diff --git a/site-modules/profile/manifests/nginx.pp b/site-modules/profile/manifests/nginx.pp index 01a39ecd..660b8ad5 100644 --- a/site-modules/profile/manifests/nginx.pp +++ b/site-modules/profile/manifests/nginx.pp @@ -1,50 +1,61 @@ # Deployment of nginx as a reverse proxy for Software Heritage RPC servers class profile::nginx { $accept_mutex = lookup('nginx::accept_mutex') $package_name = lookup('nginx::package_name') $names_hash_bucket_size = lookup('nginx::names_hash_bucket_size') $names_hash_max_size = lookup('nginx::names_hash_max_size') $worker_processes = lookup('nginx::worker_processes') $metrics_port = lookup('nginx::metrics_port') $metrics_location = lookup('nginx::metrics_location') if $worker_processes != 'auto' { $actual_worker_processes = $worker_processes + 0 } else { $actual_worker_processes = 'auto' } class {'::nginx': package_name => $package_name, manage_repo => false, accept_mutex => $accept_mutex, names_hash_bucket_size => $names_hash_bucket_size, names_hash_max_size => $names_hash_max_size, worker_processes => $actual_worker_processes, } ::nginx::resource::map {'error_status': ensure => present, string => "\$status", default => '1', mappings => { '~^[23]' => '0', '404' => '0', } } # metrics vhosts ::nginx::resource::server {'nginx-metrics': ensure => present, listen_ip => '127.0.0.1', listen_port => $metrics_port, listen_options => 'deferred', server_name => [ '127.0.0.1', 'localhost' ], format_log => 'combined', locations => { $metrics_location => { 'stub_status' => true }}, } + ::systemd::tmpfile {'nginx.conf': + content => join([ + '# Managed by puppet (profile::nginx), changes will be lost', + '', + 'd /run/nginx 0755 root root - -', + 'd /run/nginx/client_body_temp 0700 www-data root - -', + 'd /run/nginx/proxy_temp 0700 www-data root - -', + '', + ], "\n") + } + include profile::prometheus::nginx } diff --git a/site-modules/profile/manifests/prometheus/nginx.pp b/site-modules/profile/manifests/prometheus/nginx.pp index af80cae4..bd325e82 100644 --- a/site-modules/profile/manifests/prometheus/nginx.pp +++ b/site-modules/profile/manifests/prometheus/nginx.pp @@ -1,42 +1,56 @@ # Prometheus configuration for nginx exporter class profile::prometheus::nginx { include profile::prometheus::base $defaults_file = '/etc/default/prometheus-nginx-exporter' $nginx_metrics_port = lookup('nginx::metrics_port') $nginx_metrics_location = lookup('nginx::metrics_location') $scrape_uri = "http://127.0.0.1:${nginx_metrics_port}${nginx_metrics_location}" $listen_network = lookup('prometheus::nginx::listen_network') $listen_address = pick($listen_address, ip_for_network($listen_network)) $listen_port = lookup('prometheus::nginx::listen_port') $target = "${listen_address}:${listen_port}" package {'prometheus-nginx-exporter': ensure => present, notify => Service['prometheus-nginx-exporter'], } service {'prometheus-nginx-exporter': ensure => 'running', enable => true, require => [ Package['prometheus-nginx-exporter'], File[$defaults_file], ] } + ::systemd::dropin_file {'prometheus-nginx-exporter/restart.conf': + ensure => present, + unit => 'prometheus-nginx-exporter.service', + filename => 'restart.conf', + content => "[Service]\nRestart=always\nRestartSec=5\n", + } + + ::systemd::dropin_file {'prometheus-nginx-exporter/ordering.conf': + ensure => present, + unit => 'prometheus-nginx-exporter.service', + filename => 'ordering.conf', + content => "[Unit]\nAfter=nginx.service\n", + } + # Uses $target and $scrape_uri file {$defaults_file: ensure => 'present', owner => 'root', group => 'root', mode => '0644', content => template('profile/prometheus/nginx/prometheus-nginx-exporter.defaults.erb'), require => Package['prometheus-nginx-exporter'], notify => Service['prometheus-nginx-exporter'], } profile::prometheus::export_scrape_config {'nginx': target => $target, } }