From e1bd3b1eb158671272967d91ccb8c85b31cb05b0 Mon Sep 17 00:00:00 2001
From: Chris Cowley <chris.cowley@fr.clara.net>
Date: Sat, 12 Dec 2020 21:34:59 +0100
Subject: [PATCH 1/3] Install Prometheus

---
 ansible/playbooks/requirements.yml          |  4 +++
 ansible/playbooks/role-rocky-monitoring.yml | 38 +++++++++++++++++++++
 2 files changed, 42 insertions(+)
 create mode 100644 ansible/playbooks/role-rocky-monitoring.yml

diff --git a/ansible/playbooks/requirements.yml b/ansible/playbooks/requirements.yml
index 79df8b8..7d137c5 100644
--- a/ansible/playbooks/requirements.yml
+++ b/ansible/playbooks/requirements.yml
@@ -2,6 +2,10 @@
 collections:
   - freeipa.ansible_freeipa
   - community.general
+  - ansible.posix
+
 
 roles:
   - name: geerlingguy.mysql
+  - name: cloudalchemy.prometheus
+  - name: cloudalchemy.node-exporter
diff --git a/ansible/playbooks/role-rocky-monitoring.yml b/ansible/playbooks/role-rocky-monitoring.yml
new file mode 100644
index 0000000..2981417
--- /dev/null
+++ b/ansible/playbooks/role-rocky-monitoring.yml
@@ -0,0 +1,38 @@
+---
+# Creates the first monitoring server
+# Reccommended specs
+# CPU: 2 cores
+# Memory: 2GB
+# Storage: a piece of string
+- name: Install Prometheus
+  hosts: monitoringserver
+  become: true
+
+  pre_tasks:
+    - name: Verify if we can run ansible
+      assert:
+        that:
+          - "not no_ansible.stat.exists"
+        msg: "/etc/no-ansible exists - skipping run on this node"
+    - name: Install SELinux packages
+      package:
+        name: python3-policycoreutils.noarch
+        state: latest
+
+  role:
+    - role: cloudalchemy.prometheus
+
+  post_tasks:
+    - name: Open firewall
+      ansible.posix.firewalld:
+        port: 9090/tcp
+        permanent: yes
+        state: enabled
+
+    - name: Touching run file that ansible has ran here
+      file:
+        path: /var/log/ansible.run
+        state: touch
+        mode: '0644'
+        owner: root
+        group: root

From e1085d7e225468ecf554014066ab044dd1df00b0 Mon Sep 17 00:00:00 2001
From: Chris Cowley <chris.cowley@fr.clara.net>
Date: Sat, 12 Dec 2020 22:14:57 +0100
Subject: [PATCH 2/3] Do not open up FW port for Prometheus.

---
 ansible/playbooks/role-rocky-monitoring.yml | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/ansible/playbooks/role-rocky-monitoring.yml b/ansible/playbooks/role-rocky-monitoring.yml
index 2981417..9ea70ed 100644
--- a/ansible/playbooks/role-rocky-monitoring.yml
+++ b/ansible/playbooks/role-rocky-monitoring.yml
@@ -23,12 +23,6 @@
     - role: cloudalchemy.prometheus
 
   post_tasks:
-    - name: Open firewall
-      ansible.posix.firewalld:
-        port: 9090/tcp
-        permanent: yes
-        state: enabled
-
     - name: Touching run file that ansible has ran here
       file:
         path: /var/log/ansible.run

From 1ec706d2f468b820714bfeaef8518da6605465b5 Mon Sep 17 00:00:00 2001
From: Chris Cowley <chris.cowley@fr.clara.net>
Date: Sat, 12 Dec 2020 22:24:01 +0100
Subject: [PATCH 3/3] Add an example config for nodes

---
 ansible/playbooks/vars/monitoring.yml | 8 ++++++++
 1 file changed, 8 insertions(+)
 create mode 100644 ansible/playbooks/vars/monitoring.yml

diff --git a/ansible/playbooks/vars/monitoring.yml b/ansible/playbooks/vars/monitoring.yml
new file mode 100644
index 0000000..e4c1e77
--- /dev/null
+++ b/ansible/playbooks/vars/monitoring.yml
@@ -0,0 +1,8 @@
+---
+#prometheus_targets:
+#  node:
+#    - targets:
+#        - host1
+#        - host2
+#      labels:
+#        env: production