added apache for ldap
This commit is contained in:
parent
3bccd54e6c
commit
9966f67393
4 changed files with 68 additions and 29 deletions
|
@ -1,11 +1,13 @@
|
|||
{
|
||||
"version": "0.1.0",
|
||||
"id": "eriktad.prometheus.cloudronapp",
|
||||
"healthCheckPath": "/-/healthy",
|
||||
"httpPort": 9090,
|
||||
"author": "Erik Tadevosyan",
|
||||
"healthCheckPath": "healthcheck",
|
||||
"httpPort": 8000,
|
||||
"icon": "logo.png",
|
||||
"addons": {
|
||||
"localstorage": {}
|
||||
"localstorage": {},
|
||||
"ldap": {}
|
||||
},
|
||||
"manifestVersion": 2
|
||||
}
|
|
@ -2,6 +2,15 @@ FROM cloudron/base:2.0.0@sha256:f9fea80513aa7c92fe2e7bf3978b54c8ac5222f47a9a32a7
|
|||
|
||||
EXPOSE 3000
|
||||
|
||||
# configure apache
|
||||
RUN rm /etc/apache2/sites-enabled/*
|
||||
RUN sed -e 's,^ErrorLog.*,ErrorLog "|/bin/cat",' -i /etc/apache2/apache2.conf
|
||||
RUN a2disconf other-vhosts-access-log
|
||||
ADD apache/prometheus.conf /etc/apache2/sites-enabled/prometheus.conf
|
||||
RUN echo "Listen 8000" > /etc/apache2/ports.conf
|
||||
RUN a2enmod ldap authnz_ldap proxy proxy_http rewrite
|
||||
|
||||
# install Prometheus
|
||||
RUN mkdir -p /usr/local/bin/prometheus && \
|
||||
cd /usr/local/bin && \
|
||||
wget -c https://github.com/prometheus/prometheus/releases/download/v2.22.0/prometheus-2.22.0.linux-amd64.tar.gz && \
|
||||
|
|
46
apache/prometheus.conf
Normal file
46
apache/prometheus.conf
Normal file
|
@ -0,0 +1,46 @@
|
|||
<VirtualHost *:8000>
|
||||
DocumentRoot /usr/local/bin/prometheus
|
||||
|
||||
ErrorLog "/dev/stderr"
|
||||
CustomLog "/dev/stdout" combined
|
||||
|
||||
<Location />
|
||||
AllowOverride None
|
||||
Order deny,allow
|
||||
Deny from All
|
||||
|
||||
AuthType Basic
|
||||
AuthBasicProvider ldap
|
||||
AuthName "Use your Cloudron Account to login"
|
||||
AuthLDAPURL ${CLOUDRON_LDAP_URL}/${CLOUDRON_LDAP_USERS_BASE_DN}?username?sub?(objectclass=user)
|
||||
AuthLDAPBindDN "${CLOUDRON_LDAP_BIND_DN}"
|
||||
AuthLDAPBindPassword "{CLOUDRON_LDAP_BIND_PASSWORD}"
|
||||
Require valid-user
|
||||
Satisfy any
|
||||
|
||||
ProxyPreserveHost On
|
||||
ProxyErrorOverride Off
|
||||
ProxyPass http://127.0.0.1:9090/
|
||||
</Location>
|
||||
|
||||
<Location /healthcheck>
|
||||
Order allow,deny
|
||||
Allow from all
|
||||
Satisfy Any
|
||||
|
||||
ErrorDocument 200 "ok"
|
||||
RewriteEngine On
|
||||
RewriteRule "/healthcheck" - [R=200]
|
||||
</Location>
|
||||
|
||||
<Location /healthz>
|
||||
Order allow,deny
|
||||
Allow from all
|
||||
Satisfy Any
|
||||
|
||||
ProxyPreserveHost On
|
||||
ProxyErrorOverride Off
|
||||
ProxyPass http://127.0.0.1:9090/
|
||||
</Location>
|
||||
|
||||
</VirtualHost>
|
32
start.sh
32
start.sh
|
@ -1,33 +1,15 @@
|
|||
#!bin/sh
|
||||
#!/bin/sh
|
||||
|
||||
set -x
|
||||
|
||||
# if [ ! -e /usr/local/bin/prometheus/prometheus.yml ]; then
|
||||
# cat <<-EOF > "/usr/local/bin/prometheus/prometheus.yml"
|
||||
# global:
|
||||
# scrape_interval: 15s # By default, scrape targets every 15 seconds.
|
||||
|
||||
# # Attach these labels to any time series or alerts when communicating with
|
||||
# # external systems (federation, remote storage, Alertmanager).
|
||||
# external_labels:
|
||||
# monitor: 'codelab-monitor'
|
||||
|
||||
# # A scrape configuration containing exactly one endpoint to scrape:
|
||||
# # Here it's Prometheus itself.
|
||||
# scrape_configs:
|
||||
# # The job name is added as a label `job=<job_name>` to any timeseries scraped from this config.
|
||||
# - job_name: 'prometheus'
|
||||
|
||||
# # Override the global default and scrape targets from this job every 5 seconds.
|
||||
# scrape_interval: 5s
|
||||
|
||||
# static_configs:
|
||||
# - targets: ['localhost:9090']
|
||||
# EOF
|
||||
# fi
|
||||
echo "=> Starting apache"
|
||||
APACHE_CONFDIR="" source /etc/apache2/envvars
|
||||
rm -f "${APACHE_PID_FILE}"
|
||||
/usr/sbin/apache2 -DFOREGROUND
|
||||
|
||||
echo "=> Ensure permissions"
|
||||
chown -R cloudron:cloudron /run /app/data
|
||||
chown -R cloudron:cloudron /usr/local/bin/prometheus
|
||||
|
||||
echo "=> Starting Prometheus"
|
||||
cd /usr/local/bin/prometheus
|
||||
./prometheus --config.file=prometheus.yml
|
Loading…
Reference in a new issue