better compose added

2022-10-13 19:43:57 -04:00
parent 37b6c43555
commit 079c186656
7 changed files with 244 additions and 67 deletions
--- a/README.md
+++ b/README.md
@@ -0,0 +1,31 @@
 # docker-compose Icinga stack
 docker-compose configuration to start-up an Icinga stack containing
 Icinga 2, Icinga Web 2 and Icinga DB.
 Ensure you have the latest Docker and docker-compose versions and
 then just run `docker-compose -p icinga-playground up` in order to start the Icinga stack.
 Icinga Web is provided on port **8080** and you can access the Icinga 2 API on port **5665**.
 The default user of Icinga Web is `icingaadmin` with password `icinga` and
 the default user of the Icinga 2 API for Web is `icingaweb` with password `icingaweb`.
 ## Upgrading from v1.1.0 to v1.2.0
 **v1.2.0** deploys Icinga Web ≥ 2.11.0, Icinga 2 ≥ 2.13.4, Icinga DB ≥ 1.0.0 and Icinga DB Web ≥ 1.0.0.
 The Icinga Director is also set up and its daemon started, all in a separate container.
 The easiest way to upgrade is to start over, removing all the volumes and
 therefore wiping out any configurations you have changed:
 `docker-compose -p icinga-playground down --volumes && docker-compose pull && docker-compose -p icinga-playground up --build -d`
 ## Upgrading from v1.0.0 to v1.1.0
 **v1.1.0** deploys Icinga Web 2.9.0 and snapshots of Icinga 2, Icinga DB and Icinga DB Web.
 The easiest way to upgrade is to start over, removing all the volumes and
 therefore wiping out any configurations you have changed:
 `docker-compose down --volumes && docker-compose build --pull && docker-compose -p icinga-playground up -d`
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -1,71 +1,176 @@
-version: "3"
+version: '3.7'
 x-icinga-db-web-config:
  &icinga-db-web-config
  icingaweb.modules.icingadb.config.icingadb.resource: icingadb
  icingaweb.modules.icingadb.redis.redis1.host: icingadb-redis
  icingaweb.modules.icingadb.redis.redis1.port: 6379
  icingaweb.modules.icingadb.commandtransports.icinga2.host: icinga2
  icingaweb.modules.icingadb.commandtransports.icinga2.port: 5665
  icingaweb.modules.icingadb.commandtransports.icinga2.password: ${ICINGAWEB_ICINGA2_API_USER_PASSWORD:-icingaweb}
  icingaweb.modules.icingadb.commandtransports.icinga2.transport: api
  icingaweb.modules.icingadb.commandtransports.icinga2.username: icingaweb
  icingaweb.resources.icingadb.charset: utf8mb4
  icingaweb.resources.icingadb.db: mysql
  icingaweb.resources.icingadb.dbname: icingadb
  icingaweb.resources.icingadb.host: mysql
  icingaweb.resources.icingadb.password: ${ICINGADB_MYSQL_PASSWORD:-icingadb}
  icingaweb.resources.icingadb.type: db
  icingaweb.resources.icingadb.username: icingadb
 x-icinga-director-config:
  &icinga-director-config
  icingaweb.modules.director.config.db.resource: director-mysql
  icingaweb.modules.director.kickstart.config.endpoint: icinga2
  icingaweb.modules.director.kickstart.config.host: icinga2
  icingaweb.modules.director.kickstart.config.port: 5665
  icingaweb.modules.director.kickstart.config.username: icingaweb
  icingaweb.modules.director.kickstart.config.password: ${ICINGAWEB_ICINGA2_API_USER_PASSWORD:-icingaweb}
  icingaweb.resources.director-mysql.charset: utf8mb4
  icingaweb.resources.director-mysql.db: mysql
  icingaweb.resources.director-mysql.dbname: director
  icingaweb.resources.director-mysql.host: mysql
  icingaweb.resources.director-mysql.password: ${ICINGA_DIRECTOR_MYSQL_PASSWORD:-director}
  icingaweb.resources.director-mysql.type: db
  icingaweb.resources.director-mysql.username: director
 x-icinga-web-config:
  &icinga-web-config
  icingaweb.authentication.icingaweb2.backend: db
  icingaweb.authentication.icingaweb2.resource: icingaweb-mysql
  icingaweb.config.global.config_backend: db
  icingaweb.config.global.config_resource: icingaweb-mysql
  icingaweb.config.global.module_path: /usr/share/icingaweb2/modules
  icingaweb.config.logging.log: php
  icingaweb.groups.icingaweb2.backend: db
  icingaweb.groups.icingaweb2.resource: icingaweb-mysql
  icingaweb.passwords.icingaweb2.icingaadmin: icinga
  icingaweb.resources.icingaweb-mysql.charset: utf8mb4
  icingaweb.resources.icingaweb-mysql.db: mysql
  icingaweb.resources.icingaweb-mysql.dbname: icingaweb
  icingaweb.resources.icingaweb-mysql.host: mysql
  icingaweb.resources.icingaweb-mysql.password: icingaweb
  icingaweb.resources.icingaweb-mysql.type: db
  icingaweb.resources.icingaweb-mysql.username: icingaweb
  icingaweb.roles.Administrators.groups: Administrators
  icingaweb.roles.Administrators.permissions: '*'
  icingaweb.roles.Administrators.users: icingaadmin
 x-icinga2-environment:
  &icinga2-environment
  ICINGA_CN: icinga2
  ICINGA_MASTER: 1
 x-logging:
  &default-logging
  driver: "json-file"
  options:
    max-file: "10"
    max-size: "1M"
 networks:
  default:
    name: icinga-playground
 services:
-  icinga2:
+  director:
    command:
      - /bin/bash
      - -ce
      - |
        echo "Testing the database connection. Container could restart."
        (echo > /dev/tcp/mysql/3306) >/dev/null 2>&1
        echo "Testing the Icinga 2 API connection. Container could restart."
        (echo > /dev/tcp/icinga2/5665) >/dev/null 2>&1
        icingacli director migration run
        (icingacli director kickstart required && icingacli director kickstart run && icingacli director config deploy) || true
        echo "Starting Icinga Director daemon."
        icingacli director daemon run
    entrypoint: []
    logging: *default-logging
    image: icinga/icingaweb2
    restart: on-failure
    volumes:
      - icingaweb:/data
  # The Icinga 2 docker image does not support configuration via env vars at the moment.
  # So, we have to ship some configs with this little init container. Referenced in depends_on of the icinga2 service.
  init-icinga2:
    command: [ "/config/init-icinga2.sh" ]
    environment: *icinga2-environment
    image: icinga/icinga2
-    container_name: icinga2
+    logging: *default-logging
-    #Think you need this, but not sure yet
+    volumes:
-    network_mode: bridge
+      - icinga2:/data
      - ./icingadb.conf:/config/icingadb.conf
      - ./icingaweb-api-user.conf:/config/icingaweb-api-user.conf
      - ./init-icinga2.sh:/config/init-icinga2.sh
  icinga2:
    command: [ "sh", "-c", "sleep 5 ; icinga2 daemon" ]
    depends_on:
      - icingadb-redis
      - init-icinga2
    environment: *icinga2-environment
    image: icinga/icinga2
    logging: *default-logging
    ports:
      - "443"
      - 5665:5665
-      - 8080:80
+    volumes:
-    environment:
+      - icinga2:/data
-      - MYSQL_ROOT_PASSWORD=OyZF1U6a3UrnrDoKq5X3qA
+      - ./icinga2.conf.d:/custom_data/custom.conf.d
      - DEFAULT_MYSQL_HOST=mysql-icingadb
      - DEFAULT_MYSQL_PORT=3306
      - DEFAULT_MYSQL_USER=icinga
      - DEFAULT_MYSQL_PASS=tULfn6fGVZY
      - PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
      - APACHE2_HTTP=REDIRECT
      - ICINGA2_FEATURE_GRAPHITE=false
      - ICINGA2_FEATURE_GRAPHITE_HOST=graphite
      - ICINGA2_FEATURE_GRAPHITE_PORT=2003
      - ICINGA2_FEATURE_GRAPHITE_URL=http://graphite
      - ICINGA2_FEATURE_GRAPHITE_SEND_THRESHOLDS=true
      - ICINGA2_FEATURE_GRAPHITE_SEND_METADATA=false
      - ICINGA2_USER_FULLNAME=Icinga2
      - ICINGA2_FEATURE_DIRECTOR=true
      - ICINGA2_FEATURE_DIRECTOR_KICKSTART=true
      - ICINGA2_FEATURE_DIRECTOR_USER=icinga2-director
      - MYSQL_ROOT_USER=root
    restart: unless-stopped
  mysql-icingadb:
    image: mysql:8.0
    container_name: mysql-icingadb
    network_mode: bridge
    ports:
      - 3306:3306
      - 33060:33060
    environment:
      - MYSQL_ROOT_PASSWORD=OyZF1U6a3UrnrDoKq5X3qA
      - PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
      - GOSU_VERSION=1.12
      - MYSQL_MAJOR=8.0
      - MYSQL_VERSION=8.0.25-1debian10
    restart: unless-stopped
  npm_app_1:
    image: jc21/nginx-proxy-manager:latest
    container_name: npm_app_1
    restart: unless-stopped
    ports:
      # These ports are in format <host-port>:<container-port>
      - '80:80' # Public HTTP Port
      - '443:443' # Public HTTPS Port
      - '81:81' # Admin Web Port
      # Add any other Stream port you want to expose
      # - '21:21' # FTP
-    # Uncomment the next line if you uncomment anything in the section
+  icingadb:
-    # environment:
+    environment:
-      # Uncomment this if you want to change the location of 
+      ICINGADB_DATABASE_HOST: mysql
-      # the SQLite DB file within the container
+      ICINGADB_DATABASE_PORT: 3306
-      # DB_SQLITE_FILE: "/data/database.sqlite"
+      ICINGADB_DATABASE_DATABASE: icingadb
      ICINGADB_DATABASE_USER: icingadb
      ICINGADB_DATABASE_PASSWORD: ${ICINGADB_MYSQL_PASSWORD:-icingadb}
      ICINGADB_REDIS_HOST: icingadb-redis
      ICINGADB_REDIS_PORT: 6379
    depends_on:
      - mysql
      - icingadb-redis
    image: icinga/icingadb
    logging: *default-logging
-      # Uncomment this if IPv6 is not enabled on your host
+  icingadb-redis:
-      # DISABLE_IPV6: 'true'
+    image: redis
    logging: *default-logging
  icingaweb:
    depends_on:
      - mysql
    environment:
      icingaweb.enabledModules: director, icingadb, incubator
      <<: *icinga-db-web-config
      <<: *icinga-director-config
      <<: *icinga-web-config
    logging: *default-logging
    image: icinga/icingaweb2
    ports:
      - 8080:8080
    # Restart Icinga Web container automatically since we have to wait for the database to be ready.
    # Please note that this needs a more sophisticated solution.
    restart: on-failure
    volumes:
      - icingaweb:/data
  mysql:
    image: mariadb:10.7
    command: --default-authentication-plugin=mysql_native_password
    environment:
      MYSQL_RANDOM_ROOT_PASSWORD: 1
      ICINGADB_MYSQL_PASSWORD: ${ICINGADB_MYSQL_PASSWORD:-icingadb}
      ICINGAWEB_MYSQL_PASSWORD: ${ICINGAWEB_MYSQL_PASSWORD:-icingaweb}
      ICINGA_DIRECTOR_MYSQL_PASSWORD: ${ICINGA_DIRECTOR_MYSQL_PASSWORD:-director}
    logging: *default-logging
    volumes:
      - mysql:/var/lib/mysql
      - ./env/mysql/:/docker-entrypoint-initdb.d/
 volumes:
-      - ./data:/data
+  icinga2:
-      - ./letsencrypt:/etc/letsencrypt
+  icingaweb:
-
+  mysql:
--- a/env/mysql/init-mysql.sh
+++ b/env/mysql/init-mysql.sh
@@ -0,0 +1,17 @@
 #!/bin/sh -x
 create_database_and_user() {
    DB=$1
    USER=$2
    PASSWORD=$3
    mysql --user root --password=$MYSQL_ROOT_PASSWORD <<EOS
 CREATE DATABASE IF NOT EXISTS ${DB};
 CREATE USER IF NOT EXISTS  '${USER}'@'%' IDENTIFIED BY '${PASSWORD}';
 GRANT ALL ON ${DB}.* TO '${USER}'@'%';
 EOS
 }
 create_database_and_user director director ${ICINGA_DIRECTOR_MYSQL_PASSWORD}
 create_database_and_user icingadb icingadb ${ICINGADB_MYSQL_PASSWORD}
 create_database_and_user icingaweb icingaweb ${ICINGAWEB_MYSQL_PASSWORD}
--- a/icinga2.conf.d/README.md
+++ b/icinga2.conf.d/README.md
@@ -0,0 +1 @@
 Here is the space for custom Icinga 2 configuration.
--- a/icingadb.conf
+++ b/icingadb.conf
@@ -0,0 +1,6 @@
 library "icingadb"
 object IcingaDB "icingadb" {
    host = "icingadb-redis"
    port = 6379
 }
--- a/icingaweb-api-user.conf
+++ b/icingaweb-api-user.conf
@@ -0,0 +1,4 @@
 object ApiUser "icingaweb" {
  password = "$ICINGAWEB_ICINGA2_API_USER_PASSWORD"
  permissions = [ "*" ]
 }
--- a/init-icinga2.sh
+++ b/init-icinga2.sh
@@ -0,0 +1,13 @@
 #!/usr/bin/env bash
 set -e
 set -o pipefail
 if [ ! -f /data/etc/icinga2/conf.d/icingaweb-api-user.conf ]; then
  sed "s/\$ICINGAWEB_ICINGA2_API_USER_PASSWORD/${ICINGAWEB_ICINGA2_API_USER_PASSWORD:-icingaweb}/" /config/icingaweb-api-user.conf >/data/etc/icinga2/conf.d/icingaweb-api-user.conf
 fi
 if [ ! -f /data/etc/icinga2/features-enabled/icingadb.conf ]; then
  mkdir -p /data/etc/icinga2/features-enabled
  cat /config/icingadb.conf >/data/etc/icinga2/features-enabled/icingadb.conf
 fi
		`@@ -0,0 +1 @@`
							`Here is the space for custom Icinga 2 configuration.`