forked from pub-solar/infra
alertmanager: fix SMTP secret
This commit is contained in:
parent
bd4241e71d
commit
e52324209f
|
@ -15,7 +15,6 @@
|
|||
file = "${flake.self}/secrets/grafana-smtp-password.age";
|
||||
mode = "440";
|
||||
owner = "grafana";
|
||||
group = "prometheus";
|
||||
};
|
||||
age.secrets.grafana-keycloak-client-secret = {
|
||||
file = "${flake.self}/secrets/grafana-keycloak-client-secret.age";
|
||||
|
|
|
@ -11,6 +11,11 @@
|
|||
mode = "600";
|
||||
owner = "prometheus";
|
||||
};
|
||||
age.secrets.alertmanager-envfile = {
|
||||
file = "${flake.self}/secrets/alertmanager-envfile.age";
|
||||
mode = "600";
|
||||
owner = "alertmanager";
|
||||
};
|
||||
|
||||
services.caddy.virtualHosts."alerts.${config.pub-solar-os.networking.domain}" = {
|
||||
logFormat = lib.mkForce ''
|
||||
|
@ -104,7 +109,7 @@
|
|||
enable = true;
|
||||
# port = 9093; # Default
|
||||
webExternalUrl = "https://alerts.pub.solar";
|
||||
# environmentFile = "${config.age.secrets.nachtigall-alertmanager-envfile.path}";
|
||||
environmentFile = "${config.age.secrets.alertmanager-envfile.path}";
|
||||
configuration = {
|
||||
|
||||
route = {
|
||||
|
@ -126,8 +131,8 @@
|
|||
from = "alerts@pub.solar";
|
||||
smarthost = "mail.greenbaum.zone:465";
|
||||
auth_username = "admins@pub.solar";
|
||||
auth_password_file = "${config.age.secrets.grafana-smtp-password.path}";
|
||||
require_tls = true;
|
||||
auth_password = "$SMTP_AUTH_PASSWORD";
|
||||
require_tls = false;
|
||||
}
|
||||
];
|
||||
# TODO:
|
||||
|
|
43
secrets/alertmanager-envfile.age
Normal file
43
secrets/alertmanager-envfile.age
Normal file
|
@ -0,0 +1,43 @@
|
|||
age-encryption.org/v1
|
||||
-> ssh-ed25519 Y0ZZaw TsTaRLA+9WtN9+FJWpXeP12Af5EXMbo+ANTaLC9YlC8
|
||||
Yols084RY1C9gfOrDMwJcFRuGZ/5dgGuJey7RXqm7g0
|
||||
-> ssh-ed25519 uYcDNw ZLAINtv10PGMtK5TL5Tf0NyK/r1iww+vTC09ElMGoX0
|
||||
EgBB3aiHHdaDue9+Zdxg6mTV2VHeLoDN9wT+hlAzVMk
|
||||
-> ssh-rsa f5THog
|
||||
aiJqMs3/u06tzs8lx2ISlQm87TDatqEn47v3LB3HehPanRpZx9O1HUIRTeiWkMU9
|
||||
XroGe27HQCCPd63QunBHUH7WStA10IS4rHVpMcULB5IM4jwcbOhSYSiGyY2sbv8+
|
||||
Nn/04ZOwrfzTabC7moV1DqAw6hnlDqKWp/q5N6xMb780w5vn6Poni3OJfuLaBWaT
|
||||
r6WhE5evVt3F4jyYI64fB2hFw4AR2N/zIMOMvBncLFwJf9lbIFdbsENZf94cYceF
|
||||
Tj150xdMPuErBsSJQOlfDYSmyioNN3UJUWiYsDeM3nbPEVPHhfTk6b2/lMhSQkcY
|
||||
KcuMj/mN/7w7i4HSxW6mUcK2sUMV1BcSSGYRH9ZFf7kq++KpyiP7vB8vaZkcKbfJ
|
||||
qqrIcXTuXhR+/bWZWqf/GQOVwRwe1TnqN5MoZHipg3a/UCe0gMM617VwZcfhBzjA
|
||||
eW6VUdjSewwA8YHEuDrAeoQ4CMs7y56EaIlr2IlQy6uzJPX9eeO0auO9RZ5AR40a
|
||||
7un0FrlTJX9uorpCD/zi3tvd22W5qVoMGZ8vXJShZmT9he9K3Bv6XbzG4DJQ9/nv
|
||||
xZ676HUYhWeyYZFBvt6DnEBneiDJFeaV2AeuQY+juHBOfBrbYmlE0S4Pd8uRSJ7w
|
||||
u5UJTT+RV5TkZhpCqqYm7DphYocnrv7Ic+QKmvKE4ls
|
||||
-> ssh-rsa kFDS0A
|
||||
HhilpvIiUps80SXYUXg5vqNmcy8SACvxpC5dTVBU2n+4OVXQY/35Il5ZOrUX3U7a
|
||||
arfVp/KaQF7Oncu3x8F6Tp1ibUwmoyAV6OYqqs128nEPwkNbJvwrLY3aEBm+NIzm
|
||||
gMlLRjj6EP84TVWgOsenQCS4l957f0QoNVxQ3f+GWdOiZZJFsv//ndsflng8zPlF
|
||||
bGZy8c1TxDZfOD0/kW3Nx05c9X0EHKOEoDUc0p4qntrWlflxcvLONCgv1gZuPMF+
|
||||
jMsPFP81eu3rkEUxefJ1qbvvGuW0cbzfwiStv7iGQ+Skh/vcoM0qw6p+csNKyHVO
|
||||
8nYFcs9kD8067zMnyuqiUHASfZ4rPqTji0iiPC5kZn6N0YSgz2bybkXcoqmy3m6y
|
||||
qs0S+RD99o2vCLhW46hZyKAgUyTU1DW42EmnZkPrLoqV7uin8fAwPO/98Q/b3Rkr
|
||||
zBRtyTEbooHvOCL8limiRtDl+5LMcjRFNWk8AN+9vHMsYurXPNOCnd8n2Z4MbT2U
|
||||
AhpoAD/+8HXp0InBJ/sclITVAc6tPb2CbJW6mrFezH8Ri+/6u+zSF84JDd9ZrCOz
|
||||
oIshiGZmhP5mIuspVrxgKlm78a56vQrygpqzvuSSYk3zIJxmhEkZhw09/ga+rhyB
|
||||
pkKn7GRyZTfKjwt5nnvW5/bmQndTa13j+7RhkRgBSvU
|
||||
-> piv-p256 vRzPNw Awpc8paUfKnP6r0bYsaoeDE9GVSnads4/a3jCVScgS4V
|
||||
YydKOS09kyZDYN843SHIsYUimtSQKvGhIuycPWOFojc
|
||||
-> piv-p256 zqq/iw A54xbcufPkLpTD+N47AiIe/xZ/0vA5kDJ4p3rIZw0a4A
|
||||
1WFP2K3tfUxtdKDBEmT3cx/u1i5nCzFR7cK4kN3WjC4
|
||||
-> ssh-ed25519 YFSOsg L0lPSkoPVRKGlJ9MzkJx+cQvnZw/5m/j/JO4aRzd52Q
|
||||
o/N7zQkvbGGoadiJSvL6lfuP63uqzxEIxDtIg4tgKIo
|
||||
-> ssh-ed25519 iHV63A qfLWZhbDisCSJ4vFFTR+XpRUR0WViuAqarf56M0ekT4
|
||||
ZSWW34pFRr0M2jFhnphIPJ5ch37ASM6OgTzyHSo0KAs
|
||||
-> ssh-ed25519 BVsyTA JcFezSIfTF+AP8LYfFqz+wIpUrE0aoc1usiLtWxAPQE
|
||||
F9uhFyCPK46kIy+ud4V5/ESacQgc9R0JV+JTEZO6nBI
|
||||
-> ssh-ed25519 +3V2lQ G4yT1e7B5O2Gy6tusRMxuWOFScynWfFY5AjrJvxMK1o
|
||||
n1OVFRqzijWlc+B93cBNdFPz+8CBYOsI5hpF1wz7xr0
|
||||
--- 61u55uUc7z59iHF1IeyBLmcR6u7STUhpOPb/ODf75Vc
|
||||
<$kxpû´ÚH:}ò*ä/Tâ®Ñ$‹ÕbÀJ\F*ðòWîzÉ6 Ý ±Âì<î̹>e?ñ¼<C3B1>Ÿ6ÚµÌ~Ô!
|
|
@ -60,6 +60,7 @@ in
|
|||
"grafana-keycloak-client-secret.age".publicKeys = flora6Keys ++ adminKeys;
|
||||
"grafana-smtp-password.age".publicKeys = flora6Keys ++ adminKeys;
|
||||
|
||||
"alertmanager-envfile.age".publicKeys = flora6Keys ++ adminKeys;
|
||||
"nachtigall-metrics-nginx-basic-auth.age".publicKeys = nachtigallKeys ++ adminKeys;
|
||||
"nachtigall-metrics-prometheus-basic-auth-password.age".publicKeys =
|
||||
flora6Keys ++ nachtigallKeys ++ adminKeys;
|
||||
|
|
Loading…
Reference in a new issue