diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..615b047 --- /dev/null +++ b/.gitignore @@ -0,0 +1,6 @@ +# From kateproject +.kateproject +.kateproject.d +.directory + +*swp diff --git a/conf/monitorix-alert.sh b/conf/monitorix-alert.sh new file mode 100644 index 0000000..2544ecf --- /dev/null +++ b/conf/monitorix-alert.sh @@ -0,0 +1,40 @@ +#!/bin/sh +# +# Example script used to execute an alert action. +# +# This script assumes that you symlink your alert scripts like this: +# disk.pendsect-alert.sh -> monitorix-alert.sh +# disk.realloc-alert.sh -> monitorix-alert.sh +# mail.mqueued-alert.sh -> monitorix-alert.sh +# system.loadavg-alert.sh -> monitorix-alert.sh +# ... +# So you only use one script (saving disk space) and its prefix will +# appear in the subject and contents of the email, so you will easily +# identify the source of the alert. +# + +MAILTO="__ALERTS_EMAIL__" + +if [ $# != 3 ] && [ $# != 4 ] ; then + echo "$0: Wrong number of arguments." + exit 1 +fi + +ALERT_TIMEINTVL=$1 +ALERT_THRESHOLD=$2 +current_value=$3 +ALERT_WHEN=$4 +ALERT=`basename $0 | cut -f1 -d-` + +( +cat << EOF +Message from hostname '$HOSTNAME' for '$ALERT' alert. + +This system is reaching/exceeding ($ALERT_WHEN) the defined threshold value ($ALERT_THRESHOLD) during the last '$ALERT_TIMEINTVL' seconds. + +The current value is: $current_value + +Please take proper actions to correct this situation. +EOF +) | mail -s "WARNING: Monitorix alert ($ALERT) from '$HOSTNAME'!" $MAILTO + diff --git a/conf/monitorix.conf b/conf/monitorix.conf index a8d18a5..61c65e8 100644 --- a/conf/monitorix.conf +++ b/conf/monitorix.conf @@ -5,35 +5,41 @@ title = Yunohost Stats hostname = Yunohost Server -theme_color = black +theme_color = {{ theme_color }} refresh_rate = 150 iface_mode = graph enable_zoom = y +priority = {{ process_priority }} netstats_in_bps = y +netstats_mode = overlapped disable_javascript_void = y temperature_scale = c show_gaps = n global_zoom = 1 -max_historic_years = 5 +max_historic_years = {{ max_historic_years }} accept_selfsigned_certs = y -image_format = svg +image_format = {{ image_format }} +enable_parallelizing = y +enable_rrd_lock = n include_dir = /etc/monitorix/conf.d +enable_hourly_view = {{ enable_hourly_view }} -base_dir = /var/lib/monitorix/www/ -base_lib = /var/lib/monitorix/ -base_url = __PATH__ -base_cgi = __PATH__/cgi +base_dir = {{ data_dir }}/www/ +base_lib = {{ data_dir }}/ +base_url = {{ path }} +base_cgi = {{ path.rstrip('/') }}/cgi enabled = y host = localhost - port = __PORT__ - user = www-data - group = nogroup - log_file = /var/log/monitorix-httpd.log + port = {{ port }} + user = {{ app }} + group = {{ app }} + log_file = /var/log/{{ app }}/httpd.log hosts_deny = hosts_allow = https_url = y + autocheck_responsiveness = n enabled = n msg = Monitorix: Restricted access @@ -44,11 +50,11 @@ base_cgi = __PATH__/cgi # Log files pathnames # ----------------------------------------------------------------------------- -log_file = /var/log/monitorix.log +log_file = /var/log/{{ app }}/monitorix.log secure_log = /var/log/secure -mail_log = /var/log/maillog +mail_log = /var/log/mail.log milter_gl = /var/milter-greylist/greylist.db -imap_log = /var/log/imap +imap_log = /var/log/mail.log hylafax_log = /var/spool/hylafax/etc/xferfaxlog cups_log = /var/log/cups/page_log ftp_log = /var/log/proftpd/access.log @@ -76,18 +82,24 @@ secure_log_date_format = %b %e system = y kern = y proc = y + amdenergy = n + intelrapl = n hptemp = n lmsens = n gensens = n ipmi = n ambsens = n + amdgpu = n + nvidiagpu = n nvidia = n disk = n + nvme = n fs = y zfs = n - du = n + du = y net = y netstat = y + tinyproxy = n tc = n libvirt = n process = y @@ -99,7 +111,8 @@ secure_log_date_format = %b %e apache = n nginx = y lighttpd = n - mysql = y + mysql = {% if mysql_installed == 'true' %}y{% else %}n{% endif %} + pgsql = {% if postgresql_installed == 'true' %}y{% else %}n{% endif %} mongodb = n varnish = n pagespeed = n @@ -114,8 +127,9 @@ secure_log_date_format = %b %e icecast = n raspberrypi = n phpapc = n - memcached = n - phpfpm = n + memcached = {% if memcached_installed == 'true' %}y{% else %}n{% endif %} + redis = {% if redis_installed == 'true' %}y{% else %}n{% endif %} + phpfpm = {% if phpfpm_installed == 'true' %}y{% else %}n{% endif %} apcupsd = n nut = n wowza = n @@ -127,14 +141,14 @@ secure_log_date_format = %b %e # SYSTEM graph # ----------------------------------------------------------------------------- - rigid = 1, 0 - limit = 1, 100 - loadavg_enabled = n - loadavg_timeintvl = 3600 - loadavg_threshold = 5.0 - loadavg_script = /path/to/script.sh + loadavg_enabled = {{ system_alerts_loadavg_enabled }} + loadavg_timeintvl = {{ system_alerts_loadavg_timeintvl }} + loadavg_threshold = {{ system_alerts_loadavg_threshold }} + loadavg_script = {{ install_dir }}/system.loadavg-alert.sh + rigid = 1, 0, 0, 0, 0 + limit = 1, 1000, 1000, 1000, 1000 @@ -168,6 +182,74 @@ secure_log_date_format = %b %e limit = 100 +# AMD power consumption graph +# ----------------------------------------------------------------------------- + + + 0 = amd_energy-isa-0000 + + + amd_energy-isa-0000 = AMD CPU + + + amd_energy-isa-0000 = 32 + + + + rigid = 0 + limit = 100 + use_nan_for_missing_data = n + gap_on_all_nan = n + + + +# INTELRAPL graph +# ----------------------------------------------------------------------------- + + + 0 = core, uncore, package, dram + 1 = dram + + + 0 = CPU 1 + 1 = DRAM modules + + + core = /sys/class/powercap/intel-rapl:0:0/energy_uj + uncore = /sys/class/powercap/intel-rapl:0:1/energy_uj + package = /sys/class/powercap/intel-rapl:0/energy_uj + dram = /sys/class/powercap/intel-rapl:0:2/energy_uj + + + package = Package + core = Cores + uncore = IGP + dram = DRAM + + + 0 = package + + + 0 = core, uncore + + + 0 = Non-Core + + + 0 = CPU power distribution + 1 = Memory power distribution + + + + + + rigid = 0 + limit = 100 + use_nan_for_missing_data = n + gap_on_all_nan = n + show_noncore_info = n + max_number_of_values_per_group = 10 + # HPTEMP graph # ----------------------------------------------------------------------------- @@ -175,6 +257,8 @@ secure_log_date_format = %b %e graph_0 = 2, 3 graph_1 = 1, 6 graph_2 = 16, 18, 19, 20, 21, 22 + + @@ -198,43 +282,173 @@ secure_log_date_format = %b %e volt6 = \-5V volt7 = Battery gpu0 = - #gpu0 = nvidia #enable that if you need nvidia gpu monitoring + + # GENSENS graph # ----------------------------------------------------------------------------- - - 0 = temp0 - 1 = cpu0 - - - temp0 = /sys/devices/virtual/thermal/thermal_zone0/temp - cpu0 = /sys/devices/system/cpu/cpu0/cpufreq/scaling_cur_freq - - - temp0 = 1000 - cpu0 = 0.001 - - - temp0 = Temperature Zone 0 - cpu0 = CPU0 frequency - - rigid = 0, 0 - limit = 100, 100 + + 0 = temp0 + 1 = cpu0 + 2 = bat0 + + + 0 = Temperatures + 1 = CPU frequency + 2 = Battery status + + + temp0 = /sys/devices/virtual/thermal/thermal_zone0/temp + cpu0 = /sys/devices/system/cpu/cpu0/cpufreq/scaling_cur_freq + bat0 = /sys/class/power_supply/BAT0/capacity + + + temp0 = 1000 + cpu0 = 0.001 + bat0 = 1 + + + temp0 = Temperature Zone 0 + cpu0 = CPU0 frequency + bat0 = Battery 0 + + + + rigid = 0, 0, 2 + limit = 100, 100, 100 +# IPMI graph +# ----------------------------------------------------------------------------- + + list = Temperatures, Fans, Voltages + + 0 = CPU Temp, System Temp + 1 = FAN 1 + 2 = Vcore, 3.3VCC, 12V, VDIMM, 5VCC, CPU VTT, VBAT, VSB, AVCC + + + 0 = degrees C + 1 = RPM + 2 = Volts + + + + + + graphs_per_row = 2 + rigid = 0 + limit = 100 + + + +# AMBSENS graph +# ----------------------------------------------------------------------------- + + list = Ambient Temperature + + 0 = at1 + + + 0 = Celsius + + + at1 = /path/to/script.sh + + + at1 = Gold TEMPer PC USB + + + + graphs_per_row = 2 + rigid = 0 + limit = 100 + + + +# AMDgpu graph +# ----------------------------------------------------------------------------- + + + 0 = amd-w6800, amd-wx5100 + + rigid = 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 + limit = 100, 100, 100, 100, 100, 100, 100, 100, 100, 100 + use_nan_for_missing_data = y + gap_on_all_nan = y + accept_invalid_amdgpu = n + show_current_values = y + + amd-w6800 = W 6800 + amd-wx5100 = WX 5100 + + + amd-w6800 = /dev/device1/gpu_busy_percent, /dev/device1/mem_busy_percent, /dev/device1/freq1_input, /dev/device1/freq2_input, /dev/device1/mem_info_vram_used, /dev/device1/power1_average, /dev/device1/power1_cap, /dev/device1/pwm1, /dev/device1/temp1_input, /dev/device1/temp2_input, /dev/device1/temp3_input + amd-wx5100 = /dev/device2/gpu_busy_percent, /dev/device2/mem_busy_percent, /dev/device2/freq1_input, /dev/device2/freq2_input, /dev/device2/mem_info_vram_used, /dev/device2/power1_average, /dev/device2/power1_cap, /dev/device2/pwm1, /dev/device2/temp1_input, , + + + respect_power_state = n + + amd-w6800 = /dev/device1/power_state + amd-wx5100 = /dev/device2/power_state + + + + coretemp_enabled = n + coretemp_timeintvl = 0 + coretemp_threshold = 1 + coretemp_script = /path/to/script.sh + memorytemp_enabled = n + memorytemp_timeintvl = 0 + memorytemp_threshold = 1 + memorytemp_script = /path/to/script.sh + + + + +# NVIDIAgpu graph +# ----------------------------------------------------------------------------- + + + 0 = 0, 1 + + rigid = 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 + limit = 100, 100, 100, 100, 100, 100, 100, 100, 100, 100 + use_nan_for_missing_data = y + gap_on_all_nan = y + show_current_values = y + + 0 = RTX 3090 + 1 = RTX 3080 + + + coretemp_enabled = n + coretemp_timeintvl = 0 + coretemp_threshold = 1 + coretemp_script = /path/to/script.sh + memorytemp_enabled = n + memorytemp_timeintvl = 0 + memorytemp_threshold = 1 + memorytemp_script = /path/to/script.sh + + + + # NVIDIA graph # ----------------------------------------------------------------------------- - max = 1 - rigid = 1, 2, 2 - limit = 50, 100, 100 + max = 1 + + + rigid = 1, 2, 2 + limit = 50, 100, 100 @@ -244,6 +458,8 @@ secure_log_date_format = %b %e 0 = /dev/sda, /dev/sdb, /dev/sdc + + realloc_enabled = n realloc_timeintvl = 0 @@ -256,21 +472,51 @@ secure_log_date_format = %b %e +# NVMe graph +# ----------------------------------------------------------------------------- + + + 0 = /dev/nvme0 + + rigid = 0, 0, 0, 0, 0, 0, 0, 0, 0 + limit = 10, 100, 100, 100, 100, 100, 100, 100, 100 + show_extended_plots = y + + availspare_enabled = n + availspare_timeintvl = 0 + availspare_threshold = 10 + availspare_script = /path/to/script.sh + percentused_enabled = n + percentused_timeintvl = 0 + percentused_threshold = 90 + percentused_script = /path/to/script.sh + + + # FS graph # ----------------------------------------------------------------------------- - - 0 = /, swap - - - - - - rigid = 2, 0, 2, 0 - limit = 100, 1000, 100, 1000 - - + + 0 = /, swap {% for part in mount_parts.splitlines() %}, {{ part }}{% endfor %} + + + / = Root FS +{%- for part in mount_parts.splitlines() %} + {{ part }} = {{ part | trim('/') }} +{%- endfor %} + + + + rigid = 2, 0, 2, 0 + limit = 100, 1000, 100, 1000 + +{%- if disk_alerts_loadavg_enabled == 'true' %} + {%- for part in mount_parts.splitlines() %} + {{ part }} = {{ disk_alerts_loadavg_timeintvl }}, {{ disk_alerts_loadavg_threshold }}, {{ install_dir }}/fs.loadavg-alert.sh + {%- endfor %} +{%- endif %} + @@ -279,49 +525,77 @@ secure_log_date_format = %b %e max_pools = 5 list = pool1, pool2 - rigid = 0, 0, 0, 0, 2, 0, 2 - limit = 1000, 1000, 1000, 1000, 100, 1000, 100 + rigid = 0, 0, 0, 0, 2, 0, 0, 0, 2, 0, 0 + limit = 1000, 1000, 1000, 1000, 100, 1000, 1000, 1000, 100, 1000, 1000 # DU graph # ----------------------------------------------------------------------------- - list = System, Users - - 0 = /var/spool/mail, /var/spool/mqueue, /etc, /var/ftp, /tmp - 1 = /home/ace, /home/gene, /home/paul, /home/peter - - - /var/spool/mail = Mail boxes - /var/spool/mqueue = Mail queue - - graphs_per_row = 2 - rigid = 0 - limit = 100 + list = System, Users + + 0 = /var/spool/mail, /var/lib, /var/log, /etc, /tmp + 1 = /var/www, /opt/yunohost + 2 = /home/yunohost.backup{% for dir in app_data_dirs.split(' ') %}, {{ dir }}{% endfor %} + 3 = {% for dir in home_user_dirs.split(' ') %}{% if loop.index > 1 %}, {% endif %}{{ dir }}{% endfor %} + + + 0 = size + 1 = files + + + /var/spool/mail = Mail boxes + /etc = Configs files + /var/lib = System data + /var/log = Logs + /tmp = Temps files + /var/www = Yunhost web Apps + /opt/yunohost = Yunohost Others Apps + /home/yunohost.backup = Yunohost backups + + graphs_per_row = 2 + rigid = 0 + limit = 100 # NET graph # ----------------------------------------------------------------------------- - max = 10 - list = eth0 - - eth0 = FastEthernet LAN, 0, 10000000 - - gateway = eth0 + max = 10 + list = {% for interface in net_interface_list.splitlines() %}{% if loop.index > 1 %}, {% endif %}{{ interface.split(',')[0] }}{% endfor %} + + {%- for interface in net_interface_list.splitlines() %} + {{ interface.split(',')[0] }} = Interface {{ interface.split(',')[0] }}, 0, {{ interface.split(',')[1] }} + {%- endfor %} + + gateway = {{ net_gateway }} # NETSTAT graph # ----------------------------------------------------------------------------- + cmd = ss rigid = 0, 0, 0, 0, 0 limit = 100, 100, 100, 100, 100 +# TINYPROXY graph +# ----------------------------------------------------------------------------- + + list = http://your.proxy.com/ + + http://your.proxy.com/ = http://tinyproxy.stats + + show_url = y + rigid = 0, 0, 0 + limit = 1000, 1000, 1000 + + + # TC graph # ----------------------------------------------------------------------------- @@ -356,15 +630,39 @@ secure_log_date_format = %b %e # ----------------------------------------------------------------------------- - 0 = sshd, ntpd, monitorix, monitorix-httpd, mysqld, slapd, dnsmasq - 1 = master, imap, sendmail, postfix, rmilter, dovecot, rspamd - 2 = nginx, uwsgi, php5-fpm - - - httpd = Apache - imap = Dovecot - named = Bind - + 0 = slapd, nslcd, cron, atd, rsyslogd, dnsmasq, fail2ban-server + 1 = yunomdns, yunohost-api, monitorix, monitorix-httpd + 2 = master, rspamd, dovecot, rspamd, imap, sshd, nginx +{%- set db_procs = [] %} +{%- if mysql_installed == 'true' %} + {%- set discard = db_procs.append('mariadb') %} +{%- endif %} +{%- if postgresql_installed == 'true' %} + {%- set discard = db_procs.append('postgres') %} +{%- endif %} +{%- if memcached_installed == 'true' %} + {%- set discard = db_procs.append('memcached') %} +{%- endif %} +{%- if redis_installed == 'true' %} + {%- set discard = db_procs.append('redis-server') %} +{%- endif %} +{%- if db_procs %} + 3 = {% for proc in db_procs %}{% if loop.index > 1 %}, {% endif %}{{ proc }}{% endfor %} +{%- endif %} +{%- if phpfpm_installed == 'true' %} + 4 = php-fpm +{%- endif %} + + + slapd = LDAP server + nslcd = nslcd + rsyslogd = Syslog + yunomdns = Yunohost DNS + yunohost-api = Yunohost API + master = Postfix + imap = Dovecot IMAP + sshd = SSH server + rigid = 2, 0, 0, 0, 0, 0, 0, 0 limit = 100, 1000, 1000, 1000, 1000, 1000, 1000, 1000 @@ -373,40 +671,60 @@ secure_log_date_format = %b %e # SERV graph # ----------------------------------------------------------------------------- - mode = i - rigid = 0, 0, 0 - limit = 1000, 1000, 1000 + + Default = SSH, Fail2ban, IMAP, SMTP, Spam + + + SSH = C, file:/var/log/auth.log, "^%b %e", "sshd\[.*\]: Accepted " + Fail2ban = C, file:/var/log/fail2ban.log, "^%Y-%m-%d", " fail2ban.actions .* Ban " + IMAP = C, file:/var/log/mail.log, "%b %d", " imap-login: .* Login: " + SMTP = C, file:/var/log/mail.log, "^%b %e", i:"to=.*stat(us)?=sent" + Spam = C, file:/var/log/rspamd/rspamd.log, "^%b %e", "greylisted until" + Spam = C, file:/var/log/rspamd/rspamd.log, "^%b %e", "learned message as spam" + + mode = i + graphs_per_row = 2 + rigid = 0, 0, 0 + limit = 1000, 1000, 1000 # MAIL graph # ----------------------------------------------------------------------------- - mta = postfix - greylist = milter-greylist - rigid = 0, 0, 0, 0, 0 - limit = 1, 1000, 1000, 1000, 1000 + mta = postfix + greylist = postgrey + stats_rate = real + rigid = 0, 0, 0, 0, 0 + limit = 1, 1000, 1000, 1000, 1000 + + delvd_enabled = {{ mail_delvd_enabled }} + delvd_timeintvl = {{ mail_delvd_timeintvl }} + delvd_threshold = {{ mail_delvd_threshold }} + delvd_script = {{ install_dir }}/mail.delvd-alert.sh + mqueued_enabled = {{ mail_mqueued_enabled }} + mqueued_timeintvl = {{ mail_mqueued_timeintvl }} + mqueued_threshold = {{ mail_mqueued_threshold }} + mqueued_script = {{ install_dir }}/mail.mqueued-alert.sh + # PORT graph # ----------------------------------------------------------------------------- - max = 9 - rule = 24000 - list = 25, 21, 80, 22, 110, 139, 3306, 53, 143 - - 25 = SMTP, tcp, in, 0, 1000 - 21 = FTP, tcp, in, 0, 1000 - 80 = HTTP, tcp, in, 0, 1000 - 22 = SSH, tcp, in, 0, 1000 - 110 = POP3, tcp, in, 0, 1000 - 139 = NETBIOS, tcp, in, 0, 1000 - 3306 = MYSQL, tcp, in, 0, 1000 - 53 = DNS, udp, in, 0, 1000 - 143 = IMAP, tcp, in, 0, 1000 - - graphs_per_row = 3 + max = 6 + rule = 24000 + list = 22, 25, 80, 443, 587, 993 + + 22 = SSH, tcp, in, 0, 1000 + 25 = SMTP, tcp, in/out, 0, 1000 + 80 = HTTP, tcp, in, 0, 1000 + 443 = HTTPS, tcp, in, 0, 1000 + 587 = SMTP-TLS, tcp, in, 0, 1000 + 993 = IMAPS, tcp, in, 0, 1000 + + graphs_per_row = 3 @@ -442,8 +760,8 @@ secure_log_date_format = %b %e # NGINX graph # ----------------------------------------------------------------------------- - url = http://localhost:__PORT_NGINX_STATUS__/nginx_status_monitorix - port = __PORT_NGINX_STATUS__ + url = http://localhost:{{ port_nginx_status }}/nginx_status_monitorix + port = {{ port_nginx_status }} rule = 24100 rigid = 0, 0, 0 limit = 100, 100, 100 @@ -462,16 +780,34 @@ secure_log_date_format = %b %e # MYSQL graph # ----------------------------------------------------------------------------- - conn_type = socket - list = /run/mysqld/mysqld.sock - - /run/mysqld/mysqld.sock = 3306, __DB_USER__, __DB_PWD__ - - rigid = 0, 2, 0, 0, 0, 0 - limit = 100, 100, 100, 100, 100, 100 + conn_type = host + list = localhost + + localhost = 3306, {{ db_user }}, {{ db_pwd }} + + rigid = 0, 2, 0, 0, 0, 0 + limit = 100, 100, 100, 100, 100, 100 +# PGSQL graph +# ----------------------------------------------------------------------------- + + list = localhost + + + host = localhost + port = 5432 + username = {{ db_user }} + password = {{ db_pwd }} + db_list = + + + rigid = 0, 0, 0, 0, 0, 0 + limit = 100, 100, 100, 100, 100, 100 + + + # VARNISH graph # ----------------------------------------------------------------------------- @@ -550,6 +886,16 @@ secure_log_date_format = %b %e +# UNBOUND graph +# ----------------------------------------------------------------------------- + + cmd = unbound-control + queries_type = A, AAAA, ANY, DS, MX, NS, PTR, SOA, SRV, TXT, NAPTR, A6, CNAME, SPF, KEY, DNSKEY, HINFO, WKS, PX, NSAP + rigid = 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 + limit = 100, 100, 100, 100, 100, 100, 100, 100, 100, 100 + + + # NTP graph # ----------------------------------------------------------------------------- @@ -578,10 +924,16 @@ secure_log_date_format = %b %e 0 = [recidive], [pam-generic] 1 = [yunohost] - 2 = [postfix], [postfix-sasl], [dovecot] + 2 = [postfix], [dovecot] 3 = [nginx-http-auth] - 4 = [sshd], [sshd-ddos] - 5 = __F2B_ADDITIONAL_JAIL__ + 4 = [sshd] + 5 = {% for jail in jail_list.split(' ') + | rejectattr(None, 'in', ['recidive', 'pam-generic', + 'yunohost', + 'postfix', 'dovecot', + 'nginx-http-auth', + 'sshd']) + %}{% if loop.index > 1 %}, {% endif %}[{{ jail.strip() }}]{% endfor %} graphs_per_row = 2 rigid = 0 @@ -625,28 +977,60 @@ secure_log_date_format = %b %e # MEMCACHED graph # ----------------------------------------------------------------------------- - list = localhost:11211 - rigid = 0, 0, 0, 0, 0, 0, 0 - limit = 100, 100, 100, 100, 100, 100, 100 + list = localhost:11211 + rigid = 0, 0, 0, 0, 0, 0, 0 + limit = 100, 100, 100, 100, 100, 100, 100 +# REDIS graph +# ----------------------------------------------------------------------------- + + list = localhost:6379 + rigid = 0, 0, 0, 0, 0, 0 + limit = 1000, 1000, 1000, 1000, 1000, 1000 + + + +# PHP-FPM graph +# ----------------------------------------------------------------------------- + + + 0 = Apps detected pools + + + 0 = {% for php_pool_info in php_pools_infos.splitlines() %}{% if loop.index > 1 %}, {% endif %}{{ php_pool_info.split(',')[1] }}{% endfor %} + + + {%- for php_pool_info in php_pools_infos.splitlines() %} + {%- set phpversion = php_pool_info.split(',')[0] %} + {%- set pool_name = php_pool_info.split(',')[1] %} + {{ pool_name }} = http://localhost:{{ port_nginx_status }}/php-pool-status/php{{ phpversion }}-fpm-{{ pool_name }} + {%- endfor %} + + + + rigid = 0, 0, 2, 0, 0, 0 + limit = 100, 100, 100, 100, 100, 100 + + + # APCUPSD graph # ----------------------------------------------------------------------------- - cmd = /sbin/apcaccess - list = localhost:3551 - rigid = 0, 2, 0, 0, 0, 0 - limit = 100, 100, 100, 100, 100, 100 + cmd = /sbin/apcaccess + list = localhost:3551 + rigid = 0, 2, 0, 0, 0, 0 + limit = 100, 100, 100, 100, 100, 100 # NUT graph # ----------------------------------------------------------------------------- - list = ups@localhost - rigid = 0, 2, 0, 0, 0, 0 - limit = 100:0, 100, 100:0, 100:0, 100:0, 100:0 + list = ups@localhost + rigid = 0, 2, 0, 0, 0, 0 + limit = 100:0, 100, 100:0, 100:0, 100:0, 100:0 @@ -715,6 +1099,7 @@ secure_log_date_format = %b %e enabled = n footer_url = y graphs_per_row = 2 + default_option_when_all = "System load" remotehost_list = server 1, server 2, server 3 0 = http://www.example.com,/monitorix,/monitorix-cgi @@ -732,32 +1117,33 @@ secure_log_date_format = %b %e # Email Reports # ----------------------------------------------------------------------------- - enabled = n - url_prefix = http://127.0.0.1:__PORT____PATH__ - smtp_hostname = localhost - from_address = noreply@__DOMAIN__ - hour = 0 - minute = 0 - - enabled = n - graphs = system, fs - to = ace@example.com - - - enabled = n - graphs = system, fs - to = gene@example.com - - - enabled = n - graphs = system, fs - to = paul@example.com - - - enabled = n - graphs = system, fs - to = peter@example.com - + enabled = {{ emailreports_enabled }} + url_prefix = http://127.0.0.1:{{ port }}{{ path }} + smtp_hostname = localhost + from_address = {{ app }}@{{ domain }} + subject_prefix = {{ emailreports_subject_prefix }} + hour = {{ emailreports_hour }} + minute = {{ emailreports_minute }} + + enabled = {{ emailreports_daily_enabled }} + graphs = {{ emailreports_daily_graphs }} + to = {{ emailreports_daily_to }} + + + enabled = {{ emailreports_weekly_enabled }} + graphs = {{ emailreports_weekly_graphs }} + to = {{ emailreports_weekly_to }} + + + enabled = {{ emailreports_monthly_enabled }} + graphs = {{ emailreports_monthly_graphs }} + to = {{ emailreports_monthly_to }} + + + enabled = {{ emailreports_yearly_enabled }} + graphs = {{ emailreports_yearly_graphs }} + to = {{ emailreports_yearly_to }} + @@ -806,6 +1192,7 @@ logo_bottom = logo_bot.png + large = 750x180 main = 450x150 medium = 325x150 medium2 = 325x70 @@ -816,24 +1203,30 @@ logo_bottom = logo_bot.png remote = 300x100 -graph_name = system, kern, proc, hptemp, lmsens, gensens, ipmi, ambsens, nvidia, disk, fs, zfs, du, net, netstat, tc, libvirt, process, serv, mail, port, user, ftp, apache, nginx, lighttpd, mysql, mongodb, varnish, pagespeed, squid, nfss, nfsc, bind, unbound, ntp, chrony, fail2ban, icecast, raspberrypi, phpapc, memcached, phpfpm, apcupsd, nut, wowza, int, verlihub +graph_name = system, kern, proc, amdenergy, intelrapl, hptemp, lmsens, gensens, ipmi, ambsens, amdgpu, nvidiagpu, nvidia, disk, nvme, fs, zfs, du, net, netstat, tinyproxy, tc, libvirt, process, serv, mail, port, user, ftp, apache, nginx, lighttpd, mysql, pgsql, mongodb, varnish, pagespeed, squid, nfss, nfsc, bind, unbound, ntp, chrony, fail2ban, icecast, raspberrypi, phpapc, memcached, redis, phpfpm, apcupsd, nut, wowza, int, verlihub system = System load average and usage kern = Global kernel usage proc = Kernel usage per processor + amdenergy = AMD power usage + intelrapl = RAPL power usage hptemp = HP ProLiant System Health lmsens = LM-Sensors and GPU temperatures gensens = Generic sensor statistics ipmi = IPMI sensor statistics ambsens = Ambient sensor statistics + amdgpu = AMD GPU temperatures and usage + nvidiagpu = NVIDIA GPU temperatures and usage nvidia = NVIDIA temperatures and usage disk = Disk drive temperatures and health + nvme = NVMe drive temperatures and health fs = Filesystem usage and I/O activity zfs = ZFS statistics du = Directory usage net = Network traffic and usage netstat = Netstat statistics + tinyproxy = Tinyproxy statistics tc = Traffic Control statistics libvirt = Libvirt statistics process = Processes statistics @@ -846,6 +1239,7 @@ graph_name = system, kern, proc, hptemp, lmsens, gensens, ipmi, ambsens, nvidia, nginx = Nginx statistics lighttpd = Lighttpd statistics mysql = MySQL statistics + pgsql = PostgreSQL statistics mongodb = MongoDB statistics varnish = Varnish statistics pagespeed = PageSpeed statistics @@ -861,6 +1255,7 @@ graph_name = system, kern, proc, hptemp, lmsens, gensens, ipmi, ambsens, nvidia, raspberrypi = Raspberry Pi sensor statistics phpapc = Alternative PHP Cache statistics memcached = Memcached statistics + redis = Redis statistics phpfpm = PHP-FPM statistics apcupsd = APC UPS statistics nut = Network UPS Tools statistics @@ -879,6 +1274,8 @@ graph_name = system, kern, proc, hptemp, lmsens, gensens, ipmi, ambsens, nvidia, _kern2 = Context switches and forks _kern3 = VFS usage _proc = Processor + _amdenergy1 = Socket power distribution + _intelrapl1 = Power distribution _hptemp1 = Temperatures 1 _hptemp2 = Temperatures 2 _hptemp3 = Temperatures 3 @@ -890,12 +1287,41 @@ graph_name = system, kern, proc, hptemp, lmsens, gensens, ipmi, ambsens, nvidia, _gensens = Generic sensors _ipmi = IPMI sensors _ambsens = Ambient sensors + _amdgpu1 = Fan speed + _amdgpu2 = Core temperature + _amdgpu3 = Memory temperature + _amdgpu4 = Junction temperature + _amdgpu5 = Power + _amdgpu6 = Core util. + _amdgpu7 = Memory util. + _amdgpu8 = Core clock + _amdgpu9 = Memory clock + _amdgpu10 = Memory usage + _nvidiagpu1 = Fan speed + _nvidiagpu2 = Core temperature + _nvidiagpu3 = Memory temperature + _nvidiagpu4 = Memory usage + _nvidiagpu5 = Power + _nvidiagpu6 = Core util. + _nvidiagpu7 = Memory util. + _nvidiagpu8 = Core clock + _nvidiagpu9 = Memory clock + _nvidiagpu10 = Performance state _nvidia1 = NVIDIA temperatures _nvidia2 = CPU usage _nvidia3 = Memory usage _disk1 = Disk drives temperatures _disk2 = Reallocated sector count _disk3 = Current pending sector + _nvme1 = NVMe drives temperatures + _nvme2 = Spare capacity + _nvme3 = Life used + _nvme4 = Total written + _nvme5 = Media errors + _nvme6 = Unsafe shutdowns + _nvme7 = Total read + _nvme8 = Mean write load + _nvme9 = Mean read load _fs1 = Filesystems usage _fs2 = Disk I/O activity _fs3 = Inode usage @@ -916,6 +1342,9 @@ graph_name = system, kern, proc, hptemp, lmsens, gensens, ipmi, ambsens, nvidia, _netstat3 = Active close _netstat4 = Passive close _netstat5 = UDP statistics + _tinyproxy1 = Requests + _tinyproxy2 = Connections + _tinyproxy3 = Connections _tc1 = Traffic _tc2 = Dropped _tc3 = Overlimits @@ -932,9 +1361,8 @@ graph_name = system, kern, proc, hptemp, lmsens, gensens, ipmi, ambsens, nvidia, _process6 = Number of threads _process7 = Context switches _process8 = Number of processes - _serv1 = System services demand - _serv2 = IMAP and POP3 services - _serv3 = SMTP service + _process9 = Uptime + _serv = System services demand _mail1 = Mail statistics _mail2 = Network traffic _mail3 = Mails in queue @@ -966,6 +1394,12 @@ graph_name = system, kern, proc, hptemp, lmsens, gensens, ipmi, ambsens, nvidia, _mysql4 = MySQL queries _mysql5 = MySQL connections _mysql6 = MySQL traffic + _pgsql1 = PgSQL rows by queries + _pgsql2 = PgSQL background writer + _pgsql3 = PgSQL database size + _pgsql4 = PgSQL connections + _pgsql5 = PgSQL transactions + _pgsql6 = PgSQL block cache _mongodb1 = MongoDB operations _mongodb2 = MongoDB metrics document _mongodb3 = MongoDB write performance @@ -1052,6 +1486,12 @@ graph_name = system, kern, proc, hptemp, lmsens, gensens, ipmi, ambsens, nvidia, _memcached5 = Objects I/O _memcached6 = Connections _memcached7 = Memcached traffic + _redis1 = Connections + _redis2 = Ratios + _redis3 = Clients + _redis4 = Memory usage + _redis5 = Dictionary cache + _redis6 = Network traffic _phpfpm1 = Accepted connections _phpfpm2 = Active processes _phpfpm3 = Listen queue @@ -1082,3 +1522,4 @@ graph_name = system, kern, proc, hptemp, lmsens, gensens, ipmi, ambsens, nvidia, _verlihub2 = Total hub upload _verlihub3 = Total hub share + diff --git a/conf/nginx.conf b/conf/nginx.conf index 7c64fe4..95fd567 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,11 +1,14 @@ location __PATH__ { - proxy_pass http://127.0.0.1:__PORT____PATH__; - allow 127.0.0.0/8; + proxy_pass http://127.0.0.1:__PORT____PATH__; + allow 127.0.0.0/8; - location ~ ^__PATH__/(.+\.png)$ { - alias /var/lib/monitorix/www/$1; + location ~ ^__PATH__/(.+\.(png|svg))$ { + alias __DATA_DIR__/www/$1; + + # Include SSOWAT user panel. + include conf.d/yunohost_panel.conf.inc; } - + proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; @@ -15,7 +18,7 @@ location __PATH__ { proxy_send_timeout 600; proxy_read_timeout 600; send_timeout 600; - + # Include SSOWAT user panel. include conf.d/yunohost_panel.conf.inc; -} \ No newline at end of file +} diff --git a/conf/nginx_status.conf b/conf/nginx_status.conf index 85c2957..e8b9267 100644 --- a/conf/nginx_status.conf +++ b/conf/nginx_status.conf @@ -1,6 +1,6 @@ server { - listen __PORT_NGINX_STATUS__; - listen [::]:__PORT_NGINX_STATUS__; + listen {{ port_nginx_status }}; + listen [::]:{{ port_nginx_status }}; access_log /var/log/nginx/localhost-nginx_status_monitorix.lan-access.log; error_log /var/log/nginx/localhost-nginx_status_monitorix.lan-error.log; @@ -12,4 +12,19 @@ server { allow ::1; deny all; } + +{%- if phpfpm_installed == 'true' %} + {%- for php_pool_info in php_pools_infos.splitlines() %} + {%- set phpversion = php_pool_info.split(',')[0] %} + {%- set pool_name = php_pool_info.split(',')[1] %} + + location {{ path.rstrip('/') }}/php-pool-status/php{{ phpversion }}-fpm-{{ pool_name }} { + fastcgi_split_path_info ^(.+?\.php)(/.*)$; + fastcgi_pass unix:/var/run/php/php{{ phpversion }}-fpm-{{ pool_name }}-{{ app }}-status.sock; + include fastcgi_params; + fastcgi_param PATH_INFO $fastcgi_path_info; + fastcgi_param SCRIPT_FILENAME cas_server.php; + } + {%- endfor %} +{%- endif %} } diff --git a/conf/php_status.conf b/conf/php_status.conf new file mode 100644 index 0000000..d47c73d --- /dev/null +++ b/conf/php_status.conf @@ -0,0 +1,10 @@ +{% for php_pool_info in php_pools_infos.splitlines() %} + {%- set phpversion = php_pool_info.split(',')[0] %} + {%- set pool_name = php_pool_info.split(',')[1] %} + {%- if phpversion == pool_version %} +; Auto generated config for Monitorix monitoring +[{{ pool_name }}] +pm.status_listen = /var/run/php/php{{ phpversion }}-fpm-{{ pool_name }}-{{ app }}-status.sock +pm.status_path = /php-pool-status/php{{ phpversion }}-fpm-{{ pool_name }} + {%- endif %} +{% endfor %} diff --git a/config_panel.toml b/config_panel.toml new file mode 100644 index 0000000..f059b8e --- /dev/null +++ b/config_panel.toml @@ -0,0 +1,246 @@ +version = "1.0" + +[main] +name.en = "Main configuration" +name.fr = "Configuration principale" + +services = ["__APP__"] + + [main.email_alerts] + + name = "Email alerts" + + [main.email_alerts.alerts_email] + + ask.en = "Email address to send alerts emails" + type = "email" + help = "The Email address on which monitorix will send Alets email. It could by linked to many time of alerts." + + [main.others] + + name = "Others" + + [main.others.theme_color] + ask.en = "Theme color" + type = "select" + choices = ["black", "white"] + help = "RRDtool comes with a default white theme, and since Monitorix introduces its own black theme, you have two predefined themes to choose from." + + [main.others.enable_hourly_view] + ask.en = "Enable hourly view" + type = "boolean" + yes = "y" + no = "n" + help = "This option enables or disables the ability to select the hourly view in the main page.\nNo .rrd file will change by selecting this option and the historical data won’t be affected." + + [main.others.image_format] + ask.en = "Image format" + type = "select" + choices = ["svg", "png"] + help = "This is the format of each generated graph. There are only two possible values: PNG and SVG." + + [main.others.max_historic_years] + ask.en = "Maximum number of years of historical" + type = "number" + help = "This option defines the maximum number of years of historical data in all graphs.\nWARNING: Every time this value is extended Monitorix will resize every .rrd file accordingly, removing all historical data.\nThere is no longer any upper limit for this value." + + [main.others.process_priority] + ask.en = "Process priority" + type = "number" + min = -20 + max = 20 + help = "Sometimes when a server is under heavy use, Monitorix might be unable to collect some statistical data due to its normal priority (0 by default). This makes monitoring useless because graphs are empty during that hard period of time.\n\nIn order to mitigate this situation this option sets the priority in which Monitorix will be scheduled by the kernel. The accepted range of values is the same as in the setpriority() system call: that is, from -20 (maximum priority) to 19 (lowest priority)." + +[config] +name.en = "Monitorix configuration" + + [config.system] + name = "System load average and usage" + + [config.system.system_alerts_loadavg_enabled] + ask.en = "Load average enabled" + type = "boolean" + yes = "y" + no = "n" + help = "This section enables or disables the alert capabilities for this graph. Only the alert for the average CPU load is currently implemented. It works as follows:\n\nThis alert uses the minimum value between the second and the third load averages (those that represent the last 5 and 15 minutes), and if it reaches the loadavg_threshold value for the interval of time defined in loadavg_timeintvl, Monitorix will execute the external alert script defined in loadavg_script.\n\nThe idea to use min(load5, load15) is to obtain a more symmetric curve and a sooner cancellation of the alert.\n\nThe default Monitorix installation includes an example of a shell-script alert called monitorix-alert.sh which you can use as a base for your own script." + + [config.system.system_alerts_loadavg_timeintvl] + ask.en = "Load average time interval" + type = "number" + help = "This is the period of time (in seconds) that the threshold needs to be exceeded before the external alert script is executed." + + [config.system.system_alerts_loadavg_threshold] + ask.en = "Load average threshold" + type = "range" + help = "This is the value that needs to be reached or exceeded within the specified time period in loadavg_timeintvl to trigger the mechanism for a particular action, which in this case is the execution of an external alert script.\n\nThe value of this option is compared against the last 15 minutes of CPU load average." + + [config.disk] + name = "Disk usage" + + [config.disk.disk_alerts_loadavg_enabled] + ask.en = "Disk alert enabled" + type = "boolean" + yes = "true" + no = "false" + + [config.disk.disk_alerts_loadavg_timeintvl] + ask.en = "Time interval" + type = "number" + help = "Time interval on which disk usage will be checked" + + [config.disk.disk_alerts_loadavg_threshold] + ask.en = "Disk usage threshold" + type = "number" + help = "Percentage to reach to send alert." + + [config.mail] + name = "Mail statistics" + + [config.mail.mail_delvd_enabled] + ask.en = "Mail delivery enabled" + type = "boolean" + yes = "y" + no = "n" + help = "This section enables or disables one of the alert capabilities for this graph; the alert for the number of delivered messages. It works as follows:\n\nIf the number of delivered messages reaches the delvd_threshold value for the interval of time defined in delvd_timeintvl, Monitorix will execute the external alert script defined in delvd_script.\n\nThe default Monitorix installation includes an example of a shell-script alert called monitorix-alert.sh which you can use as a base for your own script." + + [config.mail.mail_delvd_timeintvl] + ask.en = "Mail delivery time interval" + type = "number" + help = "This is the period of time (in seconds) that the threshold needs to be exceeded before the external alert script is executed." + + [config.mail.mail_delvd_threshold] + ask.en = "Mail delivery threshold" + type = "number" + help = "This is the value that needs to be reached or exceeded within the specified time period in delvd_timeintvl to trigger the mechanism for a particular action, which in this case is the execution of an external alert script.\n\nThe value of this option is compared against the number of delivered messages since the last delvd_timeintvl seconds." + + [config.mail.mail_mqueued_enabled] + ask.en = "Mail message queue enabled" + type = "boolean" + yes = "y" + no = "n" + help = "This section enables or disables one of the alert capabilities for this graph; the alert for the number of queued messages. It works as follows:\n\nIf the number of queued messages reaches the mqueued_threshold value for the interval of time defined in mqueued_timeintvl, Monitorix will execute the external alert script defined in mqueued_script.\n\nThe default Monitorix installation includes an example of a shell-script alert called monitorix-alert.sh which you can use as a base for your own script." + + [config.mail.mail_mqueued_timeintvl] + ask.en = "Mail message queue time interval" + type = "number" + help = "This is the period of time (in seconds) that the threshold needs to be exceeded before the external alert script is executed." + + [config.mail.mail_mqueued_threshold] + ask.en = "Mail message queue threshold" + type = "number" + help = "This is the value that needs to be reached or exceeded within the specified time period in mqueued_timeintvl to trigger the mechanism for a particular action, which in this case is the execution of an external alert script.\n\nThe value of this option is compared with the number of messages in the mail queue." + +[emailreports] +name = "Automatic email reports" +help = "This allows to send automatically selected graphs to one or more email addresses. This could be specially useful for some system administrators who prefer receiving via email selected graphs instead of browsing to the remote servers every day." + + [emailreports.global] + name = "Global config for email reports" + + [emailreports.global.emailreports_enabled] + ask.en = "Mail reports enabled" + type = "boolean" + yes = "y" + no = "n" + help = "This option enables this feature. Note that you still need to enable the same option for each time interval you want to activate: daily, weekly, monthly, yearly." + + [emailreports.global.emailreports_subject_prefix] + ask.en = "Email report subject prefix" + type = "string" + help = "This is a string that will be prefixed in the Subject of all emails that will be sent." + + [emailreports.global.emailreports_hour] + ask.en = "Mail report send hour" + type = "number" + max = 23 + help = "This is the hour (in 24h format) when the email reports will be sent." + + [emailreports.global.emailreports_minute] + ask.en = "Mail report send minute" + type = "number" + max = 59 + help = "This is the minute when the email reports will be sent." + + [emailreports.daily] + name = "Daily email reports" + help = "Daily reports will be sent every day at the specific time on the global mail report settings." + + [emailreports.daily.emailreports_daily_enabled] + ask.en = "Daily mail reports enabled" + type = "boolean" + yes = "y" + no = "n" + + [emailreports.daily.emailreports_daily_graphs] + ask.en = "Daily mail reports graphs list" + type = "tags" + choices = ["system", "kern", "proc", "fs", "du", "net", "netstat", "process", "serv", "mail", "port", "user", "nginx", "mysql", "pgsql", "fail2ban", "memcached", "redis", "phpfpm", "int"] + help = "List of graph names you want to appear in the email report. The names are the same as their .rrd files. There is a list of them in the graph_name option in monitorix.conf." + + [emailreports.daily.emailreports_daily_to] + ask.en = "Daily mail reports emails" + type = "string" + help = "This is a comma-separated list of recipient email addresses." + + [emailreports.weekly] + name = "Weekly email reports" + help = "Weekly reports will be sent the first Monday of each week." + + [emailreports.weekly.emailreports_weekly_enabled] + ask.en = "Weekly mail reports enabled" + type = "boolean" + yes = "y" + no = "n" + + [emailreports.weekly.emailreports_weekly_graphs] + ask.en = "Weekly mail reports graphs list" + type = "tags" + choices = ["system", "kern", "proc", "fs", "du", "net", "netstat", "process", "serv", "mail", "port", "user", "nginx", "mysql", "pgsql", "fail2ban", "memcached", "redis", "phpfpm", "int"] + help = "List of graph names you want to appear in the email report. The names are the same as their .rrd files. There is a list of them in the graph_name option in monitorix.conf." + + [emailreports.weekly.emailreports_weekly_to] + ask.en = "Weekly mail reports emails" + type = "string" + help = "This is a comma-separated list of recipient email addresses." + + [emailreports.monthly] + name = "Monthly email reports" + help = "Monthly reports will be sent the first day of each month." + + [emailreports.monthly.emailreports_monthly_enabled] + ask.en = "Monthly mail reports enabled" + type = "boolean" + yes = "y" + no = "n" + + [emailreports.monthly.emailreports_monthly_graphs] + ask.en = "Monthly mail reports graphs list" + type = "tags" + choices = ["system", "kern", "proc", "fs", "du", "net", "netstat", "process", "serv", "mail", "port", "user", "nginx", "mysql", "pgsql", "fail2ban", "memcached", "redis", "phpfpm", "int"] + help = "List of graph names you want to appear in the email report. The names are the same as their .rrd files. There is a list of them in the graph_name option in monitorix.conf." + + [emailreports.monthly.emailreports_monthly_to] + ask.en = "Monthly mail reports emails" + type = "string" + help = "This is a comma-separated list of recipient email addresses." + + [emailreports.yearly] + name = "Yearly email reports" + help = "Yearly reports will be sent the first day of each year." + + [emailreports.yearly.emailreports_yearly_enabled] + ask.en = "Yearly mail reports enabled" + type = "boolean" + yes = "y" + no = "n" + + [emailreports.yearly.emailreports_yearly_graphs] + ask.en = "Yearly mail reports graphs list" + type = "tags" + choices = ["system", "kern", "proc", "fs", "du", "net", "netstat", "process", "serv", "mail", "port", "user", "nginx", "mysql", "pgsql", "fail2ban", "memcached", "redis", "phpfpm", "int"] + help = "List of graph names you want to appear in the email report. The names are the same as their .rrd files. There is a list of them in the graph_name option in monitorix.conf." + + [emailreports.yearly.emailreports_yearly_to] + ask.en = "Yearly mail reports emails" + type = "string" + help = "This is a comma-separated list of recipient email addresses." diff --git a/doc/ADMIN.md b/doc/ADMIN.md index 6ae8fb1..aea44ac 100644 --- a/doc/ADMIN.md +++ b/doc/ADMIN.md @@ -1,6 +1,6 @@ ### Remove -Due of the backup core only feature the data directory in `/var/lib/monitorix` **is not removed**. It must be manually deleted to purge user data from the app. +Due of the backup core only feature the data directory in `/home/yunohost.app/monitorix` **is not removed**. It must be manually deleted to purge user data from the app. ### More sensor @@ -15,14 +15,10 @@ You will have a full complete documentation for monitorix config here : https:// By example you can extends the basic config by this : ```xml -priority = 5 - - disk = y lmsens = y gensens = y - mail = y # LMSENS graph @@ -97,123 +93,10 @@ priority = 5 pendsect_script = /etc/monitorix/monitorix_alerts_scripts/disk_pendsect.sh - -# FS graph -# ----------------------------------------------------------------------------- - - - 0 = /, /home, /var, /$tempdir, swap - - - / = Root FS - /home = home - /var = var - /$tempdir = tmp - - - - rigid = 2, 0, 2, 0 - limit = 100, 1000, 100, 1000 - - / = 3600, 98, /etc/monitorix/monitorix_alerts_scripts/fs_rootfs.sh - /home = 3600, 98, /etc/monitorix/monitorix_alerts_scripts/fs_home.sh - /var = 3600, 98, /etc/monitorix/monitorix_alerts_scripts/fs_var.sh - /$tempdir = 3600, 98, /etc/monitorix/monitorix_alerts_scripts/fs_tmp.sh - swap = 3600, 98, /etc/monitorix/monitorix_alerts_scripts/fs_swap.sh - - - - -# MAIL graph -# ----------------------------------------------------------------------------- - - mta = postfix - greylist = postgrey - stats_rate = real - rigid = 0, 0, 0, 0, 0 - limit = 1, 1000, 1000, 1000, 1000 - - delvd_enabled = y - delvd_timeintvl = 60 - delvd_threshold = 100 - delvd_script = /etc/monitorix/monitorix_alerts_scripts/mail_delvd.sh - mqueued_enabled = y - mqueued_timeintvl = 3600 - mqueued_threshold = 100 - mqueued_script = /etc/monitorix/monitorix_alerts_scripts/mail_mqueued.sh - - - - -# NET graph -# ----------------------------------------------------------------------------- - - list = eth0,lo - - eth0 = FastEthernet LAN, 0, 10000000 - lo = loopback, 0, 10000000 - - - gateway = eth0 - - -# PROCESS graph -# ----------------------------------------------------------------------------- - - - 0 = sshd, ntpd, monitorix, monitorix-httpd - 1 = openvpn, ... - ... - 6 = mysqld, slapd, postgresql - - - master = Postfix - imap = Dovecot - - rigid = 2, 0, 0, 0, 0, 0, 0, 0 - limit = 100, 1000, 1000, 1000, 1000, 1000, 1000, 1000 - - - - - - enabled = y - url_prefix = http://127.0.0.1:8081/monitorix - smtp_hostname = localhost - from_address = noreply@domain.tld - hour = 2 - minute = 7 - - enabled = y - graphs = system, fs, gensens, disk, netstat, port, nginx - to = user@domain.tld - - - enabled = y - graphs = system, fs, gensens, disk, kern, proc, net, netstat, process, serv, port, user, nginx, mysql, fail2ban, int - to = user@domain.tld - - - enabled = y - graphs = system, fs, gensens, disk, kern, proc, net, netstat, process, serv, port, user, nginx, mysql, fail2ban, int - to = user@domain.tld - - - enabled = y - graphs = system, fs, gensens, disk, kern, proc, net, netstat, process, serv, port, user, nginx, mysql, fail2ban, int - to = user@domain.tld - - - ``` In this config : -- We set the process priority to 5 (which mean that it will be lower priority than the other process). - We get the lmsensor sensor data. - We get some sensors data not accessible with lmsensor (with gensens) - We check the disk health and send an email if any error happens. For that you need to make some script. An example is available in `/usr/share/doc/monitorix/monitorix-alert.sh`. -- We check the filesystem. -- We check the traffic in the network card. -- We check some process. -- We send every day, week, month and year a rapport. diff --git a/hooks/post_app_install b/hooks/post_app_install new file mode 100644 index 0000000..8c20e3e --- /dev/null +++ b/hooks/post_app_install @@ -0,0 +1,3 @@ +#!/bin/bash + +bash __INSTALL_DIR__/update_config_if_needed.sh diff --git a/hooks/post_app_remove b/hooks/post_app_remove new file mode 100644 index 0000000..8c20e3e --- /dev/null +++ b/hooks/post_app_remove @@ -0,0 +1,3 @@ +#!/bin/bash + +bash __INSTALL_DIR__/update_config_if_needed.sh diff --git a/hooks/post_app_upgrade b/hooks/post_app_upgrade new file mode 100644 index 0000000..8c20e3e --- /dev/null +++ b/hooks/post_app_upgrade @@ -0,0 +1,3 @@ +#!/bin/bash + +bash __INSTALL_DIR__/update_config_if_needed.sh diff --git a/hooks/post_iptable_rules b/hooks/post_iptable_rules index c30c307..b47e590 100644 --- a/hooks/post_iptable_rules +++ b/hooks/post_iptable_rules @@ -1,9 +1,9 @@ #/bin/bash -if [[ $(systemctl status monitorix.service | grep "Active" | cut -d'(' -f2 | cut -d ')' -f1) = 'running' ]] +if [[ $(systemctl status __APP__.service | grep "Active" | cut -d'(' -f2 | cut -d ')' -f1) = 'running' ]] then systemctl stop monitorix.service sleep 1 pkill -f "monitorix-httpd listening on" || true - systemctl start monitorix.service -fi \ No newline at end of file + systemctl start __APP__.service +fi diff --git a/manifest.toml b/manifest.toml index c23e6d9..99a92c3 100644 --- a/manifest.toml +++ b/manifest.toml @@ -7,7 +7,7 @@ name = "Monitorix" description.en = "A system monitoring tool" description.fr = "Un outil de monitoring système" -version = "3.15.0~ynh4" +version = "3.15.0~ynh5" maintainers = ["Josue-T"] @@ -37,16 +37,26 @@ ram.runtime = "50M" type = "path" default = "/monitorix" +[install.init_main_permission] + type = "group" + default = "admins" + [resources] [resources.sources.main] url = "https://www.monitorix.org/monitorix_3.15.0-izzy1_all.deb" sha256 = "0d960b9433ecbaba38d9befe27163644886fb5a466d44f5380576ca975b9d8e4" rename = "monitorix.deb" - format = "whatever" extract = false [resources.system_user] + [resources.install_dir] + dir = "/opt/yunohost/__APP__" + owner = "__APP__:rwx" + group = "www-data:rx" + + [resources.data_dir] + [resources.permissions] main.url = "/" @@ -55,9 +65,5 @@ ram.runtime = "50M" nginx_status.default = 8081 [resources.apt] - packages = [ - "mariadb-server", - ] + packages = ["libdbd-pg-perl", "pflogsumm"] - [resources.database] - type = "mysql" diff --git a/scripts/_common.sh b/scripts/_common.sh index 6fe7d17..efaa543 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -2,15 +2,91 @@ # SET ALL CONSTANTS #================================================= -pkg_version="3.15.0-izzy1" -systemd_user=root +readonly systemd_user=root +readonly nginx_status_conf="/etc/nginx/conf.d/${app}_status.conf" -nginx_status_conf="/etc/nginx/conf.d/monitorix_status.conf" +readonly db_user=$app + +readonly var_list_to_manage='mysql_installed postgresql_installed memcached_installed redis_installed phpfpm_installed jail_list mount_parts home_user_dirs php_pools_infos net_gateway net_interface_list' #================================================= # DEFINE ALL COMMON FONCTIONS #================================================= +installed_php_fpm_filter() { + while read -r item; do + local version=${item%,*} + if ynh_package_is_installed --package=php"$version"-fpm; then + echo "$item" + fi + done +} + +home_dir_filter() { + while read -r -d' ' item; do + if [ "$item" != /home/yunohost.app ] && [ "$item" != /home/yunohost.backup ]; then + echo "$item" + fi + done +} + +interface_speed_map() { + while read -r item; do + speed=$(cat /sys/class/net/"$item"/speed || echo 1000) + echo "$item,$speed" + done +} + +load_vars() { + if ynh_package_is_installed --package=mysql; then + readonly mysql_installed=true + else + readonly mysql_installed=false + fi + if ynh_package_is_installed --package=postgresql; then + readonly postgresql_installed=true + else + readonly postgresql_installed=false + fi + if ynh_package_is_installed --package=memcached; then + readonly memcached_installed=true + else + readonly memcached_installed=false + fi + if ynh_package_is_installed --package=redis-server; then + readonly redis_installed=true + else + readonly redis_installed=false + fi + if ynh_package_is_installed --package='php*-fpm'; then + readonly phpfpm_installed=true + else + readonly phpfpm_installed=false + fi + readonly jail_list="$(fail2ban-client status | + grep 'Jail list:' | sed 's/.*Jail list://' | sed 's/,//g')" + readonly mount_parts="$(mount | + cut -d' ' -f3 | + grep -E -v '^/run|^/dev|^/proc|^/sys|^/snap')" + app_data_dirs="$(echo /home/yunohost.app/*)" + readonly home_user_dirs="$(echo /home/* | home_dir_filter)" + # Note that 'pm.status_listen' option is only supported on php >= 8.0 so we ignore older pools + readonly php_pools_infos="$(grep -E '^\[.*\]' \ + --exclude=/etc/php/*/fpm/pool.d/"$app"_status.conf \ + --exclude=/etc/php/7.*/fpm/pool.d/* /etc/php/*/fpm/pool.d/* | + sed -E 's|/etc/php/([[:digit:]]\.[[:digit:]]+)/fpm/pool.d/.+\.conf\:\[(.+)\]|\1,\2|' | + installed_php_fpm_filter)" + readonly net_gateway="$(ip --json route show default | jq -r '.[0].dev')" + readonly net_interface_list="$(ip --json link show | jq -r '.[].ifname | select(. != "lo")' | interface_speed_map)" +} + +# Used by update_config_if_needed.sh hook +save_vars_current_value() { + for var in $var_list_to_manage; do + ynh_app_setting_set --app "$app" --key previous_$var --value "${!var}" + done +} + install_monitorix_package() { # Create the temporary directory tempdir="$(mktemp -d)" @@ -20,46 +96,243 @@ install_monitorix_package() { # Install the package ynh_package_install "$tempdir/monitorix.deb" - - # The doc says it should be called only once, - # but the code says multiple calls are supported. - # Also, they're already installed so that should be quasi instantaneous. - ynh_install_app_dependencies monitorix="$pkg_version" - - # Mark packages as dependencies, to allow automatic removal - apt-mark auto monitorix + cp -r /var/lib/monitorix/* "$data_dir"/ } -config_monitorix() { - jail_list=$(fail2ban-client status | grep 'Jail list:' | sed 's/.*Jail list://' | sed 's/,//g') - f2b_additional_jail="" - for jail in $jail_list; do - if ! [[ "$jail" =~ (recidive|pam-generic|yunohost|postfix|postfix-sasl|dovecot|nginx-http-auth|sshd|sshd-ddos) ]]; then - if [ -z "$f2b_additional_jail" ]; then - f2b_additional_jail="[$jail]" - else - f2b_additional_jail+=", [$jail]" +configure_db() { + # Here the idea is to monitor available database + # So if mysql is installed we monitor it but mysql could also not be installed and in this case don't need to monitor it + # For postgresql it's the same case + if $mysql_installed && ! ynh_mysql_user_exists --user="$db_user"; then + ynh_mysql_create_user "$db_user" "$db_pwd" + fi + if $postgresql_installed && ! ynh_psql_user_exists --user="$db_user"; then + ynh_psql_create_user "$db_user" "$db_pwd" + fi +} + +config_php_fpm() { + for pool_dir_by_version in /etc/php/*; do + pool_version=$(echo "$pool_dir_by_version" | cut -d/ -f4) + pool_file="/etc/php/$pool_version/fpm/pool.d/${app}_status.conf" + if ynh_package_is_installed --package="php$pool_version-fpm"; then + ynh_add_jinja_config --template=php_status.conf --destination="$pool_file" + + chown root:root "$pool_file" + chmod 444 "$pool_file" + ynh_systemd_action --service_name="php$pool_version"-fpm.service --action=reload + else + if [ -e "$pool_file" ]; then + ynh_secure_remove --file="$pool_file" fi fi done +} - ynh_add_config --template=../conf/monitorix.conf --destination="/etc/monitorix/monitorix.conf" +configure_hooks() { + ynh_replace_string --match_string=__INSTALL_DIR__ --replace_string="$install_dir" --target_file=../hooks/post_app_install + ynh_replace_string --match_string=__INSTALL_DIR__ --replace_string="$install_dir" --target_file=../hooks/post_app_remove + ynh_replace_string --match_string=__INSTALL_DIR__ --replace_string="$install_dir" --target_file=../hooks/post_app_upgrade + + cp ../sources/update_config_if_needed.sh "$install_dir"/ + ynh_replace_string --match_string=__APP__ --replace_string="$app" --target_file="$install_dir"/update_config_if_needed.sh +} + +configure_alerts_email() { + ynh_add_config --template=monitorix-alert.sh --destination="$install_dir"/monitorix-alert.sh + for alias_file in system.loadavg-alert.sh \ + fs.loadavg-alert.sh \ + mail.mqueued-alert.sh \ + mail.delvd-alert.sh + do + alias_path="$install_dir/$alias_file" + if [ ! -h "$alias_path" ]; then + if [ -e "$alias_path" ]; then + ynh_secure_remove --file="$alias_path" + fi + ln -s "$install_dir/monitorix-alert.sh" "$install_dir/$alias_file" + fi + done +} + +ensure_vars_set() { + if [ -z "${db_pwd:-}" ]; then + db_pwd="$(ynh_string_random 12)" + ynh_app_setting_set --app="$app" --key=db_pwd --value="$db_pwd" + fi + + if [ -z "${alerts_email:-}" ]; then + alerts_email="admins@$domain" + ynh_app_setting_set --app="$app" --key=alerts_email --value="$alerts_email" + fi + if [ -z "${enable_hourly_view:-}" ]; then + enable_hourly_view=n + ynh_app_setting_set --app="$app" --key=enable_hourly_view --value="$enable_hourly_view" + fi + if [ -z "${image_format:-}" ]; then + image_format=svg + ynh_app_setting_set --app="$app" --key=image_format --value="$image_format" + fi + if [ -z "${theme_color:-}" ]; then + theme_color=black + ynh_app_setting_set --app="$app" --key=theme_color --value="$theme_color" + fi + if [ -z "${max_historic_years:-}" ]; then + max_historic_years=5 + ynh_app_setting_set --app="$app" --key=max_historic_years --value="$max_historic_years" + fi + if [ -z "${process_priority:-}" ]; then + process_priority=0 + ynh_app_setting_set --app="$app" --key=process_priority --value="$process_priority" + fi + + if [ -z "${system_alerts_loadavg_enabled:-}" ]; then + system_alerts_loadavg_enabled=n + ynh_app_setting_set --app="$app" --key=system_alerts_loadavg_enabled --value="$system_alerts_loadavg_enabled" + fi + if [ -z "${system_alerts_loadavg_timeintvl:-}" ]; then + system_alerts_loadavg_timeintvl=3600 + ynh_app_setting_set --app="$app" --key=system_alerts_loadavg_timeintvl --value="$system_alerts_loadavg_timeintvl" + fi + if [ -z "${system_alerts_loadavg_threshold:-}" ]; then + system_alerts_loadavg_threshold=5.0 + ynh_app_setting_set --app="$app" --key=system_alerts_loadavg_threshold --value="$system_alerts_loadavg_threshold" + fi + + if [ -z "${disk_alerts_loadavg_enabled:-}" ]; then + disk_alerts_loadavg_enabled=false + ynh_app_setting_set --app="$app" --key=disk_alerts_loadavg_enabled --value="$disk_alerts_loadavg_enabled" + fi + if [ -z "${disk_alerts_loadavg_timeintvl:-}" ]; then + disk_alerts_loadavg_timeintvl=3600 + ynh_app_setting_set --app="$app" --key=disk_alerts_loadavg_timeintvl --value="$disk_alerts_loadavg_timeintvl" + fi + if [ -z "${disk_alerts_loadavg_threshold:-}" ]; then + disk_alerts_loadavg_threshold=98 + ynh_app_setting_set --app="$app" --key=disk_alerts_loadavg_threshold --value="$disk_alerts_loadavg_threshold" + fi + + if [ -z "${mail_delvd_enabled:-}" ]; then + mail_delvd_enabled=n + ynh_app_setting_set --app="$app" --key=mail_delvd_enabled --value="$mail_delvd_enabled" + fi + if [ -z "${mail_delvd_timeintvl:-}" ]; then + mail_delvd_timeintvl=60 + ynh_app_setting_set --app="$app" --key=mail_delvd_timeintvl --value="$mail_delvd_timeintvl" + fi + if [ -z "${mail_delvd_threshold:-}" ]; then + mail_delvd_threshold=100 + ynh_app_setting_set --app="$app" --key=mail_delvd_threshold --value="$mail_delvd_threshold" + fi + if [ -z "${mail_mqueued_enabled:-}" ]; then + mail_mqueued_enabled=n + ynh_app_setting_set --app="$app" --key=mail_mqueued_enabled --value="$mail_mqueued_enabled" + fi + if [ -z "${mail_mqueued_timeintvl:-}" ]; then + mail_mqueued_timeintvl=3600 + ynh_app_setting_set --app="$app" --key=mail_mqueued_timeintvl --value="$mail_mqueued_timeintvl" + fi + if [ -z "${mail_mqueued_threshold:-}" ]; then + mail_mqueued_threshold=100 + ynh_app_setting_set --app="$app" --key=mail_mqueued_threshold --value="$mail_mqueued_threshold" + fi + + if [ -z "${emailreports_enabled:-}" ]; then + emailreports_enabled=n + ynh_app_setting_set --app="$app" --key=emailreports_enabled --value="$emailreports_enabled" + fi + if [ -z "${emailreports_subject_prefix:-}" ]; then + emailreports_subject_prefix='Monitorix:' + ynh_app_setting_set --app="$app" --key=emailreports_subject_prefix --value="$emailreports_subject_prefix" + fi + if [ -z "${emailreports_hour:-}" ]; then + emailreports_hour=0 + ynh_app_setting_set --app="$app" --key=emailreports_hour --value="$emailreports_hour" + fi + if [ -z "${emailreports_minute:-}" ]; then + emailreports_minute=0 + ynh_app_setting_set --app="$app" --key=emailreports_minute --value="$emailreports_minute" + fi + + if [ -z "${emailreports_daily_enabled:-}" ]; then + emailreports_daily_enabled=n + ynh_app_setting_set --app="$app" --key=emailreports_daily_enabled --value="$emailreports_daily_enabled" + fi + if [ -z "${emailreports_daily_graphs:-}" ]; then + emailreports_daily_graphs='system,fs' + ynh_app_setting_set --app="$app" --key=emailreports_daily_graphs --value="$emailreports_daily_graphs" + fi + if [ -z "${emailreports_daily_to:-}" ]; then + emailreports_daily_to="admins@$domain" + ynh_app_setting_set --app="$app" --key=emailreports_daily_to --value="$emailreports_daily_to" + fi + + if [ -z "${emailreports_weekly_enabled:-}" ]; then + emailreports_weekly_enabled=n + ynh_app_setting_set --app="$app" --key=emailreports_weekly_enabled --value="$emailreports_weekly_enabled" + fi + if [ -z "${emailreports_weekly_graphs:-}" ]; then + emailreports_weekly_graphs='system,fs' + ynh_app_setting_set --app="$app" --key=emailreports_weekly_graphs --value="$emailreports_weekly_graphs" + fi + if [ -z "${emailreports_weekly_to:-}" ]; then + emailreports_weekly_to="admins@$domain" + ynh_app_setting_set --app="$app" --key=emailreports_weekly_to --value="$emailreports_weekly_to" + fi + + if [ -z "${emailreports_monthly_enabled:-}" ]; then + emailreports_monthly_enabled=n + ynh_app_setting_set --app="$app" --key=emailreports_monthly_enabled --value="$emailreports_monthly_enabled" + fi + if [ -z "${emailreports_monthly_graphs:-}" ]; then + emailreports_monthly_graphs='system,fs' + ynh_app_setting_set --app="$app" --key=emailreports_monthly_graphs --value="$emailreports_monthly_graphs" + fi + if [ -z "${emailreports_monthly_to:-}" ]; then + emailreports_monthly_to="admins@$domain" + ynh_app_setting_set --app="$app" --key=emailreports_monthly_to --value="$emailreports_monthly_to" + fi + + if [ -z "${emailreports_yearly_enabled:-}" ]; then + emailreports_yearly_enabled=n + ynh_app_setting_set --app="$app" --key=emailreports_yearly_enabled --value="$emailreports_yearly_enabled" + fi + if [ -z "${emailreports_yearly_graphs:-}" ]; then + emailreports_yearly_graphs='system,fs' + ynh_app_setting_set --app="$app" --key=emailreports_yearly_graphs --value="$emailreports_yearly_graphs" + fi + if [ -z "${emailreports_yearly_to:-}" ]; then + emailreports_yearly_to="admins@$domain" + ynh_app_setting_set --app="$app" --key=emailreports_yearly_to --value="$emailreports_yearly_to" + fi } set_permission() { - chown www-data:root -R /etc/monitorix + chown "$app":root -R /etc/monitorix chmod u=rX,g=rwX,o= -R /etc/monitorix - chown www-data:root -R /var/lib/monitorix - chmod u=rwX,g=rwX,o= -R /var/lib/monitorix -} + chown www-data:root -R "$nginx_status_conf" + chmod u=r,g=r,o= "$nginx_status_conf" + chown "$app":root "$install_dir" + chmod u=rwX,g=rwX,o= -R "$install_dir" + chmod 750 "$install_dir"/monitorix-alert.sh + chown "$app":root -R /var/log/"$app" + chmod u=rwX,g=rwX,o= -R /var/log/"$app" -_ynh_systemd_restart_monitorix() { - # Reload monitorix - # While we stop monitorix sometime the built-in web server is not stopped cleanly. So are sure that everything is cleanly stoped by that - # So this fix that + chmod u=rwx,g=rx,o= "$data_dir" + chown "$app":www-data "$data_dir" - ynh_systemd_action --service_name=$app --action="stop" --log_path="systemd" - sleep 1 - pkill -f "monitorix-httpd listening on" || true - ynh_systemd_action --service_name="$app" --action="start" --log_path 'systemd' --line_match ' - Ok, ready.' + chmod u=rwx,g=rx,o= "$data_dir"/*.rrd || true + chown "$app":root "$data_dir"/*.rrd || true + find "$data_dir"/{reports,usage} \( \! -perm -o= \ + -o \! -user "$app" \ + -o \! -group "$app" \) \ + -exec chown "$app:$app" {} \; \ + -exec chmod o= {} \; + + find "$data_dir"/www \( \! -perm -o= \ + -o \! -perm -g=rX \ + -o \! -user "$app" \ + -o \! -group www-data \) \ + -exec chown "$app:www-data" {} \; \ + -exec chmod g+rX,o= {} \; } diff --git a/scripts/backup b/scripts/backup index 170984d..ab04045 100755 --- a/scripts/backup +++ b/scripts/backup @@ -8,14 +8,16 @@ # Keep this path for calling _common.sh inside the execution's context of backup and restore scripts source ../settings/scripts/_common.sh +source ../settings/scripts/experimental_helper.sh source /usr/share/yunohost/helpers +load_vars #================================================= # STOP SYSTEMD SERVICE #================================================= -ynh_script_progression --message="Stopping a systemd service..." --weight=1 - -ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log" +if [[ ! "$(systemctl status $app.service)" =~ "Active: inactive (dead)" ]]; then + ynh_print_warn --message="It's highly recommended to make your backup when the service is stopped. Please stop $app service with this command before to run the backup 'systemctl stop $app.service'" +fi #================================================= # DECLARE DATA AND CONF FILES TO BACKUP @@ -26,8 +28,12 @@ ynh_print_info --message="Declaring files to be backed up..." # BACKUP THE NGINX CONFIGURATION #================================================= +ynh_backup --src_path="/etc/$app/" ynh_backup --src_path "/etc/nginx/conf.d/$domain.d/$app.conf" -ynh_backup --src_path "/etc/nginx/conf.d/monitorix_status.conf" +ynh_backup --src_path "$nginx_status_conf" + +ynh_print_info --message="Backing up code..." +ynh_backup --src_path $install_dir #================================================= # SPECIFIC BACKUP @@ -41,26 +47,7 @@ ynh_backup --src_path "/etc/systemd/system/$app.service" # BACKUP VARIOUS FILES #================================================= -ynh_backup --src_path "/var/lib/$app" --is_big=1 - -ynh_backup --src_path="/etc/$app/" - -#================================================= -# BACKUP THE MYSQL DATABASE -#================================================= -ynh_print_info --message="Backing up the MySQL database..." - -### (However, things like MySQL dumps *do* take some time to run, though the -### copy of the generated dump to the archive still happens later) - -ynh_mysql_dump_db --database="$db_name" > db.sql - -#================================================= -# RESTART APP -#================================================= -ynh_script_progression --message="Starting a systemd service..." --weight=1 - -_ynh_systemd_restart_monitorix +ynh_backup --src_path="$data_dir" --is_big=1 #================================================= # END OF SCRIPT diff --git a/scripts/change_url b/scripts/change_url index a38c8b4..1775302 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -7,7 +7,9 @@ #================================================= source _common.sh +source experimental_helper.sh source /usr/share/yunohost/helpers +load_vars #================================================= # STANDARD MODIFICATIONS @@ -29,8 +31,7 @@ ynh_change_url_nginx_config # SPECIFIC MODIFICATIONS #================================================= ynh_script_progression --message="Updating a configuration file..." --weight=1 - -config_monitorix +ynh_add_jinja_config --template=monitorix.conf --destination=/etc/monitorix/monitorix.conf #================================================= # GENERIC FINALISATION @@ -38,8 +39,7 @@ config_monitorix # START SYSTEMD SERVICE #================================================= ynh_script_progression --message="Starting a systemd service..." --weight=1 - -_ynh_systemd_restart_monitorix +ynh_systemd_action --service_name="$app" --action=start --log_path 'systemd' --line_match ' - Ok, ready.' #================================================= # END OF SCRIPT diff --git a/scripts/config b/scripts/config new file mode 100644 index 0000000..de6aa35 --- /dev/null +++ b/scripts/config @@ -0,0 +1,24 @@ +#!/bin/bash +# In simple cases, you don't need a config script. + +#================================================= +# IMPORT GENERIC HELPERS +#================================================= + +source ./_common.sh +source /usr/share/yunohost/helpers +source ./experimental_helper.sh + +ynh_abort_if_errors + +ynh_app_config_apply() { + _ynh_app_config_apply + load_vars + ynh_add_jinja_config --template=monitorix.conf --destination="/etc/monitorix/monitorix.conf" + save_vars_current_value +} + +#================================================= +# GENERIC FINALIZATION +#================================================= +ynh_app_config_run "$1" diff --git a/scripts/experimental_helper.sh b/scripts/experimental_helper.sh new file mode 100644 index 0000000..107ac88 --- /dev/null +++ b/scripts/experimental_helper.sh @@ -0,0 +1,162 @@ +# Create a dedicated config file from a jinja template +# +# usage: ynh_add_jinja_config --template="template" --destination="destination" +# | arg: -t, --template= - Template config file to use +# | arg: -d, --destination= - Destination of the config file +# | arg: -i, --ignore_vars= - List separated by space of script variables to ignore and don't pass in the jinja context. +# | This could be useful mainly for special share which can't be retried by reference name (like the array). +# +# examples: +# ynh_add_jinja_config --template="app.conf" --destination="$install_dir/app.conf" +# ynh_add_jinja_config --template="app-env" --destination="$install_dir/app-env" --ignore_vars="complex_array yolo" +# +# The template can be by default the name of a file in the conf directory +# +# The helper will verify the checksum and backup the destination file +# if it's different before applying the new template. +# +# And it will calculate and store the destination file checksum +# into the app settings when configuration is done. +# +## +## About the variables passed to the template: +## +# +# All variable defined in the script are available into the template (as string) except someone described below. +# If a variable make crash the helper for some reason (by example if the variable is of type array) +# or you just want to don't pass a specific variable for some other reason you can add it in the '--ignore_vars=' parameter as described above. +# Here are the list of ignored variable and so there won't never be available in the template: +# - All system environment variable like (TERM, USER, PATH, LANG, etc). +# If you need someone you just need to declare an other variable with the same value. +# Note that all Yunohost variable whose name begins by 'YNH_' are available and can be used in the template. +# - This following list: +# legacy_args args_array template destination ignore_vars template_path python_env_var ignore_var_regex +# progress_scale progress_string0 progress_string1 progress_string2 +# old changed binds types file_hash formats +# +## +## Usage in templates: +## +# +# For a full documentation of the template you can refer to: https://jinja.palletsprojects.com/en/3.1.x/templates/ +# In Yunohost context there are no really some specificity except that all variable passed are of type string. +# So here are some example of recommended usage: +# +# If you need a conditional block +# +# {% if should_my_block_be_shown == 'true' %} +# ... +# {% endif %} +# +# or +# +# {% if should_my_block_be_shown == '1' %} +# ... +# {% endif %} +# +# If you need to iterate with loop: +# +# {% for yolo in var_with_multiline_value.splitlines() %} +# ... +# {% endfor %} +# +# or +# +# {% for jail in my_var_with_coma.split(',') %} +# ... +# {% endfor %} +# +ynh_add_jinja_config() { + # Declare an array to define the options of this helper. + local legacy_args=tdi + local -A args_array=([t]=template= [d]=destination= [i]=ignore_vars= ) + local template + local destination + local ignore_vars + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + local template_path + + # + ## List of all vars ignored and not passed to the template + # WARNING Update the list on the helper documentation at the top of the helper, if you change this list + # + + # local vars used in the helper + ignore_vars+=" legacy_args args_array template destination ignore_vars template_path python_env_var ignore_var_regex" + # yunohost helpers + ignore_vars+=" progress_scale progress_string0 progress_string1 progress_string2" + # Arrays used in config panel + ignore_vars+=" old changed binds types file_hash formats" + + if [ -f "$YNH_APP_BASEDIR/conf/$template" ]; then + template_path="$YNH_APP_BASEDIR/conf/$template" + elif [ -f "$template" ]; then + template_path=$template + else + ynh_die --message="The provided template $template doesn't exist" + fi + + ynh_backup_if_checksum_is_different --file="$destination" + + # Make sure to set the permissions before we copy the file + # This is to cover a case where an attacker could have + # created a file beforehand to have control over it + # (cp won't overwrite ownership / modes by default...) + touch "$destination" + chown root:root "$destination" + chmod 640 "$destination" + + local python_env_var='' + local ignore_var_regex + ignore_var_regex="$(echo "$ignore_vars" | sed -E 's@^\s*(.*\w)\s*$@\1@g' | sed -E 's@(\s+)@|@g')" + while read -r one_var; do + # Blacklist of var to not pass to template + if { [[ "$one_var" =~ ^[A-Z0-9_]+$ ]] && [[ "$one_var" != YNH_* ]]; } \ + || [[ "$one_var" =~ ^($ignore_var_regex)$ ]]; then + continue + fi + # Well python is very bad for the last character on raw string + # https://stackoverflow.com/questions/647769/why-cant-pythons-raw-string-literals-end-with-a-single-backslash + # So the solution here is to add one last char '-' so we know what it is + # and we are sure that it not \ or ' or something else which will be problematic with python + # And then we remove it while we are processing + python_env_var+="$one_var=r'''${!one_var}-'''[:-1]," + done <<< "$(compgen -v)" + + _ynh_apply_default_permissions "$destination" + ( + python3 -c 'import os, sys, jinja2; sys.stdout.write( + jinja2.Template(source=sys.stdin.read(), + undefined=jinja2.StrictUndefined, + ).render('"$python_env_var"'));' <"$template_path" >"$destination" + ) + ynh_store_file_checksum --file="$destination" +} + +# Check either a package is installed or not +# +# example: ynh_package_is_installed --package=yunohost && echo "installed" +# +# usage: ynh_package_is_installed --package=name [--wait_dpkg_free] +# | arg: -p, --package= - the package name to check +# | arg: -l, --wait_dpkg_free= - wait for dpkg to be free. +# | Note that waiting on dpkg free could take about 0.2s on quick platform +# | and about 2 seconds on slow platform so in case of multiple call it could be slow +# | ret: 0 if the package is installed, 1 else. +ynh_package_is_installed() { + # Declare an array to define the options of this helper. + local legacy_args=pl + local -A args_array=([p]=package= [l]=wait_dpkg_free=) + local package + local wait_dpkg_free + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + wait_dpkg_free="${wait_dpkg_free:-0}" + + if [ "$wait_dpkg_free" -eq 1 ]; then + ynh_wait_dpkg_free + fi + dpkg-query --show --showformat='${Status}' "$package" 2>/dev/null \ + | grep --count "ok installed" &>/dev/null +} diff --git a/scripts/install b/scripts/install index 2a66e54..2919a20 100755 --- a/scripts/install +++ b/scripts/install @@ -7,16 +7,22 @@ #================================================= source _common.sh +source experimental_helper.sh source /usr/share/yunohost/helpers +load_vars + +ensure_vars_set #================================================= -# CHECK EXISTING DIRECTORIES +# Check datadir empty #================================================= -if [ -e "/var/lib/monitorix" ]; then - old_data_dir_path="/var/lib/monitorix$(date '+%Y%m%d.%H%M%S')" - ynh_print_warn "A data directory already exist. Data was renamed to $old_data_dir_path" - mv "/var/lib/monitorix" "$old_data_dir_path" +if [ -n "$(ls -A $data_dir)" ]; then + old_data_dir_path="${data_dir}_$(date '+%Y%m%d.%H%M%S')" + ynh_print_warn --message="Data directory was not empty. Data was moved to $old_data_dir_path" + mkdir -p $old_data_dir_path + mv -t "$old_data_dir_path" "$data_dir"/* + app_data_dirs="$(echo /home/yunohost.app/*)" fi #================================================= @@ -27,27 +33,34 @@ ynh_script_progression --message="Installing packages..." --weight=1 # Download package and install it install_monitorix_package -ynh_systemd_action --service_name="$app" --action="stop" --log_path="systemd" --timeout=15 +ynh_systemd_action --service_name="$app" --action=stop --log_path=systemd --timeout=15 +mkdir -p /var/log/new_"${app}" +mv -t /var/log/new_"${app}" /var/log/monitorix* +mv /var/log/new_"${app}" /var/log/"${app}" #================================================= # SYSTEM CONFIGURATION #=================================================ç -ynh_script_progression --message="Adding system configurations related to $app..." --weight=1 +ynh_script_progression --message="Adding configurations related to $app..." --weight=1 -ynh_add_systemd_config -yunohost service add "$app" --description="Monitorix" --log=systemd +ynh_add_jinja_config --template=monitorix.conf --destination="/etc/monitorix/monitorix.conf" +ynh_add_jinja_config --template=nginx_status.conf --destination "$nginx_status_conf" -ynh_add_config --template "nginx_status.conf" --destination "$nginx_status_conf" ynh_add_nginx_config +ynh_add_systemd_config -#================================================= -# SPECIFIC SETUP -#================================================= -# ADD A CONFIGURATION -#================================================= -ynh_script_progression --message="Adding a configuration file..." --weight=1 +yunohost service add "$app" --description=Monitorix --log=systemd -config_monitorix +ynh_script_progression --message="Configuring databases access..." +configure_db + +ynh_script_progression --message="Configuring php fpm access if needed..." +if "$phpfpm_installed"; then + config_php_fpm +fi + +configure_hooks +configure_alerts_email #================================================= # GENERIC FINALIZATION @@ -56,12 +69,15 @@ ynh_script_progression --message="Protecting directory..." set_permission +ynh_use_logrotate --logfile "/var/log/$app" + #================================================= # START SYSTEMD SERVICE #================================================= ynh_script_progression --message="Starting a systemd service..." --weight=1 -_ynh_systemd_restart_monitorix +ynh_systemd_action --service_name="$app" --action="start" --log_path 'systemd' --line_match ' - Ok, ready.' +save_vars_current_value #================================================= # END OF SCRIPT diff --git a/scripts/remove b/scripts/remove index e191692..86f5fa6 100755 --- a/scripts/remove +++ b/scripts/remove @@ -7,7 +7,9 @@ #================================================= source _common.sh +source experimental_helper.sh source /usr/share/yunohost/helpers +load_vars #================================================= # STANDARD REMOVE @@ -18,8 +20,8 @@ source /usr/share/yunohost/helpers # Remove the service from the list of services known by YunoHost (added from `yunohost service add`) if ynh_exec_warn_less yunohost service status $app >/dev/null then - ynh_script_progression --message="Removing $app service integration..." --weight=3 - yunohost service remove "$app" + ynh_script_progression --message="Removing $app service integration..." --weight=3 + yunohost service remove "$app" fi #================================================= @@ -34,9 +36,27 @@ ynh_remove_nginx_config ynh_remove_systemd_config -#================================================= -# END OF SCRIPT -#================================================= -ynh_print_info --message="Due of the backup core only feature the data directory in '/var/lib/monitorix' was not removed. It need to be removed manually to purge app user data." +# Remove the app-specific logrotate config +ynh_remove_logrotate + +for pool_dir_by_version in /etc/php/*; do + pool_version=$(echo "$pool_dir_by_version" | cut -d/ -f4) + pool_file="/etc/php/$pool_version/fpm/pool.d/${app}_status.conf" + ynh_secure_remove --file="$pool_file" + if ynh_package_is_installed --package="php$pool_version-fpm"; then + ynh_systemd_action --service_name="php$pool_version"-fpm.service --action=reload + fi +done + +if ynh_psql_user_exists --user=$db_user; then + ynh_psql_drop_user $db_user +fi +if ynh_mysql_user_exists --user=$db_user; then + ynh_mysql_drop_user $db_user +fi + +ynh_package_autopurge monitorix +ynh_secure_remove --file=/var/log/"$app" +ynh_secure_remove --file="$install_dir" ynh_script_progression --message="Removal of $app completed" --last diff --git a/scripts/restore b/scripts/restore index cd910ac..510f67e 100755 --- a/scripts/restore +++ b/scripts/restore @@ -8,8 +8,9 @@ # Keep this path for calling _common.sh inside the execution's context of backup and restore scripts source ../settings/scripts/_common.sh +source ../settings/scripts/experimental_helper.sh source /usr/share/yunohost/helpers - +load_vars #================================================= # RESTORE THE DEPENDENCIES @@ -17,35 +18,30 @@ source /usr/share/yunohost/helpers ynh_script_progression --message="Restoring the dependencies..." --weight=1 install_monitorix_package -ynh_systemd_action --service_name="$app" --action="stop" --log_path="systemd" --timeout=15 +ynh_systemd_action --service_name="$app" --action=stop --log_path=systemd --timeout=15 +mkdir -p /var/log/new_"${app}" +mv -t /var/log/new_"${app}" /var/log/monitorix* +mv /var/log/new_"${app}" /var/log/"${app}" -#================================================= -# RESTORE THE MYSQL DATABASE -#================================================= -ynh_script_progression --message="Restoring the MySQL database..." --weight=1 - -ynh_mysql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql +ynh_script_progression --message="Configuring databases access..." +configure_db #================================================= # RESTORE SYSTEM CONFIGURATIONS #================================================= -ynh_script_progression --message="Restoring system configurations related to $app..." --weight=1 +ynh_script_progression --message="Restoring files" --weight=1 -ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" -ynh_restore_file --origin_path "/etc/nginx/conf.d/monitorix_status.conf" - -ynh_restore_file --origin_path="/etc/systemd/system/$app.service" +ynh_restore +mkdir -p /var/log/$app systemctl enable $app.service --quiet +ynh_script_progression --message="Configuring php fpm access if needed..." +if "$phpfpm_installed"; then + config_php_fpm +fi + yunohost service add $app --description="Monitorix" --log="systemd" -# Directories created by the dep package -ynh_secure_remove --file="/etc/$app" -ynh_secure_remove --file="/var/lib/$app" - -ynh_restore_file --origin_path="/var/lib/$app" --not_mandatory -ynh_restore_file --origin_path="/etc/$app/" - #================================================= # GENERIC FINALIZATION #================================================= @@ -53,6 +49,8 @@ ynh_script_progression --message="Protecting directory..." set_permission +ynh_use_logrotate --logfile "/var/log/$app" + #================================================= # GENERIC FINALIZATION #================================================= @@ -60,7 +58,7 @@ set_permission #================================================= ynh_script_progression --message="Reloading NGINX web server and $app's service..." --weight=1 -_ynh_systemd_restart_monitorix +ynh_systemd_action --service_name="$app" --action=start --log_path 'systemd' --line_match ' - Ok, ready.' ynh_systemd_action --service_name=nginx --action=reload diff --git a/scripts/upgrade b/scripts/upgrade index 0374eb3..5d71459 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -7,12 +7,20 @@ #================================================= source _common.sh +source experimental_helper.sh source /usr/share/yunohost/helpers +load_vars upgrade_type=$(ynh_check_app_version_changed) #================================================= # STANDARD UPGRADE STEPS +#================================================= +# MIGRATION 5 : Manage old settings +#================================================= + +ensure_vars_set + #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= @@ -29,7 +37,7 @@ ynh_secure_remove --file=/usr/share/yunohost/hooks/post_iptable_rules/50-$app #================================================= ynh_script_progression --message="Stopping a systemd service..." --weight=1 -ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log" +ynh_systemd_action --service_name=$app --action=stop --log_path="/var/log/$app/$app.log" #================================================= # "REBUILD" THE APP (DEPLOY NEW SOURCES, RERUN NPM BUILD...) @@ -37,36 +45,57 @@ ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= -if [ "$upgrade_type" == "UPGRADE_APP" ] +if [ "$upgrade_type" == UPGRADE_APP ] then - ynh_script_progression --message="Upgrading source files..." --weight=1 + ynh_script_progression --message="Upgrading source files..." --weight=1 - # Download, check integrity, uncompress and patch the source from manifest.toml - install_monitorix_package + # Download, check integrity, uncompress and patch the source from manifest.toml + install_monitorix_package fi -ynh_systemd_action --service_name="$app" --action="stop" --log_path="systemd" --timeout=15 +ynh_systemd_action --service_name="$app" --action=stop --log_path=systemd --timeout=15 + +#================================================= +# MIGRATION 2 +#================================================= + +# Migrate log files +if [ ! -d /var/log/"${app}" ]; then + mkdir -p /var/log/new_"${app}" + mv -t /var/log/new_"${app}" /var/log/monitorix* + mv /var/log/new_"${app}" /var/log/"${app}" +fi + +# Migrate data directory +if [ -e /var/lib/monitorix/system.rrd ] && [ ! -e "$data_dir"/system.rrd ] ; then + mv -tf "$data_dir/" /var/lib/monitorix/* +fi #================================================= # REAPPLY SYSTEM CONFIGURATIONS #================================================= -ynh_script_progression --message="Upgrading system configurations related to $app..." --weight=1 +ynh_script_progression --message="Upgrading configurations related to $app..." --weight=1 -ynh_add_config --template "nginx_status.conf" --destination "$nginx_status_conf" +ynh_add_jinja_config --template=monitorix.conf --destination=/etc/monitorix/monitorix.conf +ynh_add_jinja_config --template=nginx_status.conf --destination "$nginx_status_conf" +if "$phpfpm_installed"; then + config_php_fpm +fi ynh_add_nginx_config - ynh_add_systemd_config -yunohost service add $app --description="Monitorix" --log="systemd" +yunohost service add "$app" --description=Monitorix --log=systemd -#================================================= -# RECONFIGURE THE APP (UPDATE CONF, APPLY MIGRATIONS...) -#================================================= -# UPDATE A CONFIG FILE -#================================================= -ynh_script_progression --message="Updating a configuration file..." --weight=1 +ynh_script_progression --message="Configuring databases access..." +configure_db -config_monitorix +ynh_script_progression --message="Configuring php fpm access if needed..." +if "$phpfpm_installed"; then + config_php_fpm +fi + +configure_hooks +configure_alerts_email #================================================= # GENERIC FINALIZATION @@ -75,12 +104,15 @@ ynh_script_progression --message="Protecting directory..." set_permission +ynh_use_logrotate --logfile "/var/log/$app" + #================================================= # START SYSTEMD SERVICE #================================================= ynh_script_progression --message="Starting a systemd service..." --weight=1 -_ynh_systemd_restart_monitorix +ynh_systemd_action --service_name="$app" --action=restart --log_path=systemd --line_match ' - Ok, ready.' +save_vars_current_value #================================================= # END OF SCRIPT diff --git a/sources/update_config_if_needed.sh b/sources/update_config_if_needed.sh new file mode 100644 index 0000000..a2ed8bb --- /dev/null +++ b/sources/update_config_if_needed.sh @@ -0,0 +1,88 @@ +#!/bin/bash + +set -eu + +app=__APP__ +YNH_APP_BASEDIR=/etc/yunohost/apps/"$app" + +pushd /etc/yunohost/apps/$app/conf +source ../scripts/_common.sh +source /usr/share/yunohost/helpers +# Must load experimental helper after because we need the patched version of ynh_package_is_installed +# To make the hook not too slow. It's mainly for optimization. +source ../scripts/experimental_helper.sh +load_vars + +status_dirty=false +for var in $var_list_to_manage; do + value="$(ynh_app_setting_get --app="$app" --key=previous_$var)" + if [ "${!var}" != "$value" ]; then + status_dirty=true + break + fi +done + +if "$status_dirty"; then + install_dir="$(ynh_app_setting_get --app="$app" --key=install_dir)" + data_dir="$(ynh_app_setting_get --app="$app" --key=data_dir)" + db_pwd="$(ynh_app_setting_get --app="$app" --key=db_pwd)" + domain="$(ynh_app_setting_get --app="$app" --key=domain)" + path="$(ynh_app_setting_get --app="$app" --key=path)" + port="$(ynh_app_setting_get --app="$app" --key=port)" + port_nginx_status="$(ynh_app_setting_get --app="$app" --key=port_nginx_status)" + port_nginx_status="$(ynh_app_setting_get --app="$app" --key=port_nginx_status)" + + alerts_email="$(ynh_app_setting_get --app="$app" --key=alerts_email)" + enable_hourly_view="$(ynh_app_setting_get --app="$app" --key=enable_hourly_view)" + image_format="$(ynh_app_setting_get --app="$app" --key=image_format)" + theme_color="$(ynh_app_setting_get --app="$app" --key=theme_color)" + max_historic_years="$(ynh_app_setting_get --app="$app" --key=max_historic_years)" + process_priority="$(ynh_app_setting_get --app="$app" --key=process_priority)" + + system_alerts_loadavg_enabled="$(ynh_app_setting_get --app="$app" --key=system_alerts_loadavg_enabled)" + system_alerts_loadavg_timeintvl="$(ynh_app_setting_get --app="$app" --key=system_alerts_loadavg_timeintvl)" + system_alerts_loadavg_threshold="$(ynh_app_setting_get --app="$app" --key=system_alerts_loadavg_threshold)" + + disk_alerts_loadavg_enabled="$(ynh_app_setting_get --app="$app" --key=disk_alerts_loadavg_enabled)" + disk_alerts_loadavg_timeintvl="$(ynh_app_setting_get --app="$app" --key=disk_alerts_loadavg_timeintvl)" + disk_alerts_loadavg_threshold="$(ynh_app_setting_get --app="$app" --key=disk_alerts_loadavg_threshold)" + + mail_delvd_enabled="$(ynh_app_setting_get --app="$app" --key=mail_delvd_enabled)" + mail_delvd_timeintvl="$(ynh_app_setting_get --app="$app" --key=mail_delvd_timeintvl)" + mail_delvd_threshold="$(ynh_app_setting_get --app="$app" --key=mail_delvd_threshold)" + mail_mqueued_enabled="$(ynh_app_setting_get --app="$app" --key=mail_mqueued_enabled)" + mail_mqueued_timeintvl="$(ynh_app_setting_get --app="$app" --key=mail_mqueued_timeintvl)" + mail_mqueued_threshold="$(ynh_app_setting_get --app="$app" --key=mail_mqueued_threshold)" + + emailreports_enabled="$(ynh_app_setting_get --app="$app" --key=emailreports_enabled)" + emailreports_subject_prefix="$(ynh_app_setting_get --app="$app" --key=emailreports_subject_prefix)" + emailreports_hour="$(ynh_app_setting_get --app="$app" --key=emailreports_hour)" + emailreports_minute="$(ynh_app_setting_get --app="$app" --key=emailreports_minute)" + + emailreports_daily_enabled="$(ynh_app_setting_get --app="$app" --key=emailreports_daily_enabled)" + emailreports_daily_graphs="$(ynh_app_setting_get --app="$app" --key=emailreports_daily_graphs)" + emailreports_daily_to="$(ynh_app_setting_get --app="$app" --key=emailreports_daily_to)" + + emailreports_weekly_enabled="$(ynh_app_setting_get --app="$app" --key=emailreports_weekly_enabled)" + emailreports_weekly_graphs="$(ynh_app_setting_get --app="$app" --key=emailreports_weekly_graphs)" + emailreports_weekly_to="$(ynh_app_setting_get --app="$app" --key=emailreports_weekly_to)" + + emailreports_monthly_enabled="$(ynh_app_setting_get --app="$app" --key=emailreports_monthly_enabled)" + emailreports_monthly_graphs="$(ynh_app_setting_get --app="$app" --key=emailreports_monthly_graphs)" + emailreports_monthly_to="$(ynh_app_setting_get --app="$app" --key=emailreports_monthly_to)" + + emailreports_yearly_enabled="$(ynh_app_setting_get --app="$app" --key=emailreports_yearly_enabled)" + emailreports_yearly_graphs="$(ynh_app_setting_get --app="$app" --key=emailreports_yearly_graphs)" + emailreports_yearly_to="$(ynh_app_setting_get --app="$app" --key=emailreports_yearly_to)" + + ynh_add_jinja_config --template=monitorix.conf --destination="/etc/monitorix/monitorix.conf" + ynh_add_jinja_config --template=nginx_status.conf --destination "$nginx_status_conf" + configure_db + + if "$phpfpm_installed"; then + config_php_fpm + fi + ynh_systemd_action --service_name="$app" --action=restart --log_path 'systemd' --line_match ' - Ok, ready.' + ynh_systemd_action --service_name=nginx --action=reload + save_vars_current_value +fi diff --git a/tests.toml b/tests.toml index a5c05b2..f874c8b 100644 --- a/tests.toml +++ b/tests.toml @@ -6,5 +6,6 @@ test_format = 1.0 exclude = [] - [default.test_upgrade_from.6ea6f67f5d3b7a3303a5ff2f4640e6e01cb6bdae] - name = "v3.15.0~ynh3 (manifestv1)" + test_upgrade_from.6ea6f67f5d3b7a3303a5ff2f4640e6e01cb6bdae.name = "v3.15.0~ynh3 (manifestv1)" + + test_upgrade_from.9b82e772d59aa586dd2e0d5c7e9adac09f2d030e.name = "v3.15.0~ynh4 (pre refactoring)"