assume network is 172.0.0.0/8

in some cases, the allow_network script will crash monit during reload and keep the container in a reboot loop
2019-11-16 15:38:17 -03:00 · 2019-11-16 15:38:17 -03:00 · afb9d7e18d
commit afb9d7e18d
parent 9f1d619fac
4 changed files with 4 additions and 33 deletions
--- a/7
+++ b/7
@ -15,12 +15,7 @@ RUN install -dm 2750 -o root -g root /var/lib/monit
 # Install config. monit.conf~ will be activated after allow_networks
 # runs.
 COPY ./monitrc /etc/monitrc
-COPY ./monit /etc/monit.d/monit.conf~
+RUN chmod 600 /etc/monitrc
 COPY ./allow_networks.sh /usr/local/bin/allow_networks
 # Set permissions
 RUN chmod 700 /etc/monitrc /etc/monit.d/monit.conf~
 RUN chmod 755 /usr/local/bin/allow_networks
 # Allow access to the web GUI
 EXPOSE 2812
--- a/allow_networks.sh
+++ b/allow_networks.sh
@ -1,21 +0,0 @@
 #!/bin/sh
 set -e
 # Everything's OK
 test -f /etc/monit.d/monit.conf && exit 0
 # Obtain current IP addresses
 ip route \
  | grep "^[0-9]" \
  | cut -d " " -f 1 \
  | sed -re "s/^/  allow /" \
  >> /etc/monit.d/monit.conf~
 # Put in place
 mv /etc/monit.d/monit.conf~ /etc/monit.d/monit.conf
 # Configure email
 grep -q "${EMAIL}" /etc/monitrc || echo "set alert ${EMAIL}" >> /etc/monitrc
 # Reload config
 monit reload
--- a/2
+++ b/2
@ -1,2 +0,0 @@
 set httpd port 2812
  allow localhost
--- a/7
+++ b/7
@ -8,9 +8,8 @@ set eventqueue basedir /var/lib/monit/events slots 100
 set mailserver postfix
 set limits { programoutput: 1 MB }
-check program allow_networks
+set httpd port 2812
-  with path "/usr/local/bin/allow_networks"
+  allow localhost
-  every 1 cycles
+  allow 172.0.0.0/8
  if status = 0 then unmonitor
 include /etc/monit.d/*.conf