Ajout authentification et tls sur nodeexporter

defaults/main.yml

@@ -1 +1,2 @@
 docker_nodeexporter_port: "9100"
+docker_nodeexporter_enable_tlsauth: false

tasks/main.yml

@@ -3,13 +3,17 @@
     path: /opt/{{ docker_nodeexporter_service_id }}/
     state: directory
 
-- name: Prepare config
+- name: Prepare docker-compose.yml
   ansible.builtin.template:
-    src: "{{ item }}"
+    src: docker-compose.yml
     dest: /opt/{{ docker_nodeexporter_service_id }}/
-  with_items:
-    - docker-compose.yml
-    - config.yml
+  notify: docker-compose-up
+
+- name: Prepare config.yml
+  ansible.builtin.template:
+    src: config.yml
+    dest: /opt/{{ docker_nodeexporter_service_id }}/
+  when: docker_nodeexporter_enable_tlsauth
   notify: docker-compose-up
 
 - name: Copie le certificat pour tls
@@ -23,6 +27,7 @@
     group: root
   notify:
     - docker-compose-up
+  when: docker_nodeexporter_enable_tlsauth
 
 - name: Copie la clé pour tls
   ansible.builtin.get_url:
@@ -35,3 +40,4 @@
     group: root
   notify:
     - docker-compose-up
+  when: docker_nodeexporter_enable_tlsauth

templates/docker-compose.yml

@@ -8,15 +8,19 @@ services:
       - /proc:/host/proc:ro
       - /sys:/host/sys:ro
       - /:/rootfs:ro
+{% if docker_nodeexporter_enable_tlsauth %}
       - ./config.yml:/config.yml
       - ./key.pem:/key.pem
       - ./cert.pem:/cert.pem
+{% endif %}
     command:
       - '--path.procfs=/host/proc'
       - '--path.rootfs=/rootfs'
       - '--path.sysfs=/host/sys'
       - '--collector.filesystem.mount-points-exclude=^/(sys|proc|dev|host|etc|run)($$|/)'
+{% if docker_nodeexporter_enable_tlsauth %}
       - '--web.config.file=/config.yml'
+{% endif %}
     restart: always
     labels:
       org.label-schema.group: "monitoring"