sr2/ansible-collection-core
6
0
Fork 0
Code Issues 6 Pull requests Projects Releases Packages Wiki Activity Actions

feat: add alertmanager and grafana

Browse source
This commit is contained in:
Iain Learmonth 2026-05-12 19:51:27 +01:00
parent 4816cce305
commit f4680f2072
10 changed files with 428 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

1
roles/podman_prometheus/templates/home/podman/alertmanager.yml Normal file
View file

@ -0,0 +1 @@
{{ podman_prometheus_alertmanager_config | to_nice_yaml( width=50, explicit_start=True, explicit_end=True) }}

11
roles/podman_prometheus/templates/home/podman/config/containers/systemd/alertmanager.container Normal file
View file

@ -0,0 +1,11 @@
[Container]
ContainerName=alertmanager
Image=quay.io/prometheus/alertmanager:v0.31.1
Network=monitor.network
Volume=/home/{{ podman_prometheus_podman_rootless_user }}/alertmanager.yml:/etc/alertmanager/alertmanager.yml:ro,Z
[Service]
Restart=on-failure
[Install]
WantedBy=default.target

14
roles/podman_prometheus/templates/home/podman/config/containers/systemd/grafana.container Normal file
View file

@ -0,0 +1,14 @@
[Container]
ContainerName=grafana
Image=docker.io/grafana/grafana
Environment=GF_SERVER_DOMAIN={{ inventory_hostname }}
Environment=GF_SERVER_ROOT_URL=https://%%(domain)s/
Network=frontend.network
Network=monitor.network
Volume=/home/{{ podman_prometheus_podman_rootless_user }}/grafana-data:/var/lib/grafana:rw,Z
[Service]
Restart=on-failure
[Install]
WantedBy=default.target

2
roles/podman_prometheus/templates/home/podman/config/containers/systemd/monitor.network Normal file
View file

@ -0,0 +1,2 @@
[Network]
NetworkName=network

5
roles/podman_prometheus/templates/home/podman/config/containers/systemd/prometheus.container
View file

@ -1,10 +1,11 @@
[Container]
ContainerName=prometheus
Image=quay.io/prometheus/prometheus:v3.8.1
Network=frontend.network
Image=quay.io/prometheus/prometheus:v3.9.1
Network=monitor.network
Volume=/home/{{ podman_prometheus_podman_rootless_user }}/prometheus-data:/prometheus:rw,Z
Volume=/home/{{ podman_prometheus_podman_rootless_user }}/file-configs:/file-configs:ro,Z
Volume=/home/{{ podman_prometheus_podman_rootless_user }}/prometheus.yml:/etc/prometheus/prometheus.yml:ro,Z
Volume=/home/{{ podman_prometheus_podman_rootless_user }}/alert.rules.yml:/etc/alertmanager/alert.rules.yml:ro,Z
[Service]
Restart=on-failure

10
roles/podman_prometheus/templates/home/podman/nginx.conf
View file

@ -21,9 +21,9 @@ server {
}
}
upstream prometheus {
zone prometheus_upstream 64k;
server prometheus:9090 resolve;
upstream grafana {
zone grafana_upstream 64k;
server grafana:3000 resolve;
}
server {
@ -37,7 +37,7 @@ server {
ssl_certificate_key /etc/letsencrypt/live/{{ inventory_hostname }}/privkey.pem;
add_header Strict-Transport-Security "max-age=31536000" always;
add_header Referrer-Policy origin always; # make sure outgoing links don't show the URL to the Prometheus instance
add_header Referrer-Policy origin always; # make sure outgoing links don't show the URL
add_header X-Content-Type-Options "nosniff" always;
add_header X-XSS-Protection "1; mode=block" always;
@ -47,6 +47,6 @@ server {
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 180;
proxy_pass http://prometheus;
proxy_pass http://grafana;
}
}

16
roles/podman_prometheus/templates/home/podman/prometheus.yml
View file

@ -8,6 +8,9 @@ scrape_configs:
scrape_interval: 5s
static_configs:
- targets: ['localhost:9090']
- job_name: 'alertmanager'
static_configs:
- targets: ['alertmanager:9093']
- job_name: 'node'
scrape_interval: 5s
scheme: https
@ -25,9 +28,22 @@ scrape_configs:
{% for host in groups['keycloak'] %}
- '{{ host }}:9100'
{% endfor %}
{% for host in groups['radius'] %}
- '{{ host }}:9100'
{% endfor %}
{% for host in groups['generic'] %}
- '{{ host }}:9100'
{% endfor %}
file_sd_configs:
- files:
- "/file-configs/*.yml"
alerting:
alertmanagers:
- scheme: http
static_configs:
- targets:
- "alertmanager:9093"
rule_files:
- "/etc/alertmanager/alert.rules.yml"