From: David Galloway Date: Thu, 22 Sep 2016 21:30:29 +0000 (-0400) Subject: common: Create nagios_allowed_hosts var for lab-specific nagios IPs X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=d93d67a93ea580d022a4ecd84e7f4474964c429e;p=ceph-cm-ansible.git common: Create nagios_allowed_hosts var for lab-specific nagios IPs Signed-off-by: David Galloway --- diff --git a/roles/common/README.rst b/roles/common/README.rst index c030603e..956ffed8 100644 --- a/roles/common/README.rst +++ b/roles/common/README.rst @@ -45,6 +45,8 @@ Defined in ``roles/common/defaults/main.yml``. ``yum_timeout`` is an integer used to set the yum timeout. Defined in ``roles/common/defaults/main.yml``. +``nagios_allowed_hosts`` should be a comma-separated list of hosts allowed to query NRPE. Override in the secrets repo. + The following variables are used to configure NRPE_ (Nagios Remote Plugin Executor) on hosts in ``/etc/nagios/nrpe.cfg``. The system defaults differ between distros (``nrpe`` in RHEL vs ``nagios-nrpe-server`` in Ubuntu). Setting these allows us to make diff --git a/roles/common/defaults/main.yml b/roles/common/defaults/main.yml index ed370347..36229774 100644 --- a/roles/common/defaults/main.yml +++ b/roles/common/defaults/main.yml @@ -37,3 +37,6 @@ beta_distro: false enable_epel: true yum_timeout: 300 + +# Override in secrets repo +nagios_allowed_hosts: "127.0.0.1" diff --git a/roles/common/templates/nagios/nrpe.cfg b/roles/common/templates/nagios/nrpe.cfg index 84435c89..3aabc163 100644 --- a/roles/common/templates/nagios/nrpe.cfg +++ b/roles/common/templates/nagios/nrpe.cfg @@ -5,10 +5,7 @@ server_port=5666 nrpe_user={{ nrpe_user }} nrpe_group={{ nrpe_group }} -# These should eventually be in a secrets group_var -# 172. address is sepia nagios server -# 10. address is octo nagios server -allowed_hosts=127.0.0.1,172.21.0.33,10.8.0.8 +allowed_hosts={{ nagios_allowed_hosts }} dont_blame_nrpe=0 debug=0 command_timeout=60