From b02da06c973aa449ec522ed6808dcc8d9dfad990 Mon Sep 17 00:00:00 2001
From: Ryan Cavicchioni <ryan@cavi.cc>
Date: Sun, 14 Apr 2024 17:13:06 -0500
Subject: [PATCH] Add roles for lego, logcli, mimir, process_exporter,
 smokeping_prober, and vector

---
 roles/lego/defaults/main.yaml                 | 130 ++++++++++++++++++
 roles/lego/handlers/main.yaml                 |   5 +
 roles/lego/tasks/configure.yaml               |  98 +++++++++++++
 roles/lego/tasks/default.yaml                 |   0
 roles/lego/tasks/install.yaml                 |  56 ++++++++
 roles/lego/tasks/main.yaml                    |  28 ++++
 roles/lego/templates/environ.conf.j2          |   8 ++
 roles/lego/templates/lego@.service.j2         |  31 +++++
 roles/lego/templates/lego@.timer.j2           |  11 ++
 roles/lego/vars/default.yaml                  |   0
 roles/logcli/defaults/main.yaml               |  57 ++++++++
 roles/logcli/tasks/configure.yaml             |  11 ++
 roles/logcli/tasks/default.yaml               |   0
 roles/logcli/tasks/install.yaml               |  56 ++++++++
 roles/logcli/tasks/main.yaml                  |  28 ++++
 roles/logcli/vars/default.yaml                |   0
 roles/mimir/defaults/main.yaml                |  68 +++++++++
 roles/mimir/files/grafana.gpg                 | Bin 0 -> 1758 bytes
 roles/mimir/handlers/main.yaml                |   6 +
 roles/mimir/tasks/Debian.yaml                 |  14 ++
 roles/mimir/tasks/configure.yaml              |  48 +++++++
 roles/mimir/tasks/default.yaml                |   0
 roles/mimir/tasks/install.yaml                |   5 +
 roles/mimir/tasks/main.yaml                   |  28 ++++
 roles/mimir/templates/config.yml.j2           |  51 +++++++
 roles/mimir/vars/default.yaml                 |   0
 roles/process_exporter/defaults/main.yaml     |  43 ++++++
 roles/process_exporter/handlers/main.yaml     |   6 +
 roles/process_exporter/tasks/configure.yaml   |  47 +++++++
 roles/process_exporter/tasks/default.yaml     |   0
 roles/process_exporter/tasks/install.yaml     |  30 ++++
 roles/process_exporter/tasks/main.yaml        |  30 ++++
 roles/process_exporter/tasks/pre.yaml         |  54 ++++++++
 .../templates/process-exporter.service.j2     |  17 +++
 roles/process_exporter/vars/default.yaml      |   0
 roles/smokeping_prober/defaults/main.yaml     | 100 ++++++++++++++
 roles/smokeping_prober/handlers/main.yaml     |   6 +
 roles/smokeping_prober/tasks/configure.yaml   |  55 ++++++++
 roles/smokeping_prober/tasks/default.yaml     |   0
 roles/smokeping_prober/tasks/install.yaml     |  56 ++++++++
 roles/smokeping_prober/tasks/main.yaml        |  28 ++++
 .../templates/smokeping_prober.service.j2     |  27 ++++
 roles/smokeping_prober/vars/default.yaml      |   0
 roles/vector/defaults/main.yaml               |  34 +++++
 roles/vector/handlers/main.yaml               |   6 +
 roles/vector/tasks/Debian.yaml                |  22 +++
 roles/vector/tasks/configure.yaml             |  84 +++++++++++
 roles/vector/tasks/default.yaml               |   0
 roles/vector/tasks/install.yaml               |   5 +
 roles/vector/tasks/main.yaml                  |  28 ++++
 roles/vector/vars/default.yaml                |   0
 51 files changed, 1417 insertions(+)
 create mode 100644 roles/lego/defaults/main.yaml
 create mode 100644 roles/lego/handlers/main.yaml
 create mode 100644 roles/lego/tasks/configure.yaml
 create mode 100644 roles/lego/tasks/default.yaml
 create mode 100644 roles/lego/tasks/install.yaml
 create mode 100644 roles/lego/tasks/main.yaml
 create mode 100644 roles/lego/templates/environ.conf.j2
 create mode 100644 roles/lego/templates/lego@.service.j2
 create mode 100644 roles/lego/templates/lego@.timer.j2
 create mode 100644 roles/lego/vars/default.yaml
 create mode 100644 roles/logcli/defaults/main.yaml
 create mode 100644 roles/logcli/tasks/configure.yaml
 create mode 100644 roles/logcli/tasks/default.yaml
 create mode 100644 roles/logcli/tasks/install.yaml
 create mode 100644 roles/logcli/tasks/main.yaml
 create mode 100644 roles/logcli/vars/default.yaml
 create mode 100644 roles/mimir/defaults/main.yaml
 create mode 100644 roles/mimir/files/grafana.gpg
 create mode 100644 roles/mimir/handlers/main.yaml
 create mode 100644 roles/mimir/tasks/Debian.yaml
 create mode 100644 roles/mimir/tasks/configure.yaml
 create mode 100644 roles/mimir/tasks/default.yaml
 create mode 100644 roles/mimir/tasks/install.yaml
 create mode 100644 roles/mimir/tasks/main.yaml
 create mode 100644 roles/mimir/templates/config.yml.j2
 create mode 100644 roles/mimir/vars/default.yaml
 create mode 100644 roles/process_exporter/defaults/main.yaml
 create mode 100644 roles/process_exporter/handlers/main.yaml
 create mode 100644 roles/process_exporter/tasks/configure.yaml
 create mode 100644 roles/process_exporter/tasks/default.yaml
 create mode 100644 roles/process_exporter/tasks/install.yaml
 create mode 100644 roles/process_exporter/tasks/main.yaml
 create mode 100644 roles/process_exporter/tasks/pre.yaml
 create mode 100644 roles/process_exporter/templates/process-exporter.service.j2
 create mode 100644 roles/process_exporter/vars/default.yaml
 create mode 100644 roles/smokeping_prober/defaults/main.yaml
 create mode 100644 roles/smokeping_prober/handlers/main.yaml
 create mode 100644 roles/smokeping_prober/tasks/configure.yaml
 create mode 100644 roles/smokeping_prober/tasks/default.yaml
 create mode 100644 roles/smokeping_prober/tasks/install.yaml
 create mode 100644 roles/smokeping_prober/tasks/main.yaml
 create mode 100644 roles/smokeping_prober/templates/smokeping_prober.service.j2
 create mode 100644 roles/smokeping_prober/vars/default.yaml
 create mode 100644 roles/vector/defaults/main.yaml
 create mode 100644 roles/vector/handlers/main.yaml
 create mode 100644 roles/vector/tasks/Debian.yaml
 create mode 100644 roles/vector/tasks/configure.yaml
 create mode 100644 roles/vector/tasks/default.yaml
 create mode 100644 roles/vector/tasks/install.yaml
 create mode 100644 roles/vector/tasks/main.yaml
 create mode 100644 roles/vector/vars/default.yaml

diff --git a/roles/lego/defaults/main.yaml b/roles/lego/defaults/main.yaml
new file mode 100644
index 0000000..c8cc153
--- /dev/null
+++ b/roles/lego/defaults/main.yaml
@@ -0,0 +1,130 @@
+---
+lego_go_arch_map:
+  i386: '386'
+  x86_64: 'amd64'
+
+lego_go_arch: "{{ lego_go_arch_map[ansible_architecture] | default('amd64') }}"
+
+lego_version: 4.16.1
+# curl -L -s https://github.com/go-acme/lego/releases/download/v4.14.2/lego_4.14.2_checksums.txt | awk '{ printf "%s: sha256:%s\n", $2, $1 }' | sort
+lego_checksums:
+  lego_v4.16.1_darwin_amd64.tar.gz: sha256:2555ae9c3976bb6d3d783819c7012572fecbd309330a5010dd1f9882332fa349
+  lego_v4.16.1_darwin_arm64.tar.gz: sha256:609789c72a9c8e7f4f5916aa08440a299f63c75fee14f42e61904cda01f0736f
+  lego_v4.16.1_freebsd_386.tar.gz: sha256:41408e99b9f1fb823e53d53feb15cd0cb929ad3cd093b9010c7af7ba71077e55
+  lego_v4.16.1_freebsd_amd64.tar.gz: sha256:9353c009c4801d7646b3c99803a77aa0f2a041f802c8794d16ba4b31af4a8dfb
+  lego_v4.16.1_freebsd_arm64.tar.gz: sha256:c39a98c8401a0fe506ac206ae5ef5e167d1dcd9e7f6bb27def954089c0f99839
+  lego_v4.16.1_freebsd_armv5.tar.gz: sha256:b96b88a84aa51e77da8d4b92f6920b1890ae47c53e59c477d7b3b556b1273446
+  lego_v4.16.1_freebsd_armv6.tar.gz: sha256:ea41ff383adcf98ff70a65e6da49c7c82d16071f3057e44e1c41b2fe34543f19
+  lego_v4.16.1_freebsd_armv7.tar.gz: sha256:6e883cb6c12a7bb703018e85623bf2c548eebfd01047bda75820264bb8ff85f2
+  lego_v4.16.1_linux_386.tar.gz: sha256:3eb2e75cc474b0a0b9a990ddd9c70e7c9631a150487d8434e03a295cfd4b0caa
+  lego_v4.16.1_linux_amd64.tar.gz: sha256:e9826f955337c1fd825d21b073168692711985e25db013ff6b00e9a55a9644b4
+  lego_v4.16.1_linux_arm64.tar.gz: sha256:0669037c2bcff11d0599765c63f186dfc98397b6a827f5cb2e48e9e69c12626c
+  lego_v4.16.1_linux_armv5.tar.gz: sha256:33ff82f3aff43825b0fca7f173825c6cc6b02d9e5607dec147ba172e62c883c9
+  lego_v4.16.1_linux_armv6.tar.gz: sha256:3532a986667fe4ba42366fe09a5487c273c168779f803d878b4cc990d29c5c94
+  lego_v4.16.1_linux_armv7.tar.gz: sha256:b9727c1282a320c22d9fbdbdb59e35810c8b7f94d1382bfa87d564429a89629e
+  lego_v4.16.1_linux_mips64_hardfloat.tar.gz: sha256:055914fab0e26432590fccb54e400e1c0b1ad8d9932f0d418ed9ee7857765eed
+  lego_v4.16.1_linux_mips64_softfloat.tar.gz: sha256:6d79cde9f3f7598276e9f82d2c0fe94b541b35112c0d03797cae4bd9de289d78
+  lego_v4.16.1_linux_mips64le_hardfloat.tar.gz: sha256:5a2421aed70c009d746eff8ffb8a1429dbfdda9c60d08790b53b88d7d4e0b270
+  lego_v4.16.1_linux_mips64le_softfloat.tar.gz: sha256:c1e8afedc29d18e7cb6da4d42c77d41b11041f58637e453be1ac70f65dfba0bc
+  lego_v4.16.1_linux_mips_hardfloat.tar.gz: sha256:07bcd8f03dda24e7db4ef0be065680a8db2d1ec7b217aea2c4ee7f6a6d731928
+  lego_v4.16.1_linux_mips_softfloat.tar.gz: sha256:0367bd328a9355b0191ae0f1b77a20e6a7f6c84a0a65d0a7e4a5f240e7737ed4
+  lego_v4.16.1_linux_mipsle_hardfloat.tar.gz: sha256:49c6117c24e351921e9fdfc0fa01dc7dd007001602b4743f2854b85dde7dd410
+  lego_v4.16.1_linux_mipsle_softfloat.tar.gz: sha256:e5771a43504deab162291c957c1cf549e287c15f645712c08e56f08e5ed97d4c
+  lego_v4.16.1_openbsd_386.tar.gz: sha256:7aaa14b081b8c2d18717c463b6ecea434c963366c82ad9824bcf61750b130c73
+  lego_v4.16.1_openbsd_amd64.tar.gz: sha256:4249afea73a1f8cdec964a0471e841103d6575f6d8549005ec2c06efa063d0fe
+  lego_v4.16.1_openbsd_arm64.tar.gz: sha256:4e94b6714bfed91c06e7365da1da36624126b323dc2c0fdabe7fd3fb155f7cb5
+  lego_v4.16.1_solaris_amd64.tar.gz: sha256:e9d33547a2671636bf02148677bd790996fb94688b0a055393675c645de150ec
+  lego_v4.16.1_windows_386.zip: sha256:980e5d8e6afb700f28c9b9ab539141c45fbd556e12c5b3deb114d7db056d7f0f
+  lego_v4.16.1_windows_amd64.zip: sha256:2716e8cc14facd60d804f849c1aeff6bb31bfa09719905d8f65ec801ead628ca
+  lego_v4.16.1_windows_arm64.zip: sha256:28179af7c79f01e8347dcaab65fba5b70abd36dcd0a2bcc2d6803cb177f2b72c
+  lego_v4.16.1_windows_armv5.zip: sha256:4017c2f1cbd8c838377e6816daccabc96d063b44749407c68e985af7f04fff6c
+  lego_v4.16.1_windows_armv6.zip: sha256:099992c58012440f693206ab0ea23dd1794f4093fd2ad62b744d6a08e3749efd
+  lego_v4.16.1_windows_armv7.zip: sha256:4b9557137c5d24996c3b44c223edf9495f0ea7df7f9a2d5da5f3dbc8f8ec8b50
+
+lego_github_rel_path: go-acme/lego
+lego_github_project_url: "https://github.com/{{ lego_github_rel_path }}"
+lego_release_file: "lego_v{{ lego_version }}_{{ ansible_system | lower }}_{{ lego_go_arch }}.tar.gz"
+lego_release_url: "{{ lego_github_project_url }}/releases/download/v{{ lego_version }}/{{ lego_release_file }}"
+lego_download_path: "/tmp/{{ lego_release_file }}"
+
+lego_opt_dir_path: "/opt/lego-{{ lego_version }}"
+
+lego_unarchive_dest_path: /tmp/
+lego_extracted_path: "/tmp"
+lego_binaries:
+ - lego
+
+lego_user_name: lego
+lego_user_shell: /usr/sbin/nologin
+lego_user_home: "{{ lego_var_dir_path }}"
+lego_group_name: lego
+
+lego_bin_dir_path: /usr/local/bin
+lego_bin_path: "{{ lego_bin_dir_path }}/lego"
+
+lego_etc_dir_path: /etc/lego
+lego_etc_dir_path_owner: "{{ lego_user_name }}"
+lego_etc_dir_path_group: "{{ lego_group_name }}"
+lego_etc_dir_path_mode: ugo=rx
+lego_etc_dir_path_state: directory
+
+lego_var_dir_path: /var/lib/lego
+lego_var_dir_path_owner: "{{ lego_user_name }}"
+lego_var_dir_path_group: "{{ lego_group_name }}"
+lego_var_dir_path_mode: u=rwx,go=rx
+lego_var_dir_path_state: directory
+
+lego_bin_args:
+  - --accept-tos
+  - --domains %i
+  - --domains www.%i
+
+lego_environ:
+  LEGO_PATH: "{{ lego_var_dir_path }}"
+
+lego_bin_user_args: []
+lego_user_environ: {}
+lego_credential_files: []
+
+lego_service_name: lego@.service
+lego_service_enabled: true
+lego_service_state: started
+
+lego_timer_name: lego@.timer
+lego_timer_enabled: true
+lego_timer_state: started
+
+lego_service_template_src: "{{ lego_service_name }}.j2"
+lego_service_template_dest: "/etc/systemd/system/{{ lego_service_name }}"
+lego_service_template_owner: root
+lego_service_template_group: root
+lego_service_template_mode: ugo=r
+
+lego_timer_template_src: "{{ lego_timer_name }}.j2"
+lego_timer_template_dest: "/etc/systemd/system/{{ lego_timer_name }}"
+lego_timer_template_owner: root
+lego_timer_template_group: root
+lego_timer_template_mode: ugo=r
+
+lego_systemd_service_d_dir_path: /etc/systemd/system/lego@.service.d
+lego_systemd_service_d_dir_path_owner: root
+lego_systemd_service_d_dir_path_group: root
+lego_systemd_service_d_dir_path_mode: ugo=rx
+lego_systemd_service_d_dir_path_state: directory
+
+lego_systemd_service_d_template_src: "environ.conf.j2"
+lego_systemd_service_d_template_dest: "{{ lego_systemd_service_d_dir_path }}/environ.conf"
+lego_systemd_service_d_template_path_owner: root
+lego_systemd_service_d_template_path_group: root
+lego_systemd_service_d_template_path_mode: u=r,go=
+
+lego_credential_file_owner: "{{ lego_user_name }}"
+lego_credential_file_group: "{{ lego_group_name }}"
+lego_credential_file_mode: u=r,go=
+
+# lego_domains:
+#   - name: example.com
+#     # not required
+#     enabled: true
+#     # not required
+#     state: started
diff --git a/roles/lego/handlers/main.yaml b/roles/lego/handlers/main.yaml
new file mode 100644
index 0000000..18d1fb2
--- /dev/null
+++ b/roles/lego/handlers/main.yaml
@@ -0,0 +1,5 @@
+---
+- name: restart lego
+  systemd:
+    name: "{{ lego_service_name }}"
+    daemon_reload: true
\ No newline at end of file
diff --git a/roles/lego/tasks/configure.yaml b/roles/lego/tasks/configure.yaml
new file mode 100644
index 0000000..e128592
--- /dev/null
+++ b/roles/lego/tasks/configure.yaml
@@ -0,0 +1,98 @@
+---
+- name: create group
+  ansible.builtin.group:
+    name: "{{ lego_group_name }}"
+    system: true
+
+- name: create user
+  ansible.builtin.user:
+    name: "{{ lego_user_name }}"
+    shell: "{{ lego_user_shell }}"
+    home: "{{ lego_user_home }}"
+    system: true
+    group: "{{ lego_group_name }}"
+
+- name: create var path
+  ansible.builtin.file:
+    path: "{{ lego_var_dir_path }}"
+    owner: "{{ lego_var_dir_path_owner }}"
+    group: "{{ lego_var_dir_path_group }}"
+    mode: "{{ lego_var_dir_path_mode }}"
+    state: "{{ lego_var_dir_path_state }}"
+
+- name: create etc path
+  ansible.builtin.file:
+    path: "{{ lego_etc_dir_path }}"
+    owner: "{{ lego_etc_dir_path_owner }}"
+    group: "{{ lego_etc_dir_path_group }}"
+    mode: "{{ lego_etc_dir_path_mode }}"
+    state: "{{ lego_etc_dir_path_state }}"
+
+- name: "create {{ lego_systemd_service_d_dir_path }}"
+  ansible.builtin.file:
+    path: "{{ lego_systemd_service_d_dir_path }}"
+    owner: "{{ lego_systemd_service_d_dir_path_owner }}"
+    group: "{{ lego_systemd_service_d_dir_path_group }}"
+    mode: "{{ lego_systemd_service_d_dir_path_mode }}"
+    state: "{{ lego_systemd_service_d_dir_path_state }}"
+
+- name: "create {{ lego_systemd_service_d_template_dest }}"
+  ansible.builtin.template:
+    src: "{{ lego_systemd_service_d_template_src }}"
+    dest: "{{ lego_systemd_service_d_template_dest }}"
+    owner: "{{ lego_systemd_service_d_template_path_owner }}"
+    group: "{{ lego_systemd_service_d_template_path_group }}"
+    mode: "{{ lego_systemd_service_d_template_path_mode }}"
+  notify:
+    - restart lego
+
+- name: create credential files
+  ansible.builtin.copy:
+    dest: "{{ lego_etc_dir_path }}/{{ item.name }}"
+    owner: "{{ item.owner | default(lego_credential_file_owner) }}"
+    group: "{{ item.group | default(lego_credential_file_group) }}"
+    mode: "{{ item.mode | default(lego_credential_file_mode) }}"
+    content: "{{ item.content }}"
+  loop: "{{ lego_credential_files | default([]) }}"
+  no_log: true
+
+#- name: configure
+#  ansible.builtin.template:
+#    src: "{{ lego_config_file_template_src }}"
+#    dest: "{{ lego_config_file_template_dest }}"
+#    owner: "{{ lego_config_file_template_owner }}"
+#    group: "{{ lego_config_file_template_group }}"
+#    mode: "{{ lego_config_file_template_mode }}"
+#  notify:
+#    - restart lego
+#
+- name: configure systemd unit
+  ansible.builtin.template:
+    src: "{{ lego_service_template_src }}"
+    dest: "{{ lego_service_template_dest }}"
+    owner: "{{ lego_service_template_owner }}"
+    group: "{{ lego_service_template_group }}"
+    mode: "{{ lego_service_template_mode }}"
+  notify:
+    - restart lego
+
+- name: configure timer
+  ansible.builtin.template:
+    src: "{{ lego_timer_template_src }}"
+    dest: "{{ lego_timer_template_dest }}"
+    owner: "{{ lego_timer_template_owner }}"
+    group: "{{ lego_timer_template_group }}"
+    mode: "{{ lego_timer_template_mode }}"
+#
+#- name: manage service
+#  ansible.builtin.service:
+#    name: "{{ lego_service_name }}"
+#    enabled: "{{ lego_service_enabled | default(true) }}"
+#    state: "{{ lego_service_state | default('started') }}"
+
+- name: manage timers
+  ansible.builtin.systemd:
+    name: "lego@{{ item.name }}.timer"
+    enabled: "{{ item.enabled | default(true) }}"
+    state: "{{ item.state | default('started') }}"
+  loop: "{{ lego_domains | default([]) }}"
\ No newline at end of file
diff --git a/roles/lego/tasks/default.yaml b/roles/lego/tasks/default.yaml
new file mode 100644
index 0000000..e69de29
diff --git a/roles/lego/tasks/install.yaml b/roles/lego/tasks/install.yaml
new file mode 100644
index 0000000..31add8c
--- /dev/null
+++ b/roles/lego/tasks/install.yaml
@@ -0,0 +1,56 @@
+---
+- name: determine install status
+  ansible.builtin.stat:
+    path: "{{ lego_opt_dir_path }}/lego"
+  register: st
+
+- name: create opt path
+  ansible.builtin.file:
+    path: "{{ lego_opt_dir_path }}"
+    owner: root
+    group: root
+    mode: 0755
+    state: directory
+    
+- block:
+  - name: download
+    ansible.builtin.get_url:
+      url: "{{ lego_release_url }}"
+      dest: "{{ lego_download_path }}"
+      checksum: "{{ lego_checksums[lego_release_file] }}"
+    register: dl
+    until: dl is success
+    retries: 5
+    delay: 10
+
+  - name: extract
+    ansible.builtin.unarchive:
+      src: "{{ lego_download_path }}"
+      dest: "{{ lego_unarchive_dest_path }}"
+      remote_src: true
+
+  - name: install
+    ansible.builtin.copy:
+      src: "{{ lego_extracted_path }}/{{ item }}"
+      dest: "{{ lego_opt_dir_path }}/{{ item }}"
+      remote_src: true
+    loop: "{{ lego_binaries }}"
+  when: not st.stat.exists
+
+- name: permissions
+  ansible.builtin.file:
+    path: "{{ lego_opt_dir_path }}/{{ item }}"
+    owner: root
+    group: root
+    mode: 0755
+  loop: "{{ lego_binaries }}"
+
+- name: symlink
+  ansible.builtin.file:
+    src: "{{ lego_opt_dir_path }}/{{ item }}"
+    dest: "/usr/local/bin/{{ item }}"
+    owner: root
+    group: root
+    mode: 0755
+    state: link
+  loop: "{{ lego_binaries }}"
\ No newline at end of file
diff --git a/roles/lego/tasks/main.yaml b/roles/lego/tasks/main.yaml
new file mode 100644
index 0000000..b13a010
--- /dev/null
+++ b/roles/lego/tasks/main.yaml
@@ -0,0 +1,28 @@
+---
+- name: gather os specific variables
+  ansible.builtin.include_vars: "{{ lookup('first_found', params) }}"
+  vars:
+    params:
+      files:
+        - "{{ ansible_distribution }}-{{ ansible_distribution_version }}.yaml"
+        - "{{ ansible_distribution }}.yaml"
+        - "{{ ansible_os_family }}.yaml"
+        - "default.yaml"
+      paths:
+        - vars
+
+- name: include os specific tasks
+  ansible.builtin.include_tasks: "{{ lookup('first_found', params) }}"
+  vars:
+    params:
+      files:
+        - "{{ ansible_distribution }}-{{ ansible_distribution_version }}.yaml"
+        - "{{ ansible_distribution }}.yaml"
+        - "{{ ansible_os_family }}.yaml"
+        - "default.yaml"
+      paths:
+        - tasks
+
+- ansible.builtin.include_tasks: install.yaml
+
+- ansible.builtin.include_tasks: configure.yaml
\ No newline at end of file
diff --git a/roles/lego/templates/environ.conf.j2 b/roles/lego/templates/environ.conf.j2
new file mode 100644
index 0000000..c73b975
--- /dev/null
+++ b/roles/lego/templates/environ.conf.j2
@@ -0,0 +1,8 @@
+# {{ ansible_managed }}
+
+[Service]
+{% if lego_user_environ is defined %}
+{% for k, v in lego_user_environ.items() %}
+Environment={{ k | upper }}={{ v }}
+{% endfor %}
+{% endif %}
\ No newline at end of file
diff --git a/roles/lego/templates/lego@.service.j2 b/roles/lego/templates/lego@.service.j2
new file mode 100644
index 0000000..df994f9
--- /dev/null
+++ b/roles/lego/templates/lego@.service.j2
@@ -0,0 +1,31 @@
+# {{ ansible_managed }}
+
+[Unit]
+Description=Let's Encrypt client and ACME library written in Go
+After=network-online.target
+Wants=network-online.target
+
+[Service]
+{% if lego_environ is defined %}
+{% for k, v in lego_environ.items() %}
+Environment={{ k | upper }}={{ v }}
+{% endfor %}
+{% endif %}
+Type=oneshot
+User={{ lego_user_name }}
+ExecStart={{ lego_bin_path }} \
+{% for arg in lego_bin_args | default([]) + lego_bin_user_args | default([]) %}
+  {{ arg }} \
+{% endfor %}
+  renew \
+{% for arg in lego_bin_renew_user_args | default([]) %}
+  {{ arg }} {% if not loop.last %}\{{ "\n"}}{% endif %}
+{% if loop.last %}
+
+{% endif %}
+{% endfor %}
+
+WorkingDirectory={{ lego_var_dir_path }}
+
+[Install]
+WantedBy=multi-user.target
\ No newline at end of file
diff --git a/roles/lego/templates/lego@.timer.j2 b/roles/lego/templates/lego@.timer.j2
new file mode 100644
index 0000000..324cd7d
--- /dev/null
+++ b/roles/lego/templates/lego@.timer.j2
@@ -0,0 +1,11 @@
+[Unit]
+Description=Certbot renewal
+Description=Let's Encrypt client and ACME library written in Go
+Requires={{ lego_service_name }}%i
+
+[Timer]
+OnCalendar=*-*-* 00,12:00:00
+# RandomizedDelaySec=1
+
+[Install]
+WantedBy=timers.target
\ No newline at end of file
diff --git a/roles/lego/vars/default.yaml b/roles/lego/vars/default.yaml
new file mode 100644
index 0000000..e69de29
diff --git a/roles/logcli/defaults/main.yaml b/roles/logcli/defaults/main.yaml
new file mode 100644
index 0000000..3df76e7
--- /dev/null
+++ b/roles/logcli/defaults/main.yaml
@@ -0,0 +1,57 @@
+---
+logcli_go_arch_map:
+  i386: '386'
+  x86_64: 'amd64'
+
+logcli_go_arch: "{{ logcli_go_arch_map[ansible_architecture] | default('amd64') }}"
+
+logcli_version: 2.9.5
+logcli_checksums:
+  logcli-darwin-amd64.zip: sha256:b224dc8872167be0c5f07b1c22471b21604419b625b4a6e69b2c7751bc409d98
+  logcli-darwin-arm64.zip: sha256:ad93156ae1132038de7a6b42633bdc59aac1a04e816aeae2796bc6dddddff14a
+  logcli-freebsd-amd64.zip: sha256:952f48394a080b88a100001b9c454e8793071ba4cd8cc95811bd446b4215a9a3
+  logcli-linux-amd64.zip: sha256:a22f7e29bb9ef8f6f70e31926bbffc646b9e36b3265458e199c497b305d21cc2
+  logcli-linux-arm.zip: sha256:0ad5c86191916121acea30d44011d84d33e5ca27497691980de16f1508b209f5
+  logcli-linux-arm64.zip: sha256:06b6a6b961f5004c51eb7922509dbbb189701b1f3925ba1bb2289894fef7861e
+  logcli-windows-amd64.exe.zip: sha256:d1a37c56fa2a1dfa97855d2a26826ba89569d50846a6022be03936423f04e19b
+  loki-canary-darwin-amd64.zip: sha256:9f73e81666397e195ae092c518df32200bab71f72ff778c839abba0283f8f4b3
+  loki-canary-darwin-arm64.zip: sha256:fa3a96bec9b30ec06bf5271182646161ab8056c51b07e00da14ce21d53bbd871
+  loki-canary-freebsd-amd64.zip: sha256:170c0ea9bf6349cce9b9fb5be6b27d0b8477fc57e5a0849ad7c828ba3de79f15
+  loki-canary-linux-amd64.zip: sha256:e4ff7cfb302851b98d4df1dc7793b3fdc7fd9680d2e75fc0484abcd08412f198
+  loki-canary-linux-arm.zip: sha256:02750db39ecba743da3036ca28a3b426c7d068efeee86b875f7870ba8798dca2
+  loki-canary-linux-arm64.zip: sha256:e0c0c31c89cad8ddffbd11f9467778e9b30bdfbdce955fba67871365a07ab3a1
+  loki-canary-windows-amd64.exe.zip: sha256:54564cbd123fbdd1b95fe9882bd916e2e9432b53826a97c04179c48ff0314912
+  loki-darwin-amd64.zip: sha256:b5831c0da363b3b075ddbdaa6e6e1323858b17c0d6c0052908aebaa637bc522c
+  loki-darwin-arm64.zip: sha256:1b73e4867730c252ce0e3720dd42fea5bd7921dd3cda4aa5f3764e43e1495374
+  loki-freebsd-amd64.zip: sha256:c3ac9b0aa16ca494a1537c28fe036440cd701d5273c5c8bbdb47426ecb5a041e
+  loki-linux-amd64.zip: sha256:9d919a55e7a2dbaeab46e777a0589d7e304c71fed011f989143883cbc887e348
+  loki-linux-arm.zip: sha256:104efc28b322523bf5bced67bdcc3746e1f7f872057f6ef54f25ab00ce426b39
+  loki-linux-arm64.zip: sha256:491833bf201c55388b82c3d1f583a9d4426c1b778ed3dc710cd67c8cbbbb67bb
+  loki-windows-amd64.exe.zip: sha256:1acee64bb69bd54ff6549edd2f670d0a3802727d9efced8705c7a712412d8ef7
+  promtail-darwin-amd64.zip: sha256:54032f2781d3acfef7dd7ad12b7f38ec4f5d0eb8ba047ebecb9911a6dd4b6cc6
+  promtail-darwin-arm64.zip: sha256:405ed21efcaa21ae5bbe4b7e16ca888ae8238716c46a176ea9c5e2a7b2b2a633
+  promtail-freebsd-amd64.zip: sha256:5a68f6fa6c7ae96919f13b4fffb188f72f9b16e38f40cf3962b97989c9739a99
+  promtail-linux-amd64.zip: sha256:e444bcff2d6677d284350819d3d1b7b473a1699357689230254fbc602b28dac7
+  promtail-linux-arm.zip: sha256:d0cc7552b8ce69534893040e6518288a6899c4f3acf9d4e7d32335f5f2f6145d
+  promtail-linux-arm64.zip: sha256:b23bd750dc5f6a76d808826ebc9d3c8b3540adb329578b650571a10d2be348b8
+  promtail-windows-386.exe.zip: sha256:a121de0b043db194c65422f863211efe566da3bec338a92f0623dff6f3c435d1
+  promtail-windows-amd64.exe.zip: sha256:d9c4b5bb58d3ece2e4ff78cd7fef65f5fadd7d9fe73ceb2dfa4a2990f944466f
+
+logcli_github_rel_path: grafana/loki
+logcli_github_project_url: "https://github.com/{{ logcli_github_rel_path }}"
+logcli_release_file: "logcli-{{ ansible_system | lower }}-{{ logcli_go_arch }}.zip"
+logcli_release_url: "{{ logcli_github_project_url }}/releases/download/v{{ logcli_version }}/{{ logcli_release_file }}"
+logcli_download_path: "/tmp/logcli-{{ logcli_version }}-{{ ansible_system | lower }}-{{ logcli_go_arch }}.zip"
+
+logcli_opt_path: "/opt/logcli-{{ logcli_version }}"
+
+logcli_unarchive_dest_path: /tmp/
+logcli_extracted_path: "/tmp/logcli-{{ ansible_system | lower }}-{{ logcli_go_arch }}"
+logcli_binaries:
+ - logcli
+
+logcli_loki_addr: http://localhost:3100
+
+logcli_profile_d_path: /etc/profile.d/logcli.sh
+logcli_profile_d_env:
+  LOKI_ADDR: "{{ logcli_loki_addr }}"
diff --git a/roles/logcli/tasks/configure.yaml b/roles/logcli/tasks/configure.yaml
new file mode 100644
index 0000000..a623f93
--- /dev/null
+++ b/roles/logcli/tasks/configure.yaml
@@ -0,0 +1,11 @@
+---
+- name: set logcli environment variables
+  ansible.builtin.copy:
+    dest: "{{ logcli_profile_d_path }}"
+    owner: root
+    group: root
+    mode: 0755
+    content: |
+      {% for k, v in logcli_profile_d_env.items() %}
+      export {{ k }}="{{ v }}"
+      {% endfor %}
\ No newline at end of file
diff --git a/roles/logcli/tasks/default.yaml b/roles/logcli/tasks/default.yaml
new file mode 100644
index 0000000..e69de29
diff --git a/roles/logcli/tasks/install.yaml b/roles/logcli/tasks/install.yaml
new file mode 100644
index 0000000..8c8bc62
--- /dev/null
+++ b/roles/logcli/tasks/install.yaml
@@ -0,0 +1,56 @@
+---
+- name: determine install status
+  ansible.builtin.stat:
+    path: "{{ logcli_opt_path }}/logcli"
+  register: st
+
+- name: create opt path
+  ansible.builtin.file:
+    path: "{{ logcli_opt_path }}"
+    owner: root
+    group: root
+    mode: 0755
+    state: directory
+    
+- block:
+  - name: download
+    ansible.builtin.get_url:
+      url: "{{ logcli_release_url }}"
+      dest: "{{ logcli_download_path }}"
+      checksum: "{{ logcli_checksums[logcli_release_file] }}"
+    register: dl
+    until: dl is success
+    retries: 5
+    delay: 10
+
+  - name: extract
+    ansible.builtin.unarchive:
+      src: "{{ logcli_download_path }}"
+      dest: "{{ logcli_unarchive_dest_path }}"
+      remote_src: true
+
+  - name: install
+    ansible.builtin.copy:
+      src: "{{ logcli_extracted_path }}"
+      dest: "{{ logcli_opt_path }}/{{ item }}"
+      remote_src: true
+    loop: "{{ logcli_binaries }}"
+  when: not st.stat.exists
+
+- name: permissions
+  ansible.builtin.file:
+    path: "{{ logcli_opt_path }}/{{ item }}"
+    owner: root
+    group: root
+    mode: 0755
+  loop: "{{ logcli_binaries }}"
+
+- name: symlink
+  ansible.builtin.file:
+    src: "{{ logcli_opt_path }}/{{ item }}"
+    dest: "/usr/local/bin/{{ item }}"
+    owner: root
+    group: root
+    mode: 0755
+    state: link
+  loop: "{{ logcli_binaries }}"
\ No newline at end of file
diff --git a/roles/logcli/tasks/main.yaml b/roles/logcli/tasks/main.yaml
new file mode 100644
index 0000000..b13a010
--- /dev/null
+++ b/roles/logcli/tasks/main.yaml
@@ -0,0 +1,28 @@
+---
+- name: gather os specific variables
+  ansible.builtin.include_vars: "{{ lookup('first_found', params) }}"
+  vars:
+    params:
+      files:
+        - "{{ ansible_distribution }}-{{ ansible_distribution_version }}.yaml"
+        - "{{ ansible_distribution }}.yaml"
+        - "{{ ansible_os_family }}.yaml"
+        - "default.yaml"
+      paths:
+        - vars
+
+- name: include os specific tasks
+  ansible.builtin.include_tasks: "{{ lookup('first_found', params) }}"
+  vars:
+    params:
+      files:
+        - "{{ ansible_distribution }}-{{ ansible_distribution_version }}.yaml"
+        - "{{ ansible_distribution }}.yaml"
+        - "{{ ansible_os_family }}.yaml"
+        - "default.yaml"
+      paths:
+        - tasks
+
+- ansible.builtin.include_tasks: install.yaml
+
+- ansible.builtin.include_tasks: configure.yaml
\ No newline at end of file
diff --git a/roles/logcli/vars/default.yaml b/roles/logcli/vars/default.yaml
new file mode 100644
index 0000000..e69de29
diff --git a/roles/mimir/defaults/main.yaml b/roles/mimir/defaults/main.yaml
new file mode 100644
index 0000000..ba74984
--- /dev/null
+++ b/roles/mimir/defaults/main.yaml
@@ -0,0 +1,68 @@
+---
+mimir_package_name: mimir
+mimir_package_state: present
+
+mimir_service_name: mimir.service
+mimir_service_enabled: true
+mimir_service_state: started
+
+mimir_apt_repository_repo: deb [signed-by=/etc/apt/keyrings/grafana.gpg] https://apt.grafana.com stable main
+mimir_apt_repository_state: present
+
+mimir_version_regex: ^mimir, version ([\d.]+)
+
+mimir_user_name: mimir
+mimir_user_comment: mimir user
+mimir_user_state: present
+mimir_user_shell: /usr/sbin/nologin
+mimir_user_system: true
+mimir_user_createhome: false
+
+mimir_group_name: mimir
+mimir_group_state: "{{ mimir_user_state | default('present') }}"
+mimir_group_system: true
+
+mimir_var_dir_path: /var/lib/mimir
+mimir_var_dir_owner: "{{ mimir_user_name }}"
+mimir_var_dir_group: "{{ mimir_group_name }}"
+mimir_var_dir_mode: "0700"
+
+mimir_etc_dir_path: /etc/mimir
+mimir_etc_dir_owner: "{{ mimir_user_name }}"
+mimir_etc_dir_group: "{{ mimir_group_name }}"
+mimir_etc_dir_mode: "0755"
+
+mimir_config_file_path: "{{ mimir_etc_dir_path }}/config.yml"
+mimir_config_file_path_owner: "{{ mimir_user_name }}"
+mimir_config_file_path_group: "{{ mimir_group_name }}"
+mimir_config_file_path_mode: "0755"
+
+m#  imir_common:
+ #   {}
+
+mimir_server:
+  http_listen_port: 9009
+
+mimir_alertmanager:
+  sharding_ring:
+    replication_factor: 1
+
+# mimir_compactor:
+#   {}
+
+#  mimir_distributor:
+#    {}
+
+mimir_ingester:
+  ring:
+    replication_factor: 1
+
+mimir_store_gateway:
+  sharding_ring:
+    replication_factor: 1
+
+#  mimir_blocks_storage:
+#    {}
+
+#  mimir_ruler_storage:
+#    {}
\ No newline at end of file
diff --git a/roles/mimir/files/grafana.gpg b/roles/mimir/files/grafana.gpg
new file mode 100644
index 0000000000000000000000000000000000000000..d199581a98242764d0d6ddccf191b8655db7c2b5
GIT binary patch
literal 1758
zcmajeX*d*$0><%KY{P^xmcbk`F(Szp#h4h&Ws)s&2^kto7}=$(Q`{NLP*X&9rY4ET
z*!OfOkz);!Au*b48B6x%oO{o6pL@UE&+qg9^gh3AU>e_bE+qg61q{PE)oGGpDMRSd
zE=s4;9LkmZ{b_^9y+Vn(I~evt=RU${IWW7OfjFzzB#fa;EjEDTSE^Xy$qG(BPU{1n
z3cF)LiOc=_l@ifR?3-M<s1B{v`1Jdd=NBDnul>p$d^(rZ`|`G|a9aWALie4@VHG{z
z$>x2Ym?yG4=ux9<MXl-&;~CgNudu9bqVM&eejHws$%_tn+`{mTau*qbo!czI%e$bK
zehZW`$h3K9MH*=UZVO5DyPd+Dckj>{!*EmAU}=$~XSxG{v0kVkVjYbQX_nNG7B0MV
zJ!)`E1xv!!h)$ftuw&fXaE}JNT3br(;yIt=&5ixpLK%WD(+7xA+%V_C45oRYnKR?r
zFNlf?6-_~Tm_?e}8Ji+mZ>VVc<U-~{PiXs=EvM+JJZpLgoH8-h&h-lj`jRzah9W!i
zx5gHN{t@(Moz81Bhn=0N!Fzucc_I({-B-|c@>u?_<dgx4%{iFD*U)(R1H|R8xAe1G
z`xG<!V~|n+7!UxgLH{j`;7cG86m1CJ;ffd{$uEFJB!&f${7n4*S~Pt^g0acKVLmue
z7=V>l;;S{}-hNf5^*n*ki$C)MJzCs?Y{3uu*Q+3TFh2y`?g!u(fd~nL1f+x^LLwkO
zX%H9)QUHQv?gE4%;{Qpk?m_`M)TOYxgJ&_O)^2Be^X#=3cjfaU+}&pkI!fOk>FnPf
zGV+@82_1%yjh<1v0uPBEm7CQ_jV!t`Wm$IfG`czkAm_SJ@<eY(4=j5WQD$q$KkJu*
zzZNy&KpnZ$dtAseM9}m-%9wRxTu~<n&a~PbtHeAm&$d~AVYYlERkePx>k=C+`+($&
zoSI<dw7_bkdCsk{OM<!=y}qCN-f8ZArAQNSS~%ZP7C2`1b^Pz@^XxLFs?NqwaGtg`
zg$rLS%!#Do5RTvBEX$`6+*H=E+o+y)(ChF=3ODv6lFCw!a){JbP6oeflk9~sUSw)f
z@mnN-hCw=YrHAh}JV}z-pA<7h-Ww|4rhtnQBNC<dSY8#SpO;z}S_*G9HwvXKT^&mH
zP;gIlp7z|DwMO!AbRS_70iAu#Li%KVNuTo>vAG5YEwhfij(yjRVVo{=_qb}8<})pz
zacW3e^}NhK8)^3UgLx)i(sNN5EoC=kRK=L#-Y7wL&7~0%lhOEJj@4FD_?eqHt=cD9
zKQ<B`K>dT89;la3#@cC5aU(>~Dz7RNd#tgN+A>vR-KNKaHXFL}%S&x}IthabK+~;4
z-PV=TBVz6c>{xvXad_M`^qYWkK(Vt}L6wgj#m7=|ZZDQE<l$xG8S!lcdnw)eiy)=s
z&aLTk(c=60(n3m1!#m4u$45xK+!cI9D5<>_vMVl%Ll%SSZ}*a>52q9+v>@MLM~=gn
z2&x4Baz53a<=@nL6<+-aurJg*xrId?;$tq_<U$qp+HW1EbO4~7*9UGcMzcn~*kHz5
zEEboS7(wwE(fM*Nc<n0re2R5NfOB5~m(2#wo~>Dx3%1jnmK4a`AKXOi3+=L2aHJFZ
zy%^C6wE~hTj%TuAaI{bk75^4T^+0u&V!4miOdO;04>i@DGIZ-cctpC3?fz2Md(LOA
zp(k1cZW~8%)bZb{l-QK;c6j?a(b^TEZ|3YtxzT5JM*Mm2D#LctCbDCN5)eRHBs07%
zG(!&U%c=k7m<(*;L;T4M{ePH2|6=yPoQ?&H>_b(LQ$urI_vSaV#s+YtB1adEF(kER
zuZp;^{4$}$pF|K#ZF21gtNNI$Tp8aHL=8r%_c8WD_Uj+74|2=pCDY$w9)7WhiGP&2
z!Q9uZpw|{MS)2s@CCE+dWZj~?n2#dWRPw_(ibaw;1;4g*0LsLzI-I*V8+(#E{Zg@+
zXaL)z_1aE<(wH~R){fppDYaIInF)7FVNDuMbVae|YvVaHG6hWIg*o&Vd2pa<L^{^;
zvOzK`PDW%Z(5z~vMH$j_-s(21Nbg+_qN?8<w5d*?T&+(=_q0B6swv3YmNzRM=>cA_
zE6Z=rnHT%h)H6KU<%GR@C^e#*IZkF@B4$={XtaoM0soFq?df8#(Fv5Sx0boxSdD_(
zd1_$>qGnqy^zpafX-0JRz*pAB%Ek+j<PN!+uK%I!{o?jO^oVw`Ecq^8U&Y{Z2$t#q
xVAg;6SaTp(wgoHdxrwkoP7n7r{Dgz9$RO1@Bft=+;x*cvOdRET!B1z`KLGi<K8pYV

literal 0
HcmV?d00001

diff --git a/roles/mimir/handlers/main.yaml b/roles/mimir/handlers/main.yaml
new file mode 100644
index 0000000..e03fe6e
--- /dev/null
+++ b/roles/mimir/handlers/main.yaml
@@ -0,0 +1,6 @@
+---
+- name: restart mimir
+  systemd:
+    name: "{{ mimir_service_name }}"
+    daemon_reload: true
+    state: restarted
\ No newline at end of file
diff --git a/roles/mimir/tasks/Debian.yaml b/roles/mimir/tasks/Debian.yaml
new file mode 100644
index 0000000..cdfc862
--- /dev/null
+++ b/roles/mimir/tasks/Debian.yaml
@@ -0,0 +1,14 @@
+---
+- name: trust grafana apt respository key
+  ansible.builtin.copy:
+    src: "grafana.gpg"
+    dest: "/etc/apt/keyrings/grafana.gpg"
+    owner: root
+    group: root
+    mode: 0644
+
+- name: configure grafana apt repository
+  ansible.builtin.apt_repository:
+    repo: "{{ mimir_apt_repository_repo }}"
+    state: "{{ mimir_apt_repository_state | default('present') }}"
+    filename: grafana
\ No newline at end of file
diff --git a/roles/mimir/tasks/configure.yaml b/roles/mimir/tasks/configure.yaml
new file mode 100644
index 0000000..3e6d909
--- /dev/null
+++ b/roles/mimir/tasks/configure.yaml
@@ -0,0 +1,48 @@
+---
+- name: create group
+  ansible.builtin.group:
+    name: "{{ mimir_group_name }}"
+    system: "{{ mimir_group_system | default(true) }}"
+    state: "{{ mimir_group_name_state | default('present') }}"
+
+- name: create user
+  ansible.builtin.user:
+    name: "{{ mimir_user_name }}"
+    comment: "{{ mimir_user_comment  }}"
+    system: "{{ mimir_user_system | default(true) }}"
+    shell: "{{ mimir_user_shell | default('/usr/sbin/nologin') }}"
+    group: "{{ mimir_group_name }}"
+    createhome: "{{ mimir_user_createhome | default(false) }}"
+    home: "{{ mimir_var_dir_path }}"
+    state: "{{ mimir_user_state | default('present') }}"
+
+- name: create etc path
+  ansible.builtin.file:
+    path: "{{ mimir_etc_dir_path }}"
+    state: directory
+    owner: "{{ mimir_etc_dir_owner }}"
+    group: "{{ mimir_etc_dir_group }}"
+    mode: "{{ mimir_etc_dir_mode }}"
+
+- name: create var path
+  ansible.builtin.file:
+    path: "{{ mimir_var_dir_path }}"
+    state: directory
+    owner: "{{ mimir_var_dir_owner }}"
+    group: "{{ mimir_var_dir_group }}"
+    mode: "{{ mimir_var_dir_mode }}"
+
+- name: configure
+  template:
+    src: config.yml.j2
+    dest: "{{ mimir_config_file_path }}"
+    owner: "{{ mimir_user_name }}"
+    group: "{{ mimir_group_name }}"
+    mode: 0400
+  notify: restart mimir
+
+- name: manage service
+  service:
+    name: "{{ mimir_service_name }}"
+    enabled: "{{ mimir_service_enabled }}"
+    state: "{{ mimir_service_state }}"
\ No newline at end of file
diff --git a/roles/mimir/tasks/default.yaml b/roles/mimir/tasks/default.yaml
new file mode 100644
index 0000000..e69de29
diff --git a/roles/mimir/tasks/install.yaml b/roles/mimir/tasks/install.yaml
new file mode 100644
index 0000000..e477aac
--- /dev/null
+++ b/roles/mimir/tasks/install.yaml
@@ -0,0 +1,5 @@
+---
+- name: install package
+  ansible.builtin.package:
+    name: "{{ mimir_package_name }}"
+    state: "{{ mimir_package_state | default('present') }}"
\ No newline at end of file
diff --git a/roles/mimir/tasks/main.yaml b/roles/mimir/tasks/main.yaml
new file mode 100644
index 0000000..b13a010
--- /dev/null
+++ b/roles/mimir/tasks/main.yaml
@@ -0,0 +1,28 @@
+---
+- name: gather os specific variables
+  ansible.builtin.include_vars: "{{ lookup('first_found', params) }}"
+  vars:
+    params:
+      files:
+        - "{{ ansible_distribution }}-{{ ansible_distribution_version }}.yaml"
+        - "{{ ansible_distribution }}.yaml"
+        - "{{ ansible_os_family }}.yaml"
+        - "default.yaml"
+      paths:
+        - vars
+
+- name: include os specific tasks
+  ansible.builtin.include_tasks: "{{ lookup('first_found', params) }}"
+  vars:
+    params:
+      files:
+        - "{{ ansible_distribution }}-{{ ansible_distribution_version }}.yaml"
+        - "{{ ansible_distribution }}.yaml"
+        - "{{ ansible_os_family }}.yaml"
+        - "default.yaml"
+      paths:
+        - tasks
+
+- ansible.builtin.include_tasks: install.yaml
+
+- ansible.builtin.include_tasks: configure.yaml
\ No newline at end of file
diff --git a/roles/mimir/templates/config.yml.j2 b/roles/mimir/templates/config.yml.j2
new file mode 100644
index 0000000..f2e4b29
--- /dev/null
+++ b/roles/mimir/templates/config.yml.j2
@@ -0,0 +1,51 @@
+# {{ ansible_managed }}
+---
+{% if mimir_common is defined %}
+common:
+  {{ mimir_common | to_nice_yaml(indent=2) | indent(4, False) }}
+{% endif -%}
+
+{% if mimir_server is defined %}
+server:
+  {{ mimir_server | to_nice_yaml(indent=2) | indent(4, False) }}
+{% endif -%}
+
+{% if mimir_alertmanager is defined %}
+alertmanager:
+  {{ mimir_alertmanager | to_nice_yaml(indent=2) | indent(4, False) }}
+{% endif -%}
+
+{% if mimir_compactor is defined %}
+compactor:
+  {{ mimir_compactor | to_nice_yaml(indent=2) | indent(4, False) }}
+{% endif -%}
+
+{% if mimir_distributor is defined %}
+distributor:
+  {{ mimir_distributor | to_nice_yaml(indent=2) | indent(4, False) }}
+{% endif -%}
+
+{% if mimir_ingester is defined %}
+ingester:
+  {{ mimir_ingester | to_nice_yaml(indent=2) | indent(4, False) }}
+{% endif -%}
+
+{% if mimir_store_gateway is defined %}
+store_gateway:
+  {{ mimir_store_gateway | to_nice_yaml(indent=2) | indent(4, False) }}
+{% endif -%}
+
+{% if mimir_alertmanager_storage is defined %}
+alertmanager_storage:
+  {{ mimir_alertmanager_storage | to_nice_yaml(indent=2) | indent(4, False) }}
+{% endif -%}
+
+{% if mimir_blocks_storage is defined %}
+blocks_storage:
+  {{ mimir_blocks_storage | to_nice_yaml(indent=2) | indent(4, False) }}
+{% endif -%}
+
+{% if mimir_ruler_storage is defined %}
+ruler_storage:
+  {{ mimir_ruler_storage | to_nice_yaml(indent=2) | indent(4, False) }}
+{% endif -%}
\ No newline at end of file
diff --git a/roles/mimir/vars/default.yaml b/roles/mimir/vars/default.yaml
new file mode 100644
index 0000000..e69de29
diff --git a/roles/process_exporter/defaults/main.yaml b/roles/process_exporter/defaults/main.yaml
new file mode 100644
index 0000000..d03f528
--- /dev/null
+++ b/roles/process_exporter/defaults/main.yaml
@@ -0,0 +1,43 @@
+---
+process_exporter_go_arch_map:
+  i386: '386'
+  x86_64: 'amd64'
+
+process_exporter_go_arch: "{{ process_exporter_go_arch_map[ansible_architecture] | default('amd64') }}"
+
+process_exporter_service_name: process-exporter.service
+process_exporter_service_enabled: true
+process_exporter_service_state: started
+
+process_exporter_version_regex: (.+)
+
+process_exporter_checksum_algo: sha256
+process_exporter_github_rel_path: ncabatoff/process-exporter
+process_exporter_github_project_url: "https://github.com/{{ process_exporter_github_rel_path }}"
+process_exporter_release_file: "process-exporter-{{ process_exporter_version }}.{{ ansible_system | lower }}-{{ process_exporter_go_arch }}.tar.gz"
+process_exporter_release_url: "{{ process_exporter_github_project_url }}/releases/download/v{{ process_exporter_version }}/{{ process_exporter_release_file }}"
+process_exporter_checksum_url: "{{ process_exporter_github_project_url }}/releases/download/v{{ process_exporter_version }}/checksums.txt"
+process_exporter_download_path: "/tmp/{{ process_exporter_release_file }}"
+process_exporter_unarchive_dest_path: /tmp
+process_exporter_extracted_path: "{{ process_exporter_download_path | replace('.tar.gz', '') }}"
+process_exporter_binaries:
+ - process-exporter
+
+process_exporter_user: process-exporter
+process_exporter_user_state: present
+process_exporter_user_shell: /usr/sbin/nologin
+
+process_exporter_group: process-exporter
+process_exporter_group_state: "{{ process_exporter_user_state | default('present') }}"
+
+process_exporter_etc_path: /etc/process-exporter
+process_exporter_etc_owner: root
+process_exporter_etc_group: root
+process_exporter_etc_mode: "0755"
+
+process_exporter_var_path: /var/lib/process-exporter
+process_exporter_var_owner: "{{ process_exporter_user }}"
+process_exporter_var_group: "{{ process_exporter_group }}"
+process_exporter_var_mode: "0755"
+
+process_exporter_bin_path: /usr/local/bin
diff --git a/roles/process_exporter/handlers/main.yaml b/roles/process_exporter/handlers/main.yaml
new file mode 100644
index 0000000..f733f53
--- /dev/null
+++ b/roles/process_exporter/handlers/main.yaml
@@ -0,0 +1,6 @@
+---
+- name: restart process-exporter
+  systemd:
+    name: "{{ process_exporter_service_name }}"
+    daemon_reload: true
+    state: restarted
diff --git a/roles/process_exporter/tasks/configure.yaml b/roles/process_exporter/tasks/configure.yaml
new file mode 100644
index 0000000..68252d6
--- /dev/null
+++ b/roles/process_exporter/tasks/configure.yaml
@@ -0,0 +1,47 @@
+---
+- name: create group
+  group:
+    name: "{{ process_exporter_group }}"
+    system: true
+    state: "{{ process_exporter_group_state | default('present') }}"
+
+- name: create user
+  user:
+    name: "{{ process_exporter_user }}"
+    system: true
+    shell: "{{ process_exporter_user_shell }}"
+    group: "{{ process_exporter_group }}"
+    createhome: false
+    home: "{{ process_exporter_var_path }}"
+    state: "{{ process_exporter_user_state | default('present') }}"
+
+- name: create etc path
+  file:
+    path: "{{ process_exporter_etc_path }}"
+    state: directory
+    owner: "{{ process_exporter_etc_owner }}"
+    group: "{{ process_exporter_etc_group }}"
+    mode: "{{ process_exporter_etc_mode }}"
+
+- name: create var path
+  file:
+    path: "{{ process_exporter_var_path }}"
+    state: directory
+    owner: "{{ process_exporter_var_owner }}"
+    group: "{{ process_exporter_var_group }}"
+    mode: "{{ process_exporter_var_mode }}"
+
+- name: configure systemd template
+  template:
+    src: "{{ process_exporter_service_name }}.j2"
+    dest: "/etc/systemd/system/{{ process_exporter_service_name }}"
+    owner: root
+    group: root
+    mode: 0444
+  notify: restart process-exporter
+
+- name: manage service
+  service:
+    name: "{{ process_exporter_service_name }}"
+    enabled: "{{ process_exporter_service_enabled }}"
+    state: "{{ process_exporter_service_state }}"
diff --git a/roles/process_exporter/tasks/default.yaml b/roles/process_exporter/tasks/default.yaml
new file mode 100644
index 0000000..e69de29
diff --git a/roles/process_exporter/tasks/install.yaml b/roles/process_exporter/tasks/install.yaml
new file mode 100644
index 0000000..c815745
--- /dev/null
+++ b/roles/process_exporter/tasks/install.yaml
@@ -0,0 +1,30 @@
+---
+- block:
+  - name: download tar
+    get_url:
+      url: "{{ process_exporter_release_url }}"
+      dest: "{{ process_exporter_download_path }}"
+      checksum: "{{ process_exporter_checksum }}"
+    register: dl
+    until: dl is success
+    retries: 5
+    delay: 10
+
+  - name: extract tar
+    unarchive:
+      src: "{{ process_exporter_download_path }}"
+      dest: "{{ process_exporter_unarchive_dest_path }}"
+      creates: "{{ process_exporter_extracted_path }}"
+      remote_src: true
+
+  - name: install binaries
+    copy:
+      src: "{{ process_exporter_extracted_path }}/{{ item }}"
+      dest: "{{ process_exporter_bin_path }}/{{ item }}"
+      owner: root
+      group: root
+      mode: 0755
+      remote_src: true
+    loop: "{{ process_exporter_binaries }}"
+    notify: restart process-exporter
+  when: process_exporter_version != process_exporter_local_version
diff --git a/roles/process_exporter/tasks/main.yaml b/roles/process_exporter/tasks/main.yaml
new file mode 100644
index 0000000..3e5c60a
--- /dev/null
+++ b/roles/process_exporter/tasks/main.yaml
@@ -0,0 +1,30 @@
+---
+- name: gather os specific variables
+  ansible.builtin.include_vars: "{{ lookup('first_found', params) }}"
+  vars:
+    params:
+      files:
+        - "{{ ansible_distribution }}-{{ ansible_distribution_version }}.yaml"
+        - "{{ ansible_distribution }}.yaml"
+        - "{{ ansible_os_family }}.yaml"
+        - "default.yaml"
+      paths:
+        - vars
+
+- name: include os specific tasks
+  ansible.builtin.include_tasks: "{{ lookup('first_found', params) }}"
+  vars:
+    params:
+      files:
+        - "{{ ansible_distribution }}-{{ ansible_distribution_version }}.yaml"
+        - "{{ ansible_distribution }}.yaml"
+        - "{{ ansible_os_family }}.yaml"
+        - "default.yaml"
+      paths:
+        - tasks
+
+- ansible.builtin.include_tasks: pre.yaml
+
+- ansible.builtin.include_tasks: install.yaml
+
+- ansible.builtin.include_tasks: configure.yaml
diff --git a/roles/process_exporter/tasks/pre.yaml b/roles/process_exporter/tasks/pre.yaml
new file mode 100644
index 0000000..92d7d00
--- /dev/null
+++ b/roles/process_exporter/tasks/pre.yaml
@@ -0,0 +1,54 @@
+---
+- name: determine if installed
+  stat:
+    path: "{{ process_exporter_bin_path }}/process-exporter"
+  register: st
+
+- name: set process_exporter_installed
+  set_fact:
+    process_exporter_installed: "{{ st.stat.exists | bool }}"
+
+- block:
+  - name: determine latest version
+    uri:
+      url: "https://api.github.com/repos/{{ process_exporter_github_rel_path }}/releases/latest"
+      return_content: true
+      body_format: json
+    register: _latest_version
+    until: _latest_version.status == 200
+    retries: 3
+
+  - name: set process_exporter_version
+    set_fact:
+      process_exporter_version: "{{ _latest_version.json['tag_name'] | regex_replace('^v', '') }}"
+
+- block:
+  - name: determine installed version
+    command: "{{ process_exporter_bin_path }}/process-exporter --version"
+    register: _installed_version_string
+    changed_when: false
+
+  - name: set process_exporter_local_version
+    set_fact:
+      process_exporter_local_version: "{{ _installed_version_string.stdout | regex_search(process_exporter_version_regex, '\\1') | first }}"
+  rescue:
+  - name: set process_exporter_local_version
+    set_fact:
+      process_exporter_local_version: "{{ _installed_version_string.stderr | regex_search(process_exporter_version_regex, '\\1') | first }}"
+  when: process_exporter_installed
+
+- name: set process_exporter_local_version to 0
+  set_fact:
+    process_exporter_local_version: "0"
+  when: not process_exporter_installed
+
+- block:
+  - name: get checksums
+    set_fact:
+      _checksums: "{{ lookup('url', process_exporter_checksum_url, wantlist=True) }}"
+
+  - name: set process_exporter_checksum
+    set_fact:
+      process_exporter_checksum: "{{ process_exporter_checksum_algo }}:{{ item.split(' ') | first }}"
+    loop: "{{ _checksums }}"
+    when: "process_exporter_release_file in item"
diff --git a/roles/process_exporter/templates/process-exporter.service.j2 b/roles/process_exporter/templates/process-exporter.service.j2
new file mode 100644
index 0000000..e8474dc
--- /dev/null
+++ b/roles/process_exporter/templates/process-exporter.service.j2
@@ -0,0 +1,17 @@
+{{ ansible_managed | comment }}
+
+[Unit]
+Description=process-exporter
+Wants=network-online.target
+After=network-online.target
+After=alertmanager.service
+ 
+[Service]
+Type=simple
+User={{ process_exporter_user }}
+Group={{ process_exporter_group }}
+WorkingDirectory={{ process_exporter_etc_path }}
+ExecStart={{ process_exporter_bin_path }}/process-exporter \
+ 
+[Install]
+WantedBy=multi-user.target
diff --git a/roles/process_exporter/vars/default.yaml b/roles/process_exporter/vars/default.yaml
new file mode 100644
index 0000000..e69de29
diff --git a/roles/smokeping_prober/defaults/main.yaml b/roles/smokeping_prober/defaults/main.yaml
new file mode 100644
index 0000000..cfcd346
--- /dev/null
+++ b/roles/smokeping_prober/defaults/main.yaml
@@ -0,0 +1,100 @@
+---
+smokeping_prober_go_arch_map:
+  i386: '386'
+  x86_64: 'amd64'
+
+smokeping_prober_go_arch: "{{ smokeping_prober_go_arch_map[ansible_architecture] | default('amd64') }}"
+
+smokeping_prober_version: 0.7.3
+smokeping_prober_checksums:
+  smokeping_prober-0.7.3.aix-ppc64.tar.gz: sha256:13df5d0fc4205c30e3e6887324990dd56285a17bfe1fed263d2b87134061a700
+  smokeping_prober-0.7.3.darwin-amd64.tar.gz: sha256:70a4fc89c1277c78541e5157aa418940d7660aa2915fe0fc34d95870b9aab705
+  smokeping_prober-0.7.3.darwin-arm64.tar.gz: sha256:c6ba90ef426dc3a4efcc80a33a30492e22dd2031730ce0d99caa3503dae87df9
+  smokeping_prober-0.7.3.dragonfly-amd64.tar.gz: sha256:723ec9c8841444fa80a398677f7e3d567537570895ce0d6a778e207c8d4679ea
+  smokeping_prober-0.7.3.freebsd-386.tar.gz: sha256:6291caed80438c62ef2603b28f5f767cc90012c3ea8aa0d4bb6ae0b799a4ed6c
+  smokeping_prober-0.7.3.freebsd-amd64.tar.gz: sha256:7d7da04d07b02cc0e10b1f9c5a567c1abdd80effa6f7e830bf6e5e59510057a0
+  smokeping_prober-0.7.3.freebsd-arm64.tar.gz: sha256:33a251ce899a0fbc244b12dd7fdadef6d36294925dd96edf12bb210edfe10010
+  smokeping_prober-0.7.3.freebsd-armv6.tar.gz: sha256:4ffcae8da2609a6d2491ce5ccee982620a7e9a0e70ee1272f0f6ffcc30d62221
+  smokeping_prober-0.7.3.freebsd-armv7.tar.gz: sha256:78986b4a673fae5c5b6f665dc160bb63c996611533faacdebc4b496dea93612e
+  smokeping_prober-0.7.3.illumos-amd64.tar.gz: sha256:603d673b8f33bd0da74349992a4a4f372381a09c7b8fceef81cf409a0c09eea9
+  smokeping_prober-0.7.3.linux-386.tar.gz: sha256:f5234a097d93ebc039b727c8343af2811ea5ef953af9fe53275a333acbfb3fc2
+  smokeping_prober-0.7.3.linux-amd64.tar.gz: sha256:00277fcd494002fbb0e24df398fc9bb06bb7f1406ecc0d2d71b6c0cb63bca872
+  smokeping_prober-0.7.3.linux-arm64.tar.gz: sha256:e93945a630eb58e9e88acd5c404be8b488b1593d2a07d721b8bf48d38471a67d
+  smokeping_prober-0.7.3.linux-armv5.tar.gz: sha256:514d5fdb6f8ccfcc0d5a4d0f98a91324c65bf0f6cfa37f54e5b4c5f30ba489d4
+  smokeping_prober-0.7.3.linux-armv6.tar.gz: sha256:75b4fec3840eaf87b1b46b5d43f84eef2acb3f630e2949caa15ff0f2ed6e4aff
+  smokeping_prober-0.7.3.linux-armv7.tar.gz: sha256:97a1c4c4e8502be192b6196a528647c93b9902ca3c7a855c0078d6be04260bc6
+  smokeping_prober-0.7.3.linux-mips.tar.gz: sha256:019e92d66bf4226d04cf5fadfa059d1c594d4b1cf8e35f3b491b40056e4a3e0a
+  smokeping_prober-0.7.3.linux-mips64.tar.gz: sha256:c054566106f751a01ccc0a1eb43748363d7ef0a6ee1aa9a8d421f487943b7871
+  smokeping_prober-0.7.3.linux-mips64le.tar.gz: sha256:95ef43cba12ee64cfe85ae6a28b9f6df3e800b13a2d121d41e60fce1dcac31eb
+  smokeping_prober-0.7.3.linux-mipsle.tar.gz: sha256:5beb3b1df782a177c1c0cbe3757815b5eabc977bedd95e1584d4512ed55f20df
+  smokeping_prober-0.7.3.linux-ppc64.tar.gz: sha256:dc403d910ee4c9f3e08ecbb6717e9a8caa195b911c48872900c811689e586d23
+  smokeping_prober-0.7.3.linux-ppc64le.tar.gz: sha256:c446660a14b53c9ed771a3d833a411c4929c8dd5b28c021ff36b6a246393c487
+  smokeping_prober-0.7.3.linux-s390x.tar.gz: sha256:9b53921cbe22dad60c6f8bea5ac2f75e1601a5b4e30b75c0e2b5b6c82a5d51de
+  smokeping_prober-0.7.3.netbsd-386.tar.gz: sha256:2cad359f42af0efe743e7ac326a552235e387e9d23c3fb6a753dd0f88a50d2d0
+  smokeping_prober-0.7.3.netbsd-amd64.tar.gz: sha256:e5c646848cc80a2d59c7e09b9fcb1dcffca205ca8e4ba16295ed8bc7b3900aba
+  smokeping_prober-0.7.3.netbsd-arm64.tar.gz: sha256:718f5f4fad07e8dfec1513a269a9899cd5f8d329c30e290bb6ecf3ce74013286
+  smokeping_prober-0.7.3.netbsd-armv6.tar.gz: sha256:20120fb928dcc85a97933737965b9b0abc5b09798ddcb720efc3f51a3abf0f01
+  smokeping_prober-0.7.3.netbsd-armv7.tar.gz: sha256:eae37f6c24cbf19e5a7248f7831b06e22a9f66ecd7d0d016ab217c67759dd3c0
+  smokeping_prober-0.7.3.openbsd-386.tar.gz: sha256:350b48242569594d59a3a7b3df1f10070896a4e1a38c1aa1f6561d522d114622
+  smokeping_prober-0.7.3.openbsd-amd64.tar.gz: sha256:d70f803922b425f4d5af39e261bea8ae7ea17916156126f8ea4b4fc6df139bcd
+  smokeping_prober-0.7.3.openbsd-arm64.tar.gz: sha256:35b43966f399df85601fdfd46d9a87417d3fec2fdd272d7b8ca3f59c17db890b
+  smokeping_prober-0.7.3.openbsd-armv7.tar.gz: sha256:965854e022e67cf0ccd094aff06b37e3b80f0b84e0251a5513c5745e0d98e5e0
+  smokeping_prober-0.7.3.windows-386.tar.gz: sha256:4567ffa0dfdf2bebe0debed67c599379707f8d957e5050e5ad2a86296a4545b1
+  smokeping_prober-0.7.3.windows-386.zip: sha256:45d017e34bb58ea093402a3030a3afd37bddfd524704ea2a2b54e9756d5fd2f3
+  smokeping_prober-0.7.3.windows-amd64.tar.gz: sha256:99d32b77a0c30f70921e842c724573659593069da97fbb6fe51fb9955a4a2a7e
+  smokeping_prober-0.7.3.windows-amd64.zip: sha256:dde0897b180ecd04f2e670d3613e6282ecf5fb457ec08ce8b4cde4a34bc39d69
+  smokeping_prober-0.7.3.windows-arm64.tar.gz: sha256:973a07635285feabb3a9050cb6b4d8706352f10b982130713108f13fd41b15c2
+  smokeping_prober-0.7.3.windows-arm64.zip: sha256:abf7342b029e43777ba82f10ea49b3a8bcb19e5aabbda32c2418628817b17f29
+
+smokeping_prober_github_rel_path: SuperQ/smokeping_prober
+smokeping_prober_github_project_url: "https://github.com/{{ smokeping_prober_github_rel_path }}"
+smokeping_prober_release_file: "smokeping_prober-{{ smokeping_prober_version }}.{{ ansible_system | lower }}-{{ smokeping_prober_go_arch }}.tar.gz"
+smokeping_prober_release_url: "{{ smokeping_prober_github_project_url }}/releases/download/v{{ smokeping_prober_version }}/{{ smokeping_prober_release_file }}"
+smokeping_prober_download_path: "/tmp/{{ smokeping_prober_release_file }}"
+
+smokeping_prober_opt_path: "/opt/smokeping_prober-{{ smokeping_prober_version }}"
+
+smokeping_prober_unarchive_dest_path: /tmp
+smokeping_prober_extracted_path: "{{ smokeping_prober_download_path | replace('.tar.gz', '') }}"
+smokeping_prober_binaries:
+ - smokeping_prober
+
+smokeping_prober_bin_path: /usr/local/bin/smokeping_prober
+
+smokeping_prober_var_path: /var/lib/smokeping_prober
+smokeping_prober_var_path_owner: "{{ smokeping_prober_user }}"
+smokeping_prober_var_path_group: "{{ smokeping_prober_group }}"
+smokeping_prober_var_path_mode: 0755
+smokeping_prober_var_path_state: directory
+
+smokeping_prober_user: smokeping_prober
+smokeping_prober_user_shell: /usr/sbin/nologin
+smokeping_prober_user_home: "{{ smokeping_prober_var_path }}"
+smokeping_prober_group: smokeping_prober
+
+smokeping_prober_etc_path: /etc/smokeping_prober
+smokeping_prober_etc_path_owner: "{{ smokeping_prober_user }}"
+smokeping_prober_etc_path_group: "{{ smokeping_prober_group }}"
+smokeping_prober_etc_path_mode: 0755
+smokeping_prober_etc_path_state: directory
+
+smokeping_prober_config_path: "{{ smokeping_prober_etc_path }}/config.yaml"
+smokeping_prober_config_path_owner: "{{ smokeping_prober_user }}"
+smokeping_prober_config_path_group: "{{ smokeping_prober_group }}"
+smokeping_prober_config_path_mode: 0444
+
+smokeping_prober_config:
+  targets:
+    - hosts:
+      - localhost
+      network: ip4
+    - hosts:
+      - localhost
+      network: ip6
+
+smokeping_prober_args:
+  - "--config.file={{ smokeping_prober_config_path }}"
+
+smokeping_prober_service_name: smokeping_prober.service
+smokeping_prober_service_state: started
+smokeping_prober_service_enabled: true
\ No newline at end of file
diff --git a/roles/smokeping_prober/handlers/main.yaml b/roles/smokeping_prober/handlers/main.yaml
new file mode 100644
index 0000000..e292bb5
--- /dev/null
+++ b/roles/smokeping_prober/handlers/main.yaml
@@ -0,0 +1,6 @@
+---
+- name: restart smokeping_prober
+  systemd:
+    name: "{{ smokeping_prober_service_name }}"
+    daemon_reload: true
+    state: restarted
\ No newline at end of file
diff --git a/roles/smokeping_prober/tasks/configure.yaml b/roles/smokeping_prober/tasks/configure.yaml
new file mode 100644
index 0000000..eca63e6
--- /dev/null
+++ b/roles/smokeping_prober/tasks/configure.yaml
@@ -0,0 +1,55 @@
+---
+- name: create group
+  ansible.builtin.group:
+    name: "{{ smokeping_prober_group }}"
+    system: true
+
+- name: create user
+  ansible.builtin.user:
+    name: "{{ smokeping_prober_user }}"
+    shell: "{{ smokeping_prober_user_shell }}"
+    home: "{{ smokeping_prober_user_home }}"
+    system: true
+    group: "{{ smokeping_prober_group }}"
+
+- name: create var path
+  ansible.builtin.file:
+    path: "{{ smokeping_prober_var_path }}"
+    owner: "{{ smokeping_prober_var_path_owner }}"
+    group: "{{ smokeping_prober_var_path_group }}"
+    mode: "{{ smokeping_prober_var_path_mode }}"
+    state: "{{ smokeping_prober_var_path_state }}"
+
+- name: create etc path
+  ansible.builtin.file:
+    path: "{{ smokeping_prober_etc_path }}"
+    owner: "{{ smokeping_prober_etc_path_owner }}"
+    group: "{{ smokeping_prober_etc_path_group }}"
+    mode: "{{ smokeping_prober_etc_path_mode }}"
+    state: "{{ smokeping_prober_etc_path_state }}"
+
+- name: configure
+  ansible.builtin.copy:
+    dest: "{{ smokeping_prober_config_path }}"
+    owner: "{{ smokeping_prober_config_path_owner }}"
+    group: "{{ smokeping_prober_config_path_group }}"
+    mode: "{{ smokeping_prober_config_path_mode }}"
+    content: "{{ smokeping_prober_config | to_yaml }}"
+  notify:
+    - restart smokeping_prober
+
+- name: configure systemd unit
+  ansible.builtin.template:
+    src: smokeping_prober.service.j2
+    dest: "/etc/systemd/system/{{ smokeping_prober_service_name }}"
+    owner: root
+    group: root
+    mode: 0444
+  notify:
+    - restart smokeping_prober
+
+- name: manage service
+  ansible.builtin.service:
+    name: "{{ smokeping_prober_service_name }}"
+    enabled: "{{ smokeping_prober_service_enabled | default(true) }}"
+    state: "{{ smokeping_prober_service_state | default('started') }}"
\ No newline at end of file
diff --git a/roles/smokeping_prober/tasks/default.yaml b/roles/smokeping_prober/tasks/default.yaml
new file mode 100644
index 0000000..e69de29
diff --git a/roles/smokeping_prober/tasks/install.yaml b/roles/smokeping_prober/tasks/install.yaml
new file mode 100644
index 0000000..f974351
--- /dev/null
+++ b/roles/smokeping_prober/tasks/install.yaml
@@ -0,0 +1,56 @@
+---
+- name: determine install status
+  ansible.builtin.stat:
+    path: "{{ smokeping_prober_opt_path }}/smokeping_prober"
+  register: st
+
+- name: create opt path
+  ansible.builtin.file:
+    path: "{{ smokeping_prober_opt_path }}"
+    owner: root
+    group: root
+    mode: 0755
+    state: directory
+    
+- block:
+  - name: download
+    ansible.builtin.get_url:
+      url: "{{ smokeping_prober_release_url }}"
+      dest: "{{ smokeping_prober_download_path }}"
+      checksum: "{{ smokeping_prober_checksums[smokeping_prober_release_file] }}"
+    register: dl
+    until: dl is success
+    retries: 5
+    delay: 10
+
+  - name: extract
+    ansible.builtin.unarchive:
+      src: "{{ smokeping_prober_download_path }}"
+      dest: "{{ smokeping_prober_unarchive_dest_path }}"
+      remote_src: true
+
+  - name: install
+    ansible.builtin.copy:
+      src: "{{ smokeping_prober_extracted_path }}/{{ item }}"
+      dest: "{{ smokeping_prober_opt_path }}/{{ item }}"
+      remote_src: true
+    loop: "{{ smokeping_prober_binaries }}"
+  when: not st.stat.exists
+
+- name: permissions
+  ansible.builtin.file:
+    path: "{{ smokeping_prober_opt_path }}/{{ item }}"
+    owner: root
+    group: root
+    mode: 0755
+  loop: "{{ smokeping_prober_binaries }}"
+
+- name: symlink
+  ansible.builtin.file:
+    src: "{{ smokeping_prober_opt_path }}/{{ item }}"
+    dest: "/usr/local/bin/{{ item }}"
+    owner: root
+    group: root
+    mode: 0755
+    state: link
+  loop: "{{ smokeping_prober_binaries }}"
\ No newline at end of file
diff --git a/roles/smokeping_prober/tasks/main.yaml b/roles/smokeping_prober/tasks/main.yaml
new file mode 100644
index 0000000..b13a010
--- /dev/null
+++ b/roles/smokeping_prober/tasks/main.yaml
@@ -0,0 +1,28 @@
+---
+- name: gather os specific variables
+  ansible.builtin.include_vars: "{{ lookup('first_found', params) }}"
+  vars:
+    params:
+      files:
+        - "{{ ansible_distribution }}-{{ ansible_distribution_version }}.yaml"
+        - "{{ ansible_distribution }}.yaml"
+        - "{{ ansible_os_family }}.yaml"
+        - "default.yaml"
+      paths:
+        - vars
+
+- name: include os specific tasks
+  ansible.builtin.include_tasks: "{{ lookup('first_found', params) }}"
+  vars:
+    params:
+      files:
+        - "{{ ansible_distribution }}-{{ ansible_distribution_version }}.yaml"
+        - "{{ ansible_distribution }}.yaml"
+        - "{{ ansible_os_family }}.yaml"
+        - "default.yaml"
+      paths:
+        - tasks
+
+- ansible.builtin.include_tasks: install.yaml
+
+- ansible.builtin.include_tasks: configure.yaml
\ No newline at end of file
diff --git a/roles/smokeping_prober/templates/smokeping_prober.service.j2 b/roles/smokeping_prober/templates/smokeping_prober.service.j2
new file mode 100644
index 0000000..7ef052b
--- /dev/null
+++ b/roles/smokeping_prober/templates/smokeping_prober.service.j2
@@ -0,0 +1,27 @@
+# {{ ansible_managed }}
+
+[Unit]
+Description=Smokeping Prober
+After=network.target
+
+[Service]
+Type=simple
+User={{ smokeping_prober_user }}
+ExecStart={{ smokeping_prober_bin_path }} \
+{% for arg in smokeping_prober_args %}
+  {{ arg }} {% if not loop.last %}\{% endif %}
+{% if loop.last %}
+
+{% endif %}
+{% endfor %}
+
+WorkingDirectory={{ smokeping_prober_var_path }}
+
+TimeoutSec = 60
+Restart=on-failure
+RestartSec=2
+
+AmbientCapabilities=CAP_NET_RAW
+
+[Install]
+WantedBy=multi-user.target
\ No newline at end of file
diff --git a/roles/smokeping_prober/vars/default.yaml b/roles/smokeping_prober/vars/default.yaml
new file mode 100644
index 0000000..e69de29
diff --git a/roles/vector/defaults/main.yaml b/roles/vector/defaults/main.yaml
new file mode 100644
index 0000000..281806a
--- /dev/null
+++ b/roles/vector/defaults/main.yaml
@@ -0,0 +1,34 @@
+---
+vector_package_name: vector
+vector_package_state: present
+
+vector_service_name: vector.service
+vector_service_state: started
+vector_service_enabled: true
+
+vector_user: vector
+vector_group: vector
+
+vector_etc_path: /etc/vector
+
+vector_config_file_mode: 0600
+
+vector_config:
+  api:
+    enabled: true
+
+vector_sources:
+  sources:
+    journald:
+      type: journald
+
+vector_transforms:
+  transforms:
+    {}
+
+vector_sinks:
+  sinks:
+    blackhole:
+      type: blackhole
+      inputs:
+        - journald
\ No newline at end of file
diff --git a/roles/vector/handlers/main.yaml b/roles/vector/handlers/main.yaml
new file mode 100644
index 0000000..0af3ff3
--- /dev/null
+++ b/roles/vector/handlers/main.yaml
@@ -0,0 +1,6 @@
+---
+- name: restart vector
+  ansible.builtin.systemd:
+    name: "{{ vector_service_name }}"
+    daemon_reload: true
+    state: restarted
\ No newline at end of file
diff --git a/roles/vector/tasks/Debian.yaml b/roles/vector/tasks/Debian.yaml
new file mode 100644
index 0000000..d2bb8cd
--- /dev/null
+++ b/roles/vector/tasks/Debian.yaml
@@ -0,0 +1,22 @@
+---
+- name: configure apt repositories
+  block:
+    - name: add repository key
+      ansible.builtin.get_url:
+        url: https://repositories.timber.io/public/vector/gpg.3543DB2D0A2BC4B8.key
+        dest: /etc/apt/keyrings/timber-vector-archive-keyring.asc
+
+    #- name: dearmor GPG key
+    #  ansible.builtin.shell: gpg --dearmor /tmp/timber-vector-archive-keyring.asc --output /etc/apt/keyrings/timber-vector-archive-keyring.gpg
+    #  args:
+    #    creates: /etc/apt/keyrings/timber-vector-archive-keyring.gpg
+
+    - name: add apt repository
+      ansible.builtin.apt_repository:
+        repo: "deb [signed-by=/etc/apt/keyrings/timber-vector-archive-keyring.asc] https://repositories.timber.io/public/vector/deb/ubuntu {{ ansible_distribution_release }} main"
+        state: present
+
+    - name: add apt source repository
+      ansible.builtin.apt_repository:
+        repo: "deb-src [signed-by=/etc/apt/keyrings/timber-vector-archive-keyring.asc] https://repositories.timber.io/public/vector/deb/ubuntu {{ ansible_distribution_release }} main"
+        state: present
\ No newline at end of file
diff --git a/roles/vector/tasks/configure.yaml b/roles/vector/tasks/configure.yaml
new file mode 100644
index 0000000..253a059
--- /dev/null
+++ b/roles/vector/tasks/configure.yaml
@@ -0,0 +1,84 @@
+---
+- name: remove example files
+  ansible.builtin.file:
+    path: "{{ item }}"
+    state: absent
+  loop:
+    - "{{ vector_etc_path }}/vector.toml"
+    - "{{ vector_etc_path }}/examples"
+  notify:
+    - restart vector
+
+- name: configure
+  ansible.builtin.copy:
+    dest: "{{ vector_etc_path }}/vector.yaml"
+    owner: "{{ vector_user }}"
+    group: "{{ vector_group }}"
+    mode: "{{ vector_config_file_mode }}"
+    content: "{{ vector_config | to_yaml }}"
+  notify:
+    - restart vector
+
+- name: configure sources
+  ansible.builtin.copy:
+    dest: "{{ vector_etc_path }}/sources.yaml"
+    owner: "{{ vector_user }}"
+    group: "{{ vector_group }}"
+    mode: "{{ vector_config_file_mode }}"
+    content: "{{ vector_sources | to_yaml }}"
+  notify:
+    - restart vector
+
+- name: configure transforms
+  ansible.builtin.copy:
+    dest: "{{ vector_etc_path }}/transforms.yaml"
+    owner: "{{ vector_user }}"
+    group: "{{ vector_group }}"
+    mode: "{{ vector_config_file_mode }}"
+    content: "{{ vector_transforms | to_yaml }}"
+  notify:
+    - restart vector
+
+- name: configure sinks
+  ansible.builtin.copy:
+    dest: "{{ vector_etc_path }}/sinks.yaml"
+    owner: "{{ vector_user }}"
+    group: "{{ vector_group }}"
+    mode: "{{ vector_config_file_mode }}"
+    content: "{{ vector_sinks | to_yaml }}"
+  notify:
+    - restart vector
+
+- name: systemd unit overrides
+  block:
+    - name: create /etc/systemd/system/vector.service.d
+      ansible.builtin.file:
+        dest: /etc/systemd/system/vector.service.d
+        owner: root
+        group: root
+        mode: 0755
+        state: directory
+    - name: vector systemd unit override
+      ansible.builtin.copy:
+        dest: /etc/systemd/system/vector.service.d/ansible.conf
+        owner: root
+        group: root
+        mode: 0644
+        content: |
+          # Ansible managed
+
+          [Service]
+          Environment=VECTOR_CONFIG="{{ vector_etc_path }}/*.yaml"
+          RuntimeDirectory="vector"
+      notify:
+        - restart vector
+
+- name: flush handlers
+  ansible.builtin.meta: flush_handlers
+
+- name: manage service
+  ansible.builtin.service:
+    name: "{{ vector_service_name }}"
+    state: "{{ vector_service_state }}"
+    enabled: "{{ vector_service_enabled }}"
+  
\ No newline at end of file
diff --git a/roles/vector/tasks/default.yaml b/roles/vector/tasks/default.yaml
new file mode 100644
index 0000000..e69de29
diff --git a/roles/vector/tasks/install.yaml b/roles/vector/tasks/install.yaml
new file mode 100644
index 0000000..59570bb
--- /dev/null
+++ b/roles/vector/tasks/install.yaml
@@ -0,0 +1,5 @@
+---
+- name: install package
+  package:
+    name: "{{ vector_package_name }}"
+    state: "{{ vector_package_state }}"
\ No newline at end of file
diff --git a/roles/vector/tasks/main.yaml b/roles/vector/tasks/main.yaml
new file mode 100644
index 0000000..cd3a0b2
--- /dev/null
+++ b/roles/vector/tasks/main.yaml
@@ -0,0 +1,28 @@
+---
+- name: gather os specific variables
+  ansible.builtin.include_vars: "{{ lookup('first_found', params) }}"
+  vars:
+    params:
+      files:
+        - "{{ ansible_distribution }}-{{ ansible_distribution_version }}.yaml"
+        - "{{ ansible_distribution }}.yaml"
+        - "{{ ansible_os_family }}.yaml"
+        - default.yaml
+      paths:
+        - vars
+
+- name: include os specific tasks
+  ansible.builtin.include_tasks: "{{ lookup('first_found', params) }}"
+  vars:
+    params:
+      files:
+        - "{{ ansible_distribution }}-{{ ansible_distribution_version }}.yaml"
+        - "{{ ansible_distribution }}.yaml"
+        - "{{ ansible_os_family }}.yaml"
+        - default.yaml
+      paths:
+        - tasks
+
+- include_tasks: install.yaml
+
+- include_tasks: configure.yaml
diff --git a/roles/vector/vars/default.yaml b/roles/vector/vars/default.yaml
new file mode 100644
index 0000000..e69de29