--- - name: Include dockerhost vars include_vars: dir: ../../dockerhost/vars - name: Include grafana vars include_vars: dir: vars - name: Ensure grafana directories file: name: "{{ item }}" state: directory owner: "{{ docker_data_user_name }}" group: "{{ docker_data_user_name }}" loop: - "{{ grafana_data_directory }}" - "{{ grafana_config_directory }}" # We need these directories in later posts ;-) - name: Ensure grafana config directories file: name: "{{ item }}" state: directory owner: "{{ docker_data_user_name }}" group: "{{ docker_data_user_name }}" loop: - "{{ grafana_config_directory }}/provisioning/access-control" - "{{ grafana_config_directory }}/provisioning/dashboards" - "{{ grafana_config_directory }}/provisioning/datasources" - "{{ grafana_config_directory }}/provisioning/notifiers" - "{{ grafana_config_directory }}/provisioning/plugins" - name: Copy grafana config template: src: files/grafana.ini dest: "{{ grafana_config_directory }}/grafana.ini" register: copy_grafana_configuration - name: Ensure grafana container docker_container: name: grafana image: grafana/grafana:8.2.6 networks: # Our internal network again. Here Traefik will discover it - name: internal networks_cli_compatible: yes volumes: - "{{ grafana_data_directory }}:/var/lib/grafana" - "{{ grafana_config_directory }}:/etc/grafana" user: "{{ docker_data_uid }}:{{ docker_data_uid }}" restart_policy: unless-stopped restart: "{{ copy_grafana_configuration.changed }}" labels: # What URL Grafana shall run on traefik.http.routers.grafana.rule: "Host(`{{ ansible_host }}`) && PathPrefix(`/grafana`)" # Grafana doesn't like a prefix in requests, so we remove it traefik.http.middlewares.grafana-prefix.stripprefix.prefixes: "/grafana" # Compress responses to save bandwidth traefik.http.middlewares.grafana-compression.compress: "true" # We want port 443 traefik.http.routers.grafana.entrypoints: "websecure" # And of course SSL traefik.http.routers.grafana.tls: "true" # This line tells Traefik to fetch a certificate using the ACME resolver traefik.http.routers.grafana.tls.certresolver: letsEncryptResolver # Here we just switch on the two middlewares configured above traefik.http.routers.grafana.middlewares: "grafana-prefix,grafana-compression" # This is where Traefik will send the requests to traefik.http.services.grafana.loadbalancer.server.port: "3000" ...