feat: Configure status.vrije.cloud and auto-monitor integration

Updates to Uptime Kuma monitoring setup: DNS Configuration: - Added DNS A record for status.vrije.cloud -> 94.130.231.155 - Updated Uptime Kuma container to use status.vrije.cloud domain - HTTPS access via nginx-proxy with Let's Encrypt SSL Automated Monitor Management: - Created scripts/add-client-to-monitoring.sh - Created scripts/remove-client-from-monitoring.sh - Integrated monitoring into deploy-client.sh (step 5/5) - Integrated monitoring into destroy-client.sh (step 0/7) - Deployment now prompts to add monitors after success - Destruction now prompts to remove monitors before deletion Email Notification Setup: - Created docs/uptime-kuma-email-setup.md with complete guide - SMTP configuration using smtp.strato.com - Credentials: server@postxsociety.org - Alerts sent to mail@postxsociety.org Documentation: - Updated docs/monitoring.md with new domain - Added email setup reference - Replaced all URLs to use status.vrije.cloud Benefits: ✅ Friendly domain instead of IP address ✅ HTTPS access with auto-SSL ✅ Automated monitoring reminders on deploy/destroy ✅ Complete email notification guide ✅ Streamlined workflow for monitor management Note: Monitor creation/deletion currently manual (API automation planned) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2026-01-18 18:55:33 +01:00 · 2026-01-18 18:55:33 +01:00 · 9a3afa325b
commit 9a3afa325b
parent 5fc95d7127
7 changed files with 340 additions and 9 deletions
--- a/docs/monitoring.md
+++ b/docs/monitoring.md
@ -1,7 +1,8 @@
 # Uptime Monitoring with Uptime Kuma
 **Status**: ✅ Deployed
-**URL**: http://94.130.231.155:3001 (will be https://status.postxsociety.cloud after DNS setup)
+**URL**: https://status.vrije.cloud (DNS configured)
 **Fallback**: https://status.vrije.cloud
 **Server**: External monitoring server (94.130.231.155)
 ## Overview
@ -70,7 +71,7 @@ networks:
 Open in browser:
 ```
-http://94.130.231.155:3001
+https://status.vrije.cloud
 ```
 ### 2. Create Admin Account
@ -233,7 +234,7 @@ Uptime Kuma supports public status pages. To enable:
   - **Theme**: Choose theme
 4. Add monitors to display
 5. Click **Save**
-6. Access at: `http://94.130.231.155:3001/status/ptt-status`
+6. Access at: `https://status.vrije.cloud/status/ptt-status`
 ## DNS Setup (Optional)
@ -246,7 +247,7 @@ Add A record:
 status.vrije.cloud → 94.130.231.155
 ```
-Then access at: `https://status.postxsociety.cloud` (via nginx-proxy SSL)
+Then access at: `https://status.vrije.cloud` (via nginx-proxy SSL)
 ### Option 2: Use postxsociety.cloud
--- a/docs/uptime-kuma-email-setup.md
+++ b/docs/uptime-kuma-email-setup.md
@ -0,0 +1,147 @@
 # Uptime Kuma Email Notification Setup
 ## Quick Setup Guide
 ### 1. Access Uptime Kuma
 Open: **https://status.vrije.cloud**
 ### 2. Navigate to Settings
 1. Click on **Settings** (gear icon) in the left sidebar
 2. Click on **Notifications**
 ### 3. Add Email (SMTP) Notification
 1. Click **Setup Notification**
 2. Select **Email (SMTP)**
 3. Configure with these settings:
 ```
 Notification Type: Email (SMTP)
 Friendly Name: PTT Email Alerts
 SMTP Settings:
  Hostname: smtp.strato.com
  Port: 587
  Security: STARTTLS (or "None" with TLS unchecked)
 Authentication:
  Username: server@postxsociety.org
  Password: Mov!ePubl1cL0ndon@longW!7h
 From Email: server@postxsociety.org
 To Email: mail@postxsociety.org
 Custom Subject (optional):
  [🔴 DOWN] {msg}
  [✅ UP] {msg}
 ```
 ### 4. Test the Notification
 1. Click **Test** button
 2. Check mail@postxsociety.org for test email
 3. If successful, click **Save**
 ### 5. Apply to All Monitors
 Option A - Apply when creating monitors:
 - When creating each monitor, select this notification in the "Notifications" section
 Option B - Apply to existing monitors:
 1. Go to each monitor's settings (Edit button)
 2. Scroll to "Notifications" section
 3. Enable "PTT Email Alerts"
 4. Click **Save**
 ### 6. Configure Alert Rules
 In the notification settings or per-monitor:
 **What to alert on:**
 - ✅ **When service goes down** - Immediate alert
 - ✅ **When service comes back up** - Immediate alert
 - ✅ **Certificate expiring** - 30 days before
 - ✅ **Certificate expiring** - 7 days before
 **Alert frequency:**
 - Send alert immediately when status changes
 - Repeat notification every 60 minutes if still down (optional)
 ## Testing
 After setup, test by:
 1. Creating a test monitor pointing to a non-existent URL
 2. Wait for it to show as "DOWN"
 3. Verify email notification received
 4. Delete the test monitor
 ## Troubleshooting
 ### No emails received
 1. Check SMTP settings are correct
 2. Test SMTP connection:
   ```bash
   telnet smtp.strato.com 587
   ```
 3. Check spam/junk folder
 4. Verify email address is correct
 ### Authentication failed
 - Double-check username and password
 - Ensure no extra spaces in credentials
 - Try re-saving the notification
 ### Connection timeout
 - Verify port 587 is not blocked by firewall
 - Try port 25 or 465 (with SSL/TLS)
 - Check if SMTP server allows connections from monitoring server IP
 ## Alternative: Use Environment Variables
 If you want to configure email at container level, update the Docker Compose file:
 ```yaml
 services:
  uptime-kuma:
    environment:
      # Add SMTP environment variables here if supported by future versions
 ```
 Currently, Uptime Kuma requires web UI configuration for SMTP.
 ## Notification Settings Per Monitor
 When creating monitors for clients, ensure:
 - **HTTP(S) monitors**: Enable email notifications
 - **SSL monitors**: Enable email notifications with 30-day and 7-day warnings
 - **Alert threshold**: 3 failed checks before alerting (prevents false positives)
 ## Email Template
 Uptime Kuma sends emails with:
 - Monitor name
 - Status (UP/DOWN)
 - Timestamp
 - Response time
 - Error message (if applicable)
 - Link to monitor in Uptime Kuma
 ## Best Practices
 1. **Test regularly** - Verify emails are being received
 2. **Multiple recipients** - Add additional email addresses for redundancy
 3. **Alert fatigue** - Don't over-alert; use reasonable thresholds
 4. **Maintenance mode** - Pause monitors during planned maintenance
 5. **Group notifications** - Create notification groups for different teams
 ## Related
 - [Monitoring Documentation](monitoring.md)
 - Uptime Kuma Notification Docs: https://github.com/louislam/uptime-kuma/wiki/Notification-Methods
--- a/scripts/add-client-to-monitoring.sh
+++ b/scripts/add-client-to-monitoring.sh
@ -0,0 +1,87 @@
 #!/usr/bin/env bash
 #
 # Add client monitors to Uptime Kuma
 #
 # Usage: ./scripts/add-client-to-monitoring.sh <client_name>
 #
 # This script creates HTTP(S) and SSL monitors for a client's services
 # Currently uses manual instructions - future: use Uptime Kuma API
 set -euo pipefail
 # Colors for output
 RED='\033[0;31m'
 GREEN='\033[0;32m'
 YELLOW='\033[1;33m'
 BLUE='\033[0;34m'
 NC='\033[0m' # No Color
 # Script directory
 SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 PROJECT_ROOT="$(dirname "$SCRIPT_DIR")"
 # Check arguments
 if [ $# -ne 1 ]; then
    echo -e "${RED}Error: Client name required${NC}"
    echo "Usage: $0 <client_name>"
    exit 1
 fi
 CLIENT_NAME="$1"
 BASE_DOMAIN="vrije.cloud"
 # Calculate URLs
 AUTH_URL="https://auth.${CLIENT_NAME}.${BASE_DOMAIN}"
 NEXTCLOUD_URL="https://nextcloud.${CLIENT_NAME}.${BASE_DOMAIN}"
 AUTH_DOMAIN="auth.${CLIENT_NAME}.${BASE_DOMAIN}"
 NEXTCLOUD_DOMAIN="nextcloud.${CLIENT_NAME}.${BASE_DOMAIN}"
 echo -e "${BLUE}========================================${NC}"
 echo -e "${BLUE}Add Client to Monitoring${NC}"
 echo -e "${BLUE}========================================${NC}"
 echo ""
 echo -e "${YELLOW}Client: ${CLIENT_NAME}${NC}"
 echo ""
 # TODO: Implement automated monitor creation via Uptime Kuma API
 # For now, provide manual instructions
 echo -e "${YELLOW}Manual Setup Required:${NC}"
 echo ""
 echo "Please add the following monitors in Uptime Kuma:"
 echo "🔗 Access: https://status.vrije.cloud"
 echo ""
 echo -e "${GREEN}HTTP(S) Monitors:${NC}"
 echo ""
 echo "1. ${CLIENT_NAME} - Authentik"
 echo "   Type: HTTP(S)"
 echo "   URL: ${AUTH_URL}"
 echo "   Interval: 300 seconds (5 min)"
 echo "   Retries: 3"
 echo ""
 echo "2. ${CLIENT_NAME} - Nextcloud"
 echo "   Type: HTTP(S)"
 echo "   URL: ${NEXTCLOUD_URL}"
 echo "   Interval: 300 seconds (5 min)"
 echo "   Retries: 3"
 echo ""
 echo -e "${GREEN}SSL Certificate Monitors:${NC}"
 echo ""
 echo "3. ${CLIENT_NAME} - Authentik SSL"
 echo "   Type: Certificate Expiry"
 echo "   Hostname: ${AUTH_DOMAIN}"
 echo "   Port: 443"
 echo "   Expiry Days: 30"
 echo "   Interval: 86400 seconds (1 day)"
 echo ""
 echo "4. ${CLIENT_NAME} - Nextcloud SSL"
 echo "   Type: Certificate Expiry"
 echo "   Hostname: ${NEXTCLOUD_DOMAIN}"
 echo "   Port: 443"
 echo "   Expiry Days: 30"
 echo "   Interval: 86400 seconds (1 day)"
 echo ""
 echo -e "${BLUE}========================================${NC}"
 echo ""
 echo -e "${YELLOW}Note: Automated monitor creation via API is planned for future enhancement.${NC}"
 echo ""
--- a/scripts/deploy-client.sh
+++ b/scripts/deploy-client.sh
@ -175,7 +175,7 @@ echo -e "${BLUE}========================================${NC}"
 echo ""
 # Step 1: Provision infrastructure
-echo -e "${YELLOW}[1/4] Provisioning infrastructure with OpenTofu...${NC}"
+echo -e "${YELLOW}[1/5] Provisioning infrastructure with OpenTofu...${NC}"
 cd "$PROJECT_ROOT/tofu"
@ -199,7 +199,7 @@ fi
 echo ""
 # Step 2: Setup base system
-echo -e "${YELLOW}[2/4] Setting up base system (Docker, Traefik)...${NC}"
+echo -e "${YELLOW}[2/5] Setting up base system (Docker, Traefik)...${NC}"
 cd "$PROJECT_ROOT/ansible"
@ -210,7 +210,7 @@ echo -e "${GREEN}✓ Base system configured${NC}"
 echo ""
 # Step 3: Deploy applications
-echo -e "${YELLOW}[3/4] Deploying applications (Authentik, Nextcloud, SSO)...${NC}"
+echo -e "${YELLOW}[3/5] Deploying applications (Authentik, Nextcloud, SSO)...${NC}"
 ~/.local/bin/ansible-playbook -i hcloud.yml playbooks/deploy.yml --limit "$CLIENT_NAME"
@ -219,7 +219,7 @@ echo -e "${GREEN}✓ Applications deployed${NC}"
 echo ""
 # Step 4: Update client registry
-echo -e "${YELLOW}[4/4] Updating client registry...${NC}"
+echo -e "${YELLOW}[4/5] Updating client registry...${NC}"
 cd "$PROJECT_ROOT/tofu"
@ -257,6 +257,19 @@ echo -e "${YELLOW}Collecting deployed versions...${NC}"
 echo ""
 # Add to monitoring
 echo -e "${YELLOW}[5/5] Adding client to monitoring...${NC}"
 echo ""
 if [ -f "$SCRIPT_DIR/add-client-to-monitoring.sh" ]; then
    "$SCRIPT_DIR/add-client-to-monitoring.sh" "$CLIENT_NAME"
 else
    echo -e "${YELLOW}⚠ Monitoring script not found${NC}"
    echo "Manually add monitors at: https://status.vrije.cloud"
 fi
 echo ""
 # Calculate duration
 END_TIME=$(date +%s)
 DURATION=$((END_TIME - START_TIME))
--- a/scripts/destroy-client.sh
+++ b/scripts/destroy-client.sh
@ -78,8 +78,21 @@ echo ""
 echo -e "${YELLOW}Starting destruction of client: $CLIENT_NAME${NC}"
 echo ""
 # Step 0: Remove from monitoring
 echo -e "${YELLOW}[0/7] Removing client from monitoring...${NC}"
 echo ""
 if [ -f "$SCRIPT_DIR/remove-client-from-monitoring.sh" ]; then
    "$SCRIPT_DIR/remove-client-from-monitoring.sh" "$CLIENT_NAME"
 else
    echo -e "${YELLOW}⚠ Monitoring script not found${NC}"
    echo "Manually remove monitors at: https://status.vrije.cloud"
 fi
 echo ""
 # Step 1: Delete Mailgun SMTP credentials
-echo -e "${YELLOW}[1/3] Deleting Mailgun SMTP credentials...${NC}"
+echo -e "${YELLOW}[1/7] Deleting Mailgun SMTP credentials...${NC}"
 cd "$PROJECT_ROOT/ansible"
--- a/scripts/remove-client-from-monitoring.sh
+++ b/scripts/remove-client-from-monitoring.sh
@ -0,0 +1,56 @@
 #!/usr/bin/env bash
 #
 # Remove client monitors from Uptime Kuma
 #
 # Usage: ./scripts/remove-client-from-monitoring.sh <client_name>
 #
 # This script removes HTTP(S) and SSL monitors for a destroyed client
 # Currently uses manual instructions - future: use Uptime Kuma API
 set -euo pipefail
 # Colors for output
 RED='\033[0;31m'
 GREEN='\033[0;32m'
 YELLOW='\033[1;33m'
 BLUE='\033[0;34m'
 NC='\033[0m' # No Color
 # Script directory
 SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 PROJECT_ROOT="$(dirname "$SCRIPT_DIR")"
 # Check arguments
 if [ $# -ne 1 ]; then
    echo -e "${RED}Error: Client name required${NC}"
    echo "Usage: $0 <client_name>"
    exit 1
 fi
 CLIENT_NAME="$1"
 echo -e "${BLUE}========================================${NC}"
 echo -e "${BLUE}Remove Client from Monitoring${NC}"
 echo -e "${BLUE}========================================${NC}"
 echo ""
 echo -e "${YELLOW}Client: ${CLIENT_NAME}${NC}"
 echo ""
 # TODO: Implement automated monitor removal via Uptime Kuma API
 # For now, provide manual instructions
 echo -e "${YELLOW}Manual Removal Required:${NC}"
 echo ""
 echo "Please remove the following monitors from Uptime Kuma:"
 echo "🔗 Access: https://status.vrije.cloud"
 echo ""
 echo "Monitors to delete:"
 echo "  • ${CLIENT_NAME} - Authentik"
 echo "  • ${CLIENT_NAME} - Nextcloud"
 echo "  • ${CLIENT_NAME} - Authentik SSL"
 echo "  • ${CLIENT_NAME} - Nextcloud SSL"
 echo ""
 echo -e "${BLUE}========================================${NC}"
 echo ""
 echo -e "${YELLOW}Note: Automated monitor removal via API is planned for future enhancement.${NC}"
 echo ""
--- a/tofu/dns.tf
+++ b/tofu/dns.tf
@ -53,3 +53,17 @@ resource "hcloud_zone_rrset" "client_aaaa" {
    }
  ]
 }
 # Static A record for monitoring server (status.vrije.cloud -> external monitoring server)
 resource "hcloud_zone_rrset" "monitoring" {
  zone   = data.hcloud_zone.main.name
  name   = "status"
  type   = "A"
  ttl    = 300
  records = [
    {
      value   = "94.130.231.155"
      comment = "Uptime Kuma monitoring server"
    }
  ]
 }