ansible-collection-core/roles/node_exporter/tasks/main.yml

---
- name: Node Exporter | AUDIT | Get Tailscale IP address
  become: true
  ansible.builtin.shell: tailscale ip -4
  register: node_exporter_tailscale_ipv4
  changed_when: false

- name: Node Exporter | PATCH | Install node-exporter
  become: true
  ansible.builtin.dnf:
    name: node-exporter
    state: present

- name: Node Exporter | PATCH | Set command line arguments
  become: true
  ansible.builtin.lineinfile:
    path: /etc/default/prometheus-node-exporter
    regexp: "^ARGS"
    line: "ARGS='--web.listen-address={{ node_exporter_tailscale_ipv4.stdout }}:9100{% if node_exporter_textfile_directory is defined %} --collector.textfile.directory {{ node_exporter_textfile_directory }}{% endif %}'"
  notify: Restart Node Exporter

- name: Node Exporter | PATCH | Ensure node-exporter is enabled and running
  become: true
  ansible.builtin.systemd_service:
    name: prometheus-node-exporter
    masked: false
    enabled: true
    state: started

- name: Node Exporter | PATCH | Create firewalld service file for node-exporter
  become: true
  ansible.builtin.template:
    src: etc/firewalld/services/node-exporter.xml
    dest: /etc/firewalld/services/node-exporter.xml
    owner: root
    group: root
    mode: '0400'
  notify: Reload firewalld

- name: Node Exporter | Flush handlers
  ansible.builtin.meta: flush_handlers

- name: Node Exporter | PATCH | Enable node-exporter service in firewalld permanently
  become: true
  ansible.posix.firewalld:
    service: node-exporter
    zone: internal
    permanent: true
    state: enabled
    immediate: true
feat(node_exporter): initial role for node_exporter on host 2025-12-22 11:09:12 +00:00			`---`
feat(podman_prometheus): add hostname labels to targets 2026-05-25 17:23:34 +01:00			`- name: Node Exporter \| AUDIT \| Get Tailscale IP address`
			`become: true`
			`ansible.builtin.shell: tailscale ip -4`
feat(node_exporter): use tailnet only 2026-05-25 15:08:46 +01:00			`register: node_exporter_tailscale_ipv4`
			`changed_when: false`

feat(node_exporter): initial role for node_exporter on host 2025-12-22 11:09:12 +00:00			`- name: Node Exporter \| PATCH \| Install node-exporter`
			`become: true`
			`ansible.builtin.dnf:`
			`name: node-exporter`
			`state: present`

			`- name: Node Exporter \| PATCH \| Set command line arguments`
			`become: true`
			`ansible.builtin.lineinfile:`
			`path: /etc/default/prometheus-node-exporter`
			`regexp: "^ARGS"`
feat(podman_prometheus): add hostname labels to targets 2026-05-25 17:23:34 +01:00			`line: "ARGS='--web.listen-address={{ node_exporter_tailscale_ipv4.stdout }}:9100{% if node_exporter_textfile_directory is defined %} --collector.textfile.directory {{ node_exporter_textfile_directory }}{% endif %}'"`
feat(node_exporter): initial role for node_exporter on host 2025-12-22 11:09:12 +00:00			`notify: Restart Node Exporter`

			`- name: Node Exporter \| PATCH \| Ensure node-exporter is enabled and running`
			`become: true`
			`ansible.builtin.systemd_service:`
			`name: prometheus-node-exporter`
			`masked: false`
			`enabled: true`
			`state: started`

			`- name: Node Exporter \| PATCH \| Create firewalld service file for node-exporter`
			`become: true`
			`ansible.builtin.template:`
			`src: etc/firewalld/services/node-exporter.xml`
			`dest: /etc/firewalld/services/node-exporter.xml`
			`owner: root`
			`group: root`
			`mode: '0400'`
			`notify: Reload firewalld`

			`- name: Node Exporter \| Flush handlers`
			`ansible.builtin.meta: flush_handlers`

			`- name: Node Exporter \| PATCH \| Enable node-exporter service in firewalld permanently`
			`become: true`
			`ansible.posix.firewalld:`
			`service: node-exporter`
feat(podman_prometheus): add hostname labels to targets 2026-05-25 17:23:34 +01:00			`zone: internal`
feat(node_exporter): initial role for node_exporter on host 2025-12-22 11:09:12 +00:00			`permanent: true`
			`state: enabled`
			`immediate: true`