Initial CommitHEAD master

author: Sam Chudnick <sam@chudnick.com> 2023-06-25 09:52:36 -0400
committer: Sam Chudnick <sam@chudnick.com> 2023-06-25 09:52:36 -0400
commit: 95b73daa36b23565a8566f71f9b202d3459b685f (patch)
tree: cb17b021be70e7868d0ec235a761f0ecdc80f3f2 /roles/services/monitoring/prometheus/server
2 files changed, 85 insertions, 0 deletions
diff --git a/roles/services/monitoring/prometheus/server/defaults/main.yml b/roles/services/monitoring/prometheus/server/defaults/main.yml
new file mode 100644
index 0000000..696e7cc
--- /dev/null
+++ b/roles/services/monitoring/prometheus/server/defaults/main.yml
@@ -0,0 +1,6 @@
+prometheus_package: prometheus
+management_ip: 192.168.88.254
+grafana_server_ip: 192.168.88.21
+prometheus_port: '9090'
+prometheus_config: files/prometheus.yml
+prometheus_defaults: files/prometheus
diff --git a/roles/services/monitoring/prometheus/server/tasks/main.yml b/roles/services/monitoring/prometheus/server/tasks/main.yml
new file mode 100644
index 0000000..06ecc10
--- /dev/null
+++ b/roles/services/monitoring/prometheus/server/tasks/main.yml
@@ -0,0 +1,79 @@
+- name: install package
+  package:
+    name: "{{ prometheus_package }}"
+- name: allow access to metrics from grafana
+  ufw:
+    rule: allow
+    direction: in
+    proto: tcp
+    src: "{{ grafana_server_ip }}"
+    to_port: "{{ prometheus_port }}"
+- name: allow access to metrics from management
+  ufw:
+    rule: allow
+    direction: in
+    proto: tcp
+    src: "{{ management_ip }}"
+    to_port: "{{ prometheus_port }}"
+- name: copy config file
+  copy:
+    src: "{{ prometheus_config }}"
+    dest: /etc/prometheus/prometheus.yml
+    owner: root
+    group: root
+    mode: '0644'
+- name: copy defaults file
+  copy:
+    src: "{{ prometheus_defaults }}"
+    dest: /etc/default/prometheus
+    owner: root
+    group: root
+    mode: '0644'
+- name: enable service
+  systemd:
+    name: prometheus
+    enabled: yes
+    masked: no
+- name: restart service
+  service:
+    name: prometheus
+    state: restarted
+- name: deploy nginx configuration
+  copy:
+    src: "{{ prometheus_nginx_config }}"
+    dest: /etc/nginx/sites-available/grafana.conf
+    owner: root
+    group: root
+    mode: '0644'
+- name: symlink site
+  file:
+    src: /etc/nginx/sites-available/grafana.conf
+    dest: /etc/nginx/sites-enabled/grafana.conf
+    owner: root
+    group: root
+    state: link
+- name: allow http (80/tcp) traffic
+  ufw:
+    rule: allow
+    port: '80'
+    proto: tcp
+- name: allow https (443/tcp) traffic
+  ufw:
+    rule: allow
+    port: '443'
+    proto: tcp
+- name: restart nginx
+  service:
+    name: nginx
+    state: restarted
author	Sam Chudnick <sam@chudnick.com>	2023-06-25 09:52:36 -0400
committer	Sam Chudnick <sam@chudnick.com>	2023-06-25 09:52:36 -0400
commit	95b73daa36b23565a8566f71f9b202d3459b685f (patch)
tree	cb17b021be70e7868d0ec235a761f0ecdc80f3f2 /roles/services/monitoring/prometheus/server

diff --git a/roles/services/monitoring/prometheus/server/defaults/main.yml b/roles/services/monitoring/prometheus/server/defaults/main.yml new file mode 100644 index 0000000..696e7cc --- /dev/null +++ b/roles/services/monitoring/prometheus/server/defaults/main.yml
@@ -0,0 +1,6 @@
	1	prometheus_package: prometheus
	2	management_ip: 192.168.88.254
	3	grafana_server_ip: 192.168.88.21
	4	prometheus_port: '9090'
	5	prometheus_config: files/prometheus.yml
	6	prometheus_defaults: files/prometheus


diff --git a/roles/services/monitoring/prometheus/server/tasks/main.yml b/roles/services/monitoring/prometheus/server/tasks/main.yml new file mode 100644 index 0000000..06ecc10 --- /dev/null +++ b/roles/services/monitoring/prometheus/server/tasks/main.yml
@@ -0,0 +1,79 @@
	1	- name: install package
	2	package:
	3	name: "{{ prometheus_package }}"
	4
	5	- name: allow access to metrics from grafana
	6	ufw:
	7	rule: allow
	8	direction: in
	9	proto: tcp
	10	src: "{{ grafana_server_ip }}"
	11	to_port: "{{ prometheus_port }}"
	12
	13	- name: allow access to metrics from management
	14	ufw:
	15	rule: allow
	16	direction: in
	17	proto: tcp
	18	src: "{{ management_ip }}"
	19	to_port: "{{ prometheus_port }}"
	20
	21	- name: copy config file
	22	copy:
	23	src: "{{ prometheus_config }}"
	24	dest: /etc/prometheus/prometheus.yml
	25	owner: root
	26	group: root
	27	mode: '0644'
	28
	29	- name: copy defaults file
	30	copy:
	31	src: "{{ prometheus_defaults }}"
	32	dest: /etc/default/prometheus
	33	owner: root
	34	group: root
	35	mode: '0644'
	36
	37	- name: enable service
	38	systemd:
	39	name: prometheus
	40	enabled: yes
	41	masked: no
	42
	43	- name: restart service
	44	service:
	45	name: prometheus
	46	state: restarted
	47
	48	- name: deploy nginx configuration
	49	copy:
	50	src: "{{ prometheus_nginx_config }}"
	51	dest: /etc/nginx/sites-available/grafana.conf
	52	owner: root
	53	group: root
	54	mode: '0644'
	55
	56	- name: symlink site
	57	file:
	58	src: /etc/nginx/sites-available/grafana.conf
	59	dest: /etc/nginx/sites-enabled/grafana.conf
	60	owner: root
	61	group: root
	62	state: link
	63
	64	- name: allow http (80/tcp) traffic
	65	ufw:
	66	rule: allow
	67	port: '80'
	68	proto: tcp
	69
	70	- name: allow https (443/tcp) traffic
	71	ufw:
	72	rule: allow
	73	port: '443'
	74	proto: tcp
	75
	76	- name: restart nginx
	77	service:
	78	name: nginx
	79	state: restarted