LOL-si/ansible-lol
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request 'Rework blackbox monitoring' (#2) from rework-blackbox-monitoring into main

Browse Source 
Reviewed-on: #2
This commit was merged in pull request #2.
This commit is contained in:
Vincent F.
2026-06-13 19:07:13 +02:00
parent daca460fdd 18852dbc2f
commit 6e5c222116
6 changed files with 129 additions and 153 deletions
Download Patch File Download Diff File Expand all files Collapse all files
ansible/inventory
+3 -3
View File
@@ -22,6 +22,6 @@ all:
reverse-proxy.labolyon.dn42:
wiki.labolyon.dn42:
zigbee2mqtt.labolyon.dn42:
# blackbox:
# hosts:
# monitoring:
monitoring:
hosts:
monitoring.labolyon.dn42:
ansible/playbooks/monitoring.yml
+2 -12
View File
@@ -12,21 +12,11 @@
become: yes
roles:
- prometheus
- blackbox-exporter
vars:
blackbox: false
scrape_files:
- /etc/prometheus/scrape-main.yml
#- name: Install and configure Prometheus node - Blackbox nodes
# hosts: blackbox
# become: yes
# roles:
# - prometheus
# - blackbox-exporter
# vars:
# blackbox: true
# scrape_files:
# - /etc/prometheus/scrape-blackbox.yml
- /etc/prometheus/scrape-blackbox.yml
- name: Install and configure nodes
hosts: all
ansible/roles/blackbox-exporter/templates/blackbox.config.j2
+65 -60
View File
@@ -1,60 +1,65 @@
{{ ansible_managed | comment }}
modules:
http_2xx:
prober: http
{% if inventory_hostname == 'check.home.arpa' %}
http:
preferred_ip_protocol: "ip4"
ip_protocol_fallback: true
{% endif %}
http_post_2xx:
prober: http
{% if inventory_hostname == 'check.home.arpa' %}
http:
method: POST
preferred_ip_protocol: "ip4"
ip_protocol_fallback: true
{% endif %}
tcp_connect:
prober: tcp
smtp_check:
prober: tcp
timeout: 5s
tcp:
{% if inventory_hostname == 'check.home.arpa' %}
preferred_ip_protocol: "ip4"
ip_protocol_fallback: true
{% endif %}
query_response:
- expect: "^220(.*)ESMTP(.*)$"
- send: "EHLO prober\r"
- expect: "^250-STARTTLS"
- send: "STARTTLS\r"
- expect: "^220"
- starttls: true
- send: "EHLO prober\r"
- expect: "^250-AUTH"
- send: "QUIT\r"
imap_check:
prober: tcp
timeout: 5s
tcp:
{% if inventory_hostname == 'check.home.arpa' %}
preferred_ip_protocol: "ip4"
ip_protocol_fallback: true
{% endif %}
query_response:
- expect: "OK.*STARTTLS"
- send: ". STARTTLS"
- expect: "OK"
- starttls: true
- send: ". capability"
- expect: "CAPABILITY IMAP4rev1"
icmp:
prober: icmp
{% if inventory_hostname == 'check.home.arpa' %}
icmp:
preferred_ip_protocol: "ip4"
ip_protocol_fallback: true
{% endif %}
{{ ansible_managed | comment }}
modules:
http_2xx:
prober: http
{% if inventory_hostname == 'check.home.arpa' %}
http:
preferred_ip_protocol: "ip4"
ip_protocol_fallback: true
{% endif %}
http_2xx_selfsigned:
prober: http
http:
tls_config:
insecure_skip_verify: true
http_post_2xx:
prober: http
{% if inventory_hostname == 'check.home.arpa' %}
http:
method: POST
preferred_ip_protocol: "ip4"
ip_protocol_fallback: true
{% endif %}
tcp_connect:
prober: tcp
smtp_check:
prober: tcp
timeout: 5s
tcp:
{% if inventory_hostname == 'check.home.arpa' %}
preferred_ip_protocol: "ip4"
ip_protocol_fallback: true
{% endif %}
query_response:
- expect: "^220(.*)ESMTP(.*)$"
- send: "EHLO prober\r"
- expect: "^250-STARTTLS"
- send: "STARTTLS\r"
- expect: "^220"
- starttls: true
- send: "EHLO prober\r"
- expect: "^250-AUTH"
- send: "QUIT\r"
imap_check:
prober: tcp
timeout: 5s
tcp:
{% if inventory_hostname == 'check.home.arpa' %}
preferred_ip_protocol: "ip4"
ip_protocol_fallback: true
{% endif %}
query_response:
- expect: "OK.*STARTTLS"
- send: ". STARTTLS"
- expect: "OK"
- starttls: true
- send: ". capability"
- expect: "CAPABILITY IMAP4rev1"
icmp:
prober: icmp
{% if inventory_hostname == 'check.home.arpa' %}
icmp:
preferred_ip_protocol: "ip4"
ip_protocol_fallback: true
{% endif %}
ansible/roles/prometheus/templates/prometheus.config.j2
+31 -75
View File
@@ -1,75 +1,31 @@
{{ ansible_managed | comment }}
# Global configuration
global:
scrape_interval: 15s # Set the scrape interval to every 15 seconds. Default is every 1 minute.
evaluation_interval: 15s # Evaluate rules every 15 seconds. The default is every 1 minute.
# scrape_timeout is set to the global default (10s).
# Alertmanager configuration
alerting:
alertmanagers:
- static_configs:
- targets:
- localhost:9093
# Load rules once and periodically evaluate them according to the global 'evaluation_interval'.
rule_files:
- "{{ alertmanager_rules }}/prometheus.rules.yml"
- "{{ alertmanager_rules }}/blackbox.rules.yml"
- "{{ alertmanager_rules }}/hosts.rules.yml"
# A scrape configuration containing exactly one endpoint to scrape:
#scrape_config_files:
#{% for item in scrape_files %}
# - "{{ item }}"
#{% endfor %}
scrape_configs:
- job_name: "prometheus"
static_configs:
- targets: ["localhost:9090"]
{% if blackbox %}
- job_name: "blackbox"
metrics_path: /probe
params:
module: [http_2xx]
scrape_interval: 5s
static_configs:
- targets:
- https://labolyon.fr
- https://mail.labolyon.fr
- https://wiki.labolyon.fr
- https://git.labolyon.fr
relabel_configs:
- source_labels: [__address__]
target_label: __param_target
- source_labels: [__param_target]
target_label: target
- target_label: __address__
replacement: 127.0.0.1:9115 # The blackbox exporter's real hostname:port.
{% else %}
- job_name: "linux-nodes"
static_configs:
- targets:
- ansible.labolyon.dn42:9100
- dn42-router.labolyon.dn42:9100
- dns.labolyon.dn42:9100
- git.labolyon.dn42:9100
- i2p.labolyon.dn42:9100
- labolyon-fr.labolyon.dn42:9100
- lolix-ixpman.labolyon.dn42:9100
- lolix-rs1.labolyon.dn42:9100
- lolmox.labolyon.dn42:9100
- lolmox2.labolyon.dn42:9100
- mail.labolyon.dn42:9100
- matrix.labolyon.dn42:9100
- monitoring.labolyon.dn42:9100
- mosquitto.labolyon.dn42:9100
- radius.labolyon.dn42:9100
- reverse-proxy.labolyon.dn42:9100
- wiki.labolyon.dn42:9100
- zigbee2mqtt.labolyon.dn42:9100
{% endif %}
{{ ansible_managed | comment }}
# Global configuration
global:
scrape_interval: 15s # Set the scrape interval to every 15 seconds. Default is every 1 minute.
evaluation_interval: 15s # Evaluate rules every 15 seconds. The default is every 1 minute.
# scrape_timeout is set to the global default (10s).
# Alertmanager configuration
alerting:
alertmanagers:
- static_configs:
- targets:
- localhost:9093
# Load rules once and periodically evaluate them according to the global 'evaluation_interval'.
rule_files:
- "{{ alertmanager_rules }}/prometheus.rules.yml"
- "{{ alertmanager_rules }}/blackbox.rules.yml"
- "{{ alertmanager_rules }}/hosts.rules.yml"
# A scrape configuration containing exactly one endpoint to scrape:
scrape_config_files:
{% for item in scrape_files %}
- "{{ item }}"
{% endfor %}
scrape_configs:
- job_name: "prometheus"
static_configs:
- targets: ["localhost:9090"]
ansible/roles/prometheus/templates/scrape-blackbox.yml
+27 -3
View File
@@ -1,4 +1,8 @@
- job_name: "blackbox"
# managed by ansible
scrape_configs:
- job_name: "blackbox-public-https"
metrics_path: /probe
params:
module: [http_2xx]
@@ -6,13 +10,33 @@
static_configs:
- targets:
- https://labolyon.fr
- https://mail.labolyon.fr
- https://webmail.labolyon.fr
- https://wiki.labolyon.fr
- https://git.labolyon.fr
- https://sso.labolyon.fr
- https://chat.labolyon.fr
- https://grafana.labolyon.fr
relabel_configs:
- source_labels: [__address__]
target_label: __param_target
- source_labels: [__param_target]
target_label: target
target_label: instance
- target_label: __address__
replacement: 127.0.0.1:9115 # The blackbox exporter's real hostname:port.
- job_name: "blackbox-internal-https"
metrics_path: /probe
params:
module: [http_2xx_selfsigned]
scrape_interval: 5s
static_configs:
- targets:
- https://octoprint.labolyon.dn42/login/
- https://stickers.labolyon.dn42
relabel_configs:
- source_labels: [__address__]
target_label: __param_target
- source_labels: [__param_target]
target_label: instance
- target_label: __address__
replacement: 127.0.0.1:9115 # The blackbox exporter's real hostname:port.
ansible/roles/prometheus/templates/scrape-main.yml
+1
View File
@@ -1,3 +1,4 @@
scrape_configs:
- job_name: "linux-nodes"
static_configs:
- targets: