7 changed files with 0 additions and 122 deletions
--- a/roles/ceph/templates/nftables.conf.j2
+++ b/roles/ceph/templates/nftables.conf.j2
@ -42,10 +42,6 @@ table inet filter {
            packet-too-big, parameter-problem, time-exceeded,
        } accept comment "accept some ICMPv6"

-        iif mgmt0 ip6 hoplimit 255 ip6 nexthdr icmpv6 icmpv6 type {
-            nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert
-        } accept comment "accept IPv6 neighbor discovery"
-
        # BGP / BFD sessions
        iif lan0 ip6 saddr fe80::/64 accept
        iif lan1 ip6 saddr fe80::/64 accept
--- a/roles/telegraf/handlers/main.yml
+++ b/roles/telegraf/handlers/main.yml
@ -1,10 +0,0 @@
- name: update package cache
-  package:
-    update_cache: yes
-  when: "'handler' not in ansible_skip_tags"
-
- name: restart telegraf
-  service:
-    name: telegraf
-    state: restarted
-  when: "'handler' not in ansible_skip_tags"
--- a/roles/telegraf/tasks/debian.yml
+++ b/roles/telegraf/tasks/debian.yml
@ -1,31 +0,0 @@
- name: Add influxdb repository
-  deb822_repository:
-    name: influxdata
-    uris: https://repos.influxdata.com/debian
-    suites: stable
-    components: main
-    architectures: amd64
-    signed_by: https://repos.influxdata.com/influxdata-archive.key
-  notify: update package cache
-
- meta: flush_handlers
-
- name: Install telegraf
-  package:
-    name: telegraf
-
- name: Configure telegraf
-  when: not ansible_check_mode
-  template:
-    dest: /etc/telegraf/telegraf.d/output.conf
-    src: output.conf.j2
-    owner: telegraf
-    group: telegraf
-    mode: 0640
-  notify: restart telegraf
-
- name: Enable telegraf
-  service:
-    name: telegraf
-    enabled: true
-    state: started
--- a/roles/telegraf/tasks/main.yml
+++ b/roles/telegraf/tasks/main.yml
@ -1,11 +0,0 @@
- name: Get influxdb info
-  set_fact:
-    influxdb_info: '{{ lookup("passwordstore", "vm/"~influxdb_host, returnall=true, missing="empty") | from_yaml }}'
-
- name: Create influxdb token for this host
-  include_tasks: token.yml
-  when: 'not ansible_check_mode and "influxdb_token" not in password'
-
- name: Install telegraf on Debian
-  include_tasks: debian.yml
-  when: ansible_os_family == "Debian"
--- a/roles/telegraf/tasks/token.yml
+++ b/roles/telegraf/tasks/token.yml
@ -1,53 +0,0 @@
- name: Get influxdb organization ID
-  delegate_to: localhost
-  uri:
-    url: '{{ influxdb_info.influxdb_url }}/api/v2/orgs'
-    headers:
-      Authorization: Token {{ influxdb_info.influxdb_operator_token }}
-  register: response
-
- name: Parse influxdb orgID
-  set_fact:
-    influxdb_orgID: '{{ response.json.orgs | selectattr("name", "==", influxdb_info.influxdb_org) | map(attribute="id") | first }}'
-
- name: Get influxdb bucket ID
-  delegate_to: localhost
-  uri:
-    url: '{{ influxdb_info.influxdb_url }}/api/v2/buckets?orgID={{ influxdb_orgID }}'
-    headers:
-      Authorization: Token {{ influxdb_info.influxdb_operator_token }}
-  register: response
-
- name: Parse influxdb bucketID
-  set_fact:
-    influxdb_bucketID: '{{ response.json.buckets | selectattr("name", "==", "servers") | map(attribute="id") | first }}'
-
- name: Create influxdb token
-  delegate_to: localhost
-  uri:
-    url: '{{ influxdb_info.influxdb_url }}/api/v2/authorizations'
-    method: POST
-    body_format: json
-    status_code: 201
-    headers:
-      Authorization: Token {{ influxdb_info.influxdb_operator_token }}
-      Content-Type: application/json
-    body: |
-      {
-        "description": "{{ inventory_hostname }}",
-        "orgID": "{{ influxdb_orgID }}",
-        "permissions": [{ "action": "write", "resource": { "type": "buckets", "id": "{{ influxdb_bucketID }}" } }]
-      }
-  register: response
-
- name: Parse influxdb token
-  set_fact:
-    influxdb_token: '{{ response.json.token }}'
-
-# Ansible’s passwordstore lookup plugin should be able to do that but is pretty broken,
-# so we do it manually.
- name: Store influxdb token in password store
-  delegate_to: localhost
-  command:
-    cmd: 'pass insert --force --multiline {{ ("vm/" if is_virtual else "host/")~inventory_hostname }}'
-    stdin: '{{ password | to_nice_yaml(sort_keys=false) }}influxdb_token: {{ influxdb_token }}'
--- a/roles/telegraf/templates/output.conf.j2
+++ b/roles/telegraf/templates/output.conf.j2
@ -1,5 +0,0 @@
-[[outputs.influxdb_v2]]
- urls = ["{{ influxdb_info.influxdb_url }}"]
- organization = "{{ influxdb_info.influxdb_org }}"
- bucket = "{{ influxdb_info.influxdb_bucket }}"
- token = "{{ influxdb_token | default(password.influxdb_token) }}"
--- a/setup.yml
+++ b/setup.yml
@ -3,13 +3,6 @@
  roles:
    - facts

- hosts: monitor
-  roles:
-    - alpine
-    - nginx
-    - influxdb
-    - grafana
-
 - hosts: dhcp
  roles:
    - alpine
@ -26,7 +19,6 @@
  roles:
    - debian
    - frr
-    - telegraf
    - ceph

 - hosts: pve-rc-*, pve-lab-*