From f7ffff3b8d35548173dcbdbe931069898c61f0eb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Torma=20Krist=C3=B3f?= Date: Sun, 29 May 2022 15:15:02 +0200 Subject: [PATCH] add exporters --- host_vars/neko.yaml | 12 +++++++++--- roles/common/tasks/main.yaml | 1 + roles/common/tasks/node-exporter.yaml | 15 +++++++++++++++ roles/docker/files/daemon.json | 4 +++- roles/docker/tasks/main.yaml | 7 +++++++ roles/internalsmtp/tasks/main.yaml | 14 ++++++++++++++ roles/neko/tasks/main.yaml | 20 ++------------------ roles/smtpgateway/tasks/main.yaml | 14 ++++++++++++++ roles/webgateway/tasks/main.yaml | 14 ++++++++++++++ roles/webserver/tasks/main.yaml | 14 ++++++++++++++ 10 files changed, 93 insertions(+), 22 deletions(-) create mode 100644 roles/common/tasks/node-exporter.yaml diff --git a/host_vars/neko.yaml b/host_vars/neko.yaml index 147f8e0..1fd7d87 100644 --- a/host_vars/neko.yaml +++ b/host_vars/neko.yaml @@ -10,12 +10,18 @@ firewall: - port: "https" proto: tcp interface: "eth1" - - port: "ssh" - proto: tcp - interface: "eth1" - port: "59000:59049" proto: udp interface: "eth1" + - port: "9100" + proto: tcp + interface: "eth0" + - port: "9101" + proto: tcp + interface: "eth0" + - port: "9706" + proto: tcp + interface: "eth0" netplan: default_gateway: "" additionalinterfaces: diff --git a/roles/common/tasks/main.yaml b/roles/common/tasks/main.yaml index 97689c2..0fb0ff8 100644 --- a/roles/common/tasks/main.yaml +++ b/roles/common/tasks/main.yaml @@ -7,4 +7,5 @@ - include_tasks: user-ops.yaml - include_tasks: ssh-security-settings.yaml - include_tasks: timesync.yaml +- include_tasks: node-exporter.yaml ... diff --git a/roles/common/tasks/node-exporter.yaml b/roles/common/tasks/node-exporter.yaml new file mode 100644 index 0000000..1c561f8 --- /dev/null +++ b/roles/common/tasks/node-exporter.yaml @@ -0,0 +1,15 @@ +--- +- name: "Install node exporter" + apt: + update_cache: yes + state: present + name: + - prometheus-node-exporter + +- name: Allow node-exporter via ufw + community.general.ufw: + rule: allow + port: 9100 + proto: tcp + src: 192.168.69.0/24 +... diff --git a/roles/docker/files/daemon.json b/roles/docker/files/daemon.json index 6761fe5..3b0ce70 100644 --- a/roles/docker/files/daemon.json +++ b/roles/docker/files/daemon.json @@ -1,3 +1,5 @@ { - "userland-proxy": false + "userland-proxy": false, + "metrics-addr" : "0.0.0.0:9323", + "experimental" : true } \ No newline at end of file diff --git a/roles/docker/tasks/main.yaml b/roles/docker/tasks/main.yaml index 3ca93c8..64c7579 100644 --- a/roles/docker/tasks/main.yaml +++ b/roles/docker/tasks/main.yaml @@ -27,4 +27,11 @@ comment: Service user groups: docker append: yes + +- name: Allow docker exporter via ufw + community.general.ufw: + rule: allow + port: 9323 + proto: tcp + src: 192.168.69.0/24 ... diff --git a/roles/internalsmtp/tasks/main.yaml b/roles/internalsmtp/tasks/main.yaml index 7920f57..5b190e7 100644 --- a/roles/internalsmtp/tasks/main.yaml +++ b/roles/internalsmtp/tasks/main.yaml @@ -16,4 +16,18 @@ name: postfix state: restarted enabled: yes + +- name: "Install postfix exporter" + apt: + update_cache: yes + state: present + name: + - prometheus-postfix-exporter + +- name: Allow postfix exporter via ufw + community.general.ufw: + rule: allow + port: 9706 + proto: tcp + src: 192.168.69.0/24 ... diff --git a/roles/neko/tasks/main.yaml b/roles/neko/tasks/main.yaml index 2825cc1..ef72087 100644 --- a/roles/neko/tasks/main.yaml +++ b/roles/neko/tasks/main.yaml @@ -53,26 +53,10 @@ community.general.ufw: state: enabled -- name: Copy datadog repo config - copy: - src: datadog.list - dest: /etc/apt/sources.list.d/datadog.list - mode: 0655 - owner: root - group: root - -- name: "Install datadog-agent" +- name: "Install haproxy exporter" apt: update_cache: yes state: present name: - - datadog-agent - -- name: "Generate datadog configuration" - ansible.builtin.template: - src: datadog.yaml - dest: /etc/datadog-agent/datadog.yaml - owner: dd-agent - group: dd-agent - mode: '0640' + - prometheus-haproxy-exporter ... diff --git a/roles/smtpgateway/tasks/main.yaml b/roles/smtpgateway/tasks/main.yaml index 6f8ecdc..6f0aaba 100644 --- a/roles/smtpgateway/tasks/main.yaml +++ b/roles/smtpgateway/tasks/main.yaml @@ -24,4 +24,18 @@ community.general.ufw: rule: allow port: smtp + +- name: "Install postfix exporter" + apt: + update_cache: yes + state: present + name: + - prometheus-postfix-exporter + +- name: Allow postfix exporter via ufw + community.general.ufw: + rule: allow + port: 9706 + proto: tcp + src: 192.168.69.0/24 ... diff --git a/roles/webgateway/tasks/main.yaml b/roles/webgateway/tasks/main.yaml index 3117ea0..5f8dee3 100644 --- a/roles/webgateway/tasks/main.yaml +++ b/roles/webgateway/tasks/main.yaml @@ -129,4 +129,18 @@ path: "{{ item.directory }}/.git" state: absent with_items: "{{ static }}" + +- name: "Install nginx exporter" + apt: + update_cache: yes + state: present + name: + - prometheus-nginx-exporter + +- name: Allow nginx exporter via ufw + community.general.ufw: + rule: allow + port: 9113 + proto: tcp + src: 192.168.69.0/24 ... diff --git a/roles/webserver/tasks/main.yaml b/roles/webserver/tasks/main.yaml index fb085bc..740c634 100644 --- a/roles/webserver/tasks/main.yaml +++ b/roles/webserver/tasks/main.yaml @@ -33,6 +33,20 @@ name: nginx state: reloaded +- name: "Install nginx exporter" + apt: + update_cache: yes + state: present + name: + - prometheus-nginx-exporter + +- name: Allow nginx exporter via ufw + community.general.ufw: + rule: allow + port: 9113 + proto: tcp + src: 192.168.69.0/24 + - name: Allow https port via ufw community.general.ufw: rule: allow