mirror/matrix-docker-ansible-deploy
1
0
Fork 0
mirror of https://github.com/spantaleev/matrix-docker-ansible-deploy.git synced 2025-07-13 19:35:11 +02:00
Code Issues Packages Projects Releases Wiki Activity

(BC Break) Redo how metrics are exposed to external Prometheus servers

Browse Source
This commit is contained in:
Slavi Pantaleev
2022-06-23 17:44:11 +03:00
parent a3a6e14f7b
commit ba51997f7b
25 changed files with 453 additions and 169 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
roles/matrix-nginx-proxy/tasks/validate_config.yml
View File

@ -27,6 +27,14 @@
`matrix_nginx_proxy_ssl_preset` needs to be set to a known value.
when: "matrix_nginx_proxy_ssl_preset not in ['modern', 'intermediate', 'old']"
- name: Fail if Basic Auth enabled for metrics, but no credentials supplied
fail:
msg: |
Enabling Basic Auth for metrics (`matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_enabled`) requires:
- either a username/password (provided in `matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_username` and `matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_password`)
- or raw htpasswd content (provided in `matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_raw_content`)
when: "matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_enabled|bool and (matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_raw_content == '' and (matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_username == '' or matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_password == ''))"
- block:
- name: (Deprecation) Catch and report renamed settings
fail:
@ -36,6 +44,7 @@
with_items:
- {'old': 'host_specific_matrix_ssl_support_email', 'new': 'matrix_ssl_lets_encrypt_support_email'}
- {'old': 'host_specific_matrix_ssl_lets_encrypt_support_email', 'new': 'matrix_ssl_lets_encrypt_support_email'}
- {'old': 'matrix_nginx_proxy_proxy_synapse_workers_enabled_list', 'new': '<no longer used>'}
when: "item.old in vars"
- name: Fail if required variables are undefined
@ -49,3 +58,17 @@
- "matrix_nginx_proxy_proxy_synapse_client_api_addr_sans_container"
when: "vars[item] == '' or vars[item] is none"
when: "matrix_ssl_retrieval_method == 'lets-encrypt'"
- name: (Deprecation) Catch and report old metrics usage
fail:
msg: >-
Your configuration contains a variable (`{{ item }}`), which refers to the old metrics collection system for Synapse,
which exposed metrics on `https://matrix.DOMAIN/_synapse/metrics` and `https://matrix.DOMAIN/_synapse-worker-TYPE-ID/metrics`.
We now recommend exposing Synapse metrics in another way, from another URL.
Refer to the changelog for more details: https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/CHANGELOG.md#2022-06-22
with_items:
- matrix_nginx_proxy_proxy_synapse_metrics
- matrix_nginx_proxy_proxy_synapse_metrics_basic_auth_enabled
- matrix_nginx_proxy_proxy_synapse_metrics_basic_auth_key
when: "item in vars"