diff --git a/docs/services/postgres-exporter.md b/docs/services/postgres-exporter.md new file mode 100644 index 0000000..e625530 --- /dev/null +++ b/docs/services/postgres-exporter.md @@ -0,0 +1,40 @@ +# Postgres Exporter + +This playbook can configure [Postgres Exporter](https://github.com/prometheus-community/postgres_exporter) by utilizing [mother-of-all-self-hosting/ansible-role-postgres-exporter](https://github.com/mother-of-all-self-hosting/ansible-role-prometheus-postgres-exporter.git). + + +## Configuration + +To enable this service, add the following configuration to your `vars.yml` file and re-run the [installation](../installing.md) process: + +```yaml +######################################################################## +# # +# prometheus_postgres_exporter # +# # +######################################################################## + +prometheus_postgres_exporter_enabled: true + +# To expose the metrics publicly, enable and configure the lines below: +# prometheus_postgres_exporter_hostname: mash.example.com +# prometheus_postgres_exporter_path_prefix: /metrics/postgres-exporter + +# To protect the metrics with HTTP Basic Auth, enable and configure the lines below: +# prometheus_postgres_exporter_basicauth_enabled: true +# prometheus_postgres_exporter_basicauth_user: your_username +# prometheus_postgres_exporter_basicauth_password: your password + +######################################################################## +# # +# /prometheus_postgres_exporter # +# # +######################################################################## +``` + +Unless you're scraping the Postgres Exporter metrics from a local [Prometheus](prometheus.md) instance, as described in [Integrating with Postgres Exporter](prometheus.md#integrating-with-postgres-exporter), you will probably wish to expose the metrics publicly so that a remote Prometheus instance can fetch them. + +## Usage + +After you installed the exporter, your stats will be available on `mash.example.com/metrics/postgres-exporter` with basic auth credentials you configured + diff --git a/group_vars/mash_servers b/group_vars/mash_servers index 3cb824c..366d4b3 100644 --- a/group_vars/mash_servers +++ b/group_vars/mash_servers @@ -163,6 +163,8 @@ devture_systemd_service_manager_services_list_auto: | + ([{'name': (prometheus_node_exporter_identifier + '.service'), 'priority': 500, 'groups': ['mash', 'metrics', 'prometheus-node-exporter']}] if prometheus_node_exporter_enabled else []) + + ([{'name': (prometheus_postgres_exporter_identifier + '.service'), 'priority': 500, 'groups': ['mash', 'metrics', 'prometheus-postgres-exporter']}] if prometheus_postgres_exporter_enabled else []) + + ([{'name': (radicale_identifier + '.service'), 'priority': 2000, 'groups': ['mash', 'radicale']}] if radicale_enabled else []) + ([{'name': (redmine_identifier + '.service'), 'priority': 2000, 'groups': ['mash', 'redmine']}] if redmine_enabled else []) @@ -299,6 +301,12 @@ devture_postgres_managed_databases_auto: | 'password': peertube_config_database_password, }] if peertube_enabled else []) + + ([{ + 'name': prometheus_postgres_exporter_database_name, + 'username': prometheus_postgres_exporter_database_username, + 'password': prometheus_postgres_exporter_database_password, + }] if prometheus_postgres_exporter_enabled else []) + + ([{ 'name': firezone_database_name, 'username': firezone_database_user, @@ -1824,6 +1832,62 @@ peertube_systemd_required_services_list_auto: | ######################################################################## + +######################################################################## +# # +# prometheus_postgres_exporter # +# # +######################################################################## + +prometheus_postgres_exporter_enabled: false + +prometheus_postgres_exporter_identifier: "{{ mash_playbook_service_identifier_prefix }}prometheus-postgres-exporter" + +prometheus_postgres_exporter_base_path: "{{ mash_playbook_base_path }}/{{ mash_playbook_service_base_directory_name_prefix }}prometheus-postgres-exporter" + +prometheus_postgres_exporter_uid: "{{ mash_playbook_uid }}" +prometheus_postgres_exporter_gid: "{{ mash_playbook_gid }}" + +prometheus_postgres_exporter_basicauth_enabled: "{{ prometheus_postgres_exporter_container_labels_traefik_enabled }}" +prometheus_postgres_exporter_basicauth_user: "{{ '%s' | format(mash_playbook_generic_secret_key) | password_hash('sha512', 'prometheus-postgres-exporter.user', rounds=655555) | to_uuid }}" +prometheus_postgres_exporter_basicauth_password: "{{ '%s' | format(mash_playbook_generic_secret_key) | password_hash('sha512', 'prometheus-postgres-exporter.password', rounds=655555) | to_uuid }}" + +prometheus_postgres_exporter_container_additional_networks: | + {{ + ([mash_playbook_reverse_proxyable_services_additional_network] if mash_playbook_reverse_proxyable_services_additional_network else []) + + + ([devture_postgres_container_network] if devture_postgres_enabled and prometheus_postgres_exporter_database_hostname == devture_postgres_identifier and prometheus_postgres_exporter_container_network != devture_postgres_container_network else []) + }} + +prometheus_postgres_exporter_server_fqn: "{{ prometheus_postgres_exporter_hostname }}" + +# Only enable Traefik labels if a hostname is set (indicating that this will be exposed publicly) +prometheus_postgres_exporter_container_labels_traefik_enabled: "{{ mash_playbook_traefik_labels_enabled and prometheus_postgres_exporter_hostname | length > 0 }}" +prometheus_postgres_exporter_container_labels_traefik_docker_network: "{{ mash_playbook_reverse_proxyable_services_additional_network }}" +prometheus_postgres_exporter_container_labels_traefik_entrypoints: "{{ devture_traefik_entrypoint_primary }}" +prometheus_postgres_exporter_container_labels_traefik_tls_certResolver: "{{ devture_traefik_certResolver_primary }}" + +prometheus_postgres_exporter_database_hostname: "{{ devture_postgres_connection_hostname if devture_postgres_enabled else '' }}" +prometheus_postgres_exporter_database_username: prometheus_postgres_exporter +prometheus_postgres_exporter_database_password: "{{ devture_postgres_connection_password if devture_postgres_enabled else '' }}" +prometheus_postgres_exporter_database_port: "{{ devture_postgres_connection_port if devture_postgres_enabled else 5432 }}" +prometheus_postgres_exporter_database_ssl: false + +prometheus_postgres_exporter_systemd_required_services_list: | + {{ + ['docker.service'] + + + ([devture_postgres_identifier ~ '.service'] if devture_postgres_enabled else []) + }} + +######################################################################## +# # +# /prometheus_node_exporter # +# # +######################################################################## + + + ######################################################################## # # # prometheus # diff --git a/requirements.yml b/requirements.yml index 111bb9c..d3930d7 100644 --- a/requirements.yml +++ b/requirements.yml @@ -119,6 +119,9 @@ version: v0.24.0-0 - src: git+https://gitlab.com/etke.cc/roles/prometheus_node_exporter.git version: v1.5.0-7 +- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-prometheus-postgres-exporter.git + version: v0.12.0-0 + name: prometheus_postgres_exporter - src: git+https://gitlab.com/etke.cc/roles/radicale.git version: v3.1.8.2-3 - src: git+https://gitlab.com/etke.cc/roles/redis.git diff --git a/setup.yml b/setup.yml index 2786272..210040e 100644 --- a/setup.yml +++ b/setup.yml @@ -109,6 +109,7 @@ - role: galaxy/prometheus - role: galaxy/prometheus_node_exporter - role: galaxy/prometheus_blackbox_exporter + - role: galaxy/prometheus_postgres_exporter - role: galaxy/radicale