-
-
Notifications
You must be signed in to change notification settings - Fork 6
/
Copy pathmanagement.yml
158 lines (136 loc) · 4.01 KB
/
management.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
- name: Management
hosts: management
tasks:
- name: Include package versions
include_vars:
file: packages.yml
name: packages
- name: Install wireguard
become: true
apt:
update_cache: true
pkg: wireguard
- name: Check if private key exists
become: true
stat:
path: /opt/dns/wg-private
register: wg_private_stat
- name: Generate keypair
become: true
shell: umask 077 && mkdir /opt/dns && wg genkey | tee /opt/dns/wg-private | wg pubkey > /opt/dns/wg-public
when: not wg_private_stat.stat.exists
- name: Read private key
become: true
command: "cat /opt/dns/wg-private"
register: wg_private
changed_when: false
- name: Create wireguard config
become: true
template:
src: wg-dns.conf
dest: /etc/wireguard/wg-dns.conf
register: wg_config
- name: Enable wg-quick@wg-dns
become: true
systemd:
name: wg-quick@wg-dns
enabled: true
state: started
- name: Restart wg-quick@wg-dns
become: true
systemd:
name: wg-quick@wg-dns
state: restarted
when: wg_config.changed
- name: Add prometheus group
become: true
group:
name: prometheus
state: present
- name: Add prometheus user
become: true
user:
name: prometheus
group: prometheus
shell: /sbin/nologin
create_home: false
- name: Check if prometheus exists
stat:
path: /usr/local/bin/prometheus
register: prometheus
- name: Download prometheus
become: true
unarchive:
src: "https://github.com/prometheus/prometheus/releases/download/v{{ packages.additional.management_prometheus }}/prometheus-{{ packages.additional.management_prometheus }}.linux-amd64.tar.gz"
dest: /tmp/
remote_src: true
when: not prometheus.stat.exists
- name: Make prometheus directories
become: true
file:
path: "{{ item }}"
state: directory
owner: prometheus
group: prometheus
loop:
- /etc/prometheus/
- /var/lib/prometheus/
- name: Move prometheus
become: true
shell: |
mv /tmp/prometheus-{{ packages.additional.management_prometheus }}.linux-amd64/prometheus /usr/local/bin/prometheus
mv /tmp/prometheus-{{ packages.additional.management_prometheus }}.linux-amd64/consoles /etc/prometheus/
mv /tmp/prometheus-{{ packages.additional.management_prometheus }}.linux-amd64/console_libraries /etc/prometheus/
chown -R prometheus:prometheus /etc/prometheus/*
when: not prometheus.stat.exists
- name: Copy hosts file
become: true
template:
src: hosts
dest: /etc/hosts
- name: Copy prometheus config
become: true
template:
src: prometheus.yml
dest: /etc/prometheus/prometheus.yml
register: prometheus_config
- name: Copy prometheus service
become: true
template:
src: prometheus.service
dest: /lib/systemd/system/prometheus.service
register: prometheus_service
- name: Start prometheus
become: true
systemd:
name: prometheus
enabled: true
state: started
- name: Restart prometheus
become: true
systemd:
service: prometheus
daemon_reload: true
state: restarted
when: prometheus_service.changed or prometheus_config.changed
- name: Add grafana key
become: true
apt_key:
url: https://packages.grafana.com/gpg.key
state: present
- name: Add grafana repo
become: true
apt_repository:
repo: deb https://packages.grafana.com/oss/deb stable main
state: present
- name: Install grafana
become: true
apt:
name: grafana
update_cache: true
- name: Start grafana
become: true
systemd:
name: grafana-server
state: started
enabled: true