From 85776fe5f4877e402a3374f03b530e5e1281716c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thorben=20G=C3=BCnther?= Date: Tue, 18 Oct 2022 01:56:48 +0200 Subject: [PATCH] alertmanager: Send alerts to ntfy as well --- roles/alertmanager/handlers/main.yml | 5 +++ roles/alertmanager/tasks/main.yml | 32 ++++++++++++++++++- .../templates/alertmanager.yml.j2 | 10 ++++-- .../templates/ntfy-alertmanager.j2 | 10 ++++++ 4 files changed, 54 insertions(+), 3 deletions(-) create mode 100644 roles/alertmanager/templates/ntfy-alertmanager.j2 diff --git a/roles/alertmanager/handlers/main.yml b/roles/alertmanager/handlers/main.yml index 15925fc..95bdd66 100644 --- a/roles/alertmanager/handlers/main.yml +++ b/roles/alertmanager/handlers/main.yml @@ -8,3 +8,8 @@ ansible.builtin.systemd: name: alertmanager state: restarted + +- name: Restart ntfy-alertmanager + ansible.builtin.systemd: + name: ntfy-alertmanager + state: restarted diff --git a/roles/alertmanager/tasks/main.yml b/roles/alertmanager/tasks/main.yml index 5814930..93c13a6 100644 --- a/roles/alertmanager/tasks/main.yml +++ b/roles/alertmanager/tasks/main.yml @@ -1,7 +1,9 @@ --- -- name: Get email secrets +- name: Get secrets ansible.builtin.set_fact: + alertmanager_secrets: "{{ lookup('community.hashi_vault.hashi_vault', 'ansible/data/alertmanager') }}" email_secrets: "{{ lookup('community.hashi_vault.hashi_vault', 'ansible/data/email') }}" + infrastructure_password: "{{ lookup('community.hashi_vault.hashi_vault', 'ansible/data/ntfy:infrastructure_password') }}" - name: Install community.general.pacman: @@ -31,3 +33,31 @@ name: alertmanager enabled: true state: started + +- name: Install ntfy-alertmanager + community.general.pacman: + name: ntfy-alertmanager-git + state: present + +- name: Create ntfy-alertmanager config dir + ansible.builtin.file: + path: /etc/ntfy-alertmanager + state: directory + owner: ntfy-alertmanager + group: ntfy-alertmanager + mode: 0700 + +- name: Configure ntfy-alertmanager + ansible.builtin.template: + src: ntfy-alertmanager.j2 + dest: /etc/ntfy-alertmanager/config + owner: ntfy-alertmanager + group: ntfy-alertmanager + mode: 0600 + notify: Restart ntfy-alertmanager + +- name: Start and enable ntfy-alertmanager + ansible.builtin.systemd: + name: ntfy-alertmanager + enabled: true + state: started diff --git a/roles/alertmanager/templates/alertmanager.yml.j2 b/roles/alertmanager/templates/alertmanager.yml.j2 index c20cbf8..4655ceb 100644 --- a/roles/alertmanager/templates/alertmanager.yml.j2 +++ b/roles/alertmanager/templates/alertmanager.yml.j2 @@ -10,14 +10,20 @@ route: group_wait: 30s group_interval: 5m repeat_interval: 24h - receiver: "email" + receiver: "ntfy-email" routes: - match: job: "desktop" repeat_interval: 7d receivers: - - name: "email" + - name: "ntfy-email" email_configs: - to: "admin@xenrox.net" send_resolved: true + webhook_configs: + - url: "http://127.0.0.1:8089" + http_config: + basic_auth: + username: "{{ alertmanager_secrets['webhook_user'] }}" + password: "{{ alertmanager_secrets['webhook_pass'] }}" diff --git a/roles/alertmanager/templates/ntfy-alertmanager.j2 b/roles/alertmanager/templates/ntfy-alertmanager.j2 new file mode 100644 index 0000000..06a61aa --- /dev/null +++ b/roles/alertmanager/templates/ntfy-alertmanager.j2 @@ -0,0 +1,10 @@ +http-address 127.0.0.1:8089 +log-level debug +user {{ alertmanager_secrets['webhook_user'] }} +password {{ alertmanager_secrets['webhook_pass'] }} + +ntfy { + topic https://ntfy.xenrox.net/infrastructure + user infrastructure + password {{ infrastructure_password }} +} -- 2.44.0