M README.md => README.md +3 -0
@@ 70,6 70,9 @@ alertmanager {
# the request will be proxied through ntfy-alertmanager. Therefore ntfy-alertmanager
# needs to be exposed to external network requests and base-url has to be set.
silence-duration 24h
+ # Basic authentication (https://prometheus.io/docs/alerting/latest/https/)
+ user user
+ password pass
}
# When the alert-mode is set to single, ntfy-alertmanager will cache each single alert
M config.go => config.go +16 -0
@@ 50,6 50,8 @@ type cacheConfig struct {
}
type alertmanagerConfig struct {
+ User string
+ Password string
SilenceDuration time.Duration
}
@@ 246,6 248,20 @@ func readConfig(path string) (*config, error) {
config.am.SilenceDuration = duration
}
+
+ d = amDir.Children.Get("user")
+ if d != nil {
+ if err := d.ParseParams(&config.am.User); err != nil {
+ return nil, err
+ }
+ }
+
+ d = amDir.Children.Get("password")
+ if d != nil {
+ if err := d.ParseParams(&config.am.Password); err != nil {
+ return nil, err
+ }
+ }
}
return config, nil
M config_test.go => config_test.go +8 -1
@@ 55,6 55,9 @@ alertmanager {
# the request will be proxied through ntfy-alertmanager. Therefore ntfy-alertmanager
# needs to be exposed to external network requests and base-url has to be set.
silence-duration 24h
+ # Basic authentication (https://prometheus.io/docs/alerting/latest/https/)
+ user user
+ password pass
}
# When the alert-mode is set to single, ntfy-alertmanager will cache each single alert
@@ 83,7 86,11 @@ cache {
},
},
cache: cacheConfig{CleanupInterval: time.Hour, Duration: 48 * time.Hour},
- am: alertmanagerConfig{SilenceDuration: time.Hour * 24},
+ am: alertmanagerConfig{
+ SilenceDuration: time.Hour * 24,
+ User: "user",
+ Password: "pass",
+ },
}
configPath := filepath.Join(t.TempDir(), "config")
M silence.go => silence.go +7 -0
@@ 4,6 4,7 @@ import (
"bytes"
"encoding/base64"
"encoding/json"
+ "fmt"
"io"
"net/http"
"time"
@@ 93,6 94,12 @@ func (rcv *receiver) handleSilences(w http.ResponseWriter, r *http.Request) {
return
}
+ // Basic auth
+ if rcv.cfg.am.User != "" && rcv.cfg.am.Password != "" {
+ auth := base64.StdEncoding.EncodeToString([]byte(fmt.Sprintf("%s:%s", rcv.cfg.am.User, rcv.cfg.am.Password)))
+ req.Header.Set("Authorization", fmt.Sprintf("Basic %s", auth))
+ }
+
req.Header.Add("Content-Type", "application/json")
resp, err := client.Do(req)
if err != nil {