An Ansible Role to install and configure monit.
Monit is a simple, yet powerful monitoring software. It is easy to configure and most servers some kind of monitoring.
This role installs and configures monit.
- install the packages
- configure mail server
- configure alerts
- configure web access
- configure basic checks
- configure the firewall
You will be able to put your additional checks in '/etc/monit.d/'.
Dependency Roles:
For CentOS and RHEL Systems, the EPEL repository must be enabled. You can achieve this by using the while_true_do.rpo_epel Ansible Role.
Used Modules:
- Ansible Package Module
- Ansible File Module
- Ansible Service Module
- Ansible Template Module
- Ansible Firewalld Module
Install from Ansible Galaxy
ansible-galaxy install while_true_do.srv_monit
Install from Github
git clone https://github.com/while-true-do/ansible-role-srv_monit.git while_true_do.srv_monit
Dependencies:
ansible-galaxy install -r requirements.yml
---
# defaults file for while_true_do.srv_monit
## Package Management
wtd_srv_monit_package: "monit"
# State can be present|latest|absent
wtd_srv_monit_package_state: "present"
## Configuration Management
wtd_srv_monit_conf: []
# daemon: 30
# start_delay: 30
# log: "syslog"
# pidfile: "/var/run/monit.pid"
# idfile: "/var/monit/monit.id"
# statefile: "/var/monit/monit.state"
# eventqueue:
# basedir: "/var/monit/events/"
# slots: "1000"
# mmonit: ""
wtd_srv_monit_conf_alert: []
# recipients:
# - "mail-address [with reminder on number <cycles>] [{ filter }]"
# mailserver:
# host: "<hostname>|<ip-address>"
# port: "25"
wtd_srv_monit_conf_web:
enabled: true
# port: "2812"
# address: "127.0.0.1"
# signature: "disable"
# ssl: false
# pemfile: "<path to pemfile>"
# pam: true
# allows: ""
# - "<username>:<password> [read-only]"
# - "<fqdn>"
# - "<ip-address>"
# - "<ip-range>"
# - "<@unix-group>"
# Enable checks for system resources
wtd_srv_monit_conf_check_system:
enabled: true
wtd_srv_monit_conf_check_mounts:
enabled: true
mounts:
- name: "rootfs"
mount: "/"
## Service Management
wtd_srv_monit_service: "monit"
# State can be started|stopped
wtd_srv_monit_service_state: "started"
wtd_srv_monit_service_enabled: true
## Firewalld Management
wtd_srv_monit_fw_mgmt: true
wtd_srv_monit_fw_port: "{{ wtd_srv_monit_conf_web.port | default('2812') }}/tcp"
# State can be enabled|disabled
wtd_srv_monit_fw_state: "enabled"
# Zone can be according to defined zones on your machine.
wtd_srv_monit_fw_zone: "public"
Running Ansible Roles can be done in a playbook.
---
- hosts: all
roles:
- role: while_true_do.rpo_epel
- role: while_true_do.srv_monit
Configure the webserver to listen on all addresses, add an admin user and allow the wheel-group (sudoers) to access with read only permission.
- hosts: all
roles:
- role: while_true_do.rpo_epel
- role: while_true_do.srv_monit
wtd_srv_monit_conf_web:
enabled: true
address: "0.0.0.0"
allows:
- "admin:admin"
- "@wheel read-only"
- RedHat Testing is currently not possible in public, due to limitations in subscriptions.
- Some services and features cannot be tested properly, due to limitations in docker.
Most of the "generic" tests are located in the Test Library.
Ansible specific testing is done with Molecule.
Infrastructure testing is done with testinfra.
Automated testing is done with Travis CI.
Thank you so much for considering to contribute. We are very happy, when somebody is joining the hard work. Please fell free to open Bugs, Feature Requests or Pull Requests after reading the Contribution Guideline.
See who has contributed already in the kudos.txt.
This work is licensed under a BSD-3-Clause License.
- Site https://while-true-do.io
- Twitter https://twitter.com/wtd_news
- Code https://github.com/while-true-do
- Mail [email protected]
- IRC freenode, #while-true-do
- Telegram https://t.me/while_true_do