From 82a6bd5192cb0d6a53b43efc2eff34e0a9a7cc34 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sat, 13 May 2023 17:32:49 +0200 Subject: [PATCH 1/5] Add postgres exporter role --- requirements.yml | 3 +++ setup.yml | 2 ++ 2 files changed, 5 insertions(+) diff --git a/requirements.yml b/requirements.yml index bb7cc32..e9b9b97 100644 --- a/requirements.yml +++ b/requirements.yml @@ -112,6 +112,9 @@ - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-peertube.git version: v5.1.0-3 name: peertube +- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-postgres-exporter.git + version: v0.12.0-0 + name: peertube - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-prometheus.git version: v2.43.0-0 name: prometheus diff --git a/setup.yml b/setup.yml index 2786272..42d8692 100644 --- a/setup.yml +++ b/setup.yml @@ -106,6 +106,8 @@ - role: galaxy/peertube + - role: galaxy/postgres-exporter + - role: galaxy/prometheus - role: galaxy/prometheus_node_exporter - role: galaxy/prometheus_blackbox_exporter From 127abdda6f4e233da574633b990cde3fa8d944f4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 14 May 2023 18:39:17 +0200 Subject: [PATCH 2/5] Add integration&documentation for postgres exporter --- docs/services/postgres-exporter.md | 40 ++++++++++++++++++++++ group_vars/mash_servers | 55 ++++++++++++++++++++++++++++++ 2 files changed, 95 insertions(+) create mode 100644 docs/services/postgres-exporter.md diff --git a/docs/services/postgres-exporter.md b/docs/services/postgres-exporter.md new file mode 100644 index 0000000..e7e7001 --- /dev/null +++ b/docs/services/postgres-exporter.md @@ -0,0 +1,40 @@ +# Postgres Exporter + +This playbook can configure [Postgres Exporter](https://github.com/prometheus-community/postgres_exporter) by utilizing [mother-of-all-self-hosting/ansible-role-postgres-exporter](https://github.com/mother-of-all-self-hosting/ansible-role-postgres-exporter.git). + + +## Configuration + +To enable this service, add the following configuration to your `vars.yml` file and re-run the [installation](../installing.md) process: + +```yaml +######################################################################## +# # +# postgres_exporter # +# # +######################################################################## + +postgres_exporter_enabled: true + +# To expose the metrics publicly, enable and configure the lines below: +# postgres_exporter_hostname: mash.example.com +# postgres_exporter_path_prefix: /metrics/postgres-exporter + +# To protect the metrics with HTTP Basic Auth, enable and configure the lines below: +# postgres_exporter_basicauth_enabled: true +# postgres_exporter_basicauth_user: your_username +# postgres_exporter_basicauth_password: your password + +######################################################################## +# # +# /postgres_exporter # +# # +######################################################################## +``` + +Unless you're scraping the Postgres Exporter metrics from a local [Prometheus](prometheus.md) instance, as described in [Integrating with Postgres Exporter](prometheus.md#integrating-with-postgres-exporter), you will probably wish to expose the metrics publicly so that a remote Prometheus instance can fetch them. + +## Usage + +After you installed the exporter, your stats will be available on `mash.example.com/metrics/postgres-exporter` with basic auth credentials you configured + diff --git a/group_vars/mash_servers b/group_vars/mash_servers index 3cb824c..0d46b8e 100644 --- a/group_vars/mash_servers +++ b/group_vars/mash_servers @@ -299,6 +299,12 @@ devture_postgres_managed_databases_auto: | 'password': peertube_config_database_password, }] if peertube_enabled else []) + + ([{ + 'name': postgres_exporter_database_name, + 'username': postgres_exporter_database_username, + 'password': postgres_exporter_database_password, + }] if postgres_exporter_enabled else []) + + ([{ 'name': firezone_database_name, 'username': firezone_database_user, @@ -1824,6 +1830,55 @@ peertube_systemd_required_services_list_auto: | ######################################################################## + +######################################################################## +# # +# postgres_exporter # +# # +######################################################################## + +postgres_exporter_enabled: false + +postgres_exporter_identifier: "{{ mash_playbook_service_identifier_prefix }}postgres-exporter" + +postgres_exporter_base_path: "{{ mash_playbook_base_path }}/{{ mash_playbook_service_base_directory_name_prefix }}postgres-exporter" + +postgres_exporter_uid: "{{ mash_playbook_uid }}" +postgres_exporter_gid: "{{ mash_playbook_gid }}" + +postgres_exporter_basicauth_enabled: "{{ postgres_exporter_container_labels_traefik_enabled }}" +postgres_exporter_basicauth_user: "{{ '%s' | format(mash_playbook_generic_secret_key) | password_hash('sha512', 'postgres-exporter.user', rounds=655555) | to_uuid }}" +postgres_exporter_basicauth_password: "{{ '%s' | format(mash_playbook_generic_secret_key) | password_hash('sha512', 'postgres-exporter.password', rounds=655555) | to_uuid }}" + +postgres_exporter_container_additional_networks: | + {{ + ([mash_playbook_reverse_proxyable_services_additional_network] if mash_playbook_reverse_proxyable_services_additional_network else []) + + + ([devture_postgres_container_network] if devture_postgres_enabled and postgres_exporter_database_hostname == devture_postgres_identifier and postgres_exporter_container_network != devture_postgres_container_network else []) + }} + +# Only enable Traefik labels if a hostname is set (indicating that this will be exposed publicly) +postgres_exporter_container_labels_traefik_enabled: "{{ mash_playbook_traefik_labels_enabled and postgres_exporter_hostname | length > 0 }}" +postgres_exporter_container_labels_traefik_docker_network: "{{ mash_playbook_reverse_proxyable_services_additional_network }}" +postgres_exporter_container_labels_traefik_entrypoints: "{{ devture_traefik_entrypoint_primary }}" +postgres_exporter_container_labels_traefik_tls_certResolver: "{{ devture_traefik_certResolver_primary }}" + +postgres_exporter_database_hostname: "{{ devture_postgres_connection_hostname if devture_postgres_enabled else '' }}" +postgres_exporter_database_username: postgres-exporter +postgres_exporter_database_password: "{{ devture_postgres_connection_password if devture_postgres_enabled else '' }}" +postgres_exporter_database_port: "{{ devture_postgres_connection_port if devture_postgres_enabled else 5432 }}" +postgres_exporter_database_ssl: false + +postgres_exporter_permission_grant_command: "{{ devture_postgres_bin_path }}/cli-non-interactive -c 'GRANT pg_monitor to \"{{ postgres_exporter_database_username }}\";'" + +######################################################################## +# # +# /prometheus_node_exporter # +# # +######################################################################## + + + ######################################################################## # # # prometheus # From 0b23a60f90291e81a46df959fca2cde2f4aaf8e9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Mon, 15 May 2023 09:04:17 +0200 Subject: [PATCH 3/5] Fix requirements --- requirements.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.yml b/requirements.yml index 5e606d5..3b003f7 100644 --- a/requirements.yml +++ b/requirements.yml @@ -114,7 +114,7 @@ name: peertube - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-postgres-exporter.git version: v0.12.0-0 - name: peertube + name: postgres-exporter - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-prometheus.git version: v2.43.0-0 name: prometheus From aa6b687ec903b3e8a4737eda94f5f55d64c13a51 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Wed, 17 May 2023 10:32:47 +0200 Subject: [PATCH 4/5] Switch role --- docs/services/postgres-exporter.md | 18 ++++----- group_vars/mash_servers | 59 +++++++++++++++++------------- requirements.yml | 6 +-- setup.yml | 3 +- 4 files changed, 47 insertions(+), 39 deletions(-) diff --git a/docs/services/postgres-exporter.md b/docs/services/postgres-exporter.md index e7e7001..e625530 100644 --- a/docs/services/postgres-exporter.md +++ b/docs/services/postgres-exporter.md @@ -1,6 +1,6 @@ # Postgres Exporter -This playbook can configure [Postgres Exporter](https://github.com/prometheus-community/postgres_exporter) by utilizing [mother-of-all-self-hosting/ansible-role-postgres-exporter](https://github.com/mother-of-all-self-hosting/ansible-role-postgres-exporter.git). +This playbook can configure [Postgres Exporter](https://github.com/prometheus-community/postgres_exporter) by utilizing [mother-of-all-self-hosting/ansible-role-postgres-exporter](https://github.com/mother-of-all-self-hosting/ansible-role-prometheus-postgres-exporter.git). ## Configuration @@ -10,24 +10,24 @@ To enable this service, add the following configuration to your `vars.yml` file ```yaml ######################################################################## # # -# postgres_exporter # +# prometheus_postgres_exporter # # # ######################################################################## -postgres_exporter_enabled: true +prometheus_postgres_exporter_enabled: true # To expose the metrics publicly, enable and configure the lines below: -# postgres_exporter_hostname: mash.example.com -# postgres_exporter_path_prefix: /metrics/postgres-exporter +# prometheus_postgres_exporter_hostname: mash.example.com +# prometheus_postgres_exporter_path_prefix: /metrics/postgres-exporter # To protect the metrics with HTTP Basic Auth, enable and configure the lines below: -# postgres_exporter_basicauth_enabled: true -# postgres_exporter_basicauth_user: your_username -# postgres_exporter_basicauth_password: your password +# prometheus_postgres_exporter_basicauth_enabled: true +# prometheus_postgres_exporter_basicauth_user: your_username +# prometheus_postgres_exporter_basicauth_password: your password ######################################################################## # # -# /postgres_exporter # +# /prometheus_postgres_exporter # # # ######################################################################## ``` diff --git a/group_vars/mash_servers b/group_vars/mash_servers index 0d46b8e..7c40643 100644 --- a/group_vars/mash_servers +++ b/group_vars/mash_servers @@ -163,6 +163,8 @@ devture_systemd_service_manager_services_list_auto: | + ([{'name': (prometheus_node_exporter_identifier + '.service'), 'priority': 500, 'groups': ['mash', 'metrics', 'prometheus-node-exporter']}] if prometheus_node_exporter_enabled else []) + + ([{'name': (prometheus_postgres_exporter_identifier + '.service'), 'priority': 500, 'groups': ['mash', 'metrics', 'prometheus-postgres-exporter']}] if prometheus_postgres_exporter_enabled else []) + + ([{'name': (radicale_identifier + '.service'), 'priority': 2000, 'groups': ['mash', 'radicale']}] if radicale_enabled else []) + ([{'name': (redmine_identifier + '.service'), 'priority': 2000, 'groups': ['mash', 'redmine']}] if redmine_enabled else []) @@ -300,10 +302,10 @@ devture_postgres_managed_databases_auto: | }] if peertube_enabled else []) + ([{ - 'name': postgres_exporter_database_name, - 'username': postgres_exporter_database_username, - 'password': postgres_exporter_database_password, - }] if postgres_exporter_enabled else []) + 'name': prometheus_postgres_exporter_database_name, + 'username': prometheus_postgres_exporter_database_username, + 'password': prometheus_postgres_exporter_database_password, + }] if prometheus_postgres_exporter_enabled else []) + ([{ 'name': firezone_database_name, @@ -1833,43 +1835,50 @@ peertube_systemd_required_services_list_auto: | ######################################################################## # # -# postgres_exporter # +# prometheus_postgres_exporter # # # ######################################################################## -postgres_exporter_enabled: false +prometheus_postgres_exporter_enabled: false -postgres_exporter_identifier: "{{ mash_playbook_service_identifier_prefix }}postgres-exporter" +prometheus_postgres_exporter_identifier: "{{ mash_playbook_service_identifier_prefix }}prometheus-postgres-exporter" -postgres_exporter_base_path: "{{ mash_playbook_base_path }}/{{ mash_playbook_service_base_directory_name_prefix }}postgres-exporter" +prometheus_postgres_exporter_base_path: "{{ mash_playbook_base_path }}/{{ mash_playbook_service_base_directory_name_prefix }}prometeus-postgres-exporter" -postgres_exporter_uid: "{{ mash_playbook_uid }}" -postgres_exporter_gid: "{{ mash_playbook_gid }}" +prometheus_postgres_exporter_uid: "{{ mash_playbook_uid }}" +prometheus_postgres_exporter_gid: "{{ mash_playbook_gid }}" -postgres_exporter_basicauth_enabled: "{{ postgres_exporter_container_labels_traefik_enabled }}" -postgres_exporter_basicauth_user: "{{ '%s' | format(mash_playbook_generic_secret_key) | password_hash('sha512', 'postgres-exporter.user', rounds=655555) | to_uuid }}" -postgres_exporter_basicauth_password: "{{ '%s' | format(mash_playbook_generic_secret_key) | password_hash('sha512', 'postgres-exporter.password', rounds=655555) | to_uuid }}" +prometheus_postgres_exporter_basicauth_enabled: "{{ prometheus_postgres_exporter_container_labels_traefik_enabled }}" +prometheus_postgres_exporter_basicauth_user: "{{ '%s' | format(mash_playbook_generic_secret_key) | password_hash('sha512', 'prometheus-postgres-exporter.user', rounds=655555) | to_uuid }}" +prometheus_postgres_exporter_basicauth_password: "{{ '%s' | format(mash_playbook_generic_secret_key) | password_hash('sha512', 'prometheus-postgres-exporter.password', rounds=655555) | to_uuid }}" -postgres_exporter_container_additional_networks: | +prometheus_postgres_exporter_container_additional_networks: | {{ ([mash_playbook_reverse_proxyable_services_additional_network] if mash_playbook_reverse_proxyable_services_additional_network else []) + - ([devture_postgres_container_network] if devture_postgres_enabled and postgres_exporter_database_hostname == devture_postgres_identifier and postgres_exporter_container_network != devture_postgres_container_network else []) + ([devture_postgres_container_network] if devture_postgres_enabled and prometheus_postgres_exporter_database_hostname == devture_postgres_identifier and prometheus_postgres_exporter_container_network != devture_postgres_container_network else []) }} +prometheus_postgres_exporter_server_fqn: "{{ prometheus_postgres_exporter_database_hostname }}" + # Only enable Traefik labels if a hostname is set (indicating that this will be exposed publicly) -postgres_exporter_container_labels_traefik_enabled: "{{ mash_playbook_traefik_labels_enabled and postgres_exporter_hostname | length > 0 }}" -postgres_exporter_container_labels_traefik_docker_network: "{{ mash_playbook_reverse_proxyable_services_additional_network }}" -postgres_exporter_container_labels_traefik_entrypoints: "{{ devture_traefik_entrypoint_primary }}" -postgres_exporter_container_labels_traefik_tls_certResolver: "{{ devture_traefik_certResolver_primary }}" +prometheus_postgres_exporter_container_labels_traefik_enabled: "{{ mash_playbook_traefik_labels_enabled and prometheus_postgres_exporter_hostname | length > 0 }}" +prometheus_postgres_exporter_container_labels_traefik_docker_network: "{{ mash_playbook_reverse_proxyable_services_additional_network }}" +prometheus_postgres_exporter_container_labels_traefik_entrypoints: "{{ devture_traefik_entrypoint_primary }}" +prometheus_postgres_exporter_container_labels_traefik_tls_certResolver: "{{ devture_traefik_certResolver_primary }}" -postgres_exporter_database_hostname: "{{ devture_postgres_connection_hostname if devture_postgres_enabled else '' }}" -postgres_exporter_database_username: postgres-exporter -postgres_exporter_database_password: "{{ devture_postgres_connection_password if devture_postgres_enabled else '' }}" -postgres_exporter_database_port: "{{ devture_postgres_connection_port if devture_postgres_enabled else 5432 }}" -postgres_exporter_database_ssl: false +prometheus_postgres_exporter_database_hostname: "{{ devture_postgres_connection_hostname if devture_postgres_enabled else '' }}" +prometheus_postgres_exporter_database_username: prometheus_postgres_exporter +prometheus_postgres_exporter_database_password: "{{ devture_postgres_connection_password if devture_postgres_enabled else '' }}" +prometheus_postgres_exporter_database_port: "{{ devture_postgres_connection_port if devture_postgres_enabled else 5432 }}" +prometheus_postgres_exporter_database_ssl: false -postgres_exporter_permission_grant_command: "{{ devture_postgres_bin_path }}/cli-non-interactive -c 'GRANT pg_monitor to \"{{ postgres_exporter_database_username }}\";'" +prometheus_postgres_exporter_systemd_required_services_list: | + {{ + ['docker.service'] + + + ([devture_postgres_identifier ~ '.service'] if devture_postgres_enabled else []) + }} ######################################################################## # # diff --git a/requirements.yml b/requirements.yml index 3b003f7..504d54b 100644 --- a/requirements.yml +++ b/requirements.yml @@ -112,9 +112,6 @@ - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-peertube.git version: v5.1.0-3 name: peertube -- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-postgres-exporter.git - version: v0.12.0-0 - name: postgres-exporter - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-prometheus.git version: v2.43.0-0 name: prometheus @@ -122,6 +119,9 @@ version: v0.23.0-3 - src: git+https://gitlab.com/etke.cc/roles/prometheus_node_exporter.git version: v1.5.0-7 +- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-prometheus-postgres-exporter.git + version: v0.12.0-0 + name: prometheus_postgres_exporter - src: git+https://gitlab.com/etke.cc/roles/radicale.git version: v3.1.8.2-3 - src: git+https://gitlab.com/etke.cc/roles/redis.git diff --git a/setup.yml b/setup.yml index 42d8692..210040e 100644 --- a/setup.yml +++ b/setup.yml @@ -106,11 +106,10 @@ - role: galaxy/peertube - - role: galaxy/postgres-exporter - - role: galaxy/prometheus - role: galaxy/prometheus_node_exporter - role: galaxy/prometheus_blackbox_exporter + - role: galaxy/prometheus_postgres_exporter - role: galaxy/radicale From 5ad1ab4cf81af48445bac210f3b940a323c8effc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Wed, 17 May 2023 13:43:36 +0200 Subject: [PATCH 5/5] Fix paths --- group_vars/mash_servers | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/group_vars/mash_servers b/group_vars/mash_servers index 7c40643..366d4b3 100644 --- a/group_vars/mash_servers +++ b/group_vars/mash_servers @@ -1843,7 +1843,7 @@ prometheus_postgres_exporter_enabled: false prometheus_postgres_exporter_identifier: "{{ mash_playbook_service_identifier_prefix }}prometheus-postgres-exporter" -prometheus_postgres_exporter_base_path: "{{ mash_playbook_base_path }}/{{ mash_playbook_service_base_directory_name_prefix }}prometeus-postgres-exporter" +prometheus_postgres_exporter_base_path: "{{ mash_playbook_base_path }}/{{ mash_playbook_service_base_directory_name_prefix }}prometheus-postgres-exporter" prometheus_postgres_exporter_uid: "{{ mash_playbook_uid }}" prometheus_postgres_exporter_gid: "{{ mash_playbook_gid }}" @@ -1859,7 +1859,7 @@ prometheus_postgres_exporter_container_additional_networks: | ([devture_postgres_container_network] if devture_postgres_enabled and prometheus_postgres_exporter_database_hostname == devture_postgres_identifier and prometheus_postgres_exporter_container_network != devture_postgres_container_network else []) }} -prometheus_postgres_exporter_server_fqn: "{{ prometheus_postgres_exporter_database_hostname }}" +prometheus_postgres_exporter_server_fqn: "{{ prometheus_postgres_exporter_hostname }}" # Only enable Traefik labels if a hostname is set (indicating that this will be exposed publicly) prometheus_postgres_exporter_container_labels_traefik_enabled: "{{ mash_playbook_traefik_labels_enabled and prometheus_postgres_exporter_hostname | length > 0 }}"