Sienna Meridian Satterwhite
9f15f5099e
- Meet: add external-api backend path, CSRF trusted origins - Drive: fix media proxy regex for preview URLs and S3 key signing - OpenBao: enable Prometheus telemetry - Postgres alerts: fix metric name (cnpg_backends_total) - Gitea: bump memory limits for mirror workloads - Alertbot: expanded deployment config - Kratos: add find/cal/projects to allowed return URLs, settings path - Pingora: meet external-api route fix - Sol: config update
113 lines
3.1 KiB
YAML
113 lines
3.1 KiB
YAML
---
|
|
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
name: matrix-alertmanager-receiver-config
|
|
namespace: monitoring
|
|
data:
|
|
config.yaml: |
|
|
http:
|
|
port: 3000
|
|
alerts-path-prefix: /alerts
|
|
matrix:
|
|
homeserver-url: "http://tuwunel.matrix.svc.cluster.local:6167"
|
|
user-id: "@alertbot:sunbeam.pt"
|
|
access-token: "ACCESS_TOKEN_PLACEHOLDER"
|
|
room-mapping:
|
|
alerts: "ROOM_ID_PLACEHOLDER"
|
|
templating:
|
|
firing-template: |
|
|
🔥 <strong>{{ .Alert.Labels.alertname }}</strong> [{{ .Alert.Labels.severity }}]<br/>
|
|
{{ .Alert.Annotations.summary }}<br/>
|
|
<em>{{ .Alert.Annotations.description }}</em>
|
|
resolved-template: |
|
|
✅ <strong>RESOLVED: {{ .Alert.Labels.alertname }}</strong><br/>
|
|
{{ .Alert.Annotations.summary }}
|
|
---
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: matrix-alertmanager-receiver
|
|
namespace: monitoring
|
|
labels:
|
|
app: matrix-alertmanager-receiver
|
|
spec:
|
|
replicas: 1
|
|
selector:
|
|
matchLabels:
|
|
app: matrix-alertmanager-receiver
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: matrix-alertmanager-receiver
|
|
spec:
|
|
initContainers:
|
|
# Inject secrets into config file — the receiver reads a YAML file,
|
|
# not env vars. We template the placeholders with real values from
|
|
# the matrix-bot-creds Secret.
|
|
- name: inject-secrets
|
|
image: busybox
|
|
command: ["sh", "-c"]
|
|
args:
|
|
- |
|
|
cp /config-template/config.yaml /config/config.yaml
|
|
sed -i "s|ACCESS_TOKEN_PLACEHOLDER|$(cat /secrets/access_token)|" /config/config.yaml
|
|
sed -i "s|ROOM_ID_PLACEHOLDER|$(cat /secrets/room_id)|" /config/config.yaml
|
|
volumeMounts:
|
|
- name: config-template
|
|
mountPath: /config-template
|
|
readOnly: true
|
|
- name: config
|
|
mountPath: /config
|
|
- name: secrets
|
|
mountPath: /secrets
|
|
readOnly: true
|
|
resources:
|
|
limits:
|
|
memory: 16Mi
|
|
requests:
|
|
memory: 8Mi
|
|
cpu: 5m
|
|
containers:
|
|
- name: receiver
|
|
image: metio/matrix-alertmanager-receiver:latest
|
|
args: ["--config-path", "/config/config.yaml"]
|
|
ports:
|
|
- containerPort: 3000
|
|
protocol: TCP
|
|
volumeMounts:
|
|
- name: config
|
|
mountPath: /config
|
|
readOnly: true
|
|
resources:
|
|
requests:
|
|
cpu: 10m
|
|
memory: 32Mi
|
|
limits:
|
|
memory: 64Mi
|
|
volumes:
|
|
- name: config-template
|
|
configMap:
|
|
name: matrix-alertmanager-receiver-config
|
|
- name: config
|
|
emptyDir: {}
|
|
- name: secrets
|
|
secret:
|
|
secretName: matrix-bot-creds
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: matrix-alertmanager-receiver
|
|
namespace: monitoring
|
|
labels:
|
|
app: matrix-alertmanager-receiver
|
|
spec:
|
|
type: ClusterIP
|
|
ports:
|
|
- port: 3000
|
|
targetPort: 3000
|
|
protocol: TCP
|
|
selector:
|
|
app: matrix-alertmanager-receiver
|