From 2506b109572a27ebbde64afa36937d1faf70e120 Mon Sep 17 00:00:00 2001 From: Georg Krause Date: Mon, 15 Feb 2021 09:01:20 +0100 Subject: [PATCH] Deploy Node exporter to enable monitoring --- files/nginx.conf | 28 ++++++++++++++++++++++++++++ tasks/main.yml | 39 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 67 insertions(+) create mode 100644 files/nginx.conf create mode 100644 tasks/main.yml diff --git a/files/nginx.conf b/files/nginx.conf new file mode 100644 index 0000000..ec73523 --- /dev/null +++ b/files/nginx.conf @@ -0,0 +1,28 @@ +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name tech.ag-link.xyz; + + ssl_certificate /etc/nginx/certs/ag-link.xyz/fullchain; + ssl_certificate_key /etc/nginx/certs/ag-link.xyz/key; + ssl_session_timeout 1d; + ssl_session_cache shared:SSL:50m; + ssl_session_tickets off; + + access_log off; + error_log off; + + location /metrics { + proxy_pass http://localhost:9100/metrics; + auth_basic "Restricted"; + auth_basic_user_file /etc/nginx/.htpasswd; + } +} + +server { + listen 80; + listen [::]:80; + server_name tech.ag-link.xyz; + return 301 https://tech.ag-link.xyz$request_uri; +} + diff --git a/tasks/main.yml b/tasks/main.yml new file mode 100644 index 0000000..e240147 --- /dev/null +++ b/tasks/main.yml @@ -0,0 +1,39 @@ +- name: Install prometheus node exporter + become: yes + apt: + name: prometheus-node-exporter + state: present + +- name: Start and enable node exporter + become: yes + systemd: + name: prometheus-node-exporter + state: started + enabled: yes + +- name: Place reverse proxy conf + become: yes + copy: + src: files/nginx.conf + dest: /etc/nginx/conf.d/tech.ag-link.xyz.conf + notify: Check and Reload nginx + +- name: Install apache2-utils + become: yes + apt: + name: apache2-utils + state: present + +- name: Setup htpasswd file + become: yes + file: + path: "/etc/nginx/.htpasswd" + owner: www-data + group: www-data + mode: 0600 + state: touch + +- name: Set Login credentials + become: yes + shell: + cmd: "htpasswd -b /etc/nginx/.htpasswd prometheus {{ prometheus_pass }}"