diff --git a/ansible/roles/prometheus/tasks/main.yml b/ansible/roles/prometheus/tasks/main.yml index 4980743f..d933611e 100644 --- a/ansible/roles/prometheus/tasks/main.yml +++ b/ansible/roles/prometheus/tasks/main.yml @@ -11,7 +11,10 @@ - "alert_*.yml" notify: - reload prometheus - tags: prometheus + tags: + - monitoring + - prometheus + - config - name: Configure Prometheus template: @@ -23,7 +26,10 @@ validate: "/usr/bin/promtool check config %s" notify: - reload prometheus - tags: prometheus + tags: + - monitoring + - prometheus + - config vars: prometheus_metrics_password_dev: "{{ lookup('amazon.aws.aws_secret', 'oonidevops/ooni_services/prometheus_metrics_password', profile='oonidevops_user_dev') }}" prometheus_metrics_password_prod: "{{ lookup('amazon.aws.aws_secret', 'oonidevops/ooni_services/prometheus_metrics_password', profile='oonidevops_user_prod') }}" diff --git a/ansible/roles/prometheus_alertmanager/tasks/main.yml b/ansible/roles/prometheus_alertmanager/tasks/main.yml index 271ef7c3..ec8e6803 100644 --- a/ansible/roles/prometheus_alertmanager/tasks/main.yml +++ b/ansible/roles/prometheus_alertmanager/tasks/main.yml @@ -1,5 +1,8 @@ - name: Installs packages - tags: monitoring, alertmanager + tags: + - monitoring + - alertmanager + - config apt: install_recommends: no cache_valid_time: 86400 @@ -7,7 +10,10 @@ - prometheus-alertmanager - name: Configure Alertmanager templates - tags: monitoring, alertmanager + tags: + - monitoring + - alertmanager + - config notify: - reload alertmanager copy: @@ -20,14 +26,20 @@ - templates/*.tmpl - name: Configure Alertmanager - tags: alertmanager + tags: + - monitoring + - alertmanager + - config lineinfile: path: /etc/default/prometheus-alertmanager regexp: "^ARGS=" line: ARGS='--cluster.listen-address= --web.listen-address="127.0.0.1:9093" --web.external-url="https://grafana.ooni.org"' - name: Reload Alertmanager - tags: alertmanager + tags: + - monitoring + - alertmanager + - config notify: - reload alertmanager template: diff --git a/ansible/roles/prometheus_blackbox_exporter/tasks/main.yml b/ansible/roles/prometheus_blackbox_exporter/tasks/main.yml index 58385d91..36d660fa 100644 --- a/ansible/roles/prometheus_blackbox_exporter/tasks/main.yml +++ b/ansible/roles/prometheus_blackbox_exporter/tasks/main.yml @@ -7,10 +7,16 @@ mode: 0644 notify: - restart blackbox_exporter - tags: blackbox_exporter + tags: + - monitoring + - blackbox_exporter + - config - name: Setcap command: setcap cap_net_raw=ep /usr/bin/prometheus-blackbox-exporter - tags: blackbox_exporter + tags: + - monitoring + - blackbox_exporter + - config notify: - restart blackbox_exporter diff --git a/ansible/roles/prometheus_node_exporter/tasks/main.yml b/ansible/roles/prometheus_node_exporter/tasks/main.yml index d33fe013..113863eb 100644 --- a/ansible/roles/prometheus_node_exporter/tasks/main.yml +++ b/ansible/roles/prometheus_node_exporter/tasks/main.yml @@ -10,7 +10,9 @@ node_exporter_host: "localhost" node_exporter_port: 8100 tags: + - monitoring - node_exporter + - config - name: create ooni configuration directory ansible.builtin.file: @@ -18,7 +20,9 @@ state: directory owner: root tags: + - monitoring - node_exporter + - config - name: Add a user to a password file and ensure permissions are set community.general.htpasswd: @@ -29,9 +33,11 @@ group: www-data mode: 0640 tags: + - monitoring - node_exporter + - config -- name: Setup oonidata nginx config +- name: Setup prometheus nginx config ansible.builtin.template: src: nginx-prometheus.j2 dest: /etc/nginx/sites-enabled/01-prometheus @@ -39,6 +45,7 @@ notify: - Restart nginx tags: + - monitoring - node_exporter - config @@ -51,6 +58,7 @@ notify: - Reload nftables tags: - - nftables + - monitoring - node_exporter - config + - nftables