From 2a69cb23a6475e86cf1e99eb922327df90c4c784 Mon Sep 17 00:00:00 2001 From: Jean-Marie Mineau Date: Tue, 21 Sep 2021 15:50:15 +0200 Subject: [PATCH] add configuration to use mSSL --- roles/prometheus-node-exporter/tasks/main.yml | 19 ++++++++++++++++++- .../templates/config.yaml | 7 +++++++ 2 files changed, 25 insertions(+), 1 deletion(-) create mode 100644 roles/prometheus-node-exporter/templates/config.yaml diff --git a/roles/prometheus-node-exporter/tasks/main.yml b/roles/prometheus-node-exporter/tasks/main.yml index 1c3662f..3f8d8b5 100644 --- a/roles/prometheus-node-exporter/tasks/main.yml +++ b/roles/prometheus-node-exporter/tasks/main.yml @@ -16,13 +16,30 @@ # and add --web.config=/etc/node_exporter/config.yaml to # the args in /etc/default/prometheus-node-exporter +- name: Ensure /etc/node_exporter exist + file: + path: /etc/node_exporter + state: directory + group: prometheus + owner: prometheus + mode: u=rwx,g=rx,o=rx + +- name: Copy the config folder + template: + src: config.yaml + dest: /etc/node_exporter/config.yaml + group: prometheus + owner: prometheus + mode: u=rw,g=r,o=r + notify: Restart prometheus-node-exporter + - name: Setup the arguments for node-exporter template: src: prometheus-node-exporter dest: /etc/default/prometheus-node-exporter owner: root group: root - mode: '0644' + mode: u=rw,g=r,o=r notify: Restart prometheus-node-exporter vars: args: diff --git a/roles/prometheus-node-exporter/templates/config.yaml b/roles/prometheus-node-exporter/templates/config.yaml new file mode 100644 index 0000000..88ced8a --- /dev/null +++ b/roles/prometheus-node-exporter/templates/config.yaml @@ -0,0 +1,7 @@ +{{ ansible_managed | comment }} + +tls_server_config: + cert_file: "/etc/node_exporter/{{ lan_address }}.crt" + key_file: "/etc/node_exporter/{{ lan_address }}.key" + client_auth_type: "RequireAndVerifyClientCert" + client_ca_file: "/etc/node_exporter/ca.crt"