icinga2-container/Dockerfile

99 lines
3.8 KiB
Docker

FROM alpine:edge
EXPOSE 22 80 443
# 1. common tools
# 2. programing languages
# 3. icinga2 stuff
# 4. letsencrypt deps
ENV POSTGRES_VERSION=9.5.2-r1
RUN apk add --no-cache --update \
bind-tools tcpdump openssh lsof curl wget git mercurial strace tmux vim rsync htop bash openssl \
ruby python go build-base \
nginx postgresql==$POSTGRES_VERSION icinga2 icinga2-bash-completion icingaweb2 icingaweb2-bash-completion nagios-plugins \
py-requests py-setuptools && \
mkdir -p /run/nginx
# sshd
RUN /usr/bin/ssh-keygen -A && \
sed -i -e "s!/root:/bin/ash!/root/:bin/bash!" /etc/passwd
## temporary keys until letsencrypt certificate is generated
RUN mkdir -p /etc/ssl/letsencrypt/nginx /etc/ssl/letsencrypt/influxdb && \
cd /etc/ssl/letsencrypt && \
openssl req -subj "/C=DE/ST=Saxony/L=Dresden/O=Evenet/OU=IT Department/CN=higgsboson.tk" \
-nodes -x509 -newkey rsa:2048 -keyout nginx/key.pem -out nginx/fullchain.pem -days 5 && \
cat nginx/key.pem nginx/fullchain.pem > influxdb/combined.pem
## S6 supervisor
RUN curl -sSL https://github.com/just-containers/s6-overlay/releases/download/v1.17.2.0/s6-overlay-amd64.tar.gz | tar -xzf - -C /
ENTRYPOINT ["/init"]
ENV INFLUXDB_VERSION=0.12.2
## Influxdb
RUN export GOPATH=/tmp/go \
&& mkdir -p /etc/influxdb/ $GOPATH/src/github.com/influxdata \
&& curl -sSL https://github.com/influxdata/influxdb/archive/v${INFLUXDB_VERSION}.tar.gz | tar -xzf - -C /tmp \
&& mv /tmp/influxdb-* $GOPATH/src/github.com/influxdata/influxdb \
&& cd $GOPATH/src/github.com/influxdata/influxdb \
&& go get github.com/sparrc/gdm \
&& export PATH=$GOPATH/bin:$PATH \
&& gdm restore \
&& go install ./... \
&& cp $GOPATH/bin/influx* /usr/bin/ \
&& rm -rf $GOPATH \
&& addgroup -g 1001 influxdb \
&& adduser -h /var/lib/influxdb -u 1001 -G influxdb -D influxdb \
&& mkdir -p /backup/influxdb
## Grafana
RUN apk add --no-cache nodejs \
&& export GOPATH=/tmp/go \
&& mkdir -p /opt/grafana/conf $GOPATH/src/github.com/grafana/ \
&& curl -sSL https://github.com/grafana/grafana/archive/v3.0.0-beta6.tar.gz | tar -xzf - -C /tmp \
&& mv /tmp/grafana-* $GOPATH/src/github.com/grafana/grafana \
&& cd $GOPATH/src/github.com/grafana/grafana \
&& npm install \
&& npm install -g grunt-cli \
&& grunt \
&& npm uninstall -g grunt-cli \
&& apk del --purge nodejs \
&& go run build.go setup \
&& $GOPATH/bin/godep restore \
&& go run build.go build \
&& mkdir -p /usr/share/grafana/conf \
&& cp -a bin/grafana-server bin/grafana-cli /usr/bin/ \
&& cp -ra public_gen /usr/share/grafana/public \
&& cp conf/sample.ini /etc/grafana.ini \
&& cp conf/defaults.ini /usr/share/grafana/conf/defaults.ini \
&& rm -rf $GOPATH /root/.npm* \
&& addgroup -g 1002 grafana \
&& adduser -h /usr/share/grafana -u 1002 -G grafana -D grafana
## simp_le
RUN apk --no-cache add libffi-dev python-dev openssl-dev && \
curl -sSL https://github.com/kuba/simp_le/archive/master.tar.gz | tar -xzf - -C /tmp && \
cd /tmp/simp_le-master && \
python ./setup.py install && \
rm -rf /tmp/simp_le-master && apk del git py-pip libffi-dev python-dev openssl-dev && \
echo "3 10 * * * /usr/bin/update-certs" >> /etc/crontabs/root
## postgres
RUN mkdir -p /backup/postgresql /var/lib/postgresql/data
RUN icinga2 feature enable ido-pgsql graphite api checker command notification perfdata
VOLUME ["/var/lib/influxdb/data", \
"/var/lib/influxdb/meta", \
"/var/lib/postgresql/", \
"/var/lib/grafana", \
"/etc/icinga2", \
"/var/lib/icinga2", \
"/etc/icingaweb2", \
"/usr/share/icingaweb2", \
"/etc/ssmtp", \
"/backup"]
ADD . /
RUN chown 400 /etc/secrets && . /etc/secrets && \
sed -i -e "s/admin_password = replaceme/admin_password = $GRAFANA_PASSWORD/" /etc/grafana.ini