diff --git a/docs/monitoring.md b/docs/monitoring.md index e140b73..6df68bc 100644 --- a/docs/monitoring.md +++ b/docs/monitoring.md @@ -1,7 +1,8 @@ # Uptime Monitoring with Uptime Kuma **Status**: ✅ Deployed -**URL**: http://94.130.231.155:3001 (will be https://status.postxsociety.cloud after DNS setup) +**URL**: https://status.vrije.cloud (DNS configured) +**Fallback**: https://status.vrije.cloud **Server**: External monitoring server (94.130.231.155) ## Overview @@ -70,7 +71,7 @@ networks: Open in browser: ``` -http://94.130.231.155:3001 +https://status.vrije.cloud ``` ### 2. Create Admin Account @@ -233,7 +234,7 @@ Uptime Kuma supports public status pages. To enable: - **Theme**: Choose theme 4. Add monitors to display 5. Click **Save** -6. Access at: `http://94.130.231.155:3001/status/ptt-status` +6. Access at: `https://status.vrije.cloud/status/ptt-status` ## DNS Setup (Optional) @@ -246,7 +247,7 @@ Add A record: status.vrije.cloud → 94.130.231.155 ``` -Then access at: `https://status.postxsociety.cloud` (via nginx-proxy SSL) +Then access at: `https://status.vrije.cloud` (via nginx-proxy SSL) ### Option 2: Use postxsociety.cloud diff --git a/docs/uptime-kuma-email-setup.md b/docs/uptime-kuma-email-setup.md new file mode 100644 index 0000000..887e1cc --- /dev/null +++ b/docs/uptime-kuma-email-setup.md @@ -0,0 +1,147 @@ +# Uptime Kuma Email Notification Setup + +## Quick Setup Guide + +### 1. Access Uptime Kuma + +Open: **https://status.vrije.cloud** + +### 2. Navigate to Settings + +1. Click on **Settings** (gear icon) in the left sidebar +2. Click on **Notifications** + +### 3. Add Email (SMTP) Notification + +1. Click **Setup Notification** +2. Select **Email (SMTP)** +3. Configure with these settings: + +``` +Notification Type: Email (SMTP) +Friendly Name: PTT Email Alerts + +SMTP Settings: + Hostname: smtp.strato.com + Port: 587 + Security: STARTTLS (or "None" with TLS unchecked) + +Authentication: + Username: server@postxsociety.org + Password: Mov!ePubl1cL0ndon@longW!7h + +From Email: server@postxsociety.org +To Email: mail@postxsociety.org + +Custom Subject (optional): + [🔴 DOWN] {msg} + [✅ UP] {msg} +``` + +### 4. Test the Notification + +1. Click **Test** button +2. Check mail@postxsociety.org for test email +3. If successful, click **Save** + +### 5. Apply to All Monitors + +Option A - Apply when creating monitors: +- When creating each monitor, select this notification in the "Notifications" section + +Option B - Apply to existing monitors: +1. Go to each monitor's settings (Edit button) +2. Scroll to "Notifications" section +3. Enable "PTT Email Alerts" +4. Click **Save** + +### 6. Configure Alert Rules + +In the notification settings or per-monitor: + +**What to alert on:** +- ✅ **When service goes down** - Immediate alert +- ✅ **When service comes back up** - Immediate alert +- ✅ **Certificate expiring** - 30 days before +- ✅ **Certificate expiring** - 7 days before + +**Alert frequency:** +- Send alert immediately when status changes +- Repeat notification every 60 minutes if still down (optional) + +## Testing + +After setup, test by: + +1. Creating a test monitor pointing to a non-existent URL +2. Wait for it to show as "DOWN" +3. Verify email notification received +4. Delete the test monitor + +## Troubleshooting + +### No emails received + +1. Check SMTP settings are correct +2. Test SMTP connection: + ```bash + telnet smtp.strato.com 587 + ``` +3. Check spam/junk folder +4. Verify email address is correct + +### Authentication failed + +- Double-check username and password +- Ensure no extra spaces in credentials +- Try re-saving the notification + +### Connection timeout + +- Verify port 587 is not blocked by firewall +- Try port 25 or 465 (with SSL/TLS) +- Check if SMTP server allows connections from monitoring server IP + +## Alternative: Use Environment Variables + +If you want to configure email at container level, update the Docker Compose file: + +```yaml +services: + uptime-kuma: + environment: + # Add SMTP environment variables here if supported by future versions +``` + +Currently, Uptime Kuma requires web UI configuration for SMTP. + +## Notification Settings Per Monitor + +When creating monitors for clients, ensure: + +- **HTTP(S) monitors**: Enable email notifications +- **SSL monitors**: Enable email notifications with 30-day and 7-day warnings +- **Alert threshold**: 3 failed checks before alerting (prevents false positives) + +## Email Template + +Uptime Kuma sends emails with: +- Monitor name +- Status (UP/DOWN) +- Timestamp +- Response time +- Error message (if applicable) +- Link to monitor in Uptime Kuma + +## Best Practices + +1. **Test regularly** - Verify emails are being received +2. **Multiple recipients** - Add additional email addresses for redundancy +3. **Alert fatigue** - Don't over-alert; use reasonable thresholds +4. **Maintenance mode** - Pause monitors during planned maintenance +5. **Group notifications** - Create notification groups for different teams + +## Related + +- [Monitoring Documentation](monitoring.md) +- Uptime Kuma Notification Docs: https://github.com/louislam/uptime-kuma/wiki/Notification-Methods diff --git a/scripts/add-client-to-monitoring.sh b/scripts/add-client-to-monitoring.sh new file mode 100755 index 0000000..5e56090 --- /dev/null +++ b/scripts/add-client-to-monitoring.sh @@ -0,0 +1,87 @@ +#!/usr/bin/env bash +# +# Add client monitors to Uptime Kuma +# +# Usage: ./scripts/add-client-to-monitoring.sh +# +# This script creates HTTP(S) and SSL monitors for a client's services +# Currently uses manual instructions - future: use Uptime Kuma API + +set -euo pipefail + +# Colors for output +RED='\033[0;31m' +GREEN='\033[0;32m' +YELLOW='\033[1;33m' +BLUE='\033[0;34m' +NC='\033[0m' # No Color + +# Script directory +SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +PROJECT_ROOT="$(dirname "$SCRIPT_DIR")" + +# Check arguments +if [ $# -ne 1 ]; then + echo -e "${RED}Error: Client name required${NC}" + echo "Usage: $0 " + exit 1 +fi + +CLIENT_NAME="$1" +BASE_DOMAIN="vrije.cloud" + +# Calculate URLs +AUTH_URL="https://auth.${CLIENT_NAME}.${BASE_DOMAIN}" +NEXTCLOUD_URL="https://nextcloud.${CLIENT_NAME}.${BASE_DOMAIN}" +AUTH_DOMAIN="auth.${CLIENT_NAME}.${BASE_DOMAIN}" +NEXTCLOUD_DOMAIN="nextcloud.${CLIENT_NAME}.${BASE_DOMAIN}" + +echo -e "${BLUE}========================================${NC}" +echo -e "${BLUE}Add Client to Monitoring${NC}" +echo -e "${BLUE}========================================${NC}" +echo "" +echo -e "${YELLOW}Client: ${CLIENT_NAME}${NC}" +echo "" + +# TODO: Implement automated monitor creation via Uptime Kuma API +# For now, provide manual instructions + +echo -e "${YELLOW}Manual Setup Required:${NC}" +echo "" +echo "Please add the following monitors in Uptime Kuma:" +echo "🔗 Access: https://status.vrije.cloud" +echo "" +echo -e "${GREEN}HTTP(S) Monitors:${NC}" +echo "" +echo "1. ${CLIENT_NAME} - Authentik" +echo " Type: HTTP(S)" +echo " URL: ${AUTH_URL}" +echo " Interval: 300 seconds (5 min)" +echo " Retries: 3" +echo "" +echo "2. ${CLIENT_NAME} - Nextcloud" +echo " Type: HTTP(S)" +echo " URL: ${NEXTCLOUD_URL}" +echo " Interval: 300 seconds (5 min)" +echo " Retries: 3" +echo "" +echo -e "${GREEN}SSL Certificate Monitors:${NC}" +echo "" +echo "3. ${CLIENT_NAME} - Authentik SSL" +echo " Type: Certificate Expiry" +echo " Hostname: ${AUTH_DOMAIN}" +echo " Port: 443" +echo " Expiry Days: 30" +echo " Interval: 86400 seconds (1 day)" +echo "" +echo "4. ${CLIENT_NAME} - Nextcloud SSL" +echo " Type: Certificate Expiry" +echo " Hostname: ${NEXTCLOUD_DOMAIN}" +echo " Port: 443" +echo " Expiry Days: 30" +echo " Interval: 86400 seconds (1 day)" +echo "" +echo -e "${BLUE}========================================${NC}" +echo "" +echo -e "${YELLOW}Note: Automated monitor creation via API is planned for future enhancement.${NC}" +echo "" diff --git a/scripts/deploy-client.sh b/scripts/deploy-client.sh index 9e201cc..66d8b2e 100755 --- a/scripts/deploy-client.sh +++ b/scripts/deploy-client.sh @@ -175,7 +175,7 @@ echo -e "${BLUE}========================================${NC}" echo "" # Step 1: Provision infrastructure -echo -e "${YELLOW}[1/4] Provisioning infrastructure with OpenTofu...${NC}" +echo -e "${YELLOW}[1/5] Provisioning infrastructure with OpenTofu...${NC}" cd "$PROJECT_ROOT/tofu" @@ -199,7 +199,7 @@ fi echo "" # Step 2: Setup base system -echo -e "${YELLOW}[2/4] Setting up base system (Docker, Traefik)...${NC}" +echo -e "${YELLOW}[2/5] Setting up base system (Docker, Traefik)...${NC}" cd "$PROJECT_ROOT/ansible" @@ -210,7 +210,7 @@ echo -e "${GREEN}✓ Base system configured${NC}" echo "" # Step 3: Deploy applications -echo -e "${YELLOW}[3/4] Deploying applications (Authentik, Nextcloud, SSO)...${NC}" +echo -e "${YELLOW}[3/5] Deploying applications (Authentik, Nextcloud, SSO)...${NC}" ~/.local/bin/ansible-playbook -i hcloud.yml playbooks/deploy.yml --limit "$CLIENT_NAME" @@ -219,7 +219,7 @@ echo -e "${GREEN}✓ Applications deployed${NC}" echo "" # Step 4: Update client registry -echo -e "${YELLOW}[4/4] Updating client registry...${NC}" +echo -e "${YELLOW}[4/5] Updating client registry...${NC}" cd "$PROJECT_ROOT/tofu" @@ -257,6 +257,19 @@ echo -e "${YELLOW}Collecting deployed versions...${NC}" echo "" +# Add to monitoring +echo -e "${YELLOW}[5/5] Adding client to monitoring...${NC}" +echo "" + +if [ -f "$SCRIPT_DIR/add-client-to-monitoring.sh" ]; then + "$SCRIPT_DIR/add-client-to-monitoring.sh" "$CLIENT_NAME" +else + echo -e "${YELLOW}⚠ Monitoring script not found${NC}" + echo "Manually add monitors at: https://status.vrije.cloud" +fi + +echo "" + # Calculate duration END_TIME=$(date +%s) DURATION=$((END_TIME - START_TIME)) diff --git a/scripts/destroy-client.sh b/scripts/destroy-client.sh index 8801d66..2b89e98 100755 --- a/scripts/destroy-client.sh +++ b/scripts/destroy-client.sh @@ -78,8 +78,21 @@ echo "" echo -e "${YELLOW}Starting destruction of client: $CLIENT_NAME${NC}" echo "" +# Step 0: Remove from monitoring +echo -e "${YELLOW}[0/7] Removing client from monitoring...${NC}" +echo "" + +if [ -f "$SCRIPT_DIR/remove-client-from-monitoring.sh" ]; then + "$SCRIPT_DIR/remove-client-from-monitoring.sh" "$CLIENT_NAME" +else + echo -e "${YELLOW}⚠ Monitoring script not found${NC}" + echo "Manually remove monitors at: https://status.vrije.cloud" +fi + +echo "" + # Step 1: Delete Mailgun SMTP credentials -echo -e "${YELLOW}[1/3] Deleting Mailgun SMTP credentials...${NC}" +echo -e "${YELLOW}[1/7] Deleting Mailgun SMTP credentials...${NC}" cd "$PROJECT_ROOT/ansible" diff --git a/scripts/remove-client-from-monitoring.sh b/scripts/remove-client-from-monitoring.sh new file mode 100755 index 0000000..33a181b --- /dev/null +++ b/scripts/remove-client-from-monitoring.sh @@ -0,0 +1,56 @@ +#!/usr/bin/env bash +# +# Remove client monitors from Uptime Kuma +# +# Usage: ./scripts/remove-client-from-monitoring.sh +# +# This script removes HTTP(S) and SSL monitors for a destroyed client +# Currently uses manual instructions - future: use Uptime Kuma API + +set -euo pipefail + +# Colors for output +RED='\033[0;31m' +GREEN='\033[0;32m' +YELLOW='\033[1;33m' +BLUE='\033[0;34m' +NC='\033[0m' # No Color + +# Script directory +SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +PROJECT_ROOT="$(dirname "$SCRIPT_DIR")" + +# Check arguments +if [ $# -ne 1 ]; then + echo -e "${RED}Error: Client name required${NC}" + echo "Usage: $0 " + exit 1 +fi + +CLIENT_NAME="$1" + +echo -e "${BLUE}========================================${NC}" +echo -e "${BLUE}Remove Client from Monitoring${NC}" +echo -e "${BLUE}========================================${NC}" +echo "" +echo -e "${YELLOW}Client: ${CLIENT_NAME}${NC}" +echo "" + +# TODO: Implement automated monitor removal via Uptime Kuma API +# For now, provide manual instructions + +echo -e "${YELLOW}Manual Removal Required:${NC}" +echo "" +echo "Please remove the following monitors from Uptime Kuma:" +echo "🔗 Access: https://status.vrije.cloud" +echo "" +echo "Monitors to delete:" +echo " • ${CLIENT_NAME} - Authentik" +echo " • ${CLIENT_NAME} - Nextcloud" +echo " • ${CLIENT_NAME} - Authentik SSL" +echo " • ${CLIENT_NAME} - Nextcloud SSL" +echo "" +echo -e "${BLUE}========================================${NC}" +echo "" +echo -e "${YELLOW}Note: Automated monitor removal via API is planned for future enhancement.${NC}" +echo "" diff --git a/tofu/dns.tf b/tofu/dns.tf index bace170..548a441 100644 --- a/tofu/dns.tf +++ b/tofu/dns.tf @@ -53,3 +53,17 @@ resource "hcloud_zone_rrset" "client_aaaa" { } ] } + +# Static A record for monitoring server (status.vrije.cloud -> external monitoring server) +resource "hcloud_zone_rrset" "monitoring" { + zone = data.hcloud_zone.main.name + name = "status" + type = "A" + ttl = 300 + records = [ + { + value = "94.130.231.155" + comment = "Uptime Kuma monitoring server" + } + ] +}