trying fluentd I guess

2024-03-18 21:41:39 -04:00 · 2024-03-18 21:41:39 -04:00 · 7138b0e548
parent 900d22bb29
commit 7138b0e548
11 changed files with 90 additions and 112 deletions
--- a/README.md
+++ b/README.md
@ -1,2 +1,12 @@
 <!-- build 0 -->
-Theres lots of settings for making it look nice but I just got the basics laid out and the uploads directory needs to be looked at and its file perms.
+```yaml
+version: '3.8'
+services:
+  redis:
+    image: redis:alpine
+    logging:
+      driver: fluentd
+      options:
+        fluentd-address: localhost:24224
+        tag: "{{.Name}}/{{.ImageName}}"
+```
--- a/docker-compose.production.yml
+++ b/docker-compose.production.yml
@ -1,7 +1,7 @@
 version: "3.9"
 services:
-  send:
+  fluentd:
    build:
-      context: docker/send
+      context: docker/fluentd
      dockerfile: Dockerfile.production
-    image: git.nixc.us/nixius/send:production-web
+    image: git.nixc.us/nixius/fluentd:production-web
--- a/docker-compose.staging.yml
+++ b/docker-compose.staging.yml
@ -1,6 +1,6 @@
 version: "3.9"
 services:
-  send:
+  fluentd:
    build:
-      context: docker/send
-    image: git.nixc.us/nixius/send:staging-web
+      context: docker/fluentd
+    image: git.nixc.us/nixius/fluentd:staging-web
--- a/docker/fluentd/Dockerfile
+++ b/docker/fluentd/Dockerfile
@ -0,0 +1,26 @@
+# Use the official Fluentd Alpine-based image as a base
+FROM fluent/fluentd:v1.16-alpine
+
+# Use root to perform the operations
+USER root
+
+# Update and Install build dependencies for native extensions
+# This step is necessary for some Fluentd plugins that require native extensions
+RUN apk add --no-cache --update build-base ruby-dev
+
+# Install any additional dependencies or plugins you need
+# Example: fluent-plugin-out-http, adjust according to your needs
+RUN fluent-gem install fluent-plugin-out-http --no-document
+
+# Clean up
+RUN apk del build-base ruby-dev && \
+    rm -rf /tmp/* /var/tmp/* /usr/lib/ruby/gems/*/cache/*.gem
+
+# Copy your custom Fluentd configuration file into the image
+COPY fluent.conf /fluentd/etc/
+
+# Set the configuration file as the main configuration file for Fluentd
+ENV FLUENTD_CONF=fluent.conf
+
+# Switch back to the fluent user for security
+USER fluent
--- a/docker/fluentd/Dockerfile.production
+++ b/docker/fluentd/Dockerfile.production
@ -0,0 +1 @@
+FROM git.nixc.us/nixius/fluentd:staging-web
--- a/docker/fluentd/fluent.conf
+++ b/docker/fluentd/fluent.conf
@ -0,0 +1,32 @@
+<source>
+  @type forward
+  port 24224
+  bind 0.0.0.0
+</source>
+
+# Convert raw logs to JSON format
+<filter **>
+  @type record_transformer
+  <record>
+    level "error"
+    message "${record["log"]}"
+    timestamp "${time}"
+    service "${tag_parts[0]}"
+    container_image "${tag_parts[1]}"
+  </record>
+  remove_keys "log"
+</filter>
+
+# Matches logs and forwards them to Sentry
+<match **>
+  @type http
+  endpoint https://glitch.nixc.us/api/5/security/?glitchtip_key=b4a0501ad2264d5b84054f8222628adc
+  headers {"Content-Type": "application/json"}
+  http_method post
+  <buffer>
+    flush_interval 10s
+  </buffer>
+  <format>
+    @type json
+  </format>
+</match>
--- a/docker/redis/.gitkeep
+++ b/docker/redis/.gitkeep
@ -1 +0,0 @@
-# TODO: Deploy a static version of redis maybe for what its worth.
--- a/docker/send/Dockerfile
+++ b/docker/send/Dockerfile
@ -1 +0,0 @@
-FROM registry.gitlab.com/timvisee/send:latest
--- a/docker/send/Dockerfile.production
+++ b/docker/send/Dockerfile.production
@ -1 +0,0 @@
-FROM git.nixc.us/nixius/send:staging-web
--- a/stack.production.yml
+++ b/stack.production.yml
@ -1,61 +1,14 @@
-version: "3.7"
+version: "3.9"
 networks:
-  traefik:
+  logging:
    external: true
-  default:
 services:
-  web:
-    image: git.nixc.us/nixius/send:production-web
-    depends_on:
-      - redis
-    environment:
-      REDIS_HOST: send_redis
-      FILE_DIR: /uploads
-      DETECT_BASE_URL: "true"
-      MAX_FILE_SIZE: 4294967296 # 2147483648 #4,294,967,296
-      MAX_FILES_PER_ARCHIVE: 64
-      MAX_DOWNLOADS: 5
-      DOWNLOAD_COUNTS: "2,1,2,5"#,10,15,25,50,100,1000"
-      EXPIRE_TIMES_SECONDS: "3600,86400,604800,2592000,31536000"
-      DEFAULT_DOWNLOADS: "1"
-      DEFAULT_EXPIRE_SECONDS: "86400"
-    volumes:
-      - /mnt/tank/persist/nixc.us/send/production/uploads:/uploads
+  fluentd:
+    image: git.nixc.us/nixius/fluentd:production
    networks:
-      - default
-      - traefik
+      - logging
    deploy:
      replicas: 1
      placement:
        constraints:
-          - node.hostname == macmini8
-      labels:
-        - "traefik.enable=true"
-        - "traefik.http.routers.production_send_web.tls=true"
-        - "traefik.http.services.production_send_web.loadbalancer.server.port=1443"
-        - "traefik.http.routers.production_send_web.rule=Host(`send.nixc.us`)"
-        - "traefik.http.routers.production_send_web.entrypoints=websecure"
-        - "traefik.http.routers.production_send_web.tls.certresolver=letsencryptresolver"
-        - "traefik.http.routers.production_send_web.service=production_send_web"
-        - "traefik.docker.network=traefik"
-    networks:
-      - traefik
-      - default
-  redis:
-    image: redis:alpine
-    networks:
-      - default
-  redis:
-    image: redis
-    deploy:
-      replicas: 1
-      placement:
-        constraints:
-          - node.hostname == macmini8
-      labels:
-        - traefik.enable=false
-    volumes:
-      - /mnt/tank/persist/nixc.us/send/production/db:/data
-    networks:
-      - default
-    entrypoint: redis-server
+          - node.hostname == ingress.nixc.us
--- a/stack.staging.yml
+++ b/stack.staging.yml
@ -1,55 +1,14 @@
-version: "3.7"
+version: "3.9"
 networks:
-  traefik:
+  logging:
    external: true
-  default:
 services:
-  web:
-    image: git.nixc.us/nixius/send:staging-web
-    depends_on:
-      - redis
-    environment:
-      REDIS_HOST: send_redis
-      FILE_DIR: /uploads
-      DETECT_BASE_URL: "true"
-      MAX_FILE_SIZE: 4294967296 # 2147483648 #4,294,967,296
-      MAX_FILES_PER_ARCHIVE: 64
-      MAX_DOWNLOADS: 20
-      DOWNLOAD_COUNTS: "2,1,2,5,10,15,25,50,100,1000"
-      EXPIRE_TIMES_SECONDS: "3600,86400,604800,2592000,31536000"
-      DEFAULT_DOWNLOADS: "1"
-      DEFAULT_EXPIRE_SECONDS: "86400"
-    # volumes:
-    #   - /mnt/tank/persist/aenow.com/send/staging/uploads:/uploads
+  fluentd:
+    image: git.nixc.us/nixius/fluentd:production
    networks:
-      - default
-      - traefik
+      - logging
    deploy:
      replicas: 1
-      labels:
-        - "traefik.enable=true"
-        - "traefik.http.routers.staging_send_web.tls=true"
-        - "traefik.http.services.staging_send_web.loadbalancer.server.port=1443"
-        - "traefik.http.routers.staging_send_web.rule=Host(`staging.send.aenow.com`)"
-        - "traefik.http.routers.staging_send_web.entrypoints=websecure"
-        - "traefik.http.routers.staging_send_web.tls.certresolver=letsencryptresolver"
-        - "traefik.http.routers.staging_send_web.service=staging_send_web"
-        - "traefik.docker.network=traefik"
-    networks:
-      - traefik
-      - default
-  redis:
-    image: redis:alpine
-    networks:
-      - default
-  redis:
-    image: redis
-    deploy:
-      replicas: 1
-      labels:
-        - traefik.enable=false
-    # volumes:
-    #   - /mnt/tank/persist/nixc.us/send/staging/db:/data
-    networks:
-      - default
-    entrypoint: redis-server
+      placement:
+        constraints:
+          - node.hostname == ingress.nixc.us
				`@ -1 +0,0 @@`
				`# TODO: Deploy a static version of redis maybe for what its worth.`
				`@ -1 +0,0 @@`
				`FROM registry.gitlab.com/timvisee/send:latest`