2023-02-11 12:17:49 +00:00
|
|
|
# Create User and group:
|
|
|
|
user 'prometheus' do
|
|
|
|
system_user true
|
|
|
|
shell '/sbin/nologin'
|
|
|
|
end
|
|
|
|
|
2019-03-03 08:50:49 +00:00
|
|
|
# Create `/etc/prometheus.d/`:
|
2023-02-12 11:40:11 +00:00
|
|
|
%w( /etc/prometheus.d /var/opt/prometheus ).each do |d|
|
2019-03-03 08:50:49 +00:00
|
|
|
directory d do
|
2023-02-11 12:17:49 +00:00
|
|
|
owner 'prometheus'
|
2023-02-11 12:32:07 +00:00
|
|
|
group 'prometheus'
|
2023-02-12 11:40:11 +00:00
|
|
|
mode '0744'
|
2019-03-03 08:50:49 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
# Deploy `prometheus` files:
|
|
|
|
remote_file '/etc/prometheus.d/prometheus.yml' do
|
2023-02-11 12:17:49 +00:00
|
|
|
owner 'prometheus'
|
|
|
|
group 'prometheus'
|
2019-03-03 08:50:49 +00:00
|
|
|
mode '644'
|
|
|
|
end
|
|
|
|
|
2023-02-11 12:32:07 +00:00
|
|
|
# Deploy `systemd` configuration for `prometheus`:
|
|
|
|
remote_file '/etc/systemd/system/prometheus.service' do
|
|
|
|
owner 'root'
|
|
|
|
group 'root'
|
2019-03-03 08:50:49 +00:00
|
|
|
mode '644'
|
2023-02-11 12:32:07 +00:00
|
|
|
end
|
2019-03-03 08:50:49 +00:00
|
|
|
|
2023-02-11 12:32:07 +00:00
|
|
|
service 'prometheus' do
|
|
|
|
action [:enable, :start]
|
2019-03-03 08:50:49 +00:00
|
|
|
end
|
|
|
|
|
2023-02-11 12:33:24 +00:00
|
|
|
# Depoy `rsyslog` configuration for `prometheus`:
|
|
|
|
remote_file '/etc/rsyslog.d/30-prometheus.conf' do
|
|
|
|
owner 'root'
|
|
|
|
group 'root'
|
|
|
|
mode '644'
|
|
|
|
|
|
|
|
notifies :restart, 'service[rsyslog]'
|
|
|
|
end
|
|
|
|
|
|
|
|
service 'rsyslog' do
|
|
|
|
action :nothing
|
|
|
|
end
|
|
|
|
|
2023-02-11 12:38:50 +00:00
|
|
|
# Depoy `logrotate` configuration for `prometheus`:
|
|
|
|
remote_file '/etc/logrotate.d/prometheus' do
|
|
|
|
owner 'root'
|
|
|
|
group 'root'
|
|
|
|
mode '644'
|
|
|
|
end
|
|
|
|
|
2023-02-12 10:13:52 +00:00
|
|
|
# Depoy `vector` configuration for `prometheus`:
|
|
|
|
remote_file '/etc/vector/prometheus.toml' do
|
|
|
|
owner 'root'
|
|
|
|
group 'root'
|
|
|
|
mode '644'
|
|
|
|
end
|
|
|
|
|
2023-02-12 10:20:56 +00:00
|
|
|
remote_file '/etc/systemd/system/vector-prometheus.service' do
|
|
|
|
owner 'root'
|
|
|
|
group 'root'
|
|
|
|
mode '0644'
|
|
|
|
end
|
|
|
|
|
|
|
|
service 'vector-prometheus' do
|
|
|
|
action [:enable, :start]
|
|
|
|
end
|
|
|
|
|
2019-03-03 08:50:49 +00:00
|
|
|
# Depoy `consul` service configuration for `prometheus`:
|
|
|
|
remote_file '/etc/consul.d/service-prometheus.json' do
|
2020-11-22 15:52:14 +00:00
|
|
|
owner 'consul'
|
|
|
|
group 'consul'
|
2019-03-03 08:50:49 +00:00
|
|
|
mode '644'
|
|
|
|
|
2020-11-22 16:42:06 +00:00
|
|
|
notifies :reload, 'service[consul]'
|
2019-03-03 08:50:49 +00:00
|
|
|
end
|
|
|
|
|
2020-11-22 16:42:06 +00:00
|
|
|
# Restart the `consul`:
|
|
|
|
service 'consul' do
|
2019-03-03 08:50:49 +00:00
|
|
|
action :nothing
|
|
|
|
end
|
|
|
|
|
|
|
|
# Firewall settings here:
|
|
|
|
%w( 9090/tcp ).each do |p|
|
|
|
|
execute "ufw allow #{p}" do
|
|
|
|
user 'root'
|
|
|
|
|
|
|
|
not_if "LANG=c ufw status | grep #{p}"
|
|
|
|
|
|
|
|
notifies :run, 'execute[ufw reload-or-enable]'
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
execute 'ufw reload-or-enable' do
|
|
|
|
user 'root'
|
|
|
|
command 'LANG=C ufw reload | grep skipping && ufw --force enable || exit 0'
|
|
|
|
|
|
|
|
action :nothing
|
|
|
|
end
|