diff --git a/hosts b/hosts index a41c622..65fb54e 100644 --- a/hosts +++ b/hosts @@ -2,7 +2,7 @@ localhost [workstation] -dell-laptop +dell-laptop debug=true usb [miner] @@ -28,7 +28,7 @@ usb ; nanominer_gpu_pool : Set to pool organization to use for GPU mining ; Valid values: nanopool etherpool f2pool ; -usb amdgpu=true +usb amdgpu=true x570 amdgpu=true nanominer=true nanominer_gpu=eth nanominer_gpus=0 nanominer_gpu_pool=nanopool [server] @@ -43,5 +43,13 @@ x570 amdgpu=true nanominer=true nanominer_gpu=eth nanominer_gpus=0 nanominer_gpu ; grafana : Set to anything for this server to be configured as an Grafana web server. ; Example: true ; -office domain=hyperling.com onlyoffice=true -grafana domain=hyperling.com grafana=true influxdb1=true telegraf=true \ No newline at end of file +; influxdb1 : Set to anything for this server to be configured as an Influx 1 DB server. +; Example: true +; +; influxdb2 : Set to anything for this server to be configured as an Influx 2 DB + web server. +; Example: true +; +onlyoffice domain=hyperling.com onlyoffice=true +grafana domain=hyperling.com grafana=true influxdb1=true +test debug=true +freeboy debug=true \ No newline at end of file diff --git a/local.yml b/local.yml index 15b4a1f..7f86311 100644 --- a/local.yml +++ b/local.yml @@ -131,18 +131,18 @@ - include: tasks/server/grafana.yml when: grafana is defined and ansible_pkg_mgr == "apt" - - include: tasks/server/telegraf.yml - when: telegraf is defined and ansible_pkg_mgr == "apt" - -# Create reports to analyze security. -- name: Main | Hardness Tests +# Provide information for analysis. +- name: Main | Reporting hosts: localhost connection: local become: true tasks: + - include: tasks/general/software/telegraf.yml + when: debug is defined + - include: tasks/general/tests/nmap.yml - include: tasks/general/tests/lynis.yml diff --git a/tasks/general/acct_mgmt/users.yml b/tasks/general/acct_mgmt/users.yml index 15c6219..5dc7297 100644 --- a/tasks/general/acct_mgmt/users.yml +++ b/tasks/general/acct_mgmt/users.yml @@ -31,6 +31,7 @@ name: ansible comment: Ansible system: yes + register: user_ansible ## Superuser ## diff --git a/tasks/general/software/statsd.yml b/tasks/general/software/.fuse_hidden0000003000000001 similarity index 100% rename from tasks/general/software/statsd.yml rename to tasks/general/software/.fuse_hidden0000003000000001 diff --git a/tasks/general/software/telegraf.yml b/tasks/general/software/telegraf.yml new file mode 100644 index 0000000..25f12e3 --- /dev/null +++ b/tasks/general/software/telegraf.yml @@ -0,0 +1,168 @@ +--- +# Application that populates InfluxDB with metric data. +# https://docs.influxdata.com/telegraf/v1.17/introduction/getting-started/ + +# Variables # + +- name: Server | Telegraf | Variables 1/3 + set_facts: + telegraf_tar: telegraf-1.18.0_linux_amd64.tar.gz + telegraf_config: /usr/local/etc/telegraf.conf + telegraf_exec: /usr/local/bin/telegraf + telegraf_user: "{{ user_ansible.name }}" + telegraf_log: "{{ user_ansible.home }}/telegraf.log" + +- name: Server | Telegraf | Variables 2/3 + set_facts: + telegraf_cmd: "{{ telegraf_exec }} --config {{ telegraf_config }} >> {{ telegraf_log }} 2>&1" + +- name: Server | Telegraf | Variables 3/3 + set_facts: + telegraf_restart: "killall telegraf; {{ telegraf_cmd }}" + +- name: Server | Telegraf | Variables | Linux + set_facts: + telegraf_input_temp: "[[inputs.temp]]" + when: ansible_system == "Linux" + +- name: Server | Telegraf | Variables | FreeBSD + set_facts: + telegraf_input_temp: "" + when: ansible_system == "FreeBSD" + +# Dependencies # + +- name: Server | Telegraf | Pre-Reqs + package: + name: wget + when: ansible_system == "Linux" + +# Install # + +- name: Server | Telegraf | Linux | Install + shell: "{{ item }}" + args: + chdir: "{{ ansible_env.HOME }}/Downloads/" + loop: + - wget --no-check-certificate "https://dl.influxdata.com/telegraf/releases/{{ telegraf_tar }}" + - tar xvf {{ telegraf_tar }} + - mv {{ telegraf_tar }} ~/TRASH/ + - mv telegraf*/usr/bin/telegraf {{ telegraf_exec }} + when: ansible_system == "Linux" + + +- name: Server | Telegraf | FreeBSD | Install 1/2 + shell: /usr/sbin/pwd_mkdb -p /etc/master.passwd + when: ansible_system == "FreeBSD" + +- name: Server | Telegraf | FreeBSD | Install 1/2 + package: + name: telegraf + when: ansible_system == "FreeBSD" + +# Configuration # + +- name: Server | Telegraf | Config + blockinfile: + path: {{ telegraf_config }} + block: | + [global_tags] + # dc = "us-east-1" # will tag all metrics with dc=us-east-1 + # rack = "1a" + ## Environment variables can be used as tags, and throughout the config file + # user = "$USER" + + [agent] + interval = "10s" + metric_batch_size = 1000 + metric_buffer_limit = 10000 + collection_jitter = "0s" + flush_interval = "10s" + flush_jitter = "0s" + precision = "" + # debug = false + # quiet = false + # logtarget = "file" + # logfile = "" + # logfile_rotation_interval = "0d" + # logfile_rotation_max_size = "0MB" + # logfile_rotation_max_archives = 5 + hostname = "" + omit_hostname = false + + [[outputs.influxdb]] + urls = ["http://influxdb.hyperling.com:8086"] + database = "main" + # database_tag = "" + # exclude_database_tag = false + # skip_database_creation = false + # retention_policy = "" + # retention_policy_tag = "" + # exclude_retention_policy_tag = false + # write_consistency = "any" + # timeout = "5s" + # username = "telegraf" + # password = "metricsmetricsmetricsmetrics" + # user_agent = "telegraf" + # udp_payload = "512B" + # tls_ca = "/etc/telegraf/ca.pem" + # tls_cert = "/etc/telegraf/cert.pem" + # tls_key = "/etc/telegraf/key.pem" + # insecure_skip_verify = false + # http_proxy = "http://corporate.proxy:3128" + # http_headers = {"X-Special-Header" = "Special-Value"} + # content_encoding = "gzip" + # influx_uint_support = false + + [[inputs.cpu]] + percpu = true + totalcpu = true + collect_cpu_time = false + report_active = false + + [[inputs.disk]] + # mount_points = ["/"] + ignore_fs = ["tmpfs", "devtmpfs", "devfs", "iso9660", "overlay", "aufs", "squashfs", "fdescfs"] + + [[inputs.diskio]] + # devices = ["sda", "sdb", "vd*"] + # skip_serial_number = false + # device_tags = ["ID_FS_TYPE", "ID_FS_USAGE"] + # name_templates = ["$ID_FS_LABEL","$DM_VG_NAME/$DM_LV_NAME"] + + [[inputs.kernel]] + + [[inputs.mem]] + + [[inputs.processes]] + + [[inputs.swap]] + + [[inputs.system]] + # fielddrop = ["uptime_format"] + + {{ telegraf_input_temp }} + + marker: ';{mark} MANAGED BY ANSIBLE' + marker_begin: ';;;;;;;;;;;; BEGIN' + marker_end: ' END' + state: present + create: yes + +# Run # + +- name: Server | Telegraf | Start + shell: "{{ telegraf_restart }}" + become_user: {{ telegraf_user }} + +- name: Server | Telegraf | Schedule + cron: + user: {{ telegraf_user }} + name: "{{ item.name }}" + job: "{{ item.command }}" + special_time: "{{ item.freq }}" + state: present + disabled: no + loop: + - { "name": "Telegraf Start Job", "command": "{{ telegraf_cmd }}", "freq": "reboot"} + - { "name": "Telegraf Keep-Alive Job", "command": "{{ telegraf_restart }}", "freq": "hourly"} diff --git a/tasks/server/prometheus.yml b/tasks/server/.fuse_hidden0000002c00000002 similarity index 100% rename from tasks/server/prometheus.yml rename to tasks/server/.fuse_hidden0000002c00000002 diff --git a/tasks/server/telegraf.yml b/tasks/server/telegraf.yml deleted file mode 100644 index b2935c0..0000000 --- a/tasks/server/telegraf.yml +++ /dev/null @@ -1,21 +0,0 @@ ---- -# Application that populates InfluxDB with metric data. -# https://docs.influxdata.com/telegraf/v1.17/introduction/getting-started/ - -- name: Server | Telegraf | Check - shell: which telegraf - register: telegraf_check - ignore_errors: yes - -- name: Server | Telegraf | Install - shell: "{{ item }}" - args: - chdir: "{{ ansible_env.HOME }}/Downloads/" - loop: - - mv telegraf_1.17.3-1_amd64.deb ~/TRASH/ 2>/dev/null; exit 0 - - wget https://dl.influxdata.com/telegraf/releases/telegraf_1.17.3-1_amd64.deb - - dpkg -i telegraf_1.17.3-1_amd64.deb - - service telegraf start - when: telegraf_check.failed - -# TODO: Add cron job(s) \ No newline at end of file