--- apiVersion: apps/v1 kind: Deployment metadata: name: ntfy-alertmanager namespace: monitoring spec: selector: matchLabels: app: ntfy-alertmanager replicas: 1 template: metadata: labels: app: ntfy-alertmanager spec: containers: - name: ntfy-alertmanager image: xenrox/ntfy-alertmanager:latest args: ["--config", "/config/config.yaml"] ports: - containerPort: 8080 name: http-web-svc volumeMounts: - mountPath: "/config" name: "config" volumes: - name: config secret: secretName: ntfy-alertmanager --- apiVersion: v1 kind: Service metadata: name: ntfy-alertmanager namespace: monitoring spec: selector: app: ntfy-alertmanager type: ClusterIP ports: - name: ntfy-alertmanager-port protocol: TCP port: 80 targetPort: http-web-svc --- apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: ntfy-alertmanager namespace: monitoring annotations: traefik.ingress.kubernetes.io/router.entrypoints: websecure spec: rules: - host: ntfy-alertmanager.jibby.org http: paths: - path: / pathType: Prefix backend: service: name: ntfy-alertmanager port: number: 80 --- apiVersion: external-secrets.io/v1 kind: ExternalSecret metadata: name: ntfy-alertmanager namespace: monitoring spec: target: name: ntfy-alertmanager deletionPolicy: Delete template: type: Opaque data: ntfyamuser: |- {{ .ntfyamuser }} ntfyampass: |- {{ .ntfyampass }} config.yaml: |- # Ref: https://git.xenrox.net/~xenrox/ntfy-alertmanager/tree/master/item/config.scfg # Public facing base URL. Required for the "Silence" feature. base-url https://ntfy-alertmanager.jibby.org # http listen address http-address :8080 # Log level (either debug, info, warning, error) log-level info # Log format (either text or json) log-format text # When multiple alerts are grouped together by Alertmanager, they can either be sent # each on their own (single mode) or be kept together (multi mode) (either single or multi; default is multi) alert-mode single # Optionally protect with HTTP basic authentication user {{ .ntfyamuser }} password {{ .ntfyampass }} labels { order "severity,instance" severity "critical" { priority 5 tags "rotating_light" } severity "info" { priority 1 } instance "example.com" { tags "computer,example" } } # Settings for resolved alerts resolved { tags "resolved,partying_face" priority 1 } ntfy { # URL of the ntfy topic - required topic https://ntfy.jibby.org/alertmanager-alerts # ntfy authentication via Basic Auth (https://docs.ntfy.sh/publish/#username-password) user {{ .ntfyuser }} password {{ .ntfypass }} } alertmanager { silence-duration 24h url http://alertmanager-operated.monitoring.svc.cluster.local:9093 } data: - secretKey: ntfyamuser sourceRef: storeRef: name: bitwarden-login kind: ClusterSecretStore remoteRef: key: af0ecb7c-25e5-4907-82be-b3f80121ceae property: username - secretKey: ntfyampass sourceRef: storeRef: name: bitwarden-login kind: ClusterSecretStore remoteRef: key: af0ecb7c-25e5-4907-82be-b3f80121ceae property: password - secretKey: ntfyuser sourceRef: storeRef: name: bitwarden-login kind: ClusterSecretStore remoteRef: key: 674fbf3d-531a-4ca6-afec-b1d7012d1a8a property: username - secretKey: ntfypass sourceRef: storeRef: name: bitwarden-login kind: ClusterSecretStore remoteRef: key: 674fbf3d-531a-4ca6-afec-b1d7012d1a8a property: password