[infra] Status service (#1138)
- Add the service the serves status.ente.io - Support nginx configuration reloads
This commit is contained in:
commit
100fa04de7
|
@ -2,7 +2,7 @@
|
|||
|
||||
This is a base Nginx service that terminates TLS, and can be used as a reverse
|
||||
proxy for arbitrary services by adding new entries in `/root/nginx/conf.d` and
|
||||
`sudo systemctl restart nginx`.
|
||||
`sudo systemctl reload nginx`.
|
||||
|
||||
## Installation
|
||||
|
||||
|
@ -16,12 +16,16 @@ sudo mv nginx.service /etc/systemd/system/nginx.service
|
|||
|
||||
Create a directory to house service specific configuration
|
||||
|
||||
sudo mkdir -p /root/nginx/conf.d
|
||||
```sh
|
||||
sudo mkdir -p /root/nginx/conf.d
|
||||
```
|
||||
|
||||
Add the SSL certificate provided by Cloudflare
|
||||
|
||||
sudo tee /root/nginx/cert.pem
|
||||
sudo tee /root/nginx/key.pem
|
||||
```sh
|
||||
sudo tee /root/nginx/cert.pem
|
||||
sudo tee /root/nginx/key.pem
|
||||
```
|
||||
|
||||
Tell systemd to pick up new service definition, enable it (so that it
|
||||
automatically starts on boot going forward), and start it.
|
||||
|
@ -37,7 +41,7 @@ When adding new services that sit behind Nginx,
|
|||
|
||||
1. Add its nginx conf file to `/root/nginx/conf.d`
|
||||
|
||||
2. Restart nginx (`sudo systemctl restart nginx`)
|
||||
2. Restart nginx (`sudo systemctl reload nginx`)
|
||||
|
||||
## Configuration files
|
||||
|
||||
|
@ -56,4 +60,5 @@ We can see this in the default configuration of nginx:
|
|||
> docker run --rm --entrypoint=cat nginx /etc/nginx/nginx.conf > /tmp/nginx.conf
|
||||
|
||||
This is a [handy tool](https://nginx-playground.wizardzines.com) to check the
|
||||
syntax of the configuration files.
|
||||
syntax of the configuration files. Alternatively, you can run `docker exec nginx
|
||||
nginx -t` on the instance to ask nginx to check the configuration.
|
||||
|
|
|
@ -2,6 +2,7 @@
|
|||
Documentation=https://www.docker.com/blog/how-to-use-the-official-nginx-docker-image/
|
||||
Requires=docker.service
|
||||
After=docker.service
|
||||
Requires=nginx.service
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
|
@ -17,3 +18,4 @@ ExecStart=docker run --name nginx \
|
|||
-v /root/nginx/key.pem:/etc/ssl/private/key.pem:ro \
|
||||
-v /root/nginx/conf.d:/etc/nginx/conf.d:ro \
|
||||
nginx
|
||||
ExecReload=docker exec nginx nginx -s reload
|
||||
|
|
43
infra/services/status/README.md
Normal file
43
infra/services/status/README.md
Normal file
|
@ -0,0 +1,43 @@
|
|||
# Status
|
||||
|
||||
Our status page ([status.ente.io](https://status.ente.io)) is a self-hosted
|
||||
[Uptime Kuma](https://github.com/louislam/uptime-kuma).
|
||||
|
||||
## Installing
|
||||
|
||||
Install [nginx](../nginx/README.md).
|
||||
|
||||
Create a directory where Uptime Kuma will keep its state. This is the directory
|
||||
we can optionally backup if we wish to preserve history and settings when moving
|
||||
instances in the future.
|
||||
|
||||
```sh
|
||||
sudo mkdir -p /root/uptime-kuma
|
||||
```
|
||||
|
||||
Add the service definition and nginx configuration.
|
||||
|
||||
```sh
|
||||
scp services/status/uptime-kuma.* <instance>:
|
||||
|
||||
sudo mv uptime-kuma.service /etc/systemd/system/
|
||||
sudo mv uptime-kuma.nginx.conf /root/nginx/conf.d
|
||||
```
|
||||
|
||||
Tell systemd to pick up new service definitions, enable the unit (so that it
|
||||
automatically starts on boot), and start it this time around.
|
||||
|
||||
```sh
|
||||
sudo systemctl daemon-reload
|
||||
sudo systemctl enable --now uptime-kuma
|
||||
```
|
||||
|
||||
Tell nginx to pick up the new configuration.
|
||||
|
||||
```sh
|
||||
sudo systemctl reload nginx
|
||||
```
|
||||
|
||||
## Administration
|
||||
|
||||
Login into the [dashboard](https://status.ente.io/dashboard) for administration.
|
26
infra/services/status/uptime-kuma.nginx.conf
Normal file
26
infra/services/status/uptime-kuma.nginx.conf
Normal file
|
@ -0,0 +1,26 @@
|
|||
# This file gets loaded in a top level http block by the default nginx.conf
|
||||
# See infra/services/nginx/README.md for more details.
|
||||
|
||||
server {
|
||||
listen 443 ssl http2;
|
||||
listen [::]:443 ssl http2;
|
||||
ssl_certificate /etc/ssl/certs/cert.pem;
|
||||
ssl_certificate_key /etc/ssl/private/key.pem;
|
||||
|
||||
server_name status.ente.io;
|
||||
|
||||
location / {
|
||||
proxy_pass http://host.docker.internal:3001;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
|
||||
# Recommended options from Uptime Kuma Wiki for Websockets.
|
||||
#
|
||||
# https://github.com/louislam/uptime-kuma/wiki/Reverse-Proxy#nginx
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
}
|
||||
}
|
16
infra/services/status/uptime-kuma.service
Normal file
16
infra/services/status/uptime-kuma.service
Normal file
|
@ -0,0 +1,16 @@
|
|||
[Unit]
|
||||
Documentation=https://github.com/louislam/uptime-kuma
|
||||
Requires=docker.service
|
||||
After=docker.service
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
|
||||
[Service]
|
||||
ExecStartPre=docker pull louislam/uptime-kuma:1
|
||||
ExecStartPre=-docker stop uptime-kuma
|
||||
ExecStartPre=-docker rm uptime-kuma
|
||||
ExecStart=docker run --name uptime-kuma \
|
||||
-p 3001:3001 \
|
||||
-v /root/uptime-kuma:/app/data \
|
||||
louislam/uptime-kuma:1
|
|
@ -87,7 +87,7 @@ To bring up an additional museum node:
|
|||
scp scripts/deploy/museum.nginx.conf <instance>:
|
||||
|
||||
sudo mv museum.nginx.conf /root/nginx/conf.d
|
||||
sudo systemctl restart nginx
|
||||
sudo systemctl reload nginx
|
||||
|
||||
## Starting
|
||||
|
||||
|
|
|
@ -2,6 +2,7 @@
|
|||
Documentation=https://github.com/ente-io/ente/tree/main/server#readme
|
||||
Requires=docker.service
|
||||
After=docker.service
|
||||
Requires=nginx.service
|
||||
|
||||
[Service]
|
||||
Restart=on-failure
|
||||
|
|
Loading…
Reference in a new issue