1
0
forked from infra/ansible
infra/roles/librenms/tasks/main.yml

80 lines
2.1 KiB
YAML

---
- name: Install dependencies
apt: name={{ item }}
with_items:
- fping
- git
- graphviz
- imagemagick
- mtr-tiny
- mariadb-server
- nmap
- php-net-ipv4
- php-net-ipv6
- php-pear
- php7.3-cli
- php7.3-curl
- php7.3-fpm
- php7.3-gd
- php7.3-json
- php7.3-mbstring
- php7.3-mysql
- php7.3-snmp
- python3-dotenv
- python3-pymysql
- python3-redis
- rrdtool
- snmp
- snmpd
- whois
- name: Configure MySQL database
mysql_db: name={{ librenms_dbname }}
- name: Configure MySQL user
mysql_user: name={{ librenms_dbuser }} password={{ librenms_dbpass }} priv={{ librenms_dbname }}.*:ALL state=present
- name: Ensure librenms user exists
user: name=librenms groups=www-data createhome=no home=/usr/share/librenms system=yes
- name: Clone librenms
git: repo=https://github.com/librenms/librenms.git dest=/usr/share/librenms depth=1 update=no
- name: Configure librenms
template: src=config.php.j2 dest=/usr/share/librenms/config.php owner=librenms group=www-data mode=0440
- name: Set php timezone
lineinfile:
path: "{{ item }}"
regexp: ';?date\.timezone'
line: 'date.timezone = Europe/Berlin'
with_items:
- /etc/php/7.3/cli/php.ini
- /etc/php/7.3/fpm/php.ini
- name: Ensure certificates are available
command: openssl req -x509 -nodes -newkey rsa:2048 -keyout /etc/nginx/ssl/{{ librenms_domain }}.key -out /etc/nginx/ssl/{{ librenms_domain }}.crt -days 730 -subj "/CN={{ librenms_domain }}" creates=/etc/nginx/ssl/{{ librenms_domain }}.crt
notify: Restart nginx
- name: Request nsupdate key for certificate
include_role: name=acme-dnskey-generate
vars:
acme_dnskey_san_domains:
- "{{ librenms_domain }}"
- name: Configure certificate manager for librenms
template: src=certs.j2 dest=/etc/acertmgr/{{ librenms_domain }}.conf
notify: Run acertmgr
- name: Configure vhost
template: src=vhost.j2 dest=/etc/nginx/sites-available/librenms
notify: Restart nginx
- name: Enable vhost
file: src=/etc/nginx/sites-available/librenms dest=/etc/nginx/sites-enabled/librenms state=link
notify: Restart nginx
- name: Start php7.3-fpm
service: name=php7.3-fpm state=started enabled=yes