itamae/cookbooks/prometheus/alertmanager_setup.rb

# Create `/etc/prometheus.d/alerts`:
%w(/etc/prometheus.d/alerts).each do |d|
  directory d do
    owner  'root'
    group  'root'
    mode   '0755'
  end
end

# Deploy `alertmanager` file:
encrypted_remote_file '/etc/prometheus.d/alertmanager.yml' do
  owner 'root'
  group 'root'
  mode  '644'

  source 'files/etc/prometheus.d/alertmanager.yml/'
  password ENV['ITAMAE_PASSWORD']

  notifies :restart, 'service[alertmanager]'
end

# Deploy alert setting file:
%w(node_exporter prometheus filestat services snmp).each do |conf|
  remote_file "/etc/prometheus.d/alerts/#{conf}.yml" do
    owner  'root'
    group  'root'
    mode   '644'

    notifies :restart, 'service[prometheus]'
  end
end

# Deploy `systemd` config for `alertmanager`:
remote_file '/etc/systemd/system/alertmanager.service' do
  owner  'root'
  group  'root'
  mode   '644'
end

service 'alertmanager' do
  action [:enable, :start]
end

# Deploy `rsyslog` config for `alertmanager`:
remote_file '/etc/rsyslog.d/30-alertmanager.conf' do
  owner  'root'
  group  'root'
  mode   '644'

  notifies :restart, 'service[rsyslog]'
end

service 'rsyslog' do
  action :nothing
end

# Deploy `logroted` config for `alertmanager`:
remote_file '/etc/logrotate.d/alertmanager' do
  owner  'root'
  group  'root'
  mode   '644'
end

# Deploy `vector` config for `alertmanager`:
remote_file '/etc/vector/alertmanager.toml' do
  owner  'root'
  group  'root'
  mode   '644'

  notifies :restart, 'service[vector-alertmanager]'
end

remote_file '/etc/systemd/system/vector-alertmanager.service' do
  owner  'root'
  group  'root'
  mode   '644'

  notifies :restart, 'service[vector-alertmanager]'
end

service 'vector-alertmanager' do
  action [:enable, :start]
end

# Firewall settings here:
%w( 9093/tcp ).each do |p|
  execute "ufw allow #{p}" do
    user 'root'

    not_if "LANG=c ufw status | grep #{p}"

    notifies :run, 'execute[ufw reload-or-enable]'
  end
end

execute 'ufw reload-or-enable' do
  user 'root'
  command 'LANG=C ufw reload | grep skipping && ufw --force enable || exit 0'

  action :nothing
end
Add recipe for setting up Alert Manager 2020-07-18 05:55:12 +00:00			# Create `/etc/prometheus.d/alerts`:
			`%w(/etc/prometheus.d/alerts).each do \|d\|`
			`directory d do`
			`owner 'root'`
			`group 'root'`
			`mode '0755'`
			`end`
			`end`

			# Deploy `alertmanager` file:
Update `alertmanager.yml`. 2023-02-05 04:35:44 +00:00			`encrypted_remote_file '/etc/prometheus.d/alertmanager.yml' do`
			`owner 'root'`
			`group 'root'`
			`mode '644'`

			`source 'files/etc/prometheus.d/alertmanager.yml/'`
			`password ENV['ITAMAE_PASSWORD']`
Add recipe for setting up Alert Manager 2020-07-18 05:55:12 +00:00
Delete `supervisor` dependency. 2023-02-21 14:12:51 +00:00			`notifies :restart, 'service[alertmanager]'`
Add recipe for setting up Alert Manager 2020-07-18 05:55:12 +00:00			`end`

			`# Deploy alert setting file:`
Add alert rules for `systemd` services. 2023-02-05 04:40:53 +00:00			`%w(node_exporter prometheus filestat services snmp).each do \|conf\|`
Deploy the alert settings. 2020-07-18 16:06:26 +00:00			`remote_file "/etc/prometheus.d/alerts/#{conf}.yml" do`
			`owner 'root'`
			`group 'root'`
			`mode '644'`
Add recipe for setting up Alert Manager 2020-07-18 05:55:12 +00:00
Delete `supervisor` dependency. 2023-02-21 14:12:51 +00:00			`notifies :restart, 'service[prometheus]'`
Deploy the alert settings. 2020-07-18 16:06:26 +00:00			`end`
Add recipe for setting up Alert Manager 2020-07-18 05:55:12 +00:00			`end`

Deploy `systemd` config for `alertmanager`. 2023-02-16 12:25:49 +00:00			# Deploy `systemd` config for `alertmanager`:
			`remote_file '/etc/systemd/system/alertmanager.service' do`
Deploy `supervisord` config for `alertmanager`. 2020-09-12 06:42:56 +00:00			`owner 'root'`
			`group 'root'`
			`mode '644'`
			`end`

Deploy `systemd` config for `alertmanager`. 2023-02-16 12:25:49 +00:00			`service 'alertmanager' do`
			`action [:enable, :start]`
Add recipe for setting up Alert Manager 2020-07-18 05:55:12 +00:00			`end`

Deploy `/etc/rsyslog.d/30-alertmanager.conf`. 2023-02-16 12:26:51 +00:00			# Deploy `rsyslog` config for `alertmanager`:
			`remote_file '/etc/rsyslog.d/30-alertmanager.conf' do`
			`owner 'root'`
			`group 'root'`
			`mode '644'`

			`notifies :restart, 'service[rsyslog]'`
			`end`

			`service 'rsyslog' do`
			`action :nothing`
			`end`

Deploy `/etc/logrotate.d/alertmanager`. 2023-02-16 12:29:32 +00:00			# Deploy `logroted` config for `alertmanager`:
			`remote_file '/etc/logrotate.d/alertmanager' do`
			`owner 'root'`
			`group 'root'`
			`mode '644'`
			`end`

Deploy `/etc/vector/alertmanager.toml`. 2023-02-16 12:37:11 +00:00			# Deploy `vector` config for `alertmanager`:
			`remote_file '/etc/vector/alertmanager.toml' do`
			`owner 'root'`
			`group 'root'`
			`mode '644'`

			`notifies :restart, 'service[vector-alertmanager]'`
			`end`

Deploy `/etc/systemd/system/vector-alertmanager.service`. 2023-02-16 12:45:10 +00:00			`remote_file '/etc/systemd/system/vector-alertmanager.service' do`
			`owner 'root'`
			`group 'root'`
			`mode '644'`

			`notifies :restart, 'service[vector-alertmanager]'`
			`end`

Deploy `/etc/vector/alertmanager.toml`. 2023-02-16 12:37:11 +00:00			`service 'vector-alertmanager' do`
			`action [:enable, :start]`
			`end`

Add recipe for setting up Alert Manager 2020-07-18 05:55:12 +00:00			`# Firewall settings here:`
			`%w( 9093/tcp ).each do \|p\|`
			`execute "ufw allow #{p}" do`
			`user 'root'`

			`not_if "LANG=c ufw status \| grep #{p}"`

			`notifies :run, 'execute[ufw reload-or-enable]'`
			`end`
			`end`

			`execute 'ufw reload-or-enable' do`
			`user 'root'`
			`command 'LANG=C ufw reload \| grep skipping && ufw --force enable \|\| exit 0'`

			`action :nothing`
			`end`