From 262caf0d59ec904804301053a622918c4aa2f161 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sat, 13 Jan 2024 16:50:44 +0200 Subject: [PATCH] Add native Traefik support to matrix-prometheus-nginxlog-exporter --- ...onfiguring-playbook-prometheus-nginxlog.md | 25 +++++----- group_vars/matrix_servers | 30 ++++++++++-- .../defaults/main.yml | 48 +++++++++++++++++-- .../tasks/inject_into_nginx_proxy.yml | 23 --------- .../tasks/main.yml | 9 ---- .../tasks/setup_install.yml | 10 ++++ .../tasks/validate_config.yml | 19 ++++++++ .../templates/labels.j2 | 36 ++++++++++++++ .../prometheus-nginxlog-exporter.yaml.j2 | 4 +- ...ix-prometheus-nginxlog-exporter.service.j2 | 24 ++++++---- 10 files changed, 165 insertions(+), 63 deletions(-) delete mode 100644 roles/custom/matrix-prometheus-nginxlog-exporter/tasks/inject_into_nginx_proxy.yml create mode 100644 roles/custom/matrix-prometheus-nginxlog-exporter/templates/labels.j2 diff --git a/docs/configuring-playbook-prometheus-nginxlog.md b/docs/configuring-playbook-prometheus-nginxlog.md index 7d54e4182..1f588edb8 100644 --- a/docs/configuring-playbook-prometheus-nginxlog.md +++ b/docs/configuring-playbook-prometheus-nginxlog.md @@ -10,12 +10,6 @@ You can enable this role by adding the following settings in your configuration ```yaml matrix_prometheus_nginxlog_exporter_enabled: true - -# required depency -prometheus_enabled: true - -# optional for visualization -grafana_enabled: true ``` x | Prerequisites | Variable | Description @@ -27,8 +21,9 @@ _Optional_ | [`matrix-grafana`](configuring-playbook-prometheus-grafana.md) | [` At the moment of writing only images for `amd64` and `arm64` architectures are available -The playbook currently does not support building an image. -You can however use a custom-build image by setting +The playbook currently does not support [self-building](./self-building.md) a container image on other architectures. +You can however use a custom-build image by setting: + ```yaml matrix_prometheus_nginxlog_exporter_docker_image_arch_check_enabled: false matrix_prometheus_nginxlog_exporter_docker_image: path/to/docker/image:tag @@ -41,10 +36,14 @@ Please make sure you change the default Grafana password. ## Save metrics on an external Prometheus server -The playbook will automatically integrate the metrics into the Prometheus server provided with this playbook. You can choose to save data on an external Prometheus instance. +The playbook will automatically integrate the metrics into the [Prometheus](./configuring-playbook-prometheus-grafana.md) server provided with this playbook (if enabled). In such cases, the metrics endpoint is not exposed publicly - it's only available on the container network. + +When using an external Prometheus server, you'll need to expose metrics publicly. See [Collecting metrics to an external Prometheus server](./configuring-playbook-prometheus-grafana.md#collecting-metrics-to-an-external-prometheus-server). + +You can either use `matrix_prometheus_nginxlog_exporter_metrics_proxying_enabled: true` to expose just this one service, or `matrix_metrics_exposure_enabled: true` to expose all services. + +Whichever way you go with, this service will expose its metrics endpoint **without password-protection** at `https://matrix.DOMAIN/metrics/nginxlog` by default. + +For password-protection, use (`matrix_metrics_exposure_http_basic_auth_enabled` and `matrix_metrics_exposure_http_basic_auth_users`) or (`matrix_prometheus_nginxlog_exporter_container_labels_metrics_middleware_basic_auth_enabled` and `matrix_prometheus_nginxlog_exporter_container_labels_metrics_middleware_basic_auth_users`). -The metrics of this role will be exposed on `https://matrix.DOMAIN/metrics/nginxlog` when setting -```yaml -matrix_prometheus_nginxlog_exporter_metrics_proxying_enabled: true -``` diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index f4c172efa..1c7ead382 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -3303,6 +3303,8 @@ matrix_nginx_proxy_container_additional_networks: | ( ([matrix_playbook_reverse_proxyable_services_additional_network] if matrix_playbook_reverse_proxyable_services_additional_network else []) + + ([matrix_prometheus_nginxlog_exporter_container_network] if (matrix_prometheus_nginxlog_exporter_enabled and matrix_prometheus_nginxlog_exporter_container_network != matrix_nginx_proxy_container_network) else []) + + ([jitsi_container_network] if jitsi_enabled and matrix_playbook_reverse_proxy_type == 'playbook-managed-nginx' and jitsi_container_network != matrix_nginx_proxy_container_network else []) ) | unique }} @@ -3455,7 +3457,7 @@ matrix_ssl_architecture: "{{ matrix_ssl_pre_obtaining_required_service_name: "{{ 'matrix-dynamic-dns' if matrix_dynamic_dns_enabled else '' }}" matrix_nginx_proxy_access_log_syslog_integration_enabled: "{{ matrix_prometheus_nginxlog_exporter_enabled }}" -matrix_nginx_proxy_access_log_syslog_integration_server_port: "{{ (matrix_prometheus_nginxlog_exporter_container_hostname | string +':'+ matrix_prometheus_nginxlog_exporter_container_syslog_port | string) | default('') }}" +matrix_nginx_proxy_access_log_syslog_integration_server_port: "{{ (matrix_prometheus_nginxlog_exporter_identifier | string +':'+ matrix_prometheus_nginxlog_exporter_container_syslog_port | string) | default('') }}" ###################################################################### # @@ -4364,8 +4366,7 @@ matrix_synapse_reverse_proxy_companion_synapse_media_repository_locations: "{{ma matrix_synapse_reverse_proxy_companion_synapse_user_dir_locations: "{{ matrix_synapse_workers_user_dir_worker_client_server_endpoints|default([]) }}" matrix_synapse_reverse_proxy_companion_access_log_syslog_integration_enabled: "{{ matrix_prometheus_nginxlog_exporter_enabled }}" -matrix_synapse_reverse_proxy_companion_access_log_syslog_integration_server_port: "{{ (matrix_prometheus_nginxlog_exporter_container_hostname | string +':'+ matrix_prometheus_nginxlog_exporter_container_syslog_port | string) | default('') }}" - +matrix_synapse_reverse_proxy_companion_access_log_syslog_integration_server_port: "{{ (matrix_prometheus_nginxlog_exporter_identifier | string +':'+ matrix_prometheus_nginxlog_exporter_container_syslog_port | string) | default('') }}" ###################################################################### # @@ -4493,6 +4494,27 @@ prometheus_postgres_exporter_systemd_required_services_list_auto: | matrix_prometheus_nginxlog_exporter_enabled: false +matrix_prometheus_nginxlog_exporter_identifier: matrix-prometheus-nginxlog-exporter + +matrix_prometheus_nginxlog_exporter_hostname: "{{ matrix_server_fqn_matrix }}" + +matrix_prometheus_nginxlog_exporter_container_network: matrix-prometheus-nginxlog-exporter + +matrix_prometheus_nginxlog_exporter_container_labels_traefik_enabled: "{{ matrix_metrics_exposure_enabled }}" +matrix_prometheus_nginxlog_exporter_container_labels_traefik_docker_network: "{{ matrix_playbook_reverse_proxyable_services_additional_network }}" +matrix_prometheus_nginxlog_exporter_container_labels_traefik_entrypoints: "{{ devture_traefik_entrypoint_primary }}" +matrix_prometheus_nginxlog_exporter_container_labels_traefik_tls_certResolver: "{{ devture_traefik_certResolver_primary }}" + +matrix_prometheus_nginxlog_exporter_container_labels_metrics_middleware_basic_auth_enabled: "{{ matrix_metrics_exposure_http_basic_auth_enabled }}" +matrix_prometheus_nginxlog_exporter_container_labels_metrics_middleware_basic_auth_users: "{{ matrix_metrics_exposure_http_basic_auth_users }}" + +matrix_prometheus_nginxlog_exporter_config_namespaces_matrix_source_tags_auto: | + {{ + ([matrix_synapse_reverse_proxy_companion_access_log_syslog_integration_tag] if matrix_synapse_reverse_proxy_companion_access_log_syslog_integration_enabled else []) + + + ([matrix_homeserver_proxy_access_log_syslog_integration_tag] if matrix_homeserver_proxy_access_log_syslog_integration_enabled else []) + }} + ###################################################################### # # /matrix-prometheus-nginxlog-exporter @@ -4589,7 +4611,7 @@ matrix_prometheus_services_connect_scraper_hookshot_enabled: "{{ matrix_hookshot matrix_prometheus_services_connect_scraper_hookshot_static_configs_target: "{{ matrix_hookshot_container_url }}:{{ matrix_hookshot_metrics_port | string }}" matrix_prometheus_services_connect_scraper_nginxlog_enabled: "{{ matrix_prometheus_nginxlog_exporter_enabled }}" -matrix_prometheus_services_connect_scraper_nginxlog_static_configs_target: "{{ matrix_prometheus_nginxlog_exporter_container_hostname }}:{{ matrix_prometheus_nginxlog_exporter_container_metrics_port | string }}" +matrix_prometheus_services_connect_scraper_nginxlog_static_configs_target: "{{ matrix_prometheus_nginxlog_exporter_identifier }}:{{ matrix_prometheus_nginxlog_exporter_container_metrics_port | string }}" matrix_prometheus_services_connect_scraper_media_repo_enabled: "{{ matrix_media_repo_enabled and matrix_media_repo_metrics_enabled }}" matrix_prometheus_services_connect_scraper_media_repo_static_configs_target: "{{ matrix_media_repo_identifier }}:{{ matrix_media_repo_metrics_port }}" diff --git a/roles/custom/matrix-prometheus-nginxlog-exporter/defaults/main.yml b/roles/custom/matrix-prometheus-nginxlog-exporter/defaults/main.yml index 5b6a9b87c..ea1cbe13f 100644 --- a/roles/custom/matrix-prometheus-nginxlog-exporter/defaults/main.yml +++ b/roles/custom/matrix-prometheus-nginxlog-exporter/defaults/main.yml @@ -3,10 +3,16 @@ # See: https://github.com/martin-helmich/prometheus-nginxlog-exporter/ matrix_prometheus_nginxlog_exporter_enabled: true + +matrix_prometheus_nginxlog_exporter_identifier: '' + +# You don't need to configure a hostname and path prefix if you're not exposing this. +matrix_prometheus_nginxlog_exporter_hostname: '' +matrix_prometheus_nginxlog_exporter_path_prefix: "/metrics/nginxlog" + # renovate: datasource=docker depName=ghcr.io/martin-helmich/prometheus-nginxlog-exporter/exporter matrix_prometheus_nginxlog_exporter_version: v1.10.0 -matrix_prometheus_nginxlog_exporter_container_hostname: 'matrix-prometheus-nginxlog-exporter' matrix_prometheus_nginxlog_exporter_container_metrics_port: '4040' matrix_prometheus_nginxlog_exporter_container_syslog_port: '6514' @@ -19,7 +25,8 @@ matrix_prometheus_nginxlog_exporter_docker_image_arch_check_enabled: true # Controls whether prometheus-nginxlog-exporter metrics should be proxied (exposed) on a public URL matrix_prometheus_nginxlog_exporter_metrics_proxying_enabled: false -# TODO - add more variables for controlling the hostname, path prefix, etc. +matrix_prometheus_nginxlog_exporter_metrics_proxying_hostname: '' +matrix_prometheus_nginxlog_exporter_metrics_proxying_path_prefix: '' # matrix_prometheus_nginxlog_exporter_dashboard_urls contains a list of URLs with Grafana dashboard definitions. # If the Grafana role is enabled, these dashboards will be downloaded. @@ -28,13 +35,42 @@ matrix_prometheus_nginxlog_exporter_dashboard_urls: [] matrix_prometheus_nginxlog_exporter_base_path: "{{ matrix_base_data_path }}/prometheus-nginxlog-exporter" matrix_prometheus_nginxlog_exporter_config_path: "{{ matrix_prometheus_nginxlog_exporter_base_path }}/config" -matrix_prometheus_nginxlog_exporter_container_network: "{{ matrix_docker_network }}" +matrix_prometheus_nginxlog_exporter_container_network: "{{ matrix_prometheus_nginxlog_exporter_identifier }}" + +# matrix_prometheus_nginxlog_exporter_container_labels_traefik_enabled controls whether labels to assist a Traefik reverse-proxy will be attached to the container. +# See `../templates/labels.j2` for details. +# +# To inject your own other container labels, see `matrix_prometheus_nginxlog_exporter_container_labels_additional_labels`. +matrix_prometheus_nginxlog_exporter_container_labels_traefik_enabled: "{{ true if matrix_prometheus_nginxlog_exporter_hostname else false }}" +matrix_prometheus_nginxlog_exporter_container_labels_traefik_docker_network: "{{ matrix_prometheus_nginxlog_exporter_container_network }}" +matrix_prometheus_nginxlog_exporter_container_labels_traefik_hostname: "{{ matrix_prometheus_nginxlog_exporter_hostname }}" +# The path prefix must either be `/` or not end with a slash (e.g. `/metrics`). +matrix_prometheus_nginxlog_exporter_container_labels_traefik_path_prefix: "{{ matrix_prometheus_nginxlog_exporter_path_prefix }}" +matrix_prometheus_nginxlog_exporter_container_labels_traefik_rule: "Host(`{{ matrix_prometheus_nginxlog_exporter_container_labels_traefik_hostname }}`) && PathPrefix(`{{ matrix_prometheus_nginxlog_exporter_container_labels_traefik_path_prefix | quote }}`)" +matrix_prometheus_nginxlog_exporter_container_labels_traefik_entrypoints: web-secure +matrix_prometheus_nginxlog_exporter_container_labels_traefik_tls: "{{ matrix_prometheus_nginxlog_exporter_container_labels_traefik_entrypoints != 'web' }}" +matrix_prometheus_nginxlog_exporter_container_labels_traefik_tls_certResolver: default # noqa var-naming +matrix_prometheus_nginxlog_exporter_container_labels_metrics_middleware_basic_auth_enabled: false +# See: https://doc.traefik.io/traefik/middlewares/http/basicauth/#users +matrix_prometheus_nginxlog_exporter_container_labels_metrics_middleware_basic_auth_users: '' + +# matrix_prometheus_nginxlog_exporter_container_labels_additional_labels contains a multiline string with additional labels to add to the container label file. +# See `../templates/labels.j2` for details. +# +# Example: +# matrix_prometheus_nginxlog_exporter_container_labels_additional_labels: | +# my.label=1 +# another.label="here" +matrix_prometheus_nginxlog_exporter_container_labels_additional_labels: '' # A list of extra docker arguments to pass to the container matrix_prometheus_nginxlog_exporter_container_extra_arguments: [] # List of systemd services that matrix-prometheus_nginxlog_exporter.service depends on -matrix_prometheus_nginxlog_exporter_systemd_required_services_list: ['docker.service'] +matrix_prometheus_nginxlog_exporter_systemd_required_services_list: "{{ matrix_prometheus_nginxlog_exporter_systemd_required_services_list_default + matrix_prometheus_nginxlog_exporter_systemd_required_services_list_auto + matrix_prometheus_nginxlog_exporter_systemd_required_services_list_custom }}" +matrix_prometheus_nginxlog_exporter_systemd_required_services_list_default: ['docker.service'] +matrix_prometheus_nginxlog_exporter_systemd_required_services_list_auto: [] +matrix_prometheus_nginxlog_exporter_systemd_required_services_list_custom: [] # List of systemd services that matrix-prometheus_nginxlog_exporter.service wants matrix_prometheus_nginxlog_exporter_systemd_wanted_services_list: [] @@ -49,3 +85,7 @@ matrix_prometheus_nginxlog_exporter_container_http_host_bind_port: '' # Takes an ":" or "" value (e.g. "127.0.0.1:6514"), or empty string to not expose. # NOTE: is an UDP connection! matrix_prometheus_nginxlog_exporter_container_syslog_host_bind_port: '' + +matrix_prometheus_nginxlog_exporter_config_namespaces_matrix_source_tags: "{{ matrix_prometheus_nginxlog_exporter_config_namespaces_matrix_source_tags_auto + matrix_prometheus_nginxlog_exporter_config_namespaces_matrix_source_tags_custom }}" +matrix_prometheus_nginxlog_exporter_config_namespaces_matrix_source_tags_auto: [] +matrix_prometheus_nginxlog_exporter_config_namespaces_matrix_source_tags_custom: [] diff --git a/roles/custom/matrix-prometheus-nginxlog-exporter/tasks/inject_into_nginx_proxy.yml b/roles/custom/matrix-prometheus-nginxlog-exporter/tasks/inject_into_nginx_proxy.yml deleted file mode 100644 index cbd3f9175..000000000 --- a/roles/custom/matrix-prometheus-nginxlog-exporter/tasks/inject_into_nginx_proxy.yml +++ /dev/null @@ -1,23 +0,0 @@ ---- - -- name: Fail if matrix-nginx-proxy role already executed - ansible.builtin.fail: - msg: >- - Trying to append prometheus-nginxlog-exporter's configuration to matrix-nginx-proxy, - but it's pointless since the matrix-nginx-proxy role is already executed. - To fix this, please change the order of roles in your playbook to make sure that - the matrix-nginx-proxy role is run after the prometheus-nginxlog-exporter role. - when: matrix_nginx_proxy_role_executed | default(False) | bool - -- name: Generate prometheus-nginxlog-exporter's metrics proxying configuration for matrix-nginx-proxy (matrix.DOMAIN/metrics/nginxlog) - ansible.builtin.set_fact: - matrix_prometheus_nginxlog_exporter_matrix_nginx_proxy_metrics_configuration_matrix_domain: | - location /metrics/nginxlog { - {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; - set $backend "{{ matrix_prometheus_nginxlog_exporter_container_hostname }}:{{ matrix_prometheus_nginxlog_exporter_container_metrics_port }}"; - proxy_pass http://$backend/metrics; - } - when: matrix_prometheus_nginxlog_exporter_metrics_proxying_enabled | bool and matrix_nginx_proxy_enabled | bool - -# Injection code was here diff --git a/roles/custom/matrix-prometheus-nginxlog-exporter/tasks/main.yml b/roles/custom/matrix-prometheus-nginxlog-exporter/tasks/main.yml index ad0474604..124bb61d9 100644 --- a/roles/custom/matrix-prometheus-nginxlog-exporter/tasks/main.yml +++ b/roles/custom/matrix-prometheus-nginxlog-exporter/tasks/main.yml @@ -1,14 +1,5 @@ --- -- tags: - - setup-all - - setup-prometheus-nginxlog-exporter - - install-all - - install-prometheus-nginxlog-exporter - block: - - when: matrix_prometheus_nginxlog_exporter_enabled | bool - ansible.builtin.include_tasks: "{{ role_path }}/tasks/inject_into_nginx_proxy.yml" - - tags: - setup-all - setup-prometheus-nginxlog-exporter diff --git a/roles/custom/matrix-prometheus-nginxlog-exporter/tasks/setup_install.yml b/roles/custom/matrix-prometheus-nginxlog-exporter/tasks/setup_install.yml index 8d3fe1d49..37cf96c29 100644 --- a/roles/custom/matrix-prometheus-nginxlog-exporter/tasks/setup_install.yml +++ b/roles/custom/matrix-prometheus-nginxlog-exporter/tasks/setup_install.yml @@ -30,6 +30,16 @@ owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" +- name: Ensure prometheus-nginxlog-exporter support files installed + ansible.builtin.template: + src: "{{ role_path }}/templates/{{ item }}.j2" + dest: "{{ matrix_prometheus_nginxlog_exporter_base_path }}/{{ item }}" + mode: 0640 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + with_items: + - labels + - name: Ensure prometheus-nginxlog-exporter container network is created community.general.docker_network: name: "{{ matrix_prometheus_nginxlog_exporter_container_network }}" diff --git a/roles/custom/matrix-prometheus-nginxlog-exporter/tasks/validate_config.yml b/roles/custom/matrix-prometheus-nginxlog-exporter/tasks/validate_config.yml index 8519c72e3..bf97f4cbc 100644 --- a/roles/custom/matrix-prometheus-nginxlog-exporter/tasks/validate_config.yml +++ b/roles/custom/matrix-prometheus-nginxlog-exporter/tasks/validate_config.yml @@ -1,5 +1,14 @@ --- +- name: (Deprecation) Catch and report renamed prometheus-nginxlog-exporter settings + ansible.builtin.fail: + msg: >- + Your configuration contains a variable, which now has a different name. + Please change your configuration to rename the variable (`{{ item.old }}` -> `{{ item.new }}`). + when: "item.old in vars" + with_items: + - {'old': 'matrix_prometheus_nginxlog_exporter_container_hostname', 'new': 'matrix_prometheus_nginxlog_exporter_identifier'} + - name: Fail if docker image not availble for arch ansible.builtin.fail: msg: > @@ -16,3 +25,13 @@ in vars.yml when: matrix_prometheus_nginxlog_exporter_docker_image_arch_check_enabled and matrix_architecture not in matrix_prometheus_nginxlog_exporter_docker_image_arch + +- name: Fail if required prometheus-nginxlog-exporter settings not defined + ansible.builtin.fail: + msg: >- + You need to define a required configuration setting (`{{ item.name }}`). + when: "item.when | bool and vars[item.name] == ''" + with_items: + - {'name': 'matrix_prometheus_nginxlog_exporter_metrics_proxying_hostname', when: "{{ matrix_prometheus_nginxlog_exporter_metrics_proxying_enabled }}"} + - {'name': 'matrix_prometheus_nginxlog_exporter_metrics_proxying_path_prefix', when: "{{ matrix_prometheus_nginxlog_exporter_metrics_proxying_enabled }}"} + - {'name': 'matrix_prometheus_nginxlog_exporter_container_network', when: true} diff --git a/roles/custom/matrix-prometheus-nginxlog-exporter/templates/labels.j2 b/roles/custom/matrix-prometheus-nginxlog-exporter/templates/labels.j2 new file mode 100644 index 000000000..e5aa3c620 --- /dev/null +++ b/roles/custom/matrix-prometheus-nginxlog-exporter/templates/labels.j2 @@ -0,0 +1,36 @@ +{% if matrix_prometheus_nginxlog_exporter_container_labels_traefik_enabled %} +traefik.enable=true + +{% if matrix_prometheus_nginxlog_exporter_container_labels_traefik_docker_network %} +traefik.docker.network={{ matrix_prometheus_nginxlog_exporter_container_labels_traefik_docker_network }} +{% endif %} + +traefik.http.services.{{ matrix_prometheus_nginxlog_exporter_identifier }}.loadbalancer.server.port={{ matrix_prometheus_nginxlog_exporter_container_metrics_port }} + +{% set middlewares = [] %} + +{% if matrix_prometheus_nginxlog_exporter_container_labels_metrics_middleware_basic_auth_enabled %} +{% set middlewares = middlewares + [matrix_prometheus_nginxlog_exporter_identifier + '-basic-auth'] %} +traefik.http.middlewares.{{ matrix_prometheus_nginxlog_exporter_identifier }}-basic-auth.basicauth.users={{ matrix_prometheus_nginxlog_exporter_container_labels_metrics_middleware_basic_auth_users }} +{% endif %} + +{% set middlewares = middlewares + [matrix_prometheus_nginxlog_exporter_identifier + '-replacepath'] %} +traefik.http.middlewares.{{ matrix_prometheus_nginxlog_exporter_identifier }}-replacepath.replacepath.path=/metrics + +traefik.http.routers.{{ matrix_prometheus_nginxlog_exporter_identifier }}.rule={{ matrix_prometheus_nginxlog_exporter_container_labels_traefik_rule }} + +{% if middlewares | length > 0 %} +traefik.http.routers.{{ matrix_prometheus_nginxlog_exporter_identifier }}.middlewares={{ middlewares | join(',') }} +{% endif %} + +traefik.http.routers.{{ matrix_prometheus_nginxlog_exporter_identifier }}.service={{ matrix_prometheus_nginxlog_exporter_identifier }} +traefik.http.routers.{{ matrix_prometheus_nginxlog_exporter_identifier }}.entrypoints={{ matrix_prometheus_nginxlog_exporter_container_labels_traefik_entrypoints }} + + +traefik.http.routers.{{ matrix_prometheus_nginxlog_exporter_identifier }}.tls={{ matrix_prometheus_nginxlog_exporter_container_labels_traefik_tls | to_json }} +{% if matrix_prometheus_nginxlog_exporter_container_labels_traefik_tls %} +traefik.http.routers.{{ matrix_prometheus_nginxlog_exporter_identifier }}.tls.certResolver={{ matrix_prometheus_nginxlog_exporter_container_labels_traefik_tls_certResolver }} +{% endif %} +{% endif %} + +{{ matrix_prometheus_nginxlog_exporter_container_labels_additional_labels }} diff --git a/roles/custom/matrix-prometheus-nginxlog-exporter/templates/prometheus-nginxlog-exporter.yaml.j2 b/roles/custom/matrix-prometheus-nginxlog-exporter/templates/prometheus-nginxlog-exporter.yaml.j2 index 38db07eb8..2816ec087 100644 --- a/roles/custom/matrix-prometheus-nginxlog-exporter/templates/prometheus-nginxlog-exporter.yaml.j2 +++ b/roles/custom/matrix-prometheus-nginxlog-exporter/templates/prometheus-nginxlog-exporter.yaml.j2 @@ -16,7 +16,7 @@ namespaces: listen_address: "udp://0.0.0.0:{{ matrix_prometheus_nginxlog_exporter_container_syslog_port }}" # format options: "rfc3164" ,"rfc5424", "rfc6587", "auto" format: auto - tags: ["matrix_nginx_proxy", "matrix_nginx_proxy_companion"] + tags: {{ matrix_prometheus_nginxlog_exporter_config_namespaces_matrix_source_tags | to_json }} relabel_configs: - target_label: request_uri from: request @@ -54,4 +54,4 @@ namespaces: - target_label: request_host from: host - target_label: log_source - from: log_source \ No newline at end of file + from: log_source diff --git a/roles/custom/matrix-prometheus-nginxlog-exporter/templates/systemd/matrix-prometheus-nginxlog-exporter.service.j2 b/roles/custom/matrix-prometheus-nginxlog-exporter/templates/systemd/matrix-prometheus-nginxlog-exporter.service.j2 index 81ba3e7da..71cb564b9 100644 --- a/roles/custom/matrix-prometheus-nginxlog-exporter/templates/systemd/matrix-prometheus-nginxlog-exporter.service.j2 +++ b/roles/custom/matrix-prometheus-nginxlog-exporter/templates/systemd/matrix-prometheus-nginxlog-exporter.service.j2 @@ -1,6 +1,6 @@ #jinja2: lstrip_blocks: "True" [Unit] -Description={{ matrix_prometheus_nginxlog_exporter_container_hostname }} +Description=prometheus-nginxlog-exporteer ({{ matrix_prometheus_nginxlog_exporter_identifier }}) {% for service in matrix_prometheus_nginxlog_exporter_systemd_required_services_list %} Requires={{ service }} After={{ service }} @@ -13,11 +13,12 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop --time={{ devture_systemd_docker_base_container_stop_grace_time_seconds }} {{ matrix_prometheus_nginxlog_exporter_container_hostname }} 2>/dev/null || true' -ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm {{ matrix_prometheus_nginxlog_exporter_container_hostname }} 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop --time={{ devture_systemd_docker_base_container_stop_grace_time_seconds }} {{ matrix_prometheus_nginxlog_exporter_identifier }} 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm {{ matrix_prometheus_nginxlog_exporter_identifier }} 2>/dev/null || true' - -ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_prometheus_nginxlog_exporter_container_hostname }} \ +ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \ + --rm \ + --name={{ matrix_prometheus_nginxlog_exporter_identifier }} \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -30,17 +31,24 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name -p {{ matrix_prometheus_nginxlog_exporter_container_syslog_host_bind_port }}:{{ matrix_prometheus_nginxlog_exporter_container_syslog_port }}/udp \ {% endif %} --mount type=bind,src={{ matrix_prometheus_nginxlog_exporter_config_path }},dst=/etc/prometheus-nginxlog-exporter \ + --label-file={{ matrix_prometheus_nginxlog_exporter_base_path }}/labels \ {% for arg in matrix_prometheus_nginxlog_exporter_container_extra_arguments %} {{ arg }} \ {% endfor %} {{ matrix_prometheus_nginxlog_exporter_docker_image }} \ -config-file /etc/prometheus-nginxlog-exporter/prometheus-nginxlog-exporter.yaml -ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop --time={{ devture_systemd_docker_base_container_stop_grace_time_seconds }} {{ matrix_prometheus_nginxlog_exporter_container_hostname }} 2>/dev/null || true' -ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm {{ matrix_prometheus_nginxlog_exporter_container_hostname }} 2>/dev/null || true' +{% for network in matrix_mautrix_facebook_container_additional_networks %} +ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} {{ matrix_prometheus_nginxlog_exporter_identifier }} +{% endfor %} + +ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach {{ matrix_prometheus_nginxlog_exporter_identifier }} + +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop --time={{ devture_systemd_docker_base_container_stop_grace_time_seconds }} {{ matrix_prometheus_nginxlog_exporter_identifier }} 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm {{ matrix_prometheus_nginxlog_exporter_identifier }} 2>/dev/null || true' Restart=always RestartSec=30 -SyslogIdentifier={{ matrix_prometheus_nginxlog_exporter_container_hostname }} +SyslogIdentifier={{ matrix_prometheus_nginxlog_exporter_identifier }} [Install] WantedBy=multi-user.target