monitoring02: enable alerting and migrate CNAMEs from http-proxy
- Switch vmalert from blackhole mode to sending alerts to local Alertmanager - Import alerttonotify service so alerts route to NATS notifications - Move alertmanager and grafana CNAMEs from http-proxy to monitoring02 - Add monitoring CNAME to monitoring02 - Add Caddy reverse proxy entries for alertmanager and grafana - Remove prometheus, alertmanager, and grafana Caddy entries from http-proxy (now served directly by monitoring02) - Move monitoring02 Vault AppRole to hosts-generated.tf with extra_policies support and prometheus-metrics policy - Update Promtail to use authenticated loki.home.2rjus.net endpoint only (remove unauthenticated monitoring01 client) - Update pipe-to-loki and bootstrap to use loki.home.2rjus.net with basic auth from Vault secret - Move migration plan to completed Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
@@ -16,7 +16,8 @@ let
|
||||
text = ''
|
||||
set -euo pipefail
|
||||
|
||||
LOKI_URL="http://monitoring01.home.2rjus.net:3100/loki/api/v1/push"
|
||||
LOKI_URL="https://loki.home.2rjus.net/loki/api/v1/push"
|
||||
LOKI_AUTH_FILE="/run/secrets/promtail-loki-auth"
|
||||
HOSTNAME=$(hostname)
|
||||
SESSION_ID=""
|
||||
RECORD_MODE=false
|
||||
@@ -69,7 +70,13 @@ let
|
||||
}]
|
||||
}')
|
||||
|
||||
local auth_args=()
|
||||
if [[ -f "$LOKI_AUTH_FILE" ]]; then
|
||||
auth_args=(-u "promtail:$(cat "$LOKI_AUTH_FILE")")
|
||||
fi
|
||||
|
||||
if curl -s -X POST "$LOKI_URL" \
|
||||
"''${auth_args[@]}" \
|
||||
-H "Content-Type: application/json" \
|
||||
-d "$payload" > /dev/null; then
|
||||
return 0
|
||||
|
||||
Reference in New Issue
Block a user