mirror of
https://github.com/spantaleev/matrix-docker-ansible-deploy.git
synced 2024-12-24 18:08:28 +01:00
Revert "security** node-exporter data & port publicly exposed"
This reverts commit d0cd709c08
.
This commit is contained in:
parent
d0cd709c08
commit
0f9a455719
@ -18,5 +18,5 @@ matrix_prometheus_node_exporter_systemd_wanted_services_list: []
|
|||||||
|
|
||||||
# Controls whether the matrix-prometheus container exposes its HTTP port (tcp/9100 in the container).
|
# Controls whether the matrix-prometheus container exposes its HTTP port (tcp/9100 in the container).
|
||||||
#
|
#
|
||||||
# Takes an "<ip>:<port>" value (e.g. "127.0.0.1:9100"), or empty string to not expose.
|
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:9100"), or empty string to not expose.
|
||||||
matrix_prometheus_node_exporter_container_http_host_bind_port: ''
|
matrix_prometheus_node_exporter_container_http_host_bind_port: ''
|
||||||
|
@ -22,6 +22,9 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-prometheus-nod
|
|||||||
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
|
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
|
||||||
--cap-drop=ALL \
|
--cap-drop=ALL \
|
||||||
--read-only \
|
--read-only \
|
||||||
|
{% if matrix_prometheus_node_exporter_container_http_host_bind_port %}
|
||||||
|
-p {{ matrix_prometheus_node_exporter_container_http_host_bind_port }}:9100 \
|
||||||
|
{% endif %}
|
||||||
{% for arg in matrix_prometheus_node_exporter_container_extra_arguments %}
|
{% for arg in matrix_prometheus_node_exporter_container_extra_arguments %}
|
||||||
{{ arg }} \
|
{{ arg }} \
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
@ -29,12 +32,6 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-prometheus-nod
|
|||||||
--pid=host \
|
--pid=host \
|
||||||
--mount type=bind,src=/,dst=/host,ro,bind-propagation=rslave \
|
--mount type=bind,src=/,dst=/host,ro,bind-propagation=rslave \
|
||||||
{{ matrix_prometheus_node_exporter_docker_image }} \
|
{{ matrix_prometheus_node_exporter_docker_image }} \
|
||||||
{{ matrix_prometheus_node_exporter_docker_image }} \
|
|
||||||
{% if matrix_prometheus_node_exporter_container_http_host_bind_port %}
|
|
||||||
--web.listen-address={{ matrix_prometheus_node_exporter_container_http_host_bind_port }} \
|
|
||||||
{% else %}
|
|
||||||
--web.listen-address=localhost:9100 \
|
|
||||||
{% endif %}
|
|
||||||
--path.rootfs=/host
|
--path.rootfs=/host
|
||||||
|
|
||||||
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-prometheus-node-exporter 2>/dev/null'
|
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-prometheus-node-exporter 2>/dev/null'
|
||||||
|
Loading…
Reference in New Issue
Block a user