Jul 28, 2019 - Icinga2 SSL Check

After Icinga2 is all setup.

  1. Install nagios via yum or apt get
      apt-get install nagios-plugins
    

    or

      yum install nagios-plugins-http.x86_64
    
  2. Add the following /etc/icinga2/conf.d/services.conf
      apply Service "Check SSL certificate for " for (config in host.vars.ssl_domains) {
     check_command = "check_ssl"
     vars.hostname = config
     vars.critical = "15"
     vars.warning = "30" 
     assign where host.vars.ssl_domains
      }
    
  3. Add the following to /etc/icinga2/conf.d/commands.conf
      object CheckCommand "check_ssl" {
     import "plugin-check-command"
     command = [PluginDir + "/check_http"]
     arguments = {
       "-H" = "$hostname$"
       "-C" = "$critical$"
     }
      }
    
  4. Edit the /etc/icinga2/conf.d/hosts.conf
    object Host "webhost.fqdn.com" {
     import "generic-host"
     address = "10.0.2.1" 
     vars.disks["disk /"] = { disk_partitions = "/" }
     vars.os = "Linux"
     vars.remote_client = "webhost.fqdn.com" 
     vars.users_wgreater = 10
     vars.users_cgreater = 20 
     vars.ssl_domains = ["website.fqdn.com","websitetwo.fqdn.com"] 
     vars.notification["mail"] = {
     groups = [ "icingaadmins" ] 
     } 
    }
    

Jan 6, 2019 - Flash Cisco AP from a Mac

This is for a Cisco AIR 3502.

  1. Start off by installing the Tftp Server(http://ww2.unime.it/flr/tftpserver/oon your mac
  2. Acquire the Cisco Firmware that will be flashed on the access point.
  3. Place the firmware in the /private/tftpboot/ and start the tftp service
  4. Change the permission chmod 744 /private/tftpboot/and owner chown root:wheel /private/tftpboot
  5. Connect a usb serial adapter to the mac and test the device with ls /dev/cu.usbserialor ls /dev/ttyUSB0
  6. On the mac open terminal and open a console to the access points with screen /dev/cu.usbserial 9600 cs8 -ixof
  7. Enter the username and password (hint: defaults are Cisco Cisco)
  8. If you need to reset the device password press and hold the the mode button while the power is connected to the access point wait until the ap: prompt is displayed

The following commands will be run in the access point console

  1. Set IP of the access point set IP_ADDR 10.0.0.20 and netmask set NETMASK 255.255.255.0
  2. Tell the AP the router’s ip set DEFAULT_ROUTER 10.0.0.1
  3. Configure the AP to accept new firmware over tftp tftp_init
  4. Start an ethernet connection to accept firewareether_init
  5. Allow for flash memory to be accessed flash_init
  6. Flash the tar -xtract tftp://<TFTP SERVER IP>/<FIRMWARE>.tar flash: an example tar -xtract tftp://<TFTP SERVER IP>/ap3g1-k9w7-tar.153-3.JF4.tar flash:
  7. Wait about 20 minutes, grab a coffee
  8. Set the newly added firmware to bootset BOOT flash:/ap3g1-k9w7-mx.153-3.JF4/ap3g1-k9w7-mx.153-3.JF4
  9. set MANUAL_BOOT no
  10. set boot
  11. Reboot the access point and see if the newly added firmware boots
  12. Log back into the access point and delete the old firmware to free up space delete /force /recursive flash:<FIRMWARE>

Dec 22, 2017 - Using Additional Ansible Facts

This article is an addition to Additional Ansible Windows Facts.

To view the facts after running the role enter in the following in a terminal.

ansible <HOST or GROUP>  -m debug -a "var=ansible_getFacts"

To search for host for a signal program:

ansible <HOST or GROUP> -m debug -a "var=hostvars[inventory_hostname]['ansible_getFacts']['<PROGRAM NAME>']"

To check if a program is installed

  1. Set the register variable
    - name: get variables
      debug: var=hostvars[inventory_hostname]['ansible_getFacts']['<PROGRAM NAME>']
     register: <PROGRAM NAME>
    
  2. Next use the register with the ansible ‘when’ command. Below is an exaple that will run in cases of the program missing.
      when: hostvars[inventory_hostname]['ansible_getFacts']['<PROGRAM NAME>'] is undefined
    

Complete Example

- name: get variables
  debug: var=hostvars[inventory_hostname]['ansible_getFacts']['Microsoft Office Professional Plus 2016']
  register: msoffice_check

- name: create  ms office dir 
  win_file:
    path: C:\msoffice
    state: directory 
  when: hostvars[inventory_hostname]['ansible_getFacts']['Microsoft Office Professional Plus 2016'] is undefined
 
- name: copy ms office dir to c drive
  win_copy:
    src:  /misc/software/msoffice2016/
    dest: C:\msoffice
  ignore_errors: yes
  when: hostvars[inventory_hostname]['ansible_getFacts']['Microsoft Office Professional Plus 2016'] is undefined

- name:  Install msoffice
  win_command: choco install msoffice.20.16.1.nupkg -y
  args: 
    chdir: C:\msoffice
  ignore_errors: yes
  when: hostvars[inventory_hostname]['ansible_getFacts']['Microsoft Office Professional Plus 2016'] is undefined

- name: remove MS office dir
  win_file:
    path: C:\msoffice
    state: absent
  when: hostvars[inventory_hostname]['ansible_getFacts']['Microsoft Office Professional Plus 2016'] is defined