grafana work (tons)

tasks/main.yml

@@ -24,6 +24,7 @@
       - 'grafana'
     step_extkey_usage: ["clientAuth"]
     step_cn: "grafana.{{domain_name}}"
+    step_reload_script: "{{lookup('template','step_reload.j2')}}"
     dns_names: ['{{ansible_fqdn}}', 'grafana.{{domain_name}}']
     step_client_renewtime: "{{'*/2 * * * *'|split(' ')}}"
   tags: step

templates/prometheus_datasource.yaml.j2

@@ -3,12 +3,10 @@ datasources:
 - name: {{prometheus_server}}
   type: prometheus
   url: https://{{prometheus_server}}
-  editable: false
+  editable: true
   secureJsonData:
     tlsCACert: |
       {{(lookup('file',root_ca_crt))|regex_replace('\n','\n      ',)}}
-    tlsClientCert: $(echo /etc/ssl/grafana_client/{{fqdn}}.crt)
-    tlsClientKey:  $(echo /etc/ssl/grafana_client/{{fqdn}}.key)
   jsonData:
     tlsAuth: true
     tlsAuthWithCACert: true

templates/step_reload.j2

+sudo -u step /usr/local/bin/step_cert_make {{step_cn}} {{step_client_dir}}/root.ca.crt {{step_client_dir}}/key.json {{step_client_user}}@{{fqdn}} {{step_client_dir}}/{{inventory_hostname}}.csr {{step_client_dir}}/{{inventory_hostname}}.crt || exit 1
+
+
+
+/usr/sbin/service grafana-server restart