From bb427191b7923bc97775132182b8c3cd57646c35 Mon Sep 17 00:00:00 2001 From: Jason Levine Date: Thu, 23 Feb 2017 14:40:00 -0500 Subject: add support for multiple munin usernames and passwords use openssl to generate htpasswd file remove apache2-utils dependency update readme regarding username/password support --- Dockerfile | 2 +- README.md | 10 +++++----- start-munin.sh | 15 ++++++++++++--- 3 files changed, 18 insertions(+), 9 deletions(-) mode change 100644 => 100755 start-munin.sh diff --git a/Dockerfile b/Dockerfile index 498e213..e3cacde 100644 --- a/Dockerfile +++ b/Dockerfile @@ -5,7 +5,7 @@ MAINTAINER Leo Unbekandt RUN adduser --system --home /var/lib/munin --shell /bin/false --uid 1103 --group munin RUN apt-get update -qq && RUNLEVEL=1 DEBIAN_FRONTEND=noninteractive \ - apt-get install -y -qq cron munin munin-node nginx apache2-utils wget heirloom-mailx patch spawn-fcgi libcgi-fast-perl + apt-get install -y -qq cron munin munin-node nginx wget heirloom-mailx patch spawn-fcgi libcgi-fast-perl RUN rm /etc/nginx/sites-enabled/default && mkdir -p /var/cache/munin/www && chown munin:munin /var/cache/munin/www && mkdir -p /var/run/munin && chown -R munin:munin /var/run/munin VOLUME /var/lib/munin diff --git a/README.md b/README.md index 783c2d5..7989a43 100644 --- a/README.md +++ b/README.md @@ -6,10 +6,10 @@ All the configuration is done through the environment. ### HTTP Credentials -These are the credentials used to authenticate the HTTP dashboard +These are the credentials used to authenticate the HTTP dashboard; both take a space-delimited list -* `MUNIN_USER` -* `MUNIN_PASSWORD` +* `MUNIN_USERS` +* `MUNIN_PASSWORDS` ### SMTP info for alerts @@ -60,8 +60,8 @@ docker run -d \ -v /var/lib/munin:/var/lib/munin \ -v /var/run/munin:/var/run/munin \ -v /var/cache/munin:/var/cache/munin \ - -e MUNIN_USER=http-user \ - -e MUNIN_PASSWORD=secret-password \ + -e MUNIN_USERS=http-user another-user \ + -e MUNIN_PASSWORDS=secret-password other-users-password \ -e SMTP_HOST=smtp.example.com \ -e SMTP_PORT=587 \ -e SMTP_USERNAME=smtp-username \ diff --git a/start-munin.sh b/start-munin.sh old mode 100644 new mode 100755 index fda929c..4ab8e1c --- a/start-munin.sh +++ b/start-munin.sh @@ -1,8 +1,8 @@ #!/bin/bash NODES=${NODES:-} SNMP_NODES=${SNMP_NODES:-} -MUNIN_USER=${MUNIN_USER:-user} -MUNIN_PASSWORD=${MUNIN_PASSWORD:-password} +MUNIN_USERS=${MUNIN_USERS:-user} +MUNIN_PASSWORDS=${MUNIN_PASSWORDS:-password} MAIL_CONF_PATH='/var/lib/munin/.mailrc' SMTP_USE_TLS=${SMTP_USE_TLS:-false} SMTP_ALWAYS_SEND=${SMTP_ALWAYS_SEND:-true} @@ -47,7 +47,16 @@ if [ $rc -ne 0 -a -n "${ALERT_RECIPIENT}" -a -n "${ALERT_SENDER}" ] ; then fi fi -[ -e /etc/munin/htpasswd.users ] || htpasswd -b -c /etc/munin/htpasswd.users "$MUNIN_USER" "$MUNIN_PASSWORD" +# generate the Munin auth username/password file +if [ ! -f /etc/munin/htpasswd.users ]; then + uc = 0 + IFS=' ' read -ra ARR_USERS <<< "$MUNIN_USERS" + IFS=' ' read -ra ARR_PASSWORDS <<< "$MUNIN_PASSWORDS" + for u in "${ARR_USERS[@]}"; do + printf "${u}:`openssl passwd -apr1 ${ARR_PASSWORDS[uc]}`\n" >> /etc/munin/htpasswd.users + (( uc++ )) + done +fi # generate node list for NODE in $NODES -- cgit v1.2.1