infra/ansible-role-prometheus-agent
4
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
ansible-role-prometheus-agent/templates/stunnel-client.conf.j2
Julian Rother 1daf64a848
promtail: Support metrics scraping
2024-12-08 06:57:00 +01:00

83 lines
3 KiB
Django/Jinja
Raw Blame History

{% if ansible_distribution_release == 'stretch' %}
sslVersion = TLSv1.2
{% else %}
sslVersionMin = TLSv1.2
options = SINGLE_ECDH_USE
options = SINGLE_DH_USE
{% endif %}
# this means log level = warning
debug = 4
setuid = stunnel4
setgid = stunnel4
pid = /var/run/stunnel4/prometheus-agent.pid
{% for i in prometheus_agent.scrapers if "nodeexporter" in prometheus_agent.scrapers[i] %}
; nodeexporter
[scraper {{ i }} nodeexporter]
client = no
requireCert = yes
accept = :::{{ prometheus_agent.scrapers[i].nodeexporter }}
connect = {{ prometheus_agent.agents.nodeexporter.args['web.listen-address']|replace('[', '')|replace(']', '') }}
cert = /etc/ssl/prometheus_agent.crt
key = /etc/ssl/private/prometheus_agent.key
verifyPeer = yes
CAfile = /etc/ssl/scraper_{{ i }}.crt
{% endfor %}
{% for i in prometheus_agent.scrapers if "blackbox" in prometheus_agent.scrapers[i] and prometheus_agent.agents.blackbox.enable%}
; blackbox
[scraper {{ i }} blackbox]
client = no
requireCert = yes
accept = :::{{ prometheus_agent.scrapers[i].blackbox }}
connect = {{ prometheus_agent.agents.blackbox.args['web.listen-address']|replace('[', '')|replace(']', '') }}
cert = /etc/ssl/prometheus_agent.crt
key = /etc/ssl/private/prometheus_agent.key
verifyPeer = yes
CAfile = /etc/ssl/scraper_{{ i }}.crt
{% endfor %}
{% for i in prometheus_agent.scrapers if "snmp" in prometheus_agent.scrapers[i] and prometheus_agent.agents.snmp.enable %}
; snmp
[scraper {{ i }} snmp]
client = no
requireCert = yes
accept = :::{{ prometheus_agent.scrapers[i].snmp }}
connect = {{ prometheus_agent.agents.snmp.args['web.listen-address']|replace('[', '')|replace(']', '') }}
cert = /etc/ssl/prometheus_agent.crt
key = /etc/ssl/private/prometheus_agent.key
verifyPeer = yes
CAfile = /etc/ssl/scraper_{{ i }}.crt
{% endfor %}
{% for i in prometheus_agent.scrapers if "promtail" in prometheus_agent.scrapers[i] and prometheus_agent.agents.promtail.enable %}
; promtail
[scraper {{ i }} promtail]
client = no
requireCert = yes
accept = :::{{ prometheus_agent.scrapers[i].promtail }}
connect = {{ prometheus_agent.agents.promtail.config.server.http_listen_address|replace('[', '')|replace(']', '') }}:{{ prometheus_agent.agents.promtail.config.server.http_listen_port }}
cert = /etc/ssl/prometheus_agent.crt
key = /etc/ssl/private/prometheus_agent.key
verifyPeer = yes
CAfile = /etc/ssl/scraper_{{ i }}.crt
{% endfor %}
; proxy
{% for i in prometheus_agent.scrapers if "proxy" in prometheus_agent.scrapers[i] %}
{% for j in prometheus_agent.scrapers[i].proxy|d({}) %}
; {{ j }}
[scraper {{ i }} proxy {{ j }}]
client = no
requireCert = yes
accept = :::{{ prometheus_agent.scrapers[i].proxy[j] }}
connect = {{ prometheus_agent.agents.proxy.mappings[j].address|replace('[', '')|replace(']', '') }}
cert = /etc/ssl/prometheus_agent.crt
key = /etc/ssl/private/prometheus_agent.key
verifyPeer = yes
CAfile = /etc/ssl/scraper_{{ i }}.crt
{% endfor %}
{% endfor %}
Reference in a new issue View git blame Copy permalink