1
0
Fork 0
mirror of https://gitlab.com/s3lph/ansible-collection-prometheus synced 2024-12-23 00:37:33 +01:00

Add dnssec_exporter role

This commit is contained in:
s3lph 2022-12-05 01:25:34 +01:00
parent b924ad638e
commit 004dfc5feb
7 changed files with 100 additions and 0 deletions

View file

@ -0,0 +1,6 @@
---
- name: restart prometheus-dnssec-exporter
ansible.builtin.service:
name: prometheus-dnssec-exporter
state: restarted

View file

@ -0,0 +1,25 @@
---
- name: Render /etc/prometheus/dnssec-exporter/config.yaml
ansible.builtin.template:
src: etc/prometheus/dnssec-exporter/config.yaml.j2
dest: /etc/prometheus/dnssec-exporter/config.yaml
owner: root
group: root
mode: 0644
notify: restart prometheus-dnssec-exporter
- name: Render /etc/default/prometheus-dnssec-exporter
ansible.builtin.template:
src: etc/default/prometheus-dnssec-exporter.j2
dest: etc/default/prometheus-dnssec-exporter
owner: root
group: root
mode: 0644
notify: restart prometheus-dnssec-exporter
- name: Start and enable prometheus-dnssec-exporter
ansible.builtin.service:
name: prometheus-dnssec-exporter
state: started
enabled: yes

View file

@ -0,0 +1,6 @@
---
# Requires repo.s3lph.me to be set up
- name: install prometheus-dnssec-exporter from system package sources
ansible.builtin.apt:
name: prometheus-dnssec-exporter

View file

@ -0,0 +1,13 @@
---
- name: install prometheus-dnssec-exporter
ansible.builtin.import_tasks: install.yml
tags:
- "role::dnssec_exporter"
- "role::dnssec_exporter:install"
- name: configure prometheus-dnssec-exporter
ansible.builtin.import_tasks: config.yml
tags:
- "role::dnssec_exporter"
- "role::dnssec_exporter:config"

View file

@ -0,0 +1,14 @@
{{ ansible_managed | comment }}
ARGS="--config=/etc/prometheus/dnssec-exporter/config.yaml --web.listen-address={{ dnssec_exporter_listen_address }} {{ dnssec_exporter_additional_options }}"
# GLOBAL OPTIONS:
# --web.listen-address=":9142"
# Address on which to expose metrics.
# --web.metrics-path="/metrics"
# Path under which to expose metrics.
# --web.config="" Path to web config yaml file.
# --config="" Path to config yaml file.
# --log.level=info Only log messages with the given severity or above. One of: [debug, info, warn, error]
# --log.format=logfmt Output format of log messages. One of: [logfmt, json]
# --version Show application version.

View file

@ -0,0 +1,10 @@
---
dnssec_exporter_listen_address: "[::1]:9142"
dnssec_exporter_additional_options: ""
dnssec_exporter_dns_resolver: "1.1.1.1:53"
dnssec_exporter_dns_zones:
- example.org
- example.net
dnssec_exporter_additional_config: ""

View file

@ -0,0 +1,26 @@
---
{{ ansible_managed | comment }}
## dnssec exporter configuration
#
dns:
# The resolver to use. Must be DNSSEC validating, and
# must not strip DNSSEC responses.
resolver: {{ dnssec_exporter_dns_resolver }}
# List of zones to resolve.
zones:
{% for zone in dnssec_exporter_dns_zones %}
- {{ zone }}{% if zone[-1] != '.' %}.{% endif %}
{% endfor %}
## TLS and Basic Auth can be configured here as well, see for details:
## https://github.com/prometheus/exporter-toolkit/blob/master/web/tls_config.go#L36
#
#basic_auth_users:
# user1: pass1
# user2: pass2
#tls_server_config:
# cert_file: server.crt
# key_file: server.key
{{ dnssec_exporter_additional_config }}