Initialization

.travis.yml

@@ -0,0 +1,16 @@
+---
+
+sudo: True
+language: 'python'
+python: '2.7'
+
+virtualenv:
+  system_site_packages: true
+
+before_install: True
+install: True
+
+script:
+  - 'git clone --depth 1 https://github.com/nickjj/rolespec'
+  - 'cd rolespec ; bin/rolespec -r https://github.com/debops/test-suite'
+

CHANGES.rst

@@ -0,0 +1,10 @@
+Changelog
+=========
+
+v0.1.0
+------
+
+*Unreleased*
+
+- Initial release. [drybjed]
+

README.md

@@ -0,0 +1,41 @@
+## [![DebOps project](http://debops.org/images/debops-small.png)](http://debops.org) snmpd
+
+[![Travis CI](http://img.shields.io/travis/debops/ansible-snmpd.svg?style=flat)](http://travis-ci.org/debops/ansible-snmpd) [![test-suite](http://img.shields.io/badge/test--suite-ansible--snmpd-blue.svg?style=flat)](https://github.com/debops/test-suite/tree/master/ansible-snmpd/) 
+
+[SNMP](https://en.wikipedia.org/wiki/Simple_Network_Management_Protocol) is
+an universal protocol which can be used to monitor and manage networked
+devices. `debops.snmpd` role can be used to configure `snmpd` service on
+a Debian or Ubuntu host, which in turn can be used to monitor that host
+resources like CPU utilization, memory and storage capacity, network usage
+and more.
+
+
+### Role dependencies
+
+- `debops.ferm`
+- `debops.secret`
+- `debops.apt_preferences`
+- `debops.tcpwrappers`
+
+### Are you using this as a standalone role without DebOps?
+
+You may need to include missing roles from the [DebOps common
+playbook](https://github.com/debops/debops-playbooks/blob/master/playbooks/common.yml)
+into your playbook.
+
+[Try DebOps now](https://github.com/debops/debops) for a complete solution to run your Debian-based infrastructure.
+
+
+
+
+
+### Authors and license
+
+`snmpd` role was written by:
+- Maciej Delmanowski | [e-mail](mailto:[email protected]) | [Twitter](https://twitter.com/drybjed) | [GitHub](https://github.com/drybjed)
+
+License: [GPLv3](https://tldrlegal.com/license/gnu-general-public-license-v3-%28gpl-3%29)
+
+***
+
+This role is part of the [DebOps](http://debops.org/) project. README generated by [ansigenome](https://github.com/nickjj/ansigenome/).

defaults/main.yml

@@ -0,0 +1,301 @@
+---
+# Default variables
+# =================
+
+# .. contents:: Sections
+#    :local:
+#
+# -------------------------------
+#   Basic configuration options
+# -------------------------------
+
+# .. envvar:: snmpd_packages
+#
+# List of additional packages to install with ``snmpd``.
+snmpd_packages: []
+
+
+# .. envvars:: snmpd_logging_options
+#
+# String with ``snmpd`` log-related options, can be used to change log
+# verbosity for debugging.
+snmpd_logging_options: '-LScd'
+
+
+# .. envvar:: snmpd_custom_options
+#
+# Custom ``snmpd`` options written in YAML text block format, inserted into
+# ``/etc/snmp/snmpd.conf`` configuration file.
+snmpd_custom_options: ''
+
+
+# .. envvar:: snmpd_download_mibs
+#
+# Download MIB definitions by default?
+snmpd_download_mibs: True
+
+
+# .. envvar:: snmpd_extension_scripts
+#
+# Path on the remote host where extension scripts are stored
+snmpd_extension_scripts: '{{ (ansible_local.root.lib
+	                      if (ansible_local|d() and ansible_local.root|d() and
+                                  ansible_local.root.lib|d())
+                              else "/usr/local/lib") + "/snmpd" }}'
+
+
+# ---------------
+#   LLDP daemon
+# ---------------
+
+# .. envvar:: snmpd_lldpd
+#
+# Enable or disable ``LLDP`` support using ``lldpd`` daemon.
+snmpd_lldpd: True
+
+
+# .. envvar:: snmpd_lldpd_options
+#
+# String with ``lldpd`` daemon options.
+snmpd_lldpd_options: '-x -c -s -e'
+
+
+# -------------------------------------------
+#   Network options, firewall, TCP wrappers
+# -------------------------------------------
+
+# .. envvar:: snmpd_allow
+#
+# List of IP addresses or CIDR networks which can connect to SNMP service
+# (global). If not specified, remote connections are blocked.
+snmpd_allow: []
+
+
+# .. envvar:: snmpd_group_allow
+#
+# List of IP addresses or CIDR networks which can connect to SNMP service
+# (per Ansible group). If not specified, remote connections are blocked.
+snmpd_group_allow: []
+
+
+# .. envvar:: snmpd_host_allow
+#
+# List of IP addresses or CIDR networks which can connect to SNMP service
+# (per Ansible host). If not specified, remote connections are blocked.
+snmpd_host_allow: []
+
+
+# .. envvar:: snmpd_local_allow
+#
+# List of IP addresses or CIDR networks which can connect to SNMP service
+# (from localhost). If not specified, remote connections are blocked.
+snmpd_local_allow: '{{ ansible_all_ipv4_addresses +
+	               ansible_all_ipv6_addresses }}'
+
+
+# .. envvar:: snmpd_agent_address
+#
+# List of addresses on which to listen for incoming connections. By default
+# ``snmpd`` listens on all interfaces and firewall / TCP wrappers are used to
+# limit what remote hosts can connect.
+snmpd_agent_address: [ 'udp:0.0.0.0:161', 'udp6:[::]:161' ]
+
+
+# ---------------------------------------------------
+#   sysLocation, sysContact, sysName SNMP variables
+# ---------------------------------------------------
+
+# .. envvar:: snmpd_organization
+#
+# Organization name used in ``sysLocation`` and ``sysContact`` SNMP variables.
+snmpd_organization: '{{ ansible_domain.split(".") | first | capitalize }}'
+
+
+# .. envvar:: snmpd_sys_location
+#
+# String set as ``sysLocation`` SNMP variable.
+snmpd_sys_location: '{{ snmpd_organization + " " + snmpd_sys_location_name }}'
+
+
+# .. envvar:: snmpd_sys_location_name
+#
+# Name of the "virtual" location, appended to the organization name derived
+# from DNS domain name.
+snmpd_sys_location_name: 'Data Center'
+
+
+# .. envvar:: snmpd_sys_contact
+#
+# Contact information for a device set as ``sysContact`` SNMP variable.
+snmpd_sys_contact: '{{ snmpd_sys_contact_name + " <" + snmpd_sys_contact_email + ">" }}'
+
+
+# .. envvar:: snmpd_sys_contact_name
+#
+# Name of the contact set as ``sysContact`` variable.
+snmpd_sys_contact_name: '{{ snmpd_organization + " System Administrator" }}'
+
+
+# .. envvar:: snmpd_sys_contact_email
+#
+# E-mail address of the contact set as ``sysContact`` variable.
+snmpd_sys_contact_email: 'root@{{ ansible_domain }}'
+
+
+# .. envvar:: snmpd_sys_name
+#
+# Host FQDN set as the ``sysName`` SNMP variable.
+snmpd_sys_name: '{{ ansible_fqdn }}'
+
+
+# -------------------------------
+#   CPU load average monitoring
+# -------------------------------
+
+# .. envvar:: snmpd_load
+#
+# Enable or disable load average monitoring
+snmpd_load: True
+
+
+# .. envvar:: snmpd_load_profile
+#
+# Name of the load average "profile" to use, see ``snmpd_load_percent_map`` and
+# ``snmpd_load_weight_map`` variables for list of profiles.
+snmpd_load_profile: 'default'
+
+
+# .. envvar:: snmpd_load_percent
+#
+# Name of the profile used to define amount of available CPU power taken into
+# account for load average profile calculation. See ``snmpd_load_percent_map``
+# variable for list of available profiles.
+snmpd_load_percent: '{{ snmpd_load_profile }}'
+
+
+# .. envvar:: snmpd_load_weight
+#
+# Name of the profile used to scale the load average profile calculation for
+# different time periods. See ``snmpd_load_percent_map`` variable for list of
+# available profiles.
+snmpd_load_weight: '{{ snmpd_load_profile }}'
+
+
+# .. envvar:: snmpd_load_base
+#
+# Base value used to calculate load average profiles - number of vCPU cores.
+snmpd_load_base:  '{{ ansible_processor_vcpus }}'
+
+
+# .. envvar:: snmpd_load_percent_map
+#
+# Dict with CPU percentage profiles.
+#
+# Each profile is a list of entries, 1 minute load average, 5 minutes and 15
+# minutes. Each entry defines how much of total CPU power available on a host
+# is taken into account, divided by number of virtual CPUs present; for example
+# with 4 vCPUs, 100% means 4 vCPUs, 50% means ~2 vCPUs, 200% means ~8 vCPUs,
+# and so on.
+#
+# Values lower than 100% mean that alerts will be fired earlier, values higher
+# than 100% give processes more time to do the work before firing the alerts.
+snmpd_load_percent_map:
+  'default': [ '90', '90', '100' ]
+
+
+# .. envvar:: snmpd_load_weight_map
+#
+# Dict with load average weight profiles.
+#
+# Each profile is a list of entries, 1 minute load average, 5 minutes and 15
+# minutes. Each entry defines how the calculation for a particular average is
+# scaled. You can use this parameter to make each value lower (with less than
+# 1.0) or higher (with more than 1.0) and change the shape of the load average
+# profile independently of the number of cores available.
+#
+# It's hard to explain, essentially it's another parameter which you can use to
+# tune the load average monitoring.
+snmpd_load_weight_map:
+  'default': [ '1.5', '1.7', '1.8' ]
+
+
+# .. envvar:: snmpd_load_1min
+#
+# 1 minute load average value which will trigger a SNMP trap.
+snmpd_load_1min:  '{{ (((snmpd_load_base | float) *
+	                (snmpd_load_percent_map[snmpd_load_percent][0] | float) / 100) | float *
+	                 snmpd_load_weight_map[snmpd_load_weight][0] | float) }}'
+
+
+# .. envvar:: snmpd_load_5min
+#
+# 5 minute load average value which will trigger a SNMP trap.
+snmpd_load_5min:  '{{ (((snmpd_load_base | float) *
+	                (snmpd_load_percent_map[snmpd_load_percent][1] | float) / 100) | float *
+	                 snmpd_load_weight_map[snmpd_load_weight][1] | float) }}'
+
+
+# .. envvar:: snmpd_load_15min
+#
+# 15 minute load average value which will trigger a SNMP trap.
+snmpd_load_15min: '{{ (((snmpd_load_base | float) *
+	                (snmpd_load_percent_map[snmpd_load_percent][2] | float) / 100) | float *
+	                 snmpd_load_weight_map[snmpd_load_weight][2] | float) }}'
+
+
+# ------------------------------------------
+#   SNMPv3 admin, agent and local accounts
+# ------------------------------------------
+
+# .. envvar:: snmpd_account
+#
+# Enable or disable automatic creation of "admin" (RW), "agent" (RO) and
+# "local" (RO) SNMPv3 accounts.
+snmpd_account: True
+
+
+# .. envvar:: snmpd_account_username_length
+#
+# Length of the randomly generated usernames.
+snmpd_account_username_length: '16'
+
+
+# .. envvar:: snmpd_account_password_length
+#
+# Length of the randomly generated passwords.
+snmpd_account_password_length: '48'
+
+
+# .. envvar:: snmpd_account_admin_username
+#
+# Randomly generated, global SNMPv3 username of administrator account,
+# read-write, deactivated after ``snmpd`` is configured.
+snmpd_account_admin_username: '{{ lookup("password", secret +
+	                          "/snmp/credentials/admin/username chars=ascii,digits length=" +
+	                          snmpd_account_username_length) }}'
+
+
+# .. envvar:: snmpd_account_admin_password
+#
+# Randomly generated, global SNMPv3 password of administrator account,
+# read-write, deactivated after ``snmpd`` is configured.
+snmpd_account_admin_password: '{{ lookup("password", secret +
+	                          "/snmp/credentials/admin/password length=" +
+	                          snmpd_account_password_length) }}'
+
+
+# .. envvar:: snmpd_account_agent_username
+#
+# Randomly generated, global SNMPv3 username of agent account, read-only.
+snmpd_account_agent_username: '{{ lookup("password", secret +
+	                          "/snmp/credentials/agent/username chars=ascii,digits length=" +
+	                          snmpd_account_username_length) }}'
+
+
+# .. envvar:: snmpd_account_agent_password
+#
+# Randomly generated, global SNMPv3 password of agent account, read-only.
+snmpd_account_agent_password: '{{ lookup("password", secret +
+	                          "/snmp/credentials/agent/password length=" +
+	                          snmpd_account_password_length) }}'
+

docs/changelog.rst

@@ -0,0 +1 @@
+.. include:: ../CHANGES.rst

docs/copyright.rst

@@ -0,0 +1,21 @@
+Copyright
+=========
+
+::
+
+    Copyright (C) 2015 Maciej Delmanowski <[email protected]>
+    Copyright (C) 2015 DebOps Project http://debops.org/
+    [see Credits for more details]
+
+    his program is free software; you can redistribute it and/or modify
+    it under the terms of the GNU General Public License version 3, as
+    published by the Free Software Foundation.
+
+    This program is distributed in the hope that it will be useful, but
+    WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+    General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with this program. If not, see http://www.gnu.org/licenses/
+