Update file main.yml
This commit is contained in:
Administrator
parent
952ed76979
commit
69314246f4
@ -130,4 +130,76 @@
|
|||||||
- { regexp: '^PasswordAuthentication', line: 'PasswordAuthentication no' }
|
- { regexp: '^PasswordAuthentication', line: 'PasswordAuthentication no' }
|
||||||
- { regexp: '^PermitRootLogin', line: 'PermitRootLogin prohibit-password' }
|
- { regexp: '^PermitRootLogin', line: 'PermitRootLogin prohibit-password' }
|
||||||
- { regexp: '^PubkeyAuthentication', line: 'PubkeyAuthentication yes' }
|
- { regexp: '^PubkeyAuthentication', line: 'PubkeyAuthentication yes' }
|
||||||
notify: restart ssh
|
notify: restart ssh
|
||||||
|
|
||||||
|
# ========== Node Exporter Installation ==========
|
||||||
|
- name: Create node_exporter system user
|
||||||
|
ansible.builtin.user:
|
||||||
|
name: node_exporter
|
||||||
|
system: yes
|
||||||
|
shell: /usr/sbin/nologin
|
||||||
|
create_home: no
|
||||||
|
|
||||||
|
- name: Download and extract node_exporter binary
|
||||||
|
ansible.builtin.unarchive:
|
||||||
|
src: "https://github.com/prometheus/node_exporter/releases/download/v1.8.2/node_exporter-1.8.2.linux-amd64.tar.gz"
|
||||||
|
dest: /tmp
|
||||||
|
remote_src: yes
|
||||||
|
creates: /usr/local/bin/node_exporter
|
||||||
|
|
||||||
|
- name: Install node_exporter binary
|
||||||
|
ansible.builtin.copy:
|
||||||
|
src: /tmp/node_exporter-1.8.2.linux-amd64/node_exporter
|
||||||
|
dest: /usr/local/bin/node_exporter
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: '0755'
|
||||||
|
remote_src: yes
|
||||||
|
|
||||||
|
- name: Create textfile collector directory
|
||||||
|
ansible.builtin.file:
|
||||||
|
path: /var/lib/node_exporter/textfile_collector
|
||||||
|
state: directory
|
||||||
|
owner: node_exporter
|
||||||
|
group: node_exporter
|
||||||
|
mode: '0755'
|
||||||
|
|
||||||
|
- name: Deploy node_exporter systemd service
|
||||||
|
ansible.builtin.copy:
|
||||||
|
content: |
|
||||||
|
[Unit]
|
||||||
|
Description=Node Exporter
|
||||||
|
After=network.target
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=simple
|
||||||
|
User=node_exporter
|
||||||
|
ExecStart=/usr/local/bin/node_exporter \
|
||||||
|
--collector.systemd \
|
||||||
|
--collector.processes \
|
||||||
|
--collector.textfile.directory=/var/lib/node_exporter/textfile_collector \
|
||||||
|
--web.listen-address=:9100
|
||||||
|
Restart=always
|
||||||
|
RestartSec=5
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
||||||
|
dest: /etc/systemd/system/node_exporter.service
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: '0644'
|
||||||
|
|
||||||
|
- name: Reload systemd and start node_exporter
|
||||||
|
ansible.builtin.systemd:
|
||||||
|
name: node_exporter
|
||||||
|
state: started
|
||||||
|
enabled: yes
|
||||||
|
daemon_reload: yes
|
||||||
|
|
||||||
|
- name: Allow port 9100 in ufw (if enabled)
|
||||||
|
ansible.builtin.ufw:
|
||||||
|
rule: allow
|
||||||
|
port: 9100
|
||||||
|
proto: tcp
|
||||||
|
comment: "Prometheus Node Exporter"
|
||||||
|
when: ansible_facts.services["ufw.service"] is defined and ansible_facts.services["ufw.service"]["state"] == "running"
|
||||||
Loading…
Reference in New Issue
Block a user