From 2ccf20e70715acd02f86415a61341476ef2c2f14 Mon Sep 17 00:00:00 2001 From: Jonas Gunz Date: Tue, 7 Sep 2021 01:54:25 +0200 Subject: add influxdb --- galaxy.yml | 3 +- roles/influxdb/README.md | 22 +++++++++ roles/influxdb/defaults/main.yml | 10 +++++ roles/influxdb/handlers/main.yml | 7 +++ roles/influxdb/tasks/main.yml | 74 +++++++++++++++++++++++++++++++ roles/influxdb/templates/influxdb.conf.j2 | 42 ++++++++++++++++++ roles/influxdb/templates/influxdb.list.j2 | 4 ++ 7 files changed, 161 insertions(+), 1 deletion(-) create mode 100644 roles/influxdb/README.md create mode 100644 roles/influxdb/defaults/main.yml create mode 100644 roles/influxdb/handlers/main.yml create mode 100644 roles/influxdb/tasks/main.yml create mode 100644 roles/influxdb/templates/influxdb.conf.j2 create mode 100644 roles/influxdb/templates/influxdb.list.j2 diff --git a/galaxy.yml b/galaxy.yml index 0dbbba7..4eb14e6 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -1,6 +1,6 @@ namespace: kompetenzbolzen name: stuff -version: 0.0.1 +version: 0.0.2 readme: README.md authors: - Jonas Gunz @@ -17,6 +17,7 @@ tags: # L(specifiers,https://python-semanticversion.readthedocs.io/en/latest/#requirement-specification). Multiple version # range specifiers can be set and are separated by ',' dependencies: + community.general: '>=3.6.0' community.crypto: '>=1.8.0' #build_ignore: [] diff --git a/roles/influxdb/README.md b/roles/influxdb/README.md new file mode 100644 index 0000000..0cf028c --- /dev/null +++ b/roles/influxdb/README.md @@ -0,0 +1,22 @@ +# kompetenzbolzen.stuff.influxdb + +example configuration + +``` +--- +influx: + https_enabled: true + https_cert: '/etc/ssl/certs/{{ ansible_facts.fqdn }}.pem' + https_key: '/etc/ssl/private/{{ ansible_facts.fqdn }}.key' + +influx_dbs: + - test1 + - test2 + +influx_users: + test1: + password: '1234' + grants: + - database: 'test1' + privilege: 'WRITE' +``` diff --git a/roles/influxdb/defaults/main.yml b/roles/influxdb/defaults/main.yml new file mode 100644 index 0000000..c32f9ca --- /dev/null +++ b/roles/influxdb/defaults/main.yml @@ -0,0 +1,10 @@ +--- +influx: + https_enabled: false + https_cert: '/etc/ssl/certs/ssl-cert-snakeoil.pem' + https_key: '/etc/ssl/private/ssl-cert-snakeoil.key' + +influx_dbs: [] + +influx_users: {} + diff --git a/roles/influxdb/handlers/main.yml b/roles/influxdb/handlers/main.yml new file mode 100644 index 0000000..45970c0 --- /dev/null +++ b/roles/influxdb/handlers/main.yml @@ -0,0 +1,7 @@ +--- +- name: Restart influxdb + systemd: + name: influxdb + state: restarted + enabled: yes + become: yes diff --git a/roles/influxdb/tasks/main.yml b/roles/influxdb/tasks/main.yml new file mode 100644 index 0000000..0ccda4c --- /dev/null +++ b/roles/influxdb/tasks/main.yml @@ -0,0 +1,74 @@ +--- +- name: Install GnuPG + apt: + update_cache: yes + name: + - gnupg2 + become: yes + +- name: APT Key + apt_key: + url: 'https://repos.influxdata.com/influxdb.key' + state: present + become: yes + +- name: Install repos + template: + src: influxdb.list.j2 + dest: /etc/apt/sources.list.d/influxdb.list + become: yes + +- name: Install Packages + apt: + update_cache: yes + name: + - curl + - python3-influxdb + - influxdb + become: yes + +- name: InfluxDB user setup + user: + name: influxdb + groups: + - ssl-cert + append: yes + become: yes + +- name: Install configuration + template: + src: influxdb.conf.j2 + dest: /etc/influxdb/influxdb.conf + become: yes + notify: Restart influxdb + +- name: Check for changed cert + command: /bin/true + when: + - cert_changed + notify: + - Restart influxdb + +- name: create Influx DBs + influxdb_database: + database_name: '{{ item }}' + hostname: localhost + port: 8086 + ssl: yes + validate_certs: no + state: present + with_items: '{{ influx_dbs }}' + become: yes + +- name: create Influx Users + influxdb_user: + user_name: '{{ item.key }}' + user_password: '{{ item.value.password }}' + grants: '{{ item.value.grants }}' + hostname: localhost + port: 8086 + ssl: yes + validate_certs: no + state: present + with_dict: '{{ influx_users }}' + become: yes diff --git a/roles/influxdb/templates/influxdb.conf.j2 b/roles/influxdb/templates/influxdb.conf.j2 new file mode 100644 index 0000000..6d290bf --- /dev/null +++ b/roles/influxdb/templates/influxdb.conf.j2 @@ -0,0 +1,42 @@ +# Managed by Ansible. Do not change. + +[meta] + dir = "/var/lib/influxdb/meta" + +[data] + dir = "/var/lib/influxdb/data" + wal-dir = "/var/lib/influxdb/wal" + series-id-set-cache-size = 100 + +[coordinator] + +[retention] + +[shard-precreation] + +[monitor] + +[http] + enabled = true + bind-address = ":8086" + + https-enabled = {{ influx.https_enabled | lower }} + + https-certificate = "{{ influx.https_cert }}" + https-private-key = "{{ influx.https_key }}" + +[logging] + +[subscriber] + +[[graphite]] + +[[collectd]] + +[[opentsdb]] + +[[udp]] + +[continuous_queries] + +[tls] diff --git a/roles/influxdb/templates/influxdb.list.j2 b/roles/influxdb/templates/influxdb.list.j2 new file mode 100644 index 0000000..24fca97 --- /dev/null +++ b/roles/influxdb/templates/influxdb.list.j2 @@ -0,0 +1,4 @@ +# vi: ft=debsources +# This file is managed by Ansible. Do not change. + +deb https://repos.influxdata.com/debian {{ ansible_facts.distribution_release }} stable -- cgit v1.2.3