sheppy/no-secrets-athq-ansible
1
0
Fork 0
mirror of https://github.com/FAUSheppy/no-secrets-athq-ansible synced 2025-12-09 13:18:34 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

feat: icinga mail notifications

Browse Source
This commit is contained in:
Johnathen Sheppard
2023-03-15 16:40:20 +01:00
parent e3953b1810
commit 9d51c3fa74
7 changed files with 70 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
roles/mail/files/opendkim/trusted.hosts
View File

@@ -2,3 +2,4 @@
localhost localhost
atlantishq.de atlantishq.de
192.168.122.112 192.168.122.112
192.168.122.107

2
roles/mail/files/policy-spf/policyd-spf.conf
View File

@@ -12,5 +12,5 @@ Mail_From_reject = False
PermError_reject = False PermError_reject = False
TempError_Defer = False TempError_Defer = False
skip_addresses = 127.0.0.0/8,::ffff:127.0.0.0/104,::1,192.168.122.112 skip_addresses = 127.0.0.0/8,::ffff:127.0.0.0/104,::1,192.168.122.112,192.168.122.107

12
roles/monitoring-master/tasks/icinga.yaml
View File

@@ -90,6 +90,18 @@
notify: notify:
- restart icinga - restart icinga
- name: Template icinga configuration
template:
src: "{{ item }}"
dest: /etc/icinga2/conf.d/
owner: root
group: nagios
mode: 0640
with_items:
- mail_notifications.conf
notify:
- restart icinga
- name: Change icinga log level - name: Change icinga log level
lineinfile: lineinfile:
path: /etc/icinga2/features-enabled/mainlog.conf path: /etc/icinga2/features-enabled/mainlog.conf

11
roles/monitoring-master/tasks/icinga_postfix.yaml Normal file
View File

@@ -0,0 +1,11 @@
- name: install postfix
apt:
pkg:
- postfix
- name: copy postfix config
template:
src: postfix_main.cf
dest: /etc/postfix/main.cf
notify:
- restart postfix

7
roles/monitoring-master/tasks/main.yaml
View File

@@ -5,6 +5,13 @@
- icinga - icinga
- monitoring-master - monitoring-master
- name: Postfix/Mail for icinga
include: icinga_postfix.yaml
when: monitoring_master
tags:
- icinga
- monitoring-master
- name: Grafana.yaml - name: Grafana.yaml
include: icinga.yaml include: icinga.yaml
when: monitoring_master when: monitoring_master

25
roles/monitoring-master/templates/mail_notifications.conf Normal file
View File

@@ -0,0 +1,25 @@
apply Notification "mail-icingaadmin" to Host {
import "mail-host-notification"
user_groups = host.vars.notification.mail.groups
users = host.vars.notification.mail.users
interval = 2h
vars.notification_logtosyslog = true
vars.notification_from = "Icinga <{{ smtp_service_user }}@atlantishq.de>"
assign where host.vars.notification.mail
}
apply Notification "mail-icingaadmin" to Service {
import "mail-service-notification"
user_groups = host.vars.notification.mail.groups
users = host.vars.notification.mail.users
interval = 2h
vars.notification_logtosyslog = true
vars.notification_from = "Icinga <{{ smtp_service_user }}@atlantishq.de>"
assign where host.vars.notification.mail
}

13
roles/monitoring-master/templates/postfix_main.cf Normal file
View File

@@ -0,0 +1,13 @@
# Set username and password
smtp_sasl_password_maps = static:{{ smtp_service_user }}:{{ smtp_service_pass }}
smtp_sasl_security_options = noanonymous
# Turn on tls encryption
# smtp_tls_security_level = encrypt
header_size_limit = 4096000
# Set external SMTP relay host here IP or hostname accepted along with a port number.
relayhost = {{ smtp_internal_host }}:25
# accept email from our web-server only (adjust to match your VPC/VLAN etc)
inet_interfaces = 127.0.0.1