From c9189219ebe4a8e6c933e6338d929ac3ff219b96 Mon Sep 17 00:00:00 2001 From: Aine Date: Tue, 5 Sep 2023 23:44:04 +0300 Subject: [PATCH] add prometheus-ssh-exporter --- docs/services/prometheus-ssh-exporter.md | 34 ++++++++++++++++++++ docs/supported-services.md | 1 + group_vars/mash_servers | 40 ++++++++++++++++++++++++ releases.opml | 1 + requirements.yml | 3 ++ setup.yml | 1 + 6 files changed, 80 insertions(+) create mode 100644 docs/services/prometheus-ssh-exporter.md diff --git a/docs/services/prometheus-ssh-exporter.md b/docs/services/prometheus-ssh-exporter.md new file mode 100644 index 0000000..56ec936 --- /dev/null +++ b/docs/services/prometheus-ssh-exporter.md @@ -0,0 +1,34 @@ +# Prometheus SSH Exporter + +This playbook can configure [Prometheus SSH Exporter](https://github.com/treydock/ssh_exporter). + +## Configuration + +To enable this service, add the following configuration to your `vars.yml` file and re-run the [installation](../installing.md) process: + +```yaml +######################################################################## +# # +# prometheus-ssh-exporter # +# # +######################################################################## + +prometheus_ssh_exporter_enabled: true + +# if you want to export ssh's probe endpoint, uncomment and adjust the following vars + +# prometheus_ssh_exporter_hostname: mash.example.com +# prometheus_ssh_exporter_path_prefix: /metrics/ssh-exporter +# prometheus_ssh_exporter_basicauth_user: your_username +# prometheus_ssh_exporter_basicauth_password: your password + +######################################################################## +# # +# /prometheus-ssh-exporter # +# # +######################################################################## +``` + +## Usage + +After you've installed the ssh exporter, your ssh prober will be available on `mash.example.com/metrics/ssh-exporter` with the basic auth credentials you've configured if hostname and path prefix where provided diff --git a/docs/supported-services.md b/docs/supported-services.md index 689a2fb..a08616e 100644 --- a/docs/supported-services.md +++ b/docs/supported-services.md @@ -45,6 +45,7 @@ | [Postgres Backup](https://github.com/prodrigestivill/docker-postgres-backup-local) | A solution for backing up PostgresSQL to local filesystem with periodic backups. | [Link](services/postgres-backup.md) | | [Prometheus](https://prometheus.io/) | A metrics collection and alerting monitoring solution | [Link](services/prometheus.md) | | [Prometheus Blackbox Exporter](https://github.com/prometheus/blackbox_exporter) | Blackbox probing of HTTP/HTTPS/DNS/TCP/ICMP and gRPC endpoints | [Link](services/prometheus-blackbox-exporter.md) | +| [Prometheus SSH Exporter](https://github.com/treydock/ssh_exporter) | SSH probes | [Link](services/prometheus-ssh-exporter.md) | | [Prometheus Node Exporter](https://github.com/prometheus/node_exporter) | Exporter for machine metrics | [Link](services/prometheus-node-exporter.md) | | [Prometheus Postgres Exporter](https://github.com/prometheus-community/postgres_exporter) | A PostgreSQL metric exporter for Prometheus | [Link](services/prometheus-postgres-exporter.md) | | [Radicale](https://radicale.org/) | A Free and Open-Source CalDAV and CardDAV Server (solution for hosting contacts and calendars) | [Link](services/radicale.md) | diff --git a/group_vars/mash_servers b/group_vars/mash_servers index b1b4eda..4e5608e 100644 --- a/group_vars/mash_servers +++ b/group_vars/mash_servers @@ -189,6 +189,8 @@ devture_systemd_service_manager_services_list_auto: | + ([{'name': (prometheus_blackbox_exporter_identifier + '.service'), 'priority': 500, 'groups': ['mash', 'metrics', 'prometheus-blackbox-exporter']}] if prometheus_blackbox_exporter_enabled else []) + + ([{'name': (prometheus_ssh_exporter_identifier + '.service'), 'priority': 500, 'groups': ['mash', 'metrics', 'prometheus-ssh-exporter']}] if prometheus_ssh_exporter_enabled else []) + + ([{'name': (prometheus_node_exporter_identifier + '.service'), 'priority': 500, 'groups': ['mash', 'metrics', 'prometheus-node-exporter']}] if prometheus_node_exporter_enabled else []) + ([{'name': (prometheus_postgres_exporter_identifier + '.service'), 'priority': 500, 'groups': ['mash', 'metrics', 'prometheus-postgres-exporter']}] if prometheus_postgres_exporter_enabled else []) @@ -2473,6 +2475,44 @@ prometheus_blackbox_exporter_container_labels_traefik_tls_certResolver: "{{ devt +######################################################################## +# # +# prometheus_ssh_exporter # +# # +######################################################################## + +prometheus_ssh_exporter_enabled: false + +prometheus_ssh_exporter_identifier: "{{ mash_playbook_service_identifier_prefix }}prometheus-ssh-exporter" + +prometheus_ssh_exporter_base_path: "{{ mash_playbook_base_path }}/{{ mash_playbook_service_base_directory_name_prefix }}prometheus-ssh-exporter" + +prometheus_ssh_exporter_uid: "{{ mash_playbook_uid }}" +prometheus_ssh_exporter_gid: "{{ mash_playbook_gid }}" + +prometheus_ssh_exporter_basicauth_enabled: "{{ prometheus_ssh_exporter_container_labels_traefik_enabled }}" +prometheus_ssh_exporter_basicauth_user: "{{ '%s' | format(mash_playbook_generic_secret_key) | password_hash('sha512', 'ssh.user', rounds=655555) | to_uuid }}" +prometheus_ssh_exporter_basicauth_password: "{{ '%s' | format(mash_playbook_generic_secret_key) | password_hash('sha512', 'ssh.password', rounds=655555) | to_uuid }}" + +prometheus_ssh_exporter_container_additional_networks: | + {{ + ([mash_playbook_reverse_proxyable_services_additional_network] if mash_playbook_reverse_proxyable_services_additional_network else []) + }} + +# Only enable Traefik labels if a hostname is set (indicating that this will be exposed publicly) +prometheus_ssh_exporter_container_labels_traefik_enabled: "{{ mash_playbook_traefik_labels_enabled and prometheus_ssh_exporter_hostname }}" +prometheus_ssh_exporter_container_labels_traefik_docker_network: "{{ mash_playbook_reverse_proxyable_services_additional_network }}" +prometheus_ssh_exporter_container_labels_traefik_entrypoints: "{{ devture_traefik_entrypoint_primary }}" +prometheus_ssh_exporter_container_labels_traefik_tls_certResolver: "{{ devture_traefik_certResolver_primary }}" + +######################################################################## +# # +# /prometheus_ssh_exporter # +# # +######################################################################## + + + ######################################################################## # # # prometheus_node_exporter # diff --git a/releases.opml b/releases.opml index 27a5ba0..8acde0b 100644 --- a/releases.opml +++ b/releases.opml @@ -34,6 +34,7 @@ + diff --git a/requirements.yml b/requirements.yml index 84362b3..dce724c 100644 --- a/requirements.yml +++ b/requirements.yml @@ -155,6 +155,9 @@ - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-prometheus-postgres-exporter.git version: v0.13.2-0 name: prometheus_postgres_exporter +- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-prometheus-ssh-exporter.git + version: v1.5.0-0 + name: prometheus_ssh_exporter - src: git+https://gitlab.com/etke.cc/roles/radicale.git version: v3.1.8.3-0 - src: git+https://gitlab.com/etke.cc/roles/redis.git diff --git a/setup.yml b/setup.yml index 89c473b..3df102f 100644 --- a/setup.yml +++ b/setup.yml @@ -132,6 +132,7 @@ - role: galaxy/prometheus_node_exporter - role: galaxy/prometheus_blackbox_exporter - role: galaxy/prometheus_postgres_exporter + - role: galaxy/prometheus_ssh_exporter - role: galaxy/radicale