feat: Convert Ansible playbook to shell script.

prometheus-node-exporter/README.md

@@ -0,0 +1,9 @@
+# Install Prometheus Node Exporter
+
+## How to
+
+```bash
+REMOTE_USER=user
+REMOTE_HOST=host.example.com
+ssh {REMOTE_USER}@{REMOTE_HOST} 'sudo PROMETHEUS_PASSWORD=mypassword /bin/bash -s' < install.sh 
+```

prometheus-node-exporter/install.sh

@@ -0,0 +1,76 @@
+#/bin/bash
+
+NODE_EXPORTER_VERSION=1.5.0
+NODE_EXPORTER_USER=node_exporter
+NODE_EXPORTER_BIN_DIR=/usr/local/bin
+NODE_EXPORTER_CONF_DIR=/etc/node_exporter
+PROMETHEUS_USER=prometheus
+
+## Install dependencies
+
+apt install -y apache2-utils
+
+## Create Node Exporter user
+
+useradd --system --no-create-home --shell /usr/sbin/nologin --home-dir /nonexistent ${NODE_EXPORTER_USER}
+
+## Download and unzip Node Exporter
+
+wget https://github.com/prometheus/node_exporter/releases/download/v${NODE_EXPORTER_VERSION}/node_exporter-${NODE_EXPORTER_VERSION}.linux-amd64.tar.gz
+tar -xf node_exporter-${NODE_EXPORTER_VERSION}.linux-amd64.tar.gz
+cp node_exporter-${NODE_EXPORTER_VERSION}.linux-amd64/node_exporter ${NODE_EXPORTER_BIN_DIR}/
+chown ${NODE_EXPORTER_USER}:${NODE_EXPORTER_USER} ${NODE_EXPORTER_BIN_DIR}/node_exporter
+rm -rf node_exporter-${NODE_EXPORTER_VERSION}.linux-amd64*
+
+## Create config directory
+
+mkdir ${NODE_EXPORTER_CONF_DIR}
+
+## Generate SSL certificate
+
+openssl req -new -newkey rsa:2048 -days 3650 -nodes -x509 \
+	-keyout ${NODE_EXPORTER_CONF_DIR}/tlsCertificate.key \
+	-out ${NODE_EXPORTER_CONF_DIR}/tlsCertificate.crt \
+	-subj "/C=ZA/ST=CT/L=SA/O=VPN/CN=localhost" \
+	-addext "subjectAltName = DNS:localhost"
+
+## Generate config file
+
+ENCRYPT_PASSWORD=`htpasswd -bnBC 10 "" ${PROMETHEUS_PASSWORD} | tr -d ':\n'`
+
+cat > ${NODE_EXPORTER_CONF_DIR}/config.yml << EOF 
+tls_server_config:
+  cert_file: tlsCertificate.crt
+  key_file: tlsCertificate.key
+basic_auth_users:
+  ${PROMETHEUS_USER}: ${ENCRYPT_PASSWORD}
+
+EOF
+
+chown ${NODE_EXPORTER_USER}:${NODE_EXPORTER_USER} ${NODE_EXPORTER_CONF_DIR}/*
+
+## Add service
+
+cat > /etc/systemd/system/node_exporter.service << EOF
+[Unit]
+Description=Node Exporter
+Wants=network-online.target
+After=network-online.target
+StartLimitIntervalSec=500
+StartLimitBurst=5
+[Service]
+User=${NODE_EXPORTER_USER}
+Group=${NODE_EXPORTER_USER}
+Type=simple
+Restart=on-failure
+RestartSec=5s
+ExecStart=${NODE_EXPORTER_BIN_DIR}/node_exporter --web.config.file=${NODE_EXPORTER_CONF_DIR}/config.yml
+[Install]
+WantedBy=multi-user.target
+EOF
+
+## Enable & start service
+
+systemctl daemon-reload
+systemctl enable node_exporter
+systemctl restart node_exporter

prometheus-slave/README.md

@@ -1,13 +0,0 @@
-# Install Prometheus Node Exporter
-
-## How to run playbook
-
-```bash
-NODE_EXPORTER_VERSION=1.5.0
-INVENTORY=vps.example.com,
-ansible-playbook \
-	-i $INVENTORY \
-	-e ansible_python_interpreter=/usr/bin/python3 \
-	-e node_exporter_version=$NODE_EXPORTER_VERSION \
-	main.yml
-```

prometheus-slave/main.yml

@@ -1,116 +0,0 @@
----
-- name: Install Prometheus Node Exporter
-  hosts: all
-  become: yes
-
-  tasks:
-    - name: Install dependencies
-      apt:
-        name:
-          - libffi-dev
-          - python3
-          - python3-pip
-          - python3-setuptools
-        state: latest
-        update_cache: true
-
-    - name: Upgrade pip
-      pip:
-        name: pip
-        state: latest
-
-    - name: Install required pip packages
-      pip:
-        name:
-          - pyopenssl
-        state: present
-
-    - name: Create node_exporter group
-      group:
-        name: "node_exporter"
-        state: present
-        system: true
-
-    - name: Create node_exporter user
-      user:
-        name: "node_exporter"
-        group: "node_exporter"
-        comment: "Node Exporter"
-        shell: /bin/false
-        home: "/usr/sbin/nologin"
-        system: true
-        state: present
-
-    - name: Create config directory
-      file:
-        path: "/etc/node_exporter"
-        state: directory
-        owner: "node_exporter"
-        group: "node_exporter"
-
-    - name: Generate an OpenSSL private key
-      openssl_privatekey:
-        path: /etc/node_exporter/node_exporter.key
-        owner: "node_exporter"
-        group: "node_exporter"
-
-    - name: Generate an OpenSSL Certificate Signing Request
-      openssl_csr:
-        path: /etc/node_exporter/node_exporter.csr
-        privatekey_path: /etc/node_exporter/node_exporter.key
-        common_name: localhost
-        owner: "node_exporter"
-        group: "node_exporter"
-
-    - name: Generate a Self Signed OpenSSL certificate
-      openssl_certificate:
-        path: /etc/node_exporter/node_exporter.crt
-        privatekey_path: /etc/node_exporter/node_exporter.key
-        csr_path: /etc/node_exporter/node_exporter.csr
-        provider: selfsigned
-        owner: "node_exporter"
-        group: "node_exporter"        
-
-    - name: Copy config
-      template:
-        src: config.yml.j2
-        dest: /etc/node_exporter/config.yml
-        owner: "node_exporter"
-        group: "node_exporter"
-        mode: 0755        
-
-    - name: Download and unzip Node Exporter
-      unarchive:
-        src: "https://github.com/prometheus/node_exporter/releases/download/v{{ node_exporter_version }}/node_exporter-{{ node_exporter_version }}.linux-amd64.tar.gz"
-        dest: /tmp/
-        remote_src: yes
-        validate_certs: no
-
-    - name: Move the binary to the installation directory
-      copy:
-        src: "/tmp/node_exporter-{{ node_exporter_version }}.linux-amd64/node_exporter"
-        dest: "/usr/local/bin/node_exporter"
-        owner: "node_exporter"
-        group: "node_exporter"
-        mode: 0755
-        remote_src: true
-
-    - name: Remove archive
-      file:
-        path: /tmp/node_exporter-{{ node_exporter_version }}.linux-amd64/
-        state: absent
-
-    - name: Install service
-      template:
-        src: node_exporter.service.j2
-        dest: /etc/systemd/system/node_exporter.service
-        owner: root
-        group: root
-        mode: 0755
-
-    - name: Restart service and pickup changes
-      systemd:
-        state: restarted
-        daemon_reload: yes
-        name: node_exporter.service
-        enabled: yes

prometheus-slave/templates/config.yml.j2

@@ -1,3 +0,0 @@
-tls_server_config:
-  cert_file: node_exporter.crt
-  key_file: node_exporter.key

prometheus-slave/templates/node_exporter.service.j2

@@ -1,15 +0,0 @@
-[Unit]
-Description=Node Exporter
-Wants=network-online.target
-After=network-online.target
-StartLimitIntervalSec=500
-StartLimitBurst=5
-[Service]
-User=node_exporter
-Group=node_exporter
-Type=simple
-Restart=on-failure
-RestartSec=5s
-ExecStart=/usr/local/bin/node_exporter --web.config.file=/etc/node_exporter/config.yml
-[Install]
-WantedBy=multi-user.target