ansible-collection-prometheus/roles/systemd_exporter/tasks/preflight.yml

---
- name: Assert usage of systemd as an init system
  ansible.builtin.assert:
    that: ansible_service_mgr == 'systemd'
    msg: "This role only works with systemd"

- name: Install package fact dependencies
  become: true
  ansible.builtin.package:
    name: "{{ _pkg_fact_req }}"
    state: present
  when: (_pkg_fact_req)
  vars:
    _pkg_fact_req: "{% if (ansible_pkg_mgr == 'apt') %}\
                    {{ ('python-apt' if ansible_python_version is version('3', '<') else 'python3-apt') }}
                    {% else %}\
                    {% endif %}"

- name: Gather package facts
  ansible.builtin.package_facts:
  when: "not 'packages' in ansible_facts"

- name: Naive assertion of proper listen address
  ansible.builtin.assert:
    that:
      - "':' in systemd_exporter_web_listen_address"

- name: Assert that TLS config is correct
  when: systemd_exporter_tls_server_config | length > 0
  block:
    - name: Assert that systemd_exporter version supports TLS config
      ansible.builtin.assert:
        that:
          - "systemd_exporter_version is version('0.5.0', '>=')"

    - name: Assert that TLS key and cert path are set
      ansible.builtin.assert:
        that:
          - "systemd_exporter_tls_server_config.cert_file is defined"
          - "systemd_exporter_tls_server_config.key_file is defined"

    - name: Check existence of TLS cert file
      ansible.builtin.stat:
        path: "{{ systemd_exporter_tls_server_config.cert_file }}"
      register: __systemd_exporter_cert_file

    - name: Check existence of TLS key file
      ansible.builtin.stat:
        path: "{{ systemd_exporter_tls_server_config.key_file }}"
      register: __systemd_exporter_key_file

    - name: Assert that TLS key and cert are present
      ansible.builtin.assert:
        that:
          - "{{ __systemd_exporter_cert_file.stat.exists }}"
          - "{{ __systemd_exporter_key_file.stat.exists }}"

- name: Assert that systemd version is >= 235 when enabling ip accounting or measuring restart count
  ansible.builtin.assert:
    that:
      - (ansible_facts.packages.systemd | first).version is version('235', '>=')
  when: systemd_exporter_enable_ip_accounting or systemd_exporter_enable_restart_count

- name: Set user and group to root to allow access to /proc/X/fd
  ansible.builtin.set_fact:
    systemd_exporter_system_group: "root"
    systemd_exporter_system_user: "root"
  when: systemd_exporter_enable_file_descriptor_size

- name: Check if systemd_exporter is installed
  ansible.builtin.stat:
    path: "{{ systemd_exporter_binary_install_dir }}/systemd_exporter"
  register: __systemd_exporter_is_installed
  check_mode: false
  tags:
    - systemd_exporter_install

- name: Gather currently installed systemd_exporter version (if any)
  command: "{{ systemd_exporter_binary_install_dir }}/systemd_exporter --version"
  changed_when: false
  register: __systemd_exporter_current_version_output
  check_mode: false
  when: __systemd_exporter_is_installed.stat.exists
  tags:
    - systemd_exporter_install
    - skip_ansible_lint

- name: Discover latest version
  ansible.builtin.set_fact:
    systemd_exporter_version: "{{ (lookup('url', 'https://api.github.com/repos/prometheus-community/systemd_exporter/releases/latest',
                               headers=_github_api_headers, split_lines=False) | from_json).get('tag_name') | replace('v', '') }}"
  run_once: true
  until: systemd_exporter_version is version('0.0.0', '>=')
  retries: 10
  when:
    - systemd_exporter_version == "latest"
    - systemd_exporter_binary_local_dir | length == 0
    - not systemd_exporter_skip_install

- name: Get systemd exporter binary checksum
  when:
    - systemd_exporter_binary_local_dir | length == 0
    - not systemd_exporter_skip_install
  block:
    - name: Get checksum list from github
      ansible.builtin.set_fact:
        _systemd_exporter_checksums: "{{ lookup('url', systemd_exporter_checksums_url, headers=_github_api_headers, wantlist=True) | list }}"
      run_once: true
      until: _systemd_exporter_checksums is search('linux-' + go_arch + '.tar.gz')
      retries: 10

    - name: "Get checksum for {{ go_arch }}"
      ansible.builtin.set_fact:
        _systemd_exporter_checksum: "{{ item.split(' ')[0] }}"
      with_items: "{{ _systemd_exporter_checksums }}"
      when:
        - "('linux-' + go_arch + '.tar.gz') in item"
feat: add systemd exporter role Signed-off-by: gardar <gardar@users.noreply.github.com> 2023-03-09 01:20:32 +00:00			`---`
			`- name: Assert usage of systemd as an init system`
			`ansible.builtin.assert:`
			`that: ansible_service_mgr == 'systemd'`
			`msg: "This role only works with systemd"`

			`- name: Install package fact dependencies`
fix: Install package fact dependencies needs to be run as root Signed-off-by: Jonathan Mabit <jonathan.mabit@dametis.com> 2023-04-27 19:44:50 +00:00			`become: true`
feat: add systemd exporter role Signed-off-by: gardar <gardar@users.noreply.github.com> 2023-03-09 01:20:32 +00:00			`ansible.builtin.package:`
			`name: "{{ _pkg_fact_req }}"`
			`state: present`
			`when: (_pkg_fact_req)`
			`vars:`
			`_pkg_fact_req: "{% if (ansible_pkg_mgr == 'apt') %}\`
			`{{ ('python-apt' if ansible_python_version is version('3', '<') else 'python3-apt') }}`
			`{% else %}\`
			`{% endif %}"`

			`- name: Gather package facts`
			`ansible.builtin.package_facts:`
			`when: "not 'packages' in ansible_facts"`

			`- name: Naive assertion of proper listen address`
			`ansible.builtin.assert:`
			`that:`
			`- "':' in systemd_exporter_web_listen_address"`

Add TLS configuration to systemd_exporter role This adds the systemd_exporter_tls_server_config variable, equivalent to the one in node_exporter and others, enabling the use of TLS for the systemd exporter. Signed-off-by: Håvard Pettersson <haavard.pettersson@gmail.com> 2023-08-22 18:24:44 +00:00			`- name: Assert that TLS config is correct`
			`when: systemd_exporter_tls_server_config \| length > 0`
			`block:`
Add a version check for TLS config Signed-off-by: Håvard Pettersson <haavard.pettersson@gmail.com> 2023-08-26 08:21:05 +00:00			`- name: Assert that systemd_exporter version supports TLS config`
			`ansible.builtin.assert:`
			`that:`
			`- "systemd_exporter_version is version('0.5.0', '>=')"`

Add TLS configuration to systemd_exporter role This adds the systemd_exporter_tls_server_config variable, equivalent to the one in node_exporter and others, enabling the use of TLS for the systemd exporter. Signed-off-by: Håvard Pettersson <haavard.pettersson@gmail.com> 2023-08-22 18:24:44 +00:00			`- name: Assert that TLS key and cert path are set`
			`ansible.builtin.assert:`
			`that:`
			`- "systemd_exporter_tls_server_config.cert_file is defined"`
			`- "systemd_exporter_tls_server_config.key_file is defined"`

			`- name: Check existence of TLS cert file`
			`ansible.builtin.stat:`
			`path: "{{ systemd_exporter_tls_server_config.cert_file }}"`
			`register: __systemd_exporter_cert_file`

			`- name: Check existence of TLS key file`
			`ansible.builtin.stat:`
			`path: "{{ systemd_exporter_tls_server_config.key_file }}"`
			`register: __systemd_exporter_key_file`

			`- name: Assert that TLS key and cert are present`
			`ansible.builtin.assert:`
			`that:`
			`- "{{ __systemd_exporter_cert_file.stat.exists }}"`
			`- "{{ __systemd_exporter_key_file.stat.exists }}"`

feat: add systemd exporter role Signed-off-by: gardar <gardar@users.noreply.github.com> 2023-03-09 01:20:32 +00:00			`- name: Assert that systemd version is >= 235 when enabling ip accounting or measuring restart count`
			`ansible.builtin.assert:`
			`that:`
			`- (ansible_facts.packages.systemd \| first).version is version('235', '>=')`
			`when: systemd_exporter_enable_ip_accounting or systemd_exporter_enable_restart_count`

			`- name: Set user and group to root to allow access to /proc/X/fd`
			`ansible.builtin.set_fact:`
			`systemd_exporter_system_group: "root"`
			`systemd_exporter_system_user: "root"`
			`when: systemd_exporter_enable_file_descriptor_size`

			`- name: Check if systemd_exporter is installed`
			`ansible.builtin.stat:`
			`path: "{{ systemd_exporter_binary_install_dir }}/systemd_exporter"`
			`register: __systemd_exporter_is_installed`
			`check_mode: false`
			`tags:`
			`- systemd_exporter_install`

			`- name: Gather currently installed systemd_exporter version (if any)`
			`command: "{{ systemd_exporter_binary_install_dir }}/systemd_exporter --version"`
			`changed_when: false`
			`register: __systemd_exporter_current_version_output`
			`check_mode: false`
			`when: __systemd_exporter_is_installed.stat.exists`
			`tags:`
			`- systemd_exporter_install`
			`- skip_ansible_lint`

			`- name: Discover latest version`
			`ansible.builtin.set_fact:`
fix: pass token to github api for higher ratelimit Signed-off-by: gardar <gardar@users.noreply.github.com> 2023-04-26 15:40:32 +00:00			`systemd_exporter_version: "{{ (lookup('url', 'https://api.github.com/repos/prometheus-community/systemd_exporter/releases/latest',`
			`headers=_github_api_headers, split_lines=False) \| from_json).get('tag_name') \| replace('v', '') }}"`
feat: add systemd exporter role Signed-off-by: gardar <gardar@users.noreply.github.com> 2023-03-09 01:20:32 +00:00			`run_once: true`
			`until: systemd_exporter_version is version('0.0.0', '>=')`
			`retries: 10`
			`when:`
			`- systemd_exporter_version == "latest"`
			`- systemd_exporter_binary_local_dir \| length == 0`
enhancement(systemd_exporter): add skip_install variable This is similar to prometheus_skip_install variable and does what the name says: when set, it won't try to re-download the SystemD exporter binary Signed-off-by: Christian Brabandt <cb@256bit.org> 2023-03-20 15:04:52 +00:00			`- not systemd_exporter_skip_install`
feat: add systemd exporter role Signed-off-by: gardar <gardar@users.noreply.github.com> 2023-03-09 01:20:32 +00:00
			`- name: Get systemd exporter binary checksum`
enhancement(systemd_exporter): add skip_install variable This is similar to prometheus_skip_install variable and does what the name says: when set, it won't try to re-download the SystemD exporter binary Signed-off-by: Christian Brabandt <cb@256bit.org> 2023-03-20 15:04:52 +00:00			`when:`
			`- systemd_exporter_binary_local_dir \| length == 0`
			`- not systemd_exporter_skip_install`
feat: add systemd exporter role Signed-off-by: gardar <gardar@users.noreply.github.com> 2023-03-09 01:20:32 +00:00			`block:`
			`- name: Get checksum list from github`
			`ansible.builtin.set_fact:`
fix: pass token to github api for higher ratelimit Signed-off-by: gardar <gardar@users.noreply.github.com> 2023-04-26 15:40:32 +00:00			`_systemd_exporter_checksums: "{{ lookup('url', systemd_exporter_checksums_url, headers=_github_api_headers, wantlist=True) \| list }}"`
feat: add systemd exporter role Signed-off-by: gardar <gardar@users.noreply.github.com> 2023-03-09 01:20:32 +00:00			`run_once: true`
			`until: _systemd_exporter_checksums is search('linux-' + go_arch + '.tar.gz')`
			`retries: 10`

			`- name: "Get checksum for {{ go_arch }}"`
			`ansible.builtin.set_fact:`
			`_systemd_exporter_checksum: "{{ item.split(' ')[0] }}"`
			`with_items: "{{ _systemd_exporter_checksums }}"`
			`when:`
			`- "('linux-' + go_arch + '.tar.gz') in item"`