ansible-collection-prometheus/roles/prometheus/tasks/install.yml
gardar da146e07d2
Merge pull request #301 from mark-tomich/main
bugfix: use temporary directory to make compatible with multi-user controllers
2024-03-05 15:08:32 +00:00

139 lines
4.1 KiB
YAML

---
- name: Create prometheus system group
ansible.builtin.group:
name: "{{ prometheus_system_group }}"
system: true
state: present
- name: Create prometheus system user
ansible.builtin.user:
name: "{{ prometheus_system_user }}"
system: true
shell: "/usr/sbin/nologin"
group: "{{ prometheus_system_group }}"
createhome: false
home: "{{ prometheus_db_dir }}"
- name: Create prometheus data directory
ansible.builtin.file:
path: "{{ prometheus_db_dir }}"
state: directory
owner: "{{ prometheus_system_user }}"
group: "{{ prometheus_system_group }}"
mode: 0755
- name: Create prometheus configuration directories
ansible.builtin.file:
path: "{{ item }}"
state: directory
owner: root
group: "{{ prometheus_system_group }}"
mode: 0770
with_items:
- "{{ prometheus_config_dir }}"
- "{{ prometheus_config_dir }}/rules"
- "{{ prometheus_config_dir }}/file_sd"
- name: Get prometheus binary
when:
- prometheus_binary_local_dir | length == 0
- not prometheus_skip_install
block:
- name: Download prometheus binary to local folder
become: false
ansible.builtin.get_url:
url: "{{ prometheus_binary_url }}"
dest: "{{ prometheus_archive_path }}/prometheus-{{ prometheus_version }}.linux-{{ go_arch }}.tar.gz"
checksum: "sha256:{{ __prometheus_checksum }}"
mode: 0644
register: _download_archive
until: _download_archive is succeeded
retries: 5
delay: 2
# run_once: true # <-- this cannot be set due to multi-arch support
delegate_to: localhost
check_mode: false
- name: Unpack prometheus binaries
become: false
ansible.builtin.unarchive:
src: "{{ prometheus_archive_path }}/prometheus-{{ prometheus_version }}.linux-{{ go_arch }}.tar.gz"
dest: "{{ prometheus_archive_path }}"
creates: "{{ prometheus_archive_path }}/prometheus-{{ prometheus_version }}.linux-{{ go_arch }}/prometheus"
delegate_to: localhost
check_mode: false
- name: Propagate official prometheus and promtool binaries
ansible.builtin.copy:
src: "{{ prometheus_archive_path }}/prometheus-{{ prometheus_version }}.linux-{{ go_arch }}/{{ item }}"
dest: "{{ _prometheus_binary_install_dir }}/{{ item }}"
mode: 0755
owner: root
group: root
with_items:
- prometheus
- promtool
notify:
- restart prometheus
- name: Propagate official console templates
ansible.builtin.copy:
src: "{{ prometheus_archive_path }}/prometheus-{{ prometheus_version }}.linux-{{ go_arch }}/{{ item }}/"
dest: "{{ prometheus_config_dir }}/{{ item }}/"
mode: 0644
owner: root
group: root
with_items:
- console_libraries
- consoles
notify:
- restart prometheus
- name: Propagate locally distributed prometheus and promtool binaries
ansible.builtin.copy:
src: "{{ prometheus_binary_local_dir }}/{{ item }}"
dest: "{{ _prometheus_binary_install_dir }}/{{ item }}"
mode: 0755
owner: root
group: root
with_items:
- prometheus
- promtool
when:
- prometheus_binary_local_dir | length > 0
- not prometheus_skip_install
notify:
- restart prometheus
- name: Create systemd service unit
ansible.builtin.template:
src: prometheus.service.j2
dest: /etc/systemd/system/prometheus.service
owner: root
group: root
mode: 0644
notify:
- restart prometheus
- name: Install SELinux dependencies
ansible.builtin.package:
name: "{{ _prometheus_selinux_packages }}"
state: present
register: _install_packages
until: _install_packages is succeeded
retries: 5
delay: 2
when:
- ansible_version.full is version('2.4', '>=')
- ansible_selinux.status == "enabled"
- name: Allow prometheus to bind to port in SELinux
community.general.seport:
ports: "{{ prometheus_web_listen_address.split(':')[1] }}"
proto: tcp
setype: http_port_t
state: present
when:
- ansible_version.full is version('2.4', '>=')
- ansible_selinux.status == "enabled"