FROM alpine:edge EXPOSE 22 80 443 # 1. common tools # 2. programing languages # 3. icinga2 stuff # 4. letsencrypt deps ENV POSTGRES_VERSION=9.5.2-r1 RUN apk add --no-cache --update \ bind-tools tcpdump openssh lsof curl wget git mercurial strace tmux vim rsync htop bash openssl \ ruby python go build-base \ nginx postgresql==$POSTGRES_VERSION icinga2 icinga2-bash-completion icingaweb2 icingaweb2-bash-completion nagios-plugins \ py-requests py-setuptools && \ mkdir -p /run/nginx # sshd RUN /usr/bin/ssh-keygen -A && \ sed -i -e "s!/root:/bin/ash!/root/:/bin/bash!" /etc/passwd ## temporary keys until letsencrypt certificate is generated RUN mkdir -p /etc/ssl/letsencrypt/nginx /etc/ssl/letsencrypt/influxdb && \ cd /etc/ssl/letsencrypt && \ openssl req -subj "/C=DE/ST=Saxony/L=Dresden/O=Evenet/OU=IT Department/CN=higgsboson.tk" \ -nodes -x509 -newkey rsa:2048 -keyout nginx/key.pem -out nginx/fullchain.pem -days 5 && \ cat nginx/key.pem nginx/fullchain.pem > influxdb/combined.pem ## S6 supervisor RUN curl -sSL https://github.com/just-containers/s6-overlay/releases/download/v1.17.2.0/s6-overlay-amd64.tar.gz | tar -xzf - -C / ENTRYPOINT ["/init"] ENV INFLUXDB_VERSION=0.12.2 ## Influxdb RUN export GOPATH=/tmp/go \ && mkdir -p /etc/influxdb/ $GOPATH/src/github.com/influxdata \ && curl -sSL https://github.com/influxdata/influxdb/archive/v${INFLUXDB_VERSION}.tar.gz | tar -xzf - -C /tmp \ && mv /tmp/influxdb-* $GOPATH/src/github.com/influxdata/influxdb \ && cd $GOPATH/src/github.com/influxdata/influxdb \ && go get github.com/sparrc/gdm \ && export PATH=$GOPATH/bin:$PATH \ && gdm restore \ && go install ./... \ && cp $GOPATH/bin/influx* /usr/bin/ \ && rm -rf $GOPATH \ && addgroup -g 1001 influxdb \ && adduser -h /var/lib/influxdb -u 1001 -G influxdb -D influxdb \ && mkdir -p /backup/influxdb ## Grafana RUN apk add --no-cache nodejs \ && export GOPATH=/tmp/go \ && mkdir -p /opt/grafana/conf $GOPATH/src/github.com/grafana/ \ && curl -sSL https://github.com/grafana/grafana/archive/v3.0.0-beta6.tar.gz | tar -xzf - -C /tmp \ && mv /tmp/grafana-* $GOPATH/src/github.com/grafana/grafana \ && cd $GOPATH/src/github.com/grafana/grafana \ && npm install \ && npm install -g grunt-cli \ && grunt \ && npm uninstall -g grunt-cli \ && apk del --purge nodejs \ && go run build.go setup \ && $GOPATH/bin/godep restore \ && go run build.go build \ && mkdir -p /usr/share/grafana/conf \ && cp -a bin/grafana-server bin/grafana-cli /usr/bin/ \ && cp -ra public_gen /usr/share/grafana/public \ && cp conf/sample.ini /etc/grafana.ini \ && cp conf/defaults.ini /usr/share/grafana/conf/defaults.ini \ && rm -rf $GOPATH /root/.npm* \ && addgroup -g 1002 grafana \ && adduser -h /usr/share/grafana -u 1002 -G grafana -D grafana ## simp_le RUN apk --no-cache add libffi-dev python-dev openssl-dev && \ curl -sSL https://github.com/kuba/simp_le/archive/master.tar.gz | tar -xzf - -C /tmp && \ cd /tmp/simp_le-master && \ python ./setup.py install && \ rm -rf /tmp/simp_le-master && apk del git py-pip libffi-dev python-dev openssl-dev && \ echo "3 10 * * * /usr/bin/update-certs" >> /etc/crontabs/root ## postgres RUN mkdir -p /backup/postgresql /var/lib/postgresql/data RUN icinga2 feature enable ido-pgsql graphite api checker command notification perfdata VOLUME ["/var/lib/influxdb/data", \ "/var/lib/influxdb/meta", \ "/var/lib/postgresql/", \ "/var/lib/grafana", \ "/etc/icinga2", \ "/var/lib/icinga2", \ "/etc/icingaweb2", \ "/usr/share/icingaweb2", \ "/etc/ssmtp", \ "/backup"] ADD . / RUN chown 400 /etc/secrets && . /etc/secrets && \ sed -i -e "s/admin_password = replaceme/admin_password = $GRAFANA_PASSWORD/" /etc/grafana.ini