From 95b73daa36b23565a8566f71f9b202d3459b685f Mon Sep 17 00:00:00 2001
From: Sam Chudnick <sam@chudnick.com>
Date: Sun, 25 Jun 2023 09:52:36 -0400
Subject: Initial Commit

---
 .../prometheus/blackbox-exporter/tasks/main.yml    |  0
 .../prometheus/nginx_exporter/defaults/main.yml    |  4 ++
 .../prometheus/nginx_exporter/handlers/main.yml    |  9 +++
 .../prometheus/nginx_exporter/tasks/main.yml       | 44 ++++++++++++
 .../prometheus/node_exporter/defaults/main.yml     |  4 ++
 .../prometheus/node_exporter/tasks/main.yml        | 28 ++++++++
 .../monitoring/prometheus/server/defaults/main.yml |  6 ++
 .../monitoring/prometheus/server/tasks/main.yml    | 79 ++++++++++++++++++++++
 8 files changed, 174 insertions(+)
 create mode 100644 roles/services/monitoring/prometheus/blackbox-exporter/tasks/main.yml
 create mode 100644 roles/services/monitoring/prometheus/nginx_exporter/defaults/main.yml
 create mode 100644 roles/services/monitoring/prometheus/nginx_exporter/handlers/main.yml
 create mode 100644 roles/services/monitoring/prometheus/nginx_exporter/tasks/main.yml
 create mode 100644 roles/services/monitoring/prometheus/node_exporter/defaults/main.yml
 create mode 100644 roles/services/monitoring/prometheus/node_exporter/tasks/main.yml
 create mode 100644 roles/services/monitoring/prometheus/server/defaults/main.yml
 create mode 100644 roles/services/monitoring/prometheus/server/tasks/main.yml

(limited to 'roles/services/monitoring/prometheus')

diff --git a/roles/services/monitoring/prometheus/blackbox-exporter/tasks/main.yml b/roles/services/monitoring/prometheus/blackbox-exporter/tasks/main.yml
new file mode 100644
index 0000000..e69de29
diff --git a/roles/services/monitoring/prometheus/nginx_exporter/defaults/main.yml b/roles/services/monitoring/prometheus/nginx_exporter/defaults/main.yml
new file mode 100644
index 0000000..9d2b8a5
--- /dev/null
+++ b/roles/services/monitoring/prometheus/nginx_exporter/defaults/main.yml
@@ -0,0 +1,4 @@
+nginx_exporter_debian_package: prometheus-nginx-exporter
+nginx_exporter_fedora_package: golang-github-prometheus-node-exporter
+prometheus_server_ip: 192.168.88.32
+nginx_exporter_port: '9113'
diff --git a/roles/services/monitoring/prometheus/nginx_exporter/handlers/main.yml b/roles/services/monitoring/prometheus/nginx_exporter/handlers/main.yml
new file mode 100644
index 0000000..fe9a90d
--- /dev/null
+++ b/roles/services/monitoring/prometheus/nginx_exporter/handlers/main.yml
@@ -0,0 +1,9 @@
+- name: restart nginx
+  service:
+    name: nginx
+    state: restarted
+
+- name: restart nginx-exporter
+  service:
+    name: prometheus-nginx-exporter
+    state: started
diff --git a/roles/services/monitoring/prometheus/nginx_exporter/tasks/main.yml b/roles/services/monitoring/prometheus/nginx_exporter/tasks/main.yml
new file mode 100644
index 0000000..819f71e
--- /dev/null
+++ b/roles/services/monitoring/prometheus/nginx_exporter/tasks/main.yml
@@ -0,0 +1,44 @@
+- name: install package (Debian)
+  when: ansible_facts['distribution'] == "Debian"
+  package:
+    name: "{{ nginx_exporter_debian_package }}"
+
+- name: allow port
+  ufw:
+    rule: allow
+    direction: in
+    proto: tcp
+    src: "{{ prometheus_server_ip }}"
+    to_port: "{{ nginx_exporter_port }}"
+
+- name: copy defaults file
+  notify: restart nginx-exporter
+  copy:
+    src: "{{ nginx_exporter_defaults }}"
+    dest: /etc/default/prometheus-nginx-exporter
+    owner: root
+    group: root
+    mode: '0644'
+
+- name: deploy nginx configuration
+  notify: restart nginx
+  copy:
+    src: "{{ nginx_exporter_config }}"
+    dest: /etc/nginx/sites-available/metrics.conf
+    owner: root
+    group: root
+    mode: '0644'
+
+- name: symlink site
+  file:
+    src: /etc/nginx/sites-available/metrics.conf
+    dest: /etc/nginx/sites-enabled/metrics.conf
+    owner: root
+    group: root
+    state: link
+
+- name: enable service
+  systemd:
+    name: prometheus-nginx-exporter
+    enabled: yes
+    masked: no
diff --git a/roles/services/monitoring/prometheus/node_exporter/defaults/main.yml b/roles/services/monitoring/prometheus/node_exporter/defaults/main.yml
new file mode 100644
index 0000000..e4ff351
--- /dev/null
+++ b/roles/services/monitoring/prometheus/node_exporter/defaults/main.yml
@@ -0,0 +1,4 @@
+node_exporter_debian_package: prometheus-node-exporter
+node_exporter_fedora_package: golang-github-prometheus-node-exporter
+prometheus_server_ip: 192.168.88.32
+node_exporter_port: '9100'
diff --git a/roles/services/monitoring/prometheus/node_exporter/tasks/main.yml b/roles/services/monitoring/prometheus/node_exporter/tasks/main.yml
new file mode 100644
index 0000000..6bbcc08
--- /dev/null
+++ b/roles/services/monitoring/prometheus/node_exporter/tasks/main.yml
@@ -0,0 +1,28 @@
+- name: install package (Debian)
+  when: ansible_facts['distribution'] == "Debian"
+  package:
+    name: "{{ node_exporter_debian_package }}"
+
+- name: install package (Fedora)
+  when: ansible_facts['distribution'] == "Fedora"
+  package:
+    name: "{{ node_exporter_fedora_package }}"
+
+- name: allow port
+  ufw:
+    rule: allow
+    direction: in
+    proto: tcp
+    src: "{{ prometheus_server_ip }}"
+    to_port: "{{ node_exporter_port }}"
+
+- name: enable service
+  systemd:
+    name: prometheus-node-exporter
+    enabled: yes
+    masked: no
+
+- name: restart service
+  service:
+    name: prometheus-node-exporter
+    state: restarted
diff --git a/roles/services/monitoring/prometheus/server/defaults/main.yml b/roles/services/monitoring/prometheus/server/defaults/main.yml
new file mode 100644
index 0000000..696e7cc
--- /dev/null
+++ b/roles/services/monitoring/prometheus/server/defaults/main.yml
@@ -0,0 +1,6 @@
+prometheus_package: prometheus
+management_ip: 192.168.88.254
+grafana_server_ip: 192.168.88.21
+prometheus_port: '9090'
+prometheus_config: files/prometheus.yml
+prometheus_defaults: files/prometheus
diff --git a/roles/services/monitoring/prometheus/server/tasks/main.yml b/roles/services/monitoring/prometheus/server/tasks/main.yml
new file mode 100644
index 0000000..06ecc10
--- /dev/null
+++ b/roles/services/monitoring/prometheus/server/tasks/main.yml
@@ -0,0 +1,79 @@
+- name: install package
+  package:
+    name: "{{ prometheus_package }}"
+
+- name: allow access to metrics from grafana
+  ufw:
+    rule: allow
+    direction: in
+    proto: tcp
+    src: "{{ grafana_server_ip }}"
+    to_port: "{{ prometheus_port }}"
+
+- name: allow access to metrics from management
+  ufw:
+    rule: allow
+    direction: in
+    proto: tcp
+    src: "{{ management_ip }}"
+    to_port: "{{ prometheus_port }}"
+
+- name: copy config file
+  copy:
+    src: "{{ prometheus_config }}"
+    dest: /etc/prometheus/prometheus.yml
+    owner: root
+    group: root
+    mode: '0644'
+
+- name: copy defaults file
+  copy:
+    src: "{{ prometheus_defaults }}"
+    dest: /etc/default/prometheus
+    owner: root
+    group: root
+    mode: '0644'
+
+- name: enable service
+  systemd:
+    name: prometheus
+    enabled: yes
+    masked: no
+
+- name: restart service
+  service:
+    name: prometheus
+    state: restarted
+
+- name: deploy nginx configuration
+  copy:
+    src: "{{ prometheus_nginx_config }}"
+    dest: /etc/nginx/sites-available/grafana.conf
+    owner: root
+    group: root
+    mode: '0644'
+
+- name: symlink site
+  file:
+    src: /etc/nginx/sites-available/grafana.conf
+    dest: /etc/nginx/sites-enabled/grafana.conf
+    owner: root
+    group: root
+    state: link
+
+- name: allow http (80/tcp) traffic
+  ufw:
+    rule: allow
+    port: '80'
+    proto: tcp
+
+- name: allow https (443/tcp) traffic
+  ufw:
+    rule: allow
+    port: '443'
+    proto: tcp
+
+- name: restart nginx
+  service:
+    name: nginx
+    state: restarted
-- 
cgit v1.2.3