From 361f3dfc5fef466a35301c32716e2b194d63ed50 Mon Sep 17 00:00:00 2001 From: William Date: Thu, 29 Dec 2022 10:34:17 +0100 Subject: [PATCH] feat: Convert Ansible playbook to shell script. --- prometheus-node-exporter/README.md | 9 ++ prometheus-node-exporter/install.sh | 76 ++++++++++++ prometheus-slave/README.md | 13 -- prometheus-slave/main.yml | 116 ------------------ prometheus-slave/templates/config.yml.j2 | 3 - .../templates/node_exporter.service.j2 | 15 --- 6 files changed, 85 insertions(+), 147 deletions(-) create mode 100644 prometheus-node-exporter/README.md create mode 100644 prometheus-node-exporter/install.sh delete mode 100644 prometheus-slave/README.md delete mode 100644 prometheus-slave/main.yml delete mode 100644 prometheus-slave/templates/config.yml.j2 delete mode 100644 prometheus-slave/templates/node_exporter.service.j2 diff --git a/prometheus-node-exporter/README.md b/prometheus-node-exporter/README.md new file mode 100644 index 0000000..336614d --- /dev/null +++ b/prometheus-node-exporter/README.md @@ -0,0 +1,9 @@ +# Install Prometheus Node Exporter + +## How to + +```bash +REMOTE_USER=user +REMOTE_HOST=host.example.com +ssh {REMOTE_USER}@{REMOTE_HOST} 'sudo PROMETHEUS_PASSWORD=mypassword /bin/bash -s' < install.sh +``` diff --git a/prometheus-node-exporter/install.sh b/prometheus-node-exporter/install.sh new file mode 100644 index 0000000..77a102d --- /dev/null +++ b/prometheus-node-exporter/install.sh @@ -0,0 +1,76 @@ +#/bin/bash + +NODE_EXPORTER_VERSION=1.5.0 +NODE_EXPORTER_USER=node_exporter +NODE_EXPORTER_BIN_DIR=/usr/local/bin +NODE_EXPORTER_CONF_DIR=/etc/node_exporter +PROMETHEUS_USER=prometheus + +## Install dependencies + +apt install -y apache2-utils + +## Create Node Exporter user + +useradd --system --no-create-home --shell /usr/sbin/nologin --home-dir /nonexistent ${NODE_EXPORTER_USER} + +## Download and unzip Node Exporter + +wget https://github.com/prometheus/node_exporter/releases/download/v${NODE_EXPORTER_VERSION}/node_exporter-${NODE_EXPORTER_VERSION}.linux-amd64.tar.gz +tar -xf node_exporter-${NODE_EXPORTER_VERSION}.linux-amd64.tar.gz +cp node_exporter-${NODE_EXPORTER_VERSION}.linux-amd64/node_exporter ${NODE_EXPORTER_BIN_DIR}/ +chown ${NODE_EXPORTER_USER}:${NODE_EXPORTER_USER} ${NODE_EXPORTER_BIN_DIR}/node_exporter +rm -rf node_exporter-${NODE_EXPORTER_VERSION}.linux-amd64* + +## Create config directory + +mkdir ${NODE_EXPORTER_CONF_DIR} + +## Generate SSL certificate + +openssl req -new -newkey rsa:2048 -days 3650 -nodes -x509 \ + -keyout ${NODE_EXPORTER_CONF_DIR}/tlsCertificate.key \ + -out ${NODE_EXPORTER_CONF_DIR}/tlsCertificate.crt \ + -subj "/C=ZA/ST=CT/L=SA/O=VPN/CN=localhost" \ + -addext "subjectAltName = DNS:localhost" + +## Generate config file + +ENCRYPT_PASSWORD=`htpasswd -bnBC 10 "" ${PROMETHEUS_PASSWORD} | tr -d ':\n'` + +cat > ${NODE_EXPORTER_CONF_DIR}/config.yml << EOF +tls_server_config: + cert_file: tlsCertificate.crt + key_file: tlsCertificate.key +basic_auth_users: + ${PROMETHEUS_USER}: ${ENCRYPT_PASSWORD} + +EOF + +chown ${NODE_EXPORTER_USER}:${NODE_EXPORTER_USER} ${NODE_EXPORTER_CONF_DIR}/* + +## Add service + +cat > /etc/systemd/system/node_exporter.service << EOF +[Unit] +Description=Node Exporter +Wants=network-online.target +After=network-online.target +StartLimitIntervalSec=500 +StartLimitBurst=5 +[Service] +User=${NODE_EXPORTER_USER} +Group=${NODE_EXPORTER_USER} +Type=simple +Restart=on-failure +RestartSec=5s +ExecStart=${NODE_EXPORTER_BIN_DIR}/node_exporter --web.config.file=${NODE_EXPORTER_CONF_DIR}/config.yml +[Install] +WantedBy=multi-user.target +EOF + +## Enable & start service + +systemctl daemon-reload +systemctl enable node_exporter +systemctl restart node_exporter diff --git a/prometheus-slave/README.md b/prometheus-slave/README.md deleted file mode 100644 index 4f27b89..0000000 --- a/prometheus-slave/README.md +++ /dev/null @@ -1,13 +0,0 @@ -# Install Prometheus Node Exporter - -## How to run playbook - -```bash -NODE_EXPORTER_VERSION=1.5.0 -INVENTORY=vps.example.com, -ansible-playbook \ - -i $INVENTORY \ - -e ansible_python_interpreter=/usr/bin/python3 \ - -e node_exporter_version=$NODE_EXPORTER_VERSION \ - main.yml -``` diff --git a/prometheus-slave/main.yml b/prometheus-slave/main.yml deleted file mode 100644 index 9f2e8a3..0000000 --- a/prometheus-slave/main.yml +++ /dev/null @@ -1,116 +0,0 @@ ---- -- name: Install Prometheus Node Exporter - hosts: all - become: yes - - tasks: - - name: Install dependencies - apt: - name: - - libffi-dev - - python3 - - python3-pip - - python3-setuptools - state: latest - update_cache: true - - - name: Upgrade pip - pip: - name: pip - state: latest - - - name: Install required pip packages - pip: - name: - - pyopenssl - state: present - - - name: Create node_exporter group - group: - name: "node_exporter" - state: present - system: true - - - name: Create node_exporter user - user: - name: "node_exporter" - group: "node_exporter" - comment: "Node Exporter" - shell: /bin/false - home: "/usr/sbin/nologin" - system: true - state: present - - - name: Create config directory - file: - path: "/etc/node_exporter" - state: directory - owner: "node_exporter" - group: "node_exporter" - - - name: Generate an OpenSSL private key - openssl_privatekey: - path: /etc/node_exporter/node_exporter.key - owner: "node_exporter" - group: "node_exporter" - - - name: Generate an OpenSSL Certificate Signing Request - openssl_csr: - path: /etc/node_exporter/node_exporter.csr - privatekey_path: /etc/node_exporter/node_exporter.key - common_name: localhost - owner: "node_exporter" - group: "node_exporter" - - - name: Generate a Self Signed OpenSSL certificate - openssl_certificate: - path: /etc/node_exporter/node_exporter.crt - privatekey_path: /etc/node_exporter/node_exporter.key - csr_path: /etc/node_exporter/node_exporter.csr - provider: selfsigned - owner: "node_exporter" - group: "node_exporter" - - - name: Copy config - template: - src: config.yml.j2 - dest: /etc/node_exporter/config.yml - owner: "node_exporter" - group: "node_exporter" - mode: 0755 - - - name: Download and unzip Node Exporter - unarchive: - src: "https://github.com/prometheus/node_exporter/releases/download/v{{ node_exporter_version }}/node_exporter-{{ node_exporter_version }}.linux-amd64.tar.gz" - dest: /tmp/ - remote_src: yes - validate_certs: no - - - name: Move the binary to the installation directory - copy: - src: "/tmp/node_exporter-{{ node_exporter_version }}.linux-amd64/node_exporter" - dest: "/usr/local/bin/node_exporter" - owner: "node_exporter" - group: "node_exporter" - mode: 0755 - remote_src: true - - - name: Remove archive - file: - path: /tmp/node_exporter-{{ node_exporter_version }}.linux-amd64/ - state: absent - - - name: Install service - template: - src: node_exporter.service.j2 - dest: /etc/systemd/system/node_exporter.service - owner: root - group: root - mode: 0755 - - - name: Restart service and pickup changes - systemd: - state: restarted - daemon_reload: yes - name: node_exporter.service - enabled: yes diff --git a/prometheus-slave/templates/config.yml.j2 b/prometheus-slave/templates/config.yml.j2 deleted file mode 100644 index 1c12203..0000000 --- a/prometheus-slave/templates/config.yml.j2 +++ /dev/null @@ -1,3 +0,0 @@ -tls_server_config: - cert_file: node_exporter.crt - key_file: node_exporter.key diff --git a/prometheus-slave/templates/node_exporter.service.j2 b/prometheus-slave/templates/node_exporter.service.j2 deleted file mode 100644 index b6e2960..0000000 --- a/prometheus-slave/templates/node_exporter.service.j2 +++ /dev/null @@ -1,15 +0,0 @@ -[Unit] -Description=Node Exporter -Wants=network-online.target -After=network-online.target -StartLimitIntervalSec=500 -StartLimitBurst=5 -[Service] -User=node_exporter -Group=node_exporter -Type=simple -Restart=on-failure -RestartSec=5s -ExecStart=/usr/local/bin/node_exporter --web.config.file=/etc/node_exporter/config.yml -[Install] -WantedBy=multi-user.target