Simon Bruder
ebfa0ec16a
Sadly, they are so interconnected, that it is not easily possible to migrate it in smaller steps. It should be refactored to make them more modularised and independent of each other.
94 lines
3.3 KiB
Nix
94 lines
3.3 KiB
Nix
{ config, lib, pkgs, ... }:
|
|
let
|
|
synapseCfg = config.services.matrix-synapse;
|
|
in
|
|
{
|
|
sops.secrets = {
|
|
go-neb-overrides.sopsFile = ../../secrets.yaml;
|
|
};
|
|
|
|
users.users.go-neb = {
|
|
isSystemUser = true;
|
|
group = "go-neb";
|
|
};
|
|
users.groups.go-neb = { };
|
|
|
|
services.go-neb = rec {
|
|
enable = true;
|
|
bindAddress = "127.0.0.1:8010";
|
|
baseUrl = "http://${bindAddress}";
|
|
config = {
|
|
clients = [
|
|
{
|
|
UserID = "@alertmanager:${synapseCfg.server_name}";
|
|
HomeserverURL = synapseCfg.public_baseurl;
|
|
Sync = false;
|
|
AutoJoinRooms = false;
|
|
DisplayName = "Prometheus Alertmanager";
|
|
}
|
|
];
|
|
services = [
|
|
{
|
|
ID = "alertmanager_service";
|
|
Type = "alertmanager";
|
|
UserID = "@alertmanager:${synapseCfg.server_name}";
|
|
Config = {
|
|
webhook_url = "${baseUrl}/services/hooks/YWxlcnRtYW5hZ2VyX3NlcnZpY2U";
|
|
rooms = {
|
|
"!ceigaGYfREXXSeLFiH:sbruder.de" = {
|
|
text_template = "{{ range .Alerts }}{{ if eq .Status \"firing\" }}@room {{ end }}[{{ .Status }}] {{ index .Labels \"alertname\" }}: {{ index .Annotations \"description\" }}\n{{ end }}";
|
|
html_template = ''
|
|
{{ range .Alerts }}
|
|
{{- if eq .Status "firing" }}@room {{ end -}}
|
|
{{ $severity := index .Labels "severity" }}
|
|
<font{{ if eq .Status "firing" -}}
|
|
{{- if eq $severity "critical" }} color="red"
|
|
{{- else if eq $severity "warning" }} color="orange"
|
|
{{- end -}}
|
|
{{- else }} color="green"
|
|
{{- end }}>
|
|
<strong>{{ if eq .Status "firing" -}}
|
|
[firing{{ if ne $severity "" }} - {{ $severity }}{{ end }}]
|
|
{{- else -}}
|
|
[resolved]
|
|
{{- end }}</strong>
|
|
</font>
|
|
{{ index .Labels "alertname" }}: {{ index .Annotations "description" }} <a href="{{ .GeneratorURL }}">source</a><br/>
|
|
{{ end }}
|
|
'';
|
|
msg_type = "m.text";
|
|
};
|
|
};
|
|
};
|
|
}
|
|
];
|
|
};
|
|
};
|
|
|
|
# Load AccessToken and DeviceID from secret
|
|
systemd.services.go-neb = {
|
|
serviceConfig = {
|
|
RuntimeDirectory = "go-neb";
|
|
RuntimeDirectoryMode = "0750";
|
|
DynamicUser = lib.mkForce false;
|
|
ExecStartPre =
|
|
let
|
|
baseConfig = pkgs.writeText "config-base.json" (builtins.toJSON config.services.go-neb.config);
|
|
in
|
|
[
|
|
"!${pkgs.coreutils}/bin/install -g go-neb ${config.sops.secrets.go-neb-overrides.path} /run/go-neb/config-overrides.json"
|
|
# needs to be run in a shell script for redirection to work
|
|
(pkgs.writeShellScript "merge-go-neb-config" ''
|
|
${pkgs.jq}/bin/jq \
|
|
--slurp \
|
|
'. | map(map_values(. | with_entries(.key = (.value.ID // .value.SessionID // .value.UserID)))) | .[0] * .[1] | with_entries(.value = [.value[]])' \
|
|
${baseConfig} \
|
|
/run/go-neb/config-overrides.json \
|
|
> /run/go-neb/config.json
|
|
'')
|
|
];
|
|
};
|
|
environment.CONFIG_FILE = lib.mkForce "/run/go-neb/config.json";
|
|
};
|
|
}
|