ansible/roles/grafana/tasks/main.yml
2022-07-21 18:27:55 +02:00

79 lines
1.8 KiB
YAML

---
- name: Install apt transport https
apt:
name:
- apt-transport-https
state: latest
update_cache: true
register: apt_result
retries: 3
until: apt_result is succeeded
- name: Add Graphana Repo Key
apt_key:
url: https://packages.grafana.com/gpg.key
state: present
- name: Add Grafana Repository
apt_repository:
repo: deb https://packages.grafana.com/oss/deb stable main
state: present
- name: Install Grafana
apt:
name:
- grafana
state: latest
update_cache: true
register: apt_result
retries: 3
until: apt_result is succeeded
- name: Configure Grafana
template:
src: grafana.ini
dest: /etc/grafana/grafana.ini
owner: grafana
group: grafana
mode: u=rw,g=r,o=
no_log: "{{ enable_no_log | default('true') }}"
notify: Restart Grafana
- name: Copy the CA cert
copy:
content: "{{ ca_cert }}"
dest: /etc/grafana/ca.crt
notify: Restart prometheus
- name: Generate certificate
include_role:
name: generate-cert
vars:
directory: /etc/grafana/
cname: "grafana-{{ lan_address }}"
owner: grafana
group: grafana
key_mode: u=rw,g=,o=
subject_alt_name: "IP:{{ lan_address }}"
# Need an equivalent to notify here
## THIS CERT CANNOT BE MONITORED BECAUSE IT IS A CLIENT CERT :'(
#- name: Ensured the certificate is monitored
# import_tasks: register-cert-to-monitoring.yml
# vars:
# target: "{{ lan_address }}:<PORT>|grafana-{{ lan_address }}|{{ ansible_facts['nodename'] }}"
- name: Add Prometheus data source
template:
src: prometheus_datasource.yaml
dest: /etc/grafana/provisioning/datasources/prometheus_datasource.yaml
owner: grafana
group: grafana
mode: u=rw,g=r,o=
notify: Restart Grafana
- name: Enable Grafana
systemd:
name: grafana-server
enabled: true
state: started