From 46d71ca09662a516f71302c7338d859b87dd3bf9 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 11 Apr 2023 17:39:02 +0300 Subject: [PATCH] Add Healthecks support --- docs/services/healthchecks.md | 89 +++++++++++++++++++++++++++++++++++ docs/services/prometheus.md | 3 +- docs/supported-services.md | 1 + group_vars/mash_servers | 55 ++++++++++++++++++++++ requirements.yml | 11 +++-- setup.yml | 2 + 6 files changed, 157 insertions(+), 4 deletions(-) create mode 100644 docs/services/healthchecks.md diff --git a/docs/services/healthchecks.md b/docs/services/healthchecks.md new file mode 100644 index 0000000..3386a4b --- /dev/null +++ b/docs/services/healthchecks.md @@ -0,0 +1,89 @@ +# Healthchecks + +[Healthchecks](https://healthchecks.io/) is simple and Effective **Cron Job Monitoring** solution. + + +## Dependencies + +This service requires the following other services: + +- a [Postgres](postgres.md) database +- a [Traefik](traefik.md) reverse-proxy server + + +## Configuration + +To enable this service, add the following configuration to your `vars.yml` file and re-run the [installation](../installing.md) process: + +```yaml +######################################################################## +# # +# healthchecks # +# # +######################################################################## + +healthchecks_enabled: true + +healthchecks_hostname: mash.example.com +# Note: hosting under a path prefix is somewhat problematic. See below. +healthchecks_path_prefix: /healthchecks + +######################################################################## +# # +# /healthchecks # +# # +######################################################################## +``` + +### URL + +In the example configuration above, we configure the service to be hosted at `https://mash.example.com/healthchecks`. + +You can remove the `healthchecks_path_prefix` variable definition, to make it default to `/`, so that the service is served at `https://mash.example.com/`. + +**Note**: there are minor quirks when hosting under a subpath, such as: + +- Fonts not loading, because it attempts to load them from `/static` instead of `/path-prefix/static` + +### Authentication + +The first superuser account is created after installation. See [Usage](#usage). +You can create as many accounts as you wish. + +### Email integration + +To allow Healthchecks to send emails, add the following **additional** configuration: + +```yaml +healthchecks_environment_variables_additional_variables: | + DEFAULT_FROM_EMAIL=healthchecks@example.com + EMAIL_HOST=smtp.example.com + EMAIL_HOST_PASSWORD= + EMAIL_HOST_USER= + EMAIL_PORT=587 + EMAIL_USE_TLS=True + EMAIL_USE_VERIFICATION=True +``` + +### Integrating with other services + +Refer to the [upstream `.env.example` file](https://github.com/healthchecks/healthchecks/blob/master/docker/.env.example) for discovering additional environment variables. + +You can pass these to the Healthchecks container using the `healthchecks_environment_variables_additional_variables` variable. See [Email integration](#email-integration) for an example. + + +## Usage + +After installation, you need to **create a superuser account**. +This is an interactive process which can be initiated by **SSH-ing into into the server** and **running a command** like this: + +```sh +docker exec -it mash-healthchecks /opt/healthchecks/manage.py createsuperuser +``` + +After creating the superuser account, you can go to the [Healthchecks URL](#url) to log in and start setting up healthchecks. + + +## Recommended other services + +- [Prometheus](prometheus.md) - a metrics collection and alerting monitoring solution diff --git a/docs/services/prometheus.md b/docs/services/prometheus.md index b890246..1e9bfa2 100644 --- a/docs/services/prometheus.md +++ b/docs/services/prometheus.md @@ -74,4 +74,5 @@ If you're scraping others services running in containers over the container netw ## Recommended other services -To visualize your Prometheus metrics (time-series), you may wish to use a tool like [Grafana](grafana.md). +- [Grafana](grafana.md) - a web-based tool for visualizing your Prometheus metrics (time-series) +- [Healthchecks](healthchecks.md) - a simple and Effective Cron Job Monitoring solution diff --git a/docs/supported-services.md b/docs/supported-services.md index 15abd77..7957037 100644 --- a/docs/supported-services.md +++ b/docs/supported-services.md @@ -15,6 +15,7 @@ | [Gitea](https://gitea.io/) | A painless self-hosted [Git](https://git-scm.com/) service. | [Link](services/gitea.md) | | [GoToSocial](https://gotosocial.org/) | A self-hosted [ActivityPub](https://activitypub.rocks/) social network server | [Link](services/gotosocial.md) | | [Grafana](https://grafana.com/) | An open and composable observability and data visualization platform, often used with [Prometheus](services/prometheus.md) | [Link](services/grafana.md) | +| [Healthchecks](https://healthchecks.io/) | A simple and Effective Cron Job Monitoring solution | [Link](services/healthchecks.md) | | [Hubsite](https://github.com/moan0s/hubsite) | A simple, static site that shows an overview of the available services | [Link](services/hubsite.md) | | [Jitsi](https://jitsi.org/) | A fully encrypted, 100% Open Source video conferencing solution | [Link](services/jitsi.md) | | [Keycloak](https://www.keycloak.org/) | An open source identity and access management solution. | [Link](services/keycloak.md) | diff --git a/group_vars/mash_servers b/group_vars/mash_servers index 00de73b..4697826 100644 --- a/group_vars/mash_servers +++ b/group_vars/mash_servers @@ -107,6 +107,8 @@ devture_systemd_service_manager_services_list_auto: | + ([{'name': (hubsite_identifier + '.service'), 'priority': 2000, 'groups': ['mash', 'hubsite']}] if hubsite_enabled else []) + + ([{'name': (healthchecks_identifier + '.service'), 'priority': 2000, 'groups': ['mash', 'healthchecks']}] if healthchecks_enabled else []) + + ([{'name': (jitsi_identifier + '-web.service'), 'priority': 4200, 'groups': ['mash', 'jitsi', 'jitsi-web']}] if jitsi_enabled else []) + ([{'name': (jitsi_identifier + '-prosody.service'), 'priority': 4000, 'groups': ['mash', 'jitsi', 'jitsi-prosody']}] if jitsi_enabled else []) @@ -212,6 +214,12 @@ devture_postgres_managed_databases_auto: | 'password': gitea_config_database_password, }] if gitea_enabled else []) + + ([{ + 'name': healthchecks_database_name, + 'username': healthchecks_database_username, + 'password': healthchecks_database_password, + }] if healthchecks_enabled and healthchecks_database_hostname == devture_postgres_identifier else []) + + ([{ 'name': devture_woodpecker_ci_server_database_datasource_db_name, 'username': devture_woodpecker_ci_server_database_datasource_username, @@ -886,6 +894,53 @@ grafana_container_labels_traefik_tls_certResolver: "{{ devture_traefik_certResol +######################################################################## +# # +# healthchecks # +# # +######################################################################## + +healthchecks_enabled: false + +healthchecks_identifier: "{{ mash_playbook_service_identifier_prefix }}healthchecks" + +healthchecks_base_path: "{{ mash_playbook_base_path }}/{{ mash_playbook_service_base_directory_name_prefix }}healthchecks" + +healthchecks_uid: "{{ mash_playbook_uid }}" +healthchecks_gid: "{{ mash_playbook_gid }}" + +healthchecks_systemd_required_services_list: | + {{ + (['docker.service']) + + + ([devture_postgres_identifier ~ '.service'] if devture_postgres_enabled and healthchecks_database_hostname == devture_postgres_identifier else []) + }} + +healthchecks_container_additional_networks: | + {{ + ([mash_playbook_reverse_proxyable_services_additional_network] if mash_playbook_reverse_proxyable_services_additional_network else []) + + + ([devture_postgres_container_network] if devture_postgres_enabled and healthchecks_database_hostname == devture_postgres_identifier and healthchecks_container_network != devture_postgres_container_network else []) + }} + +healthchecks_container_labels_traefik_enabled: "{{ mash_playbook_traefik_labels_enabled }}" +healthchecks_container_labels_traefik_docker_network: "{{ mash_playbook_reverse_proxyable_services_additional_network }}" +healthchecks_container_labels_traefik_entrypoints: "{{ devture_traefik_entrypoint_primary }}" +healthchecks_container_labels_traefik_tls_certResolver: "{{ devture_traefik_certResolver_primary }}" + +healthchecks_database_hostname: "{{ devture_postgres_connection_hostname if devture_postgres_enabled else '' }}" +healthchecks_database_password: "{{ '%s' | format(mash_playbook_generic_secret_key) | password_hash('sha512', 'healthchecks.db', rounds=655555) | to_uuid }}" + +healthchecks_environment_variable_secret_key: "{{ '%s' | format(mash_playbook_generic_secret_key) | password_hash('sha512', 'healthchecks', rounds=655555) | to_uuid }}" + +######################################################################## +# # +# /healthchecks # +# # +######################################################################## + + + ######################################################################## # # # hubsite # diff --git a/requirements.yml b/requirements.yml index 118fdf8..3686610 100644 --- a/requirements.yml +++ b/requirements.yml @@ -1,3 +1,5 @@ +--- + - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-adguard-home.git version: v0.107.26-1 name: adguard_home @@ -64,6 +66,9 @@ name: gotosocial - src: git+https://gitlab.com/etke.cc/roles/grafana.git version: v9.4.7-1 +- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-healthchecks.git + version: v2.8-0 + name: healthchecks - src: git+https://github.com/moan0s/hubsite.git version: v1.23.3-1 name: hubsite @@ -73,6 +78,9 @@ - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-keycloak.git version: v21.0.2-0 name: keycloak +- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-mariadb.git + version: v10.11.2-0 + name: mariadb - src: git+https://gitlab.com/etke.cc/roles/miniflux.git version: v2.0.43-2 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-navidrome.git @@ -84,9 +92,6 @@ - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-nextcloud.git version: v26.0.0-4 name: nextcloud -- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-mariadb.git - version: v10.11.2-0 - name: mariadb - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-owncast.git version: v0.0.13-0 name: owncast diff --git a/setup.yml b/setup.yml index 5d141df..b1f2bb6 100644 --- a/setup.yml +++ b/setup.yml @@ -78,6 +78,8 @@ - role: galaxy/miniflux + - role: galaxy/healthchecks + - role: galaxy/hubsite - role: galaxy/jitsi