Compare commits

..

1 commit

Author SHA1 Message Date
7b24bc3d33 Set ask_vault_pass in ansible.cfg
Some checks failed
continuous-integration/drone/push Build is failing
2021-12-16 06:02:46 +01:00
35 changed files with 525 additions and 1430 deletions

View file

@ -1,16 +1,32 @@
[defaults] [defaults]
ask_vault_pass = True ask_vault_pass = True
# Explicitly redefine some defaults to make subfolder execution work
roles_path = ./roles roles_path = ./roles
# Do not create .retry files
retry_files_enabled = False retry_files_enabled = False
# Use inventory
inventory = ./hosts inventory = ./hosts
filter_plugins = ./filter_plugins
# Custom header in templates
ansible_managed = Ansible managed, modified on %Y-%m-%d %H:%M:%S ansible_managed = Ansible managed, modified on %Y-%m-%d %H:%M:%S
# Do not use cows (with cowsay)
nocows = 1 nocows = 1
# Do more parallelism
forks = 15 forks = 15
# Some SSH connection will take time
timeout = 60 timeout = 60
remote_user = root remote_user = root
[diff] [diff]
# TO know what changed
always = yes always = yes
[ssh_connection] [ssh_connection]

20
copy-keys.sh Executable file
View file

@ -0,0 +1,20 @@
#!/bin/bash
set -e
# Grab valid unique hostnames from the Ansible inventory.
HOSTS=$(grep -ve '^[#\[]' hosts \
| grep -F adm.auro.re \
| sort -u)
# Ask password
read -s -p "Hello adventurer, what is your LDAP password? " passwd
echo
for host in $HOSTS; do
echo "[+] Handling host $host"
# sshpass can be used for non-interactive password authentication.
# place your password in ldap-password.txt.
SSHPASS=${passwd} sshpass -v -e ssh-copy-id "$host"
done

View file

@ -1,40 +0,0 @@
import ipaddress
from operator import attrgetter
import dns.name
class FilterModule:
def filters(self):
return {
"remove_domain_suffix": remove_domain_suffix,
"ipaddr_sort": ipaddr_sort,
}
def remove_domain_suffix(name):
parent = dns.name.from_text(name).parent()
return parent.to_text()
def ipaddr_sort(addrs, types, unknown_after=True):
check_types = {
"global": attrgetter("is_global"),
"link-local": attrgetter("is_link_local"),
"loopback": attrgetter("is_loopback"),
"multicast": attrgetter("is_multicast"),
"private": attrgetter("is_private"),
"reserved": attrgetter("is_reserved"),
"site_local": attrgetter("is_site_local"),
"unspecified": attrgetter("is_unspecified"),
}
def addr_weight(addr):
if isinstance(addr, str):
addr = ipaddress.ip_address(addr.split("/")[0])
for index, ty in enumerate(types):
if check_types[ty](ipaddress.ip_address(addr)):
return index
return len(types) if unknown_after else -1
return sorted(addrs, key=addr_weight)

View file

@ -1,246 +1,230 @@
$ANSIBLE_VAULT;1.1;AES256 $ANSIBLE_VAULT;1.1;AES256
64313161633263303464663933363265373935633862653634643862343232643432343966376438 65373963396531336261373035633764306536393163326639653862313237663632303234303030
6134633764383937373966346538306530316539303966320a363035303038616435383366656532 3134363462353264313465393164343962313734623030610a393135613466646335643936636463
39346463396563626166333362306464343836386365303836356461323663633831636562393039 37613730666163383334353532663232333735366134656331633631663166613434666230383736
3832636432626238350a666566323435623834396166656233306639333830343130326265616234 6330323336636531610a623138623965366566313538373865633337383231633533663535383065
61666365663963643437386530363261306438376665386463376366363662656161316263303831 64663935353733383739663437383031346663626634343163313333396163623133336661313861
61393136363934316462616131326463333736656136643038623061313363386538393833663637 31366661326337383231656130303263626162303462393137386335323937653832333630623732
36373565333566306632313865646538633532393731313430633462666334323762653337383338 61666264613736333062303036303536366462343138323263326462326435316231653265343039
63313433333835653366363061343839326131666139346563306366656365316663333438363837 36333835646231323339656231366561373033363630656365613463653038313866323261393061
33323165353936343165646464306434303161313139653561346461653537616164623434376534 39366263656365613164633432336637326430306636336132373765316538313639313064643662
33666662343734633766356230383761353239333632613031396365346536373432363433633564 36303134326530363966313034333264366332376161336138613936383530643232616132303761
61633762393033343336373864653438336436613630366539333731383336346665313732396265 62633966353037376539326637383036663932663236393433383432666266366236306564643061
32356138666135383562656366353131366436363464643630656130303437623131333239386363 62393564303431386339363537353332666135376261346138333339303666343134333134313335
66373866393064306565306565386230373638633733326661333065633136633130323963323765 33326461353431326232386363383231343632363262373130626335386236633364363934363331
30353262323835313365383562326363343965636634376133613331363133313030346561653931 62386237333135626138343462663064653464363134376431353963656137326437656236613235
39363636636235646131353034663861336362383263613165323230366439383561653165363764 39383636303831313937376566316235643637653133396632336561343531383639316435343039
65366130623362623539393461363832353435616266393036386439303834316635366438393936 63636462636630356535363031353661333238346266313263323335363031663666633461363539
33383933366262636232383066663130383965306137356363363539633661373664613738336539 63656534343461663037303336663938613534356536333434613531633638316666326165316434
31363131616135623039346465623530376533386263343836376662316562386530336266303062 63313731636363333530636533313061303730396166313830396139623764363835363838353935
64386531303938623939653635313163633261336339366139666135323130653862346132646636 39373839333536386462333233363737373134393637653562363731616132393131353866366434
30363065303235346331333434653331646333616337623562643564366435613938643235333664 61633239316661616466336234376132393537646164323136366632383161343936336362613030
30626164373030303237656366623631396138333265383566333664663061613536666363623630 39363066643864313339393966343632323261376232363563323165343339643933646362633337
61623362383439636239336234333161366635306432363230366630383836326330343932303863 35636337396631613966333739636163323466333763376533653565343833343164326166366137
39393232373831363863333332636362396639663831656266336430313837666463336439353332 37633164356439396234383661643330313363353531653738313663306636393937373866636630
63303036633433323439613535326663633332346565646338353761363733643766363132666365 32373664643339343333653139656333653036376132333437323134646135626663663736396334
34303865656262303563323665363730663062626537363461646363636461633762663237366366 36613333646133646130656237396665306130613333373466336464656138316331636137373263
64393133656464643065633634313261336662646435313735306266316132636530393631353830 38633230313463343330373735626666616635343233623862393363333933303738623635373832
61303939373363323131316463333136326365333430626266376636356130396239323464353937 30626231333838313138346634363766393139643835343766343032653338653236306531343130
64616232373532396334343433636332353530386662633164353235626361623164313039336666 63363266333839333938663734666465663931663637383338333731383730666564343762663733
31636434666437393839393133633961373139313663616366373239386163623064373836376164 31363733663331393935346432303930373633626464656333396530393636623636656237326633
62316638366366376134386231306435616138656461373633393339653532363434393834393430 30373535376438343662616566313765623933373563623634643739393264313535303933343362
37363335623934306661333135343266663464623438353665613330356236323036363139643064 33333561383666396531653264383334616539653762633638313363303962656161326435346464
62383934363465316338393065383935646134353230376131613935613431656333383565353134 64366336643963306265353237663561363833363733636566393063346631333139373739626135
34643866353131653061623236306536363163373639396564336434653839346263303930633663 65303364333531353737393530383562663235376233333664386631626666663030386166343332
39393935636235313431303032336361313730373238333732626465346662363038636361383631 62386630643834356437373534353562333563353236623065353563383065636261333865613163
65393433346363366337383233646166306339653533646632623262376630383265393438326135 38363839663864663837303936636436316466313563356463343934653739636336623466623562
31643039333835666338383762336163336337343532393063323165636531353361613731363065 65623763373061336435666336306134333930306530363761303136626536633665623363626135
65303637396332613432663636326334646635346237396461636366356133303333306239393739 39356333353165343538313764643965633936646633656233323534326532373736383135643339
34353966653662346230383865643231313239626533643761366162613164333132373636623237 31653738386336336531656136306662386138653333363335613763383934393538373338383462
32356335643766646266646266633366363165373861306433316561363166363865303133633939 39393937663339623031306237343134613465623563333330386138323263346365333233373038
34633132343438363034323638376666313061383965323566646463653163313235373364386666 39346365353235343563326466646237353162383161386535383432306163383962623336616163
62393865373137343237306637363536383939303833663532396333313931336162333837613935 33656431383339633962326266336636646134663931313138336531303631323730336537656338
66383266343735396337663936333162323738383264376533316536376563396333343263643931 65303739616162363166326336396338386361373537346162373364626138393931633334633066
65646535363337373865353265306434356432353066656665366638353331366334366339613538 66326361613139613466303266323331353338316264613532363964636635303561666436343130
32373637633564613861626538373365336362313434633137613966353861393462623862663330 35613063333061646431613864663738646235616638353965643861316663643334616236643936
64386431373066306334383863366133333564373163386433313231363366393830343230323734 63393138346161663466306463313239366662646136626332663234396533306366326231613731
61633962356637326538336663386330653563353763663236623539363630626363323237333237 35313864336265653838366661376436646635393861616531653263373238366531646236386438
30656139626561313064323330373032323031343137366638303966313832646365666238326337 31653430363731613632666634373261363961323661313066383434636535323635353337663665
63306363613361653933306234386163383837666430616663383664386563323839326232383761 37386464633132653838386261313736323763376466393632633430663630333231633966303566
35373539626438356539393266653864353066633365383437623437356464383335383039343137 62643530356664633763383833376163353065643361353961356139356432616237376265636338
61373539343631373932373033656233323964353666626162386537616333366562346265656238 32333833343366333131626564376562346561393238396134396130653864366662386563643333
35396130356166303564303036383664656435626534303064653363316464616335303965376330 39363965653362323739363834613763323734663664386461373363656231616562626266383065
61646638383138323265313631613037396561626162306661653231646230343139656135333236 34653064346536396561646232383633333363663366636561653365366531623130353332363833
63303838316266333665636335663361656262353066666430656162323236633564313337353665 39636433646330623062313238623533636536303030396136633336623961636666306630316639
35363565303736633564356632346632343832363934343962313030646132663566346664313632 38623239623430313839353032623136356633333036353062313130623361373133346236333939
38393061613163356265643434626166393366366634343032626637333332316361663639623534 66656638653935346465393263316433313733353730646238346263396139646435333761613766
62323239373639393337373537646232663531653835356165313264663561623633633830373734 33656134346135643566643361366633653639373035333964663538313138323466346262666134
31336234613633666538373961626430316530346462343061323661353564323938353338373961 62633539303164313466306236653465343163393464333439643037323964306134386361643763
64616637303734303333626166306330613238646265636136653939363936356165356232396436 61356564656435643834373332316435626434326635633231346263626636393061386238386562
65353731633836363433616534636330663565643561363233396538386430393964353433616437 30363061376666633831363833636265656533336339396234643636313237663664613963646263
36343936313936303165396236393463646363383338366238363961666530623335653234656139 32663036386162633133623266613830613135656238316234323565343239376330613962653236
65346337663437623134376137326166323933613861663032623965643538343638376234316232 38393239653365383061653731383939643335633438663630653132326536653230386532353466
36333065323234663263343630353739313661373536316162366532336438373263303730626464 63656339646235336530626266336536396565666436653764633231356663613231653134396465
38613136393166626663636631363064303736666235333036616435373063363762666565363136 35333938336338653334633866366231326162663365626535396264366630386263666162393166
38333966303831313333613831313132633062616235353365313533386236613338373130303836 31363162633939373932313133346664336164643463666562646566393135616231393366353762
61326262313833306437366364316433393931353265326131653563656131333436376338613266 64636135373333333432356534383464636164346265323362393735303238633666393066313161
39326632613366666136643137303635336631353230396435313537656366326239626362313833 35616135363764633432373037356531373530346330336232383438313031653138303661326330
62653039343261613265306362323234623264366664306561663839306631663465303962386462 66626337663232316133623338653437376231656361393134333366323733626431323636363631
39353934643562383762623937643034383534393962333466613636346637323235346438666636 65646362366262333930653066393866353563363138323366303262396566633032666366303232
31613838313535666166663063373333653439313035346266666463623666613837313933623837 39366632643865653935626366386138346438333135653866353536303064666331386362336163
63343565663739393764353761316432626237346234663032316131306262356233333439323961 32346139336536346262643365313964303531626637623330313238356263376136653561366337
38646664383030303832646563393836643135303731306435383338623633626638306165386637 30356561313161313261323937336165306231366163333965656230623866633837663261653562
65393238653464623032336437643838333932366131656332333165376261383539386466343139 37363735383732333264623261663432663238376163363361343939643733626333346561343763
65613733383837323832303738363664653138613830376333363038383839623463623631666237 32363437333364336561316162613163326530363338633739653536353236366438646464626561
63363263396533353763373934373034643763376665316638353435663635346135333265363235 35663437356537663636626461303738343065393661383830346233313139343537663136666164
62663432343935343964626432353563313036303761393039386231343530663737633466643035 36353131353261626234313434616333653238666638663538636666376162306233303361383166
65343835353037643539316439666666633866356530363237373230373439373133313337653237 36623865346562643937383533656230333030336261356138373363363130386665663064333935
66613631373637313534353862653437393234363365323032393035376438616264336661616262 32313030626366653838363664613637396532376466643363386538383438353231363132366134
37336435326135373065353564383637626637343532396331623334643139386364316431376435 65623233303638323961633362303964326136646138343930666136313661383364313431633739
36356566363033636539363430356565373039363863396565643730656531346364626334393436 38396335323032643536616365323439633837363138623432326464653264323131633661633665
33343839303538383530363231366166623233333730323163323432373831313639626337346230 35313934646165366265663133306564613831333536306339353937653831646563336461316132
30333930333064393337616564386163623436613933623466353933393733346339383534633239 35343964383437626536613236343436333637346436663165636365383930653365633331353365
30633365313364666566643533326163336330323232353533316633313739343035383465376330 62376439396136613838626238376130643431643063303032366565373432346236383937316235
65356139386463633565366132383832643032333234633964373437633836343435393631396166 61633238623336383635333464373966313064323832623965306438383339333336303633383834
34633439643764623936366536353931646132373539326238303761383339643661616266646130 35613331633262633231386261643065303962313839313064383932383063303336336430316335
30393166393465326365393130636136336433623262346435353936306133616135653734383635 62363131313334626236356132316665636136353062343631383733356431663637383232343531
65393530633836613937346430366337626365363361663533313837363063396538663766646566 37316162313337343064323738626135333239373033373866306234663233663934373661643631
63373639653732353135343562353266316164303863336365303635653464393232613939396131 35613036303232646336616162663135383766356136613661346131623438653262616132313366
30636361343932663233663566656131363938656161623966316366656561343166336532613666 33313763613963623630373836616462306461306261663332393232356336373933353535656431
65613534663762353662353262623634616264373964316336626166353330303539356130646166 36643338323138366231623439306238343663303136396165396465323933653934646535633835
63643435353765633766626165643465386331333637366562393861613834323464363932306430 65316138633439343239646237653762376235356232363965343936353830393933393166363663
32643836646266643031396262626136313363623663366430376432373036643835653863323631 34366538623731616130643031353432646634353238363965643831393132326662633164656333
30613164326430633664306630333632363931656135643465363439376263386561383534633666 62643930396433393537616663626537316162306363646339636263393035346665613964373038
64323763656466343064396639313264386239356664663461333166626332326536623132333434 36356364353838373936336164643164306565666263646632313137343233336166353564353039
62303261643164643330333662623935383037353338306135613737306563326336336162633138 36383636303062373231316463623633323133363036343064636564313731643335326161353666
33623066373265663362303133363032343933306336396466383034636131333837313333326531 63306533616433366133633235663966653939393565323736333534626665393330373066643534
39336163313633623639303462313763656632633030336236643030343262653366633939643536 31386236306439626437643037323536343134383866373334653938313739366563623736376130
31636535393864663363353930363761623264343630396336396431663330323436613462633136 62393964643237666339323066613763636330336461303961383366653866393163373539343063
37336464353730643566393432343762333336653932333366636265343663323462626232623635 32636166333830663763303361343438316165656338366433643137613031363961346134663935
34346136333630363539633666316561376266373032373961313437653564636537656630303261 34373532356630626632313438666537376638663037386666396266393962323865316465653265
37313639333233333365383763333061373730623939303530303832646365323739356564626137 38393631326566333064666661336531653934623331346538633235356338303361616336386634
35633366393636376463393961333830343232363266633931613332643134643234303733373466 37613165313938383766363866643362653531323231393334626132376137346130326435626264
35323831623931633436626636346431303965663639666566623433383736633834626330303265 31393031346263396163303563303337333238623761653662336464646266313231306262393866
37353337656233663938663839373931623137666662623266336537383631626631306235363064 39333861393939656230633435353734613639313830333566356364333636643639316163643632
33313564316438633139336261623736336336326239376630316335313631376132646563333430 39326132343863346164626363653938313132303632626533363464623136613165303037336130
33656432643130643832343065353834633366363339353964623762666564633835633636313731 33386161613737316530393430346637363235376164393038366139333061333563646137656631
63353637636165663136623736343234393038313235333363643237643566623766393838386635 38616465646434646464366439656263303332396164666139666436303565363761303566316131
33646233623032653233336266636335666233353032303837663162303939383262373761623261 31366336353239616233336661646235626665323136613166623731353531366231336230323634
35366661363966346233633739663635353361303264356534366235616164316138623730623632 66356338616137643732313637396439666639343332633363666536646338656262653361643663
62316362623736396264366632373661373835393434343364353431316362666235616635633566 38333066633864353836656461356366656634376234373762633237646436663732333731656166
64353530633334393737346663653562346335323065356665643132353738363132623031353664 39653030623137623563633932656461613635623766333130623062646339376631393431636661
66666639326238386634363664356664343161386435323736316636343536326435303066353035 37366365393238646131316439653938323561363237616332373465303136613964623563326166
37363731613138393333636562386363333932386362303139643262386237353863363764643139 62626165386533373565373735316634363236323363393137326138313032373835313732363031
64616561373239346464623165616332623434303433626638376232333733646136376431626438 31623035366430396236373365626632383838653262383737313163656334303166666337326261
66613134343639656331626630303030366133356636663735353466353834613430356265386162 32316562386432376139396336643936386663333839663038373536333530333730336435613833
66613332663232623438636661306332613162666561353537313336643134663664306630636639 38373931333131333765323263366134336332613331313162656666656564326564363533373330
61613363353264373831393962333631383236666130646333336431303735333165656438363432 35613737316263303932363463356636353266623232343861666363356538343163376630313336
38396530333631636135653534393531326434306362396237366430383166323832336434376364 31393037336532326233346137393065356539386332613030663462353336343135643736356265
38393431646338316232373431613930326532646333386435303034356564336665346133393866 66383538376539643530333464306461306235666232336134316135326133313835616433323036
61643533643361646265313334633463616437393437653935613261366635616430313064346532 30626230666131643431373534626334303939326534356432393232393365383065356339613933
32363831613565313836376338646466323130373032613863323037323566643164653132633735 64356338373734323136373162343861353630616536666233393135353866613634633931326166
65636562653535626461396666643330386333663137613333643165656336633038323036373162 63386562353032343535366230363363373566336334376531366263653430663730306561356362
31376338613862333334643561313332326237646565633934323032626662633631633033623063 61383736653363326562333635353231643163626664313737353133346430386434313332336261
63306664656437663732323339383735306132616531373865323835633264333639336163366466 65313161343864653034643038326337353931356136323462393436636339663935336237346531
33373433653839393638323034623835643531393266306331313563613265616633353763653438 61313266613265353361653432383735366561613839313762373734333062643038353966363836
65363532653163303861383531356639316331343531666666636336373634636134633331366364 38343736663836613364323166336638663533616634353064343865333764316261373432343336
62366230366435323435613964636533353236373935626632623536396664313264653031623062 35643435633661313636316133353662633939383462303831373333656236313664353461353333
33366166343630313839366262313234346262343336386538336335393835646138666330656361 62323630646339663433346339643633333766633765303062333737373161366264366166616535
61313936323838653832633130346539636363613838343363663431623063333933383466353938 66356332313135653463626161643732386533613334353539646635656637623837373762306632
65383361333561383631643938613862343236346233363466333237316339616362366565306639 37613766653366396135663765386632333563306238323135666462363834653766663635343363
39356563656132303463346138356435303038303165363935343266396462326365363262393336 66363734643932333132373565336464313832363332333435343966363838633034346238636461
37396235366639623761366239386165613065626431633733306234343866663266633631656237 31326433383234386239633366663432313938333238316263353864383439626331656166663763
63643430383433393835663635356265636635363137613064353066313338346436356632346265 35366333303664613963623836613833333930623762653461376533653833613930396338326634
38393730336465396263373137383238653337396364643061303234666266663064663265383434 66326661363631326264346237376564393739633531623761623761326131306330656638383130
36636138643432373633313038393737663735363838396164366234643533633762383062353831 65346662353033663532393163353633623966653036623338313139363963373264303337336135
66326231363337323666386263373438656630346336663239643030386434636264666634393631 35373137666230633836393661313634383236353665656130333030386433303066386134363532
39313364333761343532346165396365306463393037643935666363323630326664616638313338 61373864326366376664393334306465386662323137356331353665316262323261313866336332
39396336653738353333343835363861643166376565346463303135376439336134666235623230 31366533626531653931326166343231623933303836303435376437623934616333353930636136
32363031303732666133386164313437366164326539373564623236356432303132633436323563 37333734396234313036396333353561633062393939346635313337636330343165613163383966
36323634373538376133613736633133356638323861636434646465643432636366376138636232 63646131343665366632613438663535353734633530393362336333613839336635623039663037
63633830613462613831313938326339343632393038376639623131366364623536353338363439 35333162326537643135306264303063646161373463643032313264313731393337343864636534
32613331623863336165636364616634303264356630303665383638663737343836663831363263 34333864393965383962316236613031333930386465366633316131643633666639303765356432
63366562393734323030306436346534626530656465396535323835316139633562363830373437 35613033313830663831613966383565366336646431643631663434653830336630333135316338
63626530326530383538623165356532303862353763326432373966626436303465373431373762 65383531626635633335396362666433656331663633643638313239376234333635323163373564
38613539623164353732623636376630643465343839666531306438326633343362306665366132 63373134336432396536666130333532376365373266663463303863303137313864666566303535
39396537366266353864656232616334336130333337306463313932393832653661343036396261 34613361643762393464386162623262663933643133396330373664336465313837373538373466
64613461633433356334623631643861303133383963336635623138326139613564343838366565 32383131313566373664323033373163666638616135366634346366373634623865376236656466
36343130353462333162313736636139306233366466626231306561626335396262663531333839 33306432643932666137323666636530316230386633623664356239633136303137316636636533
61336437343137356335633764373730306466326133356331333530353537616661373062656438 33313533623037356231303262666439623063356339663031653839363061356462343262383436
35356235666464656466323937353837623535643937383866666133383633396563333338633034 65323665313462636565343332363335626437616163613834373963653766333437376136393436
38366531613164363966323137646237393135383164643230663331306335636432656565633636 66613434646362393365663738306436383266626338313139356366666264663736316236666633
34343031633632346533353666353034666266666561346464306665386634313263323333653330 32393331323538386639666162653461373834663064303238346663643633373564616634616230
66323033393531343633356466613837346164393332613037636465343230623731616361336338 36303162646133373838343731616432383231323262303062313835636432346466353539383936
61373332373636646435353734386366613334323161626437396232613534613330613532323534 33653538633939366232353538633364373462363330333963616439323862663861333535623038
65653065386432313733663165616333663666363733623162306536303833663136353334656466 34363939393336653933353235343261663435366435646331316135663231366266306236663730
64353931363838613761663561666639373865393438396565626661343934353662363834636535 38356535333436623864373239646530316435396162316532356330333537383965376661623166
65363664393433313036383438643864663339626331343230343337316437336634636363303563 36623033663237656439323333616330663832306563303965326562363735363666316231636138
35373539383535353235633730386232363539616632336566376264393832383637663330613133 36646166626232313034393939363565643565333962313766383236373833313439396532393636
37643261363966633138373935333438393536373938383265373261363232343030373539366335 35303034303966656366306461643936333831633539343631303464653237653235323961653935
61633162663137643061363366653135323639363838626266386262666133306461333432313738 35353136653737623436393731343765643635653236626663323831346362633134333365643264
30313332626166303630363839396663396564633961383863326663356230343938643833303933 35393338303638376635323664373964383235646564313161663632363863363030353334656434
34333032353935323565346633363537656639613663356130383264373739636231363364613066 36336636383731326137666163303838333363363564653431616135363832633337616261623065
36653664346434393933383337313630623131396461343930383537633536643365306564396665 31643230646431343739356264333537656439306134623335663436396331393062613334343265
31353861643335353538623838393335326364393738376239623431306231363739656438626265 65373038363866613666623630313766333935643834396661363263353834333263326665646432
37666532336661306262303761616238666239623265663231386165353437366631376234343035 32646139373563363832383233353632326234613437363330313833383433383635333431306437
33393037316563373534373765616238616639303031346430623561663430393536303163613338 63326363656266666633303737633063656538386562356234376639373531653730633562643664
65353062336164626335376235656235343637366438353334356436653266333062663838316263 30373333626231306661333764656435333734363762393531653431323466323961633931623063
32623732306462356162623437393035626433336631643833626463656634366332613936346465 33356630636633656432623636316366383532356338326261316138393031616339366239383239
34653331363133373635633330363564333264623566613432383439396537343963653239336265 31653763333837396136396164353839663631336132653131656436323333633432336463336338
33326132663434363065646265646130333935303662623037363938313464366564323734333437 37646538356465383934633162386266643963343731343532306332616666336365303462373863
36336335303738643634653164306332636130316161393335656536386131396662616366383139 31333638303134616530316665613039323762343365343931663331323266666130353266393961
36663863343736666665363337663537326330323437346565346465326231366563643136366365 33393337636133303962323331316235643061376661353735333462363730396462373830636434
37636361343961326261336437616266373962643765346438333766306537303137353764396330 61383439363435383962353865653364366335663830346638373462646563623666373266326135
39626635373631353635313935363834363730386132376363663462653330623130663266373432 35663436323866333635386363613233623762363961303434613734636336396461346636386166
65343237326535613535386363396236336536366165306463643162346638623638373433646163 38643730363061636462373331613136323265643334313734356531363934303362383638663034
62613935363636353639623839396231393838303135346536383037353636613563323234626131 35313034366538636263646539303664666265383064366434643235643661323638663663393163
64373666303436393861373164376564646235366131343433623733663832653039393738343537 63643964346530396562373939386461316164336236373139373934363561386465306131326635
65323534343464613230346532623966616462353532373064623566626563336464326336393364 61633838343065656361346637383035363166626431653762626534666464393263303062356533
39626237646431313135323036303065343138616632343237396136366332636132303037376132 65336532636566306530306231303136653866663464326166343137616231383733376565613966
33623031623635653162616265316366663262373666636638386130643336383130643232643662 66303738663330343539613961653632366633316264363262376537373465343461323232383239
34326663343562613962343033396332303261636230353331313730336630633461333736626333 64333564383563666666636433356334373337623232656635396339343163343234356639643662
66636430643330383032646634396133626339623036333963396662313234623466366634636334 30343830393535326338316636666638656366373166326461333566396664623139366431666336
33373762386662613966353664346239666133656435353365653536356331613632666132376264 38306135346366663131643933386431306136343163333131643535646666393531366263623336
62613433366633663065306166396166633836306139376533396165393966323465303638373563 61646339393366633238396338376266626232343936303563343963323737663332626233373933
63326330323161303065643365343363313338326238363137663139613463613434643834613662 66313837366464343665343765643763356364363632383431326263646631333336323536663431
64663365633965653363633165653038333335333232633434323037643936646561376431626230 63616537313137626462303565313366653730383362306162343535343431393436396638626662
66356138373136366134373533386634373061666330663364376336383433306331386162393633 37653763666331386138353830336432386533326536643061616563616461386333316232623363
33636330643531396464313736363061303466393861613730323563626363643731333633366532 35333361393737303835633536346665653831653634373439663365383839323933363738396234
64646130636234653566346533323962353332653335336239353630633535623935396638663366 66383136333734643536643533323731666365643834353865323963333265616362333139616137
37383661343636613261623833653032373764653164346634663431653664636233323734666166 32383735303334623462663535343137326162373139303230613861303435353133663133623733
36373664306566663930353338366431623563396166356638626166333165623263636336613138 33363239353366343839343462343836333763346665653462323963663936623466646536353831
34343936393964666564306637346561393538383137663162663630336462656663316338376236 64666564383065356437343064663731363864393830366265663166636631306663666631306534
63633666333263663734353861633164653132663334306664643133663736663766626639393236 38643163653739373334343137656562303462653432656335633862643438346530313237313437
32653430333163313363343731666135656662363838366132383732346130313130363365656263 66626331626630663361376163303531386538373563666463353361306664623439623237336437
32643533393163376264653632663262353966306630333064313932616262323134326361633764 34633164653939666238636632366237383163643433316239353831613737313932353736356234
63383837303936616434616630653833653833623263623532306363373836323431393335623530 38613630663737333636653564353933373634313962373366376631663961616462366138653431
34316562343035326265333164643163356230643639373431326431303538346363376332373434 65633033353731316431653466313333643439626335353032663266656135613533623463393330
31313666313663343363353130306561646136393732663164393232636330663635346434343134 35623939323633633562633734313535356337326434386563333562616366643638353361343861
33663138663336636430373763396435323138373633666438623234363631336232366635366532 39356339303333346534656462356435326233303333643835646434323739326261383634376463
62616239663934653462656163326134303261376635323864633435383666363065656665303538 64373261656632643833393363333131346634376135376163313933363165336266373335623738
62626538343638366236646136363232373437336630383739656438636465326531646664366462 61646362313965646633323264343565373961646661616339343564666235626231353039333563
36353663626634386538336239623734323234393463313034303837363164363263623065613061 34656634653331643032623233656237613961616263306638316538396239323133303566663365
38333162646232366339333662313965663336613238386530393162346266636532353433656136 35656263653838313431313066306436383531633031313335383061373637326536316539633763
66326436323836376432313238613165373565643233333435393361636637653361616435393438 31353232326237323033306331636365636661623237373539643462366639386434303631326538
32383763393561343734643438346635613663393736613839623263663866336165343235663933 64643035653532663839643663353863333963343334303661633534646130663165343138303536
66623137616561313462653631613830363666653635336534643935373739353138363934656134 33303765613263343933656333376262646262356362646536306461656334343739356631643936
35663063396162623432373534333463376231666466393963336231653939326663396336383735 63376132383465646362333235663932333136313061613431383933326635636564346139636238
34633763336163313432616163313638623963306666643432306661393632346339373963633265 66653632326631343032663333633938383739656662613462343038336635396632646365353364
32303862643661376433356661383335313365306534663534396638313531373538326236636363 61353265373239656662626639303037363535653739396638623762393831336265613534393938
37626138333437393363323261336663653163643565303063313231346131376261653763356631 63626539663861303238383037353935396539663139393464376165343766643936383236616339
62306262336337366134626632333663363139393131306666303235303761623665356431646234 64306433386664376565323832613030333932653237646235613936356338323037653933363165
33666461663035303066353137623762653565353533613435663839396238336337333463636465 38346362646630666565306439393365323437356132376335613236363763636632373366666633
38353135356634626137376232613330393235383432356436393030313564306537616363383136 35313530623061383532626163303032643035633163366161373838376532633065656165373039
66356463373138313661373565326565343066643133633630313031303132313031663739316631 34303764336463376536383961333566353531323664313061313731633436643238303439363463
66666631386163313034306532393862393930653931363235396662366262636466363464396466 30366531383465376235326635383732633731323834643030323265333933616132376164363738
61303962303066633764393831396632626233343633313061323838623134373036393164633139 38306466353032363935313234613834303035376663633031393564333436343836613066323565
30303861636335636131376334376239636235653233323435623262366132663934613661333135 63343362366139636266613833383031383563643865303134303165623436326639633630666139
61386136326435363337316363666330363431613135663661303438383664663930656564373730 64333132643736643934383038356663396264363963623364656233663062356339643435393539
32373731393666333364633835646431646662313232383136616238303264383438663766356462 32646665306138633161636363333761656638653465343364326261303831643835336166323034
32346664376430663934626661663039656461383738626265346162393861346163656161323333 38306434663033393932326665396465656334646433373361616432653362383962613662363737
39323666643031376530303230626166613233383731363766373634623430633635303963313466 39643631613633643332626566396264386333376165656663363737343139353963376334613335
34646331363539636133373134353535356265393265393635323532323134643034343663636362 36316638323636656532623634636635616633656638303135613435383533396234386133636434
38633261613433393634396234396265623063346138363133646532366638306632396464646432 61373336663366353734336662633834313534373130623664356237656464323835653337613263
61373961383438386535336131393633303430346162613738343839653038303035303033626535 66396666353538333238316562616266616434333664346161663034653637333738353663656635
37343030623530333332306265373539633735616634663666356437303862636338363866613861 35363238623436326538646432393566336434393961613333623537333466353161373436633037
38346130336338373865343866306665616530313938616366346131376262346135323537663137 36303461626566623637646438396263306438313832336332613961633530376432613336353461
39383366313766666234323234363937623264353532323033363966313135653163343036666262 38336364653638666137623333393433353232363334373130666563633832303263346438623964
34393832613034383239393930383063336131356364303231323966303633333331633666373764 32303531396565393332363665613134613332633661356130386132363731633738366363616532
65383137333965663234663933303231356165376233326233303035316536666563656363343933 39383939356633333261653961663361616634303531306233643861646239353239633533666561
36633039666432643135636331353932633164633964623661373739633665313433306561303637 63326134303239313965373366376233343430336530633665666134663864333837
62373534346562363132643063643732343462653838393635343266626535353864656437313434
34376538303965616539626534613431623834376337643936613137323031323139393762636463
66346664666361623636666533663037613434353135393862376633636233656330366136646434
30653735323961383130393763333630306131376430363436623238646632363462383739653636
37346566663039383866323639633565366338353438386461616239313639343766333661346435
33316538366463383733346663316564656566656165396465393461363061613239666165346661
62346639623163363762366431313831663135643062336363323336303737393437653863303665
36643466336566336236353166333063633830646461626262333937316162353365353130353535
30383164363532363532306364393236303537383139643431393962333063633162313033613561
32323434336364343061386666616639336566373461633462393130336461303531353436623065
65663430623066336533373662306566396263376562343936666166626666323964373334613835
64633535303365643564626562643562636363363834353865353765356665643965663861366436
63333736613232353130616466316637613966646139323565356537666331666564623832333439
36376131663431616430616265323039646432393166613631313762613264313765323231663961
65616636306362386534626130636261636566626365643630616135323634343935653033653433
3061

View file

@ -13,8 +13,6 @@ loc_reverseproxy:
to: auro.re to: auro.re
- from: 92.222.211.195 - from: 92.222.211.195
to: auro.re to: auro.re
- from: codimd.auro.re
to: hedgedoc.auro.re
reverseproxy_sites: reverseproxy_sites:
- from: phabricator.auro.re - from: phabricator.auro.re
@ -29,9 +27,6 @@ loc_reverseproxy:
- from: passbolt.auro.re - from: passbolt.auro.re
to: 10.128.0.53 to: 10.128.0.53
- from: auth.auro.re
to: 10.128.0.150:8089
- from: riot.auro.re - from: riot.auro.re
to: "10.128.0.150:8080" to: "10.128.0.150:8080"
- from: element.auro.re - from: element.auro.re
@ -39,6 +34,8 @@ loc_reverseproxy:
- from: chat.auro.re - from: chat.auro.re
to: "10.128.0.150:8080" to: "10.128.0.150:8080"
- from: codimd.auro.re
to: "10.128.0.150:8081"
- from: hedgedoc.auro.re - from: hedgedoc.auro.re
to: "10.128.0.150:8081" to: "10.128.0.150:8081"
@ -59,8 +56,6 @@ loc_reverseproxy:
- from: cas.auro.re - from: cas.auro.re
to: "10.128.0.150:8085" to: "10.128.0.150:8085"
- from: rss.auro.re
to: 10.128.0.150:8090
- from: status.auro.re - from: status.auro.re
to: "10.128.0.150:8086" to: "10.128.0.150:8086"
- from: "kanboard.auro.re" - from: "kanboard.auro.re"

31
hosts
View file

@ -42,15 +42,9 @@ litl.adm.auro.re
log.adm.auro.re log.adm.auro.re
netbox.adm.auro.re netbox.adm.auro.re
grafana.adm.auro.re grafana.adm.auro.re
dolibarr.adm.auro.re
infra-1.router.auro.re ansible_host=10.129.0.245
infra-2.router.auro.re ansible_host=10.129.0.246
[aurore_testing_vm] [aurore_testing_vm]
[aurore_ilo]
escalope-ilo.adm.auro.re
############################################################################### ###############################################################################
# OVH # OVH
@ -64,6 +58,7 @@ proxy-ovh.adm.auro.re
[ovh_vm] [ovh_vm]
serge.adm.auro.re serge.adm.auro.re
passbolt.adm.auro.re
docker-ovh.adm.auro.re docker-ovh.adm.auro.re
switchs-manager.adm.auro.re switchs-manager.adm.auro.re
ldap-replica-ovh.adm.auro.re ldap-replica-ovh.adm.auro.re
@ -89,23 +84,14 @@ dhcp-fleming.adm.auro.re
dhcp-fleming-backup.adm.auro.re dhcp-fleming-backup.adm.auro.re
dns-fleming.adm.auro.re dns-fleming.adm.auro.re
dns-fleming-backup.adm.auro.re dns-fleming-backup.adm.auro.re
ntp-1.int.infra.auro.re
prometheus-fleming.adm.auro.re prometheus-fleming.adm.auro.re
#prometheus-fleming-fo.adm.auro.re #prometheus-fleming-fo.adm.auro.re
radius-fleming.adm.auro.re radius-fleming.adm.auro.re
dns-1.int.infra.auro.re
isp-1.rtr.infra.auro.re
isp-2.rtr.infra.auro.re
dhcp-1.isp.auro.re
dhcp-2.isp.auro.re
radius-fleming-backup.adm.auro.re radius-fleming-backup.adm.auro.re
unifi-fleming.adm.auro.re unifi-fleming.adm.auro.re
routeur-fleming.adm.auro.re routeur-fleming.adm.auro.re
routeur-fleming-backup.adm.auro.re routeur-fleming-backup.adm.auro.re
[fleming_ilo]
marki-ilo.adm.auro.re
[fleming_unifi] [fleming_unifi]
fa-0-1.borne.auro.re fa-0-1.borne.auro.re
fa-1-1.borne.auro.re fa-1-1.borne.auro.re
@ -222,10 +208,6 @@ unifi-pacaterie.adm.auro.re
routeur-pacaterie.adm.auro.re routeur-pacaterie.adm.auro.re
routeur-pacaterie-backup.adm.auro.re routeur-pacaterie-backup.adm.auro.re
[pacaterie_ilo]
mordred-ilo.adm.auro.re
titan-ilo.adm.auro.re
[pacaterie_unifi] [pacaterie_unifi]
pc-1-1.borne.auro.re pc-1-1.borne.auro.re
pn-0-1.borne.auro.re pn-0-1.borne.auro.re
@ -281,10 +263,6 @@ radius-edc-backup.adm.auro.re
ldap-replica-edc.adm.auro.re ldap-replica-edc.adm.auro.re
prometheus-edc.adm.auro.re prometheus-edc.adm.auro.re
[edc_ilo]
caradoc-ilo.adm.auro.re
chapalux-ilo.adm.auro.re
[edc_unifi] [edc_unifi]
ee-2-1.borne.auro.re ee-2-1.borne.auro.re
ee-2-2.borne.auro.re ee-2-2.borne.auro.re
@ -316,10 +294,6 @@ radius-gs-backup.adm.auro.re
prometheus-gs.adm.auro.re prometheus-gs.adm.auro.re
ldap-replica-gs.adm.auro.re ldap-replica-gs.adm.auro.re
[gs_ilo]
lancelot-ilo.adm.auro.re
odin-ilo.adm.auro.re
[gs_unifi] [gs_unifi]
ga-0-1.borne.auro.re ga-0-1.borne.auro.re
ga-1-1.borne.auro.re ga-1-1.borne.auro.re
@ -389,9 +363,6 @@ dns-rives.adm.auro.re
radius-rives.adm.auro.re radius-rives.adm.auro.re
routeur-rives.adm.auro.re routeur-rives.adm.auro.re
[rives_ilo]
loki-ilo.adm.auro.re
[rives_unifi] [rives_unifi]
r1-1-1.borne.auro.re r1-1-1.borne.auro.re
r1-1-2.borne.auro.re r1-1-2.borne.auro.re

View file

@ -1,27 +0,0 @@
#!/usr/bin/env ansible-playbook
---
- hosts:
- ntp-1.int.infra.auro.re
vars:
chronyd__allow_networks:
- 10.128.0.0/16
- 2a09:6840:128::/48
chronyd__pools:
- 0.pool.ntp.org
- 1.pool.ntp.org
- 2.pool.ntp.org
- 3.pool.ntp.org
chronyd__local_stratum: 10
roles:
- chronyd
- hosts:
- all
- "!ntp-1.int.infra.auro.re"
- "!unifi"
vars:
chronyd__pools:
- ntp-1.int.infra.auro.re
roles:
- chronyd
...

View file

@ -1,213 +0,0 @@
#!/usr/bin/env ansible-playbook
---
- hosts:
- ntp-1.int.infra.auro.re
- dns-1.int.infra.auro.re
- dhcp-1.isp.auro.re
- dhcp-2.isp.auro.re
- isp-1.rtr.infra.auro.re
- isp-2.rtr.infra.auro.re
vars:
# TODO: netbox
ifupdown2__hosts:
ntp-1.int.infra.auro.re:
ens18:
gateways:
- 2a09:6840:128::254
- 10.128.0.254
addresses:
- 2a09:6840:128::203/56
- 10.128.0.203/16
dns-1.int.infra.auro.re:
ens18:
gateways:
- 2a09:6840:128::254
- 10.128.0.254
addresses:
- 2a09:6840:128::127/56
- 10.128.0.127/16
dhcp-1.isp.auro.re:
ens18:
gateways:
- 2a09:6840:128::254
- 10.128.0.254
addresses:
- 2a09:6840:128::204/56
- 10.128.0.204/16
ens19: null
clients:
bridge_vlan_aware: true
bridge_ports:
- ens19
bridge_vids:
- 1000-1004
client-0:
addresses:
- 100.64.0.2/27
vlan_id: 1000
vlan_raw_device: clients
client-1:
addresses:
- 100.64.0.34/27
vlan_id: 1001
vlan_raw_device: clients
client-2:
addresses:
- 100.64.0.66/27
vlan_id: 1002
vlan_raw_device: clients
client-3:
addresses:
- 100.64.0.98/27
vlan_id: 1003
vlan_raw_device: clients
client-4:
addresses:
- 100.64.0.130/27
vlan_id: 1004
vlan_raw_device: clients
dhcp-2.isp.auro.re:
ens18:
gateways:
- 2a09:6840:128::254
- 10.128.0.254
addresses:
- 2a09:6840:128::91/56
- 10.128.0.91/16
ens19: null
clients:
bridge_vlan_aware: true
bridge_ports:
- ens19
bridge_vids:
- 1000-1004
client-0:
addresses:
- 100.64.0.3/27
vlan_id: 1000
vlan_raw_device: clients
client-1:
addresses:
- 100.64.0.35/27
vlan_id: 1001
vlan_raw_device: clients
client-2:
addresses:
- 100.64.0.67/27
vlan_id: 1002
vlan_raw_device: clients
client-3:
addresses:
- 100.64.0.99/27
vlan_id: 1003
vlan_raw_device: clients
client-4:
addresses:
- 100.64.0.131/27
vlan_id: 1004
vlan_raw_device: clients
isp-1.rtr.infra.auro.re:
ens18:
gateways:
- 2a09:6840:128::254
- 10.128.0.254
addresses:
- 2a09:6840:128::255/56
- 10.128.0.255/16
ens19: null
clients:
bridge_vlan_aware: true
bridge_ports:
- ens19
bridge_vids:
- 1000-1004
bridge_disable_pvid: true
forward: true
ipv6_addrgen: false
client-0:
forward: true
vlan_id: 1000
vlan_raw_device: clients
ipv6_addrgen: false
client-1:
forward: true
vlan_id: 1001
vlan_raw_device: clients
ipv6_addrgen: false
client-2:
forward: true
vlan_id: 1002
vlan_raw_device: clients
ipv6_addrgen: false
client-3:
forward: true
vlan_id: 1003
vlan_raw_device: clients
ipv6_addrgen: false
client-4:
forward: true
vlan_id: 1004
vlan_raw_device: clients
ipv6_addrgen: false
isp-2.rtr.infra.auro.re:
ens18:
gateways:
- 2a09:6840:128::254
- 10.128.0.254
addresses:
- 2a09:6840:128::158/56
- 10.128.0.158/16
ens19: null
clients:
bridge_vlan_aware: true
bridge_ports:
- ens19
bridge_vids:
- 1000-1004
client-0:
forward: true
vlan_id: 1000
vlan_raw_device: clients
ipv6_addrgen: false
client-1:
forward: true
vlan_id: 1001
vlan_raw_device: clients
ipv6_addrgen: false
client-2:
forward: true
vlan_id: 1002
vlan_raw_device: clients
ipv6_addrgen: false
client-3:
forward: true
vlan_id: 1003
vlan_raw_device: clients
ipv6_addrgen: false
client-4:
forward: true
vlan_id: 1004
vlan_raw_device: clients
ipv6_addrgen: false
ifupdown2__interfaces: "{{ ifupdown2__hosts[inventory_hostname] }}"
roles:
- ifupdown2
- hosts:
- ntp-1.int.infra.auro.re
- dns-1.int.infra.auro.re
- dhcp-1.isp.auro.re
- dhcp-2.isp.auro.re
- isp-1.rtr.infra.auro.re
- isp-2.rtr.infra.auro.re
vars:
resolvconf__nameservers:
- 2a09:6840:128::127
- 10.128.0.127
resolvconf__domain: auro.re
resolvconf__search:
- "{{ inventory_hostname | remove_domain_suffix }}"
- auro.re
roles:
- resolvconf
...

View file

@ -1,32 +0,0 @@
#!/usr/bin/env ansible-playbook
---
- hosts:
- isp-1.rtr.infra.auro.re
- isp-2.rtr.infra.auro.re
vars:
keepalived__virtual_router_id: 80
keepalived__interface: ens18
keepalived__virtual_addresses:
client-0:
- 100.64.0.1/27
- 2a09:6841::/56
- fe80::1/10
client-1:
- 100.64.0.33/27
- 2a09:6841:0:100::/56
- fe80::1/10
client-2:
- 100.64.0.65/27
- 2a09:6841:0:100::/56
- fe80::1/10
client-3:
- 100.64.0.97/27
- 2a09:6841:0:200::/56
- fe80::1/10
client-4:
- 100.64.0.129/27
- 2a09:6841:0:300::/56
- fe80::1/10
roles:
- keepalived
...

View file

@ -30,14 +30,6 @@
user: grafana user: grafana
net: 10.128.0.98/32 net: 10.128.0.98/32
method: md5 method: md5
- database: dolibarr
user: dolibarr
net: 10.128.0.236/32
method: md5
- database: rt5
user: rt5
net: 10.128.0.123/32
method: md5
databases: databases:
- nextcloud - nextcloud
- gitea - gitea
@ -45,8 +37,6 @@
- drone - drone
- netbox - netbox
- grafana - grafana
- dolibarr
- rt5
users: users:
- name: nextcloud - name: nextcloud
database: nextcloud database: nextcloud
@ -78,16 +68,6 @@
password: "{{ vault_postgresql_grafana_passwd }}" password: "{{ vault_postgresql_grafana_passwd }}"
privs: privs:
- ALL - ALL
- name: dolibarr
database: dolibarr
password: "{{ vault_postgresql_dolibarr_passwd }}"
privs:
- ALL
- name: rt5
database: rt5
password: "{{ vault_postgresql_rt5_passwd }}"
privs:
- ALL
update_motd: update_motd:
postgresql: PostgreSQL est déployé. postgresql: PostgreSQL est déployé.
roles: roles:
@ -120,17 +100,12 @@
user: cas user: cas
net: 10.128.0.150/32 net: 10.128.0.150/32
method: md5 method: md5
- database: appservice-discord
user: appservice-discord
net: 10.128.0.150/32
method: md5
databases: databases:
- synapse - synapse
- codimd - codimd
- etherpad - etherpad
- kanboard - kanboard
- cas - cas
- appservice-discord
users: users:
- name: synapse - name: synapse
database: synapse database: synapse
@ -157,11 +132,6 @@
password: "{{ vault_postgresql_cas_passwd }}" password: "{{ vault_postgresql_cas_passwd }}"
privs: privs:
- ALL - ALL
- name: appservice-discord
database: appservice-discord
password: "{{ vault_postgresql_appservice_discord_passwd }}"
privs:
- ALL
update_motd: update_motd:
postgresql: PostgreSQL est déployé. postgresql: PostgreSQL est déployé.
roles: roles:

View file

@ -7,17 +7,13 @@
snmp_switch_community: "{{ vault_snmp_switch_community }}" snmp_switch_community: "{{ vault_snmp_switch_community }}"
snmp_pdu_user: "{{ vault_snmp_pdu_user }}" snmp_pdu_user: "{{ vault_snmp_pdu_user }}"
snmp_pdu_password: "{{ vault_snmp_pdu_password }}" snmp_pdu_password: "{{ vault_snmp_pdu_password }}"
snmp_ilo_user: aurore
snmp_ilo_auth: "{{ vault_snmp_ilo_auth }}"
snmp_ilo_priv: "{{ vault_snmp_ilo_priv }}"
prometheus_servers_targets: | # Prometheus targets.json
prometheus_targets:
- targets: |
{{ groups['fleming_pve'] + groups['fleming_vm'] | list | sort }} {{ groups['fleming_pve'] + groups['fleming_vm'] | list | sort }}
prometheus_unifi_snmp_targets: | prometheus_unifi_snmp_targets:
{{ groups['fleming_unifi'] | list | sort }} - targets: "{{ groups['fleming_unifi'] | list | sort }}"
prometheus_ilo_snmp_targets: |
{{ groups['fleming_ilo'] | list | sort }}
update_motd: update_motd:
prometheus: >- prometheus: >-
Prometheus (en configuration fleming) est déployé (/etc/prometheus). Prometheus (en configuration fleming) est déployé (/etc/prometheus).
@ -32,20 +28,16 @@
snmp_switch_community: "{{ vault_snmp_switch_community }}" snmp_switch_community: "{{ vault_snmp_switch_community }}"
snmp_pdu_user: "{{ vault_snmp_pdu_user }}" snmp_pdu_user: "{{ vault_snmp_pdu_user }}"
snmp_pdu_password: "{{ vault_snmp_pdu_password }}" snmp_pdu_password: "{{ vault_snmp_pdu_password }}"
snmp_ilo_user: aurore
snmp_ilo_auth: "{{ vault_snmp_ilo_auth }}"
snmp_ilo_priv: "{{ vault_snmp_ilo_priv }}"
prometheus_servers_targets: | # Prometheus targets.json
prometheus_targets:
- targets: |
{{ groups['pacaterie_pve'] + groups['pacaterie_vm'] | list | sort }} {{ groups['pacaterie_pve'] + groups['pacaterie_vm'] | list | sort }}
prometheus_unifi_snmp_targets: | prometheus_unifi_snmp_targets:
{{ groups['pacaterie_unifi'] | list | sort }} - targets: "{{ groups['pacaterie_unifi'] | list | sort }}"
prometheus_ups_snmp_targets: prometheus_ups_snmp_targets:
- ups-pn-1.ups.auro.re - ups-pn-1.ups.auro.re
- ups-ps-1.ups.auro.re - ups-ps-1.ups.auro.re
prometheus_ilo_snmp_targets: |
{{ groups['pacaterie_ilo'] | list | sort }}
update_motd: update_motd:
prometheus: >- prometheus: >-
Prometheus (en configuration pacaterie) est déployé (/etc/prometheus). Prometheus (en configuration pacaterie) est déployé (/etc/prometheus).
@ -60,21 +52,18 @@
snmp_switch_community: "{{ vault_snmp_switch_community }}" snmp_switch_community: "{{ vault_snmp_switch_community }}"
snmp_pdu_user: "{{ vault_snmp_pdu_user }}" snmp_pdu_user: "{{ vault_snmp_pdu_user }}"
snmp_pdu_password: "{{ vault_snmp_pdu_password }}" snmp_pdu_password: "{{ vault_snmp_pdu_password }}"
snmp_ilo_user: aurore
snmp_ilo_auth: "{{ vault_snmp_ilo_auth }}"
snmp_ilo_priv: "{{ vault_snmp_ilo_priv }}"
# Prometheus targets.json
prometheus_ups_snmp_targets: prometheus_ups_snmp_targets:
- ups-ec-1.ups.auro.re - ups-ec-1.ups.auro.re
# - ups-ec-2.ups.auro.re - ups-ec-2.ups.auro.re
- ups-ec-3.ups.auro.re - ups-ec-3.ups.auro.re
prometheus_servers_targets: |
{{ groups['edc_pve'] + groups['edc_vm'] + groups['edc_server'] | list | sort }}
prometheus_unifi_snmp_targets: |
{{ groups['edc_unifi'] | list | sort }}
prometheus_ilo_snmp_targets: |
{{ groups['edc_ilo'] | list | sort }}
prometheus_targets:
- targets: |
{{ groups['edc_pve'] + groups['edc_vm'] + groups['edc_server'] | list | sort }}
prometheus_unifi_snmp_targets:
- targets: "{{ groups['edc_unifi'] | list | sort }}"
update_motd: update_motd:
prometheus: >- prometheus: >-
Prometheus (en configuration edc) est déployé (/etc/prometheus). Prometheus (en configuration edc) est déployé (/etc/prometheus).
@ -89,21 +78,17 @@
snmp_switch_community: "{{ vault_snmp_switch_community }}" snmp_switch_community: "{{ vault_snmp_switch_community }}"
snmp_pdu_user: "{{ vault_snmp_pdu_user }}" snmp_pdu_user: "{{ vault_snmp_pdu_user }}"
snmp_pdu_password: "{{ vault_snmp_pdu_password }}" snmp_pdu_password: "{{ vault_snmp_pdu_password }}"
snmp_ilo_user: aurore
snmp_ilo_auth: "{{ vault_snmp_ilo_auth }}"
snmp_ilo_priv: "{{ vault_snmp_ilo_priv }}"
prometheus_servers_targets: | # Prometheus targets.json
prometheus_targets:
- targets: |
{{ groups['gs_pve'] + groups['gs_vm'] | list | sort }} {{ groups['gs_pve'] + groups['gs_vm'] | list | sort }}
prometheus_unifi_snmp_targets: | prometheus_unifi_snmp_targets:
{{ groups['gs_unifi'] | list | sort }} - targets: "{{ groups['gs_unifi'] | list | sort }}"
prometheus_ups_snmp_targets: prometheus_ups_snmp_targets:
- ups-gk-1.ups.auro.re - ups-gk-1.ups.auro.re
prometheus_apc_pdu_snmp_targets: prometheus_pdu_snmp_targets:
- pdu-ga-1.ups.auro.re - pdu-ga-1.ups.auro.re
prometheus_ilo_snmp_targets: |
{{ groups['gs_ilo'] | list | sort }}
update_motd: update_motd:
prometheus: >- prometheus: >-
Prometheus (en configuration gs) est déployé (/etc/prometheus). Prometheus (en configuration gs) est déployé (/etc/prometheus).
@ -118,20 +103,17 @@
snmp_switch_community: "{{ vault_snmp_switch_community }}" snmp_switch_community: "{{ vault_snmp_switch_community }}"
snmp_pdu_user: "{{ vault_snmp_pdu_user }}" snmp_pdu_user: "{{ vault_snmp_pdu_user }}"
snmp_pdu_password: "{{ vault_snmp_pdu_password }}" snmp_pdu_password: "{{ vault_snmp_pdu_password }}"
snmp_ilo_user: aurore
snmp_ilo_auth: "{{ vault_snmp_ilo_auth }}"
snmp_ilo_priv: "{{ vault_snmp_ilo_priv }}"
# Prometheus targets.json
prometheus_ups_snmp_targets: prometheus_ups_snmp_targets:
- ups-r3-1.ups.auro.re - ups-r3-1.ups.auro.re
- ups-r1-1.ups.auro.re - ups-r1-1.ups.auro.re
prometheus_servers_targets: |
{{ groups['rives_pve'] + groups['rives_vm'] | list | sort }}
prometheus_unifi_snmp_targets: |
{{ groups['rives_unifi'] | list | sort }}
prometheus_ilo_snmp_targets: |
{{ groups['rives_ilo'] | list | sort }}
prometheus_targets:
- targets: |
{{ groups['rives_pve'] + groups['rives_vm'] | list | sort }}
prometheus_unifi_snmp_targets:
- targets: "{{ groups['rives_unifi'] | list | sort }}"
update_motd: update_motd:
prometheus: >- prometheus: >-
Prometheus (en configuration rives) est déployé (/etc/prometheus). Prometheus (en configuration rives) est déployé (/etc/prometheus).
@ -146,15 +128,16 @@
snmp_switch_community: "{{ vault_snmp_switch_community }}" snmp_switch_community: "{{ vault_snmp_switch_community }}"
snmp_pdu_user: "{{ vault_snmp_pdu_user }}" snmp_pdu_user: "{{ vault_snmp_pdu_user }}"
snmp_pdu_password: "{{ vault_snmp_pdu_password }}" snmp_pdu_password: "{{ vault_snmp_pdu_password }}"
snmp_ilo_user: aurore
snmp_ilo_auth: "{{ vault_snmp_ilo_auth }}"
snmp_ilo_priv: "{{ vault_snmp_ilo_priv }}"
prometheus_servers_targets: | # Prometheus targets.json
prometheus_targets:
- targets: |
{{ groups['aurore_pve'] + groups['aurore_vm'] | list | sort }} {{ groups['aurore_pve'] + groups['aurore_vm'] | list | sort }}
prometheus_postgresql_targets: | prometheus_postgres_targets:
- targets: |
{{ groups['bdd'] + groups['radius'] | list | sort }} {{ groups['bdd'] + groups['radius'] | list | sort }}
prometheus_switch_snmp_targets: prometheus_switch_snmp_targets:
- targets:
- yggdrasil.switch.auro.re - yggdrasil.switch.auro.re
- sw-pn-serveurs.switch.auro.re - sw-pn-serveurs.switch.auro.re
- sw-ec-serveurs.switch.auro.re - sw-ec-serveurs.switch.auro.re
@ -169,9 +152,6 @@
- sw-ec-core.switch.auro.re - sw-ec-core.switch.auro.re
- sw-gk-core.switch.auro.re - sw-gk-core.switch.auro.re
- sw-r3-core.switch.auro.re - sw-r3-core.switch.auro.re
prometheus_ilo_snmp_targets: |
{{ groups['aurore_ilo'] | list | sort }}
update_motd: update_motd:
prometheus: >- prometheus: >-
Prometheus (en configuration aurore) est déployé (/etc/prometheus). Prometheus (en configuration aurore) est déployé (/etc/prometheus).
@ -186,17 +166,16 @@
snmp_switch_community: "{{ vault_snmp_switch_community }}" snmp_switch_community: "{{ vault_snmp_switch_community }}"
snmp_pdu_user: "{{ vault_snmp_pdu_user }}" snmp_pdu_user: "{{ vault_snmp_pdu_user }}"
snmp_pdu_password: "{{ vault_snmp_pdu_password }}" snmp_pdu_password: "{{ vault_snmp_pdu_password }}"
snmp_ilo_user: aurore
snmp_ilo_auth: "{{ vault_snmp_ilo_auth }}"
snmp_ilo_priv: "{{ vault_snmp_ilo_priv }}"
prometheus_servers_targets: | # Prometheus targets.json
prometheus_targets:
- targets: |
{{ groups['ovh_pve'] + groups['ovh_vm'] | list | sort }} {{ groups['ovh_pve'] + groups['ovh_vm'] | list | sort }}
prometheus_postgresql_targets: prometheus_postgres_targets:
- targets:
- bdd-ovh.adm.auro.re - bdd-ovh.adm.auro.re
prometheus_docker_targets: prometheus_docker_targets:
- docker-ovh.adm.auro.re - docker-ovh.adm.auro.re
update_motd: update_motd:
prometheus: >- prometheus: >-
Prometheus (en configuration ovh) est déployé (/etc/prometheus). Prometheus (en configuration ovh) est déployé (/etc/prometheus).
@ -210,11 +189,9 @@
snmp_unifi_password: "{{ vault_snmp_unifi_password }}" snmp_unifi_password: "{{ vault_snmp_unifi_password }}"
snmp_pdu_user: "{{ vault_snmp_pdu_user }}" snmp_pdu_user: "{{ vault_snmp_pdu_user }}"
snmp_pdu_password: "{{ vault_snmp_pdu_password }}" snmp_pdu_password: "{{ vault_snmp_pdu_password }}"
snmp_ilo_user: aurore
snmp_ilo_auth: "{{ vault_snmp_ilo_auth }}"
snmp_ilo_priv: "{{ vault_snmp_ilo_priv }}"
prometheus_servers_targets: # Prometheus targets.json
prometheus_targets:
- prometheus-edc.adm.auro.re - prometheus-edc.adm.auro.re
- prometheus-gs.adm.auro.re - prometheus-gs.adm.auro.re
- prometheus-fleming.adm.auro.re - prometheus-fleming.adm.auro.re
@ -222,7 +199,6 @@
- prometheus-rives.adm.auro.re - prometheus-rives.adm.auro.re
- prometheus-aurore.adm.auro.re - prometheus-aurore.adm.auro.re
- prometheus-ovh.adm.auro.re - prometheus-ovh.adm.auro.re
update_motd: update_motd:
prometheus_federate: >- prometheus_federate: >-
Prometheus (en configuration fédération) est déployé (/etc/prometheus). Prometheus (en configuration fédération) est déployé (/etc/prometheus).

View file

@ -1,11 +0,0 @@
---
chronyd__pools: []
chronyd__key_file: /etc/chrony/chrony.keys
chronyd__drift_file: /var/lib/chrony/chrony.drift
chronyd__nts_dump_dir: /var/lib/chrony
chronyd__log_dir: /var/log/chrony
chronyd__max_update_skew: 100.0
chronyd__rtcsync: true
chronyd__allow_networks: []
chronyd__log_change_seconds: 0.5
...

View file

@ -1,6 +0,0 @@
---
- name: Restart chronyd
systemd:
name: chrony.service
state: restarted
...

View file

@ -1,32 +0,0 @@
---
- name: Uninstall ntp and sntp
apt:
name:
- sntp
- ntp
- systemd-timesyncd
state: absent
- name: Install chronyd
apt:
name: chrony
- name: Configure chronyd
template:
src: "{{ item }}.j2"
dest: "/etc/chrony/{{ item }}"
owner: root
group: root
mode: u=rw,g=r,o=
loop:
- chrony.conf
- chrony.keys
notify:
- Restart chronyd
- name: Enable and start chronyd
systemd:
name: chrony.service
enabled: true
state: started
...

View file

@ -1,30 +0,0 @@
{{ ansible_managed | comment }}
{% for pool in chronyd__pools %}
pool {{ pool }} iburst
{% endfor %}
keyfile {{ chronyd__key_file }}
driftfile {{ chronyd__drift_file }}
ntsdumpdir {{ chronyd__nts_dump_dir }}
logdir {{ chronyd__log_dir }}
log tracking measurements statistics
maxupdateskew {{ chronyd__max_update_skew | float }}
{% if chronyd__rtcsync %}
rtcsync
{% endif %}
{% if chronyd__local_stratum is defined %}
local stratum {{ chronyd__local_stratum | int }}
{% endif %}
logchange {{ chronyd__log_change_seconds | float }}
leapsectz right/UTC
{% for network in chronyd__allow_networks %}
allow {{ network | ipaddr }}
{% endfor %}

View file

@ -1 +0,0 @@
{{ ansible_managed | comment }}

View file

@ -1,3 +0,0 @@
---
ifupdown2__interfaces: {}
...

View file

@ -1,9 +0,0 @@
---
- name: Restart networking
systemd:
name: networking.service
state: restarted
- name: Bring all interfaces up
shell: /usr/sbin/ifup -a
...

View file

@ -1,42 +0,0 @@
---
- name: Gather package facts
package_facts:
manager: apt
- name: Check if ifupdown2 is installed
set_fact:
must_mask: "{{ 'ifupdown2' not in ansible_facts.packages }}"
- name: Mask networking before installing ifupdown2
systemd:
name: networking.service
masked: true
when: must_mask
- name: Install ifupdown2
apt:
name: ifupdown2
- name: Unmask networking now that ifupdown2 is installed
systemd:
name: networking.service
masked: false
when: must_mask
- name: Configure ifupdown2
template:
src: interfaces.j2
dest: /etc/network/interfaces
owner: root
group: root
mode: u=rw,g=r,o=
notify:
- Restart networking
- Bring all interfaces up
- name: Enable and start networking
systemd:
name: networking.service
state: started
enabled: true
...

View file

@ -1,41 +0,0 @@
{{ ansible_managed | comment }}
{% for name, iface in ifupdown2__interfaces.items() %}
auto {{ name }}
iface {{ name }}
{% for address in iface.addresses | default([]) %}
address {{ address | ipaddr }}
{% endfor %}
{% for gateway in iface.gateways | default([]) %}
gateway {{ gateway | ipaddr }}
{% endfor %}
{% if iface.bridge_ports is defined %}
bridge-ports {{ iface.bridge_ports | join(" ") }}
{% endif %}
{% if iface.bridge_vlan_aware is defined %}
bridge-vlan-aware {{ iface.bridge_vlan_aware
| ternary("yes", "no") }}
{% endif %}
{% if iface.bridge_vids is defined %}
bridge-vids {{ iface.bridge_vids | join(",") }}
{% endif %}
{% if iface.vlan_id is defined %}
vlan-id {{ iface.vlan_id | int }}
{% endif %}
{% if iface.vlan_raw_device is defined %}
vlan-raw-device {{ iface.vlan_raw_device }}
{% endif %}
{% if iface.bridge_disable_pvid | default(false) %}
bridge-pvid 0
post-up bridge vlan del dev {{ name }} vid 1 self
{% endif %}
{% if iface.forward | default(false) %}
ip-forward yes
ip6-forward yes
{% endif %}
{% if iface.ipv6_addrgen is defined %}
ipv6-addrgen {{ iface.ipv6_addrgen
| ternary("yes", "no") }}
{% endif %}
{% endfor %}

View file

@ -1,7 +0,0 @@
---
keepalived__virtual_addresses: {}
keepalived__notify_master: []
keepalived__notify_backup: []
keepalived__notify_fault: []
keepalived__max_auto_priority: -1
...

View file

@ -1,6 +0,0 @@
---
- name: Reload keepalived
systemd:
name: keepalived.service
state: reloaded
...

View file

@ -1,28 +0,0 @@
---
- name: Install keepalived
apt:
name: keepalived
- name: Configure keepalived
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
owner: root
group: root
mode: "{{ item.mode }}"
loop:
- src: keepalived.conf.j2
dest: /etc/keepalived/keepalived.conf
mode: u=rw,g=,o=
- src: notify.sh.j2
dest: /etc/keepalived/notify.sh
mode: u=rwx,g=,o=
notify:
- Reload keepalived
- name: Enable and start keepalived
systemd:
name: keepalived
enabled: true
state: started
...

View file

@ -1,92 +0,0 @@
{{ ansible_managed | comment }}
global_defs {
dynamic_interfaces
script_user root
enable_script_security
vrrp_version 3
{% if keepalived__max_auto_priority is defined %}
max_auto_priority {{ keepalived__max_auto_priority | int }}
{% endif %}
}
{%
set ipv4_enabled =
keepalived__ipv4_enabled
| default(keepalived__virtual_addresses.values()
| flatten | ansible.utils.ipv4)
%}
{%
set ipv6_enabled =
keepalived__ipv6_enabled
| default(keepalived__virtual_addresses.values()
| flatten | ansible.utils.ipv6)
%}
{% if ipv4_enabled and ipv6_enabled %}
vrrp_sync_group group {
group {
{% if ipv4_enabled %}
instance_v4
{% endif %}
{% if ipv6_enabled %}
instance_v6
{% endif %}
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
{% endif %}
{% if ipv4_enabled %}
vrrp_instance instance_v4 {
virtual_router_id {{ keepalived__virtual_router_id | int }}
interface {{ keepalived__interface }}
state BACKUP
priority 250
nopreempt
advert_int 1
accept
virtual_ipaddress {
{% for dev, addresses in keepalived__virtual_addresses.items() %}
{% for address in addresses %}
{% if address | ansible.utils.ipv4 %}
{{ address }} dev {{ dev }}
{% endif %}
{% endfor %}
{% endfor %}
}
{% if not (ipv4_enabled and ipv6_enabled) %}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
{% endif %}
}
{% endif %}
{% if ipv6_enabled %}
vrrp_instance instance_v6 {
virtual_router_id {{ keepalived__virtual_router_id | int }}
interface {{ keepalived__interface }}
state BACKUP
priority 250
nopreempt
advert_int 1
accept
virtual_ipaddress {
{% for dev, addresses in keepalived__virtual_addresses.items() %}
{% for address in addresses | ipaddr_sort(["link-local"]) %}
{% if address | ansible.utils.ipv6 %}
{{ address }} dev {{ dev }}
{% endif %}
{% endfor %}
{% endfor %}
}
{% if not (ipv4_enabled and ipv6_enabled) %}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
{% endif %}
}
{% endif %}

View file

@ -1,33 +0,0 @@
#!/bin/bash
master=(
{% for notify in keepalived__notify_master %}
{{ notify | quote }}
{% endfor %}
)
backup=(
{% for notify in keepalived__notify_backup %}
{{ notify | quote }}
{% endfor %}
)
fault=(
{% for notify in keepalived__notify_fault %}
{{ notify | quote }}
{% endfor %}
)
case "$1" in
master | backup | fault)
scripts="$1[@]"
;;
*)
echo "Usage: $0 (master|backup|fault)" >&2
exit 1
esac
for script in "${!scripts}"
do
eval "${script}"
done

View file

@ -38,10 +38,10 @@
loop: loop:
- server.rules.yml - server.rules.yml
- docker.rules.yml - docker.rules.yml
- django.rules.yml
- ups.rules.yml - ups.rules.yml
- postgres.rules.yml - postgres.rules.yml
- environmental.rules.yml - environmental.rules.yml
- ilo.rules.yml
notify: Restart Prometheus notify: Restart Prometheus
- name: Make Prometheus snmp-exporter listen on localhost only - name: Make Prometheus snmp-exporter listen on localhost only
@ -63,6 +63,56 @@
- snmp.yml - snmp.yml
notify: Restart prometheus-snmp-exporter notify: Restart prometheus-snmp-exporter
# We don't need to restart Prometheus when updating nodes
- name: Configure Prometheus nodes
copy:
content: "{{ prometheus_targets | to_nice_json }}"
dest: /etc/prometheus/targets.json
mode: 0644
# We don't need to restart Prometheus when updating nodes
- name: Configure Prometheus Ubiquity Unifi SNMP devices
copy:
content: "{{ prometheus_unifi_snmp_targets | to_nice_json }}"
dest: /etc/prometheus/targets_unifi_snmp.json
mode: 0644
when: prometheus_unifi_snmp_targets is defined
- name: Configure Prometheus Switchs
copy:
content: "{{ prometheus_switch_snmp_targets | to_nice_json }}"
dest: /etc/prometheus/targets_switch_snmp.json
mode: 0644
when: prometheus_switch_snmp_targets is defined
- name: Configure Prometheus UPS SNMP devices
copy:
content: "{{ [{'targets': prometheus_ups_snmp_targets }] | to_nice_json }}\n"
dest: /etc/prometheus/targets_ups_snmp.json
mode: 0644
when: prometheus_ups_snmp_targets is defined
- name: Configure Prometheus docker monitoring
copy:
content: "{{ [{'targets': prometheus_docker_targets }] | to_nice_json }}\n"
dest: /etc/prometheus/targets_docker.json
mode: 0644
when: prometheus_docker_targets is defined
- name: Configure Prometheus postgres monitoring
copy:
content: "{{ prometheus_postgres_targets | to_nice_json }}\n"
dest: /etc/prometheus/targets_postgres.json
mode: 0644
when: prometheus_postgres_targets is defined
- name: Configure Prometheus apc_pdu monitoring
copy:
content: "{{ [{'targets': prometheus_pdu_snmp_targets }] | to_nice_json }}\n"
dest: /etc/prometheus/targets_apc_pdu_snmp.json
mode: 0644
when: prometheus_pdu_snmp_targets is defined
- name: Activate prometheus service - name: Activate prometheus service
systemd: systemd:
name: prometheus name: prometheus

View file

@ -0,0 +1,106 @@
# {{ ansible_managed }}
{# As this is also Jinja2 it will conflict without a raw block #}
{% raw %}
groups:
- name: django.rules
rules:
- record: job:django_http_requests_before_middlewares_total:sum_rate30s
expr: sum(rate(django_http_requests_before_middlewares_total[30s])) BY (job)
- record: job:django_http_requests_unknown_latency_total:sum_rate30s
expr: sum(rate(django_http_requests_unknown_latency_total[30s])) BY (job)
- record: job:django_http_ajax_requests_total:sum_rate30s
expr: sum(rate(django_http_ajax_requests_total[30s])) BY (job)
- record: job:django_http_responses_before_middlewares_total:sum_rate30s
expr: sum(rate(django_http_responses_before_middlewares_total[30s])) BY (job)
- record: job:django_http_requests_unknown_latency_including_middlewares_total:sum_rate30s
expr: sum(rate(django_http_requests_unknown_latency_including_middlewares_total[30s]))
BY (job)
- record: job:django_http_requests_body_total_bytes:sum_rate30s
expr: sum(rate(django_http_requests_body_total_bytes[30s])) BY (job)
- record: job:django_http_responses_streaming_total:sum_rate30s
expr: sum(rate(django_http_responses_streaming_total[30s])) BY (job)
- record: job:django_http_responses_body_total_bytes:sum_rate30s
expr: sum(rate(django_http_responses_body_total_bytes[30s])) BY (job)
- record: job:django_http_requests_total:sum_rate30s
expr: sum(rate(django_http_requests_total_by_method[30s])) BY (job)
- record: job:django_http_requests_total_by_method:sum_rate30s
expr: sum(rate(django_http_requests_total_by_method[30s])) BY (job, method)
- record: job:django_http_requests_total_by_transport:sum_rate30s
expr: sum(rate(django_http_requests_total_by_transport[30s])) BY (job, transport)
- record: job:django_http_requests_total_by_view:sum_rate30s
expr: sum(rate(django_http_requests_total_by_view_transport_method[30s])) BY (job,
view)
- record: job:django_http_requests_total_by_view_transport_method:sum_rate30s
expr: sum(rate(django_http_requests_total_by_view_transport_method[30s])) BY (job,
view, transport, method)
- record: job:django_http_responses_total_by_templatename:sum_rate30s
expr: sum(rate(django_http_responses_total_by_templatename[30s])) BY (job, templatename)
- record: job:django_http_responses_total_by_status:sum_rate30s
expr: sum(rate(django_http_responses_total_by_status[30s])) BY (job, status)
- record: job:django_http_responses_total_by_charset:sum_rate30s
expr: sum(rate(django_http_responses_total_by_charset[30s])) BY (job, charset)
- record: job:django_http_exceptions_total_by_type:sum_rate30s
expr: sum(rate(django_http_exceptions_total_by_type[30s])) BY (job, type)
- record: job:django_http_exceptions_total_by_view:sum_rate30s
expr: sum(rate(django_http_exceptions_total_by_view[30s])) BY (job, view)
- record: job:django_http_requests_latency_including_middlewares_seconds:quantile_rate30s
expr: histogram_quantile(0.5, sum(rate(django_http_requests_latency_including_middlewares_seconds_bucket[30s]))
BY (job, le))
labels:
quantile: "50"
- record: job:django_http_requests_latency_including_middlewares_seconds:quantile_rate30s
expr: histogram_quantile(0.95, sum(rate(django_http_requests_latency_including_middlewares_seconds_bucket[30s]))
BY (job, le))
labels:
quantile: "95"
- record: job:django_http_requests_latency_including_middlewares_seconds:quantile_rate30s
expr: histogram_quantile(0.99, sum(rate(django_http_requests_latency_including_middlewares_seconds_bucket[30s]))
BY (job, le))
labels:
quantile: "99"
- record: job:django_http_requests_latency_including_middlewares_seconds:quantile_rate30s
expr: histogram_quantile(0.999, sum(rate(django_http_requests_latency_including_middlewares_seconds_bucket[30s]))
BY (job, le))
labels:
quantile: "99.9"
- record: job:django_http_requests_latency_seconds:quantile_rate30s
expr: histogram_quantile(0.5, sum(rate(django_http_requests_latency_seconds_bucket[30s]))
BY (job, le))
labels:
quantile: "50"
- record: job:django_http_requests_latency_seconds:quantile_rate30s
expr: histogram_quantile(0.95, sum(rate(django_http_requests_latency_seconds_bucket[30s]))
BY (job, le))
labels:
quantile: "95"
- record: job:django_http_requests_latency_seconds:quantile_rate30s
expr: histogram_quantile(0.99, sum(rate(django_http_requests_latency_seconds_bucket[30s]))
BY (job, le))
labels:
quantile: "99"
- record: job:django_http_requests_latency_seconds:quantile_rate30s
expr: histogram_quantile(0.999, sum(rate(django_http_requests_latency_seconds_bucket[30s]))
BY (job, le))
labels:
quantile: "99.9"
- record: job:django_model_inserts_total:sum_rate1m
expr: sum(rate(django_model_inserts_total[1m])) BY (job, model)
- record: job:django_model_updates_total:sum_rate1m
expr: sum(rate(django_model_updates_total[1m])) BY (job, model)
- record: job:django_model_deletes_total:sum_rate1m
expr: sum(rate(django_model_deletes_total[1m])) BY (job, model)
- record: job:django_db_new_connections_total:sum_rate30s
expr: sum(rate(django_db_new_connections_total[30s])) BY (alias, vendor)
- record: job:django_db_new_connection_errors_total:sum_rate30s
expr: sum(rate(django_db_new_connection_errors_total[30s])) BY (alias, vendor)
- record: job:django_db_execute_total:sum_rate30s
expr: sum(rate(django_db_execute_total[30s])) BY (alias, vendor)
- record: job:django_db_execute_many_total:sum_rate30s
expr: sum(rate(django_db_execute_many_total[30s])) BY (alias, vendor)
- record: job:django_db_errors_total:sum_rate30s
expr: sum(rate(django_db_errors_total[30s])) BY (alias, vendor, type)
- record: job:django_migrations_applied_total:max
expr: max(django_migrations_applied_total) BY (job, connection)
- record: job:django_migrations_unapplied_total:max
expr: max(django_migrations_unapplied_total) BY (job, connection)
{% endraw %}

View file

@ -1,83 +0,0 @@
---
{{ ansible_managed | comment }}
{% macro raw(string) -%}
{{ "{{" }} {{ string }} {{ "}}" }}
{%- endmacro %}
groups:
- name: ilo.rules
rules:
- alert: IloResilientMemoryDegraded
expr: cpqHeResilientMemCondition{cpqHeResilientMemCondition!~"ok|other"} == 1
for: 3m
labels:
severity: warning
annotations:
summary: >-
La mémoire vive n'est plus résiliente
({{ raw('$labels.cpqHeResilientMemCondition') }})
- alert: IloBiosSelfTestDegraded
expr: cpqHeHWBiosCondition{cpqHeHWBiosCondition!~"ok|other"} == 1
for: 3m
labels:
severity: critical
annotations:
summary: >-
Une erreur a été détectée lors du POST du serveur
({{ raw('$labels.cpqHeHWBiosCondition') }})
- alert: IloBatteryDegraded
expr: cpqHeSysBatteryCondition{cpqHeSysBatteryCondition!~"ok|other"} == 1
for: 3m
labels:
severity: warning
annotations:
summary: >-
La batterie est dégradée
({{ raw('$labels.cpqHeSysBatteryCondition') }})
- alert: IloTemperatureSensorDegraded
expr: cpqHeTemperatureCondition{cpqHeTemperatureCondition!~"ok|other"} == 1
for: 3m
labels:
severity: critical
annotations:
summary: >-
Le capteur de température est dégradé
({{ raw('$labels.cpqHeTemperatureCondition') }})
- alert: IloFanDegraded
expr: cpqHeFltTolFanCondition{cpqHeFltTolFanCondition!~"ok|other"} == 1
for: 3m
labels:
severity: critical
annotations:
summary: >-
Le ventilateur est dégradé
({{ raw('$labels.cpqHeFltTolFanCondition') }})
- alert: IloPowerSupplyDegraded
expr: cpqHeFltTolPowerSupplyStatus{cpqHeFltTolPowerSupplyStatus!="noError"} == 1
for: 3m
labels:
severity: critical
annotations:
summary: >-
L'alimentation est dégradée
({{ raw('$labels.cpqHeFltTolPowerSupplyStatus') }})
- alert: IloOverrideSwitchState
expr: cpqSm2CntlriLOSecurityOverrideSwitchState{cpqSm2CntlriLOSecurityOverrideSwitchState="set"} == 1
for: 3m
labels:
severity: critical
annotations:
summary: >-
Le switch de réinitialisation n'est pas à l'état d'origine,
l'authentification est bypassée
...

View file

@ -112,7 +112,7 @@ groups:
rate(pg_stat_database_xact_rollback{datname!~"template.*"}[3m]) / rate(pg_stat_database_xact_rollback{datname!~"template.*"}[3m]) /
rate(pg_stat_database_xact_commit{datname!~"template.*"}[3m]) rate(pg_stat_database_xact_commit{datname!~"template.*"}[3m])
) * 100 ) * 100
> 20 > 7
for: 0m for: 0m
labels: labels:
severity: warning severity: warning

View file

@ -25,15 +25,17 @@ rule_files:
# A scrape configuration containing exactly one endpoint to scrape: # A scrape configuration containing exactly one endpoint to scrape:
# Here it's Prometheus itself. # Here it's Prometheus itself.
scrape_configs: scrape_configs:
# The .json in file_sd_configs is dynamically reloaded
- job_name: prometheus - job_name: prometheus
static_configs: static_configs:
- targets: - targets:
- localhost:9090 - localhost:9090
{% if prometheus_servers_targets is defined %}
- job_name: servers - job_name: servers
static_configs: file_sd_configs:
- targets: {{ prometheus_servers_targets | to_json }} - files:
- '/etc/prometheus/targets.json'
relabel_configs: relabel_configs:
# Do not put :9100 in instance name, rather here # Do not put :9100 in instance name, rather here
- source_labels: [__address__] - source_labels: [__address__]
@ -43,12 +45,11 @@ scrape_configs:
- source_labels: [__param_target] - source_labels: [__param_target]
target_label: __address__ target_label: __address__
replacement: '$1:9100' replacement: '$1:9100'
{% endif %}
{% if prometheus_unifi_snmp_targets is defined %}
- job_name: unifi_snmp - job_name: unifi_snmp
static_configs: file_sd_configs:
- targets: {{ prometheus_unifi_snmp_targets | to_json }} - files:
- '/etc/prometheus/targets_unifi_snmp.json'
metrics_path: /snmp metrics_path: /snmp
params: params:
module: [ubiquiti_unifi] module: [ubiquiti_unifi]
@ -59,12 +60,16 @@ scrape_configs:
target_label: instance target_label: instance
- target_label: __address__ - target_label: __address__
replacement: 127.0.0.1:9116 replacement: 127.0.0.1:9116
{% endif %}
{% if prometheus_ups_snmp_targets is defined %} - job_name: django
- job_name: ups_snmp scheme: https
static_configs: static_configs:
- targets: {{ prometheus_ups_snmp_targets | to_json }} - targets: []
- job_name: ups_snmp
file_sd_configs:
- files:
- '/etc/prometheus/targets_ups_snmp.json'
metrics_path: /snmp metrics_path: /snmp
params: params:
module: [eatonups] module: [eatonups]
@ -75,12 +80,11 @@ scrape_configs:
target_label: instance target_label: instance
- target_label: __address__ - target_label: __address__
replacement: 127.0.0.1:9116 replacement: 127.0.0.1:9116
{% endif %}
{% if prometheus_switch_snmp_targets is defined %}
- job_name: switch_snmp - job_name: switch_snmp
static_configs: file_sd_configs:
- targets: {{ prometheus_switch_snmp_targets | to_json }} - files:
- "/etc/prometheus/targets_switch_snmp.json"
metrics_path: /snmp metrics_path: /snmp
params: params:
module: [procurve_switch] module: [procurve_switch]
@ -91,12 +95,11 @@ scrape_configs:
target_label: instance target_label: instance
- target_label: __address__ - target_label: __address__
replacement: 127.0.0.1:9116 replacement: 127.0.0.1:9116
{% endif %}
{% if prometheus_docker_targets is defined %}
- job_name: docker - job_name: docker
static_configs: file_sd_configs:
- targets: {{ prometheus_docker_targets | to_json }} - files:
- '/etc/prometheus/targets_docker.json'
relabel_configs: relabel_configs:
# Do not put :8087 in instance name, rather here # Do not put :8087 in instance name, rather here
- source_labels: [__address__] - source_labels: [__address__]
@ -106,12 +109,11 @@ scrape_configs:
- source_labels: [__param_target] - source_labels: [__param_target]
target_label: __address__ target_label: __address__
replacement: '$1:8087' replacement: '$1:8087'
{% endif %}
{% if prometheus_postgresql_targets is defined %}
- job_name: postgresql - job_name: postgresql
static_configs: file_sd_configs:
- targets: {{ prometheus_postgresql_targets | to_json }} - files:
- '/etc/prometheus/targets_postgres.json'
relabel_configs: relabel_configs:
# Do not put :9187 in instance name, rather here # Do not put :9187 in instance name, rather here
- source_labels: [__address__] - source_labels: [__address__]
@ -121,12 +123,11 @@ scrape_configs:
- source_labels: [__param_target] - source_labels: [__param_target]
target_label: __address__ target_label: __address__
replacement: '$1:9187' replacement: '$1:9187'
{% endif %}
{% if prometheus_apc_pdu_snmp_targets is defined %}
- job_name: apc_pdu_snmp - job_name: apc_pdu_snmp
static_configs: file_sd_configs:
- targets: {{ prometheus_apc_pdu_snmp_targets | to_json }} - files:
- '/etc/prometheus/targets_apc_pdu_snmp.json'
metrics_path: /snmp metrics_path: /snmp
params: params:
module: module:
@ -138,23 +139,5 @@ scrape_configs:
target_label: instance target_label: instance
- target_label: __address__ - target_label: __address__
replacement: 127.0.0.1:9116 replacement: 127.0.0.1:9116
{% endif %}
{% if prometheus_ilo_snmp_targets is defined %}
- job_name: ilo_snmp
static_configs:
- targets: {{ prometheus_ilo_snmp_targets | to_json }}
metrics_path: /snmp
params:
module:
- ilo
relabel_configs:
- source_labels: [__address__]
target_label: __param_target
- source_labels: [__param_target]
target_label: instance
- target_label: __address__
replacement: 127.0.0.1:9116
{% endif %}
... ...

View file

@ -10,20 +10,23 @@ groups:
- name: server.rules - name: server.rules
rules: rules:
- alert: MachineDown - alert: InstanceDown
expr: up{instance!~".*.borne.auro.re$"} == 0 expr: up{instance!~".*.borne.auro.re$"} == 0
for: 3m for: 3m
labels: labels:
severity: critical severity: critical
annotations: annotations:
summary: >- summary: >-
Le collecteur {{ raw('$labels.job') }} ne marche plus Invisible depuis plus de 3 minutes
- alert: AccessPointDown - alert: AccessPointDown
expr: up{instance=~".*.borne.auro.re$"} == 0 expr: up{instance=~".*.borne.auro.re$"} == 0
for: 3m for: 3m
labels: labels:
severity: warning severity: warning
annotations:
summary: >-
Invisible depuis plus de 3 minutes
- alert: OutOfMemory - alert: OutOfMemory
expr: >- expr: >-
@ -47,7 +50,7 @@ groups:
node_memory_SwapFree_bytes node_memory_SwapFree_bytes
/ node_memory_SwapTotal_bytes / node_memory_SwapTotal_bytes
) )
) * 100 >= 50 ) * 100 >= 20
for: 3m for: 3m
labels: labels:
severity: warning severity: warning

View file

@ -482,227 +482,4 @@ apc_pdu:
priv_protocol: AES priv_protocol: AES
priv_password: {{ snmp_pdu_password }} priv_password: {{ snmp_pdu_password }}
ilo:
walk:
- 1.3.6.1.4.1.232.6.2.14.4 # Resilient memory
- 1.3.6.1.4.1.232.6.2.15.3 # Power meter
- 1.3.6.1.4.1.232.6.2.16.1 # POST tests
- 1.3.6.1.4.1.232.6.2.17.1 # Battery
- 1.3.6.1.4.1.232.6.2.6.8.1.3 # Temperature sensors location
- 1.3.6.1.4.1.232.6.2.6.8.1.4 # Temperature sensors value
- 1.3.6.1.4.1.232.6.2.6.8.1.5 # Temperature sensors limit
- 1.3.6.1.4.1.232.6.2.6.8.1.6 # Temperature sensors condition
- 1.3.6.1.4.1.232.6.2.6.7.1.3 # Fans location
- 1.3.6.1.4.1.232.6.2.6.7.1.9 # Fans condition
- 1.3.6.1.4.1.232.6.2.9.3.1.5 # Power supply
- 1.3.6.1.4.1.232.9.2.2 # iLO
metrics:
- name: cpqHeResilientMemCondition
oid: 1.3.6.1.4.1.232.6.2.14.4
type: EnumAsStateSet
help: The resilient memory condition - 1.3.6.1.4.1.232.6.2.14.4
enum_values:
1: other
2: ok
3: degraded
4: failed
- name: cpqHePowerMeterCurrReading
oid: 1.3.6.1.4.1.232.6.2.15.3
type: gauge
help: This is the current Power Meter reading in Watts - 1.3.6.1.4.1.232.6.2.15.3
- name: cpqHeHWBiosCondition
oid: 1.3.6.1.4.1.232.6.2.16.1
type: EnumAsStateSet
help: This value indicates an error has been detected during Pre-OS Test (POST)
or during initial hardware initialization - 1.3.6.1.4.1.232.6.2.16.1
enum_values:
1: other
2: ok
3: degraded
4: failed
- name: cpqHeSysBatteryCondition
oid: 1.3.6.1.4.1.232.6.2.17.1
type: EnumAsStateSet
help: The battery condition - 1.3.6.1.4.1.232.6.2.17.1
indexes:
- labelname: cpqHeSysBatteryChassis
type: gauge
- labelname: cpqHeSysBatteryIndex
type: gauge
enum_values:
1: other
2: ok
3: degraded
4: failed
- name: cpqHeTemperatureLocale
oid: 1.3.6.1.4.1.232.6.2.6.8.1.3
type: EnumAsInfo
help: This specifies the location of the temperature sensor present in the system.
- 1.3.6.1.4.1.232.6.2.6.8.1.3
indexes:
- labelname: cpqHeTemperatureChassis
type: gauge
- labelname: cpqHeTemperatureIndex
type: gauge
enum_values:
1: other
2: unknown
3: system
4: systemBoard
5: ioBoard
6: cpu
7: memory
8: storage
9: removableMedia
10: powerSupply
11: ambient
12: chassis
13: bridgeCard
- name: cpqHeTemperatureCelsius
oid: 1.3.6.1.4.1.232.6.2.6.8.1.4
type: gauge
help: This is the current temperature sensor reading in degrees celsius - 1.3.6.1.4.1.232.6.2.6.8.1.4
indexes:
- labelname: cpqHeTemperatureChassis
type: gauge
- labelname: cpqHeTemperatureIndex
type: gauge
- name: cpqHeTemperatureThreshold
oid: 1.3.6.1.4.1.232.6.2.6.8.1.5
type: gauge
help: This is the shutdown threshold temperature sensor setting in degrees celsius
- 1.3.6.1.4.1.232.6.2.6.8.1.5
indexes:
- labelname: cpqHeTemperatureChassis
type: gauge
- labelname: cpqHeTemperatureIndex
type: gauge
- name: cpqHeTemperatureCondition
oid: 1.3.6.1.4.1.232.6.2.6.8.1.6
type: EnumAsStateSet
help: The Temperature sensor condition - 1.3.6.1.4.1.232.6.2.6.8.1.6
indexes:
- labelname: cpqHeTemperatureChassis
type: gauge
- labelname: cpqHeTemperatureIndex
type: gauge
enum_values:
1: other
2: ok
3: degraded
4: failed
- name: cpqHeFltTolFanLocale
oid: 1.3.6.1.4.1.232.6.2.6.7.1.3
type: EnumAsInfo
help: This specifies the location of the fan present in the system.
- 1.3.6.1.4.1.232.6.2.6.7.1.3
indexes:
- labelname: cpqHeFltTolFanChassis
type: gauge
- labelname: cpqHeFltTolFanIndex
type: gauge
enum_values:
1: other
2: unknown
3: system
4: systemBoard
5: ioBoard
6: cpu
7: memory
8: storage
9: removableMedia
10: powerSupply
11: ambient
12: chassis
13: bridgeCard
- name: cpqHeFltTolFanCondition
oid: 1.3.6.1.4.1.232.6.2.6.7.1.9
type: EnumAsStateSet
help: The fan condition - 1.3.6.1.4.1.232.6.2.6.7.1.9
indexes:
- labelname: cpqHeFltTolFanChassis
type: gauge
- labelname: cpqHeFltTolFanIndex
type: gauge
enum_values:
1: other
2: ok
3: degraded
4: failed
- name: cpqHeFltTolPowerSupplyStatus
oid: 1.3.6.1.4.1.232.6.2.9.3.1.5
type: EnumAsStateSet
help: The status of the power supply. - 1.3.6.1.4.1.232.6.2.9.3.1.5
indexes:
- labelname: cpqHeFltTolPowerSupplyChassis
type: gauge
- labelname: cpqHeFltTolPowerSupplyBay
type: gauge
enum_values:
1: noError
2: generalFailure
3: bistFailure
4: fanFailure
5: tempFailure
6: interlockOpen
7: epromFailed
8: vrefFailed
9: dacFailed
10: ramTestFailed
11: voltageChannelFailed
12: orringdiodeFailed
13: brownOut
14: giveupOnStartup
15: nvramInvalid
16: calibrationTableInvalid
17: noPowerInput
- name: cpqSm2CntlrInterfaceStatus
oid: 1.3.6.1.4.1.232.9.2.2.17
type: EnumAsStateSet
help: Remote Insight/ Integrated Lights-Out Interface Status - 1.3.6.1.4.1.232.9.2.2.17
enum_values:
1: other
2: ok
3: notResponding
- name: cpqSm2CntlriLOSecurityOverrideSwitchState
oid: 1.3.6.1.4.1.232.9.2.2.27
type: EnumAsStateSet
help: Integrated Lights-Out Security Override Switch State - 1.3.6.1.4.1.232.9.2.2.27
enum_values:
1: notSupported
2: set
3: notSet
- name: cpqSm2CntlrLicenseActive
oid: 1.3.6.1.4.1.232.9.2.2.30
type: EnumAsStateSet
help: Remote Insight License State - 1.3.6.1.4.1.232.9.2.2.30
enum_values:
1: none
2: iloAdvanced
3: iloLight
4: iloAdvancedBlade
5: iloStandard
6: iloEssentials
7: iloScaleOut
8: iloAdvancedPremiumSecurity
- name: cpqSm2CntlrServerPowerState
oid: 1.3.6.1.4.1.232.9.2.2.32
type: EnumAsStateSet
help: The current power state for the server - 1.3.6.1.4.1.232.9.2.2.32
enum_values:
1: unknown
2: poweredOff
3: poweredOn
4: insufficientPowerOrPowerOnDenied
version: 3
# Reduce timeout to retry faster
timeout: 1s
auth:
security_level: authPriv
username: {{ snmp_ilo_user }}
password: {{ snmp_ilo_auth }}
auth_protocol: SHA
priv_protocol: AES
priv_password: {{ snmp_ilo_priv }}
... ...

View file

@ -34,9 +34,9 @@ scrape_configs:
- '{job="postgresql"}' - '{job="postgresql"}'
- '{job="prometheus"}' - '{job="prometheus"}'
- '{job="unifi_snmp"}' - '{job="unifi_snmp"}'
- '{job="django"}'
- '{job="ups_snmp"}' - '{job="ups_snmp"}'
- '{job="apc_pdu_snmp"}' - '{job="apc_pdu_snmp"}'
- '{job="docker"}' - '{job="docker"}'
- '{job="switch_snmp"}' - '{job="switch_snmp"}'
- '{job="ilo_snmp"}'
... ...

View file

@ -1,9 +0,0 @@
---
- name: Install resolv.conf
template:
src: resolv.conf.j2
dest: /etc/resolv.conf
owner: root
group: root
mode: u=rw,g=r,o=r
...

View file

@ -1,11 +0,0 @@
{{ ansible_managed | comment }}
{% for nameserver in resolvconf__nameservers %}
nameserver {{ nameserver | ipaddr }}
{% endfor %}
{% if resolvconf__domain is defined %}
domain {{ resolvconf__domain }}
{% endif %}
{% if resolvconf__search is defined %}
search {{ resolvconf__search | join(" ") }}
{% endif %}