prometheus: First version of role

2023-08-19 17:29:00 +00:00 · 2023-08-19 17:29:00 +00:00 · 9b1aa236c5
commit 9b1aa236c5
parent 051acc86cc
6 changed files with 172 additions and 0 deletions
--- a/roles/prometheus/tasks/main.yml
+++ b/roles/prometheus/tasks/main.yml
@ -0,0 +1,115 @@
+---
+- name: Create group
+  ansible.builtin.group:
+    name: prometheus
+    gid: 305
+
+- name: Create user
+  ansible.builtin.user:
+    name: prometheus
+    comment: Service Prometheus
+    createhome: false
+    group: prometheus
+    home: /var/empty
+    shell: /sbin/nologin
+    uid: 305
+
+- name: Extract package
+  ansible.builtin.unarchive:
+    src: https://github.com/prometheus/prometheus/releases/download/v2.45.0/prometheus-2.45.0.linux-amd64.tar.gz
+    dest: /usr/local/src
+    owner: root
+    group: "{{ ansible_wheel }}"
+    remote_src: true
+
+- name: Copy binaries
+  ansible.builtin.copy:
+    dest: "/usr/local/sbin/{{ item }}"
+    src: "/usr/local/src/prometheus-2.45.0.linux-amd64/{{ item }}"
+    mode: "0755"
+    owner: root
+    group: "{{ ansible_wheel }}"
+    remote_src: true
+  with_items:
+    - promtool
+    - prometheus
+
+- name: Create data directories
+  ansible.builtin.file:
+    path: "{{ item }}"
+    state: directory
+    mode: "0750"
+    owner: root
+    group: prometheus
+  with_items:
+    - /export/prometheus
+    - /export/prometheus/node.d
+
+- name: Link data directory
+  ansible.builtin.file:
+    path: /srv/prometheus
+    src: /export/prometheus
+    state: link
+    owner: root
+    group: "{{ ansible_wheel }}"
+    follow: false
+
+- name: Create database directory
+  ansible.builtin.file:
+    path: /srv/prometheus/data
+    state: directory
+    mode: "0770"
+    owner: root
+    group: prometheus
+
+- name: Create configuration
+  ansible.builtin.template:
+    dest: /srv/prometheus/prometheus.yml
+    src: prometheus.yml.j2
+    mode: "0640"
+    owner: root
+    group: prometheus
+  notify: Restart prometheus
+
+- name: Create host configs
+  ansible.builtin.template:
+    dest: "/srv/prometheus/node.d/{{ item }}"
+    src: node.json.j2
+    mode: "0640"
+    owner: root
+    group: prometheus
+  notify: Restart prometheus
+  with_items: "{{ groups['all'] }}"
+
+- name: Create service file
+  ansible.builtin.copy:
+    dest: /etc/systemd/system/prometheus.service
+    src: prometheus.service
+    mode: "0644"
+    owner: root
+    group: "{{ ansible_wheel }}"
+  notify: Restart prometheus
+
+- name: Enable service
+  ansible.builtin.service:
+    name: prometheus
+    state: started
+    enabled: true
+
+- name: Allow nginx to connect prometheus
+  ansible.posix.seboolean:
+    name: httpd_can_network_connect
+    state: true
+    persistent: true
+
+- name: Copy nginx config
+  ansible.builtin.copy:
+    dest: "/etc/nginx/conf.d/{{ inventory_hostname }}/prometheus.conf"
+    content: |
+      location / {
+        proxy_pass http://127.0.0.1:9090;
+      }
+    mode: 0644
+    owner: root
+    group: "{{ ansible_wheel }}"
+  notify: Restart nginx