serguzim/infrastructure
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Remove telegraf service (replaced with grafana alloy)

Browse source
This commit is contained in:
Tobias Reisinger 2025-05-06 16:04:53 +02:00
parent 5ad3e9bfe2
commit 4a853065db
Signed by: serguzim
GPG key ID: 13AD60C237A28DFE
6 changed files with 16 additions and 135 deletions
playbooks
for-ansible-lint.yml
roles
lgtm_stack/vars
main.yml
telegraf
tasks
main.yml
templates
telegraf.conf.j2
vars
main.yml
services.auto.tfvars

2
playbooks/for-ansible-lint.yml
View file

@ -20,6 +20,7 @@
- influxdb - influxdb
- jellyfin - jellyfin
- lego - lego
- lgtm_stack
- mailcowdockerized - mailcowdockerized
- minecraft_2 - minecraft_2
- minio - minio
@ -31,7 +32,6 @@
- synapse - synapse
- tandoor - tandoor
- teamspeak_fallback - teamspeak_fallback
- telegraf
- tinytinyrss - tinytinyrss
- umami - umami
- vikunja - vikunja

11
playbooks/roles/lgtm_stack/vars/main.yml
View file

@ -57,7 +57,10 @@ lgtm_stack_env:
GF_AUTH_GENERIC_OAUTH_ENABLED: true GF_AUTH_GENERIC_OAUTH_ENABLED: true
GF_AUTH_GENERIC_OAUTH_NAME: "auth.serguzim.me" GF_AUTH_GENERIC_OAUTH_NAME: "auth.serguzim.me"
GF_AUTH_GENERIC_OAUTH_ALLOW_SIGN_UP: true GF_AUTH_GENERIC_OAUTH_ALLOW_SIGN_UP: true
GF_AUTH_GENERIC_OAUTH_ROLE_ATTRIBUTE_PATH: "contains(groups, 'Grafana GrafanaAdmins') && 'GrafanaAdmin' || contains(groups, 'Grafana Admins') && 'Admin' || contains(groups, 'Grafana Editors') && 'Editor' || 'Viewer'" GF_AUTH_GENERIC_OAUTH_ROLE_ATTRIBUTE_PATH: "\
contains(groups, 'Grafana GrafanaAdmins') && 'GrafanaAdmin'
|| contains(groups, 'Grafana Admins') && 'Admin'
|| contains(groups, 'Grafana Editors') && 'Editor' || 'Viewer'"
GF_AUTH_GENERIC_OAUTH_ALLOW_ASSIGN_GRAFANA_ADMIN: true GF_AUTH_GENERIC_OAUTH_ALLOW_ASSIGN_GRAFANA_ADMIN: true
GF_AUTH_GENERIC_OAUTH_CLIENT_ID: "{{ opentofu.authentik_data.lgtm_stack.client_id }}" GF_AUTH_GENERIC_OAUTH_CLIENT_ID: "{{ opentofu.authentik_data.lgtm_stack.client_id }}"
GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET: "{{ opentofu.authentik_data.lgtm_stack.client_secret }}" GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET: "{{ opentofu.authentik_data.lgtm_stack.client_secret }}"
@ -101,7 +104,7 @@ lgtm_stack_mimir_yml:
storage: storage:
backend: s3 backend: s3
s3: s3:
endpoint: "{{ opentofu.scaleway_data.mimir_blocks.api_endpoint | regex_replace('^https://', '') }}" endpoint: "{{ opentofu.scaleway_data.mimir_blocks.api_endpoint | regex_replace('^https://', '') }}"
region: "{{ opentofu.scaleway_data.mimir_blocks.region }}" region: "{{ opentofu.scaleway_data.mimir_blocks.region }}"
access_key_id: "{{ opentofu.scaleway_data.mimir_blocks.access_key }}" access_key_id: "{{ opentofu.scaleway_data.mimir_blocks.access_key }}"
secret_access_key: "{{ opentofu.scaleway_data.mimir_blocks.secret_key }}" secret_access_key: "{{ opentofu.scaleway_data.mimir_blocks.secret_key }}"
@ -149,7 +152,7 @@ lgtm_stack_compose:
networks: networks:
apps: apps:
aliases: aliases:
- lgtm_stack_alloy - lgtm_stack_alloy
default: default:
mimir: mimir:
@ -163,6 +166,6 @@ lgtm_stack_compose:
default: default:
apps: apps:
aliases: aliases:
- lgtm_stack_mimir - lgtm_stack_mimir
volumes: volumes:
grafana-data: grafana-data:

27
playbooks/roles/telegraf/tasks/main.yml
View file

@ -1,27 +0,0 @@
---
- name: Set common facts
ansible.builtin.import_tasks: tasks/set-default-facts.yml
- name: Deploy {{ role_name }}
vars:
svc: "{{ telegraf_svc }}"
env: "{{ telegraf_env }}"
compose: "{{ telegraf_compose }}"
block:
- name: Import prepare tasks for common service
ansible.builtin.import_tasks: tasks/prepare-common-service.yml
- name: Template config
ansible.builtin.template:
src: telegraf.conf.j2
dest: "{{ (service_path, 'telegraf.conf') | path_join }}"
mode: "0664"
register: cmd_result
- name: Set the docker force-recreate flag
ansible.builtin.set_fact:
docker_force_recreate: --force-recreate
when: cmd_result.changed # noqa: no-handler We need to handle the restart per service. Handlers don't support variables.
- name: Import start tasks for common service
ansible.builtin.import_tasks: tasks/start-common-service.yml

54
playbooks/roles/telegraf/templates/telegraf.conf.j2
View file

@ -1,54 +0,0 @@
[agent]
interval = "60s"
round_interval = true
metric_batch_size = 1000
metric_buffer_limit = 10000
collection_jitter = "0s"
flush_interval = "10s"
flush_jitter = "0s"
precision = ""
hostname = "{{ inventory_hostname }}"
omit_hostname = false
[[outputs.influxdb_v2]]
urls = ["{{ svc.influxdb.url }}"]
token = "{{ svc.influxdb.token }}"
organization = "{{ svc.influxdb.organization }}"
bucket = "{{ svc.influxdb.bucket }}"
[[inputs.prometheus]]
urls = [
{%- for host_data in opentofu.hosts.values() -%}
"https://{{ host_data.fqdn_vpn }}:2019/metrics",
{%- endfor -%}
]
[[inputs.prometheus]]
urls = [
{%- for url in svc.prometheus_unprotected.urls -%}
"{{ url }}",
{%- endfor -%}
]
[[inputs.prometheus]]
urls = [
{%- for url in svc.prometheus_protected.urls -%}
"{{ url }}",
{%- endfor -%}
]
bearer_token_string = "{{ svc.prometheus_protected.bearer_token }}"
[[inputs.postgresql]]
address = "postgres://{{ svc.postgresql.user }}:{{ svc.postgresql.pass }}@{{ svc.postgresql.host }}:{{ svc.postgresql.port }}/{{ svc.postgresql.database }}?sslmode=verify-full"
ignored_databases = ["postgres", "template0", "template1"]
prepared_statements = true
[[inputs.docker_log]]
endpoint = "{{ svc.docker_log.endpoint }}"
docker_label_include = [
"com.influxdata.telegraf.enable"
]
source_tag = {{ svc.docker_log.source_tag|lower }}

42
playbooks/roles/telegraf/vars/main.yml
View file

@ -1,42 +0,0 @@
---
telegraf_svc:
influxdb:
url: https://tick.serguzim.me
token: "{{ vault_telegraf.influxdb_token }}"
organization: serguzim.net
bucket: metrics
prometheus_unprotected:
urls:
- https://matrix.serguzim.me/_synapse/metrics
- https://push.serguzim.me/metrics
- https://tick.serguzim.me/metrics
- https://todo.serguzim.me/api/v1/metrics
prometheus_protected:
urls:
- https://ci.serguzim.me/metrics
- https://git.serguzim.me/metrics
bearer_token: "{{ vault_metrics_token }}"
postgresql:
host: "{{ postgres.host }}"
port: "{{ postgres.port }}"
user: "{{ opentofu.postgresql_data.telegraf.user }}"
pass: "{{ opentofu.postgresql_data.telegraf.pass }}"
database: "{{ opentofu.postgresql_data.telegraf.database }}"
docker_log:
endpoint: unix:///var/run/docker.sock
source_tag: false
telegraf_compose:
watchtower: false
image: telegraf:1.28
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./telegraf.conf:/etc/telegraf/telegraf.conf:ro
file:
services:
app:
user: telegraf
group_add:
- "972" # docker group on host
volumes:
data:

15
services.auto.tfvars
View file

@ -427,6 +427,14 @@ services = {
vpn = true vpn = true
} }
] ]
monitoring = {
url = "/api/health"
group = "7-support"
conditions = [
"DEFAULT",
"[BODY].database == ok"
]
}
auth = true auth = true
auth_redirects = ["https://monitoring.serguzim.me/login/generic_oauth"] auth_redirects = ["https://monitoring.serguzim.me/login/generic_oauth"]
database = true database = true
@ -701,13 +709,6 @@ services = {
s3 = false s3 = false
} }
"telegraf" = {
host = "node001"
auth = false
database = true
s3 = false
},
"tinytinyrss" = { "tinytinyrss" = {
host = "node001" host = "node001"
dns = [{ dns = [{