Commit 9e8288f6 authored by HgO's avatar HgO
Browse files

Merge branch '66-playbook-pour-grafana' into 'main'

Resolve "Playbook pour Grafana"

Closes #66

See merge request Neutrinet/infra!74
parents d9f5d0ca ea681728
Pipeline #414 passed with stage
in 1 minute and 30 seconds
mail_notification: hub-infra@neutrinet.be
acme_enabled: true
acme_account_email: "{{ mail_notification }}"
acme_directory_url: https://acme-v02.api.letsencrypt.org/directory
users:
- name: tharyrok
shell: /bin/zsh
......@@ -43,8 +49,6 @@ users:
keys:
- "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPjigU9KeN4e973Lhbp39RvifzkC0uVZjTefD8wXtNDE celo@smeagol"
mail_notification: "hub-infra@neutrinet.be"
telegraf_username: telegraf
telegraf_password: !vault |
$ANSIBLE_VAULT;1.1;AES256
......
grafana_domain: grafana.neutrinet.be
grafana_org_name: Neutrinet
......@@ -137,3 +137,6 @@ man.patata.louise.neutri.net
[alertmanager]
monitoring.htz.neutri.net
[grafana]
monitoring.htz.neutri.net
- hosts: grafana
become: true
pre_tasks:
- name: Update cache
apt:
update_cache: true
cache_valid_time: 3600
roles:
- grafana
......@@ -3,5 +3,6 @@ caddy_vhosts_dir: "{{ caddy_config_dir }}/conf.d"
caddy_log_dir: /var/log/caddy
caddy_healthcheck_log: "{{ caddy_log_dir }}/healthcheck.log"
acme_enabled: false
acme_account_email: contact@example.com
acme_directory_url: https://acme-v02.api.letsencrypt.org/directory
acme_directory_url: https://acme-staging-v02.api.letsencrypt.org/directory
grafana_domain: grafana.example.com
grafana_org_name: Example
# Grab metrics about grafana
- targets:
- localhost:3000
labels:
job: grafana
- name: restart grafana
service:
name: grafana-server
state: restarted
- name: reload prometheus
service:
name: prometheus
state: reloaded
*********************************
Vagrant driver installation guide
*********************************
Requirements
============
* Vagrant
* Virtualbox, Parallels, VMware Fusion, VMware Workstation or VMware Desktop
Install
=======
Please refer to the `Virtual environment`_ documentation for installation best
practices. If not using a virtual environment, please consider passing the
widely recommended `'--user' flag`_ when invoking ``pip``.
.. _Virtual environment: https://virtualenv.pypa.io/en/latest/
.. _'--user' flag: https://packaging.python.org/tutorials/installing-packages/#installing-to-the-user-site
.. code-block:: bash
$ pip install 'molecule_vagrant'
---
- name: Converge
hosts: all
become: true
roles:
- grafana
dependency:
name: galaxy
driver:
name: vagrant
provider:
name: virtualbox
platforms:
- name: buster-grafana-molecule
box: debian/buster64
cpu: 2
memory: 1024
interfaces:
- network_name: private_network
type: dhcp
auto_config: true
provisioner:
name: ansible
config_options:
defaults:
interpreter_python: /usr/bin/python3
ssh_connection:
pipelining: true
verifier:
name: ansible
---
- name: Prepare
hosts: all
become: true
pre_tasks:
- name: Mise à jour du cache APT
apt:
update_cache: true
cache_valid_time: 3600
roles:
- telegraf
- prometheus
- name: Installation de Caddy2
import_role:
name: caddy_server
vars:
caddy_template: caddy/grafana.j2
tags: ['caddy']
- name: Copie de la configuration Caddy2
template:
src: caddy/grafana.j2
dest: "{{ caddy_vhosts_dir }}/{{ grafana_domain | replace('.', '-') }}.conf"
owner: root
group: root
mode: "u=rw,go=r"
validate: caddy validate --adapter caddyfile --config %s
notify: reload caddy
- name: Ajout de la clé GPG de Grafana dans APT
apt_key:
url: https://packages.grafana.com/gpg.key
state: present
- name: Ajout du dépôt APT Grafana
apt_repository:
repo: deb https://packages.grafana.com/oss/deb stable main
filename: grafana
state: present
- name: Installation de Grafana
package:
name: grafana
state: present
- name: Configuration de Grafana
template:
src: grafana/grafana.ini.j2
dest: /etc/grafana/grafana.ini
owner: grafana
group: grafana
mode: "u=rw,g=r,o="
notify: restart grafana
- name: Activation de Grafana au démarrage
service:
name: grafana-server
state: started
enabled: yes
- name: Ajout du job grafana dans Prometheus
copy:
src: prometheus/grafana.yml
dest: /etc/prometheus/conf.d/grafana.yml
owner: prometheus
group: prometheus
mode: "u=rw,go=r"
notify: reload prometheus
- name: Vérification du mot de passe admin
uri:
url: http://localhost:3000/api/login/ping
user: admin
# on utilise le mot de passe par défaut
# permet de vérifier si c'est une nouvelle install
password: admin
force_basic_auth: true
status_code: [200, 401]
no_log: true
register: _grafana_admin_login_checked
retries: 10
delay: 3
until: _grafana_admin_login_checked is success
- import_tasks: grafana/postinstall.yml
when: _grafana_admin_login_checked.status == 200
tags: ['grafana_postinstall']
- name: Récupération des infos de l'organisation par défaut
uri:
url: http://localhost:3000/api/org
user: admin
password: admin
force_basic_auth: true
register: _grafana_org
no_log: true
- name: Modification du nom de l'organisation
# Nécessaire pour permettre un accès anonyme aux dashboards de l'organisation
uri:
url: http://localhost:3000/api/org
method: PUT
body_format: form-multipart
body:
name: "{{ grafana_org_name }}"
user: admin
password: admin
force_basic_auth: true
changed_when: _grafana_org.json.name != grafana_org_name
no_log: true
- import_tasks: grafana/main.yml
tags: ['grafana']
- import_tasks: caddy.yml
tags: ['caddy']
{{ grafana_domain }} {
{% if not acme_enabled %}
tls internal
{% endif %}
reverse_proxy {
to http://127.0.0.1:3000
flush_interval -1
transport http {
keepalive 310s
compression off
}
}
log {
output file /var/log/caddy/{{ grafana_domain | replace('.', '-') }}.log
}
}
This diff is collapsed.
......@@ -5,6 +5,7 @@
owner: root
group: root
mode: "u=rw,go=r"
validate: caddy validate --adapter caddyfile --config %s
notify: reload caddy
- name: Trigger Caddy handlers
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment