mirror of
https://github.com/mdlayher/homelab.git
synced 2024-12-14 11:47:32 +00:00
ansible/wireguard_exporter: new role, add router inventory
Signed-off-by: Matt Layher <mdlayher@gmail.com>
This commit is contained in:
Matt Layher
parent
b02545bb5f
commit
e5135d5ab1
5 changed files with 107 additions and 0 deletions
|
|
@ -4,5 +4,8 @@ servnerr-3
|
|||
[workstation]
|
||||
matt@nerr-3
|
||||
|
||||
[router]
|
||||
routnerr-1
|
||||
|
||||
[unifi]
|
||||
unifi.servnerr.com
|
||||
|
|
|
|||
80
ansible/roles/wireguard_exporter/tasks/main.yml
Normal file
80
ansible/roles/wireguard_exporter/tasks/main.yml
Normal file
|
|
@ -0,0 +1,80 @@
|
|||
---
|
||||
- name: download and checksum wireguard_exporter binary
|
||||
tags:
|
||||
- wireguard_exporter
|
||||
get_url:
|
||||
url: "{{ wireguard_exporter_url }}"
|
||||
dest: "/tmp/wireguard_exporter"
|
||||
checksum: "sha256:{{ wireguard_exporter_sha256 }}"
|
||||
|
||||
- name: create wireguard_exporter user
|
||||
tags:
|
||||
- wireguard_exporter
|
||||
user:
|
||||
name: wireguard_exporter
|
||||
shell: "/bin/false"
|
||||
comment: "wireguard_exporter service user"
|
||||
|
||||
- name: check if wireguard_exporter service exists
|
||||
tags:
|
||||
- wireguard_exporter
|
||||
stat:
|
||||
path: "/etc/systemd/system/wireguard_exporter.service"
|
||||
register: checked
|
||||
|
||||
- name: stop wireguard_exporter service if it exists
|
||||
tags:
|
||||
- wireguard_exporter
|
||||
when: checked.stat.exists
|
||||
service:
|
||||
name: wireguard_exporter
|
||||
state: stopped
|
||||
|
||||
- name: copy wireguard_exporter binary to /usr/bin
|
||||
tags:
|
||||
- wireguard_exporter
|
||||
command: "cp /tmp/wireguard_exporter /usr/bin/"
|
||||
|
||||
- name: grant capabilities to wireguard_exporter binary
|
||||
tags:
|
||||
- wireguard_exporter
|
||||
capabilities:
|
||||
path: "/usr/bin/wireguard_exporter"
|
||||
capability: "cap_net_admin+ep"
|
||||
state: present
|
||||
|
||||
- name: set permissions on wireguard_exporter binary
|
||||
tags:
|
||||
- wireguard_exporter
|
||||
file:
|
||||
path: "/usr/bin/wireguard_exporter"
|
||||
owner: wireguard_exporter
|
||||
group: wireguard_exporter
|
||||
mode: 0755
|
||||
|
||||
- name: create wireguard_exporter systemd unit
|
||||
tags:
|
||||
- wireguard_exporter
|
||||
template:
|
||||
src: wireguard_exporter.service.j2
|
||||
dest: "/etc/systemd/system/wireguard_exporter.service"
|
||||
|
||||
- name: reload systemd configurations
|
||||
tags:
|
||||
- wireguard_exporter
|
||||
command: "systemctl daemon-reload"
|
||||
|
||||
- name: start wireguard_exporter service
|
||||
tags:
|
||||
- wireguard_exporter
|
||||
service:
|
||||
name: wireguard_exporter
|
||||
state: started
|
||||
enabled: true
|
||||
|
||||
- name: remove temporary files
|
||||
tags:
|
||||
- wireguard_exporter
|
||||
file:
|
||||
path: "/tmp/wireguard_exporter"
|
||||
state: absent
|
||||
|
|
@ -0,0 +1,15 @@
|
|||
# {{ ansible_managed }}
|
||||
[Unit]
|
||||
Description=Prometheus wireguard exporter
|
||||
Documentation=https://github.com/mdlayher/wireguard_exporter
|
||||
Wants=network-online.target
|
||||
After=network-online.target
|
||||
|
||||
[Service]
|
||||
User=wireguard_exporter
|
||||
Group=wireguard_exporter
|
||||
Type=simple
|
||||
ExecStart=/usr/bin/wireguard_exporter
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
3
ansible/roles/wireguard_exporter/vars/main.yml
Normal file
3
ansible/roles/wireguard_exporter/vars/main.yml
Normal file
|
|
@ -0,0 +1,3 @@
|
|||
---
|
||||
wireguard_exporter_url: "https://mdlayher.nyc3.digitaloceanspaces.com/bin/wireguard_exporter_mips64"
|
||||
wireguard_exporter_sha256: "4a49b28a7661f964c2f2f9030fdb53c1171f228e1602c2a3c95b77c6ad824f47"
|
||||
6
ansible/router.yml
Normal file
6
ansible/router.yml
Normal file
|
|
@ -0,0 +1,6 @@
|
|||
---
|
||||
- hosts: router
|
||||
become: true
|
||||
become_user: root
|
||||
roles:
|
||||
- wireguard_exporter
|
||||
Loading…
Reference in a new issue