Mirrors/ansible-collection-prometheus
2
0
Fork 0
mirror of https://github.com/prometheus-community/ansible synced 2024-11-10 06:14:13 +00:00
Code Issues Projects Releases Packages Wiki Activity

node_exporter: Support filesystems mounted under '/home'

Browse source 
Set systemd's ProtectHome to 'read-only' instead of
'yes' if there exists filesystems which are mounted
at or under '/home', instead of at '/home' exclusively.

Fixes #13.

Signed-off-by: Kevin Bowrin <kevinbowrin@cunet.carleton.ca>
This commit is contained in:
Kevin Bowrin 2022-12-23 16:08:26 -05:00
parent f3449e2df2
commit 5d47937e3b
No known key found for this signature in database
GPG key ID: 3BD30E7A6917F0F0
1 changed files with 4 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
roles/node_exporter/templates/node_exporter.service.j2
View file

@ -34,11 +34,11 @@ Restart=always
RestartSec=1
StartLimitInterval=0
{% for m in ansible_mounts if m.mount == '/home' %}
ProtectHome=read-only
{% else %}
ProtectHome=yes
{% set protect_home = 'yes' %}
{% for m in ansible_mounts if m.mount.startswith('/home') %}
{% set protect_home = 'read-only' %}
{% endfor %}
ProtectHome={{ protect_home }}
NoNewPrivileges=yes
{% if node_exporter_systemd_version | int >= 232 %}