Add monitoring role

2023-09-24 15:26:04 +02:00 · 2023-09-24 15:26:04 +02:00 · d06406c9f4
commit d06406c9f4
parent dca17d5750
17 changed files with 539 additions and 0 deletions
--- a/roles/monitoring/tasks/main.yaml
+++ b/roles/monitoring/tasks/main.yaml
@ -0,0 +1,66 @@
+---
+- name: monitoring
+  tags: monitoring
+  block:
+    - name: Install dependencies
+      apt:
+        name: nginx
+        state: present
+
+    - name: Clear default nginx site
+      file:
+        state: absent
+        path: /etc/nginx/sites-enabled/default
+      notify: reload nginx
+
+    - name: Install nginx site
+      template:
+        src: nginx-site.conf
+        dest: /etc/nginx/sites-available/monitoring
+        owner: root
+        group: root
+        mode: 0644
+      notify: reload nginx
+
+    - name: Enable nginx site
+      file:
+        src: /etc/nginx/sites-available/monitoring
+        dest: /etc/nginx/sites-enabled/monitoring
+        state: link
+      notify: reload nginx
+
+    - name: Start nginx
+      systemd:
+        name: nginx
+        state: started
+        enabled: yes
+
+    - name: Allow HTTP/HTTPS
+      iptables:
+        chain: INPUT
+        protocol: tcp
+        destination_port: "{{ item.port }}"
+        ctstate: NEW
+        jump: ACCEPT
+        ip_version: "{{ item.ip }}"
+        action: insert
+      with_items:
+        - { ip: ipv6, port: 80 }
+        - { ip: ipv6, port: 443 }
+      notify: persist iptables
+
+- name: mqtt_exporter
+  tags: mqtt_exporter
+  import_tasks: mqtt_exporter.yaml
+
+- name: blackbox
+  tags: blackbox
+  import_tasks: blackbox.yaml
+
+- name: prometheus
+  tags: prometheus
+  import_tasks: prometheus.yaml
+
+- name: grafana
+  tags: grafana
+  import_tasks: grafana.yaml