test: add forgejo workflow

.forgejo/workflows/molecule.yml

@@ -0,0 +1,18 @@
+---
+on: [push]
+jobs:
+  lint:
+    runs-on: docker
+    container:
+      image: code.waks.be/nishiki/molecule:docker
+    steps:
+      - uses: actions/checkout@v3
+      - run: ansible-lint .
+      - run: yamllint .
+  molecule:
+    runs-on: docker
+    container:
+      image: code.waks.be/nishiki/molecule:docker
+    steps:
+      - uses: actions/checkout@v3
+      - run: molecule test

.gitlab-ci.yml

@@ -0,0 +1,10 @@
+---
+image: nishiki/molecule:docker
+
+before_script:
+  - molecule --version
+
+molecule:
+  stage: test
+  script:
+    - molecule test

.yamllint

@@ -2,11 +2,11 @@
 extends: default
 
 ignore: |
-  .kitchen/*
+  .kitchen*
   vendor/
+  .forgejo/
 
 rules:
   line-length:
     max: 120
     level: warning
-  truthy: false

CHANGELOG.md

@@ -5,6 +5,22 @@ Which is based on [Keep A Changelog](http://keepachangelog.com/)
 
 ## Unreleased
 
+### Added
+
+- test: add support debian 12
+
+### Changed
+
+- test: use personal docker registry
+
+### Removed
+
+- test: removed support debian 10
+
+### Fixed
+
+- new grafana repository
+
 ## 1.1.0 - 2021-08-22
 
 ### Added

README.md

@@ -1,20 +1,21 @@
 # Ansible role: Grafana
 
-[![Version](https://img.shields.io/badge/latest_version-1.1.0-green.svg)](https://git.yaegashi.fr/nishiki/ansible-role-grafana/releases)
+[![Version](https://img.shields.io/badge/latest_version-1.1.0-green.svg)](https://code.waks.be/nishiki/ansible-role-grafana/releases)
-[![License](https://img.shields.io/badge/license-Apache--2.0-blue.svg)](https://git.yaegashi.fr/nishiki/ansible-role-sensu/src/branch/master/LICENSE)
+[![License](https://img.shields.io/badge/license-Apache--2.0-blue.svg)](https://code.waks.be/nishiki/ansible-role-sensu/src/branch/main/LICENSE)
+[![Build](https://code.waks.be/nishiki/ansible-role-grafana/actions/workflows/molecule.yml/badge.svg?branch=main)](https://code.waks.be/nishiki/ansible-role-grafana/actions?workflow=molecule.yml)
 
 Install and configure Grafana
 
 ## Requirements
 
-* Ansible >= 2.9
+- Ansible >= 2.9
-* Debian
+- Debian
-  * Buster
+  - Buster
-  * Bullseye
+  - Bullseye
 
 ## Role variables
 
-* `grafana_config` - hash with the grafana configuration (see [grafana documentation](http://docs.grafana.org/installation/configuration/))
+- `grafana_config` - hash with the grafana configuration (see [grafana documentation](http://docs.grafana.org/installation/configuration/))
 
 ```
   default:
@@ -24,8 +25,8 @@ Install and configure Grafana
     admin_password: secret
 ```
 
-* `grafana_ldap_config` - hash with ldap configuration (see [grafana with ldap](http://docs.grafana.org/auth/ldap/))
+- `grafana_ldap_config` - hash with ldap configuration (see [grafana with ldap](http://docs.grafana.org/auth/ldap/))
-* `grafana_plugins` - array with grafana plugins (see [grafana plugins](https://grafana.com/plugins))
+- `grafana_plugins` - array with grafana plugins (see [grafana plugins](https://grafana.com/plugins))
 
 ```
   - name: grafana-piechart-panel
@@ -35,6 +36,14 @@ Install and configure Grafana
     url: https://github.com/sensu/grafana-sensu-go-datasource/releases/download/1.0.2/sensu-sensugo-datasource-1.0.2.zip
 ```
 
+- `grafana_proxy_url` - set an URL proxy for outbound http and https requests
+- `grafana_proxy_ignore` - array with subnets or hosts to ignore
+
+```
+  - localhost
+  - 10.0.0.0/8
+```
+
 ## How to use
 
 ```
@@ -47,10 +56,10 @@ Install and configure Grafana
 
 ### Test with molecule and docker
 
-* install [docker](https://docs.docker.com/engine/installation/)
+- install [docker](https://docs.docker.com/engine/installation/)
-* install `python3` and `python3-pip`
+- install `python3` and `python3-pip`
-* install molecule and dependencies `pip3 install molecule molecule-docker docker ansible-lint pytest-testinfra yamllint`
+- install molecule and dependencies `pip3 install molecule molecule-docker docker ansible-lint pytest-testinfra yamllint`
-* run `molecule test`
+- run `molecule test`
 
 ## License
 

defaults/main.yml

@@ -2,3 +2,4 @@
 grafana_config: {}
 grafana_ldap_config: {}
 grafana_plugins: []
+grafana_proxy_ignore: []

handlers/main.yml

@@ -1,5 +1,5 @@
 ---
-- name: restart grafana
+- name: Restart grafana
   ansible.builtin.service:
     name: grafana-server
     state: restarted

meta/main.yml

@@ -1,17 +1,18 @@
 ---
 galaxy_info:
   role_name: grafana
+  namespace: nishiki
   author: Adrien Waksberg
   company: Adrien Waksberg
   description: Install and configure Grafana
   license: Apache2
-  min_ansible_version: 2.9
+  min_ansible_version: "2.9"
 
   platforms:
     - name: Debian
       versions:
-        - buster
         - bullseye
+        - bookworm
 
   galaxy_tags:
     - dashboard

molecule/default/molecule.yml

@@ -2,19 +2,21 @@
 driver:
   name: docker
 platforms:
-  - name: debian10
+  - name: debian12
-    image: nishiki/debian10:molecule
+    image: code.waks.be/nishiki/molecule:debian12
     privileged: true
     volumes:
-      - /sys/fs/cgroup:/sys/fs/cgroup:ro
+      - /sys/fs/cgroup:/sys/fs/cgroup:rw
+    cgroupns_mode: host
     command: /bin/systemd
     capabilities:
       - SYS_ADMIN
   - name: debian11
-    image: nishiki/debian11:molecule
+    image: code.waks.be/nishiki/molecule:debian11
     privileged: true
     volumes:
-      - /sys/fs/cgroup:/sys/fs/cgroup:ro
+      - /sys/fs/cgroup:/sys/fs/cgroup:rw
+    cgroupns_mode: host
     command: /bin/systemd
     capabilities:
       - SYS_ADMIN

molecule/default/tests/test_default.py

@@ -16,6 +16,15 @@ def test_config_file(host):
   assert path.contains('[security]')
   assert path.contains('admin_user = "sysadmin"')
 
+def test_default_config_file(host):
+  path = host.file('/etc/default/grafana-server')
+  assert path.exists
+  assert path.is_file
+  assert path.user == 'root'
+  assert path.group == 'root'
+  assert path.mode == 0o644
+  assert path.contains('LOG_DIR=/var/log/grafana')
+
 def test_ldap_config_file(host):
   path = host.file('/etc/grafana/ldap.toml')
   assert path.exists

tasks/main.yml

@@ -1,81 +1,87 @@
 ---
-- name: install dependencies packages
+- name: Install dependencies packages
   ansible.builtin.package:
     name:
       - apt-transport-https
       - gpg
       - unzip
-  retries: 2
-  register: result
-  until: result is succeeded
   tags: grafana
 
-- name: add repository key
+- name: Add repository key
-  ansible.builtin.apt_key:
+  ansible.builtin.get_url:
-    url: https://packages.grafana.com/gpg.key
+    url: https://apt.grafana.com/gpg.key
-  retries: 2
+    dest: /usr/share/keyrings/grafana.key
-  register: result
+    owner: root
-  until: result is succeeded
+    group: root
+    mode: 0644
   tags: grafana
 
-- name: add repository
+- name: Add repository
   ansible.builtin.apt_repository:
-    repo: deb https://packages.grafana.com/oss/deb stable main
+    repo: deb [signed-by=/usr/share/keyrings/grafana.key] https://apt.grafana.com stable main
+    filename: grafana
   tags: grafana
 
-- name: install grafana package
+- name: Install grafana package
   ansible.builtin.package:
     name:
       - grafana
-  retries: 2
-  register: result
-  until: result is succeeded
   tags: grafana
 
-- name: copy configuration file
+- name: Copy default environment variables file
+  ansible.builtin.template:
+    src: default.j2
+    dest: /etc/default/grafana-server
+    owner: root
+    group: root
+    mode: 0644
+  notify: Restart grafana
+  tags: grafana
+
+- name: Copy configuration file
   ansible.builtin.template:
     src: grafana.ini.j2
     dest: /etc/grafana/grafana.ini
     owner: root
     group: grafana
     mode: 0640
-  notify: restart grafana
+  notify: Restart grafana
   tags: grafana
 
-- name: copy ldap configuration file
+- name: Copy ldap configuration file
   ansible.builtin.template:
     src: ldap.toml.j2
     dest: /etc/grafana/ldap.toml
     owner: root
     group: grafana
     mode: 0640
-  notify: restart grafana
+  notify: Restart grafana
   tags: grafana
 
-- name: install official plugins
+- name: Install official plugins
   community.grafana.grafana_plugin:
-    name: '{{ item.name }}'
+    name: "{{ item.name }}"
-    version: '{{ item.version|default("latest") }}'
+    version: "{{ item.version | default('latest') }}"
-    state: '{{ item.state|default("present") }}'
+    state: "{{ item.state | default('present') }}"
-  loop: '{{ grafana_plugins|selectattr("url", "undefined") }}'
+  loop: "{{ grafana_plugins | selectattr('url', 'undefined') }}"
   loop_control:
-    label: '{{ item.name }}'
+    label: "{{ item.name }}"
-  notify: restart grafana
+  notify: Restart grafana
   tags: grafana
 
-- name: install unofficial plugins
+- name: Install unofficial plugins
   community.grafana.grafana_plugin:
-    name: '{{ item.name }}'
+    name: "{{ item.name }}"
-    grafana_plugin_url: '{{ item.url }}'
+    grafana_plugin_url: "{{ item.url }}"
-    version: '{{ item.version|default("latest") }}'
+    version: "{{ item.version | default('latest') }}"
-    state: '{{ item.state|default("present") }}'
+    state: "{{ item.state | default('present') }}"
-  loop: '{{ grafana_plugins|selectattr("url", "defined") }}'
+  loop: "{{ grafana_plugins | selectattr('url', 'defined') }}"
   loop_control:
-    label: '{{ item.name }}'
+    label: "{{ item.name }}"
-  notify: restart grafana
+  notify: Restart grafana
   tags: grafana
 
-- name: enable and start service
+- name: Enable and start service
   ansible.builtin.service:
     name: grafana-server
     state: started

templates/default.j2

@@ -0,0 +1,18 @@
+# {{ ansible_managed }}
+
+GRAFANA_HOME=/usr/share/grafana
+LOG_DIR=/var/log/grafana
+DATA_DIR=/var/lib/grafana
+MAX_OPEN_FILES=10000
+CONF_DIR=/etc/grafana
+CONF_FILE=/etc/grafana/grafana.ini
+RESTART_ON_UPGRADE=true
+PLUGINS_DIR=/var/lib/grafana/plugins
+PROVISIONING_CFG_DIR=/etc/grafana/provisioning
+PID_FILE_DIR=/run/grafana
+{% if grafana_proxy_url is defined %}
+
+https_proxy={{ grafana_proxy_url }}
+http_proxy={{ grafana_proxy_url }}
+no_proxy={{ grafana_proxy_ignore|join(',') }}
+{% endif %}