ソースを参照

Add iot role with grafana task

Thomas Buck 5年前
コミット
17ae1906ee

+ 1
- 0
README.md ファイルの表示

@@ -31,6 +31,7 @@ What do you get if you point Sovereign at a server? All kinds of good stuff!
31 31
 -   Your own VPN server via [OpenVPN](http://openvpn.net/index.php/open-source.html).
32 32
 -   An IRC bouncer via [ZNC](http://wiki.znc.in/ZNC).
33 33
 -   Git Repo hosting via [gitea](https://gitea.io/en-us/).
34
+-   IoT Dashboard via [Grafana](https://grafana.com).
34 35
 -   [Monit](http://mmonit.com/monit/) to keep everything running smoothly (and alert you when it’s not).
35 36
 -   Web hosting (ex: for your blog) via [Apache](https://www.apache.org/).
36 37
 -   Statistics for the website using [Fathom](https://github.com/usefathom/fathom).

+ 1
- 1
roles/common/files/letsencrypt-gencert ファイルの表示

@@ -17,7 +17,7 @@ for domain in "$@"; do
17 17
   fi
18 18
 
19 19
   # subdomains - www.foo.com mail.foo.com ...
20
-  for sub in www mail autoconfig fathom news cloud git matrix status social comments; do
20
+  for sub in www mail autoconfig fathom news cloud git matrix status social comments iot; do
21 21
     # only add if the DNS entry for the subdomain does actually exist
22 22
     if (getent hosts $sub.$domain > /dev/null); then
23 23
       if [ -z "$d" ]; then

+ 21
- 0
roles/iot/defaults/main.yml ファイルの表示

@@ -0,0 +1,21 @@
1
+grafana_subdomain: "iot"
2
+grafana_domain: "{{ grafana_subdomain }}.{{ domain }}"
3
+
4
+grafana_internal_port: '2942'
5
+
6
+secret_root: '{{ inventory_dir | realpath }}'
7
+secret_name: 'secret'
8
+secret: '{{ secret_root + "/" + secret_name }}'
9
+
10
+grafana_main_user: "{{ main_user_name }}"
11
+grafana_main_user_password: "{{ lookup('password', secret + '/' + 'grafana_main_user_password length=20 chars=hexdigits') }}"
12
+
13
+grafana_signing_key: "{{ lookup('password', secret + '/' + 'grafana_signing_key length=20 chars=hexdigits') }}"
14
+
15
+grafana_db_username: grafanauser
16
+grafana_db_password: "{{ lookup('password', secret + '/' + 'grafana_db_password length=32 chars=hexdigits') }}"
17
+grafana_db_database: grafana
18
+
19
+# must match values in roles/common
20
+db_admin_username: 'postgres'
21
+db_admin_password: "{{ lookup('password', secret + '/' + 'db_admin_password length=32') }}"

+ 5
- 0
roles/iot/handlers/main.yml ファイルの表示

@@ -0,0 +1,5 @@
1
+- name: restart grafana
2
+  service: name=grafana-server state=restarted
3
+
4
+- name: restart apache
5
+  service: name=apache2 state=restarted

+ 75
- 0
roles/iot/tasks/grafana.yml ファイルの表示

@@ -0,0 +1,75 @@
1
+---
2
+# Installs the Grafana Dashboard, as described in:
3
+# http://docs.grafana.org/installation/debian/
4
+# http://docs.grafana.org/installation/configuration/
5
+
6
+- name: Ensure repository key for Grafana is in place
7
+  apt_key: url=https://packages.grafana.com/gpg.key state=present
8
+  tags:
9
+    - dependencies
10
+
11
+- name: Add Grafana repository
12
+  apt_repository: repo="deb https://packages.grafana.com/oss/deb stable main"
13
+  tags:
14
+    - dependencies
15
+
16
+- name: Install Grafana from official repository
17
+  apt:
18
+    name: "{{ packages }}"
19
+    state: present
20
+    update_cache: yes
21
+  vars:
22
+    packages:
23
+    - grafana
24
+  tags:
25
+    - dependencies
26
+
27
+- name: Configure Grafana
28
+  template:
29
+    src=etc_grafana_grafana.j2
30
+    dest=/etc/grafana/grafana.ini
31
+    owner=root
32
+    group=grafana
33
+  notify: restart grafana
34
+
35
+- name: Create Grafana data directory
36
+  file: state=directory path=/data/grafana owner=grafana group=grafana
37
+
38
+- name: Add Grafana postgres user
39
+  postgresql_user:
40
+    login_host=localhost
41
+    login_user={{ db_admin_username }}
42
+    login_password="{{ db_admin_password }}"
43
+    name={{ grafana_db_username }}
44
+    password="{{ grafana_db_password }}"
45
+    encrypted=yes
46
+    state=present
47
+
48
+- name: Create Grafana database
49
+  postgresql_db:
50
+    login_host=localhost
51
+    login_user={{ db_admin_username }}
52
+    login_password="{{ db_admin_password }}"
53
+    name={{ grafana_db_database }}
54
+    state=present
55
+    owner={{ grafana_db_username }}
56
+
57
+- name: Register new Grafana service
58
+  systemd: name=grafana-server daemon_reload=yes enabled=yes
59
+
60
+- name: Start new Grafana instance
61
+  service: name=grafana-server state=started
62
+
63
+- name: Create the Apache Grafana sites config files
64
+  template:
65
+    src=etc_apache2_sites-available_grafana.j2
66
+    dest=/etc/apache2/sites-available/grafana_{{ item.name }}.conf
67
+    owner=root
68
+    group=root
69
+  with_items: "{{ virtual_domains }}"
70
+  notify: restart apache
71
+
72
+- name: Enable Apache sites (creates new sites-enabled symlinks)
73
+  command: a2ensite grafana_{{ item }}.conf creates=/etc/apache2/sites-enabled/grafana_{{ item }}.conf
74
+  notify: restart apache
75
+  with_items: "{{ virtual_domains | json_query('[*].name') }}"

+ 1
- 0
roles/iot/tasks/main.yml ファイルの表示

@@ -0,0 +1 @@
1
+- include: grafana.yml tags=iot

+ 20
- 0
roles/iot/templates/etc_apache2_sites-available_grafana.j2 ファイルの表示

@@ -0,0 +1,20 @@
1
+<VirtualHost *:80>
2
+    ServerName {{ grafana_subdomain }}.{{ item.name }}
3
+
4
+    Redirect temp / https://{{ grafana_subdomain }}.{{ item.name }}/
5
+</VirtualHost>
6
+
7
+<VirtualHost *:443>
8
+    ServerName {{ grafana_subdomain }}.{{ item.name }}
9
+
10
+    SSLEngine               On
11
+    DocumentRoot            "{{ item.doc_root }}"
12
+    DirectoryIndex          index.html
13
+    Options                 -Indexes
14
+    HostnameLookups         Off
15
+
16
+    ProxyRequests           Off
17
+    ProxyPreserveHost       On
18
+    ProxyPass               / http://localhost:{{ grafana_internal_port }}/
19
+    ProxyPassReverse        / http://localhost:{{ grafana_internal_port }}/
20
+</VirtualHost>

+ 518
- 0
roles/iot/templates/etc_grafana_grafana.j2 ファイルの表示

@@ -0,0 +1,518 @@
1
+##################### Grafana Configuration Example #####################
2
+#
3
+# Everything has defaults so you only need to uncomment things you want to
4
+# change
5
+
6
+# possible values : production, development
7
+;app_mode = production
8
+
9
+# instance name, defaults to HOSTNAME environment variable value or hostname if HOSTNAME var is empty
10
+instance_name = {{ domain }}
11
+
12
+#################################### Paths ####################################
13
+[paths]
14
+# Path to where grafana can store temp files, sessions, and the sqlite3 db (if that is used)
15
+data = /data/grafana
16
+
17
+# Temporary files in `data` directory older than given duration will be removed
18
+;temp_data_lifetime = 24h
19
+
20
+# Directory where grafana can store logs
21
+;logs = /var/log/grafana
22
+
23
+# Directory where grafana will automatically scan and look for plugins
24
+;plugins = /var/lib/grafana/plugins
25
+
26
+# folder that contains provisioning config files that grafana will apply on startup and while running.
27
+;provisioning = conf/provisioning
28
+
29
+#################################### Server ####################################
30
+[server]
31
+# Protocol (http, https, socket)
32
+protocol = http
33
+
34
+# The ip address to bind to, empty will bind to all interfaces
35
+http_addr = 127.0.0.1
36
+
37
+# The http port  to use
38
+http_port = {{ grafana_internal_port }}
39
+
40
+# The public facing domain name used to access grafana from a browser
41
+domain = {{ grafana_domain }}
42
+
43
+# Redirect to correct domain if host header does not match domain
44
+# Prevents DNS rebinding attacks
45
+enforce_domain = true
46
+
47
+# The full public facing url you use in browser, used for redirects and emails
48
+# If you use reverse proxy and sub path specify full url (with sub path)
49
+root_url = https://{{ grafana_domain }}
50
+
51
+# Log web requests
52
+;router_logging = false
53
+
54
+# the path relative working path
55
+;static_root_path = public
56
+
57
+# enable gzip
58
+;enable_gzip = false
59
+
60
+# https certs & key file
61
+;cert_file =
62
+;cert_key =
63
+
64
+# Unix socket path
65
+;socket =
66
+
67
+#################################### Database ####################################
68
+[database]
69
+# You can configure the database connection by specifying type, host, name, user and password
70
+# as separate properties or as on string using the url properties.
71
+
72
+# Either "mysql", "postgres" or "sqlite3", it's your choice
73
+type = postgres
74
+host = 127.0.0.1:5432
75
+name = {{ grafana_db_database }}
76
+user = {{ grafana_db_username }}
77
+# If the password contains # or ; you have to wrap it with triple quotes. Ex """#password;"""
78
+password = """{{ grafana_db_password }}"""
79
+
80
+# Use either URL or the previous fields to configure the database
81
+# Example: mysql://user:secret@host:port/database
82
+;url =
83
+
84
+# For "postgres" only, either "disable", "require" or "verify-full"
85
+ssl_mode = disable
86
+
87
+# For "sqlite3" only, path relative to data_path setting
88
+;path = grafana.db
89
+
90
+# Max idle conn setting default is 2
91
+;max_idle_conn = 2
92
+
93
+# Max conn setting default is 0 (mean not set)
94
+;max_open_conn =
95
+
96
+# Connection Max Lifetime default is 14400 (means 14400 seconds or 4 hours)
97
+;conn_max_lifetime = 14400
98
+
99
+# Set to true to log the sql calls and execution times.
100
+log_queries =
101
+
102
+# For "sqlite3" only. cache mode setting used for connecting to the database. (private, shared)
103
+;cache_mode = private
104
+
105
+#################################### Session ####################################
106
+[session]
107
+# Either "memory", "file", "redis", "mysql", "postgres", default is "file"
108
+;provider = file
109
+
110
+# Provider config options
111
+# memory: not have any config yet
112
+# file: session dir path, is relative to grafana data_path
113
+# redis: config like redis server e.g. `addr=127.0.0.1:6379,pool_size=100,db=grafana`
114
+# mysql: go-sql-driver/mysql dsn config string, e.g. `user:password@tcp(127.0.0.1:3306)/database_name`
115
+# postgres: user=a password=b host=localhost port=5432 dbname=c sslmode=disable
116
+;provider_config = sessions
117
+
118
+# Session cookie name
119
+;cookie_name = grafana_sess
120
+
121
+# If you use session in https only, default is false
122
+;cookie_secure = false
123
+
124
+# Session life time, default is 86400
125
+;session_life_time = 86400
126
+
127
+#################################### Data proxy ###########################
128
+[dataproxy]
129
+
130
+# This enables data proxy logging, default is false
131
+;logging = false
132
+
133
+# How long the data proxy should wait before timing out default is 30 (seconds)
134
+;timeout = 30
135
+
136
+#################################### Analytics ####################################
137
+[analytics]
138
+# Server reporting, sends usage counters to stats.grafana.org every 24 hours.
139
+# No ip addresses are being tracked, only simple counters to track
140
+# running instances, dashboard and error counts. It is very helpful to us.
141
+# Change this option to false to disable reporting.
142
+reporting_enabled = false
143
+
144
+# Set to false to disable all checks to https://grafana.net
145
+# for new vesions (grafana itself and plugins), check is used
146
+# in some UI views to notify that grafana or plugin update exists
147
+# This option does not cause any auto updates, nor send any information
148
+# only a GET request to http://grafana.com to get latest versions
149
+;check_for_updates = true
150
+
151
+# Google Analytics universal tracking code, only enabled if you specify an id here
152
+;google_analytics_ua_id =
153
+
154
+# Google Tag Manager ID, only enabled if you specify an id here
155
+;google_tag_manager_id =
156
+
157
+#################################### Security ####################################
158
+[security]
159
+# default admin user, created on startup
160
+admin_user = {{ grafana_main_user }}
161
+
162
+# default admin password, can be changed before first start of grafana,  or in profile settings
163
+admin_password = {{ grafana_main_user_password }}
164
+
165
+# used for signing
166
+secret_key = {{ grafana_signing_key }}
167
+
168
+# disable gravatar profile images
169
+;disable_gravatar = false
170
+
171
+# data source proxy whitelist (ip_or_domain:port separated by spaces)
172
+;data_source_proxy_whitelist =
173
+
174
+# disable protection against brute force login attempts
175
+;disable_brute_force_login_protection = false
176
+
177
+# set to true if you host Grafana behind HTTPS. default is false.
178
+cookie_secure = true
179
+
180
+# set cookie SameSite attribute. defaults to `lax`. can be set to "lax", "strict" and "none"
181
+cookie_samesite = strict
182
+
183
+#################################### Snapshots ###########################
184
+[snapshots]
185
+# snapshot sharing options
186
+;external_enabled = true
187
+;external_snapshot_url = https://snapshots-origin.raintank.io
188
+;external_snapshot_name = Publish to snapshot.raintank.io
189
+
190
+# remove expired snapshot
191
+;snapshot_remove_expired = true
192
+
193
+#################################### Dashboards History ##################
194
+[dashboards]
195
+# Number dashboard versions to keep (per dashboard). Default: 20, Minimum: 1
196
+;versions_to_keep = 20
197
+
198
+#################################### Users ###############################
199
+[users]
200
+# disable user signup / registration
201
+;allow_sign_up = true
202
+
203
+# Allow non admin users to create organizations
204
+;allow_org_create = true
205
+
206
+# Set to true to automatically assign new users to the default organization (id 1)
207
+;auto_assign_org = true
208
+
209
+# Default role new users will be automatically assigned (if disabled above is set to true)
210
+;auto_assign_org_role = Viewer
211
+
212
+# Background text for the user field on the login page
213
+;login_hint = email or username
214
+
215
+# Default UI theme ("dark" or "light")
216
+;default_theme = dark
217
+
218
+# External user management, these options affect the organization users view
219
+;external_manage_link_url =
220
+;external_manage_link_name =
221
+;external_manage_info =
222
+
223
+# Viewers can edit/inspect dashboard settings in the browser. But not save the dashboard.
224
+;viewers_can_edit = false
225
+
226
+[auth]
227
+# Login cookie name
228
+;login_cookie_name = grafana_session
229
+
230
+# The lifetime (days) an authenticated user can be inactive before being required to login at next visit. Default is 7 days,
231
+;login_maximum_inactive_lifetime_days = 7
232
+
233
+# The maximum lifetime (days) an authenticated user can be logged in since login time before being required to login. Default is 30 days.
234
+;login_maximum_lifetime_days = 30
235
+
236
+# How often should auth tokens be rotated for authenticated users when being active. The default is each 10 minutes.
237
+;token_rotation_interval_minutes = 10
238
+
239
+# Set to true to disable (hide) the login form, useful if you use OAuth, defaults to false
240
+;disable_login_form = false
241
+
242
+# Set to true to disable the signout link in the side menu. useful if you use auth.proxy, defaults to false
243
+;disable_signout_menu = false
244
+
245
+# URL to redirect the user to after sign out
246
+;signout_redirect_url =
247
+
248
+# Set to true to attempt login with OAuth automatically, skipping the login screen.
249
+# This setting is ignored if multiple OAuth providers are configured.
250
+;oauth_auto_login = false
251
+
252
+#################################### Anonymous Auth ######################
253
+[auth.anonymous]
254
+# enable anonymous access
255
+;enabled = false
256
+
257
+# specify organization name that should be used for unauthenticated users
258
+;org_name = Main Org.
259
+
260
+# specify role for unauthenticated users
261
+;org_role = Viewer
262
+
263
+#################################### Github Auth ##########################
264
+[auth.github]
265
+;enabled = false
266
+;allow_sign_up = true
267
+;client_id = some_id
268
+;client_secret = some_secret
269
+;scopes = user:email,read:org
270
+;auth_url = https://github.com/login/oauth/authorize
271
+;token_url = https://github.com/login/oauth/access_token
272
+;api_url = https://api.github.com/user
273
+;team_ids =
274
+;allowed_organizations =
275
+
276
+#################################### Google Auth ##########################
277
+[auth.google]
278
+;enabled = false
279
+;allow_sign_up = true
280
+;client_id = some_client_id
281
+;client_secret = some_client_secret
282
+;scopes = https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email
283
+;auth_url = https://accounts.google.com/o/oauth2/auth
284
+;token_url = https://accounts.google.com/o/oauth2/token
285
+;api_url = https://www.googleapis.com/oauth2/v1/userinfo
286
+;allowed_domains =
287
+
288
+#################################### Generic OAuth ##########################
289
+[auth.generic_oauth]
290
+;enabled = false
291
+;name = OAuth
292
+;allow_sign_up = true
293
+;client_id = some_id
294
+;client_secret = some_secret
295
+;scopes = user:email,read:org
296
+;auth_url = https://foo.bar/login/oauth/authorize
297
+;token_url = https://foo.bar/login/oauth/access_token
298
+;api_url = https://foo.bar/user
299
+;team_ids =
300
+;allowed_organizations =
301
+;tls_skip_verify_insecure = false
302
+;tls_client_cert =
303
+;tls_client_key =
304
+;tls_client_ca =
305
+
306
+; Set to true to enable sending client_id and client_secret via POST body instead of Basic authentication HTTP header
307
+; This might be required if the OAuth provider is not RFC6749 compliant, only supporting credentials passed via POST payload
308
+;send_client_credentials_via_post = false
309
+
310
+#################################### Grafana.com Auth ####################
311
+[auth.grafana_com]
312
+;enabled = false
313
+;allow_sign_up = true
314
+;client_id = some_id
315
+;client_secret = some_secret
316
+;scopes = user:email
317
+;allowed_organizations =
318
+
319
+#################################### Auth Proxy ##########################
320
+[auth.proxy]
321
+;enabled = false
322
+;header_name = X-WEBAUTH-USER
323
+;header_property = username
324
+;auto_sign_up = true
325
+;ldap_sync_ttl = 60
326
+;whitelist = 192.168.1.1, 192.168.2.1
327
+;headers = Email:X-User-Email, Name:X-User-Name
328
+
329
+#################################### Basic Auth ##########################
330
+[auth.basic]
331
+;enabled = true
332
+
333
+#################################### Auth LDAP ##########################
334
+[auth.ldap]
335
+;enabled = false
336
+;config_file = /etc/grafana/ldap.toml
337
+;allow_sign_up = true
338
+
339
+#################################### SMTP / Emailing ##########################
340
+[smtp]
341
+enabled = true
342
+;host = localhost:25
343
+;user =
344
+# If the password contains # or ; you have to wrap it with trippel quotes. Ex """#password;"""
345
+;password =
346
+;cert_file =
347
+;key_file =
348
+;skip_verify = false
349
+from_address = admin@{{ grafana_domain }}
350
+;from_name = Grafana
351
+# EHLO identity in SMTP dialog (defaults to instance_name)
352
+ehlo_identity = {{ grafana_domain }}
353
+
354
+[emails]
355
+welcome_email_on_sign_up = true
356
+
357
+#################################### Logging ##########################
358
+[log]
359
+# Either "console", "file", "syslog". Default is console and  file
360
+# Use space to separate multiple modes, e.g. "console file"
361
+;mode = console file
362
+
363
+# Either "debug", "info", "warn", "error", "critical", default is "info"
364
+;level = info
365
+
366
+# optional settings to set different levels for specific loggers. Ex filters = sqlstore:debug
367
+;filters =
368
+
369
+# For "console" mode only
370
+[log.console]
371
+;level =
372
+
373
+# log line format, valid options are text, console and json
374
+;format = console
375
+
376
+# For "file" mode only
377
+[log.file]
378
+;level =
379
+
380
+# log line format, valid options are text, console and json
381
+;format = text
382
+
383
+# This enables automated log rotate(switch of following options), default is true
384
+;log_rotate = true
385
+
386
+# Max line number of single file, default is 1000000
387
+;max_lines = 1000000
388
+
389
+# Max size shift of single file, default is 28 means 1 << 28, 256MB
390
+;max_size_shift = 28
391
+
392
+# Segment log daily, default is true
393
+;daily_rotate = true
394
+
395
+# Expired days of log file(delete after max days), default is 7
396
+;max_days = 7
397
+
398
+[log.syslog]
399
+;level =
400
+
401
+# log line format, valid options are text, console and json
402
+;format = text
403
+
404
+# Syslog network type and address. This can be udp, tcp, or unix. If left blank, the default unix endpoints will be used.
405
+;network =
406
+;address =
407
+
408
+# Syslog facility. user, daemon and local0 through local7 are valid.
409
+;facility =
410
+
411
+# Syslog tag. By default, the process' argv[0] is used.
412
+;tag =
413
+
414
+#################################### Alerting ############################
415
+[alerting]
416
+# Disable alerting engine & UI features
417
+;enabled = true
418
+# Makes it possible to turn off alert rule execution but alerting UI is visible
419
+;execute_alerts = true
420
+
421
+# Default setting for new alert rules. Defaults to categorize error and timeouts as alerting. (alerting, keep_state)
422
+;error_or_timeout = alerting
423
+
424
+# Default setting for how Grafana handles nodata or null values in alerting. (alerting, no_data, keep_state, ok)
425
+;nodata_or_nullvalues = no_data
426
+
427
+# Alert notifications can include images, but rendering many images at the same time can overload the server
428
+# This limit will protect the server from render overloading and make sure notifications are sent out quickly
429
+;concurrent_render_limit = 5
430
+
431
+#################################### Explore #############################
432
+[explore]
433
+# Enable the Explore section
434
+;enabled = true
435
+
436
+#################################### Internal Grafana Metrics ##########################
437
+# Metrics available at HTTP API Url /metrics
438
+[metrics]
439
+# Disable / Enable internal metrics
440
+;enabled           = true
441
+
442
+# Publish interval
443
+;interval_seconds  = 10
444
+
445
+# Send internal metrics to Graphite
446
+[metrics.graphite]
447
+# Enable by setting the address setting (ex localhost:2003)
448
+;address =
449
+;prefix = prod.grafana.%(instance_name)s.
450
+
451
+#################################### Distributed tracing ############
452
+[tracing.jaeger]
453
+# Enable by setting the address sending traces to jaeger (ex localhost:6831)
454
+;address = localhost:6831
455
+# Tag that will always be included in when creating new spans. ex (tag1:value1,tag2:value2)
456
+;always_included_tag = tag1:value1
457
+# Type specifies the type of the sampler: const, probabilistic, rateLimiting, or remote
458
+;sampler_type = const
459
+# jaeger samplerconfig param
460
+# for "const" sampler, 0 or 1 for always false/true respectively
461
+# for "probabilistic" sampler, a probability between 0 and 1
462
+# for "rateLimiting" sampler, the number of spans per second
463
+# for "remote" sampler, param is the same as for "probabilistic"
464
+# and indicates the initial sampling rate before the actual one
465
+# is received from the mothership
466
+;sampler_param = 1
467
+
468
+#################################### Grafana.com integration  ##########################
469
+# Url used to import dashboards directly from Grafana.com
470
+[grafana_com]
471
+;url = https://grafana.com
472
+
473
+#################################### External image storage ##########################
474
+[external_image_storage]
475
+# Used for uploading images to public servers so they can be included in slack/email messages.
476
+# you can choose between (s3, webdav, gcs, azure_blob, local)
477
+provider = local
478
+
479
+[external_image_storage.s3]
480
+;bucket =
481
+;region =
482
+;path =
483
+;access_key =
484
+;secret_key =
485
+
486
+[external_image_storage.webdav]
487
+;url =
488
+;public_url =
489
+;username =
490
+;password =
491
+
492
+[external_image_storage.gcs]
493
+;key_file =
494
+;bucket =
495
+;path =
496
+
497
+[external_image_storage.azure_blob]
498
+;account_name =
499
+;account_key =
500
+;container_name =
501
+
502
+[external_image_storage.local]
503
+# does not require any configuration
504
+
505
+[rendering]
506
+# Options to configure external image rendering server like https://github.com/grafana/grafana-image-renderer
507
+;server_url =
508
+;callback_url =
509
+
510
+[enterprise]
511
+# Path to a valid Grafana Enterprise license.jwt file
512
+;license_path =
513
+
514
+[panels]
515
+;enable_alpha = false
516
+# If set to true Grafana will allow script tags in text panels. Not recommended as it enable XSS vulnerabilities.
517
+;disable_sanitize_html = false
518
+

+ 6
- 0
roles/monitoring/files/etc_monit_conf.d_grafana ファイルの表示

@@ -0,0 +1,6 @@
1
+check process grafana with pidfile /var/run/grafana/grafana-server.pid
2
+  group iot
3
+  start program = "/bin/systemctl start grafana-server"
4
+  stop program = "/bin/systemctl stop grafana-server"
5
+  if failed host localhost port 2942 protocol http then restart
6
+  if 5 restarts within 5 cycles then timeout

+ 9
- 0
roles/monitoring/tasks/monit.yml ファイルの表示

@@ -52,6 +52,10 @@
52 52
   stat: path=/home/{{ main_user_name }}/commento/commento
53 53
   register: commento_config_file
54 54
 
55
+- name: Determine if Grafana is installed
56
+  stat: path=/etc/grafana/grafana.ini
57
+  register: grafana_config_file
58
+
55 59
 - name: Copy ZNC monit service config files into place
56 60
   copy: src=etc_monit_conf.d_znc dest=/etc/monit/conf.d/znc
57 61
   notify: restart monit
@@ -97,6 +101,11 @@
97 101
   notify: restart monit
98 102
   when: commento_config_file.stat.exists == True
99 103
 
104
+- name: Copy Grafana monit service config files into place
105
+  copy: src=etc_monit_conf.d_grafana dest=/etc/monit/conf.d/grafana
106
+  notify: restart monit
107
+  when: grafana_config_file.stat.exists == True
108
+
100 109
 - name: Copy monit service config files into place
101 110
   copy: src=etc_monit_conf.d_{{ item }} dest=/etc/monit/conf.d/{{ item }}
102 111
   with_items:

+ 1
- 0
site.yml ファイルの表示

@@ -18,5 +18,6 @@
18 18
     - xmpp
19 19
     - matrix
20 20
     - mastodon
21
+    - iot
21 22
     - vpn
22 23
     - monitoring  # Monitoring role should be last. See roles/monitoring/README.md

読み込み中…
キャンセル
保存