added apache for ldap

2024-11-22 08:21:02 +00:00 · 2020-11-06 22:55:38 +04:00 · 2020-11-06 22:55:38 +04:00 · 9966f67393
commit 9966f67393
parent 3bccd54e6c
4 changed files with 68 additions and 29 deletions
--- a/CloudronManifest.json
+++ b/CloudronManifest.json
@ -1,11 +1,13 @@
 {
  "version": "0.1.0",
  "id": "eriktad.prometheus.cloudronapp",
-  "healthCheckPath": "/-/healthy",
+  "author": "Erik Tadevosyan",
-  "httpPort": 9090,
+  "healthCheckPath": "healthcheck",
  "httpPort": 8000,
  "icon": "logo.png",
  "addons": {
-    "localstorage": {}
+    "localstorage": {},
    "ldap": {}
  },
  "manifestVersion": 2
 }
--- a/9
+++ b/9
@ -2,6 +2,15 @@ FROM cloudron/base:2.0.0@sha256:f9fea80513aa7c92fe2e7bf3978b54c8ac5222f47a9a32a7
 EXPOSE 3000
 # configure apache
 RUN rm /etc/apache2/sites-enabled/*
 RUN sed -e 's,^ErrorLog.*,ErrorLog "|/bin/cat",' -i /etc/apache2/apache2.conf
 RUN a2disconf other-vhosts-access-log
 ADD apache/prometheus.conf /etc/apache2/sites-enabled/prometheus.conf
 RUN echo "Listen 8000" > /etc/apache2/ports.conf
 RUN a2enmod ldap authnz_ldap proxy proxy_http rewrite
 # install Prometheus
 RUN mkdir -p /usr/local/bin/prometheus && \
    cd /usr/local/bin && \
    wget -c https://github.com/prometheus/prometheus/releases/download/v2.22.0/prometheus-2.22.0.linux-amd64.tar.gz && \
--- a/apache/prometheus.conf
+++ b/apache/prometheus.conf
@ -0,0 +1,46 @@
 <VirtualHost *:8000>
    DocumentRoot /usr/local/bin/prometheus
    ErrorLog "/dev/stderr"
    CustomLog "/dev/stdout" combined
    <Location />
        AllowOverride None
        Order deny,allow
        Deny from All
        AuthType Basic
        AuthBasicProvider ldap
        AuthName "Use your Cloudron Account to login"
        AuthLDAPURL ${CLOUDRON_LDAP_URL}/${CLOUDRON_LDAP_USERS_BASE_DN}?username?sub?(objectclass=user)
        AuthLDAPBindDN "${CLOUDRON_LDAP_BIND_DN}"
        AuthLDAPBindPassword "{CLOUDRON_LDAP_BIND_PASSWORD}"
        Require valid-user
        Satisfy any
        ProxyPreserveHost On
        ProxyErrorOverride Off
        ProxyPass http://127.0.0.1:9090/
    </Location>
    <Location /healthcheck>
        Order allow,deny
        Allow from all
        Satisfy Any
        ErrorDocument 200 "ok"
        RewriteEngine On
        RewriteRule "/healthcheck" - [R=200]
    </Location>
    <Location /healthz>
        Order allow,deny
        Allow from all
        Satisfy Any
        ProxyPreserveHost On
        ProxyErrorOverride Off
        ProxyPass http://127.0.0.1:9090/
    </Location>
 </VirtualHost>
--- a/start.sh
+++ b/start.sh
@ -1,33 +1,15 @@
-#!bin/sh
+#!/bin/sh
 set -x
-# if [ ! -e /usr/local/bin/prometheus/prometheus.yml ]; then
+echo "=> Starting apache"
-#         cat <<-EOF > "/usr/local/bin/prometheus/prometheus.yml"
+APACHE_CONFDIR="" source /etc/apache2/envvars
-# global:
+rm -f "${APACHE_PID_FILE}"
-# scrape_interval:     15s # By default, scrape targets every 15 seconds.
+/usr/sbin/apache2 -DFOREGROUND
 # # Attach these labels to any time series or alerts when communicating with
 # # external systems (federation, remote storage, Alertmanager).
 # external_labels:
 # monitor: 'codelab-monitor'
 # # A scrape configuration containing exactly one endpoint to scrape:
 # # Here it's Prometheus itself.
 # scrape_configs:
 # # The job name is added as a label `job=<job_name>` to any timeseries scraped from this config.
 # - job_name: 'prometheus'
 # # Override the global default and scrape targets from this job every 5 seconds.
 # scrape_interval: 5s
 # static_configs:
 # - targets: ['localhost:9090']
 # EOF
 # fi
 echo "=> Ensure permissions"
-chown -R cloudron:cloudron /run /app/data
+chown -R cloudron:cloudron /usr/local/bin/prometheus
 echo "=> Starting Prometheus"
 cd /usr/local/bin/prometheus
 ./prometheus --config.file=prometheus.yml