diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index ef2a7d9bb..a0358655e 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -4457,21 +4457,22 @@ prometheus_postgres_exporter_container_network: "{{ matrix_docker_network }}" prometheus_postgres_exporter_container_additional_networks: "{{ [matrix_playbook_reverse_proxyable_services_additional_network] if matrix_playbook_reverse_proxyable_services_additional_network else [] }}" -prometheus_postgres_exporter_container_labels_traefik_enabled: false +prometheus_postgres_exporter_container_labels_traefik_enabled: "{{ matrix_playbook_reverse_proxy_type in ['playbook-managed-traefik', 'other-traefik-container'] }}" prometheus_postgres_exporter_container_labels_traefik_docker_network: "{{ matrix_playbook_reverse_proxyable_services_additional_network }}" prometheus_postgres_exporter_container_labels_traefik_entrypoints: "{{ devture_traefik_entrypoint_primary }}" prometheus_postgres_exporter_container_labels_traefik_tls_certResolver: "{{ devture_traefik_certResolver_primary }}" +prometheus_postgres_exporter_container_labels_metrics_middleware_basic_auth_enabled: "{{ matrix_metrics_exposure_http_basic_auth_enabled }}" +prometheus_postgres_exporter_container_labels_metrics_middleware_basic_auth_users: "{{ matrix_metrics_exposure_http_basic_auth_users }}" + prometheus_postgres_exporter_database_hostname: "{{ devture_postgres_connection_hostname if devture_postgres_enabled else '' }}" prometheus_postgres_exporter_database_username: matrix_prometheus_postgres_exporter prometheus_postgres_exporter_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'prometheus.pg.db', rounds=655555) | to_uuid }}" prometheus_postgres_exporter_database_name: matrix_prometheus_postgres_exporter -prometheus_postgres_exporter_systemd_required_services_list: | +prometheus_postgres_exporter_systemd_required_services_list_auto: | {{ - ['docker.service'] - + - ([devture_postgres_identifier ~ '.service'] if devture_postgres_enabled else []) + ([devture_postgres_identifier ~ '.service'] if (devture_postgres_enabled and prometheus_postgres_exporter_database_hostname == devture_postgres_connection_hostname) else []) }} ###################################################################### diff --git a/roles/custom/matrix-prometheus-services-proxy-connect/defaults/main.yml b/roles/custom/matrix-prometheus-services-proxy-connect/defaults/main.yml deleted file mode 100644 index b0aab86c9..000000000 --- a/roles/custom/matrix-prometheus-services-proxy-connect/defaults/main.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- -# matrix-prometheus-services-proxy-connect is a role which helps integrate -# the various Prometheus roles, which may live outside this Matrix playbook, into it. - -# Controls whether postgres-exporter metrics should be proxied (exposed) on `matrix.DOMAIN/metrics/postgres-exporter`. -matrix_prometheus_services_proxy_connect_prometheus_postgres_exporter_metrics_proxying_enabled: false - -# If you are supplying your own NGINX proxy but want to use the provided exporters you will have to supply an ":" value for the containers to bind to on your host. -# If prometheus_node_exporter_container_http_host_bind_port is set to just a port number, this will default to "127.0.0.1:" -# If prometheus_node_exporter_container_http_host_bind_port is set to an IP that is not 0.0.0.0 and a port, that ":" value will be used -# Otherwise this value will be empty and you will have to manually configure your NGINX config file. (If you are using the config files generated by this playbook, you will have to edit matrix-domain.conf) -matrix_prometheus_services_proxy_connect_prometheus_postgres_exporter_matrix_nginx_proxy_not_enabled_proxy_pass_host: "{{ '127.0.0.1' + prometheus_postgres_exporter_container_http_host_bind_port_number_raw if not ':' in prometheus_postgres_exporter_container_http_host_bind_port else (prometheus_postgres_exporter_container_http_host_bind_port if prometheus_postgres_exporter_container_http_host_bind_port.split(':')[0] != '0.0.0.0' else '') }}" diff --git a/roles/custom/matrix-prometheus-services-proxy-connect/tasks/main.yml b/roles/custom/matrix-prometheus-services-proxy-connect/tasks/main.yml deleted file mode 100644 index 26f83028b..000000000 --- a/roles/custom/matrix-prometheus-services-proxy-connect/tasks/main.yml +++ /dev/null @@ -1,19 +0,0 @@ ---- - -- name: Fail if matrix-nginx-proxy role executed before matrix-prometheus-services-proxy-connect - when: matrix_nginx_proxy_role_executed | default(False) | bool - ansible.builtin.fail: - msg: >- - Trying to append node-exporter's reverse-proxying configuration to matrix-nginx-proxy, - but it's pointless since the matrix-nginx-proxy role had already executed. - To fix this, please change the order of roles in your playbook, - so that the matrix-nginx-proxy role would run after the matrix-prometheus-services-proxy-connect role. - -- tags: - - setup-all - - setup-nginx-proxy - - install-all - - install-nginx-proxy - block: - - when: prometheus_node_exporter_enabled | bool and matrix_prometheus_services_proxy_connect_prometheus_postgres_exporter_metrics_proxying_enabled | bool - ansible.builtin.include_tasks: "{{ role_path }}/tasks/prometheus-postgres-exporter/inject_into_nginx_proxy.yml" diff --git a/roles/custom/matrix-prometheus-services-proxy-connect/tasks/prometheus-postgres-exporter/inject_into_nginx_proxy.yml b/roles/custom/matrix-prometheus-services-proxy-connect/tasks/prometheus-postgres-exporter/inject_into_nginx_proxy.yml deleted file mode 100644 index f8143cac1..000000000 --- a/roles/custom/matrix-prometheus-services-proxy-connect/tasks/prometheus-postgres-exporter/inject_into_nginx_proxy.yml +++ /dev/null @@ -1,19 +0,0 @@ ---- - -- name: Generate postgres-exporter metrics proxying configuration for matrix-nginx-proxy (matrix.DOMAIN/metrics/postgres-exporter) - ansible.builtin.set_fact: - matrix_prometheus_services_proxy_connect_postgres_exporter_nginx_metrics_configuration_block: | - location /metrics/postgres-exporter { - {% if matrix_nginx_proxy_enabled | default(False) %} - {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; - set $backend "{{ prometheus_postgres_exporter_identifier }}:{{ prometheus_postgres_exporter_port }}"; - proxy_pass http://$backend/metrics; - {% elif matrix_prometheus_services_proxy_connect_prometheus_postgres_exporter_matrix_nginx_proxy_not_enabled_proxy_pass_host != '' %} - proxy_pass http://{{ matrix_prometheus_services_proxy_connect_prometheus_postgres_exporter_matrix_nginx_proxy_not_enabled_proxy_pass_host }}/metrics; - {% else %} - return 404 "matrix-nginx-proxy is disabled and no host port was bound to the container, so metrics are unavailable"; - {% endif %} - } - -# Injection code was here diff --git a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml index 42c26545d..9c0514b9a 100644 --- a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml +++ b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml @@ -132,6 +132,8 @@ - {'old': 'etherpad_nginx_proxy_dimension_integration_path_prefix', 'new': ''} - {'old': 'matrix_prometheus_services_proxy_connect_prometheus_node_exporter_metrics_proxying_enabled', 'new': ''} - {'old': 'matrix_prometheus_services_proxy_connect_prometheus_node_exporter_matrix_nginx_proxy_not_enabled_proxy_pass_host', 'new': ''} + - {'old': 'matrix_prometheus_services_proxy_connect_prometheus_postgres_exporter_metrics_proxying_enabled', 'new': ''} + - {'old': 'matrix_prometheus_services_proxy_connect_prometheus_postgres_exporter_metrics_proxying_enabledmatrix_prometheus_services_proxy_connect_prometheus_postgres_exporter_metrics_proxying_enabled', 'new': ''} - name: (Deprecation) Catch and report matrix_postgres variables ansible.builtin.fail: diff --git a/setup.yml b/setup.yml index 166e209e2..201ff90e7 100644 --- a/setup.yml +++ b/setup.yml @@ -99,7 +99,6 @@ - galaxy/prometheus - galaxy/grafana - custom/matrix-prometheus-services-connect - - custom/matrix-prometheus-services-proxy-connect - custom/matrix-registration - custom/matrix-client-element - custom/matrix-client-hydrogen