diff options
| -rw-r--r-- | ansible/playbook-test.yml | 4 | ||||
| -rw-r--r-- | build/test/gondul-db-test.Dockerfile | 6 | ||||
| -rw-r--r-- | build/test/gondul-grafana-test.Dockerfile | 14 | ||||
| -rw-r--r-- | build/test/pg_hba.tail | 1 | ||||
| -rwxr-xr-x | build/test/postgres.sh | 17 | ||||
| -rw-r--r-- | doc/Gondul.png | bin | 0 -> 177521 bytes | |||
| -rw-r--r-- | extras/misc/varnish-auth.vcl | 26 |
7 files changed, 59 insertions, 9 deletions
diff --git a/ansible/playbook-test.yml b/ansible/playbook-test.yml index c125160..6bb95ec 100644 --- a/ansible/playbook-test.yml +++ b/ansible/playbook-test.yml @@ -7,7 +7,7 @@ vars: - images: - name: "gondul-db-test" - volumes: [ "{{ pwd.stdout }}/:/opt/gondul" ] + volumes: [ "{{ pwd.stdout }}/:/opt/gondul", "{{ pwd.stdout }}/data/postgresql:/var/lib/postgresql" ] links: [] ports: [] - name: "gondul-graphite-test" @@ -16,7 +16,7 @@ ports: [] - name: "gondul-grafana-test" volumes: [ "{{ pwd.stdout }}/:/opt/gondul" , "{{ pwd.stdout }}/data/grafana:/var/lib/grafana" ] - links: ["gondul-graphite-test:graphite" ] + links: ["gondul-graphite-test:graphite","gondul-db-test:db" ] ports: [] - name: "gondul-front-test" volumes: [ "{{ pwd.stdout }}/:/opt/gondul" ] diff --git a/build/test/gondul-db-test.Dockerfile b/build/test/gondul-db-test.Dockerfile index b3d013b..38febc6 100644 --- a/build/test/gondul-db-test.Dockerfile +++ b/build/test/gondul-db-test.Dockerfile @@ -2,10 +2,8 @@ FROM debian:jessie RUN apt-get update && apt-get install -y postgresql-9.4 ADD build/test/pg_hba.tail /pg_hba.tail RUN cat /pg_hba.tail >> /etc/postgresql/9.4/main/pg_hba.conf -RUN service postgresql start && su postgres -c "psql --command=\"CREATE ROLE nms PASSWORD 'risbrod' NOSUPERUSER NOCREATEDB NOCREATEROLE INHERIT LOGIN;\"" && su postgres -c "createdb -O nms nms" && service postgresql stop -ADD build/schema.sql /schema.sql -RUN service postgresql start && su postgres -c "cat /schema.sql | psql nms" && service postgresql stop ADD build/test/postgresql.conf /etc/postgresql/9.4/main/postgresql.conf RUN echo "listen_addresses = '*'" >> /etc/postgresql/9.4/main/postgresql.conf -CMD pg_ctlcluster --foreground 9.4 main start +CMD /opt/gondul/build/test/postgres.sh +VOLUME /var/lib/postgresql EXPOSE 5432 diff --git a/build/test/gondul-grafana-test.Dockerfile b/build/test/gondul-grafana-test.Dockerfile index 33c69b4..be808d3 100644 --- a/build/test/gondul-grafana-test.Dockerfile +++ b/build/test/gondul-grafana-test.Dockerfile @@ -1,8 +1,16 @@ -FROM grafana/grafana:4.0.0-beta1 +FROM grafana/grafana:4.0.0-beta2 ENV GF_SERVER_ROOT_URL http://nms-dev.gathering.org/grafana/ ENV GF_METRICS_GRAPHITE_ADDRESS graphite:2003 ENV GF_METRICS_GRAPHITE_PREFIX grafana.%(instance_name)s. +ENV GF_DATABASE_TYPE postgres +ENV GF_DATABASE_HOST db:5432 +ENV GF_DATABASE_NAME grafana +ENV GF_DATABASE_USER grafana +ENV GF_DATABASE_PASSWORD grafana +ENV GF_DATABASE_SSL_MODE require +ENV GF_AUTH_PROXY_ENABLED true +ENV GF_AUTH_DISABLE_LOGIN_FORM true ENV GF_EXTERNAL_IMAGE_STORAGE_PROVIDER internal ENV GF_EXTERNAL_IMAGE_STORAGE_S3_BUCKET_URL http://grafana.situla.bitbit.net/ -ENV GF_EXTERNAL_IMAGE_STORAGE_S3_ACCESS_KEY 8KMMX9F3VZZ6MAZOGFF6 -ENV GF_EXTERNAL_IMAGE_STORAGE_S3_SECRET_KEY dTuAqxPGE5SFbtEmJxoZ9Y3AHINOZ5ju0IPfoqfA +ENV GF_EXTERNAL_IMAGE_STORAGE_S3_ACCESS_KEY 8KMMX9F3VZZ6MAZOGFF6-yes-I-knw +ENV GF_EXTERNAL_IMAGE_STORAGE_S3_SECRET_KEY dTuAqxPGE5SFbtEmJxoZ9Y3AHINOZ5ju0IPfoqfA-no-it-doesnt-work diff --git a/build/test/pg_hba.tail b/build/test/pg_hba.tail index 60b8c53..ecf6295 100644 --- a/build/test/pg_hba.tail +++ b/build/test/pg_hba.tail @@ -1 +1,2 @@ host nms nms 172.17.0.0/16 md5 +host grafana grafana 172.17.0.0/16 md5 diff --git a/build/test/postgres.sh b/build/test/postgres.sh new file mode 100755 index 0000000..1540d97 --- /dev/null +++ b/build/test/postgres.sh @@ -0,0 +1,17 @@ +#!/bin/bash +set -e +if [ ! -d /var/lib/postgresql/9.4/main ]; then + echo Bootstrapping DB + mkdir -p /var/lib/postgresql/9.4/main + chown -R postgres /var/lib/postgresql/9.4 + su postgres -c '/usr/lib/postgresql/9.4/bin/initdb /var/lib/postgresql/9.4/main' + service postgresql start + su postgres -c "psql --command=\"CREATE ROLE nms PASSWORD 'risbrod' NOSUPERUSER NOCREATEDB NOCREATEROLE INHERIT LOGIN;\"" + su postgres -c "createdb -O nms nms" + su postgres -c "psql --command=\"CREATE ROLE grafana PASSWORD 'grafana' NOSUPERUSER NOCREATEDB NOCREATEROLE INHERIT LOGIN;\"" + su postgres -c "createdb -O grafana grafana" + su postgres -c "cat /opt/gondul/build/schema.sql | psql nms" + service postgresql stop + echo Bootstrap done +fi +exec pg_ctlcluster --foreground 9.4 main start diff --git a/doc/Gondul.png b/doc/Gondul.png Binary files differnew file mode 100644 index 0000000..9625f40 --- /dev/null +++ b/doc/Gondul.png diff --git a/extras/misc/varnish-auth.vcl b/extras/misc/varnish-auth.vcl new file mode 100644 index 0000000..c73e3ad --- /dev/null +++ b/extras/misc/varnish-auth.vcl @@ -0,0 +1,26 @@ +# Example auth-config for varnish + gondul +# Stick this in the data/ directory and Varnish will use it. +# Unless you set X-Webauth-User, grafana will not work. +# The username/password can be generated with echo -n foo:bar | base64 + +acl white { + "127.0.0.0"/8; + "172.16.0.0"/12; + "192.168.0.0"/16; + "10.0.0.0"/8; +} + +sub vcl_recv { + if (client.ip !~ white && req.http.Authorization != "Basic Zm9vOmJhcg==") { + return(synth(401)); + } else { + unset req.http.Authorization; + set req.http.X-Webauth-User = "admin"; + } +} + +sub vcl_synth { + if (resp.status == 401) { + set resp.http.WWW-Authenticate = {"Basic realm="WHAT .... is your favorite color?""}; + } +} |
