Initial commit: Ansible configuration for monitoring stack

Contains: - Production inventory (inventories/production/hosts) - VictoriaMetrics installation (playbooks/monitoring/install_victoriametrics.yml) - Vault setup and secrets management (playbooks/vault/) - Base system configuration (playbooks/infrastructure/) - Directory structure for monitoring components
2026-02-02 11:22:24 +00:00
commit 30d35bc401
12 changed files with 548 additions and 0 deletions
--- a/playbooks/vault/create_monitoring_secrets.yml
+++ b/playbooks/vault/create_monitoring_secrets.yml
@ -0,0 +1,68 @@
+---
+- name: Create monitoring secrets in Vault
+  hosts: localhost
+  connection: local
+  
+  vars:
+    vault_addr: "http://192.168.0.103:8200"
+    vault_token: "hvs.DhQx1U9igYhLfoUHIGtLgqs8"
+  
+  tasks:
+    - name: Create VictoriaMetrics secret
+      uri:
+        url: "{{ vault_addr }}/v1/secret/data/monitoring/victoriametrics"
+        method: POST
+        headers:
+          X-Vault-Token: "{{ vault_token }}"
+          Content-Type: application/json
+        body_format: json
+        body:
+          data:
+            host: "192.168.0.104"
+            port: "8428"
+            url: "http://192.168.0.104:8428"
+            retention_days: "30"
+            description: "VictoriaMetrics single instance"
+            
+    - name: Create Prometheus secret
+      uri:
+        url: "{{ vault_addr }}/v1/secret/data/monitoring/prometheus"
+        method: POST
+        headers:
+          X-Vault-Token: "{{ vault_token }}"
+          Content-Type: application/json
+        body_format: json
+        body:
+          data:
+            host: "192.168.0.105"
+            port: "9090"
+            scrape_interval: "30s"
+            
+    - name: Create Grafana secret
+      uri:
+        url: "{{ vault_addr }}/v1/secret/data/monitoring/grafana"
+        method: POST
+        headers:
+          X-Vault-Token: "{{ vault_token }}"
+          Content-Type: application/json
+        body_format: json
+        body:
+          data:
+            host: "192.168.0.106"
+            port: "3000"
+            admin_user: "admin"
+            admin_password: "admin123"
+            
+    - name: Verify secrets created
+      uri:
+        url: "{{ vault_addr }}/v1/secret/metadata"
+        method: LIST
+        headers:
+          X-Vault-Token: "{{ vault_token }}"
+        return_content: yes
+        validate_certs: no
+      register: secrets_list
+      
+    - name: Show created secrets
+      debug:
+        msg: "Secrets in Vault: {{ (secrets_list.content | from_json).data.keys }}"
--- a/playbooks/vault/setup_vault.yml
+++ b/playbooks/vault/setup_vault.yml
@ -0,0 +1,16 @@
+---
+- name: Setup HashiCorp Vault
+  hosts: 192.168.0.103
+  become: yes
+  
+  tasks:
+    - name: Check Vault status
+      uri:
+        url: http://localhost:8200/v1/sys/health
+        validate_certs: no
+      register: vault_status
+      ignore_errors: yes
+      
+    - name: Display Vault status
+      debug:
+        msg: "Vault status: {{ vault_status.status }}"