diff --git a/roles/grafana/defaults/main.yaml b/roles/grafana/defaults/main.yaml new file mode 100644 index 0000000..b8d18d3 --- /dev/null +++ b/roles/grafana/defaults/main.yaml @@ -0,0 +1,23 @@ +--- +grafana_package_version: +grafana_package_name: "grafana{{grafana_package_version}}" +grafana_package_state: present + +grafana_service_name: grafana-server.service +grafana_service_state: started +grafana_service_enabled: yes + +grafana_etc_path: /etc/grafana +grafana_config_path: "{{ grafana_etc_path }}/grafana.ini" + +grafana_domain: "stats.{{ ansible_domain }}" +grafana_port: "stats.{{ ansible_domain }}" +grafana_user: grafana +grafana_group: grafana + +grafana_config: + server: + domain: "{{ grafana_domain }}" + root_url: "https://{{ grafana_domain }}" + http_addr: localhost + http_port: "{{ grafana_port }}" diff --git a/roles/grafana/handlers/main.yaml b/roles/grafana/handlers/main.yaml new file mode 100644 index 0000000..70d7a08 --- /dev/null +++ b/roles/grafana/handlers/main.yaml @@ -0,0 +1,11 @@ +--- +- name: grafana daemon-reload + systemd: + name: "{{ grafana_service_name }}" + daemon_reload: yes + state: restarted + +- name: restart grafana + service: + name: "{{ grafana_service_name }}" + state: restarted diff --git a/roles/grafana/tasks/Debian.yaml b/roles/grafana/tasks/Debian.yaml new file mode 100644 index 0000000..e668036 --- /dev/null +++ b/roles/grafana/tasks/Debian.yaml @@ -0,0 +1,12 @@ +--- +- name: add grafana apt key + apt_key: + url: https://packages.grafana.com/gpg.key + state: present + +- name: configure apt repository + apt_repository: + repo: "deb https://packages.grafana.com/oss/deb stable main" + filename: influxdb + update_cache: yes + state: present diff --git a/roles/grafana/tasks/main.yaml b/roles/grafana/tasks/main.yaml new file mode 100644 index 0000000..39f7603 --- /dev/null +++ b/roles/grafana/tasks/main.yaml @@ -0,0 +1,55 @@ +--- +- name: gather os specific variables + include_vars: "{{ lookup('first_found', possible_files) }}" + vars: + possible_files: + files: + - "{{ ansible_distribution }}-{{ ansible_distribution_version }}.yaml" + - "{{ ansible_distribution }}.yaml" + - "{{ ansible_os_family }}.yaml" + - "default.yaml" + paths: + - vars + +- name: include os specific tasks + include_tasks: "{{ lookup('first_found', possible_files) }}" + vars: + possible_files: + files: + - "{{ ansible_distribution }}-{{ ansible_distribution_version }}.yaml" + - "{{ ansible_distribution }}.yaml" + - "{{ ansible_os_family }}.yaml" + - "default.yaml" + paths: + - tasks + +- name: install package + package: + name: "{{ grafana_package_name }}" + state: "{{ grafana_package_state }}" + +- name: "create {{ grafana_etc_path }}" + file: + path: "{{ grafana_etc_path }}" + owner: root + group: root + mode: 0755 + +- name: configure + template: + src: grafana.ini.j2 + dest: "{{ grafana_config_path }}" + owner: root + group: "{{ grafana_group }}" + mode: 0640 + notify: restart grafana + +- name: manage service + service: + name: "{{ grafana_service_name }}" + state: "{{ grafana_service_state }}" + enabled: "{{ grafana_service_enabled }}" + +- name: configure nginx + include: nginx.yaml + when: "'nginx' in ansible_play_role_names" diff --git a/roles/grafana/tasks/nginx.yaml b/roles/grafana/tasks/nginx.yaml new file mode 100644 index 0000000..61bdf37 --- /dev/null +++ b/roles/grafana/tasks/nginx.yaml @@ -0,0 +1,17 @@ +- name: configure nginx + template: + src: nginx.conf.j2 + dest: /etc/nginx/sites-available/grafana + owner: root + group: root + mode: 0644 + notify: reload nginx + +- name: activate site + file: + src: /etc/nginx/sites-available/grafana + dest: /etc/nginx/sites-enabled/grafana + owner: root + group: root + state: link + notify: reload nginx diff --git a/roles/grafana/templates/grafana.ini.j2 b/roles/grafana/templates/grafana.ini.j2 new file mode 100644 index 0000000..7583f15 --- /dev/null +++ b/roles/grafana/templates/grafana.ini.j2 @@ -0,0 +1,22 @@ +{%- macro ini_scalar(v) -%} +{% if v is sameas True or v is sameas False %} +{{ v | bool | lower }}{% if seq %},{% endif %} +{% elif v is sameas None %} +{{ "" }} +{% else %} +{{ v }} +{%- endif %} +{%- endmacro -%} + +{%- macro render_config(config = {}) -%} +{% for s, sc in config.items() | default({}) %} +[{{ s }}] +{% for k, v in sc.items() | default({}) %} +{{ k }} = {{ ini_scalar(v) }} +{% endfor %} +{% endfor %} +{%- endmacro -%} + +# {{ ansible_managed }} + +{{ render_config(grafana_config) }} diff --git a/roles/grafana/templates/nginx.conf.j2 b/roles/grafana/templates/nginx.conf.j2 new file mode 100644 index 0000000..2fec607 --- /dev/null +++ b/roles/grafana/templates/nginx.conf.j2 @@ -0,0 +1,44 @@ +server { + listen 80; +{% if ansible_all_ipv6_addresses | length %} + listen [::]:80; +{% endif %} + server_name {{ grafana_domain }}; + + location /.well-known/acme-challenge/ { + root /var/www/.acme-challenge; + try_files $uri =404; + } + +{% if grafana_ssl_enabled is defined and + grafana_ssl_enabled %} + location / { + return 301 https://$server_name$request_uri; + } +{% endif %} +} + +{% if grafana_ssl_enabled is defined and + grafana_ssl_enabled %} +server { + listen 443 ssl; +{% if ansible_all_ipv6_addresses | length %} + listen [::]:443 ssl; +{% endif %} + server_name {{ grafana_domain }}; + +{% if grafana_ssl_certificate is defined %} + ssl_certificate {{ grafana_ssl_certificate }}; +{% endif %} +{% if grafana_ssl_certificate_key is defined %} + ssl_certificate_key {{ grafana_ssl_certificate_key }}; +{% endif %} +{% if grafana_ssl_dhparam is defined %} + ssl_dhparam {{ grafana_ssl_dhparam }}; +{% endif %} + + location / { + proxy_pass http://localhost:{{ grafana_port }}; + } +} +{% endif %} diff --git a/roles/grafana/vars/default.yaml b/roles/grafana/vars/default.yaml new file mode 100644 index 0000000..ed97d53 --- /dev/null +++ b/roles/grafana/vars/default.yaml @@ -0,0 +1 @@ +---