Inital commit
This commit is contained in:
commit
fd5c78edb4
11 changed files with 245 additions and 0 deletions
4
README.md
Normal file
4
README.md
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
Uptime Kuma
|
||||||
|
===========
|
||||||
|
|
||||||
|
This role installs [Uptime Kuma](https://github.com/louislam/uptime-kuma), a self hosted monitoring tool.
|
10
defaults/main.yml
Normal file
10
defaults/main.yml
Normal file
|
@ -0,0 +1,10 @@
|
||||||
|
---
|
||||||
|
uptimekuma_github_api_url: https://api.github.com/repos/louislam/uptime-kuma/releases/latest
|
||||||
|
uptimekuma_git_url: https://github.com/louislam/uptime-kuma.git
|
||||||
|
|
||||||
|
uptimekuma_home: /opt/uptime-kuma
|
||||||
|
uptimekuma_user: uptimekuma
|
||||||
|
uptimekuma_user_home: /var/lib/uptimekuma
|
||||||
|
|
||||||
|
uptimekuma_service: uptime-kuma.service
|
||||||
|
uptimekuma_version_file: "{{ uptimekuma_home }}/.version"
|
6
handlers/main.yml
Normal file
6
handlers/main.yml
Normal file
|
@ -0,0 +1,6 @@
|
||||||
|
---
|
||||||
|
- name: restart uptime-kuma
|
||||||
|
systemd:
|
||||||
|
name: "{{ uptimekuma_service }}"
|
||||||
|
daemon_reload: true
|
||||||
|
state: restarted
|
9
meta/main.yml
Normal file
9
meta/main.yml
Normal file
|
@ -0,0 +1,9 @@
|
||||||
|
galaxy_info:
|
||||||
|
author: Sense.Lab e.V. admins
|
||||||
|
description: Role to install Uptime Kuma
|
||||||
|
license: GPLv3
|
||||||
|
min_ansible_version: "2.9"
|
||||||
|
platforms:
|
||||||
|
- name: Debian
|
||||||
|
versions:
|
||||||
|
- bullseye
|
80
tasks/install.yml
Normal file
80
tasks/install.yml
Normal file
|
@ -0,0 +1,80 @@
|
||||||
|
---
|
||||||
|
- name: "Install | Configure git safe.directory"
|
||||||
|
ansible.builtin.command:
|
||||||
|
cmd: "git config --global --add safe.directory {{ uptimekuma_home }}"
|
||||||
|
|
||||||
|
- name: "install | Create group"
|
||||||
|
group:
|
||||||
|
name: "{{ uptimekuma_user }}"
|
||||||
|
state: present
|
||||||
|
|
||||||
|
- name: "install | create system account"
|
||||||
|
user:
|
||||||
|
name: "{{ uptimekuma_user }}"
|
||||||
|
group: "{{ uptimekuma_user }}"
|
||||||
|
home: "{{ uptimekuma_user_home }}"
|
||||||
|
shell: /bin/bash
|
||||||
|
password_lock: yes
|
||||||
|
system: yes
|
||||||
|
|
||||||
|
- name: "install | Check for latest version"
|
||||||
|
shell:
|
||||||
|
cmd: curl -sL "{{ uptimekuma_github_api_url }}" | jq -r ".tag_name"
|
||||||
|
changed_when: false
|
||||||
|
register: latest_version
|
||||||
|
|
||||||
|
- name: "install | Get Git Repository"
|
||||||
|
git:
|
||||||
|
repo: "{{ uptimekuma_git_url }}"
|
||||||
|
dest: "{{ uptimekuma_home }}"
|
||||||
|
version: "{{ latest_version.stdout }}"
|
||||||
|
force: yes
|
||||||
|
|
||||||
|
- name: "install | Copy version file (needed for update script)"
|
||||||
|
template:
|
||||||
|
src: version.j2
|
||||||
|
dest: "{{ uptimekuma_version_file }}"
|
||||||
|
owner: "{{ uptimekuma_user }}"
|
||||||
|
group: "{{ uptimekuma_user }}"
|
||||||
|
|
||||||
|
- name: "install | Change ownership"
|
||||||
|
file:
|
||||||
|
path: "{{ uptimekuma_home }}"
|
||||||
|
state: directory
|
||||||
|
owner: "{{ uptimekuma_user }}"
|
||||||
|
group: "{{ uptimekuma_user }}"
|
||||||
|
recurse: true
|
||||||
|
|
||||||
|
- name: "install | Install npm packages"
|
||||||
|
command:
|
||||||
|
cmd: npm run setup
|
||||||
|
chdir: "{{ uptimekuma_home }}"
|
||||||
|
become: true
|
||||||
|
become_user: "{{ uptimekuma_user }}"
|
||||||
|
notify: restart uptime-kuma
|
||||||
|
|
||||||
|
- name: "install | Copy systemd services file"
|
||||||
|
template:
|
||||||
|
src: uptime-kuma.service.j2
|
||||||
|
dest: "/etc/systemd/system/{{ uptimekuma_service }}"
|
||||||
|
notify: restart uptime-kuma
|
||||||
|
|
||||||
|
- name: "install | Enable systemd service"
|
||||||
|
systemd:
|
||||||
|
name: uptime-kuma
|
||||||
|
enabled: true
|
||||||
|
daemon_reload: true
|
||||||
|
state: started
|
||||||
|
|
||||||
|
- name: "install | Copy update script"
|
||||||
|
template:
|
||||||
|
src: uptime-kuma-updater.j2
|
||||||
|
dest: /usr/local/bin/uptime-kuma-updater
|
||||||
|
mode: "0755"
|
||||||
|
|
||||||
|
- name: "install | Add cron job for updates"
|
||||||
|
cron:
|
||||||
|
name: Update Uptime Kuma
|
||||||
|
job: uptime-kuma-updater upgrade
|
||||||
|
hour: "01"
|
||||||
|
minute: "30"
|
6
tasks/main.yml
Normal file
6
tasks/main.yml
Normal file
|
@ -0,0 +1,6 @@
|
||||||
|
---
|
||||||
|
- import_tasks: packages.yml
|
||||||
|
tags: packages
|
||||||
|
|
||||||
|
- import_tasks: install.yml
|
||||||
|
tags: install
|
19
tasks/packages.yml
Normal file
19
tasks/packages.yml
Normal file
|
@ -0,0 +1,19 @@
|
||||||
|
---
|
||||||
|
- name: "packages | Add nodesource apt key"
|
||||||
|
apt_key:
|
||||||
|
url: https://deb.nodesource.com/gpgkey/nodesource.gpg.key
|
||||||
|
keyring: /etc/apt/trusted.gpg.d/nodesource.gpg
|
||||||
|
|
||||||
|
- name: "packages | Add nodesource repository"
|
||||||
|
apt_repository:
|
||||||
|
repo: "deb https://deb.nodesource.com/node_14.x {{ ansible_distribution_release }} main"
|
||||||
|
state: present
|
||||||
|
|
||||||
|
- name: "packages | Install apt packages"
|
||||||
|
apt:
|
||||||
|
default_release: "{{ ansible_distribution_release }}-backports"
|
||||||
|
state: latest
|
||||||
|
pkg:
|
||||||
|
- nodejs
|
||||||
|
|
||||||
|
|
24
templates/nginx.j2
Normal file
24
templates/nginx.j2
Normal file
|
@ -0,0 +1,24 @@
|
||||||
|
server {
|
||||||
|
listen 80;
|
||||||
|
server_name {{ uptimekuma_domain }};
|
||||||
|
include snippets/letsencrypt.conf;
|
||||||
|
location / { return 301 https://$http_host$request_uri; }
|
||||||
|
}
|
||||||
|
|
||||||
|
server {
|
||||||
|
listen 443 ssl http2;
|
||||||
|
server_name {{ uptimekuma_domain }};
|
||||||
|
ssl_certificate /var/lib/dehydrated/certs/{{ uptimekuma_domain }}/fullchain.pem;
|
||||||
|
ssl_certificate_key /var/lib/dehydrated/certs/{{ uptimekuma_domain }}/privkey.pem;
|
||||||
|
include /etc/nginx/snippets/add_headers.conf;
|
||||||
|
|
||||||
|
location / {
|
||||||
|
proxy_set_header X-Real-IP $remote_addr;
|
||||||
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
proxy_set_header Host $host;
|
||||||
|
proxy_http_version 1.1;
|
||||||
|
proxy_set_header Upgrade $http_upgrade;
|
||||||
|
proxy_set_header Connection "upgrade";
|
||||||
|
proxy_pass http://{{ inventory_hostname }}:{{ uptimekuma_port }};
|
||||||
|
}
|
||||||
|
}
|
62
templates/uptime-kuma-updater.j2
Normal file
62
templates/uptime-kuma-updater.j2
Normal file
|
@ -0,0 +1,62 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Update script for Uptime Kuma
|
||||||
|
# {{ ansible_managed }}
|
||||||
|
|
||||||
|
set -eu
|
||||||
|
|
||||||
|
USER={{ uptimekuma_user }}
|
||||||
|
PROJECT_URL={{ uptimekuma_github_api_url }}
|
||||||
|
INSTALL_PATH={{ uptimekuma_home }}
|
||||||
|
UPTIME_KUMA_SERVICE={{ uptimekuma_service }}
|
||||||
|
VERSION_FILE={{ uptimekuma_version_file }}
|
||||||
|
|
||||||
|
get_latest_version() {
|
||||||
|
curl -sL "$PROJECT_URL" | jq -r ".tag_name"
|
||||||
|
}
|
||||||
|
|
||||||
|
get_installed_version() {
|
||||||
|
# return the currently installed version (or empty, if not installed)
|
||||||
|
cat "$VERSION_FILE" 2>/dev/null || true
|
||||||
|
}
|
||||||
|
|
||||||
|
if [ $# -gt 0 ]; then
|
||||||
|
ACTION=$1
|
||||||
|
shift
|
||||||
|
else
|
||||||
|
ACTION=status
|
||||||
|
fi
|
||||||
|
|
||||||
|
case "$ACTION" in
|
||||||
|
status)
|
||||||
|
printf 'Currently installed version:\t%s\n' "$(get_installed_version)"
|
||||||
|
printf 'Latest available version:\t%s\n' "$(get_latest_version)"
|
||||||
|
;;
|
||||||
|
upgrade)
|
||||||
|
wanted_version=${1:-latest}
|
||||||
|
[ "$wanted_version" = "latest" ] && wanted_version=$(get_latest_version)
|
||||||
|
if [ "$wanted_version" = "$(get_installed_version)" ]; then
|
||||||
|
echo "Version '$wanted_version' is already installed. Nothing needs to be done."
|
||||||
|
else
|
||||||
|
echo "Update Uptime Kuma to latest version '$wanted_version' ..."
|
||||||
|
cd "$INSTALL_PATH"
|
||||||
|
systemctl stop "$UPTIME_KUMA_SERVICE"
|
||||||
|
sudo -u "$USER" git fetch --all
|
||||||
|
sudo -u "$USER" git checkout "$(get_latest_version)" --force
|
||||||
|
sudo -u "$USER" npm install --production
|
||||||
|
sudo -u "$USER" npm run download-dist
|
||||||
|
sudo -u "$USER" echo "$(get_latest_version)" > "$VERSION_FILE"
|
||||||
|
systemctl start "$UPTIME_KUMA_SERVICE"
|
||||||
|
fi
|
||||||
|
;;
|
||||||
|
help|--help)
|
||||||
|
echo "Syntax: $(basename "$0") ACTION"
|
||||||
|
echo " upgrade [VERSION] - upgrade to the specified version (default: latest)"
|
||||||
|
echo " status - output the currently installed and latest available version"
|
||||||
|
echo
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
"$0" help >&2
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
|
esac
|
24
templates/uptime-kuma.service.j2
Normal file
24
templates/uptime-kuma.service.j2
Normal file
|
@ -0,0 +1,24 @@
|
||||||
|
[Unit]
|
||||||
|
Description=Uptime-Kuma - A free and open source uptime monitoring solution
|
||||||
|
Documentation=https://github.com/louislam/uptime-kuma
|
||||||
|
After=network.target
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=simple
|
||||||
|
User={{ uptimekuma_user }}
|
||||||
|
Environment=HOST=0.0.0.0
|
||||||
|
Environment=PORT={{ uptimekuma_port }}
|
||||||
|
WorkingDirectory={{ uptimekuma_home }}
|
||||||
|
ExecStart=/usr/bin/npm run start-server
|
||||||
|
Restart=on-failure
|
||||||
|
|
||||||
|
# Hardening to improve security
|
||||||
|
ProtectControlGroups=true
|
||||||
|
ProtectHome=true
|
||||||
|
ProtectSystem=strict
|
||||||
|
PrivateMounts=true
|
||||||
|
PrivateTmp=true
|
||||||
|
ReadWritePaths={{ uptimekuma_home }}
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
1
templates/version.j2
Normal file
1
templates/version.j2
Normal file
|
@ -0,0 +1 @@
|
||||||
|
{{ latest_version.stdout }}
|
Loading…
Reference in a new issue