use local_x509

This commit is contained in:
histausse 2021-10-12 22:28:47 +02:00
parent dc8bd8cae5
commit 6778edbe52
Signed by: histausse
GPG key ID: 67486F107F62E9E9
4 changed files with 27 additions and 5 deletions

View file

@ -23,7 +23,7 @@ groups:
value: "{{ $value }}"
severity: 'warning'
- alert: CertExpLess30days
- alert: CertExpLess30daysProb
expr: (probe_ssl_earliest_cert_expiry{job="blackbox internal tls"}-time()) < 2592000
annotations:
title: '{{ $labels.cname }} will expire soon'
@ -34,7 +34,7 @@ groups:
value: "{{ $value }}"
severity: 'warning'
- alert: CertExpLess10days
- alert: CertExpLess10daysProb
expr: (probe_ssl_earliest_cert_expiry{job="blackbox internal tls"}-time()) < 864000
annotations:
title: '{{ $labels.cname }} expiracy is imminent!'

View file

@ -156,4 +156,26 @@ groups:
labels:
value: "{{ $value }}"
severity: warning
- alert: CertExpLess30days
expr: (local_x509_expiry_date{job="blackbox internal tls"}-time()) < 2592000
annotations:
title: '{{ $labels.cname }} will expire soon'
description: >-
The certificate {{ $labels.cname }} on {{ $labels.instance }} at {{ $labels.file }}
will expire in {{ $value | humanizeDuration }}, it's time to renew it.
labels:
value: "{{ $value }}"
severity: 'warning'
- alert: CertExpLess10days
expr: (local_x509_expiry_date{job="blackbox internal tls"}-time()) < 864000
annotations:
title: '{{ $labels.cname }} expiracy is imminent!'
description: >-
The certificate {{ $labels.cname }} on {{ $labels.instance }} at {{ $labels.file }}
will expire in {{ $value | humanizeDuration }}, RENEW IT!!!
labels:
value: "{{ $value }}"
severity: 'critical'
...

View file

@ -1,5 +1,5 @@
# The list of certs to monitor
ARGS="
/etc/letsencrypt/live/**/cert.pem
/etc/hackypky/crts/*.pem
/etc/hackypky/crts/*.crt
"

View file

@ -32,7 +32,7 @@
- name: Add the script
copy:
src: local_x509.sh
dest: /usr/share/prometheus-node-exporter/local_x509.sh
dest: /usr/share/prometheus-node-exporter-collectors/local_x509.sh
group: root
owner: root
mode: u=rwx,g=,o=
@ -66,4 +66,4 @@
systemd:
name: prometheus-node-exporter-local_x509.timer
enabled: true
state: started