Add native Traefik support to matrix-prometheus-nginxlog-exporter

2 лет назад · 262caf0d59
--- a/docs/configuring-playbook-prometheus-nginxlog.md
+++ b/docs/configuring-playbook-prometheus-nginxlog.md
@@ -10,12 +10,6 @@ You can enable this role by adding the following settings in your configuration
 ```yaml
 matrix_prometheus_nginxlog_exporter_enabled: true
 # required depency
 prometheus_enabled: true
 # optional for visualization
 grafana_enabled: true
 ```
 x | Prerequisites | Variable | Description
@@ -27,8 +21,9 @@ _Optional_ | [`matrix-grafana`](configuring-playbook-prometheus-grafana.md) | [`
 At the moment of writing only images for `amd64` and `arm64` architectures are available
 The playbook currently does not support building an image.
 You can however use a custom-build image by setting
 The playbook currently does not support [self-building](./self-building.md) a container image on other architectures.
 You can however use a custom-build image by setting:
 ```yaml
 matrix_prometheus_nginxlog_exporter_docker_image_arch_check_enabled: false
 matrix_prometheus_nginxlog_exporter_docker_image: path/to/docker/image:tag
@@ -41,10 +36,14 @@ Please make sure you change the default Grafana password.
 ## Save metrics on an external Prometheus server
 The playbook will automatically integrate the metrics into the Prometheus server provided with this playbook. You can choose to save data on an external Prometheus instance.
 The playbook will automatically integrate the metrics into the [Prometheus](./configuring-playbook-prometheus-grafana.md) server provided with this playbook (if enabled). In such cases, the metrics endpoint is not exposed publicly - it's only available on the container network.
 When using an external Prometheus server, you'll need to expose metrics publicly. See [Collecting metrics to an external Prometheus server](./configuring-playbook-prometheus-grafana.md#collecting-metrics-to-an-external-prometheus-server).
 You can either use `matrix_prometheus_nginxlog_exporter_metrics_proxying_enabled: true` to expose just this one service, or `matrix_metrics_exposure_enabled: true` to expose all services.
 Whichever way you go with, this service will expose its metrics endpoint **without password-protection** at `https://matrix.DOMAIN/metrics/nginxlog` by default.
 For password-protection, use (`matrix_metrics_exposure_http_basic_auth_enabled` and `matrix_metrics_exposure_http_basic_auth_users`) or (`matrix_prometheus_nginxlog_exporter_container_labels_metrics_middleware_basic_auth_enabled` and `matrix_prometheus_nginxlog_exporter_container_labels_metrics_middleware_basic_auth_users`).
 The metrics of this role will be exposed on `https://matrix.DOMAIN/metrics/nginxlog` when setting
 ```yaml
 matrix_prometheus_nginxlog_exporter_metrics_proxying_enabled: true
 ```
--- a/group_vars/matrix_servers
+++ b/group_vars/matrix_servers
@@ -3303,6 +3303,8 @@ matrix_nginx_proxy_container_additional_networks: |
    (
      ([matrix_playbook_reverse_proxyable_services_additional_network] if matrix_playbook_reverse_proxyable_services_additional_network else [])
      +
      ([matrix_prometheus_nginxlog_exporter_container_network] if (matrix_prometheus_nginxlog_exporter_enabled and matrix_prometheus_nginxlog_exporter_container_network != matrix_nginx_proxy_container_network) else [])
      +
      ([jitsi_container_network] if jitsi_enabled and matrix_playbook_reverse_proxy_type == 'playbook-managed-nginx' and jitsi_container_network != matrix_nginx_proxy_container_network else [])
    ) | unique
  }}
@@ -3455,7 +3457,7 @@ matrix_ssl_architecture: "{{
 matrix_ssl_pre_obtaining_required_service_name: "{{ 'matrix-dynamic-dns' if matrix_dynamic_dns_enabled else '' }}"
 matrix_nginx_proxy_access_log_syslog_integration_enabled: "{{ matrix_prometheus_nginxlog_exporter_enabled }}"
 matrix_nginx_proxy_access_log_syslog_integration_server_port: "{{ (matrix_prometheus_nginxlog_exporter_container_hostname | string +':'+ matrix_prometheus_nginxlog_exporter_container_syslog_port | string) | default('') }}"
 matrix_nginx_proxy_access_log_syslog_integration_server_port: "{{ (matrix_prometheus_nginxlog_exporter_identifier | string +':'+ matrix_prometheus_nginxlog_exporter_container_syslog_port | string) | default('') }}"
 ######################################################################
 #
@@ -4364,8 +4366,7 @@ matrix_synapse_reverse_proxy_companion_synapse_media_repository_locations: "{{ma
 matrix_synapse_reverse_proxy_companion_synapse_user_dir_locations: "{{ matrix_synapse_workers_user_dir_worker_client_server_endpoints|default([]) }}"
 matrix_synapse_reverse_proxy_companion_access_log_syslog_integration_enabled: "{{ matrix_prometheus_nginxlog_exporter_enabled }}"
 matrix_synapse_reverse_proxy_companion_access_log_syslog_integration_server_port: "{{ (matrix_prometheus_nginxlog_exporter_container_hostname | string +':'+ matrix_prometheus_nginxlog_exporter_container_syslog_port | string) | default('') }}"
 matrix_synapse_reverse_proxy_companion_access_log_syslog_integration_server_port: "{{ (matrix_prometheus_nginxlog_exporter_identifier | string +':'+ matrix_prometheus_nginxlog_exporter_container_syslog_port | string) | default('') }}"
 ######################################################################
 #
@@ -4493,6 +4494,27 @@ prometheus_postgres_exporter_systemd_required_services_list_auto: |
 matrix_prometheus_nginxlog_exporter_enabled: false
 matrix_prometheus_nginxlog_exporter_identifier: matrix-prometheus-nginxlog-exporter
 matrix_prometheus_nginxlog_exporter_hostname: "{{ matrix_server_fqn_matrix }}"
 matrix_prometheus_nginxlog_exporter_container_network: matrix-prometheus-nginxlog-exporter
 matrix_prometheus_nginxlog_exporter_container_labels_traefik_enabled: "{{ matrix_metrics_exposure_enabled }}"
 matrix_prometheus_nginxlog_exporter_container_labels_traefik_docker_network: "{{ matrix_playbook_reverse_proxyable_services_additional_network }}"
 matrix_prometheus_nginxlog_exporter_container_labels_traefik_entrypoints: "{{ devture_traefik_entrypoint_primary }}"
 matrix_prometheus_nginxlog_exporter_container_labels_traefik_tls_certResolver: "{{ devture_traefik_certResolver_primary }}"
 matrix_prometheus_nginxlog_exporter_container_labels_metrics_middleware_basic_auth_enabled: "{{ matrix_metrics_exposure_http_basic_auth_enabled }}"
 matrix_prometheus_nginxlog_exporter_container_labels_metrics_middleware_basic_auth_users: "{{ matrix_metrics_exposure_http_basic_auth_users }}"
 matrix_prometheus_nginxlog_exporter_config_namespaces_matrix_source_tags_auto: |
  {{
    ([matrix_synapse_reverse_proxy_companion_access_log_syslog_integration_tag] if matrix_synapse_reverse_proxy_companion_access_log_syslog_integration_enabled else [])
    +
    ([matrix_homeserver_proxy_access_log_syslog_integration_tag] if matrix_homeserver_proxy_access_log_syslog_integration_enabled else [])
  }}
 ######################################################################
 #
 # /matrix-prometheus-nginxlog-exporter
@@ -4589,7 +4611,7 @@ matrix_prometheus_services_connect_scraper_hookshot_enabled: "{{ matrix_hookshot
 matrix_prometheus_services_connect_scraper_hookshot_static_configs_target: "{{ matrix_hookshot_container_url }}:{{ matrix_hookshot_metrics_port | string }}"
 matrix_prometheus_services_connect_scraper_nginxlog_enabled: "{{ matrix_prometheus_nginxlog_exporter_enabled }}"
 matrix_prometheus_services_connect_scraper_nginxlog_static_configs_target: "{{ matrix_prometheus_nginxlog_exporter_container_hostname }}:{{ matrix_prometheus_nginxlog_exporter_container_metrics_port | string }}"
 matrix_prometheus_services_connect_scraper_nginxlog_static_configs_target: "{{ matrix_prometheus_nginxlog_exporter_identifier }}:{{ matrix_prometheus_nginxlog_exporter_container_metrics_port | string }}"
 matrix_prometheus_services_connect_scraper_media_repo_enabled: "{{ matrix_media_repo_enabled and matrix_media_repo_metrics_enabled }}"
 matrix_prometheus_services_connect_scraper_media_repo_static_configs_target: "{{ matrix_media_repo_identifier }}:{{ matrix_media_repo_metrics_port }}"
--- a/roles/custom/matrix-prometheus-nginxlog-exporter/defaults/main.yml
+++ b/roles/custom/matrix-prometheus-nginxlog-exporter/defaults/main.yml
@@ -3,10 +3,16 @@
 # See: https://github.com/martin-helmich/prometheus-nginxlog-exporter/
 matrix_prometheus_nginxlog_exporter_enabled: true
 matrix_prometheus_nginxlog_exporter_identifier: ''
 # You don't need to configure a hostname and path prefix if you're not exposing this.
 matrix_prometheus_nginxlog_exporter_hostname: ''
 matrix_prometheus_nginxlog_exporter_path_prefix: "/metrics/nginxlog"
 # renovate: datasource=docker depName=ghcr.io/martin-helmich/prometheus-nginxlog-exporter/exporter
 matrix_prometheus_nginxlog_exporter_version: v1.10.0
 matrix_prometheus_nginxlog_exporter_container_hostname: 'matrix-prometheus-nginxlog-exporter'
 matrix_prometheus_nginxlog_exporter_container_metrics_port: '4040'
 matrix_prometheus_nginxlog_exporter_container_syslog_port: '6514'
@@ -19,7 +25,8 @@ matrix_prometheus_nginxlog_exporter_docker_image_arch_check_enabled: true
 # Controls whether prometheus-nginxlog-exporter metrics should be proxied (exposed) on a public URL
 matrix_prometheus_nginxlog_exporter_metrics_proxying_enabled: false
 # TODO - add more variables for controlling the hostname, path prefix, etc.
 matrix_prometheus_nginxlog_exporter_metrics_proxying_hostname: ''
 matrix_prometheus_nginxlog_exporter_metrics_proxying_path_prefix: ''
 # matrix_prometheus_nginxlog_exporter_dashboard_urls contains a list of URLs with Grafana dashboard definitions.
 # If the Grafana role is enabled, these dashboards will be downloaded.
@@ -28,13 +35,42 @@ matrix_prometheus_nginxlog_exporter_dashboard_urls: []
 matrix_prometheus_nginxlog_exporter_base_path: "{{ matrix_base_data_path }}/prometheus-nginxlog-exporter"
 matrix_prometheus_nginxlog_exporter_config_path: "{{ matrix_prometheus_nginxlog_exporter_base_path }}/config"
 matrix_prometheus_nginxlog_exporter_container_network: "{{ matrix_docker_network }}"
 matrix_prometheus_nginxlog_exporter_container_network: "{{ matrix_prometheus_nginxlog_exporter_identifier }}"
 # matrix_prometheus_nginxlog_exporter_container_labels_traefik_enabled controls whether labels to assist a Traefik reverse-proxy will be attached to the container.
 # See `../templates/labels.j2` for details.
 #
 # To inject your own other container labels, see `matrix_prometheus_nginxlog_exporter_container_labels_additional_labels`.
 matrix_prometheus_nginxlog_exporter_container_labels_traefik_enabled: "{{ true if matrix_prometheus_nginxlog_exporter_hostname else false }}"
 matrix_prometheus_nginxlog_exporter_container_labels_traefik_docker_network: "{{ matrix_prometheus_nginxlog_exporter_container_network }}"
 matrix_prometheus_nginxlog_exporter_container_labels_traefik_hostname: "{{ matrix_prometheus_nginxlog_exporter_hostname }}"
 # The path prefix must either be `/` or not end with a slash (e.g. `/metrics`).
 matrix_prometheus_nginxlog_exporter_container_labels_traefik_path_prefix: "{{ matrix_prometheus_nginxlog_exporter_path_prefix }}"
 matrix_prometheus_nginxlog_exporter_container_labels_traefik_rule: "Host(`{{ matrix_prometheus_nginxlog_exporter_container_labels_traefik_hostname }}`) && PathPrefix(`{{ matrix_prometheus_nginxlog_exporter_container_labels_traefik_path_prefix | quote }}`)"
 matrix_prometheus_nginxlog_exporter_container_labels_traefik_entrypoints: web-secure
 matrix_prometheus_nginxlog_exporter_container_labels_traefik_tls: "{{ matrix_prometheus_nginxlog_exporter_container_labels_traefik_entrypoints != 'web' }}"
 matrix_prometheus_nginxlog_exporter_container_labels_traefik_tls_certResolver: default  # noqa var-naming
 matrix_prometheus_nginxlog_exporter_container_labels_metrics_middleware_basic_auth_enabled: false
 # See: https://doc.traefik.io/traefik/middlewares/http/basicauth/#users
 matrix_prometheus_nginxlog_exporter_container_labels_metrics_middleware_basic_auth_users: ''
 # matrix_prometheus_nginxlog_exporter_container_labels_additional_labels contains a multiline string with additional labels to add to the container label file.
 # See `../templates/labels.j2` for details.
 #
 # Example:
 # matrix_prometheus_nginxlog_exporter_container_labels_additional_labels: |
 #   my.label=1
 #   another.label="here"
 matrix_prometheus_nginxlog_exporter_container_labels_additional_labels: ''
 # A list of extra docker arguments to pass to the container
 matrix_prometheus_nginxlog_exporter_container_extra_arguments: []
 # List of systemd services that matrix-prometheus_nginxlog_exporter.service depends on
 matrix_prometheus_nginxlog_exporter_systemd_required_services_list: ['docker.service']
 matrix_prometheus_nginxlog_exporter_systemd_required_services_list: "{{ matrix_prometheus_nginxlog_exporter_systemd_required_services_list_default + matrix_prometheus_nginxlog_exporter_systemd_required_services_list_auto + matrix_prometheus_nginxlog_exporter_systemd_required_services_list_custom }}"
 matrix_prometheus_nginxlog_exporter_systemd_required_services_list_default: ['docker.service']
 matrix_prometheus_nginxlog_exporter_systemd_required_services_list_auto: []
 matrix_prometheus_nginxlog_exporter_systemd_required_services_list_custom: []
 # List of systemd services that matrix-prometheus_nginxlog_exporter.service wants
 matrix_prometheus_nginxlog_exporter_systemd_wanted_services_list: []
@@ -49,3 +85,7 @@ matrix_prometheus_nginxlog_exporter_container_http_host_bind_port: ''
 # Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:6514"), or empty string to not expose.
 # NOTE: is an UDP connection!
 matrix_prometheus_nginxlog_exporter_container_syslog_host_bind_port: ''
 matrix_prometheus_nginxlog_exporter_config_namespaces_matrix_source_tags: "{{ matrix_prometheus_nginxlog_exporter_config_namespaces_matrix_source_tags_auto + matrix_prometheus_nginxlog_exporter_config_namespaces_matrix_source_tags_custom }}"
 matrix_prometheus_nginxlog_exporter_config_namespaces_matrix_source_tags_auto: []
 matrix_prometheus_nginxlog_exporter_config_namespaces_matrix_source_tags_custom: []
--- a/roles/custom/matrix-prometheus-nginxlog-exporter/tasks/inject_into_nginx_proxy.yml
+++ b/roles/custom/matrix-prometheus-nginxlog-exporter/tasks/inject_into_nginx_proxy.yml
@@ -1,23 +0,0 @@
 ---
 - name: Fail if matrix-nginx-proxy role already executed
  ansible.builtin.fail:
    msg: >-
      Trying to append prometheus-nginxlog-exporter's configuration to matrix-nginx-proxy,
      but it's pointless since the matrix-nginx-proxy role is already executed.
      To fix this, please change the order of roles in your playbook to make sure that
      the matrix-nginx-proxy role is run after the prometheus-nginxlog-exporter role.
  when: matrix_nginx_proxy_role_executed | default(False) | bool
 - name: Generate prometheus-nginxlog-exporter's metrics proxying configuration for matrix-nginx-proxy (matrix.DOMAIN/metrics/nginxlog)
  ansible.builtin.set_fact:
    matrix_prometheus_nginxlog_exporter_matrix_nginx_proxy_metrics_configuration_matrix_domain: |
      location /metrics/nginxlog {
          {# Use the embedded DNS resolver in Docker containers to discover the service #}
          resolver 127.0.0.11 valid=5s;
          set $backend "{{ matrix_prometheus_nginxlog_exporter_container_hostname }}:{{ matrix_prometheus_nginxlog_exporter_container_metrics_port }}";
          proxy_pass http://$backend/metrics;
      }
  when: matrix_prometheus_nginxlog_exporter_metrics_proxying_enabled | bool and matrix_nginx_proxy_enabled | bool
 # Injection code was here
--- a/roles/custom/matrix-prometheus-nginxlog-exporter/tasks/main.yml
+++ b/roles/custom/matrix-prometheus-nginxlog-exporter/tasks/main.yml
@@ -1,14 +1,5 @@
 ---
 - tags:
    - setup-all
    - setup-prometheus-nginxlog-exporter
    - install-all
    - install-prometheus-nginxlog-exporter
  block:
    - when: matrix_prometheus_nginxlog_exporter_enabled | bool
      ansible.builtin.include_tasks: "{{ role_path }}/tasks/inject_into_nginx_proxy.yml"
 - tags:
    - setup-all
    - setup-prometheus-nginxlog-exporter
--- a/roles/custom/matrix-prometheus-nginxlog-exporter/tasks/setup_install.yml
+++ b/roles/custom/matrix-prometheus-nginxlog-exporter/tasks/setup_install.yml
@@ -30,6 +30,16 @@
    owner: "{{ matrix_user_username }}"
    group: "{{ matrix_user_groupname }}"
 - name: Ensure prometheus-nginxlog-exporter support files installed
  ansible.builtin.template:
    src: "{{ role_path }}/templates/{{ item }}.j2"
    dest: "{{ matrix_prometheus_nginxlog_exporter_base_path }}/{{ item }}"
    mode: 0640
    owner: "{{ matrix_user_username }}"
    group: "{{ matrix_user_groupname }}"
  with_items:
    - labels
 - name: Ensure prometheus-nginxlog-exporter container network is created
  community.general.docker_network:
    name: "{{ matrix_prometheus_nginxlog_exporter_container_network }}"
--- a/roles/custom/matrix-prometheus-nginxlog-exporter/tasks/validate_config.yml
+++ b/roles/custom/matrix-prometheus-nginxlog-exporter/tasks/validate_config.yml
@@ -1,5 +1,14 @@
 ---
 - name: (Deprecation) Catch and report renamed prometheus-nginxlog-exporter settings
  ansible.builtin.fail:
    msg: >-
      Your configuration contains a variable, which now has a different name.
      Please change your configuration to rename the variable (`{{ item.old }}` -> `{{ item.new }}`).
  when: "item.old in vars"
  with_items:
    - {'old': 'matrix_prometheus_nginxlog_exporter_container_hostname', 'new': 'matrix_prometheus_nginxlog_exporter_identifier'}
 - name: Fail if docker image not availble for arch
  ansible.builtin.fail:
    msg: >
@@ -16,3 +25,13 @@
      in vars.yml
  when: matrix_prometheus_nginxlog_exporter_docker_image_arch_check_enabled and matrix_architecture not in matrix_prometheus_nginxlog_exporter_docker_image_arch
 - name: Fail if required prometheus-nginxlog-exporter settings not defined
  ansible.builtin.fail:
    msg: >-
      You need to define a required configuration setting (`{{ item.name }}`).
  when: "item.when | bool and vars[item.name] == ''"
  with_items:
    - {'name': 'matrix_prometheus_nginxlog_exporter_metrics_proxying_hostname', when: "{{ matrix_prometheus_nginxlog_exporter_metrics_proxying_enabled }}"}
    - {'name': 'matrix_prometheus_nginxlog_exporter_metrics_proxying_path_prefix', when: "{{ matrix_prometheus_nginxlog_exporter_metrics_proxying_enabled }}"}
    - {'name': 'matrix_prometheus_nginxlog_exporter_container_network', when: true}
--- a/roles/custom/matrix-prometheus-nginxlog-exporter/templates/labels.j2
+++ b/roles/custom/matrix-prometheus-nginxlog-exporter/templates/labels.j2
@@ -0,0 +1,36 @@
 {% if matrix_prometheus_nginxlog_exporter_container_labels_traefik_enabled %}
 traefik.enable=true
 {% if matrix_prometheus_nginxlog_exporter_container_labels_traefik_docker_network %}
 traefik.docker.network={{ matrix_prometheus_nginxlog_exporter_container_labels_traefik_docker_network }}
 {% endif %}
 traefik.http.services.{{ matrix_prometheus_nginxlog_exporter_identifier }}.loadbalancer.server.port={{ matrix_prometheus_nginxlog_exporter_container_metrics_port }}
 {% set middlewares = [] %}
 {% if matrix_prometheus_nginxlog_exporter_container_labels_metrics_middleware_basic_auth_enabled %}
 {% set middlewares = middlewares + [matrix_prometheus_nginxlog_exporter_identifier + '-basic-auth'] %}
 traefik.http.middlewares.{{ matrix_prometheus_nginxlog_exporter_identifier }}-basic-auth.basicauth.users={{ matrix_prometheus_nginxlog_exporter_container_labels_metrics_middleware_basic_auth_users }}
 {% endif %}
 {% set middlewares = middlewares + [matrix_prometheus_nginxlog_exporter_identifier + '-replacepath'] %}
 traefik.http.middlewares.{{ matrix_prometheus_nginxlog_exporter_identifier }}-replacepath.replacepath.path=/metrics
 traefik.http.routers.{{ matrix_prometheus_nginxlog_exporter_identifier }}.rule={{ matrix_prometheus_nginxlog_exporter_container_labels_traefik_rule }}
 {% if middlewares | length > 0 %}
 traefik.http.routers.{{ matrix_prometheus_nginxlog_exporter_identifier }}.middlewares={{ middlewares | join(',') }}
 {% endif %}
 traefik.http.routers.{{ matrix_prometheus_nginxlog_exporter_identifier }}.service={{ matrix_prometheus_nginxlog_exporter_identifier }}
 traefik.http.routers.{{ matrix_prometheus_nginxlog_exporter_identifier }}.entrypoints={{ matrix_prometheus_nginxlog_exporter_container_labels_traefik_entrypoints }}
 traefik.http.routers.{{ matrix_prometheus_nginxlog_exporter_identifier }}.tls={{ matrix_prometheus_nginxlog_exporter_container_labels_traefik_tls | to_json }}
 {% if matrix_prometheus_nginxlog_exporter_container_labels_traefik_tls %}
 traefik.http.routers.{{ matrix_prometheus_nginxlog_exporter_identifier }}.tls.certResolver={{ matrix_prometheus_nginxlog_exporter_container_labels_traefik_tls_certResolver }}
 {% endif %}
 {% endif %}
 {{ matrix_prometheus_nginxlog_exporter_container_labels_additional_labels }}
--- a/roles/custom/matrix-prometheus-nginxlog-exporter/templates/prometheus-nginxlog-exporter.yaml.j2
+++ b/roles/custom/matrix-prometheus-nginxlog-exporter/templates/prometheus-nginxlog-exporter.yaml.j2
@@ -16,7 +16,7 @@ namespaces:
        listen_address: "udp://0.0.0.0:{{ matrix_prometheus_nginxlog_exporter_container_syslog_port }}"
        # format options: "rfc3164" ,"rfc5424", "rfc6587", "auto"
        format: auto
        tags: ["matrix_nginx_proxy", "matrix_nginx_proxy_companion"]
        tags: {{ matrix_prometheus_nginxlog_exporter_config_namespaces_matrix_source_tags | to_json }}
    relabel_configs:
      - target_label: request_uri
        from: request
@@ -54,4 +54,4 @@ namespaces:
      - target_label: request_host
        from: host
      - target_label: log_source
        from: log_source
        from: log_source
--- a/roles/custom/matrix-prometheus-nginxlog-exporter/templates/systemd/matrix-prometheus-nginxlog-exporter.service.j2
+++ b/roles/custom/matrix-prometheus-nginxlog-exporter/templates/systemd/matrix-prometheus-nginxlog-exporter.service.j2
@@ -1,6 +1,6 @@
 #jinja2: lstrip_blocks: "True"
 [Unit]
 Description={{ matrix_prometheus_nginxlog_exporter_container_hostname }}
 Description=prometheus-nginxlog-exporteer ({{ matrix_prometheus_nginxlog_exporter_identifier }})
 {% for service in matrix_prometheus_nginxlog_exporter_systemd_required_services_list %}
 Requires={{ service }}
 After={{ service }}
@@ -13,11 +13,12 @@ DefaultDependencies=no
 [Service]
 Type=simple
 Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}"
 ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop --time={{ devture_systemd_docker_base_container_stop_grace_time_seconds }} {{ matrix_prometheus_nginxlog_exporter_container_hostname }} 2>/dev/null || true'
 ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm {{ matrix_prometheus_nginxlog_exporter_container_hostname }} 2>/dev/null || true'
 ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop --time={{ devture_systemd_docker_base_container_stop_grace_time_seconds }} {{ matrix_prometheus_nginxlog_exporter_identifier }} 2>/dev/null || true'
 ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm {{ matrix_prometheus_nginxlog_exporter_identifier }} 2>/dev/null || true'
 ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_prometheus_nginxlog_exporter_container_hostname }} \
 ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
 			--rm \
 			--name={{ matrix_prometheus_nginxlog_exporter_identifier }} \
 			--log-driver=none \
 			--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
 			--cap-drop=ALL \
@@ -30,17 +31,24 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name
 			-p {{ matrix_prometheus_nginxlog_exporter_container_syslog_host_bind_port }}:{{ matrix_prometheus_nginxlog_exporter_container_syslog_port }}/udp \
 			{% endif %}
 			--mount type=bind,src={{ matrix_prometheus_nginxlog_exporter_config_path }},dst=/etc/prometheus-nginxlog-exporter \
 			--label-file={{ matrix_prometheus_nginxlog_exporter_base_path }}/labels \
 			{% for arg in matrix_prometheus_nginxlog_exporter_container_extra_arguments %}
 			{{ arg }} \
 			{% endfor %}
 			{{ matrix_prometheus_nginxlog_exporter_docker_image }} \
 			-config-file /etc/prometheus-nginxlog-exporter/prometheus-nginxlog-exporter.yaml
 ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop --time={{ devture_systemd_docker_base_container_stop_grace_time_seconds }} {{ matrix_prometheus_nginxlog_exporter_container_hostname }} 2>/dev/null || true'
 ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm {{ matrix_prometheus_nginxlog_exporter_container_hostname }} 2>/dev/null || true'
 {% for network in matrix_mautrix_facebook_container_additional_networks %}
 ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} {{ matrix_prometheus_nginxlog_exporter_identifier }}
 {% endfor %}
 ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach {{ matrix_prometheus_nginxlog_exporter_identifier }}
 ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop --time={{ devture_systemd_docker_base_container_stop_grace_time_seconds }} {{ matrix_prometheus_nginxlog_exporter_identifier }} 2>/dev/null || true'
 ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm {{ matrix_prometheus_nginxlog_exporter_identifier }} 2>/dev/null || true'
 Restart=always
 RestartSec=30
 SyslogIdentifier={{ matrix_prometheus_nginxlog_exporter_container_hostname }}
 SyslogIdentifier={{ matrix_prometheus_nginxlog_exporter_identifier }}
 [Install]
 WantedBy=multi-user.target