diff --git a/roles/apache2/tasks/apacheDebian.yml b/roles/apache2/tasks/apacheDebian.yml
index acfada376e9d2e3a857be634bc417cf60fb4930e..b62913c6dcb53f519733a3053071387723485197 100644
--- a/roles/apache2/tasks/apacheDebian.yml
+++ b/roles/apache2/tasks/apacheDebian.yml
@@ -27,8 +27,4 @@
sudo: true
notify: restart apache2
--
- name: "Starting Apache2"
- service: name=apache2 state=started enabled=yes
- sudo: true
diff --git a/roles/apache2/tasks/main.yml b/roles/apache2/tasks/main.yml
index 0783dadda1e585aab27d19bf67b35ac7fbc6ed47..f09076e625b90acca9565e84ea215b4cef808d5d 100644
--- a/roles/apache2/tasks/main.yml
+++ b/roles/apache2/tasks/main.yml
@@ -30,3 +30,11 @@
name: "Change permissions for /var/www"
file: path=/var/www state=directory owner=root group={{ apache_user }} mode=0775
sudo: true
+
+-
+ name: "Starting Apache2"
+ service: name=apache2 state=started enabled=yes
+ sudo: true
+ when: ansible_os_family=="Debian"
+
+
diff --git a/roles/nagios_config/files/commands.cfg b/roles/nagios_config/files/commands.cfg
new file mode 100644
index 0000000000000000000000000000000000000000..a32097f00205d59386ebbcd1d7f471008f15113a
--- /dev/null
+++ b/roles/nagios_config/files/commands.cfg
@@ -0,0 +1,52 @@
+###############################################################################
+# COMMANDS.CFG - SAMPLE COMMAND DEFINITIONS FOR NAGIOS
+###############################################################################
+
+
+################################################################################
+# NOTIFICATION COMMANDS
+################################################################################
+
+
+# 'notify-host-by-email' command definition
+define command{
+ command_name notify-host-by-email
+ command_line /usr/bin/printf "%b" "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\nHost: $HOSTNAME$\nState: $HOSTSTATE$\nAddress: $HOSTADDRESS$\nInfo: $HOSTOUTPUT$\n\nDate/Time: $LONGDATETIME$\n" | /usr/bin/mail -s "** $NOTIFICATIONTYPE$ Host Alert: $HOSTNAME$ is $HOSTSTATE$ **" $CONTACTEMAIL$
+ }
+
+# 'notify-service-by-email' command definition
+#define command{
+# command_name notify-service-by-email
+# command_line /usr/bin/printf "%b" "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\n\nService: $SERVICEDESC$\nHost: $HOSTALIAS$\nAddress: $HOSTADDRESS$\nState: $SERVICESTATE$\n\nDate/Time: $LONGDATETIME$\n\nAdditional Info:\n\n$SERVICEOUTPUT$\n" | /usr/bin/mail -s "** $NOTIFICATIONTYPE$ Service Alert: $HOSTALIAS$/$SERVICEDESC$ is $SERVICESTATE$ **" $CONTACTEMAIL$
+# }
+
+
+
+
+
+################################################################################
+# HOST CHECK COMMANDS
+################################################################################
+
+# On Debian, check-host-alive is being defined from within the
+# nagios-plugins-basic package
+
+################################################################################
+# PERFORMANCE DATA COMMANDS
+################################################################################
+
+
+# 'process-host-perfdata' command definition
+define command{
+ command_name process-host-perfdata
+ command_line /usr/bin/printf "%b" "$LASTHOSTCHECK$\t$HOSTNAME$\t$HOSTSTATE$\t$HOSTATTEMPT$\t$HOSTSTATETYPE$\t$HOSTEXECUTIONTIME$\t$HOSTOUTPUT$\t$HOSTPERFDATA$\n" >> /var/lib/nagios3/host-perfdata.out
+ }
+
+
+# 'process-service-perfdata' command definition
+define command{
+ command_name process-service-perfdata
+ command_line /usr/bin/printf "%b" "$LASTSERVICECHECK$\t$HOSTNAME$\t$SERVICEDESC$\t$SERVICESTATE$\t$SERVICEATTEMPT$\t$SERVICESTATETYPE$\t$SERVICEEXECUTIONTIME$\t$SERVICELATENCY$\t$SERVICEOUTPUT$\t$SERVICEPERFDATA$\n" >> /var/lib/nagios3/service-perfdata.out
+ }
+
+
diff --git a/roles/nagios_config/tasks/main.yml b/roles/nagios_config/tasks/main.yml
index c99e088a755d49015f9edf8580321ff41b8988d7..2743e363568ff55f7e7c3ecd68828d7cff9a86e9 100644
--- a/roles/nagios_config/tasks/main.yml
+++ b/roles/nagios_config/tasks/main.yml
@@ -1,6 +1,6 @@
---
- name: configure monitoring
- template: src={{ item }}_nagios2.cfg.j2 dest=/etc/nagios3/conf.d/{{ item }}_nagios2.cfg
+ copy: src={{ item }}_nagios2.cfg dest=/etc/nagios3/conf.d/{{ item }}_nagios2.cfg
with_items:
- 'hostgroups'
- 'hosts'
@@ -8,19 +8,26 @@
- 'services'
- 'contactgroup'
- 'contacts'
+ - 'generic-host'
+ - 'generic-service'
sudo: true
- name: remove unwanted configure files
- file: path={{ item }}_nagios2.cfg.j2 state=absent
+ file: path=/etc/nagios3/conf.d/{{ item }}_nagios2.cfg state=absent
with_items:
- 'localhost'
- 'extinfo'
sudo: true
- name: change cgi config
- template: src=cgi.cfg.j2 dest=/etc/nagios3/cgi.cfg
+ copy: src=cgi.cfg dest=/etc/nagios3/cgi.cfg
sudo: true
+- name: change the default email command
+ copy: src=commands.cfg dest=/etc/nagios3/commands.cfg
+ become: true
+ become_user: root
+
- name: nagios restart
service: name=nagios3 state=restarted
sudo: true
diff --git a/roles/nagios_server/tasks/main.yml b/roles/nagios_server/tasks/main.yml
index 203b4f8b10efaa8324e188c745396101b9c8db76..aea8c85d8c50a9c8644fdd5083406f33108d9d16 100644
--- a/roles/nagios_server/tasks/main.yml
+++ b/roles/nagios_server/tasks/main.yml
@@ -16,12 +16,22 @@
with_items:
- nagios3
- python-passlib
+ - libapache2-mod-webauthldap
sudo: true
when: ansible_os_family == "Debian"
-- name: configure nagios authentication
- htpasswd: path=/etc/nagios3/htpasswd.users name={{ nagios_username }} password={{ nagios_password }}
- sudo: true
+- name: enable apache modules
+ apache2_module: state=present name={{ item }}
+ with_items:
+ - ldap
+ - authnz_ldap
+ become: true
+ become_user: root
+
+- name: install apache site config
+ template: src=nagios3.conf.j2 dest=/etc/apache2/conf-available/nagios3.conf
+ become: true
+ become_user: root
- name: force restart
service: name=nagios3 state=started
diff --git a/roles/nagios_server/templates/cgi.cfg.j2 b/roles/nagios_server/templates/cgi.cfg.j2
index a3f3a07cd440ba32de38771fe0350102443b6618..691c2c9430757d2e39a2b7a859969b930e08e2fa 100644
--- a/roles/nagios_server/templates/cgi.cfg.j2
+++ b/roles/nagios_server/templates/cgi.cfg.j2
@@ -129,7 +129,7 @@ use_ssl_authentication=0
# not use authorization. You may use an asterisk (*) to
# authorize any user who has authenticated to the web server.
-authorized_for_system_information=nagiosadmin,nagios
+authorized_for_system_information=*
@@ -141,7 +141,7 @@ authorized_for_system_information=nagiosadmin,nagios
# an asterisk (*) to authorize any user who has authenticated
# to the web server.
-authorized_for_configuration_information=nagiosadmin,nagios
+authorized_for_configuration_information=*
@@ -154,7 +154,7 @@ authorized_for_configuration_information=nagiosadmin,nagios
# You may use an asterisk (*) to authorize any user who has
# authenticated to the web server.
-authorized_for_system_commands=nagiosadmin,nagios
+authorized_for_system_commands=*
@@ -167,8 +167,8 @@ authorized_for_system_commands=nagiosadmin,nagios
# to authorize any user who has authenticated to the web server.
-authorized_for_all_services=nagiosadmin,nagios
-authorized_for_all_hosts=nagiosadmin,nagios
+authorized_for_all_services=*
+authorized_for_all_hosts=*
@@ -181,8 +181,8 @@ authorized_for_all_hosts=nagiosadmin,nagios
# authorization). You may use an asterisk (*) to authorize any
# user who has authenticated to the web server.
-authorized_for_all_service_commands=nagiosadmin,nagios
-authorized_for_all_host_commands=nagiosadmin,nagios
+authorized_for_all_service_commands=*
+authorized_for_all_host_commands=*
@@ -374,4 +374,3 @@ lock_author_names=1
#splunk_url=http://127.0.0.1:8000/
-
diff --git a/roles/upgrade/tasks/main.yml b/roles/upgrade/tasks/main.yml
index 58a50ac0a19561e44b952d800033d9c1c9dacdac..535141fb2c64e52471997cf1f6c15ea54c372907 100644
--- a/roles/upgrade/tasks/main.yml
+++ b/roles/upgrade/tasks/main.yml
@@ -1,4 +1,11 @@
---
+
+- name: install aptitude
+ apt: name=aptitude state=installed
+ become: true
+ become_user: root
+ when: ansible_os_family=="Debian"
+
- name: apt-get upgrade
apt: upgrade=safe
sudo: true