This guide provides a complete Ansible playbook to install OpenITCOCKPIT from official repositories with proper configuration for enterprise monitoring, alerting, and reporting.
Current OpenITCOCKPIT version: 4.8
Create a file named openitcockpit.yml:
---
- name: Install and Configure OpenITCOCKPIT
hosts: openitcockpit
become: true
vars:
openitcockpit_version: "4.8"
openitcockpit_port: 80
mysql_root_password: "mysql_root_secure_password"
openitcockpit_db_password: "openitcockpit_db_password"
openitcockpit_admin_password: "admin_123" # Change this!
tasks:
- name: Add OpenITCOCKPIT repository (Debian/Ubuntu)
apt_repository:
repo: "deb https://packages.openitcockpit.io/openitcockpit/{{ ansible_distribution_release }} stable"
state: present
filename: openitcockpit
when: ansible_os_family == "Debian"
- name: Add OpenITCOCKPIT GPG key (Debian/Ubuntu)
apt_key:
url: https://packages.openitcockpit.io/openitcockpit.key
state: present
when: ansible_os_family == "Debian"
- name: Update apt cache (Debian/Ubuntu)
apt:
update_cache: true
cache_valid_time: 3600
when: ansible_os_family == "Debian"
- name: Install MariaDB (Debian/Ubuntu)
apt:
name:
- mariadb-server
- mariadb-client
- python3-pymysql
state: present
when: ansible_os_family == "Debian"
- name: Install MySQL (RHEL/CentOS)
yum:
name:
- mariadb-server
- mariadb
- python3-PyMySQL
state: present
when: ansible_os_family == "RedHat"
- name: Enable and start MariaDB/MySQL
systemd:
name: "{{ 'mariadb' if ansible_os_family == 'Debian' else 'mysqld' }}"
enabled: true
state: started
- name: Set MySQL root password
mysql_user:
name: root
password: "{{ mysql_root_password }}"
login_unix_socket: /var/run/mysqld/mysqld.sock
state: present
when: ansible_os_family == "Debian"
- name: Create OpenITCOCKPIT database
mysql_db:
name: openitcockpit
state: present
login_unix_socket: /var/run/mysqld/mysqld.sock
login_user: root
login_password: "{{ mysql_root_password }}"
- name: Create OpenITCOCKPIT database user
mysql_user:
name: openitcockpit
password: "{{ openitcockpit_db_password }}"
priv: "openitcockpit.*:ALL"
host: localhost
state: present
login_unix_socket: /var/run/mysqld/mysqld.sock
login_user: root
login_password: "{{ mysql_root_password }}"
- name: Install OpenITCOCKPIT (Debian/Ubuntu)
apt:
name:
- openitcockpit
- openitcockpit-agent-linux
state: present
when: ansible_os_family == "Debian"
- name: Install prerequisites (RHEL/CentOS)
yum:
name:
- wget
- php
- php-mysqlnd
- php-gd
- php-mbstring
- php-xml
- nginx
state: present
when: ansible_os_family == "RedHat"
- name: Download and install OpenITCOCKPIT (RHEL/CentOS)
shell: |
wget -O /tmp/openitcockpit.rpm https://github.com/it-novum/openITCOCKPIT/releases/download/OITC-{{ openitcockpit_version }}/openITCOCKPIT-{{ openitcockpit_version }}.el8.x86_64.rpm &&
yum install -y /tmp/openitcockpit.rpm
args:
creates: /usr/share/openitcockpit
when: ansible_os_family == "RedHat"
- name: Configure OpenITCOCKPIT database
copy:
dest: /etc/openitcockpit/local.php
owner: www-data
group: www-data
mode: '0644'
content: |
<?php
// OpenITCOCKPIT Database Configuration
$DATABASE_CONFIG = [
'host' => 'localhost',
'port' => '3306',
'user' => 'openitcockpit',
'password' => '{{ openitcockpit_db_password }}',
'database' => 'openitcockpit'
];
- name: Run OpenITCOCKPIT installer
command: /usr/share/openitcockpit/bin/install.sh --database --admin-password {{ openitcockpit_admin_password }}
args:
creates: /etc/openitcockpit/installed
environment:
DATABASE_PASSWORD: "{{ openitcockpit_db_password }}"
- name: Enable and start OpenITCOCKPIT services
systemd:
name: "{{ item }}"
enabled: true
state: started
loop:
- openitcockpit
- openitcockpit-worker
- name: Configure firewall (UFW)
ufw:
rule: allow
port: "{{ openitcockpit_port }}"
proto: tcp
comment: "OpenITCOCKPIT web interface"
when: ansible_os_family == "Debian"
failed_when: false
- name: Configure firewall (firewalld)
firewalld:
service: "{{ item }}"
permanent: true
immediate: true
state: enabled
loop:
- http
- https
when: ansible_os_family == "RedHat"
failed_when: false
- name: Wait for OpenITCOCKPIT to start
wait_for:
port: "{{ openitcockpit_port }}"
delay: 10
timeout: 120
- name: Display OpenITCOCKPIT status
debug:
msg: |
OpenITCOCKPIT {{ openitcockpit_version }} installed successfully!
Web Interface: http://{{ ansible_default_ipv4.address | default(ansible_host) }}/
Username: admin
Password: {{ openitcockpit_admin_password }}
IMPORTANT: Change the default password after first login!
Database: openitcockpit@localhost
---
openitcockpit:
hosts:
openitcockpit-server:
ansible_host: 192.168.1.121
ansible_user: ansible
ansible_become: true
# Test connectivity
ansible all -i inventory.yml -m ping
# Run the OpenITCOCKPIT playbook
ansible-playbook -i inventory.yml openitcockpit.yml
# Run with custom admin password
ansible-playbook -i inventory.yml openitcockpit.yml \
-e "openitcockpit_admin_password=MySecureP@ss123"
# Check OpenITCOCKPIT service status
ssh openitcockpit-server "sudo systemctl status openitcockpit"
# Check worker status
ssh openitcockpit-server "sudo systemctl status openitcockpit-worker"
# Test web interface
curl -I http://openitcockpit-server/
# Access web UI
# http://openitcockpit-server/
- name: Configure OpenITCOCKPIT monitoring backend
hosts: openitcockpit
become: true
tasks:
- name: Install Naemon backend
apt:
name:
- naemon
- naemon-livestatus
state: present
when: ansible_os_family == "Debian"
- name: Configure Naemon for OpenITCOCKPIT
lineinfile:
path: /etc/naemon/naemon.cfg
regexp: "^broker_module"
line: "broker_module=/usr/lib/naemon/livestatus.so /var/naemon/rw/live"
insertafter: EOF
- name: Restart Naemon
systemd:
name: naemon
state: restarted
- name: Configure OpenITCOCKPIT to use Naemon
lineinfile:
path: /etc/openitcockpit/local.php
regexp: "^\\$NAGIOS"
line: "$NAGIOS_PATH = '/usr/bin/naemon';"
insertafter: EOF
- name: Add hosts to OpenITCOCKPIT
hosts: openitcockpit
become: true
vars:
hosts_to_monitor:
- name: web-server-1
address: 192.168.1.50
hostgroup: webservers
- name: db-server-1
address: 192.168.1.51
hostgroup: databases
tasks:
- name: Create host configuration via API
uri:
url: "http://localhost/monitoring_api/host/add"
method: POST
body_format: json
body:
Host:
name: "{{ item.name }}"
address: "{{ item.address }}"
hostgroup: "{{ item.hostgroup }}"
status_code: 200
loop: "{{ hosts_to_monitor }}"
failed_when: false
- name: Configure OpenITCOCKPIT email notifications
hosts: openitcockpit
become: true
vars:
smtp_host: "smtp.example.com"
smtp_port: 587
smtp_user: "openitcockpit@example.com"
smtp_password: "smtp_password"
alert_email: "admin@example.com"
tasks:
- name: Update email configuration
lineinfile:
path: /etc/openitcockpit/local.php
regexp: "^\\$EMAIL"
line: "{{ item }}"
loop:
- "$EMAIL_CONFIG = ['host' => '{{ smtp_host }}', 'port' => {{ smtp_port }}, 'user' => '{{ smtp_user }}', 'password' => '{{ smtp_password }}'];"
- "$ADMIN_EMAIL = '{{ alert_email }}';"
insertafter: EOF
- name: Restart OpenITCOCKPIT
systemd:
name: openitcockpit
state: restarted
# Check service logs
sudo tail -f /var/log/openitcockpit/error.log
# Check worker logs
sudo tail -f /var/log/openitcockpit/worker.log
# Verify database connection
mysql -u openitcockpit -p -e "SELECT 1"
# Check database status
sudo systemctl status mariadb
# Test database connection
mysql -u openitcockpit -popenitcockpit_db_password -e "SHOW DATABASES"
# Check database tables
mysql -u openitcockpit -p -D openitcockpit -e "SHOW TABLES"
# Check web server logs
sudo tail -f /var/log/nginx/error.log
# Verify PHP configuration
php -v
# Check permissions
sudo ls -la /etc/openitcockpit/
Beyond this playbook, we offer:
Contact our automation team: office@linux-server-admin.com