mirror of
https://github.com/auricom/home-cluster.git
synced 2025-10-03 01:00:54 +02:00
144 lines
4.1 KiB
YAML
144 lines
4.1 KiB
YAML
---
|
|
apiVersion: helm.toolkit.fluxcd.io/v2beta1
|
|
kind: HelmRelease
|
|
metadata:
|
|
name: blackbox-exporter
|
|
namespace: monitoring
|
|
spec:
|
|
interval: 5m
|
|
chart:
|
|
spec:
|
|
chart: prometheus-blackbox-exporter
|
|
version: 5.8.2
|
|
sourceRef:
|
|
kind: HelmRepository
|
|
name: prometheus-community-charts
|
|
namespace: flux-system
|
|
interval: 15m
|
|
install:
|
|
createNamespace: true
|
|
remediation:
|
|
retries: 5
|
|
upgrade:
|
|
remediation:
|
|
retries: 5
|
|
values:
|
|
fullnameOverride: blackbox-exporter
|
|
|
|
image:
|
|
repository: quay.io/prometheus/blackbox-exporter
|
|
allowIcmp: true
|
|
|
|
podAnnotations:
|
|
configmap.reloader.stakater.com/reload: "blackbox-exporter"
|
|
|
|
config:
|
|
modules:
|
|
icmp:
|
|
prober: icmp
|
|
timeout: 30s
|
|
icmp:
|
|
preferred_ip_protocol: "ip4"
|
|
http_2xx:
|
|
prober: http
|
|
timeout: 30s
|
|
http:
|
|
valid_http_versions: ["HTTP/1.0", "HTTP/1.1", "HTTP/2.0"]
|
|
no_follow_redirects: false
|
|
preferred_ip_protocol: "ip4"
|
|
tcp_connect:
|
|
prober: tcp
|
|
timeout: 30s
|
|
|
|
serviceMonitor:
|
|
enabled: true
|
|
defaults:
|
|
labels:
|
|
release: prometheus
|
|
interval: 2m
|
|
scrapeTimeout: 30s
|
|
targets:
|
|
- module: http_2xx
|
|
name: opnsense-http
|
|
url: "https://opnsense.${SECRET_DOMAIN}"
|
|
- module: http_2xx
|
|
name: truenas-http
|
|
url: "https://truenas.${SECRET_DOMAIN}"
|
|
- module: http_2xx
|
|
name: truenas-remote-http
|
|
url: "https://truenas-remote.${SECRET_DOMAIN}"
|
|
- name: truenas-icmp
|
|
url: "${LOCAL_LAN_TRUENAS}"
|
|
module: icmp
|
|
- name: truenas-remote-icmp
|
|
url: "${LOCAL_LAN_TRUENAS_REMOTE}"
|
|
module: icmp
|
|
- name: openmediavault-icmp
|
|
url: "${LOCAL_LAN_OPENMEDIAVAULT}"
|
|
module: icmp
|
|
- name: k3s-master-icmp
|
|
url: "${LOCAL_LAN_K3SSERVER}"
|
|
module: icmp
|
|
- name: k3s-worker1-icmp
|
|
url: "${LOCAL_LAN_K3SWORKER1}"
|
|
module: icmp
|
|
- name: k3s-worker2-icmp
|
|
url: "${LOCAL_LAN_K3SWORKER2}"
|
|
module: icmp
|
|
- name: k3s-worker3-icmp
|
|
url: "${LOCAL_LAN_K3SWORKER3}"
|
|
module: icmp
|
|
|
|
prometheusRule:
|
|
enabled: true
|
|
additionalLabels:
|
|
app: prometheus-operator
|
|
release: prometheus
|
|
rules:
|
|
- alert: BlackboxSslCertificateWillExpireSoon
|
|
expr: probe_ssl_earliest_cert_expiry - time() < 86400 * 3
|
|
for: 15m
|
|
labels:
|
|
severity: critical
|
|
annotations:
|
|
description: |-
|
|
The SSL certificate for {{"{{ $labels.target }}"}} will expire in less than 3 days
|
|
- alert: BlackboxSslCertificateExpired
|
|
expr: probe_ssl_earliest_cert_expiry - time() <= 0
|
|
for: 15m
|
|
labels:
|
|
severity: critical
|
|
annotations:
|
|
description: |-
|
|
The SSL certificate for {{"{{ $labels.target }}"}} has expired
|
|
- alert: BlackboxProbeFailed
|
|
expr: probe_success == 0
|
|
for: 15m
|
|
labels:
|
|
severity: critical
|
|
annotations:
|
|
description: |-
|
|
The host {{"{{ $labels.target }}"}} is currently unreachable
|
|
- alert: SlowResponseTime
|
|
annotations:
|
|
message: The response time for {{"{{ $labels.target }}"}} has been greater than 30 seconds for 5 minutes.
|
|
expr: probe_duration_seconds > 30
|
|
for: 15m
|
|
labels:
|
|
severity: warning
|
|
|
|
ingress:
|
|
enabled: true
|
|
className: nginx
|
|
annotations:
|
|
nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local/api/verify"
|
|
nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}"
|
|
hosts:
|
|
- host: "blackbox.${SECRET_CLUSTER_DOMAIN}"
|
|
paths:
|
|
- path: /
|
|
pathType: Prefix
|
|
tls:
|
|
- hosts:
|
|
- "blackbox.${SECRET_CLUSTER_DOMAIN}"
|