From 0c6153cebe9873ffbdd748e845290c94d091db89 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Aur=C3=A9lien=20Bompard?= Date: Thu, 10 Jul 2025 11:46:05 +0200 Subject: [PATCH] Create an IPA service for monitoring and use it for check-ipa-free-ids MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Aurélien Bompard --- roles/ipa/server/tasks/scripts.yml | 20 ++++++++++++++++++- .../nagios_client/templates/check_ipa.cfg.j2 | 2 +- 2 files changed, 20 insertions(+), 2 deletions(-) diff --git a/roles/ipa/server/tasks/scripts.yml b/roles/ipa/server/tasks/scripts.yml index 5f6798ebe0..213eb02661 100644 --- a/roles/ipa/server/tasks/scripts.yml +++ b/roles/ipa/server/tasks/scripts.yml @@ -105,10 +105,28 @@ - config notify: Restart collectd - - name: Let collectd talk to the RabbitMQ management interface + - name: Let collectd talk to the REST API ansible.posix.seboolean: name: collectd_tcp_network_connect state: yes persistent: yes tags: - collectd + + +# +# Nagios monitoring +# +- name: Create the service for nagios monitoring + ansible.builtin.include_role: + name: "keytab/service" # noqa role-name[path] + apply: + tags: + - ipa/server + - config + - keytab + vars: + host: "{{ ipa_server }}" # noqa: var-naming[no-role-prefix] + service: monitoring # noqa: var-naming[no-role-prefix] + owner_user: nagios + owner_group: nagios diff --git a/roles/nagios_client/templates/check_ipa.cfg.j2 b/roles/nagios_client/templates/check_ipa.cfg.j2 index eadd18cdc9..8a0b003d0d 100644 --- a/roles/nagios_client/templates/check_ipa.cfg.j2 +++ b/roles/nagios_client/templates/check_ipa.cfg.j2 @@ -1,2 +1,2 @@ command[check_ipa_replication]={{ libdir }}/nagios/plugins/check_ipa_replication -u ldaps://localhost/ -command[check_ipa_free_ids]={{ libdir }}/nagios/plugins/check_ipa_free_ids.py -k /etc/krb5.stage-users_{{ ipa_server }}.keytab +command[check_ipa_free_ids]={{ libdir }}/nagios/plugins/check_ipa_free_ids.py -k /etc/krb5.monitoring_{{ ipa_server }}.keytab