--- - name: Install apt transport https apt: name: - apt-transport-https state: latest update_cache: true register: apt_result retries: 3 until: apt_result is succeeded - name: Add Graphana Repo Key apt_key: url: https://packages.grafana.com/gpg.key state: present - name: Add Grafana Repository apt_repository: repo: deb https://packages.grafana.com/oss/deb stable main state: present - name: Install Grafana apt: name: - grafana state: latest update_cache: true register: apt_result retries: 3 until: apt_result is succeeded - name: Configure Grafana template: src: grafana.ini dest: /etc/grafana/grafana.ini owner: grafana group: grafana mode: u=rw,g=r,o= no_log: true notify: Restart Grafana - name: Copy the CA cert copy: content: "{{ ca_cert }}" dest: /etc/grafana/ca.crt notify: Restart prometheus - name: Generate certificate include_role: name: generate-cert vars: directory: /etc/grafana/ cname: "grafana-{{ lan_address }}" owner: grafana group: grafana key_mode: u=rw,g=,o= subject_alt_name: "IP:{{ lan_address }}" # Need an equivalent to notify here ## THIS CERT CANNOT BE MONITORED BECAUSE IT IS A CLIENT CERT :'( #- name: Ensured the certificate is monitored # import_tasks: register-cert-to-monitoring.yml # vars: # target: "{{ lan_address }}:|grafana-{{ lan_address }}|{{ ansible_facts['nodename'] }}" - name: Add Prometheus data source template: src: prometheus_datasource.yaml dest: /etc/grafana/provisioning/datasources/prometheus_datasource.yaml owner: grafana group: grafana mode: u=rw,g=r,o= notify: Restart Grafana - name: Enable Grafana systemd: name: grafana-server enabled: true state: started