#!/usr/bin/env ansible-playbook
---
# Deploy Prometheus and Grafana on monitoring server
- hosts: monitoring
  vars:
    # Prometheus targets.json
    prometheus:
      node_targets: "{{ groups['server'] | list | sort }}"
      ups_snmp_targets:
        - pulsar.adm.crans.org  # 0B
        - quasar.adm.crans.org  # 4J
      procurve_snmp_targets:
        - batg-9.infra.crans.org
      unifi_snmp_targets: "{{ groups['crans_unifi'] | list | sort }}"
      blackbox_targets:
        - https://crans.org/
        - https://www.crans.org/
        - https://webirc.crans.org/
        - https://jitsi.crans.org/
        - https://ftps.crans.org/
        - http://ftp.crans.org/
        - https://grafana.crans.org/
        - https://roundcube.crans.org/
        - https://zero.crans.org/
        - https://wiki.crans.org/PageAccueil
        - https://framadate.crans.org/
        - https://pad.crans.org/
        - https://lists.crans.org/
        - https://cas.crans.org/
        - https://ethercalc.crans.org/
        - https://phabricator.crans.org/
        - https://webmail.crans.org/horde/login.php
        - https://gitlab.crans.org/
        - https://perso.crans.org/crans/
        - https://install-party.crans.org/
        - https://intranet.crans.org/
        - https://owncloud.crans.org/
      nginx_targets:
        - hodaur.adm.crans.org
        - charybde.adm.crans.org
      apache_targets: []  # [zamok.adm.crans.org]
      bird_targets:
        - routeur-sam.adm.crans.org

    snmp_procurve_password: "{{ vault.snmp_procurve_password }}"
    snmp_unifi_password: "{{ vault.snmp_unifi_password }}"

    grafana:
      root_url: https://grafana.crans.org
      icon: crans_icon_white.svg
      ldap_base: "{{ glob_ldap.base }}"
      ldap_master_ipv4: "{{ glob_ldap.servers[0] }}"
      ldap_user_tree: "ou=passwd,{{ glob_ldap.base }}"
  roles:
    - prometheus
    - prometheus-alertmanager
    - prometheus-snmp-exporter
    - prometheus-blackbox-exporter
    - ninjabot
    - grafana

# Monitor all hosts
- hosts: server
  vars:
    adm_ipv4: "{{ query('ldap', 'ip', ansible_hostname, 'adm') | ipv4 | first }}"
  roles: ["prometheus-node-exporter"]

# Export nginx metrics
- hosts: nginx
  vars:
    adm_ipv4: "{{ query('ldap', 'ip', ansible_hostname, 'adm') | ipv4 | first }}"
  roles: ["prometheus-nginx-exporter"]

# Export apache metrics
#- hosts: zamok.adm.crans.org
#  vars:
#    adm_ipv4: "{{ ansible_all_ipv4_addresses | ipaddr(adm_subnet) | first }}"
#  roles: ["prometheus-apache-exporter"]

# Monitor mailq with a special text exporter
#- hosts: redisdead.adm.crans.org
#  roles: ["prometheus-node-exporter-postfix"]

# Monitor logs with mtail
- hosts: tealc.adm.crans.org
  vars:
    mirror: '{{ glob_mirror | default({}) | combine(loc_mirror | default({})) }}'
  roles: ["mtail"]

- hosts: sputnik.adm.crans.org
  roles: ["statping"]