commit f9fde9bff8ced0e36a8244debfc88b30e5990876
parent 90d612880113c4cca320dc1bf64ca0ec9c66fc2b
Author: Christian Grothoff <christian@grothoff.org>
Date: Thu, 13 Feb 2025 16:08:38 +0100
monitoring needs other subsystems working, plus only monitor challenger if we actually use it
Diffstat:
2 files changed, 14 insertions(+), 5 deletions(-)
diff --git a/playbooks/setup.yml b/playbooks/setup.yml
@@ -6,9 +6,9 @@
- role: ansible-pull
- role: webserver
- role: database
- - role: monitoring
- role: libeufin-nexus
- role: challenger
when: DEPLOY_CHALLENGER | bool
- role: exchange
- role: auditor
+ - role: monitoring
diff --git a/roles/monitoring/tasks/main.yml b/roles/monitoring/tasks/main.yml
@@ -124,16 +124,13 @@
become: yes
become_user: postgres
-- name: Grant access to postgres database to the postgres-exporter
+- name: Grant access to canonical postgres databases to the postgres-exporter
become: yes
become_user: postgres
community.postgresql.postgresql_query:
login_user: postgres
db: postgres
query:
- GRANT CONNECT ON DATABASE "challenger-email" TO prometheus;
- GRANT CONNECT ON DATABASE "challenger-postal" TO prometheus;
- GRANT CONNECT ON DATABASE "challenger-sms" TO prometheus;
GRANT CONNECT ON DATABASE libeufin TO prometheus;
GRANT CONNECT ON DATABASE postgres TO prometheus;
GRANT CONNECT ON DATABASE "taler-auditor" TO prometheus;
@@ -141,6 +138,18 @@
GRANT USAGE ON SCHEMA pg_catalog TO prometheus;
GRANT SELECT ON ALL TABLES IN SCHEMA pg_catalog TO prometheus;
+- name: Grant access to challengers databases to the postgres-exporter
+ become: yes
+ become_user: postgres
+ community.postgresql.postgresql_query:
+ login_user: postgres
+ db: postgres
+ query:
+ GRANT CONNECT ON DATABASE "challenger-email" TO prometheus;
+ GRANT CONNECT ON DATABASE "challenger-postal" TO prometheus;
+ GRANT CONNECT ON DATABASE "challenger-sms" TO prometheus;
+ when: DEPLOY_CHALLENGER | bool
+
- name: Configure node-exporter
copy:
src: etc/default/prometheus-node-exporter
