forked from pub-solar/infra
alertmanager: fix SMTP secret
This commit is contained in:
parent
bd4241e71d
commit
e52324209f
|
@ -15,7 +15,6 @@
|
||||||
file = "${flake.self}/secrets/grafana-smtp-password.age";
|
file = "${flake.self}/secrets/grafana-smtp-password.age";
|
||||||
mode = "440";
|
mode = "440";
|
||||||
owner = "grafana";
|
owner = "grafana";
|
||||||
group = "prometheus";
|
|
||||||
};
|
};
|
||||||
age.secrets.grafana-keycloak-client-secret = {
|
age.secrets.grafana-keycloak-client-secret = {
|
||||||
file = "${flake.self}/secrets/grafana-keycloak-client-secret.age";
|
file = "${flake.self}/secrets/grafana-keycloak-client-secret.age";
|
||||||
|
|
|
@ -11,6 +11,11 @@
|
||||||
mode = "600";
|
mode = "600";
|
||||||
owner = "prometheus";
|
owner = "prometheus";
|
||||||
};
|
};
|
||||||
|
age.secrets.alertmanager-envfile = {
|
||||||
|
file = "${flake.self}/secrets/alertmanager-envfile.age";
|
||||||
|
mode = "600";
|
||||||
|
owner = "alertmanager";
|
||||||
|
};
|
||||||
|
|
||||||
services.caddy.virtualHosts."alerts.${config.pub-solar-os.networking.domain}" = {
|
services.caddy.virtualHosts."alerts.${config.pub-solar-os.networking.domain}" = {
|
||||||
logFormat = lib.mkForce ''
|
logFormat = lib.mkForce ''
|
||||||
|
@ -104,7 +109,7 @@
|
||||||
enable = true;
|
enable = true;
|
||||||
# port = 9093; # Default
|
# port = 9093; # Default
|
||||||
webExternalUrl = "https://alerts.pub.solar";
|
webExternalUrl = "https://alerts.pub.solar";
|
||||||
# environmentFile = "${config.age.secrets.nachtigall-alertmanager-envfile.path}";
|
environmentFile = "${config.age.secrets.alertmanager-envfile.path}";
|
||||||
configuration = {
|
configuration = {
|
||||||
|
|
||||||
route = {
|
route = {
|
||||||
|
@ -126,8 +131,8 @@
|
||||||
from = "alerts@pub.solar";
|
from = "alerts@pub.solar";
|
||||||
smarthost = "mail.greenbaum.zone:465";
|
smarthost = "mail.greenbaum.zone:465";
|
||||||
auth_username = "admins@pub.solar";
|
auth_username = "admins@pub.solar";
|
||||||
auth_password_file = "${config.age.secrets.grafana-smtp-password.path}";
|
auth_password = "$SMTP_AUTH_PASSWORD";
|
||||||
require_tls = true;
|
require_tls = false;
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
# TODO:
|
# TODO:
|
||||||
|
|
43
secrets/alertmanager-envfile.age
Normal file
43
secrets/alertmanager-envfile.age
Normal file
|
@ -0,0 +1,43 @@
|
||||||
|
age-encryption.org/v1
|
||||||
|
-> ssh-ed25519 Y0ZZaw TsTaRLA+9WtN9+FJWpXeP12Af5EXMbo+ANTaLC9YlC8
|
||||||
|
Yols084RY1C9gfOrDMwJcFRuGZ/5dgGuJey7RXqm7g0
|
||||||
|
-> ssh-ed25519 uYcDNw ZLAINtv10PGMtK5TL5Tf0NyK/r1iww+vTC09ElMGoX0
|
||||||
|
EgBB3aiHHdaDue9+Zdxg6mTV2VHeLoDN9wT+hlAzVMk
|
||||||
|
-> ssh-rsa f5THog
|
||||||
|
aiJqMs3/u06tzs8lx2ISlQm87TDatqEn47v3LB3HehPanRpZx9O1HUIRTeiWkMU9
|
||||||
|
XroGe27HQCCPd63QunBHUH7WStA10IS4rHVpMcULB5IM4jwcbOhSYSiGyY2sbv8+
|
||||||
|
Nn/04ZOwrfzTabC7moV1DqAw6hnlDqKWp/q5N6xMb780w5vn6Poni3OJfuLaBWaT
|
||||||
|
r6WhE5evVt3F4jyYI64fB2hFw4AR2N/zIMOMvBncLFwJf9lbIFdbsENZf94cYceF
|
||||||
|
Tj150xdMPuErBsSJQOlfDYSmyioNN3UJUWiYsDeM3nbPEVPHhfTk6b2/lMhSQkcY
|
||||||
|
KcuMj/mN/7w7i4HSxW6mUcK2sUMV1BcSSGYRH9ZFf7kq++KpyiP7vB8vaZkcKbfJ
|
||||||
|
qqrIcXTuXhR+/bWZWqf/GQOVwRwe1TnqN5MoZHipg3a/UCe0gMM617VwZcfhBzjA
|
||||||
|
eW6VUdjSewwA8YHEuDrAeoQ4CMs7y56EaIlr2IlQy6uzJPX9eeO0auO9RZ5AR40a
|
||||||
|
7un0FrlTJX9uorpCD/zi3tvd22W5qVoMGZ8vXJShZmT9he9K3Bv6XbzG4DJQ9/nv
|
||||||
|
xZ676HUYhWeyYZFBvt6DnEBneiDJFeaV2AeuQY+juHBOfBrbYmlE0S4Pd8uRSJ7w
|
||||||
|
u5UJTT+RV5TkZhpCqqYm7DphYocnrv7Ic+QKmvKE4ls
|
||||||
|
-> ssh-rsa kFDS0A
|
||||||
|
HhilpvIiUps80SXYUXg5vqNmcy8SACvxpC5dTVBU2n+4OVXQY/35Il5ZOrUX3U7a
|
||||||
|
arfVp/KaQF7Oncu3x8F6Tp1ibUwmoyAV6OYqqs128nEPwkNbJvwrLY3aEBm+NIzm
|
||||||
|
gMlLRjj6EP84TVWgOsenQCS4l957f0QoNVxQ3f+GWdOiZZJFsv//ndsflng8zPlF
|
||||||
|
bGZy8c1TxDZfOD0/kW3Nx05c9X0EHKOEoDUc0p4qntrWlflxcvLONCgv1gZuPMF+
|
||||||
|
jMsPFP81eu3rkEUxefJ1qbvvGuW0cbzfwiStv7iGQ+Skh/vcoM0qw6p+csNKyHVO
|
||||||
|
8nYFcs9kD8067zMnyuqiUHASfZ4rPqTji0iiPC5kZn6N0YSgz2bybkXcoqmy3m6y
|
||||||
|
qs0S+RD99o2vCLhW46hZyKAgUyTU1DW42EmnZkPrLoqV7uin8fAwPO/98Q/b3Rkr
|
||||||
|
zBRtyTEbooHvOCL8limiRtDl+5LMcjRFNWk8AN+9vHMsYurXPNOCnd8n2Z4MbT2U
|
||||||
|
AhpoAD/+8HXp0InBJ/sclITVAc6tPb2CbJW6mrFezH8Ri+/6u+zSF84JDd9ZrCOz
|
||||||
|
oIshiGZmhP5mIuspVrxgKlm78a56vQrygpqzvuSSYk3zIJxmhEkZhw09/ga+rhyB
|
||||||
|
pkKn7GRyZTfKjwt5nnvW5/bmQndTa13j+7RhkRgBSvU
|
||||||
|
-> piv-p256 vRzPNw Awpc8paUfKnP6r0bYsaoeDE9GVSnads4/a3jCVScgS4V
|
||||||
|
YydKOS09kyZDYN843SHIsYUimtSQKvGhIuycPWOFojc
|
||||||
|
-> piv-p256 zqq/iw A54xbcufPkLpTD+N47AiIe/xZ/0vA5kDJ4p3rIZw0a4A
|
||||||
|
1WFP2K3tfUxtdKDBEmT3cx/u1i5nCzFR7cK4kN3WjC4
|
||||||
|
-> ssh-ed25519 YFSOsg L0lPSkoPVRKGlJ9MzkJx+cQvnZw/5m/j/JO4aRzd52Q
|
||||||
|
o/N7zQkvbGGoadiJSvL6lfuP63uqzxEIxDtIg4tgKIo
|
||||||
|
-> ssh-ed25519 iHV63A qfLWZhbDisCSJ4vFFTR+XpRUR0WViuAqarf56M0ekT4
|
||||||
|
ZSWW34pFRr0M2jFhnphIPJ5ch37ASM6OgTzyHSo0KAs
|
||||||
|
-> ssh-ed25519 BVsyTA JcFezSIfTF+AP8LYfFqz+wIpUrE0aoc1usiLtWxAPQE
|
||||||
|
F9uhFyCPK46kIy+ud4V5/ESacQgc9R0JV+JTEZO6nBI
|
||||||
|
-> ssh-ed25519 +3V2lQ G4yT1e7B5O2Gy6tusRMxuWOFScynWfFY5AjrJvxMK1o
|
||||||
|
n1OVFRqzijWlc+B93cBNdFPz+8CBYOsI5hpF1wz7xr0
|
||||||
|
--- 61u55uUc7z59iHF1IeyBLmcR6u7STUhpOPb/ODf75Vc
|
||||||
|
<$kxpû´ÚH:}ò*ä/Tâ®Ñ$‹ÕbÀJ\F*ðòWîzÉ6 Ý ±Âì<î̹>e?ñ¼<C3B1>Ÿ6ÚµÌ~Ô!
|
|
@ -60,6 +60,7 @@ in
|
||||||
"grafana-keycloak-client-secret.age".publicKeys = flora6Keys ++ adminKeys;
|
"grafana-keycloak-client-secret.age".publicKeys = flora6Keys ++ adminKeys;
|
||||||
"grafana-smtp-password.age".publicKeys = flora6Keys ++ adminKeys;
|
"grafana-smtp-password.age".publicKeys = flora6Keys ++ adminKeys;
|
||||||
|
|
||||||
|
"alertmanager-envfile.age".publicKeys = flora6Keys ++ adminKeys;
|
||||||
"nachtigall-metrics-nginx-basic-auth.age".publicKeys = nachtigallKeys ++ adminKeys;
|
"nachtigall-metrics-nginx-basic-auth.age".publicKeys = nachtigallKeys ++ adminKeys;
|
||||||
"nachtigall-metrics-prometheus-basic-auth-password.age".publicKeys =
|
"nachtigall-metrics-prometheus-basic-auth-password.age".publicKeys =
|
||||||
flora6Keys ++ nachtigallKeys ++ adminKeys;
|
flora6Keys ++ nachtigallKeys ++ adminKeys;
|
||||||
|
|
Loading…
Reference in a new issue