diff options
author | Kelley Spoon <kelley.spoon@linaro.org> | 2024-01-13 19:39:38 -0600 |
---|---|---|
committer | Kelley Spoon <kelley.spoon@linaro.org> | 2024-01-14 01:48:33 +0000 |
commit | e4270b3d97091e3525bab27de43c9bdba161d26f (patch) | |
tree | 8a36d5ad5c212e629ddddfc1aa711bfa08201017 | |
parent | 4aaa6ef3c2ca171cf2d65107325a9d56fb6bca52 (diff) |
node_exporter: make scrape password optional
This change makes the requirement of http basic auth
credentials to read the node_exporter endpoint optional.
You can disable it by setting the user and password
to null in the host_vars for a host.
Change-Id: I058e61c46bbf8d74f3a22e0954def66c2ba10830
Signed-off-by: Kelley Spoon <kelley.spoon@linaro.org>
Reviewed-on: https://review.linaro.org/c/infrastructure/ansible-playbooks/+/46518
-rw-r--r-- | host_vars/gerrit.forge.aws.linaro.com | 3 | ||||
-rw-r--r-- | roles/node_exporter/tasks/main.yml | 2 | ||||
-rw-r--r-- | roles/node_exporter/templates/web-config.j2 | 2 |
3 files changed, 6 insertions, 1 deletions
diff --git a/host_vars/gerrit.forge.aws.linaro.com b/host_vars/gerrit.forge.aws.linaro.com index 62b74506..12c03602 100644 --- a/host_vars/gerrit.forge.aws.linaro.com +++ b/host_vars/gerrit.forge.aws.linaro.com @@ -24,6 +24,9 @@ ssh_ldap_uri: ldaps://login.linaro.org skip_dovecot: true +prometheus_scrape_user: null +prometheus_scrape_password: null + login_groups: - systems - its diff --git a/roles/node_exporter/tasks/main.yml b/roles/node_exporter/tasks/main.yml index 6d85e8d1..c3781e1b 100644 --- a/roles/node_exporter/tasks/main.yml +++ b/roles/node_exporter/tasks/main.yml @@ -57,7 +57,7 @@ port: "{{ ne_port }}" src: "{{ item }}" with_items: "{{ prometheus_scrape_ips }}" - when: ne_push is not defined + when: ne_push is not defined and ne_ufw is defined - name: Install push script template: diff --git a/roles/node_exporter/templates/web-config.j2 b/roles/node_exporter/templates/web-config.j2 index 5655a8c1..83963659 100644 --- a/roles/node_exporter/templates/web-config.j2 +++ b/roles/node_exporter/templates/web-config.j2 @@ -2,5 +2,7 @@ http_server_config: http2: false +{% if prometheus_scrape_user != None and prometheus_scrape_password != None %} basic_auth_users: {{ prometheus_scrape_user }}: {{ prometheus_scrape_password | password_hash('bcrypt') }} +{% endif %} |