action [:enable, :start]
end
-jobs = {}
-
search(:node, "roles:gateway") do |gateway|
allowed_ips = gateway.interfaces(:role => :internal).map do |interface|
"#{interface[:network]}/#{interface[:prefix]}"
}
end
+jobs = {}
+
search(:node, "recipes:prometheus\\:\\:default").sort_by(&:name).each do |client|
if client[:prometheus][:mode] == "wireguard"
node.default[:networking][:wireguard][:peers] << {
end
end
+certificates = search(:node, "letsencrypt:certificates").each_with_object({}) do |n, c|
+ n[:letsencrypt][:certificates].each do |name, details|
+ c[name] ||= details.merge(:nodes => [])
+
+ c[name][:nodes] << {
+ :name => n[:fqdn],
+ :address => n.external_ipaddress || n.internal_ipaddress
+ }
+ end
+end
+
+template "/etc/prometheus/ssl.yml" do
+ source "ssl.yml.erb"
+ owner "root"
+ group "root"
+ mode "644"
+ variables :certificates => certificates
+end
+
+prometheus_exporter "ssl" do
+ address "127.0.0.1"
+ port 9219
+ options "--config.file=/etc/prometheus/ssl.yml"
+ register_target false
+end
+
template "/etc/default/prometheus" do
source "default.prometheus.erb"
owner "root"
owner "root"
group "root"
mode "644"
- variables :jobs => jobs
+ variables :jobs => jobs, :certificates => certificates
end
template "/etc/prometheus/alert_rules.yml" do
default_action :create
property :exporter, :kind_of => String, :name_property => true
+property :address, :kind_of => String
property :port, :kind_of => Integer, :required => [:create]
property :listen_switch, :kind_of => String, :default => "web.listen-address"
property :listen_type, :kind_of => String, :default => "address"
property :environment, :kind_of => Hash, :default => {}
property :service, :kind_of => String
property :metric_relabel, :kind_of => Array
+property :register_target, :kind_of => [TrueClass, FalseClass], :default => true
action :create do
systemd_service service_name do
only_if { node[:prometheus][:mode] == "external" }
end
- node.default[:prometheus][:exporters][new_resource.port] = {
- :name => new_resource.exporter,
- :address => listen_address,
- :metric_relabel => new_resource.metric_relabel
- }
+ if new_resource.register_target
+ node.default[:prometheus][:exporters][new_resource.port] = {
+ :name => new_resource.exporter,
+ :address => listen_address,
+ :metric_relabel => new_resource.metric_relabel
+ }
+ end
end
action :delete do
end
def listen_address
- if node[:prometheus][:mode] == "wireguard"
+ if new_resource.address
+ "#{new_resource.address}:#{new_resource.port}"
+ elsif node[:prometheus][:mode] == "wireguard"
"[#{node[:prometheus][:address]}]:#{new_resource.port}"
else
"#{node[:prometheus][:address]}:#{new_resource.port}"
static_configs:
- targets:
- localhost:9093
+ - job_name: ssl
+ scrape_interval: 15m
+ metrics_path: /probe
+ static_configs:
+ - targets:
+<% @certificates.values.sort_by { |c| c[:domains].first }.each do |certificate| -%>
+<% certificate[:nodes].sort_by { |h| h[:name] }.each do |host| -%>
+ - <%= certificate[:domains].first %>/<%= host[:name] %>:443
+<% end -%>
+<% end -%>
+ relabel_configs:
+ - source_labels: [__address__]
+ regex: "([^/]+)/.*"
+ target_label: __param_module
+ - source_labels: [__address__]
+ regex: "[^/]+/(.*)"
+ target_label: __param_target
+ - source_labels: [__param_target]
+ regex: "([^.]+)\\..*"
+ target_label: instance
+ - target_label: __address__
+ replacement: 127.0.0.1:9219
<% @jobs.sort.each do |name, targets| -%>
- job_name: <%= name %>
static_configs:
projects / chef.git / commitdiff