--- #* DOCKER docker_install_compose: true pip_executable: pip3 #*PIP pip_install_packages: - docker-compose #* SSH #ssh_listen_to: "{{ host_private_address }}" #* USERS management_user_list: - name: admin shell: '/bin/bash' authorized_keys: - key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQClVS1uxDfwS6OusQ4qgcZ6hBc8YRBE8MyXu0sUfGN7S3itjI3W2ixD18v80el8dVQVR12jCY0ueavgoV1cHrfGWkFoLKi+QrA4MuSNUChj0NBbyLTmdwPvne8LRv3ttCbRSJ/6bIEveX8y/7kGn/R1NDFlfE6b5R8ersBUKCQM6YxblAkv/XH8cJlQXhr1nLhVOl/ae+Q/pTCbgioB8qrmGEuMvOLmavcFf7IJbJcSgeiXSOnyIRl2n64X6lbRK+MRZ61pF6vAOXA+Ixyt/fAbO7sjqU0+cEhU5Br5/VcqG4Bc5nhWimtXIHPry3aLV5PtN6K9/i3eA5F6Jpa82JzmUMEbWSBIga02yIw9GjRyAI6ccH/kJGuB6QN5/YwGHpOF2f0FGiEAbUz41mLngN3SsXL1pdV2hT3x56/GIcGe6p/f1cytwVCyOaE7W87B05w5JYb1sSFj6QuGW0rHWfnHT5SY87Mk/H8VgZPaPbm+hSjLIQRAmUYQR+Rub1o9bXE= stephane" exclusive: yes sudo: hosts: ALL as: ALL commands: ALL nopasswd: ALL #* FIREWALL firewall_allowed_tcp_ports: - "22" - "80" - "443" - "9100" - "9090" - "3000" #* NETBIRD netbird_setup_key: F234BD1F-385B-4BEA-8234-608CCB1062ED netbird_register: true #* TLS node_exporter_tls_server_config: cert_file: /etc/node_exporter/tls.cert key_file: /etc/node_exporter/tls.key #* NODE_EXPORTER # node_exporter_basic_auth_users: # randomuser: examplepassword node_exporter_web_listen_address: "{{ host_private_address }}:9100" #* PROMETHEUS prometheus_web_listen_address: "{{ host_private_address }}:9090" prometheus_scrape_configs: - job_name: "prometheus" # Custom scrape job, here using `static_config` metrics_path: "/metrics" static_configs: - targets: - "{{ host_private_address }}:9090" - job_name: "node1" scheme: https # Custom scrape job, here using `static_config` metrics_path: "/metrics" tls_config: ca_file: "{{ node_exporter_tls_server_config.cert_file }}" static_configs: - targets: - "{{ ansible_hostname }}.netbird.cloud:9100" - job_name: "node2" scheme: https # Custom scrape job, here using `static_config` metrics_path: "/metrics" tls_config: ca_file: "/etc/node_exporter/tls_scaleway.cert" static_configs: - targets: - "scaleway.netbird.cloud:9100" # - "{{ host_private_address }}:9100" - job_name: "git" scheme: https # Custom scrape job, here using `static_config` metrics_path: "/metrics" static_configs: - targets: - "gitea.jingoh.fr" - job_name: "publicservicediscovery" metrics_path: "/metrics" basic_auth: username: 'jingohtraf' password: 'FSzmSLr#6i9M#d' scheme: https file_sd_configs: - files: - "{{ prometheus_config_dir }}/file_sd/node.yml" # This line loads file created from `prometheus_targets` prometheus_targets: node: # This is a base file name. File is located in "{{ prometheus_config_dir }}/file_sd/<>.yml" - targets: # - "traefik.jingoh.fr" #* GRAFANA grafana_address: "{{ host_private_address }}" install_grafana__protocol: "https" install_grafana__http_addr: "{{ host_private_address }}" install_grafana__domain: "{{ ansible_hostname }}.netbird.cloud" inv_install_grafana__cert_file: "{{ node_exporter_tls_server_config.cert_file }}" inv_install_grafana__cert_key: "{{ node_exporter_tls_server_config.key_file }}" # ########## # # CHISEL # # ########## # chisel_server: false # chisel_client_server_url: "{{ chisel_server_host }}:8080" # chisel_client_remotes: "R:{{ chisel_server_host }}:socks" # chisel_service_name: chisel-client # chisel_config_name: chisel-client # chisel_conf: # # chisel enable auth and finder # - path: "/etc/chisel/{{ chisel_config_name }}.conf" # regexp: "^AUTH=--auth {{ chisel_client_auth_username }}:{{ chisel_client_auth_password }}" # state: present # line: "AUTH=--auth {{ chisel_client_auth_username }}:{{ chisel_client_auth_password }}" # - path: "/etc/chisel/{{ chisel_config_name }}.conf" # regexp: "^FINGERPRINT=--fingerprint {{ chisel_client_server_fingerprint }}" # state: present # line: "FINGERPRINT=--fingerprint {{ hostvars[groups['server'][0]].chisel_fingerprint[4]|default('') }}"