diff options
Diffstat (limited to 'roles/monitoring')
-rw-r--r-- | roles/monitoring/collectd/base/templates/common.conf.j2 | 1 | ||||
-rw-r--r-- | roles/monitoring/collectd/graphite/defaults/main.yml | 2 | ||||
-rw-r--r-- | roles/monitoring/grafana/defaults/main.yml | 21 | ||||
-rw-r--r-- | roles/monitoring/grafana/handlers/main.yml | 5 | ||||
-rw-r--r-- | roles/monitoring/grafana/tasks/main.yml | 71 | ||||
-rw-r--r-- | roles/monitoring/graphite/web/defaults/main.yml | 5 | ||||
-rw-r--r-- | roles/monitoring/graphite/web/handlers/main.yml | 1 | ||||
-rw-r--r-- | roles/monitoring/graphite/web/tasks/main.yml | 50 | ||||
-rw-r--r-- | roles/monitoring/graphite/web/templates/nginx-vhost.conf.j2 | 20 | ||||
-rw-r--r-- | roles/monitoring/graphite/web/templates/uwsgi-app.ini.j2 | 8 |
10 files changed, 183 insertions, 1 deletions
diff --git a/roles/monitoring/collectd/base/templates/common.conf.j2 b/roles/monitoring/collectd/base/templates/common.conf.j2 index 6447f3f1..c2f09f82 100644 --- a/roles/monitoring/collectd/base/templates/common.conf.j2 +++ b/roles/monitoring/collectd/base/templates/common.conf.j2 @@ -7,6 +7,7 @@ LoadPlugin irq LoadPlugin load LoadPlugin memory LoadPlugin processes +LoadPlugin uptime LoadPlugin users <Plugin "df"> diff --git a/roles/monitoring/collectd/graphite/defaults/main.yml b/roles/monitoring/collectd/graphite/defaults/main.yml index f4bfe09c..55eb76c8 100644 --- a/roles/monitoring/collectd/graphite/defaults/main.yml +++ b/roles/monitoring/collectd/graphite/defaults/main.yml @@ -5,4 +5,4 @@ # Port "2003" # Protocol "tcp" # LogSendErrors true -# Prefix "collectd" +# Prefix "collectd." diff --git a/roles/monitoring/grafana/defaults/main.yml b/roles/monitoring/grafana/defaults/main.yml new file mode 100644 index 00000000..8798dfb5 --- /dev/null +++ b/roles/monitoring/grafana/defaults/main.yml @@ -0,0 +1,21 @@ +--- +# grafana_secret_key: <--- pwgen -s 64 -1 +grafana_root_url: "%(protocol)s://%(domain)s:%(http_port)s/grafana" + +grafana_config_server: + http_addr: localhost + http_port: 3000 + root_url: "{{ grafana_root_url }}" + serve_from_sub_path: true + +grafana_config_analytics: + reporting_enabled: false + check_for_updates: false + +grafana_config_security: + secret_key: "{{ grafana_secret_key }}" + disable_gravatar: true + +grafana_config_users: + allow_sign_up: false + allow_org_create: false diff --git a/roles/monitoring/grafana/handlers/main.yml b/roles/monitoring/grafana/handlers/main.yml new file mode 100644 index 00000000..59d64e48 --- /dev/null +++ b/roles/monitoring/grafana/handlers/main.yml @@ -0,0 +1,5 @@ +--- +- name: restart grafana + service: + name: grafana-server + state: restarted diff --git a/roles/monitoring/grafana/tasks/main.yml b/roles/monitoring/grafana/tasks/main.yml new file mode 100644 index 00000000..87f16bd0 --- /dev/null +++ b/roles/monitoring/grafana/tasks/main.yml @@ -0,0 +1,71 @@ +--- +- name: add debian repository + include_role: + name: apt-repo/grafana + +- name: install apt packages + apt: + name: grafana + state: present + +- name: configure grafana server + loop: "{{ grafana_config_server | dict2items }}" + loop_control: + label: "{{ item.key }}" + ini_file: + path: /etc/grafana/grafana.ini + section: server + option: "{{ item.key }}" + value: "{{ item.value | string }}" + notify: restart grafana + +- name: configure grafana analytics + loop: "{{ grafana_config_analytics | dict2items }}" + loop_control: + label: "{{ item.key }}" + ini_file: + path: /etc/grafana/grafana.ini + section: analytics + option: "{{ item.key }}" + value: "{{ item.value | string }}" + notify: restart grafana + +- name: configure grafana security + loop: "{{ grafana_config_security | dict2items }}" + loop_control: + label: "{{ item.key }}" + ini_file: + path: /etc/grafana/grafana.ini + section: security + option: "{{ item.key }}" + value: "{{ item.value | string }}" + notify: restart grafana + +- name: configure grafana users + loop: "{{ grafana_config_users | dict2items }}" + loop_control: + label: "{{ item.key }}" + ini_file: + path: /etc/grafana/grafana.inig + section: users + option: "{{ item.key }}" + value: "{{ item.value | string }}" + notify: restart grafana + +- name: make sure grafan-server is enabled and started + systemd: + name: grafana-server + state: started + enabled: yes + +- name: configure nginx vhost + vars: + nginx_vhost: + name: grafana + template: generic-proxy-no-buffering + hostnames: + - "_" + client_max_body_size: "0" + proxy_pass: "http://127.0.0.1:{{ grafana_config_server.http_port | default(3000) }}" + include_role: + name: nginx/vhost diff --git a/roles/monitoring/graphite/web/defaults/main.yml b/roles/monitoring/graphite/web/defaults/main.yml new file mode 100644 index 00000000..167c39a1 --- /dev/null +++ b/roles/monitoring/graphite/web/defaults/main.yml @@ -0,0 +1,5 @@ +--- +# graphite_web_secret_key: <--- pwgen -s 64 -1 + +graphite_web_nginx_listen: 127.0.0.1:81 default_server +graphite_web_uwsgi_port: 3031 diff --git a/roles/monitoring/graphite/web/handlers/main.yml b/roles/monitoring/graphite/web/handlers/main.yml new file mode 100644 index 00000000..ed97d539 --- /dev/null +++ b/roles/monitoring/graphite/web/handlers/main.yml @@ -0,0 +1 @@ +--- diff --git a/roles/monitoring/graphite/web/tasks/main.yml b/roles/monitoring/graphite/web/tasks/main.yml new file mode 100644 index 00000000..7c796722 --- /dev/null +++ b/roles/monitoring/graphite/web/tasks/main.yml @@ -0,0 +1,50 @@ +--- +- name: instsall apt packages + apt: + name: graphite-web + state: present + +- name: configure secret key + lineinfile: + path: /etc/graphite/local_settings.py + regexp: '#?SECRET_KEY\s*=' + line: "SECRET_KEY = '{{ graphite_web_secret_key }}'" + +- name: initialize database + become: yes + become_method: su + become_user: "_graphite" + become_flags: "-s /bin/bash" + command: graphite-manage migrate --run-syncdb + args: + creates: /var/lib/graphite/graphite.db + +- name: fix sqlite database permissions + file: + path: /var/lib/graphite/graphite.db + owner: "_graphite" + group: "_graphite" + mode: "0600" + +- name: check if uwsgi plugin python3 is installed + assert: + msg: "This role needs uwsgi with python3 plugin installed" + that: + - uwsgi_plugins is defined + - "'python3' in uwsgi_plugins" + +- name: install uwsgi app + vars: + uwsgi_app: + name: graphite + content: "{{ lookup('template', 'uwsgi-app.ini.j2') }}" + include_role: + name: uwsgi/app + +- name: install nginx vhost + vars: + nginx_vhost: + name: graphite + content: "{{ lookup('template', 'nginx-vhost.conf.j2') }}" + include_role: + name: nginx/vhost diff --git a/roles/monitoring/graphite/web/templates/nginx-vhost.conf.j2 b/roles/monitoring/graphite/web/templates/nginx-vhost.conf.j2 new file mode 100644 index 00000000..48b6ef73 --- /dev/null +++ b/roles/monitoring/graphite/web/templates/nginx-vhost.conf.j2 @@ -0,0 +1,20 @@ +server { + listen {{ graphite_web_nginx_listen }}; + + server_name _; + + location / { + include uwsgi_params; + uwsgi_pass 127.0.0.1:{{ graphite_web_uwsgi_port }}; + } + rewrite ^/admin(.*)admin/([^/]+)/([^/]+)$ /media/$2/$3 redirect; + location /media { + alias /usr/share/python-django-common/django/contrib/admin/static/admin/; + } + location /static/ { + alias /usr/share/graphite-web/static/; + } + + access_log /var/log/nginx/access-graphite.log; + error_log /var/log/nginx/error-graphite.log; +} diff --git a/roles/monitoring/graphite/web/templates/uwsgi-app.ini.j2 b/roles/monitoring/graphite/web/templates/uwsgi-app.ini.j2 new file mode 100644 index 00000000..e5b01a04 --- /dev/null +++ b/roles/monitoring/graphite/web/templates/uwsgi-app.ini.j2 @@ -0,0 +1,8 @@ +[uwsgi] +plugin = python3 +processes = 2 +socket = 127.0.0.1:{{ graphite_web_uwsgi_port }} +gid = _graphite +uid = _graphite +chdir = /usr/share/graphite-web +wsgi-file = /usr/share/graphite-web/graphite.wsgi |