diff options
author | Christian Pointner <equinox@spreadspace.org> | 2021-10-27 23:30:04 +0200 |
---|---|---|
committer | Christian Pointner <equinox@spreadspace.org> | 2021-10-27 23:30:04 +0200 |
commit | 187894ff0d651f0f9924df9a40bc1085f4172612 (patch) | |
tree | b8493c7f811f01e760b0d7b40c17bcef41017a62 /roles/monitoring/prometheus/alertmanager | |
parent | add basic auth to prometheus/server (diff) |
prometheus add basic auth to alert-manager
Diffstat (limited to 'roles/monitoring/prometheus/alertmanager')
3 files changed, 19 insertions, 1 deletions
diff --git a/roles/monitoring/prometheus/alertmanager/defaults/main.yml b/roles/monitoring/prometheus/alertmanager/defaults/main.yml index ecec1d7c..a7f94b38 100644 --- a/roles/monitoring/prometheus/alertmanager/defaults/main.yml +++ b/roles/monitoring/prometheus/alertmanager/defaults/main.yml @@ -19,3 +19,6 @@ prometheus_alertmanager_route: prometheus_alertmanager_receivers: - name: empty + +# prometheus_server_auth_users: +# foo: secret diff --git a/roles/monitoring/prometheus/alertmanager/tasks/main.yml b/roles/monitoring/prometheus/alertmanager/tasks/main.yml index 10c0860a..338b0cbe 100644 --- a/roles/monitoring/prometheus/alertmanager/tasks/main.yml +++ b/roles/monitoring/prometheus/alertmanager/tasks/main.yml @@ -32,6 +32,21 @@ dest: /etc/prometheus/alertmanager.yml notify: reload prometheus-alertmanager +- name: generate web configuration file + when: prometheus_alertmanager_auth_users is defined + copy: + content: | + # Ansible managed + basic_auth_users: + {% for user,password in prometheus_alertmanager_auth_users.items() %} + {{ user }}: {{ password | password_hash('bcrypt', (user~'@'~inventory_hostname~'/prometheus/alertmanager') | bcrypt_salt) }} + {% endfor %} + dest: /etc/prometheus/alertmanager-web.yml + mode: 0640 + owner: root + group: prometheus-alertmanager + notify: reload prometheus-alertmanager + - name: generate systemd service unit template: src: prometheus-alertmanager.service.j2 diff --git a/roles/monitoring/prometheus/alertmanager/templates/prometheus-alertmanager.service.j2 b/roles/monitoring/prometheus/alertmanager/templates/prometheus-alertmanager.service.j2 index e548607d..5e0e3008 100644 --- a/roles/monitoring/prometheus/alertmanager/templates/prometheus-alertmanager.service.j2 +++ b/roles/monitoring/prometheus/alertmanager/templates/prometheus-alertmanager.service.j2 @@ -5,7 +5,7 @@ Documentation=https://prometheus.io/docs/alerting/alertmanager/ [Service] Restart=on-failure User=prometheus-alertmanager -ExecStart=/usr/bin/prometheus-alertmanager --config.file=/etc/prometheus/alertmanager.yml --cluster.listen-address= --storage.path="/var/lib/prometheus/alertmanager"{% if prometheus_alertmanager_web_route_prefix is defined %} --web.route-prefix={{ prometheus_alertmanager_web_route_prefix }}{% endif %} --web.listen-address={{ prometheus_alertmanager_web_listen_address }} +ExecStart=/usr/bin/prometheus-alertmanager --config.file=/etc/prometheus/alertmanager.yml --cluster.listen-address= --storage.path="/var/lib/prometheus/alertmanager"{% if prometheus_alertmanager_web_route_prefix is defined %} --web.route-prefix={{ prometheus_alertmanager_web_route_prefix }}{% endif %}{% if prometheus_alertmanager_auth_users is defined %} --web.config.file=/etc/prometheus/alertmanager-web.yml{% endif %} --web.listen-address={{ prometheus_alertmanager_web_listen_address }} ExecReload=/bin/kill -HUP $MAINPID TimeoutStopSec=20s SendSIGKILL=no |