status-im
/
infra-role-alertmanager
mirror of https://github.com/status-im/infra-role-alertmanager.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

add support for OAuth proxy container 

Signed-off-by: Jakub Sokołowski <jakub@status.im>
This commit is contained in:
Jakub Sokołowski 2020-12-07 14:39:30 +01:00
parent 935860d435
commit 4578af78e4
No known key found for this signature in database
GPG Key ID: 4EF064D0E6D63020
4 changed files with 41 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
README.md
View File

@ -23,6 +23,14 @@ alertmanager_victorops_service_url: 'https://alert.victorops.com/integrations/ge
```
Take note you will have to create an `alert-manager` routing rule in VictorOps.
There is also optional OAuth Proxy configuration:
```yaml
alertmanager_oauth_id: '123qwe123qwe'
alertmanager_oauth_secret: '123qwe123qwe123qwe123qwe'
alertmanager_oauth_cookie_secret: '123qwe'
alertmanager_oauth_gh_org: 'my-gh-org'
```
# Management
You can manage existing alerts by using the `amtool` on any of the hosts running this:

9
defaults/main.yml
View File

@ -25,6 +25,15 @@ alertmanager_smtp_from: ~
alertmanager_smtp_user: ~
alertmanager_smtp_pass: ~
# OAuth
alertmanager_oauth_id: ~
alertmanager_oauth_secret: ~
alertmanager_oauth_cookie_secret: ~
alertmanager_oauth_gh_org: ~
alertmanager_oauth_cont_port: 8092
alertmanager_oauth_cont_tag: 'v5.0.0'
alertmanager_oauth_cont_image: 'quay.io/pusher/oauth2_proxy:{{ alertmanager_oauth_cont_tag }}'
# Route configuration
alertmanager_group_by: ['alertname', 'cluster']
alertmanager_group_wait: '30s'

2
tasks/container.yml
View File

@ -5,7 +5,7 @@
dest: '{{ alertmanager_compose_file }}'
owner: 'dockremap'
group: 'docker'
mode: 0644
mode: 0640
- name: Create containers
docker_compose:

24
templates/docker-compose.yml.j2
View File

@ -2,7 +2,7 @@
version: '3.7'
services:
app:
container_name: '{{ alertmanager_service_name }}'
container_name: '{{ alertmanager_service_name }}-app'
image: '{{ alertmanager_cont_image }}'
user: 'root'
restart: 'always'
@ -24,3 +24,25 @@ services:
{% for peer in alertmanager_cluster_peers %}
- '--cluster.peer={{ peer.ServiceAddress }}:{{ peer.ServicePort }}' # {{ peer.Node }}
{% endfor %}
{% if alertmanager_oauth_id %}
oauth:
container_name: '{{ alertmanager_service_name }}-oauth'
image: '{{ alertmanager_oauth_cont_image }}'
user: 'root'
restart: 'always'
ports:
- '127.0.0.1:{{ alertmanager_oauth_cont_port }}:{{ alertmanager_oauth_cont_port }}' # Web UI
command: |
--email-domain='*'
--provider='github'
--github-org='{{ alertmanager_oauth_gh_org | mandatory }}'
--cookie-domain='{{ alertmanager_domain | mandatory }}'
--cookie-secret='{{ alertmanager_oauth_cookie_secret | mandatory }}'
--client-id='{{ alertmanager_oauth_id | mandatory }}'
--client-secret='{{ alertmanager_oauth_secret | mandatory }}'
--redirect-url='https://{{ alertmanager_domain }}/oauth2/callback'
--http-address='0.0.0.0:{{ alertmanager_oauth_cont_port | mandatory }}'
--upstream='http://app:{{ alertmanager_webui_port }}/'
--request-logging=false
{% endif %}