ducky/nerd-monitor
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 3 Wiki Activity

Compare commits

base: ducky:v0.0.32
Branches Tags
ducky:master
ducky:v0.0.35 ducky:v0.0.34 ducky:v0.0.33 ducky:v0.0.32 ducky:v0.0.31 ducky:v0.0.3 ducky:v0.0.2
...
compare: ducky:0a37b04506e301701c090f8f9df0bb6ee11a539c
Branches Tags
ducky:master
ducky:v0.0.35 ducky:v0.0.34 ducky:v0.0.33 ducky:v0.0.32 ducky:v0.0.31 ducky:v0.0.3 ducky:v0.0.2

4 Commits
v0.0.32 ... 0a37b04506

Author SHA1 Message Date
Ducky SSH User
0a37b04506 Fix Alpine Linux addgroup/adduser syntax for non-root user creation
All checks were successful
Build and Release / build (push) Successful in 12s
Details
2025-12-20 06:45:21 +00:00
Ducky SSH User
a5a683d1de Fix Docker Compose and Dockerfile issues: remove image pull, fix entrypoint permissions 2025-12-20 06:36:20 +00:00
Ducky SSH User
e0b8f8650b Fix wget --post-file usage with temporary files for API calls
All checks were successful
Build and Release / build (push) Successful in 11s
Details
2025-12-20 06:31:33 +00:00
Ducky SSH User
3a7b5a0f9a Replace curl with wget in CI/CD workflow for Gitea runner compatibility 2025-12-20 06:31:02 +00:00
4 changed files with 47 additions and 44 deletions
Expand all files Collapse all files

39
.gitea/workflows/release.yml
View File

@@ -103,15 +103,22 @@ jobs:
echo "Creating release for tag: $TAG" echo "Creating release for tag: $TAG"
echo "Repository: $REPO_OWNER/$REPO_NAME" echo "Repository: $REPO_OWNER/$REPO_NAME"
# Create release using Gitea API # Create release using Gitea API with wget
echo "Creating new release..." echo "Creating new release..."
RESPONSE=$(curl -s -X POST \
-H "Authorization: token $GITEA_TOKEN" \ # Create JSON payload in a temp file
-H "Content-Type: application/json" \ cat > /tmp/release.json << 'PAYLOAD'
-d "{\"tag_name\":\"$TAG\",\"name\":\"Release $TAG\",\"draft\":false,\"prerelease\":false}" \ {"tag_name":"TAG_PLACEHOLDER","name":"Release TAG_PLACEHOLDER","draft":false,"prerelease":false}
PAYLOAD
sed -i "s/TAG_PLACEHOLDER/$TAG/g" /tmp/release.json
RESPONSE=$(wget --post-file=/tmp/release.json \
--header="Authorization: token $GITEA_TOKEN" \
--header="Content-Type: application/json" \
-O - -q \
"$GITEA_URL/api/v1/repos/$REPO_OWNER/$REPO_NAME/releases") "$GITEA_URL/api/v1/repos/$REPO_OWNER/$REPO_NAME/releases")
# Extract release ID using grep instead of jq # Extract release ID using grep
RELEASE_ID=$(echo "$RESPONSE" | grep -o '"id":[0-9]*' | head -1 | grep -o '[0-9]*') RELEASE_ID=$(echo "$RESPONSE" | grep -o '"id":[0-9]*' | head -1 | grep -o '[0-9]*')
if [ -z "$RELEASE_ID" ]; then if [ -z "$RELEASE_ID" ]; then
@@ -129,18 +136,18 @@ jobs:
filename=$(basename "$file") filename=$(basename "$file")
echo " Uploading: $filename" echo " Uploading: $filename"
UPLOAD_RESPONSE=$(curl -s -w "\n%{http_code}" -X POST \ # Upload binary file to Gitea API
-H "Authorization: token $GITEA_TOKEN" \ UPLOAD_RESPONSE=$(wget --post-file="$file" \
-F "attachment=@$file" \ --header="Authorization: token $GITEA_TOKEN" \
"$GITEA_URL/api/v1/repos/$REPO_OWNER/$REPO_NAME/releases/$RELEASE_ID/assets") --header="Content-Type: application/octet-stream" \
-O - -q \
"$GITEA_URL/api/v1/repos/$REPO_OWNER/$REPO_NAME/releases/$RELEASE_ID/assets?name=$filename" 2>&1)
HTTP_CODE=$(echo "$UPLOAD_RESPONSE" | tail -n 1) if echo "$UPLOAD_RESPONSE" | grep -q '"id"'; then
echo " ✓ $filename uploaded"
if [ "$HTTP_CODE" = "201" ] || [ "$HTTP_CODE" = "200" ]; then
echo " ✓ $filename uploaded (HTTP $HTTP_CODE)"
else else
echo " ✗ Failed to upload $filename (HTTP $HTTP_CODE)" echo " ✗ Failed to upload $filename"
echo "Response: $(echo "$UPLOAD_RESPONSE" | head -n -1)" echo "Response: $UPLOAD_RESPONSE"
fi fi
fi fi
done done

28
Dockerfile.agent
View File

@@ -25,21 +25,21 @@ WORKDIR /app
COPY --from=builder /app/nerd-monitor-agent . COPY --from=builder /app/nerd-monitor-agent .
# Create non-root user # Create entrypoint script BEFORE switching users
RUN addgroup -D appgroup && adduser -D appuser -G appgroup RUN echo '#!/bin/sh' > /app/entrypoint.sh && \
USER appuser echo 'SERVER=${SERVER:-localhost:8080}' >> /app/entrypoint.sh && \
echo 'INTERVAL=${INTERVAL:-15s}' >> /app/entrypoint.sh && \
echo 'AGENT_ID=${AGENT_ID:-}' >> /app/entrypoint.sh && \
echo 'if [ -z "$AGENT_ID" ]; then' >> /app/entrypoint.sh && \
echo ' exec ./nerd-monitor-agent --server "$SERVER" --interval "$INTERVAL"' >> /app/entrypoint.sh && \
echo 'else' >> /app/entrypoint.sh && \
echo ' exec ./nerd-monitor-agent --server "$SERVER" --interval "$INTERVAL" --id "$AGENT_ID"' >> /app/entrypoint.sh && \
echo 'fi' >> /app/entrypoint.sh && \
chmod +x /app/entrypoint.sh
# Create entrypoint script to handle environment variables # Create non-root user
RUN echo '#!/bin/sh\n\ RUN addgroup -g 1000 appgroup && adduser -D -u 1000 -G appgroup appuser
SERVER=${SERVER:-localhost:8080}\n\ USER appuser
INTERVAL=${INTERVAL:-15s}\n\
AGENT_ID=${AGENT_ID:-}\n\
if [ -z "$AGENT_ID" ]; then\n\
exec ./nerd-monitor-agent --server "$SERVER" --interval "$INTERVAL"\n\
else\n\
exec ./nerd-monitor-agent --server "$SERVER" --interval "$INTERVAL" --id "$AGENT_ID"\n\
fi\n\
' > /app/entrypoint.sh && chmod +x /app/entrypoint.sh
# Run the agent # Run the agent
ENTRYPOINT ["/app/entrypoint.sh"] ENTRYPOINT ["/app/entrypoint.sh"]

20
Dockerfile.server
View File

@@ -32,8 +32,17 @@ RUN apk add --no-cache ca-certificates
# Copy binary from builder # Copy binary from builder
COPY --from=builder /app/nerd-monitor-server . COPY --from=builder /app/nerd-monitor-server .
# Create entrypoint script BEFORE switching users
RUN echo '#!/bin/sh' > /app/entrypoint.sh && \
echo 'ADDR=${ADDR:-0.0.0.0}' >> /app/entrypoint.sh && \
echo 'PORT=${PORT:-8080}' >> /app/entrypoint.sh && \
echo 'USERNAME=${USERNAME:-admin}' >> /app/entrypoint.sh && \
echo 'PASSWORD=${PASSWORD:-admin}' >> /app/entrypoint.sh && \
echo 'exec ./nerd-monitor-server -addr "$ADDR" -port "$PORT" -username "$USERNAME" -password "$PASSWORD"' >> /app/entrypoint.sh && \
chmod +x /app/entrypoint.sh
# Create non-root user # Create non-root user
RUN addgroup -D appgroup && adduser -D appuser -G appgroup RUN addgroup -g 1000 appgroup && adduser -D -u 1000 -G appgroup appuser
USER appuser USER appuser
# Expose port # Expose port
@@ -43,14 +52,5 @@ EXPOSE 8080
HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \ HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
CMD wget --quiet --tries=1 --spider http://localhost:8080/login || exit 1 CMD wget --quiet --tries=1 --spider http://localhost:8080/login || exit 1
# Create entrypoint script to handle environment variables
RUN echo '#!/bin/sh\n\
ADDR=${ADDR:-0.0.0.0}\n\
PORT=${PORT:-8080}\n\
USERNAME=${USERNAME:-admin}\n\
PASSWORD=${PASSWORD:-admin}\n\
exec ./nerd-monitor-server -addr "$ADDR" -port "$PORT" -username "$USERNAME" -password "$PASSWORD"\n\
' > /app/entrypoint.sh && chmod +x /app/entrypoint.sh
# Run the server # Run the server
ENTRYPOINT ["/app/entrypoint.sh"] ENTRYPOINT ["/app/entrypoint.sh"]

4
docker-compose.yml
View File

@@ -1,5 +1,3 @@
version: '3.8'
# ============================================================================ # ============================================================================
# Nerd Monitor Docker Compose Configuration # Nerd Monitor Docker Compose Configuration
# ============================================================================ # ============================================================================
@@ -40,7 +38,6 @@ services:
context: . context: .
dockerfile: Dockerfile.server dockerfile: Dockerfile.server
container_name: nerd-monitor-server container_name: nerd-monitor-server
image: nerd-monitor-server:latest
ports: ports:
- "8080:8080" - "8080:8080"
environment: environment:
@@ -82,7 +79,6 @@ services:
build: build:
context: . context: .
dockerfile: Dockerfile.agent dockerfile: Dockerfile.agent
image: nerd-monitor-agent:latest
environment: environment:
# Agent configuration # Agent configuration
SERVER: "server:8080" # Connect to the server service SERVER: "server:8080" # Connect to the server service