K3S-HOME/observability
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
observability/alertmanager/manifests/secret.yaml
Mayne0213 c1214029a2 refactor: update Vault secret paths to new categorized structure 
- alertmanager: alertmanager → observability/alertmanager
- grafana: postgresql → storage/postgresql
- prometheus: postgresql → storage/postgresql, minio → storage/minio
- thanos: minio → storage/minio

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-11 22:36:22 +09:00

86 lines
2.4 KiB
YAML
Raw Permalink Blame History

apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: alertmanager-smtp
namespace: alertmanager
spec:
refreshInterval: 1h
secretStoreRef:
kind: ClusterSecretStore
name: vault-backend
target:
name: alertmanager-smtp
creationPolicy: Owner
data:
- secretKey: smtp_auth_password
remoteRef:
key: observability/alertmanager
property: SMTP_PASSWORD
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: alertmanager-config
namespace: alertmanager
spec:
refreshInterval: 1h
secretStoreRef:
kind: ClusterSecretStore
name: vault-backend
target:
name: alertmanager-config
creationPolicy: Owner
template:
engineVersion: v2
data:
alertmanager.yml: |
global:
resolve_timeout: 5m
smtp_smarthost: "smtp.mail.me.com:587"
smtp_from: "bluemayne0213@icloud.com"
smtp_auth_username: "bluemayne0213@icloud.com"
smtp_auth_password: "{{ .smtp_password }}"
smtp_require_tls: true
route:
group_by: ["alertname", "cluster", "service"]
group_wait: 30s
group_interval: 5m
repeat_interval: 4h
receiver: "email"
routes:
- match:
alertname: Watchdog
receiver: "null"
- match:
alertname: InfoInhibitor
receiver: "null"
- match:
severity: critical
receiver: "email"
group_wait: 10s
repeat_interval: 1h
- match:
severity: warning
receiver: "email"
group_wait: 1m
repeat_interval: 4h
receivers:
- name: "email"
email_configs:
- to: "bluemayne0213@icloud.com"
send_resolved: true
headers:
subject: "[{{ "{{" }} .Status | toUpper {{ "}}" }}] {{ "{{" }} .CommonLabels.alertname {{ "}}" }}"
- name: "null"
inhibit_rules:
- source_match:
severity: "critical"
target_match:
severity: "warning"
equal: ["alertname", "cluster", "service"]
data:
- secretKey: smtp_password
remoteRef:
key: observability/alertmanager
property: SMTP_PASSWORD
Reference in New Issue View Git Blame Copy Permalink