{%- import "globals.sls" as globals with context %} {%- set ro_community = salt['pillar.get'] ('ffho:snmp:ro_community', "Configure ffho:snmp:ro_community in pillar...") %} {%- set sys_location = salt['pillar.get'] ('nodes:' ~ grains['id'] ~ ':sysLocation', "Please fix sysLocation...") %} # # /etc/snmp/snmpd.conf (Salt managed) # # Listen for connections from the local system agentAddress udp:127.0.0.1:161 agentAddress udp6:[::1]:161 # Listen for connections on Loopback-IPs {%- for ip in salt['pillar.get']('nodes:' ~ grains['id'] ~ ':ifaces:lo:prefixes', []) %} {%- if ip.startswith ('10.132.255.') %} agentAddress udp:{{ ip.split ('/')[0] }}:161 {%- endif %} {%- if ip.startswith ('2a03:2260:2342:ffff::') %} agentAddress udp6:[{{ ip.split ('/')[0] }}]:161 {%- endif %} {%- endfor %} rocommunity {{ ro_community }} 127.0.0.1 rocommunity {{ ro_community }} 10.132.251.161 rocommunity6 {{ ro_community }} ::1 rocommunity6 {{ ro_community }} fdca:ffee:ff12:a251::161 rocommunity6 {{ ro_community }} 2a03:2260:2342:a251::161 sysLocation {{ sys_location }} sysContact ops@ffho.net sysServices 72 # # Network interfaces # {%- if 'gateway' in globals.ROLES %} # Set B.A.T.M.A.N. related devices to 100 MBit/s interface bat0 6 100000000 interface inter-gw-vpn 6 100000000 interface mesh-vpn-v4 6 100000000 interface mesh-vpn-v6 6 100000000 {%- endif %} {%- set ovpn_networks = [] %} {%- for netname, network in salt['pillar.get']('ovpn', {}).items () if grains['id'] in network %} {%- do ovpn_networks.append (netname) %} {%- endfor %} {%- for netname in ovpn_networks|sort %} {%- set network = salt['pillar.get']('ovpn:' ~ netname) %} {%- set network_config = network.get ('config') %} {%- set host_stanza = network.get (grains['id']) %} {%- set host_config = host_stanza.get ('config', {}) %} {%- set interface = host_config.get ('interface', network_config.get ('interface')) %} {%- if loop.first %} # OpenVPN interfaces {%- endif %} interface {{ interface }} 6 100000000 {%- endfor %} # # Try to figure out meaningful interface descriptions/aliases pass .1.3.6.1.2.1.31.1.1.1.18 /etc/snmp/ifAlias # # Disk Monitoring # # 10MBs required on root disk, 5% free on /var, 10% free on all other disks disk / 10000 disk /var 5% includeAllDisks 10% # Walk the UCD-SNMP-MIB::dskTable to see the resulting output # Note that this table will be empty if there are no "disk" entries in the snmpd.conf file # # System Load # # Unacceptable 1-, 5-, and 15-minute load averages load 12 10 5 # Walk the UCD-SNMP-MIB::laTable to see the resulting output # Note that this table *will* be populated, even without a "load" entry in the snmpd.conf file # # Event MIB - automatically generate alerts # # Remember to activate the 'createUser' lines above iquerySecName internalUser rouser internalUser # generate traps on UCD error conditions defaultMonitors no # generate traps on linkUp/Down linkUpDownNotifications no master agentx