add prometheus data source with mssl

roles/grafana/tasks/main.yml

@@ -39,6 +39,33 @@
   no_log: true
   notify: Restart Grafana
 
+- name: Copy the CA cert
+  copy:
+    content: "{{ ca_cert }}"
+    dest: /etc/grafana/ca.crt
+  notify: Restart prometheus
+
+- name: Generate certificate
+  include_role:
+    name: generate-cert
+  vars:
+    directory: /etc/grafana/
+    cname: "grafana-{{ lan_address }}"
+    owner: grafana
+    group: grafana
+    key_mode: u=rw,g=,o=
+    subject_alt_name: "IP:{{ lan_address }}"
+# Need an equivalent to notify here
+
+- name: Add Prometheus data source
+  template:
+    src: prometheus_datasource.yaml
+    dest: /etc/grafana/provisioning/datasources/prometheus_datasource.yaml
+    owner: grafana
+    group: grafana
+    mode: u=rw,g=r,o=
+  notify: Restart Grafana
+
 - name: Enable Grafana
   systemd:
     name: grafana-server

roles/grafana/templates/prometheus_datasource.yaml

@@ -0,0 +1,17 @@
+{{ ansible_managed | comment }}
+apiVersion: 1
+
+datasources:
+  - name: Prometheus
+    type: prometheus
+    # Access mode - proxy (server in the UI) or direct (browser in the UI).
+    access: proxy
+    url: https://{{ lan_address }}:9090
+    jsonData:
+      httpMethod: POST
+	  tlsAuth: true
+	  tlsAuthWithCACert: true
+    secureJsonData: 
+	  tlsCACert: $__file{/etc/grafana/ca.cert}
+	  tlsClientCert: $__file{/etc/grafana/grafana-{{ lan_address }}.cert}
+	  tlsClientKey: $__file{/etc/grafana/grafana-{{ lan_address }}.key}