Getting started¶

Example inventory
Example playbook
Ansible tags

Example inventory ¶

The debops.icinga_web role is not included in the common.yml playbook and needs to be enabled by adding a host to a specific Ansible inventory group.

The application expects a PostgreSQL or MariaDB database and won't work without one or the other. You can install a database on the same host as the application, or configure the debops.postgresql or the debops.mariadb roles to use an external database (see the documentation of these roles for details).

It's also possible to install the Icinga 2 Web interface without the Icinga 2 Agent on the same host, however it results in a reduced functionality and additional configuration is required to point the Web interface to an external Icinga 2 Agent for command transport. By default the role uses the Icinga 2 Agent installed on the localhost for command transport.

See the Deployment guide documentation for more details about deploying Icinga in DebOps and for a full example of Ansible inventory.

Example playbook ¶

If you are using this role without DebOps, here's an example Ansible playbook that uses the debops.icinga_web role:

---

- name: Configure Icinga Web service
  collections: [ 'debops.debops', 'debops.roles01',
                 'debops.roles02', 'debops.roles03' ]
  hosts: [ 'debops_service_icinga_web' ]
  become: True

  environment: '{{ inventory__environment | d({})
                   | combine(inventory__group_environment | d({}))
                   | combine(inventory__host_environment  | d({})) }}'

  pre_tasks:

    - import_role:
        name: 'keyring'
      vars:
        keyring__dependent_apt_keys:
          - '{{ php__keyring__dependent_apt_keys }}'
          - '{{ nginx__keyring__dependent_apt_keys }}'
          - '{{ postgresql__keyring__dependent_apt_keys if (icinga_web__database_type == "postgresql") else [] }}'
          - '{{ mariadb__keyring__dependent_apt_keys
                if (icinga_web__database_type == "mariadb" or icinga_web__x509_enabled)
                else [] }}'
      tags: [ 'role::keyring', 'skip::keyring',
              'role::php', 'role::nginx', 'role::postgresql', 'role::mariadb' ]

    - import_role:
        name: 'php'
        tasks_from: 'main_env'
      tags: [ 'role::php', 'role::php:env', 'role::logrotate' ]

  roles:

    - role: apt_preferences
      tags: [ 'role::apt_preferences', 'skip::apt_preferences' ]
      apt_preferences__dependent_list:
        - '{{ icinga_web__apt_preferences__dependent_list }}'
        - '{{ php__apt_preferences__dependent_list }}'
        - '{{ nginx__apt_preferences__dependent_list }}'
        - '{{ postgresql__apt_preferences__dependent_list | d([]) }}'

    - role: cron
      tags: [ 'role::cron', 'skip::cron' ]

    - role: logrotate
      tags: [ 'role::logrotate', 'skip::logrotate' ]
      logrotate__dependent_config:
        - '{{ php__logrotate__dependent_config }}'

    - role: ferm
      tags: [ 'role::ferm', 'skip::ferm' ]
      ferm__dependent_rules:
        - '{{ nginx__ferm__dependent_rules }}'

    - role: python
      tags: [ 'role::python', 'skip::python', 'role::mariadb', 'role::postgresql' ]
      python__dependent_packages3:
        - '{{ postgresql__python__dependent_packages3 if icinga_web__database_type == "postgresql" else [] }}'
        - '{{ mariadb__python__dependent_packages3
              if (icinga_web__database_type == "mariadb" or icinga_web__x509_enabled)
              else [] }}'
        - '{{ nginx__python__dependent_packages3 }}'
      python__dependent_packages2:
        - '{{ postgresql__python__dependent_packages2 if icinga_web__database_type == "postgresql" else [] }}'
        - '{{ mariadb__python__dependent_packages2
              if (icinga_web__database_type == "mariadb" or icinga_web__x509_enabled)
              else [] }}'
        - '{{ nginx__python__dependent_packages2 }}'

    - role: php
      tags: [ 'role::php', 'skip::php' ]
      php__dependent_packages:
        - '{{ icinga_web__php__dependent_packages }}'
      php__dependent_pools:
        - '{{ icinga_web__php__dependent_pools }}'

    - role: nginx
      tags: [ 'role::nginx', 'skip::nginx' ]
      nginx__dependent_servers:
        - '{{ icinga_web__nginx__dependent_servers }}'
      nginx__dependent_upstreams:
        - '{{ icinga_web__nginx__dependent_upstreams }}'

    - role: ldap
      tags: [ 'role::ldap', 'skip::ldap' ]
      ldap__dependent_tasks:
        - '{{ icinga_web__ldap__dependent_tasks }}'

    - role: postgresql
      tags: [ 'role::postgresql', 'skip::postgresql' ]
      postgresql__dependent_roles:
        - '{{ icinga_web__postgresql__dependent_roles }}'
      postgresql__dependent_groups:
        - '{{ icinga_web__postgresql__dependent_groups }}'
      postgresql__dependent_databases:
        - '{{ icinga_web__postgresql__dependent_databases }}'
      postgresql__dependent_extensions:
        - '{{ icinga_web__postgresql__dependent_extensions }}'
      when: icinga_web__database_type == 'postgresql'

    - role: mariadb
      tags: [ 'role::mariadb', 'skip::mariadb' ]
      mariadb__dependent_databases:
        - '{{ icinga_web__mariadb__dependent_databases }}'
      mariadb__dependent_users:
        - '{{ icinga_web__mariadb__dependent_users }}'
      when: icinga_web__database_type == 'mariadb' or
            icinga_web__x509_enabled|bool

    - role: icinga_web
      tags: [ 'role::icinga_web', 'skip::icinga_web' ]

Ansible tags ¶

You can use Ansible --tags or --skip-tags parameters to limit what tasks are performed during Ansible run. This can be used after a host was first configured to speed up playbook execution, when you are sure that most of the configuration is already in the desired state.

Available role tags:

role::icinga_web: Main role tag, should be used in the playbook to execute all of the role tasks as well as role dependencies.

Getting started¶

Example inventory¶

Example playbook¶

Ansible tags¶

Example inventory ¶

Example playbook ¶

Ansible tags ¶