summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--chaos-at-home/host_vars/ch-mon.yml44
-rw-r--r--inventory/host_vars/ch-mon.yml2
-rw-r--r--roles/monitoring/grafana/defaults/main.yml13
-rw-r--r--roles/monitoring/grafana/filter_plugins/grafana.py32
-rw-r--r--roles/monitoring/grafana/tasks/main.yml3
-rw-r--r--roles/monitoring/grafana/tasks/users.yml36
6 files changed, 109 insertions, 21 deletions
diff --git a/chaos-at-home/host_vars/ch-mon.yml b/chaos-at-home/host_vars/ch-mon.yml
index f99a65e0..96c4c285 100644
--- a/chaos-at-home/host_vars/ch-mon.yml
+++ b/chaos-at-home/host_vars/ch-mon.yml
@@ -1,22 +1,24 @@
$ANSIBLE_VAULT;1.2;AES256;chaos-at-home
-31316166643039636238636530353563653637663735623261333138313938343833323737653563
-3935356464616163316464666562323536393034663963630a613932333038353761616531323666
-62633962666239626264656363323366663662356539623266336164663831613361326362326261
-6232613933303830610a363865383265336166346165613432316231666537386437313934323732
-39663166303662333763306536666561376136373638656362306234373136633837626265343162
-34376633306335383861373033343235316334663636633931656535373465613936333434666661
-38366666653665626133663439636332623131623532333537313835636230366261646361626136
-35313961316363656438373539383536623630343139343936306537666461616136613030356434
-30346231373861363939656430653236353864346133663363666636343536376133643538363235
-65633461363132613936316264333332383138653636613438396230343466656662643131356432
-36353731353336323361306132636338373831303932366432333434313438653930613939346366
-33663465633662633933303239633332633465326532363530373165346165656461656438393935
-66366166346230386535363435333632333130633532323336633834326535346338393830633534
-34393461326137663132663466613433623663333135386635363364333838626663303966326465
-64333136313035366362363965333633646634313364383730663934623533353163313033333864
-64643935663162616163643939386335336537663666666165663830353334353632613430386639
-33656231373362666331373038316631343030383335373538396430353732623036653366323062
-39386236333632316330343232363065613465663562623065376133373230313634383732623534
-34626436653435303733656561633638316264616334616463323031383734383230636632323234
-36366636363531306239373763656261346338393635666138313939613231363238303839383734
-66623537656235343563656335383438646636306533363836636665636335623164
+65383763373634393962376161393736376237393739343163323137353139623336313561356230
+6631343766386232636464383333623539666465346130640a343235623237623561356664316365
+38613035306664383438376535386437376365623435633638303834653362303935333431633833
+3366646538633830360a666362336161373539366264353733323163386566633163643931386432
+33393135353563343132323931333335613437333330626261616139386433383432363434633033
+61353431366432613164663036643730376663373762643031333435303638653065376165623239
+31643464323531626664316330373130346139623561373539333839646132306161303064356633
+65636135396436663931313637643963636336333132353233626661636564323666636432613666
+61373661306133363765356531373666313836383334616361656131313033326436633036623766
+30373366636563303536303964363538346432353230343037643563656365613330323036353565
+61656537643531373530613035636365306533653462303965353530653838353365393139383632
+38626465326165616433383639623162636331346331393738653464623861646165313431363463
+64663231346261323039353930326234343236313338323561646432613835363334353737306333
+30383035306431336266386535643066313062626333666464313136333363633530663838326664
+65346466616631663138626136626263666637323335323238613232306235363532396638646535
+63323836363735333630663330383537343731333865396337336661356237623737643565373431
+33626633323034663538653837663432386635363734363136303533663964363936353937613235
+36353662383362386633313565643430343764353562373132636638393834356631616664613233
+64363330323564666462343532323335306534643832643930626132303539383635643133633435
+30303664636139316333326164383131306234666230646661616438323432653264313733363237
+61313433386165396466653738393363653365363930353264613061656664393131396363343230
+30353966336662313236396233636436356366636633376437343937333561353661343737343738
+386131363034363236356466313463313635
diff --git a/inventory/host_vars/ch-mon.yml b/inventory/host_vars/ch-mon.yml
index 65ce9f5f..5d9ddfba 100644
--- a/inventory/host_vars/ch-mon.yml
+++ b/inventory/host_vars/ch-mon.yml
@@ -198,6 +198,8 @@ grafana_dashboards:
- file: standalone-kubelet-overview
datasource: "Prometheus"
+grafana_admin_password: "{{ vault_grafana_admin_password }}"
+
monitoring_landingpage_hostnames:
- "mon.chaos-at-home.org"
diff --git a/roles/monitoring/grafana/defaults/main.yml b/roles/monitoring/grafana/defaults/main.yml
index 8a113e2d..0eaeb061 100644
--- a/roles/monitoring/grafana/defaults/main.yml
+++ b/roles/monitoring/grafana/defaults/main.yml
@@ -51,3 +51,16 @@ grafana_dashboards: []
# - id: 19
# revision: 3
# datasource: "Foo"
+
+grafana_admin_password: "{{ undef(hint='Please specify the password for the grafana admin user') }}"
+
+grafana_users: {}
+ # foo:
+ # password: somewhat-secret
+ # name: Foo Bar
+ # email: foo@bar.com
+ # root:
+ # password: very-secret
+ # name: The Root
+ # email: root@toor.com
+ # is_admin: yes
diff --git a/roles/monitoring/grafana/filter_plugins/grafana.py b/roles/monitoring/grafana/filter_plugins/grafana.py
new file mode 100644
index 00000000..750dc46d
--- /dev/null
+++ b/roles/monitoring/grafana/filter_plugins/grafana.py
@@ -0,0 +1,32 @@
+from __future__ import (absolute_import, division, print_function)
+__metaclass__ = type
+
+from functools import partial
+
+from ansible import errors
+from ansible.module_utils.common.text import formatters
+
+
+def resolve_grafana_url(url, config):
+ try:
+ protocol = config.get('protocol', 'http')
+ addr = config.get('http_addr', 'localhost')
+ port = config.get('http_port', '3000')
+ serve_from_sub_path = config.get('serve_from_sub_path', False)
+
+ if not serve_from_sub_path:
+ return "%s://%s:%s" % (protocol, addr, port)
+
+ return url.replace('%(protocol)s', str(protocol)).replace('%(domain)s', str(addr)).replace('%(http_port)s', str(port))
+ except Exception as e:
+ raise errors.AnsibleFilterError("resolve_grafana_url(): %s" % str(e))
+
+
+class FilterModule(object):
+
+ filter_map = {
+ 'resolve_grafana_url': resolve_grafana_url,
+ }
+
+ def filters(self):
+ return self.filter_map
diff --git a/roles/monitoring/grafana/tasks/main.yml b/roles/monitoring/grafana/tasks/main.yml
index 48a0ec96..1e21ea39 100644
--- a/roles/monitoring/grafana/tasks/main.yml
+++ b/roles/monitoring/grafana/tasks/main.yml
@@ -147,3 +147,6 @@
name: grafana-server
state: started
enabled: yes
+
+- name: manage grafana users
+ include_tasks: users.yml
diff --git a/roles/monitoring/grafana/tasks/users.yml b/roles/monitoring/grafana/tasks/users.yml
new file mode 100644
index 00000000..695d34d8
--- /dev/null
+++ b/roles/monitoring/grafana/tasks/users.yml
@@ -0,0 +1,36 @@
+---
+- name: check if admin password is already set
+ check_mode: no
+ uri:
+ url: "{{ grafana_root_url | resolve_grafana_url(grafana_config_server) }}/api/user"
+ user: admin
+ password: "{{ grafana_admin_password }}"
+ force_basic_auth: true
+ body_format: json
+ status_code:
+ - 200
+ - 400
+ - 401
+ register: grafana_admin_user_info
+
+- name: set password for admin user
+ when: grafana_admin_user_info.status != 200
+ command: grafana-cli admin reset-admin-password --password-from-stdin
+ args:
+ stdin: "{{ grafana_admin_password }}"
+ stdin_add_newline: false
+
+- name: add additional users to grafana
+ loop: "{{ grafana_users | dict2items }}"
+ loop_control:
+ label: "{{ item.key }}"
+ community.grafana.grafana_user:
+ url: "{{ grafana_root_url | resolve_grafana_url(grafana_config_server) }}"
+ url_username: admin
+ url_password: "{{ grafana_admin_password }}"
+ name: "{{ item.value.name | default(omit) }}"
+ email: "{{ item.value.email | default(omit) }}"
+ login: "{{ item.key }}"
+ password: "{{ item.value.password }}"
+ is_admin: "{{ item.value.is_admin | default(False) }}"
+ state: present