From 95b73daa36b23565a8566f71f9b202d3459b685f Mon Sep 17 00:00:00 2001 From: Sam Chudnick Date: Sun, 25 Jun 2023 09:52:36 -0400 Subject: Initial Commit --- .../monitoring/prometheus/server/defaults/main.yml | 6 ++ .../monitoring/prometheus/server/tasks/main.yml | 79 ++++++++++++++++++++++ 2 files changed, 85 insertions(+) create mode 100644 roles/services/monitoring/prometheus/server/defaults/main.yml create mode 100644 roles/services/monitoring/prometheus/server/tasks/main.yml (limited to 'roles/services/monitoring/prometheus/server') diff --git a/roles/services/monitoring/prometheus/server/defaults/main.yml b/roles/services/monitoring/prometheus/server/defaults/main.yml new file mode 100644 index 0000000..696e7cc --- /dev/null +++ b/roles/services/monitoring/prometheus/server/defaults/main.yml @@ -0,0 +1,6 @@ +prometheus_package: prometheus +management_ip: 192.168.88.254 +grafana_server_ip: 192.168.88.21 +prometheus_port: '9090' +prometheus_config: files/prometheus.yml +prometheus_defaults: files/prometheus diff --git a/roles/services/monitoring/prometheus/server/tasks/main.yml b/roles/services/monitoring/prometheus/server/tasks/main.yml new file mode 100644 index 0000000..06ecc10 --- /dev/null +++ b/roles/services/monitoring/prometheus/server/tasks/main.yml @@ -0,0 +1,79 @@ +- name: install package + package: + name: "{{ prometheus_package }}" + +- name: allow access to metrics from grafana + ufw: + rule: allow + direction: in + proto: tcp + src: "{{ grafana_server_ip }}" + to_port: "{{ prometheus_port }}" + +- name: allow access to metrics from management + ufw: + rule: allow + direction: in + proto: tcp + src: "{{ management_ip }}" + to_port: "{{ prometheus_port }}" + +- name: copy config file + copy: + src: "{{ prometheus_config }}" + dest: /etc/prometheus/prometheus.yml + owner: root + group: root + mode: '0644' + +- name: copy defaults file + copy: + src: "{{ prometheus_defaults }}" + dest: /etc/default/prometheus + owner: root + group: root + mode: '0644' + +- name: enable service + systemd: + name: prometheus + enabled: yes + masked: no + +- name: restart service + service: + name: prometheus + state: restarted + +- name: deploy nginx configuration + copy: + src: "{{ prometheus_nginx_config }}" + dest: /etc/nginx/sites-available/grafana.conf + owner: root + group: root + mode: '0644' + +- name: symlink site + file: + src: /etc/nginx/sites-available/grafana.conf + dest: /etc/nginx/sites-enabled/grafana.conf + owner: root + group: root + state: link + +- name: allow http (80/tcp) traffic + ufw: + rule: allow + port: '80' + proto: tcp + +- name: allow https (443/tcp) traffic + ufw: + rule: allow + port: '443' + proto: tcp + +- name: restart nginx + service: + name: nginx + state: restarted -- cgit v1.2.3