M roles/alertmanager/files/alertmanager.conf => roles/alertmanager/files/alertmanager.conf +1 -1
@@ 1,1 1,1 @@
-ALERTMANAGER_ARGS="--data.retention=168h"
+ALERTMANAGER_ARGS="--data.retention=168h --web.config.file=/etc/alertmanager/web-config.yml"
M roles/alertmanager/tasks/main.yml => roles/alertmanager/tasks/main.yml +5 -2
@@ 12,11 12,14 @@
- name: Configure
ansible.builtin.template:
- src: alertmanager.yml.j2
- dest: /etc/alertmanager/alertmanager.yml
+ src: "{{ item }}.j2"
+ dest: "/etc/alertmanager/{{ item }}"
owner: alertmanager
group: alertmanager
mode: 0600
+ with_items:
+ - alertmanager.yml
+ - web-config.yml
notify: Reload alertmanager
- name: Install cli configuration
A roles/alertmanager/templates/web-config.yml.j2 => roles/alertmanager/templates/web-config.yml.j2 +2 -0
@@ 0,0 1,2 @@
+basic_auth_users:
+ {{ alertmanager_secrets['user'] }}: '{{ alertmanager_secrets['pass'] | password_hash('bcrypt', alertmanager_secrets['salt']) }}'
M roles/prometheus/tasks/main.yml => roles/prometheus/tasks/main.yml +1 -0
@@ 1,6 1,7 @@
---
- name: Get secrets
ansible.builtin.set_fact:
+ alertmanager_secrets: "{{ lookup('community.hashi_vault.hashi_vault', 'ansible/data/alertmanager') }}"
prometheus_secrets: "{{ lookup('community.hashi_vault.hashi_vault', 'ansible/data/prometheus') }}"
minio_jwt: "{{ lookup('community.hashi_vault.hashi_vault', 'ansible/data/minio:jwt') }}"
M roles/prometheus/templates/prometheus.yml.j2 => roles/prometheus/templates/prometheus.yml.j2 +3 -0
@@ 4,6 4,9 @@ alerting:
- static_configs:
- targets:
- localhost:9093
+ basic_auth:
+ username: "{{ alertmanager_secrets['user'] }}"
+ password: "{{ alertmanager_secrets['pass'] }}"
# Load rules once and periodically evaluate them according to the global 'evaluation_interval'.
rule_files: