gitea-admin
/
hetzner-ansible
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
prodnso
main
qa
feature/DEV-655
feature/SC-124
feature/SC-55
feature/DEV-470_2nd
feature/DEV-380_2nd
feature/DEV-380
master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'fb45c9b8cd'
${ noResults }
hetzner-ansible/roles/prometheus/tasks/main.yml

228 lines
6.2 KiB
YAML
Raw Blame History

---
### tags:
### update_config
### update_deployment
### update-digitalocean-metrics
### update-hetzner-metrics
### grafana-user-update
- name: "Create/Resize LVM for datadir"
include_role:
name: lvm_with_hetzner_volumes
vars:
lvm_with_hetzner_volumes__volprefix: prometheus_datadir
lvm_with_hetzner_volumes__volsize: "{{ prometheus_lvm_hcloudvol_size }}"
lvm_with_hetzner_volumes__volcount: "{{ prometheus_lvm_hcloudvol_count }}"
lvm_with_hetzner_volumes__mountpath: "{{ prometheus_lvm_hcloudvol_mountpath }}"
- name: "Setup DNS configuration for <{{ inventory_hostname }}>"
include_role:
name: hetzner-ansible-dns
vars:
record_data: "{{ stage_server_ip }}"
record_name: "{{ item }}"
loop:
- "{{ prometheus_id }}"
- "{{ grafana_id }}"
- "{{ alertmanager_id }}"
- name: "Check if {{ inventory_hostname }}/docker-compose.yml exists"
stat:
path: "{{ service_base_path }}/{{ inventory_hostname }}/docker-compose.yml"
register: check_docker_compose_file
tags:
- update_config
- update_deployment
- name: "Stop {{ inventory_hostname }}"
community.docker.docker_compose:
project_src: "{{ service_base_path }}/{{ inventory_hostname }}"
state: absent
when: check_docker_compose_file.stat.exists
tags:
- update_deployment
- name: "Deploy docker templates for {{ inventory_hostname }}"
include_role:
name: hetzner-ansible-sma-deploy
tasks_from: templates
vars:
current_config: "_docker"
current_base_path: "{{ service_base_path }}"
current_destination: "{{ inventory_hostname }}"
current_owner: "{{ docker_owner }}"
current_group: "{{ docker_group }}"
current_docker: "{{ prometheus_docker }}"
tags:
- update_deployment
- name: "Update {{ inventory_hostname }}"
community.docker.docker_compose:
project_src: "{{ service_base_path }}/{{ inventory_hostname }}"
state: present
pull: yes
tags:
- update_deployment
- name: "Updating prometheus configuration"
include_tasks: _update_config.yml
tags:
- update_config
- name: Create or update Grafana users
community.grafana.grafana_user:
url: "{{ http_s }}://{{ grafana_id }}.{{ domain }}"
url_username: "{{ grafana_admin_username }}"
url_password: "{{ grafana_admin_password }}"
name: "{{ item.name }}"
email: "{{ item.email }}"
login: "{{ item.login }}"
password: "{{ item.password }}"
is_admin: false
state: present
loop: "{{ grafana_users }}"
tags:
- grafana-user-update
- name: "Get all Dashboard uids from {{ http_s }}://{{ inventory_hostname }}-grafana.{{ domain }}"
uri:
url: "{{ http_s }}://{{ grafana_id }}.{{ domain }}/api/search"
url_username: "{{ grafana_admin_username }}"
url_password: "{{ grafana_admin_password }}"
force_basic_auth: yes
method: GET
status_code: 200
return_content: yes
register: grafana_dashboards
until: grafana_dashboards.status == 200
retries: 10
delay: 60
tags:
- grafana-user-update
- name: "Get all existing Dashboard uids"
set_fact:
grafana_dashboards: "{{ grafana_dashboards.json | json_query('[].{uid: uid, type: type, title: title}') }}"
tags:
- grafana-user-update
- name: "Printing Grafana Dashboards"
debug:
msg: "{{ grafana_dashboards }}"
tags:
- grafana-user-update
when:
- debug
- name: Restrict admin dashboard permissions
uri:
url: "{{ http_s }}://{{ grafana_id }}.{{ domain }}/api/dashboards/uid/{{ item.uid }}/permissions"
url_username: "{{ grafana_admin_username }}"
url_password: "{{ grafana_admin_password }}"
force_basic_auth: yes
method: POST
headers:
Content-Type: application/json
body_format: json
body:
items:
- role: Admin
permission: 4
return_content: yes
loop: "{{ grafana_dashboards }}"
when:
- item.type == 'dash-db'
- item.uid not in grafana_dashboard_whitelist
tags:
- grafana-user-update
- name: Allow viewer dashboard permissions
uri:
url: "{{ http_s }}://{{ grafana_id }}.{{ domain }}/api/dashboards/uid/{{ item.uid }}/permissions"
url_username: "{{ grafana_admin_username }}"
url_password: "{{ grafana_admin_password }}"
force_basic_auth: yes
method: POST
headers:
Content-Type: application/json
body_format: json
body:
items:
- role: Viewer
permission: 1
return_content: yes
loop: "{{ grafana_dashboards }}"
when:
- item.type == 'dash-db'
- item.uid in grafana_dashboard_whitelist
tags:
- grafana-user-update
- name: "Create digitalocean api metric script from template"
template:
src: digitalocean_api.sh.j2
dest: /root/digitalocean_api.sh
mode: 0700
owner: root
group: root
tags:
- update-digitalocean-metrics
- name: "Create cronjob to exec digitalocean api metric script"
ansible.builtin.cron:
name: "update replication table"
minute: "*"
job: /root/digitalocean_api.sh
tags:
- update-digitalocean-metrics
- name: "Create cronjob to exec digitalocean api metric script"
ansible.builtin.cron:
name: "update digitalocean metrics"
minute: "*"
job: /root/digitalocean_api.sh
tags:
- update-digitalocean-metrics
- name: "Create hetzner api metric script from template"
template:
src: hetzner_api.py.j2
dest: /root/hetzner_api.py
mode: 0700
owner: root
group: root
tags:
- update-hetzner-metrics
- name: "Create cronjob to exec hetzner api metric script"
ansible.builtin.cron:
name: "update hetzner metrics"
minute: "*"
job: /root/hetzner_api.py
tags:
- update-hetzner-metrics
# remove after 31.12.2022
- name: "Remove old cronjob to exec digitalocean api metric script"
ansible.builtin.cron:
name: "update replication table"
state: "absent"
tags:
- update-digitalocean-metrics
# remove after 31.12.2022
- name: "Remove old digitalocean api metric script"
ansible.builtin.file:
path: /root/do_too_many_req_metrics.sh
state: absent
tags:
- update-digitalocean-metrics
# remove after 31.12.2022
- name: "Remove old hetzner api metric script"
ansible.builtin.file:
path: /root/hetzner_unattached_volumes.py
state: absent
tags:
- update-hetzner-metrics
Reference in New Issue View Git Blame Copy Permalink