fix: remove unsupported systemd options
Some checks failed
continuous-integration/drone/push Build is failing

This commit is contained in:
Robert Kaussow 2021-05-29 15:47:26 +02:00
parent f7b77d7245
commit ab3ea4e283
Signed by: xoxys
GPG Key ID: 4E692A2EAECC03C0
5 changed files with 17 additions and 13 deletions

View File

@ -113,7 +113,11 @@ prometheus_alert_rules:
labels:
severity: warning
annotations:
description: "This is an alert meant to ensure that the entire alerting pipeline is functional.\nThis alert is always firing, therefore it should always be firing in Alertmanager\nand always fire against a receiver. There are integrations with various notification\nmechanisms that send a notification when this alert is not firing. For example the\n\"DeadMansSnitch\" integration in PagerDuty."
description: >-
This is an alert meant to ensure that the entire alerting pipeline is functional.
This alert is always firing, therefore it should always be firing in Alertmanager
and always fire against a receiver. There are integrations with various notification
mechanisms that send a notification when this alert is not firing.
summary: "Ensure entire alerting pipeline is functional"
- alert: InstanceDown
expr: "up == 0"

View File

@ -3,6 +3,7 @@ dependency:
name: galaxy
options:
role-file: molecule/requirements.yml
requirements-file: molecule/requirements.yml
env:
ANSIBLE_GALAXY_DISPLAY_PROGRESS: "false"
driver:
@ -18,5 +19,6 @@ provisioner:
env:
ANSIBLE_FILTER_PLUGINS: ${ANSIBLE_FILTER_PLUGINS:-./plugins/filter}
ANSIBLE_LIBRARY: ${ANSIBLE_LIBRARY:-./library}
log: False
verifier:
name: testinfra

View File

@ -27,11 +27,10 @@
extra_opts:
- --strip-components=1
remote_src: yes
include:
- prometheus-{{ prometheus_version }}.linux-amd64/consoles/
- prometheus-{{ prometheus_version }}.linux-amd64/console_libraries/
- prometheus-{{ prometheus_version }}.linux-amd64/prometheus
- prometheus-{{ prometheus_version }}.linux-amd64/promtool
exclude:
- prometheus-{{ prometheus_version }}.linux-amd64/LICENSE
- prometheus-{{ prometheus_version }}.linux-amd64/NOTICE
- prometheus-{{ prometheus_version }}.linux-amd64/prometheus.yml
notify: __prometheus_restart
become: True
become_user: "{{ prometheus_user }}"
@ -48,8 +47,8 @@
notify: __prometheus_reload
- name: Copy prometheus web config file
copy:
content: "{{ prometheus_web_config | to_nice_yaml(indent=2) }}"
template:
src: "conf/web.yml.j2"
dest: "{{ prometheus_config_dir }}/web.yml"
owner: "{{ prometheus_user }}"
group: "{{ prometheus_user }}"

View File

@ -0,0 +1,4 @@
#jinja2: lstrip_blocks: True
{{ ansible_managed | comment }}
{{ prometheus_web_config | to_nice_yaml(indent=2) }}

View File

@ -34,16 +34,11 @@ ExecStart={{ prometheus_base_dir }}/prometheus \
{% endfor %}
--config.file={{ prometheus_config_dir }}/prometheus.yml
CapabilityBoundingSet=CAP_SET_UID
LimitNOFILE=65000
LockPersonality=true
NoNewPrivileges=true
MemoryDenyWriteExecute=true
PrivateDevices=true
PrivateTmp=true
ProtectHome=true
RemoveIPC=true
RestrictSUIDSGID=true
ReadWriteDirectories={{ prometheus_data_dir }}
{% for path in prometheus_read_only_dirs %}