From 127abdda6f4e233da574633b990cde3fa8d944f4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 14 May 2023 18:39:17 +0200 Subject: [PATCH] Add integration&documentation for postgres exporter --- docs/services/postgres-exporter.md | 40 ++++++++++++++++++++++ group_vars/mash_servers | 55 ++++++++++++++++++++++++++++++ 2 files changed, 95 insertions(+) create mode 100644 docs/services/postgres-exporter.md diff --git a/docs/services/postgres-exporter.md b/docs/services/postgres-exporter.md new file mode 100644 index 0000000..e7e7001 --- /dev/null +++ b/docs/services/postgres-exporter.md @@ -0,0 +1,40 @@ +# Postgres Exporter + +This playbook can configure [Postgres Exporter](https://github.com/prometheus-community/postgres_exporter) by utilizing [mother-of-all-self-hosting/ansible-role-postgres-exporter](https://github.com/mother-of-all-self-hosting/ansible-role-postgres-exporter.git). + + +## Configuration + +To enable this service, add the following configuration to your `vars.yml` file and re-run the [installation](../installing.md) process: + +```yaml +######################################################################## +# # +# postgres_exporter # +# # +######################################################################## + +postgres_exporter_enabled: true + +# To expose the metrics publicly, enable and configure the lines below: +# postgres_exporter_hostname: mash.example.com +# postgres_exporter_path_prefix: /metrics/postgres-exporter + +# To protect the metrics with HTTP Basic Auth, enable and configure the lines below: +# postgres_exporter_basicauth_enabled: true +# postgres_exporter_basicauth_user: your_username +# postgres_exporter_basicauth_password: your password + +######################################################################## +# # +# /postgres_exporter # +# # +######################################################################## +``` + +Unless you're scraping the Postgres Exporter metrics from a local [Prometheus](prometheus.md) instance, as described in [Integrating with Postgres Exporter](prometheus.md#integrating-with-postgres-exporter), you will probably wish to expose the metrics publicly so that a remote Prometheus instance can fetch them. + +## Usage + +After you installed the exporter, your stats will be available on `mash.example.com/metrics/postgres-exporter` with basic auth credentials you configured + diff --git a/group_vars/mash_servers b/group_vars/mash_servers index 3cb824c..0d46b8e 100644 --- a/group_vars/mash_servers +++ b/group_vars/mash_servers @@ -299,6 +299,12 @@ devture_postgres_managed_databases_auto: | 'password': peertube_config_database_password, }] if peertube_enabled else []) + + ([{ + 'name': postgres_exporter_database_name, + 'username': postgres_exporter_database_username, + 'password': postgres_exporter_database_password, + }] if postgres_exporter_enabled else []) + + ([{ 'name': firezone_database_name, 'username': firezone_database_user, @@ -1824,6 +1830,55 @@ peertube_systemd_required_services_list_auto: | ######################################################################## + +######################################################################## +# # +# postgres_exporter # +# # +######################################################################## + +postgres_exporter_enabled: false + +postgres_exporter_identifier: "{{ mash_playbook_service_identifier_prefix }}postgres-exporter" + +postgres_exporter_base_path: "{{ mash_playbook_base_path }}/{{ mash_playbook_service_base_directory_name_prefix }}postgres-exporter" + +postgres_exporter_uid: "{{ mash_playbook_uid }}" +postgres_exporter_gid: "{{ mash_playbook_gid }}" + +postgres_exporter_basicauth_enabled: "{{ postgres_exporter_container_labels_traefik_enabled }}" +postgres_exporter_basicauth_user: "{{ '%s' | format(mash_playbook_generic_secret_key) | password_hash('sha512', 'postgres-exporter.user', rounds=655555) | to_uuid }}" +postgres_exporter_basicauth_password: "{{ '%s' | format(mash_playbook_generic_secret_key) | password_hash('sha512', 'postgres-exporter.password', rounds=655555) | to_uuid }}" + +postgres_exporter_container_additional_networks: | + {{ + ([mash_playbook_reverse_proxyable_services_additional_network] if mash_playbook_reverse_proxyable_services_additional_network else []) + + + ([devture_postgres_container_network] if devture_postgres_enabled and postgres_exporter_database_hostname == devture_postgres_identifier and postgres_exporter_container_network != devture_postgres_container_network else []) + }} + +# Only enable Traefik labels if a hostname is set (indicating that this will be exposed publicly) +postgres_exporter_container_labels_traefik_enabled: "{{ mash_playbook_traefik_labels_enabled and postgres_exporter_hostname | length > 0 }}" +postgres_exporter_container_labels_traefik_docker_network: "{{ mash_playbook_reverse_proxyable_services_additional_network }}" +postgres_exporter_container_labels_traefik_entrypoints: "{{ devture_traefik_entrypoint_primary }}" +postgres_exporter_container_labels_traefik_tls_certResolver: "{{ devture_traefik_certResolver_primary }}" + +postgres_exporter_database_hostname: "{{ devture_postgres_connection_hostname if devture_postgres_enabled else '' }}" +postgres_exporter_database_username: postgres-exporter +postgres_exporter_database_password: "{{ devture_postgres_connection_password if devture_postgres_enabled else '' }}" +postgres_exporter_database_port: "{{ devture_postgres_connection_port if devture_postgres_enabled else 5432 }}" +postgres_exporter_database_ssl: false + +postgres_exporter_permission_grant_command: "{{ devture_postgres_bin_path }}/cli-non-interactive -c 'GRANT pg_monitor to \"{{ postgres_exporter_database_username }}\";'" + +######################################################################## +# # +# /prometheus_node_exporter # +# # +######################################################################## + + + ######################################################################## # # # prometheus #