Browse Source

Add first try

master
squeaky otter 2 years ago
parent
commit
7b59178b9a
Signed by: dashie GPG Key ID: C2D57B325840B755
10 changed files with 314 additions and 1 deletions
  1. +84
    -1
      README.md
  2. +70
    -0
      defaults/main.yml
  3. +6
    -0
      handlers/main.yml
  4. +25
    -0
      meta/main.yml
  5. +8
    -0
      tasks/main.yml
  6. +14
    -0
      tasks/setup-Debian.yml
  7. +8
    -0
      tasks/setup-RedHat.yml
  8. +32
    -0
      tasks/snmpd.yml
  9. +24
    -0
      templates/etc/default/snmpd.jinja2
  10. +43
    -0
      templates/etc/snmp/snmpd.jinja2

+ 84
- 1
README.md View File

@ -1 +1,84 @@
# ansible_snmpd_role
# SNMPD Ansible Role
Based on https://github.com/Oefenweb/ansible-snmpd without the user auth thing and more things.
Import in playbook:
```yaml
- hosts: all
roles:
- { role: rhaamo.snmpd, become: true }
```
Default config:
```yaml
---
# Default packages for snmpd
snmpd_debian_packages:
- snmp
- snmpd
- snmp-mibs-downloader
snmpd_redhat_packages:
- net-snmp
- net-snmp-utils
# Should we start and enable the daemon
snmpd_enabled: True
# MIBs to load
snmpd_mibs: UCD-SNMP-MIB
# Default SNMPD options (use syslog, close stdin/out/err)
snmpd_opts: '-LS4d -Lf /dev/null -u snmp -g snmp -I -smux -p /var/run/snmpd.pid'
# Should we start and enable snmptrapd
snmpd_trapd_enabled: false
# Default options for snmptrapd (use syslog)
snmpd_trapd_opts: '-Lsd -p /var/run/snmptrapd.pid'
# Create a symlink on debian legacy location to official RFC path
snmpd_snmpd_compat: false
# Default listen on everything
snmpd_agent_address:
- 'udp:161'
- 'udp6:[::1]:161'
# List of networks to authorize
# snmpd_authorized_networks:
# - community: public
# network: 192.168.40.0/32
snmpd_authorized_networks: []
# System location
snmpd_sys_location: 'Unknown'
# System contact
snmpd_sys_contact: Root <root@localhost>
# System description, defaults on inventory hostname
snmpd_sys_description: "{{ inventory_hostname }}"
# Include all disks mounted on system
snmpd_disks_include_all: false
# Threshold for all disks mounted
snmpd_disks_include_all_threshold_minpercent: '10%'
# List of disks
# snmpd_disks:
# - path: /dev/sda
# threshold: 69%
snmpd_disks: []
# Configure the Event MIB tables to monitor the various UCD-SNMP-MIB tables for problems
snmpd_default_monitors: true
# Configure the Event MIB tables to monitor the fTable for network interface being taken up or down, and triggering a linkUp or linkDown notification as appropriate
snmpd_link_up_down_notifications: true
# List of SNMPD extensions
# snmpd_extensions:
# - name: farts
# prog: /usr/local/bin/yolo
snmpd_extensions: []
```

+ 70
- 0
defaults/main.yml View File

@ -0,0 +1,70 @@
---
# Default packages for snmpd
snmpd_debian_packages:
- snmp
- snmpd
- snmp-mibs-downloader
snmpd_redhat_packages:
- net-snmp
- net-snmp-utils
# Should we start and enable the daemon
snmpd_enabled: True
# MIBs to load
snmpd_mibs: UCD-SNMP-MIB
# Default SNMPD options (use syslog, close stdin/out/err)
snmpd_opts: '-LS4d -Lf /dev/null -u snmp -g snmp -I -smux -p /var/run/snmpd.pid'
# Should we start and enable snmptrapd
snmpd_trapd_enabled: false
# Default options for snmptrapd (use syslog)
snmpd_trapd_opts: '-Lsd -p /var/run/snmptrapd.pid'
# Create a symlink on debian legacy location to official RFC path
snmpd_snmpd_compat: false
# Default listen on everything
snmpd_agent_address:
- 'udp:161'
- 'udp6:[::1]:161'
# List of networks to authorize
# snmpd_authorized_networks:
# - community: public
# network: 192.168.40.0/32
snmpd_authorized_networks: []
# System location
snmpd_sys_location: 'Unknown'
# System contact
snmpd_sys_contact: Root <root@localhost>
# System description, defaults on inventory hostname
snmpd_sys_description: "{{ inventory_hostname }}"
# Include all disks mounted on system
snmpd_disks_include_all: false
# Threshold for all disks mounted
snmpd_disks_include_all_threshold_minpercent: '10%'
# List of disks
# snmpd_disks:
# - path: /dev/sda
# threshold: 69%
snmpd_disks: []
# Configure the Event MIB tables to monitor the various UCD-SNMP-MIB tables for problems
snmpd_default_monitors: true
# Configure the Event MIB tables to monitor the fTable for network interface being taken up or down, and triggering a linkUp or linkDown notification as appropriate
snmpd_link_up_down_notifications: true
# List of SNMPD extensions
# snmpd_extensions:
# - name: farts
# prog: /usr/local/bin/yolo
snmpd_extensions: []

+ 6
- 0
handlers/main.yml View File

@ -0,0 +1,6 @@
---
- name: restart snmpd
service:
name: snmpd
state: restarted
when: '{{ snmpd_enabled }}'

+ 25
- 0
meta/main.yml View File

@ -0,0 +1,25 @@
galaxy_info:
role_name: snmpd
description: Install and configure SNMPD.
author: Dashie <dashie@sigpipe.me>
license: MIT
min_ansible_version: 2.5
github_branch: master
platforms:
- name: Debian
versions:
- all
- name: Ubuntu
versions:
- all
- name: EL
versions:
- all
galaxy_tags:
- system
- development
- monitoring
- snmp
- snmpd
dependencies: []

+ 8
- 0
tasks/main.yml View File

@ -0,0 +1,8 @@
---
- name: "{{ ansible_os_family }} Family"
include_tasks: "setup-{{ ansible_os_family }}.yml"
- name: "SNMPD Configuration"
include_tasks: snmpd.yml

+ 14
- 0
tasks/setup-Debian.yml View File

@ -0,0 +1,14 @@
---
- name: Ensure that HTTPS transport for APT is installed
apt:
name: "apt-transport-https"
state: present
when: ansible_distribution == 'Debian'
- name: Install SNMP Daemon
apt:
name: "{{ item }}"
state: present
with_flattened: '{{ snmpd_debian_packages }}'
when: ansible_distribution == 'Debian'

+ 8
- 0
tasks/setup-RedHat.yml View File

@ -0,0 +1,8 @@
---
- name: Install epel-release
yum:
name: "{{ item }}"
state: present
with_flattened: '{{ snmpd_redhat_packages }}'
when: ansible_distribution == 'RedHat'

+ 32
- 0
tasks/snmpd.yml View File

@ -0,0 +1,32 @@
- name: Setup /etc/default/snmpd.conf
template:
src: etc/default/snmpd.jinja2
dest: /etc/default/snmpd
owner: root
group: root
mode: 0644
notify: restart snmpd
when: ansible_distribution == 'Debian'
- name: Setup /etc/snmp/snmpd.conf
template:
src: etc/snmp/snmpd.jinja2
dest: /etc/snmp/snmpd.conf
owner: root
group: root
mode: 0600
notify: restart snmpd
- name: Enable and start SNMPD
service:
name: snmpd
state: "started"
enabled: True
when: snmpd_enabled
- name: Disable and stop SNMPD
service:
name: snmpd
state: "stopped"
enabled: False
when: not snmpd_enabled

+ 24
- 0
templates/etc/default/snmpd.jinja2 View File

@ -0,0 +1,24 @@
# {{ ansible_managed }}
# This file controls the activity of snmpd and snmptrapd
# Don't load any MIBs by default.
# You might comment this lines once you have the MIBs downloaded.
export MIBS={{ snmpd_mibs }}
# snmpd control (yes means start daemon).
SNMPDRUN={{ 'yes' if snmpd_enabled else 'no' }}
# snmpd options (use syslog, close stdin/out/err).
SNMPDOPTS='{{ snmpd_opts }}'
# snmptrapd control (yes means start daemon). As of net-snmp version
# 5.0, master agentx support must be enabled in snmpd before snmptrapd
# can be run. See snmpd.conf(5) for how to do this.
TRAPDRUN={{ 'yes' if snmpd_trapd_enabled else 'no' }}
# snmptrapd options (use syslog).
TRAPDOPTS='{{ snmpd_trapd_opts }}'
# create symlink on Debian legacy location to official RFC path
SNMPDCOMPAT={{ 'yes' if snmpd_snmpd_compat else 'no' }}

+ 43
- 0
templates/etc/snmp/snmpd.jinja2 View File

@ -0,0 +1,43 @@
# {{ ansible_managed }}
agentAddress {{ snmpd_agent_address | join(',') }}
view systemonly included .1.3.6.1.2.1.1
view systemonly included .1.3.6.1.2.1.25.1
{% if snmpd_authorized_networks is defined and snmpd_enabled %}
{% for item in snmpd_authorized_networks %}
rocommunity {{ item.community }} {{ item.network }}
{% if snmpd_trapd_enabled %}
trapcommunity {{ item.community }} {{ item.network }}
{% endif %}
{% endfor %}
{% endif %}
rocommunity public default -V systemonly
rouser authOnlyUser
sysLocation {{ snmpd_sys_location }}
sysContact {{ snmpd_sys_contact }}
sysDescr {{ snmpd_sys_description }}
sysServices 72
iquerySecName internalUser
rouser internalUser
{% if snmpd_disks_include_all %}
includeAllDisks {{ snmpd_disks_include_all_threshold_minpercent }}
{% endif %}
{% for snmpd_disk in snmpd_disks %}
disk {{ snmpd_disk.path }} {{ snmpd_disk.threshold }}
{% endfor %}
defaultMonitors {{ 'yes' if snmpd_default_monitors else 'no' }}
linkUpDownNotifications {{ 'yes' if snmpd_link_up_down_notifications else 'no' }}
{% for snmpd_extension in snmpd_extensions | default([]) %}
extend {{ snmpd_extension.name }} {{ snmpd_extension.prog }} {{ snmpd_extension.args | default([]) | join(' ') }}
{% endfor %}
master agentx

Loading…
Cancel
Save