gsb/gsb2024
3
3
Fork 0
Code Issues 2 Pull Requests Packages Projects Releases 3 Wiki Activity

Reorg diverses

Browse Source
This commit is contained in:
Auguste Bedloe
2023-12-21 22:37:22 +01:00
parent 78da7eef67
commit 71d35bb498
58 changed files with 0 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
roles/old/apache2/handlers/main.yml Normal file
View File

@@ -0,0 +1,6 @@
---
- name: restart apache2
service: name=apache2 state=restarted
- name: restart mysql-server
service: name=mysql-server state=restarted

14
roles/old/apache2/tasks/main.yml Normal file
View File

@@ -0,0 +1,14 @@
---
- name: Update apt cache
apt: update_cache=yes cache_valid_time=3600
- name: Install required software
apt: name={{ item }} state=present
with_items:
- apache2
- mariadb-server
- php-mysql
- php
- libapache2-mod-php
- php-mcrypt
- python-mysqldb

117
roles/old/icinga/README.md Normal file
View File

@@ -0,0 +1,117 @@
# Instalation de NSClient++ sur la machine s-win
En premier lieu, installer Mozilla Firefox via Internet Explorer.
Une fois Mozilla intallé, installer NSClient++ avec ce lien: [NSClient++](https://nsclient.org/download/)
Puis choisir la version Windows
# Etapes de l'installation
Sur l'étape **Select monitoring tool**, sélectionner **Generic**.
Sur l'étape **Choose setup type**, sélectionner **Typical**.
Sur l'étape **NSClient++ Configuration:
```
Allowed hosts: 172.16.0.8
Password: root
```
Activer **check plugins, check_nt et check_nrpe**.
**Laisser NSCA client et web server désactivé**
Cocher la case **Insecure legacy mode**
Terminer l'installation.
# Modification des fichiers
Rendez vous dans le répertoire **C:\Programmes\NSClient++** puis ouvrez le fichier **nsclient** (celui avec un rouage).
Une fois ouvert, modifier tout le fichier avec ceci:
```
#If you want to fill this file with all available options run the following command:
#nscp settings --generate --add-defaults --load-all
#If you want to activate a module and bring in all its options use:
#nscp settings --activate-module <MODULE NAME> --add-defaults
#For details run: nscp settings --help
; in flight - TODO
[/settings/default]
; Undocumented key
password = root
; Undocumented key
allowed hosts = 172.16.0.8
; in flight - TODO
[/settings/NRPE/server]
; Undocumented key
verify mode = none
; Undocumented key
insecure = true
; in flight - TODO
[/modules]
; Undocumented key
CheckExternalScripts = enabled
; Undocumented key
CheckHelpers = enabled
; Undocumented key
CheckEventLog = enabled
; Undocumented key
CheckNSCP = enabled
; Undocumented key
CheckDisk = enabled
; Undocumented key
CheckSystem = enabled
; Undocumented key
NSClientServer = enabled
; Undocumented key
NRPEServer = enabled
```
Redémarrez le service NSClient++ via le **cmd**:
```
services.msc
```
Puis clique droit sur le service **NCLient++ Monitoring Agent** et appuyer sur **Redémarrer**
Retourner sur le serveur nagios puis écrire:
```
systemctl restart icinga
```
Les services de la machine **srv-2012** apparaissent en **OK**.

59
roles/old/icinga/files/cfg/contacts_icinga.cfg Normal file
View File

@@ -0,0 +1,59 @@
###############################################################################
# contacts.cfg
###############################################################################
###############################################################################
###############################################################################
#
# CONTACTS
#
###############################################################################
###############################################################################
# In this simple config file, a single contact will receive all alerts.
#define contact{
# contact_name root
# alias Root
# service_notification_period 24x7
# host_notification_period 24x7
# service_notification_options w,u,c,r
# host_notification_options d,r
# service_notification_commands notify-service-by-email
# host_notification_commands notify-host-by-email
# email root@localhost
# }
define contact{
contact_name admin
alias Administrateur
service_notification_period 24x7
host_notification_period 24x7
service_notification_options w,u,c,r
host_notification_options d,r
service_notification_commands notify-service-by-email
host_notification_commands notify-host-by-email
email icinga.ppe31@gmail.com
}
###############################################################################
###############################################################################
#
# CONTACT GROUPS
#
###############################################################################
###############################################################################
# We only have one contact in this simple configuration file, so there is
# no need to create more than one contact group.
define contactgroup{
contactgroup_name admins
alias Nagios Administrators
members admin
}

13
roles/old/icinga/files/cfg/extinfo_icinga.cfg Normal file
View File

@@ -0,0 +1,13 @@
##
## Extended Host and Service Information
##
define hostextinfo{
hostgroup_name debian-servers
notes Debian GNU/Linux servers
# notes_url http://webserver.localhost.localdomain/hostinfo.pl?host=netware1
icon_image base/debian.png
icon_image_alt Debian GNU/Linux
vrml_image debian.png
statusmap_image base/debian.gd2
}

19
roles/old/icinga/files/cfg/generic-host_icinga.cfg Normal file
View File

@@ -0,0 +1,19 @@
# Generic host definition template - This is NOT a real host, just a template!
define host{
name generic-host ; The name of this host template
notifications_enabled 1 ; Host notifications are enabled
event_handler_enabled 1 ; Host event handler is enabled
flap_detection_enabled 1 ; Flap detection is enabled
failure_prediction_enabled 1 ; Failure prediction is enabled
process_perf_data 1 ; Process performance data
retain_status_information 1 ; Retain status information across program restarts
retain_nonstatus_information 1 ; Retain non-status information across program restarts
check_command check-host-alive
max_check_attempts 10
notification_interval 0
notification_period 24x7
notification_options d,u,r
contact_groups admins
register 0 ; DONT REGISTER THIS DEFINITION - ITS NOT A REAL HOST, JUST A TEMPLATE!
}

26
roles/old/icinga/files/cfg/generic-service_icinga.cfg Normal file
View File

@@ -0,0 +1,26 @@
# generic service template definition
define service{
name generic-service ; The 'name' of this service template
active_checks_enabled 1 ; Active service checks are enabled
passive_checks_enabled 1 ; Passive service checks are enabled/accepted
parallelize_check 1 ; Active service checks should be parallelized (disabling this can lead to major performance problems)
obsess_over_service 1 ; We should obsess over this service (if necessary)
check_freshness 0 ; Default is to NOT check service 'freshness'
notifications_enabled 1 ; Service notifications are enabled
event_handler_enabled 1 ; Service event handler is enabled
flap_detection_enabled 1 ; Flap detection is enabled
failure_prediction_enabled 1 ; Failure prediction is enabled
process_perf_data 1 ; Process performance data
retain_status_information 1 ; Retain status information across program restarts
retain_nonstatus_information 1 ; Retain non-status information across program restarts
notification_interval 0 ; Only send notifications on status change by default.
is_volatile 0
check_period 24x7
normal_check_interval 5
retry_check_interval 1
max_check_attempts 4
notification_period 24x7
notification_options w,u,c,r
contact_groups admins
register 0 ; DONT REGISTER THIS DEFINITION - ITS NOT A REAL SERVICE, JUST A TEMPLATE!
}

14
roles/old/icinga/files/cfg/gwsio2.cfg Normal file
View File

@@ -0,0 +1,14 @@
# A simple configuration file for monitoring the local host
# This can serve as an example for configuring other servers;
# Custom services specific to this host are added here, but services
# defined in nagios2-common_services.cfg may also apply.
#
define host{
use generic-host ; Name of host template to use
host_name gwsio2
alias Passerelle
address 192.168.0.1
icon_image cook/linux_server.gif
statusmap_image cook/linux_server.gd2
}

75
roles/old/icinga/files/cfg/hostgroups_icinga.cfg Normal file
View File

@@ -0,0 +1,75 @@
# Some generic hostgroup definitions
define hostgroup {
hostgroup_name all
alias All Servers
members *
}
define hostgroup {
hostgroup_name localhost
alias Debian GNU/Linux Servers
members localhost
}
define hostgroup {
hostgroup_name debian-servers
alias Serveurs distant
members s-infra, s-proxy, r-int, r-ext, s-adm, s-itil, s-mess
}
define hostgroup { 
hostgroup_name ssh-servers
alias acces SSH
members s-adm, s-infra, s-proxy, r-int, r-ext, localhost, gwsio2, s-itil, s-mess, s-lb
}
define hostgroup { 
hostgroup_name dns-servers
alias serveurs-dns
members s-infra, srv-2012
}
define hostgroup { 
hostgroup_name dhcp-servers
alias serveurs-dhcp
members r-int, srv-2012
}
define hostgroup {
hostgroup_name http-servers
alias serveurs-web
members localhost, s-itil, s-adm
}
#define hostgroup {
# hostgroup_name email-servers
# alias serveurs-email
# members s-mess
# }
define hostgroup { 
hostgroup_name proxy-servers
alias serveurs-proxy
members s-proxy
}
define hostgroup{
hostgroup_name windows-servers
alias windows-servers
members srv-2012
}
define hostgroup{
hostgroup_name dns-win
alias dns-win
members srv-2012
}
define hostgroup{
hostgroup_name uptimegrp
alias uptimegrp
members s-infra, s-proxy, r-int, r-ext, s-adm, s-itil, s-mess, s-lb
}

60
roles/old/icinga/files/cfg/localhost_icinga.cfg Normal file
View File

@@ -0,0 +1,60 @@
# A simple configuration file for monitoring the local host
# This can serve as an example for configuring other servers;
# Custom services specific to this host are added here, but services
# defined in icinga-common_services.cfg may also apply.
#
define host{
use generic-host ; Name of host template to use
host_name localhost
alias localhost
address 127.0.0.1
parents gwsio2
}
# Define a service to check the disk space of the root partition
# on the local machine. Warning if < 20% free, critical if
# < 10% free space on partition.
define service{
use generic-service ; Name of service template to use
host_name localhost
service_description Disk Space
check_command check_all_disks!20%!10%
}
# Define a service to check the number of currently logged in
# users on the local machine. Warning if > 20 users, critical
# if > 50 users.
define service{
use generic-service ; Name of service template to use
host_name localhost
service_description Current Users
check_command check_users!20!50
}
# Define a service to check the number of currently running procs
# on the local machine. Warning if > 250 processes, critical if
# > 400 processes.
define service{
use generic-service ; Name of service template to use
host_name localhost
service_description Total Processes
check_command check_procs!250!400
}
# Define a service to check the load on the local machine.
define service{
use generic-service ; Name of service template to use
host_name localhost
service_description Current Load
check_command check_load!5.0!4.0!3.0!10.0!6.0!4.0
}

16
roles/old/icinga/files/cfg/netgear.cfg Normal file
View File

@@ -0,0 +1,16 @@
# A simple configuration file for monitoring the local host
# This can serve as an example for configuring other servers;
# Custom services specific to this host are added here, but services
# defined in nagios2-common_services.cfg may also apply.
#
define host{
use generic-host ; Name of host template to use
host_name netgear
alias switch
address 192.168.0.2
#parents gwsio4
icon_image cook/switch.gif
statusmap_image cook/switch.gd2
}

13
roles/old/icinga/files/cfg/r-ext.cfg Normal file
View File

@@ -0,0 +1,13 @@
# A simple configuration file for monitoring the local host
# This can serve as an example for configuring other servers;
# Custom services specific to this host are added here, but services
# defined in nagios2-common_services.cfg may also apply.
#
define host{
use generic-host ; Name of host template to use
host_name r-ext
alias Routeur externe
address 192.168.200.253
parents localhost
}

13
roles/old/icinga/files/cfg/r-int.cfg Normal file
View File

@@ -0,0 +1,13 @@
# A simple configuration file for monitoring the local host
# This can serve as an example for configuring other servers;
# Custom services specific to this host are added here, but services
# defined in nagios2-common_services.cfg may also apply.
#
define host{
use generic-host ; Name of host template to use
host_name r-int
alias Routeur interne
address 172.16.0.254
parents r-ext
}

14
roles/old/icinga/files/cfg/s-adm.cfg Normal file
View File

@@ -0,0 +1,14 @@
# A simple configuration file for monitoring the local host
# This can serve as an example for configuring other servers;
# Custom services specific to this host are added here, but services
# defined in nagios2-common_services.cfg may also apply.
#
define host{
use generic-host ; Name of host template to use
host_name s-adm
alias debian-servers
address 192.168.99.99
parents r-int
}

14
roles/old/icinga/files/cfg/s-infra.cfg Normal file
View File

@@ -0,0 +1,14 @@
# A simple configuration file for monitoring the local host
# This can serve as an example for configuring other servers;
# Custom services specific to this host are added here, but services
# defined in nagios2-common_services.cfg may also apply.
#
define host{
use generic-host ; Name of host template to use
host_name s-infra
alias debian-servers
address 172.16.0.1
parents r-int
}

14
roles/old/icinga/files/cfg/s-itil.cfg Normal file
View File

@@ -0,0 +1,14 @@
# A simple configuration file for monitoring the local host
# This can serve as an example for configuring other servers;
# Custom services specific to this host are added here, but services
# defined in nagios2-common_services.cfg may also apply.
#
define host{
use generic-host ; Name of host template to use
host_name s-itil
alias debian-servers
address 172.16.0.9
parents r-int
}

14
roles/old/icinga/files/cfg/s-lb.cfg Normal file
View File

@@ -0,0 +1,14 @@
# A simple configuration file for monitoring the local host
# This can serve as an example for configuring other servers;
# Custom services specific to this host are added here, but services
# defined in nagios2-common_services.cfg may also apply.
#
define host{
use generic-host ; Name of host template$
host_name s-lb
alias debian-servers
address 192.168.100.10
parents r-int
}

14
roles/old/icinga/files/cfg/s-mess.cfg Normal file
View File

@@ -0,0 +1,14 @@
# A simple configuration file for monitoring the local host
# This can serve as an example for configuring other servers;
# Custom services specific to this host are added here, but services
# defined in nagios2-common_services.cfg may also apply.
#
define host{
use generic-host ; Name of host template$
host_name s-mess
alias nextcloud
address 172.16.0.7
parents r-int
}

13
roles/old/icinga/files/cfg/s-proxy.cfg Normal file
View File

@@ -0,0 +1,13 @@
# A simple configuration file for monitoring the local host
# This can serve as an example for configuring other servers;
# Custom services specific to this host are added here, but services
# defined in nagios2-common_services.cfg may also apply.
#
define host{
use generic-host ; Name of host template to use
host_name s-proxy
alias serveur proxy
address 172.16.0.2
parents r-int
}

106
roles/old/icinga/files/cfg/services_icinga.cfg Normal file
View File

@@ -0,0 +1,106 @@
define service {
hostgroup_name http-servers
service_description HTTP
check_command check_http
use generic-service
notification_interval 0 ; set > 0 if you want to be renotified
}
define service {
hostgroup_name ssh-servers
service_description SSH
check_command check_ssh
use generic-service
notification_interval 0 ; set > 0 if you want to be renotified
}
define service{
use generic-service
hostgroup_name debian-servers
service_description Espace disque
check_command check_snmp_storage!public!--v2c!"^/$|tmp|usr|var"!90!95
}
define service{
use generic-service
hostgroup_name debian-servers
service_description Charge machine
check_command check_snmp_load!public!--v2c!netsl!2,1,1!3,2,2
}
define service{
use generic-service
hostgroup_name localhost
service_description Charge machine
check_command check_load!5.0!4.0!3.0!10.0!6.0!4.0
}
define service{
use generic-service
hostgroup_name debian-servers
service_description RAM
check_command check_snmp_mem!public!--v2c!-N!95,60!99,90
}
define service{
use generic-service
hostgroup_name windows-servers
service_description Version NSClient++
check_command check_nt!CLIENTVERSION
}
define service{
use generic-service
hostgroup_name windows-servers
service_description Charge CPU
check_command check_nt!CPULOAD!-l 5,80,90,15,80,90
}
define service{
use generic-service
hostgroup_name windows-servers
service_description Uptime
check_command check_nt!UPTIME
}
define service{
use generic-service
hostgroup_name windows-servers
service_description Mem Use
check_command check_nt!MEMUSE!80,90
}
define service{
use generic-service
hostgroup_name windows-servers
service_description Disk Space
check_command check_nt!USEDDISKSPACE!-l C!10,5
}
define service{
use generic-service
hostgroup_name dns-win
service_description Service DNS
check_command check_nt!SERVICESTATE!-l W32Time,"Client DNS"
}
define service{
use generic-service
hostgroup_name uptimegrp
service_description Uptime
check_command check_snmp!-C public -o 1.3.6.1.2.1.1.3.0
}
define service{
use generic-service
hostgroup_name dns-servers
service_description DNS Ext
check_command check_dns
}
#define service{
# use generic-service
# hostgroup_name dhcp-servers
# service_description Service DHCP
# check_command check_dhcp
#}

16
roles/old/icinga/files/cfg/srv-2012.cfg Normal file
View File

@@ -0,0 +1,16 @@
# A simple configuration file for monitoring the local host
# This can serve as an example for configuring other servers;
# Custom services specific to this host are added here, but services
# defined in nagios2-common_services.cfg may also apply.
#
define host{
use generic-host ; Name of host template to use
host_name srv-2012
alias windows-servers
address 172.16.0.6
parents r-int
icon_image base/win40.gif
statusmap_image base/win40.gd2
}

50
roles/old/icinga/files/cfg/timeperiods_icinga.cfg Normal file
View File

@@ -0,0 +1,50 @@
###############################################################################
# timeperiods.cfg
###############################################################################
# This defines a timeperiod where all times are valid for checks,
# notifications, etc. The classic "24x7" support nightmare. :-)
define timeperiod{
timeperiod_name 24x7
alias 24 Hours A Day, 7 Days A Week
sunday 00:00-24:00
monday 00:00-24:00
tuesday 00:00-24:00
wednesday 00:00-24:00
thursday 00:00-24:00
friday 00:00-24:00
saturday 00:00-24:00
}
# Here is a slightly friendlier period during work hours
define timeperiod{
timeperiod_name workhours
alias Standard Work Hours
monday 09:00-17:00
tuesday 09:00-17:00
wednesday 09:00-17:00
thursday 09:00-17:00
friday 09:00-17:00
}
# The complement of workhours
define timeperiod{
timeperiod_name nonworkhours
alias Non-Work Hours
sunday 00:00-24:00
monday 00:00-09:00,17:00-24:00
tuesday 00:00-09:00,17:00-24:00
wednesday 00:00-09:00,17:00-24:00
thursday 00:00-09:00,17:00-24:00
friday 00:00-09:00,17:00-24:00
saturday 00:00-24:00
}
# This one is a favorite: never :)
define timeperiod{
timeperiod_name never
alias Never
}
# end of file

643
roles/old/icinga/files/check_iftraffic3.pl Executable file
View File

@@ -0,0 +1,643 @@
#!/usr/bin/perl -w
#
# check_iftraffic.pl - Nagios(r) network traffic monitor plugin
# Copyright (C) 2004 Gerd Mueller / Netways GmbH
# $Id: check_iftraffic.pl 1119 2006-02-09 10:30:09Z gmueller $
#
# mw = Markus Werner mw+nagios@wobcom.de
# Remarks (mw):
#
# I adopted as much as possible the programming style of the origin code.
#
# There should be a function to exit this programm,
# instead of calling print and exit statements all over the place.
#
#
# minor changes by mw
# The snmp if_counters on net devices can have overflows.
# I wrote this code to address this situation.
# It has no automatic detection and which point the overflow
# occurs but it will generate a warning state and you
# can set the max value by calling this script with an additional
# arg.
#
# minor cosmetic changes by mw
# Sorry but I couldn't sustain to clean up some things.
#
# gj = Greg Frater gregATfraterfactory.com
# Remarks (gj):
# minor (gj):
#
# * fixed the performance data, formating was not to spec
# * Added a check of the interfaces status (up/down).
# If down the check returns a critical status.
# * Allow either textual or the numeric index value.
# * If the interface speed is not specified on the command line
# it gets it automatically from IfSpeed
# * Added option for second ifSpeed to allow for asymetrcal links
# such as a DSL line or cable modem where the download and upload
# speeds are different
# * Added -B option to display results in bits/sec instead of Bytes/sec
# * Added the current usage in Bytes/s (or bit/s) to the perfdata output
# * Added ability for plugin to determine interface to query by matching IP
# address of host with entry in ipAdEntIfIndex (.1.3.6.1.2.1.4.20.1.2)
# * Added -L flag to list entries found in the ipAdEntIfIndex table
# Otherwise, it works as before.
#
#
#
#
# based on check_traffic from Adrian Wieczorek, <ads (at) irc.pila.pl>
#
# Send us bug reports, questions and comments about this plugin.
# Latest version of this software: http://www.nagiosexchange.org
#
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307
use strict;
use Net::SNMP;
use Getopt::Long;
&Getopt::Long::config('bundling');
use Data::Dumper;
my $host_ip;
my $host_address;
my $iface_number;
my $iface_descr;
my $iface_speed;
my $iface_speedOut;
my $index_list;
my $opt_h;
my $units;
my $session;
my $error;
my $port = 161;
my $snmp_version = 1;
my @snmpoids;
# SNMP OIDs for Traffic
my $snmpIfOperStatus = '1.3.6.1.2.1.2.2.1.8';
my $snmpIfInOctets = '1.3.6.1.2.1.2.2.1.10';
my $snmpIfOutOctets = '1.3.6.1.2.1.2.2.1.16';
my $snmpIfDescr = '1.3.6.1.2.1.2.2.1.2';
my $snmpIfSpeed = '1.3.6.1.2.1.2.2.1.5';
my $snmpIPAdEntIfIndex = '1.3.6.1.2.1.4.20.1.2';
my $response;
# Path to tmp files
my $TRAFFIC_FILE = "/tmp/traffic";
# changes sos 20090717 UNKNOWN must bes 3
my %STATUS_CODE =
( 'UNKNOWN' => '3', 'OK' => '0', 'WARNING' => '1', 'CRITICAL' => '2' );
#default values;
my $state = "UNKNOWN";
my $if_status = '4';
my ( $in_bytes, $out_bytes ) = 0;
my $warn_usage = 85;
my $crit_usage = 98;
my $COMMUNITY = "public";
my $use_reg = undef; # Use Regexp for name
my $output = "";
my $bits = undef;
my $suffix = "Bs";
my $label = "MBytes";
#added 20050614 by mw
my $max_value;
my $max_bytes;
#cosmetic changes 20050614 by mw, see old versions for detail
# Added options for bits and second max ifspeed 20100202 by gj
# Added options for specificy IP addr to match 20100405 by gj
my $status = GetOptions(
"h|help" => \$opt_h,
'B' => \$bits,
'bits' => \$bits,
"C|community=s" => \$COMMUNITY,
"w|warning=s" => \$warn_usage,
"c|critical=s" => \$crit_usage,
"b|bandwidth|I|inBandwidth=i" => \$iface_speed,
"O|outBandwidth=i" => \$iface_speedOut,
'r' => \$use_reg,
'noregexp' => \$use_reg,
"p|port=i" => \$port,
"u|units=s" => \$units,
"i|interface=s" => \$iface_number,
"A|address=s" => \$host_ip,
"H|hostname=s" => \$host_address,
'L' => \$index_list,
'list' => \$index_list,
#added 20050614 by mw
"M|max=i" => \$max_value
);
if ( $status == 0 ) {
print_help();
exit $STATUS_CODE{'OK'};
}
# Changed 20091214 gj
# Check for missing options
#if ( ( !$host_address ) or ( !$iface_descr ) ) {
if ( !$host_address ) {
print "\nMissing host address!\n\n";
stop(print_usage(),"OK");
} elsif ( ( $iface_speed ) and ( !$units ) ){
print "\nMissing units!\n\n";
stop(print_usage(),"OK");
} elsif ( ( $units ) and ( ( !$iface_speed ) and ( !$iface_speedOut ) ) ) {
print "\nMissing interface maximum speed!\n\n";
stop(print_usage(),"OK");
} elsif ( ( $iface_speedOut ) and ( !$units ) ) {
print "\nMissing units for Out maximum speed!\n\n";
stop(print_usage(),"OK");
}
if ($bits) {
$suffix = "bs"
}
if ( !$iface_speed ) {
# Do nothing
}else{
#change 20050414 by mw
# Added iface_speedOut 20100202 by gj
# Convert interface speed to kiloBytes
$iface_speed = bits2bytes( $iface_speed, $units ) / 1024;
if ( $iface_speedOut ) {
$iface_speedOut = bits2bytes( $iface_speedOut, $units ) / 1024;
}
if ( !$max_value ) {
# If no -M Parameter was set, set it to 32Bit Overflow
$max_bytes = 4194304 ; # the value is (2^32/1024)
}
else {
$max_bytes = unit2bytes( $max_value, $units );
}
}
if ( $snmp_version =~ /[12]/ ) {
( $session, $error ) = Net::SNMP->session(
-hostname => $host_address,
-community => $COMMUNITY,
-port => $port,
-version => $snmp_version
);
if ( !defined($session) ) {
stop("UNKNOWN: $error","UNKNOWN");
}
}
elsif ( $snmp_version =~ /3/ ) {
$state = 'UNKNOWN';
stop("$state: No support for SNMP v3 yet\n",$state);
}
else {
$state = 'UNKNOWN';
stop("$state: No support for SNMP v$snmp_version yet\n",$state);
}
# Neither Interface Index nor Host IP address were specified
if ( !$iface_descr ) {
if ( !$host_ip ){
# try to resolve host name and find index from ip addr
$iface_descr = fetch_Ip2IfIndex( $session, $host_address );
} else {
# Use ip addr to find index
$iface_descr = fetch_Ip2IfIndex( $session, $host_ip );
}
}
#push( @snmpoids, $snmpIPAdEntIfIndex . "." . $host_address );
# Added 20091209 gj
# Detect if a string description was given or a numberic interface index number
if ( $iface_descr =~ /[^0123456789]+/ ) {
$iface_number = fetch_ifdescr( $session, $iface_descr );
}else{
$iface_number = $iface_descr;
}
push( @snmpoids, $snmpIfSpeed . "." . $iface_number );
push( @snmpoids, $snmpIfOperStatus . "." . $iface_number );
push( @snmpoids, $snmpIfInOctets . "." . $iface_number );
push( @snmpoids, $snmpIfOutOctets . "." . $iface_number );
if ( !defined( $response = $session->get_request(@snmpoids) ) ) {
my $answer = $session->error;
$session->close;
stop("WARNING: SNMP error: $answer\n", "WARNING");
}
# Added 20091209 gj
# Get interface speed from device if not provided on command line
# Convert to kiloBytes
if ( !$iface_speed ) {
$iface_speed = $response->{ $snmpIfSpeed . "." . $iface_number };
$units = "b";
$iface_speed = bits2bytes( $iface_speed, $units ) / 1024;
}
# Added 20100201 gj
# Check if Out max speed was provided, use same if speed for both if not
if (!$iface_speedOut) {
$iface_speedOut = $iface_speed;
}
$if_status = $response->{ $snmpIfOperStatus . "." . $iface_number };
$in_bytes = $response->{ $snmpIfInOctets . "." . $iface_number } / 1024; # in kiloBytes
$out_bytes = $response->{ $snmpIfOutOctets . "." . $iface_number } / 1024; # in kiloBytes
$session->close;
my $row;
my $last_check_time = time - 1;
my $last_in_bytes = $in_bytes;
my $last_out_bytes = $out_bytes;
if (
open( FILE,
"<" . $TRAFFIC_FILE . "_if" . $iface_number . "_" . $host_address
)
)
{
while ( $row = <FILE> ) {
#cosmetic change 20050416 by mw
#Couldn't sustain;-)
## chomp();
( $last_check_time, $last_in_bytes, $last_out_bytes ) =
split( ":", $row );
### by sos 17.07.2009 check for last_bytes
if ( ! $last_in_bytes ) { $last_in_bytes=$in_bytes; }
if ( ! $last_out_bytes ) { $last_out_bytes=$out_bytes; }
if ($last_in_bytes !~ m/\d/) { $last_in_bytes=$in_bytes; }
if ($last_out_bytes !~ m/\d/) { $last_out_bytes=$out_bytes; }
}
close(FILE);
}
my $update_time = time;
open( FILE, ">" . $TRAFFIC_FILE . "_if" . $iface_number . "_" . $host_address )
or die "Can't open $TRAFFIC_FILE for writing: $!";
printf FILE ( "%s:%.0ld:%.0ld\n", $update_time, $in_bytes, $out_bytes );
close(FILE);
my $db_file;
#added 20050614 by mw
#Check for and correct counter overflow (if possible).
#See function counter_overflow.
$in_bytes = counter_overflow( $in_bytes, $last_in_bytes, $max_bytes );
$out_bytes = counter_overflow( $out_bytes, $last_out_bytes, $max_bytes );
# Calculate traffic since last check (RX\TX) in kiloBytes
my $in_traffic = sprintf( "%.2lf",
( $in_bytes - $last_in_bytes ) / ( time - $last_check_time ) );
my $out_traffic = sprintf( "%.2lf",
( $out_bytes - $last_out_bytes ) / ( time - $last_check_time ) );
# sos 20090717 changed due to rrdtool needs bytes
my $in_traffic_absolut = $in_bytes * 1024 ;
my $out_traffic_absolut = $out_bytes * 1024;
# Calculate usage percentages
my $in_usage = sprintf( "%.2f", ( 1.0 * $in_traffic * 100 ) / $iface_speed );
my $out_usage = sprintf( "%.2f", ( 1.0 * $out_traffic * 100 ) / $iface_speedOut );
if ($bits) {
# Convert output from Bytes to bits
$in_bytes = $in_bytes * 8;
$out_bytes = $out_bytes * 8;
$in_traffic = $in_traffic * 8;
$out_traffic = $out_traffic * 8;
$label = "Mbits";
}
my $in_prefix = "K";
my $out_prefix = "K";
if ( $in_traffic > 1024 ) {
$in_traffic = sprintf( "%.2f", $in_traffic / 1024 );
$in_prefix = "M";
}
if ( $out_traffic > 1024 ) {
$out_traffic = sprintf( "%.2f", $out_traffic / 1024 );
$out_prefix = "M";
}
if ( $in_traffic > 1024 * 1024 ) {
$in_traffic = sprintf( "%.2f", $in_traffic / 1024 * 1024 );
$in_prefix = "G";
}
if ( $out_traffic > 1024 * 1024 ) {
$out_traffic = sprintf( "%.2f",$out_traffic / 1024 * 1024 );
$out_prefix = "G";
}
# Convert from kiloBytes to megaBytes
$in_bytes = sprintf( "%.2f", $in_bytes / 1024 );
$out_bytes = sprintf( "%.2f", $out_bytes / 1024 );
$state = "OK";
# Added 20091209 by gj
if ( $if_status != 1 ) {
$output = "Interface $iface_descr is down!";
}else{
$output =
"Average IN: "
. $in_traffic . $in_prefix . $suffix . " (" . $in_usage . "%), "
. "Average OUT: " . $out_traffic . $out_prefix . $suffix . " (" . $out_usage . "%)<br>";
$output .= "Total RX: $in_bytes $label, Total TX: $out_bytes $label";
}
# Changed 20091209 gj
if ( ( $in_usage > $crit_usage ) or ( $out_usage > $crit_usage ) or ( $if_status != 1 ) ) {
$state = "CRITICAL";
}
if ( ( $in_usage > $warn_usage )
or ( $out_usage > $warn_usage ) && $state eq "OK" )
{
$state = "WARNING";
}
# Changed 20091209 gj
$output = "$state - $output"
if ( $state ne "OK" );
# Changed 20091214 gj - commas should have been semi colons
$output .=
"|inUsage=$in_usage%;$warn_usage;$crit_usage outUsage=$out_usage%;$warn_usage;$crit_usage"
. " inBandwidth=" . $in_traffic . $in_prefix . $suffix . " outBandwidth=" . $out_traffic . $out_prefix . $suffix
. " inAbsolut=$in_traffic_absolut outAbsolut=$out_traffic_absolut";
stop($output, $state);
sub fetch_Ip2IfIndex {
my $state;
my $response;
my $snmpkey;
my $answer;
my $key;
my ( $session, $host ) = @_;
# Determine if we have a host name or IP addr
if ( $host =~ /\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}/ ){
#print "\nI found an IP address\n\n";
} else {
$host = get_ip ( $host );
#print "\nWe have a host name $host\n\n";
}
# Quit if results not found
if ( !defined( $response = $session->get_table($snmpIPAdEntIfIndex) ) ) {
$answer = $session->error;
$session->close;
$state = 'CRITICAL';
$session->close;
exit $STATUS_CODE{$state};
}
my %resp = %{$response};
# foreach $key ( keys %{$response} ) {
if ( $index_list ){
print ("\nInterfaces found:\n");
print (" IP Addr\tIndex\n");
print ("------------------------\n");
}
# Check each returned value
foreach $key ( keys %resp ) {
if ( $index_list ){
my $index_addr = substr $key, 21;
print ($index_addr,"\t ",$resp{$key},"\n");
}
# Check for ip address mathcin in returned index results
if ( $key =~ /$host$/ ) {
$snmpkey = $resp{$key};
}
}
unless ( defined $snmpkey ) {
$session->close;
$state = 'CRITICAL';
printf "$state: Could not match $host \n";
exit $STATUS_CODE{$state};
}
return $snmpkey;
}
sub fetch_ifdescr {
my $state;
my $response;
my $snmpkey;
my $answer;
my $key;
my ( $session, $ifdescr ) = @_;
if ( !defined( $response = $session->get_table($snmpIfDescr) ) ) {
$answer = $session->error;
$session->close;
$state = 'CRITICAL';
$session->close;
exit $STATUS_CODE{$state};
}
foreach $key ( keys %{$response} ) {
# added 20070816 by oer: remove trailing 0 Byte for Windows :-(
my $resp=$response->{$key};
$resp =~ s/\x00//;
my $test = defined($use_reg)
? $resp =~ /$ifdescr/
: $resp eq $ifdescr;
if ($test) {
###if ( $resp =~ /^$ifdescr$/ ) {
###if ( $resp =~ /$ifdescr/ ) {
### print "$resp \n";
###if ( $response->{$key} =~ /^$ifdescr$/ ) {
$key =~ /.*\.(\d+)$/;
$snmpkey = $1;
# print "$ifdescr = $key / $snmpkey \n"; #debug
}
}
unless ( defined $snmpkey ) {
$session->close;
$state = 'CRITICAL';
printf "$state: Could not match $ifdescr \n";
exit $STATUS_CODE{$state};
}
return $snmpkey;
}
#added 20050416 by mw
#Converts an input value to value in bits
sub bits2bytes {
return unit2bytes(@_) / 8;
}
#added 20050416 by mw
#Converts an input value to value in bytes
sub unit2bytes {
my ( $value, $unit ) = @_;
if ( $unit eq "g" ) {
return $value * 1024 * 1024 * 1024;
}
elsif ( $unit eq "m" ) {
return $value * 1024 * 1024;
}
elsif ( $unit eq "k" ) {
return $value * 1024;
}
elsif ( $unit eq "b" ) {
return $value * 1;
}
else {
print "You have to supply a supported unit\n";
exit $STATUS_CODE{'UNKNOWN'};
}
}
#added 20050414 by mw
#This function detects if an overflow occurs. If so, it returns
#a computed value for $bytes.
#If there is no counter overflow it simply returns the origin value of $bytes.
#IF there is a Counter reboot wrap, just use previous output.
sub counter_overflow {
my ( $bytes, $last_bytes, $max_bytes ) = @_;
$bytes += $max_bytes if ( $bytes < $last_bytes );
$bytes = $last_bytes if ( $bytes < $last_bytes );
return $bytes;
}
# Added 20100202 by gj
# Print results and exit script
sub stop {
my $result = shift;
my $exit_code = shift;
print $result . "\n";
exit ( $STATUS_CODE{$exit_code} );
}
# Added 20100405 by gj
# Lookup hosts ip address
sub get_ip {
use Net::DNS;
my ( $host_name ) = @_;
my $res = Net::DNS::Resolver->new;
my $query = $res->search($host_name);
if ($query) {
foreach my $rr ($query->answer) {
next unless $rr->type eq "A";
#print $rr->address, "\n";
return $rr->address;
}
} else {
stop("Error: IP address not resolved\n","UNKNOWN");
}
}
#cosmetic changes 20050614 by mw
#Couldn't sustain "HERE";-), either.
sub print_usage {
print <<EOU;
Usage: check_iftraffic3.pl -H host [ -C community_string ] [ -i if_index|if_descr ] [ -r ] [ -b if_max_speed_in | -I if_max_speed_in ] [ -O if_max_speed_out ] [ -u ] [ -B ] [ -A IP Address ] [ -L ] [ -M ] [ -w warn ] [ -c crit ]
Example 1: check_iftraffic3.pl -H host1 -C sneaky
Example 2: check_iftraffic3.pl -H host1 -C sneaky -i "Intel Pro" -r -B
Example 3: check_iftraffic3.pl -H host1 -C sneaky -i 5
Example 4: check_iftraffic3.pl -H host1 -C sneaky -i 5 -B -b 100 -u m
Example 5: check_iftraffic3.pl -H host1 -C sneaky -i 5 -B -b 20 -O 5 -u m
Example 6: check_iftraffic3.pl -H host1 -C sneaky -A 192.168.1.1 -B -b 100 -u m
Options:
-H, --host STRING or IPADDRESS
Check interface on the indicated host.
-B, --bits
Display results in bits per second b/s (default: Bytes/s)
-C, --community STRING
SNMP Community.
-r, --regexp
Use regexp to match NAME in description OID
-i, --interface STRING
Interface Name
-b, --bandwidth INTEGER
-I, --inBandwidth INTEGER
Interface maximum speed in kilo/mega/giga/bits per second. Applied to
both IN and OUT if no second (-O) max speed is provided.
-O, --outBandwidth INTEGER
Interface maximum speed in kilo/mega/giga/bits per second. Applied to
OUT traffic. Uses the same units value given for -b.
-u, --units STRING
g=gigabits/s,m=megabits/s,k=kilobits/s,b=bits/s. Required if -b, -I, or
-O are used.
-w, --warning INTEGER
% of bandwidth usage necessary to result in warning status (default: 85%)
-c, --critical INTEGER
% of bandwidth usage necessary to result in critical status (default: 98%)
-M, --max INTEGER
Max Counter Value of net devices in kilo/mega/giga/bytes.
-A, --address STRING (IP Address)
IP Address to use when determining the interface index to use. Can be
used when the index changes frequently or as in the case of Windows
servers the index is different depending on the NIC installed.
-L, --list FLAG (on/off)
Tell plugin to list available interfaces. This is not supported inside
of Nagios, but may be useful from the command line.
EOU
}

90
roles/old/icinga/files/commands.cfg Normal file
View File

@@ -0,0 +1,90 @@
###############################################################################
# COMMANDS.CFG - SAMPLE COMMAND DEFINITIONS FOR NAGIOS
###############################################################################
################################################################################
# NOTIFICATION COMMANDS
################################################################################
# 'notify-host-by-email' command definition
define command{
command_name notify-host-by-email
command_line /usr/bin/printf "%b" "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\nHost: $HOSTNAME$\nState: $HOSTSTATE$\nAddress: $HOSTADDRESS$\nInfo: $HOSTOUTPUT$\n\nDate/Time: $LONGDATETIME$\n" | /usr/bin/mail -s "** $NOTIFICATIONTYPE$ Host Alert: $HOSTNAME$ is $HOSTSTATE$ **" $CONTACTEMAIL$
}
# 'notify-service-by-email' command definition
define command{
command_name notify-service-by-email
command_line /usr/bin/printf "%b" "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\n\nService: $SERVICEDESC$\nHost: $HOSTALIAS$\nAddress: $HOSTADDRESS$\nState: $SERVICESTATE$\n\nDate/Time: $LONGDATETIME$\n\nAdditional Info:\n\n$SERVICEOUTPUT$\n" | /usr/bin/mail -s "** $NOTIFICATIONTYPE$ Service Alert: $HOSTALIAS$/$SERVICEDESC$ is $SERVICESTATE$ **" $CONTACTEMAIL$
}
################################################################################
# HOST CHECK COMMANDS
################################################################################
# On Debian, check-host-alive is being defined from within the
# nagios-plugins-basic package
define command{
command_name check_snmp_storage
command_line $USER1$/check_snmp_storage.pl -H $HOSTADDRESS$ -C $ARG1$ $ARG2$ -m $ARG3$ -w $ARG4$ -c $ARG5$
}
define command{
command_name check_snmp_load
command_line $USER1$/check_snmp_load.pl -H $HOSTADDRESS$ -C $ARG1$ $ARG2$ -T $ARG3$ -w $ARG4$ -c $ARG5$
}
define command{
command_name check_snmp_mem
command_line $USER1$/check_snmp_mem.pl -H $HOSTADDRESS$ -C $ARG1$ $ARG2$ $ARG3$ -w $ARG4$ -c $ARG5$
}
define command{
command_name check_snmp_int
command_line $USER1$/check_snmp_netint.pl -H $HOSTADDRESS$ -C $ARG1$ $ARG2$ -n $ARG3$ -a -m -k -M -w $ARG4$ -c $ARG5$
}
define command{
command_name check_iftraffic3
#command_name check_win_int
#command_line $USER1$/check_iftraffic3.pl -H $HOSTADDRESS$ -C $ARG1$
#command_line $USER1$/check_snmp_int.pl -H $HOSTADDRESS$ -C $ARG1$ $ARG2$ -n $ARG3$ -k -M -g -w $ARG4$ -c $ARG5$
command_line $USER1$/check_iftraffic3.pl -H $HOSTADDRESS$ -C $ARG1$ -i $ARG2$ -w $ARG3$ -c $ARG4$
}
define command{
command_name check_snmp
command_line $USER1$/check_snmp -H $HOSTADDRESS$ $ARG1$
}
###############################
##WINDOWS
###############################
define command{
command_name check_nt
command_line $USER1$/check_nt -H $HOSTADDRESS$ -s root -p 12489 -v $ARG1$ $ARG2$
}
################################################################################
# PERFORMANCE DATA COMMANDS
################################################################################
# 'process-host-perfdata' command definition
define command{
command_name process-host-perfdata
command_line /usr/bin/printf "%b" "$LASTHOSTCHECK$\t$HOSTNAME$\t$HOSTSTATE$\t$HOSTATTEMPT$\t$HOSTSTATETYPE$\t$HOSTEXECUTIONTIME$\t$HOSTOUTPUT$\t$HOSTPERFDATA$\n" >> /var/lib/nagios3/host-perfdata.out
}
# 'process-service-perfdata' command definition
define command{
command_name process-service-perfdata
command_line /usr/bin/printf "%b" "$LASTSERVICECHECK$\t$HOSTNAME$\t$SERVICEDESC$\t$SERVICESTATE$\t$SERVICEATTEMPT$\t$SERVICESTATETYPE$\t$SERVICEEXECUTIONTIME$\t$SERVICELATENCY$\t$SERVICEOUTPUT$\t$SERVICEPERFDATA$\n" >> /var/lib/nagios3/service-perfdata.out
}

59
roles/old/icinga/files/contacts_icinga.cfg Normal file
View File

@@ -0,0 +1,59 @@
###############################################################################
# contacts.cfg
###############################################################################
###############################################################################
###############################################################################
#
# CONTACTS
#
###############################################################################
###############################################################################
# In this simple config file, a single contact will receive all alerts.
#define contact{
# contact_name root
# alias Root
# service_notification_period 24x7
# host_notification_period 24x7
# service_notification_options w,u,c,r
# host_notification_options d,r
# service_notification_commands notify-service-by-email
# host_notification_commands notify-host-by-email
# email root@localhost
# }
define contact{
contact_name admin
alias Administrateur
service_notification_period 24x7
host_notification_period 24x7
service_notification_options w,u,c,r
host_notification_options d,r
service_notification_commands notify-service-by-email
host_notification_commands notify-host-by-email
email icinga.ppe31@gmail.com
}
###############################################################################
###############################################################################
#
# CONTACT GROUPS
#
###############################################################################
###############################################################################
# We only have one contact in this simple configuration file, so there is
# no need to create more than one contact group.
define contactgroup{
contactgroup_name admins
alias Nagios Administrators
members admin
}

11
roles/old/icinga/files/dns.cfg Normal file
View File

@@ -0,0 +1,11 @@
# 'check_dns' command definition
define command{
command_name check_dns
command_line /usr/lib/nagios/plugins/check_dns -H www.dfco.fr -s '$HOSTADDRESS$'
}
# 'check_dig' command definition
define command{
command_name check_dig
command_line /usr/lib/nagios/plugins/check_dig -H '$HOSTADDRESS$' -l '$ARG1$'
}

1494
roles/old/icinga/files/icinga.cfg Normal file
View File

File diff suppressed because it is too large Load Diff

27
roles/old/icinga/files/icinga.conf Normal file
View File

@@ -0,0 +1,27 @@
# apache configuration for icinga
ScriptAlias /cgi-bin/icinga /usr/lib/cgi-bin/icinga
# Where the stylesheets (config files) reside
Alias /icinga/stylesheets /etc/icinga/stylesheets
# Where the HTML pages live
Alias /icinga /usr/share/icinga/htdocs
<DirectoryMatch "^(?:/usr/share/icinga/htdocs|/usr/lib/cgi-bin/icinga|/etc/icinga/stylesheets)/">
Options FollowSymLinks
DirectoryIndex index.html
AllowOverride AuthConfig
# Require all granted
AuthName "Icinga Access"
AuthType Basic
AuthUserFile /etc/icinga/htpasswd.users
Require valid-user
</DirectoryMatch>
<Directory "/usr/share/javascript/">
Options FollowSymLinks MultiViews
</Directory>

15
roles/old/icinga/files/nt.cfg Normal file
View File

@@ -0,0 +1,15 @@
# If you are confused about this command definition, cause you was
# reading other suggestions, please have a look into
# /usr/share/doc/monitoring-plugins/README.Debian
# 'check_nt' command definition
#define command {
# command_name check_nt
# command_line /usr/lib/nagios/plugins/check_nt -H '$HOSTADDRESS$' -v '$ARG1$'
#}
# 'check_nscp' command definition
define command {
command_name check_nscp
command_line /usr/lib/nagios/plugins/check_nt -H '$HOSTADDRESS$' -p 12489 -v '$ARG1$'
}

106
roles/old/icinga/files/services_icinga.cfg Normal file
View File

@@ -0,0 +1,106 @@
define service {
hostgroup_name http-servers
service_description HTTP
check_command check_http
use generic-service
notification_interval 0 ; set > 0 if you want to be renotified
}
define service {
hostgroup_name ssh-servers
service_description SSH
check_command check_ssh
use generic-service
notification_interval 0 ; set > 0 if you want to be renotified
}
define service{
use generic-service
hostgroup_name debian-servers
service_description Espace disque
check_command check_snmp_storage!public!--v2c!"^/$|tmp|usr|var"!90!95
}
define service{
use generic-service
hostgroup_name debian-servers
service_description Charge machine
check_command check_snmp_load!public!--v2c!netsl!2,1,1!3,2,2
}
define service{
use generic-service
hostgroup_name localhost
service_description Charge machine
check_command check_load!5.0!4.0!3.0!10.0!6.0!4.0
}
define service{
use generic-service
hostgroup_name debian-servers
service_description RAM
check_command check_snmp_mem!public!--v2c!-N!95,60!99,90
}
define service{
use generic-service
hostgroup_name windows-servers
service_description Version NSClient++
check_command check_nt!CLIENTVERSION
}
define service{
use generic-service
hostgroup_name windows-servers
service_description Charge CPU
check_command check_nt!CPULOAD!-l 5,80,90,15,80,90
}
define service{
use generic-service
hostgroup_name windows-servers
service_description Uptime
check_command check_nt!UPTIME
}
define service{
use generic-service
hostgroup_name windows-servers
service_description Mem Use
check_command check_nt!MEMUSE!80,90
}
define service{
use generic-service
hostgroup_name windows-servers
service_description Disk Space
check_command check_nt!USEDDISKSPACE!-l C!10,5
}
define service{
use generic-service
hostgroup_name windows-servers
service_description Service DNS
check_command check_nt!SERVICESTATE!-l W32Time,"Client DNS"
}
define service{
use generic-service
hostgroup_name uptimegrp
service_description Uptime
check_command check_snmp!-C public -o 1.3.6.1.2.1.1.3.0
}
define service{
use generic-service
hostgroup_name dns-servers
service_description DNS Ext
check_command check_dns
}
#define service{
# use generic-service
# hostgroup_name dhcp-servers
# service_description Service DHCP
# check_command check_dhcp
#}

12
roles/old/icinga/handlers/main.yml Normal file
View File

@@ -0,0 +1,12 @@
---
- name: restart icinga
service: name=icinga state=restarted
- name: stop icinga
service: name=icinga state=stopped
- name: start icinga
service: name=icinga state=started
- name: restart apache
service: name=apache2 state=restarted

124
roles/old/icinga/tasks/main.yml Normal file
View File

@@ -0,0 +1,124 @@
---
- name: Installation apache2
apt:
name:
- apache2
- snmp
- icinga
- nagios-snmp-plugins
- python3-passlib
state: present
- name: Copie de fichier icinga.conf pour apache
copy: src=icinga.conf dest=/etc/apache2/sites-enabled/
notify:
- restart icinga
- name: Copier le fichier commands.cfg pour icinga
copy: src=commands.cfg dest=/etc/icinga/
notify:
- restart icinga
- name: Commente la ligne qui pose problème dans nt.cfg
copy: src=nt.cfg dest=/etc/nagios-plugins/config/
notify:
- restart icinga
- name: macro pour test hdd
replace:
dest: /etc/icinga/icinga.cfg
regexp: 'keep_unknown_macros=0'
replace: 'keep_unknown_macros=1'
backup : yes
notify:
- restart icinga
- name: python3 par defaut
alternatives:
link: /usr/bin/python
name: python
path: /usr/bin/python3
priority: 10
- name: Changement de mot de passe de icingaadmin
htpasswd:
path: /etc/icinga/htpasswd.users
name: icingaadmin
password: root
- name: Copie du fichier contact
copy: src=contacts_icinga.cfg dest=/etc/icinga/objects
- name: Copie du fichier s-infra s-proxy s-adm r-int r-ext srv-2012 gwsio2 s-test hostgroup
synchronize:
src: cfg/
dest: /etc/icinga/objects
notify:
- restart icinga
- name: attribution des droits dossier icinga
file:
path: /var/lib/icinga
owner: nagios
mode: 751
recurse: yes
notify:
- restart icinga
- name: attribution des droits dossier icinga rw
file:
path: /var/lib/icinga/rw
owner: nagios
mode: 2710
recurse: yes
notify:
- restart icinga
- name: activation des commandes externes
replace:
dest: /etc/icinga/icinga.cfg
regexp: 'check_external_commands=0'
replace: 'check_external_commands=1'
notify:
- restart icinga
- name: reconfiguration des droits avec dpkg statoverride
shell: dpkg-statoverride --update --force-all --add nagios www-data 2710 /var/lib/icinga/rw
- name: reconfiguration des droits avec dpkg statoverride
shell: dpkg-statoverride --update --force-all --add nagios nagios 751 /var/lib/icinga
- name: suppression de checkresults
file:
path: /var/lib/icinga/spool/checkresults
state: absent
- name: creation du dossier checkresults avec droits de lecture
file:
path: /var/lib/icinga/spool/checkresults
state: directory
owner: nagios
group: root
mode: '755'
#- name: Changement droit notif
# shell: chmod 644 /var/log/icinga/icinga.log
#- name: copie dns.cfg
# copy: remote_src=true src=dns.cfg dest=/etc/nagios-plugins/config
#- name: copie check traffic
# copy: src=check_iftraffic3.pl dest=/usr/lib/nagios/plugins
#- name: modif des droits plugin traffic
# shell: chmod 755 /usr/lib/nagios/plugins/check_iftraffic3.pl
- name: message d'information
debug: msg="Pour superviser le Windows, il faut installer NSClient++"
- name: redemarrage apache
service:
name: apache2
state: restarted

4
roles/old/mariadb-ab/README.md Normal file
View File

@@ -0,0 +1,4 @@
##Installation de s-lb-bd
Ce rôle installe mariadb avec python puis créer une base de données wordpress accessible depuis le réseau 192.168.102.0/24.

29
roles/old/mariadb-ab/_travis.yml Normal file
View File

@@ -0,0 +1,29 @@
---
language: python
python: "2.7"
# Use the new container infrastructure
sudo: false
# Install ansible
addons:
apt:
packages:
- python-pip
install:
# Install ansible
- pip install ansible
# Check ansible version
- ansible --version
# Create ansible.cfg with correct roles_path
- printf '[defaults]\nroles_path=../' >ansible.cfg
script:
# Basic role syntax check
- ansible-playbook tests/test.yml -i tests/inventory --syntax-check
notifications:
webhooks: https://galaxy.ansible.com/api/v1/notifications/

2
roles/old/mariadb-ab/defaults/main.yml Normal file
View File

@@ -0,0 +1,2 @@
---
# defaults file for mariadb

128
roles/old/mariadb-ab/files/my.cnf Normal file
View File

@@ -0,0 +1,128 @@
#
# The MySQL database server configuration file.
#
# You can copy this to one of:
# - "/etc/mysql/my.cnf" to set global options,
# - "~/.my.cnf" to set user-specific options.
#
# One can use all long options that the program supports.
# Run program with --help to get a list of available options and with
# --print-defaults to see which it would actually understand and use.
#
# For explanations see
# http://dev.mysql.com/doc/mysql/en/server-system-variables.html
# This will be passed to all mysql clients
# It has been reported that passwords should be enclosed with ticks/quotes
# escpecially if they contain "#" chars...
# Remember to edit /etc/mysql/debian.cnf when changing the socket location.
[client]
port = 3306
socket = /var/run/mysqld/mysqld.sock
# Here is entries for some specific programs
# The following values assume you have at least 32M ram
# This was formally known as [safe_mysqld]. Both versions are currently parsed.
[mysqld_safe]
socket = /var/run/mysqld/mysqld.sock
nice = 0
[mysqld]
#
# * Basic Settings
#
user = mysql
pid-file = /var/run/mysqld/mysqld.pid
socket = /var/run/mysqld/mysqld.sock
port = 3306
basedir = /usr
datadir = /var/lib/mysql
tmpdir = /tmp
lc-messages-dir = /usr/share/mysql
skip-external-locking
#
# Instead of skip-networking the default is now to listen only on
# localhost which is more compatible and is not less secure.
#bind-address = 127.0.0.1
#
# * Fine Tuning
#
key_buffer = 16M
max_allowed_packet = 16M
thread_stack = 192K
thread_cache_size = 8
# This replaces the startup script and checks MyISAM tables if needed
# the first time they are touched
myisam-recover = BACKUP
#max_connections = 100
#table_cache = 64
#thread_concurrency = 10
#
# * Query Cache Configuration
#
query_cache_limit = 1M
query_cache_size = 16M
#
# * Logging and Replication
#
# Both location gets rotated by the cronjob.
# Be aware that this log type is a performance killer.
# As of 5.1 you can enable the log at runtime!
#general_log_file = /var/log/mysql/mysql.log
#general_log = 1
#
# Error log - should be very few entries.
#
log_error = /var/log/mysql/error.log
#
# Here you can see queries with especially long duration
#slow_query_log_file = /var/log/mysql/mysql-slow.log
#slow_query_log = 1
#long_query_time = 2
#log_queries_not_using_indexes
#
# The following can be used as easy to replay backup logs or for replication.
# note: if you are setting up a replication slave, see README.Debian about
# other settings you may need to change.
#server-id = 1
#log_bin = /var/log/mysql/mysql-bin.log
expire_logs_days = 10
max_binlog_size = 100M
#binlog_do_db = include_database_name
#binlog_ignore_db = include_database_name
#
# * InnoDB
#
# InnoDB is enabled by default with a 10MB datafile in /var/lib/mysql/.
# Read the manual for more InnoDB related options. There are many!
#
# * Security Features
#
# Read the manual, too, if you want chroot!
# chroot = /var/lib/mysql/
#
# For generating SSL certificates I recommend the OpenSSL GUI "tinyca".
#
# ssl-ca=/etc/mysql/cacert.pem
# ssl-cert=/etc/mysql/server-cert.pem
# ssl-key=/etc/mysql/server-key.pem
[mysqldump]
quick
quote-names
max_allowed_packet = 16M
[mysql]
#no-auto-rehash # faster start of mysql but no tab completition
[isamchk]
key_buffer = 16M
#
# * IMPORTANT: Additional settings that can override those from this file!
# The files must end with '.cnf', otherwise they'll be ignored.
#
!includedir /etc/mysql/conf.d/

2
roles/old/mariadb-ab/handlers/main.yml Normal file
View File

@@ -0,0 +1,2 @@
---
# handlers file for mariadb

232
roles/old/mariadb-ab/meta/main.yml Normal file
View File

@@ -0,0 +1,232 @@
galaxy_info:
author: your name
description: your description
company: your company (optional)
# If the issue tracker for your role is not on github, uncomment the
# next line and provide a value
# issue_tracker_url: http://example.com/issue/tracker
# Some suggested licenses:
# - BSD (default)
# - MIT
# - GPLv2
# - GPLv3
# - Apache
# - CC-BY
license: license (GPLv2, CC-BY, etc)
min_ansible_version: 1.2
# Optionally specify the branch Galaxy will use when accessing the GitHub
# repo for this role. During role install, if no tags are available,
# Galaxy will use this branch. During import Galaxy will access files on
# this branch. If travis integration is cofigured, only notification for this
# branch will be accepted. Otherwise, in all cases, the repo's default branch
# (usually master) will be used.
#github_branch:
#
# Below are all platforms currently available. Just uncomment
# the ones that apply to your role. If you don't see your
# platform on this list, let us know and we'll get it added!
#
#platforms:
#- name: OpenBSD
# versions:
# - all
# - 5.6
# - 5.7
# - 5.8
# - 5.9
# - 6.0
# - 6.1
# - 6.2
#- name: Fedora
# versions:
# - all
# - 16
# - 17
# - 18
# - 19
# - 20
# - 21
# - 22
# - 23
# - 24
# - 25
# - 26
#- name: DellOS
# versions:
# - all
# - 10
# - 6
# - 9
#- name: MacOSX
# versions:
# - all
# - 10.10
# - 10.11
# - 10.12
# - 10.7
# - 10.8
# - 10.9
#- name: Synology
# versions:
# - all
# - any
#- name: Junos
# versions:
# - all
# - any
#- name: GenericBSD
# versions:
# - all
# - any
#- name: Void Linux
# versions:
# - all
# - any
#- name: GenericLinux
# versions:
# - all
# - any
#- name: NXOS
# versions:
# - all
# - any
#- name: macOS
# versions:
# - all
# - Sierra
#- name: IOS
# versions:
# - all
# - any
#- name: Amazon
# versions:
# - all
# - 2013.03
# - 2013.09
# - 2016.03
# - 2016.09
#- name: ArchLinux
# versions:
# - all
# - any
#- name: FreeBSD
# versions:
# - all
# - 10.0
# - 10.1
# - 10.2
# - 10.3
# - 11.0
# - 11.1
# - 8.0
# - 8.1
# - 8.2
# - 8.3
# - 8.4
# - 9.0
# - 9.1
# - 9.1
# - 9.2
# - 9.3
#- name: Ubuntu
# versions:
# - all
# - artful
# - lucid
# - maverick
# - natty
# - oneiric
# - precise
# - quantal
# - raring
# - saucy
# - trusty
# - utopic
# - vivid
# - wily
# - xenial
# - yakkety
# - zesty
#- name: Debian
# versions:
# - all
# - etch
# - jessie
# - lenny
# - sid
# - squeeze
# - stretch
# - wheezy
#- name: Alpine
# versions:
# - all
# - any
#- name: EL
# versions:
# - all
# - 5
# - 6
# - 7
#- name: Windows
# versions:
# - all
# - 2012R2
#- name: SmartOS
# versions:
# - all
# - any
#- name: opensuse
# versions:
# - all
# - 12.1
# - 12.2
# - 12.3
# - 13.1
# - 13.2
#- name: SLES
# versions:
# - all
# - 10SP3
# - 10SP4
# - 11
# - 11SP1
# - 11SP2
# - 11SP3
# - 11SP4
# - 12
# - 12SP1
#- name: GenericUNIX
# versions:
# - all
# - any
#- name: Solaris
# versions:
# - all
# - 10
# - 11.0
# - 11.1
# - 11.2
# - 11.3
#- name: eos
# versions:
# - all
# - Any
galaxy_tags: []
# List tags for your role here, one per line. A tag is
# a keyword that describes and categorizes the role.
# Users find roles by searching for tags. Be sure to
# remove the '[]' above if you add tags to this list.
#
# NOTE: A tag is limited to a single word comprised of
# alphanumeric characters. Maximum 20 tags per role.
dependencies: []
# List your role dependencies here, one per line.
# Be sure to remove the '[]' above if you add dependencies
# to this list.

42
roles/old/mariadb-ab/tasks/main.yml Normal file
View File

@@ -0,0 +1,42 @@
---
- name: Installation des paquets python-mysqldb mariadb-server
apt:
name:
- python3-mysqldb
- mariadb-server
- python3-passlib
- python3-pymysql
state: present
- name: python3 par defaut
alternatives:
link: /usr/bin/python
name: python
path: /usr/bin/python3
priority: 10
- name: Create mysql database
mysql_db:
name: "{{ maria_dbname }}"
state: present
login_unix_socket: /var/run/mysqld/mysqld.sock
- name: Creation de l'utilisateur mysql avec tous les privileges
mysql_user:
name: "{{ maria_dbuser }}"
password: "{{ maria_dbpasswd }}"
priv: '*.*:ALL,GRANT'
login_unix_socket: /var/run/mysqld/mysqld.sock
host: 192.168.102.%
# - ::1
# - localhost
- name: Copie du fichier my.cnf pour autorises toutes les adresses sur le port 3306
copy:
src: my.cnf
dest: /etc/mysql/
- name: Redemarrage du service mariadb
service:
name: mariadb
state: restarted

1
roles/old/mariadb-ab/tests/inventory Normal file
View File

@@ -0,0 +1 @@
localhost

5
roles/old/mariadb-ab/tests/test.yml Normal file
View File

@@ -0,0 +1,5 @@
---
- hosts: localhost
remote_user: root
roles:
- mariadb

2
roles/old/mariadb-ab/vars/main.yml Normal file
View File

@@ -0,0 +1,2 @@
---
# vars file for mariadb

4
roles/old/mariadb/README.md Normal file
View File

@@ -0,0 +1,4 @@
##Installation de s-lb-bd
Ce rôle installe mariadb avec python puis créer une base de données wordpress accessible depuis le réseau 192.168.102.0/24.

29
roles/old/mariadb/_travis.yml Normal file
View File

@@ -0,0 +1,29 @@
---
language: python
python: "2.7"
# Use the new container infrastructure
sudo: false
# Install ansible
addons:
apt:
packages:
- python-pip
install:
# Install ansible
- pip install ansible
# Check ansible version
- ansible --version
# Create ansible.cfg with correct roles_path
- printf '[defaults]\nroles_path=../' >ansible.cfg
script:
# Basic role syntax check
- ansible-playbook tests/test.yml -i tests/inventory --syntax-check
notifications:
webhooks: https://galaxy.ansible.com/api/v1/notifications/

2
roles/old/mariadb/defaults/main.yml Normal file
View File

@@ -0,0 +1,2 @@
---
# defaults file for mariadb

2
roles/old/mariadb/handlers/main.yml Normal file
View File

@@ -0,0 +1,2 @@
---
# handlers file for mariadb

232
roles/old/mariadb/meta/main.yml Normal file
View File

@@ -0,0 +1,232 @@
galaxy_info:
author: your name
description: your description
company: your company (optional)
# If the issue tracker for your role is not on github, uncomment the
# next line and provide a value
# issue_tracker_url: http://example.com/issue/tracker
# Some suggested licenses:
# - BSD (default)
# - MIT
# - GPLv2
# - GPLv3
# - Apache
# - CC-BY
license: license (GPLv2, CC-BY, etc)
min_ansible_version: 1.2
# Optionally specify the branch Galaxy will use when accessing the GitHub
# repo for this role. During role install, if no tags are available,
# Galaxy will use this branch. During import Galaxy will access files on
# this branch. If travis integration is cofigured, only notification for this
# branch will be accepted. Otherwise, in all cases, the repo's default branch
# (usually master) will be used.
#github_branch:
#
# Below are all platforms currently available. Just uncomment
# the ones that apply to your role. If you don't see your
# platform on this list, let us know and we'll get it added!
#
#platforms:
#- name: OpenBSD
# versions:
# - all
# - 5.6
# - 5.7
# - 5.8
# - 5.9
# - 6.0
# - 6.1
# - 6.2
#- name: Fedora
# versions:
# - all
# - 16
# - 17
# - 18
# - 19
# - 20
# - 21
# - 22
# - 23
# - 24
# - 25
# - 26
#- name: DellOS
# versions:
# - all
# - 10
# - 6
# - 9
#- name: MacOSX
# versions:
# - all
# - 10.10
# - 10.11
# - 10.12
# - 10.7
# - 10.8
# - 10.9
#- name: Synology
# versions:
# - all
# - any
#- name: Junos
# versions:
# - all
# - any
#- name: GenericBSD
# versions:
# - all
# - any
#- name: Void Linux
# versions:
# - all
# - any
#- name: GenericLinux
# versions:
# - all
# - any
#- name: NXOS
# versions:
# - all
# - any
#- name: macOS
# versions:
# - all
# - Sierra
#- name: IOS
# versions:
# - all
# - any
#- name: Amazon
# versions:
# - all
# - 2013.03
# - 2013.09
# - 2016.03
# - 2016.09
#- name: ArchLinux
# versions:
# - all
# - any
#- name: FreeBSD
# versions:
# - all
# - 10.0
# - 10.1
# - 10.2
# - 10.3
# - 11.0
# - 11.1
# - 8.0
# - 8.1
# - 8.2
# - 8.3
# - 8.4
# - 9.0
# - 9.1
# - 9.1
# - 9.2
# - 9.3
#- name: Ubuntu
# versions:
# - all
# - artful
# - lucid
# - maverick
# - natty
# - oneiric
# - precise
# - quantal
# - raring
# - saucy
# - trusty
# - utopic
# - vivid
# - wily
# - xenial
# - yakkety
# - zesty
#- name: Debian
# versions:
# - all
# - etch
# - jessie
# - lenny
# - sid
# - squeeze
# - stretch
# - wheezy
#- name: Alpine
# versions:
# - all
# - any
#- name: EL
# versions:
# - all
# - 5
# - 6
# - 7
#- name: Windows
# versions:
# - all
# - 2012R2
#- name: SmartOS
# versions:
# - all
# - any
#- name: opensuse
# versions:
# - all
# - 12.1
# - 12.2
# - 12.3
# - 13.1
# - 13.2
#- name: SLES
# versions:
# - all
# - 10SP3
# - 10SP4
# - 11
# - 11SP1
# - 11SP2
# - 11SP3
# - 11SP4
# - 12
# - 12SP1
#- name: GenericUNIX
# versions:
# - all
# - any
#- name: Solaris
# versions:
# - all
# - 10
# - 11.0
# - 11.1
# - 11.2
# - 11.3
#- name: eos
# versions:
# - all
# - Any
galaxy_tags: []
# List tags for your role here, one per line. A tag is
# a keyword that describes and categorizes the role.
# Users find roles by searching for tags. Be sure to
# remove the '[]' above if you add tags to this list.
#
# NOTE: A tag is limited to a single word comprised of
# alphanumeric characters. Maximum 20 tags per role.
dependencies: []
# List your role dependencies here, one per line.
# Be sure to remove the '[]' above if you add dependencies
# to this list.

15
roles/old/mariadb/tasks/main.yml Normal file
View File

@@ -0,0 +1,15 @@
---
# tasks file for mariadb
- name: Installation de python-mysqldb
apt: name=python-mysqldb state=present
- name: Installation de mariadb-server
apt: name=mariadb-server state=present
- name: Create mysql database
mysql_db: name={{ maria_dbname }} state=present
- name: Commenter la ligne
replace: dest=/etc/mysql/mariadb.conf.d/50-server.cnf
regexp='bind-address = 127.0.0.1'
replace='#bind-address = 127.0.0.1'

1
roles/old/mariadb/tests/inventory Normal file
View File

@@ -0,0 +1 @@
localhost

5
roles/old/mariadb/tests/test.yml Normal file
View File

@@ -0,0 +1,5 @@
---
- hosts: localhost
remote_user: root
roles:
- mariadb

2
roles/old/mariadb/vars/main.yml Normal file
View File

@@ -0,0 +1,2 @@
---
# vars file for mariadb

4
roles/old/mysql/defaults/main.yml Normal file
View File

@@ -0,0 +1,4 @@
---
wp_mysql_db: wordpress
wp_mysql_user: wp
wp_mysql_password: wp

3
roles/old/mysql/files/.my.cnf Normal file
View File

@@ -0,0 +1,3 @@
[client]
user=root
password=root

3
roles/old/mysql/handlers/main.yml Normal file
View File

@@ -0,0 +1,3 @@
---
- name: restart mysql-server
service: name=mysql-server state=restarted

13
roles/old/mysql/tasks/main.yml Normal file
View File

@@ -0,0 +1,13 @@
---
# - name: Create mysql database
# mysql_db: name={{ wp_mysql_db }} state=present
# - name: Create mysql user
# mysql_user:
# name={{ wp_mysql_user }}
# password={{ wp_mysql_password }}
# priv=*.*:ALL
# host=localhost
- name: copy .my.cnf file with root password credentials
copy: src=.my.cnf dest=/root/.my.cnf owner=root mode=0600

3
roles/old/php-fpm/handlers/main.yml Normal file
View File

@@ -0,0 +1,3 @@
---
- name: restart php7.0-fpm
service: name=php7.0-fpm state=restarted

9
roles/old/php-fpm/tasks/main.yml Normal file
View File

@@ -0,0 +1,9 @@
---
- name: Install php-fpm and deps
apt: name={{ item }} state=present
with_items:
- php
- php-fpm
- php-mysql
notify:
- restart php7.0-fpm

15
roles/old/php-fpm/templates/main.yml Normal file
View File

@@ -0,0 +1,15 @@
[wordpress]
listen = /var/run/php-fpm/wordpress.sock
listen.owner = apache2
listen.group = apache2
listen.mode = 0660
user = wordpress
group = wordpress
pm = dynamic
pm.max_children = 10
pm.start_servers = 1
pm.min_spare_servers = 1
pm.max_spare_servers = 3
pm.max_requests = 500
chdir = /srv/wordpress/
php_admin_value[open_basedir] = /srv/wordpress/:/tmp