KNEL/KNELProductionContainers
2
0
Fork 0
Code Pull Requests Actions Packages Releases Activity

first cut of grist package

Browse Source
This commit is contained in:
Charles N Wyble
2025-04-21 16:31:23 -04:00
parent f0fa670ac5
commit 72cb0122c4
22 changed files with 447 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
Techops/grist.knownelement.com/CloudronManifest.json Normal file
View File

@@ -0,0 +1,46 @@
{
"id": "com.getgrist.cloudron",
"title": "Grist",
"author": "Grist Labs",
"description": "A modern, open source spreadsheet that goes beyond the grid. Grist combines the flexibility of a spreadsheet with the robustness of a database to organize your data your way.",
"tagline": "Modern relational spreadsheet with Python formulas",
"version": "1.0.0",
"healthCheckPath": "/healthz",
"httpPort": 8080,
"addons": {
"localstorage": {},
"postgresql": {
"userName": "grist",
"databaseName": "grist"
}
},
"manifestVersion": 2,
"website": "https://www.getgrist.com/",
"documentationUrl": "https://support.getgrist.com/",
"contactEmail": "support@getgrist.com",
"icon": "file://logo.png",
"memoryLimit": 1024,
"tags": ["spreadsheet", "database", "python", "dashboard"],
"minBoxVersion": "7.0.0",
"installationNotes": {
"en": "The default administrator account is set to your Cloudron email. Access Grist at the configured subdomain."
},
"postInstallationNotes": {
"en": "Grist has been successfully installed. The administrator account is set to your Cloudron email. Sign in using your Cloudron account credentials."
},
"forumUrl": "https://community.getgrist.com/",
"mediaLinks": [
"https://www.getgrist.com/assets/images/grist-demo.png"
],
"authentication": {
"loginPath": "/auth/login",
"logoutPath": "/auth/logout",
"impl": "oauth",
"oauth": {
"clientId": "{{cloudronOAuthClientId}}",
"clientSecret": "{{cloudronOAuthClientSecret}}",
"callbackPath": "/oauth2/callback",
"scope": "profile email"
}
}
}

79
Techops/grist.knownelement.com/Dockerfile Normal file
View File

@@ -0,0 +1,79 @@
FROM cloudron/base:4.2.0
# Add Cloudron specific environment
ENV CLOUDRON=1 \
HOME=/app/data \
LC_ALL=C.UTF-8 \
LANG=C.UTF-8 \
USER=cloudron \
PORT=8080 \
PYTHON_VERSION=3 \
PYTHON_VERSION_ON_CREATION=3 \
DEBUG=0
# Install required dependencies
RUN apt-get update && \
apt-get install -y --no-install-recommends \
wget \
gnupg \
supervisor \
python3 \
python3-pip \
python3-setuptools \
python3-wheel \
python3-venv \
build-essential \
pkg-config \
xvfb \
xauth \
libcairo2-dev \
libpango1.0-dev \
libglib2.0-dev \
nodejs \
npm \
git \
sqlite3 \
curl \
ca-certificates && \
apt-get clean && \
rm -rf /var/lib/apt/lists/*
# Create required directories
RUN mkdir -p /app/code /app/data /app/pkg /app/log && \
mkdir -p /app/data/docs
# Clone Grist
WORKDIR /app/pkg
RUN git clone --depth 1 https://github.com/gristlabs/grist-core.git && \
cd grist-core && \
npm install && \
npm run build && \
cd /app/pkg
# Set up supervisor config
COPY supervisor.conf /etc/supervisor/conf.d/grist.conf
COPY nginx.conf /app/pkg/nginx.conf
# Nginx site configuration
COPY nginx-app.conf /etc/nginx/sites-available/grist
RUN ln -sf /etc/nginx/sites-available/grist /etc/nginx/sites-enabled/grist && \
rm -f /etc/nginx/sites-enabled/default
# Add scripts
COPY start.sh /app/pkg/
RUN chmod +x /app/pkg/start.sh
# Set up initialization data
COPY --chown=cloudron:cloudron init_data/ /app/pkg/init_data/
# Set ownership
RUN chown -R cloudron:cloudron /app/code /app/data /app/pkg /app/log
# Set working directory
WORKDIR /app/pkg
# Run as cloudron user
USER cloudron
# Start application
CMD ["/app/pkg/start.sh"]

131
Techops/grist.knownelement.com/GristBuildNotes.md Normal file
View File

@@ -0,0 +1,131 @@
# Grist Cloudron Package Build Notes
## Overview
This document provides instructions for building, testing, and deploying the Grist Cloudron package. Grist is a modern, open-source spreadsheet application with database capabilities, Python formulas, and collaborative features.
## Package Components
The package includes the following files:
1. `CloudronManifest.json` - Configuration file for Cloudron
2. `Dockerfile` - Instructions for building the Docker image
3. `start.sh` - Initialization and startup script
4. `supervisor.conf` - Process management configuration
5. `nginx-app.conf` - NGINX site configuration
6. `nginx.conf` - NGINX main configuration
7. `logo.png` - Grist logo for Cloudron (needs to be added)
## Prerequisites
- Cloudron server (v7.0.0 or newer)
- Docker installed on your build machine
- Cloudron CLI installed on your build machine
## Build Instructions
1. **Prepare the package directory**
Create a directory for your package and place all the files in it:
```bash
mkdir -p grist-cloudron
cd grist-cloudron
# Copy all files into this directory
```
2. **Add the Grist logo**
Download the Grist logo and save it as `logo.png` in the package directory:
```bash
curl -o logo.png https://raw.githubusercontent.com/gristlabs/grist-core/main/static/favicon.png
```
3. **Create an initialization data directory**
```bash
mkdir -p init_data
```
4. **Build the Docker image**
```bash
cloudron build
```
## Testing the Package
1. **Install the package on your Cloudron for testing**
```bash
cloudron install —image your-docker-image-name
```
2. **Verify the installation**
Once installed, navigate to the apps URL and verify that:
- The login page appears correctly
- You can log in using your Cloudron credentials
- You can create and edit documents
- Document imports and exports work properly
- Python formulas are functioning correctly
3. **Test authentication**
Verify that:
- Authentication with Cloudron accounts works
- User permissions are applied correctly
- Logging out works properly
## Common Issues and Troubleshooting
1. **Authentication Issues**
- Check that the OAuth configuration is correct in `CloudronManifest.json`
- Verify environment variables in `start.sh` related to OIDC
2. **Database Connection Problems**
- Verify PostgreSQL addon configuration
- Check logs for database connection errors
3. **Grist Not Starting**
- Check supervisord logs: `cloudron logs -f`
- Verify that the required directories exist and have proper permissions
4. **File Upload Issues**
- Verify the `client_max_body_size` setting in the NGINX configuration
## Deployment
1. **Prepare the package for production**
```bash
cloudron build
cloudron upload
```
2. **Install from the Cloudron App Store**
After submission and approval, users can install directly from the Cloudron App Store.
## Maintenance
1. **Updating Grist**
To update Grist to a newer version:
- Update the git clone command in the `Dockerfile`
- Update the version in `CloudronManifest.json`
- Rebuild and redeploy
2. **Backing Up**
Cloudron automatically backs up:
- The PostgreSQL database
- The `/app/data` directory containing all Grist documents
## Additional Resources
- [Grist Documentation](https://support.getgrist.com/)
- [Grist GitHub Repository](https://github.com/gristlabs/grist-core)
- [Cloudron Documentation](https://docs.cloudron.io/)
- [Grist Community Forum](https://community.getgrist.com/)

1
Techops/grist.knownelement.com/docker-compose.yml
View File

@@ -1 +0,0 @@
#grist docker compose for tsys

1
Techops/grist.knownelement.com/input-files/info
View File

@@ -1 +0,0 @@
This directory contains template files for the application at FQDN indidicated by the parent directory. They will be processed using mo (bash mustache).

53
Techops/grist.knownelement.com/nginx-app.conf Normal file
View File

@@ -0,0 +1,53 @@
server {
listen 8080;
server_name localhost;
# Set maximum upload size
client_max_body_size 300M;
# Add security headers
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header X-Frame-Options SAMEORIGIN;
add_header Referrer-Policy strict-origin-when-cross-origin;
# Main location for Grist
location / {
proxy_pass http://127.0.0.1:8484;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Port $server_port;
proxy_read_timeout 90;
proxy_buffering off;
}
# Health check endpoint
location = /healthz {
access_log off;
add_header Content-Type text/plain;
return 200 'OK';
}
# Static file caching
location ~* \.(jpg|jpeg|png|gif|ico|css|js)$ {
proxy_pass http://127.0.0.1:8484;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
expires 30d;
add_header Cache-Control "public, no-transform";
}
# Error pages
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}

43
Techops/grist.knownelement.com/nginx.conf Normal file
View File

@@ -0,0 +1,43 @@
user cloudron;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
# multi_accept on;
}
http {
# Basic Settings
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# SSL Settings
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
# Logging Settings
access_log /dev/stdout;
error_log /dev/stderr;
# Gzip Settings
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
# Virtual Host Configs
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}

1
Techops/grist.knownelement.com/output-files/info
View File

@@ -1 +0,0 @@
This directory contains final docker compose files for the application at FQDN indidicated by the parent directory.

63
Techops/grist.knownelement.com/start.sh Normal file
View File

@@ -0,0 +1,63 @@
#!/bin/bash
set -e
# Cloudron environment variables
export GRIST_APP_ROOT="/app/pkg/grist-core"
export GRIST_DATA_DIR="/app/data/docs"
export GRIST_SESSION_SECRET="${CLOUDRON_SESSION_SECRET}"
export APP_HOME_URL="${CLOUDRON_APP_URL}"
export GRIST_DOMAIN="${CLOUDRON_APP_DOMAIN}"
export GRIST_SINGLE_ORG="cloudron"
export GRIST_HIDE_UI_ELEMENTS="billing"
export GRIST_MAX_UPLOAD_ATTACHMENT_MB=100
export GRIST_MAX_UPLOAD_IMPORT_MB=300
export GRIST_SANDBOX_FLAVOR="gvisor"
export GRIST_USER_ROOT="/app/data"
export GRIST_THROTTLE_CPU="true"
export GRIST_DEFAULT_EMAIL="${CLOUDRON_ADMIN_EMAIL}"
export GRIST_FORCE_LOGIN="true"
export GRIST_SUPPORT_ANON="false"
export COOKIE_MAX_AGE=2592000000 # 30 days in milliseconds
# Setup OpenID Connect for Cloudron authentication
export GRIST_OIDC_IDP_ISSUER="${CLOUDRON_APP_ORIGIN}"
export GRIST_OIDC_IDP_CLIENT_ID="${CLOUDRON_OAUTH_CLIENT_ID}"
export GRIST_OIDC_IDP_CLIENT_SECRET="${CLOUDRON_OAUTH_CLIENT_SECRET}"
export GRIST_OIDC_IDP_SCOPES="openid profile email"
export GRIST_OIDC_SP_HOST="${CLOUDRON_APP_URL}"
export GRIST_OIDC_SP_PROFILE_EMAIL_ATTR="email"
export GRIST_OIDC_SP_PROFILE_NAME_ATTR="name"
export GRIST_OIDC_IDP_ENABLED_PROTECTIONS="PKCE,STATE"
# Database configuration using Cloudron PostgreSQL addon
export TYPEORM_TYPE="postgres"
export TYPEORM_DATABASE="${CLOUDRON_POSTGRESQL_DATABASE}"
export TYPEORM_USERNAME="${CLOUDRON_POSTGRESQL_USERNAME}"
export TYPEORM_PASSWORD="${CLOUDRON_POSTGRESQL_PASSWORD}"
export TYPEORM_HOST="${CLOUDRON_POSTGRESQL_HOST}"
export TYPEORM_PORT="${CLOUDRON_POSTGRESQL_PORT}"
export TYPEORM_LOGGING="false"
# Initialize or update data directories if they don't exist
if [ ! -d "/app/data/docs" ]; then
mkdir -p /app/data/docs
echo "Created docs directory"
fi
if [ ! -d "/app/data/home" ]; then
mkdir -p /app/data/home
echo "Created home directory"
fi
# Copy initialization data if needed
if [ -d "/app/pkg/init_data" ] && [ ! -f "/app/data/.initialized" ]; then
cp -R /app/pkg/init_data/* /app/data/
touch /app/data/.initialized
echo "Copied initialization data"
fi
# Ensure proper permissions
chown -R cloudron:cloudron /app/data
# Start supervisor to manage Grist and Nginx
exec /usr/bin/supervisord --nodaemon -c /etc/supervisor/supervisord.conf

32
Techops/grist.knownelement.com/supervisor.conf Normal file
View File

@@ -0,0 +1,32 @@
[supervisord]
nodaemon=true
logfile=/app/log/supervisord.log
logfile_maxbytes=10MB
logfile_backups=3
loglevel=info
pidfile=/run/supervisord.pid
user=cloudron
[program:nginx]
command=/usr/sbin/nginx -g "daemon off;"
priority=10
stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0
stderr_logfile=/dev/stderr
stderr_logfile_maxbytes=0
autostart=true
autorestart=true
[program:grist]
command=bash -c "cd /app/pkg/grist-core && node sandbox/pyodide.js"
user=cloudron
environment=HOME=/app/data
directory=/app/pkg/grist-core
stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0
stderr_logfile=/dev/stderr
stderr_logfile_maxbytes=0
autostart=true
autorestart=true
startretries=3
priority=20

1
Techops/grist.knownelement.com/vendor-files/info
View File

@@ -1 +0,0 @@
This directory contains files from the vendor unmodified. They serve as a base for the input-files sibling directory

52
Techops/netmon.knownelement.com/CloudronManifest.json
View File

@@ -1,52 +0,0 @@
{
"id": "org.librenms.cloudronapp",
"title": "LibreNMS",
"author": "LibreNMS Team",
"description": "LibreNMS is a fully featured network monitoring system that provides a wealth of features and device support.",
"version": "24.4.0",
"tagline": "Open Source Network Monitoring",
"healthCheckPath": "/login",
"httpPort": 8000,
"addons": {
"localstorage": {},
"mysql": {
"memoryLimit": 134217728
},
"redis": {}
},
"manifestVersion": 2,
"website": "https://www.librenms.org/",
"documentation": "https://docs.librenms.org/",
"icon": "file://logo.png",
"memoryLimit": 734003200,
"minBoxVersion": "7.0.0",
"tags": [
"monitoring",
"network",
"snmp",
"graphs",
"alerts"
],
"postInstallMessage": "LibreNMS has been installed successfully!\n\nDefault login:\nUsername: admin\nPassword: admin\n\nPlease change your password after the first login.",
"forceSSL": true,
"installationProgress": true,
"tcpPorts": {
"SNMP": {
"port": 161,
"description": "SNMP port for device monitoring"
}
},
"optionalSso": true,
"sso": [
{
"name": "oidc",
"configurePath": "/auth/oidc/login",
"logoutPath": "/logout"
},
{
"name": "ldap",
"configurePath": "/auth/ldap/login",
"logoutPath": "/logout"
}
]
}

77
Techops/netmon.knownelement.com/Dockerfile
View File

@@ -1,77 +0,0 @@
FROM cloudron/base:4.2.0
# Install required packages
RUN apt-get update && apt-get install -y \
acl \
composer \
fping \
git \
graphviz \
imagemagick \
mariadb-client \
mtr-tiny \
nginx \
nmap \
php8.2-cli \
php8.2-curl \
php8.2-fpm \
php8.2-gd \
php8.2-gmp \
php8.2-mbstring \
php8.2-mysql \
php8.2-snmp \
php8.2-xml \
php8.2-zip \
python3 \
python3-pip \
python3-pymysql \
python3-redis \
python3-dotenv \
python3-systemd \
rrdtool \
snmp \
snmp-mibs-downloader \
unzip \
whois \
supervisor \
&& rm -rf /var/lib/apt/lists/*
# Download MIBs
RUN download-mibs
# Clone LibreNMS repository
WORKDIR /app/code
RUN git clone --depth 1 https://github.com/librenms/librenms.git .
# Install PHP dependencies
RUN composer install --no-dev --no-interaction
# Install Python dependencies
RUN pip3 install -r requirements.txt
# Create initial data directory structure
RUN mkdir -p /tmp/data/rrd \
/tmp/data/logs \
/tmp/data/config \
/tmp/data/plugins \
/app/data/rrd \
/app/data/logs \
/app/data/config \
/app/data/plugins
# Copy configuration files
COPY nginx.conf /etc/nginx/sites-available/librenms
RUN ln -sf /etc/nginx/sites-available/librenms /etc/nginx/sites-enabled/default
COPY supervisord.conf /etc/supervisor/conf.d/librenms.conf
COPY start.sh /app/code/
COPY config.php /tmp/data/config/
# Set permissions
RUN chmod +x /app/code/start.sh \
&& chown -R cloudron:cloudron /app/code \
&& chown -R cloudron:cloudron /tmp/data \
&& chown -R cloudron:cloudron /app/data
WORKDIR /app/code
CMD ["/app/code/start.sh"]

158
Techops/netmon.knownelement.com/LibrenmsBuildNotes.md
View File

@@ -1,158 +0,0 @@
# LibreNMS for Cloudron - Build Notes
This document provides instructions for building, testing, and deploying the LibreNMS package to your Cloudron instance.
## Package Contents
The LibreNMS Cloudron package includes:
- **CloudronManifest.json**: The main configuration file for the Cloudron application
- **Dockerfile**: Sets up the container with all required dependencies
- **start.sh**: The entry point script that initializes and configures LibreNMS
- **nginx.conf**: Web server configuration for LibreNMS
- **supervisord.conf**: Process management for multiple services
- **config.php**: Default LibreNMS configuration
## Building the Package
1. Create a new directory for the package:
```bash
mkdir librenms-cloudron
cd librenms-cloudron
```
2. Copy all files into this directory:
- CloudronManifest.json
- Dockerfile
- start.sh
- nginx.conf
- supervisord.conf
- config.php
3. Download the LibreNMS logo:
```bash
curl -o logo.png https://raw.githubusercontent.com/librenms/librenms/master/html/images/librenms_logo_light.svg
```
4. Ensure proper file permissions:
```bash
chmod +x start.sh
```
5. Build the Cloudron package:
```bash
cloudron build
```
## Testing the Package
1. Install the app on your Cloudron for testing:
```bash
cloudron install —app librenms
```
2. Access the LibreNMS web interface at the URL provided by Cloudron.
3. Log in with the default credentials:
- Username: `admin`
- Password: `admin`
4. Verify functionality by:
- Adding a test device
- Checking discovery and polling
- Configuring alerts
- Testing authentication (especially if using Cloudron SSO)
## Deploying to Production
1. Update the CloudronManifest.json with appropriate values:
- Update `version` if needed
- Adjust `memoryLimit` based on your production needs
- Update `contactEmail` with your support email
2. Rebuild the package:
```bash
cloudron build
```
3. Install on your production Cloudron:
```bash
cloudron install —app librenms
```
## Authentication Configuration
### OIDC Authentication (Recommended)
The package automatically configures OIDC authentication when Cloudron SSO is enabled. This provides:
- Single sign-on with your Cloudron users
- Automatic user provisioning
- Group-based access control
### LDAP Authentication
If OIDC is not enabled, the package can use Cloudrons LDAP server. This is configured automatically by the start.sh script.
### Manual Authentication
If neither OIDC nor LDAP is used, the package defaults to MySQL authentication with a local admin user.
## Data Persistence
The following data is stored in persistent volumes:
- **/app/data/rrd**: RRD files for graphing
- **/app/data/logs**: LibreNMS logs
- **/app/data/config**: Configuration files
- **/app/data/plugins**: Custom plugins
## Troubleshooting
If you encounter issues:
1. Check the logs:
```bash
cloudron logs -f librenms
```
2. Verify database connection:
```bash
cloudron exec —app librenms — mysql -h “$CLOUDRON_MYSQL_HOST” -P “$CLOUDRON_MYSQL_PORT” -u “$CLOUDRON_MYSQL_USERNAME” -p”$CLOUDRON_MYSQL_PASSWORD” -e “SHOW TABLES” “$CLOUDRON_MYSQL_DATABASE”
```
3. Check file permissions:
```bash
cloudron exec —app librenms — ls -la /app/data
```
4. Restart the application:
```bash
cloudron restart —app librenms
```
## Upgrading
To upgrade LibreNMS:
1. Update the git clone command in the Dockerfile to use the latest version tag
2. Update the version in CloudronManifest.json
3. Rebuild and upgrade the package:
```bash
cloudron build
cloudron update —app librenms
```
## Security Considerations
- The default admin password should be changed immediately after installation
- Consider using Cloudron SSO to leverage your existing authentication system
- SNMP port 161 is exposed for device monitoring - ensure proper network security
## Resource Usage
LibreNMS resource requirements depend on the number of monitored devices:
- For <100 devices: Default memory limit (734MB) should be sufficient
- For 100-500 devices: Consider increasing memory limit to 1GB or more
- For >500 devices: Consider distributed polling with multiple instances

88
Techops/netmon.knownelement.com/config.php
View File

@@ -1,88 +0,0 @@
<?php
$config['db_host'] = getenv('DB_HOST');
$config['db_port'] = getenv('DB_PORT');
$config['db_user'] = getenv('DB_USER');
$config['db_pass'] = getenv('DB_PASS');
$config['db_name'] = getenv('DB_NAME');
// Redis settings (used for distributed polling)
$config['redis']['host'] = getenv('REDIS_HOST');
$config['redis']['port'] = getenv('REDIS_PORT');
$config['redis']['db'] = getenv('REDIS_DB');
$config['redis']['pass'] = getenv('REDIS_PASS');
// Base URL
$config['base_url'] = getenv('APP_URL');
// Authentication mechanism - This will be modified by start.sh if needed
$config['auth_mechanism'] = 'mysql';
// Enable alerting
$config['alert']['enable'] = true;
// RRD storage
$config['rrd_dir'] = '/app/data/rrd';
// Log directory
$config['log_dir'] = '/app/data/logs';
$config['log_file'] = '/app/data/logs/librenms.log';
$config['auth_log'] = '/app/data/logs/auth.log';
// Plugin directory
$config['plugin_dir'] = '/app/data/plugins';
// Default theme
$config['webui']['default_theme'] = 'light';
// Path settings
$config['fping'] = '/usr/bin/fping';
$config['fping6'] = '/usr/bin/fping6';
$config['snmpwalk'] = '/usr/bin/snmpwalk';
$config['snmpget'] = '/usr/bin/snmpget';
$config['snmpbulkwalk'] = '/usr/bin/snmpbulkwalk';
$config['snmptranslate'] = '/usr/bin/snmptranslate';
$config['rrdtool'] = '/usr/bin/rrdtool';
$config['whois'] = '/usr/bin/whois';
$config['ping'] = '/bin/ping';
$config['mtr'] = '/usr/bin/mtr';
$config['nmap'] = '/usr/bin/nmap';
// Disable in-app updates
$config['update'] = 0;
// Security settings
$config['allow_unauth_graphs'] = false;
$config['allow_unauth_graphs_cidr'] = array();
// Alert tolerance window
$config['alert']['tolerance_window'] = 5;
// Poller settings
$config['poller_modules']['bgp'] = 1;
$config['poller_modules']['ospf'] = 1;
$config['poller_modules']['isis'] = 1;
$config['poller_modules']['applications'] = 1;
$config['poller_modules']['services'] = 1;
// Set timezone according to Cloudron environment
$config['timezone'] = 'UTC';
// Auto-discovery settings
$config['autodiscovery']['xdp'] = true;
$config['autodiscovery']['ospf'] = true;
$config['autodiscovery']['bgp'] = true;
$config['autodiscovery']['snmpscan'] = true;
// API Settings
$config['api']['cors']['enabled'] = false;
$config['api']['cors']['origin'] = null;
// Rate Limiting
$config['ratelimit']['enabled'] = true;
$config['ratelimit']['api']['limit'] = 300;
$config['ratelimit']['api']['period'] = 60;
// Default alert rules
$config['enable_inventory'] = 1;
$config['enable_syslog'] = 0;

39
Techops/netmon.knownelement.com/nginx.conf
View File

@@ -1,39 +0,0 @@
server {
listen 8000;
server_name _;
root /app/code/html;
index index.php;
charset utf-8;
gzip on;
gzip_types text/css application/javascript text/javascript application/x-javascript image/svg+xml text/plain text/xsd text/xsl text/xml image/x-icon;
access_log /dev/stdout;
error_log /dev/stderr;
# Set the client MAX Body size to allow for larger image uploads
client_max_body_size 64M;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
error_page 404 /index.php;
location ~ \.php$ {
include fastcgi_params;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php8.2-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param REMOTE_ADDR $http_x_forwarded_for;
fastcgi_param HTTP_X_FORWARDED_PROTO $http_x_forwarded_proto;
fastcgi_param HTTPS on;
fastcgi_read_timeout 900;
}
location ~ /\.(?!well-known).* {
deny all;
}
}

126
Techops/netmon.knownelement.com/start.sh
View File

@@ -1,126 +0,0 @@
#!/bin/bash
set -eu
# Setup directories
if [ ! -d "/app/data/rrd" ] || [ -z "$(ls -A /app/data/rrd)" ]; then
echo "First run, initializing data directories..."
mkdir -p /app/data/rrd
mkdir -p /app/data/logs
mkdir -p /app/data/config
mkdir -p /app/data/plugins
# Copy initial configurations if they don't exist
if [ ! -f "/app/data/config/config.php" ]; then
cp /tmp/data/config/config.php /app/data/config/
fi
fi
# Create necessary log files
touch /app/data/logs/librenms.log
touch /app/data/logs/auth.log
touch /app/data/logs/discovery.log
touch /app/data/logs/poller.log
# Environment variables for database and redis
export DB_HOST=${CLOUDRON_MYSQL_HOST}
export DB_PORT=${CLOUDRON_MYSQL_PORT}
export DB_USER=${CLOUDRON_MYSQL_USERNAME}
export DB_PASS=${CLOUDRON_MYSQL_PASSWORD}
export DB_NAME=${CLOUDRON_MYSQL_DATABASE}
export REDIS_HOST=${CLOUDRON_REDIS_HOST}
export REDIS_PORT=${CLOUDRON_REDIS_PORT}
export REDIS_DB=0
export REDIS_PASS=${CLOUDRON_REDIS_PASSWORD}
export APP_URL=https://${CLOUDRON_APP_DOMAIN}
# Set up OIDC authentication if enabled
if [[ -n "${CLOUDRON_OIDC_IDENTIFIER:-}" ]]; then
echo "Configuring OIDC authentication..."
sed -i "s|'auth_mechanism' => 'mysql'|'auth_mechanism' => 'socialite'|g" /app/data/config/config.php
# Add OIDC configuration
cat >> /app/data/config/config.php << EOF
\$config['auth_socialite_oidc']['enabled'] = true;
\$config['auth_socialite_oidc']['client_id'] = '${CLOUDRON_OIDC_CLIENT_ID}';
\$config['auth_socialite_oidc']['client_secret'] = '${CLOUDRON_OIDC_CLIENT_SECRET}';
\$config['auth_socialite_oidc']['authorize_url'] = '${CLOUDRON_OIDC_ISSUER}/auth';
\$config['auth_socialite_oidc']['token_url'] = '${CLOUDRON_OIDC_ISSUER}/token';
\$config['auth_socialite_oidc']['userinfo_url'] = '${CLOUDRON_OIDC_ISSUER}/userinfo';
\$config['auth_socialite_oidc']['scope'] = 'openid email profile groups';
\$config['auth_socialite_oidc']['redirect'] = 'https://${CLOUDRON_APP_DOMAIN}/auth/oidc/callback';
EOF
fi
# Set up LDAP authentication if enabled and OIDC is not enabled
if [[ -z "${CLOUDRON_OIDC_IDENTIFIER:-}" && -n "${CLOUDRON_LDAP_SERVER:-}" ]]; then
echo "Configuring LDAP authentication..."
sed -i "s|'auth_mechanism' => 'mysql'|'auth_mechanism' => 'ldap'|g" /app/data/config/config.php
# Add LDAP configuration
cat >> /app/data/config/config.php << EOF
\$config['auth_ldap_server'] = '${CLOUDRON_LDAP_SERVER}';
\$config['auth_ldap_port'] = ${CLOUDRON_LDAP_PORT};
\$config['auth_ldap_version'] = 3;
\$config['auth_ldap_starttls'] = true;
\$config['auth_ldap_prefix'] = '${CLOUDRON_LDAP_BIND_DN%%,*}';
\$config['auth_ldap_suffix'] = ',${CLOUDRON_LDAP_BIND_DN#*,}';
\$config['auth_ldap_group'] = '${CLOUDRON_LDAP_USERS_GROUP_DN}';
\$config['auth_ldap_groupbase'] = '${CLOUDRON_LDAP_GROUPS_BASE_DN}';
\$config['auth_ldap_groups']['admin']['level'] = 10;
\$config['auth_ldap_groups']['admin']['group'] = '${CLOUDRON_LDAP_ADMINS_GROUP_DN}';
EOF
fi
# Fix permissions
chown -R cloudron:cloudron /app/data
# Initialize database if needed
echo "Checking database..."
if ! mysql -h "${CLOUDRON_MYSQL_HOST}" -P "${CLOUDRON_MYSQL_PORT}" -u "${CLOUDRON_MYSQL_USERNAME}" -p"${CLOUDRON_MYSQL_PASSWORD}" -e "USE ${CLOUDRON_MYSQL_DATABASE}" 2>/dev/null; then
echo "Setting up database schema..."
cd /app/code
php build-base.php
fi
# Apply database updates if needed
cd /app/code
php includes/sql-schema/update.php
# Create admin user on first run if authentication is MySQL
if [[ ! -n "${CLOUDRON_OIDC_IDENTIFIER:-}" && ! -n "${CLOUDRON_LDAP_SERVER:-}" ]]; then
if ! mysql -h "${CLOUDRON_MYSQL_HOST}" -P "${CLOUDRON_MYSQL_PORT}" -u "${CLOUDRON_MYSQL_USERNAME}" -p"${CLOUDRON_MYSQL_PASSWORD}" -e "SELECT username FROM users WHERE username='admin'" ${CLOUDRON_MYSQL_DATABASE} 2>/dev/null | grep -q admin; then
echo "Creating admin user..."
php adduser.php admin admin 10 admin@localhost
fi
fi
# Link config file
ln -sf /app/data/config/config.php /app/code/config.php
# Setup cron jobs
echo "Setting up cron jobs..."
cat > /etc/cron.d/librenms << EOF
# Run a complete discovery of all devices once every 6 hours
33 */6 * * * cloudron cd /app/code/ && php discovery.php -h all >> /app/data/logs/discovery-all.log 2>&1
# Run a complete poll of all devices once every 5 minutes
*/5 * * * * cloudron cd /app/code/ && php poller.php -h all >> /app/data/logs/poll-all.log 2>&1
# Run hourly maintenance tasks
15 * * * * cloudron cd /app/code/ && php daily.php >> /app/data/logs/daily.log 2>&1
# Run daily maintenance tasks
15 0 * * * cloudron cd /app/code/ && php daily.sh >> /app/data/logs/daily.log 2>&1
# Check services
*/5 * * * * cloudron cd /app/code/ && php check-services.php >> /app/data/logs/check-services.log 2>&1
# Process alerts
*/5 * * * * cloudron cd /app/code/ && php alerts.php >> /app/data/logs/alerts.log 2>&1
# Poll billing
*/5 * * * * cloudron cd /app/code/ && php poll-billing.php >> /app/data/logs/poll-billing.log 2>&1
# Generate billing data
01 * * * * cloudron cd /app/code/ && php billing-calculate.php >> /app/data/logs/billing-calculate.log 2>&1
# Update device groups
*/5 * * * * cloudron cd /app/code/ && php update-device-groups.php >> /app/data/logs/update-device-groups.log 2>&1
EOF
# Start supervisord to manage all processes
echo "Starting supervisord..."
exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf

41
Techops/netmon.knownelement.com/supervisord.conf
View File

@@ -1,41 +0,0 @@
[program:nginx]
command=nginx -g "daemon off;"
autostart=true
autorestart=true
priority=10
stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0
stderr_logfile=/dev/stderr
stderr_logfile_maxbytes=0
[program:php-fpm]
command=/usr/sbin/php-fpm8.2 --nodaemonize
autostart=true
autorestart=true
priority=5
stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0
stderr_logfile=/dev/stderr
stderr_logfile_maxbytes=0
[program:cron]
command=cron -f
autostart=true
autorestart=true
priority=15
stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0
stderr_logfile=/dev/stderr
stderr_logfile_maxbytes=0
[program:dispatcher-service]
command=/usr/bin/python3 /app/code/dispatcher.py
directory=/app/code
user=cloudron
autostart=true
autorestart=true
priority=20
stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0
stderr_logfile=/dev/stderr
stderr_logfile_maxbytes=0

3
Techops/openboxes.knownelement.com copy/docker-compose.yml
View File

@@ -1,3 +0,0 @@
#cfssl docker compose for tsys
#git subtree add --prefix upstream/cloudflare-cfssl https://github.com/rjrivero/docker-cfssl.git master --squash

1
Techops/openboxes.knownelement.com copy/input-files/info
View File

@@ -1 +0,0 @@
This directory contains template files for the application at FQDN indidicated by the parent directory. They will be processed using mo (bash mustache).

1
Techops/openboxes.knownelement.com copy/output-files/info
View File

@@ -1 +0,0 @@
This directory contains final docker compose files for the application at FQDN indidicated by the parent directory.

4
Techops/openboxes.knownelement.com copy/vendor-files/info
View File

@@ -1,4 +0,0 @@
This directory contains files from the vendor unmodified. They serve as a base for the input-files sibling directory
https://github.com/openboxes/openboxes/tree/develop/docker