create molecule scenario for monitoring role
parent
0f32a76e38
commit
2ace573ac9
|
@ -1,41 +0,0 @@
|
||||||
alertmanager_smtp:
|
|
||||||
from: ahoy@pirateparty.be
|
|
||||||
smarthost: mail.infomaniak.ch:587
|
|
||||||
auth_username: ahoy@pirateparty.be
|
|
||||||
auth_password: !vault |
|
|
||||||
$ANSIBLE_VAULT;1.1;AES256
|
|
||||||
61643536623562333434653364623535633331653539356132653863313965313030333163313637
|
|
||||||
6161333463653839383265323937376630336134633531650a313132326536346530353764656465
|
|
||||||
63323737643034353532333363303363616261363335333365663133626537653961323133626433
|
|
||||||
6566656236383864610a323262393562663836343162326131336630363939356333313934326436
|
|
||||||
6261
|
|
||||||
|
|
||||||
alertmanager_route:
|
|
||||||
receiver: 'default-receiver'
|
|
||||||
group_wait: 30s
|
|
||||||
group_interval: 5m
|
|
||||||
repeat_interval: 3h
|
|
||||||
|
|
||||||
alertmanager_receivers:
|
|
||||||
- name: default-receiver
|
|
||||||
email_configs:
|
|
||||||
- to: hadrien@pirateparty.be
|
|
||||||
|
|
||||||
alertmanager_password: !vault |
|
|
||||||
$ANSIBLE_VAULT;1.1;AES256
|
|
||||||
63313035633034643636326230383162666666626539623934303631366236656432616238356362
|
|
||||||
6665626364643666343737623532616133303539356133300a396530643865323334313564363762
|
|
||||||
31646562306232356437636537383732626664663166656331303630303537383064663565323235
|
|
||||||
3962313936613039320a656337356131363636643366393233613462313361323639373363643134
|
|
||||||
32383436313035323032656266376664383166633631663438316165313930373937636436633962
|
|
||||||
6131336262343531643264346362343433373165386266323439
|
|
||||||
prometheus_password: "{{ alertmanager_password }}"
|
|
||||||
grafana_admin_user: ppbe
|
|
||||||
grafana_admin_password: !vault |
|
|
||||||
$ANSIBLE_VAULT;1.1;AES256
|
|
||||||
39626461326636633230343536613564643537376464336537353661636638303238303966383030
|
|
||||||
3133663938623334396435333761306265373064353462610a356531326130396566386638653533
|
|
||||||
36323833663030663466356538353237376137313135656534383439613935623234373065376530
|
|
||||||
3864366438626135300a333664313339343964306538343366306639393631666366323537313734
|
|
||||||
36613731626439646537653565646436323839383930363131653431306431396638613665616464
|
|
||||||
3435313137313964636139366439336365663564326639303234
|
|
|
@ -0,0 +1,25 @@
|
||||||
|
alertmanager_version: latest
|
||||||
|
alertmanager_smtp:
|
||||||
|
from: ahoy@pirateparty.be
|
||||||
|
smarthost: mail.infomaniak.ch:587
|
||||||
|
auth_username: ahoy@pirateparty.be
|
||||||
|
auth_password: "{{ alertmanager_smtp_password }}"
|
||||||
|
|
||||||
|
|
||||||
|
alertmanager_route:
|
||||||
|
receiver: 'default-receiver'
|
||||||
|
group_wait: 30s
|
||||||
|
group_interval: 5m
|
||||||
|
repeat_interval: 3h
|
||||||
|
|
||||||
|
alertmanager_receivers:
|
||||||
|
- name: default-receiver
|
||||||
|
email_configs:
|
||||||
|
- to: hadrien@pirateparty.be
|
||||||
|
|
||||||
|
alertmanager_password: "{{ vault_alertmanager_password }}"
|
||||||
|
|
||||||
|
prometheus_version: latest
|
||||||
|
prometheus_password: "{{ vault_prometheus_password }}"
|
||||||
|
grafana_admin_user: ppbe
|
||||||
|
grafana_admin_password: "{{ vault_grafana_admin_password }}"
|
|
@ -0,0 +1,18 @@
|
||||||
|
$ANSIBLE_VAULT;1.1;AES256
|
||||||
|
64386162616536616639393038343039393964633039346536373438366131633933303264323262
|
||||||
|
3137373938333666373862323336343730633834333039630a356633303566303537653265343938
|
||||||
|
63333630666164636636316265326137633262353136663037666237356264396362363739386362
|
||||||
|
6266373931663864640a633139613865613231333736636332313835623961316464366136303462
|
||||||
|
32623836623638376537373564306236613962383135633232653731663832343136306236386237
|
||||||
|
64653134356430623437643161336632653639323561303566363565656566323038363230333566
|
||||||
|
63643631323935323433346435363866373032613562303135656361653532303266663133336139
|
||||||
|
61323966323337333235366637386232653662313331653735623932343265643937343034313932
|
||||||
|
35656537373030313461646136346665323433626237323565393965613063356436356430643532
|
||||||
|
32353761343864643865323366623064353332353666663162646437363331366331336461633735
|
||||||
|
31363630383234623662616531386438343230613962666237613337666232333966613163666639
|
||||||
|
63336434613861623839666430333635646535623338653366363735623765626132336333653363
|
||||||
|
35636539303738353635383063663133666539376365393338316362393664663433616461336263
|
||||||
|
64396562623763633537346166343933333964376532643338333135363765336464366365356262
|
||||||
|
31396530663135343339383936373465323763633162626431353364633833343835333931376131
|
||||||
|
34626536633566346639383166376633346532663839646135623438316632646437646536613933
|
||||||
|
3033
|
|
@ -1,3 +1,6 @@
|
||||||
|
murmur_port: 64730
|
||||||
|
murmur_superuser_password: "{{ vault_murmur_superuser_password }}"
|
||||||
|
|
||||||
umurmur_version: 0.2.17
|
umurmur_version: 0.2.17
|
||||||
umurmur_domain: mumble.parley.be
|
umurmur_domain: mumble.parley.be
|
||||||
|
|
||||||
|
@ -5,7 +8,7 @@ umurmur_welcome_text:
|
||||||
- Welcome to Parley Talk!
|
- Welcome to Parley Talk!
|
||||||
- You can talk to the people in the room you joined.
|
- You can talk to the people in the room you joined.
|
||||||
- You start in the Welcome room, to join another channel double click on the room name.
|
- You start in the Welcome room, to join another channel double click on the room name.
|
||||||
umurmur_admin_password: wC7yZ4vV2ocb7AkBfQ2RwuhRqYVyiwY42Rjpw3pfJ
|
umurmur_admin_password: "{{ vault_umurmur_admin_password }}"
|
||||||
umurmur_max_users: 100
|
umurmur_max_users: 100
|
||||||
|
|
||||||
umurmur_channels:
|
umurmur_channels:
|
|
@ -0,0 +1,13 @@
|
||||||
|
$ANSIBLE_VAULT;1.1;AES256
|
||||||
|
39653565313333643836363062656363333232313166303331656135633830323633366236313438
|
||||||
|
6663616535626237326566636331356564373936356465310a323638646333623731366530316630
|
||||||
|
30653662666239336465366466663162303466613139636138316538643862383962393734323665
|
||||||
|
6135633264336530650a653234353636643630643566323638386138633035396232666136333531
|
||||||
|
66353062333661393462353535383964333262336235643237383632633135346165326635633730
|
||||||
|
65356161363266393834353964626164356364353061646638366232643132373965646466373734
|
||||||
|
34346238313666363466633934333737313761643965313130313465623038393638343564393064
|
||||||
|
31373132643762373161396236646366326666306536643566383638623133666333663430356431
|
||||||
|
65356166326339373666643365623837326461316437616361346531383533646435323331363131
|
||||||
|
30373838306631393066323766316638303233303231616266323562653332306631393334353361
|
||||||
|
30353130333164643333663262356437386564356432343533336163383735343830656132396332
|
||||||
|
61313334396638636333
|
|
@ -2,5 +2,4 @@
|
||||||
become: yes
|
become: yes
|
||||||
|
|
||||||
roles:
|
roles:
|
||||||
- common
|
|
||||||
- monitoring
|
- monitoring
|
|
@ -17,10 +17,6 @@
|
||||||
- name: update postfix secrets
|
- name: update postfix secrets
|
||||||
command: postmap {{ postfix_sasl_secrets_path }}
|
command: postmap {{ postfix_sasl_secrets_path }}
|
||||||
|
|
||||||
- name: reload nginx
|
|
||||||
include_tasks: ../handlers/nginx.yml
|
|
||||||
when: nginx_started is not changed
|
|
||||||
|
|
||||||
- name: reload autofs
|
- name: reload autofs
|
||||||
service:
|
service:
|
||||||
name: autofs
|
name: autofs
|
||||||
|
|
|
@ -0,0 +1,2 @@
|
||||||
|
dependencies:
|
||||||
|
- shared-handlers
|
|
@ -1,6 +1,7 @@
|
||||||
---
|
---
|
||||||
# defaults file for roles/prometheus
|
# defaults file for roles/prometheus
|
||||||
grafana_admin_user: admin
|
grafana_admin_user: admin
|
||||||
|
grafana_admin_password: password
|
||||||
grafana_domain: "{{ inventory_hostname }}"
|
grafana_domain: "{{ inventory_hostname }}"
|
||||||
grafana_web_path: /grafana
|
grafana_web_path: /grafana
|
||||||
grafana_protocol: http
|
grafana_protocol: http
|
||||||
|
@ -9,9 +10,11 @@ grafana_port: 3000
|
||||||
prometheus_domain: "{{ inventory_hostname }}"
|
prometheus_domain: "{{ inventory_hostname }}"
|
||||||
prometheus_web_path: /prometheus
|
prometheus_web_path: /prometheus
|
||||||
prometheus_port: 9090
|
prometheus_port: 9090
|
||||||
|
prometheus_password: password
|
||||||
|
|
||||||
nginx_default_path: "{{ grafana_web_path }}"
|
nginx_default_path: "{{ grafana_web_path }}"
|
||||||
|
|
||||||
alertmanager_domain: "{{ inventory_hostname }}"
|
alertmanager_domain: "{{ inventory_hostname }}"
|
||||||
alertmanager_web_path: /alertmanager
|
alertmanager_web_path: /alertmanager
|
||||||
alertmanager_port: 9093
|
alertmanager_port: 9093
|
||||||
|
alertmanager_password: password
|
|
@ -0,0 +1,2 @@
|
||||||
|
dependencies:
|
||||||
|
- shared-handlers
|
|
@ -0,0 +1,23 @@
|
||||||
|
*********************************
|
||||||
|
Vagrant driver installation guide
|
||||||
|
*********************************
|
||||||
|
|
||||||
|
Requirements
|
||||||
|
============
|
||||||
|
|
||||||
|
* Vagrant
|
||||||
|
* Virtualbox, Parallels, VMware Fusion, VMware Workstation or VMware Desktop
|
||||||
|
|
||||||
|
Install
|
||||||
|
=======
|
||||||
|
|
||||||
|
Please refer to the `Virtual environment`_ documentation for installation best
|
||||||
|
practices. If not using a virtual environment, please consider passing the
|
||||||
|
widely recommended `'--user' flag`_ when invoking ``pip``.
|
||||||
|
|
||||||
|
.. _Virtual environment: https://virtualenv.pypa.io/en/latest/
|
||||||
|
.. _'--user' flag: https://packaging.python.org/tutorials/installing-packages/#installing-to-the-user-site
|
||||||
|
|
||||||
|
.. code-block:: bash
|
||||||
|
|
||||||
|
$ pip install 'molecule_vagrant'
|
|
@ -0,0 +1,13 @@
|
||||||
|
---
|
||||||
|
- name: Converge
|
||||||
|
hosts: all
|
||||||
|
become: yes
|
||||||
|
|
||||||
|
pre_tasks:
|
||||||
|
- name: Install and configure node-exporter
|
||||||
|
import_role:
|
||||||
|
name: common
|
||||||
|
tasks_from: node_exporter.yml
|
||||||
|
|
||||||
|
roles:
|
||||||
|
- monitoring
|
|
@ -0,0 +1,50 @@
|
||||||
|
---
|
||||||
|
.hardware: &hardware
|
||||||
|
memory: 1024
|
||||||
|
cpu: 2
|
||||||
|
|
||||||
|
dependency:
|
||||||
|
name: galaxy
|
||||||
|
driver:
|
||||||
|
name: vagrant
|
||||||
|
provider:
|
||||||
|
name: virtualbox
|
||||||
|
platforms:
|
||||||
|
- name: debian-buster.mol
|
||||||
|
box: debian/buster64
|
||||||
|
<<: *hardware
|
||||||
|
interfaces:
|
||||||
|
- network_name: private_network
|
||||||
|
type: dhcp
|
||||||
|
auto_config: true
|
||||||
|
- network_name: forwarded_port
|
||||||
|
guest: 80
|
||||||
|
host: 18080
|
||||||
|
- network_name: forwarded_port
|
||||||
|
guest: 443
|
||||||
|
host: 18443
|
||||||
|
options:
|
||||||
|
append_platform_to_hostname: no
|
||||||
|
- name: ubuntu-focal.mol
|
||||||
|
box: ubuntu/focal64
|
||||||
|
<<: *hardware
|
||||||
|
interfaces:
|
||||||
|
- network_name: private_network
|
||||||
|
type: dhcp
|
||||||
|
auto_config: true
|
||||||
|
- network_name: forwarded_port
|
||||||
|
guest: 80
|
||||||
|
host: 28080
|
||||||
|
- network_name: forwarded_port
|
||||||
|
guest: 443
|
||||||
|
host: 28443
|
||||||
|
options:
|
||||||
|
append_platform_to_hostname: no
|
||||||
|
provisioner:
|
||||||
|
name: ansible
|
||||||
|
config_options:
|
||||||
|
defaults:
|
||||||
|
interpreter_python: /usr/bin/python3
|
||||||
|
vault_password_file: "${MOLECULE_PROJECT_DIRECTORY}/../../.vault.secret"
|
||||||
|
verifier:
|
||||||
|
name: ansible
|
|
@ -0,0 +1,19 @@
|
||||||
|
- hosts: all
|
||||||
|
become: yes
|
||||||
|
|
||||||
|
pre_tasks:
|
||||||
|
- name: Update apt cache
|
||||||
|
apt:
|
||||||
|
update_cache: yes
|
||||||
|
cache_valid_time: 3600
|
||||||
|
|
||||||
|
tasks:
|
||||||
|
- name: Install and configure UFW
|
||||||
|
import_role:
|
||||||
|
name: common
|
||||||
|
tasks_from: ufw.yml
|
||||||
|
|
||||||
|
- name: Install and configure Nginx
|
||||||
|
import_role:
|
||||||
|
name: common
|
||||||
|
tasks_from: nginx.yml
|
|
@ -1,36 +1,39 @@
|
||||||
- name: add grafana GPG apt key
|
- name: Install GPG package
|
||||||
|
package:
|
||||||
|
name: gpg
|
||||||
|
state: present
|
||||||
|
|
||||||
|
- name: Add Grafana GPG apt key
|
||||||
apt_key:
|
apt_key:
|
||||||
url: https://packages.grafana.com/gpg.key
|
url: https://packages.grafana.com/gpg.key
|
||||||
state: present
|
state: present
|
||||||
|
|
||||||
- block:
|
- name: Add Grafana repository
|
||||||
- name: add grafana repository
|
|
||||||
apt_repository:
|
apt_repository:
|
||||||
repo: deb https://packages.grafana.com/oss/deb stable main
|
repo: deb https://packages.grafana.com/oss/deb stable main
|
||||||
state: present
|
state: present
|
||||||
register: grafana_repo
|
register: grafana_repo
|
||||||
notify: restart grafana
|
notify: restart grafana
|
||||||
|
|
||||||
- name: update apt cache
|
- name: Update apt cache
|
||||||
apt:
|
apt:
|
||||||
update_cache: yes
|
update_cache: yes
|
||||||
cache_valid_time: 3600
|
cache_valid_time: 3600
|
||||||
when: grafana_repo is changed
|
when: grafana_repo is changed
|
||||||
|
|
||||||
- name: install grafana package
|
- name: Install grafana package
|
||||||
apt:
|
package:
|
||||||
pkg: grafana
|
name: grafana
|
||||||
state: present
|
state: present
|
||||||
notify: restart grafana
|
notify: restart grafana
|
||||||
|
|
||||||
- name: copy grafana config
|
- name: Copy Grafana config
|
||||||
template:
|
template:
|
||||||
src: grafana.ini.j2
|
src: grafana.ini.j2
|
||||||
dest: /etc/grafana/grafana.ini
|
dest: /etc/grafana/grafana.ini
|
||||||
become: yes
|
|
||||||
notify: restart grafana
|
notify: restart grafana
|
||||||
|
|
||||||
- name: enable grafana service
|
- name: Start and enable Grafana service
|
||||||
systemd:
|
systemd:
|
||||||
name: grafana-server
|
name: grafana-server
|
||||||
state: started
|
state: started
|
||||||
|
@ -53,12 +56,13 @@
|
||||||
includes:
|
includes:
|
||||||
- "{{ nginx_config_dir }}/{{ inventory_hostname }}.d/*.conf"
|
- "{{ nginx_config_dir }}/{{ inventory_hostname }}.d/*.conf"
|
||||||
|
|
||||||
- name: ensure nginx config directory exists
|
- name: Ensure Nginx config directory exists
|
||||||
file:
|
file:
|
||||||
path: "{{ nginx_config_dir }}/{{ inventory_hostname }}.d"
|
path: "{{ nginx_config_dir }}/{{ inventory_hostname }}.d"
|
||||||
state: directory
|
state: directory
|
||||||
|
|
||||||
- include_role:
|
- name: Configure Nginx for Grafana
|
||||||
|
include_role:
|
||||||
name: nginx
|
name: nginx
|
||||||
tasks_from: configure
|
tasks_from: configure
|
||||||
vars:
|
vars:
|
||||||
|
|
|
@ -1,6 +1,5 @@
|
||||||
---
|
---
|
||||||
- import_tasks: grafana.yml
|
- import_tasks: grafana.yml
|
||||||
become: yes
|
|
||||||
tags: grafana
|
tags: grafana
|
||||||
- import_tasks: alertmanager.yml
|
- import_tasks: alertmanager.yml
|
||||||
tags: alertmanager
|
tags: alertmanager
|
||||||
|
|
|
@ -0,0 +1,17 @@
|
||||||
|
|
||||||
|
alertmanager_receivers:
|
||||||
|
- name: default-receiver
|
||||||
|
email_configs:
|
||||||
|
- to: ahoy@example.com
|
||||||
|
|
||||||
|
alertmanager_route:
|
||||||
|
receiver: 'default-receiver'
|
||||||
|
group_wait: 30s
|
||||||
|
group_interval: 5m
|
||||||
|
repeat_interval: 3h
|
||||||
|
|
||||||
|
alertmanager_smtp:
|
||||||
|
from: ahoy@example.com
|
||||||
|
smarthost: mail.example.com:587
|
||||||
|
auth_username: ahoy@example.com
|
||||||
|
auth_password: password
|
|
@ -1,5 +1,6 @@
|
||||||
---
|
---
|
||||||
# defaults file for roles/nginx
|
# defaults file for roles/nginx
|
||||||
nginx_user: www-data
|
nginx_owner: www-data
|
||||||
nginx_htpasswd_user: admin
|
nginx_group: "{{ nginx_owner }}"
|
||||||
nginx_template_file: nginx.conf.j2
|
nginx_template_file: nginx.conf.j2
|
||||||
|
nginx_config_dir: /etc/nginx/conf.d
|
|
@ -5,15 +5,14 @@
|
||||||
password: "{{ location.basic_auth.password }}"
|
password: "{{ location.basic_auth.password }}"
|
||||||
state: present
|
state: present
|
||||||
create: yes
|
create: yes
|
||||||
owner: "{{ nginx_user }}"
|
owner: "{{ nginx_owner }}"
|
||||||
group: "{{ nginx_user }}"
|
group: "{{ nginx_group }}"
|
||||||
mode: 0600
|
mode: 0600
|
||||||
loop: "{{ nginx_server.locations }}"
|
loop: "{{ nginx_server.locations }}"
|
||||||
loop_control:
|
loop_control:
|
||||||
loop_var: location
|
loop_var: location
|
||||||
label: "{{ location.path }}"
|
label: "{{ location.path }}"
|
||||||
when: "location.basic_auth is defined"
|
when: "location.basic_auth is defined"
|
||||||
|
|
||||||
notify:
|
notify:
|
||||||
- reload nginx
|
- reload nginx
|
||||||
|
|
||||||
|
@ -21,8 +20,8 @@
|
||||||
template:
|
template:
|
||||||
src: "{{ nginx_template_file }}"
|
src: "{{ nginx_template_file }}"
|
||||||
dest: "{{ nginx_config_dir }}/{{ nginx_config_file }}"
|
dest: "{{ nginx_config_dir }}/{{ nginx_config_file }}"
|
||||||
owner: "{{ nginx_user }}"
|
owner: "{{ nginx_owner }}"
|
||||||
group: "{{ nginx_user }}"
|
group: "{{ nginx_group }}"
|
||||||
mode: 0644
|
mode: 0644
|
||||||
notify:
|
notify:
|
||||||
- reload nginx
|
- reload nginx
|
||||||
|
|
|
@ -0,0 +1,2 @@
|
||||||
|
- name: reload nginx
|
||||||
|
include_tasks: ../handlers/nginx.yml
|
Loading…
Reference in New Issue