new gitops template

cluster/apps/monitoring/blackbox-exporter/helm-release.yaml

@@ -0,0 +1,103 @@
+---
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+  name: blackbox-exporter
+  namespace: monitoring
+spec:
+  interval: 5m
+  chart:
+    spec:
+      # renovate: registryUrl=https://prometheus-community.github.io/helm-charts
+      chart: prometheus-blackbox-exporter
+      version: 4.10.4
+      sourceRef:
+        kind: HelmRepository
+        name: prometheus-community-charts
+        namespace: flux-system
+      interval: 5m
+  values:
+    allowIcmp: true
+    config:
+      modules:
+        icmp:
+          prober: icmp
+          timeout: 30s
+          icmp:
+            preferred_ip_protocol: "ip4"
+        http_2xx:
+          prober: http
+          timeout: 30s
+          http:
+            valid_http_versions: ["HTTP/1.0", "HTTP/1.1", "HTTP/2.0"]
+            no_follow_redirects: false
+            preferred_ip_protocol: "ip4"
+        tcp_connect:
+          prober: tcp
+          timeout: 30s
+    serviceMonitor:
+      enabled: true
+      defaults:
+        labels:
+          release: prometheus
+        interval: 2m
+        scrapeTimeout: 30s
+      targets:
+        - name: truenas
+          url: truenas
+          module: icmp
+        - name: truenas-remote
+          url: truenas-remote
+          module: icmp
+        - name: borgbackup
+          url: borgbackup
+          module: icmp
+        - name: postgresql
+          url: postgresql
+          module: icmp
+        - name: mariadb
+          url: mariadb
+          module: icmp
+        - name: k3s-server
+          url: k3s-server
+          module: icmp
+        - name: k3s-worker1
+          url: k3s-worker1
+          module: icmp
+        - name: k3s-worker2
+          url: k3s-worker2
+          module: icmp
+        - name: k3s-worker3
+          url: k3s-worker3
+          module: icmp
+    prometheusRule:
+      enabled: true
+      additionalLabels:
+        app: prometheus-operator
+        release: prometheus
+      rules:
+        - alert: HostDown
+          expr: probe_success == 0
+          for: 10m
+          labels:
+            severity: critical
+          annotations:
+            message: The host {{"{{ $labels.target }}"}} is currently unreachable
+        - alert: SlowResponseTime
+          annotations:
+            message: The response time for {{"{{ $labels.target }}"}} has been greater than 30 seconds for 5 minutes.
+          expr: probe_duration_seconds > 30
+          for: 15m
+          labels:
+            severity: warning
+    ingress:
+      enabled: true
+      annotations:
+        kubernetes.io/ingress.class: "nginx"
+        nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local/api/verify"
+        nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}/"
+      hosts:
+        - "blackbox.${SECRET_CLUSTER_DOMAIN}"
+      tls:
+        - hosts:
+            - "blackbox.${SECRET_CLUSTER_DOMAIN}"

cluster/apps/monitoring/blackbox-exporter/kustomization.yaml

@@ -0,0 +1,5 @@
+---
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - helm-release.yaml