--- - name: Install icinga apt: name=icinga2 - name: Check if client is already enrolled stat: path: /var/lib/icinga2/certs/{{ ansible_fqdn }}.crt register: cert_file - name: Enroll agent on master server block: - name: Ensure certificate directory exists file: path: /var/lib/icinga2/certs state: directory owner: "{{ icinga_user }}" group: "{{ icinga_group }}" - name: Copy certificate from master fetch: src: /var/lib/icinga2/certs/{{ icinga_server }}.crt dest: /tmp/{{ icinga_server }}.crt flat: true delegate_to: "{{ icinga_server }}" - name: Copy certificate to host copy: src: /tmp/{{ icinga_server }}.crt dest: /var/lib/icinga2/certs/{{ icinga_server }}.crt owner: "{{ icinga_user }}" group: "{{ icinga_group }}" - name: Get ticket from master shell: "icinga2 pki ticket --cn {{ ansible_fqdn }}" register: "icinga_ticket" changed_when: "False" delegate_to: "{{ icinga_server }}" - name: Setup node command: argv: - icinga2 - node - setup - --ticket - "{{ icinga_ticket.stdout | trim }}" - --endpoint - "{{ icinga_server }}" - --zone - "{{ ansible_fqdn }}" - --parent_host - "{{ icinga_server }}" - --trustedcert - "/var/lib/icinga2/certs/{{ icinga_server }}.crt" - --accept-commands - --accept-config when: not cert_file.stat.exists - name: Set agent address on master template: src=hosts.agent.j2 dest=/etc/icinga2/conf.d/hosts/{{ inventory_hostname }}.01_agent owner={{ icinga_user }} group={{ icinga_group }} delegate_to: "{{ icinga_server }}" - name: Regenerate hosts.conf assemble: src: /etc/icinga2/conf.d/hosts dest: /etc/icinga2/zones.d/master/hosts.conf # validate: /usr/sbin/icinga2 daemon -c %s --validate notify: Restart icinga2 delegate_to: "{{ icinga_server }}" # TODO expand this to cover more than just the root partition - name: Monitor disks include_role: name=icinga-monitor tasks_from=disk vars: disks: - "/"