Configure dashboards & fluent-bit (#200)

This commit is contained in:
Elbakyan Shirak 2024-04-17 16:10:06 +04:00 committed by GitHub
parent fde212c05c
commit d21d760b01
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
10 changed files with 141 additions and 1 deletions

View File

@ -13,6 +13,7 @@ RES_APP_CHECK_PORTS="uses ports"
RES_CHECK_PORTS="please, make sure that the ports are free.";
RES_INSTALL_SUCCESS="Thank you for installing ONLYOFFICE ${product_name}.";
RES_QUESTIONS="In case you have any questions contact us via http://support.onlyoffice.com or visit our forum at http://forum.onlyoffice.com"
INSTALL_FLUENT_BIT="true"
while [ "$1" != "" ]; do
case $1 in
@ -53,6 +54,27 @@ while [ "$1" != "" ]; do
fi
;;
-ifb | --installfluentbit )
if [ "$2" != "" ]; then
INSTALL_FLUENT_BIT=$2
shift
fi
;;
-du | --dashboadrsusername )
if [ "$2" != "" ]; then
DASHBOARDS_USERNAME=$2
shift
fi
;;
-dp | --dashboadrspassword )
if [ "$2" != "" ]; then
DASHBOARDS_PASSWORD=$2
shift
fi
;;
-ls | --localscripts )
if [ "$2" != "" ]; then
LOCAL_SCRIPTS=$2
@ -89,6 +111,9 @@ while [ "$1" != "" ]; do
echo " -je, --jwtenabled specifies the enabling the JWT validation (true|false)"
echo " -jh, --jwtheader defines the http header that will be used to send the JWT"
echo " -js, --jwtsecret defines the secret key to validate the JWT in the request"
echo " -ifb, --installfluentbit install or update fluent-bit (true|false)"
echo " -du, --dashboadrsusername login for authorization in /dashboards/"
echo " -dp, --dashboadrspassword password for authorization in /dashboards/"
echo " -ls, --local_scripts use 'true' to run local scripts (true|false)"
echo " -skiphc, --skiphardwarecheck use to skip hardware check (true|false)"
echo " -ms, --makeswap make swap file (true|false)"

View File

@ -85,7 +85,7 @@ elif [ "$UPDATE" = "true" ] && [ "$PRODUCT_INSTALLED" = "true" ]; then
fi
fi
hold_package_version dotnet-host opensearch redis-server rabbitmq-server
hold_package_version dotnet-host opensearch redis-server rabbitmq-server opensearch-dashboards fluent-bit
if [ "$MAKESWAP" == "true" ]; then
make_swap

View File

@ -36,6 +36,13 @@ curl -o- https://artifacts.opensearch.org/publickeys/opensearch.pgp | gpg --dear
echo "deb [signed-by=/usr/share/keyrings/opensearch-keyring] https://artifacts.opensearch.org/releases/bundle/opensearch/2.x/apt stable main" >> /etc/apt/sources.list.d/opensearch-2.x.list
ELASTIC_VERSION="2.11.1"
#add opensearch dashboards repo
if [ ${INSTALL_FLUENT_BIT} == "true" ]; then
curl -o- https://artifacts.opensearch.org/publickeys/opensearch.pgp | gpg --dearmor --batch --yes -o /usr/share/keyrings/opensearch-keyring
echo "deb [signed-by=/usr/share/keyrings/opensearch-keyring] https://artifacts.opensearch.org/releases/bundle/opensearch-dashboards/2.x/apt stable main" >> /etc/apt/sources.list.d/opensearch-dashboards-2.x.list
DASHBOARDS_VERSION="2.11.1"
fi
# add nodejs repo
NODE_VERSION="18"
curl -fsSL https://deb.nodesource.com/setup_${NODE_VERSION}.x | bash -
@ -124,6 +131,11 @@ if ! dpkg -l | grep -q "opensearch"; then
apt-get install -yq opensearch=${ELASTIC_VERSION}
fi
if [ ${INSTALL_FLUENT_BIT} == "true" ]; then
apt-get install -yq opensearch-dashboards=${DASHBOARDS_VERSION}
curl https://raw.githubusercontent.com/fluent/fluent-bit/master/install.sh | sh
fi
# disable apparmor for mysql
if which apparmor_parser && [ ! -f /etc/apparmor.d/disable/usr.sbin.mysqld ] && [ -f /etc/apparmor.d/disable/usr.sbin.mysqld ]; then
ln -sf /etc/apparmor.d/usr.sbin.mysqld /etc/apparmor.d/disable/;

View File

@ -14,6 +14,7 @@ RES_CHECK_PORTS="please, make sure that the ports are free.";
RES_INSTALL_SUCCESS="Thank you for installing ONLYOFFICE ${product_name}.";
RES_QUESTIONS="In case you have any questions contact us via http://support.onlyoffice.com or visit our forum at http://forum.onlyoffice.com"
RES_MARIADB="To continue the installation, you need to remove MariaDB"
INSTALL_FLUENT_BIT="true"
res_unsupported_version () {
RES_CHOICE="Please, enter Y or N"
@ -62,6 +63,27 @@ while [ "$1" != "" ]; do
fi
;;
-ifb | --installfluentbit )
if [ "$2" != "" ]; then
INSTALL_FLUENT_BIT=$2
shift
fi
;;
-du | --dashboadrsusername )
if [ "$2" != "" ]; then
DASHBOARDS_USERNAME=$2
shift
fi
;;
-dp | --dashboadrspassword )
if [ "$2" != "" ]; then
DASHBOARDS_PASSWORD=$2
shift
fi
;;
-ls | --localscripts )
if [ "$2" != "" ]; then
LOCAL_SCRIPTS=$2
@ -98,6 +120,9 @@ while [ "$1" != "" ]; do
echo " -je, --jwtenabled specifies the enabling the JWT validation (true|false)"
echo " -jh, --jwtheader defines the http header that will be used to send the JWT"
echo " -js, --jwtsecret defines the secret key to validate the JWT in the request"
echo " -ifb, --installfluentbit install or update fluent-bit (true|false)"
echo " -du, --dashboadrsusername login for authorization in /dashboards/"
echo " -dp, --dashboadrspassword password for authorization in /dashboards/"
echo " -ls, --local_scripts use 'true' to run local scripts (true|false)"
echo " -skiphc, --skiphardwarecheck use to skip hardware check (true|false)"
echo " -ms, --makeswap make swap file (true|false)"

View File

@ -69,6 +69,12 @@ fi
curl -SL https://artifacts.opensearch.org/releases/bundle/opensearch/2.x/opensearch-2.x.repo -o /etc/yum.repos.d/opensearch-2.x.repo
ELASTIC_VERSION="2.11.1"
#add opensearch dashboards repo
if [ ${INSTALL_FLUENT_BIT} == "true" ]; then
curl -SL https://artifacts.opensearch.org/releases/bundle/opensearch-dashboards/2.x/opensearch-dashboards-2.x.repo -o /etc/yum.repos.d/opensearch-dashboards-2.x.repo
DASHBOARDS_VERSION="2.11.1"
fi
# add nginx repo, Fedora doesn't need it
if [ "$DIST" != "fedora" ]; then
cat > /etc/yum.repos.d/nginx.repo <<END
@ -101,6 +107,12 @@ ${package_manager} -y install $([ $DIST != "fedora" ] && echo "epel-release") \
expect \
ffmpeg $TESTING_REPO
#add repo, install fluent-bit
if [ ${INSTALL_FLUENT_BIT} == "true" ]; then
curl https://raw.githubusercontent.com/fluent/fluent-bit/master/install.sh | bash
${package_manager} -y install opensearch-dashboards-${DASHBOARDS_VERSION} --enablerepo=opensearch-dashboards-2.x
fi
if [[ $PSQLExitCode -eq $UPDATE_AVAILABLE_CODE ]]; then
yum -y install postgresql-upgrade
postgresql-setup --upgrade || true

View File

@ -26,6 +26,7 @@ APP_PORT="80"
ELK_SHEME="http"
ELK_HOST="localhost"
ELK_PORT="9200"
OPENSEARCH_INDEX="${PACKAGE_SYSNAME}-${PRODUCT}-logs"
RABBITMQ_HOST="localhost"
RABBITMQ_USER="guest"
@ -179,6 +180,20 @@ while [ "$1" != "" ]; do
fi
;;
-du | --dashboadrsusername )
if [ "$2" != "" ]; then
DASHBOARDS_USERNAME=$2
shift
fi
;;
-dp | --dashboadrspassword )
if [ "$2" != "" ]; then
DASHBOARDS_PASSWORD=$2
shift
fi
;;
-docsurl | --docsurl )
if [ "$2" != "" ]; then
DOCUMENT_SERVER_URL_EXTERNAL=$2
@ -706,6 +721,40 @@ setup_elasticsearch() {
echo "OK"
}
setup_dashboards() {
echo -n "Configuring dashboards... "
DASHBOARDS_CONF_PATH="/etc/opensearch-dashboards/opensearch_dashboards.yml"
# configure login&pass for Dashboards, used by Nginx HTTP Basic Authentication
echo "${DASHBOARDS_USERNAME:-"onlyoffice"}:$(openssl passwd -6 -stdin <<< "${DASHBOARDS_PASSWORD:-"onlyoffice"}")" > /etc/openresty/.htpasswd_dashboards
chown nginx:nginx /etc/openresty/.htpasswd_dashboards
# enable connection with opensearch
sed -i 's~\(opensearch\.hosts:\).*~\1 \[http://localhost:9200\]~' ${DASHBOARDS_CONF_PATH}
sed -i '/^opensearch\_security/d' ${DASHBOARDS_CONF_PATH}
if /usr/share/opensearch-dashboards/bin/opensearch-dashboards-plugin list --allow-root | grep "securityDashboards*" > /dev/null 2>&1 ; then
/usr/share/opensearch-dashboards/bin/opensearch-dashboards-plugin remove securityDashboards --allow-root > /dev/null 2>&1
fi
# set basePath variable to get access to Dashboards from a remote host
sed 's_.*\(server.basePath:\).*_\1 "/dashboards"_' -i ${DASHBOARDS_CONF_PATH}
systemctl restart opensearch-dashboards
echo "OK"
}
setup_fluentbit() {
echo -n "Configuring fluent-bit... "
# Replace variables in fluent-bit config file template, force copy to conf directory
sed -i "s/OPENSEARCH_HOST/$ELK_HOST/g; s/OPENSEARCH_PORT/$ELK_PORT/g; s/OPENSEARCH_INDEX/$OPENSEARCH_INDEX/g; s/OPENSEARCH_SCHEME/$ELK_SHEME/g" ${APP_DIR}/fluent-bit.conf
cp -f ${APP_DIR}/fluent-bit.conf /etc/fluent-bit/fluent-bit.conf
systemctl restart fluent-bit
echo "OK"
}
setup_redis() {
echo -n "Configuring redis... "
@ -822,6 +871,14 @@ elif $PACKAGE_MANAGER opensearch >/dev/null 2>&1; then
setup_elasticsearch "LOCAL_ELASTIC_SERVER"
fi
if $PACKAGE_MANAGER opensearch-dashboards >/dev/null 2>&1; then
setup_dashboards
fi
if $PACKAGE_MANAGER fluent-bit >/dev/null 2>&1; then
setup_fluentbit
fi
if [[ ! -z $EXTERNAL_REDIS_FLAG ]]; then
check_connection_external_services "$REDIS_HOST" "$REDIS_PORT" "Redis"
setup_redis "EXTERNAL_REDIS_SERVER"

View File

@ -2,3 +2,4 @@ debian/build/buildtools/config/*.json etc/onlyo
debian/build/buildtools/config/*.config etc/onlyoffice/{{product}}
debian/build/buildtools/install/common/{{product}}-configuration usr/bin
debian/build/buildtools/install/common/logrotate/{{product}}-common etc/logrotate.d
debian/build/buildtools/install/docker/config/fluent-bit.conf etc/onlyoffice/{{product}}

View File

@ -76,6 +76,7 @@ override_dh_auto_build: check_archives
sed -e 's_etc/nginx_etc/openresty_g' -e 's/listen\s\+\([0-9]\+\);/listen 127.0.0.1:\1;/g' -i ${BUILDTOOLS_PATH}/config/nginx/*.conf
sed -i "s#\$$public_root#/var/www/${PRODUCT}/public/#g" ${BUILDTOOLS_PATH}/config/nginx/onlyoffice.conf
sed -E 's_(http://)[^:]+(:5601)_\1localhost\2_g' -i ${BUILDTOOLS_PATH}/config/nginx/onlyoffice.conf
sed 's/teamlab.info/onlyoffice.com/g' -i ${BUILDTOOLS_PATH}/config/autofac.consumers.json
json -I -f ${CLENT_PATH}/public/scripts/config.json -e "this.wrongPortalNameUrl=\"\""
sed -e 's/$$router_host/127.0.0.1/g' -e 's/this_host\|proxy_x_forwarded_host/host/g' -e 's/proxy_x_forwarded_proto/scheme/g' -e 's/proxy_x_forwarded_port/server_port/g' -e 's_includes_/etc/openresty/includes_g' -i ${BUILDTOOLS_PATH}/install/docker/config/nginx/onlyoffice-proxy*.conf
@ -83,6 +84,8 @@ override_dh_auto_build: check_archives
sed -e '/.pid/d' -e '/temp_path/d' -e 's_etc/nginx_etc/openresty_g' -e 's/\.log/-openresty.log/g' -i ${BUILDTOOLS_PATH}/install/docker/config/nginx/templates/nginx.conf.template
mv -f ${BUILDTOOLS_PATH}/install/docker/config/nginx/onlyoffice-proxy-ssl.conf ${BUILDTOOLS_PATH}/install/docker/config/nginx/onlyoffice-proxy-ssl.conf.template
cp -rf ${BUILDTOOLS_PATH}/install/docker/config/nginx/onlyoffice-proxy.conf ${BUILDTOOLS_PATH}/install/docker/config/nginx/onlyoffice-proxy.conf.template
sed -i '/^\s*Name\s\+forward\s*/d; /^\s*Listen\s\+127\.0\.0\.1\s*/d; /^\s*Port\s\+24224\s*/d' ${BUILDTOOLS_PATH}/install/docker/config/fluent-bit.conf
sed -i '0,/\[INPUT\]/ s/\(\[INPUT\]\)/\1\n Name tail\n Path \/var\/log\/onlyoffice\/${PRODUCT}\/*.log\n Path_Key filename/' ${BUILDTOOLS_PATH}/install/docker/config/fluent-bit.conf
for i in ${PRODUCT} $$(ls ${CURDIR}/debian/*.install | grep -oP 'debian/\K.*' | grep -o '^[^.]*'); do \
cp ${CURDIR}/debian/source/lintian-overrides ${CURDIR}/debian/$$i.lintian-overrides; \

View File

@ -26,9 +26,12 @@ sed 's/teamlab.info/onlyoffice.com/g' -i config/autofac.consumers.json
sed -e 's_etc/nginx_etc/openresty_g' -e 's/listen\s\+\([0-9]\+\);/listen 127.0.0.1:\1;/g' -i config/nginx/*.conf
sed -i "s#\$public_root#/var/www/%{product}/public/#g" config/nginx/onlyoffice.conf
sed -E 's_(http://)[^:]+(:5601)_\1localhost\2_g' -i config/nginx/onlyoffice.conf
sed -e 's/$router_host/127.0.0.1/g' -e 's/this_host\|proxy_x_forwarded_host/host/g' -e 's/proxy_x_forwarded_proto/scheme/g' -e 's/proxy_x_forwarded_port/server_port/g' -e 's_includes_/etc/openresty/includes_g' -i install/docker/config/nginx/onlyoffice-proxy*.conf
sed -e '/.pid/d' -e '/temp_path/d' -e 's_etc/nginx_etc/openresty_g' -e 's/\.log/-openresty.log/g' -i install/docker/config/nginx/templates/nginx.conf.template
sed -i "s_\(.*root\).*;_\1 \"/var/www/%{product}\";_g" -i install/docker/config/nginx/letsencrypt.conf
sed -i '/^\s*Name\s\+forward\s*$/d; /^\s*Listen\s\+127\.0\.0\.1\s*$/d; /^\s*Port\s\+24224\s*$/d' -i install/docker/config/fluent-bit.conf
sed -i "0,/\[INPUT\]/ s/\(\[INPUT\]\)/\1\n Name tail\n Path \/var\/log\/onlyoffice\/%{product}\/*.log\n Path_Key filename/" -i install/docker/config/fluent-bit.conf
find %{_builddir}/server/publish/ \
%{_builddir}/server/ASC.Migration.Runner \

View File

@ -35,6 +35,7 @@ mkdir -p "%{buildroot}%{_sysconfdir}/openresty/html/"
mkdir -p "%{buildroot}%{_sysconfdir}/onlyoffice/%{product}/openresty"
mkdir -p "%{buildroot}%{_sysconfdir}/onlyoffice/%{product}/.private/"
mkdir -p "%{buildroot}%{_sysconfdir}/logrotate.d"
mkdir -p "%{buildroot}%{_sysconfdir}/fluent-bit/"
mkdir -p "%{buildroot}%{_docdir}/%{name}-%{version}-%{release}/"
mkdir -p "%{buildroot}%{_bindir}/"
cp -rf %{_builddir}/publish/web/public/* "%{buildroot}%{buildpath}/public/"
@ -75,3 +76,4 @@ cp -rf %{_builddir}/buildtools/config/nginx/onlyoffice*.conf "%{buildroot}%{_sys
cp -rf %{_builddir}/buildtools/config/nginx/includes/onlyoffice*.conf "%{buildroot}%{_sysconfdir}/openresty/includes/"
cp -rf %{_builddir}/buildtools/config/nginx/html/*.html "%{buildroot}%{_sysconfdir}/openresty/html/"
cp -rf %{_builddir}/buildtools/config/* "%{buildroot}%{_sysconfdir}/onlyoffice/%{product}/"
cp -rf %{_builddir}/buildtools/install/docker/config/fluent-bit.conf "%{buildroot}%{_sysconfdir}/onlyoffice/%{product}/"