Franziska Kunsmann
eab9d6f97c
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
162 lines
5 KiB
Python
162 lines
5 KiB
Python
nodes['ovh.icinga2'] = {
|
|
'bundles': {
|
|
'bird',
|
|
'icinga2',
|
|
'php',
|
|
'postgresql',
|
|
'simple-icinga-dashboard',
|
|
'unbound',
|
|
'wireguard',
|
|
'zfs',
|
|
},
|
|
'groups': {
|
|
'debian-bullseye',
|
|
'webserver',
|
|
},
|
|
'metadata': {
|
|
'interfaces': {
|
|
'eth0': {
|
|
'ips': {
|
|
'51.195.44.8',
|
|
'2001:41d0:701:1100::2618/128'
|
|
},
|
|
'gateway4': '51.195.44.1',
|
|
'gateway6': '2001:41d0:701:1100::1'
|
|
},
|
|
'dummy-snat': {
|
|
'ips': {
|
|
'172.19.136.3',
|
|
},
|
|
},
|
|
},
|
|
'bird': {
|
|
'static_routes': {
|
|
'172.19.136.3/32',
|
|
},
|
|
},
|
|
'icinga2': {
|
|
'api_users': {
|
|
'dashboard': {
|
|
'password': vault.password_for('ovh.icinga2 icinga2 api_user dashboard'),
|
|
'permissions': {
|
|
'objects/query/Service'
|
|
},
|
|
},
|
|
# Used with <https://git.franzi.business/kunsi/icinga2eamer>
|
|
'icinga2beamer': {
|
|
'password': vault.decrypt('encrypt$gAAAAABf3wM9YS5ZpRdhp3xyIFX21_MK0omzqHqykWbWdkZWp2xyJ6awaUSXODnZQ5j-rws6n0yrpaeMdXoj1irb2FrgxMDTdfCh88hIsqcKGOObzwGaRg6Ze0tuiMrzIfOO3tRnc9Kd'),
|
|
'permissions': {
|
|
'objects/query/Host',
|
|
'objects/query/Service'
|
|
},
|
|
},
|
|
},
|
|
'restrict-to': {
|
|
'172.19.138.0/24',
|
|
},
|
|
'sipgate_user': bwpass.attr('sipgate.de/hi@kunsmann.eu', 'icinga_tokenid'),
|
|
'sipgate_pass': bwpass.attr('sipgate.de/hi@kunsmann.eu', 'icinga_token'),
|
|
},
|
|
'icinga2_api': {
|
|
'custom': {
|
|
# redundant monitoring of services/hosts
|
|
'services': {
|
|
'_.qzwi.de CERTIFICATE': {
|
|
'check_command': 'check_https_cert_at_url',
|
|
'vars.domain': 'cloud.qzwi.de',
|
|
},
|
|
'flauschekatze.space CERTIFICATE': {
|
|
'check_command': 'check_https_cert_at_url',
|
|
'vars.domain': 'flauschekatze.space',
|
|
},
|
|
'matrix.flauschekatze.space CERTIFICATE': {
|
|
'check_command': 'check_https_cert_at_url',
|
|
'vars.domain': 'matrix.flauschekatze.space',
|
|
},
|
|
},
|
|
},
|
|
},
|
|
'nginx': {
|
|
'vhosts': {
|
|
'icingaweb': {
|
|
'domain': 'icinga.kunsmann.eu',
|
|
'webroot': '/usr/share/icingaweb2/public',
|
|
'extras': True,
|
|
},
|
|
'icinga_statusmonitor': {
|
|
'domain': 'statusmonitor.icinga.kunsmann.eu',
|
|
'locations': {
|
|
'/': {
|
|
'target': 'http://127.0.0.1:5000/',
|
|
}
|
|
},
|
|
},
|
|
'statuspage': {
|
|
'domain': 'status.franzi.business',
|
|
'ssl': '_.franzi.business',
|
|
'webroot': '/opt/simple-icinga-dashboard/out',
|
|
},
|
|
},
|
|
},
|
|
'php': {
|
|
'version': '8.0',
|
|
'packages': {
|
|
'curl',
|
|
'gd',
|
|
'intl',
|
|
'imagick',
|
|
'ldap',
|
|
'mysql',
|
|
'opcache',
|
|
'pgsql',
|
|
'readline',
|
|
'xml',
|
|
},
|
|
},
|
|
'postgresql': {
|
|
'version': '11',
|
|
},
|
|
'simple-icinga-dashboard': {
|
|
'icinga2_api': {
|
|
'baseurl': 'https://127.0.0.1:5665',
|
|
'username': 'dashboard',
|
|
'password': vault.password_for('ovh.icinga2 icinga2 api_user dashboard'),
|
|
},
|
|
'filters': {
|
|
'services': '"checks_with_sms" in service.groups',
|
|
},
|
|
'output': {
|
|
'page_title': 'franzi.business Service Status',
|
|
},
|
|
'prettify': {
|
|
'CONTENT': '',
|
|
'NGINX': 'WEBSERVER',
|
|
'PROCESS': 'SERVICE',
|
|
},
|
|
},
|
|
'wireguard': {
|
|
'peers': {
|
|
'ovh.wireguard': {
|
|
'snat_to': '172.19.136.3',
|
|
},
|
|
},
|
|
},
|
|
'zfs': {
|
|
'pools': {
|
|
'tank': {
|
|
'when_creating': {
|
|
'config': [{
|
|
'devices': {
|
|
'/dev/sdb'
|
|
},
|
|
}],
|
|
},
|
|
},
|
|
},
|
|
},
|
|
'vm': {
|
|
'cpu': 1,
|
|
'ram': 2,
|
|
},
|
|
},
|
|
}
|