diff --git a/db.yml b/db.yml index feba3d5..07c2bdc 100644 --- a/db.yml +++ b/db.yml @@ -14,3 +14,6 @@ - role: node_exporter tags: - node_exporter + - role: postgres_exporter + tags: + - postgres_exporter diff --git a/roles/node_exporter/tasks/get_version.yml b/roles/node_exporter/tasks/get_version.yml index 4b865de..4d9c94d 100644 --- a/roles/node_exporter/tasks/get_version.yml +++ b/roles/node_exporter/tasks/get_version.yml @@ -10,9 +10,9 @@ - name: Set version set_fact: - version: "{{ _github_release.json.tag_name + tag: "{{ _github_release.json.tag_name | regex_replace('^v?([0-9\\.]+)$', '\\1') }}" - name: Set download_url set_fact: - download_url: "https://github.com/prometheus/node_exporter/releases/download/v{{ version }}/node_exporter-{{ version }}.linux-{{ go_arch }}.tar.gz" + download_url: "https://github.com/prometheus/node_exporter/releases/download/v{{ tag }}/node_exporter-{{ tag }}.linux-{{ go_arch }}.tar.gz" diff --git a/roles/node_exporter/tasks/install.yml b/roles/node_exporter/tasks/install.yml index c5269eb..ca2d6aa 100644 --- a/roles/node_exporter/tasks/install.yml +++ b/roles/node_exporter/tasks/install.yml @@ -8,7 +8,7 @@ - name: Move node_exporter into path copy: - src: "/tmp/node_exporter-{{ version }}.linux-{{ go_arch }}/node_exporter" + src: "/tmp/node_exporter-{{ tag }}.linux-{{ go_arch }}/node_exporter" dest: "{{ bin_path }}" mode: 755 remote_src: true diff --git a/roles/postgres/tasks/ansible_deps.yml b/roles/postgres/tasks/ansible_deps.yml index cef2b3a..5902707 100644 --- a/roles/postgres/tasks/ansible_deps.yml +++ b/roles/postgres/tasks/ansible_deps.yml @@ -1,7 +1,7 @@ --- - name: Update apt cache apt: - update_cache: yes + update_cache: true become: true - name: Install ansible dependencies diff --git a/roles/postgres/tasks/configuration.yml b/roles/postgres/tasks/configuration.yml index 82d8f9b..ea17a69 100644 --- a/roles/postgres/tasks/configuration.yml +++ b/roles/postgres/tasks/configuration.yml @@ -16,18 +16,18 @@ encoding: UTF8 lc_collate: "en_US.UTF-8" lc_ctype: "en_US.UTF-8" - become: yes + become: true become_user: postgres vars: ansible_remote_temp: "/tmp/" -- name: "Grant all privileges on database {{ db.name }} to {{ db.user }};" +- name: "Grant privileges to {{ db.user }}" community.postgresql.postgresql_privs: db: "{{ db.name }}" privs: ALL type: database roles: "{{ db.user }}" - become: yes + become: true become_user: postgres vars: ansible_remote_temp: "/tmp/" @@ -39,13 +39,13 @@ type: schema obj: "public" roles: "{{ db.user }}" - become: yes + become: true become_user: postgres vars: ansible_remote_temp: "/tmp/" -- name: "Allow md5 connection for the {{ db.user }} user" - postgresql_pg_hba: +- name: "Allow md5 connection for the user {{ db.user }}" + community.postgresql.postgresql_pg_hba: dest: "/etc/postgresql/15/main/pg_hba.conf" contype: host databases: all @@ -53,16 +53,17 @@ address: "{{ k3s.net }}" users: "{{ db.user }}" create: false - become: yes + become: true notify: - Restart postgres - name: "Set public listen address" become: true - lineinfile: + ansible.builtin.lineinfile: dest: "/etc/postgresql/15/main/conf.d/listen.conf" regexp: "^#?listen_addresses=" line: "listen_addresses='{{ db.listen_address | default('localhost') }}'" state: present - create: yes + mode: "644" + create: true notify: "Restart postgres" diff --git a/roles/postgres_exporter/handlers/main.yml b/roles/postgres_exporter/handlers/main.yml new file mode 100644 index 0000000..30e8c75 --- /dev/null +++ b/roles/postgres_exporter/handlers/main.yml @@ -0,0 +1,6 @@ +--- +- name: "Restart {{ bin_name }}" + ansible.builtin.service: + name: "{{ bin_name }}" + state: restarted + become: true diff --git a/roles/postgres_exporter/tasks/get_version.yml b/roles/postgres_exporter/tasks/get_version.yml new file mode 100644 index 0000000..4e26f7f --- /dev/null +++ b/roles/postgres_exporter/tasks/get_version.yml @@ -0,0 +1,18 @@ +--- +- name: Determine latest GitHub release (local) + delegate_to: localhost + ansible.builtin.uri: + url: "https://api.github.com/repos/{{ repository }}/releases/{{ version }}" + body_format: json + register: _github_release + until: _github_release.status == 200 + retries: 3 + +- name: Set version + ansible.builtin.set_fact: + tag: "{{ _github_release.json.tag_name + | regex_replace('^v?([0-9\\.]+)$', '\\1') }}" + +- name: Set download_url + ansible.builtin.set_fact: + download_url: "https://github.com/{{ repository }}/releases/download/v{{ tag }}/{{ bin_name }}-{{ tag }}.linux-{{ go_arch }}.tar.gz" diff --git a/roles/postgres_exporter/tasks/install.yml b/roles/postgres_exporter/tasks/install.yml new file mode 100644 index 0000000..4b349ec --- /dev/null +++ b/roles/postgres_exporter/tasks/install.yml @@ -0,0 +1,29 @@ +--- +- name: Download/Extract "{{ download_url }}" + ansible.builtin.unarchive: + src: "{{ download_url }}" + dest: /tmp/ + remote_src: true + mode: "755" + +- name: "Move binary into path: {{ bin_path }}" + ansible.builtin.copy: + src: "/tmp/{{ bin_name }}-{{ tag }}.linux-{{ go_arch }}/{{ bin_name }}" + dest: "{{ bin_path }}" + mode: "755" + remote_src: true + become: true + +- name: "Create user: {{ bin_name }}" + ansible.builtin.user: + name: "{{ bin_name }}" + shell: /sbin/nologin + state: present + become: true + +- name: Copy the node_exporter systemd unit file. + ansible.builtin.template: + src: "{{ bin_name }}.service.j2" + dest: "/etc/systemd/system/{{ bin_name }}.service" + mode: "644" + become: true diff --git a/roles/postgres_exporter/tasks/main.yml b/roles/postgres_exporter/tasks/main.yml new file mode 100644 index 0000000..58037ed --- /dev/null +++ b/roles/postgres_exporter/tasks/main.yml @@ -0,0 +1,7 @@ +--- +- name: Get Version + ansible.builtin.include_tasks: get_version.yml +- name: Install exporter + ansible.builtin.include_tasks: install.yml +- name: Create service + ansible.builtin.include_tasks: systemd.yml diff --git a/roles/postgres_exporter/tasks/systemd.yml b/roles/postgres_exporter/tasks/systemd.yml new file mode 100644 index 0000000..bbe29ab --- /dev/null +++ b/roles/postgres_exporter/tasks/systemd.yml @@ -0,0 +1,10 @@ +--- +- name: "Ensure service is running and enabled: {{ bin_name }}" + ansible.builtin.service: + name: "{{ bin_name }}" + state: started + daemon_reload: true + enabled: true + notify: + - Restart "{{ bin_name }}" + become: true diff --git a/roles/postgres_exporter/templates/postgres_exporter.service.j2 b/roles/postgres_exporter/templates/postgres_exporter.service.j2 new file mode 100644 index 0000000..1c50b77 --- /dev/null +++ b/roles/postgres_exporter/templates/postgres_exporter.service.j2 @@ -0,0 +1,14 @@ +[Unit] +Description=PostgresExporter + +[Service] +TimeoutStartSec=0 +User={{ bin_name }} +ExecStart={{ bin_path }} --web.listen-address={{ host.ip }}:{{ bind_port }} {{ options }} +Environment="DATA_SOURCE_URI=localhost:5432/postgres?sslmode=disable" +Environment="DATA_SOURCE_USER={{ db.user }}" +Environment="DATA_SOURCE_PASS={{ db.password }}" + +[Install] +WantedBy=multi-user.target + diff --git a/roles/postgres_exporter/vars/main.yml b/roles/postgres_exporter/vars/main.yml new file mode 100644 index 0000000..b2a6049 --- /dev/null +++ b/roles/postgres_exporter/vars/main.yml @@ -0,0 +1,16 @@ +go_arch_map: + i386: "386" + x86_64: "amd64" + aarch64: "arm64" + armv7l: "armv7" + armv6l: "armv6" + +go_arch: "{{ go_arch_map[ansible_architecture] | default(ansible_architecture) }}" + +repository: "prometheus-community/postgres_exporter" +bind_port: 9187 +version: "latest" +serve: "localhost" +options: "" +bin_name: postgres_exporter +bin_path: "/usr/local/bin/{{ bin_name }}"