diff --git a/roles/server/README.md b/roles/server/README.md index a674f4ea7..0d027ebb7 100644 --- a/roles/server/README.md +++ b/roles/server/README.md @@ -82,8 +82,17 @@ Note: this is not a recommended procedure, and will not be supported for enterpr omd_config: - var: AUTOSTART value: 'on' + mkp_packages: + - name: 'mypackage' + version: 1.0 + src: 'path' + url: 'download' + checksum: 'md5:download checksum' + installed: true + enabled: true A dictionary of sites, containing the desired version, admin password and state. +MKP packages can be listed to be installed on the specific site. A source can be set on the ansible controller. Alternatively a url can be specified to download the mkp package from. There are also advanced settings, which will be outlined below. Valid values for `state` are: diff --git a/roles/server/defaults/main.yml b/roles/server/defaults/main.yml index 3a11c8218..de708af31 100644 --- a/roles/server/defaults/main.yml +++ b/roles/server/defaults/main.yml @@ -56,3 +56,5 @@ checkmk_server_epel_gpg_check: 'true' checkmk_server_cleanup: 'false' checkmk_server_no_log: 'true' + +checkmk_server_mkp_staging: '/tmp' diff --git a/roles/server/tasks/mkp.yml b/roles/server/tasks/mkp.yml new file mode 100644 index 000000000..8a1d6c9de --- /dev/null +++ b/roles/server/tasks/mkp.yml @@ -0,0 +1,76 @@ +--- +- name: "Download MKP Packages." + ansible.builtin.get_url: + url: "{{ __mkp.url }}" + dest: "{{ checkmk_server_mkp_staging }}/{{ __mkp.name }}-{{ __mkp.version }}.mkp" + mode: "0640" + url_username: "{{ __mkp.download_user | default(omit) }}" + url_password: "{{ __mkp.download_password | default(omit) }}" + checksum: "{{ __mkp.checksum | default(omit) }}" + retries: 3 + loop: "{{ __site.mkp_packages }}" + loop_control: + loop_var: __mkp + when: __mkp.url is defined + tags: + - manage-mkp-packages + +- name: "Copy MKP Packages." + ansible.builtin.copy: + src: "{{ __mkp.src }}" + dest: "{{ checkmk_server_mkp_staging }}/{{ __mkp.name }}-{{ __mkp.version }}.mkp" + mode: "0640" + loop: "{{ __site.mkp_packages }}" + loop_control: + loop_var: __mkp + when: __mkp.src is defined + tags: + - manage-mkp-packages + +- name: "Install mkp packages." + become: true + ansible.builtin.command: "omd su {{ __site.name }} -c mkp add {{ checkmk_server_mkp_staging }}/{{ __mkp.name }}-{{ __mkp.version }}.mkp" + changed_when: __checkmk_server_mkp_install_output.rc == 0 + register: __checkmk_server_mkp_install_output + loop: "{{ __site.mkp_packages }}" + loop_control: + loop_var: __mkp + when: (__mkp.installed | default(true) ) + tags: + - manage-mkp-packages + +- name: "Enable mkp packages." + become: true + ansible.builtin.command: "omd su {{ __site.name }} -c mkp enable {{ __mkp.name }} {{ __mkp.version }}" + changed_when: __checkmk_server_mkp_enable_output.rc == 0 + register: __checkmk_server_mkp_enable_output + loop: "{{ __site.mkp_packages }}" + loop_control: + loop_var: __mkp + when: (__mkp.enabled | default(true)) + tags: + - manage-mkp-packages + +- name: "Disable mkp packages." + become: true + ansible.builtin.command: "omd su {{ __site.name }} -c mkp disable {{ __mkp.name }} {{ __mkp.version }}" + changed_when: __checkmk_server_mkp_disable_output.rc == 0 + register: __checkmk_server_mkp_disable_output + loop: "{{ __site.mkp_packages }}" + loop_control: + loop_var: __mkp + when: __mkp.enabled is defined and not __mkp.enabled + tags: + - manage-mkp-packages + +- name: "Remove mkp packages." + become: true + ansible.builtin.command: "omd su {{ __site.name }} -c mkp remove {{ __mkp.name }} {{ __mkp.version }}" + changed_when: __checkmk_server_mkp_remove_output.rc == 0 + register: __checkmk_server_mkp_remove_output + loop: "{{ __site.mkp_packages }}" + loop_control: + loop_var: __mkp + when: __mkp.installed is defined and not __mkp.installed + tags: + - manage-mkp-packages diff --git a/roles/server/tasks/sites.yml b/roles/server/tasks/sites.yml index 0fa28d7b4..2666be04b 100644 --- a/roles/server/tasks/sites.yml +++ b/roles/server/tasks/sites.yml @@ -132,6 +132,12 @@ tags: - configure-sites +- name: "Configure MKP packages." + ansible.builtin.include_tasks: mkp.yml + loop: "{{ checkmk_server_sites }}" + loop_control: + loop_var: __site + - name: "Update Site Admin Password for Checkmk < 2.1." # noqa no-changed-when become: true ansible.builtin.shell: |