Not complete, however lots of progress made.

Can now add datasources, however, adding dashboards currently doesn't work but should be fixed in the next commit.
2 years ago · 3b1b7b402a
parent a1b7627948
commit 3b1b7b402a
10 changed files with 145 additions and 28 deletions
--- a/README.md
+++ b/README.md
@ -9,6 +9,7 @@ An Ansible role to install and configure Grafana.
 | Variable name | Type | Description | Required | Has default value | Example value |
 |---------------|------|-------------|----------|-------------------|---------------|
 | `grafana_server_users` | list of dictionaries | A dictionary containing users to be created | &#9744; | &#9744; | See [below](####grafana_server_users) |
+| `grafana_server_add_admin_user_to_default_organisation_as_admin` | boolean | Whether the admin user should be added to the default organisation. | &#9745; | &#9745; | `true`

 #### grafana_server_users

--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -12,9 +12,10 @@ grafana_server_instance_name: ${HOSTNAME}
 # Path default settings
 grafana_server_paths_data: /var/lib/grafana
 grafana_server_paths_temp_data_lifetime: 24h
-grafana_server_paths_logs: /var/log/grafana
-grafana_server_paths_plugins: /var/lib/grafana/plugins
-grafana_server_paths_provisioning: conf/provisioning
+grafana_server_paths_logs: /var/log/grafana # Recommended to be the full path to the directory
+grafana_server_paths_plugins: /var/lib/grafana/plugins # Recommended to be the full path to the directory
+grafana_server_paths_provisioning: /etc/grafana/conf/provisioning # Recommended to be the full path to the directory
+grafana_server_paths_dashboards: /etc/grafana/conf/dashboards/

 # Server default settings
 grafana_server_enable_https: false
@ -64,5 +65,10 @@ grafana_server_basic_authentication_enabled: true
 grafana_server_admin_user: root
 grafana_server_admin_user_name: root
 grafana_server_admin_password: "{{ vault_grafana_server_admin_password }}"
+grafana_server_add_admin_user_to_default_organisation_as_admin: true
+
+# Provisioning
+grafana_server_provisioning_folders_from_filesystem: true
+grafana_server_provisioning_dashboards_update_interval_seconds: 30

 ...
--- a/handlers/main.yml
+++ b/handlers/main.yml
@ -0,0 +1,8 @@
+---
+
+- name: Restart Grafana
+  ansible.builtin.service:
+    name: grafana-server
+    state: restarted
+
+...
--- a/tasks/configure_grafana.yml
+++ b/tasks/configure_grafana.yml
@ -8,6 +8,22 @@
    group: grafana
    mode: "0640"

+- name: Ensure that directories for Grafana exist
+  ansible.builtin.file:
+    path: "{{ item }}"
+    state: directory
+    owner: root
+    group: grafana
+    mode: "0755"
+  loop:
+    - "{{ grafana_server_paths_provisioning }}"
+    - "{{ grafana_server_paths_provisioning }}/access-control"
+    - "{{ grafana_server_paths_provisioning }}/alerting"
+    - "{{ grafana_server_paths_provisioning }}/plugins"
+    - "{{ grafana_server_paths_provisioning }}/dashboards"
+    - "{{ grafana_server_paths_provisioning }}/datasources"
+    - "{{ grafana_server_paths_dashboards }}"
+
 - name: Start Grafana service
  ansible.builtin.service:
    name: grafana-server
--- a/tasks/dashboards.yml
+++ b/tasks/dashboards.yml
@ -1,3 +1,36 @@
 ---

+- name: Create dashboard provisioning file
+  ansible.builtin.template:
+    src: dashboards.yaml.j2
+    dest: "{{ grafana_server_paths_provisioning }}/dashboards/dashboards.yaml"
+    owner: root
+    group: grafana
+    mode: "0640"
+  when:
+    - grafana_server_dashboards is defined
+
+- name: Create dashboard directories
+  ansible.builtin.file:
+    path: "{{ grafana_server_paths_dashboards }}/{{ item.value.folder }}"
+    state: directory
+    owner: root
+    group: grafana
+    mode: "0750"
+  loop: "{{ grafana_server_dashboards | dict2items }}"
+  when:
+    - item.value.folder is defined
+
+- name: Create dashboard JSON files
+  ansible.builtin.copy:
+    content: "{{ item.value.json }}"
+    dest: "{{ grafana_server_paths_dashboards }}/{{ item.value.folder | default('') }}/{{ item.key }}"
+    owner: root
+    group: grafana
+    mode: "0640"
+  notify: "Restart Grafana"
+  loop: "{{ grafana_server_dashboards | dict2items }}"
+  when:
+    - grafana_server_dashboards is defined
+
 ...
--- a/tasks/datasources.yml
+++ b/tasks/datasources.yml
@ -1,36 +1,28 @@
 ---

- name: Set fact for Grafana URL when using HTTP
-  ansible.builtin.set_fact:
-    grafana_server_grafana_url: "http://localhost:{{ grafana_server_http_port }}"
-  when:
-    - not grafana_server_enable_https | bool
-    - grafana_server_grafana_url is undefined
-
- name: Set fact for Grafana URL when using HTTPS
-  ansible.builtin.set_fact:
-    grafana_server_grafana_url: "https://localhost:{{ grafana_server_http_port }}"
+- name: Create datasources
+  ansible.builtin.template:
+    src: "datasources/{{ item.value.type }}.yaml.j2"
+    dest: "{{ grafana_server_paths_provisioning }}/datasources/{{ item.key }}.yaml"
+    owner: root
+    group: grafana
+    mode: "0640"
+  notify: "Restart Grafana"
+  loop: "{{ grafana_server_datasources | dict2items }}"
  when:
-    - grafana_server_enable_https | bool
-    - grafana_server_grafana_url is undefined
+    - grafana_server_datasources is defined
+  no_log: true

- name: Create datasources
+- name: Delete datasources
  community.grafana.grafana_datasource:
    grafana_url: "{{ grafana_server_grafana_url }}"
    grafana_user: "{{ grafana_server_admin_user }}"
    grafana_password: "{{ grafana_server_admin_password }}"
-    org_id: 1
-    name: "{{ item.key }}"
-    ds_type: "{{ item.value.type }}"
-    ds_url: "{{ item.value.url }}"
-    database: "{{ item.value.database | default(omit) }}"
-    user: "{{ item.value.user | default(omit) }}"
-    sslmode: "{{ item.value.sslmode | default(omit) }}"
-    additional_json_data: "{{ item.value.additonal_json_data | default(omit) }}"
-    additional_secure_json_data: "{{ item.value.additional_secure_json_data | default(omit) }}"
-    enforce_secure_data: "{{ item.value.enforce_secure_data | default(false) }}"
-  loop: "{{ grafana_server_datasources | dict2items }}"
+    name: "{{ item }}"
+    state: absent
+  notify: "Restart Grafana"
+  loop: "{{ grafana_server_datasources_to_delete }}"
  when:
-    - grafana_server_datasources is defined
+    - grafana_server_datasources_to_delete is defined

 ...
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -47,4 +47,10 @@
  when:
    - grafana_server_configure_grafana | bool

+- name: Include tasks to manage dashboards
+  ansible.builtin.include_tasks:
+    file: dashboards.yml
+  when:
+    - grafana_server_configure_grafana | bool
+
 ...
--- a/tasks/users.yml
+++ b/tasks/users.yml
@ -40,6 +40,19 @@
    - grafana_server_create_admin_user.msg is defined
    - "'Permission Denied' not in grafana_server_create_admin_user.msg"

+- name: Add admin account as an admin to default organisation
+  community.grafana.grafana_organization_user:
+    url: "{{ grafana_server_grafana_url }}"
+    url_username: "{{ grafana_server_admin_user }}"
+    url_password: "{{ grafana_server_admin_password }}"
+    validate_certs: "{{ grafana_server_validate_certs }}"
+    org_id: 1
+    login: "{{ grafana_server_admin_user }}"
+    state: present
+    role: admin
+  when:
+    - grafana_server_add_admin_user_to_default_organisation_as_admin | bool
+
 - name: Delete initial admin account
  community.grafana.grafana_user:
    url: "{{ grafana_server_grafana_url }}"
--- a/templates/dashboards.yaml.j2
+++ b/templates/dashboards.yaml.j2
@ -0,0 +1,11 @@
+apiVersion: 1
+
+{% if grafana_server_provisioning_folders_from_filesystem | bool %}
+providers:
+  - name: dashboards
+    type: file
+    updateIntervalSeconds: {{ grafana_server_provisioning_dashboards_update_interval_seconds }}
+    options:
+      path: "{{ grafana_server_paths_dashboards }}"
+      foldersFromFilesStructure: true
+{% endif %}
--- a/templates/datasources/mysql.yaml.j2
+++ b/templates/datasources/mysql.yaml.j2
@ -0,0 +1,31 @@
+apiVersion: 1
+
+datasources:
+  - name: {{ item.key }}
+    type: mysql
+    url: {{ item.value.url }}
+    user: {{ item.value.user }}
+    jsonData:
+      database: {{ item.value.database }}
+{% if item.value.maxOpenConns is defined %}
+      maxOpenConns: {{ item.value.max_open_conns }}
+{% else %}
+      maxOpenConns: 100
+{% endif %}
+{% if item.value.maxIdleConns is defined %}
+      maxIdleConns: {{ item.value.maxIdleConns }}
+{% else %}
+      maxIdleConns: 100
+{% endif %}
+{% if (item.value.maxIdleConnsAuto is defined and item.value.maxIdleConnsAuto | bool) or item.value.maxIdleConnsAuto is undefined %}
+      maxIdleConnsAuto: true
+{% else %}
+      maxIdleConnsAuto: false
+{% endif %}
+{% if item.value.connMaxLifetime is defined %}
+      connMaxLifetime: {{ item.value.connMaxLifetime }}
+{% else %}
+      connMaxLifetime: 14400
+{% endif %}
+    secureJsonData:
+      password: "{{ item.value.password }}"