roles: Add grafana

4 files changed, 238 insertions, 0 deletions

diff --git a/roles/grafana/defaults/main.yml b/roles/grafana/defaults/main.yml
new file mode 100644
index 0000000..32309e9
--- /dev/null
+++ b/roles/grafana/defaults/main.yml
@@ -0,0 +1,12 @@
+grafana_dir: /data/grafana
+grafana_port: 3001
+grafana_port_out: 3000
+grafana_user: _grafana
+grafana_group: _grafana
+
+grafana_db: sqlite
+grafana_configuration_file: /etc/grafana.ini
+grafana_instance_name: rgoncalves.se monitoring
+
+grafana_default_theme: dark
+grafana_is_public: false
diff --git a/roles/grafana/tasks/main.yml b/roles/grafana/tasks/main.yml
new file mode 100644
index 0000000..7c1a19c
--- /dev/null
+++ b/roles/grafana/tasks/main.yml
@@ -0,0 +1,39 @@
+- name: install grafana
+  package:
+    name: grafana
+    state: present
+
+- name: create grafana directory
+  file:
+    path: "{{ grafana_dir }}/{{ item }}"
+    owner: "{{ grafana_user }}"
+    group: "{{ grafana_group }}"
+    mode: 0640
+    state: directory
+  loop:
+    - ""
+    - data
+    - logs
+    - plugins
+
+- name: generate grafana configuration
+  template:
+    src: grafana.ini.j2
+    dest: "{{ grafana_configuration_file }}"
+    owner: 0
+    group: 0
+    mode: 0644
+
+- name: generate grafana data sources
+  template:
+    src: datasources-default.yml.j2
+    dest: /etc/grafana/provisioning/datasources/default.yml
+    owner: "{{ grafana_user }}"
+    group: "{{ grafana_group }}"
+    mode: 0640
+
+- name: start and enable grafana service
+  service:
+    name: grafana
+    state: restarted
+    enabled: true
diff --git a/roles/grafana/templates/datasources-default.yml.j2 b/roles/grafana/templates/datasources-default.yml.j2
new file mode 100644
index 0000000..1414ff2
--- /dev/null
+++ b/roles/grafana/templates/datasources-default.yml.j2
@@ -0,0 +1,12 @@
+# managed by Ansible
+{% import 'macros.j2' as macros with context %}
+
+apiVersion: 1
+
+datasources:
+{% call(h) macros.loop_valid_hosts("servers") %}
+  - name: {{ h.inventory_hostname }}-prometheus
+    type: prometheus
+    url: http://{{ h.__ip.internal }}:9090
+
+{% endcall %}
diff --git a/roles/grafana/templates/grafana.ini.j2 b/roles/grafana/templates/grafana.ini.j2
new file mode 100644
index 0000000..720352b
--- /dev/null
+++ b/roles/grafana/templates/grafana.ini.j2
@@ -0,0 +1,175 @@
+# managed by Ansible
+
+app_mode = production
+instance_name = <{{ grafana_instance_name }}>
+
+[paths]
+data = {{ grafana_dir }}/data
+logs = {{ grafana_dir }}/logs
+plugins = {{ grafana_dir }}/plugins
+provisioning = provisioning
+temp_data_lifetime = 24h
+
+[server]
+protocol = http
+http_addr =
+http_port = {{ grafana_port }}
+router_logging = true
+enable_gzip = true
+
+; domain = 0.0.0.0
+; root_url = %(protocol)s://%(domain)s:%(http_port)s/
+
+[database]
+; type = sqlite3
+; host = 127.0.0.1:3306
+; name = grafana
+; user = root
+; password =
+
+path = grafana.db
+max_idle_conn = 2
+log_queries = true
+cache_mode = shared
+
+[remote_cache]
+type = database
+
+[security]
+disable_initial_admin_creation = true
+disable_gravatar = true
+allow_embedding = true
+strict_transport_security = false
+
+[snapshots]
+external_enabled = true
+public_mode = {{ grafana_is_public }}
+
+; external_snapshot_url = https://snapshots-origin.raintank.io
+; external_snapshot_name = Publish to snapshot.raintank.io
+
+[dashboards]
+versions_to_keep = 20
+min_refresh_interval = 5s
+default_home_dashboard_path =
+
+[users]
+allow_sign_up = false
+allow_org_create = false
+auto_assign_org = false
+auto_assign_org_role = Viewer
+verify_email_enabled = false
+login_hint = email or username
+password_hint = password
+viewers_can_edit = true
+editors_can_admin = false
+user_invite_max_lifetime_duration = 24h
+default_theme = {{ grafana_default_theme }}
+
+[auth]
+login_cookie_name = grafana_session
+
+[auth.anonymous]
+enabled = false
+
+[auth.github]
+enabled = false
+
+[auth.gitlab]
+enabled = false
+
+[auth.google]
+enabled = false
+
+[auth.grafana_com]
+enabled = false
+
+[auth.azuread]
+enabled = false
+
+[auth.okta]
+enabled = false
+
+[auth.generic_oauth]
+enabled = false
+
+[auth.basic]
+enabled = true
+
+[auth.proxy]
+enabled = false
+
+[auth.ldap]
+enabled = false
+config_file = /etc/grafana/ldap.toml
+allow_sign_up = true
+
+[smtp]
+enabled = false
+
+[emails]
+welcome_email_on_sign_up = false
+templates_pattern = emails/*.html
+
+[log]
+mode = console file
+level = info
+filters =
+
+[log.console]
+level =
+format = console
+
+[log.file]
+level =
+format = text
+log_rotate = true
+max_lines = 1000000
+max_size_shift = 28
+daily_rotate = true
+max_days = 7
+
+[log.syslog]
+level =
+format = text
+network =
+address =
+facility =
+tag =
+
+[quota]
+enabled = false
+
+[alerting]
+enabled = true
+execute_alerts = true
+error_or_timeout = alerting
+nodata_or_nullvalues = no_data
+concurrent_render_limit = 5
+
+; evaluation_timeout_seconds = 30
+; notification_timeout_seconds = 30
+; max_attempts = 3
+; min_interval_seconds = 1
+
+[explore]
+enabled = true
+
+[metrics]
+enabled = true
+interval_seconds  = 10
+disable_total_stats = false
+
+; basic_auth_username =
+; basic_auth_password =
+
+[panels]
+disable_sanitize_html = false
+
+[plugins]
+enable_alpha = true
+
+[plugin.grafana-image-renderer]
+
+[date_formats]
+default_timezone = browser