From ecd7e4f2b31815212a400bb3b7aacec502a0f62a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thorben=20G=C3=BCnther?= Date: Thu, 16 Jun 2022 14:25:17 +0200 Subject: [PATCH] keycloak: Expose prometheus metrics References: https://todo.xenrox.net/~xenrox/infrastructure/3 --- roles/keycloak/files/keycloak.conf | 9 +++++++++ roles/keycloak/tasks/main.yml | 5 +++++ roles/keycloak/templates/keycloak.conf.j2 | 2 +- 3 files changed, 15 insertions(+), 1 deletion(-) diff --git a/roles/keycloak/files/keycloak.conf b/roles/keycloak/files/keycloak.conf index 407b517..61586c5 100644 --- a/roles/keycloak/files/keycloak.conf +++ b/roles/keycloak/files/keycloak.conf @@ -15,6 +15,15 @@ server { proxy_set_header X-Forwarded-Proto $scheme; } + location ~ /auth/realms/[a-z]+/metrics { + include /etc/nginx/snippets/internal_access.conf; + proxy_pass http://127.0.0.1:8444; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $remote_addr; + proxy_set_header X-Forwarded-Proto $scheme; + } + location = / { return 301 https://$server_name/auth/realms/xenrox/account; } diff --git a/roles/keycloak/tasks/main.yml b/roles/keycloak/tasks/main.yml index 4596e50..2e7fa1c 100644 --- a/roles/keycloak/tasks/main.yml +++ b/roles/keycloak/tasks/main.yml @@ -8,6 +8,11 @@ name: keycloak state: present +- name: Install prometheus metrics provider + community.general.pacman: + name: keycloak-metrics-spi + state: present + - name: Create db user community.general.postgresql_user: name: keycloak diff --git a/roles/keycloak/templates/keycloak.conf.j2 b/roles/keycloak/templates/keycloak.conf.j2 index 28a1b57..80255da 100644 --- a/roles/keycloak/templates/keycloak.conf.j2 +++ b/roles/keycloak/templates/keycloak.conf.j2 @@ -20,7 +20,7 @@ db-url=jdbc:postgresql://localhost/keycloak #health-enabled=true # If the server should expose metrics endpoints. -#metrics-enabled=true +metrics-enabled=true # HTTP -- 2.44.0