Mercurial > prosody-modules
annotate mod_pubsub_alertmanager/mod_pubsub_alertmanager.lua @ 5298:12f7d8b901e0
mod_audit: Support for adding location (GeoIP) to audit events
This can be more privacy-friendly than logging full IP addresses, and also
more informative to a user - IP addresses don't mean much to the average
person, however if they see activity from outside their expected country, they
can immediately identify suspicious activity.
As with IPs, this field is configurable for deployments that would like to
disable it. Location is also not logged when the geoip library is not
available.
author | Matthew Wild <mwild1@gmail.com> |
---|---|
date | Sat, 01 Apr 2023 13:11:53 +0100 |
parents | adda872fa9e1 |
children | 67190744b1eb |
rev | line source |
---|---|
1619
43c54a27bab2
mod_pubsub_post: Module to publish to pubsub nodes from a simple HTTP POST
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
1 local st = require "util.stanza"; |
43c54a27bab2
mod_pubsub_post: Module to publish to pubsub nodes from a simple HTTP POST
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
2 local json = require "util.json"; |
4625
f7e26c43a9bc
mod_pubsub_alertmanager: Add TODOs
Kim Alvefur <zash@zash.se>
parents:
4621
diff
changeset
|
3 local filters = { --[[ TODO what's useful? ]] }; |
4619
b11001bd915d
mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents:
4618
diff
changeset
|
4 local render = require "util.interpolation".new("%b{}", tostring, filters); |
1619
43c54a27bab2
mod_pubsub_post: Module to publish to pubsub nodes from a simple HTTP POST
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
5 local uuid_generate = require "util.uuid".generate; |
4618
48132b6e1b16
mod_pubsub_alertmanager: Publish Alertmanager alerts into pubsub
Kim Alvefur <zash@zash.se>
parents:
4552
diff
changeset
|
6 |
4625
f7e26c43a9bc
mod_pubsub_alertmanager: Add TODOs
Kim Alvefur <zash@zash.se>
parents:
4621
diff
changeset
|
7 -- TODO alertmanager supports inclusion of HTTP auth and OAuth, worth looking |
f7e26c43a9bc
mod_pubsub_alertmanager: Add TODOs
Kim Alvefur <zash@zash.se>
parents:
4621
diff
changeset
|
8 -- into for using instead of request IP |
f7e26c43a9bc
mod_pubsub_alertmanager: Add TODOs
Kim Alvefur <zash@zash.se>
parents:
4621
diff
changeset
|
9 |
4618
48132b6e1b16
mod_pubsub_alertmanager: Publish Alertmanager alerts into pubsub
Kim Alvefur <zash@zash.se>
parents:
4552
diff
changeset
|
10 module:depends("http"); |
1619
43c54a27bab2
mod_pubsub_post: Module to publish to pubsub nodes from a simple HTTP POST
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
11 |
43c54a27bab2
mod_pubsub_post: Module to publish to pubsub nodes from a simple HTTP POST
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
12 local pubsub_service = module:depends("pubsub").service; |
43c54a27bab2
mod_pubsub_post: Module to publish to pubsub nodes from a simple HTTP POST
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
13 |
3014
72dbc9b66de8
mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents:
3013
diff
changeset
|
14 local error_mapping = { |
72dbc9b66de8
mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents:
3013
diff
changeset
|
15 ["forbidden"] = 403; |
72dbc9b66de8
mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents:
3013
diff
changeset
|
16 ["item-not-found"] = 404; |
72dbc9b66de8
mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents:
3013
diff
changeset
|
17 ["internal-server-error"] = 500; |
72dbc9b66de8
mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents:
3013
diff
changeset
|
18 ["conflict"] = 409; |
72dbc9b66de8
mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents:
3013
diff
changeset
|
19 }; |
72dbc9b66de8
mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents:
3013
diff
changeset
|
20 |
3017
8e48c0b233e0
mod_pubsub_post: Factor out the 'actor' into an argument
Kim Alvefur <zash@zash.se>
parents:
3016
diff
changeset
|
21 local function publish_payload(node, actor, item_id, payload) |
3014
72dbc9b66de8
mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents:
3013
diff
changeset
|
22 local post_item = st.stanza("item", { xmlns = "http://jabber.org/protocol/pubsub", id = item_id, }) |
72dbc9b66de8
mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents:
3013
diff
changeset
|
23 :add_child(payload); |
3017
8e48c0b233e0
mod_pubsub_post: Factor out the 'actor' into an argument
Kim Alvefur <zash@zash.se>
parents:
3016
diff
changeset
|
24 local ok, err = pubsub_service:publish(node, actor, item_id, post_item); |
3014
72dbc9b66de8
mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents:
3013
diff
changeset
|
25 module:log("debug", ":publish(%q, true, %q, %s) -> %q", node, item_id, payload:top_tag(), err or ""); |
72dbc9b66de8
mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents:
3013
diff
changeset
|
26 if not ok then |
72dbc9b66de8
mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents:
3013
diff
changeset
|
27 return error_mapping[err] or 500; |
72dbc9b66de8
mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents:
3013
diff
changeset
|
28 end |
72dbc9b66de8
mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents:
3013
diff
changeset
|
29 return 202; |
72dbc9b66de8
mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents:
3013
diff
changeset
|
30 end |
1619
43c54a27bab2
mod_pubsub_post: Module to publish to pubsub nodes from a simple HTTP POST
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
31 |
4621
ebc2c099a11b
mod_pubsub_alertmanager: Allow templating the pubsub node to publish to
Kim Alvefur <zash@zash.se>
parents:
4620
diff
changeset
|
32 local node_template = module:get_option_string("alertmanager_node_template", "{path?alerts}"); |
ebc2c099a11b
mod_pubsub_alertmanager: Allow templating the pubsub node to publish to
Kim Alvefur <zash@zash.se>
parents:
4620
diff
changeset
|
33 |
3014
72dbc9b66de8
mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents:
3013
diff
changeset
|
34 function handle_POST(event, path) |
72dbc9b66de8
mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents:
3013
diff
changeset
|
35 local request = event.request; |
72dbc9b66de8
mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents:
3013
diff
changeset
|
36 |
4618
48132b6e1b16
mod_pubsub_alertmanager: Publish Alertmanager alerts into pubsub
Kim Alvefur <zash@zash.se>
parents:
4552
diff
changeset
|
37 local payload = json.decode(event.request.body); |
48132b6e1b16
mod_pubsub_alertmanager: Publish Alertmanager alerts into pubsub
Kim Alvefur <zash@zash.se>
parents:
4552
diff
changeset
|
38 if type(payload) ~= "table" then return 400; end |
48132b6e1b16
mod_pubsub_alertmanager: Publish Alertmanager alerts into pubsub
Kim Alvefur <zash@zash.se>
parents:
4552
diff
changeset
|
39 if payload.version ~= "4" then return 501; end |
3501
1df139b157fb
mod_pubsub_post: Add support for WebSub authentication
Kim Alvefur <zash@zash.se>
parents:
3255
diff
changeset
|
40 |
4618
48132b6e1b16
mod_pubsub_alertmanager: Publish Alertmanager alerts into pubsub
Kim Alvefur <zash@zash.se>
parents:
4552
diff
changeset
|
41 for _, alert in ipairs(payload.alerts) do |
48132b6e1b16
mod_pubsub_alertmanager: Publish Alertmanager alerts into pubsub
Kim Alvefur <zash@zash.se>
parents:
4552
diff
changeset
|
42 local item = st.stanza("alerts", {xmlns = "urn:uuid:e3bec775-c607-4e9b-9a3f-94de1316d861:v4", status=alert.status}); |
48132b6e1b16
mod_pubsub_alertmanager: Publish Alertmanager alerts into pubsub
Kim Alvefur <zash@zash.se>
parents:
4552
diff
changeset
|
43 for k, v in pairs(alert.annotations) do |
48132b6e1b16
mod_pubsub_alertmanager: Publish Alertmanager alerts into pubsub
Kim Alvefur <zash@zash.se>
parents:
4552
diff
changeset
|
44 item:text_tag("annotation", v, { name=k }); |
48132b6e1b16
mod_pubsub_alertmanager: Publish Alertmanager alerts into pubsub
Kim Alvefur <zash@zash.se>
parents:
4552
diff
changeset
|
45 end |
48132b6e1b16
mod_pubsub_alertmanager: Publish Alertmanager alerts into pubsub
Kim Alvefur <zash@zash.se>
parents:
4552
diff
changeset
|
46 for k, v in pairs(alert.labels) do |
48132b6e1b16
mod_pubsub_alertmanager: Publish Alertmanager alerts into pubsub
Kim Alvefur <zash@zash.se>
parents:
4552
diff
changeset
|
47 item:text_tag("label", v, { name=k }); |
48132b6e1b16
mod_pubsub_alertmanager: Publish Alertmanager alerts into pubsub
Kim Alvefur <zash@zash.se>
parents:
4552
diff
changeset
|
48 end |
48132b6e1b16
mod_pubsub_alertmanager: Publish Alertmanager alerts into pubsub
Kim Alvefur <zash@zash.se>
parents:
4552
diff
changeset
|
49 item:tag("starts", { at = alert.startsAt}):up(); |
4626
285efde5e8a5
mod_pubsub_alertmanager: Exclude "ends at" timestamp for unresolved alerts
Kim Alvefur <zash@zash.se>
parents:
4625
diff
changeset
|
50 if alert.endsAt and alert.status == "resolved" then |
4618
48132b6e1b16
mod_pubsub_alertmanager: Publish Alertmanager alerts into pubsub
Kim Alvefur <zash@zash.se>
parents:
4552
diff
changeset
|
51 item:tag("ends", { at = alert.endsAt }):up(); |
48132b6e1b16
mod_pubsub_alertmanager: Publish Alertmanager alerts into pubsub
Kim Alvefur <zash@zash.se>
parents:
4552
diff
changeset
|
52 end |
48132b6e1b16
mod_pubsub_alertmanager: Publish Alertmanager alerts into pubsub
Kim Alvefur <zash@zash.se>
parents:
4552
diff
changeset
|
53 if alert.generatorURL then |
48132b6e1b16
mod_pubsub_alertmanager: Publish Alertmanager alerts into pubsub
Kim Alvefur <zash@zash.se>
parents:
4552
diff
changeset
|
54 item:tag("link", { href=alert.generatorURL }):up(); |
48132b6e1b16
mod_pubsub_alertmanager: Publish Alertmanager alerts into pubsub
Kim Alvefur <zash@zash.se>
parents:
4552
diff
changeset
|
55 end |
3255
64d1dfbd1740
mod_pubsub_post: Ensure actor is non-nil (catch inability to determine IP or simliar)
Kim Alvefur <zash@zash.se>
parents:
3254
diff
changeset
|
56 |
4621
ebc2c099a11b
mod_pubsub_alertmanager: Allow templating the pubsub node to publish to
Kim Alvefur <zash@zash.se>
parents:
4620
diff
changeset
|
57 local node = render(node_template, {alert = alert, path = path, payload = payload, request = request}); |
ebc2c099a11b
mod_pubsub_alertmanager: Allow templating the pubsub node to publish to
Kim Alvefur <zash@zash.se>
parents:
4620
diff
changeset
|
58 local ret = publish_payload(node, request.ip, uuid_generate(), item); |
4618
48132b6e1b16
mod_pubsub_alertmanager: Publish Alertmanager alerts into pubsub
Kim Alvefur <zash@zash.se>
parents:
4552
diff
changeset
|
59 if ret ~= 202 then |
48132b6e1b16
mod_pubsub_alertmanager: Publish Alertmanager alerts into pubsub
Kim Alvefur <zash@zash.se>
parents:
4552
diff
changeset
|
60 return ret |
48132b6e1b16
mod_pubsub_alertmanager: Publish Alertmanager alerts into pubsub
Kim Alvefur <zash@zash.se>
parents:
4552
diff
changeset
|
61 end |
3014
72dbc9b66de8
mod_pubsub_post: Change to support arbitrary XML payloads
Kim Alvefur <zash@zash.se>
parents:
3013
diff
changeset
|
62 end |
4618
48132b6e1b16
mod_pubsub_alertmanager: Publish Alertmanager alerts into pubsub
Kim Alvefur <zash@zash.se>
parents:
4552
diff
changeset
|
63 return 202; |
1619
43c54a27bab2
mod_pubsub_post: Module to publish to pubsub nodes from a simple HTTP POST
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
64 end |
43c54a27bab2
mod_pubsub_post: Module to publish to pubsub nodes from a simple HTTP POST
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
65 |
4620
9b253cce7d88
mod_pubsub_alertmanager: Allow configuring template for <body> rendering
Kim Alvefur <zash@zash.se>
parents:
4619
diff
changeset
|
66 local template = module:get_option_string("alertmanager_body_template", [[ |
4619
b11001bd915d
mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents:
4618
diff
changeset
|
67 *ALARM!* |
b11001bd915d
mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents:
4618
diff
changeset
|
68 Status: {status} |
b11001bd915d
mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents:
4618
diff
changeset
|
69 Starts at: {startsAt}{endsAt& |
b11001bd915d
mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents:
4618
diff
changeset
|
70 Ends at: {endsAt}} |
b11001bd915d
mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents:
4618
diff
changeset
|
71 Labels: {labels% |
b11001bd915d
mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents:
4618
diff
changeset
|
72 {idx}: {item}} |
b11001bd915d
mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents:
4618
diff
changeset
|
73 Annotations: {annotations% |
b11001bd915d
mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents:
4618
diff
changeset
|
74 {idx}: {item}} |
4620
9b253cce7d88
mod_pubsub_alertmanager: Allow configuring template for <body> rendering
Kim Alvefur <zash@zash.se>
parents:
4619
diff
changeset
|
75 ]]); |
4619
b11001bd915d
mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents:
4618
diff
changeset
|
76 |
b11001bd915d
mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents:
4618
diff
changeset
|
77 module:hook("pubsub-summary/urn:uuid:e3bec775-c607-4e9b-9a3f-94de1316d861:v4", function(event) |
b11001bd915d
mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents:
4618
diff
changeset
|
78 local payload = event.payload; |
b11001bd915d
mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents:
4618
diff
changeset
|
79 |
b11001bd915d
mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents:
4618
diff
changeset
|
80 local data = { |
b11001bd915d
mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents:
4618
diff
changeset
|
81 status = payload.attr.status, |
4627
adda872fa9e1
mod_pubsub_alertmanager: Include status booleans in template input
Kim Alvefur <zash@zash.se>
parents:
4626
diff
changeset
|
82 firing = "firing" == payload.attr.status, |
adda872fa9e1
mod_pubsub_alertmanager: Include status booleans in template input
Kim Alvefur <zash@zash.se>
parents:
4626
diff
changeset
|
83 resolved = "resolved" == payload.attr.status, |
4619
b11001bd915d
mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents:
4618
diff
changeset
|
84 annotations = {}, |
b11001bd915d
mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents:
4618
diff
changeset
|
85 labels = {}, |
b11001bd915d
mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents:
4618
diff
changeset
|
86 endsAt = payload:find("ends/@at"), |
b11001bd915d
mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents:
4618
diff
changeset
|
87 startsAt = payload:find("starts/@at"), |
b11001bd915d
mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents:
4618
diff
changeset
|
88 }; |
b11001bd915d
mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents:
4618
diff
changeset
|
89 for label in payload:childtags("label") do |
b11001bd915d
mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents:
4618
diff
changeset
|
90 data.labels[tostring(label.attr.name)] = label:get_text(); |
b11001bd915d
mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents:
4618
diff
changeset
|
91 end |
b11001bd915d
mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents:
4618
diff
changeset
|
92 for annotation in payload:childtags("annotation") do |
b11001bd915d
mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents:
4618
diff
changeset
|
93 data.annotations[tostring(annotation.attr.name)] = annotation:get_text(); |
b11001bd915d
mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents:
4618
diff
changeset
|
94 end |
b11001bd915d
mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents:
4618
diff
changeset
|
95 |
b11001bd915d
mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents:
4618
diff
changeset
|
96 return render(template, data); |
b11001bd915d
mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents:
4618
diff
changeset
|
97 end); |
b11001bd915d
mod_pubsub_alertmanager: Add a plain text summary
Kim Alvefur <zash@zash.se>
parents:
4618
diff
changeset
|
98 |
1619
43c54a27bab2
mod_pubsub_post: Module to publish to pubsub nodes from a simple HTTP POST
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
99 module:provides("http", { |
43c54a27bab2
mod_pubsub_post: Module to publish to pubsub nodes from a simple HTTP POST
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
100 route = { |
43c54a27bab2
mod_pubsub_post: Module to publish to pubsub nodes from a simple HTTP POST
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
101 ["POST /*"] = handle_POST; |
4621
ebc2c099a11b
mod_pubsub_alertmanager: Allow templating the pubsub node to publish to
Kim Alvefur <zash@zash.se>
parents:
4620
diff
changeset
|
102 ["POST"] = handle_POST; |
1619
43c54a27bab2
mod_pubsub_post: Module to publish to pubsub nodes from a simple HTTP POST
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
103 }; |
43c54a27bab2
mod_pubsub_post: Module to publish to pubsub nodes from a simple HTTP POST
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
104 }); |