Compare commits
55 commits
c90ba65374
...
3034258f36
Author | SHA1 | Date | |
---|---|---|---|
|
3034258f36 | ||
|
9c4de359fb | ||
|
75df2530e3 | ||
|
af44e95be9 | ||
|
94583cdcca | ||
|
9f2673b4e1 | ||
|
e38f6a1fe6 | ||
|
5d2ad04336 | ||
|
3f78ebd148 | ||
|
e41a77ee7b | ||
|
bbfa212002 | ||
|
b198d36200 | ||
|
45562a4354 | ||
|
1b72fdc8b0 | ||
|
03513b78ec | ||
|
8b674a10b9 | ||
|
d4294d219a | ||
|
a615fdf509 | ||
|
c0531c8f3c | ||
|
4387534944 | ||
|
b04c169a8e | ||
|
7aa9fe6d10 | ||
|
d27b839b0d | ||
|
755c3c75d6 | ||
|
0c9ca5f55b | ||
|
ed9e013135 | ||
|
8c2c4aa4d8 | ||
|
e5856e8865 | ||
|
e546682b45 | ||
|
ba8955e7aa | ||
|
95b521eead | ||
|
b0de70d3ef | ||
|
d338528819 | ||
|
eaeb0cd8b2 | ||
|
30731652e3 | ||
|
5c1bcb8bae | ||
|
d14e689473 | ||
|
5402fd2529 | ||
|
fd82edc49f | ||
|
34b0a70b4f | ||
|
72e5499ab9 | ||
|
45c8f985c7 | ||
|
8809e18b77 | ||
|
99ea5a001f | ||
|
e3735537be | ||
|
227097be6a | ||
|
642227d8a8 | ||
|
74c942a52a | ||
|
0c07a45bd5 | ||
|
bf1ebc9d2d | ||
|
647adc5beb | ||
|
afb9d7e18d | ||
|
9f1d619fac | ||
|
75b15a65d9 | ||
|
414a60c722 |
9 changed files with 168 additions and 18 deletions
|
@ -1,11 +0,0 @@
|
||||||
stages:
|
|
||||||
- build
|
|
||||||
|
|
||||||
build:
|
|
||||||
stage: build
|
|
||||||
image:
|
|
||||||
name: gcr.io/kaniko-project/executor:debug
|
|
||||||
entrypoint: [""]
|
|
||||||
script:
|
|
||||||
- echo "{\"auths\":{\"$CI_REGISTRY\":{\"username\":\"$CI_REGISTRY_USER\",\"password\":\"$CI_REGISTRY_PASSWORD\"}}}" > /kaniko/.docker/config.json
|
|
||||||
- /kaniko/executor --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/Dockerfile --destination $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA --destination $CI_REGISTRY_IMAGE:latest
|
|
|
@ -4,13 +4,14 @@ pipeline:
|
||||||
settings:
|
settings:
|
||||||
registry: registry.nulo.in
|
registry: registry.nulo.in
|
||||||
username: sutty
|
username: sutty
|
||||||
repo: registry.nulo.in/sutty/CHANGEME
|
repo: registry.nulo.in/sutty/monit
|
||||||
tags:
|
tags:
|
||||||
- ${ALPINE_VERSION}
|
- ${ALPINE_VERSION}
|
||||||
- latest
|
- latest
|
||||||
build_args:
|
build_args:
|
||||||
- ALPINE_VERSION=${ALPINE_VERSION}
|
- ALPINE_VERSION=${ALPINE_VERSION}
|
||||||
- BASE_IMAGE=registry.nulo.in/sutty/monit
|
- BASE_IMAGE=alpine
|
||||||
|
purge: false
|
||||||
secrets:
|
secrets:
|
||||||
- docker_password
|
- docker_password
|
||||||
when:
|
when:
|
||||||
|
@ -18,7 +19,7 @@ pipeline:
|
||||||
event: push
|
event: push
|
||||||
matrix:
|
matrix:
|
||||||
ALPINE_VERSION:
|
ALPINE_VERSION:
|
||||||
- 3.16.0
|
- 3.16.1
|
||||||
- 3.15.4
|
- 3.15.5
|
||||||
- 3.14.6
|
- 3.14.7
|
||||||
- 3.13.10
|
- 3.13.11
|
||||||
|
|
46
Dockerfile
46
Dockerfile
|
@ -1,4 +1,48 @@
|
||||||
ARG ALPINE_VERSION=3.13.6
|
ARG ALPINE_VERSION=3.13.6
|
||||||
ARG BASE_IMAGE=sutty/monit
|
ARG BASE_IMAGE=alpine
|
||||||
|
FROM ${BASE_IMAGE}:${ALPINE_VERSION} as build
|
||||||
|
|
||||||
|
RUN apk add --no-cache tzdata
|
||||||
|
|
||||||
|
COPY ./monitrc /etc/monitrc
|
||||||
|
RUN chmod 600 /etc/monitrc
|
||||||
|
|
||||||
FROM ${BASE_IMAGE}:${ALPINE_VERSION}
|
FROM ${BASE_IMAGE}:${ALPINE_VERSION}
|
||||||
|
ARG ALPINE_VERSION
|
||||||
MAINTAINER "f <f@sutty.nl>"
|
MAINTAINER "f <f@sutty.nl>"
|
||||||
|
ENV EMAIL=monit@sutty.nl
|
||||||
|
ENV EMAIL_FROM=monit@sutty.nl
|
||||||
|
ENV MMONIT=mmmonit.athshe.sutty.nl
|
||||||
|
ENV CREDENTIALS=mmmonit:mmmonit.athshe.sutty.nl
|
||||||
|
|
||||||
|
# Locale
|
||||||
|
ENV LANG="C.UTF-8"
|
||||||
|
|
||||||
|
# Sutty's repository
|
||||||
|
RUN echo ${ALPINE_VERSION} | cut -d . -f 1,2 | xargs -I {} echo https://alpine.sutty.nl/alpine/v{}/sutty | tee -a /etc/apk/repositories
|
||||||
|
RUN wget https://alpine.sutty.nl/alpine/sutty.pub -O /etc/apk/keys/alpine@sutty.nl-5ea884cd.rsa.pub
|
||||||
|
|
||||||
|
# Install monit and remove default config
|
||||||
|
RUN apk add --no-cache tini monit knsupdate
|
||||||
|
COPY --from=build /usr/share/zoneinfo/UTC /etc/localtime
|
||||||
|
|
||||||
|
# Create directories
|
||||||
|
RUN install -dm 2750 -o root -g root /etc/monit.d
|
||||||
|
RUN install -dm 2750 -o root -g root /var/lib/monit
|
||||||
|
|
||||||
|
# Install config
|
||||||
|
COPY --from=build /etc/monitrc /etc/monitrc
|
||||||
|
COPY ./nsupdate.sh /usr/local/bin/nsupdate
|
||||||
|
COPY ./whatsmyip6.sh /usr/local/bin/whatsmyip6
|
||||||
|
COPY ./syslogize.sh /usr/local/bin/syslogize
|
||||||
|
COPY ./zeroconf.sh /usr/local/bin/zeroconf
|
||||||
|
COPY ./zeroconf.conf /etc/zeroconf.conf
|
||||||
|
|
||||||
|
# Allow access to the web GUI
|
||||||
|
EXPOSE 2812
|
||||||
|
|
||||||
|
# Use tini as init
|
||||||
|
ENTRYPOINT ["/sbin/tini", "--"]
|
||||||
|
|
||||||
|
# Run monit, it will take care of running services afterwards
|
||||||
|
CMD ["/usr/bin/monit"]
|
||||||
|
|
20
monitrc
Normal file
20
monitrc
Normal file
|
@ -0,0 +1,20 @@
|
||||||
|
set init
|
||||||
|
set daemon 60
|
||||||
|
set logfile syslog facility log_daemon
|
||||||
|
set pidfile /run/monit.pid
|
||||||
|
set idfile /var/lib/monit/id
|
||||||
|
set statefile /var/lib/monit/state
|
||||||
|
set eventqueue basedir /var/lib/monit/events slots 100
|
||||||
|
set limits { programoutput: 1 MB }
|
||||||
|
|
||||||
|
check program nsupdate
|
||||||
|
with path "/usr/local/bin/nsupdate"
|
||||||
|
every 1 cycle
|
||||||
|
if status = 0 then unmonitor
|
||||||
|
|
||||||
|
check program zeroconf
|
||||||
|
with path "/usr/local/bin/zeroconf"
|
||||||
|
every 1 cycle
|
||||||
|
if status = 0 then unmonitor
|
||||||
|
|
||||||
|
include /etc/monit.d/*.conf
|
25
nsupdate.sh
Executable file
25
nsupdate.sh
Executable file
|
@ -0,0 +1,25 @@
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
# Registers the local IPv6 address to the DNS
|
||||||
|
|
||||||
|
IP6="`whatsmyip6`"
|
||||||
|
KNOT="${KNOT:-knot.${DOMAIN}}"
|
||||||
|
|
||||||
|
test -z "${IP6}" && exit 1
|
||||||
|
test -z "${DOMAIN}" && exit 1
|
||||||
|
|
||||||
|
# Add a dot if the hostname contains the domain
|
||||||
|
echo "${HOSTNAME}" | grep -q "\.${DOMAIN}$" && DOT="."
|
||||||
|
|
||||||
|
knsupdate <<DNS
|
||||||
|
server ${KNOT}
|
||||||
|
zone ${DOMAIN}.
|
||||||
|
origin ${DOMAIN}.
|
||||||
|
ttl 60
|
||||||
|
del ${HOSTNAME}${DOT} AAAA
|
||||||
|
add ${HOSTNAME}${DOT} AAAA ${IP6}
|
||||||
|
send
|
||||||
|
quit
|
||||||
|
DNS
|
||||||
|
|
||||||
|
exit $?
|
33
syslogize.sh
Executable file
33
syslogize.sh
Executable file
|
@ -0,0 +1,33 @@
|
||||||
|
#!/bin/sh
|
||||||
|
# A wrapper for programs that can't write to syslog. Output and error
|
||||||
|
# are sent to syslog.
|
||||||
|
#
|
||||||
|
# Use LOGGER environment variable to pass options to `logger`. They'll
|
||||||
|
# probably be system-dependent, so handle with care.
|
||||||
|
#
|
||||||
|
# Usage:
|
||||||
|
#
|
||||||
|
# LOGGER="-t program" syslogize program -o -p --tions argu ments
|
||||||
|
#
|
||||||
|
# daemonize /usr/local/bin/syslogize program
|
||||||
|
|
||||||
|
if test $# -eq 0 ; then
|
||||||
|
grep "^#" $0 | grep -v /bin/sh | sed -re "s/^#\s*//" >&2
|
||||||
|
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
LOGGER="${LOGGER:--t $1}"
|
||||||
|
|
||||||
|
propagate_signal () {
|
||||||
|
logger ${LOGGER} "Received $1 signal"
|
||||||
|
jobs -p | xargs kill -$1
|
||||||
|
}
|
||||||
|
|
||||||
|
for signal in HUP INT QUIT USR1 USR2 TERM; do
|
||||||
|
trap "propagate_signal ${signal}" ${signal}
|
||||||
|
done
|
||||||
|
|
||||||
|
$@ 2>&1 | logger ${LOGGER} &
|
||||||
|
|
||||||
|
wait $!
|
3
whatsmyip6.sh
Executable file
3
whatsmyip6.sh
Executable file
|
@ -0,0 +1,3 @@
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
ip address show ${1:-eth0} | grep inet6 | grep global | tr -s " " | cut -d " " -f 3 | cut -d / -f 1
|
16
zeroconf.conf
Normal file
16
zeroconf.conf
Normal file
|
@ -0,0 +1,16 @@
|
||||||
|
set mmonit http://@@MMONIT@@/collector
|
||||||
|
set mailserver postfix port 25 using hostname @@HOSTNAME@@
|
||||||
|
|
||||||
|
set alert @@EMAIL@@
|
||||||
|
|
||||||
|
set mail-format {
|
||||||
|
from: Monit <@@EMAIL_FROM@@>
|
||||||
|
subject: $HOST
|
||||||
|
message: $ACTION $SERVICE -- $DATE: $DESCRIPTION.
|
||||||
|
}
|
||||||
|
|
||||||
|
set httpd port 2812
|
||||||
|
allow localhost
|
||||||
|
allow 172.0.0.0/8
|
||||||
|
allow "fd00:acab::/32"
|
||||||
|
allow @@CREDENTIALS@@
|
19
zeroconf.sh
Executable file
19
zeroconf.sh
Executable file
|
@ -0,0 +1,19 @@
|
||||||
|
#!/bin/sh
|
||||||
|
set -e
|
||||||
|
|
||||||
|
test ! -f /etc/monit.d/zeroconf.conf || exit 0
|
||||||
|
|
||||||
|
test -n "${EMAIL}"
|
||||||
|
test -n "${EMAIL_FROM}"
|
||||||
|
test -n "${MMONIT}"
|
||||||
|
test -n "${CREDENTIALS}"
|
||||||
|
|
||||||
|
sed -re "s/@@EMAIL@@/${EMAIL}/" \
|
||||||
|
-e "s/@@EMAIL_FROM@@/${EMAIL_FROM}/" \
|
||||||
|
-e "s/@@HOSTNAME@@/${EMAIL_FROM#*@}/" \
|
||||||
|
-e "s/@@MMONIT@@/${MMONIT}/" \
|
||||||
|
-e "s/@@CREDENTIALS@@/${CREDENTIALS}/" \
|
||||||
|
/etc/zeroconf.conf > /etc/monit.d/zeroconf.conf
|
||||||
|
|
||||||
|
monit -t
|
||||||
|
monit reload
|
Loading…
Reference in a new issue