Erstelle Grafana-Rolle

2022-12-27 10:43:32 +01:00 · 2022-12-27 10:43:32 +01:00 · 9ecb9985fb
commit 9ecb9985fb
16 changed files with 258 additions and 0 deletions
--- a/tasks/database.yml
+++ b/tasks/database.yml
@ -0,0 +1,14 @@
+---
+- name: "database | Erstelle Datenbank"
+  ansible.builtin.mysql_db:
+    name: "{{ grafana_db }}"
+    login_unix_socket: "{{ mysql_socket }}"
+    login_user: root
+
+- name: "database | Erstelle Datenbank-Nutzer"
+  ansible.builtin.mysql_user:
+    name: "{{ grafana_db_user }}"
+    password: "{{ grafana_db_password }}"
+    priv: "{{ grafana_db }}.*:ALL"
+    login_unix_socket: "{{ mysql_socket }}"
+    login_user: root
--- a/tasks/grafana.yml
+++ b/tasks/grafana.yml
@ -0,0 +1,29 @@
+---
+- name: "grafana | Erzeuge Grafana-Konfiguration"
+  ansible.builtin.template:
+    src: grafana.ini
+    dest: /etc/grafana/grafana.ini
+    mode: 0640
+  notify: restart grafana
+
+- name: "grafana | Aktiviere Monit-Ueberwachung"
+  ansible.builtin.copy:
+    src: "{{ item }}.monit"
+    dest: "/etc/monit/conf-enabled/{{ item }}"
+    mode: 0644
+  notify: reload monit
+  loop:
+    - grafana
+    - influxdb
+
+- name: "grafana | fail2ban-Konfiguration kopieren"
+  ansible.builtin.copy:
+    src: "fail2ban/{{ item.src }}"
+    dest: "/etc/fail2ban/{{ item.dest }}"
+    mode: 0644
+  loop:
+    - src: jail.conf
+      dest: jail.d/grafana.conf
+    - src: filter.conf
+      dest: filter.d/grafana.conf
+  notify: reload fail2ban
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -0,0 +1,12 @@
+---
+- import_tasks: packages.yml
+  tags: packages
+
+- import_tasks: database.yml
+  delegate_to: "{{ database_host }}"
+
+- import_tasks: grafana.yml
+  tags: grafana
+
+- import_tasks: webserver.yml
+  tags: webserver
--- a/tasks/packages.yml
+++ b/tasks/packages.yml
@ -0,0 +1,18 @@
+---
+- name: "packages | Fuege apt-key hinzu"
+  ansible.builtin.apt_key:
+    url: https://packages.grafana.com/gpg.key
+
+- name: "packages | Fuege deb-Repository hinzu"
+  ansible.builtin.apt_repository:
+    repo: deb https://packages.grafana.com/oss/deb stable main
+    filename: grafana
+
+- name: "packages | Installiere Grafana"
+  ansible.builtin.apt:
+    name: grafana
+
+- name: "packages | Installiere chromium"
+  ansible.builtin.apt:
+    name: chromium
+    install_recommends: false
--- a/tasks/webserver.yml
+++ b/tasks/webserver.yml
@ -0,0 +1,16 @@
+---
+- name: "webserver | Erzeuge Letsencrypt-Zertifikat"
+  ansible.builtin.lineinfile:
+    path: /etc/dehydrated/domains.txt
+    line: "{{ grafana.domain }}"
+  notify: get certificate
+
+- name: "webserver | Grafana-Seitenkonfigurationen kopieren"
+  ansible.builtin.template:
+    src: apache2-site.conf
+    dest: "/etc/apache2/sites-available/{{ grafana.domain }}.conf"
+    mode: 0644
+
+- name: "webserver | Grafana-Seitenkonfiguration aktivieren"
+  ansible.builtin.command: "a2ensite {{ grafana.domain }}"
+  notify: reload apache2