update readme

rmrf · Jan 7, 2024 · edde377 · edde377
1 parent 63da5e8
commit edde377
Show file tree

Hide file tree

Showing 3 changed files with 53 additions and 7 deletions.
diff --git a/README.md b/README.md
@@ -2,12 +2,12 @@
 
 Simple SSL Certs Expiration Check
 
-Features:
+#### Features
 
 - config the **hosts** and **alert emails** inside toml configuration file
-- docker-compose start Prometheus/Alertmanager/Grafana for check and alert
+- docker-compose start **Prometheus/Alertmanager/Grafana** for check and alert
 
-How it works:
+#### How it works
 
 - hosts ssl certs will be checked regulaly by ssl-certs-check,
 - expose expiration date as prometheus metrics
@@ -21,20 +21,67 @@ How it works:
  # modify configurations/config.toml, then
  ./ssl-certs-check -config configurations/config.toml
 
-### Docker build
+## Docker build
 
 modify `docker-compose.yaml` ssl-certs-check env `ENV_GOPROXY`, then
 
  docker-compose build
 
+## Configuration
+
+### ssl-certs-check main config file: [configurations/config-example.toml](configurations/config-example.toml)
+
+ listen-address = ":8080"
+
+ # refresh to get latest hosts 
+ refresh-interval-second=3600
+
+ [alertmanager]
+ # after hosts change, ssl-certs-check will call this url to reload alertmanager
+ reload-url="http://alertmanager:9093/-/reload"
+
+ # ssl-certs-check will generate alertmanager.conf to this path
+ config-path="configurations/alertmanager.conf"
+
+ # altermanager will use these smtp server send alert emails
+ smtp-smarthost=''
+ smtp-from=''
+ smtp-username=''
+ smtp-password=''
+
+
+ # hosts example: 
+ # - if port not provided, default is 443
+ # - alert-emails define who care about this address' cert expiration
+
+ [[hosts]]
+  address = "www.supertechfans.com"
+  alert-emails = ["u1@example.com", "u2@example.com"]
+ [[hosts]]
+  address = "githube.com:443"
+  alert-emails = ["abc@example.com"]
+
+#### alert rule [configurations/alert_rules.yml], adjust expiration days (25 here) as you wish
+
+ groups:
+ - name: 'ssl-certs-check-alert'
+  rules:
+  - alert: SSLCertsNearlyExpiration
+  expr: round((exporter_cert_not_after{} - time())/3600/24) < 25
+  annotations:
+  title: 'SSL Certs Will expire after {{ $value }} days'
+  description: ' Please kindly renew'
+  labels:
+  severity: 'critical'
+
 ## Usage
 
  docker-compose up -d
 
 Then access:
 
 - [alertmanager](http://localhost:9093/)
-- [prometheus](http://localhost:9090/)
+- [prometheus](http://localhost:9090/graph?g0.expr=round((exporter_cert_not_after%20-%20time())%20%2F%203600%20%2F%2024)&g0.tab=1&g0.stacked=0&g0.show_exemplars=0&g0.range_input=1h)
 - [grafana](http://localhost:3000/) (admin/admin)
 
 ## Metrics

diff --git a/config.go b/config.go
@@ -14,7 +14,6 @@ type Host struct {
 type Config struct {
  ListenAddress string `toml:"listen-address"`
  RefreshIntervalSecond int `toml:"refresh-interval-second"`
- Concurrency int `toml:"concurrency"`
  AlertManager AlertManager `toml:"alertmanager"`
  Hosts []Host `toml:"hosts"`
 }

diff --git a/configurations/alert_rules.yml b/configurations/alert_rules.yml
@@ -2,7 +2,7 @@ groups:
  - name: 'ssl-certs-check-alert'
  rules:
  - alert: SSLCertsNearlyExpiration
- expr: round((exporter_cert_not_after{} - time())/3600/24) < 75
+ expr: round((exporter_cert_not_after{} - time())/3600/24) < 25
  annotations:
  title: 'SSL Certs Will expire after {{ $value }} days'
  description: ' Please kindly renew'