jriou/ansible-pilote
1
0
Fork 0
Code Issues Pull requests Activity
ansible-pilote/tasks/nrpe.yml
Julien Riou 2ad3fb5ea0
 feat: Add sudo to NRPE commands 
Signed-off-by: Julien Riou <julien@riou.xyz>
2026-04-08 10:06:16 +02:00

83 lines
2.1 KiB
YAML
Raw Blame History

---
- name: Install NRPE
ansible.builtin.apt:
name:
- nagios-nrpe-server
- bc
- python3-pip
- name: Copy NRPE global configuration
ansible.builtin.template:
src: nrpe/nrpe.cfg.j2
dest: /etc/nagios/nrpe.cfg
mode: "0644"
- name: Generate NRPE local configuration
ansible.builtin.template:
src: nrpe/nrpe_local.cfg.j2
dest: /etc/nagios/nrpe_local.cfg
mode: "0644"
- name: List sudo commands
ansible.builtin.set_fact:
nrpe_sudo_commands: "{{ nrpe_sudo_commands | default([]) + [item.line] }}"
loop: "{{ nrpe_commands }}"
loop_control:
label: "{{ item.name }}"
when: '"sudo" in item and item.sudo is truthy'
- name: Setup sudoers
community.general.sudoers:
name: nagios_nrpe
user: nagios
commands: "{{ nrpe_sudo_commands | default([]) }}"
- name: Manage daemon settings
ansible.builtin.template:
src: nrpe/nagios-nrpe-server.j2
dest: /etc/default/nagios-nrpe-server
mode: "0644"
- name: Clone check-mqtt source code
ansible.builtin.git:
repo: https://github.com/jpmens/check-mqtt.git
dest: /opt/check-mqtt
- name: Clone check_ssl_cert source code
ansible.builtin.git:
repo: https://github.com/matteocorti/check_ssl_cert.git
dest: /opt/check_ssl_cert
- name: Clone check_ovhcloud source code
ansible.builtin.git:
repo: https://git.riou.xyz/jriou/check_ovhcloud.git
dest: /opt/check_ovhcloud
- name: Configure check_ovhcloud
ansible.builtin.template:
src: nrpe/ovh.conf.j2
dest: /etc/ovh.conf
owner: root
group: nagios
mode: "0640"
- name: Install check_ovhcloud dependencies
ansible.builtin.pip:
requirements: /opt/check_ovhcloud/requirements.txt
extra_args: "--user --break-system-packages"
become: true
become_user: nagios
- name: Restart NRPE service
ansible.builtin.service:
name: nagios-nrpe-server
state: restarted
- name: Allow NRPE from vpn
ansible.builtin.iptables:
chain: INPUT
protocol: tcp
source: "{{ openvpn_subnet }}"
destination_port: "5666"
jump: ACCEPT
comment: allow nrpe from vpn
Reference in a new issue View git blame Copy permalink