From 95b73daa36b23565a8566f71f9b202d3459b685f Mon Sep 17 00:00:00 2001
From: Sam Chudnick <sam@chudnick.com>
Date: Sun, 25 Jun 2023 09:52:36 -0400
Subject: Initial Commit

---
 roles/services/monitoring/promtail/tasks/main.yml | 151 ++++++++++++++++++++++
 1 file changed, 151 insertions(+)
 create mode 100644 roles/services/monitoring/promtail/tasks/main.yml

(limited to 'roles/services/monitoring/promtail/tasks')

diff --git a/roles/services/monitoring/promtail/tasks/main.yml b/roles/services/monitoring/promtail/tasks/main.yml
new file mode 100644
index 0000000..f8b28cc
--- /dev/null
+++ b/roles/services/monitoring/promtail/tasks/main.yml
@@ -0,0 +1,151 @@
+- name: install extrepo
+  when: ansible_facts['distribution'] == 'Debian'
+  package:
+    name: extrepo
+    state: latest
+
+- name: add grafana repo | debian
+  when: ansible_facts['distribution'] == 'Debian'
+  register: result
+  changed_when: result.stdout | regex_search("skipped") | bool
+  notify: update repos - debian
+  command:
+    cmd: extrepo enable grafana
+    creates: /etc/apt/sources.list.d/extrepo_grafana.sources
+
+- meta: flush_handlers
+
+- name: update grafana extrepo data | debian
+  when: ansible_facts['distribution'] == 'Debian'
+  changed_when: false
+  command:
+    cmd: extrepo update grafana
+
+- name: add Grafana repo | fedora
+  when: ansible_facts['distribution'] == 'Fedora'
+  notify: update repos - fedora
+  yum_repository:
+    name: grafana
+    file: grafna
+    description: "Grafana OSS Repo"
+    baseurl: "https://rpm.grafana.com"
+    repo_gpgcheck: yes
+    enabled: yes
+    gpgcheck: yes
+    gpgkey: https://rpm.grafana.com/gpg.key
+    sslverify: yes
+    sslcacert: /etc/pki/tls/certs/ca-bundle.crt
+    exclude: "*beta*"
+
+- name: install promtail
+  package:
+    name: promtail
+    state: latest
+
+- name: add promtail to adm group for log access (debian)
+  when: ansible_facts['distribution'] == 'Debian'
+  user:
+    name: promtail
+    groups: adm
+    append: yes
+
+- name: add promtail to systemd-journal group for journal access
+  user:
+    name: promtail
+    groups: systemd-journal
+    append: yes
+
+- name: create docker plugin directory
+  when: "'docker_hosts' in group_names"
+  become: yes
+  become_user: "{{ docker_username }}"
+  file:
+    path: "{{ docker_home }}/plugins"
+    state: directory
+    owner: "{{ docker_username }}"
+    group: "{{ docker_username }}"
+    mode: "0755"
+
+- name: clone loki repo
+  when: "'docker_hosts' in group_names"
+  become: yes
+  become_user: "{{ docker_username }}"
+  git:
+    repo: "{{ loki_repo }}"
+    dest: "{{ docker_home }}/plugins/loki"
+    version: "{{ loki_version }}"
+  register: repo
+  notify: build loki-docker-driver plugin for private repo
+
+- meta: flush_handlers
+
+- name: login to docker registry
+  when: "'docker_hosts' in group_names"
+  become: yes
+  become_user: "{{ docker_username }}"
+  environment:
+    XDG_RUNTIME_DIR: "/run/user/{{ docker_uid }}"
+  docker_login:
+    docker_host: "unix://run/user/{{ docker_uid }}/docker.sock"
+    registry_url: "{{ docker_registry_url }}"
+    username: "{{ docker_registry_username }}"
+    password: "{{ docker_registry_password }}"
+
+# docker driver rootless
+
+- name: enable loki-docker-driver plugin
+  when: "'docker_hosts' in group_names"
+  become: yes
+  become_user: "{{ docker_username }}"
+  notify: restart rootless docker
+  community.docker.docker_plugin:
+    plugin_name: "{{ docker_registry_url }}/{{ docker_registry_username }}/loki-docker-driver:main"
+    state: enable
+    docker_host: "unix://run/user/{{ docker_uid }}/docker.sock"
+    alias: loki
+
+- name: deploy docker config
+  when: "'docker_hosts' in group_names"
+  notify: restart rootless docker
+  copy:
+    src: "{{ docker_config }}"
+    dest: "{{ docker_home }}/.config/docker/daemon.json"
+    owner: "{{ docker_username }}"
+    group: "{{ docker_username }}"
+    mode: '0644'
+
+# docker driver root
+
+- name: enable loki-docker-driver plugin
+  when: "'docker_hosts' in group_names"
+  notify: restart docker
+  community.docker.docker_plugin:
+    plugin_name: "{{ docker_registry_url }}/{{ docker_registry_username }}/loki-docker-driver:main"
+    state: enable
+    alias: loki
+
+- name: deploy docker config
+  when: "'docker_hosts' in group_names"
+  notify: restart docker
+  copy:
+    src: "{{ docker_config }}"
+    dest: /etc/docker/daemon.json
+    owner: root
+    group: root
+    mode: '0644'
+
+- name: deploy promtail configuration
+  notify: restart promtail
+  copy:
+    src: "{{ promtail_config }}"
+    dest: /etc/promtail/config.yml
+    owner: root
+    group: root
+    mode: '0644'
+
+- name: enable promtail
+  systemd:
+    daemon_reload: yes
+    enabled: yes
+    masked: no
+    name: promtail
-- 
cgit v1.2.3