From 53ae53b6225989923b91fd78227df79c48ae1e52 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jakub=20Soko=C5=82owski?= <jakub@status.im>
Date: Fri, 13 May 2022 21:57:44 +0200
Subject: [PATCH] add oauth consul service with ssl-proxy-backend tag
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Necessary to use our own SSL termination setup.
https://github.com/status-im/infra-hq/issues/73

Signed-off-by: Jakub Sokołowski <jakub@status.im>
---
 tasks/consul.yml                | 18 +++++++++++++++---
 templates/docker-compose.yml.j2 |  2 +-
 2 files changed, 16 insertions(+), 4 deletions(-)

diff --git a/tasks/consul.yml b/tasks/consul.yml
index c782838..c9455f9 100644
--- a/tasks/consul.yml
+++ b/tasks/consul.yml
@@ -9,11 +9,23 @@
         port: '{{ alertmanager_webui_port }}'
         address: '{{ ansible_local.wireguard.vpn_ip }}'
         checks:
-          - id: alertmanager-status
-            name: Alert Manager status
-            type: http
+          - id:   '{{ alertmanager_service_name }}-health'
+            name: 'Alert Manager Health'
+            type: 'http'
             http: 'http://localhost:{{ alertmanager_webui_port }}/api/v1/receivers'
 
+      - name: '{{ alertmanager_service_name }}-oauth'
+        tags: ['oauth-proxy', 'alertmanager', 'ssl-proxy-backend']
+        port: '{{ alertmanager_oauth_cont_port }}'
+        address: '{{ ansible_local.wireguard.vpn_ip }}'
+        meta:
+          proxy_fqdn: '{{ alertmanager_domain | mandatory }}'
+        checks:
+          - id:   '{{ alertmanager_service_name }}-oauth-health'
+            name: 'AlertManager OAuth Health'
+            type: 'http'
+            http: 'http://localhost:{{ alertmanager_oauth_cont_port }}/ping'
+
 # We need to do this for discover step to work
 - name: Reload Consul right away
   systemd:
diff --git a/templates/docker-compose.yml.j2 b/templates/docker-compose.yml.j2
index 441f982..7bad3ea 100644
--- a/templates/docker-compose.yml.j2
+++ b/templates/docker-compose.yml.j2
@@ -37,7 +37,7 @@ services:
     user: 'root'
     restart: 'always'
     ports:
-      - '127.0.0.1:{{ alertmanager_oauth_cont_port }}:{{ alertmanager_oauth_cont_port }}' # Web UI
+      - '0.0.0.0:{{ alertmanager_oauth_cont_port }}:{{ alertmanager_oauth_cont_port }}' # Web UI
     command: |
       --email-domain='*'
       --provider='github'