ansible/roles/prometheus/tasks/main.yml

---
- name: Create group
  ansible.builtin.group:
    name: prometheus
    gid: 305

- name: Create user
  ansible.builtin.user:
    name: prometheus
    comment: Service Prometheus
    createhome: false
    group: prometheus
    home: /var/empty
    shell: /sbin/nologin
    uid: 305

- name: Extract package
  ansible.builtin.unarchive:
    src: https://github.com/prometheus/prometheus/releases/download/v2.45.0/prometheus-2.45.0.linux-amd64.tar.gz
    dest: /usr/local/src
    owner: root
    group: "{{ ansible_wheel }}"
    remote_src: true

- name: Copy binaries
  ansible.builtin.copy:
    dest: "/usr/local/sbin/{{ item }}"
    src: "/usr/local/src/prometheus-2.45.0.linux-amd64/{{ item }}"
    mode: "0755"
    owner: root
    group: "{{ ansible_wheel }}"
    remote_src: true
  with_items:
    - promtool
    - prometheus

- name: Create data directories
  ansible.builtin.file:
    path: "{{ item }}"
    state: directory
    mode: "0750"
    owner: root
    group: prometheus
  with_items:
    - /export/prometheus
    - /export/prometheus/node.d

- name: Link data directory
  ansible.builtin.file:
    path: /srv/prometheus
    src: /export/prometheus
    state: link
    owner: root
    group: "{{ ansible_wheel }}"
    follow: false

- name: Create database directory
  ansible.builtin.file:
    path: /srv/prometheus/data
    state: directory
    mode: "0770"
    owner: root
    group: prometheus

- name: Create configuration
  ansible.builtin.template:
    dest: /srv/prometheus/prometheus.yml
    src: prometheus.yml.j2
    mode: "0640"
    owner: root
    group: prometheus
  notify: Restart prometheus

- name: Create host configs
  ansible.builtin.template:
    dest: "/srv/prometheus/node.d/{{ item }}.json"
    src: node.json.j2
    mode: "0640"
    owner: root
    group: prometheus
  notify: Restart prometheus
  with_items: "{{ groups['all'] }}"

- name: Create service file
  ansible.builtin.copy:
    dest: /etc/systemd/system/prometheus.service
    src: prometheus.service
    mode: "0644"
    owner: root
    group: "{{ ansible_wheel }}"
  notify: Restart prometheus

- name: Enable service
  ansible.builtin.service:
    name: prometheus
    state: started
    enabled: true

- name: Allow nginx to connect prometheus
  ansible.posix.seboolean:
    name: httpd_can_network_connect
    state: true
    persistent: true

- name: Copy nginx config
  ansible.builtin.copy:
    dest: "/etc/nginx/conf.d/{{ inventory_hostname }}/prometheus.conf"
    content: |
      location / {
        proxy_pass http://127.0.0.1:9090;
      }
    mode: 0644
    owner: root
    group: "{{ ansible_wheel }}"
  notify: Restart nginx