From f061d8720c48d7d599cafc198293cd417502bd2e Mon Sep 17 00:00:00 2001 From: Stefan Liebl Date: Mon, 20 Jul 2020 16:59:36 +0200 Subject: [PATCH] graphana --- .env | 1 - .gitignore | 5 +- README.md | 19 ----- config/CAN_INSTALL | 0 config/config.php | 61 --------------- db-etc/nextcloud.cnf | 32 -------- db.env | 3 - docker-compose.yaml | 120 +++++++++++++++--------------- fritzcollectd.conf | 17 +++++ prometheus.yml | 14 ++++ web/nginx.conf | 171 ------------------------------------------- 11 files changed, 94 insertions(+), 349 deletions(-) delete mode 100644 .env delete mode 100644 README.md delete mode 100644 config/CAN_INSTALL delete mode 100644 config/config.php delete mode 100644 db-etc/nextcloud.cnf delete mode 100644 db.env create mode 100644 fritzcollectd.conf create mode 100644 prometheus.yml delete mode 100644 web/nginx.conf diff --git a/.env b/.env deleted file mode 100644 index a8165e2..0000000 --- a/.env +++ /dev/null @@ -1 +0,0 @@ -nextcloud_version=19.0.0 diff --git a/.gitignore b/.gitignore index d124a50..80af1c2 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ -mysql -data +data-graphana +data-influx +data-prometheus diff --git a/README.md b/README.md deleted file mode 100644 index 9c124b4..0000000 --- a/README.md +++ /dev/null @@ -1,19 +0,0 @@ -Update, run, inspect and stop server: -``` -docker-compose pull -docker-compose up -d -docker-compose logs -f --tail=10 -docker-compose down -``` -Login to nextcloud -``` -docker-compose exec --user www-data app bash -``` - -Login to mysql -``` -docker-compose exec db bash -apt update -apt install vim less mysqltuner - -``` diff --git a/config/CAN_INSTALL b/config/CAN_INSTALL deleted file mode 100644 index e69de29..0000000 diff --git a/config/config.php b/config/config.php deleted file mode 100644 index 09d4dcb..0000000 --- a/config/config.php +++ /dev/null @@ -1,61 +0,0 @@ - - array ( - 0 => 'localhost:8080', - ), - 'datadirectory' => '/var/www/html/data', - 'dbtype' => 'mysql', - 'dbname' => 'nextcloud', - 'dbhost' => 'db', - 'dbport' => '3306', - 'dbtableprefix' => 'nc_', - 'mysql.utf8mb4' => true, - 'dbuser' => 'nextcloud', - 'dbpassword' => 'uCutr9HCpWZA99n', - 'installed' => false, - 'maintenance' => false, - 'memcache.local' => '\\OC\\Memcache\\APCu', - 'memcache.distributed' => '\\OC\\Memcache\\Redis', - 'memcache.locking' => '\\OC\\Memcache\\Redis', - 'redis' => - array ( - 'host' => 'redis', - 'password' => false, - 'port' => 6379, - ), - 'apps_paths' => - array ( - 0 => - array ( - 'path' => '/var/www/html/apps', - 'url' => '/apps', - 'writable' => false, - ), - 1 => - array ( - 'path' => '/var/www/html/custom_apps', - 'url' => '/custom_apps', - 'writable' => true, - ), - ), - 'loglevel' => 0, - 'theme' => '', - 'mail_smtpmode' => 'smtp', - 'mail_smtpauthtype' => 'LOGIN', - 'mail_smtpsecure' => 'tls', - 'mail_from_address' => 'abc', - 'mail_domain' => 'gmx.de', - 'mail_smtphost' => 'mail.gmx.net', - 'mail_smtpauth' => 1, - 'mail_smtpport' => '587', - 'mail_smtpname' => 'abc@gmx.de', - 'mail_smtppassword' => 'xxx', - 'integrity.check.disabled' => false, - 'updatechecker' => true, - 'has_internet_connection' => true, - 'app_install_overwrite' => - array ( - 0 => 'timetracker', - ), -); diff --git a/db-etc/nextcloud.cnf b/db-etc/nextcloud.cnf deleted file mode 100644 index 86dcf6d..0000000 --- a/db-etc/nextcloud.cnf +++ /dev/null @@ -1,32 +0,0 @@ - -[server] -skip-name-resolve -innodb_buffer_pool_size = 398M -innodb_buffer_pool_instances = 1 -innodb_flush_log_at_trx_commit = 2 -innodb_log_buffer_size = 32M -innodb_max_dirty_pages_pct = 90 -query_cache_type = on -query_cache_limit = 2M -query_cache_min_res_unit = 2k -query_cache_size = 64M -tmp_table_size= 64M -max_heap_table_size= 64M -slow-query-log = 1 -slow-query-log-file = /var/log/mysql/slow.log -long_query_time = 1 - -performance_schema = ON - -[client] -default-character-set = utf8mb4 - -[mysqld] -character-set-server = utf8mb4 -collation-server = utf8mb4_general_ci -transaction_isolation = READ-COMMITTED -log_bin = ON -binlog_format = ROW - -# Enable login to mysql -plugin-load-add = auth_socket.so diff --git a/db.env b/db.env deleted file mode 100644 index b8b9509..0000000 --- a/db.env +++ /dev/null @@ -1,3 +0,0 @@ -MYSQL_PASSWORD=uCutr9HCpWZA99n -MYSQL_DATABASE=nextcloud -MYSQL_USER=nextcloud diff --git a/docker-compose.yaml b/docker-compose.yaml index 6492695..0b01879 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -1,70 +1,70 @@ -version: '2' +version: '3' services: - db: - image: mariadb:10.4 - command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW - restart: always - volumes: - - ./mysql:/var/lib/mysql - environment: - - MYSQL_ROOT_PASSWORD=LLKALrsd82mNnst - env_file: - - db.env - - redis: - image: redis:alpine - restart: always - - app: - image: nextcloud:${nextcloud_version}-fpm-alpine - restart: always - volumes: - - nextcloud:/var/www/html - - ./data:/var/www/html/data - - ./config:/var/www/html/config - environment: - - MYSQL_HOST=db - - REDIS_HOST=redis - env_file: - - db.env - depends_on: - - db - - redis - - web: - image: nginx:1.16.0-alpine + grafana: + image: grafana/grafana:7.0.0 restart: always ports: - - 8080:80 + - 3000:3000 volumes: - - nextcloud:/var/www/html:ro - - ./data:/var/www/html/data:ro - - ./web/nginx.conf:/etc/nginx/nginx.conf - depends_on: - - app + - ./data-graphana:/var/lib/grafana - cron: - image: nextcloud:${nextcloud_version}-fpm-alpine + prometheus: + image: prom/prometheus:latest restart: always - volumes: - - nextcloud:/var/www/html - - ./data:/var/www/html/data - - ./config:/var/www/html/config - entrypoint: /cron.sh - depends_on: - - db - - redis - - phpmyadmin: - image: phpmyadmin/phpmyadmin - restart: always - environment: - - PMA_ARBITRARY=1 ports: - - 8082:80 + - 9090:9090 + command: + - --config.file=/etc/prometheus/prometheus.yml volumes: - - /sessions + - ./prometheus.yml:/etc/prometheus/prometheus.yml:ro + - ./data-prometheus:/prometheus + depends_on: + - cadvisor -volumes: - nextcloud: + cadvisor: + image: gcr.io/google-containers/cadvisor:latest + restart: always + ports: + - 8090:8080 + volumes: + - /:/rootfs:ro + - /var/run:/var/run:rw + - /sys:/sys:ro + - /var/lib/docker/:/var/lib/docker:ro + + nextcloud-exporter: + image: xperimental/nextcloud-exporter:v0.2.0 + restart: always + ports: + - 9205:9205 + environment: +# - NEXTCLOUD_LISTEN_ADDRESS=":9205" + - NEXTCLOUD_SERVERINFO_URL=http://moma:8080 + - NEXTCLOUD_USERNAME=stefan + - NEXTCLOUD_PASSWORD=iwidTs33 + + node-exporter: + image: prom/node-exporter:v1.0.0 + ports: + - 9100:9100 + +# influxdb: +# image: influxdb:1.8.0 +# restart: always +# ports: +# - 8086:8086 +# volumes: +# - ./data-influx:/var/lib/influxdb +# environment: +# - INFLUXDB_DB=fritzbox +# - INFLUXDB_WRITE_USER=stefan +# - INFLUXDB_WRITE_USER_PASSWORD=iwidTs33 +# +# fritzcollectd: +# image: gizmoh/fritzcollectd +# restart: always +# ports: +# - 25826:25826 +# volumes: +# - ./fritzcollectd.conf:/etc/collectd/collectd.conf.d/fritz.conf:ro diff --git a/fritzcollectd.conf b/fritzcollectd.conf new file mode 100644 index 0000000..f4ab04c --- /dev/null +++ b/fritzcollectd.conf @@ -0,0 +1,17 @@ + + Server "influxdb" "25826" + + + + Import "fritzcollectd" + + + Address "192.168.0.1" + Port 49000 + User "stefan" + Password "j5HTBYWFc3cgcDP_Yf8k" + Hostname "FritzBox" + Instance "1" + Verbose "False" + + diff --git a/prometheus.yml b/prometheus.yml new file mode 100644 index 0000000..8eb6778 --- /dev/null +++ b/prometheus.yml @@ -0,0 +1,14 @@ +scrape_configs: +- job_name: cadvisor + scrape_interval: 10s + static_configs: + - targets: + - moma:8090 +- job_name: nextcloud + scrape_interval: 90s + static_configs: + - targets: [moma:9205] +- job_name: 'node-exporter' + scrape_interval: 90s + static_configs: + - targets: [moma:9100] diff --git a/web/nginx.conf b/web/nginx.conf deleted file mode 100644 index d7a0d83..0000000 --- a/web/nginx.conf +++ /dev/null @@ -1,171 +0,0 @@ -worker_processes auto; - -error_log /var/log/nginx/error.log warn; -pid /var/run/nginx.pid; - - -events { - worker_connections 1024; -} - - -http { - include /etc/nginx/mime.types; - default_type application/octet-stream; - - log_format main '$remote_addr - $remote_user [$time_local] "$request" ' - '$status $body_bytes_sent "$http_referer" ' - '"$http_user_agent" "$http_x_forwarded_for"'; - - access_log /var/log/nginx/access.log main; - - sendfile on; - - keepalive_timeout 65; - - set_real_ip_from 10.0.0.0/8; - set_real_ip_from 172.16.0.0/12; - set_real_ip_from 192.168.0.0/16; - real_ip_header X-Real-IP; - - upstream php-handler { - server app:9000; - } - - server { - listen 80; - - # Add headers to serve security related headers - # Before enabling Strict-Transport-Security headers please read into this - # topic first. - #add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always; - # - # WARNING: Only add the preload option once you read about - # the consequences in https://hstspreload.org/. This option - # will add the domain to a hardcoded list that is shipped - # in all major browsers and getting removed from this list - # could take several months. - add_header Referrer-Policy "no-referrer" always; - add_header X-Content-Type-Options "nosniff" always; - add_header X-Download-Options "noopen" always; - add_header X-Frame-Options "SAMEORIGIN" always; - add_header X-Permitted-Cross-Domain-Policies "none" always; - add_header X-Robots-Tag "none" always; - add_header X-XSS-Protection "1; mode=block" always; - - # Remove X-Powered-By, which is an information leak - fastcgi_hide_header X-Powered-By; - - # Path to the root of your installation - root /var/www/html; - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - # The following 2 rules are only needed for the user_webfinger app. - # Uncomment it if you're planning to use this app. - #rewrite ^/.well-known/host-meta /public.php?service=host-meta last; - #rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; - - # The following rule is only needed for the Social app. - # Uncomment it if you're planning to use this app. - #rewrite ^/.well-known/webfinger /public.php?service=webfinger last; - - location = /.well-known/carddav { - return 301 $scheme://$http_host/remote.php/dav; - } - - location = /.well-known/caldav { - return 301 $scheme://$http_host/remote.php/dav; - } - - # set max upload size - client_max_body_size 10G; - fastcgi_buffers 64 4K; - - # Enable gzip but do not remove ETag headers - gzip on; - gzip_vary on; - gzip_comp_level 4; - gzip_min_length 256; - gzip_proxied expired no-cache no-store private no_last_modified no_etag auth; - gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy; - - # Uncomment if your server is build with the ngx_pagespeed module - # This module is currently not supported. - #pagespeed off; - - location / { - rewrite ^ /index.php; - } - - location ~ ^\/(?:build|tests|config|lib|3rdparty|templates|data)\/ { - deny all; - } - location ~ ^\/(?:\.|autotest|occ|issue|indie|db_|console) { - deny all; - } - - location ~ ^\/(?:index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+)\.php(?:$|\/) { - fastcgi_split_path_info ^(.+?\.php)(\/.*|)$; - set $path_info $fastcgi_path_info; - try_files $fastcgi_script_name =404; - include fastcgi_params; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_param PATH_INFO $path_info; - # fastcgi_param HTTPS on; - - # Avoid sending the security headers twice - fastcgi_param modHeadersAvailable true; - - # Enable pretty urls - fastcgi_param front_controller_active true; - fastcgi_pass php-handler; - fastcgi_intercept_errors on; - fastcgi_request_buffering off; - } - - location ~ ^\/(?:updater|oc[ms]-provider)(?:$|\/) { - try_files $uri/ =404; - index index.php; - } - - # Adding the cache control header for js, css and map files - # Make sure it is BELOW the PHP block - location ~ \.(?:css|js|woff2?|svg|gif|map)$ { - try_files $uri /index.php$request_uri; - add_header Cache-Control "public, max-age=15778463"; - # Add headers to serve security related headers (It is intended to - # have those duplicated to the ones above) - # Before enabling Strict-Transport-Security headers please read into - # this topic first. - #add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always; - # - # WARNING: Only add the preload option once you read about - # the consequences in https://hstspreload.org/. This option - # will add the domain to a hardcoded list that is shipped - # in all major browsers and getting removed from this list - # could take several months. - add_header Referrer-Policy "no-referrer" always; - add_header X-Content-Type-Options "nosniff" always; - add_header X-Download-Options "noopen" always; - add_header X-Frame-Options "SAMEORIGIN" always; - add_header X-Permitted-Cross-Domain-Policies "none" always; - add_header X-Robots-Tag "none" always; - add_header X-XSS-Protection "1; mode=block" always; - - # Optional: Don't log access to assets - access_log off; - } - - location ~ \.(?:png|html|ttf|ico|jpg|jpeg|bcmap|mp4|webm)$ { - try_files $uri /index.php$request_uri; - # Optional: Don't log access to other assets - access_log off; - } - } -} -