Open port 9090 to allow hitting the prometheus instance (#317)

* add a monitoring group for better hosts distinction * run prometheus with TLS * add prometheus connections nftables config
author: Amrou Bellalouna <[email protected]> 2024-05-27 22:44:20 +0200
committer: GitHub <[email protected]> 2024-05-27 22:44:20 +0200
commit: 7f667d29df62372c195f565948fed50978b7448a (patch)
tree: ae14fa3e68affdf85d4565ca2b11ba4e56780e34 /ansible/roles
parent: Group and deploy certificates per target host (#316) (diff)
1 files changed, 15 insertions, 1 deletions
diff --git a/ansible/roles/prometheus/tasks/main.yml b/ansible/roles/prometheus/tasks/main.yml
index a4565a1..c8ba53f 100644
--- a/ansible/roles/prometheus/tasks/main.yml
+++ b/ansible/roles/prometheus/tasks/main.yml
@@ -18,7 +18,7 @@
   notify:
     - Restart the prometheus service
 
-- name: Configure prometheus
+- name: Deploy prometheus general config
   copy:
     content: |
       # Ansible managed
@@ -32,6 +32,20 @@
   notify:
     - Reload the prometheus service
 
+- name: Deploy prometheus web server config
+  copy:
+    content: |
+      # Ansible managed
+      {{ prometheus_web_configuration | to_nice_yaml }}
+    dest: /etc/prometheus/web_config.yml
+    owner: prometheus
+    group: prometheus
+    mode: "0400"
+  tags:
+    - role::prometheus
+  notify:
+    - Reload the prometheus service
+
 - name: Configure prometheus rules
   copy:
     content: |
author	Amrou Bellalouna <[email protected]>	2024-05-27 22:44:20 +0200
committer	GitHub <[email protected]>	2024-05-27 22:44:20 +0200
commit	7f667d29df62372c195f565948fed50978b7448a (patch)
tree	ae14fa3e68affdf85d4565ca2b11ba4e56780e34 /ansible/roles
parent	Group and deploy certificates per target host (#316) (diff)