forked from infra/ansible
86 lines
2.3 KiB
YAML
86 lines
2.3 KiB
YAML
---
|
|
|
|
- name: Install dependencies
|
|
apt:
|
|
name:
|
|
- fping
|
|
- git
|
|
- graphviz
|
|
- imagemagick
|
|
- mariadb-server
|
|
- mtr-tiny
|
|
- nmap
|
|
- php-cli
|
|
- php-curl
|
|
- php-fpm
|
|
- php-gd
|
|
- php-json
|
|
- php-mbstring
|
|
- php-mysql
|
|
- php-net-ipv4
|
|
- php-net-ipv6
|
|
- php-pear
|
|
- php-snmp
|
|
- python3-dotenv
|
|
- python3-pymysql
|
|
- python3-redis
|
|
- rrdtool
|
|
- snmp
|
|
- snmpd
|
|
- whois
|
|
|
|
- name: Configure MySQL database
|
|
mysql_db: name={{ librenms_dbname }}
|
|
|
|
# FIXME the following statement has broken at some point in time
|
|
#- name: Configure MySQL user
|
|
# mysql_user: name={{ librenms_dbuser }} password={{ librenms_dbpass }} priv={{ librenms_dbname }}.*:ALL state=present
|
|
|
|
- name: Ensure librenms user exists
|
|
user: name=librenms groups=www-data createhome=no home=/usr/share/librenms system=yes
|
|
|
|
- name: Clone librenms
|
|
git: repo=https://github.com/librenms/librenms.git dest=/usr/share/librenms depth=1 update=no
|
|
|
|
- name: Configure librenms
|
|
template: src=config.php.j2 dest=/usr/share/librenms/config.php owner=librenms group=www-data mode=0440
|
|
|
|
- name: Set php timezone
|
|
lineinfile:
|
|
path: "{{ item }}"
|
|
regexp: ';?date\.timezone'
|
|
line: 'date.timezone = Europe/Berlin'
|
|
with_items:
|
|
- /etc/php/8.2/cli/php.ini
|
|
- /etc/php/8.2/fpm/php.ini
|
|
|
|
- name: Ensure certificates are available
|
|
command: openssl req -x509 -nodes -newkey rsa:2048 -keyout /etc/nginx/ssl/{{ librenms_domain }}.key -out /etc/nginx/ssl/{{ librenms_domain }}.crt -days 730 -subj "/CN={{ librenms_domain }}" creates=/etc/nginx/ssl/{{ librenms_domain }}.crt
|
|
notify: Restart nginx
|
|
|
|
- name: Request nsupdate key for certificate
|
|
include_role: name=acme-dnskey-generate
|
|
vars:
|
|
acme_dnskey_san_domains:
|
|
- "{{ librenms_domain }}"
|
|
|
|
- name: Configure certificate manager for librenms
|
|
template: src=certs.j2 dest=/etc/acertmgr/{{ librenms_domain }}.conf
|
|
notify: Run acertmgr
|
|
|
|
- name: Configure vhost
|
|
template: src=vhost.j2 dest=/etc/nginx/sites-available/librenms
|
|
notify: Restart nginx
|
|
|
|
- name: Enable vhost
|
|
file: src=/etc/nginx/sites-available/librenms dest=/etc/nginx/sites-enabled/librenms state=link
|
|
notify: Restart nginx
|
|
|
|
- name: Start php8.2-fpm
|
|
service: name=php8.2-fpm state=started enabled=yes
|
|
|
|
- name: Enable monitoring
|
|
include_role: name=icinga-monitor tasks_from=http
|
|
vars:
|
|
vhost: "{{ librenms_domain }}"
|