--- - name: Create prometheus system group ansible.builtin.group: name: prometheus system: true state: present - name: Create prometheus system user ansible.builtin.user: name: prometheus system: true shell: "/usr/sbin/nologin" ansible.builtin.group: prometheus createhome: false home: "{{ prometheus_db_dir }}" - name: Create prometheus data directory ansible.builtin.file: path: "{{ prometheus_db_dir }}" state: directory owner: prometheus ansible.builtin.group: prometheus mode: 0755 - name: Create prometheus configuration directories ansible.builtin.file: path: "{{ item }}" state: directory owner: root ansible.builtin.group: prometheus mode: 0770 with_items: - "{{ prometheus_config_dir }}" - "{{ prometheus_config_dir }}/rules" - "{{ prometheus_config_dir }}/file_sd" - name: Get prometheus binary when: - prometheus_binary_local_dir | length == 0 - not prometheus_skip_install block: - name: Download prometheus binary to local folder become: false ansible.builtin.get_url: url: "https://github.com/prometheus/prometheus/releases/download/v{{ prometheus_version }}/ prometheus-{{ prometheus_version }}.linux-{{ go_arch }}.tar.gz" dest: "/tmp/prometheus-{{ prometheus_version }}.linux-{{ go_arch }}.tar.gz" checksum: "sha256:{{ __prometheus_checksum }}" mode: 0644 register: _download_archive until: _download_archive is succeeded retries: 5 delay: 2 # run_once: true # <-- this cannot be set due to multi-arch support delegate_to: localhost check_mode: false - name: Unpack prometheus binaries become: false ansible.builtin.unarchive: src: "/tmp/prometheus-{{ prometheus_version }}.linux-{{ go_arch }}.tar.gz" dest: "/tmp" creates: "/tmp/prometheus-{{ prometheus_version }}.linux-{{ go_arch }}/prometheus" delegate_to: localhost check_mode: false - name: Propagate official prometheus and promtool binaries ansible.builtin.copy: src: "/tmp/prometheus-{{ prometheus_version }}.linux-{{ go_arch }}/{{ item }}" dest: "{{ _prometheus_binary_install_dir }}/{{ item }}" mode: 0755 owner: root ansible.builtin.group: root with_items: - prometheus - promtool notify: - restart prometheus - name: Propagate official console templates ansible.builtin.copy: src: "/tmp/prometheus-{{ prometheus_version }}.linux-{{ go_arch }}/{{ item }}/" dest: "{{ prometheus_config_dir }}/{{ item }}/" mode: 0644 owner: root ansible.builtin.group: root with_items: - console_libraries - consoles notify: - restart prometheus - name: Propagate locally distributed prometheus and promtool binaries ansible.builtin.copy: src: "{{ prometheus_binary_local_dir }}/{{ item }}" dest: "{{ _prometheus_binary_install_dir }}/{{ item }}" mode: 0755 owner: root ansible.builtin.group: root with_items: - prometheus - promtool when: - prometheus_binary_local_dir | length > 0 - not prometheus_skip_install notify: - restart prometheus - name: Create systemd service unit ansible.builtin.template: src: prometheus.service.j2 dest: /etc/systemd/system/prometheus.service owner: root ansible.builtin.group: root mode: 0644 notify: - restart prometheus - name: Install SELinux dependencies ansible.builtin.package: name: "{{ _prometheus_selinux_packages }}" state: present register: _install_packages until: _install_packages is succeeded retries: 5 delay: 2 when: - ansible_version.full is version('2.4', '>=') - ansible_selinux.status == "enabled" - name: Allow prometheus to bind to port in SELinux ansible.builtin.seport: ports: "{{ prometheus_web_listen_address.split(':')[1] }}" proto: tcp setype: http_port_t state: present when: - ansible_version.full is version('2.4', '>=') - ansible_selinux.status == "enabled"