From 3b1b7b402a9e2932945dd7d0bedadb0ad052c421 Mon Sep 17 00:00:00 2001 From: Ronald Date: Sun, 7 Jul 2024 22:04:10 +0100 Subject: [PATCH] Not complete, however lots of progress made. Can now add datasources, however, adding dashboards currently doesn't work but should be fixed in the next commit. --- README.md | 1 + defaults/main.yml | 12 ++++++--- handlers/main.yml | 8 ++++++ tasks/configure_grafana.yml | 16 +++++++++++ tasks/dashboards.yml | 33 +++++++++++++++++++++++ tasks/datasources.yml | 42 ++++++++++++----------------- tasks/main.yml | 6 +++++ tasks/users.yml | 13 +++++++++ templates/dashboards.yaml.j2 | 11 ++++++++ templates/datasources/mysql.yaml.j2 | 31 +++++++++++++++++++++ 10 files changed, 145 insertions(+), 28 deletions(-) create mode 100644 handlers/main.yml create mode 100644 templates/dashboards.yaml.j2 create mode 100644 templates/datasources/mysql.yaml.j2 diff --git a/README.md b/README.md index 55757c3..aae0c81 100644 --- a/README.md +++ b/README.md @@ -9,6 +9,7 @@ An Ansible role to install and configure Grafana. | Variable name | Type | Description | Required | Has default value | Example value | |---------------|------|-------------|----------|-------------------|---------------| | `grafana_server_users` | list of dictionaries | A dictionary containing users to be created | ☐ | ☐ | See [below](####grafana_server_users) | +| `grafana_server_add_admin_user_to_default_organisation_as_admin` | boolean | Whether the admin user should be added to the default organisation. | ☑ | ☑ | `true` #### grafana_server_users diff --git a/defaults/main.yml b/defaults/main.yml index 9a843ff..03a93d4 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -12,9 +12,10 @@ grafana_server_instance_name: ${HOSTNAME} # Path default settings grafana_server_paths_data: /var/lib/grafana grafana_server_paths_temp_data_lifetime: 24h -grafana_server_paths_logs: /var/log/grafana -grafana_server_paths_plugins: /var/lib/grafana/plugins -grafana_server_paths_provisioning: conf/provisioning +grafana_server_paths_logs: /var/log/grafana # Recommended to be the full path to the directory +grafana_server_paths_plugins: /var/lib/grafana/plugins # Recommended to be the full path to the directory +grafana_server_paths_provisioning: /etc/grafana/conf/provisioning # Recommended to be the full path to the directory +grafana_server_paths_dashboards: /etc/grafana/conf/dashboards/ # Server default settings grafana_server_enable_https: false @@ -64,5 +65,10 @@ grafana_server_basic_authentication_enabled: true grafana_server_admin_user: root grafana_server_admin_user_name: root grafana_server_admin_password: "{{ vault_grafana_server_admin_password }}" +grafana_server_add_admin_user_to_default_organisation_as_admin: true + +# Provisioning +grafana_server_provisioning_folders_from_filesystem: true +grafana_server_provisioning_dashboards_update_interval_seconds: 30 ... diff --git a/handlers/main.yml b/handlers/main.yml new file mode 100644 index 0000000..02eb499 --- /dev/null +++ b/handlers/main.yml @@ -0,0 +1,8 @@ +--- + +- name: Restart Grafana + ansible.builtin.service: + name: grafana-server + state: restarted + +... diff --git a/tasks/configure_grafana.yml b/tasks/configure_grafana.yml index 270593b..7261e58 100644 --- a/tasks/configure_grafana.yml +++ b/tasks/configure_grafana.yml @@ -8,6 +8,22 @@ group: grafana mode: "0640" +- name: Ensure that directories for Grafana exist + ansible.builtin.file: + path: "{{ item }}" + state: directory + owner: root + group: grafana + mode: "0755" + loop: + - "{{ grafana_server_paths_provisioning }}" + - "{{ grafana_server_paths_provisioning }}/access-control" + - "{{ grafana_server_paths_provisioning }}/alerting" + - "{{ grafana_server_paths_provisioning }}/plugins" + - "{{ grafana_server_paths_provisioning }}/dashboards" + - "{{ grafana_server_paths_provisioning }}/datasources" + - "{{ grafana_server_paths_dashboards }}" + - name: Start Grafana service ansible.builtin.service: name: grafana-server diff --git a/tasks/dashboards.yml b/tasks/dashboards.yml index c81cf5b..5806951 100644 --- a/tasks/dashboards.yml +++ b/tasks/dashboards.yml @@ -1,3 +1,36 @@ --- +- name: Create dashboard provisioning file + ansible.builtin.template: + src: dashboards.yaml.j2 + dest: "{{ grafana_server_paths_provisioning }}/dashboards/dashboards.yaml" + owner: root + group: grafana + mode: "0640" + when: + - grafana_server_dashboards is defined + +- name: Create dashboard directories + ansible.builtin.file: + path: "{{ grafana_server_paths_dashboards }}/{{ item.value.folder }}" + state: directory + owner: root + group: grafana + mode: "0750" + loop: "{{ grafana_server_dashboards | dict2items }}" + when: + - item.value.folder is defined + +- name: Create dashboard JSON files + ansible.builtin.copy: + content: "{{ item.value.json }}" + dest: "{{ grafana_server_paths_dashboards }}/{{ item.value.folder | default('') }}/{{ item.key }}" + owner: root + group: grafana + mode: "0640" + notify: "Restart Grafana" + loop: "{{ grafana_server_dashboards | dict2items }}" + when: + - grafana_server_dashboards is defined + ... diff --git a/tasks/datasources.yml b/tasks/datasources.yml index 82f2ce6..b200776 100644 --- a/tasks/datasources.yml +++ b/tasks/datasources.yml @@ -1,36 +1,28 @@ --- -- name: Set fact for Grafana URL when using HTTP - ansible.builtin.set_fact: - grafana_server_grafana_url: "http://localhost:{{ grafana_server_http_port }}" - when: - - not grafana_server_enable_https | bool - - grafana_server_grafana_url is undefined - -- name: Set fact for Grafana URL when using HTTPS - ansible.builtin.set_fact: - grafana_server_grafana_url: "https://localhost:{{ grafana_server_http_port }}" +- name: Create datasources + ansible.builtin.template: + src: "datasources/{{ item.value.type }}.yaml.j2" + dest: "{{ grafana_server_paths_provisioning }}/datasources/{{ item.key }}.yaml" + owner: root + group: grafana + mode: "0640" + notify: "Restart Grafana" + loop: "{{ grafana_server_datasources | dict2items }}" when: - - grafana_server_enable_https | bool - - grafana_server_grafana_url is undefined + - grafana_server_datasources is defined + no_log: true -- name: Create datasources +- name: Delete datasources community.grafana.grafana_datasource: grafana_url: "{{ grafana_server_grafana_url }}" grafana_user: "{{ grafana_server_admin_user }}" grafana_password: "{{ grafana_server_admin_password }}" - org_id: 1 - name: "{{ item.key }}" - ds_type: "{{ item.value.type }}" - ds_url: "{{ item.value.url }}" - database: "{{ item.value.database | default(omit) }}" - user: "{{ item.value.user | default(omit) }}" - sslmode: "{{ item.value.sslmode | default(omit) }}" - additional_json_data: "{{ item.value.additonal_json_data | default(omit) }}" - additional_secure_json_data: "{{ item.value.additional_secure_json_data | default(omit) }}" - enforce_secure_data: "{{ item.value.enforce_secure_data | default(false) }}" - loop: "{{ grafana_server_datasources | dict2items }}" + name: "{{ item }}" + state: absent + notify: "Restart Grafana" + loop: "{{ grafana_server_datasources_to_delete }}" when: - - grafana_server_datasources is defined + - grafana_server_datasources_to_delete is defined ... diff --git a/tasks/main.yml b/tasks/main.yml index a3251ab..f3c62e5 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -47,4 +47,10 @@ when: - grafana_server_configure_grafana | bool +- name: Include tasks to manage dashboards + ansible.builtin.include_tasks: + file: dashboards.yml + when: + - grafana_server_configure_grafana | bool + ... diff --git a/tasks/users.yml b/tasks/users.yml index 8699fb5..faf0558 100644 --- a/tasks/users.yml +++ b/tasks/users.yml @@ -40,6 +40,19 @@ - grafana_server_create_admin_user.msg is defined - "'Permission Denied' not in grafana_server_create_admin_user.msg" +- name: Add admin account as an admin to default organisation + community.grafana.grafana_organization_user: + url: "{{ grafana_server_grafana_url }}" + url_username: "{{ grafana_server_admin_user }}" + url_password: "{{ grafana_server_admin_password }}" + validate_certs: "{{ grafana_server_validate_certs }}" + org_id: 1 + login: "{{ grafana_server_admin_user }}" + state: present + role: admin + when: + - grafana_server_add_admin_user_to_default_organisation_as_admin | bool + - name: Delete initial admin account community.grafana.grafana_user: url: "{{ grafana_server_grafana_url }}" diff --git a/templates/dashboards.yaml.j2 b/templates/dashboards.yaml.j2 new file mode 100644 index 0000000..1a3ed20 --- /dev/null +++ b/templates/dashboards.yaml.j2 @@ -0,0 +1,11 @@ +apiVersion: 1 + +{% if grafana_server_provisioning_folders_from_filesystem | bool %} +providers: + - name: dashboards + type: file + updateIntervalSeconds: {{ grafana_server_provisioning_dashboards_update_interval_seconds }} + options: + path: "{{ grafana_server_paths_dashboards }}" + foldersFromFilesStructure: true +{% endif %} \ No newline at end of file diff --git a/templates/datasources/mysql.yaml.j2 b/templates/datasources/mysql.yaml.j2 new file mode 100644 index 0000000..a935077 --- /dev/null +++ b/templates/datasources/mysql.yaml.j2 @@ -0,0 +1,31 @@ +apiVersion: 1 + +datasources: + - name: {{ item.key }} + type: mysql + url: {{ item.value.url }} + user: {{ item.value.user }} + jsonData: + database: {{ item.value.database }} +{% if item.value.maxOpenConns is defined %} + maxOpenConns: {{ item.value.max_open_conns }} +{% else %} + maxOpenConns: 100 +{% endif %} +{% if item.value.maxIdleConns is defined %} + maxIdleConns: {{ item.value.maxIdleConns }} +{% else %} + maxIdleConns: 100 +{% endif %} +{% if (item.value.maxIdleConnsAuto is defined and item.value.maxIdleConnsAuto | bool) or item.value.maxIdleConnsAuto is undefined %} + maxIdleConnsAuto: true +{% else %} + maxIdleConnsAuto: false +{% endif %} +{% if item.value.connMaxLifetime is defined %} + connMaxLifetime: {{ item.value.connMaxLifetime }} +{% else %} + connMaxLifetime: 14400 +{% endif %} + secureJsonData: + password: "{{ item.value.password }}" \ No newline at end of file