aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--defaults/main.yml34
-rw-r--r--handlers/main.yml5
-rw-r--r--readme.md14
-rw-r--r--tasks/main.yml57
-rw-r--r--tasks/runit.yml25
-rw-r--r--tasks/tls.yml17
-rw-r--r--templates/node_exporter.runit13
7 files changed, 165 insertions, 0 deletions
diff --git a/defaults/main.yml b/defaults/main.yml
new file mode 100644
index 0000000..745b9bb
--- /dev/null
+++ b/defaults/main.yml
@@ -0,0 +1,34 @@
+---
+node_exporter_ui_listen: ':9100'
+node_exporter_home_dir: /var/lib/node_exporter
+node_exporter_log: '{{node_exporter_home_dir}}/log'
+node_exporter_version: "1.2.2"
+# Should resolve to "linux"
+node_exporter_os: "{{ansible_facts['system']|lower}}"
+node_exporter_checksum: 344bd4c0bbd66ff78f14486ec48b89c248139cdd485e992583ea30e89e0e5390
+# OpenBSD
+# node_exporter_checksum: ec4901136e48207de37369c040cdaeeca6ebf9ae34e6cfbc28aad1a159440bae
+node_exporter_architecture: amd64
+node_exporter_url: "https://github.com/prometheus/node_exporter/releases/download/v{{node_exporter_version}}/node_exporter-{{node_exporter_version}}.{{node_exporter_os}}-{{node_exporter_architecture}}.tar.gz"
+
+
+# Newlines are automatically replaced with spaces
+node_exporter_opts: |
+ --web.listen-address=":9100"
+
+# Filtered through 'to_nice_yaml'
+# node_exporter_web_config:
+# tls_server_config:
+# cert_file: '{{node_exporter_home_dir}}/conf/crt'
+# key_file: '{{node_exporter_home_dir}}/conf/key'
+# client_ca_file: '{{node_exporter_home_dir}}/conf/ca.crt'
+# client_auth_type: RequireAndVerifyClientCert
+
+
+# Optional, if enabled the commented out vars will be written to disk
+# If enabled it will automatically add the flag to read the web_config
+# defined above
+node_exporter_tls: false
+# node_exporter_tls_ca:
+# node_exporter_tls_key:
+# node_exporter_tls_crt:
diff --git a/handlers/main.yml b/handlers/main.yml
new file mode 100644
index 0000000..91aefee
--- /dev/null
+++ b/handlers/main.yml
@@ -0,0 +1,5 @@
+---
+- name: Restart node_exporter
+ runit:
+ name: node_exporter
+ state: restarted
diff --git a/readme.md b/readme.md
new file mode 100644
index 0000000..a6015c8
--- /dev/null
+++ b/readme.md
@@ -0,0 +1,14 @@
+# Node exporter
+
+Set up the node exporter on _almost_ any system that has runit configured
+to use `/var/service`
+
+You will need to tweak the checksum for each platform but it tested to
+work on OpenBSD, and Linux without issue.
+
+TLS configuration is fully supported with this role, check out
+`defaults/main.yml`
+
+If you're exposing this to the public internet I highly recommend utilizing
+TLS and enabling client certificate verification. ( Examples in defaults,
+commented out )
diff --git a/tasks/main.yml b/tasks/main.yml
new file mode 100644
index 0000000..866f00e
--- /dev/null
+++ b/tasks/main.yml
@@ -0,0 +1,57 @@
+---
+- set_fact: "node_exporter_extract_dir=node_exporter-{{node_exporter_version}}.{{node_exporter_os}}-{{node_exporter_architecture}}"
+- name: Create configuration directory
+ file:
+ state: directory
+ dest: "{{node_exporter_home_dir}}/conf"
+ mode: '0700'
+- name: Download Node Exporter
+ get_url:
+ url: "{{node_exporter_url}}"
+ dest: "{{node_exporter_home_dir}}/node_exporter-{{node_exporter_version}}.tgz"
+ mode: '0600'
+ checksum: 'sha256:{{node_exporter_checksum}}'
+# There's a bug in become_user that doesn't set permissions on the temp directory
+# which is asinine when my user has sudo persmissions.
+- name: Extract Node exporter
+ shell: |
+ #!/bin/sh
+ set -e
+ if ! [ -e "{{node_exporter_home_dir}}/{{node_exporter_extract_dir}}" ] ; then
+ cd "{{node_exporter_home_dir}}"
+ tar xzf node_exporter-{{node_exporter_version}}.tgz
+ exit 50
+ fi
+ register: res
+ changed_when: res is defined and res.rc == 50
+ ignore_errors: true
+ notify: Restart node_exporter
+- name: Link node_exporter directory
+ file:
+ state: link
+ src: '{{node_exporter_extract_dir}}'
+ dest: '{{node_exporter_home_dir}}/node_exporter'
+ force: yes
+- name: Link configuration files
+ file:
+ state: link
+ src: '../conf/{{item}}'
+ dest: '{{node_exporter_home_dir}}/node_exporter/{{item}}'
+ force: yes
+ loop:
+ - web_config.yml
+ notify: Restart node_exporter
+- name: Include tls tasks
+ include_tasks: tls.yml
+ when: node_exporter_tls
+- name: Write node_exporter configuration file
+ copy:
+ content: '{{node_exporter_web_config | to_nice_yaml}}'
+ dest: '{{node_exporter_home_dir}}/conf/web_config.yml'
+ mode: '0600'
+ notify: Restart node_exporter
+ tags:
+ - configuration
+ when: node_exporter_web_config is defined
+- name: Include Runit tasks
+ include_tasks: runit.yml
diff --git a/tasks/runit.yml b/tasks/runit.yml
new file mode 100644
index 0000000..ce5b8f4
--- /dev/null
+++ b/tasks/runit.yml
@@ -0,0 +1,25 @@
+---
+- name: Install Runit service directory
+ file:
+ state: directory
+ path: /etc/sv/node_exporter
+ mode: '0755'
+- name: Install Runit service command
+ template:
+ src: node_exporter.runit
+ dest: /etc/sv/node_exporter/run
+ mode: '755'
+- name: Install supervise symlink
+ file:
+ state: link
+ force: yes
+ src: /tmp/supervise.node_exporter
+ dest: /etc/sv/node_exporter/supervise
+ follow: false
+- name: Enable Node Exporter service
+ file:
+ state: link
+ force: yes
+ src: /etc/sv/node_exporter
+ dest: /var/service/node_exporter
+ follow: false
diff --git a/tasks/tls.yml b/tasks/tls.yml
new file mode 100644
index 0000000..42bb0fe
--- /dev/null
+++ b/tasks/tls.yml
@@ -0,0 +1,17 @@
+---
+- name: Copy CA certificate
+ copy:
+ content: '{{node_exporter_tls_ca}}'
+ dest: '{{node_exporter_home_dir}}/conf/ca.crt'
+ notify: Restart node_exporter
+- name: Copy TLS Key
+ copy:
+ content: '{{node_exporter_tls_key}}'
+ dest: '{{node_exporter_home_dir}}/conf/key'
+ mode: '0600'
+ notify: Restart node_exporter
+- name: Copy TLS cert
+ copy:
+ content: '{{node_exporter_tls_crt}}'
+ dest: '{{node_exporter_home_dir}}/conf/crt'
+ notify: Restart node_exporter
diff --git a/templates/node_exporter.runit b/templates/node_exporter.runit
new file mode 100644
index 0000000..b7a75f0
--- /dev/null
+++ b/templates/node_exporter.runit
@@ -0,0 +1,13 @@
+#!/bin/sh
+set -e
+cd "{{node_exporter_home_dir}}/conf"
+exec 3>>{{node_exporter_log}} 2>&3 1>&3
+
+{% if not node_exporter_tls %}
+exec {{node_exporter_home_dir}}/node_exporter/node_exporter \
+ {{node_exporter_opts | replace('\n', ' ')}} \
+{% else %}
+exec {{node_exporter_home_dir}}/node_exporter/node_exporter \
+ {{node_exporter_opts | replace('\n', ' ')}} \
+ --web.config="web_config.yml" \
+{% endif %}
You can read more about the author.