diff options
Diffstat (limited to 'roles/whawty/auth')
| -rw-r--r-- | roles/whawty/auth/store/defaults/main.yml | 1 | ||||
| -rw-r--r-- | roles/whawty/auth/store/tasks/sync-client.yml | 10 | ||||
| -rw-r--r-- | roles/whawty/auth/store/templates/systemd.service.j2 | 3 |
3 files changed, 12 insertions, 2 deletions
diff --git a/roles/whawty/auth/store/defaults/main.yml b/roles/whawty/auth/store/defaults/main.yml index c479c600..5b1ba5a6 100644 --- a/roles/whawty/auth/store/defaults/main.yml +++ b/roles/whawty/auth/store/defaults/main.yml @@ -25,3 +25,4 @@ # hostname: passwd.example.com # port: 3022 # user: sync +# prometheus: yes diff --git a/roles/whawty/auth/store/tasks/sync-client.yml b/roles/whawty/auth/store/tasks/sync-client.yml index a45e4727..bbd5e8c9 100644 --- a/roles/whawty/auth/store/tasks/sync-client.yml +++ b/roles/whawty/auth/store/tasks/sync-client.yml @@ -41,7 +41,15 @@ {% endif %} {% endif %} while true; do - /usr/bin/rsync -rtW --delete --delete-delay --delay-updates --partial-dir=.tmp{{ rsync_args | join('') }} -e 'ssh -F "/etc/whawty/auth/.store-{{ item.key }}-sync/ssh_config"' 'rsync://whawty-auth-server/store' '{{ item.value.config.basedir }}' + /usr/bin/rsync -rtWi --delete --delete-delay --delay-updates --partial-dir=.tmp{{ rsync_args | join('') }} -e 'ssh -F "/etc/whawty/auth/.store-{{ item.key }}-sync/ssh_config"' 'rsync://whawty-auth-server/store' '{{ item.value.config.basedir }}' + {% if (item.value.sync.prometheus | default(False)) %} + result=$? + now=$(date +"%s") + cat <<EOF | sponge /var/lib/prometheus-node-exporter/textfile-collector/whawty-auth-store-sync-{{ item.key }}.prom + whawty_auth_store_sync_run{name="{{ item.key }}"} $now + whawty_auth_store_sync_exit_code{name="{{ item.key }}"} $result + EOF + {% endif %} sleep 60 done dest: /etc/whawty/auth/.store-{{ item.key }}-sync/run.sh diff --git a/roles/whawty/auth/store/templates/systemd.service.j2 b/roles/whawty/auth/store/templates/systemd.service.j2 index 7e066901..4a630183 100644 --- a/roles/whawty/auth/store/templates/systemd.service.j2 +++ b/roles/whawty/auth/store/templates/systemd.service.j2 @@ -3,6 +3,7 @@ Description=sync for whawty-auth store {{ item.key }} [Service] Type=simple +Restart=always ExecStart=/etc/whawty/auth/.store-{{ item.key }}-sync/run.sh # systemd hardening-options @@ -20,7 +21,7 @@ ProtectHome=true ProtectKernelModules=true ProtectKernelTunables=true ProtectSystem=strict -ReadWritePaths={{ item.value.config.basedir }} +ReadWritePaths={{ item.value.config.basedir }}{% if (item.value.sync.prometheus | default(False)) %} /var/lib/prometheus-node-exporter/textfile-collector/{% endif %}{{ '' }} RemoveIPC=true RestrictNamespaces=true RestrictRealtime=true |