Tag Archives: homelab

Adventures in Ansible

Recently had some fun with the homelab and Ansible. While getting nrpe to work with Nagios, I found myself on one box, testing, and updating. After I got the nrpe.cfg set up just right, I started the daunting task of pushing the new file out to the rest of the Linux hosts.

even over nfs, it’s daunting.

Enter Ansible. I already had ssh keys set up and sudo access across the board. Five minutes later I had an Ansible Playbook that pulled the updated file to the nfs mount, then turned around and copied the updated file into place with a service restart after.

Pretty darn slick if I do say so my self.

I didn’t post about it, but I also have a sysprep script for raspbian and ubuntu fresh installs that sets up my account and copies the public key into place along with a host of app installs and service updates.

The process of setting up a new Pi is now cake. The only per-requisites are enabling ssh and installing the avahi-daemon so it can be found by it’s default system name.

Adventures in Nagios (Version 4.4.6)

So, for a while now I’ve been wanting to try out Nagios on my home lab. But until recently, I never had a real reason to dig any further than “yep, got it to install and see the localhost”, especially while I was riding hi on ESXi on a real server. Everything I could want to monitor was either my laptop or already monitored through ESXi.

Recently though I downgraded (is it though?) to a few Pi-4Bs, dug out my Pi-2B, and repurposed some laptops I had kicking around. I now have a variety of hardware to monitor.

The Pi-2B (Raspberry Pi 2 Model B Rev 1.1) became my monitoring server. I put Raspbian GNU/Linux 10 (buster) armv7l on it as it’s what was recommended, and went to town. Decided to build from source rather than rely on what is in the repo (was it even in the repo?). Install was pretty easy and localhost was found and all green.

I’ll admit, digging through the config files is NOT a fun time. Nagios lets you either split everything up so that everything has its own config OR you could just dump it all into one single massive config.

the config schematic I borrowed from work before went to a neat managed thing using racktables, puppet, and a few other more advanced IT toys. (might look into racktables myself just for the pain of it)

├── cgi.cfg
├── htpasswd.users
├── nagios.cfg
├── objects
│   ├── commands.cfg
│   ├── contacts.cfg
│   ├── localhost.cfg
│   ├── monitoring
│   │   ├── groups
│   │   │   ├── hw_printers.cfg
│   │   │   ├── os_linux.cfg
│   │   │   ├── os_storage.cfg
│   │   │   ├── os_windows.cfg
│   │   │   ├── srv_web.cfg
│   │   │   └── srv_workstation.cfg
│   │   ├── hosts
│   │   │   ├── linux.cfg
│   │   │   ├── printers.cfg
│   │   │   ├── storage.cfg
│   │   │   └── windows.cfg
│   │   └── services
│   │   ├── linux.cfg
│   │   ├── printer.cfg
│   │   ├── service_grups.cfg
│   │   ├── storage.cfg
│   │   ├── web.cfg
│   │   ├── windows.cfg
│   │   └── workstation.cfg
│   ├── printer.cfg
│   ├── switch.cfg
│   ├── templates.cfg
│   ├── timeperiods.cfg
│   └── windows.cfg
├── resource.cfg
└── workspace.code-workspace

This layout made it MUCH easier for me to figure out what I wanted to monitor and how without making it too easy or too cumbersome. There’s just enough complexity that every now and then I need to backtrack to make sure I’m tweaking things right. I gave my account access so I could use VSCode to help juggle the file names, config names, group names, all the names!

That was a nice exercise to be sure! I’ve already started thinking of ways to streamlines the configs just a little bit, but I haven’t fully decided on that.

Now, time to up the challenge a little bit with NRPE. The daemon for nrpe 3.2.1 is available in all of the Raspbian repos, but not in the Ubuntu repos, which is at 4.0.0 which turned out to be a bit of a problem. The newer version ignores packets form version 3.x. You have to make sure your check_nrpe command uses the -2 flag to make sure it only uses the version 2.x packets.

At some point I’ll try upgrading the server nrpe version to 4.x and see if it’ll talk to the 3.x clients, but today is not that day.