2024-01-06 01:19:35 +01:00
|
|
|
# SPDX-FileCopyrightText: 2021-2022 Simon Bruder <simon@sbruder.de>
|
|
|
|
#
|
|
|
|
# SPDX-License-Identifier: AGPL-3.0-or-later
|
|
|
|
|
2021-05-02 13:13:07 +02:00
|
|
|
{ config, lib, pkgs, ... }:
|
2021-04-02 17:46:07 +02:00
|
|
|
let
|
2022-05-31 14:43:51 +02:00
|
|
|
synapseCfg = config.services.matrix-synapse.settings;
|
2021-04-02 17:46:07 +02:00
|
|
|
in
|
|
|
|
{
|
2021-05-02 13:13:07 +02:00
|
|
|
sops.secrets = {
|
|
|
|
go-neb-overrides.sopsFile = ../../secrets.yaml;
|
|
|
|
};
|
|
|
|
|
2022-01-14 17:16:27 +01:00
|
|
|
users.users.go-neb = {
|
|
|
|
isSystemUser = true;
|
|
|
|
group = "go-neb";
|
|
|
|
};
|
|
|
|
users.groups.go-neb = { };
|
|
|
|
|
2021-04-02 17:46:07 +02:00
|
|
|
services.go-neb = rec {
|
|
|
|
enable = true;
|
|
|
|
bindAddress = "127.0.0.1:8010";
|
|
|
|
baseUrl = "http://${bindAddress}";
|
|
|
|
config = {
|
|
|
|
clients = [
|
2021-05-02 13:13:07 +02:00
|
|
|
{
|
2021-04-02 17:46:07 +02:00
|
|
|
UserID = "@alertmanager:${synapseCfg.server_name}";
|
|
|
|
HomeserverURL = synapseCfg.public_baseurl;
|
|
|
|
Sync = false;
|
|
|
|
AutoJoinRooms = false;
|
|
|
|
DisplayName = "Prometheus Alertmanager";
|
2021-05-02 13:13:07 +02:00
|
|
|
}
|
2021-04-02 17:46:07 +02:00
|
|
|
];
|
|
|
|
services = [
|
|
|
|
{
|
|
|
|
ID = "alertmanager_service";
|
|
|
|
Type = "alertmanager";
|
|
|
|
UserID = "@alertmanager:${synapseCfg.server_name}";
|
|
|
|
Config = {
|
|
|
|
webhook_url = "${baseUrl}/services/hooks/YWxlcnRtYW5hZ2VyX3NlcnZpY2U";
|
|
|
|
rooms = {
|
|
|
|
"!ceigaGYfREXXSeLFiH:sbruder.de" = {
|
2021-04-08 10:04:30 +02:00
|
|
|
text_template = "{{ range .Alerts }}{{ if eq .Status \"firing\" }}@room {{ end }}[{{ .Status }}] {{ index .Labels \"alertname\" }}: {{ index .Annotations \"description\" }}\n{{ end }}";
|
2021-04-02 17:46:07 +02:00
|
|
|
html_template = ''
|
|
|
|
{{ range .Alerts }}
|
2021-04-08 10:04:30 +02:00
|
|
|
{{- if eq .Status "firing" }}@room {{ end -}}
|
2021-04-02 17:46:07 +02:00
|
|
|
{{ $severity := index .Labels "severity" }}
|
|
|
|
<font{{ if eq .Status "firing" -}}
|
|
|
|
{{- if eq $severity "critical" }} color="red"
|
|
|
|
{{- else if eq $severity "warning" }} color="orange"
|
|
|
|
{{- end -}}
|
|
|
|
{{- else }} color="green"
|
|
|
|
{{- end }}>
|
|
|
|
<strong>{{ if eq .Status "firing" -}}
|
|
|
|
[firing{{ if ne $severity "" }} - {{ $severity }}{{ end }}]
|
|
|
|
{{- else -}}
|
|
|
|
[resolved]
|
|
|
|
{{- end }}</strong>
|
|
|
|
</font>
|
|
|
|
{{ index .Labels "alertname" }}: {{ index .Annotations "description" }} <a href="{{ .GeneratorURL }}">source</a><br/>
|
|
|
|
{{ end }}
|
|
|
|
'';
|
|
|
|
msg_type = "m.text";
|
|
|
|
};
|
|
|
|
};
|
|
|
|
};
|
|
|
|
}
|
|
|
|
];
|
|
|
|
};
|
|
|
|
};
|
2021-05-02 13:13:07 +02:00
|
|
|
|
|
|
|
# Load AccessToken and DeviceID from secret
|
|
|
|
systemd.services.go-neb = {
|
|
|
|
serviceConfig = {
|
|
|
|
RuntimeDirectory = "go-neb";
|
|
|
|
RuntimeDirectoryMode = "0750";
|
2022-01-14 17:16:27 +01:00
|
|
|
DynamicUser = lib.mkForce false;
|
2021-05-02 13:13:07 +02:00
|
|
|
ExecStartPre =
|
|
|
|
let
|
|
|
|
baseConfig = pkgs.writeText "config-base.json" (builtins.toJSON config.services.go-neb.config);
|
|
|
|
in
|
|
|
|
[
|
|
|
|
"!${pkgs.coreutils}/bin/install -g go-neb ${config.sops.secrets.go-neb-overrides.path} /run/go-neb/config-overrides.json"
|
|
|
|
# needs to be run in a shell script for redirection to work
|
|
|
|
(pkgs.writeShellScript "merge-go-neb-config" ''
|
|
|
|
${pkgs.jq}/bin/jq \
|
|
|
|
--slurp \
|
|
|
|
'. | map(map_values(. | with_entries(.key = (.value.ID // .value.SessionID // .value.UserID)))) | .[0] * .[1] | with_entries(.value = [.value[]])' \
|
|
|
|
${baseConfig} \
|
|
|
|
/run/go-neb/config-overrides.json \
|
|
|
|
> /run/go-neb/config.json
|
|
|
|
'')
|
|
|
|
];
|
|
|
|
};
|
|
|
|
environment.CONFIG_FILE = lib.mkForce "/run/go-neb/config.json";
|
|
|
|
};
|
2021-04-02 17:46:07 +02:00
|
|
|
}
|