main.yml 6.15 KB
Newer Older
1 2 3
---

- name: Install Nagios
4
  yum: name=nagios state=latest enablerepo=nagios
5
  tags: install
6

7 8
- name: Install pnp4nagios
  yum: name=pnp4nagios state=latest
9
  tags: install
10 11 12 13 14 15

- name: Install Apache and mod_ssl
  yum: name={{ item }} state=latest
  with_items:
    - httpd
    - mod_ssl
16
  tags: install
17 18 19 20

- name: Install fetch-crl
  yum: name=fetch-crl state=latest
  when: ca_bundle_install
21
  tags: install
22

23 24
- name: Install NCG and MSG conponents
  yum: name={{ item.name }} state=latest enablerepo={{ item.repo }}
25
  with_items: nagios_components
26
  tags: install
27

28 29 30
- name: Install Nagios plugins
  yum: name={{ item.name }} state=latest enablerepo={{ item.repo }}
  with_items: nagios_plugins
31
  tags: install
32

33 34 35 36
- name: Copy nagios.cfg file
  template: src=nagios.cfg.j2
            dest=/etc/nagios/nagios.cfg
            owner=nagios group=nagios mode=0644
37
  notify: reload nagios
38
  tags: config
39 40 41 42 43 44

- name: Copy cgi.cfg file
  template: src=cgi.cfg.j2
            dest=/etc/nagios/cgi.cfg
            owner=nagios group=nagios mode=0644
  notify: reload nagios
45
  tags: config
46

47 48
#FIXME: Make this tenant unaware
- name: Copy ncg.conf file for EGI
49
  template: src=ncg.conf.j2
50 51
            dest=/etc/argo-ncg/ncg.conf
            owner=root group=root
52
  when: tenant_name|lower == "egi"
53
  notify: reload nagios
54
  tags: config
55 56 57

- name: Copy ncg.conf file for EUDAT
  template: src=ncg.conf.eudat.j2
58 59
            dest=/etc/ncg/ncg.conf
            owner=root group=root
60
  when: tenant_name|lower == "eudat"
61
  notify: reload nagios
62
  tags: config
63

64 65 66 67 68
- name: Copy argo-voms-htpasswd.conf file
  template: src=argo-voms-htpasswd.conf.j2
            dest=/etc/argo-voms-htpasswd/argo-voms-htpasswd.conf
            owner=root group=root
  when: voms_htpasswd is defined
69
  tags: config
70 71

#FIXME: Temp workaround for tenants without BDII infrastructure.
72 73 74 75
- name: Copy broker-list file
  template: src=broker-list.j2
            dest=/var/cache/msg/broker-cache-file/broker-list
            owner=root group=root mode=0644
76
  when: broker_host is defined
77
  tags: config
78 79 80 81 82 83 84
##

- name: Copy argo-msg-cache file
  template: src=argo-msg-cache.conf.j2
            dest=/etc/argo-msg-cache.conf
            owner=root group=root
  when: lcg_gfal_infosys is defined and broker_network is defined
85 86 87 88 89 90 91 92
  tags: config

- name: Create unicore log dir
  file: path=/var/log/unicore
        state=directory 
        owner=nagios group=nagios mode=0755
  when: enable_unicore_probes is defined and enable_unicore_probes == "1"
  tags: config
93

94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120
- name: Copy ucc.config file for unicore
  template: src=ucc.config.j2
            dest=/etc/nagios/unicore/ucc.config
            owner=nagios group=nagios mode=0400
  when: enable_unicore_probes is defined and enable_unicore_probes == "1"
  tags: config

- name: Copy scripts for unicore credentials
  template: src={{ item }}.j2
            dest=/usr/local/bin/{{ item }} 
            owner=root group=root mode=0744
  with_items:
    - unicore_jks.sh
    - unicore_ks.sh
    - unicore_ts.sh
  when: enable_unicore_probes is defined and enable_unicore_probes == "1"
  tags: config

- name: Execute scripts for unicore credentials
  command: /usr/local/bin/{{ item }}
  with_items:
    - unicore_jks.sh
    - unicore_ks.sh
    - unicore_ts.sh
  when: enable_unicore_probes is defined and enable_unicore_probes == "1"
  tags: config

121
- name: Create vomses dir
122
  file: path=/etc/vomses 
123 124 125
        state=directory 
        owner=root group=root mode=0755
  when: vomses is defined
126
  tags: config
127 128 129 130 131 132 133

- name: Copy vomses files
  template: src=vomses.j2
            dest=/etc/vomses/{{ item.name }}
            owner=root group=root mode=0644
  when: vomses is defined
  with_items: vomses
134
  tags: config
135 136

- name: Create voms lsc dir
137
  file: path=/etc/grid-security/vomsdir/{{ item.vo }}
138 139 140 141
        state=directory 
        owner=root group=root mode=0755
  when: vomses is defined
  with_items: vomses
142
  tags: config
143 144

- name: Create voms lsc files
145
  template: src=voms_lsc.j2
146 147 148 149
            dest=/etc/grid-security/vomsdir/{{ item.vo }}/{{ item.server }}.lsc
            owner=root group=root mode=0644
  when: vomses is defined
  with_items: vomses
150
  tags: config
151 152 153 154

- name: Create sha checksum for dashboard config
  shell: echo -n {{ nagios_server }} | sha1sum | cut -f1 -d' '
  register: sha
155
  tags: config
156 157 158 159 160 161
  
- name: Create dashboard config for msg-to-handler
  template: src=dashboard.conf.j2
            dest=/etc/msg-to-handler.d/DASHBOARD.conf
            owner=root group=root mode=0644
  when: send_to_dashboard is defined and send_to_dashboard == "1"
162
  tags: config
163 164 165 166 167 168

- name: Create apel config for msg-to-handler
  template: src=apel.conf.j2
            dest=/etc/msg-to-handler.d/APEL.conf
            owner=root group=root mode=0644
  when: send_to_apel is defined and send_to_apel == "1"
169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193
  tags: config

- name: Create a cron job to restart apache 
  cron: name=restart_httpd 
        user="root"
        minute="53" hour="2,8,14,20" 
        job="( /sbin/service httpd status && /sbin/service httpd graceful ) > /dev/null 2>&1" 
  when: ca_bundle_install
  tags: config

- name: create apache nagios conf
  template: src=nagios_apache.conf.j2
            dest=/etc/httpd/conf.d/nagios.conf
            owner=root group=root mode=0644
  notify: reload httpd
  when: configure_nagios_apache
  tags: config

- name: create apache ssl conf
  template: src=ssl.conf.j2
            dest=/etc/httpd/conf.d/ssl.conf
            owner=root group=root mode=0644
  notify: reload httpd
  when: configure_apache_ssl
  tags: config
194

195 196 197 198 199
- name: Enable nagios and httpd on boot and start service
  service: name={{ item }} state=started enabled=yes
  with_items:
    - nagios
    - httpd
200
  tags: config
201

202 203 204
- name: Start fetch-crl cron
  service: name=fetch-crl-cron state=started enabled=yes
  when: ca_bundle_install
205
  tags: config
206 207 208 209 210

- name: Start fetch-crl boot
  service: name=fetch-crl-boot state=started enabled=no
  when: ca_bundle_install
  ignore_errors: yes
211
  tags: config
212 213 214 215

- name: Enable argo-voms-htpasswd on boot and start service
  service: name=argo-voms-htpasswd state=started enabled=yes
  when: voms_htpasswd is defined
216
  tags: config
217 218 219

- name: Enable argo-msg-cache on boot and start service
  service: name=argo-msg-cache state=started enabled=yes
220 221 222
  when: lcg_gfal_infosys is defined
  tags: config