mezned/HAddons
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

adding node exporter, loki, and promtail

Browse Source
This commit is contained in:
ai-dev 2024-10-30 20:26:28 +01:00
parent b1dbbe1a8b
commit b840c65795
87 changed files with 2372 additions and 2366 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

0
addon-prometheus/prometheus/.README.j2 → addon-prometheus/.README.j2
View File

1
addon-prometheus/.github/CODEOWNERS vendored
View File

@ -1 +0,0 @@
.github/* @frenck

133
addon-prometheus/.github/CODE_OF_CONDUCT.md vendored
View File

@ -1,133 +0,0 @@
# Contributor Covenant Code of Conduct
## Our Pledge
We as members, contributors, and leaders pledge to make participation in our
community a harassment-free experience for everyone, regardless of age, body
size, visible or invisible disability, ethnicity, sex characteristics, gender
identity and expression, level of experience, education, socio-economic status,
nationality, personal appearance, race, religion, or sexual identity
and orientation.
We pledge to act and interact in ways that contribute to an open, welcoming,
diverse, inclusive, and healthy community.
## Our Standards
Examples of behavior that contributes to a positive environment for our
community include:
- Demonstrating empathy and kindness toward other people
- Being respectful of differing opinions, viewpoints, and experiences
- Giving and gracefully accepting constructive feedback
- Accepting responsibility and apologizing to those affected by our mistakes,
and learning from the experience
- Focusing on what is best not just for us as individuals, but for the
overall community
Examples of unacceptable behavior include:
- The use of sexualized language or imagery, and sexual attention or
advances of any kind
- Trolling, insulting or derogatory comments, and personal or political attacks
- Public or private harassment
- Publishing others' private information, such as a physical or email
address, without their explicit permission
- Other conduct which could reasonably be considered inappropriate in a
professional setting
## Enforcement Responsibilities
Community leaders are responsible for clarifying and enforcing our standards of
acceptable behavior and will take appropriate and fair corrective action in
response to any behavior that they deem inappropriate, threatening, offensive,
or harmful.
Community leaders have the right and responsibility to remove, edit, or reject
comments, commits, code, wiki edits, issues, and other contributions that are
not aligned to this Code of Conduct, and will communicate reasons for moderation
decisions when appropriate.
## Scope
This Code of Conduct applies within all community spaces, and also applies when
an individual is officially representing the community in public spaces.
Examples of representing our community include using an official e-mail address,
posting via an official social media account, or acting as an appointed
representative at an online or offline event.
## Enforcement
Instances of abusive, harassing, or otherwise unacceptable behavior may be
reported to the community leaders responsible for enforcement at
frenck@frenck.dev.
All complaints will be reviewed and investigated promptly and fairly.
All community leaders are obligated to respect the privacy and security of the
reporter of any incident.
## Enforcement Guidelines
Community leaders will follow these Community Impact Guidelines in determining
the consequences for any action they deem in violation of this Code of Conduct:
### 1. Correction
**Community Impact**: Use of inappropriate language or other behavior deemed
unprofessional or unwelcome in the community.
**Consequence**: A private, written warning from community leaders, providing
clarity around the nature of the violation and an explanation of why the
behavior was inappropriate. A public apology may be requested.
### 2. Warning
**Community Impact**: A violation through a single incident or series
of actions.
**Consequence**: A warning with consequences for continued behavior. No
interaction with the people involved, including unsolicited interaction with
those enforcing the Code of Conduct, for a specified period of time. This
includes avoiding interactions in community spaces as well as external channels
like social media. Violating these terms may lead to a temporary or
permanent ban.
### 3. Temporary Ban
**Community Impact**: A serious violation of community standards, including
sustained inappropriate behavior.
**Consequence**: A temporary ban from any sort of interaction or public
communication with the community for a specified period of time. No public or
private interaction with the people involved, including unsolicited interaction
with those enforcing the Code of Conduct, is allowed during this period.
Violating these terms may lead to a permanent ban.
### 4. Permanent Ban
**Community Impact**: Demonstrating a pattern of violation of community
standards, including sustained inappropriate behavior, harassment of an
individual, or aggression toward or disparagement of classes of individuals.
**Consequence**: A permanent ban from any sort of public interaction within
the community.
## Attribution
This Code of Conduct is adapted from the [Contributor Covenant][homepage],
version 2.0, available at
[https://www.contributor-covenant.org/version/2/0/code_of_conduct.html][v2.0].
Community Impact Guidelines were inspired by
[Mozilla's code of conduct enforcement ladder][mozilla coc].
For answers to common questions about this code of conduct, see the FAQ at
[https://www.contributor-covenant.org/faq][faq]. Translations are available
at [https://www.contributor-covenant.org/translations][translations].
[homepage]: https://www.contributor-covenant.org
[v2.0]: https://www.contributor-covenant.org/version/2/0/code_of_conduct.html
[mozilla coc]: https://github.com/mozilla/diversity
[faq]: https://www.contributor-covenant.org/faq
[translations]: https://www.contributor-covenant.org/translations

29
addon-prometheus/.github/CONTRIBUTING.md vendored
View File

@ -1,29 +0,0 @@
# Contributing
When contributing to this repository, please first discuss the change you wish
to make via issue, email, or any other method with the owners of this repository
before making a change.
Please note we have a code of conduct, please follow it in all your interactions
with the project.
## Issues and feature requests
You've found a bug in the source code, a mistake in the documentation or maybe
you'd like a new feature? You can help us by submitting an issue to our
[GitHub Repository][github]. Before you create an issue, make sure you search
the archive, maybe your question was already answered.
Even better: You could submit a pull request with a fix / new feature!
## Pull request process
1. Search our repository for open or closed [pull requests][prs] that relates
to your submission. You don't want to duplicate effort.
1. You may merge the pull request in once you have the sign-off of two other
developers, or if you do not have permission to do that, you may request
the second reviewer to merge it for you.
[github]: https://github.com/hassio-addons/addon-prometheus/issues
[prs]: https://github.com/hassio-addons/addon-prometheus/pulls

2
addon-prometheus/.github/FUNDING.yml vendored
View File

@ -1,2 +0,0 @@
---
ko_fi: mjrider

20
addon-prometheus/.github/ISSUE_TEMPLATE.md vendored
View File

@ -1,20 +0,0 @@
# Problem/Motivation
> (Why the issue was filed)
## Expected behavior
> (What you expected to happen)
## Actual behavior
> (What actually happened)
## Steps to reproduce
> (How can someone else make/see it happen)
## Proposed changes
> (If you have a proposed change, workaround or fix,
> describe the rationale behind it)

9
addon-prometheus/.github/PULL_REQUEST_TEMPLATE.md vendored
View File

@ -1,9 +0,0 @@
# Proposed Changes
> (Describe the changes and rationale behind them)
## Related Issues
> ([Github link][autolink-references] to related issues or pull requests)
[autolink-references]: https://help.github.com/articles/autolinked-references-and-urls/

1839
addon-prometheus/.github/SECURITY.md vendored
View File

File diff suppressed because it is too large Load Diff

8
addon-prometheus/.github/dependabot.yaml vendored
View File

@ -1,8 +0,0 @@
---
version: 2
updates:
- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: daily
time: "06:00"

16
addon-prometheus/.github/workflows/ci.yaml vendored
View File

@ -1,16 +0,0 @@
---
name: CI
# yamllint disable-line rule:truthy
on:
push:
pull_request:
types:
- opened
- reopened
- synchronize
workflow_dispatch:
jobs:
workflows:
uses: hassio-addons/workflows/.github/workflows/addon-ci.yaml@main

19
addon-prometheus/.github/workflows/deploy.yaml vendored
View File

@ -1,19 +0,0 @@
---
name: Deploy
# yamllint disable-line rule:truthy
on:
release:
types:
- published
workflow_run:
workflows: ["CI"]
branches: [main]
types:
- completed
jobs:
workflows:
uses: hassio-addons/workflows/.github/workflows/addon-deploy.yaml@main
secrets:
DISPATCH_TOKEN: ${{ secrets.DISPATCH_TOKEN }}

12
addon-prometheus/.github/workflows/labels.yaml vendored
View File

@ -1,12 +0,0 @@
---
name: Sync labels
# yamllint disable-line rule:truthy
on:
schedule:
- cron: "34 5 * * *"
workflow_dispatch:
jobs:
workflows:
uses: hassio-addons/workflows/.github/workflows/labels.yaml@main

12
addon-prometheus/.github/workflows/lock.yaml vendored
View File

@ -1,12 +0,0 @@
---
name: Lock
# yamllint disable-line rule:truthy
on:
schedule:
- cron: "0 9 * * *"
workflow_dispatch:
jobs:
workflows:
uses: hassio-addons/workflows/.github/workflows/lock.yaml@main

15
addon-prometheus/.github/workflows/pr-labels.yaml vendored
View File

@ -1,15 +0,0 @@
---
name: PR Labels
# yamllint disable-line rule:truthy
on:
pull_request_target:
types:
- opened
- labeled
- unlabeled
- synchronize
jobs:
workflows:
uses: hassio-addons/workflows/.github/workflows/pr-labels.yaml@main

12
addon-prometheus/.github/workflows/release-drafter.yaml vendored
View File

@ -1,12 +0,0 @@
---
name: Release Drafter
# yamllint disable-line rule:truthy
on:
push:
branches:
- main
jobs:
workflows:
uses: hassio-addons/workflows/.github/workflows/release-drafter.yaml@main

12
addon-prometheus/.github/workflows/stale.yaml vendored
View File

@ -1,12 +0,0 @@
---
name: Stale
# yamllint disable-line rule:truthy
on:
schedule:
- cron: "0 8 * * *"
workflow_dispatch:
jobs:
workflows:
uses: hassio-addons/workflows/.github/workflows/stale.yaml@main

0
addon-prometheus/.gitignore vendored
View File

1
addon-prometheus/.mdlrc
View File

@ -1 +0,0 @@
rules "~MD024"

66
addon-prometheus/.yamllint
View File

@ -1,66 +0,0 @@
---
rules:
braces:
level: error
min-spaces-inside: 0
max-spaces-inside: 1
min-spaces-inside-empty: -1
max-spaces-inside-empty: -1
brackets:
level: error
min-spaces-inside: 0
max-spaces-inside: 0
min-spaces-inside-empty: -1
max-spaces-inside-empty: -1
colons:
level: error
max-spaces-before: 0
max-spaces-after: 1
commas:
level: error
max-spaces-before: 0
min-spaces-after: 1
max-spaces-after: 1
comments:
level: error
require-starting-space: true
min-spaces-from-content: 2
comments-indentation:
level: error
document-end:
level: error
present: false
document-start:
level: error
present: true
empty-lines:
level: error
max: 1
max-start: 0
max-end: 1
hyphens:
level: error
max-spaces-after: 1
indentation:
level: error
spaces: 2
indent-sequences: true
check-multi-line-strings: false
key-duplicates:
level: error
line-length:
ignore: |
.github/support.yml
level: warning
max: 120
allow-non-breakable-words: true
allow-non-breakable-inline-mappings: true
new-line-at-end-of-file:
level: error
new-lines:
level: error
type: unix
trailing-spaces:
level: error
truthy:
level: error

0
addon-prometheus/prometheus/DOCS.md → addon-prometheus/DOCS.md
View File

0
addon-prometheus/prometheus/Dockerfile → addon-prometheus/Dockerfile
View File

21
addon-prometheus/LICENSE.md
View File

@ -1,21 +0,0 @@
# MIT License
Copyright (c) 2020-2022 Robbert Müller
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.

136
addon-prometheus/README.md
View File

@ -1,136 +0,0 @@
# Home Assistant Community Add-on: Prometheus
[![GitHub Release][releases-shield]][releases]
![Project Stage][project-stage-shield]
[![License][license-shield]](LICENSE.md)
![Supports aarch64 Architecture][aarch64-shield]
![Supports amd64 Architecture][amd64-shield]
![Supports armhf Architecture][armhf-shield]
![Supports armv7 Architecture][armv7-shield]
![Supports i386 Architecture][i386-shield]
[![GitLab CI][gitlabci-shield]][gitlabci]
![Project Maintenance][maintenance-shield]
[![GitHub Activity][commits-shield]][commits]
[![Discord][discord-shield]][discord]
[![Community Forum][forum-shield]][forum]
The open platform for beautiful analytics and monitoring.
![Prometheus in the Home Assistant Frontend](images/screenshot.png)
## About
*Update 2024-08-31*
This addon has been forked, and now updates prometheus to 2.54.1, as well `hassio-addons/base` being updated to 16.2.1. This addon now merges a yaml file named `prometheus.yaml` located in `/share/prometheus` with the configuration located within the container. This allows for (but not just) the targeting of a remote alert manager instance.
For example, the contents of `/share/prometheus/prometheus.yaml` could contain:
```yaml
# Alertmanager configuration
alerting:
alertmanagers:
- static_configs:
- targets:
- 1.3.3.7:9093
```
Which would then send alerts to an alert manager instance located at `http://1.3.3.7:9093`
---
....
[:books: Read the full add-on documentation][docs]
## Support
Got questions?
You have several options to get them answered:
- The [Home Assistant Community Add-ons Discord chat server][discord] for add-on
support and feature requests.
- The [Home Assistant Discord chat server][discord-ha] for general Home
Assistant discussions and questions.
- The Home Assistant [Community Forum][forum].
- Join the [Reddit subreddit][reddit] in [/r/homeassistant][reddit]
You could also [open an issue here][issue] GitHub.
## Contributing
This is an active open-source project. We are always open to people who want to
use the code or contribute to it.
We have set up a separate document containing our
[contribution guidelines](.github/CONTRIBUTING.md).
Thank you for being involved! :heart_eyes:
## Authors & contributors
The original setup of this repository is by [Robbert Müller][mjrider]
For a full list of all authors and contributors,
check [the contributor's page][contributors].
## We have got some Home Assistant add-ons for you
Want some more functionality to your Home Assistant instance?
We have created multiple add-ons for Home Assistant. For a full list, check out
our [GitHub Repository][repository].
## License
MIT License
Copyright (c) 2020-2022 Robbert Müller
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
[aarch64-shield]: https://img.shields.io/badge/aarch64-yes-green.svg
[amd64-shield]: https://img.shields.io/badge/amd64-yes-green.svg
[armhf-shield]: https://img.shields.io/badge/armhf-no-red.svg
[armv7-shield]: https://img.shields.io/badge/armv7-yes-green.svg
[commits-shield]: https://img.shields.io/github/commit-activity/y/hassio-addons/addon-prometheus.svg
[commits]: https://github.com/hassio-addons/addon-prometheus/commits/main
[contributors]: https://github.com/hassio-addons/addon-prometheus/graphs/contributors
[discord-ha]: https://discord.gg/c5DvZ4e
[discord-shield]: https://img.shields.io/discord/478094546522079232.svg
[discord]: https://discord.me/hassioaddons
[docs]: https://github.com/hassio-addons/addon-prometheus/blob/main/prometheus/DOCS.md
[forum-shield]: https://img.shields.io/badge/community-forum-brightgreen.svg
[forum]: https://example.net
[mjrider]: https://github.com/mjrider
[gitlabci-shield]: https://gitlab.com/hassio-addons/addon-prometheus/badges/master/pipeline.svg
[gitlabci]: https://gitlab.com/hassio-addons/addon-prometheus/pipelines
[i386-shield]: https://img.shields.io/badge/i386-no-red.svg
[issue]: https://github.com/hassio-addons/addon-prometheus/issues
[license-shield]: https://img.shields.io/github/license/hassio-addons/addon-prometheus.svg
[maintenance-shield]: https://img.shields.io/maintenance/yes/2022.svg
[project-stage-shield]: https://img.shields.io/badge/project%20stage-Development-yellowgreen.svg
[reddit]: https://reddit.com/r/homeassistant
[releases-shield]: https://img.shields.io/github/release/hassio-addons/addon-prometheus.svg
[releases]: https://github.com/hassio-addons/addon-prometheus/releases
[repository]: https://github.com/hassio-addons/repository

0
addon-prometheus/prometheus/build.yaml → addon-prometheus/build.yaml
View File

0
addon-prometheus/prometheus/config.yaml → addon-prometheus/config.yaml
View File

0
addon-prometheus/prometheus/icon.png → addon-prometheus/icon.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 15 KiB

After

Width:  |  Height:  |  Size: 15 KiB

BIN
addon-prometheus/images/screenshot.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 104 KiB

0
addon-prometheus/prometheus/logo.png → addon-prometheus/logo.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 15 KiB

After

Width:  |  Height:  |  Size: 15 KiB

3
addon-prometheus/repository.yaml
View File

@ -1,3 +0,0 @@
name: Prometheus
url: https://github.com/martydingo/homeassistant-addon-prometheus
maintainer: Martin George <marty@dingo.foo>

0
addon-prometheus/prometheus/rootfs/etc/cont-init.d/prometheus.sh → addon-prometheus/rootfs/etc/cont-init.d/prometheus.sh
View File

0
addon-prometheus/prometheus/rootfs/etc/prometheus/prometheus.yml → addon-prometheus/rootfs/etc/prometheus/prometheus.yml
View File

0
addon-prometheus/prometheus/rootfs/etc/services.d/prometheus-configgen/finish → addon-prometheus/rootfs/etc/services.d/prometheus-configgen/finish
View File

0
addon-prometheus/prometheus/rootfs/etc/services.d/prometheus-configgen/run → addon-prometheus/rootfs/etc/services.d/prometheus-configgen/run
View File

0
addon-prometheus/prometheus/rootfs/etc/services.d/prometheus/finish → addon-prometheus/rootfs/etc/services.d/prometheus/finish
View File

0
addon-prometheus/prometheus/rootfs/etc/services.d/prometheus/run → addon-prometheus/rootfs/etc/services.d/prometheus/run
View File

0
addon-prometheus/prometheus/rootfs/opt/prometheus-configgen/combiner → addon-prometheus/rootfs/opt/prometheus-configgen/combiner
View File

0
addon-prometheus/prometheus/rootfs/opt/prometheus-configgen/prometheus.template → addon-prometheus/rootfs/opt/prometheus-configgen/prometheus.template
View File

0
addon-prometheus/prometheus/rootfs/opt/prometheus-configgen/requirements.txt → addon-prometheus/rootfs/opt/prometheus-configgen/requirements.txt
View File

131
addon-promtail-main/.README.j2 Normal file
View File

@ -0,0 +1,131 @@
# Home Assistant Add-on: Promtail
[![GitHub Release][releases-shield]][releases]
![Project Stage][project-stage-shield]
[![License][license-shield]][license]
![Project Maintenance][maintenance-shield]
[![Community Forum][forum-shield]][forum]
[Promtail][promtail] is an agent which ships the contents of local logs to a private
[Loki][loki] instance or [Grafana Cloud][grafana-cloud]. It is usually deployed
to every machine that has applications needed to be monitored.
{% set repository = namespace(url='https%3A//github.com/mdegat01/hassio-addons', slug='39bd2704') %}
{% if channel == "edge" %}
{% set repository.url = repository.url + '-edge' %}
{% set repository.slug = '7eb274d5' %}
## WARNING! THIS IS AN EDGE REPOSITORY
This Add-ons repository contains edge builds of add-ons. Edge
builds of add-ons are based upon the latest development version.
- They may not work at all.
- They might stop working at any time.
- They could have a negative impact on your system.
This repository was created for:
- Anybody willing to test.
- Anybody interested in trying out upcoming add-ons or add-on features.
- Developers.
If you are more interested in stable releases of these add-ons:
<https://github.com/mdegat01/hassio-addons>
{% elif channel == "beta" %}
{% set repository.url = repository.url + '-beta' %}
{% set repository.slug = 'e9a81774' %}
## WARNING! THIS IS A BETA REPOSITORY
This Add-ons repository contains beta builds of add-ons. Beta
builds of add-ons are based upon the latest release including pre-releases.
- They might stop working at any time.
- They could have a negative impact on your system.
This repository was created for:
- Anybody willing to test.
- Anybody interested in trying out upcoming add-ons or add-on features.
If you are more interested in stable releases of these add-ons:
<https://github.com/mdegat01/hassio-addons>
{% endif %}
## About
By default this addon version of Promtail will tail logs from the systemd
journal. This will include all logs from all addons, supervisor, home assistant,
docker, and the host system itself. In addition you can set it up to look for
local log files in `/share` or `/ssl` if you have a particular add-on that logs
to a file instead of to `stdout`.
## Support
Got questions?
You have several ways to get them answered:
- The Home Assistant [Community Forum][forum]. I am
[CentralCommand][forum-centralcommand] there.
- The Home Assistant [Discord Chat Server][discord-ha]. Use the #add-ons channel,
I am CentralCommand#0913 there.
You could also [open an issue here][issue] on GitHub.
## Authors & contributors
The original setup of this repository is by [Mike Degatano][mdegat01].
For a full list of all authors and contributors,
check [the contributor's page][contributors].
## License
MIT License
Copyright (c) 2021-2022 Mike Degatano
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
{% if channel == "edge" %}
[project-stage-shield]: https://img.shields.io/badge/project%20stage-experimental-yellow.svg
{% elif channel == "beta" %}
[project-stage-shield]: https://img.shields.io/badge/project%20stage-beta-orange.svg
{% else %}
[project-stage-shield]: https://img.shields.io/badge/project%20stage-production%20ready-brightgreen.svg
{% endif %}
[contributors]: https://github.com/mdegat01/addon-promtail/graphs/contributors
[discord-ha]: https://discord.gg/c5DvZ4e
[forum-centralcommand]: https://community.home-assistant.io/u/CentralCommand/?u=CentralCommand
[forum-shield]: https://img.shields.io/badge/community-forum-brightgreen.svg
[forum]: https://community.home-assistant.io/t/home-assistant-add-on-promtail/293732?u=CentralCommand
[grafana-cloud]: https://grafana.com/products/cloud/
[loki]: https://grafana.com/oss/loki
[mdegat01]: https://github.com/mdegat01
[issue]: https://github.com/mdegat01/addon-promtail/issues
[license]: https://github.com/mdegat01/addon-promtail/blob/main/LICENSE
[license-shield]: https://img.shields.io/github/license/mdegat01/addon-promtail.svg
[maintenance-shield]: https://img.shields.io/maintenance/yes/2022.svg
[promtail]: https://grafana.com/docs/loki/latest/clients/promtail/
[releases-shield]: https://img.shields.io/github/release/mdegat01/addon-promtail.svg
[releases]: https://github.com/mdegat01/addon-promtail/releases

252
addon-promtail-main/DOCS.md Normal file
View File

@ -0,0 +1,252 @@
# Home Assistant Add-on: Promtail
## Install
First add the repository to the add-on store (`https://mezgit.duckdns.org/mezned/HAddons`):
[![Open your Home Assistant instance and show the add add-on repository dialog
with a specific repository URL pre-filled.][add-repo-shield]][add-repo]
Then find Promtail in the store and click install:
[![Open your Home Assistant instance and show the dashboard of a Supervisor add-on.][add-addon-shield]][add-addon]
## Default Setup
By default this addon version of Promtail will tail logs from the systemd
journal. This will include all logs from all addons, supervisor, home assistant,
docker, and the host system itself. It will then ship them to the Loki add-on in
this same repository if you have it installed. No additional configuration is
required if this is the setup you want.
If you adjusted the configuration of the Loki add-on, have a separate Loki
add-on or have other log files you want Promtail to monitor then see below for
the configuration options.
## Configuration
**Note**: _Remember to restart the add-on when the configuration is changed._
Example add-on configuration:
```yaml
client:
url: http://39bd2704-loki:3100
username: loki
password: secret
cafile: /ssl/ca.pem
additional_scrape_configs: /share/promtail/scrape_configs.yaml
log_level: info
```
**Note**: _This is just an example, don't copy and paste it! Create your own!_
### Option: `client.url` (required)
The URL of the Loki deployment Promtail should ship logs to.
If you use the Loki add-on, this will be `http://39bd2704-loki:3100` (unless you
enabled `ssl`, then change it to `https`). If you use Grafana Cloud then the URL
will look like this: `https://<User>:<Your Grafana.com API Key>@logs-prod-us-central1.grafana.net/api/prom/push`
([see here for more info][grafana-cloud-docs-promtail]).
### Option: `client.username`
The username to use if you require basic auth to connect to your Loki deployment.
### Option: `client.password`
The password for the username you choose if you require basic auth to connect to
your Loki deployment. **Note**: This field is required if `client.username` is
provided.
### Option: `client.cafile`
The CA certificate used to sign Loki's certificate if Loki is using a self-signed
certificate for SSL.
**Note**: _The file MUST be stored in `/ssl/`, which is the default_
### Option: `client.servername`
The servername listed on the certificate Loki is using if using SSL to connect
by a different URL then what's on Loki's certificate (usually if the certificate
lists a public URL and you're connecting locally).
### Option: `client.certfile`
The absolute path to a certificate for client-authentication if Loki is using
mTLS to authenticate clients.
### Option: `client.keyfile`
The absolute path to the key for the client-authentication certificate if Loki
is using mTLS to authenticate clients. **Note**: This field is required if
`client.certfile` is provided
### Option: `additional_pipeline_stages`
The absolute path to a YAML file with a list of additional pipeline stages to
apply to the [default journal scrape config][addon-default-config]. The primary
use of this is to apply additional processing to logs from particular add-ons
you use if they are noisy or difficult to read.
This file must contain only a YAML list of pipeline stages. They will be added
to the end of the ones already listed. If you don't like the ones listed, use
`skip_default_scrape_config` and `additional_scrape_configs` to write your own
instead. Here's an example of the contents of this file:
```yaml
- match:
selector: '{container_name="addon_cebe7a76_hassio_google_drive_backup"}'
stages:
- multiline:
firstline: '^\x{001b}'
```
This particular example applies to the [google drive backup addon][addon-google-drive-backup].
It uses the same log format as Home Assistant and outputs the escape character
at the start of each log line for color-coding in terminals. Looking for that
in a multiline stage makes it so tracebacks are included in the same log entry
as the error that caused them for easier readability.
See the [promtail documentation][promtail-doc-stages] for more information on how
to configure pipeline stages.
**Note**: This addon has access to `/ssl`, `/share` and `/config/promtail`. Place
the file in one of these locations, others will not work.
### Option: `skip_default_scrape_config`
Promtail will scrape the `systemd journal` using a pre-defined config you can
find [here][addon-default-config]. If you only want it to look at specific log
files you specify or you don't like the default config and want to adjust it, set
this to `true`. Then the only scrape configs used will be the ones you specify
in the `additional_scrape_configs` file.
**Note**: This addon has access to `/ssl`, `/share` and `/config/promtail`. Place
the file in one of these locations, others will not work.
### Option: `additional_scrape_configs`
The absolute path to a YAML file with a list of additional scrape configs for
Promtail to use. The primary use of this is to point Promtail at additional log
files created by add-ons which don't use `stdout` for all logging. You an also
change the system journal is scraped by using this in conjunction with
`skip_default_scrape_config`. **Note**: If `skip_default_scrape_config` is `true`
then this field becomes required (otherwise there would be no scrape configs)
The file must contain only a YAML list of scrape configs. Here's an example of
the contents of this file:
```yaml
- job_name: zigbee2mqtt_messages
pipeline_stages:
static_configs:
- targets:
- localhost
labels:
job: zigbee2mqtt_messages
__path__: /share/zigbee2mqtt/log/**.txt
```
This particular example would cause Promtail to scrape up the logs MQTT that the
[Zigbee2MQTT add-on][addon-z2m] makes by default.
Promtail provides a lot of options for configuring scrape configs. See the
documentation on [scrape_configs][promtail-doc-scrape-configs] for more info on
the options available and how to configure them. The documentation also provides
[other examples][promtail-doc-examples] you can use.
I would also recommend reading the [Loki best practices][loki-doc-best-practices]
guide before making custom scrape configs. Pipelines are pretty powerful but
avoid making too many labels, it does more harm then good. Instead look into
what you can do with [LogQL][logql] can do at the other end.
**Note**: This addon has access to `/ssl`, `/share` and `/config/promtail`. Place
the file in one of these locations, others will not work.
### Port: `9080/tcp`
Promtail expose an [API][api] on this port. This is primarily used for healthchecks
by the supervisor watchdog which does not require exposing it on the host. Most
users should leave this option disabled unless you have an external application
doing healthchecks.
For advanced users creating custom scrape configs the other purpose of this API
is to expose metrics created by the [metrics][promtail-doc-metrics] pipeline
stage. Exposing this port would then allow you to read those metrics from another
system on your network.
### Option: `log_level`
The `log_level` option controls the level of log output by the addon and can
be changed to be more or less verbose, which might be useful when you are
dealing with an unknown issue. Possible values are:
- `debug`: Shows detailed debug information.
- `info`: Normal (usually) interesting events.
- `warning`: Exceptional occurrences that are not errors.
- `error`: Runtime errors that do not require immediate action.
Please note that each level automatically includes log messages from a
more severe level, e.g., `debug` also shows `info` messages. By default,
the `log_level` is set to `info`, which is the recommended setting unless
you are troubleshooting.
## PLG Stack (Promtail, Loki and Grafana)
Promtail isn't a standalone application, it's job is to find logs, process them
and ship them to Loki. Most likely you want the full PLG stack:
- Promtail to process and ship logs
- Loki to aggregate and index them
- Grafana to visualize and monitor them
### Loki
The easiest way to get started is to also install the Loki add-on in this same
repository. By default this add-on is set up to collect all logs from the system
journal and ship them over to that add-on. If that's what you want there is no
additional configuration required for either.
[![Open your Home Assistant instance and show the dashboard of a Supervisor add-on.][add-addon-shield]][add-addon-loki]
Alternatively you can deploy Loki somewhere else. Take a look at the
[Loki documentation][loki-doc] for info on setting up a Loki deployment and
connecting Promtail to it.
### Grafana
Once you have Loki and Promtail set up you will probably want to connect to it
from [Grafana][grafana]. The easiest way to do that is to use the
[Grafana community add-on][addon-grafana]. From there you can find Loki in the
list of data sources and configure the connection (see [Loki in Grafana][loki-in-grafana]).
If you did choose to use the Loki add-on you can find additional instructions in
[the add-on's documentation][addon-loki-doc].
[![Open your Home Assistant instance and show the dashboard of a Supervisor add-on.][add-addon-shield]][add-addon-grafana]
### Grafana Cloud
If you prefer, you can also use Grafana's cloud service,
[see here](https://grafana.com/products/cloud/) on how to get started. This
service takes the place of both Loki and Grafana in the PLG stack, you just
point Promtail at it and you're done. To do this, first create an account then
[review this guide][grafana-cloud-docs-promtail] to see how to connect Promtail
to your account. Essentially its just a different URL since the credential information
goes in the URL.
## Changelog & Releases
This repository keeps a change log using [GitHub's releases][releases]
functionality.
Releases are based on [Semantic Versioning][semver], and use the format
of `MAJOR.MINOR.PATCH`. In a nutshell, the version will be incremented
based on the following:
- `MAJOR`: Incompatible or major changes.
- `MINOR`: Backwards-compatible new features and enhancements.
- `PATCH`: Backwards-compatible bugfixes and package updates.

76
addon-promtail-main/Dockerfile Normal file
View File

@ -0,0 +1,76 @@
# https://github.com/mdegat01/promtail-journal/releases
#FROM ghcr.io/mdegat01/promtail-journal/${BUILD_ARCH}:1.6.0 as build_promtail
# https://github.com/hassio-addons/addon-debian-base/releases
# hadolint ignore=DL3006
ARG BUILD_FROM
FROM ${BUILD_FROM}
# https://github.com/mikefarah/yq/releases
ARG YQ_VERSION=4.44.3
ARG BUILD_ARCH
# Add yq and tzdata (required for the timestamp stage)
RUN echo "deb http://deb.debian.org/debian bullseye-backports main" >> /etc/apt/sources.list
RUN apt-get update && apt-get install -t bullseye-backports -qy libsystemd-dev
RUN set -eux; \
apt-get update; \
apt-get install -qy --no-install-recommends \
tar=1.34+dfsg-1 \
; \
update-ca-certificates; \
\
case "${BUILD_ARCH}" in \
amd64) BINARCH='amd64' ;; \
armhf) BINARCH='arm' ;; \
armv7) BINARCH='arm' ;; \
aarch64) BINARCH='arm64' ;; \
*) echo >&2 "error: unsupported architecture (${APKARCH})"; exit 1 ;; \
esac; \
curl -s -J -L -o /tmp/yq.tar.gz \
"https://github.com/mikefarah/yq/releases/download/v${YQ_VERSION}/yq_linux_${BINARCH}.tar.gz"; \
tar -xf /tmp/yq.tar.gz -C /usr/bin; \
mv /usr/bin/yq_linux_${BINARCH} /usr/bin/yq; \
chmod a+x /usr/bin/yq; \
rm /tmp/yq.tar.gz; \
yq --version; \
\
apt-get clean; \
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*; \
chmod +x /etc/cont-init.d/promtail_setup.sh; \
chmod +x /etc/services.d/promtail/*;
# Add promtail
COPY --from=grafana/promtail:latest /usr/bin/promtail /usr/bin/promtail
RUN promtail --version
COPY rootfs /
WORKDIR /data/promtail
# Build arguments
ARG BUILD_DATE
ARG BUILD_DESCRIPTION
ARG BUILD_NAME
ARG BUILD_REF
ARG BUILD_REPOSITORY
ARG BUILD_VERSION
# Labels
LABEL \
io.hass.name="${BUILD_NAME}" \
io.hass.description="${BUILD_DESCRIPTION}" \
io.hass.arch="${BUILD_ARCH}" \
io.hass.type="addon" \
io.hass.version=${BUILD_VERSION} \
maintainer="Feres" \
org.opencontainers.image.title="${BUILD_NAME}" \
org.opencontainers.image.description="${BUILD_DESCRIPTION}" \
org.opencontainers.image.vendor="Ferfes's Home Assistant Add-ons" \
org.opencontainers.image.authors="Feres" \
org.opencontainers.image.licenses="MIT" \
org.opencontainers.image.url="https://github.com/mdegat01/hassio-addons" \
org.opencontainers.image.source="https://github.com/${BUILD_REPOSITORY}" \
org.opencontainers.image.documentation="https://github.com/${BUILD_REPOSITORY}/blob/main/README.md" \
org.opencontainers.image.created=${BUILD_DATE} \
org.opencontainers.image.revision=${BUILD_REF} \
org.opencontainers.image.version=${BUILD_VERSION}

116
addon-promtail-main/apparmor.txt Normal file
View File

@ -0,0 +1,116 @@
include <tunables/global>
# Docker overlay
@{docker_root}=/docker/ /var/lib/docker/
@{fs_root}=/ @{docker_root}/overlay2/*/diff/
@{do_etc}=@{fs_root}/etc/
@{do_opt}=@{fs_root}/opt/
@{do_run}=@{fs_root}/{run,var/run}/
@{do_usr}=@{fs_root}/usr/
@{do_var}=@{fs_root}/var/
# Systemd Journal location
@{journald}=/{run,var}/log/journal/{,**}
profile promtail flags=(attach_disconnected,mediate_deleted) {
include <abstractions/base>
include <abstractions/bash>
# Send signals to child services
signal (send) peer=@{profile_name}//*,
# Network access
network tcp,
network udp,
# S6-Overlay
/init rix,
/bin/** rix,
/usr/bin/** rix,
@{do_etc}/s6*/** r,
@{do_etc}/fix-attrs.d/{,**} r,
@{do_etc}/cont-{init,finish}.d/{,**} rwix,
@{do_etc}/services.d/{,**} rwix,
@{do_run}/{s6,s6-rc*,service}/** rix,
/command/** rix,
/package/** rix,
@{do_run}/{,**} rwk,
/dev/tty rw,
@{do_usr}/lib/locale/{,**} r,
@{do_etc}/ssl/openssl.cnf r,
@{do_etc}/{group,hosts,passwd} r,
@{do_etc}/{host,nsswitch,resolv}.conf r,
/dev/null k,
# https://github.com/hassio-addons/addon-debian-base/blob/main/base/rootfs/etc/cont-init.d/02-set-timezone.sh
# Wants to link /etc/localtime but apparmor sees a random hash so * it is.
@{do_etc}/* rw,
@{do_usr}/share/zoneinfo/{,**} r,
# Bashio
/usr/lib/bashio/** ix,
/tmp/** rw,
# Options.json & addon data
/data r,
/data/** rw,
# Files needed for setup
@{do_etc}/promtail/{,**} rw,
/config/promtail/{,**} r,
/{share,ssl}/{,**} r,
@{journald} r,
# Programs
/usr/bin/promtail cx -> promtail,
/usr/bin/yq Cx,
profile promtail flags=(attach_disconnected,mediate_deleted) {
include <abstractions/base>
# Receive signals from s6
signal (receive) peer=*_promtail,
# Network access
network tcp,
network udp,
network netlink raw,
network unix dgram,
# Temp files
/tmp/.positions.yaml* rw,
# Addon data
/data/** r,
/data/promtail/** rwk,
# Config & log data
@{do_etc}/promtail/config.yaml r,
/config/promtail/{,**} r,
/{share,ssl}/** r,
@{journald} r,
# Runtime usage
/usr/bin/promtail rm,
@{do_etc}/{hosts,passwd} r,
@{do_etc}/{resolv,nsswitch}.conf r,
@{PROC}/sys/net/core/somaxconn r,
@{sys}/kernel/mm/transparent_hugepage/hpage_pmd_size r,
/dev/null k,
@{do_etc}/ssl/certs/** r,
}
profile /usr/bin/yq flags=(attach_disconnected,mediate_deleted) {
include <abstractions/base>
# Config files
@{do_etc}/promtail/* rw,
/config/promtail/{,**} r,
/share/** r,
# Runtime usage
/usr/bin/yq rm,
@{sys}/kernel/mm/transparent_hugepage/hpage_pmd_size r,
/dev/null k,
}
}

9
addon-promtail-main/build.yaml Normal file
View File

@ -0,0 +1,9 @@
---
build_from:
amd64: ghcr.io/hassio-addons/debian-base/amd64:7.5.1
armhf: ghcr.io/hassio-addons/debian-base/armhf:7.5.1
armv7: ghcr.io/hassio-addons/debian-base/armv7:7.5.1
aarch64: ghcr.io/hassio-addons/debian-base/aarch64:7.5.1
codenotary:
base_image: codenotary@frenck.dev
signer: codenotary@degatano.com

40
addon-promtail-main/config.yaml Normal file
View File

@ -0,0 +1,40 @@
---
name: Promtail
url: https://mezgit.duckdns.org/mezned/HAddons
version: edge
slug: promtail
arch:
- aarch64
- amd64
- armv7
- armhf
description: Promtail for Home Assistant
codenotary: codenotary@degatano.com
init: false
journald: true
map:
- config
- share
- ssl
watchdog: http://[HOST]:[PORT:9080]/ready
ports:
9080/tcp:
ports_description:
9080/tcp: Promtail web server
options:
client:
url: http://39bd2704-loki:3100/loki/api/v1/push
log_level: info
schema:
client:
url: str
username: str?
password: password?
cafile: str?
servername: str?
certfile: str?
keyfile: str?
additional_pipeline_stages: str?
additional_scrape_configs: str?
skip_default_scrape_config: bool?
log_level: list(trace|debug|info|notice|warning|error|fatal)?

BIN
addon-promtail-main/icon.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 20 KiB

BIN
addon-promtail-main/logo.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 15 KiB

129
addon-promtail-main/rootfs/etc/cont-init.d/promtail_setup.sh Normal file
View File

@ -0,0 +1,129 @@
#!/usr/bin/with-contenv bashio
# shellcheck shell=bash
# ==============================================================================
# Home Assistant Add-on: Promtail
# This file makes the config file from inputs
# ==============================================================================
readonly CONFIG_DIR=/etc/promtail
readonly CONFIG_FILE="${CONFIG_DIR}/config.yaml"
readonly BASE_CONFIG="${CONFIG_DIR}/base_config.yaml"
readonly DEF_SCRAPE_CONFIGS="${CONFIG_DIR}/default-scrape-config.yaml"
readonly CUSTOM_SCRAPE_CONFIGS="${CONFIG_DIR}/custom-scrape-config.yaml"
declare cafile
declare add_stages
declare add_scrape_configs
scrape_configs="${DEF_SCRAPE_CONFIGS}"
bashio::log.info 'Setting base config for promtail...'
cp "${BASE_CONFIG}" "${CONFIG_FILE}"
# Set up client section
if ! bashio::config.is_empty 'client.username'; then
bashio::log.info 'Adding basic auth to client config...'
bashio::config.require 'client.password' "'client.username' is specified"
{
echo " basic_auth:"
echo " username: $(bashio::config 'client.username')"
echo " password: $(bashio::config 'client.password')"
} >> "${CONFIG_FILE}"
fi
if ! bashio::config.is_empty 'client.cafile'; then
bashio::log.info "Adding TLS to client config..."
cafile="/ssl/$(bashio::config 'client.cafile')"
if ! bashio::fs.file_exists "${cafile}"; then
bashio::log.fatal
bashio::log.fatal "The file specified for 'cafile' does not exist!"
bashio::log.fatal "Ensure the CA certificate file exists and full path is provided"
bashio::log.fatal
bashio::exit.nok
fi
{
echo " tls_config:"
echo " ca_file: ${cafile}"
} >> "${CONFIG_FILE}"
if ! bashio::config.is_empty 'client.servername'; then
echo " server_name: $(bashio::config 'client.servername')" >> "${CONFIG_FILE}"
fi
if ! bashio::config.is_empty 'client.certfile'; then
bashio::log.info "Adding mTLS to client config..."
bashio::config.require 'client.keyfile' "'client.certfile' is specified"
if ! bashio::fs.file_exists "$(bashio::config 'client.certfile')"; then
bashio::log.fatal
bashio::log.fatal "The file specified for 'certfile' does not exist!"
bashio::log.fatal "Ensure the certificate file exists and full path is provided"
bashio::log.fatal
bashio::exit.nok
fi
if ! bashio::fs.file_exists "$(bashio::config 'client.keyfile')"; then
bashio::log.fatal
bashio::log.fatal "The file specified for 'keyfile' does not exist!"
bashio::log.fatal "Ensure the key file exists and full path is provided"
bashio::log.fatal
bashio::exit.nok
fi
{
echo " cert_file: $(bashio::config 'client.certfile')"
echo " key_file: $(bashio::config 'client.keyfile')"
} >> "${CONFIG_FILE}"
fi
fi
# Add in scrape configs
{
echo
echo "scrape_configs:"
} >> "${CONFIG_FILE}"
if bashio::config.true 'skip_default_scrape_config'; then
bashio::log.info 'Skipping default journald scrape config...'
if ! bashio::config.is_empty 'additional_pipeline_stages'; then
bashio::log.warning
bashio::log.warning "'additional_pipeline_stages' ignored since 'skip_default_scrape_config' is true!"
bashio::log.warning 'See documentation for more information.'
bashio::log.warning
fi
bashio::config.require 'additional_scrape_configs' "'skip_default_scrape_config' is true"
elif ! bashio::config.is_empty 'additional_pipeline_stages'; then
bashio::log.info "Adding additional pipeline stages to default journal scrape config..."
add_stages="$(bashio::config 'additional_pipeline_stages')"
scrape_configs="${CUSTOM_SCRAPE_CONFIGS}"
if ! bashio::fs.file_exists "${add_stages}"; then
bashio::log.fatal
bashio::log.fatal "The file specified for 'additional_pipeline_stages' does not exist!"
bashio::log.fatal "Ensure the file exists at the path specified"
bashio::log.fatal
bashio::exit.nok
fi
yq -NP eval-all \
'select(fi == 0) + [{"add_pipeline_stages": select(fi == 1)}]' \
"${DEF_SCRAPE_CONFIGS}" "${add_stages}" \
| yq -NP e \
'[(.[0] * .[1]) | {"job_name": .job_name, "journal": .journal, "relabel_configs": .relabel_configs, "pipeline_stages": .pipeline_stages + .add_pipeline_stages}]' \
- > "${scrape_configs}"
fi
if ! bashio::config.is_empty 'additional_scrape_configs'; then
bashio::log.info "Adding custom scrape configs..."
add_scrape_configs="$(bashio::config 'additional_scrape_configs')"
if ! bashio::fs.file_exists "${add_scrape_configs}"; then
bashio::log.fatal
bashio::log.fatal "The file specified for 'additional_scrape_configs' does not exist!"
bashio::log.fatal "Ensure the file exists at the path specified"
bashio::log.fatal
bashio::exit.nok
fi
if bashio::config.true 'skip_default_scrape_config'; then
yq -NP e '[] + .' "${add_scrape_configs}" >> "${CONFIG_FILE}"
else
yq -NP eval-all 'select(fi == 0) + select(fi == 1)' \
"${scrape_configs}" "${add_scrape_configs}" >> "${CONFIG_FILE}"
fi
else
yq -NP e '[] + .' "${scrape_configs}" >> "${CONFIG_FILE}"
fi

11
addon-promtail-main/rootfs/etc/promtail/base_config.yaml Normal file
View File

@ -0,0 +1,11 @@
---
server:
http_listen_port: 9080
grpc_listen_port: 0
log_level: "${LOG_LEVEL}"
positions:
filename: /data/promtail/positions.yaml
clients:
- url: "${URL}"

27
addon-promtail-main/rootfs/etc/promtail/default-scrape-config.yaml Normal file
View File

@ -0,0 +1,27 @@
---
- job_name: journal
journal:
json: false
max_age: 12h
labels:
job: systemd-journal
path: "${JOURNAL_PATH}"
relabel_configs:
- source_labels:
- __journal__systemd_unit
target_label: unit
- source_labels:
- __journal__hostname
target_label: nodename
- source_labels:
- __journal_syslog_identifier
target_label: syslog_identifier
- source_labels:
- __journal_container_name
target_label: container_name
pipeline_stages:
- match:
selector: '{container_name=~"homeassistant|hassio_supervisor"}'
stages:
- multiline:
firstline: '^\x{001b}'

15
addon-promtail-main/rootfs/etc/services.d/promtail/finish Normal file
View File

@ -0,0 +1,15 @@
#!/usr/bin/env bashio
# ==============================================================================
# Take down the S6 supervision tree when Promtail fails
# s6-overlay docs: https://github.com/just-containers/s6-overlay
# ==============================================================================
declare APP_EXIT_CODE=${1}
if [[ "${APP_EXIT_CODE}" -ne 0 ]] && [[ "${APP_EXIT_CODE}" -ne 256 ]]; then
bashio::log.warning "Halt add-on with exit code ${APP_EXIT_CODE}"
echo "${APP_EXIT_CODE}" > /run/s6-linux-init-container-results/exitcode
exec /run/s6/basedir/bin/halt
fi
bashio::log.info "Service restart after closing"

40
addon-promtail-main/rootfs/etc/services.d/promtail/run Normal file
View File

@ -0,0 +1,40 @@
#!/usr/bin/with-contenv bashio
# shellcheck shell=bash
# ==============================================================================
# Home Assistant Add-on: Promtail
# Runs Promtail
# ==============================================================================
readonly PROMTAIL_CONFIG='/etc/promtail/config.yaml'
declare log_level
bashio::log.info 'Starting Promtail...'
journal_path='/var/log/journal'
if ! bashio::fs.directory_exists "${journal_path}" || [ -z "$(ls -A ${journal_path})" ]; then
bashio::log.info "No journal at ${journal_path}, looking for journal in /run/log/journal instead"
journal_path='/run/log/journal'
fi
case "$(bashio::config 'log_level')" in \
trace) ;& \
debug) log_level='debug' ;; \
notice) ;& \
warning) log_level='warn' ;; \
error) ;& \
fatal) log_level='error' ;; \
*) log_level='info' ;; \
esac;
bashio::log.info "Promtail log level set to ${log_level}"
export "URL=$(bashio::config 'client.url')"
export "JOURNAL_PATH=${journal_path}"
export "LOG_LEVEL=${log_level}"
promtail_args=("-config.expand-env=true" "-config.file=${PROMTAIL_CONFIG}")
if [ "${log_level}" == "debug" ]; then
bashio::log.debug "Logging full config on startup for debugging..."
promtail_args+=("-print-config-stderr=true")
fi
bashio::log.info "Handing over control to Promtail..."
/usr/bin/promtail "${promtail_args[@]}"

126
loki/.README.j2 Normal file
View File

@ -0,0 +1,126 @@
# Home Assistant Add-on: Loki
[![GitHub Release][releases-shield]][releases]
![Project Stage][project-stage-shield]
[![License][license-shield]][license]
![Project Maintenance][maintenance-shield]
[![Community Forum][forum-shield]][forum]
_Like Prometheus, but for logs!_
{% set repository = namespace(url='https%3A//github.com/mdegat01/hassio-addons', slug='39bd2704') %}
{% if channel == "edge" %}
{% set repository.url = repository.url + '-edge' %}
{% set repository.slug = '7eb274d5' %}
## WARNING! THIS IS AN EDGE REPOSITORY
This Add-ons repository contains edge builds of add-ons. Edge
builds of add-ons are based upon the latest development version.
- They may not work at all.
- They might stop working at any time.
- They could have a negative impact on your system.
This repository was created for:
- Anybody willing to test.
- Anybody interested in trying out upcoming add-ons or add-on features.
- Developers.
If you are more interested in stable releases of these add-ons:
<https://github.com/mdegat01/hassio-addons>
{% elif channel == "beta" %}
{% set repository.url = repository.url + '-beta' %}
{% set repository.slug = 'e9a81774' %}
## WARNING! THIS IS A BETA REPOSITORY
This Add-ons repository contains beta builds of add-ons. Beta
builds of add-ons are based upon the latest release including pre-releases.
- They might stop working at any time.
- They could have a negative impact on your system.
This repository was created for:
- Anybody willing to test.
- Anybody interested in trying out upcoming add-ons or add-on features.
If you are more interested in stable releases of these add-ons:
<https://github.com/mdegat01/hassio-addons>
{% endif %}
## About
[Grafana Loki][loki] is a horizontally-scalable,
highly-available, multi-tenant log aggregation system inspired by Prometheus. It
is designed to be very cost effective and easy to operate. It does not index the
contents of the logs, but rather a set of labels for each log stream.
## Support
Got questions?
You have several ways to get them answered:
- The Home Assistant [Community Forum][forum]. I am
[CentralCommand][forum-centralcommand] there.
- The Home Assistant [Discord Chat Server][discord-ha]. Use the #add-ons channel,
I am CentralCommand#0913 there.
You could also [open an issue here][issue] on GitHub.
## Authors & contributors
The original setup of this repository is by [Mike Degatano][mdegat01].
For a full list of all authors and contributors,
check [the contributor's page][contributors].
## License
MIT License
Copyright (c) 2021-2022 Mike Degatano
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
{% if channel == "edge" %}
[project-stage-shield]: https://img.shields.io/badge/project%20stage-experimental-yellow.svg
{% elif channel == "beta" %}
[project-stage-shield]: https://img.shields.io/badge/project%20stage-beta-orange.svg
{% else %}
[project-stage-shield]: https://img.shields.io/badge/project%20stage-production%20ready-brightgreen.svg
{% endif %}
[contributors]: https://github.com/mdegat01/addon-loki/graphs/contributors
[discord-ha]: https://discord.gg/c5DvZ4e
[forum-centralcommand]: https://community.home-assistant.io/u/CentralCommand/?u=CentralCommand
[forum-shield]: https://img.shields.io/badge/community-forum-brightgreen.svg
[forum]: https://community.home-assistant.io/t/home-assistant-add-on-loki/293731?u=CentralCommand
[loki]: https://grafana.com/oss/loki/
[mdegat01]: https://github.com/mdegat01
[issue]: https://github.com/mdegat01/addon-loki/issues
[license]: https://github.com/mdegat01/addon-loki/blob/main/LICENSE
[license-shield]: https://img.shields.io/github/license/mdegat01/addon-loki.svg
[maintenance-shield]: https://img.shields.io/maintenance/yes/2022.svg
[releases-shield]: https://img.shields.io/github/release/mdegat01/addon-loki.svg
[releases]: https://github.com/mdegat01/addon-loki/releases

213
loki/DOCS.md Normal file
View File

@ -0,0 +1,213 @@
# Home Assistant Add-on: Loki
## Install
First add the repository to the add-on store (`https://mezgit.duckdns.org/mezned/HAddons`):
[![Open your Home Assistant instance and show the add add-on repository dialog
with a specific repository URL pre-filled.][add-repo-shield]][add-repo]
Then find Loki in the store and click install:
[![Open your Home Assistant instance and show the dashboard of a Supervisor add-on.][add-addon-shield]][add-addon]
## Default Setup
If you are also using the Promtail add-on in this repository then by default
Promtail wil ship Loki the systemd journal of the host. That will include all
logs from all addons, supervisor, home assistant, docker, and the host system
itself. No additional configuration is required if that's the setup you want.
The configuration options can be used to encrypt traffic to Loki via SSL or
limit access via mTLS. If you change those though, make sure to update your
Promtail (or whatever client your using) config accordingly.
Additionally, if you are an expert and want to take full control over Loki's
configuration there's an option to provide a custom config file.
## Configuration
**Note**: _Remember to restart the add-on when the configuration is changed._
Example add-on configuration:
```yaml
ssl: true
certfile: fullchain.pem
keyfile: privkey.pem
days_to_keep: 30
log_level: info
```
**Note**: _This is just an example, don't copy and paste it! Create your own!_
### Option: `ssl`
Enables/Disables SSL (HTTPS). Set it `true` to enable it, `false` otherwise.
### Option: `certfile`
The certificate file to use for SSL.
**Note**: _The file MUST be stored in `/ssl/`, which is the default_
### Option: `keyfile`
The private key file to use for SSL.
**Note**: _The file MUST be stored in `/ssl/`, which is the default_
### Option: `cafile`
The CA certificate file used to sign client certificates. If set,cclients will
be required to present a valid client-authentication certificate to connect to
Loki (mTLS).
**Note**: _The file MUST be stored in `/ssl/`, which is the default_
### Option: `days_to_keep`
Number of days of logs to keep, older logs will be purged from the index. If set,
minimum is `1`, defaults to `30` if omitted.
The minimum exists because `0` tells Loki to keep tables indefinitely (and the
addon to grow without bound). See [retention][loki-doc-retention] for more information
on how Loki's Compactor handles retention.
**Note**: This sets an environmental variable referenced in the [default config][addon-default-config].
If you use `config_path` below it is ignored unless you reference the same variable.
### Option: `config_path`
Absolute path to a custom config file for Loki. By default this addon will run
Loki using the config file [here][addon-default-config]. If you would prefer different
options then you can create your own config file to use instead and provide the
path to it.
Review the [documentation][loki-doc] to learn about creating a config file for
Loki. You can also see examples [here][loki-doc-examples]. I would also strongly
recommend reading the [Loki best practices][loki-doc-best-practices] guide before
proceeding with a custom config.
**Note**: `http_listen_address`, `http_listen_port` and `log_level` are set by
the add-on via CLI params so they cannot be changed. Everything else can be configured
in your file.
### Option: `log_level`
The `log_level` option controls the level of log output by the addon and can
be changed to be more or less verbose, which might be useful when you are
dealing with an unknown issue. Possible values are:
- `debug`: Shows detailed debug information.
- `info`: Normal (usually) interesting events.
- `warning`: Exceptional occurrences that are not errors.
- `error`: Runtime errors that do not require immediate action.
Please note that each level automatically includes log messages from a
more severe level, e.g., `debug` also shows `info` messages. By default,
the `log_level` is set to `info`, which is the recommended setting unless
you are troubleshooting.
### Port: `3100/tcp`
This is the port that Loki is listening on and that clients such as Promtail
should point at.
**Note**: If you just want to send logs from the Promtail add-on to this one
you can leave this disabled. Setting it exposes the port on the host so you
only need to do that if you want other systems to ship logs to Loki.
## PLG Stack (Promtail, Loki and Grafana)
Loki isn't a standalone application, it doesn't do anything until you set up another
utility to send logs to it. It's job is to receive logs, index them, and make them
available to analysis tools such as Grafana. Loki typically expects to be deployed
in the full PLG stack:
- Promtail to process and ship logs
- Loki to aggregate and index them
- Grafana to visualize and monitor them
### Promtail
Promtail is also made by Grafana, its only job is to scrape logs and send them
to Loki. The easiest way to get it set up is to install the
Promtail add-on in this same repository.
[![Open your Home Assistant instance and show the dashboard of a Supervisor add-on.][add-addon-shield]][add-addon-promtail]
This isn't the only way to get logs into Loki though. You may want to deploy
Promtail yourself to ship logs from other systems, you can find installation
instructions for that [here][promtail-doc-installation].
Other clients besides Promtail can also be configured to ship their logs to
Loki. The list of supported clients and how to set them up can be found [here][loki-doc-clients]
### Grafana
Grafana's flagship product is their [analysis and visualization tool][grafana]
and it is very easy to connect that to Loki (as you'd likely expect). They have
a guide on how to connect the two [here][loki-in-grafana].
The easiest way to install Grafana is to use the
Grafana community add-on. From there you can follow the guide above to add Loki
as a data source. When prompted for Loki's URL in the Grafana add-on, use `http://39bd2704-loki:3100`
(or `https://39bd2704-loki:3100` if you enabled SSL).
[![Open your Home Assistant instance and show the dashboard of a Supervisor add-on.][add-addon-shield]][add-addon-grafana]
### LogCLI
Not required, but if you want to be able to interface with Loki via the
commandline for testing or scripting purposes you can set up [LogCLI][logcli].
This will then let you query Loki using [LogQL][logql].
To make LogCLI accessible in the SSH add-ons you can set this install script
to run on startup of the add-on:
```bash
#!/bin/bash
# Set up LogCLI (not available in alpine linux)
# On 2.1.0 (see https://github.com/grafana/loki/releases )
VERSION=2.1.0
APKARCH="$(apk --print-arch)"
case "$APKARCH" in
x86_64) BINARCH='amd64' ;;
armhf) BINARCH='arm' ;;
armv7) BINARCH='arm' ;;
aarch64) BINARCH='arm64' ;;
*) echo >&2 "error: unsupported architecture ($APKARCH)"; exit 1 ;;
esac
curl -J -L -o /tmp/logcli.zip "https://github.com/grafana/loki/releases/download/v${VERSION}/logcli-linux-${BINARCH}.zip"
unzip /tmp/logcli.zip -d /usr/bin
mv "/usr/bin/logcli-linux-${BINARCH}" /usr/bin/logcli
chmod a+x /usr/bin/logcli
rm -f /tmp/logcli.zip
```
You also need to add the following to your `.bash_profile` or `.zshrc` file:
```bash
export LOKI_ADDR=http://39bd2704-loki:3100
```
Switch to `https` if you enabled SSL. The LogCLI doc has the full list of
possible exports you may need depending on how you deployed Loki.
## Changelog & Releases
This repository keeps a change log using [GitHub's releases][releases]
functionality.
Releases are based on [Semantic Versioning][semver], and use the format
of `MAJOR.MINOR.PATCH`. In a nutshell, the version will be incremented
based on the following:
- `MAJOR`: Incompatible or major changes.
- `MINOR`: Backwards-compatible new features and enhancements.
- `PATCH`: Backwards-compatible bugfixes and package updates.

99
loki/Dockerfile Normal file
View File

@ -0,0 +1,99 @@
# https://github.com/hassio-addons/addon-base/releases
ARG BUILD_FROM=ghcr.io/hassio-addons/base/amd64
# hadolint ignore=DL3006
FROM ${BUILD_FROM}
# https://github.com/grafana/loki/releases
ARG LOKI_VERSION=3.2.1
# add Loki and Nginx
RUN set -eux; \
apk update; \
\
apk add --no-cache --virtual .build-deps \
unzip=6.0-r9 \
; \
APKARCH="$(apk --print-arch)"; \
case "$APKARCH" in \
x86_64) BINARCH='amd64' ;; \
armhf) BINARCH='arm' ;; \
armv7) BINARCH='arm' ;; \
aarch64) BINARCH='arm64' ;; \
*) echo >&2 "error: unsupported architecture ($APKARCH)"; exit 1 ;; \
esac; \
curl -s -J -L -o /tmp/loki.zip \
"https://github.com/grafana/loki/releases/download/v${LOKI_VERSION}/loki-linux-${BINARCH}.zip"; \
unzip /tmp/loki.zip -d /usr/bin; \
mv /usr/bin/loki-linux-${BINARCH} /usr/bin/loki; \
chmod a+x /usr/bin/loki; \
rm /tmp/loki.zip; \
apk del .build-deps; \
\
apk add --no-cache \
ca-certificates=20220614-r0 \
nginx=1.22.0-r1 \
; \
update-ca-certificates; \
nginx -v; \
rm -f -r /etc/nginx; \
mkdir -p \
/var/lib/nginx/tmp/client_body \
/var/lib/nginx/tmp/fastcgi \
/var/lib/nginx/tmp/proxy \
/var/lib/nginx/tmp/scgi \
/var/lib/nginx/tmp/uwsgi \
/var/log/nginx \
/run/nginx \
; \
touch /var/log/nginx/error.log; \
\
echo "Add user for Loki"; \
mkdir -p /data/loki; \
addgroup -S abc; \
adduser -u 12345 -h /data/loki -D -S abc -G abc; \
\
chown -R abc:abc \
/usr/lib/nginx \
/usr/share/nginx \
/var/lib/nginx \
/var/log/nginx \
; \
chmod +x /etc/cont-init.d/nginx.sh;\
chmod +x /etc/services.d/loki/*; \
chmod +x /etc/services.d/nginx/*;
# See https://github.com/grafana/loki/issues/1928
RUN [ ! -e /etc/nsswitch.conf ] && echo 'hosts: files dns' > /etc/nsswitch.conf
COPY --chown=abc:abc rootfs /
WORKDIR /data/loki
# Build arguments
ARG BUILD_ARCH
ARG BUILD_DATE
ARG BUILD_DESCRIPTION
ARG BUILD_NAME
ARG BUILD_REF
ARG BUILD_REPOSITORY
ARG BUILD_VERSION
# Labels
LABEL \
io.hass.name="${BUILD_NAME}" \
io.hass.description="${BUILD_DESCRIPTION}" \
io.hass.arch="${BUILD_ARCH}" \
io.hass.type="addon" \
io.hass.version=${BUILD_VERSION} \
maintainer="mdegat01" \
org.opencontainers.image.title="${BUILD_NAME}" \
org.opencontainers.image.description="${BUILD_DESCRIPTION}" \
org.opencontainers.image.vendor="mdegat01's Home Assistant Add-ons" \
org.opencontainers.image.authors="mdegat01" \
org.opencontainers.image.licenses="MIT" \
org.opencontainers.image.url="https://github.com/mdegat01/hassio-addons" \
org.opencontainers.image.source="https://github.com/${BUILD_REPOSITORY}" \
org.opencontainers.image.documentation="https://github.com/${BUILD_REPOSITORY}/blob/main/README.md" \
org.opencontainers.image.created=${BUILD_DATE} \
org.opencontainers.image.revision=${BUILD_REF} \
org.opencontainers.image.version=${BUILD_VERSION}

139
loki/apparmor.txt Normal file
View File

@ -0,0 +1,139 @@
include <tunables/global>
# Docker overlay
@{docker_root}=/docker/ /var/lib/docker/
@{fs_root}=/ @{docker_root}/overlay2/*/diff/
@{do_etc}=@{fs_root}/etc/
@{do_opt}=@{fs_root}/opt/
@{do_run}=@{fs_root}/{run,var/run}/
@{do_usr}=@{fs_root}/usr/
@{do_var}=@{fs_root}/var/
# Nginx data dirs
@{nginx_data}=@{do_usr}/lib/nginx/ @{do_usr}/share/nginx/ @{do_var}/lib/nginx/
profile loki flags=(attach_disconnected,mediate_deleted) {
include <abstractions/base>
include <abstractions/bash>
# Send signals to child services
signal (send) peer=@{profile_name}//*,
# Network access
network tcp,
network udp,
# Capabilities to run service as non-root
capability kill,
capability dac_override,
capability chown,
capability fowner,
capability fsetid,
capability setuid,
capability setgid,
# S6-Overlay
/init rix,
/bin/** rix,
/usr/bin/** rix,
@{do_etc}/s6*/** r,
@{do_etc}/fix-attrs.d/{,**} r,
@{do_etc}/cont-{init,finish}.d/{,**} rwix,
@{do_etc}/services.d/{,**} rwix,
@{do_run}/{s6,s6-rc*,service}/** rix,
/command/** rix,
/package/** rix,
@{do_run}/{,**} rwk,
/dev/tty rw,
@{do_usr}/lib/locale/{,**} r,
@{do_etc}/ssl/openssl.cnf r,
@{do_etc}/ssl1.1/openssl.cnf r,
@{do_etc}/{group,hosts,passwd,resolv.conf} r,
/dev/null k,
# Needed for v2, not v3
@{do_etc}/s6/** rix,
# Bashio
/usr/lib/bashio/** ix,
/tmp/** rw,
# Options.json & addon data
/data r,
/data/** rw,
# Needed for setup
@{do_etc}/{loki,nginx}/{,**} rw,
@{nginx_data}/{,**} rw,
@{do_var}/log/nginx/{,**} rw,
/{share,ssl}/{,**} r,
# Programs
/usr/bin/loki cx -> loki,
/usr/sbin/nginx Cx -> nginx,
profile loki flags=(attach_disconnected,mediate_deleted) {
include <abstractions/base>
# Receive signals from s6
signal (receive) peer=*_loki,
# Network access
network tcp,
network udp,
network netlink raw,
network unix dgram,
# Addon data
/data/** r,
/data/loki/** rwk,
# Config
@{do_etc}/loki/* r,
/share/** r,
# Runtime usage
owner /tmp/** rwk,
/usr/bin/loki rm,
@{do_etc}/hosts r,
@{do_etc}/{nsswitch,resolv}.conf r,
@{PROC}/sys/net/core/somaxconn r,
@{PROC}/@{pid}/cpuset r,
@{sys}/kernel/mm/transparent_hugepage/hpage_pmd_size r,
}
profile nginx flags=(attach_disconnected,mediate_deleted) {
include <abstractions/base>
# Receive signals from s6
signal (receive) peer=*_loki,
# Network access
network tcp,
# Capabilities to lower privileges
capability dac_override,
capability mknod,
capability setuid,
capability setgid,
# Allow parent to ptrace
ptrace (read) peer=*_loki,
# Config files
@{do_etc}/nginx/** r,
/ssl/** r,
# Service data
@{do_var}/lib/nginx/tmp/** rw,
@{do_var}/log/nginx/* w,
@{nginx_data}/** r,
# Runtime usage
@{do_run}/nginx.pid rw,
@{PROC}/1/fd/1 w,
/usr/sbin/nginx rm,
@{do_etc}/{group,passwd} r,
@{do_etc}/ssl/openssl.cnf r,
@{do_etc}/ssl1.1/openssl.cnf r,
}
}

9
loki/build.yaml Normal file
View File

@ -0,0 +1,9 @@
---
build_from:
amd64: ghcr.io/hassio-addons/base/amd64:16.3.4
armhf: ghcr.io/hassio-addons/base/armhf:16.3.4
armv7: ghcr.io/hassio-addons/base/armv7:16.3.4
aarch64: ghcr.io/hassio-addons/base/aarch64:16.3.4
codenotary:
base_image: codenotary@frenck.dev
signer: codenotary@degatano.com

34
loki/config.yaml Normal file
View File

@ -0,0 +1,34 @@
---
name: Loki
url: hhttps://mezgit.duckdns.org/mezned/HAddons
version: edge
slug: loki
arch:
- aarch64
- amd64
- armv7
- armhf
description: Loki for Home Assistant
codenotary: codenotary@degatano.com
init: false
startup: system
map:
- share
- ssl
watchdog: http://[HOST]:3101/ready
ports:
3100/tcp:
ports_description:
3100/tcp: HTTP listen port
options:
ssl: false
days_to_keep: 30
log_level: info
schema:
ssl: bool
certfile: str?
keyfile: str?
cafile: str?
days_to_keep: int(1,)?
config_path: str?
log_level: list(trace|debug|info|notice|warning|error|fatal)?

BIN
loki/icon.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 20 KiB

BIN
loki/logo.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 15 KiB

52
loki/rootfs/etc/cont-init.d/nginx.sh Normal file
View File

@ -0,0 +1,52 @@
#!/usr/bin/with-contenv bashio
# shellcheck shell=bash
# ==============================================================================
# Home Assistant Add-on: Loki
# This file configures nginx
# ==============================================================================
readonly NGINX_SERVERS=/etc/nginx/servers
readonly NGINX_CONF="${NGINX_SERVERS}/direct.conf"
declare certfile
declare keyfile
bashio::config.require.ssl
if bashio::config.true 'ssl'; then
bashio::log.info 'Setting up SSL...'
certfile=$(bashio::config 'certfile')
keyfile=$(bashio::config 'keyfile')
if ! bashio::config.is_empty 'cafile'; then
bashio::log.info 'Setting up mTLS...'
cafile=$(bashio::config 'cafile')
# Absolute path support deprecated 4/21 for release 1.5.0.
# Wait until at least 5/21 to remove
if [[ $cafile =~ ^\/ ]]; then
bashio::log.warning "Providing an absolute path for 'cafile' is deprecated."
bashio::log.warning "Support for absolute paths will be removed in a future release."
bashio::log.warning "Please put your CA file in /ssl and provide a relative path."
else
cafile="/ssl/${cafile}"
fi
if ! bashio::fs.file_exists "${cafile}"; then
bashio::log.fatal
bashio::log.fatal "The file specified for 'cafile' does not exist!"
bashio::log.fatal "Ensure the CA certificate file exists and full path is provided"
bashio::log.fatal
bashio::exit.nok
fi
mv "${NGINX_SERVERS}/direct-mtls.disabled" "${NGINX_CONF}"
sed -i "s#%%cafile%%#${cafile}#g" "${NGINX_CONF}"
else
mv "${NGINX_SERVERS}/direct-ssl.disabled" "${NGINX_CONF}"
fi
sed -i "s#%%certfile%%#${certfile}#g" "${NGINX_CONF}"
sed -i "s#%%keyfile%%#${keyfile}#g" "${NGINX_CONF}"
else
mv "${NGINX_SERVERS}/direct.disabled" "${NGINX_CONF}"
fi

52
loki/rootfs/etc/loki/default-config.yaml Normal file
View File

@ -0,0 +1,52 @@
---
auth_enabled: false
server: {}
ingester:
lifecycler:
address: 127.0.0.1
ring:
kvstore:
store: inmemory
replication_factor: 1
final_sleep: 0s
chunk_idle_period: 1h
max_chunk_age: 1h
chunk_target_size: 1048576
chunk_retain_period: 30s
max_transfer_retries: 0
wal:
dir: /data/loki/wal
schema_config:
configs:
- from: 2020-10-24
store: boltdb-shipper
object_store: filesystem
schema: v11
index:
prefix: index_
period: 24h
storage_config:
boltdb_shipper:
active_index_directory: /data/loki/boltdb-shipper-active
cache_location: /data/loki/boltdb-shipper-cache
cache_ttl: 24h
shared_store: filesystem
filesystem:
directory: /data/loki/chunks
compactor:
working_directory: /data/loki/boltdb-shipper-compactor
shared_store: filesystem
retention_enabled: true
limits_config:
reject_old_samples: true
reject_old_samples_max_age: 168h
retention_period: ${RETENTION_PERIOD:29d}
chunk_store_config:
max_look_back_period: 0s

96
loki/rootfs/etc/nginx/includes/mime.types Normal file
View File

@ -0,0 +1,96 @@
types {
text/html html htm shtml;
text/css css;
text/xml xml;
image/gif gif;
image/jpeg jpeg jpg;
application/javascript js;
application/atom+xml atom;
application/rss+xml rss;
text/mathml mml;
text/plain txt;
text/vnd.sun.j2me.app-descriptor jad;
text/vnd.wap.wml wml;
text/x-component htc;
image/png png;
image/svg+xml svg svgz;
image/tiff tif tiff;
image/vnd.wap.wbmp wbmp;
image/webp webp;
image/x-icon ico;
image/x-jng jng;
image/x-ms-bmp bmp;
font/woff woff;
font/woff2 woff2;
application/java-archive jar war ear;
application/json json;
application/mac-binhex40 hqx;
application/msword doc;
application/pdf pdf;
application/postscript ps eps ai;
application/rtf rtf;
application/vnd.apple.mpegurl m3u8;
application/vnd.google-earth.kml+xml kml;
application/vnd.google-earth.kmz kmz;
application/vnd.ms-excel xls;
application/vnd.ms-fontobject eot;
application/vnd.ms-powerpoint ppt;
application/vnd.oasis.opendocument.graphics odg;
application/vnd.oasis.opendocument.presentation odp;
application/vnd.oasis.opendocument.spreadsheet ods;
application/vnd.oasis.opendocument.text odt;
application/vnd.openxmlformats-officedocument.presentationml.presentation
pptx;
application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
xlsx;
application/vnd.openxmlformats-officedocument.wordprocessingml.document
docx;
application/vnd.wap.wmlc wmlc;
application/x-7z-compressed 7z;
application/x-cocoa cco;
application/x-java-archive-diff jardiff;
application/x-java-jnlp-file jnlp;
application/x-makeself run;
application/x-perl pl pm;
application/x-pilot prc pdb;
application/x-rar-compressed rar;
application/x-redhat-package-manager rpm;
application/x-sea sea;
application/x-shockwave-flash swf;
application/x-stuffit sit;
application/x-tcl tcl tk;
application/x-x509-ca-cert der pem crt;
application/x-xpinstall xpi;
application/xhtml+xml xhtml;
application/xspf+xml xspf;
application/zip zip;
application/octet-stream bin exe dll;
application/octet-stream deb;
application/octet-stream dmg;
application/octet-stream iso img;
application/octet-stream msi msp msm;
audio/midi mid midi kar;
audio/mpeg mp3;
audio/ogg ogg;
audio/x-m4a m4a;
audio/x-realaudio ra;
video/3gpp 3gpp 3gp;
video/mp2t ts;
video/mp4 mp4;
video/mpeg mpeg mpg;
video/quicktime mov;
video/webm webm;
video/x-flv flv;
video/x-m4v m4v;
video/x-mng mng;
video/x-ms-asf asx asf;
video/x-ms-wmv wmv;
video/x-msvideo avi;
}

15
loki/rootfs/etc/nginx/includes/proxy_params.conf Normal file
View File

@ -0,0 +1,15 @@
proxy_http_version 1.1;
proxy_ignore_client_abort off;
proxy_read_timeout 86400s;
proxy_redirect off;
proxy_send_timeout 86400s;
proxy_max_temp_file_size 0;
proxy_set_header Accept-Encoding "";
proxy_set_header Connection $connection_upgrade;
proxy_set_header Host $http_host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-NginX-Proxy true;
proxy_set_header X-Real-IP $remote_addr;

6
loki/rootfs/etc/nginx/includes/server_params.conf Normal file
View File

@ -0,0 +1,6 @@
root /dev/null;
server_name $hostname;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;

8
loki/rootfs/etc/nginx/includes/ssl_params.conf Normal file
View File

@ -0,0 +1,8 @@
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers off;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_session_timeout 10m;
ssl_session_cache shared:SSL:10m;
ssl_session_tickets off;
ssl_stapling on;
ssl_stapling_verify on;

3
loki/rootfs/etc/nginx/includes/upstream.conf Normal file
View File

@ -0,0 +1,3 @@
upstream backend {
server 127.0.0.1:8080;
}

52
loki/rootfs/etc/nginx/nginx.conf Normal file
View File

@ -0,0 +1,52 @@
# Run nginx in foreground.
daemon off;
# Set user
user abc;
# Pid storage location.
pid /var/run/nginx.pid;
# Set number of worker processes.
worker_processes 1;
# Enables the use of JIT for regular expressions to speed-up their processing.
pcre_jit on;
# Write error log to the add-on log.
error_log /proc/1/fd/1 error;
# Load dynamic modules.
include /etc/nginx/modules/*.conf;
# Max num of simultaneous connections by a worker process.
events {
worker_connections 512;
}
http {
include /etc/nginx/includes/mime.types;
log_format homeassistant '[$time_local] $status '
'$http_x_forwarded_for($remote_addr) '
'$request ($http_user_agent)';
access_log off;
client_max_body_size 4G;
default_type application/octet-stream;
gzip on;
keepalive_timeout 65;
sendfile on;
server_tokens off;
tcp_nodelay on;
tcp_nopush on;
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
include /etc/nginx/includes/upstream.conf;
include /etc/nginx/servers/*.conf;
}

17
loki/rootfs/etc/nginx/servers/direct-mtls.disabled Normal file
View File

@ -0,0 +1,17 @@
server {
listen 3100 default_server ssl;
include /etc/nginx/includes/server_params.conf;
include /etc/nginx/includes/ssl_params.conf;
include /etc/nginx/includes/proxy_params.conf;
ssl_certificate /ssl/%%certfile%%;
ssl_certificate_key /ssl/%%keyfile%%;
ssl_client_certificate %%cafile%%;
ssl_verify_client on;
location / {
proxy_pass http://backend;
}
}

14
loki/rootfs/etc/nginx/servers/direct-ssl.disabled Normal file
View File

@ -0,0 +1,14 @@
server {
listen 3100 default_server ssl;
include /etc/nginx/includes/server_params.conf;
include /etc/nginx/includes/ssl_params.conf;
include /etc/nginx/includes/proxy_params.conf;
ssl_certificate /ssl/%%certfile%%;
ssl_certificate_key /ssl/%%keyfile%%;
location / {
proxy_pass http://backend;
}
}

10
loki/rootfs/etc/nginx/servers/direct.disabled Normal file
View File

@ -0,0 +1,10 @@
server {
listen 3100 default_server;
include /etc/nginx/includes/server_params.conf;
include /etc/nginx/includes/proxy_params.conf;
location / {
proxy_pass http://backend;
}
}

14
loki/rootfs/etc/nginx/servers/ready.conf Normal file
View File

@ -0,0 +1,14 @@
server {
listen 3101 default_server;
include /etc/nginx/includes/server_params.conf;
include /etc/nginx/includes/proxy_params.conf;
location = /ready {
proxy_pass http://backend;
}
location / {
return 444;
}
}

14
loki/rootfs/etc/services.d/loki/finish Normal file
View File

@ -0,0 +1,14 @@
#!/usr/bin/env bashio
# ==============================================================================
# Home Assistant Add-on: Loki
# Take down the S6 supervision tree when Loki fails
# ==============================================================================
declare APP_EXIT_CODE=${1}
if [[ "${APP_EXIT_CODE}" -ne 0 ]] && [[ "${APP_EXIT_CODE}" -ne 256 ]]; then
bashio::log.warning "Halt add-on with exit code ${APP_EXIT_CODE}"
echo "${APP_EXIT_CODE}" > /run/s6-linux-init-container-results/exitcode
exec /run/s6/basedir/bin/halt
fi

51
loki/rootfs/etc/services.d/loki/run Normal file
View File

@ -0,0 +1,51 @@
#!/usr/bin/with-contenv bashio
# shellcheck shell=bash
# ==============================================================================
# Home Assistant Add-on: Loki
# Runs Loki
# ==============================================================================
readonly BIND_ADDR=127.0.0.1
readonly HTTP_PORT=8080
declare log_level
loki_config='/etc/loki/default-config.yaml'
bashio::log.info 'Starting Loki...'
if bashio::config.exists 'config_path'; then
loki_config=$(bashio::config 'config_path')
bashio::log.info "Using config at ${loki_config}"
else
bashio::log.info "Using default config"
fi
retention_period="$(bashio::config 'days_to_keep' 1)d"
bashio::log.info "Retention period set to ${retention_period}"
export "RETENTION_PERIOD=${retention_period}"
case "$(bashio::config 'log_level')" in \
trace) ;& \
debug) log_level='debug' ;; \
notice) ;& \
warning) log_level='warn' ;; \
error) ;& \
fatal) log_level='error' ;; \
*) log_level='info' ;; \
esac;
bashio::log.info "Loki log level set to ${log_level}"
loki_args=(
"-config.expand-env=true"
"-config.file=${loki_config}"
"-server.http-listen-address=${BIND_ADDR}"
"-server.http-listen-port=${HTTP_PORT}"
"-log.level=${log_level}"
)
if [ "${log_level}" == "debug" ]; then
bashio::log.debug "Logging full config on startup for debugging..."
loki_args+=("-print-config-stderr=true")
fi
bashio::log.info "Handing over control to Loki..."
exec s6-setuidgid abc \
/usr/bin/loki "${loki_args[@]}"

13
loki/rootfs/etc/services.d/nginx/finish Normal file
View File

@ -0,0 +1,13 @@
#!/usr/bin/env bashio
# ==============================================================================
# Home Assistant Add-on: Loki
# Take down the S6 supervision tree when Nginx fails
# ==============================================================================
declare APP_EXIT_CODE=${1}
if [[ "${APP_EXIT_CODE}" -ne 0 ]] && [[ "${APP_EXIT_CODE}" -ne 256 ]]; then
bashio::log.warning "Halt add-on with exit code ${APP_EXIT_CODE}"
echo "${APP_EXIT_CODE}" > /run/s6-linux-init-container-results/exitcode
exec /run/s6/basedir/bin/halt
fi

10
loki/rootfs/etc/services.d/nginx/run Normal file
View File

@ -0,0 +1,10 @@
#!/usr/bin/with-contenv bashio
# shellcheck shell=bash
# ==============================================================================
# Home Assistant Add-on: Loki
# Runs the Nginx daemon
# ==============================================================================
bashio::net.wait_for 8080
bashio::log.info "Starting NGinx..."
exec /usr/sbin/nginx

112
prometheus_node_exporter/CHANGELOG.md Normal file
View File

@ -0,0 +1,112 @@
# Changelog
## [1.0.1] - 2024-09-11
- Upgraded base image from `ghcr.io/hassio-addons/base/<arch>:16.1.2` to `16.3.0`
## [1.0.0] - 2024-07-01
⚠️ BREAKING CHANGES ⚠️
- Upgraded Node Exporter to `1.8.1`
- Upgraded base image from `ghcr.io/hassio-addons/base/<arch>:15.0.8` to `16.1.2`
- Removes the default username/password
- Now requires a plaintext password instead of a bcrypt string (the container will bcrypt the password for you)
- If you're upgrading from `0.9.1` or any earlier version, you will **NEED** to go to the "Configuration" tab and enter the plaintext version of your password (if you leave the bcrypt hash in the password field, the container will try to hash your already-hashed password)
## [0.9.1] - 2024-05-14
- Upgraded base image from `ghcr.io/hassio-addons/base/<arch>:15.0.4` to `15.0.8`
- Added [CONTRIBUTING.md](https://github.com/loganmarchione/hassos-addons/blob/main/prometheus_node_exporter/CONTRIBUTING.md)
## [0.9.0] - 2024-05-13
- Upgraded Node Exporter to `1.8.0` thanks to [@b-reich](https://github.com/b-reich) in https://github.com/loganmarchione/hassos-addons/pull/49
## [0.8.2] - 2024-01-16
- Upgraded base image from `ghcr.io/hassio-addons/base/<arch>:15.0.1` to `15.0.4`
## [0.8.1] - 2024-01-11
- Published pre-built image to GHCR thanks to [@wozz](https://github.com/wozz) in https://github.com/loganmarchione/hassos-addons/pull/47
## [0.8.0] - 2023-12-13
- Upgraded Node Exporter to `1.7.0`
- Upgraded base image from `ghcr.io/hassio-addons/base/<arch>:14.1.0` to `15.0.1`
## [0.7.0] - 2023-08-18
- Upgraded Node Exporter to `1.6.1`
- Upgraded base image from `ghcr.io/hassio-addons/base/<arch>:14.0.0` to `14.1.0`
## [0.6.0] - 2023-05-18
- Upgraded base image from `ghcr.io/hassio-addons/base/<arch>:13.1.3` to `14.0.0`
- Added support for Prometheus Node Exporter command-line arguments thanks to [@falzm](https://github.com/falzm) in https://github.com/loganmarchione/hassos-addons/pull/34
## [0.5.0] - 2023-03-16
- Upgraded Node Exporter to `1.5.0`
- Upgraded base image from `ghcr.io/hassio-addons/base/<arch>:12.2.4` to `13.1.3`
## [0.4.0] - 2022-10-20
- Upgraded base image from `ghcr.io/hassio-addons/base/<arch>:12.2.0` to `12.2.4`
## [0.3.0] - 2022-09-26
- Upgraded Node Exporter to `1.4.0`
## [0.2.1] - 2022-08-05
- Added more logging around TLS
## [0.2.0] - 2022-08-05
- Added TLS support thanks to [@Quedale](https://github.com/Quedale) in https://github.com/loganmarchione/hassos-addons/pull/7
- Mapped Node Exporter config files from `/etc` to `/config`, to allow editing via the [File editor add-on](https://github.com/home-assistant/addons/tree/master/configurator)
## [0.1.1] - 2022-08-05
- Added configuration option descriptions
## [0.1.0] - 2022-07-11
- Upgraded base image from `ghcr.io/hassio-addons/base/<arch>:11.1.2` to `12.2.0` (Alpine Linux 3.16), but also disabled the s6 init system because of [this issue](https://github.com/home-assistant/supervisor/issues/3642)
- Added CI from [here](https://github.com/hassio-addons/addon-glances/blob/main/.github/workflows/ci.yaml)
## [0.0.7] - 2022-06-07
- Upgraded base image from `ghcr.io/hassio-addons/base/<arch>:11.1.0` to `11.1.2` (this is the last without s6 v3)
## [0.0.6] - 2022-05-17
- Fixed S6-overlay v3 problems
- Added build.json file to better control base image versions
- Small formatting fixes and readability changes
## [0.0.5] - 2022-02-13
- Added HTTP Basic Auth
## [0.0.4] - 2021-12-29
- Upgraded Node Exporter to `1.3.1`
## [0.0.3] - 2021-12-12
- Built for `armv7` (Raspberry Pi 3B) thanks to [@jaredacox](https://github.com/jaredacox) in https://github.com/loganmarchione/hassos-addons/pull/1
## [0.0.2] - 2021-11-16
- Built for `aarch64` (Raspberry Pi 4B)
## [0.0.1] - 2021-11-03
- Initial release
## Note
I'm not making numbered GitHub releases/tags, since this is still a beta project. These release numbers are purely made up.

57
prometheus_node_exporter/CONTRIBUTING.md Normal file
View File

@ -0,0 +1,57 @@
# Contributing
## Making changes
Currently, this repo pushes a tagged image from `main` to the [packages](https://github.com/users/loganmarchione/packages?repo_name=hassos-addons) tab each time `main` is updated. As such, if you're proposing a change, please update the following files in a PR and DO NOT push directly to `main`.
1. Bump the `version` number in the [config.json](https://github.com/loganmarchione/hassos-addons/blob/main/prometheus_node_exporter/config.json) file
1. Make whatever changes you need (e.g., bumping the [version of Node Exporter](https://github.com/loganmarchione/hassos-addons/blob/main/prometheus_node_exporter/Dockerfile) or the [version of the base images](https://github.com/loganmarchione/hassos-addons/blob/main/prometheus_node_exporter/build.json))
1. Add your changes to the [CHANGELOG.md](https://github.com/loganmarchione/hassos-addons/blob/main/prometheus_node_exporter/CHANGELOG.md) file
## Testing
I'm still working this out, but am doing testing based on [this page](https://developers.home-assistant.io/docs/add-ons/testing).
After making your changes, run the command below from the git root directory (i.e., `hassos-addons`) to ensure that the add-on builds successfully (substitute `amd64` with `armhf`, `aarch64`, or `i386` based on your system).
```
docker run \
--rm \
-it \
--name builder \
--privileged \
-v ./prometheus_node_exporter:/data \
-v /var/run/docker.sock:/var/run/docker.sock:ro \
ghcr.io/home-assistant/amd64-builder \
-t /data \
--amd64 \
--test \
-i test-prometheus-node-exporter \
-d local
```
To test that the add-on actually runs, I've been using my personal instance of Home Assistant 🤷‍♂️
1. Open the Add-ons panel in Home Assistant by going to `Settings-->Add-ons-->Add-on Store`
1. Uninstall the current Prometheus Node Exporter add-on (the one published from GHCR.io)
1. Install the official [samba add-on](https://github.com/home-assistant/addons/tree/master/samba)
1. Enable samba with a username and password
1. Mount the samba share locally (e.g., Dolphin can use `smb://your_home_assistant_ip_address`)
1. Navigate to the `addons` directory in the samba share
1. Copy/paste the entire `prometheus_node_exporter` directory to the `addons` directory in the samba share
1. In the `config.json` file in the samba share, remove this entire line
```
"image": "ghcr.io/loganmarchione/hassos-addons/prometheusnodeexporter-{arch}",
```
1. Open the Add-ons panel in Home Assistant by going to `Settings-->Add-ons-->Add-on Store`
1. Click the menu icon in the top-right, then click "Check for updates"
1. Refresh the page
1. At the very top, there should be a new section for "Local add-ons" with the "Prometheus Node Exporter" to install
1. Install the new add-on from the local repository
1. Test all configurations
1. Make sure log entries line up with configuration settings
1. Navigate to `http://your_home_assistant_ip_address:9100/metrics` and ensure that HTTP basic auth works as expected
1. Stop and uninstall the local add-on
1. Delete the entire `prometheus_node_exporter` directory in the `addons` directory in the samba share
1. Disable the samba add-on
1. Re-install add-on from GHCR.io (you'll need to re-configure the add-on)

33
prometheus_node_exporter/Dockerfile Normal file
View File

@ -0,0 +1,33 @@
ARG BUILD_FROM
# hadolint ignore=DL3006
FROM $BUILD_FROM
# Set shell
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
# Setup base system
ARG \
BUILD_ARCH \
NODE_EXPORTER_VERSION="1.8.2"
# Copy root filesystem
COPY rootfs /
# hadolint ignore=DL3003,DL3018
RUN \
apk add --no-cache --update apache2-utils tar \
&& ARCH="${BUILD_ARCH}" \
&& if [ "${BUILD_ARCH}" = "aarch64" ]; then ARCH="arm64"; fi \
&& curl -J -L -o /tmp/node_exporter.tar.gz \
"https://github.com/prometheus/node_exporter/releases/download/v${NODE_EXPORTER_VERSION}/node_exporter-${NODE_EXPORTER_VERSION}.linux-${ARCH}.tar.gz" \
&& cd /tmp \
&& tar -xzvf node_exporter.tar.gz --strip-components=1 \
&& mv node_exporter /usr/local/bin/ \
&& adduser -s /bin/false -D -H prometheus \
&& chown -R prometheus:prometheus /usr/local/bin/node_exporter \
&& rm -rf /tmp/node_exporter* LICENSE NOTICE
# This add-on runs on the host pid namespace, making it impossible
# to use S6-Overlay. Therefore the init system is disabled at this point.
ENTRYPOINT []
CMD ["/run.sh"]

93
prometheus_node_exporter/README.md Normal file
View File

@ -0,0 +1,93 @@
# prometheus_node_exporter
[![CI](https://github.com/loganmarchione/hassos-addons/actions/workflows/main.yml/badge.svg)](https://github.com/loganmarchione/hassos-addons/actions/workflows/main.yml)
The Prometheus [Node Exporter](https://github.com/prometheus/node_exporter) for hardware and OS metrics exposed by \*NIX kernels.
## Installation
1. Add my [repository](https://github.com/loganmarchione/hassos-addons). The URL is `https://github.com/loganmarchione/hassos-addons`.
1. Search for the "Prometheus Node Exporter" add-on in the Supervisor add-on store and install it.
1. Disable "Protection mode" in the add-on panel.
1. Optional - Check the `Configuration` tab of the add-on to make any changes you'd like.
1. Start the add-on.
1. Check the `Logs` tab of the add-on to see if everything went well.
1. To verify the metrics are available, visit `http://your_home_assistant_ip_address:9100/metrics` in your browser, or use curl: `curl -X GET http://your_home_assistant_ip_address:9100/metrics`.
## Configuration
By default, Prometheus Node Exporter listens on TCP port 9100.
### HTTP Basic Authentication
[HTTP Basic Auth](https://en.wikipedia.org/wiki/Basic_access_authentication) is disabled by default. If you want to enable HTTP Basic Auth:
1. set `enable_basic_auth` to true
1. enter the `basic_auth_user` and `basic_auth_pass`
### TLS
TLS is disabled by default. If you want to enable TLS:
1. set `enable_tls` to true
1. enter the `cert_file` and `cert_key`
⚠️ Note that the `cert_file` and `cert_key` need to be a `/path/to/fullchain.pem` and `/path/to/privkey.pem`, respectively (`/config` and `/ssl` are mapped to this add-on) ⚠️
### Command-line arguments
This option allows you to pass command-line arguments directly to Prometheus Node Exporter. This is particularly useful to adjust which [collectors](https://github.com/prometheus/node_exporter/#collectors) run. For example, to disable all collectors except the `cpu` collector, you can use this string: `--collector.disable-defaults --collector.cpu`.
## Usage (in Prometheus server)
Add the following to the `/etc/prometheus/prometheus.yml` config file on your Prometheus server:
```
scrape_configs:
...
...
...
- job_name: 'homeassistant'
static_configs:
- targets: ['your_home_assistant_ip_address:9100']
basic_auth:
username: username_goes_here
password: password_goes_here
```
The following Prometheus query should return data:
```
node_uname_info{job="homeassistant"}
```
## Support
- Tested on `amd64` and `aarch64` (Raspberry Pi 4B) platforms
## License
WIP
## Known issues
- [ ] The "Open Web UI" button doesn't work when Home Assistant is behind a reverse proxy.
- [x] Only tested on `amd64` builds.
## TODO
- [x] Add HTTP Basic Auth
- [x] Add abilty to enter plain-text password instead of bcyrpt-ed hash
- [x] Add TLS
- [x] Per [this comment](https://community.home-assistant.io/t/hello-world-example-addon-from-developer-docs-stopped-working-s6-overlay-issue/421486/7), setup container images on a registry (DockerHub or GitHub) so that users aren't building the container with each install (would have prevented [this issue](https://github.com/loganmarchione/hassos-addons/issues/2))
- [x] Investigate CI/CD for this repo, specifically [this](https://github.com/home-assistant/actions) and [this](https://github.com/hassio-addons/addon-glances/blob/main/.github/workflows/ci.yaml) as an example
- [ ] Investigate dropping API access (e.g., `hassio_api`, `homeassistant_api`, `auth_api`) in order to get my rating up
## FAQ
- Doesn't Home Assistant already have Prometheus integration?
- Yes, but the [official integration](https://www.home-assistant.io/integrations/prometheus/) only exposes entity-related metrics, not host-related metrics.
- Isn't there already an Prometheus add-on?
- Yes, but that [add-on](https://github.com/hassio-addons/addon-prometheus) is for Prometheus server, not the node exporter.
- Why does this add-on require so many permissions?
- The add-on needs to access to host-level metrics (CPU, memory, disk, etc...). As such, I have requested all possible permissions. Please inspect the code of this add-on before you run it.

7
prometheus_node_exporter/build.json Normal file
View File

@ -0,0 +1,7 @@
{
"build_from": {
"amd64": "ghcr.io/hassio-addons/base/amd64:16.3.0",
"aarch64": "ghcr.io/hassio-addons/base/aarch64:16.3.0",
"armv7": "ghcr.io/hassio-addons/base/armv7:16.3.0"
}
}

47
prometheus_node_exporter/config.json Normal file
View File

@ -0,0 +1,47 @@
{
"name": "Prometheus Node Exporter",
"version": "1.0.1",
"slug": "prometheus_node_exporter",
"description": "Prometheus node exporter for hardware and OS metrics",
"url": "https://mezgit.duckdns.org/mezned/HAddons",
"image": "ghcr.io/loganmarchione/hassos-addons/prometheusnodeexporter-{arch}",
"arch": ["amd64", "aarch64", "armv7"],
"startup": "services",
"init": false,
"webui": "[PROTO:enable_tls]://[HOST]:[PORT:9100]",
"ports": {
"9100/tcp": 9100
},
"ports_description": {
"9100/tcp": "Default node exporter port and web interface"
},
"map": [
"config:rw",
"ssl"
],
"hassio_api": true,
"homeassistant_api": true,
"auth_api": true,
"docker_api": true,
"host_network": true,
"host_pid": true,
"apparmor": false,
"options": {
"enable_basic_auth": false,
"basic_auth_user": "",
"basic_auth_pass": "",
"enable_tls": false,
"cert_file": "",
"cert_key": "",
"cmdline_extra_args": ""
},
"schema": {
"enable_basic_auth": "bool",
"basic_auth_user": "str",
"basic_auth_pass": "password",
"enable_tls": "bool",
"cert_file": "str",
"cert_key": "str",
"cmdline_extra_args": "str?"
}
}

BIN
prometheus_node_exporter/icon.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 15 KiB

BIN
prometheus_node_exporter/logo.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 15 KiB

82
prometheus_node_exporter/rootfs/etc/cont-init.d/node_exporter.sh Normal file
View File

@ -0,0 +1,82 @@
#!/usr/bin/env bashio
# ==============================================================================
# Home Assistant Community Add-on: Prometheus Node Exporter
# Configures Prometheus Node Exporter
# ==============================================================================
bashio::require.unprotected
echo "${SUPERVISOR_TOKEN}" > '/run/home-assistant.token'
# Even if the user isn't using these options, we're creating the web config file
# This will allow us to append to the web config file as needed (based on variables)
# Prometheus Node Exporter will run with a blank web config file in the meantime
config_dir=/config
web_config_dir=$config_dir/prometheus_node_exporter
mkdir -p $web_config_dir
chmod 750 $web_config_dir
chown root:prometheus $web_config_dir
web_config_file=$web_config_dir/node_exporter_web.yml
rm -f $web_config_file
touch $web_config_file
chmod 740 $web_config_file
chown root:prometheus $web_config_file
# Poor man's debugger: check permissions on web config file
#ls -la $web_config_file
bashio::log.info "Add-on info - name: $(bashio::addon.name)"
bashio::log.info "Add-on info - version: $(bashio::addon.version)"
bashio::log.info "Add-on info - hostname: $(bashio::addon.hostname)"
bashio::log.info "Add-on info - DNS name: $(bashio::addon.dns)"
bashio::log.info "Checking configuration options..."
#####################
# HTTP Basic Auth
#####################
if bashio::config.false 'enable_basic_auth'; then
bashio::log.warning "HTTP Basic Auth is disabled!"
fi
if bashio::config.true 'enable_basic_auth'; then
bashio::log.info "HTTP Basic Auth is enabled!"
# Require variables
bashio::config.require 'basic_auth_user' "You enabled HTTP Basic Auth, so you must set a username"
bashio::config.require 'basic_auth_pass' "You enabled HTTP Basic Auth, so you must set a password"
basic_auth_user="$(bashio::config 'basic_auth_user')"
basic_auth_pass="$(bashio::config 'basic_auth_pass')"
# bcrypt the password
hashed_password=$(htpasswd -bnBC 12 "" "$basic_auth_pass" | tr -d ':\n')
# Start echoing lines out to web config file (YAML is space-sensitive so I'm lazily not using a heredoc)
echo "basic_auth_users:" >> $web_config_file
echo " $basic_auth_user: $hashed_password" >> $web_config_file
fi
#####################
# TLS
#####################
if bashio::config.false 'enable_tls'; then
bashio::log.warning "TLS is disabled!"
fi
if bashio::config.true 'enable_tls'; then
bashio::log.info "TLS is enabled!"
# Require variables
bashio::config.require 'cert_file' "You enabled TLS, so you must set certificate file"
bashio::config.require 'cert_key' "You enabled TLS, so you must set certificate key"
cert_file="$(bashio::config 'cert_file')"
cert_key="$(bashio::config 'cert_key')"
# Start echoing lines out to web config file (YAML is space-sensitive so I'm lazily not using a heredoc)
echo "tls_server_config:" >> $web_config_file
echo " cert_file: $cert_file" >> $web_config_file
echo " key_file: $cert_key" >> $web_config_file
fi

9
prometheus_node_exporter/rootfs/etc/services.d/node_exporter/run Normal file
View File

@ -0,0 +1,9 @@
#!/usr/bin/env bashio
# ==============================================================================
# Home Assistant Community Add-on: Prometheus Node Exporter
# Runs the Prometheus Node Exporter
# ==============================================================================
bashio::log.info "Starting Prometheus Node Exporter..."
# Run Prometheus
exec /usr/local/bin/node_exporter --web.config.file=/config/prometheus_node_exporter/node_exporter_web.yml $(bashio::config 'cmdline_extra_args' '')

16
prometheus_node_exporter/rootfs/run.sh Normal file
View File

@ -0,0 +1,16 @@
#!/usr/bin/env bashio
# ==============================================================================
# Home Assistant Community Add-on: Prometheus Node Exporter
# Runs the Prometheus Node Exporter
# ==============================================================================
#
# WHAT IS THIS FILE?!
#
# The Prometheus Node Exporter add-on runs in the host PID namespace, therefore it cannot
# use the regular S6-Overlay; hence this add-on uses a "old school" script
# to run; with a couple of "hacks" to make it work.
# ==============================================================================
/etc/cont-init.d/node_exporter.sh
# Start Prometheus Node Exporter
exec /etc/services.d/node_exporter/run

23
prometheus_node_exporter/translations/en.yaml Normal file
View File

@ -0,0 +1,23 @@
---
configuration:
enable_basic_auth:
name: Enable HTTP basic auth
description: Toggle on to enable HTTP basic authentication (i.e., password protection)
basic_auth_user:
name: Basic auth username
description: The basic auth username
basic_auth_pass:
name: Basic auth password
description: The basic auth password
enable_tls:
name: Enable TLS
description: Toggle on to enable TLS (you will need to provide a path to certificates)
cert_file:
name: Public key
description: This is a /path/to/fullchain.pem
cert_key:
name: Private key
description: This is a /path/to/privkey.pem
cmdline_extra_args:
name: Command line extra arguments
description: Extra arguments to pass to the "node_exporter" command at startup (see https://github.com/prometheus/node_exporter/#installation-and-usage for more information)