vaheeD khoshnouD

linux, mikrotik, macosx

How to Install and Configure Prometheus, Grafana, and Secure with SSL and passwd in Ubuntu/Debian/Redhat/CentOS

Written by vaheeD on July 21, 2021
0.00 avg. rating (0% score) - 0 votes

Go to https://prometheus.io/download/ and replace blow link with new version

wget https://github.com/prometheus/prometheus/releases/download/v2.28.1/prometheus-2.28.1.linux-amd64.tar.gz

tar xvzf prometheus*



Debian or Ubuntu
useradd -rs /bin/false prometheus

CentOS or Fedora
useradd --no-create-home --shell /bin/false prometheus

mkdir /etc/prometheus
mkdir /var/lib/prometheus
chown prometheus:prometheus /etc/prometheus /var/lib/prometheus

cd prometheus*
cp prometheus promtool /usr/local/bin
chown prometheus:prometheus /usr/local/bin/prometheus
cp -R consoles* prometheus.yml /etc/prometheus
chown -R prometheus:prometheus /etc/prometheus

vim /etc/systemd/system/prometheus.service


[Unit]
Description=Prometheus
Wants=network-online.target
After=network-online.target

[Service]
Type=simple
User=prometheus
Group=prometheus
ExecStart=/usr/local/bin/prometheus \
  --config.file=/etc/prometheus/prometheus.yml \
  --storage.tsdb.path=/var/lib/prometheus/ \
  --web.console.templates=/etc/prometheus/consoles \
  --web.console.libraries=/etc/prometheus/console_libraries \
  --web.listen-address=127.0.0.1:9090 \
  --web.enable-admin-api

Restart=always

[Install]
WantedBy=multi-user.target

systemctl enable prometheus
systemctl start prometheus

Debian or Ubuntu
apt-get install nginx -y

CentOS or Fedora
yum install nginx -y

vim /etc/nginx/conf.d/prometheus.conf

server {
    listen 1234;

    location / {
      proxy_pass           http://localhost:9090/;
    }
}



systemctl enable nginx
systemctl start nginx

Debian or Ubuntu
apt-get install apache2-utils -y

CentOS or Fedora
yum install httpd-tools -y

cd /etc/prometheus
htpasswd -c .credentials admin

vim /etc/nginx/conf.d/prometheus.conf


server {
    listen 1234;

    location / {
      auth_basic           "Prometheus";
      auth_basic_user_file /etc/prometheus/.credentials;
      proxy_pass           http://localhost:9090/;
    }
}


systemctl restart nginx

Debian or Ubuntu
apt-get install certbot -y

CentOS or Fedora
yum install certbot -y

certbot certonly --standalone -d sub.example.com

vim /etc/nginx/conf.d/prometheus.conf


server {
    listen 1234 ssl;
    ssl_certificate /etc/letsencrypt/live/sub.example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/sub.example.com/privkey.pem;

    location / {
      auth_basic           "Prometheus";
      auth_basic_user_file /etc/prometheus/.credentials;
      proxy_pass           http://localhost:9090/;
    }
}



systemctl restart nginx

Debian or Ubuntu
wget -q -O - https://packages.grafana.com/gpg.key | apt-key add -
apt-get update
apt-get install grafana -y


CentOS or Fedora
vim /etc/yum.repos.d/grafana.repo
[grafana]
name=grafana
baseurl=https://packages.grafana.com/oss/rpm
repo_gpgcheck=1
enabled=1
gpgcheck=1
gpgkey=https://packages.grafana.com/gpg.key
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt

yum update -y
yum install grafana -y


vim  /etc/grafana/grafana.ini


protocol = https
http_port = 1234
domain = takphone.taknet.net
enforce_domain = true
cert_file = /etc/letsencrypt/live/sub.example.com/fullchain.pem
cert_key = /etc/letsencrypt/live/sub.example.com/privkey.pem
allow_sign_up = false

groupadd sslcerts
chown -R root:sslcerts /etc/letsencrypt/

usermod -G sslcerts -a grafana
chmod -R 755 /etc/letsencrypt/archive
chmod -R 755 /etc/letsencrypt/live

systemctl enable grafana-server
systemctl start grafana-server


wget https://github.com/prometheus/node_exporter/releases/download/v1.2.0/node_exporter-1.2.0.linux-amd64.tar.gz
tar xzfv node*

cd node*
cp node_exporter /usr/local/bin
useradd -rs /bin/false node_exporter
chown node_exporter:node_exporter /usr/local/bin/node_exporter

vim /etc/systemd/system/node_exporter.service


[Unit]
Description=Node Exporter
Wants=network-online.target
After=network-online.target

[Service]
Type=simple
User=node_exporter
Group=node_exporter
ExecStart=/usr/local/bin/node_exporter \
    --collector.mountstats \
    --collector.logind \
    --collector.processes \
    --collector.ntp \
    --collector.systemd \
    --collector.tcpstat \
    --collector.wifi

Restart=always

[Install]
WantedBy=multi-user.target

systemctl daemon-reload
systemctl enable node_exporter
systemctl start node_exporter


vim /etc/prometheus/prometheus.yml

static_configs:
            - targets: ['localhost:9090', 'localhost:9100']

systemctl restart prometheus

0.00 avg. rating (0% score) - 0 votes

Posted Under: Linux

About vaheeD

Leave a Reply

Your email address will not be published. Required fields are marked *

Protected by WP Anti Spam