Skip to content

darsonbjf/ansible-observability-stack-template

Repository files navigation

Ansible Observability Stack Template

Validate Ansible Observability Template License: MIT Ansible

Public-safe Ansible template for deploying a Docker Compose observability stack with Prometheus, Grafana, Loki, Promtail, Tempo, OpenTelemetry Collector, Alertmanager and Blackbox Exporter.

This repository is a sanitized portfolio/template version. It does not contain real credentials, internal hosts, private registry URLs, production webhooks or organization-specific infrastructure data.

What It Demonstrates

  • Role-based Ansible project structure.
  • Docker Compose observability stack deployment.
  • Prometheus scraping and alert rule provisioning.
  • Alertmanager webhook routing with placeholder endpoints.
  • Grafana datasource provisioning for Prometheus, Loki and Tempo.
  • Logs with Loki and Promtail.
  • Traces with Tempo and OpenTelemetry Collector.
  • Blackbox probing for HTTP/TCP checks.
  • Public-safe inventory and configuration defaults.
  • GitHub Actions validation with YAML linting and Ansible syntax check.
  • Backstage TechDocs-ready metadata.

Stack

  • Prometheus
  • Grafana
  • Loki
  • Promtail
  • Tempo
  • OpenTelemetry Collector
  • Alertmanager
  • Blackbox Exporter

Layout

.
├── group_vars              # Shared public-safe defaults
├── inventories             # Example Ansible inventory
├── playbooks               # Main deployment playbook
├── roles                   # Local Ansible roles for the observability stack
├── docs                    # TechDocs content
├── ansible.cfg             # Local Ansible configuration
├── deploy.sh               # Deployment helper
└── Makefile                # Validation and deploy shortcuts

Quick Start

Install requirements:

make install

Run local validation:

make syntax

Run the deployment against your configured inventory:

make deploy

To use this with a real host, replace the reserved documentation address in inventories/inventory.yml, keep secrets outside Git, and provide become credentials through Ansible Vault or --ask-become-pass.

Configuration

Shared defaults live in group_vars/all.yml.

Important variables:

  • observability_base_dir: target directory for generated configuration and Compose files.
  • grafana_admin_user: Grafana admin user.
  • grafana_admin_password_env: Docker Compose expression for the Grafana admin password.
  • grafana_root_url: public URL configured in Grafana.
  • alertmanager_default_webhook_url: placeholder webhook for general alerts.
  • alertmanager_certificate_webhook_url: placeholder webhook for certificate alerts.
  • cert_endpoint_exporter_enabled: enables an optional certificate endpoint exporter.
  • falcosidekick_enabled: enables optional Falcosidekick forwarding.

Security Notes

  • Do not commit real hostnames, IPs, passwords, private keys or webhook URLs.
  • Keep GRAFANA_ADMIN_PASSWORD in the target environment or a secret manager.
  • Use Ansible Vault for sensitive variables.
  • Review generated Docker Compose files before applying to production.
  • This public repository was created from a clean export, without the original private Git history.

Documentation

License

MIT License.

About

Public-safe Ansible template for a Docker Compose observability stack with Prometheus, Grafana, Loki, Tempo, OpenTelemetry Collector and Alertmanager.

Topics

Resources

License

Security policy

Stars

0 stars

Watchers

0 watching

Forks

Packages

 
 
 

Contributors