1

Dockerfile

@@ -0,0 +1,6 @@
+FROM prom/prometheus:latest
+
+COPY prometheus.yml /etc/prometheus/prometheus.yml
+COPY alert.rules.yml /etc/prometheus/alert.rules.yml
+
+EXPOSE 9090/tcp

Makefile

@@ -0,0 +1,15 @@
+all: init-buildx build publish
+
+build:
+	bash build.sh
+publish:
+	bash publish.sh
+
+init-buildx: clean-buildx
+	docker buildx create --name mybuilder
+	docker buildx use mybuilder
+	docker buildx inspect --bootstrap
+	docker buildx ls
+clean-buildx:
+	docker buildx rm mybuilder;true
+

alert.rules.yml

@@ -0,0 +1,31 @@
+groups:
+- name: BlackboxAlerts
+  rules:
+  - alert: EndpointDown
+    expr: probe_success == 0
+    for: 10s
+    labels:
+      severity: "critical"
+    annotations:
+      summary: "Endpoint {{ $labels.instance }} down"
+
+- name: ssl_expiry.rules 
+  rules: 
+  - alert: SSLCertExpiringSoon 
+    expr: probe_ssl_earliest_cert_expiry{job="blackbox-tcp_connect_tls"} - time() < 86400 * 30 
+    for: 10m
+    labels:
+      severity: "critical"
+    annotations:
+      summary: "Certificate for {{ $labels.instance }} is expiring soon"
+
+- name: mysql_up
+  rules:
+  - alert: MysqldDown
+    expr: mysql_up == 0
+    for: 10s
+    labels:
+      severity: "critical"
+    annotations:
+      summary: "Mysqld service {{ $labels.instance }} is down"
+

build.sh

@@ -0,0 +1,2 @@
+#!/usr/bin/env bash
+

container-name

@@ -0,0 +1 @@
+prometheus

docker-compose.yml

@@ -0,0 +1,9 @@
+services:
+  prometheus:
+    container_name: prometheus
+    ports:
+      - 9090:9090
+    image: elicro/prometheus:latest
+    environment:
+      - TZ=Asia/Jerusalem
+    restart: unless-stopped

prometheus.yml

@@ -0,0 +1,108 @@
+# my global config
+global:
+  scrape_interval: 15s # Set the scrape interval to every 15 seconds. Default is every 1 minute.
+  evaluation_interval: 15s # Evaluate rules every 15 seconds. The default is every 1 minute.
+  # scrape_timeout is set to the global default (10s).
+
+# Alertmanager configuration
+alerting:
+  alertmanagers:
+    - static_configs:
+        - targets:
+           - 172.20.90.93:9093
+
+# Load rules once and periodically evaluate them according to the global 'evaluation_interval'.
+rule_files:
+  - alert.rules.yml
+
+# A scrape configuration containing exactly one endpoint to scrape:
+# Here it's Prometheus itself.
+scrape_configs:
+  # The job name is added as a label `job=<job_name>` to any timeseries scraped from this config.
+  - job_name: "prometheus"
+
+    # metrics_path defaults to '/metrics'
+    # scheme defaults to 'http'.
+
+  - job_name: 'node_exporter'
+    metrics_path: /metrics
+    scrape_interval: 30s
+    scrape_timeout: 20s
+    http_sd_configs:
+       - url: "http://172.20.90.80:8080/blackbox/node_exporter.json"
+
+  - job_name: 'mysqld_exporter'
+    metrics_path: /metrics
+    scrape_interval: 30s
+    scrape_timeout: 20s
+    http_sd_configs:
+       - url: "http://172.20.90.80:8080/blackbox/mysqld_exporter.json"
+
+  - job_name: 'blackbox-tcp'
+    metrics_path: /probe
+    params:
+      module: [tcp_connect]
+    scrape_interval: 30s
+    scrape_timeout: 20s
+    http_sd_configs:
+       - url: "http://172.20.90.80:8080/blackbox/blackbox-tcp.json"
+    relabel_configs:
+      - source_labels: [__address__]
+        target_label: __param_target
+      - source_labels: [__param_target]
+        target_label: instance
+      - target_label: __address__
+        replacement: 172.20.90.15:9115  # Blackbox exporter.
+
+  - job_name: 'blackbox-icmp'
+    metrics_path: /probe
+    params:
+      module: [icmp]
+    scrape_interval: 30s
+    scrape_timeout: 20s
+    http_sd_configs:
+       - url: "http://172.20.90.80:8080/blackbox/blackbox-icmp.json"
+    relabel_configs:
+      - source_labels: [__address__]
+        target_label: __param_target
+
+      - source_labels: [__param_target]
+        target_label: instance
+
+      - source_labels: [hostname]
+        target_label: __param_target
+
+      - target_label: __address__
+        replacement: 172.20.90.15:9115  # Blackbox exporter.
+
+  - job_name: 'blackbox-http_2xx_3xx_403'
+    metrics_path: /probe
+    params:
+      module: [http_2xx_3xx_403]
+    scrape_interval: 30s
+    scrape_timeout: 20s
+    http_sd_configs:
+       - url: "http://172.20.90.80:8080/blackbox/blackbox-http_2xx_3xx_403.json"
+    relabel_configs:
+      - source_labels: [__address__]
+        target_label: __param_target
+      - source_labels: [__param_target]
+        target_label: instance
+      - target_label: __address__
+        replacement: 172.20.90.15:9115  # Blackbox exporter.
+
+  - job_name: 'blackbox-tcp_connect_tls'
+    metrics_path: /probe
+    params:
+      module: [tcp_connect_tls]
+    scrape_interval: 30s
+    scrape_timeout: 20s
+    http_sd_configs:
+       - url: "http://172.20.90.80:8080/blackbox/blackbox-tcp_connect_tls.json"
+    relabel_configs:
+      - source_labels: [__address__]
+        target_label: __param_target
+      - source_labels: [__param_target]
+        target_label: instance
+      - target_label: __address__
+        replacement: 172.20.90.15:9115  # Blackbox exporter.

publish.sh

@@ -0,0 +1,11 @@
+#!/usr/bin/env bash
+
+set -x
+
+name="$(head -1 container-name)"
+docker_username="$(head -1 username)"
+
+docker login
+docker buildx build -t "${docker_username}/${name}:latest" --platform linux/amd64,linux/arm64,linux/arm/v7 --push .
+
+set +x

username

@@ -0,0 +1 @@
+elicro