RWejlgaard/pez-infra
1
0
Fork 0
mirror of https://github.com/RWejlgaard/pez-infra.git synced 2026-05-06 04:14:43 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

fix: prometheus retention and authelia fix (#73)
Some checks are pending
Deploy (on merge) / Deploy (push) Waiting to run
Details
Terraform / Plan (push) Waiting to run
Details
Terraform / Apply (push) Blocked by required conditions
Details

Browse source 
* fix: prometheus retention time

* also fix bug with authelia

* linting issues

* more linting
This commit is contained in:
Rasmus Wejlgaard 2026-04-25 21:35:39 +01:00 committed by GitHub
parent b82013c2f0
commit af2f462c1c
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
5 changed files with 53 additions and 44 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
ansible/playbooks/monitoring.yml
View file

@ -10,6 +10,8 @@
ansible.builtin.include_vars: ansible.builtin.include_vars:
file: "{{ playbook_dir }}/../group_vars/all/secrets.yaml" file: "{{ playbook_dir }}/../group_vars/all/secrets.yaml"
no_log: true no_log: true
roles:
- prometheus
tasks: tasks:
- name: Deploy Prometheus config - name: Deploy Prometheus config
ansible.builtin.template: ansible.builtin.template:
@ -77,11 +79,6 @@
notify: Restart grafana notify: Restart grafana
handlers: handlers:
- name: Restart prometheus
ansible.builtin.service:
name: prometheus
state: restarted
- name: Restart grafana - name: Restart grafana
ansible.builtin.service: ansible.builtin.service:
name: grafana name: grafana

2
ansible/roles/prometheus/defaults/main.yml Normal file
View file

@ -0,0 +1,2 @@
---
prometheus_retention_time: "1y"

5
ansible/roles/prometheus/handlers/main.yml Normal file
View file

@ -0,0 +1,5 @@
---
- name: Restart prometheus
ansible.builtin.service:
name: prometheus
state: restarted

7
ansible/roles/prometheus/tasks/main.yml Normal file
View file

@ -0,0 +1,7 @@
---
- name: Set Prometheus args in rc.conf (FreeBSD)
community.general.sysrc:
name: prometheus_args
value: "--storage.tsdb.retention.time={{ prometheus_retention_time }}"
when: ansible_facts["os_family"] == "FreeBSD"
notify: Restart prometheus

76
ansible/services/authelia/docker-compose.yml
View file

@ -6,22 +6,20 @@
services: services:
authelia: authelia:
container_name: authelia container_name: "authelia"
image: docker.io/authelia/authelia:latest image: "docker.io/authelia/authelia:latest"
restart: unless-stopped restart: "unless-stopped"
ports: ports:
- '127.0.0.1:9091:9091' - "127.0.0.1:9091:9091"
environment: environment:
AUTHELIA_IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET_FILE: /secrets/JWT_SECRET AUTHELIA_IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET_FILE: "/secrets/JWT_SECRET"
AUTHELIA_SESSION_SECRET_FILE: /secrets/SESSION_SECRET AUTHELIA_SESSION_SECRET_FILE: "/secrets/SESSION_SECRET"
AUTHELIA_STORAGE_ENCRYPTION_KEY_FILE: /secrets/STORAGE_ENCRYPTION_KEY AUTHELIA_STORAGE_ENCRYPTION_KEY_FILE: "/secrets/STORAGE_ENCRYPTION_KEY"
AUTHELIA_STORAGE_MYSQL_PASSWORD_FILE: /secrets/MYSQL_PASSWORD AUTHELIA_STORAGE_MYSQL_PASSWORD_FILE: "/secrets/MYSQL_PASSWORD"
AUTHELIA_AUTHENTICATION_BACKEND_LDAP_PASSWORD_FILE: /secrets/LLDAP_ADMIN_PASSWORD TZ: "UTC"
AUTHELIA_NOTIFIER_SMTP_PASSWORD_FILE: /secrets/SMTP_PASSWORD
TZ: UTC
volumes: volumes:
- /root/authelia/config:/config - "/root/authelia/config:/config"
- /root/authelia/secrets:/secrets - "/root/authelia/secrets:/secrets"
depends_on: depends_on:
mariadb: mariadb:
condition: service_healthy condition: service_healthy
@ -31,19 +29,19 @@ services:
- authelia - authelia
mariadb: mariadb:
container_name: authelia-mariadb container_name: "authelia-mariadb"
image: docker.io/library/mariadb:11 image: "docker.io/library/mariadb:11"
restart: unless-stopped restart: "unless-stopped"
environment: environment:
MYSQL_ROOT_PASSWORD_FILE: /run/secrets/MYSQL_ROOT_PASSWORD MYSQL_ROOT_PASSWORD_FILE: "/run/secrets/MYSQL_ROOT_PASSWORD"
MYSQL_DATABASE: authelia MYSQL_DATABASE: "authelia"
MYSQL_USER: authelia MYSQL_USER: "authelia"
MYSQL_PASSWORD_FILE: /run/secrets/MYSQL_PASSWORD MYSQL_PASSWORD_FILE: "/run/secrets/MYSQL_PASSWORD"
TZ: UTC TZ: "UTC"
volumes: volumes:
- /root/authelia/mariadb:/var/lib/mysql - "/root/authelia/mariadb:/var/lib/mysql"
- /root/authelia/secrets/MYSQL_ROOT_PASSWORD:/run/secrets/MYSQL_ROOT_PASSWORD:ro - "/root/authelia/secrets/MYSQL_ROOT_PASSWORD:/run/secrets/MYSQL_ROOT_PASSWORD:ro"
- /root/authelia/secrets/MYSQL_PASSWORD:/run/secrets/MYSQL_PASSWORD:ro - "/root/authelia/secrets/MYSQL_PASSWORD:/run/secrets/MYSQL_PASSWORD:ro"
networks: networks:
- authelia - authelia
healthcheck: healthcheck:
@ -54,24 +52,24 @@ services:
start_period: 30s start_period: 30s
lldap: lldap:
container_name: authelia-lldap container_name: "authelia-lldap"
image: docker.io/lldap/lldap:latest image: "docker.io/lldap/lldap:latest"
restart: unless-stopped restart: "unless-stopped"
ports: ports:
- '17170:17170' # Web UI - "17170:17170"
- '3890:3890' # LDAP - "3890:3890"
environment: environment:
UID: '1000' UID: "1000"
GID: '1000' GID: "1000"
TZ: UTC TZ: "UTC"
LLDAP_LDAP_BASE_DN: dc=pez,dc=sh LLDAP_LDAP_BASE_DN: "dc=pez,dc=sh"
LLDAP_LDAP_USER_DN: admin LLDAP_LDAP_USER_DN: "admin"
LLDAP_LDAP_USER_PASS_FILE: /secrets/LLDAP_ADMIN_PASSWORD LLDAP_LDAP_USER_PASS_FILE: "/secrets/LLDAP_ADMIN_PASSWORD"
LLDAP_JWT_SECRET_FILE: /secrets/LLDAP_JWT_SECRET LLDAP_JWT_SECRET_FILE: "/secrets/LLDAP_JWT_SECRET"
volumes: volumes:
- /root/authelia/lldap:/data - "/root/authelia/lldap:/data"
- /root/authelia/secrets/LLDAP_ADMIN_PASSWORD:/secrets/LLDAP_ADMIN_PASSWORD:ro - "/root/authelia/secrets/LLDAP_ADMIN_PASSWORD:/secrets/LLDAP_ADMIN_PASSWORD:ro"
- /root/authelia/secrets/LLDAP_JWT_SECRET:/secrets/LLDAP_JWT_SECRET:ro - "/root/authelia/secrets/LLDAP_JWT_SECRET:/secrets/LLDAP_JWT_SECRET:ro"
networks: networks:
- authelia - authelia