fluentbit básico (forgejo)

This commit is contained in:
Cat /dev/Nulo 2023-02-18 13:10:21 -03:00
parent e8ff701081
commit a33377d329
4 changed files with 112 additions and 14 deletions

View file

@ -10,6 +10,7 @@ import { sudoChown, sudoChownToRunningUser } from "./helpers/sudo.js";
import { setupKernel } from "./kernel.js"; import { setupKernel } from "./kernel.js";
import { runQemu } from "./qemu.js"; import { runQemu } from "./qemu.js";
import { Runit } from "./runit/index.js"; import { Runit } from "./runit/index.js";
import { installFluentBit } from "./software/fluentbit";
import { setupForgejo } from "./services/forgejo/index.js"; import { setupForgejo } from "./services/forgejo/index.js";
import { setupDhcpcd } from "./services/dhcpcd.js"; import { setupDhcpcd } from "./services/dhcpcd.js";
import { setupNtpsec } from "./services/ntpsec.js"; import { setupNtpsec } from "./services/ntpsec.js";
@ -36,6 +37,7 @@ if (process.argv[2] === "generate-secrets") {
const alpine = await Alpine.makeWorld({ dir: rootfsDir }); const alpine = await Alpine.makeWorld({ dir: rootfsDir });
await alpine.addPackages(["helix", "htop", "iproute2-ss", "socat"]); await alpine.addPackages(["helix", "htop", "iproute2-ss", "socat"]);
await installFluentBit(alpine);
const runit = await Runit.setup(alpine); const runit = await Runit.setup(alpine);
await setupDhcpcd(alpine, runit); await setupDhcpcd(alpine, runit);
await setupNtpsec(alpine, runit); await setupNtpsec(alpine, runit);

View file

@ -78,20 +78,17 @@ runit-init 6`
await runit.addService( await runit.addService(
"getty-tty1", "getty-tty1",
`#!/bin/sh `#!/bin/sh
exec chpst -P getty 38400 tty1 linux`, exec chpst -P getty 38400 tty1 linux`
false
); );
await runit.addService( await runit.addService(
"getty-tty2", "getty-tty2",
`#!/bin/sh `#!/bin/sh
exec chpst -P getty 38400 tty2 linux`, exec chpst -P getty 38400 tty2 linux`
false
); );
await runit.addService( await runit.addService(
"getty-ttyS0", "getty-ttyS0",
`#!/bin/sh `#!/bin/sh
exec chpst -P getty 38400 ttyS0 linux`, exec chpst -P getty 38400 ttyS0 linux`
false
); );
return runit; return runit;
@ -100,17 +97,13 @@ exec chpst -P getty 38400 ttyS0 linux`,
async addService( async addService(
name: string, name: string,
script: string, script: string,
log: boolean = true logScript?: string
): Promise<void> { ): Promise<void> {
const runScriptPath = path.join("/etc/sv/", name, "/run"); const runScriptPath = path.join("/etc/sv/", name, "/run");
await this.alpine.sudoWriteExecutable(runScriptPath, script); await this.alpine.sudoWriteExecutable(runScriptPath, script);
if (log) { if (logScript) {
const logScriptPath = path.join("/etc/sv/", name, "/log/run"); const logScriptPath = path.join("/etc/sv/", name, "/log/run");
await this.alpine.sudoWriteExecutable( await this.alpine.sudoWriteExecutable(logScriptPath, logScript);
logScriptPath,
`#!/bin/sh
exec logger -p daemon.info -t '${name}'`
);
await this.alpine.symlink( await this.alpine.symlink(
`/run/runit/supervise.${name}.log`, `/run/runit/supervise.${name}.log`,
path.join("/etc/sv/", name, "/log/supervise") path.join("/etc/sv/", name, "/log/supervise")

View file

@ -4,6 +4,7 @@ import { Runit } from "../../runit/index.js";
import { join } from "node:path"; import { join } from "node:path";
import { loadForgejoSecretsFile } from "./secrets.js"; import { loadForgejoSecretsFile } from "./secrets.js";
import { sudoCopy } from "../../helpers/sudo.js"; import { sudoCopy } from "../../helpers/sudo.js";
import { FluentBitParser, runitLokiLogger } from "../../software/fluentbit.js";
export async function setupForgejo(alpine: Alpine, runit: Runit) { export async function setupForgejo(alpine: Alpine, runit: Runit) {
const bin = await buildForgejo(); const bin = await buildForgejo();
@ -163,6 +164,8 @@ export FORGEJO_WORK_DIR="$HOME"
cd "$HOME" cd "$HOME"
exec chpst -u $USER:$USER /usr/local/bin/forgejo web --config /etc/forgejo.conf 2>&1 exec chpst -u $USER:$USER /usr/local/bin/forgejo web --config /etc/forgejo.conf 2>&1
` `,
// TODO: usar mejor parser
runitLokiLogger(FluentBitParser.Raw, "forgejo")
); );
} }

100
software/fluentbit.ts Normal file
View file

@ -0,0 +1,100 @@
import { join } from "node:path";
import { Alpine } from "../alpine.js";
import { buildRepro, reproRun } from "../helpers/repro-run.js";
import { sudoCopy } from "../helpers/sudo.js";
const parsersPath = "/etc/fluent-bit/parsers.conf";
export async function installFluentBit(alpine: Alpine): Promise<void> {
const bin = await buildFluentBit();
await saveParsers(alpine);
await alpine.addPackages(["musl-fts", "yaml"]);
await sudoCopy(bin, join(alpine.dir, "/usr/local/bin/fluent-bit"));
}
// ## Script generators
// Returns a logScript to be used with runit for logging to Loki
export function runitLokiLogger(parser: FluentBitParser, name: string): string {
return `#!/bin/sh
exec chpst -u nobody:nobody /usr/local/bin/fluent-bit \
--parser='${parsersPath}' \
--input=stdin \
--prop=parser='${parser}' \
--output=loki \
--prop=labels='job=fluentbit,stream=${name}'
`;
}
// ## Parsers
export enum FluentBitParser {
Json = "json",
// Raw toma todo lo que haya en una línea y lo guarda en `message`. No recomendado.
Raw = "raw",
}
async function saveParsers(alpine: Alpine): Promise<void> {
// https://github.com/fluent/fluent-bit/blob/master/conf/parsers.conf
await alpine.writeFile(
parsersPath,
`
[PARSER]
name raw
format regex
regex ^(?<message>.*?)$
`
);
}
// ## Build binary
function buildFluentBit(): Promise<string> {
const version = "v2.0.9";
return buildRepro(
"fluentbit",
version,
`#!/bin/sh -e
runprint() {
echo "==> $@"
"$@"
}
runprint apk add --quiet \
make gcc g++ patch musl-dev openssl-dev linux-headers \
bison cmake flex musl-fts-dev gtest-dev yaml-dev zlib-dev
wget https://github.com/fluent/fluent-bit/archive/refs/tags/${version}.tar.gz -O- | tar zx
cd fluent-bit-*
patch --strip=1 <<'EOF'
--- a/lib/chunkio/src/CMakeLists.txt
+++ b/lib/chunkio/src/CMakeLists.txt
@@ -12,6 +12,7 @@
)
set(libs cio-crc32)
+set(libs \${libs} fts)
if(\${CMAKE_SYSTEM_NAME} MATCHES "Windows")
set(src
EOF
runprint cmake -B build \
-DFLB_CORO_STACK_SIZE=24576 \
.
runprint make -C build
ls build/bin/
mv build/bin/fluent-bit /fluent-bit
`,
(dir) =>
reproRun({
cwd: dir,
command: "/src/build",
cache: [],
}),
(dir) => join(dir, "rootfs/fluent-bit")
);
}