Update to 2020-06-09 17:00

roles/postgresql_exporter/defaults/main.yml

@@ -0,0 +1,22 @@
+---
+
+pg_exporter_version: 0.8.0
+pg_exporter_archive_url: https://github.com/wrouesnel/postgres_exporter/releases/download/v{{ pg_exporter_version }}/postgres_exporter_v{{ pg_exporter_version }}_linux-amd64.tar.gz
+pg_exporter_archive_sha1: 9af399257fe6ad20bf6ea7a4984721ae364bd574
+pg_exporter_root_dir: /opt/pg_exporter
+
+# Account under which postgres-exporter will run
+pg_exporter_user: postgres
+# TCP port on which postgres-exporter will bind
+pg_exporter_port: 9187
+# List of IP address / CIDR allowed to access postgres-exporter
+pg_exporter_src_ip: []
+
+# URI to connect. The default value will connect using the unix socket /var/run/postgresql
+pg_exporter_data_source_uri: "postgresql@:5432/postgres?host=/var/run/postgresql"
+# If set, will use the provided user and password
+# pg_exporter_data_source_user: sqladmin
+# pg_exporter_data_source_pass: secret
+
+# List of DB to exclude
+pg_exporter_exclude_databases: []

roles/postgresql_exporter/handlers/main.yml

@@ -0,0 +1,4 @@
+---
+
+- name: restart postgres-exporter
+  service: name=postgres-exporter state=restarted

roles/postgresql_exporter/tasks/archive_post.yml

@@ -0,0 +1,5 @@
+---
+
+- name: Remove archive dir
+  file: path={{ pg_exporter_root_dir }}/archives/{{ pg_exporter_current_version }} state=absent
+  tags: pg

roles/postgresql_exporter/tasks/archive_pre.yml

@@ -0,0 +1,11 @@
+---
+
+- name: Create archive dir
+  file: path={{ pg_exporter_root_dir }}/archives/{{ pg_exporter_current_version }} state=directory
+  tags: pg
+
+- name: Archive previous version
+  archive:
+    path: "{{ pg_exporter_root_dir }}/app"
+    dest: "{{ pg_exporter_root_dir }}/archives/{{ pg_exporter_current_version }}.tgz"
+  tags: pg

roles/postgresql_exporter/tasks/cleanup.yml

@@ -0,0 +1,9 @@
+---
+
+- name: Remove tmp files
+  file: path={{ item }} state=absent
+  loop:
+    - "{{ pg_exporter_root_dir }}/tmp/postgres_exporter_v{{ pg_exporter_version }}_linux-amd64"
+    - "{{ pg_exporter_root_dir }}/tmp/postgres_exporter_v{{ pg_exporter_version }}_linux-amd64.tar.gz"
+  tags: pg
+

roles/postgresql_exporter/tasks/conf.yml

@@ -0,0 +1,6 @@
+---
+
+- name: Deploy configuration file
+  template: src=postgres-exporter.conf.j2 dest={{ pg_exporter_root_dir }}/etc/postgres-exporter.conf group={{ pg_exporter_user }} mode='640'
+  notify: restart postgres-exporter
+  tags: pg

roles/postgresql_exporter/tasks/directories.yml

@@ -0,0 +1,16 @@
+---
+
+- name: Create needed directories
+  file: path={{ item.dir }} state=directory owner={{ item.owner | default(omit) }} group={{ item.group | default(omit) }} mode={{ item.mode | default(omit) }}
+  loop:
+    - dir: "{{ pg_exporter_root_dir }}"
+    - dir: "{{ pg_exporter_root_dir }}/meta"
+      mode: '700'
+    - dir: "{{ pg_exporter_root_dir }}/archives"
+      mode: '700'
+    - dir: "{{ pg_exporter_root_dir }}/app"
+    - dir: "{{ pg_exporter_root_dir }}/tmp"
+    - dir: "{{ pg_exporter_root_dir }}/etc"
+      group: "{{ pg_exporter_user }}"
+      mode: '750'
+  tags: pg

roles/postgresql_exporter/tasks/facts.yml

@@ -0,0 +1,11 @@
+---
+
+- name: Detect current version and set install mode
+  block:
+  - import_tasks: ../includes/webapps_set_install_mode.yml
+    vars:
+      root_dir: "{{ pg_exporter_root_dir }}"
+      version: "{{ pg_exporter_version }}"
+  - set_fact: pg_exporter_install_mode={{ install_mode }}
+  - set_fact: pg_exporter_current_version={{ current_version }}
+  tags: pg

roles/postgresql_exporter/tasks/install.yml

@@ -0,0 +1,36 @@
+---
+
+- block:
+  - name: Download pg_exporter
+    get_url:
+      url: "{{ pg_exporter_archive_url }}"
+      dest: "{{ pg_exporter_root_dir }}/tmp/"
+      checksum: sha1:{{ pg_exporter_archive_sha1 }}
+  
+  - name: Extract pg_exporter
+    unarchive:
+      src: "{{ pg_exporter_root_dir }}/tmp/postgres_exporter_v{{ pg_exporter_version }}_linux-amd64.tar.gz"
+      dest: "{{ pg_exporter_root_dir }}/tmp/"
+      remote_src: True
+
+  - name: Move the binary to its final location
+    copy:
+      src: "{{ pg_exporter_root_dir }}/tmp/postgres_exporter_v{{ pg_exporter_version }}_linux-amd64/postgres_exporter"
+      dest: "{{ pg_exporter_root_dir }}/app/"
+      mode: '755'
+      remote_src: True
+    notify: restart postgres-exporter
+
+  when: pg_exporter_install_mode != 'none'
+  tags: pg
+
+- name: Deploy systemd unit
+  template: src=postgres-exporter.service.j2 dest=/etc/systemd/system/postgres-exporter.service
+  register: pg_exporter_unit
+  notify: restart postgres-exporter
+  tags: pg
+
+- name: Reload systemd
+  systemd: daemon_reload=True
+  when: pg_exporter_unit.changed
+  tags: pg

roles/postgresql_exporter/tasks/iptables.yml

@@ -0,0 +1,9 @@
+---
+
+- name: Handle postgres exporter ports in the firewall
+  iptables_raw:
+    name: postgres-exporter
+    state: "{{ (pg_exporter_src_ip | length > 0) | ternary('present','absent') }}"
+    rules: "-A INPUT -m state --state NEW -p tcp --dport {{ pg_exporter_port }} -s {{ pg_exporter_src_ip | join(',') }} -j ACCEPT"
+  when: iptables_manage | default(True)
+  tags: firewall,pg

roles/postgresql_exporter/tasks/main.yml

@@ -0,0 +1,15 @@
+---
+
+- include: directories.yml
+- include: facts.yml
+- include: archive_pre.yml
+  when: pg_exporter_install_mode == 'upgrade'
+- include: install.yml
+- include: conf.yml
+- include: iptables.yml
+  when: iptables_manage | default(True)
+- include: service.yml
+- include: archive_post.yml
+  when: pg_exporter_install_mode == 'upgrade'
+- include: write_version.yml
+- include: cleanup.yml

roles/postgresql_exporter/tasks/service.yml

@@ -0,0 +1,5 @@
+---
+
+- name: Start and enable the service
+  service: name=postgres-exporter state=started enabled=True
+  tags: pg

roles/postgresql_exporter/tasks/write_version.yml

@@ -0,0 +1,5 @@
+---
+
+- name: Write installed version
+  copy: content={{ pg_exporter_version }} dest={{ pg_exporter_root_dir }}/meta/ansible_version
+  tags: pg

roles/postgresql_exporter/templates/postgres-exporter.conf.j2

@@ -0,0 +1,8 @@
+DATA_SOURCE_URI={{ pg_exporter_data_source_uri }}
+{% if pg_exporter_data_source_user is defined and pg_exporter_data_source_pass is defined %}
+DATA_SOURCE_USER={{ pg_exporter_data_source_user }}
+DATA_SOURCE_PASS={{ pg_exporter_data_source_pass }}
+{% endif %}
+PG_EXPORTER_WEB_LISTEN_ADDRESS=:{{ pg_exporter_port }}
+PG_EXPORTER_AUTO_DISCOVER_DATABASES=true
+PG_EXPORTER_EXCLUDE_DATABASES={{ pg_exporter_exclude_databases | join(',') }}

roles/postgresql_exporter/templates/postgres-exporter.service.j2

@@ -0,0 +1,24 @@
+[Unit]
+Description=Synapse Matrix homeserver
+
+[Service]
+Type=simple
+User={{ pg_exporter_user }}
+Group={{ pg_exporter_user }}
+EnvironmentFile={{ pg_exporter_root_dir }}/etc/postgres-exporter.conf
+ExecStart={{ pg_exporter_root_dir }}/app/postgres_exporter
+PrivateTmp=yes
+PrivateDevices=yes
+ProtectSystem=full
+ProtectHome=yes
+NoNewPrivileges=yes
+MemoryLimit=512M
+SyslogIdentifier=postgres-exporter
+Restart=on-failure
+StartLimitInterval=0
+RestartSec=30
+
+[Install]
+WantedBy=multi-user.target
+
+