s3lph/ansible-collection-prometheus
1
0
Fork 0
mirror of https://gitlab.com/s3lph/ansible-collection-prometheus synced 2024-11-22 17:51:01 +01:00
Code Issues Releases Wiki Activity

Remove hardcoded blackbox module definitions

Browse source
This commit is contained in:
s3lph 2021-10-09 03:17:05 +02:00
parent 4755f742f3
commit c25dfa6210
3 changed files with 16 additions and 217 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
roles/prometheus/tasks/blackbox.yml
View file

@ -1,5 +1,14 @@
---
- name: initialize list of blackbox modules
set_fact:
_blackbox_modules: []
- name: build list of blackbox modules
set_fact:
_blackbox_modules: "{{ _blackbox_modules.update(item) }}"
loop: "{{ hostvars[inventory_hostname] | dict2items | selectattr('key', 'match', '^prometheus_job_.+$') | map(attribute='value') | map(attribute='blackbox') | map(attribute='modules') | filter('present') | dict }}"
- name: render blackbox exporter configuration
template:
src: blackbox.yml
@ -7,4 +16,6 @@
owner: root
group: root
mode: 0644
vars:
blackbox_modules: "{{ _blackbox_modules }}"
notify: restart blackbox exporter

220
roles/prometheus/templates/blackbox.yml
View file

@ -2,221 +2,9 @@
{{ ansible_managed | comment }}
modules:
{% for module in blackbox_modules | dict2items %}
http_2xx:
prober: http
http:
valid_status_codes:
- 200
- 204 # No content is ok, often returned by some APIs
{% if blackbox_prefer_ipv4 -%}
preferred_ip_protocol: ip4
{% endif -%}
tls_config:
insecure_skip_verify: true
{{ module.key }}:
{{ module.value | indent(4) }}
# A simple ICMP probe, used for network equipment, such as switches
icmp:
prober: icmp
# Check that the address returns a 401 Unautorized when queried without user credentials
http_auth_required:
prober: http
http:
valid_status_codes:
- 401
{% if blackbox_prefer_ipv4 -%}
preferred_ip_protocol: ip4
{% endif -%}
tls_config:
insecure_skip_verify: true
http_modified:
prober: http
http:
valid_status_codes:
- 200
{% if blackbox_prefer_ipv4 -%}
preferred_ip_protocol: ip4
{% endif -%}
tls_config:
insecure_skip_verify: true
ssh:
prober: tcp
timeout: 2s
tcp:
{% if blackbox_prefer_ipv4 -%}
preferred_ip_protocol: ip4
{% endif -%}
query_response:
- expect: "^SSH-2.0.*"
tls:
prober: tcp
timeout: 2s
tcp:
{% if blackbox_prefer_ipv4 -%}
preferred_ip_protocol: ip4
{% endif -%}
tls: true
znc:
prober: tcp
timeout: 2s
tcp:
{% if blackbox_prefer_ipv4 -%}
preferred_ip_protocol: ip4
{% endif -%}
tls: true
query_response:
- send: "PASS :{{ blackbox_znc_pass }}\r\n"
- send: "NICK {{ blackbox_znc_nick }}\r\n"
- send: "USER {{ blackbox_znc_nick }} * * :{{ blackbox_znc_fullname }}\r\n"
- expect: "^:.* 464 {{ blackbox_znc_nick }} :.*$"
irc:
prober: tcp
timeout: 2s
tcp:
{% if blackbox_prefer_ipv4 -%}
preferred_ip_protocol: ip4
{% endif -%}
query_response:
- send: "NICK {{ blackbox_irc_nick }}\r\n"
- send: "USER {{ blackbox_irc_nick }} * * :{{ blackbox_irc_fullname }}\r\n"
- expect: "^:.* {{ blackbox_irc_nick }} :.*$"
ircs:
prober: tcp
timeout: 2s
tcp:
{% if blackbox_prefer_ipv4 -%}
preferred_ip_protocol: ip4
{% endif -%}
tls: true
{% if blackbox_ircs_tlsname is defined -%}
tls_config:
server_name: "{{ blackbox_ircs_tlsname }}"
{% endif -%}
query_response:
- send: "NICK {{ blackbox_ircs_nick }}\r\n"
- send: "USER {{ blackbox_ircs_nick }} * * :{{ blackbox_ircs_fullname }}\r\n"
- expect: "^:.* {{ blackbox_ircs_nick }} :.*$"
smtp:
prober: tcp
timeout: 2s
tcp:
{% if blackbox_prefer_ipv4 -%}
preferred_ip_protocol: ip4
{% endif -%}
query_response:
- expect: "^220 .*SMTP .*$"
- send: "HELO {{ blackbox_smtp_name }}"
- expect: "^250 .*$"
- send: "QUIT"
smtp_starttls:
prober: tcp
timeout: 2s
tcp:
{% if blackbox_prefer_ipv4 -%}
preferred_ip_protocol: ip4
{% endif -%}
query_response:
- expect: "^220 .*SMTP .*$"
- send: "STARTTLS"
- expect: "^220.*TLS.*"
- starttls: true
- send: "HELO {{ blackbox_smtp_name }}"
- expect: "^250 .*$"
- send: "QUIT"
smtps:
prober: tcp
timeout: 2s
tcp:
{% if blackbox_prefer_ipv4 -%}
preferred_ip_protocol: ip4
{% endif -%}
tls: true
query_response:
- expect: "^220 .*SMTP .*$"
- send: "HELO {{ blackbox_smtp_name }}"
- expect: "^250 .*$"
- send: "QUIT"
imap:
prober: tcp
timeout: 2s
tcp:
{% if blackbox_prefer_ipv4 -%}
preferred_ip_protocol: ip4
{% endif -%}
query_response:
- expect: "^\\* OK .*$"
imaps:
prober: tcp
timeout: 2s
tcp:
{% if blackbox_prefer_ipv4 -%}
preferred_ip_protocol: ip4
{% endif -%}
tls: true
query_response:
- expect: "^\\* OK .*$"
managesieve:
prober: tcp
timeout: 2s
tcp:
{% if blackbox_prefer_ipv4 -%}
preferred_ip_protocol: ip4
{% endif -%}
query_response:
- expect: ".*SIEVE*"
- expect: "^OK .*$"
managesieve_starttls:
prober: tcp
timeout: 2s
tcp:
{% if blackbox_prefer_ipv4 -%}
preferred_ip_protocol: ip4
{% endif -%}
query_response:
- expect: ".*SIEVE*"
- expect: "^OK .*$"
- send: "STARTTLS"
- expect: "^OK .*TLS.*$"
- starttls: yes
- expect: "^OK .*TLS.*$"
nextcloud_installed:
prober: http
http:
valid_status_codes:
- 200
{% if blackbox_prefer_ipv4 -%}
preferred_ip_protocol: ip4
{% endif -%}
tls_config:
insecure_skip_verify: true
fail_if_body_not_matches_regexp:
- "\"installed\":true"
nextcloud_maintenance:
prober: http
http:
valid_status_codes:
- 200
{% if blackbox_prefer_ipv4 -%}
preferred_ip_protocol: ip4
{% endif -%}
tls_config:
insecure_skip_verify: true
fail_if_body_not_matches_regexp:
- "\"maintenance\":false"
- "\"needsDbUpgrade\":false"
{% endfor %}

2
roles/prometheus/templates/prometheus-job.yml
View file

@ -16,7 +16,7 @@
replacement: localhost:9115
params:
module:
{% for module in job.blackbox.modules -%}
{% for module in job.blackbox.modules.keys() -%}
- {{ module }}
{%- endfor %}
{% endif %}