add blackbox_exporter role

roles/blackbox_exporter/defaults/main.yaml

@@ -0,0 +1,39 @@
+blackbox_exporter_go_arch_map:
+  i386: '386'
+  x86_64: 'amd64'
+
+blackbox_exporter_go_arch: "{{ blackbox_exporter_go_arch_map[ansible_architecture] | default('amd64') }}"
+
+blackbox_exporter_service_name: blackbox_exporter.service
+blackbox_exporter_service_enabled: true
+blackbox_exporter_service_state: started
+
+blackbox_exporter_version_regex: ^blackbox_exporter, version ([\d.]+)
+
+blackbox_exporter_release_file: "blackbox_exporter-{{ blackbox_exporter_version }}.{{ ansible_system | lower }}-{{ blackbox_exporter_go_arch }}.tar.gz"
+blackbox_exporter_release_url: "https://github.com/prometheus/blackbox_exporter/releases/download/v{{ blackbox_exporter_version }}/{{ blackbox_exporter_release_file }}"
+blackbox_exporter_checksum_url: "https://github.com/prometheus/blackbox_exporter/releases/download/v{{ blackbox_exporter_version }}/sha256sums.txt"
+blackbox_exporter_download_path: "/tmp/{{ blackbox_exporter_release_file }}"
+blackbox_exporter_unarchive_dest_path: /tmp
+blackbox_exporter_extracted_path: "{{ blackbox_exporter_download_path | replace('.tar.gz', '') }}"
+
+blackbox_exporter_user: blackbox_exporter
+blackbox_exporter_user_state: present
+blackbox_exporter_user_shell: /usr/sbin/nologin
+
+blackbox_exporter_group: blackbox_exporter
+blackbox_exporter_group_state: "{{ blackbox_exporter_user_state | default('present') }}"
+
+blackbox_exporter_etc_path: /etc/blackbox_exporter
+blackbox_exporter_etc_owner: root
+blackbox_exporter_etc_group: root
+blackbox_exporter_etc_mode: "0755"
+
+blackbox_exporter_var_path: /var/lib/blackbox_exporter
+blackbox_exporter_var_owner: "{{ blackbox_exporter_user }}"
+blackbox_exporter_var_group: "{{ blackbox_exporter_group }}"
+blackbox_exporter_var_mode: "0755"
+
+blackbox_exporter_bin_path: /usr/local/bin
+
+blackbox_exporter_config: {}

roles/blackbox_exporter/handlers/main.yaml

@@ -0,0 +1,6 @@
+---
+- name: restart blackbox_exporter
+  systemd:
+    name: blackbox_exporter.service
+    daemon_reload: true
+    state: restarted

roles/blackbox_exporter/tasks/configure.yaml

@@ -0,0 +1,48 @@
+---
+- name: create group
+  group:
+    name: "{{ blackbox_exporter_group }}"
+    system: true
+    state: "{{ blackbox_exporter_group_state | default('present') }}"
+
+- name: create user
+  user:
+    name: "{{ blackbox_exporter_user }}"
+    system: true
+    shell: "{{ blackbox_exporter_user_shell }}"
+    group: "{{ blackbox_exporter_group }}"
+    createhome: false
+    home: "{{ blackbox_exporter_var_path }}"
+    state: "{{ blackbox_exporter_user_state | default('present') }}"
+
+- name: create etc path
+  file:
+    path: "{{ blackbox_exporter_etc_path }}"
+    state: directory
+    owner: "{{ blackbox_exporter_etc_owner }}"
+    group: "{{ blackbox_exporter_etc_group }}"
+    mode: "{{ blackbox_exporter_etc_mode }}"
+
+- name: configure
+  copy:
+    dest: "{{ blackbox_exporter_etc_path }}/config.yaml"
+    content: "{{ (blackbox_exporter_config | default({})) | to_nice_yaml }}"
+    owner: root
+    group: root
+    mode: 0444
+  notify: restart blackbox_exporter
+
+- name: configure systemd template
+  template:
+    src: blackbox_exporter.service.j2
+    dest: /etc/systemd/system/blackbox_exporter.service
+    owner: root
+    group: root
+    mode: 0444
+  notify: restart blackbox_exporter
+
+- name: manage service
+  service:
+    name: "{{ blackbox_exporter_service_name }}"
+    enabled: "{{ blackbox_exporter_service_enabled }}"
+    state: "{{ blackbox_exporter_service_state }}"

roles/blackbox_exporter/tasks/install.yaml

@@ -0,0 +1,31 @@
+---
+- block:
+  - name: download tar
+    get_url:
+      url: "{{ blackbox_exporter_release_url }}"
+      dest: "{{ blackbox_exporter_download_path }}"
+      checksum: "{{ blackbox_exporter_checksum }}"
+    register: dl
+    until: dl is success
+    retries: 5
+    delay: 10
+
+  - name: extract tar
+    unarchive:
+      src: "{{ blackbox_exporter_download_path }}"
+      dest: "{{ blackbox_exporter_unarchive_dest_path }}"
+      creates: "{{ blackbox_exporter_extracted_path }}/blackbox_exporter"
+      remote_src: true
+
+  - name: install binaries
+    copy:
+      src: "{{ blackbox_exporter_extracted_path }}/{{ item }}"
+      dest: "{{ blackbox_exporter_bin_path }}/{{ item }}"
+      owner: root
+      group: root
+      mode: 0755
+      remote_src: true
+    loop:
+      - blackbox_exporter
+    notify: restart blackbox_exporter
+  when: blackbox_exporter_version != blackbox_exporter_local_version

roles/blackbox_exporter/tasks/main.yaml

@@ -0,0 +1,30 @@
+---
+- name: gather os specific variables
+  include_vars: "{{ lookup('first_found', possible_files) }}"
+  vars:
+    possible_files:
+      files:
+        - "{{ ansible_distribution }}-{{ ansible_distribution_version }}.yaml"
+        - "{{ ansible_distribution }}.yaml"
+        - "{{ ansible_os_family }}.yaml"
+        - "default.yaml"
+      paths:
+        - vars
+
+- name: include os specific tasks
+  include_tasks: "{{ lookup('first_found', possible_files) }}"
+  vars:
+    possible_files:
+      files:
+        - "{{ ansible_distribution }}-{{ ansible_distribution_version }}.yaml"
+        - "{{ ansible_distribution }}.yaml"
+        - "{{ ansible_os_family }}.yaml"
+        - "default.yaml"
+      paths:
+        - tasks
+
+- include: pre.yaml
+
+- include: install.yaml
+
+- include: configure.yaml

roles/blackbox_exporter/tasks/pre.yaml

@@ -0,0 +1,50 @@
+---
+- name: determine if installed
+  stat:
+    path: "{{ blackbox_exporter_bin_path }}/blackbox_exporter"
+  register: st
+
+- name: set blackbox_exporter_installed
+  set_fact:
+    blackbox_exporter_installed: "{{ st.stat.exists | bool }}"
+
+- block:
+  - name: determine latest version
+    uri:
+      url: https://api.github.com/repos/prometheus/blackbox_exporter/releases/latest
+      return_content: true
+      body_format: json
+    register: _latest_version
+    until: _latest_version.status == 200
+    retries: 3
+
+  - name: set blackbox_exporter_version
+    set_fact:
+      blackbox_exporter_version: "{{ _latest_version.json['tag_name'] | regex_replace('^v', '') }}"
+
+- block:
+  - name: determine installed version
+    command: "{{ blackbox_exporter_bin_path }}/blackbox_exporter --version"
+    register: _installed_version_string
+    changed_when: false
+
+  - name: set blackbox_exporter_local_version
+    set_fact:
+      blackbox_exporter_local_version: "{{ _installed_version_string.stdout | regex_search(blackbox_exporter_version_regex, '\\1') | first }}"
+  when: blackbox_exporter_installed
+
+- name: set blackbox_exporter_local_version to 0
+  set_fact:
+    blackbox_exporter_local_version: "0"
+  when: not blackbox_exporter_installed
+
+- block:
+  - name: get checksums
+    set_fact:
+      _checksums: "{{ lookup('url', blackbox_exporter_checksum_url, wantlist=True) }}"
+
+  - name: set blackbox_exporter_checksum
+    set_fact:
+      blackbox_exporter_checksum: "sha256:{{ item.split(' ') | first }}"
+    loop: "{{ _checksums }}"
+    when: "blackbox_exporter_release_file in item"

roles/blackbox_exporter/templates/blackbox_exporter.service.j2

@@ -0,0 +1,11 @@
+[Unit]
+Description=Blackbox Exporter
+
+[Service]
+User=blackbox_exporter
+ExecStart={{ blackbox_exporter_bin_path }}/blackbox_exporter \
+  --config.file={{ blackbox_exporter_etc_path }}/config.yaml
+AmbientCapabilities=CAP_NET_RAW
+
+[Install]
+WantedBy=multi-user.target