Configuration¶
Argos uses a simple YAML configuration file to define the server’s configuration, the websites to monitor and the checks to run on these websites.
See here for more informations about the checks you can use.
Here is a simple self-documented configuration file, which you can get with argos server generate-config:
argos-config.yaml¶
---
general:
db:
# The database URL, as defined in SQLAlchemy docs :
# https://docs.sqlalchemy.org/en/20/core/engines.html#database-urls
# Example for SQLite: "sqlite:////tmp/argos.db"
url: "postgresql://argos:argos@localhost/argos"
# You configure the size of the database pool of connection, and
# the max overflow (until when new connections are accepted ?)
# For details, see
# https://docs.sqlalchemy.org/en/20/core/pooling.html#sqlalchemy.pool.QueuePool.params.pool_size
pool_size: 10
max_overflow: 20
# Can be "production", "dev", "test".
# If not present, default value is "production"
env: "production"
# to get a good string for cookie_secret, run:
# openssl rand -hex 32
cookie_secret: "foo_bar_baz"
# Default delay for checks.
# Can be superseeded in domain configuration.
# For ex., to run checks every minute:
frequency: "1m"
# Which way do you want to be warned when a check goes to that severity?
# "local" emits a message in the server log
# You’ll need to configure mail, gotify or apprise below to be able to use
# them here.
# Use "apprise:john", "apprise:team" (with the quotes!) to use apprise
# notification groups.
alerts:
ok:
- local
warning:
- local
critical:
- local
unknown:
- local
# Argos root path
# If not present, default value is ""
# Set it to /foo if you want to use argos at /foo/ instead of /
# on your web server
# root_path: "/foo"
# Mail configuration is quite straight-forward
# mail:
# mailfrom: no-reply@example.org
# host: 127.0.0.1
# port: 25
# ssl: False
# starttls: False
# auth:
# login: foo
# password: bar
# addresses:
# - foo@admin.example.org
# - bar@admin.example.org
# Create an app on your Gotify server and put its token here
# See https://gotify.net/ for details about Gotify
# gotify:
# - url: https://example.org
# tokens:
# - foo
# - bar
# See https://github.com/caronc/apprise#productivity-based-notifications
# for apprise’s URLs syntax.
# You need to surround the URLs with quotes like in the examples below.
# Use "apprise:john", "apprise:team" (with the quotes!) in "alerts" settings.
# apprise:
# john:
# - "mastodon://access_key@hostname/@user"
# - "matrixs://token@hostname:port/?webhook=matrix"
# team:
# - "mmosts://user@hostname/authkey"
# - "nctalks://user:pass@host/RoomId1/RoomId2/RoomIdN"
service:
secrets:
# Secrets can be generated using `argos server generate-token`.
# You need at least one. Write them as a list, like:
# - secret_token
ssl:
thresholds:
- "1d": critical
- "5d": warning
# It's also possible to define the checks in another file
# with the include syntax:
#
# websites: !include websites.yaml
#
websites:
- domain: "https://mypads.example.org"
paths:
- path: "/mypads/"
checks:
# Check that the returned HTTP status is 200
- status-is: 200
# Check that the response contains this string
- body-contains: '<div id= "mypads"></div>'
# Check that the response matches this regex
- body-like: MyPads .* accounts
# Check that the SSL certificate is no older than ssl.thresholds
- ssl-certificate-expiration: "on-check"
# Check that the response contains this headers
# The comparison is case insensitive
- headers-contain:
- "content-encoding"
- "content-type"
# Check that there is a HTTP to HTTPS redirection with 3xx status code
- http-to-https: true
# Check that there is a HTTP to HTTPS redirection with 301 status code
- http-to-https: 301
# Check that there is a HTTP to HTTPS redirection with a status code
# in the provided range (stop value excluded)
- http-to-https:
start: 301
stop: 308
# Check that there is a HTTP to HTTPS redirection with a status code
# in the provided list
- http-to-https:
- 301
- 302
- 307
- path: "/admin/"
checks:
# Check that the return HTTP status is one of those
# Similar to status-is, verify that you don’t mistyped it!
- status-in:
- 401
- 301
# Check that the response contains this headers and values
# It’s VERY important to respect the 4 spaces indentation here!
# The name of the headers is case insensitive
- headers-have:
content-encoding: "gzip"
content-type: "text/html"
# Checks that response headers contains the expected headers and
# that the values matches the provided regexes
# You have to double the escape character \
- headers-like:
content-encoding: "gzip|utf"
content-type: "text/(html|css)"
- path: "/my-stats.json"
checks:
# Check that JSON response contains the expected structure
- json-contains:
- /foo/bar/0
- /foo/bar/1
- /timestamp
# Check that JSON response contains the expected structure and values
# It’s VERY important to respect the 4 spaces indentation here!
- json-has:
/maintenance: false
/productname: "Nextcloud"
# Check that JSON response contains the expected structure and
# that the values matches the provided regexes
# You have to double the escape character \
- json-like:
/productname: ".*cloud"
/versionstring: "29\\..*"
# Check that JSON response is the exact expected JSON object
# The order of the items in the object does not matter.
- json-is: '{"foo": "bar", "baz": 42}'
- domain: "https://munin.example.org"
frequency: "20m"
paths:
- path: "/"
checks:
- status-is: 301
- path: "/munin/"
checks:
- status-is: 401