RWejlgaard/pez-infra
1
0
Fork 0
mirror of https://github.com/RWejlgaard/pez-infra.git synced 2026-05-06 04:14:43 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
pez-infra/ansible/inventory/host_vars
History
Rasmus "Pez" Wejlgaard f2cebcdf38
Bind node_exporter to Tailscale IP on public-facing hosts (#31) 
node_exporter was listening on 0.0.0.0:9100 on helsinki-a and london-a,
exposing metrics to the public internet.

Changes:
- Add node_exporter_bind_tailscale flag (default false) to opt in
- Set flag on helsinki-a and london-a host_vars
- Debian: configure ARGS in /etc/default/prometheus-node-exporter
- FreeBSD: use native node_exporter_listen_address rc.conf variable
- Add handlers to restart on config change

Prometheus already scrapes via Tailscale IPs, no scrape config changes needed.

Fixes PESO-98
2026-03-30 22:56:59 +01:00
..
copenhagen-a.yml copenhagen-a: document all live services in host_vars and docs (#30) 2026-03-30 22:10:27 +01:00
copenhagen-c.yml initial commit 2026-03-28 12:39:41 +00:00
helsinki-a.yml Bind node_exporter to Tailscale IP on public-facing hosts (#31) 2026-03-30 22:56:59 +01:00
london-a.yml Bind node_exporter to Tailscale IP on public-facing hosts (#31) 2026-03-30 22:56:59 +01:00
london-b.yml Add Docker official apt repo to docker role (#24) 2026-03-29 21:11:33 +01:00
nuremberg-a.yml capture nuremberg-a firewall rules in pez-infra (#15) 2026-03-29 14:40:10 +01:00