From 60a03e3b1ef3e52aa97e201ff94bc5bfba4f4bec Mon Sep 17 00:00:00 2001
From: Christian Elberfeld <elberfeld@web.de>
Date: Sat, 27 May 2023 23:28:47 +0200
Subject: [PATCH] monitoring ausgebaut

---
 group_vars/prod                                    | 14 +++++++-------
 .../templates/etc/icinga/conf.d/hosts_manual.conf  |  2 +-
 .../etc/icinga/conf.d/services_domains.conf        |  4 +++-
 3 files changed, 11 insertions(+), 9 deletions(-)

diff --git a/group_vars/prod b/group_vars/prod
index 8ac1256a..ff4c06de 100644
--- a/group_vars/prod
+++ b/group_vars/prod
@@ -35,24 +35,24 @@ mail_domains:
     maildomain: warpzone.ms 
     mxserver: mailserver.warpzone.ms
     mxhostname: webserver
-    spf: v=spf1 mx ~all
+    spf: "v=spf1 mx a:mailserver.warpzone.ms ~all"
     dmarc: v=DMARC1; p=none;
     dkim:
-      - { selector: "dkim", value: "v=DKIM1;k=rsa;t=s;s=email;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+ZvoSoa2LwBbzQMD9laVy8hUGbvhe1LkL/6SIk3Ks8GfiT7p+hdlbcvo+noBR4gvbmSWwn3yBxOnGCtSH+iP0q7HHrmeEXJqGkLK25zZh1EO8bZqIHi2NX/LnN7dJTO8C27CRLME+YtWdrDaerIWXsHk7U+qD1ZuM5Q+FgAzsQ5uxQVlD6sO3IU" }
+      - { selector: "dkim", value: "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNnNZElbWq9EonFULbr8vWWykKmZEylRwjo4lYx/lXsGDFWBuNh2s6gFF10OuHWtavokjvh/7sFidNaRYQkn3uwHmylBWFn7Jr2lPWY8PBEoIeAZZx5qHaDWxJVgzE7maFyXAswDGXcR/DRTn2xR6osNXOovjGeYXq/atR/45iwfgkhqAaXaV1uP/K9y\\\" \\\"y2sZ2dRtGEwCKsWbP26cOZ6MUcADszgUTEp59iKey79m0uwi0IpA8WjEKVwbMcf/6fBw1ejIEjVUX+bami2fQ6RPl4uEyloco4paV3w/vww2hh4VchCFLYAEKMkZOZs/eTDGsjaMguwHbPeVJjkpX2T6WQIDAQAB" }
   member_warpzonems:
     maildomain: member.warpzone.ms 
     mxserver: mailserver.warpzone.ms
     mxhostname: webserver
-    spf: v=spf1 mx ~all
-    dmarc: v=DMARC1; p=none;
+    spf: "v=spf1 mx a:mailserver.warpzone.ms ~all"
     dkim:
-      - { selector: "dkim", value: "v=DKIM1;k=rsa;t=s;s=email;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8lZDykC3gbxSHMwTNO7QrDytlO9Sg66nEXpIv1/GqQrj3T1i3tTn05XxpJbRXUMuooaP6xZqt2OR3f/Wex6d4WwHH4Z1YuvyKDUWewynGZ3Ge+Vca8T0LBdDw7DZWtkXv94SHPWLyPWuuBXQs2nAgrMn3rtlwKovEsOqg85mFNb1EVm9Rgj9TB2" }
+      - { selector: "dkim", value: "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu334a+uJ5b7D8UTz3Up6A8EjZhEnXaIpiIcKAGPXXD2ZBGmkWfUNcwDcfMoDErH6ntXzf0uH2VMvaajB/wdKLyly1irDKoyjLA3hJb5wnF9Gh0anL1qxY6UA189vWsw+2JlZJWyQ3IcaQ720SM3OrrK4AL3gRItieSEQ+23m5aW0P6sgUuMXTmmKLbd4\\\" \\\"DzZ14Emw293TD2p4gJtgxW/6EfIfcUU+/jP1NNm9gksyzynH1pJXPwVruo9u4QujEQiPqtVsVtrtUm1kbnW+pexj3eKOLLEHGZ+p5AZ/jtALk9pJfNumm/XHFK5PTZDBIipXOYvuG8RdwsaCQRezGKy04QIDAQAB" }
   lists_warpzonems:
     maildomain: lists.warpzone.ms 
     mxserver: mailserver.warpzone.ms
     mxhostname: webserver
-    spf: v=spf1 mx ~all
-    dmarc: v=DMARC1; p=none;
+    spf: "v=spf1 mx a:mailserver.warpzone.ms ~all"
+    dkim:
+      - { selector: "dkim", value: "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoO7SXkUkM17Y1Vi/cvO48IJmlReGWSaYHY+wEldLHt80TiXP0AGZ8nG+DshXi1J2D5xjn8cJu4VqgDrLFnsRJyGYKmi7yVukANVg6gjYlET4y5+UU7Vk2W3xhN2U/8F0rcyynALzQa8i4Y/wEI0qkgHyE6+lITmglJvlj6tgp4YYK2TBH3Zo//PukOmU\\\" \\\"6gG/qu0+6p+CepvqzfGT2l1duov5a2+DJJzlJTULJ5D5Blsmg/0GeC81gZ4QDC3S8aaM5Pw3I3lQCSJT4Q4Ge6Ues4ccagNrdnZhtHNaVFGdL1mR1k+G784gpMZphPj5MylNEpA3V4bD7/Ygf4GuAvHdMwIDAQAB" }
 #  chaostreffmuensterde:
 #    maildomain: chaostreff-muenster.de 
 #    mxserver: mailserver.warpzone.ms
diff --git a/webserver/docker_icinga/templates/etc/icinga/conf.d/hosts_manual.conf b/webserver/docker_icinga/templates/etc/icinga/conf.d/hosts_manual.conf
index 80ae7288..eba63847 100644
--- a/webserver/docker_icinga/templates/etc/icinga/conf.d/hosts_manual.conf
+++ b/webserver/docker_icinga/templates/etc/icinga/conf.d/hosts_manual.conf
@@ -21,7 +21,7 @@ object Host "wz-sw-access" {
   address = "192.168.0.3"
   
   # Keine Notifications, da der Switch aus ist wenn die Zone geschlossen ist 
-  enable_nofitications = false
+  vars.enable_nofitications = false
 
   groups = [ "network" ]
 }
diff --git a/webserver/docker_icinga/templates/etc/icinga/conf.d/services_domains.conf b/webserver/docker_icinga/templates/etc/icinga/conf.d/services_domains.conf
index 48542184..b972cfbe 100644
--- a/webserver/docker_icinga/templates/etc/icinga/conf.d/services_domains.conf
+++ b/webserver/docker_icinga/templates/etc/icinga/conf.d/services_domains.conf
@@ -151,6 +151,8 @@ apply Service "spf record - {{ mail_domains[maildomain].maildomain }}" {
   assign where host.address && host.vars.is_dnsserver == "True"
 }
 
+  {% if mail_domains[maildomain].dmarc is defined %}
+
 apply Service "DMARC record - {{ mail_domains[maildomain].maildomain }}" {
   import "generic-service"
 
@@ -166,7 +168,7 @@ apply Service "DMARC record - {{ mail_domains[maildomain].maildomain }}" {
 
   assign where host.address && host.vars.is_dnsserver == "True"
 }
-
+  {% endif %}
 
   {% if mail_domains[maildomain].dkim is defined %}
   {% for entry in mail_domains[maildomain].dkim %}
-- 
GitLab