From 47213230f4f63f80351cfd00caaea03c1362188c Mon Sep 17 00:00:00 2001
From: Slavi Pantaleev <slavi@devture.com>
Date: Mon, 20 Mar 2023 19:14:45 +0200
Subject: [PATCH] Add Grafana service

---
 docs/services/grafana.md    | 96 +++++++++++++++++++++++++++++++++++++
 docs/services/prometheus.md |  2 +-
 docs/supported-services.md  |  1 +
 group_vars/mash_servers     | 39 +++++++++++++++
 requirements.yml            |  3 ++
 setup.yml                   |  2 +
 6 files changed, 142 insertions(+), 1 deletion(-)
 create mode 100644 docs/services/grafana.md

diff --git a/docs/services/grafana.md b/docs/services/grafana.md
new file mode 100644
index 0000000..4fd97ba
--- /dev/null
+++ b/docs/services/grafana.md
@@ -0,0 +1,96 @@
+# Grafana
+
+[Grafana](https://grafana.com/) is an open and composable observability and data visualization platform, often used with [Prometheus](prometheus.md).
+
+
+## Dependencies
+
+This service requires the following other services:
+
+- a [Traefik](traefik.md) reverse-proxy server
+
+
+## Configuration
+
+To enable this service, add the following configuration to your `vars.yml` file and re-run the [installation](../installing.md) process:
+
+```yaml
+########################################################################
+#                                                                      #
+# grafana                                                              #
+#                                                                      #
+########################################################################
+
+grafana_enabled: true
+
+grafana_hostname: mash.example.com
+grafana_path_prefix: /grafana
+
+grafana_default_admin_user: admin
+# Generating a strong password (e.g. `pwgen -s 64 1`) is recommended
+grafana_default_admin_password: ''
+
+########################################################################
+#                                                                      #
+# /grafana                                                             #
+#                                                                      #
+########################################################################
+```
+
+In the example configuration above, we configure the service to be hosted at `https://mash.example.com/grafana`.
+
+You can remove the `grafana_path_prefix` variable definition, to make it default to `/`, so that the service is served at `https://mash.example.com/`.
+
+### Configuring data sources
+
+Grafana is merely a visualization tool. It needs to pull data from a metrics (time-series) database, like [Prometheus](prometheus.md).
+
+You can add multiple data sources to Grafana.
+
+#### Integrating with a local Prometheus instance
+
+If you're installing [Prometheus](prometheus.md) on the same server, you can hook Grafana to it over the container network with the following **additional** configuration:
+
+```yaml
+grafana_provisioning_datasources:
+  - name: Prometheus
+    type: prometheus
+    access: proxy
+    url: "http://{{ prometheus_identifier }}:9090"
+
+# Prometheus runs in another container network, so we need to connect to it.
+grafana_container_additional_networks_additional:
+  - "{{ prometheus_container_network }}"
+```
+
+For connecting to a **remote** Prometheus instance, you may need to adjust this configuration somehow.
+
+
+### Integrating with Prometheus Node Exporter
+
+If you've installed [Prometheus Node Exporter](prometheus-node-exporter.md) on any host (target) scraped by Prometheus, you may wish to install a dashboard for Prometheus Node Exporter.
+
+The Prometheus Node Exporter role exposes a list of URLs containing dashboards (JSON files) in its `prometheus_node_exporter_dashboard_urls` variable.
+
+You can add this **additional** configuration to make the Grafana service pull these dashboards:
+
+```yaml
+grafana_dashboard_download_urls: |
+  {{
+    prometheus_node_exporter_dashboard_urls
+  }}
+```
+
+
+## Usage
+
+After installation, you should be able to access your new Gitea instance at the configured URL (see above).
+
+Going there, you'll be taken to the initial setup wizard, which will let you assign some paswords and other configuration.
+
+
+## Recommended other services
+
+Grafana is just a visualization tool which requires pulling data from a metrics (time-series) database like.
+
+You may be interested in combining it with [Prometheus](prometheus.md).
diff --git a/docs/services/prometheus.md b/docs/services/prometheus.md
index 0b2776d..b890246 100644
--- a/docs/services/prometheus.md
+++ b/docs/services/prometheus.md
@@ -74,4 +74,4 @@ If you're scraping others services running in containers over the container netw
 
 ## Recommended other services
 
-You may also wish to look into **Grafana** - soon to be supported by this playbook.
+To visualize your Prometheus metrics (time-series), you may wish to use a tool like [Grafana](grafana.md).
diff --git a/docs/supported-services.md b/docs/supported-services.md
index 6a00af6..352908b 100644
--- a/docs/supported-services.md
+++ b/docs/supported-services.md
@@ -9,6 +9,7 @@
 | [Docker Registry Browser](https://github.com/klausmeyer/docker-registry-browser) | Web Interface for the Docker Registry HTTP API V2 written in Ruby on Rails | [Link](services/docker-registry-browser.md) |
 | [Docker Registry Purger](https://github.com/devture/docker-registry-purger) | A small tool used for purging a private Docker Registry's old tags | [Link](services/docker-registry-purger.md) |
 | [Gitea](https://gitea.io/) | A painless self-hosted Git service. | [Link](services/gitea.md) |
+| [Grafana](https://grafana.com/) | An open and composable observability and data visualization platform, often used with [Prometheus](services/prometheus.md) | [Link](services/grafana.md) |
 | [Focalboard](https://www.focalboard.com/) | An open source, self-hosted alternative to [Trello](https://trello.com/), [Notion](https://www.notion.so/), and [Asana](https://asana.com/). | [Link](services/focalboard.md) |
 | [Miniflux](https://miniflux.app/) | Minimalist and opinionated feed reader. | [Link](services/miniflux.md) |
 | [Nextcloud](https://nextcloud.com/) | The most popular self-hosted collaboration solution for tens of millions of users at thousands of organizations across the globe. | [Link](services/nextcloud.md) |
diff --git a/group_vars/mash_servers b/group_vars/mash_servers
index 7fe108c..e52ef65 100644
--- a/group_vars/mash_servers
+++ b/group_vars/mash_servers
@@ -89,6 +89,8 @@ devture_systemd_service_manager_services_list_auto: |
     +
     ([{'name': (gitea_identifier + '.service'), 'priority': 2000, 'groups': ['mash', 'gitea', 'gitea-server']}] if gitea_enabled else [])
     +
+    ([{'name': (grafana_identifier + '.service'), 'priority': 2000, 'groups': ['mash', 'grafana']}] if grafana_enabled else [])
+    +
     ([{'name': (nextcloud_identifier + '-server.service'), 'priority': 2000, 'groups': ['mash', 'nextcloud', 'nextcloud-server']}] if nextcloud_enabled else [])
     +
     ([{'name': (nextcloud_identifier + '-cron.timer'), 'priority': 2500, 'groups': ['mash', 'nextcloud', 'nextcloud-cron']}] if nextcloud_enabled else [])
@@ -584,6 +586,43 @@ gitea_config_database_password: "{{ '%s' | format(mash_playbook_generic_secret_k
 
 
 
+########################################################################
+#                                                                      #
+# grafana                                                              #
+#                                                                      #
+########################################################################
+
+grafana_enabled: false
+
+grafana_identifier: "{{ mash_playbook_service_identifier_prefix }}grafana"
+
+grafana_base_path: "{{ mash_playbook_base_path }}/grafana"
+
+grafana_uid: "{{ mash_playbook_uid }}"
+grafana_gid: "{{ mash_playbook_gid }}"
+
+grafana_container_additional_networks: "{{ grafana_container_additional_networks_reverse_proxy + grafana_container_additional_networks_additional }}"
+
+grafana_container_additional_networks_reverse_proxy: |
+  {{
+    ([mash_playbook_reverse_proxyable_services_additional_network] if mash_playbook_reverse_proxyable_services_additional_network else [])
+  }}
+
+grafana_container_additional_networks_additional: []
+
+grafana_container_labels_traefik_enabled: "{{ mash_playbook_traefik_labels_enabled }}"
+grafana_container_labels_traefik_docker_network: "{{ mash_playbook_reverse_proxyable_services_additional_network }}"
+grafana_container_labels_traefik_entrypoints: "{{ devture_traefik_entrypoint_primary }}"
+grafana_container_labels_traefik_tls_certResolver: "{{ devture_traefik_certResolver_primary }}"
+
+########################################################################
+#                                                                      #
+# /grafana                                                             #
+#                                                                      #
+########################################################################
+
+
+
 ########################################################################
 #                                                                      #
 # miniflux                                                             #
diff --git a/requirements.yml b/requirements.yml
index baa5b4a..63367f8 100644
--- a/requirements.yml
+++ b/requirements.yml
@@ -54,6 +54,9 @@
 - src: git+https://gitlab.com/etke.cc/roles/miniflux.git
   version: v2.0.43-1
 
+- src: git+https://gitlab.com/etke.cc/roles/grafana.git
+  version: v9.4.3-0
+
 - src: git+https://gitlab.com/etke.cc/roles/radicale.git
   version: v3.1.8.1-1
 
diff --git a/setup.yml b/setup.yml
index c0220cc..7af7b01 100644
--- a/setup.yml
+++ b/setup.yml
@@ -64,6 +64,8 @@
 
     - role: galaxy/gitea
 
+    - role: galaxy/grafana
+
     - role: galaxy/miniflux
 
     - role: galaxy/nextcloud