Initial commit

Signed-off-by: Julien Riou <julien@riou.xyz>

templates/bacula/bacula-dir.conf.j2

@@ -0,0 +1,26 @@
+{{ ansible_managed | comment }}
+
+Director {
+  Name = {{ bacula_director_name }}
+  DIRport = 9101
+  QueryFile = "/etc/bacula/scripts/query.sql"
+  WorkingDirectory = "/var/lib/bacula"
+  PidDirectory = "/run/bacula"
+  Maximum Concurrent Jobs = 20
+  Password = "{{ bacula_director_password }}"
+  Messages = Daemon
+  DirAddress = {{ bacula_director_address | default('127.0.0.1') }}
+}
+
+Catalog {
+  Name = {{ bacula_catalog_name }}
+  dbname = "bacula"; dbuser = ""; dbpassword = ""
+}
+
+@/etc/bacula/conf.d/jobs.conf
+@/etc/bacula/conf.d/filesets.conf
+@/etc/bacula/conf.d/schedules.conf
+@/etc/bacula/conf.d/clients.conf
+@/etc/bacula/conf.d/messages.conf
+@/etc/bacula/conf.d/pools.conf
+@/etc/bacula/conf.d/storages.conf

templates/bacula/bacula-fd.conf.j2

@@ -0,0 +1,21 @@
+{{ ansible_managed | comment }}
+
+Director {
+  Name = {{ bacula_director_name }}
+  Password = "{{ bacula_filedaemon_password }}"
+}
+
+FileDaemon {
+  Name = {{ bacula_filedaemon_name }}
+  FDport = 9102
+  WorkingDirectory = /var/lib/bacula
+  Pid Directory = /run/bacula
+  Maximum Concurrent Jobs = 20
+  Plugin Directory = /usr/lib/bacula
+  FDAddress = {{ bacula_filedaemon_address | default('127.0.0.1') }}
+}
+
+Messages {
+  Name = Standard
+  director = {{ bacula_director_name }} = all, !skipped, !restored
+}

templates/bacula/bacula-sd.conf.j2

@@ -0,0 +1,31 @@
+{{ ansible_managed | comment }}
+
+Director {
+  Name = {{ bacula_director_name }}
+  Password = "{{ bacula_storage_password }}"
+}
+
+Storage {
+  Name = {{ bacula_storage_name }}
+  SDPort = 9103
+  WorkingDirectory = "/var/lib/bacula"
+  Pid Directory = "/var/run/bacula"
+  Maximum Concurrent Jobs = 20
+  SDAddress = {{ bacula_storage_address | default('127.0.0.1') }}
+}
+
+Device {
+  Name           = {{ bacula_device_name }}
+  Media Type     = File
+  Archive Device = {{ bacula_device_archive_device }}
+  LabelMedia     = yes
+  Random Access  = yes
+  AutomaticMount = yes
+  RemovableMedia = no
+  AlwaysOpen     = no
+}
+
+Messages {
+  Name = Standard
+  director = {{ bacula_director_name }} = all
+}

templates/bacula/bconsole.conf.j2

@@ -0,0 +1,8 @@
+{{ ansible_managed | comment }}
+
+Director {
+  Name = {{ bacula_director_name }}
+  DIRport = 9101
+  address = 127.0.0.1
+  Password = "{{ bacula_director_password }}"
+}

templates/bacula/conf.d/clients.conf.j2

@@ -0,0 +1,15 @@
+{{ ansible_managed | comment }}
+
+{% for client in bacula_clients %}
+Client {
+  Name = {{ client['name'] }}
+  Address = {{ client['address'] }}
+  FDPort = 9102
+  Catalog = {{ client['catalog'] }}
+  Password = "{{ client['password'] }}"
+  File Retention = {{ client['file_retention'] }}
+  Job Retention = {{ client['job_retention'] }}
+  AutoPrune = {{ client['autoprune'] }}
+}
+
+{% endfor %}

templates/bacula/conf.d/filesets.conf.j2

@@ -0,0 +1,32 @@
+{{ ansible_managed | comment }}
+
+{% for fileset in bacula_filesets %}
+FileSet {
+  Name = {{ fileset['name'] }}
+{% if 'include' in fileset %}
+  Include {
+{% if 'options' in fileset['include'] %}
+    Options {
+{% if 'signature' in fileset['include']['options'] %}
+      signature = {{ fileset['include']['options']['signature'] }}
+{% endif %}
+{% if 'compression' in fileset['include']['options'] %}
+      compression = {{ fileset['include']['options']['compression'] }}
+{% endif %}
+    }
+{% endif %}
+{% for file in fileset['include']['files'] | default([]) | sort %}
+    File = "{{ file }}"
+{% endfor %}
+  }
+{% endif %}
+{% if 'exclude' in fileset %}
+  Exclude {
+{% for file in fileset['exclude']['files'] | default([]) | sort %}
+    File = "{{ file }}"
+{% endfor %}
+  }
+{% endif %}
+}
+
+{% endfor %}

templates/bacula/conf.d/jobs.conf.j2

@@ -0,0 +1,60 @@
+{{ ansible_managed | comment }}
+
+JobDefs {
+  Name      = BackupDefaults
+  Type      = Backup
+  Storage   = {{ bacula_storage_name }}
+  Schedule  = DefaultSchedule
+  Priority  = 10
+  Messages  = Standard
+  Pool      = FullFile
+  Full          Backup Pool = FullFile
+  Differential  Backup Pool = DiffFile
+  Incremental   Backup Pool = IncrFile
+}
+
+{% for job in bacula_jobs %}
+Job {
+  Name                = {{ job['name'] }}
+  JobDefs             = BackupDefaults
+  Client              = {{ job['client'] }}
+  FileSet             = {{ job['fileset'] }}
+{% if 'priority' in job %}
+  Priority            = {{ job['priority'] }}
+{% endif %}
+{% if 'level' in job %}
+  Level               = {{ job['level'] }}
+{% endif %}
+{% if 'schedule' in job %}
+  Schedule            = {{ job['schedule'] }}
+{% endif %}
+{% if 'run_before_job' in job %}
+  RunBeforeJob        = "{{ job['run_before_job'] }}"
+{% endif %}
+{% if 'run_after_job' in job %}
+  RunAfterJob         = "{{ job['run_after_job'] }}"
+{% endif %}
+{% if 'client_run_before_job' in job %}
+  ClientRunBeforeJob  = "{{ job['client_run_before_job'] }}"
+{% endif %}
+{% if 'client_run_after_job' in job %}
+  ClientRunAfterJob   = "{{ job['client_run_after_job'] }}"
+{% endif %}
+{% if 'pool' in job %}
+  Pool                = {{ job['pool'] }}
+{% endif %}
+{% if 'storage' in job %}
+  Storage             = {{ job['storage'] }}
+{% endif %}
+{% if 'messages' in job %}
+  Messages            = {{ job['messages'] }}
+{% endif %}
+{% if 'where' in job %}
+  Where               = {{ job['where'] }}
+{% endif %}
+{% if 'type' in job %}
+  Type                = {{ job['type'] }}
+{% endif %}
+}
+
+{% endfor %}

templates/bacula/conf.d/messages.conf.j2

@@ -0,0 +1,22 @@
+Messages {
+  Name = Standard
+{% if bacula_email_address is defined %}
+  mailcommand = "/usr/bin/mail -r \"Bacula \<%r\>\" -s \"Bacula: %t %e of %c %l\" %r"
+  operatorcommand = "/usr/bin/mail -r \"Bacula \<%r\>\" -s \"Bacula: Intervention needed for %j\" %r"
+  mail on error = {{ bacula_email_address }} = all, !skipped, !terminate
+{% endif %}
+  operator = root = mount
+  console = all, !skipped, !saved
+  append = "/var/log/bacula/bacula.log" = all, !skipped
+  catalog = all
+}
+
+Messages {
+  Name = Daemon
+{% if bacula_email_address is defined %}
+  mailcommand = "/usr/bin/mail -r \"Bacula \<%r\>\" -s \"Bacula daemon message\" %r"
+  mail on error = {{ bacula_email_address }} = all, !skipped, !terminate
+{% endif %}
+  console = all, !skipped, !saved
+  append = "/var/log/bacula/bacula.log" = all, !skipped
+}

templates/bacula/conf.d/pools.conf.j2

@@ -0,0 +1,16 @@
+{{ ansible_managed | comment }}
+
+{% for pool in bacula_pools | default([]) %}
+Pool {
+  Name                  = {{ pool['name'] }}
+  Pool Type             = {{ pool['pool_type'] }}
+  Recycle               = {{ pool['recycle'] }}
+  AutoPrune             = {{ pool['auto_prune'] }}
+  Volume Retention      = {{ pool['volume_retention'] }}
+  Storage               = {{ pool['storage'] }}
+  Maximum Volume Bytes  = {{ pool['maximum_volume_bytes'] }}
+  Maximum Volumes       = {{ pool['maximum_volumes'] }}
+  LabelFormat           = "{{ pool['labelformat'] }}"
+}
+
+{% endfor %}

templates/bacula/conf.d/schedules.conf.j2

@@ -0,0 +1,11 @@
+{{ ansible_managed | comment }}
+
+{% for schedule in bacula_schedules | default([]) %}
+Schedule {
+  Name  = {{ schedule['name'] }}
+{% for run in schedule['runs'] %}
+  Run   = {% for k, v in run.get('job_overrides', {}).items() %}{{ k }}={{ v }} {% endfor %} {{ run['datetime'] }}
+{% endfor %}
+}
+
+{% endfor %}

templates/bacula/conf.d/storages.conf.j2

@@ -0,0 +1,12 @@
+{{ ansible_managed | comment }}
+
+{% for storage in bacula_storages | default([]) %}
+Storage {
+  Name = {{ storage['name'] }}
+  Address = {{ storage['address'] }}
+  Password = "{{ storage['password'] }}"
+  Device = {{ storage['device'] }}
+  Media Type = {{ storage['media_type'] }}
+}
+
+{% endfor %}

templates/hostname/hosts.j2

@@ -0,0 +1,7 @@
+{{ ansible_managed | comment }}
+127.0.0.1       localhost
+::1             ip6-localhost ip6-loopback
+ff02::1         ip6-allnodes
+ff02::2         ip6-allrouters
+
+127.0.1.1       {{ hostname }}

templates/mosquitto/passwd.j2

@@ -0,0 +1,3 @@
+{% for credentials in mosquitto_passwords | default([]) %}
+{{ credentials['user'] }}:{{ credentials['hash'] }}
+{% endfor %}

templates/nagios/conf.d/commands.cfg.j2

@@ -0,0 +1,9 @@
+{{ ansible_managed | comment }}
+
+{% for command in nagios_commands | default([]) %}
+define command {
+    command_name    {{ command['command_name'] }}
+    command_line    {{ command['command_line'] }}
+}
+
+{% endfor %}

templates/nagios/conf.d/hostgroups.cfg.j2

@@ -0,0 +1,10 @@
+{{ ansible_managed | comment }}
+
+{% for hostgroup in nagios_hostgroups | default([]) %}
+define hostgroup {
+    hostgroup_name  {{ hostgroup['hostgroup_name'] }}
+    alias           {{ hostgroup['alias'] }}
+    members         {{ hostgroup['members'] | sort | join(',') }}
+}
+
+{% endfor %}

templates/nagios/conf.d/hosts.cfg.j2

@@ -0,0 +1,11 @@
+{{ ansible_managed | comment }}
+
+{% for host in nagios_hosts | default([]) %}
+define host {
+    use         {{ host['use'] }}
+    host_name   {{ host['host_name'] }}
+    alias       {{ host['alias'] }}
+    address     {{ host['address'] }}
+}
+
+{% endfor %}

templates/nagios/conf.d/services.cfg.j2

@@ -0,0 +1,23 @@
+{{ ansible_managed | comment }}
+
+{% for service in nagios_services | default([]) %}
+define service {
+    use                     {{ service['use'] }}
+    hostgroup_name          {{ service['hostgroup_name'] }}
+    service_description     {{ service['service_description'] }}
+    check_command           {{ service['check_command'] }}
+}
+
+{% endfor %}
+
+{% for service_dependency in nagios_service_dependencies | default([]) %}
+define servicedependency {
+    host_name                       {{ service_dependency['host_name'] }}
+    service_description             {{ service_dependency['service_description'] }}
+    dependent_host_name             {{ service_dependency['dependent_host_name'] }}
+    dependent_service_description   {{ service_dependency['dependent_service_description'] }}
+    execution_failure_criteria      {{ service_dependency['execution_failure_criteria'] }}
+    notification_failure_criteria   {{ service_dependency['notification_failure_criteria'] }}
+}
+
+{% endfor %}

templates/nagios/conf.d/templates.cfg.j2

@@ -0,0 +1,31 @@
+{{ ansible_managed | comment }}
+
+{% for template in nagios_host_templates | default([]) %}
+define host {
+    register                0 ; template
+    name                    {{ template['name'] }}
+    use                     {{ template['use'] }}
+    check_command           {{ template['check_command'] }}
+    contact_groups          {{ template['contact_groups'] }}
+    notification_options    {{ template['notification_options'] | sort | join(',') }}
+    check_interval          {{ template['check_interval'] }}
+    retry_interval          {{ template['retry_interval'] }}
+    max_check_attempts      {{ template['max_check_attempts'] }}
+    notification_interval   {{ template['notification_interval'] }}
+}
+
+{% endfor %}
+
+{% for template in nagios_service_templates | default([]) %}
+define service {
+    register                0 ; template
+    name                    {{ template['name'] }}
+    use                     {{ template['use'] }}
+    contact_groups          {{ template['contact_groups'] }}
+    check_interval          {{ template['check_interval'] }}
+    retry_interval          {{ template['retry_interval'] }}
+    max_check_attempts      {{ template['max_check_attempts'] }}
+    notification_interval   {{ template['notification_interval'] }}
+}
+
+{% endfor %}

templates/nagios/contacts.cfg.j2

@@ -0,0 +1,35 @@
+{{ ansible_managed | comment }}
+
+{% for contact in nagios_contacts | default([]) %}
+define contact {
+    contact_name                    {{ contact['contact_name'] }}
+    use                             {{ contact['use'] }}
+    alias                           {{ contact['alias'] }}
+    email                           {{ contact['email'] }}
+{% if 'pager' in contact %}
+    pager                           {{ contact['pager'] }}
+{% endif %}
+{% if 'host_notifications_enabled' in contact %}
+    host_notifications_enabled      {{ contact['host_notifications_enabled'] }}
+{% endif %}
+{% if 'service_notifications_enabled' in contact %}
+    service_notifications_enabled   {{ contact['service_notifications_enabled'] }}
+{% endif %}
+{% if 'host_notification_commands' in contact %}
+    host_notification_commands      {{ contact['host_notification_commands'] }}
+{% endif %}
+{% if 'service_notification_commands' in contact %}
+    service_notification_commands   {{ contact['service_notification_commands'] }}
+{% endif %}
+}
+
+{% endfor %}
+
+{% for contact_group in nagios_contact_groups | default([]) %}
+define contactgroup {
+    contactgroup_name   {{ contact_group['contactgroup_name'] }}
+    alias               {{ contact_group['alias'] }}
+    members             {{ contact_group['members'] | sort | join(',') }}
+}
+
+{% endfor %}

templates/nagios/htdigest.users.j2

@@ -0,0 +1,3 @@
+{% for user in nagios_htdigest_users | default([]) %}
+{{ user['name'] }}:{{ user['hash'] }}
+{% endfor %}

templates/nrpe/nagios-nrpe-server.j2

@@ -0,0 +1,2 @@
+{{ ansible_managed | comment }}
+NRPE_OPTS="{{ nrpe_opts | default('-n') }}"

templates/nrpe/nrpe.cfg.j2

@@ -0,0 +1,14 @@
+{{ ansible_managed | comment }}
+
+log_facility=daemon
+debug=0
+pid_file=/var/run/nagios/nrpe.pid
+server_port=5666
+nrpe_user=nagios
+nrpe_group=nagios
+allowed_hosts={{ nrpe_allowed_hosts | sort | join(',') }}
+dont_blame_nrpe=0
+allow_bash_command_substitution=0
+command_timeout=60
+connection_timeout=300
+include=/etc/nagios/nrpe_local.cfg

templates/nrpe/nrpe_local.cfg.j2

@@ -0,0 +1,6 @@
+{{ ansible_managed | comment }}
+
+{% for command in nrpe_commands | default([]) %}
+command[{{ command['name'] }}]={{ command['line'] }}
+{% endfor %}
+

templates/nrpe/ovh.conf.j2

@@ -0,0 +1,8 @@
+{{ ansible_managed | comment }}
+[default]
+endpoint={{ ovh_endpoint }}
+
+[{{ ovh_endpoint }}]
+application_key={{ ovh_application_key }}
+application_secret={{ ovh_application_secret }}
+consumer_key={{ ovh_consumer_key }}

templates/openvpn/client.conf.j2

@@ -0,0 +1,21 @@
+{{ ansible_managed | comment }}
+
+client
+dev {{ openvpn_dev | default('tun') }}
+proto {{ openvpn_proto | default('udp') }}
+remote {{ openvpn_remote_host }} {{ openvpn_remote_port | default(1194) }}
+resolv-retry infinite
+nobind
+user nobody
+group nogroup
+persist-key
+persist-tun
+ca ca.crt
+cert client.crt
+key client.key
+remote-cert-tls server
+tls-auth ta.key 1
+cipher AES-256-CBC
+auth SHA256
+verb 3
+key-direction 1

templates/serial2mqtt/serial2mqtt.ini.j2

@@ -0,0 +1,12 @@
+{{ ansible_managed | comment }}
+
+[mqtt]
+host = {{ serial2mqtt_host | default('localhost') }}
+port = {{ serial2mqtt_port | default(1883) }}
+client_id = serial2mqtt
+topic_prefix = {{ serial2mqtt_topic_prefix }}
+username = {{ serial2mqtt_username }}
+password = {{ serial2mqtt_password }}
+
+[serial]
+interface = {{ serial2mqtt_interface | default('/dev/ttyACM0') }}

templates/telegraf/influxdata.list.j2

@@ -0,0 +1,2 @@
+{{ ansible_managed | comment }}
+deb https://repos.influxdata.com/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} stable

templates/telegraf/inputs.conf.j2

@@ -0,0 +1,39 @@
+{{ ansible_managed | comment }}
+
+[[inputs.cpu]]
+  percpu = false
+  totalcpu = true
+  collect_cpu_time = false
+  report_active = false
+
+[[inputs.disk]]
+  mount_points = ["/", "/boot"]
+
+[[inputs.diskio]]
+  devices = ["mmcblk0"]
+
+[[inputs.kernel]]
+[[inputs.mem]]
+[[inputs.processes]]
+[[inputs.swap]]
+[[inputs.system]]
+[[inputs.net]]
+  interfaces = ["eth0", "tun0"]
+
+[[inputs.sensors]]
+
+[[inputs.ping]]
+  urls = ["{{ telegraf_ping_ip }}"]
+  count = 3
+  ping_interval = 1.0
+  timeout = 1.0
+
+[[inputs.mqtt_consumer]]
+  servers = {{ telegraf_mqtt_consumer_servers }}
+  topics = {{ telegraf_mqtt_consumer_topics }}
+  persistent_session = true
+  client_id = "telegraf"
+  data_format = "value"
+  data_type = "float"
+  username = "{{ telegraf_mqtt_consumer_username }}"
+  password = "{{ telegraf_mqtt_consumer_password }}"

templates/telegraf/output.conf.j2

@@ -0,0 +1,10 @@
+{{ ansible_managed | comment }}
+
+[[outputs.influxdb]]
+  urls = {{ telegraf_influxdb_urls }}
+  database = "{{ telegraf_influxdb_database }}"
+  skip_database_creation = true
+  username = "{{ telegraf_influxdb_username }}"
+  password = "{{ telegraf_influxdb_password }}"
+  insecure_skip_verify = true
+  content_encoding = "gzip"