45 lines
1.6 KiB
YAML
45 lines
1.6 KiB
YAML
- include_vars: snmp_users.yml
|
|
|
|
- name: server | snmpd | install package
|
|
package:
|
|
name: "{{ snmpd_package }}"
|
|
state: present
|
|
|
|
- name: server | snmpd | install sudoers file
|
|
copy:
|
|
dest: "/etc/sudoers.d/10-debian-snmp"
|
|
src: "sudoers"
|
|
owner: "root"
|
|
group: "root"
|
|
mode: "0660"
|
|
verify: "visudo -cf %s"
|
|
when: ansible_distribution in ["Debian", "Ubuntu"]
|
|
|
|
- name: server | snmpd | insert anchors to snmpd.conf
|
|
blockinfile:
|
|
path: "/etc/snmp/snmpd.conf"
|
|
marker: "# {mark} ANSIBLE MANAGED BLOCK" # not required. The marker line template. C({mark}) will be replaced with the values C(in marker_begin) (default="BEGIN") and C(marker_end) (default="END"). Using a custom marker without the C({mark}) variable may result in the block being repeatedly inserted on subsequent playbook runs.
|
|
block: |
|
|
################################################################################
|
|
# SECTION: custom settings
|
|
|
|
- name: server | snmpd | stop service
|
|
service:
|
|
name: "snmpd"
|
|
state: stopped
|
|
|
|
- name: server | snmpd | setup monitoring user SNMPv3
|
|
lineinfile:
|
|
path: "{{ snmpd_user_file }}"
|
|
line: "createuser {{ snmp_user }} {{ snmp_auth_proto }} {{ snmp_auth_pass }} {{ snmp_priv_proto }} {{ snmp_priv_pass }}"
|
|
|
|
- name: server | snmpd | setup ACLs
|
|
lineinfile:
|
|
path: "/etc/snmp/snmpd.conf" # required. The file to modify. Before Ansible 2.3 this option was only usable as I(dest), I(destfile) and I(name).
|
|
line: "rouser {{snmp_user }} authpriv -V systemonly"
|
|
insertafter: "# SECTION: custom settings"
|
|
|
|
- name: server | snmpd start service
|
|
service:
|
|
name: "snmpd"
|
|
state: started |