setup snmpd

roles/server/tasks/utilities/snmpd.yml

@@ -1,4 +1,38 @@
+- include_vars: snmp_users.yml
+
 - name: server | snmpd | install package
   package:
     name: "{{ snmpd_package }}"
-    state: present
+    state: present
+
+- name: server | snmpd | insert anchors to snmpd.conf
+  blockinfile:
+    path: "/etc/snmp/snmpd.conf"
+    marker: "# {mark} ANSIBLE MANAGED BLOCK" # not required. The marker line template. C({mark}) will be replaced with the values C(in marker_begin) (default="BEGIN") and C(marker_end) (default="END"). Using a custom marker without the C({mark}) variable may result in the block being repeatedly inserted on subsequent playbook runs.
+    block: |
+      ################################################################################
+      # SECTION: {{ item }}
+  loop:
+    - ACLs
+    - Extends
+
+- name: server | snmpd | stop service
+  service:
+    name: "snmpd"
+    state: stopped
+
+- name: server | snmpd | setup monitoring user SNMPv3
+  lineinfile:
+    path: "{{ snmpd_user_file }}"
+    line: "createuser {{ snmp_user }} {{ snmp_auth_proto }} {{ snmp_auth_pass }} {{ snmp_priv_proto }} {{ snmp_priv_pass }}"
+
+- name: server | snmpd | setup ACLs
+  lineinfile:
+    path: "/etc/snmp/snmpd.conf" # required. The file to modify. Before Ansible 2.3 this option was only usable as I(dest), I(destfile) and I(name).
+    line: "rouser {{snmp_user }} authpriv -V systemonly"
+    insertafter: "# SECTION: ACLs"
+
+- name: server | snmpd start service
+  service:
+    name: "snmpd"
+    state: started