chore(release): 1.1.2

Restart always grafana and influxdb.

CHANGELOG.md

@@ -2,6 +2,24 @@
 
 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
 
+### [1.1.2](https://git.laurivan.com/Dev/ansible-role-grafana/compare/v1.1.1...v1.1.2) (2023-04-12)
+
+### [1.1.1](https://git.laurivan.com/Dev/ansible-role-grafana/compare/v1.1.0...v1.1.1) (2023-04-03)
+
+
+### Bug Fixes
+
+* Restart always ([9394bbd](https://git.laurivan.com/Dev/ansible-role-grafana/commit/9394bbd4cc7603392433eea9e9d6a5f38ad27120))
+
+## [1.1.0](https://git.laurivan.com/Dev/ansible-role-grafana/compare/v1.0.1...v1.1.0) (2022-12-19)
+
+
+### Bug Fixes
+
+* Add custom ports. ([9588a0e](https://git.laurivan.com/Dev/ansible-role-grafana/commit/9588a0e9a238dcf45b0081c8ad492bc10f69b783))
+
+### [1.0.1](https://git.laurivan.com/Dev/ansible-role-grafana/compare/v1.0.0...v1.0.1) (2022-12-19)
+
 ## 1.0.0 (2022-12-19)
 
 

README.md

@@ -1,6 +1,6 @@
 # laurivan.grafana
 
-This role installs Grafana via Docker.
+This role installs Grafana, InfluxDB and Prometheus via Docker.
 
 ## Requirements
 
@@ -10,164 +10,72 @@ None
 
 All variables are listed below (see also `defaults/main.yml`).
 
-### Grafana Core Variables
+### Paths and Volumes
 
-Grafana requires a couple of secrets for data encryption:
+All paths are by default defined as relative to `grafana_volume_base`:
 
 ```yml
-grafana_secret_key: 'changeme'
-grafana_utils_secret: 'changeme'
+grafana_volume_base: "/mnt/data/grafana"
+grafana_setup_path: "{{ grafana_volume_base }}/config"
+grafana_volume_grafana: "{{ grafana_volume_base }}/grafana"
+grafana_volume_influxdb: "{{ grafana_volume_base }}/influxdb"
+grafana_volume_prometheus: "{{ grafana_volume_base }}/prometheus"
 ```
 
-You also need to specify the deployment type. Usually it's `production`
+You can however define specific volumes for the individual items:
+
+- `grafana_setup_path` - where the Docker compose files are placed
+- `grafana_volume_grafana` - volume for the grafana docker container
+- `grafana_volume_influxdb` - volume for InfluxDB
+- `grafana_volume_prometheus` - volume for Prometheus.io
+
+### InfluxDB
+
+We define the following variables for InfluxDB:
 
 ```yml
-grafana_deployment: ''
+influxdb:
+  username: influxdb
+  password: change_me
+  org: example.com
+  bucket: my_bucket
+  admin_token: change_me
 ```
 
-You also need to define how you access grafana:
+### Prometheus
 
-- `grafana_port` is the port mapping in Docker. Grafana runs at port 3000, which is alos the default
-- `grafana_url` is the public URL where we see Grafana. If you use reverse proxy mapping, put the URL of the reverse proxy (in my case *[this one](https://wiki.home.laurivan.com)*).
-- `grafana_force_https` will run with HTTPS if true. you can define it as *false* If you're behind a proxy or you don't have a certificate. It defaults to `false`.
-- `grafana_enable_updates` will enable updates if true. Please read [the documentation](https://app.getgrafana.com/s/770a97da-13e5-401e-9f8a-37949c19f97e/) for what this implies (e.g. telemetry)
-- Define `grafana_cdn_url` if you have a CDN. Defaults to *empty*
-
-**Note**: `grafana_url` will define the authentication redirect url for e.g. authentik
-
-You can define which debug messages to be logged via `grafana_debug`.
-
-### Storage
-
-Following values are defined for the docker-compose:
+We define Prometheus variables:
 
 ```yml
-grafana_volume_base: "/mnt/grafana"
-grafana_setup_path: '{{ grafana_volume_base }}/config'
-grafana_volume_redis: "{{ grafana_volume_base }}/redis"
-grafana_volume_db: "{{ grafana_volume_base }}/db"
-grafana_volume_s3: "{{ grafana_volume_base }}/s3"
+prometheus_port: "9090"
+
+grafana_prometheus_project: my-project
+grafana_prometheus_job_name: prometheus
+grafana_prometheus_scrape_interval: '120s'
+grafana_prometheus_targets:
+  - "10.0.0.35:9100"
+  - "10.0.0.35:8080"
 ```
 
-Please note that `grafana_volume_db` and `grafana_volume_s3` are actually created only if local posstgres and fake_s3 containers are created by configuration below.
+The targets are locations (ip address + port) where Prometheus polls for new data. This can be [cadvisor](https://github.com/google/cadvisor) or [node exporter](https://github.com/prometheus/node_exporter) for example.
 
-You can specify a logo too via `grafana_team_logo_url`. By default this is empty.
+**Note**: Prometheus should be an internal service (i.e., empty `prometheus_port`). Hence, it doesn't have any security in place.
 
-You can also change the default language via `grafana_language`. The role defaults the language to *en_US*.
+### Grafana
 
-### Authentication
-
-Grafana authentication can happen via:
-
-- OIDC
-- Google authentication
-- Slack
-
-You need to define at least one of them.
-
-#### OIDC
-
-OIDC parameters are
+We also define several variables for grafana
 
 ```yml
-oidc_client_id:
-oidc_client_secret:
-oidc_auth_uri:
-oidc_token_uri:
-oidc_userinfo_uri:
+grafana:
+  username: changeme
+  password: changeme
 ```
 
-Your authentication app should provide you all the above. I use something along the lines:
+Just in case, you can override the user/group for grafana via:
 
 ```yml
-oidc_client_id: "changeme"
-oidc_client_secret: "changeme"
-oidc_auth_uri: "https://sso.laurivan.com/application/o/authorize/"
-oidc_token_uri: "https://sso.laurivan.com/application/o/token/"
-oidc_userinfo_uri: "https://sso.laurivan.com/application/o/userinfo/"
-oidc_username_claim: "preferred_username"
-```
-
-**Note**: you will probably need to provide the redirect URL to the authentication application. For Authentik, you can find it in the **Provider** for the specific application.
-
-#### Google ID
-
-You need to define:
-
-```yml
-grafana_google_client_id:
-grafana_google_client_secret:
-```
-
-#### Slack
-
-You need to define
-
-```yml
-grafana_slack_client_id:
-grafana_slack_client_secret:
-```
-
-### Database
-
-You need to assign a database to Grafana. This role allows you to launch Postgres in a container via:
-
-```yml
-grafana_db_schema: "postgres"
-grafana_db_host: "postgres"
-grafana_db_port: "5432"
-grafana_db_user: "postgres"
-grafana_db_password: "changeme"
-grafana_db: "grafana"
-```
-
-If the db_host is not "postgres", then we assume the db is external and not spin up the docker container.
-
-By default, PostgreSQL is not secured. If you have a secure database instance, set the `grafana_db_ssl` variable to "enable".
-
-### S3
-
-We define the following variables:
-
-```yml
-grafana_fake_s3: true
-grafana_fake_s3_port: 4569
-grafana_aws_access_key_id:
-grafana_aws_secret_access_key:
-grafana_aws_region:
-grafana_aws_s3_upload_bucket_url: "http://s3:4569"
-grafana_aws_s3_upload_bucket_name: grafana-bucket
-grafana_aws_s3_upload_max_size: "26214400"
-grafana_aws_s3_force_path_style: "true"
-grafana_aws_s3_acl: "private"
-```
-
-You need S3 (or S3-like) storage for e.g. uploaded files. By default, the role spins up the fake S3 only if `fake_s3` variable is true.
-
-I use [MinIO](https://min.io/) with something like:
-
-```yml
-grafana_fake_s3: ""
-grafana_aws_access_key_id: "change me"
-grafana_aws_secret_access_key: "change me"
-grafana_aws_region: "my-rack"
-grafana_aws_s3_upload_bucket_url: "http://minio,example.com:9000"
-grafana_aws_s3_upload_max_size: "26214400"
-grafana_aws_s3_force_path_style: "true"
-grafana_aws_s3_acl: "private"
-```
-
-### Email
-
-Grafana can send notification emails if you set up the SMTP variables:
-
-```yml
-grafana_smtp_host:
-grafana_smtp_port:
-grafana_smtp_username:
-grafana_smtp_password:
-grafana_smtp_from_email:
-grafana_smtp_reply_email:
+grafana_uid:
+grafana_gid:
 ```
 
 ## Dependencies

defaults/main.yml

@@ -7,15 +7,33 @@ influxdb:
   org: example.com
   bucket: my_bucket
   admin_token: change_me
+  port: "8086"
 
 grafana:
   username: changeme
   password: changeme
+  port: "3001"
 
+prometheus_port: "9090"
+
+# Grafana and InfluxDB volumes
+#
 grafana_volume_base: "/mnt/grafana"
 grafana_setup_path: "{{ grafana_volume_base }}/config"
 grafana_volume_grafana: "{{ grafana_volume_base }}/grafana"
 grafana_volume_influxdb: "{{ grafana_volume_base }}/influxdb"
 
-grafana_uid:
-grafana_gid:
+# Prometheus volumes
+#
+grafana_volume_prometheus: "{{ grafana_volume_base }}/prometheus"
+
+grafana_prometheus_project: my-project
+grafana_prometheus_job_name: prometheus
+grafana_prometheus_scrape_interval: '120s'
+grafana_prometheus_targets:
+  - "10.0.0.35:9100"
+  - "10.0.0.35:8080"
+  
+
+grafana_uid: "472"
+grafana_gid: "0"

molecule/default/molecule.yml

@@ -16,6 +16,7 @@ platforms:
     volumes:
       - /sys/fs/cgroup:/sys/fs/cgroup:ro
       - /var/run/docker.sock:/tmp/docker_mounted.sock
+      - /mnt:/mnt
     privileged: true
     pre_build_image: true
 provisioner:

tasks/config.yml

@@ -0,0 +1,96 @@
+---
+
+- name: GRAFANA | Set up main directory
+  ansible.builtin.file:
+    state: directory
+    path: "{{ item }}"
+    owner: "{{ ansible_effective_user_id }}"
+    group: "{{ ansible_effective_group_id }}"
+    mode: "0750"
+  with_items:
+    - "{{ grafana_setup_path | expanduser | realpath }}/grafana-provisioning/"
+    - "{{ grafana_setup_path | expanduser | realpath }}/grafana-provisioning/datasources/"
+  tags:
+    - configuration
+  become: true
+
+- name: GRAFANA | Set up prometheus configuration directory
+  ansible.builtin.file:
+    state: directory
+    path: "{{ item }}"
+    owner: "{{ ansible_effective_user_id }}"
+    group: "{{ ansible_effective_group_id }}"
+    mode: "0755"
+  with_items:
+    - "{{ grafana_setup_path | expanduser | realpath }}/prometheus/"
+  tags:
+    - configuration
+  become: true
+
+- name: GRAFANA | Set up prometheus data directory
+  ansible.builtin.file:
+    state: directory
+    path: "{{ item }}"
+    owner: "{{ ansible_effective_user_id }}"
+    group: "{{ ansible_effective_group_id }}"
+    mode: "0777"
+  with_items:
+    - "{{ grafana_volume_prometheus | expanduser | realpath }}"
+  tags:
+    - configuration
+  become: true
+
+- name: GRAFANA | Set up influxdb mount point
+  ansible.builtin.file:
+    state: directory
+    path: "{{ item }}"
+    mode: "0750"
+  with_items:
+    - "{{ grafana_volume_influxdb | expanduser | realpath }}"
+  tags:
+    - configuration
+  become: true
+
+- name: GRAFANA | Set up grafana mount point
+  ansible.builtin.file:
+    state: directory
+    path: "{{ item }}"
+    owner: "{% if grafana_uid %}{{ grafana_uid }}{% else %}{{ ansible_effective_user_id }}{% endif %}"
+    group: "{% if grafana_gid %}{{ grafana_gid }}{% else %}{{ ansible_effective_group_id }}{% endif %}"
+    mode: "0777"
+  with_items:
+    - "{{ grafana_volume_grafana | expanduser | realpath }}"
+    - "{{ grafana_volume_grafana | expanduser | realpath }}/plugins"
+  tags:
+    - configuration
+  become: true
+
+- name: GRAFANA | Write docker-compose configuration files
+  ansible.builtin.template:
+    src: "{{ item }}.j2"
+    dest: "{{ grafana_setup_path | expanduser | realpath }}/{{ item }}"
+    mode: '0640'
+  loop:
+    - "docker-compose.yml"
+    - "env.grafana.conf"
+    - "env.influxdb.conf"
+  tags:
+    - configuration
+
+- name: GRAFANA | Write InfluxDB provisioning files
+  ansible.builtin.template:
+    src: "grafana-provisioning/datasources/{{ item }}.j2"
+    dest: "{{ grafana_setup_path | expanduser | realpath }}/grafana-provisioning/datasources/{{ item }}"
+    mode: '0640'
+  loop:
+    - "datasource.yml"
+  tags:
+    - configuration
+
+- name: GRAFANA | Write Prometheus configuration
+  ansible.builtin.template:
+    src: "prometheus-provisioning/prometheus.yml.j2"
+    dest: "{{ grafana_setup_path | expanduser | realpath }}/prometheus/prometheus.yml"
+    mode: '0644'
+  tags:
+    - configuration

tasks/install.yml

@@ -0,0 +1,7 @@
+---
+
+- name: Ensure all requested components are running.
+  community.docker.docker_compose:
+    project_src: "{{ grafana_setup_path | expanduser | realpath }}"
+    build: false
+  become: true

tasks/main.yml

@@ -1,73 +1,14 @@
 ---
 # tasks file for grafana
-- name: Set up main directory
-  ansible.builtin.file:
-    state: directory
-    path: "{{ item }}"
-    owner: "{{ ansible_effective_user_id }}"
-    group: "{{ ansible_effective_group_id }}"
-    mode: "0750"
-  with_items:
-    - "{{ grafana_setup_path | expanduser | realpath }}/grafana-provisioning/"
-    - "{{ grafana_setup_path | expanduser | realpath }}/grafana-provisioning/datasources/"
+
+- name: "GRAFANA | Configure"
+  import_tasks: config.yml
   tags:
-    - configuration
-  become: true
+    - configure
+    - grafana
 
-- name: Set up influxdb mount point
-  ansible.builtin.file:
-    state: directory
-    path: "{{ item }}"
-    owner: "{% if grafana_uid %}{{ grafana_uid }}{% else %}{{ ansible_effective_user_id }}{% endif %}"
-    group: "{% if grafana_gid %}{{ grafana_gid }}{% else %}{{ ansible_effective_group_id }}{% endif %}"
-    mode: "0750"
-  with_items:
-    - "{{ grafana_volume_influxdb | expanduser | realpath }}"
+- name: "GRAFANA | Install"
+  import_tasks: install.yml
   tags:
-    - configuration
-  become: true
-
-- name: Set up grafana mount point
-  ansible.builtin.file:
-    state: directory
-    path: "{{ item }}"
-    # owner: "{% if grafana_uid %}{{ grafana_uid }}{% else %}{{ ansible_effective_user_id }}{% endif %}"
-    # group: "{% if grafana_gid %}{{ grafana_gid }}{% else %}{{ ansible_effective_group_id }}{% endif %}"
-    owner: "472"
-    group: "0"
-    mode: "0777"
-  with_items:
-    - "{{ grafana_volume_grafana | expanduser | realpath }}"
-    - "{{ grafana_volume_grafana | expanduser | realpath }}/plugins"
-  tags:
-    - configuration
-  become: true
-
-- name: Write configuration files
-  ansible.builtin.template:
-    src: "{{ item }}.j2"
-    dest: "{{ grafana_setup_path | expanduser | realpath }}/{{ item }}"
-    mode: '0640'
-  loop:
-    - "docker-compose.yml"
-    - "env.grafana.conf"
-    - "env.influxdb.conf"
-  tags:
-    - configuration
-
-- name: Write datasource provisioning files
-  ansible.builtin.template:
-    src: "grafana-provisioning/datasources/{{ item }}.j2"
-    dest: "{{ grafana_setup_path | expanduser | realpath }}/grafana-provisioning/datasources/{{ item }}"
-    mode: '0640'
-  loop:
-    - "datasource.yml"
-  tags:
-    - configuration
-
-
-- name: Ensure all requested components are running.
-  community.docker.docker_compose:
-    project_src: "{{ grafana_setup_path | expanduser | realpath }}"
-    build: false
-  become: true
+    - install
+    - grafana

templates/docker-compose.yml.j2

@@ -1,9 +1,24 @@
 version: '3.9'
 services:
+  prometheus:
+    image: prom/prometheus:latest
+    container_name: monitoring_prometheus
+    restart: unless-stopped
+    volumes:
+      - '{{ grafana_setup_path | expanduser | realpath }}/prometheus:/etc/prometheus'
+      - '{{ grafana_volume_prometheus | expanduser | realpath }}:/prometheus'
+    ports:
+      {% if prometheus_port is defined %}- "{{ prometheus_port }}:9090"{% endif %}
+      
+    networks:
+      - grafana
+
   influxdb:
     image: influxdb:latest
+    container_name: monitoring_influxdb
+    restart: always
     ports:
-      - '8086:8086'
+      - '{{ influxdb.port }}:8086'
     volumes:
       - "{{ grafana_volume_influxdb | expanduser | realpath }}:/var/lib/influxdb"
     env_file:
@@ -13,21 +28,20 @@ services:
 
   grafana:
     image: grafana/grafana-oss:latest
+    container_name: monitoring_grafana
+    restart: always
     ports:
-      - '3001:3000'
+      - '{{ grafana.port }}:3000'
     volumes:
       # - "{{ grafana_volume_grafana | expanduser | realpath }}:/var/lib/grafana"
       - "{{ grafana_setup_path | expanduser | realpath }}/grafana-provisioning/:/etc/grafana/provisioning/"
     depends_on:
       - influxdb
+      - prometheus
     env_file:
       - "{{ grafana_setup_path | expanduser | realpath }}/env.grafana.conf"
     networks:
       - grafana
 
-# Run as user:
-#     owner: "{% if grafana_uid %}{{ grafana_uid }}{% else %}{{ ansible_effective_user_id }}{% endif %}"
-#     group: "{% if grafana_gid %}{{ grafana_gid }}{% else %}{{ ansible_effective_group_id }}{% endif %}"
-
 networks:
   grafana: {}

templates/grafana-provisioning/datasources/datasource.yml.j2

@@ -1,4 +1,4 @@
- lines (14 sloc) 345 Bytes
+---
 apiVersion: 1
 datasources:
   - name: InfluxDB

templates/prometheus-provisioning/prometheus.yml.j2

@@ -0,0 +1,36 @@
+# my global config
+global:
+  scrape_interval:     120s # By default, scrape targets every 15 seconds.
+  evaluation_interval: 120s # By default, scrape targets every 15 seconds.
+  # scrape_timeout is set to the global default (10s).
+
+  # Attach these labels to any time series or alerts when communicating with
+  # external systems (federation, remote storage, Alertmanager).
+  external_labels:
+      monitor: "{{ grafana_prometheus_project }}"
+
+# Load and evaluate rules in this file every 'evaluation_interval' seconds.
+rule_files:
+  # - "alert.rules"
+  # - "first.rules"
+  # - "second.rules"
+
+# A scrape configuration containing exactly one endpoint to scrape:
+# Here it's Prometheus itself.
+scrape_configs:
+  # The job name is added as a label `job=<job_name>` to any timeseries scraped from this config.
+  - job_name: "{{ grafana_prometheus_job_name }}"
+
+    # Override the global default and scrape targets from this job every 5 seconds.
+    scrape_interval: "{{ grafana_prometheus_scrape_interval }}"
+
+    # metrics_path defaults to '/metrics'
+    # scheme defaults to 'http'.
+
+    static_configs:
+      - targets:
+        - 'localhost:9090'
+        {% for target in grafana_prometheus_targets %}
+- "{{ target }}""
+        {% endfor %}
+        

vars/main.yml

@@ -1,2 +1,2 @@
 ---
-# vars file for grafana
+# vars file for grafana