blob: 3fdb4d178b721d688185fd5db41641211cfd0bbd (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
|
---
install:
vm:
memory: 8G
numcpus: 4
autostart: yes
disks:
primary: /dev/sda
scsi:
sda:
type: lvm
vg: "{{ hostvars[vm_host.name].host_name }}"
lv: "vm_{{ inventory_hostname }}_root"
size: 50g
interfaces:
- bridge: br-lan
name: lan0
- bridge: br-mgmt
name: mgmt0
network:
nameservers: "{{ network_zones.lan.dns }}"
domain: "{{ host_domain }}"
systemd_link:
interfaces: "{{ install.interfaces }}"
primary: &_network_primary_
name: lan0
address: "{{ network_zones.lan.prefix | ipaddr(network_zones.lan.offsets[inventory_hostname]) | ipaddr('address/prefix') }}"
gateway: "{{ network_zones.lan.gateway }}"
interfaces:
- *_network_primary_
- name: mgmt0
address: "{{ network_zones.mgmt.prefix | ipaddr(network_zones.mgmt.offsets[inventory_hostname]) | ipaddr('address/prefix') }}"
ssh_users_root:
- equinox
- datacop
spreadspace_apt_repo_components:
- prometheus
ntp_variant: chrony
ntp_client:
servers:
- name: "{{ network_zones.lan.gateway }}"
options: iburst
prometheus_server_storage:
type: lvm
vg: "{{ host_name }}"
lv: prometheus
size: 30G
fs: ext4
prometheus_server_alertmanager:
url: "127.0.0.1:9093"
path_prefix: "/alertmanager/"
prometheus_server_web_external_url: "http://{{ network.primary.address | ipaddr('address') }}/prometheus/"
prometheus_exporters_extra:
- blackbox
- nut
prometheus_exporter_node_textfile_collector_scripts:
- deleted-libraries
- chrony
prometheus_exporter_blackbox_modules_extra:
icmp:
prober: icmp
prometheus_job_multitarget_blackbox__probe:
ele-mon:
- instance: "ssh-{{ inventory_hostname }}"
target: "{{ network_zones.lan.prefix | ipaddr(network_zones.lan.offsets[inventory_hostname]) | ipaddr('address') }}:{{ ansible_port | default(22) }}"
module: ssh_banner
prometheus_alertmanager_web_external_url: "http://{{ network.primary.address | ipaddr('address') }}/alertmanager/"
prometheus_alertmanager_smtp:
smarthost: "mailrelay.chaos-at-home.org:587"
from: "noreply@elev8.at"
require_tls: yes
auth:
username: ele-mon
password: "{{ vault_prometheus_alertmanager_smtp_auth_password }}"
prometheus_alertmanager_route:
receiver: empty
routes:
- receiver: equinox-mail
matchers:
- 'alertname != PrometheusAlertmanagerE2eDeadManSwitch'
group_by:
- instance
continue: true
- receiver: equinox-sms
matchers:
- 'alertname != PrometheusAlertmanagerE2eDeadManSwitch'
- severity="critical"
prometheus_alertmanager_receivers:
- name: empty
- name: equinox-mail
email_configs:
- to: equinox@spreadspace.org
- name: equinox-sms
webhook_configs:
- url: "http://{{ network_zones.lan.prefix | ipaddr(network_zones.lan.offsets['ele-sms']) | ipaddr('address') }}:9876/alert"
grafana_secret_key: "{{ vault_grafana_secret_key }}"
grafana_datasources:
- name: "Prometheus"
type: "prometheus"
access: "proxy"
url: "http://127.0.0.1:9090/prometheus"
isDefault: yes
jsonData:
manageAlerts: no
grafana_dashboards:
- file: node-full
datasource: "Prometheus"
- file: chronyd
datasource: "Prometheus"
- file: blackbox
datasource: "Prometheus"
- file: network-ups-tools
datasource: "Prometheus"
|