ansible-role-prometheus_nod.../tasks/configure_prometheus_exporters_external.yml

---
- name: Ensure UFW is enabled and accepting HTTPS traffic
  ufw:
    state: enabled
    policy: deny
    rule: allow
    to_port: '443'

- name: Ensure UFW is enabled and accepting HTTP traffic
  ufw:
    state: enabled
    policy: deny
    rule: allow
    to_port: '80'


- name: Ensure the document root exists for node exporter
  file:
    path: "/var/www/node-metrics-{{ ansible_fqdn }}/"
    state: directory
    owner: www-data
- name: Ensure the document root exists postfixnode exporter
  file:
    path: "/var/www/postfix-metrics-{{ ansible_fqdn }}/"
    state: directory
    owner: www-data
- name: Enable the Apache2 SSL module
  community.general.apache2_module:
    state: present
    name: ssl
- name: Enable the Apache2 rewrite module
  community.general.apache2_module:
    state: present
    name: rewrite
- name: Enable the Apache2 authnz_external module
  community.general.apache2_module:
    state: present
    name: authnz_external
- name: Enable the Apache2 proxy module
  community.general.apache2_module:
    state: present
    name: proxy
- name: Enable the Apache2 proxy_http module
  community.general.apache2_module:
    state: present
    name: proxy_http
- name: Enable the Apache2 proxy_wstunnel module
  community.general.apache2_module:
    state: present
    name: proxy_wstunnel
- name: Enable the Apache2 authnz_external module
  community.general.apache2_module:
    state: present
    name: authnz_external
# Add DNS entries in OVH
- name: Check if certificates exist
  stat:
    path: "/etc/letsencrypt/live/node-metrics-{{ ansible_fqdn }}/fullchain.pem"
  register: node_certificate
- name: Request certificates for node and postfix
  include_tasks: configure_prometheus_exporters_certificates.yml
  when: not node_certificate.stat.exists
- name: Ensure virtual hosts configuration is deployed
  template:
    src: templates/apache2.conf.j2
    dest: /etc/apache2/sites-available/25-metrics-exporters.conf
    backup: yes
- name: Ensure virtual hosts configuration is enabled
  file:
    dest: /etc/apache2/sites-enabled/25-metrics-exporters.conf
    src: /etc/apache2/sites-available/25-metrics-exporters.conf
    state: link

- name: Start Apache2 after request certificate
  service:
    name: apache2
    state: started
Initial commit with previous code 2022-10-11 09:19:07 +02:00			`---`
			`- name: Ensure UFW is enabled and accepting HTTPS traffic`
			`ufw:`
			`state: enabled`
			`policy: deny`
			`rule: allow`
			`to_port: '443'`

			`- name: Ensure UFW is enabled and accepting HTTP traffic`
			`ufw:`
			`state: enabled`
			`policy: deny`
			`rule: allow`
			`to_port: '80'`


			`- name: Ensure the document root exists for node exporter`
			`file:`
			`path: "/var/www/node-metrics-{{ ansible_fqdn }}/"`
			`state: directory`
			`owner: www-data`
			`- name: Ensure the document root exists postfixnode exporter`
			`file:`
			`path: "/var/www/postfix-metrics-{{ ansible_fqdn }}/"`
			`state: directory`
			`owner: www-data`
			`- name: Enable the Apache2 SSL module`
			`community.general.apache2_module:`
			`state: present`
			`name: ssl`
			`- name: Enable the Apache2 rewrite module`
			`community.general.apache2_module:`
			`state: present`
			`name: rewrite`
			`- name: Enable the Apache2 authnz_external module`
			`community.general.apache2_module:`
			`state: present`
			`name: authnz_external`
			`- name: Enable the Apache2 proxy module`
			`community.general.apache2_module:`
			`state: present`
			`name: proxy`
			`- name: Enable the Apache2 proxy_http module`
			`community.general.apache2_module:`
			`state: present`
			`name: proxy_http`
			`- name: Enable the Apache2 proxy_wstunnel module`
			`community.general.apache2_module:`
			`state: present`
			`name: proxy_wstunnel`
			`- name: Enable the Apache2 authnz_external module`
			`community.general.apache2_module:`
			`state: present`
			`name: authnz_external`
			`# Add DNS entries in OVH`
			`- name: Check if certificates exist`
			`stat:`
			`path: "/etc/letsencrypt/live/node-metrics-{{ ansible_fqdn }}/fullchain.pem"`
			`register: node_certificate`
			`- name: Request certificates for node and postfix`
			`include_tasks: configure_prometheus_exporters_certificates.yml`
			`when: not node_certificate.stat.exists`
			`- name: Ensure virtual hosts configuration is deployed`
			`template:`
			`src: templates/apache2.conf.j2`
			`dest: /etc/apache2/sites-available/25-metrics-exporters.conf`
			`backup: yes`
			`- name: Ensure virtual hosts configuration is enabled`
			`file:`
			`dest: /etc/apache2/sites-enabled/25-metrics-exporters.conf`
			`src: /etc/apache2/sites-available/25-metrics-exporters.conf`
			`state: link`

			`- name: Start Apache2 after request certificate`
			`service:`
			`name: apache2`
			`state: started`