Initial commit on request, not tested!

.gitignore

@@ -0,0 +1,3 @@
+.*.sw?
+*~
+

defaults/main.yml

@@ -0,0 +1,35 @@
+---
+monitored_by_nrpe: False
+monitored_by_ssh: False
+
+monitored_user: nagios
+monitored_group: nagios
+monitored_homedir: /var/lib/nagios
+monitored_shell: /bin/bash
+
+monitored_packages_install: True
+
+monitored_nrpe_server_address: null
+monitored_nrpe_port: 5666
+
+monitored_server_ips:
+- 127.0.0.1
+
+monitored_nrpe_dont_blame: 0
+monitored_nrpe_allow_bash_command_substitution: 0
+monitored_nrpe_command_prefix: null
+monitored_nrpe_command_timeout: 60
+monitored_nrpe_connection_timeout: 300
+
+monitored_nrpe_include_files: null
+monitored_nrpe_include_dirs:
+  - nrpe.d/
+  - nrpe.local.d/
+
+monitored_nrpe_servicename: nrpe
+
+monitored_ssh_key_files:
+  - ../../../ssh_key.pub
+monitored_ssh_key_wrapper: null
+monitored_ssh_key_wrapper_src: null
+

monitored.yml

@@ -0,0 +1,5 @@
+---
+- hosts: all
+  roles:
+          - monitored
+

tasks/main.yml

@@ -0,0 +1,27 @@
+---
+- fail: msg="This system should not be monitored"
+  when: monitored_dont is defined
+
+- fail: msg="Neither monitored_by_(ssh|nrpe) is set"
+  when: monitored_by_nrpe == False and monitored_by_ssh == False
+
+- name: Gather OS Specific Variables
+  include_vars: "{{ item }}"
+  with_first_found:
+    - "{{ ansible_distribution|lower }}-{{ ansible_distribution_version }}.yml"
+    - "{{ ansible_distribution|lower }}-{{ ansible_distribution_major_version }}.yml"
+    - "{{ ansible_distribution|lower }}.yml"
+    - "{{ ansible_os_family|lower }}.yml"
+    - "defaults.yml"
+
+- include: user.yml
+
+- include: packages.yml
+  when: monitored_packages_install != False
+
+- include: nrpe.yml
+  when: monitored_by_nrpe == True
+
+- include: ssh.yml
+  when: monitored_by_ssh == True
+

tasks/nrpe.yml

@@ -0,0 +1,37 @@
+---
+- name: Install NRPE daemon
+  package:
+    name: "{{ item }}"
+    state: latest
+  with_items: "{{ monitored_packages_nrpe }}"
+
+- name: Install daemon config
+  template:
+    src: nrpe.cfg.j2
+    dest: "{{ monitored_nrpe_basedir }}/nrpe.cfg"
+    owner: "{{ monitored_user }}"
+    group: "{{ monitored_group }}"
+    mode: 0640
+    backup: True
+
+- name: Create snippet config dirs
+  file:
+    path: "{{ monitored_nrpe_basedir }}/{{ item }}"
+    state: directory
+    owner: "{{ monitored_user }}"
+    group: "{{ monitored_group }}"
+    mode: 0750
+  with_items: "{{ monitored_nrpe_include_dirs }}"
+
+#- include: nrpe_migrate.yml
+
+- name: Enable NRPE
+  service:
+    name: "{{ monitored_nrpe_servicename }}"
+    enabled: yes
+
+- name: Reload NRPE
+  service:
+    name: "{{ monitored_nrpe_servicename }}"
+    state: reloaded
+

tasks/packages.yml

@@ -0,0 +1,17 @@
+---
+- name: Install Monitoring-Plugins
+  package:
+    name: "{{ item }}"
+    state: latest
+  register: monitoringplugins
+  ignore_errors: True
+  with_items: "{{ monitored_packages_mp }}"
+
+
+- name: Install Nagios-Plugins
+  package:
+    name: "{{ item }}"
+    state: latest
+  with_items: "{{ monitored_packages_np }}"
+  when: monitoringplugins|failed
+

tasks/ssh.yml

@@ -0,0 +1,23 @@
+---
+- name: Create dot-SSH directory for monitoring user
+  file:
+    path: "{{ monitored_homedir }}/.ssh/"
+    state: directory
+    owner: "{{ monitored_user }}"
+    group: "{{ monitored_group }}"
+    mode: 0700
+
+- name: Copy SSH authorized_keys for monitoring user
+  authorized_key:
+    user: "{{ monitored_user }}"
+    key: "{{ lookup('file', item) }}"
+    key_options: 'no-agent-forwarding,no-port-forwarding,no-X11-forwarding,no-pty{% if monitored_ssh_key_wrapper %},command="{{ monitored_ssh_key_wrapper }}"{% endif %}'
+  with_items: monitored_ssh_key_files
+
+- name: Copy SSH wrapper
+  copy:
+    src: "{{ monitored_ssh_key_wrapper_src }}"
+    path: "{{ monitored_ssh_key_wrapper }}"
+    mode: 0755
+  when: monitored_ssh_key_wrapper_src
+

tasks/user.yml

@@ -0,0 +1,17 @@
+---
+- name: Add monitoring group
+  group:
+    name: "{{ monitored_group }}"
+    system: yes
+    state: present
+
+- name: Add monitoring user
+  user:
+    name: "{{ monitored_user }}"
+    system: yes
+    group: "{{ monitored_group }}"
+    home: "{{ monitored_homedir }}"
+    move_home: yes
+    shell: "{{ monitored_shell }}"
+    state: present
+

templates/nrpe.cfg.j2

@@ -0,0 +1,43 @@
+### {{ ansible_managed }}
+
+log_facility=daemon
+pid_file={{ monitored_nrpe_pidfile }}
+debug=0
+
+{% if monitored_nrpe_server_address %}server_address={{ monitored_nrpe_server_address }}
+{% else %}# server_address=
+{% endif %}
+server_port={{ monitored_nrpe_port }}
+
+nrpe_user={{ monitored_user }}
+nrpe_group={{ monitored_group }}
+
+allowed_hosts=127.0.0.1,{{ monitored_server_ips|join(',') }}
+
+dont_blame_nrpe={% if monitored_nrpe_dont_blame == "1" %}1
+{% else %}0
+{% endif %}
+allow_bash_command_substitution={% if monitored_nrpe_allow_bash_command_substitution == "1" %}1
+{% else %}0
+{% endif %}
+
+{% if monitored_nrpe_command_prefix %}command_prefix={{ monitored_nrpe_command_prefix }}
+{% else %}# command_prefix=
+{% endif %}
+
+command_timeout={{ monitored_nrpe_command_timeout }}
+connection_timeout={{ monitored_nrpe_connection_timeout }}
+
+#allow_weak_random_seed=1
+
+
+# INCLUDE CONFIG FILE
+{% if monitored_nrpe_include_files %}{% for file in monitored_nrpe_include_files %}include={{ monitored_nrpe_basedir }}/{{ file }}
+{% endfor %}{% endif %}
+
+
+# INCLUDE CONFIG DIRECTORY
+{% if monitored_nrpe_include_dirs %}{% for dir in monitored_nrpe_include_dirs %}include_dir={{ monitored_nrpe_basedir }}/{{ dir }}
+{% endfor %}{% endif %}
+
+

vars/archlinux.yml

@@ -0,0 +1,16 @@
+---
+monitored_user: nrpe
+monitored_group: nrpe
+monitored_homedir: /var/lib/nrpe
+
+monitored_packages_mp:
+  - monitoring-plugins
+monitored_packages_np:
+  - nagios-plugins
+
+monitored_packages_nrpe:
+  - nrpe
+
+monitored_nrpe_basedir: /etc/nrpe
+monitored_nrpe_pidfile: /var/run/nrpe/nrpe.pid
+

vars/debian.yml

@@ -0,0 +1,15 @@
+---
+monitored_packages_mp:
+  - monitoring-plugins
+monitored_packages_np:
+  - nagios-plugins
+
+monitored_packages_nrpe:
+  - nagios-nrpe-server
+
+monitored_nrpe_basedir: /etc/nagios
+monitored_nrpe_pidfile: /var/run/nagios/nrpe.pid
+
+monitored_nrpe_servicename: nagios-nrpe-server
+
+

vars/redhat.yml

@@ -0,0 +1,34 @@
+---
+monitored_user: nrpe
+monitored_group: nrpe
+monitored_homedir: /var/lib/nrpe
+
+monitored_packages_mp:
+  - monitoring-plugins-disk
+  - monitoring-plugins-http
+  - monitoring-plugins-load
+  - monitoring-plugins-procs
+  - monitoring-plugins-smtp
+  - monitoring-plugins-ssh
+  - monitoring-plugins-swap
+  - monitoring-plugins-tcp
+  - monitoring-plugins-users
+
+monitored_packages_np:
+  - nagios-plugins-disk
+  - nagios-plugins-http
+  - nagios-plugins-load
+  - nagios-plugins-procs
+  - nagios-plugins-smtp
+  - nagios-plugins-ssh
+  - nagios-plugins-swap
+  - nagios-plugins-tcp
+  - nagios-plugins-users
+
+monitored_packages_nrpe:
+  - nrpe
+
+monitored_nrpe_basedir: /etc/nagios
+monitored_nrpe_pidfile: /var/run/nrpe/nrpe.pid
+
+

vars/suse.yml

@@ -0,0 +1,37 @@
+---
+monitored_packages_mp:
+  - monitoring-plugins-disk
+  - monitoring-plugins-http
+  - monitoring-plugins-load
+  - monitoring-plugins-mem
+  - monitoring-plugins-ntp_peer
+  - monitoring-plugins-ntp_time
+  - monitoring-plugins-procs
+  - monitoring-plugins-smtp
+  - monitoring-plugins-ssh
+  - monitoring-plugins-swap
+  - monitoring-plugins-tcp
+  - monitoring-plugins-users
+
+monitored_packages_np:
+  - nagios-plugins-disk
+  - nagios-plugins-http
+  - nagios-plugins-load
+  - nagios-plugins-mem
+  - nagios-plugins-ntp_peer
+  - nagios-plugins-ntp_time
+  - nagios-plugins-procs
+  - nagios-plugins-smtp
+  - nagios-plugins-ssh
+  - nagios-plugins-swap
+  - nagios-plugins-tcp
+  - nagios-plugins-users
+
+
+monitored_packages_nrpe:
+  - nrpe
+
+monitored_nrpe_basedir: /etc
+monitored_nrpe_pidfile: /var/run/nrpe/nrpe.pid
+
+