--- - name: Install Prometheus Components apt: name: - prometheus-blackbox-exporter state: latest update_cache: true register: apt_result retries: 3 until: apt_result is succeeded - name: Copy the CA cert copy: content: "{{ ca_cert }}" dest: /etc/prometheus/ca.crt notify: - Restart blackbox-exporter - Reload nginx - name: Generate certificate include_role: name: generate-cert vars: directory: /etc/prometheus/ cname: "blackbox-{{ lan_address }}" owner: prometheus group: prometheus key_mode: u=rw,g=,o= subject_alt_name: "IP:{{ lan_address }}" # Need an equivalent to notify here - name: Ensured the certificate is monitored import_tasks: register-cert-to-monitoring.yml vars: target: "{{ lan_address }}:9115|blackbox-{{ lan_address }}|{{ ansible_facts['nodename'] }}" - name: Setup the blackbox config template: src: blackbox.yml dest: /etc/prometheus/blackbox.yml owner: prometheus group: prometheus mode: '0640' notify: Restart blackbox-exporter no_log: "{{ enable_no_log | default('true') }}" #- name: Copy the web-config folder # template: # src: web-config.yaml # dest: /etc/prometheus/web-config-blackbox.yaml # group: prometheus # owner: prometheus # mode: u=rw,g=r,o=r # notify: Restart blackbox-exporter - name: Setup the arguments for prometheus template: src: prometheus-blackbox-exporter dest: /etc/default/prometheus-blackbox-exporter owner: root group: root mode: '0644' notify: Restart blackbox-exporter vars: args: - name: web.listen-address value: "127.0.0.1:9115" # value: "{{ lan_address }}:9115" - name: config.file value: /etc/prometheus/blackbox.yml # - name: web.config.file # value: /etc/prometheus/web-config.yaml ## Here we go, using nginx to add mSSL to prometheus... because who need to authentication on the server with ALL the jucy data? # Think prometheus, think! - name: Copy the nginx config template: src: atrocious_nginx_stub dest: "/etc/nginx/sites-available/internal-blackbox" notify: Reload nginx - name: Activate the config file: src: "/etc/nginx/sites-available/internal-blackbox" dest: "/etc/nginx/sites-enabled/internal-blackbox" state: link force: yes - name: Add alert rules for node on the prometheus server copy: src: alerts-blackbox.yml dest: /etc/prometheus/alertsblackbox.yml owner: prometheus group: prometheus mode: u=rw,g=r,o=r notify: Restart prometheus