From 7220ca0ecfb1dddf5a798ad5eebefd9e0db11ba2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jadyn=20Emma=20J=C3=A4ger?= <jadyn@jadyn.dev>
Date: Fri, 25 Aug 2023 20:42:47 +0200
Subject: [PATCH] feat(blackbox_exporter): add web_config option
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Jadyn Emma Jäger <jadyn@jadyn.dev>
---
 roles/blackbox_exporter/defaults/main.yml          |  5 +++++
 roles/blackbox_exporter/meta/argument_specs.yml    |  3 +++
 roles/blackbox_exporter/tasks/configure.yml        | 14 ++++++++++++++
 .../templates/blackbox_exporter.service.j2         |  1 +
 4 files changed, 23 insertions(+)

diff --git a/roles/blackbox_exporter/defaults/main.yml b/roles/blackbox_exporter/defaults/main.yml
index ae9d04f9d..513bc3ed1 100644
--- a/roles/blackbox_exporter/defaults/main.yml
+++ b/roles/blackbox_exporter/defaults/main.yml
@@ -5,6 +5,11 @@ blackbox_exporter_binary_url: "https://github.com/{{ _blackbox_exporter_repo }}/
 blackbox_exporter_checksums_url: "https://github.com/{{ _blackbox_exporter_repo }}/releases/download/v{{ blackbox_exporter_version }}/sha256sums.txt"
 
 blackbox_exporter_web_listen_address: "0.0.0.0:9115"
+blackbox_exporter_web_config:
+  tls_server_config: {}
+  http_server_config: {}
+  basic_auth_users: {}
+
 
 blackbox_exporter_system_user: blackbox-exp
 blackbox_exporter_system_group: "{{ blackbox_exporter_system_user }}"
diff --git a/roles/blackbox_exporter/meta/argument_specs.yml b/roles/blackbox_exporter/meta/argument_specs.yml
index fc83cb41d..eb0bcb04c 100644
--- a/roles/blackbox_exporter/meta/argument_specs.yml
+++ b/roles/blackbox_exporter/meta/argument_specs.yml
@@ -50,3 +50,6 @@ argument_specs:
       blackbox_exporter_local_cache_path:
         description: 'Local path to stash the archive and its extraction'
         default: "/tmp/blackbox_exporter-{{ ansible_system | lower }}-{{ _blackbox_exporter_go_ansible_arch }}/{{ blackbox_exporter_version }}"
+      blackbox_exporter_web_config:
+        description: "A Prometheus L(web config yaml,https://github.com/prometheus/exporter-toolkit/blob/master/docs/web-configuration.md) for configuring TLS and auth."
+        type: "dict"
diff --git a/roles/blackbox_exporter/tasks/configure.yml b/roles/blackbox_exporter/tasks/configure.yml
index 4b1c2c50b..03b41de9c 100644
--- a/roles/blackbox_exporter/tasks/configure.yml
+++ b/roles/blackbox_exporter/tasks/configure.yml
@@ -48,3 +48,17 @@
     - blackbox_exporter
     - configure
     - blackbox_exporter_configure
+
+- name: Configure blackbox_exporter web
+  ansible.builtin.copy:
+    content: "{{ blackbox_exporter_web_config | to_nice_yaml(indent=2, sort_keys=False) }}"
+    dest: "{{ blackbox_exporter_config_dir }}/web.yml"
+    owner: "{{ blackbox_exporter_system_user }}"
+    group: "{{ blackbox_exporter_system_group }}"
+    mode: '0644'
+  notify:
+    - reload blackbox_exporter
+  tags:
+    - blackbox_exporter
+    - configure
+    - blackbox_exporter_configure
diff --git a/roles/blackbox_exporter/templates/blackbox_exporter.service.j2 b/roles/blackbox_exporter/templates/blackbox_exporter.service.j2
index e27e94644..570fd454d 100644
--- a/roles/blackbox_exporter/templates/blackbox_exporter.service.j2
+++ b/roles/blackbox_exporter/templates/blackbox_exporter.service.j2
@@ -13,6 +13,7 @@ PermissionsStartOnly=true
 ExecReload=/bin/kill -HUP $MAINPID
 ExecStart={{ blackbox_exporter_binary_install_dir }}/blackbox_exporter \
   --config.file={{ blackbox_exporter_config_dir }}/blackbox_exporter.yml \
+  --web.config.file={{ blackbox_exporter_config_dir }}/web.yml \
   {% for flag, flag_value in blackbox_exporter_cli_flags.items() -%}
   --{{ flag }}={{ flag_value }} \
   {% endfor -%}