Folgende Dateien werden in einem Verzeichnis abgelegt. Die Ansible Playbooks werden in der Reihenfolge gestartet wie sie benannt sind (*step1... *step2... *step3).<\/p>\n\n\n\n\n\n
ansible.cfg<\/strong><\/p>\n\n\n\n\n\n inventory<\/strong><\/p>\n\n\n\n\n\n icinga_install_step_1.yml<\/strong><\/p>\n\n\n\n\n\n icinga_install_step_2.yml<\/strong><\/p>\n\n\n\n\n\n icinga_install_step_3.yml<\/strong><\/p>\n\n\n\n\n\n Folgende Dateien werden in einem Verzeichnis abgelegt. Die Ansible Playbooks werden in der Reihenfolge gestartet wie sie benannt sind (*step1... *step2... *step3). ansible.cfg inventory icinga_install_step_1.yml icinga_install_step_2.yml icinga_install_step_3.yml<\/p>","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[7,14],"tags":[],"class_list":["post-279","post","type-post","status-publish","format-standard","hentry","category-ansible","category-icinga-ansible"],"_links":{"self":[{"href":"https:\/\/whoami.lausitz-event.info\/index.php?rest_route=\/wp\/v2\/posts\/279","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/whoami.lausitz-event.info\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/whoami.lausitz-event.info\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/whoami.lausitz-event.info\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/whoami.lausitz-event.info\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=279"}],"version-history":[{"count":1,"href":"https:\/\/whoami.lausitz-event.info\/index.php?rest_route=\/wp\/v2\/posts\/279\/revisions"}],"predecessor-version":[{"id":280,"href":"https:\/\/whoami.lausitz-event.info\/index.php?rest_route=\/wp\/v2\/posts\/279\/revisions\/280"}],"wp:attachment":[{"href":"https:\/\/whoami.lausitz-event.info\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=279"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/whoami.lausitz-event.info\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=279"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/whoami.lausitz-event.info\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=279"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}inventory = \/opt\/ansible\/test\nask_pass = False\nhost_key_checking = False\ngathering = explicit\n\n[inventory]\n\n[privilege_escalation]\n\n[paramiko_connection]\n\n[ssh_connection]\n\n[persistent_connection]\ncommand_timeout = 180\nconnect_timeout = 100\nconnect_retry_timeout = 100\n\n\n[accelerate]\n\n[selinux]\n\n[colors]\n\n\n[diff]<\/code><\/pre>\n\n\n\n\n\n[icingahost]\nicinga2 ansible_host=IP-ADDRESS\n\n[icingahost:vars]\nansible_connection=ssh\nansible_user=root\nansible_password=SECURE<\/code><\/pre>\n\n\n\n\n\n- name: Automatische Icinga Installation und Konfiguration\n hosts: icinga2\n vars:\n icinga_url: http:\/\/IP-ADDRESS\n hostname: host.domain.local\n\n tasks:\n\n - name: Setting Hostname to {{ hostname }}\n ansible.builtin.hostname:\n name: \"{{ hostname }}\"\n use: systemd\n\n - name: Disable SELinux\n ansible.posix.selinux:\n state: disabled\n\n - name: Disable and Stop Firewalld\n service:\n name: firewalld\n state: stopped\n enabled: false\n\n - name: Create incubator Install Script\n ansible.builtin.lineinfile:\n path: \/tmp\/php_install.sh\n line: '{{ item }}'\n create: yes\n mode: '0755'\n with_items:\n - dnf module -y reset php\n - dnf module -y enable php:7.3\n - dnf module -y install php:7.3\/common\n\n - name: Start PHP Install\n shell: \/tmp\/php_install.sh\n\n - name: Reboot Machine\n ansible.builtin.reboot:<\/code><\/pre>\n\n\n\n\n\n- name: Automatische Icinga Installation und Konfiguration\n hosts: icinga2\n vars:\n icinga_url: http:\/\/IP-ADDRESS\n ipaddress: IP-ADDRESS\n hostname_short: host\n hostname: host.domain.local\n http_user: apache\n mysql_pass: SECURE\n\n tasks:\n\n - rpm_key:\n state: present\n key: 'https:\/\/packages.icinga.com\/icinga.key'\n\n - rpm_key:\n state: present\n key: 'http:\/\/download.fedoraproject.org\/pub\/epel\/RPM-GPG-KEY-EPEL-8'\n\n - name: Install Packages\n dnf:\n name: 'https:\/\/dl.fedoraproject.org\/pub\/epel\/epel-release-latest-8.noarch.rpm'\n state: present\n update_cache: True\n\n - name: Update all Packages on System\n ansible.builtin.dnf:\n name: \"*\"\n state: latest\n\n - name: Install CPAN und perl-devel\n yum: name={{ item }}\n state=present\n with_items:\n - perl\n - perl-devel\n - perl-CPAN\n\n - name: download cpanm\n get_url: url=http:\/\/cpanmin.us\/\n dest=\/tmp\/cpanm.pl\n mode=755\n\n - name: Install cpan fuer die Nutzung vom cpan Ansible Modul\n command: perl cpanm.pl App::cpanminus\n args:\n chdir: \/tmp\/\n creates: \/usr\/bin\/cpanm\n\n - name: Install Perl Net::SNMP\n cpanm: name=Net::SNMP\n notest=True\n\n - name: Install Packages\n dnf:\n name: '{{ item }}'\n state: present\n update_cache: True\n with_items:\n - php\n - php-common\n - php-fpm\n - php-cli\n - php-devel\n - php-xml\n - php-json\n - php-pear\n - php-intl\n - php-dba\n - php-pdo\n - php-soap\n - php-mysqlnd\n - php-gd\n - php-snmp\n - php-mbstring\n - php-pecl-zip\n - php-pear-Date\n - php-pear-Mail\n - php-pear-Net-URL\n - python3-mysqlclient\n - compat-openssl10\n - libnsl\n - php-gmp\n - ntfs-3g\n - perl-Time-Duration\n - nagios-plugins\n - rsync\n - git\n - wget\n - expect\n - ruby-devel\n - ant\n - texlive\n - '@Development Tools'\n - ImageMagick\n - ImageMagick-perl\n - ImageMagick-libs\n - ImageMagick-devel\n - nagios-plugins-apt\n - nagios-plugins-bonding\n - nagios-plugins-breeze\n - nagios-plugins-by_ssh\n - nagios-plugins-cluster\n - nagios-plugins-dbi\n - nagios-plugins-dhcp\n - nagios-plugins-dig\n - nagios-plugins-disk\n - nagios-plugins-dns\n - nagios-plugins-dummy\n - nagios-plugins-file_age\n - nagios-plugins-flexlm\n - nagios-plugins-fping\n - nagios-plugins-fts\n - nagios-plugins-hpjd\n - nagios-plugins-http\n - nagios-plugins-icmp\n - nagios-plugins-ide_smart\n - nagios-plugins-ircd\n - nagios-plugins-ldap\n - nagios-plugins-load\n - nagios-plugins-log\n - nagios-plugins-mailq\n - nagios-plugins-mrtg\n - nagios-plugins-mrtgtraf\n - nagios-plugins-mysql\n - nagios-plugins-nagios\n - nagios-plugins-nrpe\n - nagios-plugins-nt\n - nagios-plugins-ntp\n - nagios-plugins-nwstat\n - nagios-plugins-oracle\n - nagios-plugins-overcr\n - nagios-plugins-perl\n - nagios-plugins-pgsql\n - nagios-plugins-ping\n - nagios-plugins-procs\n - nagios-plugins-radius\n - nagios-plugins-real\n - nagios-plugins-remove_perfdata\n - nagios-plugins-rpc\n - nagios-plugins-sensors\n - nagios-plugins-smtp\n - nagios-plugins-snmp\n - nagios-plugins-snmp-disk-proc\n - nagios-plugins-ssh\n - nagios-plugins-ssl_validity\n - nagios-plugins-swap\n - nagios-plugins-tcp\n - nagios-plugins-time\n - nagios-plugins-ups\n - nagios-plugins-uptime\n - nagios-plugins-users\n - nagios-plugins-wave\n - 'https:\/\/packages.icinga.com\/epel\/icinga-rpm-release-8-latest.noarch.rpm'\n - icinga2\n - icinga2-ido-mysql\n - cpan\n - libzip\n\n - name: Install pear package Imagick\n community.general.pear:\n name: pecl\/Imagick\n state: present\n\n - name: Install Perl LWP\n cpanm: name=LWP\n notest=True\n\n - name: Install Perl JSON\n cpanm: name=JSON\n notest=True\n\n - name: Install Perl Time::Piece\n cpanm: name=Time::Piece\n notest=True\n\n - name: Install Perl LWP::Protocol::https\n cpanm: name=LWP::Protocol::https\n notest=True\n\n - name: Install Perl List::Compare\n cpanm: name=List::Compare\n notest=True\n\n - name: Install pysnmp for Python 3.6 specifically, using the 'pip3.6' executable\n ansible.builtin.pip:\n name: pysnmp\n executable: pip3.6\n\n - name: Enable and start httpd\n ansible.builtin.systemd:\n name: httpd\n state: started\n enabled: yes\n\n - name: User apache to Group icingacmd\n user: name={{ http_user }}\n groups=icingacmd\n append=yes\n\n - name: Install MySQL MariaDB\n dnf:\n name: '{{ item }}'\n state: present\n update_cache: True\n with_items:\n - mariadb\n - mariadb-server\n - mariadb-common\n\n - name: Enable and start mariadb\n ansible.builtin.systemd:\n name: mariadb\n state: started\n enabled: yes\n\n - name: Setting MySQL Password\n mysql_user:\n login_host: 'localhost'\n login_user: 'root'\n login_password: ''\n name: 'root'\n password: '{{ mysql_pass }}'\n state: present\n\n - name: Modify file \/etc\/hosts\n ansible.builtin.lineinfile:\n path: \/etc\/hosts\n line: '{{ ipaddress }} {{ hostname }} {{ hostname_short }}'\n\n - name: Setting MariaDB Parameter\n ansible.builtin.lineinfile:\n path: \/etc\/my.cnf.d\/mariadb-server.cnf\n line: '{{ item }}'\n insertbefore: datadir\n with_items:\n - query_cache_limit = 16M\n - query_cache_size = 128M\n - query_cache_type = 1\n - tmp_table_size= 960M\n - max_heap_table_size= 830M\n - performance_schema = ON\n - innodb_log_file_size = 16M\n - innodb_buffer_pool_instances = 1\n - max_allowed_packet=500M\n\n - name: Performance Tuning Limits\n ansible.builtin.lineinfile:\n path: \/root\/.bashrc\n line: '{{ item }}'\n insertafter: '# .bashrc'\n with_items:\n - ulimit -n 90000\n\n - name: Enable Icinga2 Feature\n community.general.icinga2_feature:\n name: '{{ item }}'\n state: present\n with_items:\n - perfdata\n - statusdata\n - livestatus\n - syslog\n - ido-mysql\n - command\n\n - name: Create database icingadb\n community.mysql.mysql_db:\n check_implicit_admin: yes\n login_user: root\n login_password: '{{ mysql_pass }}'\n name: icingadb\n state: present\n\n - name: Create icinga user\n community.mysql.mysql_user:\n login_user: root\n login_password: '{{ mysql_pass }}'\n name: icinga\n password: icinga\n priv:\n 'icingadb.*': 'ALL,GRANT'\n\n - name: Import icinga2 schema\n community.mysql.mysql_db:\n login_user: root\n login_password: '{{ mysql_pass }}'\n name: icingadb\n target: '\/usr\/share\/icinga2-ido-mysql\/schema\/mysql.sql'\n state: import\n\n - name: IDO-MySQL Konfiguration\n ansible.builtin.lineinfile:\n path: \/etc\/icinga2\/features-available\/ido-mysql.conf\n line: '{{ item }}'\n insertafter: 'object IdoMysqlConnection \"ido-mysql\" {'\n with_items:\n - user = \"icinga\"\n - password = \"icinga\"\n - host = \"localhost\"\n - database = \"icingadb\"\n\n - name: Restart Icinga2\n ansible.builtin.systemd:\n name: icinga2\n state: restarted\n\n - name: Reboot Machine\n ansible.builtin.reboot:<\/code><\/pre>\n\n\n\n\n\n- name: Automatische Icinga Installation und Konfiguration\n hosts: icinga2\n vars:\n icinga_url: http:\/\/IP-ADDRESS\n ipaddress: IP-ADDRESS\n hostname_short: host\n hostname: host.domain.local\n http_user: apache\n mysql_pass: SECURE\n\n tasks:\n - name: Install Packages\n dnf:\n name: '{{ item }}'\n state: present\n update_cache: True\n with_items:\n - icingaweb2\n - icingacli\n\n - name: Setting php.ini Parameter\n ansible.builtin.lineinfile:\n path: \/etc\/php.ini\n line: '{{ item }}'\n with_items:\n - date.timezone = \"Europe\/Berlin\"\n - date.default_latitude = 52.5194\n - date.default_longitude = 13.4067\n - extension = imagick.so\n\n - name: Restart httpd\n ansible.builtin.systemd:\n name: httpd\n state: restarted\n\n - name: Icinga Token\n shell: icingacli setup token create\n register: tokencode\n ignore_errors: True\n\n - name: Tokencode Output\n debug:\n msg: \"Tokencode ist: {{ tokencode }}\"\n\n - name: Enable Module setup\n shell: icingacli module enable setup\n\n - name: Icinga API Setup\n shell: icinga2 api setup\n\n - name: Icinga enable api feature\n shell: icinga2 feature enable api\n\n - name: Restart icinga2\n ansible.builtin.systemd:\n name: icinga2\n state: restarted\n\n - name: Setting icingaweb2 resources.ini\n ansible.builtin.lineinfile:\n path: \/etc\/icingaweb2\/resources.ini\n line: '{{ item }}'\n create: yes\n with_items:\n - [Director DB]\n - type = \"db\"\n - db = \"mysql\"\n - host = \"localhost\"\n - dbname = \"director\"\n - username = \"director\"\n - password = \"director\"\n - charset = \"utf8\"\n\n - name: Create database director\n community.mysql.mysql_db:\n check_implicit_admin: yes\n login_user: root\n login_password: '{{ mysql_pass }}'\n name: director\n state: present\n\n - name: Create director user\n community.mysql.mysql_user:\n login_user: root\n login_password: '{{ mysql_pass }}'\n name: director\n password: director\n priv:\n 'director.*': 'ALL,GRANT'\n\n - name: Create director Install Script\n ansible.builtin.lineinfile:\n path: \/tmp\/director_install.sh\n line: '{{ item }}'\n create: yes\n mode: '0755'\n with_items:\n - MODULE_VERSION=\"1.9.1\"\n - ICINGAWEB_MODULEPATH=\"\/usr\/share\/icingaweb2\/modules\"\n - REPO_URL=\"https:\/\/github.com\/icinga\/icingaweb2-module-director\"\n - TARGET_DIR=\"${ICINGAWEB_MODULEPATH}\/director\"\n - useradd -r -g icingaweb2 -d \/var\/lib\/icingadirector -s \/bin\/false icingadirector\n - install -d -o icingadirector -g icingaweb2 -m 0750 \/var\/lib\/icingadirector\n - git clone \"${REPO_URL}\" \"${TARGET_DIR}\" --branch v${MODULE_VERSION}\n - cp \"${TARGET_DIR}\/contrib\/systemd\/icinga-director.service\" \/etc\/systemd\/system\/\n\n - name: Start Director Install\n shell: \/tmp\/director_install.sh\n\n - name: Import Director schema\n community.mysql.mysql_db:\n login_user: root\n login_password: '{{ mysql_pass }}'\n name: director\n target: '\/usr\/share\/icingaweb2\/modules\/director\/schema\/mysql.sql'\n state: import\n\n - name: Create director config.ini\n ansible.builtin.lineinfile:\n path: \/usr\/share\/icingaweb2\/modules\/director\/config.ini\n line: '{{ item }}'\n create: yes\n with_items:\n - [db]\n - resource = \"Director DB\"\n\n - name: Systemctl daemon-reload\n shell: systemctl daemon-reload\n\n - name: Enable director\n shell: icingacli module enable director\n\n - name: Enable and start director\n ansible.builtin.systemd:\n name: icinga-director.service\n enabled: yes\n\n - name: Enable and start php-fpm\n ansible.builtin.systemd:\n name: php-fpm.service\n state: started\n enabled: yes\n\n - name: Create incubator Install Script\n ansible.builtin.lineinfile:\n path: \/tmp\/incubator_install.sh\n line: '{{ item }}'\n create: yes\n mode: '0755'\n with_items:\n - MODULE_NAME=incubator\n - MODULE_VERSION=v0.19.0\n - MODULES_PATH=\"\/usr\/share\/icingaweb2\/modules\"\n - MODULE_PATH=\"${MODULES_PATH}\/${MODULE_NAME}\"\n - RELEASES=\"https:\/\/github.com\/Icinga\/icingaweb2-module-${MODULE_NAME}\/archive\"\n - mkdir \"$MODULE_PATH\" && wget -q $RELEASES\/${MODULE_VERSION}.tar.gz -O - | tar xfz - -C \"$MODULE_PATH\" --strip-components 1\n - icingacli module enable \"${MODULE_NAME}\"\n\n - name: Start Incubator Install\n shell: \/tmp\/incubator_install.sh\n\n - name: Setting owner resource.ini\n shell: chown apache.icingaweb2 \/etc\/icingaweb2\/resources.ini\n\n - name: Setting rights for module directory\n shell: chmod 770 \/etc\/icingaweb2\/enabledModules\/<\/code><\/pre>\n\n\n","protected":false},"excerpt":{"rendered":"