add installer for openitcockpit agent
This commit is contained in:
@@ -0,0 +1,208 @@
|
|||||||
|
[default]
|
||||||
|
#
|
||||||
|
# This is the configuration file for the openITCOCKPIT Monitoring Agent 3.x
|
||||||
|
# Notice: Empty values will not been ignored! If you want to disable an option like proxy comment it out!
|
||||||
|
|
||||||
|
#########################
|
||||||
|
# Web Server #
|
||||||
|
#########################
|
||||||
|
|
||||||
|
# Bind address of the build-in web server
|
||||||
|
# Use 0.0.0.0 to bind on all interfaces
|
||||||
|
address = 0.0.0.0
|
||||||
|
|
||||||
|
# Port of the Agents build-in web server
|
||||||
|
# Default port is 3333
|
||||||
|
port = 3333
|
||||||
|
|
||||||
|
#########################
|
||||||
|
# Security Settings #
|
||||||
|
#########################
|
||||||
|
|
||||||
|
# Try to enable auto ssl mode for webserver
|
||||||
|
try-autossl = True
|
||||||
|
|
||||||
|
# File paths used to store autossl related files (default: /etc/openitcockpit-agent/):
|
||||||
|
# Leave this blank to use the default values
|
||||||
|
# Example: /etc/openitcockpit-agent/agent.csr
|
||||||
|
#autossl-csr-file =
|
||||||
|
|
||||||
|
# Example: /etc/openitcockpit-agent/agent.crt
|
||||||
|
#autossl-crt-file =
|
||||||
|
|
||||||
|
# Example: /etc/openitcockpit-agent/agent.key
|
||||||
|
#autossl-key-file =
|
||||||
|
|
||||||
|
# Example: /etc/openitcockpit-agent/server_ca.crt
|
||||||
|
#autossl-ca-file =
|
||||||
|
|
||||||
|
# If a certificate file is given, the agent will only be accessible through HTTPS
|
||||||
|
# Instead of messing around with self-signed certificates we recommend to use the autossl feature.
|
||||||
|
# Example: /etc/ssl/certs/ssl-cert-snakeoil.pem
|
||||||
|
#certfile = /etc/ssl/certs/ssl-cert-snakeoil.pem
|
||||||
|
|
||||||
|
# Private key file of the given TLS certificate
|
||||||
|
# Example: /etc/ssl/private/ssl-cert-snakeoil.key
|
||||||
|
#keyfile = /etc/ssl/private/ssl-cert-snakeoil.key
|
||||||
|
|
||||||
|
# Enable remote read and write access to the current agent configuration (this file) and
|
||||||
|
# the customchecks config
|
||||||
|
# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
|
||||||
|
# ! WARNING: This could lead to remote code execution !
|
||||||
|
# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
|
||||||
|
config-update-mode = False
|
||||||
|
|
||||||
|
# Enable HTTP Basic Authentication
|
||||||
|
# Example: auth = user:password
|
||||||
|
#auth = user:password
|
||||||
|
|
||||||
|
#########################
|
||||||
|
# Checks #
|
||||||
|
#########################
|
||||||
|
|
||||||
|
# Determines in seconds how often the agent will schedule all internal checks
|
||||||
|
interval = 30
|
||||||
|
|
||||||
|
# Remote Plugin Execution
|
||||||
|
# Path to config will where custom checks can be defined
|
||||||
|
# Comment to use the default value
|
||||||
|
#
|
||||||
|
# Linux: /etc/openitcockpit-agent/customchecks.ini
|
||||||
|
# Windows: C:\Program Files\it-novum\openitcockpit-agent\customchecks.ini
|
||||||
|
# macOS: /Applications/openitcockpit-agent/customchecks.ini
|
||||||
|
#customchecks = /etc/openitcockpit-agent/customchecks.ini
|
||||||
|
|
||||||
|
#########################
|
||||||
|
# Enable/Disable checks #
|
||||||
|
#########################
|
||||||
|
|
||||||
|
# Enable CPU monitoring
|
||||||
|
cpustats = True
|
||||||
|
|
||||||
|
# Enable memory monitoring
|
||||||
|
memory = True
|
||||||
|
|
||||||
|
# Enable Swap monitoring
|
||||||
|
swap = True
|
||||||
|
|
||||||
|
# Enable monitoring of running processes
|
||||||
|
processstats = True
|
||||||
|
|
||||||
|
# Enable monitoring of network interfaces
|
||||||
|
netstats = True
|
||||||
|
|
||||||
|
# Enable monitoring of the traffic (I/O) of network interfaces
|
||||||
|
netio = True
|
||||||
|
|
||||||
|
# Enable disk usage monitoring
|
||||||
|
diskstats = True
|
||||||
|
|
||||||
|
# Enable monitoring of disk I/O
|
||||||
|
diskio = True
|
||||||
|
|
||||||
|
# Enable monitoring of Systemd Services (Linux only)
|
||||||
|
systemdservices = True
|
||||||
|
|
||||||
|
# Enable monitoring of Launchd Services (macOS only)
|
||||||
|
launchdservices = True
|
||||||
|
|
||||||
|
# Enable monitoring of Windows Services (Windows only)
|
||||||
|
winservices = True
|
||||||
|
|
||||||
|
# Enable monitoring of Windows Event Log records (Windows only)
|
||||||
|
wineventlog = False
|
||||||
|
|
||||||
|
# Determines how the openITCOCKPIT Monitoring Agent should query the Windows Event Log.
|
||||||
|
# Since Version 3.0.9 WMI (Windows Management Instrumentation) will be used by default
|
||||||
|
# As alternative the Agent could use the PowerShell Get-EventLog cmdlet.
|
||||||
|
# The WMI method will maybe memory leak on Windows Server 2016. The PowerShell workaround
|
||||||
|
# on the other hand could lead to blue screens (OA-40).
|
||||||
|
wineventlog-method = WMI
|
||||||
|
#wineventlog-method = PowerShell
|
||||||
|
|
||||||
|
# Define comma separated windows event log log types
|
||||||
|
# Event Logs containing spaces DO NOT need to be quoted: Security,Sophos Cloud AD Sync,Application
|
||||||
|
wineventlog-logtypes = System,Application,Security
|
||||||
|
|
||||||
|
# Enable monitoring of temperature and battery sensors
|
||||||
|
sensorstats = True
|
||||||
|
|
||||||
|
# Enable support to monitor Docker containers
|
||||||
|
# Known issues: Error response from daemon: client version 1.41 is too new. Maximum supported API version is 1.40
|
||||||
|
# Workaround: export DOCKER_API_VERSION=1.40
|
||||||
|
dockerstats = False
|
||||||
|
|
||||||
|
# Check KVMs through libvirt
|
||||||
|
# This requires to compile the openITCOCKPIT Monitoring Agent by yourself.
|
||||||
|
# Please see the Wiki for instructions: https://github.com/openITCOCKPIT/openitcockpit-agent-go/wiki/Build-binary
|
||||||
|
libvirt = True
|
||||||
|
|
||||||
|
# Enable logged in users check
|
||||||
|
userstats = True
|
||||||
|
|
||||||
|
# Enable system time monitoring
|
||||||
|
# Windows: Requires at least Windows Server 2016 or newer: https://learn.microsoft.com/en-us/windows-server/networking/windows-time-service/windows-server-2016-improvements
|
||||||
|
# macOS: On macOS the system clock gets compared to the openITCOCKPIT servers clock
|
||||||
|
# Linux: For Docker environments you may have to set the --cap-add=SYS_TIME flag.
|
||||||
|
ntp = True
|
||||||
|
|
||||||
|
#########################
|
||||||
|
# Push mode #
|
||||||
|
#########################
|
||||||
|
|
||||||
|
# By default openITCOCKPIT will pull check results from the openITCOCKPIT Agent.
|
||||||
|
# In a cloud environments or behind a NAT network it could become handy
|
||||||
|
# if the openITCOCKPIT Monitoring Agent will push the results to your openITCOCKPIT Server
|
||||||
|
[oitc]
|
||||||
|
|
||||||
|
# Enable Push Mode
|
||||||
|
enabled = False
|
||||||
|
|
||||||
|
# This option disables the webserver of the openITCOCKPIT Monitoring Agent when running in PUSH mode.
|
||||||
|
# When you also want to enable the Webserver even if the agent is running in PUSH mode we highly recommend
|
||||||
|
# to enable HTTP Basic Authentication and to use the certfile and keyfile options to enable HTTPS
|
||||||
|
enable-webserver = False
|
||||||
|
|
||||||
|
# Address of your openITCOCKPIT Server where the Agent will push the results to
|
||||||
|
# Example: https://demo.openitcockpit.io
|
||||||
|
url =
|
||||||
|
|
||||||
|
# Enable this option when your openITCOCKPIT server uses valid TLS certificates
|
||||||
|
# like from Let's Encrypt
|
||||||
|
verify-server-certificate = False
|
||||||
|
|
||||||
|
# Timeout in seconds for the HTTP push client
|
||||||
|
timeout = 10
|
||||||
|
|
||||||
|
# API-Key of your openITCOCKPIT Server
|
||||||
|
apikey =
|
||||||
|
|
||||||
|
# Address of HTTP/HTTPS Proxy if required.
|
||||||
|
# Comment to disable
|
||||||
|
# Example: http://10.10.1.10:3128
|
||||||
|
#proxy = http://10.10.1.10:3128
|
||||||
|
|
||||||
|
|
||||||
|
#########################
|
||||||
|
# Prometheus Exporter #
|
||||||
|
#########################
|
||||||
|
|
||||||
|
# The openITCOCKPIT Monitoring Agent can act as a Prometheus Exporter proxy.
|
||||||
|
# This means that the Agent will scrape the metrics from the exporters defined in the prometheus_exporters.ini
|
||||||
|
# and will expose them on the /prometheus endpoint.
|
||||||
|
# The openITCOCKPIT Agent will not touch the metrics itself.
|
||||||
|
# If the Agent is configured to use TLS encryption the /prometheus endpoint will also be encrypted.
|
||||||
|
|
||||||
|
[prometheus]
|
||||||
|
|
||||||
|
# Determines if the openITCOCKPIT Agent should act as a Prometheus Exporter
|
||||||
|
enabled = True
|
||||||
|
|
||||||
|
# List of Prometheus Exporters
|
||||||
|
#
|
||||||
|
# Leave blank for the default value
|
||||||
|
#
|
||||||
|
# Linux: /etc/openitcockpit-agent/prometheus_exporters.ini
|
||||||
|
# Windows: C:\Program Files\it-novum\openitcockpit-agent\prometheus_exporters.ini
|
||||||
|
# macOS: /Applications/openitcockpit-agent/prometheus_exporters.ini
|
||||||
|
#exporters = /etc/openitcockpit-agent/prometheus_exporters.ini
|
||||||
Binary file not shown.
@@ -0,0 +1,63 @@
|
|||||||
|
---
|
||||||
|
- hosts: cockpithosts
|
||||||
|
gather_facts: no
|
||||||
|
tasks:
|
||||||
|
# Copy remote file (host.example.com:/tmp/somefile) into
|
||||||
|
# /tmp/fetched/host.example.com/tmp/somefile on local machine
|
||||||
|
- fetch:
|
||||||
|
src: /files/openitcockpit-agent_3.1.1_amd64.deb
|
||||||
|
dest: /tmp/openitcockpit-agent_3.1.1_amd64.deb
|
||||||
|
|
||||||
|
- name: change working directory
|
||||||
|
ansible.builtin.shell:
|
||||||
|
cmd: ls -l
|
||||||
|
chdir: /tmp
|
||||||
|
|
||||||
|
# - name: Install a list of packages
|
||||||
|
# ansible.builtin.apt:
|
||||||
|
# pkg:
|
||||||
|
# - apt-transport-https
|
||||||
|
# - curl
|
||||||
|
# - gnupg
|
||||||
|
|
||||||
|
# - name: Get GPG key
|
||||||
|
# ansible.builtin.shell:
|
||||||
|
# cmd: curl -fsSL https://bazel.build/bazel-release.pub.gpg | gpg --dearmor >bazel-archive-keyring.gpg
|
||||||
|
|
||||||
|
# - name: Move GPG key
|
||||||
|
# ansible.builtin.shell:
|
||||||
|
# cmd: mv bazel-archive-keyring.gpg /usr/share/keyrings
|
||||||
|
|
||||||
|
# - name: Add Key and repo to system
|
||||||
|
# ansible.builtin.shell:
|
||||||
|
# cmd: echo 'deb [arch=amd64 signed-by=/usr/share/keyrings/bazel-archive-keyring.gpg] https://storage.googleapis.com/bazel-apt stable jdk1.8' > /etc/apt/sources.list.d/bazel.list
|
||||||
|
|
||||||
|
# - name: Run the equivalent of "apt-get update" as a separate step
|
||||||
|
# ansible.builtin.apt:
|
||||||
|
# update_cache: yes
|
||||||
|
|
||||||
|
# - name: Update all installed packages using APT module
|
||||||
|
# apt:
|
||||||
|
# name: '*'
|
||||||
|
# state: latest
|
||||||
|
# update_cache: yes
|
||||||
|
# only_upgrade: yes
|
||||||
|
# register: apt_update_status
|
||||||
|
|
||||||
|
# - name: Update all installed packages using APT module
|
||||||
|
# apt:
|
||||||
|
# name: '*'
|
||||||
|
# state: latest
|
||||||
|
# update_cache: yes
|
||||||
|
# only_upgrade: yes
|
||||||
|
# register: apt_update_status
|
||||||
|
|
||||||
|
# - name: Remove packages not needed anymore
|
||||||
|
# apt:
|
||||||
|
# autoremove: yes
|
||||||
|
|
||||||
|
# - name: Reboot when packages were updated
|
||||||
|
# reboot:
|
||||||
|
# post_reboot_delay: 60
|
||||||
|
# when: apt_update_status.changed
|
||||||
|
#
|
||||||
Reference in New Issue
Block a user