added apache for ldap

This commit is contained in:
erik.novembit 2020-11-06 22:55:38 +04:00
parent 3bccd54e6c
commit 9966f67393
4 changed files with 68 additions and 29 deletions

View file

@ -1,11 +1,13 @@
{
"version": "0.1.0",
"id": "eriktad.prometheus.cloudronapp",
"healthCheckPath": "/-/healthy",
"httpPort": 9090,
"author": "Erik Tadevosyan",
"healthCheckPath": "healthcheck",
"httpPort": 8000,
"icon": "logo.png",
"addons": {
"localstorage": {}
"localstorage": {},
"ldap": {}
},
"manifestVersion": 2
}

View file

@ -2,6 +2,15 @@ FROM cloudron/base:2.0.0@sha256:f9fea80513aa7c92fe2e7bf3978b54c8ac5222f47a9a32a7
EXPOSE 3000
# configure apache
RUN rm /etc/apache2/sites-enabled/*
RUN sed -e 's,^ErrorLog.*,ErrorLog "|/bin/cat",' -i /etc/apache2/apache2.conf
RUN a2disconf other-vhosts-access-log
ADD apache/prometheus.conf /etc/apache2/sites-enabled/prometheus.conf
RUN echo "Listen 8000" > /etc/apache2/ports.conf
RUN a2enmod ldap authnz_ldap proxy proxy_http rewrite
# install Prometheus
RUN mkdir -p /usr/local/bin/prometheus && \
cd /usr/local/bin && \
wget -c https://github.com/prometheus/prometheus/releases/download/v2.22.0/prometheus-2.22.0.linux-amd64.tar.gz && \

46
apache/prometheus.conf Normal file
View file

@ -0,0 +1,46 @@
<VirtualHost *:8000>
DocumentRoot /usr/local/bin/prometheus
ErrorLog "/dev/stderr"
CustomLog "/dev/stdout" combined
<Location />
AllowOverride None
Order deny,allow
Deny from All
AuthType Basic
AuthBasicProvider ldap
AuthName "Use your Cloudron Account to login"
AuthLDAPURL ${CLOUDRON_LDAP_URL}/${CLOUDRON_LDAP_USERS_BASE_DN}?username?sub?(objectclass=user)
AuthLDAPBindDN "${CLOUDRON_LDAP_BIND_DN}"
AuthLDAPBindPassword "{CLOUDRON_LDAP_BIND_PASSWORD}"
Require valid-user
Satisfy any
ProxyPreserveHost On
ProxyErrorOverride Off
ProxyPass http://127.0.0.1:9090/
</Location>
<Location /healthcheck>
Order allow,deny
Allow from all
Satisfy Any
ErrorDocument 200 "ok"
RewriteEngine On
RewriteRule "/healthcheck" - [R=200]
</Location>
<Location /healthz>
Order allow,deny
Allow from all
Satisfy Any
ProxyPreserveHost On
ProxyErrorOverride Off
ProxyPass http://127.0.0.1:9090/
</Location>
</VirtualHost>

View file

@ -1,33 +1,15 @@
#!bin/sh
#!/bin/sh
set -x
# if [ ! -e /usr/local/bin/prometheus/prometheus.yml ]; then
# cat <<-EOF > "/usr/local/bin/prometheus/prometheus.yml"
# global:
# scrape_interval: 15s # By default, scrape targets every 15 seconds.
# # Attach these labels to any time series or alerts when communicating with
# # external systems (federation, remote storage, Alertmanager).
# external_labels:
# monitor: 'codelab-monitor'
# # A scrape configuration containing exactly one endpoint to scrape:
# # Here it's Prometheus itself.
# scrape_configs:
# # The job name is added as a label `job=<job_name>` to any timeseries scraped from this config.
# - job_name: 'prometheus'
# # Override the global default and scrape targets from this job every 5 seconds.
# scrape_interval: 5s
# static_configs:
# - targets: ['localhost:9090']
# EOF
# fi
echo "=> Starting apache"
APACHE_CONFDIR="" source /etc/apache2/envvars
rm -f "${APACHE_PID_FILE}"
/usr/sbin/apache2 -DFOREGROUND
echo "=> Ensure permissions"
chown -R cloudron:cloudron /run /app/data
chown -R cloudron:cloudron /usr/local/bin/prometheus
echo "=> Starting Prometheus"
cd /usr/local/bin/prometheus
./prometheus --config.file=prometheus.yml