From f4ba547d805fba50a24bf6febc8f23b30371be86 Mon Sep 17 00:00:00 2001 From: Rasmus Wejlgaard Date: Mon, 4 May 2026 20:43:39 +0100 Subject: [PATCH] adding pagerduty stack --- terraform/main.tf | 7 ++++ .../pagerduty_escalation_policies.tf | 13 ++++++++ terraform/pagerduty/pagerduty_integrations.tf | 13 ++++++++ terraform/pagerduty/pagerduty_service.tf | 12 +++++++ terraform/pagerduty/pagerduty_users.tf | 5 +++ terraform/pagerduty/providers.tf | 8 +++++ terraform/providers.tf | 7 ++++ terraform/secrets.enc.yaml | 33 ++++++++++--------- 8 files changed, 82 insertions(+), 16 deletions(-) create mode 100644 terraform/pagerduty/pagerduty_escalation_policies.tf create mode 100644 terraform/pagerduty/pagerduty_integrations.tf create mode 100644 terraform/pagerduty/pagerduty_service.tf create mode 100644 terraform/pagerduty/pagerduty_users.tf create mode 100644 terraform/pagerduty/providers.tf diff --git a/terraform/main.tf b/terraform/main.tf index 2fd75f2..eaabd20 100644 --- a/terraform/main.tf +++ b/terraform/main.tf @@ -12,3 +12,10 @@ module "grafana" { } plex_token = local.secrets["plex_token"] } + +module "pagerduty" { + source = "./pagerduty" + providers = { + pagerduty = pagerduty + } +} diff --git a/terraform/pagerduty/pagerduty_escalation_policies.tf b/terraform/pagerduty/pagerduty_escalation_policies.tf new file mode 100644 index 0000000..4eff731 --- /dev/null +++ b/terraform/pagerduty/pagerduty_escalation_policies.tf @@ -0,0 +1,13 @@ +resource "pagerduty_escalation_policy" "default" { + name = "Default" + num_loops = 2 + + rule { + escalation_delay_in_minutes = 10 + + target { + type = "user_reference" + id = pagerduty_user.pez.id + } + } +} diff --git a/terraform/pagerduty/pagerduty_integrations.tf b/terraform/pagerduty/pagerduty_integrations.tf new file mode 100644 index 0000000..b9de1be --- /dev/null +++ b/terraform/pagerduty/pagerduty_integrations.tf @@ -0,0 +1,13 @@ +data "pagerduty_vendor" "prometheus" { + name = "Prometheus" +} + +resource "pagerduty_service_integration" "grafana_cloud" { + name = "Grafana" + service = pagerduty_service.pez_solutions.id + vendor = data.pagerduty_vendor.prometheus.id +} + +output "pagerduty_integration_key" { + value = pagerduty_service_integration.grafana_cloud.integration_key +} diff --git a/terraform/pagerduty/pagerduty_service.tf b/terraform/pagerduty/pagerduty_service.tf new file mode 100644 index 0000000..4e25c98 --- /dev/null +++ b/terraform/pagerduty/pagerduty_service.tf @@ -0,0 +1,12 @@ +resource "pagerduty_service" "pez_solutions" { + name = "Pez Solutions" + auto_resolve_timeout = 14400 + acknowledgement_timeout = 600 + escalation_policy = pagerduty_escalation_policy.default.id + alert_creation = "create_alerts_and_incidents" + + auto_pause_notifications_parameters { + enabled = true + timeout = 300 + } +} diff --git a/terraform/pagerduty/pagerduty_users.tf b/terraform/pagerduty/pagerduty_users.tf new file mode 100644 index 0000000..aeaa21b --- /dev/null +++ b/terraform/pagerduty/pagerduty_users.tf @@ -0,0 +1,5 @@ +resource "pagerduty_user" "pez" { + name = "Rasmus Wejlgaard" + email = "pez@pez.sh" + role = "owner" +} diff --git a/terraform/pagerduty/providers.tf b/terraform/pagerduty/providers.tf new file mode 100644 index 0000000..a36a1e0 --- /dev/null +++ b/terraform/pagerduty/providers.tf @@ -0,0 +1,8 @@ +terraform { + required_providers { + pagerduty = { + source = "pagerduty/pagerduty" + version = "~> 2.2" + } + } +} diff --git a/terraform/providers.tf b/terraform/providers.tf index e9cd8f6..69f73a5 100644 --- a/terraform/providers.tf +++ b/terraform/providers.tf @@ -10,6 +10,10 @@ terraform { source = "grafana/grafana" version = "~> 4.35" } + pagerduty = { + source = "pagerduty/pagerduty" + version = "~> 2.2" + } } @@ -38,3 +42,6 @@ provider "grafana" { auth = local.secrets["grafana_service_account_token"] } +provider "pagerduty" { + token = local.secrets["pagerduty_token"] +} diff --git a/terraform/secrets.enc.yaml b/terraform/secrets.enc.yaml index 66859ad..2bb1571 100644 --- a/terraform/secrets.enc.yaml +++ b/terraform/secrets.enc.yaml @@ -1,24 +1,25 @@ -backblaze_keyID: ENC[AES256_GCM,data:Me1rx0EjrZHCP/F8iZy9Q35W2PVGNx/pNg==,iv:Pt19nfFkv5eLarnmQWcc/3XHjho4glYJHcsa5aMxsvc=,tag:K1pbJKKyfu4Bcl6acpj8Dw==,type:str] -backblaze_keyName: ENC[AES256_GCM,data:o9Mkn3LwCjzlqNvMnfUayiM=,iv:XitvLpzdBm5Kbe3SGoJMSb76bpCQrOuKHoQuNAYVO6c=,tag:dKa3rMwCQd1OSjQ77qa2oQ==,type:str] -backblaze_applicationKey: ENC[AES256_GCM,data:l+TOnls8JolenrPV8JrAWGQv2bf8dE33cnvUjllWrw==,iv:vv50XWpLjZo6GgqJSFFTpKWHHwCDfFDbOYmi7ekMDlk=,tag:ptfxYUcCyptPI4WsWqfXxw==,type:str] -hetzner_token: ENC[AES256_GCM,data:44uodS8rOH/X95Bj8QBh1rH1Wz/VxaopzOtU3B9La0oZECxpn+uc4cnUrARwv7CsVlQLENlq0BXL9TORugCT0Q==,iv:Ytia3hGmYhSafuo+vhIvfYk0HPf5xHsQFzKX7Vifb44=,tag:dyfvagA9pk9pIUrjhT0pgA==,type:str] -grafana_cloud_access_policy: ENC[AES256_GCM,data:SWLp3yqDOz1zb8GcCPuIcJ/eMK1Yvx7PpuXbx/ThX5DIb0NTjfUx2KdVWx2hFYY70E3TUnur4/2qD/Ys+GGkFlqe/wP/0k940atfTo6R6mNR/Y2+uusUsNUO3voCiXuN2uk5vzA7WNgjxkdUaXVpVaq8bNBzFB0/MiD6m6M7wIm6KL5x9/uhag==,iv:OR4G57v+cOw1LigF8bqaqbxb/sE6xLV+3se/So3Imu0=,tag:UOALoE5IQEnhztJfwCSBuw==,type:str] -grafana_service_account_token: ENC[AES256_GCM,data:Y++SArCCSC+8zIc8KAruEgT0x9Hbuqw5nJl2W3F6CY5+fC/6ooiV6iV3Fa/neQ==,iv:aKmvGcGUwpFMid/osAtICUC07KSJOyh+gIouN+sQx9M=,tag:viXk15D2a1mxoWse69Yjwg==,type:str] -grafana_synthetic_monitoring_access_token: ENC[AES256_GCM,data:iVIAA4HLCqANNxbkpSKesfc27tJTy4tRjS1XoawvcF1c0nz6lbop+ydsMhHU4LiWYK4hBI7rbu6toxuRHtqcjUNsT13PVsf1anDrBrxMt5+dou1wP8lOfG5zunNma1Hjh/BOn+Nl70QLQnUFBET1IJdFTNEV99xA,iv:y40ztRtfjxoHk2Sv4YFdbi33AjhMdlT0kBVyjrnp/Bs=,tag:OJJqdGmzoe9pPrAHKXaCiw==,type:str] -grafana_fleet_management_auth: ENC[AES256_GCM,data:DhhaP9AHlQ9pCAw9lL9M96pM1vV+45NaBY+oSiCfS/LSEKhQOjNzh4TKTwNurJeJ4r9Mpkac896svhbDix46loA2ZVBN407pWOMPcXFIiDcXMt19uaByWdnHGXAEA9XWCynmQicNqtUV6YhGDrok7e0426SeCxbjKFfx8YsPv5wXCqF6BgpWklbAmWhezDx6M2dSUSoTCDZcVXIz1vHrWeK5AIixY2eh1S0R7xesffPp84QD,iv:kmwmGffw6DzP2ESbwJtpfEOR18DA2JIGVFzNujcTURM=,tag:NhPczMMFYsDpbDtLDCcuyA==,type:str] -plex_token: ENC[AES256_GCM,data:Ff3dMZQ/SJW/UdiUZSoymFhB9S8=,iv:yOGAA0PMtk2LKM+Ke3cb83F4b/cO2RLkMkv4j+WNaZk=,tag:CWAoU3wqlNle2OAZbDVSGw==,type:str] +backblaze_keyID: ENC[AES256_GCM,data:fANkjRjBQ2HLJL8p1pHg5PPYFnDg1tIgHw==,iv:QP0LCxX7HakS+30AKVT1cRiIQBLRGgXrc+MHTwLM5vY=,tag:PKlpTK1qb/7Tgw+ampu7dg==,type:str] +backblaze_keyName: ENC[AES256_GCM,data:MJmlJCkKhk3pG0GLGioxCK4=,iv:1QcAUuNlVadOAD1RlcmtryWrmk5pR2RRYD/StmDOUzo=,tag:IPpmvFT0tnDoKvtE6L+yUA==,type:str] +backblaze_applicationKey: ENC[AES256_GCM,data:5+b5TCZ20i5GCPCuAIxVxGdPcPnDjoZ19BxKmYU62g==,iv:3AipRKtIdC8CZT0vy0Qm6kivA309rebWe7NCQEYxo9w=,tag:HUYyfppT1dRqOVpumHedbQ==,type:str] +hetzner_token: ENC[AES256_GCM,data:a3uiOPDkBmXgUTBXN0hm8axojxUelLwW0GSSJtcR1ON7+YdAjLRR6iRZPtvHm8mvaHFuOl8T+XZWZwP6ma46uQ==,iv:sAK1tEiTrVkqZweGUraoOLAe1AhlaST8ueJnSBN00uQ=,tag:1dugDIZthiPDmfQbdGc9Rw==,type:str] +grafana_cloud_access_policy: ENC[AES256_GCM,data:PX0SET4iWjkCR06Y6Dsh1Vd+sqH29UPj14pk1+UPACRbQFliFK5MKPE+UoKyTq/EAcN3oQZIYFKHTl2J93vXlG6ZU0zZwgMs4pVBbBZusA8Upt1S6fBnpqrVe9zvnePHySh4u2N7iHpW5yJKiANDEz1W8Oowv3qvttHdfFAHzHGF5ituZsj+Kg==,iv:JmL38iJyFFERUL5Ki5XFkd0YttGc5zh3pW1yOMj9tWo=,tag:XogjhunZcbtvIc8bouWprA==,type:str] +grafana_service_account_token: ENC[AES256_GCM,data:vze2EIfi2+cCpPPnR45hoMoAm9kVLY13KfOq2mVsq7TAmLjds/9m1kWY4/o+SQ==,iv:5m1HLfz18vkk225aEeOBACAQ/0lAWoXEek+yVV6cI/U=,tag:USr4jb0edpr6+famGWSaCg==,type:str] +grafana_synthetic_monitoring_access_token: ENC[AES256_GCM,data:OYhL8LE9Hme6n7P0g4+4xbOgvHloAh2EkbToq3Pz9ezu10FmWnQliuhmwa3i6rBFiEjgpJc1gOGhpwLmwMNTIp9eKkJ01CeybliwqWo8x3edwD2+w5biU6vLOsuKOevOakPB2yWn/OWi/bn4Pvg0+RFvmRF+I2AM,iv:Eo2K+yu241E4IgEsWTdQKqyaPjz8cVYwYceK/EA2Wes=,tag:UVZbNVl2oykyCXp5sV2+dw==,type:str] +grafana_fleet_management_auth: ENC[AES256_GCM,data:PpQ7kQII2EUB8ztXtWiCO5InGJgBJM6ycRBnTaiXgJm39qc6kDWAZ8EOmc/z9G5YCtGBk+xCjBDsuhv9n39dOyBZ/swVJq6c7oL327wBmzeMMDlzrHe5M9l4cxJOeLN/WBq4PrON7N1tIG/KqPnOsfTZqQzewe9690hfPwPfTRRfn6Mb0+mHQWpgwP9wC15GNhFgmvgSSVY8d/3cgzmzTCNNM57waS9/VAEJonH0w92phlV0,iv:yc2BnLM9QltJnDUkTJ3JuUye/Vp1vmz2ENGZISoHZDw=,tag:raMN5ckACNWIZgGqQXbDZQ==,type:str] +plex_token: ENC[AES256_GCM,data:vqdzO7N8KEfKRiQNFPe/48SB0L0=,iv:U9tle+orYHw853AWu4PNN9JJblQFn7nzio3YKlYn4ME=,tag:zT+U478U7ElZbYF/QfVG/A==,type:str] +pagerduty_token: ENC[AES256_GCM,data:B3Wqb5wUaM6LekRRE9A5j7Lqtg0=,iv:9sRMIWyvlDyNuqPTYWnl8MgivsyJSLoiSmZWjZqrbMo=,tag:DEy48jEPVVXTSrRWZowUFg==,type:str] sops: age: - recipient: age1r8uh2w2qad2z5sgq9q7l73962q2sp8zz9hdnh6sjuvanxl565vmswn8squ enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVbFc3TFU1d2RMcndYZjYw - OGVlSXZWZkxLc0NrSFFEMVpaVTdnY0xxSm0wClJjSEtpbEROL0F6by9EemMxU2xx - cnVjNUJTR09DdVhmZ1V0SmRKeUlQdFkKLS0tIGZ3N0Fka0ZhRUpKUEh5ZTJiVytB - NDlNWGVGMFNRaHBDZWpXRXB5YnNXbGsKLNpH4vJunfYBet5S1GJPfq+vIQT5iyTv - 6bS0IyViMy5ag7O5ACrsHGYTAmRDhYwM9RdEE4F4m5hp3E0Haqhedw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBLaHB4N1hSeWhPdE1mbEdx + TTErZFluVVRjUEQwdVRNTE1IRHpOVGw4TmtFClc2bWRYNXlmYnhQaWNMN0dnUERY + ZUl5RXVLaHpOblVwaWt5UG9QSU9ZR3MKLS0tIGJNaGYwSE4zMko1L2Jic1RlYWt0 + ZkZabGF4WC80S2VQVHl2c2RrVmVFeDgKGJQv8h/Rvfs5a0bap0zl9NYbCdKx5ko3 + Nz5vbbz0MDJC4qgRL5AU4xpP8pUyY8b61iBhWaKLC4uInxWVXMWLEw== -----END AGE ENCRYPTED FILE----- - lastmodified: "2026-05-04T12:11:23Z" - mac: ENC[AES256_GCM,data:0UYeI+h7nwAnAvy3J3E68XXMkGAO7sFbqHtgYXQ9Yz5bD3tR+m4rfU6722QqMH4+j5xKa4KL0SVFTYdQ9RSUHrDpbBcbG000CkZIysmKrLROeg8iQy36XUhf9eqfrIBT2g67piUAUprVREULUySwyuFTz9Z/pFJ57ClidP3hCZw=,iv:Fq02QA+rCu80SGhOar9fDCXWMPlylQeNihWqHGbHBGM=,tag:13RTowa3UBd6Jk/zeOzSWg==,type:str] + lastmodified: "2026-05-04T19:05:23Z" + mac: ENC[AES256_GCM,data:f3tfiayhZP03faEsQim6kk3Zpal3hr/ahebsFYvq6pIWbfIUYQxZNV3l5SHs/zvzHR7Js2eVg1FDZlIdgOefmV8bbrqtQvREJu4FI7MXRSrKkY+OyRFRW5kRDihq5QETZIQlbvkUljqWAU62EJuz9Fg3lbiLugxVM5y9477o7bA=,iv:fhvuT5obuQjMA5l/1gWoS2Q2gd/mlcAHA45llOMPmAc=,tag:l2k83wzENRWCBZFfS+WY5g==,type:str] unencrypted_suffix: _unencrypted version: 3.12.2