Use snap-03 as the readonly database in Dublin

[chef.git] / cookbooks / prometheus / recipes / server.rb

diff --git a/cookbooks/prometheus/recipes/server.rb b/cookbooks/prometheus/recipes/server.rb
index 9c215778e202a0ee035d9ccf60601f0105b9a330..2df77a603056074e814997e8b78ed09172f41915 100644 (file)
--- a/cookbooks/prometheus/recipes/server.rb
+++ b/cookbooks/prometheus/recipes/server.rb
@@ -24,6 +24,7 @@ include_recipe "timescaledb"
 
 passwords = data_bag_item("prometheus", "passwords")
 tokens = data_bag_item("prometheus", "tokens")
+admins = data_bag_item("apache", "admins")
 
 prometheus_exporter "fastly" do
   port 8080
@@ -36,6 +37,7 @@ cache_dir = Chef::Config[:file_cache_path]
 
 prometheus_version = "2.31.1"
 alertmanager_version = "0.23.0"
+karma_version = "0.93"
 
 directory "/opt/prometheus-server" do
   owner "root"
@@ -79,12 +81,29 @@ archive_file "#{cache_dir}/alertmanager.linux-amd64.tar.gz" do
   subscribes :extract, "remote_file[#{cache_dir}/alertmanager.linux-amd64.tar.gz]"
 end
 
+remote_file "#{cache_dir}/karma-linux-amd64.tar.gz" do
+  source "https://github.com/prymitive/karma/releases/download/v#{karma_version}/karma-linux-amd64.tar.gz"
+  owner "root"
+  group "root"
+  mode "644"
+  backup false
+end
+
+archive_file "#{cache_dir}/karma-linux-amd64.tar.gz" do
+  action :nothing
+  destination "/opt/prometheus-server/karma"
+  overwrite true
+  owner "root"
+  group "root"
+  subscribes :extract, "remote_file[#{cache_dir}/karma-linux-amd64.tar.gz]"
+end
+
 package %w[
   prometheus
   prometheus-alertmanager
 ]
 
-promscale_version = "0.6.2"
+promscale_version = "0.7.1"
 
 database_version = node[:timescaledb][:database_version]
 database_cluster = "#{database_version}/main"
@@ -282,6 +301,7 @@ service "prometheus" do
   action [:enable, :start]
   subscribes :reload, "template[/etc/prometheus/prometheus.yml]"
   subscribes :reload, "template[/etc/prometheus/alert_rules.yml]"
+  subscribes :restart, "archive_file[#{cache_dir}/prometheus.linux-amd64.tar.gz]"
 end
 
 systemd_service "prometheus-alertmanager-executable" do
@@ -301,6 +321,7 @@ end
 service "prometheus-alertmanager" do
   action [:enable, :start]
   subscribes :reload, "template[/etc/prometheus/alertmanager.yml]"
+  subscribes :restart, "archive_file[#{cache_dir}/alertmanager.linux-amd64.tar.gz]"
 end
 
 template "/etc/prometheus/amtool.yml" do
@@ -310,6 +331,31 @@ template "/etc/prometheus/amtool.yml" do
   mode "644"
 end
 
+template "/etc/prometheus/karma.yml" do
+  source "karma.yml.erb"
+  owner "root"
+  group "root"
+  mode "644"
+end
+
+systemd_service "prometheus-karma" do
+  description "Alert dashboard for Prometheus Alertmanager"
+  user "prometheus"
+  exec_start "/opt/prometheus-server/karma/karma-linux-amd64 --config.file=/etc/prometheus/karma.yml"
+  private_tmp true
+  private_devices true
+  protect_system "full"
+  protect_home true
+  no_new_privileges true
+  restart "on-failure"
+end
+
+service "prometheus-karma" do
+  action [:enable, :start]
+  subscribes :reload, "template[/etc/prometheus/karma.yml]"
+  subscribes :restart, "archive_file[#{cache_dir}/karma-linux-amd64.tar.gz]"
+end
+
 package "grafana-enterprise"
 
 template "/etc/grafana/grafana.ini" do
@@ -335,6 +381,7 @@ end
 
 apache_site "prometheus.openstreetmap.org" do
   template "apache.erb"
+  variables :admin_hosts => admins["hosts"]
 end
 
 template "/etc/cron.daily/prometheus-backup" do