# limitations under the License.
#
+include_recipe "apache"
+include_recipe "apt"
+include_recipe "networking"
+
+passwords = data_bag_item("prometheus", "passwords")
+tokens = data_bag_item("prometheus", "tokens")
+
+prometheus_exporter "fastly" do
+ port 8080
+ listen_switch "endpoint"
+ listen_type "url"
+ environment "FASTLY_API_TOKEN" => tokens["fastly"]
+end
+
package "prometheus"
-clients = search(:node, "recipes:prometheus\\:\\:default").sort_by(&:name)
+jobs = {}
+
+search(:node, "recipes:prometheus\\:\\:default").sort_by(&:name).each do |client|
+ if client[:prometheus][:mode] == "wireguard"
+ node.default[:networking][:wireguard][:peers] << {
+ :public_key => client[:networking][:wireguard][:public_key],
+ :allowed_ips => client[:networking][:wireguard][:address],
+ :endpoint => "#{client.name}:51820"
+ }
+ end
+
+ client[:prometheus][:exporters].each do |name, address|
+ jobs[name] ||= []
+ jobs[name] << { :address => address, :name => client.name }
+ end
+end
template "/etc/prometheus/prometheus.yml" do
source "prometheus.yml.erb"
owner "root"
group "root"
mode "644"
- variables :clients => clients
+ variables :jobs => jobs
end
service "prometheus" do
action [:enable, :start]
subscribes :reload, "template[/etc/prometheus/prometheus.yml]"
end
+
+package "grafana-enterprise"
+
+template "/etc/grafana/grafana.ini" do
+ source "grafana.ini.erb"
+ owner "root"
+ group "grafana"
+ mode "640"
+ variables :passwords => passwords
+end
+
+service "grafana-server" do
+ action [:enable, :start]
+ subscribes :restart, "template[/etc/grafana/grafana.ini]"
+end
+
+apache_module "alias"
+apache_module "proxy_http"
+
+ssl_certificate "prometheus.openstreetmap.org" do
+ domains ["prometheus.openstreetmap.org", "prometheus.osm.org"]
+ notifies :reload, "service[apache2]"
+end
+
+apache_site "prometheus.openstreetmap.org" do
+ template "apache.erb"
+end