diff --git a/roles/systemd_exporter/defaults/main.yml b/roles/systemd_exporter/defaults/main.yml index ffad95e8..c14fba5c 100644 --- a/roles/systemd_exporter/defaults/main.yml +++ b/roles/systemd_exporter/defaults/main.yml @@ -1,10 +1,8 @@ --- systemd_exporter_version: 0.6.0 -systemd_exporter_binary_local_dir: "" systemd_exporter_binary_url: "https://github.com/{{ _systemd_exporter_repo }}/releases/download/v{{ systemd_exporter_version }}/\ - systemd_exporter-{{ systemd_exporter_version }}.linux-{{ go_arch }}.tar.gz" + systemd_exporter-{{ systemd_exporter_version }}.{{ ansible_system | lower }}-{{ _systemd_exporter_go_ansible_arch }}.tar.gz" systemd_exporter_checksums_url: "https://github.com/{{ _systemd_exporter_repo }}/releases/download/v{{ systemd_exporter_version }}/sha256sums.txt" -systemd_exporter_skip_install: false systemd_exporter_web_listen_address: "0.0.0.0:9558" systemd_exporter_tls_server_config: {} @@ -19,8 +17,9 @@ systemd_exporter_unit_exclude: "" systemd_exporter_binary_install_dir: "/usr/local/bin" systemd_exporter_system_group: "systemd-exporter" systemd_exporter_system_user: "{{ systemd_exporter_system_group }}" +systemd_exporter_config_dir: "/etc/systemd_exporter" systemd_exporter_log_level: info # Local path to stash the archive and its extraction -systemd_exporter_archive_path: /tmp +systemd_exporter_local_cache_path: "/tmp/systemd_exporter-{{ ansible_system | lower }}-{{ _systemd_exporter_go_ansible_arch }}/{{ systemd_exporter_version }}" diff --git a/roles/systemd_exporter/meta/argument_specs.yml b/roles/systemd_exporter/meta/argument_specs.yml index ec96c2da..3208219e 100644 --- a/roles/systemd_exporter/meta/argument_specs.yml +++ b/roles/systemd_exporter/meta/argument_specs.yml @@ -11,18 +11,9 @@ argument_specs: systemd_exporter_version: description: "SystemD exporter package version. Also accepts latest as parameter." default: "0.6.0" - systemd_exporter_skip_install: - description: "SystemD exporter installation tasks gets skipped when set to true." - type: bool - default: false - systemd_exporter_binary_local_dir: - description: - - "Allows to use local packages instead of ones distributed on github." - - "As parameter it takes a directory where C(systemd_exporter) binary is stored on host on which ansible is run." - - "This overrides I(systemd_exporter_version) parameter" systemd_exporter_binary_url: description: URL of the systemd exporter binaries .tar.gz file" - default: "https://github.com/{{ _systemd_exporter_repo }}/releases/download/v{{ systemd_exporter_version }}/systemd_exporter-{{ systemd_exporter_version }}.linux-{{ go_arch }}.tar.gz" + default: "https://github.com/{{ _systemd_exporter_repo }}/releases/download/v{{ systemd_exporter_version }}/systemd_exporter-{{ systemd_exporter_version }}.{{ ansible_system | lower }}-{{ _systemd_exporter_go_ansible_arch }}.tar.gz" systemd_exporter_checksums_url: description: "URL of the systemd exporter checksums file" default: "https://github.com/{{ _systemd_exporter_repo }}/releases/download/v{{ systemd_exporter_version }}/sha256sums.txt" @@ -67,6 +58,9 @@ argument_specs: default: "systemd-exporter" systemd_exporter_log_level: description: Only log messages with the given severity or above. - systemd_exporter_archive_path: - description: 'Local path to stash the archive and its extraction' - default: "/tmp" + systemd_exporter_local_cache_path: + description: "Local path to stash the archive and its extraction" + default: "/tmp/systemd_exporter-{{ ansible_system | lower }}-{{ _systemd_exporter_go_ansible_arch }}/{{ systemd_exporter_version }}" + systemd_exporter_config_dir: + description: "Path to directory with systemd_exporter configuration" + default: "/etc/systemd_exporter" diff --git a/roles/systemd_exporter/molecule/alternative/molecule.yml b/roles/systemd_exporter/molecule/alternative/molecule.yml index d33138d8..edc035a3 100644 --- a/roles/systemd_exporter/molecule/alternative/molecule.yml +++ b/roles/systemd_exporter/molecule/alternative/molecule.yml @@ -5,9 +5,8 @@ provisioner: inventory: group_vars: all: - systemd_exporter_binary_local_dir: "/tmp/systemd_exporter-linux-amd64" + systemd_exporter_local_cache_path: "/tmp/systemd_exporter-linux-amd64" systemd_exporter_web_listen_address: "127.0.0.1:9000" - go_arch: amd64 systemd_exporter_version: 0.5.0 systemd_exporter_tls_server_config: cert_file: /etc/systemd_exporter/tls.cert @@ -15,4 +14,4 @@ provisioner: systemd_exporter_enable_file_descriptor_size: true systemd_exporter_binary_url: "https://github.com/prometheus-community/systemd_exporter/releases/download/v{{\ \ systemd_exporter_version }}/systemd_exporter-{{ systemd_exporter_version\ - \ }}.linux-{{ go_arch }}.tar.gz" + \ }}.linux-amd64.tar.gz" diff --git a/roles/systemd_exporter/molecule/default/tests/test_default.py b/roles/systemd_exporter/molecule/default/tests/test_default.py index 75c9cb9e..7e03493a 100644 --- a/roles/systemd_exporter/molecule/default/tests/test_default.py +++ b/roles/systemd_exporter/molecule/default/tests/test_default.py @@ -36,7 +36,6 @@ def test_user(host): assert host.group("systemd-exporter").exists assert "systemd-exporter" in host.user("systemd-exporter").groups assert host.user("systemd-exporter").shell == "/usr/sbin/nologin" - assert host.user("systemd-exporter").home == "/" def test_service(host): diff --git a/roles/systemd_exporter/tasks/configure.yml b/roles/systemd_exporter/tasks/configure.yml deleted file mode 100644 index 58f5428e..00000000 --- a/roles/systemd_exporter/tasks/configure.yml +++ /dev/null @@ -1,36 +0,0 @@ ---- -- name: Copy the systemd_exporter systemd service file - ansible.builtin.template: - src: systemd_exporter.service.j2 - dest: /etc/systemd/system/systemd_exporter.service - owner: root - group: root - mode: 0644 - notify: restart systemd_exporter - -- name: Create systemd_exporter config directory - ansible.builtin.file: - path: "/etc/systemd_exporter" - state: directory - owner: root - group: root - mode: u+rwX,g+rwX,o=rX - -- name: Copy the systemd_exporter config file - ansible.builtin.template: - src: config.yaml.j2 - dest: /etc/systemd_exporter/config.yaml - owner: root - group: root - mode: 0644 - notify: restart systemd_exporter - -- name: Allow systemd_exporter port in SELinux on RedHat OS family - community.general.seport: - ports: "{{ systemd_exporter_web_listen_address.split(':')[-1] }}" - proto: tcp - setype: http_port_t - state: present - when: - - ansible_version.full is version_compare('2.4', '>=') - - ansible_selinux.status == "enabled" diff --git a/roles/systemd_exporter/tasks/install.yml b/roles/systemd_exporter/tasks/install.yml deleted file mode 100644 index 5236206e..00000000 --- a/roles/systemd_exporter/tasks/install.yml +++ /dev/null @@ -1,68 +0,0 @@ ---- -- name: Create the systemd_exporter group - ansible.builtin.group: - name: "{{ systemd_exporter_system_group }}" - state: present - system: true - when: systemd_exporter_system_group != "root" - -- name: Create the systemd_exporter user - ansible.builtin.user: - name: "{{ systemd_exporter_system_user }}" - groups: "{{ systemd_exporter_system_group }}" - append: true - shell: /usr/sbin/nologin - system: true - create_home: false - home: / - when: systemd_exporter_system_user != "root" - -- name: Get systemd exporter binary - when: - - systemd_exporter_binary_local_dir | length == 0 - - not systemd_exporter_skip_install - block: - - name: Download systemd_exporter binary to local folder - become: false - ansible.builtin.get_url: - url: "{{ systemd_exporter_binary_url }}" - dest: "{{ systemd_exporter_archive_path }}/systemd_exporter-{{ systemd_exporter_version }}.linux-{{ go_arch }}.tar.gz" - checksum: "sha256:{{ _systemd_exporter_checksum }}" - mode: '0644' - register: _download_binary - until: _download_binary is succeeded - retries: 5 - delay: 2 - delegate_to: localhost - check_mode: false - - - name: Unpack systemd_exporter binary - become: false - ansible.builtin.unarchive: - src: "{{ systemd_exporter_archive_path }}/systemd_exporter-{{ systemd_exporter_version }}.linux-{{ go_arch }}.tar.gz" - dest: "{{ systemd_exporter_archive_path }}" - creates: "{{ systemd_exporter_archive_path }}/systemd_exporter-{{ systemd_exporter_version }}.linux-{{ go_arch }}/systemd_exporter" - delegate_to: localhost - check_mode: false - - - name: Propagate systemd_exporter binaries - ansible.builtin.copy: - src: "{{ systemd_exporter_archive_path }}/systemd_exporter-{{ systemd_exporter_version }}.linux-{{ go_arch }}/systemd_exporter" - dest: "{{ systemd_exporter_binary_install_dir }}/systemd_exporter" - mode: 0755 - owner: root - group: root - notify: restart systemd_exporter - when: not ansible_check_mode - -- name: Propagate locally distributed systemd_exporter binary - ansible.builtin.copy: - src: "{{ systemd_exporter_binary_local_dir }}/systemd_exporter" - dest: "{{ systemd_exporter_binary_install_dir }}/systemd_exporter" - mode: 0755 - owner: root - group: root - when: - - systemd_exporter_binary_local_dir | length > 0 - - not systemd_exporter_skip_install - notify: restart systemd_exporter diff --git a/roles/systemd_exporter/tasks/main.yml b/roles/systemd_exporter/tasks/main.yml index 1e918a33..faa7fe40 100644 --- a/roles/systemd_exporter/tasks/main.yml +++ b/roles/systemd_exporter/tasks/main.yml @@ -2,48 +2,47 @@ - name: Preflight ansible.builtin.include_tasks: file: preflight.yml - apply: - tags: - - systemd_exporter_install - - systemd_exporter_configure - - systemd_exporter_run tags: - systemd_exporter_install - systemd_exporter_configure - systemd_exporter_run - name: Install - ansible.builtin.include_tasks: - file: install.yml - apply: - become: true - tags: - - systemd_exporter_install - when: - ( not __systemd_exporter_is_installed.stat.exists ) or - ( __systemd_exporter_current_version_output.stderr_lines[0].split(" ")[2] != systemd_exporter_version ) or - ( systemd_exporter_binary_local_dir | length > 0 ) + ansible.builtin.include_role: + name: prometheus.prometheus._common + tasks_from: install.yml + vars: + _common_local_cache_path: "{{ systemd_exporter_local_cache_path }}" + _common_binaries: "{{ _systemd_exporter_binaries }}" + _common_binary_install_dir: "{{ systemd_exporter_binary_install_dir }}" + _common_binary_url: "{{ systemd_exporter_binary_url }}" + _common_checksums_url: "{{ systemd_exporter_checksums_url }}" + _common_system_group: "{{ systemd_exporter_system_group }}" + _common_system_user: "{{ systemd_exporter_system_user }}" + _common_config_dir: "{{ systemd_exporter_config_dir }}" + _common_binary_unarchive_opts: ['--strip-components=1'] tags: - systemd_exporter_install - name: SELinux - ansible.builtin.include_tasks: - file: selinux.yml - apply: - become: true - tags: - - systemd_exporter_configure + ansible.builtin.include_role: + name: prometheus.prometheus._common + tasks_from: selinux.yml + vars: + _common_selinux_port: "{{ systemd_exporter_web_listen_address | urlsplit('port') }}" when: ansible_selinux.status == "enabled" tags: - systemd_exporter_configure - name: Configure - ansible.builtin.include_tasks: - file: configure.yml - apply: - become: true - tags: - - systemd_exporter_configure + ansible.builtin.include_role: + name: prometheus.prometheus._common + tasks_from: configure.yml + vars: + _common_system_user: "{{ systemd_exporter_system_user }}" + _common_system_group: "{{ systemd_exporter_system_group }}" + _common_config_dir: "{{ systemd_exporter_config_dir }}" + _common_tls_server_config: "{{ systemd_exporter_tls_server_config }}" tags: - systemd_exporter_configure diff --git a/roles/systemd_exporter/tasks/preflight.yml b/roles/systemd_exporter/tasks/preflight.yml index 1e02da96..adec0f3a 100644 --- a/roles/systemd_exporter/tasks/preflight.yml +++ b/roles/systemd_exporter/tasks/preflight.yml @@ -1,24 +1,8 @@ --- -- name: Assert usage of systemd as an init system - ansible.builtin.assert: - that: ansible_service_mgr == 'systemd' - msg: "This role only works with systemd" - -- name: Install package fact dependencies - become: true - ansible.builtin.package: - name: "{{ _pkg_fact_req }}" - state: present - when: (_pkg_fact_req) - vars: - _pkg_fact_req: "{% if (ansible_pkg_mgr == 'apt') %}\ - {{ ('python-apt' if ansible_python_version is version('3', '<') else 'python3-apt') }} - {% else %}\ - {% endif %}" - -- name: Gather package facts - ansible.builtin.package_facts: - when: "not 'packages' in ansible_facts" +- name: Common preflight + ansible.builtin.include_role: + name: prometheus.prometheus._common + tasks_from: preflight.yml - name: Assert that used version supports listen address type ansible.builtin.assert: @@ -78,24 +62,6 @@ systemd_exporter_system_user: "root" when: systemd_exporter_enable_file_descriptor_size -- name: Check if systemd_exporter is installed - ansible.builtin.stat: - path: "{{ systemd_exporter_binary_install_dir }}/systemd_exporter" - register: __systemd_exporter_is_installed - check_mode: false - tags: - - systemd_exporter_install - -- name: Gather currently installed systemd_exporter version (if any) - command: "{{ systemd_exporter_binary_install_dir }}/systemd_exporter --version" - changed_when: false - register: __systemd_exporter_current_version_output - check_mode: false - when: __systemd_exporter_is_installed.stat.exists - tags: - - systemd_exporter_install - - skip_ansible_lint - - name: Discover latest version ansible.builtin.set_fact: systemd_exporter_version: "{{ (lookup('url', 'https://api.github.com/repos/{{ _systemd_exporter_repo }}/releases/latest', @@ -105,24 +71,9 @@ retries: 10 when: - systemd_exporter_version == "latest" - - systemd_exporter_binary_local_dir | length == 0 - - not systemd_exporter_skip_install - -- name: Get systemd exporter binary checksum - when: - - systemd_exporter_binary_local_dir | length == 0 - - not systemd_exporter_skip_install - block: - - name: Get checksum list from github - ansible.builtin.set_fact: - _systemd_exporter_checksums: "{{ lookup('url', systemd_exporter_checksums_url, headers=_github_api_headers, wantlist=True) | list }}" - run_once: true - until: _systemd_exporter_checksums is search('linux-' + go_arch + '.tar.gz') - retries: 10 - - - name: "Get checksum for {{ go_arch }}" - ansible.builtin.set_fact: - _systemd_exporter_checksum: "{{ item.split(' ')[0] }}" - with_items: "{{ _systemd_exporter_checksums }}" - when: - - "('linux-' + go_arch + '.tar.gz') in item" + tags: + - systemd_exporter + - install + - systemd_exporter_install + - download + - systemd_exporter_download diff --git a/roles/systemd_exporter/tasks/selinux.yml b/roles/systemd_exporter/tasks/selinux.yml deleted file mode 100644 index 754cbd0a..00000000 --- a/roles/systemd_exporter/tasks/selinux.yml +++ /dev/null @@ -1,23 +0,0 @@ ---- -- name: Install selinux python packages [RedHat] - ansible.builtin.package: - name: "{{ ['libselinux-python', 'policycoreutils-python'] - if ansible_python_version is version('3', '<') else - ['python3-libselinux', 'python3-policycoreutils'] }}" - state: present - register: _install_selinux_packages - until: _install_selinux_packages is success - retries: 5 - delay: 2 - when: ansible_os_family | lower == "redhat" - -- name: Install selinux python packages [clearlinux] - ansible.builtin.package: - name: sysadmin-basic - state: present - register: _install_selinux_packages - until: _install_selinux_packages is success - retries: 5 - delay: 2 - when: - - ansible_distribution | lower == "clearlinux" diff --git a/roles/systemd_exporter/templates/config.yaml.j2 b/roles/systemd_exporter/templates/config.yaml.j2 deleted file mode 100644 index 682b16ce..00000000 --- a/roles/systemd_exporter/templates/config.yaml.j2 +++ /dev/null @@ -1,6 +0,0 @@ ---- -{{ ansible_managed | comment }} -{% if systemd_exporter_tls_server_config | length > 0 %} -tls_server_config: -{{ systemd_exporter_tls_server_config | to_nice_yaml | indent(2, true) }} -{% endif %} diff --git a/roles/systemd_exporter/templates/systemd_exporter.service.j2 b/roles/systemd_exporter/templates/systemd_exporter.service.j2 index 5d179362..191d8772 100644 --- a/roles/systemd_exporter/templates/systemd_exporter.service.j2 +++ b/roles/systemd_exporter/templates/systemd_exporter.service.j2 @@ -37,7 +37,7 @@ ExecStart={{ systemd_exporter_binary_install_dir }}/systemd_exporter \ --systemd.collector.unit-exclude={{ systemd_exporter_unit_exclude }} \ {% endif %} {% if systemd_exporter_tls_server_config | length > 0 %} - --web.config.file=/etc/systemd_exporter/config.yaml \ + --web.config.file={{ systemd_exporter_config_dir }}/web_config.yml \ {% endif %} --log.level={{ systemd_exporter_log_level }} \ --web.listen-address={{ systemd_exporter_web_listen_address }} diff --git a/roles/systemd_exporter/vars/main.yml b/roles/systemd_exporter/vars/main.yml index 0b4f4588..966be4a0 100644 --- a/roles/systemd_exporter/vars/main.yml +++ b/roles/systemd_exporter/vars/main.yml @@ -1,11 +1,9 @@ --- -go_arch_map: - i386: '386' - x86_64: 'amd64' - aarch64: 'arm64' - armv7l: 'armv7' - armv6l: 'armv6' - -go_arch: "{{ go_arch_map[ansible_architecture] | default(ansible_architecture) }}" +_systemd_exporter_go_ansible_arch: "{{ {'i386': '386', + 'x86_64': 'amd64', + 'aarch64': 'arm64', + 'armv7l': 'armv7', + 'armv6l': 'armv6'}.get(ansible_architecture, ansible_architecture) }}" _systemd_exporter_repo: "prometheus-community/systemd_exporter" _github_api_headers: "{{ {'GITHUB_TOKEN': lookup('ansible.builtin.env', 'GITHUB_TOKEN')} if (lookup('ansible.builtin.env', 'GITHUB_TOKEN')) else {} }}" +_systemd_exporter_binaries: ['systemd_exporter']