82 lines
2.2 KiB
Bash
82 lines
2.2 KiB
Bash
#!/bin/bash
|
|
|
|
NODE_EXPORTER_VERSION=1.5.0
|
|
NODE_EXPORTER_USER=node_exporter
|
|
NODE_EXPORTER_BIN_DIR=/usr/local/bin
|
|
NODE_EXPORTER_CONF_DIR=/etc/node_exporter
|
|
PROMETHEUS_USER=prometheus
|
|
|
|
## Install dependencies
|
|
|
|
apt install -y apache2-utils
|
|
|
|
## Create Node Exporter user
|
|
|
|
useradd --system --no-create-home --shell /usr/sbin/nologin --home-dir /nonexistent ${NODE_EXPORTER_USER}
|
|
|
|
## Download and unzip Node Exporter
|
|
|
|
wget https://github.com/prometheus/node_exporter/releases/download/v${NODE_EXPORTER_VERSION}/node_exporter-${NODE_EXPORTER_VERSION}.linux-amd64.tar.gz
|
|
tar -xf node_exporter-${NODE_EXPORTER_VERSION}.linux-amd64.tar.gz
|
|
cp node_exporter-${NODE_EXPORTER_VERSION}.linux-amd64/node_exporter ${NODE_EXPORTER_BIN_DIR}/
|
|
chown ${NODE_EXPORTER_USER}:${NODE_EXPORTER_USER} ${NODE_EXPORTER_BIN_DIR}/node_exporter
|
|
rm -rf node_exporter-${NODE_EXPORTER_VERSION}.linux-amd64*
|
|
|
|
## Create config directory
|
|
|
|
mkdir ${NODE_EXPORTER_CONF_DIR}
|
|
|
|
## Generate SSL certificate
|
|
|
|
openssl req -new -newkey rsa:2048 -days 3650 -nodes -x509 \
|
|
-keyout ${NODE_EXPORTER_CONF_DIR}/tlsCertificate.key \
|
|
-out ${NODE_EXPORTER_CONF_DIR}/tlsCertificate.crt \
|
|
-subj "/C=ZA/ST=CT/L=SA/O=VPN/CN=localhost" \
|
|
-addext "subjectAltName = DNS:localhost"
|
|
|
|
## Generate config file
|
|
|
|
ENCRYPT_PASSWORD=`htpasswd -bnBC 10 "" ${PROMETHEUS_PASSWORD} | tr -d ':\n'`
|
|
|
|
cat > ${NODE_EXPORTER_CONF_DIR}/config.yml << EOF
|
|
tls_server_config:
|
|
cert_file: tlsCertificate.crt
|
|
key_file: tlsCertificate.key
|
|
basic_auth_users:
|
|
${PROMETHEUS_USER}: ${ENCRYPT_PASSWORD}
|
|
|
|
EOF
|
|
|
|
chown ${NODE_EXPORTER_USER}:${NODE_EXPORTER_USER} ${NODE_EXPORTER_CONF_DIR}/*
|
|
|
|
## Add service
|
|
|
|
cat > /etc/systemd/system/node_exporter.service << EOF
|
|
[Unit]
|
|
Description=Node Exporter
|
|
Wants=network-online.target
|
|
After=network-online.target
|
|
StartLimitIntervalSec=500
|
|
StartLimitBurst=5
|
|
[Service]
|
|
User=${NODE_EXPORTER_USER}
|
|
Group=${NODE_EXPORTER_USER}
|
|
Type=simple
|
|
Restart=on-failure
|
|
RestartSec=5s
|
|
ExecStart=${NODE_EXPORTER_BIN_DIR}/node_exporter --web.config.file=${NODE_EXPORTER_CONF_DIR}/config.yml
|
|
[Install]
|
|
WantedBy=multi-user.target
|
|
EOF
|
|
|
|
## Enable & start service
|
|
|
|
systemctl daemon-reload
|
|
systemctl enable node_exporter
|
|
systemctl restart node_exporter
|
|
|
|
## Open port from firewall
|
|
|
|
ufw allow 9100/tcp
|
|
ufw enable
|