diff --git a/base.yml b/base.yml index dc3c2dc..cb83112 100644 --- a/base.yml +++ b/base.yml @@ -1,12 +1,12 @@ --- # Put a common configuration on all servers -- hosts: all +- hosts: all,!unifi roles: - baseconfig - basesecurity # Plug LDAP on all servers -- hosts: all +- hosts: all,!unifi roles: - ldap-client diff --git a/hosts b/hosts index 27def90..d65e07f 100644 --- a/hosts +++ b/hosts @@ -32,12 +32,18 @@ marki.adm.auro.re [fleming_vm] ldap-replica-fleming.adm.auro.re +ldap-replica-fleming-fo.adm.auro.re dhcp-fleming.adm.auro.re +dhcp-fleming-fo.adm.auro.re dns-fleming.adm.auro.re +dns-fleming-fo.adm.auro.re prometheus-fleming.adm.auro.re +prometheus-fleming-fo.adm.auro.re radius-fleming.adm.auro.re +radius-fleming-fo.adm.auro.re unifi-fleming.adm.auro.re routeur-fleming.adm.auro.re +routeur-fleming-fo.adm.auro.re [fleming_unifi] fa-0-1.borne.auro.re @@ -145,12 +151,18 @@ titan.adm.auro.re [pacaterie_vm] ldap-replica-pacaterie.adm.auro.re +ldap-replica-pacaterie-fo.adm.auro.re dhcp-pacaterie.adm.auro.re +dhcp-pacaterie-fo.adm.auro.re dns-pacaterie.adm.auro.re +dns-pacaterie-fo.adm.auro.re prometheus-pacaterie.adm.auro.re +prometheus-pacaterie-fo.adm.auro.re radius-pacaterie.adm.auro.re +radius-pacaterie-fo.adm.auro.re unifi-pacaterie.adm.auro.re routeur-pacaterie.adm.auro.re +routeur-pacaterie-fo.adm.auro.re [pacaterie_unifi] pc-1-1.borne.auro.re @@ -189,12 +201,18 @@ chapalux.adm.auro.re [edc_vm] ldap-replica-edc.adm.auro.re +ldap-replica-edc-fo.adm.auro.re dhcp-edc.adm.auro.re +dhcp-edc-fo.adm.auro.re dns-edc.adm.auro.re +dns-edc-fo.adm.auro.re prometheus-edc.adm.auro.re +prometheus-edc-fo.adm.auro.re radius-edc.adm.auro.re +radius-edc-fo.adm.auro.re unifi-edc.adm.auro.re routeur-edc.adm.auro.re +routeur-edc-fo.adm.auro.re [edc_unifi] ep-0-1.borne.auro.re @@ -204,12 +222,18 @@ perceval.adm.auro.re [georgesand_vm] ldap-replica-georgesand.adm.auro.re +ldap-replica-georgesand-fo.adm.auro.re dhcp-georgesand.adm.auro.re +dhcp-georgesand-fo.adm.auro.re dns-georgesand.adm.auro.re +dns-georgesand-fo.adm.auro.re prometheus-georgesand.adm.auro.re +prometheus-georgesand-fo.adm.auro.re radius-georgesand.adm.auro.re +radius-georgesand-fo.adm.auro.re unifi-georgesand.adm.auro.re routeur-georgesand.adm.auro.re +routeur-georgesand-fo.adm.auro.re [georgesand_unifi] ga-0-1.borne.auro.re diff --git a/monitoring.yml b/monitoring.yml index f58cca1..2f26803 100644 --- a/monitoring.yml +++ b/monitoring.yml @@ -1,6 +1,8 @@ --- -- hosts: prometheus-fleming.adm.auro.re +- hosts: prometheus-fleming.adm.auro.re,prometheus-fleming-fo.adm.auro.re vars: + prometheus_alertmanager: docker-ovh.adm.auro.re:9093 + # Prometheus targets.json prometheus_targets: - targets: | @@ -9,10 +11,11 @@ - targets: "{{ groups['fleming_unifi'] | list | sort }}" roles: - prometheus - - prometheus-alertmanager -- hosts: prometheus-pacaterie.adm.auro.re +- hosts: prometheus-pacaterie.adm.auro.re,prometheus-pacaterie-fo.adm.auro.re vars: + prometheus_alertmanager: docker-ovh.adm.auro.re:9093 + # Prometheus targets.json prometheus_targets: - targets: | @@ -21,10 +24,11 @@ - targets: "{{ groups['pacaterie_unifi'] | list | sort }}" roles: - prometheus - - prometheus-alertmanager -- hosts: prometheus-edc.adm.auro.re +- hosts: prometheus-edc.adm.auro.re,prometheus-edc-fo.adm.auro.re vars: + prometheus_alertmanager: docker-ovh.adm.auro.re:9093 + # Prometheus targets.json prometheus_targets: - targets: | @@ -33,10 +37,11 @@ - targets: "{{ groups['edc_unifi'] | list | sort }}" roles: - prometheus - - prometheus-alertmanager -- hosts: prometheus-georgesand.adm.auro.re +- hosts: prometheus-georgesand.adm.auro.re,prometheus-georgesand-fo.adm.auro.re vars: + prometheus_alertmanager: docker-ovh.adm.auro.re:9093 + # Prometheus targets.json prometheus_targets: - targets: | @@ -45,7 +50,6 @@ - targets: "{{ groups['georgesand_unifi'] | list | sort }}" roles: - prometheus - - prometheus-alertmanager # Monitor all hosts - hosts: all,!unifi,!ovh diff --git a/proxmox.yml b/proxmox.yml index a0fef88..8aa56fb 100644 --- a/proxmox.yml +++ b/proxmox.yml @@ -69,6 +69,43 @@ disksize: 16 # G installiso: debian-10.0.0-amd64-netinst.iso + - name: ldap-replica-fleming-fo + virtu: marki + cores: 2 # 2 mimimum, 10 maximum + memory: 1024 # M + disksize: 16 # G + installiso: debian-10.0.0-amd64-netinst.iso + - name: dhcp-fleming-fo + virtu: marki + cores: 2 # 2 mimimum, 10 maximum + memory: 1024 # M + disksize: 16 # G + installiso: debian-10.0.0-amd64-netinst.iso + - name: dns-fleming-fo + virtu: marki + cores: 2 # 2 mimimum, 10 maximum + memory: 1024 # M + disksize: 16 # G + installiso: debian-10.0.0-amd64-netinst.iso + - name: prometheus-fleming-fo + virtu: marki + cores: 2 # 2 mimimum, 10 maximum + memory: 1024 # M + disksize: 16 # G + installiso: debian-10.0.0-amd64-netinst.iso + - name: radius-fleming-fo + virtu: marki + cores: 2 # 2 mimimum, 10 maximum + memory: 1024 # M + disksize: 16 # G + installiso: debian-10.0.0-amd64-netinst.iso + - name: routeur-fleming-fo + virtu: marki + cores: 2 # 2 mimimum, 10 maximum + memory: 1024 # M + disksize: 16 # G + installiso: debian-10.0.0-amd64-netinst.iso + # Réseau Pacaterie - name: ldap-replica-pacaterie virtu: mordred @@ -113,6 +150,43 @@ disksize: 16 # G installiso: debian-10.0.0-amd64-netinst.iso + - name: ldap-replica-pacaterie-fo + virtu: titan + cores: 2 # 2 mimimum, 10 maximum + memory: 1024 # M + disksize: 16 # G + installiso: debian-10.0.0-amd64-netinst.iso + - name: dhcp-pacaterie-fo + virtu: titan + cores: 2 # 2 mimimum, 10 maximum + memory: 1024 # M + disksize: 16 # G + installiso: debian-10.0.0-amd64-netinst.iso + - name: dns-pacaterie-fo + virtu: titan + cores: 2 # 2 mimimum, 10 maximum + memory: 1024 # M + disksize: 16 # G + installiso: debian-10.0.0-amd64-netinst.iso + - name: prometheus-pacaterie-fo + virtu: titan + cores: 2 # 2 mimimum, 10 maximum + memory: 1024 # M + disksize: 16 # G + installiso: debian-10.0.0-amd64-netinst.iso + - name: radius-pacaterie-fo + virtu: titan + cores: 2 # 2 mimimum, 10 maximum + memory: 1024 # M + disksize: 16 # G + installiso: debian-10.0.0-amd64-netinst.iso + - name: routeur-pacaterie-fo + virtu: titan + cores: 2 # 2 mimimum, 10 maximum + memory: 1024 # M + disksize: 16 # G + installiso: debian-10.0.0-amd64-netinst.iso + # Réseau EDC - name: ldap-replica-edc virtu: chapalux diff --git a/roles/prometheus-alertmanager/handlers/main.yml b/roles/prometheus-alertmanager/handlers/main.yml deleted file mode 100644 index 3ddbf93..0000000 --- a/roles/prometheus-alertmanager/handlers/main.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -- name: Restart Prometheus Alertmanager - service: - name: prometheus-alertmanager - state: restarted diff --git a/roles/prometheus-alertmanager/tasks/main.yml b/roles/prometheus-alertmanager/tasks/main.yml deleted file mode 100644 index b65a295..0000000 --- a/roles/prometheus-alertmanager/tasks/main.yml +++ /dev/null @@ -1,14 +0,0 @@ ---- -- name: Install Prometheus Alertmanager - apt: - update_cache: true - name: prometheus-alertmanager - register: apt_result - retries: 3 - until: apt_result is succeeded - -- name: Configure Prometheus Alertmanager - template: - src: prometheus/alertmanager.yml.j2 - dest: /etc/prometheus/alertmanager.yml - notify: Restart Prometheus Alertmanager diff --git a/roles/prometheus-alertmanager/templates/prometheus/alertmanager.yml.j2 b/roles/prometheus-alertmanager/templates/prometheus/alertmanager.yml.j2 deleted file mode 100644 index d25fbd6..0000000 --- a/roles/prometheus-alertmanager/templates/prometheus/alertmanager.yml.j2 +++ /dev/null @@ -1,62 +0,0 @@ -# {{ ansible_managed }} -# See https://prometheus.io/docs/alerting/configuration/ for documentation. - -global: - # The smarthost and SMTP sender used for mail notifications. - smtp_smarthost: 'localhost:25' - smtp_from: 'alertmanager@example.org' - #smtp_auth_username: 'alertmanager' - #smtp_auth_password: 'password' - # The auth token for Hipchat. - hipchat_auth_token: '1234556789' - # Alternative host for Hipchat. - hipchat_api_url: 'https://hipchat.foobar.org/' - -# The directory from which notification templates are read. -templates: -- '/etc/prometheus/alertmanager_templates/*.tmpl' - -# The root route on which each incoming alert enters. -route: - # The labels by which incoming alerts are grouped together. For example, - # multiple alerts coming in for cluster=A and alertname=LatencyHigh would - # be batched into a single group. - group_by: ['instance'] # group per instance - - # When a new group of alerts is created by an incoming alert, wait at - # least 'group_wait' to send the initial notification. - # This way ensures that you get multiple alerts for the same group that start - # firing shortly after another are batched together on the first - # notification. - group_wait: 30s - - # When the first notification was sent, wait 'group_interval' to send a batch - # of new alerts that started firing for that group. - group_interval: 5m - - # If an alert has successfully been sent, wait 'repeat_interval' to - # resend them. - repeat_interval: 12h - - # A default receiver - receiver: webhook - - -# Inhibition rules allow to mute a set of alerts given that another alert is -# firing. -# We use this to mute any warning-level notifications if the same alert is -# already critical. -inhibit_rules: -- source_match: - severity: 'critical' - target_match: - severity: 'warning' - # Apply inhibition if the alertname is the same. - equal: ['alertname', 'cluster', 'service'] - - -receivers: -- name: 'webhook' - webhook_configs: - - url: 'http://URL A METTRE ICI VERS WEBHOOK DISCORD TODO/' - send_resolved: true diff --git a/roles/prometheus/templates/prometheus/prometheus.yml.j2 b/roles/prometheus/templates/prometheus/prometheus.yml.j2 index 19c64ef..31df6bd 100644 --- a/roles/prometheus/templates/prometheus/prometheus.yml.j2 +++ b/roles/prometheus/templates/prometheus/prometheus.yml.j2 @@ -15,7 +15,7 @@ global: alerting: alertmanagers: - static_configs: - - targets: ['localhost:9093'] + - targets: ['{{ prometheus_alertmanager }}'] # Load rules once and periodically evaluate them according to the global 'evaluation_interval'. rule_files: