A roles/prometheus_clients/tasks/desktop.yml => roles/prometheus_clients/tasks/desktop.yml +1 -0
M roles/prometheus_clients/tasks/main.yml => roles/prometheus_clients/tasks/main.yml +13 -44
@@ 1,51 1,20 @@
---
-- name: install
- community.general.pacman:
- name: prometheus-node-exporter
- state: present
+- name: Get secrets
+ ansible.builtin.set_fact:
+ prometheus_secrets: "{{ lookup('community.hashi_vault.hashi_vault', 'ansible/data/prometheus') }}"
-- name: create textfile dir
- ansible.builtin.file:
- path: /var/lib/prometheus_textfiles
- state: directory
- owner: node_exporter
- group: node_exporter
- mode: 0755
-
-- name: configure node exporter
- ansible.builtin.copy:
- src: prometheus-node-exporter
- dest: /etc/conf.d/prometheus-node-exporter
- owner: root
- group: root
- mode: 0644
- notify: restart node exporter
-
-- name: install textfile script
- ansible.builtin.copy:
- src: prometheus_arch.sh
- dest: /usr/local/bin/prometheus_arch.sh
+- name: Install curl wrapper for pushgateway auth
+ ansible.builtin.template:
+ src: curl-pushgateway.j2
+ dest: /usr/local/bin/curl-pushgateway
owner: root
group: root
mode: 0755
-- name: start and enable node exporter
- ansible.builtin.systemd:
- name: prometheus-node-exporter
- enabled: true
- state: started
-
-- name: add arch textfile cronjob
- ansible.builtin.cron:
- name: prometheus-arch
- state: present
- job: "chronic /usr/local/bin/prometheus_arch.sh"
- special_time: hourly
+- name: Include server playbook
+ include_tasks: server.yml
+ when: "'desktop' not in group_names"
-- name: allow in firewalld
- ansible.posix.firewalld:
- rich_rule: "rule family=ipv4 source address={{ lookup('community.general.dig', 'xenrox.net.') }} port port=9100 protocol=tcp accept"
- state: enabled
- permanent: true
- immediate: true
- when: "inventory_hostname != 'xenrox.net'"
+- name: Include desktop playbook
+ include_tasks: desktop.yml
+ when: "'desktop' in group_names"
A roles/prometheus_clients/tasks/server.yml => roles/prometheus_clients/tasks/server.yml +51 -0
@@ 0,0 1,51 @@
+---
+- name: install
+ community.general.pacman:
+ name: prometheus-node-exporter
+ state: present
+
+- name: create textfile dir
+ ansible.builtin.file:
+ path: /var/lib/prometheus_textfiles
+ state: directory
+ owner: node_exporter
+ group: node_exporter
+ mode: 0755
+
+- name: configure node exporter
+ ansible.builtin.copy:
+ src: prometheus-node-exporter
+ dest: /etc/conf.d/prometheus-node-exporter
+ owner: root
+ group: root
+ mode: 0644
+ notify: restart node exporter
+
+- name: install textfile script
+ ansible.builtin.copy:
+ src: prometheus_arch.sh
+ dest: /usr/local/bin/prometheus_arch.sh
+ owner: root
+ group: root
+ mode: 0755
+
+- name: start and enable node exporter
+ ansible.builtin.systemd:
+ name: prometheus-node-exporter
+ enabled: true
+ state: started
+
+- name: add arch textfile cronjob
+ ansible.builtin.cron:
+ name: prometheus-arch
+ state: present
+ job: "chronic /usr/local/bin/prometheus_arch.sh"
+ special_time: hourly
+
+- name: allow in firewalld
+ ansible.posix.firewalld:
+ rich_rule: "rule family=ipv4 source address={{ lookup('community.general.dig', 'xenrox.net.') }} port port=9100 protocol=tcp accept"
+ state: enabled
+ permanent: true
+ immediate: true
+ when: "inventory_hostname != 'xenrox.net'"
A roles/prometheus_clients/templates/curl-pushgateway.j2 => roles/prometheus_clients/templates/curl-pushgateway.j2 +4 -0
@@ 0,0 1,4 @@
+#!/bin/bash
+
+hostname="$(uname -n)"
+curl --user "{{ prometheus_secrets['pushgateway_user'] }}:{{ prometheus_secrets['pushgateway_pass'] }}" --data-binary @- https://push.xenrox.net/metrics/job/$1/instance/$hostname