add role service-grafana

This commit is contained in:
Julian Labus 2018-09-11 14:21:28 +02:00
parent 57a42f17de
commit 81393955a0
No known key found for this signature in database
GPG key ID: 8AF209F2C6B3572A
5 changed files with 167 additions and 0 deletions

View file

@ -0,0 +1,88 @@
[paths]
[server]
protocol = http
http_addr = 127.0.0.1
http_port = 3000
router_logging = false
[database]
[session]
provider = memory
cookie_secure = true
[dataproxy]
[analytics]
reporting_enabled = false
[security]
login_remember_days = 7
[snapshots]
[users]
allow_sign_up = true
allow_org_create = false
[auth]
[auth.anonymous]
enabled = true
org_name = Freifunk MWU
org_role = Viewer
[auth.github]
[auth.google]
[auth.generic_oauth]
[auth.grafana_com]
[auth.proxy]
[auth.basic]
[auth.ldap]
[smtp]
[emails]
[log]
mode = console
[log.console]
level = warn
[event_publisher]
[dashboards.json]
[alerting]
enabled = false
[metrics]
enabled = true
[metrics.graphite]
[grafana_com]
[external_image_storage]
[external_image_storage.s3]
[external_image_storage.webdav]

View file

@ -0,0 +1,10 @@
---
- name: restart grafana
systemd:
name: grafana-server
state: restarted
- name: restart nginx
systemd:
name: nginx
state: restarted

View file

@ -0,0 +1,3 @@
---
dependencies:
- { role: service-nginx }

View file

@ -0,0 +1,42 @@
---
- name: ensure apt key for grafana is present
apt_key:
state: present
id: D59097AB
url: "https://packagecloud.io/gpg.key"
- name: ensure grafana apt repo is present
apt_repository:
state: present
repo: "deb https://packagecloud.io/grafana/stable/debian/ stretch main"
update_cache: yes
filename: grafana
- name: install grafana package
package:
name: grafana
state: present
- name: copy grafana.ini
copy:
src: grafana.ini
dest: /etc/grafana/grafana.ini
owner: root
group: grafana
mode: 0640
notify: restart grafana
- name: write vhost grafana.conf
template:
src: grafana_vhost.conf.j2
dest: /etc/nginx/conf.d/grafana.conf
owner: root
group: root
mode: 0644
notify: restart nginx
- name: enable systemd unit grafana
systemd:
name: grafana-server
enabled: yes
state: started

View file

@ -0,0 +1,24 @@
server {
listen 80;
listen [::]:80;
server_name stats.{{ http_domain_internal }} stats.{{ http_domain_external }};
include /etc/nginx/snippets/redirect-to-ssl.conf;
include /etc/nginx/snippets/letsencrypt-acme-challenge.conf;
}
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name stats.{{ http_domain_internal }} stats.{{ http_domain_external }};
ssl_certificate /etc/nginx/ssl/{{ inventory_hostname_short }}.{{ http_domain_external }}/fullchain.pem;
ssl_certificate_key /etc/nginx/ssl/{{ inventory_hostname_short }}.{{ http_domain_external }}/privkey.pem;
include /etc/nginx/snippets/letsencrypt-acme-challenge.conf;
location / {
set $grafana_addr 127.0.0.1 ;
proxy_pass http://$grafana_addr:3000;
}
}