Bootstrap alerta

This commit is contained in:
Luke Murphy 2020-04-08 19:45:03 +02:00
commit 05bf3665a7
No known key found for this signature in database
GPG Key ID: 5E2EF5A63E3718CC
20 changed files with 222 additions and 0 deletions

13
.drone.yml Normal file
View File

@ -0,0 +1,13 @@
---
kind: pipeline
name: default
steps:
- name: Deploy Alerta with Dokku
image: appleboy/drone-git-push:0.2.0-linux-amd64
settings:
remote: ssh://dokku@dokku.autonomic.zone:222/alerta
ssh_key:
from_secret: drone_deploy_key
trigger:
branch:
- master

2
.envrc.sample Normal file
View File

@ -0,0 +1,2 @@
# The path to our pass credentials store
export PASSWORD_STORE_DIR=$(pwd)/../infrastructure/credentials/password-store

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
.venv

5
CHECKS Normal file
View File

@ -0,0 +1,5 @@
WAIT=3
TIMEOUT=3
ATTEMPTS=5
/

5
Dockerfile Normal file
View File

@ -0,0 +1,5 @@
FROM alerta/alerta-web:7.4.4
EXPOSE 8080
COPY . ${WORKDIR}

5
README.md Normal file
View File

@ -0,0 +1,5 @@
# alerta
[![Build Status](https://drone.autonomic.zone/api/badges/autonomic-cooperative/alerta/status.svg)](https://drone.autonomic.zone/autonomic-cooperative/alerta)
> https://alerta.io/

5
ansible/.vault.sh Executable file
View File

@ -0,0 +1,5 @@
#!/bin/bash
set -eu -o pipefail
echo $(pass show hosts/autonomic-dokku/vault/password)

40
ansible/post-deploy.yml Normal file
View File

@ -0,0 +1,40 @@
---
- hosts: all
gather_facts: false
tasks:
- name: Load variables
include_vars:
dir: "{{ dokku_lib_root }}/data/ansible/alerta/vars/"
extensions:
- yml
- name: Set HTTP 80 port proxy
dokku_ports:
app: alerta
mappings:
- "http:80:{{ http_port }}"
state: present
- name: Setup LE certificates
shell: dokku letsencrypt alerta
args:
creates: /home/dokku/alerta/letsencrypt/certs
- name: Setup LE certificates renew cron job
shell: dokku letsencrypt:cron-job --add
args:
creates: /home/dokku/alerta/letsencrypt/cron-job
- name: Remove automatically configured ports
dokku_ports:
app: alerta
mappings:
- "http:8080:8080"
state: absent
- name: Set HTTP 443 port
dokku_ports:
app: alerta
mappings:
- "https:443:{{ http_port }}"
state: present

56
ansible/pre-deploy.yml Normal file
View File

@ -0,0 +1,56 @@
---
- hosts: all
gather_facts: false
tasks:
- name: Load variables
include_vars:
dir: "{{ dokku_lib_root }}/data/ansible/alerta/vars/"
extensions:
- yml
- name: "Configure the {{ domain }} domain"
dokku_domains:
app: alerta
domains:
- "{{ domain }}"
state: present
- name: Create postgres database
shell: "
dokku
postgres:create
alerta
--password {{ db_passwd }}
--root-password {{ root_db_passwd }}
"
args:
creates: /var/lib/dokku/services/postgres/alerta
- name: Link postgres database to application
dokku_service_link:
app: alerta
name: alerta
service: postgres
- name: Map application port to free host port
dokku_docker_options:
app: alerta
phase: run
options:
- "-p 3050:8080"
- name: Configure the dokku app environment
dokku_config:
app: alerta
restart: false
config:
ADMIN_KEY: "{{ alerta_admin_key }}"
ADMIN_PASSWORD: "{{ alerta_admin_passwd }}"
ALLOWED_KEYCLOAK_ROLES: "{{ keycloak_roles }}"
AUTH_PROVIDER: "{{ auth_provider }}"
AUTH_REQUIRED: "{{ auth_required }}"
DATABASE_NAME: "{{ db_name }}"
DATABASE_URL: "postgresql://{{ db_user }}:{{ db_passwd }}@{{ db_loc }}/{{ db_name }}"
KEYCLOAK_REALM: "{{ keycloak_realm }}"
KEYCLOAK_URL: "{{ keycloak_url }}"
SECRET_KEY: "{{ alerta_secret_key }}"

6
ansible/requirements.yml Normal file
View File

@ -0,0 +1,6 @@
---
- src: dokku_bot.ansible_dokku
version: v2020.3.24
- src: https://git.autonomic.zone/autonomic-cooperative/autonomic.gandi/archive/0.0.5.tar.gz
name: autonomic.gandi

View File

@ -0,0 +1,9 @@
---
alerta_admin_key: !vault |
$ANSIBLE_VAULT;1.1;AES256
63646336653264643762383534656133316563613837663433303531313064333562303130366162
6639613330663839356562303463616538393335636438650a356462663561313961366632653761
64326530653339346138373666623430306138623139633061653466643939653032613538646237
3832333964306461330a366334383539636431623261666530623739623533356163653535303064
39363161326165623936346339313834383561366563356330303963666639353962336565356439
6634313338326362353332356132353033396235633335663864

View File

@ -0,0 +1,9 @@
---
alerta_admin_passwd: !vault |
$ANSIBLE_VAULT;1.1;AES256
38616564643264396163666135656438336266623132393436653734313339323731613638376630
6138653434376366623966343930383565363665396132340a356461313738326438373963383738
65356263303465366630666366616537316362656639663066616366383962393533393931366535
3731333261346631360a356538626235333532353730383439393166323838353964393166376137
61613034363765623966656536373135623139323566306665303064343437616464373631346665
6566336638343939353764623833383733653232373062306264

View File

@ -0,0 +1,9 @@
---
alerta_secret_key: !vault |
$ANSIBLE_VAULT;1.1;AES256
65373532396564323565326161386132323730396234323465323166666661333537613537613137
6262333130363835336637313633383561343736663832320a316261623735356630646434383864
65313564633434306136613936333666646431333530326566356535393465376633363065626533
3935323633336234360a333030393965623364376233663134363562386463366238616336313163
32623339373863363737663530663235356134323634386664623833336533653735623937396161
3431306265383232393762333234333466336533346430333631

10
ansible/vars/all.yml Normal file
View File

@ -0,0 +1,10 @@
---
auth_provider: "keycloak"
auth_required: "true"
db_loc: "dokku-postgres-alerta:3306"
db_name: "alerta"
db_user: "postgres"
http_port: "3050"
keycloak_realm: "Autonomic"
keycloak_roles: "Worker-Owner"
keycloak_url: "https://id.autonomic.zone"

View File

@ -0,0 +1,8 @@
---
ansible_become_pass: !vault |
$ANSIBLE_VAULT;1.1;AES256
34396236353735666531323238656533643465303131663464613162396333313836363630666266
6539323631656635333864316166633064633366323936610a656137616334313534333635313232
35323561303763366563316631313638363333393763323935343563303963616334336639386462
3837383830616637360a373539613630356564363662393836366462666430353439353637303035
63396633303166343433313439303539313637306637663137313533316531616434

View File

@ -0,0 +1,9 @@
---
db_passwd: !vault |
$ANSIBLE_VAULT;1.1;AES256
66613866666133643236393137646262346262356564333730656432303766623663656639316135
6461373238626433343638326564316561623161666563390a323066616336336238643033313765
35303436643633383637663162643731326130646165363733643833663966306233383339613661
3234636138633533380a636363383366343834643831626633366366343732663334636632613730
32653539383834343937346563643539623963383237303036336431346463333262613838356134
6465386337343037336530646335663533656433306663343261

View File

@ -0,0 +1,9 @@
---
root_db_passwd: !vault |
$ANSIBLE_VAULT;1.1;AES256
61623136343461613137323665303834646466636631396538616232663061376439303739633861
6132323764333365396237303936353431313866383261340a336336313162643363643231656662
32613561666538633364643066343261636239656637303134396565666536623334616234393837
6165636634646332330a316130613531346430373163316130363330656532663137373832656237
63666337303434623465366331336538626536313535393938656232323634316632656636613339
3330386231353338343236356133393538366337626438613537

5
app.json Normal file
View File

@ -0,0 +1,5 @@
{
"name": "alerta",
"description": "A tool used to consolidate and de-duplicate alerts from multiple sources for quick at-a-glance visualisation",
"repository": "https://git.autonomic.zone/autonomic-cooperative/alerta"
}

1
requirements.txt Normal file
View File

@ -0,0 +1 @@
ansible==2.9.6

15
sbin/encrypt.sh Executable file
View File

@ -0,0 +1,15 @@
#!/bin/bash
set -eu -o pipefail
# Usage
# ./encrypt.sh mysecretname mysecretvalue
declare name="$1"
declare secret="$2"
ansible-vault \
encrypt_string \
--vault-password-file ansible/.vault.sh \
--name "$name" \
"$secret"