assume network is 172.0.0.0/8

in some cases, the allow_network script will crash monit during reload
and keep the container in a reboot loop
This commit is contained in:
f 2019-11-16 15:38:17 -03:00
parent 9f1d619fac
commit afb9d7e18d
No known key found for this signature in database
GPG key ID: 2AE5A13E321F953D
4 changed files with 4 additions and 33 deletions

View file

@ -15,12 +15,7 @@ RUN install -dm 2750 -o root -g root /var/lib/monit
# Install config. monit.conf~ will be activated after allow_networks # Install config. monit.conf~ will be activated after allow_networks
# runs. # runs.
COPY ./monitrc /etc/monitrc COPY ./monitrc /etc/monitrc
COPY ./monit /etc/monit.d/monit.conf~ RUN chmod 600 /etc/monitrc
COPY ./allow_networks.sh /usr/local/bin/allow_networks
# Set permissions
RUN chmod 700 /etc/monitrc /etc/monit.d/monit.conf~
RUN chmod 755 /usr/local/bin/allow_networks
# Allow access to the web GUI # Allow access to the web GUI
EXPOSE 2812 EXPOSE 2812

View file

@ -1,21 +0,0 @@
#!/bin/sh
set -e
# Everything's OK
test -f /etc/monit.d/monit.conf && exit 0
# Obtain current IP addresses
ip route \
| grep "^[0-9]" \
| cut -d " " -f 1 \
| sed -re "s/^/ allow /" \
>> /etc/monit.d/monit.conf~
# Put in place
mv /etc/monit.d/monit.conf~ /etc/monit.d/monit.conf
# Configure email
grep -q "${EMAIL}" /etc/monitrc || echo "set alert ${EMAIL}" >> /etc/monitrc
# Reload config
monit reload

2
monit
View file

@ -1,2 +0,0 @@
set httpd port 2812
allow localhost

View file

@ -8,9 +8,8 @@ set eventqueue basedir /var/lib/monit/events slots 100
set mailserver postfix set mailserver postfix
set limits { programoutput: 1 MB } set limits { programoutput: 1 MB }
check program allow_networks set httpd port 2812
with path "/usr/local/bin/allow_networks" allow localhost
every 1 cycles allow 172.0.0.0/8
if status = 0 then unmonitor
include /etc/monit.d/*.conf include /etc/monit.d/*.conf