Add healthcheck pings to opentofu and add systemd cleanup to healthcheck

modules/infrastructure/healthchecksio.tf

@@ -30,3 +30,19 @@ resource "healthchecksio_check" "backup" {
   timeout = 86400
   grace = 1800
 }
+
+resource "healthchecksio_check" "healthcheck" {
+  for_each = toset(["http", "mail", "matrix"])
+
+  name = "service: ${each.value}"
+  desc = "Monitoring for service (group) ${each.value}"
+
+  channels = [
+    data.healthchecksio_channel.email.id,
+    data.healthchecksio_channel.signal.id,
+    data.healthchecksio_channel.ntfy.id,
+  ]
+
+  timeout = 300
+  grace = 600
+}

modules/infrastructure/output.tf

@@ -34,6 +34,12 @@ output "healthchecksio" {
         "ping_url" = check.ping_url
       }
     }
+    healthcheck = {
+      for key, check in healthchecksio_check.healthcheck : key => {
+        "id" = check.id
+        "ping_url" = check.ping_url
+      }
+    }
   }
 }
 

playbooks/filter_plugins/utils.py

@@ -0,0 +1,11 @@
+class FilterModule(object):
+    def filters(self):
+        return {
+            'list_prefix_suffix': self.list_prefix_suffix,
+        }
+
+    def list_prefix_suffix(self, values, prefix, suffix):
+        result = []
+        for value in values:
+            result.append(f"{prefix}{value}{suffix}")
+        return result

roles/healthcheck/files/data/http

@@ -2,7 +2,6 @@
 
 cd /opt/ || exit
 
-hc_url="https://hc-ping.com/$HTTP_HC_UID"
 services_down=""
 error=""
 
@@ -46,8 +45,8 @@ check_url "www.reitanlage-oranienburg.de"
 
 if [ "$error" = "" ]
 then
-    curl_hc "$hc_url" >/dev/null
+    curl_hc "$HTTP_HC_URL" >/dev/null
 	echo "ALL GOOD"
 else
-	curl_hc --data-raw "$services_down$error" "$hc_url/fail" >/dev/null
+	curl_hc --data-raw "$services_down$error" "$HTTP_HC_URL/fail" >/dev/null
 fi

roles/healthcheck/files/data/matrix

@@ -8,10 +8,8 @@ import sys
 import asyncio
 from nio import AsyncClient, RoomMessageNotice
 
-healthcheck_url = "https://hc-ping.com/" + os.environ['MATRIX_HC_UID']
-
 def send_ping(success, msg=""):
-    url = healthcheck_url
+    url = os.environ['MATRIX_HC_URL']
     if not success:
         url += "/fail"
 

roles/healthcheck/tasks/systemd.yml

@@ -11,11 +11,30 @@
     dest: /etc/systemd/system/healthcheck@.timer
     mode: "0644"
   become: true
+
+- name: Get all healthcheck timers
+  ansible.builtin.shell:
+    cmd: "systemctl list-timers 'healthcheck@*' --all --output=json | jq -r '.[].unit'"
+  register: systemd_timers_result
+  changed_when: false
+
+- name: Generate systemd timer names
+  ansible.builtin.set_fact:
+    healthcheck_systemd_timers: "{{ healthcheck_svc.checks | list_prefix_suffix('healthcheck@', '.timer') }}"
+
+- name: Disable unused system timers
+  ansible.builtin.systemd_service:
+    name: "{{ item }}"
+    state: stopped
+    enabled: false
+  loop: "{{ systemd_timers_result.stdout_lines | difference(healthcheck_systemd_timers) }}"
+  become: true
+
 - name: Enable the system timer
   ansible.builtin.systemd_service:
-    name: healthcheck@{{ item }}.timer
+    name: "{{ item }}"
     state: started
     enabled: true
     daemon_reload: true
-  loop: "{{ healthcheck_svc.checks }}"
+  loop: "{{ healthcheck_systemd_timers }}"
   become: true

roles/healthcheck/vars/main.yml

@@ -9,15 +9,15 @@ healthcheck_svc:
 healthcheck_env:
   USER_AGENT: healthcheck-bot for serguzim.net
 
-  HTTP_HC_UID: "{{ vault_healthcheck.hc_uid.http }}"
+  HTTP_HC_URL: "{{ opentofu.healthchecksio.healthcheck.http.ping_url }}"
 
   MATRIX_SERVER: https://matrix.serguzim.me
   MATRIX_SERVER_FEDTESTER: msrg.cc
-  MATRIX_HC_UID: "{{ vault_healthcheck.hc_uid.matrix }}"
+  MATRIX_HC_URL: "{{ opentofu.healthchecksio.healthcheck.matrix.ping_url }}"
   MATRIX_TOKEN: "{{ vault_healthcheck.matrix.token }}"
   MATRIX_ROOM: "{{ vault_healthcheck.matrix.room }}"
 
-  MAIL_HC_UID: "{{ vault_healthcheck.hc_uid.mail }}"
+  MAIL_HC_UID: "{{ opentofu.healthchecksio.healthcheck.mail.id }}"
   MAIL_HOST: "{{ mailer.host }}"
   MAIL_PORT: "{{ mailer.port }}"
   MAIL_USER: "{{ vault_healthcheck.mailer.user }}"