Add Grafana/Prometheus config
This commit is contained in:
parent
946b35efab
commit
a68edb81c4
|
@ -1,5 +1,11 @@
|
||||||
docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'chaosknoten/configs/grafana/compose.yaml.j2') }}"
|
docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'chaosknoten/configs/grafana/compose.yaml.j2') }}"
|
||||||
docker_compose__configuration_files: []
|
docker_compose__configuration_files:
|
||||||
|
- name: grafana.ini
|
||||||
|
content: "{{ lookup('ansible.builtin.template', 'templates/chaosknoten/configs/grafana/docker_compose/grafana.ini') }}"
|
||||||
|
- name: grafana-datasource.yml
|
||||||
|
content: "{{ lookup('ansible.builtin.file', 'files/chaosknoten/configs/grafana/docker_compose/grafana-datasource.yml') }}"
|
||||||
|
- name: prometheus.yml
|
||||||
|
content: "{{ lookup('ansible.builtin.file', 'files/chaosknoten/configs/grafana/docker_compose/prometheus.yml') }}"
|
||||||
|
|
||||||
certbot__version_spec: ""
|
certbot__version_spec: ""
|
||||||
certbot__acme_account_email_address: le-admin@hamburg.ccc.de
|
certbot__acme_account_email_address: le-admin@hamburg.ccc.de
|
||||||
|
|
|
@ -0,0 +1,10 @@
|
||||||
|
apiVersion: 1
|
||||||
|
|
||||||
|
datasources:
|
||||||
|
- name: Prometheus
|
||||||
|
type: prometheus
|
||||||
|
url: http://prometheus:9090
|
||||||
|
isDefault: true
|
||||||
|
access: proxy
|
||||||
|
editable: true
|
||||||
|
|
File diff suppressed because it is too large
Load diff
|
@ -0,0 +1,39 @@
|
||||||
|
global:
|
||||||
|
scrape_interval: 15s
|
||||||
|
scrape_timeout: 10s
|
||||||
|
evaluation_interval: 15s
|
||||||
|
alerting:
|
||||||
|
alertmanagers:
|
||||||
|
- static_configs:
|
||||||
|
- targets: []
|
||||||
|
scheme: http
|
||||||
|
timeout: 10s
|
||||||
|
api_version: v1
|
||||||
|
scrape_configs:
|
||||||
|
- job_name: prometheus
|
||||||
|
honor_timestamps: true
|
||||||
|
scrape_interval: 15s
|
||||||
|
scrape_timeout: 10s
|
||||||
|
metrics_path: /metrics
|
||||||
|
scheme: http
|
||||||
|
static_configs:
|
||||||
|
- targets:
|
||||||
|
- localhost:9090
|
||||||
|
- job_name: c3lingo
|
||||||
|
honor_timestamps: true
|
||||||
|
scrape_interval: 5s
|
||||||
|
scrape_timeout: 1s
|
||||||
|
metrics_path: /mumblestats/metrics
|
||||||
|
scheme: https
|
||||||
|
static_configs:
|
||||||
|
- targets:
|
||||||
|
- mumble.c3lingo.org:443
|
||||||
|
- job_name: mumble
|
||||||
|
honor_timestamps: true
|
||||||
|
scrape_interval: 5s
|
||||||
|
scrape_timeout: 1s
|
||||||
|
metrics_path: /
|
||||||
|
scheme: http
|
||||||
|
static_configs:
|
||||||
|
- targets:
|
||||||
|
- mumble.hamburg.ccc.de:9123
|
|
@ -2,6 +2,7 @@
|
||||||
version: "3.6"
|
version: "3.6"
|
||||||
|
|
||||||
services:
|
services:
|
||||||
|
|
||||||
prometheus:
|
prometheus:
|
||||||
image: prom/prometheus
|
image: prom/prometheus
|
||||||
container_name: prometheus
|
container_name: prometheus
|
||||||
|
@ -11,8 +12,9 @@ services:
|
||||||
- 9090:9090
|
- 9090:9090
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
volumes:
|
volumes:
|
||||||
- ./prometheus:/etc/prometheus
|
- ./configs/prometheus.yml:/etc/prometheus/prometheus.yml
|
||||||
- prom_data:/prometheus
|
- prom_data:/prometheus
|
||||||
|
|
||||||
grafana:
|
grafana:
|
||||||
image: grafana/grafana
|
image: grafana/grafana
|
||||||
container_name: grafana
|
container_name: grafana
|
||||||
|
@ -23,7 +25,8 @@ services:
|
||||||
- GF_SECURITY_ADMIN_USER=admin
|
- GF_SECURITY_ADMIN_USER=admin
|
||||||
- "GF_SECURITY_ADMIN_PASSWORD={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/grafana/GF_SECURITY_ADMIN_PASSWORD", create=false, missing="error") }}"
|
- "GF_SECURITY_ADMIN_PASSWORD={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/grafana/GF_SECURITY_ADMIN_PASSWORD", create=false, missing="error") }}"
|
||||||
volumes:
|
volumes:
|
||||||
- ./grafana:/etc/grafana/provisioning/datasources
|
- ./configs/grafana.ini:/etc/grafana/grafana.ini
|
||||||
|
- ./configs/grafana-datasource.yml:/etc/grafana/provisioning/datasources/datasource.yml
|
||||||
- graf_data:/var/lib/grafana
|
- graf_data:/var/lib/grafana
|
||||||
|
|
||||||
volumes:
|
volumes:
|
||||||
|
|
|
@ -0,0 +1,25 @@
|
||||||
|
[server]
|
||||||
|
root_url = https://grafana.hamburg.ccc.de
|
||||||
|
|
||||||
|
[auth]
|
||||||
|
disable_login_form = true
|
||||||
|
|
||||||
|
# https://grafana.com/docs/grafana/latest/setup-grafana/configure-security/configure-authentication/keycloak/
|
||||||
|
[auth.generic_oauth]
|
||||||
|
enabled = true
|
||||||
|
auto_login = true
|
||||||
|
name = id.hamburg.ccc.de
|
||||||
|
allow_sign_up = true
|
||||||
|
client_id = grafana
|
||||||
|
client_secret = {{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/grafana/KEYCLOAK_SECRET", create=false, missing="error") }}
|
||||||
|
scopes = openid email profile offline_access roles
|
||||||
|
email_attribute_path = email
|
||||||
|
login_attribute_path = username
|
||||||
|
name_attribute_path = full_name
|
||||||
|
auth_url = https://id.hamburg.ccc.de/realms/ccchh/protocol/openid-connect/auth
|
||||||
|
token_url = https://id.hamburg.ccc.de/realms/ccchh/protocol/openid-connect/token
|
||||||
|
api_url = https://id.hamburg.ccc.de/realms/ccchh/protocol/openid-connect/userinfo
|
||||||
|
signout_redirect_url = https://id.hamburg.ccc.de/realms/ccchh/protocol/openid-connect/logout
|
||||||
|
role_attribute_path = "contains(roles[*], 'grafanaadmin') && 'GrafanaAdmin' || contains(roles[*], 'admin') && 'Admin' || contains(roles[*], 'editor') && 'Editor' || 'Viewer'"
|
||||||
|
allow_assign_grafana_admin = true
|
||||||
|
use_refresh_token = true
|
Loading…
Reference in a new issue