85 lines
2.6 KiB
YAML
85 lines
2.6 KiB
YAML
|
---
|
||
|
- name: "Ensure grafana directories exist"
|
||
|
ansible.builtin.file:
|
||
|
path: "{{ item.path }}"
|
||
|
state: "directory"
|
||
|
owner: "{{ item.owner | default('root') }}"
|
||
|
group: "{{ item.group | default('grafana') }}"
|
||
|
mode: "{{ item.mode | default('0755') }}"
|
||
|
loop:
|
||
|
- path: "/etc/grafana"
|
||
|
- path: "/etc/grafana/datasources"
|
||
|
- path: "/etc/grafana/provisioning"
|
||
|
- path: "/etc/grafana/provisioning/datasources"
|
||
|
- path: "/etc/grafana/provisioning/dashboards"
|
||
|
- path: "/etc/grafana/provisioning/notifiers"
|
||
|
- path: "/etc/grafana/provisioning/plugins"
|
||
|
- path: "{{ grafana_logs_dir }}"
|
||
|
owner: grafana
|
||
|
- path: "{{ grafana_data_dir }}"
|
||
|
owner: grafana
|
||
|
- path: "{{ grafana_data_dir }}/dashboards"
|
||
|
owner: grafana
|
||
|
- path: "{{ grafana_data_dir }}/plugins"
|
||
|
owner: grafana
|
||
|
|
||
|
- name: "Create grafana main configuration file"
|
||
|
ansible.builtin.template:
|
||
|
src: "grafana.ini.j2"
|
||
|
dest: "/etc/grafana/grafana.ini"
|
||
|
owner: "root"
|
||
|
group: "grafana"
|
||
|
mode: "0640"
|
||
|
no_log: "{{ 'false' if lookup('env', 'CI') else 'true' }}"
|
||
|
notify: restart_grafana
|
||
|
|
||
|
- name: "Create grafana LDAP configuration file"
|
||
|
ansible.builtin.template:
|
||
|
src: "ldap.toml.j2"
|
||
|
dest: "{{ grafana_auth.ldap.config_file | default('/etc/grafana/ldap.toml') }}"
|
||
|
owner: "root"
|
||
|
group: "grafana"
|
||
|
mode: "0640"
|
||
|
no_log: "{{ 'false' if lookup('env', 'CI') else 'true' }}"
|
||
|
notify: restart_grafana
|
||
|
when:
|
||
|
- "'ldap' in grafana_auth"
|
||
|
- "'enabled' not in grafana_auth.ldap or grafana_auth.ldap.enabled"
|
||
|
|
||
|
- name: "Enable grafana socket"
|
||
|
when:
|
||
|
- "grafana_server.protocol is defined and grafana_server.protocol == 'socket'"
|
||
|
- "grafana_server.socket | dirname != '/var/run'"
|
||
|
block:
|
||
|
- name: "Create grafana socket directory"
|
||
|
ansible.builtin.file:
|
||
|
path: "{{ grafana_server.socket | dirname }}"
|
||
|
state: "directory"
|
||
|
mode: "0775"
|
||
|
owner: "grafana"
|
||
|
group: "grafana"
|
||
|
|
||
|
- name: "Ensure grafana socket directory created on startup"
|
||
|
ansible.builtin.template:
|
||
|
src: "tmpfiles.j2"
|
||
|
dest: "/etc/tmpfiles.d/grafana.conf"
|
||
|
owner: "root"
|
||
|
group: "root"
|
||
|
mode: "0644"
|
||
|
|
||
|
- name: "Enable grafana to ports lower than port 1024"
|
||
|
community.general.capabilities:
|
||
|
path: /usr/sbin/grafana-server
|
||
|
capability: CAP_NET_BIND_SERVICE+ep
|
||
|
state: present
|
||
|
when:
|
||
|
- "grafana_port | int <= 1024"
|
||
|
- "grafana_cap_net_bind_service"
|
||
|
|
||
|
- name: "Enable and start Grafana systemd unit"
|
||
|
ansible.builtin.systemd:
|
||
|
name: "grafana-server"
|
||
|
enabled: true
|
||
|
state: started
|
||
|
daemon_reload: true
|