61 lines
1.7 KiB
Markdown
61 lines
1.7 KiB
Markdown
# Role: monitoring
|
|
|
|
## Description
|
|
Installs comprehensive system monitoring tools and custom monitoring scripts for performance analysis and security monitoring.
|
|
|
|
## Requirements
|
|
- Ansible 2.9+
|
|
- Debian/Ubuntu systems
|
|
- Sufficient disk space for logs
|
|
|
|
## Installed Tools
|
|
- **htop/btop**: Interactive process viewers
|
|
- **iotop**: I/O monitoring
|
|
- **nethogs**: Network usage per process
|
|
- **iftop**: Network bandwidth monitoring
|
|
- **ncdu**: Disk usage analyzer
|
|
- **fail2ban**: Intrusion prevention
|
|
- **logwatch**: Log analysis and reporting
|
|
|
|
## Custom Scripts
|
|
- `/usr/local/bin/monitoring/sysinfo`: System overview dashboard
|
|
- `/usr/local/bin/monitoring/netinfo`: Network monitoring script
|
|
|
|
## Variables
|
|
|
|
| Variable | Default | Description |
|
|
|----------|---------|-------------|
|
|
| `monitoring_install_htop` | `true` | Install htop process viewer |
|
|
| `monitoring_install_fail2ban` | `true` | Install intrusion prevention |
|
|
| `monitoring_install_logwatch` | `true` | Install log analysis |
|
|
| `monitoring_custom_scripts` | `true` | Install custom monitoring scripts |
|
|
|
|
## Dependencies
|
|
- `base` role (for basic packages)
|
|
|
|
## Example Playbook
|
|
|
|
```yaml
|
|
- hosts: servers
|
|
roles:
|
|
- role: monitoring
|
|
monitoring_install_fail2ban: false
|
|
```
|
|
|
|
## Tags
|
|
- `monitoring`: All monitoring tasks
|
|
- `tools`: Tool installation only
|
|
- `scripts`: Custom script deployment
|
|
- `security`: Security monitoring tools
|
|
|
|
## Fail2ban Configuration
|
|
- **SSH protection**: Enabled by default
|
|
- **Ban time**: 10 minutes
|
|
- **Find time**: 10 minutes
|
|
- **Max retry**: 5 attempts
|
|
|
|
## Notes
|
|
- Creates monitoring user directories
|
|
- Configures fail2ban with custom rules
|
|
- Installs both CLI and snap-based tools
|
|
- Custom scripts require manual execution |