├── .ansible-lint ├── .gitattributes ├── .github └── workflows │ ├── ci.yml │ └── galaxy.yml ├── .gitignore ├── .yamllint ├── LICENSE ├── README.md ├── defaults └── main.yml ├── handlers └── main.yml ├── meta └── main.yml ├── requirements.txt ├── tasks ├── librenms-config.yml ├── librenms-install.yml ├── main.yml ├── nagios_plugins.yml ├── packages.yml └── user.yml ├── templates ├── etc │ └── cron.d │ │ └── librenms.j2 └── opt │ └── librenms │ └── config.php.j2 └── tests ├── inventory ├── requirements.yml └── test.yml /.ansible-lint: -------------------------------------------------------------------------------- 1 | --- 2 | exclude_paths: 3 | - ./tests/requirements 4 | - .github 5 | 6 | warn_list: 7 | - experimental # all rules tagged as experimental 8 | - fqcn-builtins # Use FQCN for builtin actions. 9 | - yaml # Violations reported by yamllint. 10 | -------------------------------------------------------------------------------- /.gitattributes: -------------------------------------------------------------------------------- 1 | # Declare text files with unix file ending 2 | *.conf text eol=lf 3 | *.config text eol=lf 4 | *.css text eol=lf 5 | *.dtd text eol=lf 6 | *.esp text eol=lf 7 | *.ecma text eol=lf 8 | *.groovy text eol=lf 9 | *.hbrs text eol=lf 10 | *.hbs text eol=lf 11 | *.htm text eol=lf 12 | *.html text eol=lf 13 | *.java text eol=lf 14 | *.jpage text eol=lf 15 | *.js text eol=lf 16 | *.json text eol=lf 17 | *.jsp text eol=lf 18 | *.mustache text eol=lf 19 | *.tld text eol=lf 20 | *.launch text eol=lf 21 | *.log text eol=lf 22 | *.php text eol=lf 23 | *.pl text eol=lf 24 | *.project text eol=lf 25 | *.properties text eol=lf 26 | *.props text eol=lf 27 | *.sass text eol=lf 28 | *.scss text eol=lf 29 | *.sh text eol=lf 30 | *.shtm text eol=lf 31 | *.shtml text eol=lf 32 | *.sql text eol=lf 33 | *.svg text eol=lf 34 | *.txt text eol=lf 35 | *.vm text eol=lf 36 | *.xml text eol=lf 37 | *.xsd text eol=lf 38 | *.xsl text eol=lf 39 | *.xslt text eol=lf 40 | *.yml text eol=lf 41 | *.yaml text eol=lf 42 | 43 | 44 | # Declare windows-specific text files with windows file ending 45 | *.asp text eol=crlf 46 | *.asax text eol=crlf 47 | *.asa text eol=crlf 48 | *.aspx text eol=crlf 49 | *.bat text eol=crlf 50 | *.cmd text eol=crlf 51 | *.cs text eol=crlf 52 | *.csproj text eol=crlf 53 | *.reg text eol=crlf 54 | *.sln text eol=crlf -------------------------------------------------------------------------------- /.github/workflows/ci.yml: -------------------------------------------------------------------------------- 1 | name: CI 2 | 3 | on: 4 | push: 5 | branches: [ master ] 6 | pull_request: 7 | branches: [ master ] 8 | 9 | jobs: 10 | lint: 11 | name: lint & syntax check 12 | 13 | runs-on: ubuntu-latest 14 | 15 | steps: 16 | - name: Checkout 17 | uses: actions/checkout@v2 18 | 19 | - name: Cache PIP 20 | uses: actions/cache@v2 21 | with: 22 | path: ~/.cache/pip 23 | key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements.txt') }} 24 | restore-keys: | 25 | ${{ runner.os }}-pip- 26 | 27 | - name: Install role requirements 28 | uses: BSFishy/pip-action@v1 29 | with: 30 | requirements: "requirements.txt" 31 | 32 | - name: Create ansible.cfg 33 | run: "printf '[defaults]\nroles_path=./tests/requirements/:../' > ansible.cfg" 34 | 35 | - name: ansible-lint 36 | uses: ansible-community/ansible-lint-action@v6.2.1 37 | 38 | - name: ansible-playbook syntax check 39 | uses: dawidd6/action-ansible-playbook@3c534b3ba0bcbbee2b13fb45226f71acbaca2a76 40 | with: 41 | playbook: tests/test.yml 42 | directory: "." 43 | requirements: tests/requirements.yml 44 | options: --syntax-check -i tests/inventory 45 | 46 | -------------------------------------------------------------------------------- /.github/workflows/galaxy.yml: -------------------------------------------------------------------------------- 1 | name: Ansible Galaxy import 2 | 3 | on: 4 | push: 5 | branches: [ master ] 6 | create: 7 | tags: 8 | release: 9 | types: 10 | - published 11 | 12 | jobs: 13 | galaxy: 14 | name: ansible-galaxy import 15 | runs-on: ubuntu-latest 16 | 17 | steps: 18 | 19 | - name: import 20 | uses: robertdebock/galaxy-action@1.2.1 21 | with: 22 | galaxy_api_key: ${{ secrets.GALAXY_API_KEY }} 23 | 24 | 25 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | .idea 2 | *.pyc 3 | .venv 4 | -------------------------------------------------------------------------------- /.yamllint: -------------------------------------------------------------------------------- 1 | --- 2 | extends: default 3 | 4 | rules: 5 | line-length: 6 | max: 120 7 | level: warning 8 | truthy: 9 | allowed-values: ['true', 'false', 'yes', 'no'] 10 | 11 | ignore: | 12 | tests/requirements/ 13 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Apache License 2 | Version 2.0, January 2004 3 | http://www.apache.org/licenses/ 4 | 5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 6 | 7 | 1. Definitions. 8 | 9 | "License" shall mean the terms and conditions for use, reproduction, 10 | and distribution as defined by Sections 1 through 9 of this document. 11 | 12 | "Licensor" shall mean the copyright owner or entity authorized by 13 | the copyright owner that is granting the License. 14 | 15 | "Legal Entity" shall mean the union of the acting entity and all 16 | other entities that control, are controlled by, or are under common 17 | control with that entity. For the purposes of this definition, 18 | "control" means (i) the power, direct or indirect, to cause the 19 | direction or management of such entity, whether by contract or 20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the 21 | outstanding shares, or (iii) beneficial ownership of such entity. 22 | 23 | "You" (or "Your") shall mean an individual or Legal Entity 24 | exercising permissions granted by this License. 25 | 26 | "Source" form shall mean the preferred form for making modifications, 27 | including but not limited to software source code, documentation 28 | source, and configuration files. 29 | 30 | "Object" form shall mean any form resulting from mechanical 31 | transformation or translation of a Source form, including but 32 | not limited to compiled object code, generated documentation, 33 | and conversions to other media types. 34 | 35 | "Work" shall mean the work of authorship, whether in Source or 36 | Object form, made available under the License, as indicated by a 37 | copyright notice that is included in or attached to the work 38 | (an example is provided in the Appendix below). 39 | 40 | "Derivative Works" shall mean any work, whether in Source or Object 41 | form, that is based on (or derived from) the Work and for which the 42 | editorial revisions, annotations, elaborations, or other modifications 43 | represent, as a whole, an original work of authorship. For the purposes 44 | of this License, Derivative Works shall not include works that remain 45 | separable from, or merely link (or bind by name) to the interfaces of, 46 | the Work and Derivative Works thereof. 47 | 48 | "Contribution" shall mean any work of authorship, including 49 | the original version of the Work and any modifications or additions 50 | to that Work or Derivative Works thereof, that is intentionally 51 | submitted to Licensor for inclusion in the Work by the copyright owner 52 | or by an individual or Legal Entity authorized to submit on behalf of 53 | the copyright owner. For the purposes of this definition, "submitted" 54 | means any form of electronic, verbal, or written communication sent 55 | to the Licensor or its representatives, including but not limited to 56 | communication on electronic mailing lists, source code control systems, 57 | and issue tracking systems that are managed by, or on behalf of, the 58 | Licensor for the purpose of discussing and improving the Work, but 59 | excluding communication that is conspicuously marked or otherwise 60 | designated in writing by the copyright owner as "Not a Contribution." 61 | 62 | "Contributor" shall mean Licensor and any individual or Legal Entity 63 | on behalf of whom a Contribution has been received by Licensor and 64 | subsequently incorporated within the Work. 65 | 66 | 2. Grant of Copyright License. Subject to the terms and conditions of 67 | this License, each Contributor hereby grants to You a perpetual, 68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 69 | copyright license to reproduce, prepare Derivative Works of, 70 | publicly display, publicly perform, sublicense, and distribute the 71 | Work and such Derivative Works in Source or Object form. 72 | 73 | 3. Grant of Patent License. Subject to the terms and conditions of 74 | this License, each Contributor hereby grants to You a perpetual, 75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 76 | (except as stated in this section) patent license to make, have made, 77 | use, offer to sell, sell, import, and otherwise transfer the Work, 78 | where such license applies only to those patent claims licensable 79 | by such Contributor that are necessarily infringed by their 80 | Contribution(s) alone or by combination of their Contribution(s) 81 | with the Work to which such Contribution(s) was submitted. If You 82 | institute patent litigation against any entity (including a 83 | cross-claim or counterclaim in a lawsuit) alleging that the Work 84 | or a Contribution incorporated within the Work constitutes direct 85 | or contributory patent infringement, then any patent licenses 86 | granted to You under this License for that Work shall terminate 87 | as of the date such litigation is filed. 88 | 89 | 4. Redistribution. You may reproduce and distribute copies of the 90 | Work or Derivative Works thereof in any medium, with or without 91 | modifications, and in Source or Object form, provided that You 92 | meet the following conditions: 93 | 94 | (a) You must give any other recipients of the Work or 95 | Derivative Works a copy of this License; and 96 | 97 | (b) You must cause any modified files to carry prominent notices 98 | stating that You changed the files; and 99 | 100 | (c) You must retain, in the Source form of any Derivative Works 101 | that You distribute, all copyright, patent, trademark, and 102 | attribution notices from the Source form of the Work, 103 | excluding those notices that do not pertain to any part of 104 | the Derivative Works; and 105 | 106 | (d) If the Work includes a "NOTICE" text file as part of its 107 | distribution, then any Derivative Works that You distribute must 108 | include a readable copy of the attribution notices contained 109 | within such NOTICE file, excluding those notices that do not 110 | pertain to any part of the Derivative Works, in at least one 111 | of the following places: within a NOTICE text file distributed 112 | as part of the Derivative Works; within the Source form or 113 | documentation, if provided along with the Derivative Works; or, 114 | within a display generated by the Derivative Works, if and 115 | wherever such third-party notices normally appear. The contents 116 | of the NOTICE file are for informational purposes only and 117 | do not modify the License. You may add Your own attribution 118 | notices within Derivative Works that You distribute, alongside 119 | or as an addendum to the NOTICE text from the Work, provided 120 | that such additional attribution notices cannot be construed 121 | as modifying the License. 122 | 123 | You may add Your own copyright statement to Your modifications and 124 | may provide additional or different license terms and conditions 125 | for use, reproduction, or distribution of Your modifications, or 126 | for any such Derivative Works as a whole, provided Your use, 127 | reproduction, and distribution of the Work otherwise complies with 128 | the conditions stated in this License. 129 | 130 | 5. Submission of Contributions. Unless You explicitly state otherwise, 131 | any Contribution intentionally submitted for inclusion in the Work 132 | by You to the Licensor shall be under the terms and conditions of 133 | this License, without any additional terms or conditions. 134 | Notwithstanding the above, nothing herein shall supersede or modify 135 | the terms of any separate license agreement you may have executed 136 | with Licensor regarding such Contributions. 137 | 138 | 6. Trademarks. This License does not grant permission to use the trade 139 | names, trademarks, service marks, or product names of the Licensor, 140 | except as required for reasonable and customary use in describing the 141 | origin of the Work and reproducing the content of the NOTICE file. 142 | 143 | 7. Disclaimer of Warranty. Unless required by applicable law or 144 | agreed to in writing, Licensor provides the Work (and each 145 | Contributor provides its Contributions) on an "AS IS" BASIS, 146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 147 | implied, including, without limitation, any warranties or conditions 148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A 149 | PARTICULAR PURPOSE. You are solely responsible for determining the 150 | appropriateness of using or redistributing the Work and assume any 151 | risks associated with Your exercise of permissions under this License. 152 | 153 | 8. Limitation of Liability. In no event and under no legal theory, 154 | whether in tort (including negligence), contract, or otherwise, 155 | unless required by applicable law (such as deliberate and grossly 156 | negligent acts) or agreed to in writing, shall any Contributor be 157 | liable to You for damages, including any direct, indirect, special, 158 | incidental, or consequential damages of any character arising as a 159 | result of this License or out of the use or inability to use the 160 | Work (including but not limited to damages for loss of goodwill, 161 | work stoppage, computer failure or malfunction, or any and all 162 | other commercial damages or losses), even if such Contributor 163 | has been advised of the possibility of such damages. 164 | 165 | 9. Accepting Warranty or Additional Liability. While redistributing 166 | the Work or Derivative Works thereof, You may choose to offer, 167 | and charge a fee for, acceptance of support, warranty, indemnity, 168 | or other liability obligations and/or rights consistent with this 169 | License. However, in accepting such obligations, You may act only 170 | on Your own behalf and on Your sole responsibility, not on behalf 171 | of any other Contributor, and only if You agree to indemnify, 172 | defend, and hold each Contributor harmless for any liability 173 | incurred by, or claims asserted against, such Contributor by reason 174 | of your accepting any such warranty or additional liability. 175 | 176 | END OF TERMS AND CONDITIONS 177 | 178 | APPENDIX: How to apply the Apache License to your work. 179 | 180 | To apply the Apache License to your work, attach the following 181 | boilerplate notice, with the fields enclosed by brackets "[]" 182 | replaced with your own identifying information. (Don't include 183 | the brackets!) The text should be enclosed in the appropriate 184 | comment syntax for the file format. We also recommend that a 185 | file or class name and description of purpose be included on the 186 | same "printed page" as the copyright notice for easier 187 | identification within third-party archives. 188 | 189 | Copyright [yyyy] [name of copyright owner] 190 | 191 | Licensed under the Apache License, Version 2.0 (the "License"); 192 | you may not use this file except in compliance with the License. 193 | You may obtain a copy of the License at 194 | 195 | http://www.apache.org/licenses/LICENSE-2.0 196 | 197 | Unless required by applicable law or agreed to in writing, software 198 | distributed under the License is distributed on an "AS IS" BASIS, 199 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 200 | See the License for the specific language governing permissions and 201 | limitations under the License. 202 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # tobias_richter.librenms 2 | 3 | [![Build Status](https://github.com/tobias-richter/ansible-librenms/workflows/CI/badge.svg)](https://github.com/tobias-richter/ansible-librenms/actions) 4 | 5 | This role installs and configures librems. 6 | 7 | This role supports configuring 8 | * `ignore_mount` 9 | * `ignore_mount_regexp` 10 | * rrdcached 11 | * poller threads 12 | * baseurl and domain 13 | * nets 14 | * snmp (community, authname etc. at the moment only authPriv is 15 | `supported`) 16 | * proxmox 17 | * influxdb 18 | * ldap 19 | 20 | The default credentials for the installation are `admin` / `admin`. 21 | 22 | Have a look at 23 | [tobias_richter.rrdcached](https://galaxy.ansible.com/tobias_richter/rrdcached) 24 | for setting up rrdcached on your server. 25 | 26 | ## Requirements 27 | 28 | This role requires Ansible 2.7 or higher. 29 | 30 | ## Role Variables 31 | 32 | See [defaults/main.yml](defaults/main.yml) for the documented role variables. 33 | See also the distribution specific [vars](vars). 34 | 35 | Mandatory variables are: 36 | * `librenms_sql_db_password` 37 | 38 | ## Example Playbook 39 | 40 | This playbook setups librenms. 41 | 42 | - hosts: apt_config 43 | roles: 44 | - role: tobias_richter.librenms 45 | librenms_sql_db_password: librenmsdbpassword -------------------------------------------------------------------------------- /defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # package to install 3 | librenms_packages: 4 | - curl 5 | - apache2 6 | - composer 7 | - fping 8 | - git 9 | - graphviz 10 | - imagemagick 11 | - mtr-tiny 12 | - nmap 13 | - python3-memcache 14 | - python3-mysqldb 15 | - rrdtool 16 | - snmp 17 | - snmpd 18 | - whois 19 | - acl 20 | - monitoring-plugins 21 | - nagios-plugins-contrib 22 | - python3-pip 23 | - python3-command-runner 24 | - python3-pymysql 25 | - python3-dotenv 26 | - python3-redis 27 | - python3-setuptools 28 | - python3-psutil 29 | - python3-systemd 30 | - python3-pip 31 | 32 | # User and group to create with home directory 33 | librenms_user: librenms 34 | librenms_home: /opt/librenms 35 | librenms_group: "{{ librenms_user }}" 36 | 37 | # SQL database to create 38 | librenms_sql_databases: 39 | - name: librenms 40 | encoding: utf8 41 | collation: utf8_unicode_ci 42 | 43 | # SQL database password, must be set 44 | # librenms_sql_db_password: 45 | 46 | # SQL Users to create 47 | librenms_sql_users: 48 | - name: librenms 49 | password: "{{ librenms_sql_db_password | mandatory }}" 50 | priv: "librenms.*:ALL" 51 | 52 | # Default admin user and password 53 | librenms_admin_user: admin 54 | 55 | # only set once during installation 56 | librenms_admin_password: admin 57 | 58 | # The auth mechanism to use (mysql, ldap) 59 | librenms_config_auth_mechanism: mysql 60 | 61 | # The librenms baseurl 62 | librenms_config_base_url: "http://{{ librenms_config_mydomain }}" 63 | 64 | # The librenms domain 65 | librenms_config_mydomain: "{{ inventory_hostname }}" 66 | 67 | # Ignore interfaces 68 | librenms_config_bad_if_regexps: 69 | - '/^docker[\w]+$/' 70 | - '/^lxcbr[0-9]+$/' 71 | - '/^fwln.+$/' 72 | - '/^fwpr.+$/' 73 | - '/^fwbr.+$/' 74 | - '/^br.+$/' 75 | - '/^veth.*$/' 76 | - '/^virbr.*$/' 77 | - '/^lo$/' 78 | - '/^sit.*$/' 79 | - '/^dummy.*$/' 80 | # - '/^macvtap.*$/' 81 | # - '/tun[0-9]+$/' 82 | 83 | # Ignore the following mounts 84 | librenms_ignore_mounts: 85 | # common 86 | - /run 87 | - /run/lock 88 | - /sys/fs/cgroup 89 | - /dev/shm 90 | # pve 91 | - /boot/efi 92 | # synology 93 | - /tmp 94 | # thecus 95 | - /rom 96 | - /syslog 97 | - /var 98 | - /etc 99 | 100 | # Ignore the following mounts (regex) 101 | librenms_ignore_mounts_regexp: [] 102 | # e.g. 103 | # 104 | # # jenkins and jenkins nodes 105 | # - /^\/run\/user\/\d+/ 106 | # # NFS mount points on thecus 107 | # - /^\/raid\d+\/data\/_NAS_NFS_Exports_\/.+/ 108 | # # Thecus raidsys 109 | # - /^\/raidsys\/\d+/ 110 | 111 | # Path to the rrdached socket. 112 | # librenms_rrdcached: unix:/run/rrdcached.sock 113 | 114 | # The rrdtool version that is used 115 | librenms_rrdtool_version: 1.7.2 116 | 117 | # Parallel threads for the librenms poller 118 | librenms_poller_threads: 3 119 | 120 | # Networks for autodiscovery 121 | librenms_config_nets: [] 122 | # - 192.168.10.0/24 123 | 124 | # snmp configuration 125 | librenms_config_snmp_timeout: 1 126 | librenms_config_snmp_retries: 3 127 | librenms_config_snmp_community: community 128 | librenms_config_snmp_authlevel: authPriv 129 | # must be set! 130 | # librenms_config_snmp_authname: # "snmp-user" 131 | # librenms_config_snmp_authpass: # "snmp-password" 132 | # librenms_config_snmp_cryptopass: # "snmp-encryption" 133 | 134 | # When set to true ldap is configured and the other ldap variables must be set 135 | librenms_config_ldap: false 136 | # The server to use 137 | librenms_config_auth_ldap_server: # e.g. ldap.main.corp 138 | # The server to use 139 | librenms_config_auth_ldap_suffix: # e.g. "ou=users,ou=location,dc=main,dc=corp" 140 | librenms_config_auth_ldap_groupbase: # e.g. "ou=groups,ou=location,dc=main,dc=corp" 141 | librenms_config_auth_ldap_group: # e.g. "cn=all,ou=groups,ou=location,dc=main,dc=corp" 142 | librenms_config_auth_ldap_binddn: # e.g. "uid=ldapbind,ou=system,ou=location,dc=main,dc=corp" 143 | librenms_config_auth_ldap_bindpassword: # e.g. "password_from_ldapbinduser" 144 | 145 | # Enables, disables proxmox in librenms 146 | librenms_config_enable_proxmox: 1 147 | 148 | # Enables/Disables influxdb feature 149 | librenms_config_influxdb_enable: false 150 | # The influxdb host 151 | librenms_config_influxdb_host: 152 | # The influxdb port 153 | librenms_config_influxdb_port: 8006 154 | # The influxdb database to use 155 | librenms_config_influxdb_db: librenms 156 | # The username for the influxdb 157 | librenms_config_influxdb_username: librenms 158 | # The password for the influxdb 159 | librenms_config_influxdb_password: librenms 160 | 161 | # cleanup options, see https://docs.librenms.org/Support/Cleanup-options/ 162 | librenms_config_eventlog_purge: 30 163 | librenms_config_syslog_purge: 30 164 | librenms_config_route_purge: 10 165 | librenms_config_alert_log_purge: 365 166 | librenms_config_authlog_purge: 30 167 | librenms_config_ports_fdb_purge: 10 168 | librenms_config_device_perf_purge: 7 169 | librenms_config_rrd_purge: 0 170 | librenms_config_ports_purge: 10 171 | 172 | # The services to restart when php.ini was touched 173 | librenms_php_restart_services: 174 | - apache2 175 | 176 | librenms_nagios_plugins_dir: /usr/lib/nagios/plugins 177 | 178 | librenms_nagios_plugins: 179 | - url: https://gist.githubusercontent.com/tobias-richter/5d73a0bab773ee24f01a93cea20059d9/raw/df17577e2bade03fa5068c5571b5bbb2e6cff6d2/check_mdraid_mismatch 180 | name: check_mdraid_mismatch 181 | -------------------------------------------------------------------------------- /handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: restart apache 3 | ansible.builtin.service: 4 | name: "apache2" 5 | state: "restarted" 6 | -------------------------------------------------------------------------------- /meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | galaxy_info: 3 | role_name: librenms 4 | author: Tobias Richter 5 | description: Ansible Role for setting up and managing librenms. 6 | license: Apache 7 | min_ansible_version: "2.9" 8 | 9 | platforms: 10 | - name: Debian 11 | versions: 12 | - buster 13 | - bullseye 14 | - name: Ubuntu 15 | versions: 16 | - bionic 17 | 18 | galaxy_tags: 19 | - librenms 20 | - monitoring 21 | - snmp 22 | 23 | dependencies: 24 | - role: geerlingguy.mysql 25 | vars: 26 | mysql_packages: 27 | - mariadb-client 28 | - mariadb-server 29 | - python3-mysqldb 30 | mysql_databases: "{{ librenms_sql_databases }}" 31 | mysql_users: "{{ librenms_sql_users }}" 32 | mysql_bind_address: '127.0.0.1' 33 | mysql_innodb_file_per_table: "1" 34 | mysql_lower_case_table_names: "0" 35 | tags: 36 | - mysql 37 | - dependency 38 | - dependency.mysql 39 | -------------------------------------------------------------------------------- /requirements.txt: -------------------------------------------------------------------------------- 1 | # This role needs to have the following PIP components installed -------------------------------------------------------------------------------- /tasks/librenms-config.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Check if config.php is present 3 | ansible.builtin.stat: 4 | path: /opt/librenms/config.php 5 | register: __librenms_config 6 | 7 | - name: Deploy config.php 8 | ansible.builtin.template: 9 | src: opt/librenms/config.php.j2 10 | dest: /opt/librenms/config.php 11 | owner: "{{ librenms_user }}" 12 | group: "{{ librenms_group }}" 13 | mode: 0640 14 | notify: 15 | - restart apache 16 | 17 | - name: Deploy librenms cron config. 18 | ansible.builtin.template: 19 | src: etc/cron.d/librenms.j2 20 | dest: /etc/cron.d/librenms 21 | mode: 0644 22 | tags: 23 | - cron 24 | -------------------------------------------------------------------------------- /tasks/librenms-install.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Check if librenms is already installed 3 | ansible.builtin.stat: 4 | path: "{{ librenms_home }}" 5 | register: __librenms_path 6 | 7 | - name: Install librenms 8 | ansible.builtin.composer: 9 | command: create-project 10 | arguments: --keep-vcs librenms/librenms /opt/librenms dev-master 11 | no_dev: yes 12 | prefer_dist: yes 13 | working_dir: /tmp 14 | become: true 15 | become_user: "{{ librenms_user }}" 16 | when: not __librenms_path.stat.exists 17 | 18 | - name: Change ownership 19 | ansible.builtin.file: 20 | path: "{{ librenms_home }}" 21 | owner: "{{ librenms_user }}" 22 | group: "{{ librenms_group }}" 23 | recurse: true 24 | tags: 25 | - ownership 26 | 27 | - name: "Apply permissions on {{ librenms_home }}" 28 | ansible.builtin.file: 29 | path: "{{ librenms_home }}" 30 | mode: u=rwX,g=rwX 31 | 32 | - name: Set acls 33 | ansible.builtin.acl: 34 | default: "{{ item.default | default(false) }}" 35 | path: "{{ item.path }}" 36 | permissions: "rwx" 37 | etype: "group" 38 | entity: "{{ librenms_group }}" 39 | recursive: "{{ item.recursive | default(false) }}" 40 | state: present 41 | with_items: 42 | # default rules 43 | - path: "{{ librenms_home }}/rrd" 44 | default: true 45 | - path: "{{ librenms_home }}/logs" 46 | default: true 47 | - path: "{{ librenms_home }}/bootstrap/cache/" 48 | default: true 49 | - path: "{{ librenms_home }}/storage/" 50 | default: true 51 | # apply recursive 52 | - path: "{{ librenms_home }}/rrd" 53 | recursive: true 54 | - path: "{{ librenms_home }}/logs" 55 | recursive: true 56 | - path: "{{ librenms_home }}/bootstrap/cache/" 57 | recursive: true 58 | - path: "{{ librenms_home }}/storage/" 59 | recursive: true 60 | 61 | - name: Update running daily.sh. # noqa 301 62 | ansible.builtin.command: "./daily.sh" 63 | args: 64 | chdir: "{{ librenms_home }}" 65 | become_user: "{{ librenms_user }}" 66 | become: yes 67 | tags: 68 | - migrate 69 | - daily_sh 70 | 71 | - name: Initially set admin user password. # noqa 301 72 | ansible.builtin.command: "./lnms user:add --role admin --password={{ librenms_admin_password }} {{ librenms_admin_user }}" 73 | args: 74 | chdir: "{{ librenms_home }}" 75 | become_user: "{{ librenms_user }}" 76 | become: yes 77 | register: admin_user_result 78 | changed_when: not admin_user_result.stdout is search("The username has already been taken") 79 | failed_when: 80 | - admin_user_result.rc != 0 81 | - not admin_user_result.stdout is search("The username has already been taken") 82 | tags: 83 | - migrate 84 | 85 | - name: Deploy cronjob 86 | ansible.builtin.copy: 87 | src: "{{ librenms_home }}/dist/librenms.cron" 88 | dest: /etc/cron.d/librenms 89 | remote_src: true 90 | mode: 0644 91 | 92 | - name: Deploy logrotate 93 | ansible.builtin.copy: 94 | src: "{{ librenms_home }}/misc/librenms.logrotate" 95 | dest: /etc/logrotate.d/librenms 96 | remote_src: true 97 | mode: 0644 98 | -------------------------------------------------------------------------------- /tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install packages 3 | ansible.builtin.import_tasks: packages.yml 4 | tags: 5 | - packages 6 | 7 | - name: Configure user. 8 | ansible.builtin.import_tasks: user.yml 9 | tags: 10 | - user 11 | 12 | - name: Install librenms. 13 | ansible.builtin.import_tasks: librenms-install.yml 14 | tags: 15 | - librenms-install 16 | - librenms 17 | 18 | - name: Install nagios plugins. 19 | ansible.builtin.import_tasks: nagios_plugins.yml 20 | tags: 21 | - nagios-plugins 22 | - nagios 23 | 24 | - name: Configure librenms. 25 | ansible.builtin.import_tasks: librenms-config.yml 26 | tags: 27 | - librenms-config 28 | - librenms 29 | -------------------------------------------------------------------------------- /tasks/nagios_plugins.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install additional nagios plugins. 3 | ansible.builtin.get_url: 4 | url: "{{ item.url }}" 5 | dest: "{{ librenms_nagios_plugins_dir }}/{{ item.name }}" 6 | mode: 0755 7 | with_items: "{{ librenms_nagios_plugins }}" 8 | -------------------------------------------------------------------------------- /tasks/packages.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: install required packages. 3 | ansible.builtin.apt: 4 | name: "{{ librenms_packages }}" 5 | cache_valid_time: 3600 6 | -------------------------------------------------------------------------------- /tasks/user.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Create librenms group. 3 | ansible.builtin.group: 4 | name: "librenms" 5 | state: present 6 | 7 | - name: Create librenms user. 8 | ansible.builtin.user: 9 | name: librenms 10 | shell: /bin/bash 11 | group: 12 | groups: 13 | - librenms 14 | home: /opt/librenms 15 | create_home: no 16 | append: no 17 | system: yes 18 | state: present 19 | notify: 20 | - restart apache 21 | 22 | - name: Add www-data to librenms group. 23 | ansible.builtin.user: 24 | name: www-data 25 | groups: 26 | - www-data 27 | - librenms 28 | notify: 29 | - restart apache 30 | -------------------------------------------------------------------------------- /templates/etc/cron.d/librenms.j2: -------------------------------------------------------------------------------- 1 | # Using this cron file requires an additional user on your system, please see install docs. 2 | 3 | 33 */6 * * * librenms /opt/librenms/cronic /opt/librenms/discovery-wrapper.py 1 4 | */5 * * * * librenms /opt/librenms/discovery.php -h new >> /dev/null 2>&1 5 | */5 * * * * librenms /opt/librenms/cronic /opt/librenms/poller-wrapper.py {{ librenms_poller_threads }} 6 | * * * * * librenms /opt/librenms/alerts.php >> /dev/null 2>&1 7 | */5 * * * * librenms /opt/librenms/poll-billing.php >> /dev/null 2>&1 8 | 01 * * * * librenms /opt/librenms/billing-calculate.php >> /dev/null 2>&1 9 | */5 * * * * librenms /opt/librenms/check-services.php >> /dev/null 2>&1 10 | 11 | # Daily maintenance script. DO NOT DISABLE! 12 | # If you want to modify updates: 13 | # Switch to monthly stable release: https://docs.librenms.org/General/Releases/ 14 | # Disable updates: https://docs.librenms.org/General/Updating/ 15 | 15 0 * * * librenms /opt/librenms/daily.sh >> /dev/null 2>&1 16 | # there must be a new line at the end! 17 | -------------------------------------------------------------------------------- /templates/opt/librenms/config.php.j2: -------------------------------------------------------------------------------- 1 |