Possible new monitoring stack.

Merged by Trez.One

.gitea/workflows/pr-cloudflare-docker-deploy.yml

@@ -308,7 +308,7 @@ jobs:
         uses: keatonLiu/docker-compose-remote-action@v1.2
         with:
           docker_compose_file: docker-compose.yml
-          docker_args: -d --remove-orphans --pull missing --parallel -1 ${{ steps.regenerate-readme-modified-services.outputs.modified_services }}
+          docker_args: -d --remove-orphans --pull missing --parallel -1
           ssh_user: gitea-deploy
           ssh_host: 192.168.1.254
           ssh_host_public_key: ${{ secrets.RINOA_GITEA_PUBLIC_SSH_KEY }}

README.md

@@ -6,11 +6,12 @@
 | --- | --- |
 | actual_server | docker.io/actualbudget/actual-server:latest |
 | adguard | adguard/adguardhome:latest |
-| apprise | lscr.io/linuxserver/apprise-api:latest |
 | audiobookshelf | ghcr.io/advplyr/audiobookshelf:latest |
 | authelia | authelia/authelia:master |
 | authelia-pg | postgres:16-alpine |
 | bazarr | lscr.io/linuxserver/bazarr:latest |
+| beszel | henrygd/beszel:latest |
+| beszel-agent | henrygd/beszel-agent:latest |
 | bitmagnet | ghcr.io/bitmagnet-io/bitmagnet:latest |
 | bitmagnet-pg-db | postgres:17-alpine |
 | bitwarden | vaultwarden/server:latest |
@@ -22,8 +23,6 @@
 | crowdsec | crowdsecurity/crowdsec:latest |
 | crowdsec-dashboard | metabase/metabase |
 | czkawka | jlesage/czkawka |
-| dagu-scheduler | ghcr.io/dagu-org/dagu:latest |
-| dagu-server | ghcr.io/dagu-org/dagu:latest |
 | dbgate | dbgate/dbgate:alpine |
 | delugevpn | ghcr.io/binhex/arch-delugevpn:latest |
 | docker-socket-proxy | ghcr.io/tecnativa/docker-socket-proxy:latest |
@@ -58,8 +57,8 @@
 | influxdb2 | influxdb:2-alpine |
 | invidious | quay.io/invidious/invidious:latest |
 | invidious-db | docker.io/library/postgres:14 |
-| invoice_ninja | invoiceninja/invoiceninja:5 |
+| invoice-ninja | invoiceninja/invoiceninja-debian:5 |
-| invoice_ninja_proxy | nginx |
+| invoice-ninja_proxy | nginx |
 | it-tools | ghcr.io/corentinth/it-tools:latest |
 | jellyfin | jellyfin/jellyfin |
 | jitsi-etherpad | etherpad/etherpad:1.8.6 |
@@ -74,8 +73,6 @@
 | lidarr | lscr.io/linuxserver/lidarr:latest |
 | lidify | thewicklowwolf/lidify:latest |
 | lldap | lldap/lldap:stable |
-| lobe-chat | lobehub/lobe-chat-database |
-| lobe-chat-pg-db | pgvector/pgvector:pg16 |
 | maloja | krateng/maloja:latest |
 | mariadb | linuxserver/mariadb |
 | mastodon | lscr.io/linuxserver/mastodon:latest |
@@ -90,11 +87,10 @@
 | netbird-relay | netbirdio/relay:latest |
 | netbird-management | netbirdio/management:latest |
 | netbird-coturn | coturn/coturn:latest |
-| netbox | lscr.io/linuxserver/netbox:latest |
-| netbox-db | postgres:17-alpine |
 | nextcloud | nextcloud/all-in-one:latest |
 | ollama | ollama/ollama |
 | ombi | lscr.io/linuxserver/ombi:latest |
+| open-webui | ghcr.io/open-webui/open-webui:main |
 | paperless-ngx | ghcr.io/paperless-ngx/paperless-ngx:latest |
 | pgbackweb | eduardolat/pgbackweb:latest |
 | pgbackweb-db | postgres:16-alpine |
@@ -103,6 +99,7 @@
 | plausible_db | postgres:16-alpine |
 | plausible_events_db | clickhouse/clickhouse-server:24.3.3.102-alpine |
 | portainer | portainer/portainer-ce:alpine-sts |
+| portall | need4swede/portall:latest |
 | postal-smtp | ghcr.io/postalserver/postal:latest |
 | postal-web | ghcr.io/postalserver/postal:latest |
 | postal-worker | ghcr.io/postalserver/postal:latest |
@@ -120,10 +117,6 @@
 | scraperr-api | jpyles0524/scraperr_api:latest |
 | scrutiny | ghcr.io/analogj/scrutiny:master-omnibus |
 | searxng | searxng/searxng:latest |
-| slurpit-portal | slurpit/portal:latest |
-| slurpit-scanner | slurpit/scanner:latest |
-| slurpit-scraper | slurpit/scraper:latest |
-| slurpit-warehouse | slurpit/warehouse:latest |
 | sonarqube | mc1arke/sonarqube-with-community-branch-plugin:lts |
 | sonarqube-pg-db | postgres:17-alpine |
 | sonarr | lscr.io/linuxserver/sonarr:latest |
@@ -144,10 +137,6 @@
 | wallabag | wallabag/wallabag |
 | wallos | bellamy/wallos:latest |
 | watchtower | ghcr.io/containrrr/watchtower:latest |
-| wazuh-agent | kennyopennix/wazuh-agent:latest |
-| wazuh-dashboard | wazuh/wazuh-dashboard: |
-| wazuh-indexer | wazuh/wazuh-indexer: |
-| wazuh-manager | wazuh/wazuh-manager: |
 | web-check | lissy93/web-check |
 | your_spotify | lscr.io/linuxserver/your_spotify:latest |
 | youtubedl | nbr23/youtube-dl-server:latest |

docker-compose.yml

@@ -3372,6 +3372,30 @@ services:
         type: bind
         bind:
           create_host_path: true
+  netalertx:
+    container_name: netalertx
+    environment:
+      TZ: ${TZ}
+      PORT: 20211
+    image: jokobsk/netalertx:latest
+    network_mode: host
+    labels:
+      homepage.group: Infrastructure/App Performance Monitoring
+      homepage.name: NetAlertX
+      homepage.href: http://192.168.1.254:20211
+      homepage.icon: netalertx.svg
+      homepage.description: Network Monitoring
+    restart: unless-stopped
+    volumes:
+      - ${DOCKER_VOLUME_CONFIG}/netalertx/config:/app/config
+      - ${DOCKER_VOLUME_CONFIG}/netalertx/db:/app/db
+      # (optional) useful for debugging if you have issues setting up the container
+      # - ${DOCKER_VOLUME_CONFIG}/netalertx/logs:/app/log
+      # (API: OPTION 1) use for performance
+      - type: tmpfs
+        target: /app/api
+      # (API: OPTION 2) use when debugging issues
+      # - ${DOCKER_VOLUME_CONFIG}/netalertx/api:/app/api
   netbird-dashboard:
     container_name: netbird-dashboard
     environment:
@@ -3661,6 +3685,40 @@ services:
         type: bind
         bind:
           create_host_path: true
+  parseable:
+    command: [ "parseable", "s3-store" ]
+    depends_on:
+      - minio
+    environment:
+      P_STAGING_DIR: /staging
+      P_ADDR: 0.0.0.0:8000
+      P_USERNAME: admin
+      P_PASSWORD: ${PARSEABLE_PASSWORD}
+      P_S3_URL: http://minio:9000
+      P_S3_BUCKET: parseable
+      P_S3_ACCESS_KEY: ${PARSEABLE_S3_ACCESS_KEY}
+      P_S3_SECRET_KEY: ${PARSEABLE_S3_SECRET_KEY}
+      P_S3_REGION: us-east-fh-pln
+    healthcheck:
+      test: [ "CMD", "curl", "-f", "http://localhost:8000/api/v1/liveness" ]
+      interval: 15s
+      timeout: 20s
+      retries: 5
+    image: containers.parseable.com/parseable/parseable:latest
+    labels:
+      homepage.group: Infrastructure/App Performance Monitoring
+      homepage.name: Parseable
+      homepage.href: https://logs.${MY_TLD}
+      homepage.icon: parseable.svg
+      homepage.description: Backups for PostgreSQL
+      swag: enable
+      swag_proto: http
+      swag_port: 8000
+      swag_url: logs.${MY_TLD}
+    volumes:
+      - /parseable/staging:/staging
+    ports:
+      - 14453:8000
   pgbackweb:
     container_name: pgbackweb
     depends_on:
@@ -3824,17 +3882,18 @@ services:
       swag: enable
       swag_auth: authelia
       swag_proto: http
-      swag_port: 9000
+      swag_port: 8080
       swag_url: portall.${MY_TLD}
       swag.uptime-kuma.enabled: true
       swag.uptime-kuma.monitor.url: https://portall.${MY_TLD}
       homepage.group: System Administration
       homepage.name: Portall
-      homepage.href: https://portainer.${MY_TLD}
+      homepage.href: https://portall.${MY_TLD}
       homepage.icon: sh-portall.png
       homepage.description: Management for container ports
     ports:
       - 8000:8080
+    restart: unless-stopped
     volumes:
       - ${DOCKER_VOLUME_CONFIG}/portall:/app/instance
   postal-smtp:
@@ -6284,6 +6343,16 @@ services:
     volumes:
       - ${DOCKER_VOLUME_CONFIG}/hashicorp-vault/config/:/vault/config
       - ${DOCKER_VOLUME_CONFIG}/hashicorp-vault/logs/:/vault/logs
+  vector:
+    image: timberio/vector:0.44.0-alpine
+    container_name: vector
+    environment:
+      DOCKER_HOST: tcp://dockerproxy:2375
+    ports:
+      - 60157:8686
+    restart: unless-stopped
+    volumes:
+      - ${DOCKER_VOLUME_CONFIG}/vector/vector.yaml:/etc/vector/vector.yaml:ro
   wallabag:
     container_name: wallabag
     depends_on:

vector_vector.yaml.j2

@@ -0,0 +1,31 @@
+  sources:
+    rinoa_docker_logs:
+      type: docker_logs
+      exclude_containers:
+        - zammad-init
+
+  sinks:
+    parseable:
+      type: http
+      method: post
+      batch:
+        max_bytes: 10485760
+        max_events: 1000
+        timeout_secs: 10
+      compression: gzip
+      inputs:
+        - rinoa_docker_logs
+      encoding:
+        codec: json
+      uri: http://parseable:8000/api/v1/ingest'
+      auth:
+        strategy: basic
+        user: admin
+        password: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['PARSEABLE_PASSWORD'] }}
+      request:
+        headers:
+          X-P-Stream: vectordemo
+      healthcheck:
+        enabled: true
+        path: 'http://parseable:8000/api/v1/liveness'
+        port: 80