diff --git a/data/common/common.yaml b/data/common/common.yaml --- a/data/common/common.yaml +++ b/data/common/common.yaml @@ -834,11 +834,6 @@ domains: - graphql.staging.swh.network - graphql-rp.internal.staging.swh.network - argocd: - domains: - - argocd.softwareheritage.org - - argocd.internal.admin.swh.network - - argocd-rp.internal.admin.swh.network hedgedoc: domains: - hedgedoc.softwareheritage.org diff --git a/data/deployments/admin/common.yaml b/data/deployments/admin/common.yaml --- a/data/deployments/admin/common.yaml +++ b/data/deployments/admin/common.yaml @@ -23,7 +23,6 @@ - hedgedoc - grafana - sentry - - argocd swh::deploy::hedgedoc::reverse_proxy::backend_http_host: bardo.internal.admin.swh.network swh::deploy::hedgedoc::reverse_proxy::backend_http_port: "3000" @@ -44,15 +43,6 @@ swh::deploy::sentry::base_url: "%{lookup('sentry::vhost::name')}" swh::deploy::sentry::icinga_check_uri: '/auth/login/swh/' -swh::deploy::argocd::vhost::letsencrypt_cert: argocd -swh::deploy::argocd::reverse_proxy::backend_http_host: k8s-argocd.internal.admin.swh.network -swh::deploy::argocd::reverse_proxy::backend_http_port: "80" -swh::deploy::argocd::vhost::ssl_protocol: "%{hiera('apache::ssl_protocol')}" -swh::deploy::argocd::vhost::ssl_honorcipherorder: "%{hiera('apache::ssl_honorcipherorder')}" -swh::deploy::argocd::vhost::ssl_cipher: "%{hiera('apache::ssl_cipher')}" -swh::deploy::argocd::vhost::hsts_header: "%{hiera('apache::hsts_header')}" -swh::deploy::argocd::icinga_check_string: 'Argo CD' - hitch::frontend: "[*]:443" hitch::proxy_support: true varnish::http_port: 80 diff --git a/site-modules/profile/manifests/icinga2/objects/static_checks.pp b/site-modules/profile/manifests/icinga2/objects/static_checks.pp --- a/site-modules/profile/manifests/icinga2/objects/static_checks.pp +++ b/site-modules/profile/manifests/icinga2/objects/static_checks.pp @@ -36,6 +36,18 @@ }, } + ::icinga2::object::host {'ArgoCD Kubernetes cluster': + import => ['generic-host'], + host_name => 'k8s-argo.internal.admin.swh.network', + check_command => 'dummy', + address => 'k8s-argocd.internal.admin.swh.network', + target => $checks_file, + vars => { + dummy_state => 0, # up + dummy_text => "HTTP-only host", + }, + } + ::icinga2::object::service {'Software Heritage Homepage': import => ['generic-service'], host_name => 'www.softwareheritage.org', @@ -140,4 +152,19 @@ }, } + ::icinga2::object::service {'Software Heritage ArgoCD Instance': + import => ['generic-service'], + host_name => 'k8s-argo.internal.admin.swh.network', + check_command => 'http', + target => $checks_file, + vars => { + http_vhost => 'argocd.internal.admin.swh.network', + http_uri => '/', + http_ssl => true, + http_sni => true, + http_string => '