Sutty/containers-monit
5
0
Fork 0
Code Issues 1 Pull requests Projects Releases Wiki Activity

Compare commits

base: Sutty:antifascista
Branches Tags
Sutty:antifascista
Sutty:syslogize
..
compare: Sutty:30731652e3fe313e345a0e011d87a1a006f10ace
Branches Tags
Sutty:antifascista
Sutty:syslogize

No commits in common. "antifascista" and "30731652e3fe313e345a0e011d87a1a006f10ace" have entirely different histories.
antifascis ... 30731652e3

10 changed files with 53 additions and 116 deletions
Show stats Expand all files Collapse all files

11
.gitlab-ci.yml Normal file
View file

@ -0,0 +1,11 @@
stages:
- build
build:
stage: build
image:
name: gcr.io/kaniko-project/executor:debug
entrypoint: [""]
script:
- echo "{\"auths\":{\"$CI_REGISTRY\":{\"username\":\"$CI_REGISTRY_USER\",\"password\":\"$CI_REGISTRY_PASSWORD\"}}}" > /kaniko/.docker/config.json
- /kaniko/executor --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/Dockerfile --destination $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA --destination $CI_REGISTRY_IMAGE:latest

41
.woodpecker.yml
View file

@ -1,25 +1,22 @@
steps: pipeline:
publish: publish:
image: "docker.io/woodpeckerci/plugin-docker-buildx" image: plugins/docker
settings: registry: registry.nulo.in
registry: "https://gitea.nulo.in" repo: registry.nulo.in/sutty/CHANGEME
username: "sutty" tags:
repo: "gitea.nulo.in/sutty/monit" - ${ALPINE_VERSION}
tags: - latest
- "${ALPINE_VERSION}" build_args:
- "latest" - ALPINE_VERSION=${ALPINE_VERSION}
build_args: - BASE_IMAGE=registry.nulo.in/sutty/monit
- "ALPINE_VERSION=${ALPINE_VERSION}" username: sutty
- "BASE_IMAGE=gitea.nulo.in/sutty/sutty" secrets:
purge: false - docker_password
password:
from_secret: "DOCKER_PASSWORD"
when: when:
branch: "antifascista" branch: antifascista
event: "push" event: push
matrix: matrix:
include: ALPINE_VERSION:
- ALPINE_VERSION: "3.20.3" - 3.13.6
- ALPINE_VERSION: "3.19.4" - 3.14.2
- ALPINE_VERSION: "3.18.9"
- ALPINE_VERSION: "3.17.10"

27
Dockerfile
View file

@ -1,33 +1,34 @@
ARG ALPINE_VERSION=3.18.3 ARG ALPINE_VERSION=3.13.6
ARG BASE_IMAGE=gitea.nulo.in/sutty/sutty ARG BASE_IMAGE=alpine
FROM ${BASE_IMAGE}:${ALPINE_VERSION} AS build ARG EMAIL=monit@sutty.nl
FROM ${BASE_IMAGE}:${ALPINE_VERSION} as build
RUN apk add --no-cache tzdata
COPY ./monitrc /etc/monitrc COPY ./monitrc /etc/monitrc
RUN chmod 600 /etc/monitrc RUN chmod 600 /etc/monitrc
RUN sed -re "s/@@EMAIL@@/${EMAIL}/" -i /etc/monitrc
FROM ${BASE_IMAGE}:${ALPINE_VERSION} FROM ${BASE_IMAGE}:${ALPINE_VERSION}
LABEL org.opencontainers.image.authors="f@sutty.nl" ARG ALPINE_VERSION
ENV EMAIL=monit@sutty.nl MAINTAINER "f <f@sutty.nl>"
ENV EMAIL_FROM=monit@sutty.nl
ENV MMONIT=mmmonit.athshe.sutty.nl # Sutty's repository
ENV CREDENTIALS=mmmonit:mmmonit.athshe.sutty.nl RUN echo ${ALPINE_VERSION} | cut -d . -f 1,2 | xargs -I {} echo https://alpine.sutty.nl/alpine/v{}/sutty | tee -a /etc/apk/repositories
RUN wget https://alpine.sutty.nl/alpine/sutty.pub -O /etc/apk/keys/alpine@sutty.nl-5ea884cd.rsa.pub
# Install monit and remove default config # Install monit and remove default config
RUN apk add --no-cache tini monit knsupdate RUN apk add --no-cache tini monit knsupdate
COPY --from=build /usr/share/zoneinfo/UTC /etc/localtime
# Create directories # Create directories
RUN install -dm 2750 -o root -g root /etc/monit.d RUN install -dm 2750 -o root -g root /etc/monit.d
RUN install -dm 2750 -o root -g root /etc/monit.d/external/
RUN install -dm 2750 -o root -g root /var/lib/monit RUN install -dm 2750 -o root -g root /var/lib/monit
# Install config # Install config
COPY --from=build /etc/monitrc /etc/monitrc COPY --from=build /etc/monitrc /etc/monitrc
COPY ./nsupdate.sh /usr/local/bin/nsupdate COPY ./nsupdate.sh /usr/local/bin/nsupdate
COPY ./whatsmyip6.sh /usr/local/bin/whatsmyip6 COPY ./whatsmyip6.sh /usr/local/bin/whatsmyip6
COPY ./whatsmydefaulteth.sh /usr/local/bin/whatsmydefaulteth
COPY ./syslogize.sh /usr/local/bin/syslogize
COPY ./zeroconf.sh /usr/local/bin/zeroconf
COPY ./zeroconf.conf /etc/zeroconf.conf
# Allow access to the web GUI # Allow access to the web GUI
EXPOSE 2812 EXPOSE 2812

12
monitrc
View file

@ -5,17 +5,17 @@ set pidfile /run/monit.pid
set idfile /var/lib/monit/id set idfile /var/lib/monit/id
set statefile /var/lib/monit/state set statefile /var/lib/monit/state
set eventqueue basedir /var/lib/monit/events slots 100 set eventqueue basedir /var/lib/monit/events slots 100
set mailserver postfix
set limits { programoutput: 1 MB } set limits { programoutput: 1 MB }
set alert @@EMAIL@@
set httpd port 2812
allow localhost
allow 172.0.0.0/8
check program nsupdate check program nsupdate
with path "/usr/local/bin/nsupdate" with path "/usr/local/bin/nsupdate"
every 1 cycle every 1 cycle
if status = 0 then unmonitor if status = 0 then unmonitor
check program zeroconf
with path "/usr/local/bin/zeroconf"
every 1 cycle
if status = 0 then unmonitor
include /etc/monit.d/*.conf include /etc/monit.d/*.conf
include /etc/monit.d/external/*.conf

4
nsupdate.sh
View file

@ -3,9 +3,10 @@
# Registers the local IPv6 address to the DNS # Registers the local IPv6 address to the DNS
IP6="`whatsmyip6`" IP6="`whatsmyip6`"
KNOT="${KNOT:-knot.${DOMAIN}}" KNOT="${KNOT:-${IP6}}"
test -z "${IP6}" && exit 1 test -z "${IP6}" && exit 1
test -z "${KNOT}" && exit 1
test -z "${DOMAIN}" && exit 1 test -z "${DOMAIN}" && exit 1
# Add a dot if the hostname contains the domain # Add a dot if the hostname contains the domain
@ -16,7 +17,6 @@ server ${KNOT}
zone ${DOMAIN}. zone ${DOMAIN}.
origin ${DOMAIN}. origin ${DOMAIN}.
ttl 60 ttl 60
del ${HOSTNAME}${DOT} AAAA
add ${HOSTNAME}${DOT} AAAA ${IP6} add ${HOSTNAME}${DOT} AAAA ${IP6}
send send
quit quit

33
syslogize.sh
View file

@ -1,33 +0,0 @@
#!/bin/sh
# A wrapper for programs that can't write to syslog. Output and error
# are sent to syslog.
#
# Use LOGGER environment variable to pass options to `logger`. They'll
# probably be system-dependent, so handle with care.
#
# Usage:
#
# LOGGER="-t program" syslogize program -o -p --tions argu ments
#
# daemonize /usr/local/bin/syslogize program
if test $# -eq 0 ; then
grep "^#" $0 | grep -v /bin/sh | sed -re "s/^#\s*//" >&2
exit 1
fi
LOGGER="${LOGGER:--t $1}"
propagate_signal () {
logger ${LOGGER} "Received $1 signal"
jobs -p | xargs kill -$1
}
for signal in HUP INT QUIT USR1 USR2 TERM; do
trap "propagate_signal ${signal}" ${signal}
done
$@ 2>&1 | logger ${LOGGER} &
wait $!

3
whatsmydefaulteth.sh
View file

@ -1,3 +0,0 @@
#!/bin/sh
ip -6 r | grep default | tr -s " " | cut -d " " -f 5

2
whatsmyip6.sh
View file

@ -1,3 +1,3 @@
#!/bin/sh #!/bin/sh
ip address show ${1:-$(whatsmydefaulteth)} | grep inet6 | grep global | tr -s " " | cut -d " " -f 3 | cut -d / -f 1 ip address show ${1:-eth0} | grep inet6 | grep global | tr -s " " | cut -d " " -f 3 | cut -d / -f 1

16
zeroconf.conf
View file

@ -1,16 +0,0 @@
set mmonit http://@@MMONIT@@/collector
set mailserver @@POSTFIX@@ port 25 using hostname @@HOSTNAME@@
set alert @@EMAIL@@
set mail-format {
from: Monit <@@EMAIL_FROM@@>
subject: $HOST
message: $ACTION $SERVICE -- $DATE: $DESCRIPTION.
}
set httpd port 2812
allow localhost
allow 10.13.12.0/24
allow "fd00:acab::/32"
allow @@CREDENTIALS@@

20
zeroconf.sh
View file

@ -1,20 +0,0 @@
#!/bin/sh
set -e
test ! -f /etc/monit.d/zeroconf.conf || exit 0
test -n "${EMAIL}"
test -n "${EMAIL_FROM}"
test -n "${MMONIT}"
test -n "${CREDENTIALS}"
sed -re "s/@@EMAIL@@/${EMAIL}/" \
-e "s/@@EMAIL_FROM@@/${EMAIL_FROM}/" \
-e "s/@@HOSTNAME@@/${EMAIL_FROM#*@}/" \
-e "s/@@MMONIT@@/${MMONIT}/" \
-e "s/@@CREDENTIALS@@/${CREDENTIALS}/" \
-e "s/@@POSTFIX@@/${POSTFIX:-postfix}/" \
/etc/zeroconf.conf > /etc/monit.d/zeroconf.conf
monit -t
monit reload