feat: Add certificate.
This commit is contained in:
William
parent
4c4fb5f647
commit
0996b72043
@ -4,6 +4,27 @@
|
|||||||
become: yes
|
become: yes
|
||||||
|
|
||||||
tasks:
|
tasks:
|
||||||
|
- name: Install dependencies
|
||||||
|
apt:
|
||||||
|
name:
|
||||||
|
- libffi-dev
|
||||||
|
- python3
|
||||||
|
- python3-pip
|
||||||
|
- python3-setuptools
|
||||||
|
state: latest
|
||||||
|
update_cache: true
|
||||||
|
|
||||||
|
- name: Upgrade pip
|
||||||
|
pip:
|
||||||
|
name: pip
|
||||||
|
state: latest
|
||||||
|
|
||||||
|
- name: Install required pip packages
|
||||||
|
pip:
|
||||||
|
name:
|
||||||
|
- pyopenssl
|
||||||
|
state: present
|
||||||
|
|
||||||
- name: Create node_exporter group
|
- name: Create node_exporter group
|
||||||
group:
|
group:
|
||||||
name: "node_exporter"
|
name: "node_exporter"
|
||||||
@ -20,6 +41,44 @@
|
|||||||
system: true
|
system: true
|
||||||
state: present
|
state: present
|
||||||
|
|
||||||
|
- name: Create config directory
|
||||||
|
file:
|
||||||
|
path: "/etc/node_exporter"
|
||||||
|
state: directory
|
||||||
|
owner: "node_exporter"
|
||||||
|
group: "node_exporter"
|
||||||
|
|
||||||
|
- name: Generate an OpenSSL private key
|
||||||
|
openssl_privatekey:
|
||||||
|
path: /etc/node_exporter/node_exporter.key
|
||||||
|
owner: "node_exporter"
|
||||||
|
group: "node_exporter"
|
||||||
|
|
||||||
|
- name: Generate an OpenSSL Certificate Signing Request
|
||||||
|
openssl_csr:
|
||||||
|
path: /etc/node_exporter/node_exporter.csr
|
||||||
|
privatekey_path: /etc/node_exporter/node_exporter.key
|
||||||
|
common_name: localhost
|
||||||
|
owner: "node_exporter"
|
||||||
|
group: "node_exporter"
|
||||||
|
|
||||||
|
- name: Generate a Self Signed OpenSSL certificate
|
||||||
|
openssl_certificate:
|
||||||
|
path: /etc/node_exporter/node_exporter.crt
|
||||||
|
privatekey_path: /etc/node_exporter/node_exporter.key
|
||||||
|
csr_path: /etc/node_exporter/node_exporter.csr
|
||||||
|
provider: selfsigned
|
||||||
|
owner: "node_exporter"
|
||||||
|
group: "node_exporter"
|
||||||
|
|
||||||
|
- name: Copy config
|
||||||
|
template:
|
||||||
|
src: config.yml.j2
|
||||||
|
dest: /etc/node_exporter/config.yml
|
||||||
|
owner: "node_exporter"
|
||||||
|
group: "node_exporter"
|
||||||
|
mode: 0755
|
||||||
|
|
||||||
- name: Download and unzip Node Exporter
|
- name: Download and unzip Node Exporter
|
||||||
unarchive:
|
unarchive:
|
||||||
src: "https://github.com/prometheus/node_exporter/releases/download/v{{ node_exporter_version }}/node_exporter-{{ node_exporter_version }}.linux-amd64.tar.gz"
|
src: "https://github.com/prometheus/node_exporter/releases/download/v{{ node_exporter_version }}/node_exporter-{{ node_exporter_version }}.linux-amd64.tar.gz"
|
||||||
|
|||||||
3
prometheus-slave/templates/config.yml.j2
Normal file
3
prometheus-slave/templates/config.yml.j2
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
tls_server_config:
|
||||||
|
cert_file: node_exporter.crt
|
||||||
|
key_file: node_exporter.key
|
||||||
@ -10,6 +10,6 @@ Group=node_exporter
|
|||||||
Type=simple
|
Type=simple
|
||||||
Restart=on-failure
|
Restart=on-failure
|
||||||
RestartSec=5s
|
RestartSec=5s
|
||||||
ExecStart=/usr/local/bin/node_exporter
|
ExecStart=/usr/local/bin/node_exporter --web.config.file=/etc/node_exporter/config.yml
|
||||||
[Install]
|
[Install]
|
||||||
WantedBy=multi-user.target
|
WantedBy=multi-user.target
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user