assume network is 172.0.0.0/8

in some cases, the allow_network script will crash monit during reload and keep the container in a reboot loop
2019-11-16 15:38:17 -03:00 · 2019-11-16 15:38:17 -03:00 · afb9d7e18d
commit afb9d7e18d
parent 9f1d619fac
4 changed files with 4 additions and 33 deletions
--- a/7
+++ b/7
@ -15,12 +15,7 @@ RUN install -dm 2750 -o root -g root /var/lib/monit
 # Install config. monit.conf~ will be activated after allow_networks
 # runs.
 COPY ./monitrc /etc/monitrc
-COPY ./monit /etc/monit.d/monit.conf~
-COPY ./allow_networks.sh /usr/local/bin/allow_networks
-
-# Set permissions
-RUN chmod 700 /etc/monitrc /etc/monit.d/monit.conf~
-RUN chmod 755 /usr/local/bin/allow_networks
+RUN chmod 600 /etc/monitrc

 # Allow access to the web GUI
 EXPOSE 2812
--- a/allow_networks.sh
+++ b/allow_networks.sh
@ -1,21 +0,0 @@
-#!/bin/sh
-set -e
-
-# Everything's OK
-test -f /etc/monit.d/monit.conf && exit 0
-
-# Obtain current IP addresses
-ip route \
-  | grep "^[0-9]" \
-  | cut -d " " -f 1 \
-  | sed -re "s/^/  allow /" \
-  >> /etc/monit.d/monit.conf~
-
-# Put in place
-mv /etc/monit.d/monit.conf~ /etc/monit.d/monit.conf
-
-# Configure email
-grep -q "${EMAIL}" /etc/monitrc || echo "set alert ${EMAIL}" >> /etc/monitrc
-
-# Reload config
-monit reload
--- a/2
+++ b/2
@ -1,2 +0,0 @@
-set httpd port 2812
-  allow localhost
--- a/7
+++ b/7
@ -8,9 +8,8 @@ set eventqueue basedir /var/lib/monit/events slots 100
 set mailserver postfix
 set limits { programoutput: 1 MB }

-check program allow_networks
-  with path "/usr/local/bin/allow_networks"
-  every 1 cycles
-  if status = 0 then unmonitor
+set httpd port 2812
+  allow localhost
+  allow 172.0.0.0/8

 include /etc/monit.d/*.conf