Add (commented) certbot role (+some config)
Showing
| --- | ||
| - hosts: monitorhosts | ||
| - hosts: localhost | ||
| become: true | ||
| become_user: root | ||
| remote_user: root | ||
| ... | ... | @@ -9,131 +9,48 @@ |
| - cloudalchemy.node-exporter | ||
| - cloudalchemy.blackbox-exporter | ||
| - cloudalchemy.grafana | ||
| # - geerlingguy.certbot | ||
| tasks: | ||
| - name: Allow grafana to bind to ports below 1024 | ||
| shell: setcap 'cap_net_bind_service=+ep' /usr/sbin/grafana-server | ||
| - name: Restart grafana | ||
| shell: systemctl restart grafana-server.service | ||
| vars: | ||
| prometheus_targets: | ||
| node: | ||
| - targets: | ||
| - localhost:9100 | ||
| - motsugo.ucc.asn.au:9100 | ||
| - mussel.ucc.asn.au:9100 | ||
| - mooneye.ucc.asn.au:9100 | ||
| - molmol.ucc.asn.au:9100 | ||
| - cerberus.ucc.asn.au:9100 | ||
| - loveday.ucc.asn.au:9100 | ||
| - magikarp.ucc.asn.au:9100 | ||
| - maltair.ucc.asn.au:9100 | ||
| - loveday.ucc.asn.au:9100 | ||
| - medico.ucc.asn.au:9100 | ||
| - magikarp.ucc.asn.au:9100 | ||
| - mudkip.ucc.asn.au:9100 | ||
| labels: | ||
| env: demo | ||
| job: node | ||
| env: ucc | ||
| job: cluster | ||
| - targets: | ||
| - localhost:9093 | ||
| - uccmonitor.ucc.asn.au:9100 | ||
| labels: | ||
| env: demo | ||
| job: alertmanager | ||
| env: ucc | ||
| job: VMs | ||
| - targets: | ||
| - localhost:3000 | ||
| labels: | ||
| env: demo | ||
| job: grafana | ||
| prometheus_web_external_url: 'http://{{ ansible_host }}:9090' | ||
| prometheus_alertmanager_config: | ||
| - scheme: http | ||
| static_configs: | ||
| - targets: ['127.0.0.1:9093'] | ||
| prometheus_scrape_jobs: | ||
| - job_name: 'blackbox' | ||
| metrics_path: /probe | ||
| params: | ||
| module: [http_2xx] | ||
| static_configs: | ||
| - targets: | ||
| - http://localhost:9100 | ||
| - motsugo.ucc.asn.au:9100 | ||
| - mussel.ucc.asn.au:9100 | ||
| - mooneye.ucc.asn.au:9100 | ||
| - molmol.ucc.asn.au:9100 | ||
| - cerberus.ucc.asn.au:9100 | ||
| - loveday.ucc.asn.au:9100 | ||
| - magikarp.ucc.asn.au:9100 | ||
| - maltair.ucc.asn.au:9100 | ||
| - medico.ucc.asn.au:9100 | ||
| - mudkip.ucc.asn.au:9100 | ||
| relabel_configs: | ||
| - source_labels: [__address__] | ||
| target_label: __param_target | ||
| - source_labels: [__param_target] | ||
| target_label: instance | ||
| - target_label: __address__ | ||
| replacement: 127.0.0.1:9115 # Blackbox exporter. | ||
| alertmanager_external_url: 'http://{{ ansible_host }}:9093' | ||
| alertmanager_receivers: | ||
| - name: 'email-wheel' | ||
| email_configs: | ||
| - to: '[email protected]' | ||
| from: '[email protected]' | ||
| smarthost: 'smtp.ucc.com:587' | ||
| auth_username: '[email protected]' | ||
| auth_identity: '[email protected]' | ||
| auth_password: SomePasswordHere | ||
| alertmanager_route: | ||
| group_by: ['alertname', 'cluster', 'service'] | ||
| group_wait: 30s | ||
| group_interval: 5m | ||
| repeat_interval: 3h | ||
| receiver: 'email-wheel' | ||
| grafana_datasources: | ||
| - name: Prometheus | ||
| type: prometheus | ||
| access: proxy | ||
| url: 'http://localhost:9090' | ||
| isDefault: true | ||
| basicAuth: false | ||
| grafana_security: | ||
| admin_user: admin | ||
| admin_password: 'changeme' | ||
| # todo: make LDAP | ||
| grafana_auth: | ||
| anonymous: | ||
| org_name: 'UCC'--- | ||
| - hosts: monitorhosts | ||
| become: true | ||
| become_user: root | ||
| remote_user: root | ||
| roles: | ||
| - cloudalchemy.prometheus | ||
| - cloudalchemy.alertmanager | ||
| - cloudalchemy.node-exporter | ||
| - cloudalchemy.blackbox-exporter | ||
| - cloudalchemy.grafana | ||
| vars: | ||
| prometheus_targets: | ||
| node: | ||
| - targets: | ||
| - localhost:9100 | ||
| - motsugo.ucc.asn.au:9100 | ||
| - titan.ucc.asn.au:9100 | ||
| - mussel.ucc.asn.au:9100 | ||
| - mooneye.ucc.asn.au:9100 | ||
| - molmol.ucc.asn.au:9100 | ||
| - cerberus.ucc.asn.au:9100 | ||
| - loveday.ucc.asn.au:9100 | ||
| - magikarp.ucc.asn.au:9100 | ||
| - maltair.ucc.asn.au:9100 | ||
| - medico.ucc.asn.au:9100 | ||
| - mudkip.ucc.asn.au:9100 | ||
| labels: | ||
| env: demo | ||
| job: node | ||
| env: ucc | ||
| job: other | ||
| - targets: | ||
| - localhost:9093 | ||
| labels: | ||
| env: demo | ||
| env: ucc | ||
| job: alertmanager | ||
| - targets: | ||
| - localhost:3000 | ||
| labels: | ||
| env: demo | ||
| env: ucc | ||
| job: grafana | ||
| prometheus_web_external_url: 'http://{{ ansible_host }}:9090' | ||
| prometheus_alertmanager_config: | ||
| ... | ... | @@ -147,17 +64,18 @@ |
| module: [http_2xx] | ||
| static_configs: | ||
| - targets: | ||
| - http://localhost:9100 | ||
| - motsugo.ucc.asn.au:9100 | ||
| - mussel.ucc.asn.au:9100 | ||
| - mooneye.ucc.asn.au:9100 | ||
| - molmol.ucc.asn.au:9100 | ||
| - cerberus.ucc.asn.au:9100 | ||
| - loveday.ucc.asn.au:9100 | ||
| - magikarp.ucc.asn.au:9100 | ||
| - maltair.ucc.asn.au:9100 | ||
| - medico.ucc.asn.au:9100 | ||
| - mudkip.ucc.asn.au:9100 | ||
| - http://uccmonitor.ucc.asn.au:9100 | ||
| - http://motsugo.ucc.asn.au:9100 | ||
| - http://titan.ucc.asn.au:9100 | ||
| - http://mussel.ucc.asn.au:9100 | ||
| - http://mooneye.ucc.asn.au:9100 | ||
| - http://molmol.ucc.asn.au:9100 | ||
| - http://cerberus.ucc.asn.au:9100 | ||
| - http://loveday.ucc.asn.au:9100 | ||
| - http://magikarp.ucc.asn.au:9100 | ||
| - http://maltair.ucc.asn.au:9100 | ||
| - http://medico.ucc.asn.au:9100 | ||
| - http://mudkip.ucc.asn.au:9100 | ||
| relabel_configs: | ||
| - source_labels: [__address__] | ||
| target_label: __param_target | ||
| ... | ... | @@ -181,6 +99,14 @@ |
| group_interval: 5m | ||
| repeat_interval: 3h | ||
| receiver: 'email-wheel' | ||
| grafana_server: | ||
| # protocol: https | ||
| # http_port: 443 | ||
| # domain: monitor.ucc.asn.au | ||
| # root_url: https://monitor.ucc.asn.au | ||
| # cert_file: /etc/letsencrypt/live/monitor.ucc.asn.au/fullchain.pem | ||
| # cert_key: /etc/letsencrypt/live/monitor.ucc.asn.au/privkey.pem | ||
| enable_gzip: true | ||
| grafana_datasources: | ||
| - name: Prometheus | ||
| type: prometheus | ||
| ... | ... | @@ -195,16 +121,7 @@ |
| grafana_auth: | ||
| anonymous: | ||
| org_name: 'UCC' | ||
| org_role: Admin | ||
| grafana_dashboards: | ||
| - dashboard_id: '1860' # Node Exporter Full | ||
| revision_id: '15' | ||
| datasource: 'Prometheus' | ||
| - dashboard_id: '3662' # Prometheus 2.0 Overview | ||
| revision_id: '2' | ||
| datasource: 'Prometheus' | ||
| org_role: Admin | ||
| org_role: Viewer | ||
| grafana_dashboards: | ||
| - dashboard_id: '1860' # Node Exporter Full | ||
| revision_id: '15' | ||
| ... | ... | @@ -212,3 +129,9 @@ |
| - dashboard_id: '3662' # Prometheus 2.0 Overview | ||
| revision_id: '2' | ||
| datasource: 'Prometheus' | ||
| certbot_certs: | ||
| - domains: | ||
| - monitor.ucc.asn.au | ||
| certbot_auto_renew: true | ||
| certbot_create_if_missing: true | ||
| certbot_admin_email: [email protected] |
Please register or sign in to comment