Add Grafana/Prometheus config
This commit is contained in:
parent
946b35efab
commit
a68edb81c4
6 changed files with 1709 additions and 3 deletions
|
@ -1,5 +1,11 @@
|
|||
docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'chaosknoten/configs/grafana/compose.yaml.j2') }}"
|
||||
docker_compose__configuration_files: []
|
||||
docker_compose__configuration_files:
|
||||
- name: grafana.ini
|
||||
content: "{{ lookup('ansible.builtin.template', 'templates/chaosknoten/configs/grafana/docker_compose/grafana.ini') }}"
|
||||
- name: grafana-datasource.yml
|
||||
content: "{{ lookup('ansible.builtin.file', 'files/chaosknoten/configs/grafana/docker_compose/grafana-datasource.yml') }}"
|
||||
- name: prometheus.yml
|
||||
content: "{{ lookup('ansible.builtin.file', 'files/chaosknoten/configs/grafana/docker_compose/prometheus.yml') }}"
|
||||
|
||||
certbot__version_spec: ""
|
||||
certbot__acme_account_email_address: le-admin@hamburg.ccc.de
|
||||
|
|
|
@ -0,0 +1,10 @@
|
|||
apiVersion: 1
|
||||
|
||||
datasources:
|
||||
- name: Prometheus
|
||||
type: prometheus
|
||||
url: http://prometheus:9090
|
||||
isDefault: true
|
||||
access: proxy
|
||||
editable: true
|
||||
|
File diff suppressed because it is too large
Load diff
|
@ -0,0 +1,39 @@
|
|||
global:
|
||||
scrape_interval: 15s
|
||||
scrape_timeout: 10s
|
||||
evaluation_interval: 15s
|
||||
alerting:
|
||||
alertmanagers:
|
||||
- static_configs:
|
||||
- targets: []
|
||||
scheme: http
|
||||
timeout: 10s
|
||||
api_version: v1
|
||||
scrape_configs:
|
||||
- job_name: prometheus
|
||||
honor_timestamps: true
|
||||
scrape_interval: 15s
|
||||
scrape_timeout: 10s
|
||||
metrics_path: /metrics
|
||||
scheme: http
|
||||
static_configs:
|
||||
- targets:
|
||||
- localhost:9090
|
||||
- job_name: c3lingo
|
||||
honor_timestamps: true
|
||||
scrape_interval: 5s
|
||||
scrape_timeout: 1s
|
||||
metrics_path: /mumblestats/metrics
|
||||
scheme: https
|
||||
static_configs:
|
||||
- targets:
|
||||
- mumble.c3lingo.org:443
|
||||
- job_name: mumble
|
||||
honor_timestamps: true
|
||||
scrape_interval: 5s
|
||||
scrape_timeout: 1s
|
||||
metrics_path: /
|
||||
scheme: http
|
||||
static_configs:
|
||||
- targets:
|
||||
- mumble.hamburg.ccc.de:9123
|
|
@ -2,6 +2,7 @@
|
|||
version: "3.6"
|
||||
|
||||
services:
|
||||
|
||||
prometheus:
|
||||
image: prom/prometheus
|
||||
container_name: prometheus
|
||||
|
@ -11,8 +12,9 @@ services:
|
|||
- 9090:9090
|
||||
restart: unless-stopped
|
||||
volumes:
|
||||
- ./prometheus:/etc/prometheus
|
||||
- ./configs/prometheus.yml:/etc/prometheus/prometheus.yml
|
||||
- prom_data:/prometheus
|
||||
|
||||
grafana:
|
||||
image: grafana/grafana
|
||||
container_name: grafana
|
||||
|
@ -23,7 +25,8 @@ services:
|
|||
- GF_SECURITY_ADMIN_USER=admin
|
||||
- "GF_SECURITY_ADMIN_PASSWORD={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/grafana/GF_SECURITY_ADMIN_PASSWORD", create=false, missing="error") }}"
|
||||
volumes:
|
||||
- ./grafana:/etc/grafana/provisioning/datasources
|
||||
- ./configs/grafana.ini:/etc/grafana/grafana.ini
|
||||
- ./configs/grafana-datasource.yml:/etc/grafana/provisioning/datasources/datasource.yml
|
||||
- graf_data:/var/lib/grafana
|
||||
|
||||
volumes:
|
||||
|
|
|
@ -0,0 +1,25 @@
|
|||
[server]
|
||||
root_url = https://grafana.hamburg.ccc.de
|
||||
|
||||
[auth]
|
||||
disable_login_form = true
|
||||
|
||||
# https://grafana.com/docs/grafana/latest/setup-grafana/configure-security/configure-authentication/keycloak/
|
||||
[auth.generic_oauth]
|
||||
enabled = true
|
||||
auto_login = true
|
||||
name = id.hamburg.ccc.de
|
||||
allow_sign_up = true
|
||||
client_id = grafana
|
||||
client_secret = {{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/grafana/KEYCLOAK_SECRET", create=false, missing="error") }}
|
||||
scopes = openid email profile offline_access roles
|
||||
email_attribute_path = email
|
||||
login_attribute_path = username
|
||||
name_attribute_path = full_name
|
||||
auth_url = https://id.hamburg.ccc.de/realms/ccchh/protocol/openid-connect/auth
|
||||
token_url = https://id.hamburg.ccc.de/realms/ccchh/protocol/openid-connect/token
|
||||
api_url = https://id.hamburg.ccc.de/realms/ccchh/protocol/openid-connect/userinfo
|
||||
signout_redirect_url = https://id.hamburg.ccc.de/realms/ccchh/protocol/openid-connect/logout
|
||||
role_attribute_path = "contains(roles[*], 'grafanaadmin') && 'GrafanaAdmin' || contains(roles[*], 'admin') && 'Admin' || contains(roles[*], 'editor') && 'Editor' || 'Viewer'"
|
||||
allow_assign_grafana_admin = true
|
||||
use_refresh_token = true
|
Loading…
Reference in a new issue