Add alertmanager config #169

Closed
pinpox wants to merge 4 commits from pinpox/infra:main into main
Member
  • Added config for prometheus alertmanager
  • Added alerting rules

There are a few TODO's open, I marked them with comments accordingly so they can be easily grepped

- Added config for prometheus alertmanager - Added alerting rules There are a few TODO's open, I marked them with comments accordingly so they can be easily grepped
pinpox added 1 commit 2024-04-26 22:15:30 +00:00
Add alertmanager config
Some checks failed
Flake checks / Check (pull_request) Failing after 4m2s
8e66bea9c8
pinpox force-pushed main from e504392cf8 to a66c6ada59 2024-04-26 22:26:22 +00:00 Compare
pinpox added 1 commit 2024-04-26 22:26:55 +00:00
Autoformat dns.tf
Some checks failed
Flake checks / Check (pull_request) Failing after 3m55s
a98cfc82e5
b12f reviewed 2024-04-26 23:29:01 +00:00
@ -68,0 +80,4 @@
alertmanager = {
enable = true;
# port = 9093; # Default
webExternalUrl = "https://alerts.pub.solar"; # TODO use a proper url?
Owner

You're missing the nginx config in front of the alertmanager

You're missing the nginx config in front of the alertmanager
Author
Member

fixed by d58209ef93

fixed by d58209ef93385735e00084fb02015918985dc06d
pinpox marked this conversation as resolved
pinpox added 1 commit 2024-04-26 23:38:10 +00:00
Add reverseproxy for alerts.pub.solar
Some checks failed
Flake checks / Check (pull_request) Failing after 4m3s
d58209ef93
teutat3s reviewed 2024-04-27 16:12:05 +00:00
teutat3s left a comment
Owner

Thanks a lot for this contribution! Would you be fine with us taking this to a branch and adding our fixes on top?

Thanks a lot for this contribution! Would you be fine with us taking this to a branch and adding our fixes on top?
@ -40,0 +41,4 @@
logFormat = lib.mkForce ''
output discard
'';
extraConfig = ''
Owner

Here we'd want to use the bind directive to only listen on the WireGuard IP, exposing alertmanager only internally.

bind 10.7.6.2
tls internal

and then

reverse_proxy :${toString config.services.prometheus.alertmanager.port}

To have valid Let's Encrypt certificates, we'd need to configure DNS challenge, but that could be a future task IMO.

Here we'd want to use the `bind` directive to only listen on the WireGuard IP, exposing alertmanager only internally. ``` bind 10.7.6.2 tls internal ``` and then ``` reverse_proxy :${toString config.services.prometheus.alertmanager.port} ``` To have valid Let's Encrypt certificates, we'd need to configure DNS challenge, but that could be a future task IMO.
Author
Member

Sure feel free to reuse as you wish. I might be able to join tomorrow if you are still hakking on it

Sure feel free to reuse as you wish. I might be able to join tomorrow if you are still hakking on it
Owner

Closing in favor of #189

Closing in favor of #189
teutat3s closed this pull request 2024-05-12 19:16:18 +00:00
Some checks failed
Flake checks / Check (pull_request) Failing after 4m3s
Required
Details

Pull request closed

Sign in to join this conversation.
No reviewers
No milestone
No project
No assignees
3 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: pub-solar/infra#169
No description provided.