PiFrame/ansible
PiFrame/ansible
1
0
Fork 0
Code Issues Releases Activity

Initial implementation of wireguard monit checks

Browse source
This commit is contained in:
KemoNine 2020-08-05 00:55:55 +00:00
parent 447155f71f
commit e3cf3f8fb2
3 changed files with 9 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
inventory.example
View file

@ -8,6 +8,9 @@ all:
frames: frames:
hosts: hosts:
frame1: frame1:
vars:
monit_wireguard: true
monit_wireguard_ip: 192.168.254.1
wg: wg:
hosts: hosts:
frame1: frame1:
@ -34,7 +37,6 @@ wg:
- iptables -D -A INPUT -i wg0 -s 192.168.254.0/24 -d 192.168.254.0/24 -j ACCEPT - iptables -D -A INPUT -i wg0 -s 192.168.254.0/24 -d 192.168.254.0/24 -j ACCEPT
- iptables -D -A INPUT -i wg0 -s 192.168.254.0/24 -d 0.0.0.0/0 -j DROP - iptables -D -A INPUT -i wg0 -s 192.168.254.0/24 -d 0.0.0.0/0 -j DROP
vars: vars:
monit_wireguard: true
wireguard_port: 51821 wireguard_port: 51821
wireguard_endpoint: 10.5.5.246 wireguard_endpoint: 10.5.5.246
wireguard_persistent_keepalive: 30 wireguard_persistent_keepalive: 30

1
roles/monit/defaults/main.yml
View file

@ -12,6 +12,7 @@ monit_filesystems:
# Monitor WireGuard? # Monitor WireGuard?
monit_wireguard: false monit_wireguard: false
monit_wireguard_ip: 192.168.254.1
# Username / password for monit web service # Username / password for monit web service
monit_web_user: "admin" monit_web_user: "admin"

5
roles/monit/templates/wireguard Normal file
View file

@ -0,0 +1,5 @@
check host wireguard address {{ monit_wireguard_ip }}
start program = "/usr/bin/systemctl start wg-quick@wg0"
stop program = "/usr/bin/systemctl stop wg-quick@wg0"
if does not exist then alert
if does not exist for 3 cycles then restart