
{% endfor %}
{% for matomo in matomo_settings|default([]) %}
apache_log_{{ matomo.domain|regex_replace('[\.\-]', '_') }}:
name: 'apache_{{ matomo.domain|regex_replace('[\.\-]', '_') }}'
path: '{% if matomo.jail is defined %}{{ jailroot|default('/jails') }}/{{ matomo.jail.name }}{% endif %}/var/log/apache2/{{ matomo.domain }}-access.log'
name: apache_{{ matomo.domain|regex_replace('[\.\-]', '_') }}
path: {% if matomo.jail is defined %}{{ jailroot|default('/jails') }}/{{ matomo.jail.name }}{% endif %}/var/log/apache2/{{ matomo.domain }}-access.log
{% endfor %}
{% for youtrack in youtrack_settings|default([]) %}
apache_log_{{ youtrack.domain|regex_replace('[\.\-]', '_') }}:
name: 'apache_{{ youtrack.domain|regex_replace('[\.\-]', '_') }}'
path: '{% if youtrack.jail is defined %}{{ jailroot|default('/jails') }}/{{ youtrack.jail.name }}{% endif %}/var/log/apache2/{{ youtrack.domain }}-access.log'
name: apache_{{ youtrack.domain|regex_replace('[\.\-]', '_') }}
path: {% if youtrack.jail is defined %}{{ jailroot|default('/jails') }}/{{ youtrack.jail.name }}{% endif %}/var/log/apache2/{{ youtrack.domain }}-access.log
{% endfor %}
{% for log in apache_logs|default([]) %}
apache_log_{{ log.name }}:
name: 'apache_{{ log.name }}'
path: '{{ log.file }}'
name: apache_{{ log.name }}
path: {{ log.file }}
{% endfor %}
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment