bundlewrap/nodes/icinga2.toml

101 lines
3 KiB
TOML

hostname = "217.160.71.39"
bundles = [
"bird",
"icinga2",
"php",
"postgresql",
# 'simple-icinga-dashboard',
"unbound",
"wireguard",
]
groups = [
'debian-bookworm',
'webserver',
]
[metadata]
location = "ionos"
[metadata.interfaces.ens192]
ips = [
"217.160.71.39/32",
"2001:8d8:1800:d5::1/128"
]
gateway4 = "10.255.255.1"
gateway6 = "fe80::1"
[metadata.interfaces.wg_home_router]
ips = ["172.19.136.4"]
[metadata.bird]
static_routes = ["172.19.136.4/32"]
[metadata.icinga2]
web_domain = "icinga.franzi.business"
ntfy.pass = "!decrypt:encrypt$gAAAAABkMtfD8lenogwJc8uKeGZUQ8QVWHMpAqY_GLW3VhF3Jt0TOC4JiJn49qfaC9Ij5rw6GGsowNIsNBe1Ac83HXOLveANEU2o-O4fp5TxNF0xFWebCCtcaTkj_L2DjUbSUe8QVDn3"
ntfy.url = "https://ntfy.franzi.business/icinga2"
ntfy.user = "!decrypt:encrypt$gAAAAABkMtfW_tyGDUh7TkVX6AN8wSkKixWcQiOrPUWHtDZqnzjqrAkfD40fD8M_PiPDvW5pAa6xHNcUSU34jHolxnC44rDiLw=="
sipgate.pass = "!bwpass_attr:sipgate.de/hi@kunsmann.eu:icinga_token"
sipgate.user = "!bwpass_attr:sipgate.de/hi@kunsmann.eu:icinga_tokenid"
[metadata.icinga2.api_users.icinga2beamer]
# Used with <https://git.franzi.business/kunsi/icinga2beamer>
password = "!decrypt:encrypt$gAAAAABf3wM9YS5ZpRdhp3xyIFX21_MK0omzqHqykWbWdkZWp2xyJ6awaUSXODnZQ5j-rws6n0yrpaeMdXoj1irb2FrgxMDTdfCh88hIsqcKGOObzwGaRg6Ze0tuiMrzIfOO3tRnc9Kd"
permissions = [
"objects/query/Host",
"objects/query/Service",
]
# 'icinga2_api': {
# 'custom': {
# # redundant monitoring of services/hosts
# 'services': {
# 'flauschekatze.space CERTIFICATE': {
# 'check_command': 'check_https_cert_at_url',
# 'vars.domain': 'flauschekatze.space',
# },
# 'matrix.flauschekatze.space CERTIFICATE': {
# 'check_command': 'check_https_cert_at_url',
# 'vars.domain': 'matrix.flauschekatze.space',
# },
# },
# },
# },
# 'nginx': {
# 'vhosts': {
# 'statuspage': {
# 'domain': 'status.franzi.business',
# 'ssl': '_.franzi.business',
# 'webroot': '/opt/simple-icinga-dashboard/out',
# },
# },
# },
[metadata.postgresql]
version = 15
# 'simple-icinga-dashboard': {
# 'icinga2_api': {
# 'baseurl': 'https://127.0.0.1:5665',
# 'username': 'dashboard',
# 'password': vault.password_for('ovh.icinga2 icinga2 api_user dashboard'),
# },
# 'filters': {
# 'services': '"statuspage" in service.groups',
# },
# 'output': {
# 'page_title': 'franzi.business Service Status',
# },
# 'prettify': {
# 'CONTENT': '',
# 'NGINX': 'WEBSERVER',
# 'PROCESS': 'SERVICE',
# },
# },
[metadata.wireguard.peers.'home.router']
snat_to = "172.19.136.4"
[metadata.vm]
cpu = 2
ram = 2