RubyGems - ConfigLMM - Versions diffs - 0.4.0 → 0.5.0 - Mend

ConfigLMM 0.4.0 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (227) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +34 -0
data/CNAME +1 -0
data/Examples/.lmm.state.yaml +159 -0
data/Examples/ConfigLMM.mm.yaml +32 -0
data/Examples/Implemented.mm.yaml +252 -4
data/Examples/SmallBusiness.mm.yaml +492 -0
data/Plugins/Apps/Answer/answer.lmm.rb +165 -0
data/Plugins/Apps/Answer/answer@.service +40 -0
data/Plugins/Apps/ArchiSteamFarm/ArchiSteamFarm.conf.erb +0 -3
data/Plugins/Apps/ArchiSteamFarm/ArchiSteamFarm.lmm.rb +0 -1
data/Plugins/Apps/Authentik/Authentik-ProxyOutpost.container +7 -1
data/Plugins/Apps/Authentik/Authentik-Server.container +6 -1
data/Plugins/Apps/Authentik/Authentik-Worker.container +6 -1
data/Plugins/Apps/Authentik/Authentik.conf.erb +12 -7
data/Plugins/Apps/Authentik/Authentik.lmm.rb +226 -61
data/Plugins/Apps/BookStack/BookStack.conf.erb +0 -3
data/Plugins/Apps/BookStack/BookStack.container +5 -0
data/Plugins/Apps/BookStack/BookStack.lmm.rb +14 -3
data/Plugins/Apps/Cassandra/Cassandra.lmm.rb +9 -19
data/Plugins/Apps/ClickHouse/ClickHouse.container +28 -0
data/Plugins/Apps/ClickHouse/ClickHouse.lmm.rb +113 -0
data/Plugins/Apps/ClickHouse/Config/listen.yaml +2 -0
data/Plugins/Apps/ClickHouse/Config/logger.yaml +8 -0
data/Plugins/Apps/ClickHouse/Config/zookeepers.yaml +5 -0
data/Plugins/Apps/ClickHouse/Connection.rb +96 -0
data/Plugins/Apps/Discourse/Discourse-Sidekiq.container +5 -0
data/Plugins/Apps/Discourse/Discourse.conf.erb +1 -4
data/Plugins/Apps/Discourse/Discourse.container +4 -0
data/Plugins/Apps/Discourse/Discourse.lmm.rb +116 -55
data/Plugins/Apps/Dovecot/Dovecot.lmm.rb +74 -62
data/Plugins/Apps/ERPNext/ERPNext-Frontend.container +6 -1
data/Plugins/Apps/ERPNext/ERPNext-Queue.container +5 -0
data/Plugins/Apps/ERPNext/ERPNext-Scheduler.container +5 -0
data/Plugins/Apps/ERPNext/ERPNext-Websocket.container +6 -1
data/Plugins/Apps/ERPNext/ERPNext.container +6 -1
data/Plugins/Apps/ERPNext/ERPNext.lmm.rb +138 -127
data/Plugins/Apps/GitLab/GitLab.container +6 -0
data/Plugins/Apps/GitLab/GitLab.lmm.rb +43 -49
data/Plugins/Apps/Homepage/Homepage.conf.erb +86 -0
data/Plugins/Apps/Homepage/Homepage.container +19 -0
data/Plugins/Apps/Homepage/Homepage.lmm.rb +54 -0
data/Plugins/Apps/IPFS/IPFS.conf.erb +0 -3
data/Plugins/Apps/IPFS/IPFS.lmm.rb +0 -1
data/Plugins/Apps/InfluxDB/InfluxDB.conf.erb +0 -3
data/Plugins/Apps/InfluxDB/InfluxDB.lmm.rb +0 -1
data/Plugins/Apps/Jackett/Jackett.conf.erb +0 -3
data/Plugins/Apps/Jackett/Jackett.lmm.rb +0 -1
data/Plugins/Apps/Jellyfin/Jellyfin.conf.erb +0 -3
data/Plugins/Apps/Jellyfin/Jellyfin.lmm.rb +0 -1
data/Plugins/Apps/LetsEncrypt/LetsEncrypt.lmm.rb +49 -28
data/Plugins/Apps/LibreTranslate/LibreTranslate.container +21 -0
data/Plugins/Apps/LibreTranslate/LibreTranslate.lmm.rb +34 -0
data/Plugins/Apps/Lobsters/Containerfile +81 -0
data/Plugins/Apps/Lobsters/Lobsters-Tasks.container +26 -0
data/Plugins/Apps/Lobsters/Lobsters.conf.erb +99 -0
data/Plugins/Apps/Lobsters/Lobsters.container +27 -0
data/Plugins/Apps/Lobsters/Lobsters.lmm.rb +196 -0
data/Plugins/Apps/Lobsters/crontab +3 -0
data/Plugins/Apps/Lobsters/database.yml +26 -0
data/Plugins/Apps/Lobsters/entrypoint.sh +30 -0
data/Plugins/Apps/Lobsters/generateCredentials.rb +19 -0
data/Plugins/Apps/Lobsters/lobsters-cron.sh +25 -0
data/Plugins/Apps/Lobsters/lobsters-daily.sh +23 -0
data/Plugins/Apps/Lobsters/puma.rb +49 -0
data/Plugins/Apps/MariaDB/Connection.rb +55 -0
data/Plugins/Apps/MariaDB/MariaDB.lmm.rb +60 -53
data/Plugins/Apps/Mastodon/Mastodon-Sidekiq.container +22 -0
data/Plugins/Apps/Mastodon/Mastodon-Streaming.container +20 -0
data/Plugins/Apps/Mastodon/Mastodon.conf.erb +34 -45
data/Plugins/Apps/Mastodon/Mastodon.container +28 -0
data/Plugins/Apps/Mastodon/Mastodon.lmm.rb +240 -5
data/Plugins/Apps/Mastodon/configlmm.rake +30 -0
data/Plugins/Apps/Mastodon/entrypoint.sh +16 -0
data/Plugins/Apps/Matrix/Element.container +5 -0
data/Plugins/Apps/Matrix/Matrix.conf.erb +2 -8
data/Plugins/Apps/Matrix/Matrix.lmm.rb +100 -71
data/Plugins/Apps/Matrix/Synapse.container +5 -0
data/Plugins/Apps/Netdata/Netdata.conf.erb +0 -3
data/Plugins/Apps/Netdata/Netdata.lmm.rb +0 -1
data/Plugins/Apps/Nextcloud/Nextcloud.conf.erb +3 -4
data/Plugins/Apps/Nextcloud/Nextcloud.lmm.rb +150 -68
data/Plugins/Apps/Nextcloud/autoconfig.php +13 -0
data/Plugins/Apps/Nextcloud/config.php +10 -1
data/Plugins/Apps/Nextcloud/nextcloudcron.service +8 -0
data/Plugins/Apps/Nextcloud/nextcloudcron.timer +10 -0
data/Plugins/Apps/Nginx/Connection.rb +93 -0
data/Plugins/Apps/Nginx/conf.d/configlmm.conf +50 -9
data/Plugins/Apps/Nginx/conf.d/languages.conf +21 -0
data/Plugins/Apps/Nginx/config-lmm/errors.conf +25 -20
data/Plugins/Apps/Nginx/config-lmm/gateway-errors.conf +20 -0
data/Plugins/Apps/Nginx/config-lmm/proxy.conf +1 -1
data/Plugins/Apps/Nginx/main.conf.erb +7 -3
data/Plugins/Apps/Nginx/nginx.conf +2 -2
data/Plugins/Apps/Nginx/nginx.lmm.rb +99 -81
data/Plugins/Apps/Nginx/proxy.conf.erb +11 -3
data/Plugins/Apps/Odoo/Odoo.conf.erb +0 -3
data/Plugins/Apps/Odoo/Odoo.container +5 -0
data/Plugins/Apps/Odoo/Odoo.lmm.rb +4 -5
data/Plugins/Apps/Ollama/Ollama.container +26 -0
data/Plugins/Apps/Ollama/Ollama.lmm.rb +73 -0
data/Plugins/Apps/OpenTelemetry/Config/config.yaml +704 -0
data/Plugins/Apps/OpenTelemetry/OpenTelemetry.lmm.rb +154 -0
data/Plugins/Apps/OpenVidu/Ingress.container +5 -0
data/Plugins/Apps/OpenVidu/OpenVidu.conf.erb +0 -3
data/Plugins/Apps/OpenVidu/OpenVidu.container +5 -0
data/Plugins/Apps/OpenVidu/OpenVidu.lmm.rb +7 -3
data/Plugins/Apps/OpenVidu/OpenViduCall.conf.erb +0 -3
data/Plugins/Apps/OpenVidu/OpenViduCall.container +5 -0
data/Plugins/Apps/PHP-FPM/Connection.rb +91 -0
data/Plugins/Apps/PHP-FPM/PHP-FPM.lmm.rb +31 -4
data/Plugins/Apps/Peppermint/Peppermint.conf.erb +2 -5
data/Plugins/Apps/Peppermint/Peppermint.container +5 -0
data/Plugins/Apps/Peppermint/Peppermint.lmm.rb +29 -33
data/Plugins/Apps/Perplexica/Perplexica.container +25 -0
data/Plugins/Apps/Perplexica/Perplexica.lmm.rb +92 -0
data/Plugins/Apps/Perplexica/config.toml +26 -0
data/Plugins/Apps/Podman/Connection.rb +24 -0
data/Plugins/Apps/Podman/Podman.lmm.rb +80 -0
data/Plugins/Apps/Podman/storage.conf +6 -0
data/Plugins/Apps/Postfix/Postfix.lmm.rb +242 -164
data/Plugins/Apps/PostgreSQL/Connection.rb +97 -0
data/Plugins/Apps/PostgreSQL/PostgreSQL.lmm.rb +184 -148
data/Plugins/Apps/Pterodactyl/Pterodactyl.conf.erb +0 -3
data/Plugins/Apps/Pterodactyl/Pterodactyl.lmm.rb +0 -2
data/Plugins/Apps/Pterodactyl/Wings.conf.erb +0 -3
data/Plugins/Apps/RVM/RVM.lmm.rb +57 -0
data/Plugins/Apps/Roundcube/Roundcube.conf.erb +0 -3
data/Plugins/Apps/Roundcube/Roundcube.lmm.rb +15 -19
data/Plugins/Apps/SSH/SSH.lmm.rb +9 -15
data/Plugins/Apps/SearXNG/SearXNG.container +22 -0
data/Plugins/Apps/SearXNG/SearXNG.lmm.rb +79 -0
data/Plugins/Apps/SearXNG/limiter.toml +40 -0
data/Plugins/Apps/SearXNG/settings.yml +2 -0
data/Plugins/Apps/SigNoz/Config/alerts.yml +11 -0
data/Plugins/Apps/SigNoz/Config/otel-collector-config.yaml +110 -0
data/Plugins/Apps/SigNoz/Config/otel-collector-opamp-config.yaml +1 -0
data/Plugins/Apps/SigNoz/Config/prometheus.yml +18 -0
data/Plugins/Apps/SigNoz/SigNoz-Collector.container +23 -0
data/Plugins/Apps/SigNoz/SigNoz-Migrator.container +17 -0
data/Plugins/Apps/SigNoz/SigNoz.conf.erb +61 -0
data/Plugins/Apps/SigNoz/SigNoz.container +26 -0
data/Plugins/Apps/SigNoz/SigNoz.lmm.rb +319 -0
data/Plugins/Apps/Solr/log4j2.xml +89 -0
data/Plugins/Apps/Solr/solr.lmm.rb +82 -0
data/Plugins/Apps/Sunshine/Sunshine.conf.erb +0 -3
data/Plugins/Apps/Sunshine/Sunshine.lmm.rb +0 -1
data/Plugins/Apps/Tunnel/tunnel.lmm.rb +33 -37
data/Plugins/Apps/UVdesk/UVdesk.conf.erb +0 -3
data/Plugins/Apps/Umami/Umami.container +19 -0
data/Plugins/Apps/Umami/Umami.lmm.rb +108 -0
data/Plugins/Apps/Valkey/Valkey.lmm.rb +54 -42
data/Plugins/Apps/Vaultwarden/Vaultwarden.conf.erb +9 -6
data/Plugins/Apps/Vaultwarden/Vaultwarden.container +7 -1
data/Plugins/Apps/Vaultwarden/Vaultwarden.lmm.rb +64 -29
data/Plugins/Apps/Wiki.js/Wiki.js.conf.erb +1 -4
data/Plugins/Apps/Wiki.js/Wiki.js.container +5 -0
data/Plugins/Apps/Wiki.js/Wiki.js.lmm.rb +31 -37
data/Plugins/Apps/YaCy/YaCy.conf.erb +93 -0
data/Plugins/Apps/YaCy/YaCy.container +21 -0
data/Plugins/Apps/YaCy/YaCy.lmm.rb +160 -0
data/Plugins/Apps/ZooKeeper/ZooKeeper.container +24 -0
data/Plugins/Apps/ZooKeeper/ZooKeeper.lmm.rb +68 -0
data/Plugins/Apps/bitmagnet/bitmagnet.conf.erb +0 -3
data/Plugins/Apps/bitmagnet/bitmagnet.lmm.rb +0 -1
data/Plugins/Apps/gollum/gollum.conf.erb +2 -4
data/Plugins/Apps/gollum/gollum.container +6 -0
data/Plugins/Apps/gollum/gollum.lmm.rb +51 -50
data/Plugins/Apps/llama.cpp/llama.cpp.container +28 -0
data/Plugins/Apps/llama.cpp/llama.cpp.lmm.rb +90 -0
data/Plugins/Apps/vLLM/vLLM.container +32 -0
data/Plugins/Apps/vLLM/vLLM.lmm.rb +89 -0
data/Plugins/OS/General/Utils.lmm.rb +26 -0
data/Plugins/OS/Linux/Connection.rb +472 -0
data/Plugins/OS/Linux/Debian/preseed.cfg.erb +25 -6
data/Plugins/OS/Linux/Flavours.yaml +13 -0
data/Plugins/OS/Linux/Grub/grub.cfg +10 -0
data/Plugins/OS/Linux/HTTP.rb +32 -0
data/Plugins/OS/Linux/Linux.lmm.rb +533 -187
data/Plugins/OS/Linux/Packages.yaml +20 -1
data/Plugins/OS/Linux/Services.yaml +8 -0
data/Plugins/OS/Linux/Shell.rb +70 -0
data/Plugins/OS/Linux/Syslinux/default +8 -0
data/Plugins/OS/Linux/WireGuard/WireGuard.lmm.rb +83 -59
data/Plugins/OS/Linux/WireGuard/wg0.conf.erb +3 -0
data/Plugins/OS/Linux/openSUSE/autoinst.xml.erb +29 -3
data/Plugins/OS/Linux/systemd/systemd.lmm.rb +13 -11
data/Plugins/OS/Routers/Aruba/ArubaInstant.lmm.rb +6 -5
data/Plugins/Platforms/GitHub.lmm.rb +73 -28
data/Plugins/Platforms/GoDaddy/GoDaddy.lmm.rb +9 -6
data/Plugins/Platforms/Proxmox/Proxmox.lmm.rb +402 -0
data/Plugins/Platforms/Proxmox/XTerm.rb +321 -0
data/Plugins/Platforms/libvirt/libvirt.lmm.rb +38 -13
data/Plugins/Platforms/porkbun.lmm.rb +12 -2
data/Plugins/Platforms/porkbun_spec.rb +2 -2
data/Plugins/Services/DNS/AmberBit.lmm.rb +1 -1
data/Plugins/Services/DNS/ArubaItDNS.lmm.rb +1 -1
data/Plugins/Services/DNS/NICLV.lmm.rb +1 -1
data/Plugins/Services/DNS/PowerDNS.lmm.rb +70 -68
data/Plugins/Services/DNS/tonic.lmm.rb +22 -12
data/lib/ConfigLMM/Framework/plugins/dns.rb +4 -3
data/lib/ConfigLMM/Framework/plugins/linuxApp.rb +145 -184
data/lib/ConfigLMM/Framework/plugins/nginxApp.rb +34 -17
data/lib/ConfigLMM/Framework/plugins/plugin.rb +53 -181
data/lib/ConfigLMM/Framework/plugins/store.rb +4 -4
data/lib/ConfigLMM/Framework/variables.rb +75 -0
data/lib/ConfigLMM/Framework.rb +1 -0
data/lib/ConfigLMM/cli.rb +12 -6
data/lib/ConfigLMM/commands/configsCommand.rb +37 -6
data/lib/ConfigLMM/commands/diff.rb +33 -9
data/lib/ConfigLMM/context.rb +22 -3
data/lib/ConfigLMM/io/configList.rb +82 -6
data/lib/ConfigLMM/io/connection.rb +143 -0
data/lib/ConfigLMM/io/dhcp.rb +330 -0
data/lib/ConfigLMM/io/http.rb +78 -0
data/lib/ConfigLMM/io/local.rb +207 -0
data/lib/ConfigLMM/io/pxe.rb +92 -0
data/lib/ConfigLMM/io/ssh.rb +156 -0
data/lib/ConfigLMM/io/tftp.rb +105 -0
data/lib/ConfigLMM/io.rb +2 -0
data/lib/ConfigLMM/secrets/envStore.rb +39 -0
data/lib/ConfigLMM/secrets/fileStore.rb +43 -0
data/lib/ConfigLMM/state.rb +2 -1
data/lib/ConfigLMM/version.rb +2 -1
data/lib/ConfigLMM.rb +1 -0
data/{Examples → scripts}/configlmmAuth.sh +7 -5
metadata +205 -8

data/Plugins/Apps/Roundcube/Roundcube.lmm.rb CHANGED Viewed

@@ -56,7 +56,6 @@ module ConfigLMM
                         end
                         target['Database'] ||= {}
-                        activeState['Database'] = target['Database']
                         if !target['Database']['Type'] || target['Database']['Type'] == 'pgsql'
                             password = SecureRandom.alphanumeric(20)
                             PostgreSQL.createRemoteUserAndDBOverSSH(target['Database'], USER, password, ssh)
@@ -105,37 +104,34 @@ module ConfigLMM
                 else
                     # TODO
                 end
-                activeState['Status'] = State::STATUS_DEPLOYED
             end
             def cleanup(configs, state, context, options)
-                cleanupType(:Roundcube, configs, state, context, options) do |item, id, state, context, options, ssh|
-                    cleanupConfig(item, id, state, context, options, ssh)
+                cleanupType(:Roundcube, configs, state, context, options) do |item, id, state, context, options, connection|
+                    cleanupConfig(item, id, state, context, options, connection)
                 end
             end
-            def cleanupConfig(item, id, state, context, options, ssh = nil)
+            def cleanupConfig(item, id, state, context, options, connection)
                 if item['Proxy'].nil? || item['Proxy']
-                    self.cleanupNginxConfig('Roundcube', id, state, context, options, ssh)
-                    self.class.reload(ssh, options[:dry])
+                    self.cleanupNginxConfig('Roundcube', id, state, context, options, connection)
+                    self.class.reload(connection, options[:dry])
                 end
-                distroInfo = Framework::LinuxApp.currentDistroInfo(ssh)
-                rm(PHP_FPM.configDir(distroInfo) + 'roundcube.conf', options[:dry], ssh)
-                Framework::LinuxApp.reloadService(PHP_FPM::PHPFPM_SERVICE, ssh, options[:dry])
-                Framework::LinuxApp.removePackage(PACKAGE_NAME, ssh, options[:dry])
+                distroInfo = Framework::LinuxApp.currentDistroInfo(connection)
+                connection.rm(PHP_FPM.configDir(distroInfo) + 'roundcube.conf', options[:dry])
+                Framework::LinuxApp.reloadService(PHP_FPM::PHPFPM_SERVICE, connection, options[:dry])
+                Framework::LinuxApp.removePackage(PACKAGE_NAME, connection, options[:dry])
                 state.item(id)['Status'] = State::STATUS_DELETED unless options[:dry]
                 if options[:destroy]
                     item['Database'] ||= {}
                     if !item['Database']['Type'] || item['Database']['Type'] == 'pgsql'
-                        PostgreSQL.dropUserAndDB(item['Database'], USER, ssh, options[:dry])
+                        PostgreSQL.dropUserAndDB(item['Database'], USER, connection, options[:dry])
                     end
-                    Framework::LinuxApp.deleteUserAndGroup(USER, ssh, options[:dry])
-                    rm('/var/log/roundcubemail', options[:dry], ssh)
-                    rm('/var/log/php/roundcube.access.log', options[:dry], ssh)
-                    rm('/var/log/php/roundcube.errors.log', options[:dry], ssh)
-                    rm('/var/log/php/roundcube.mail.log', options[:dry], ssh)
-                    rm('/var/log/nginx/roundcube.access.log', options[:dry], ssh)
-                    rm('/var/log/nginx/roundcube.error.log', options[:dry], ssh)
+                    Framework::LinuxApp.deleteUserAndGroup(USER, connection, options[:dry])
+                    connection.rm('/var/log/roundcubemail', options[:dry])
+                    connection.rm('/var/log/php/roundcube.access.log', options[:dry])
+                    connection.rm('/var/log/php/roundcube.errors.log', options[:dry])
+                    connection.rm('/var/log/php/roundcube.mail.log', options[:dry])
                     state.item(id)['Status'] = State::STATUS_DESTROYED unless options[:dry]
                 end
             end

data/Plugins/Apps/SSH/SSH.lmm.rb CHANGED Viewed

@@ -4,24 +4,21 @@ module ConfigLMM
         class SSH < Framework::LinuxApp
             CONFIG_FILE = '/etc/ssh/sshd_config'
+            SSHD_SERVICE = :sshd
             def actionSSHDeploy(id, target, activeState, context, options)
-                if target['Location'] && target['Location'] != '@me'
-                    uri = Addressable::URI.parse(target['Location'])
-                    raise Framework::PluginProcessError.new("#{id}: Unknown Protocol: #{uri.scheme}!") if uri.scheme != 'ssh'
-                    self.class.sshStart(uri) do |ssh|
+                self.withConnection(target['Location'], target) do |connection|
+                    Linux.withConnection(connection) do |linuxConnection|
                         if target['Port']
-                            self.class.sshExec!(ssh, "sed -i 's|^Port |#Port |' #{CONFIG_FILE}")
+                            linuxConnection.fileReplace(CONFIG_FILE, '^Port ', '#Port ', options)
                         end
                         if target['ListenAddress']
-                            self.class.sshExec!(ssh, "sed -i 's|^ListenAddress |#ListenAddress |' #{CONFIG_FILE}")
+                            linuxConnection.fileReplace(CONFIG_FILE, '^ListenAddress ', '#ListenAddress ', options)
                         end
                         target['Settings'].to_h.each do |name, value|
-                            self.class.sshExec!(ssh, "sed -i 's|^#{name} |##{name} |' #{CONFIG_FILE}")
+                            linuxConnection.fileReplace(CONFIG_FILE, "^#{name} ", "##{name} ", options)
                         end
-                        updateRemoteFile(ssh, CONFIG_FILE, options) do |configLines|
+                        linuxConnection.updateFile(CONFIG_FILE, options) do |configLines|
                             if target['Port']
                                 configLines << "Port #{target['Port']}\n"
                             end
@@ -36,16 +33,13 @@ module ConfigLMM
                             configLines
                         end
                         if target['Port']
-                          Framework::LinuxApp.firewallAddPortOverSSH(target['Port'].to_s + '/tcp', uri)
+                            linuxConnection.firewallAddPort(target['Port'].to_s + '/tcp', options)
                         end
+                        linuxConnection.reloadService(SSHD_SERVICE, options)
                     end
-                else
-                    # TODO
                 end
             end
         end
     end
 end

data/Plugins/Apps/SearXNG/SearXNG.container ADDED Viewed

@@ -0,0 +1,22 @@
+[Unit]
+Description=SearXNG container
+After=local-fs.target
+[Container]
+ContainerName=SearXNG
+Image=docker.io/searxng/searxng:latest
+EnvironmentFile=/var/lib/searxng/.config/containers/systemd/SearXNG.env
+Network=slirp4netns:allow_host_loopback=true
+PublishPort=127.0.0.1:18800:8080
+UserNS=keep-id:uid=1000,gid=1000
+Volume=/var/lib/searxng/config:/etc/searxng
+LogDriver=journald
+AutoUpdate=registry
+[Service]
+TimeoutStartSec=6min
+Restart=on-failure
+[Install]
+WantedBy=multi-user.target default.target

data/Plugins/Apps/SearXNG/SearXNG.lmm.rb ADDED Viewed

@@ -0,0 +1,79 @@
+module ConfigLMM
+    module LMM
+        class SearXNG < Framework::Plugin
+            USER = 'searxng'
+            HOME_DIR = '/var/lib/searxng'
+            PORT = 18800
+            def actionSearXNGDeploy(id, target, activeState, context, options)
+                self.withConnection(target['Location'], target) do |connection|
+                    Linux.withConnection(connection) do |linuxConnection|
+                        Podman.ensurePresent(linuxConnection, options)
+                        Podman.createUser(USER, HOME_DIR, 'SearXNG', linuxConnection, options)
+                        linuxConnection.withUserShell(USER) do |shell|
+                                shell.createDirs(options, '~/config')
+                        end
+                        if !linuxConnection.filePresent?(HOME_DIR + '/config/limiter.toml', { **options, 'dry': false })
+                            linuxConnection.upload(__dir__ + '/limiter.toml', HOME_DIR + '/config/', options)
+                        end
+                        settings = YAML.load_file(__dir__ + '/settings.yml')
+                        if target['Settings']
+                            settings.merge!(target['Settings'])
+                        end
+                        settingsFile = options['output'] + '/settings.yml'
+                        File.write(settingsFile, settings.to_yaml)
+                        linuxConnection.upload(settingsFile, HOME_DIR + '/config/', options)
+                        path = Podman.containersPath(HOME_DIR)
+                        secret = SecureRandom.alphanumeric(30)
+                        linuxConnection.fileWrite("#{path}/SearXNG.env", "SEARXNG_SECRET=#{secret}", { **options, hide: true })
+                        if target['Valkey']
+                            host = Podman.updateHost(target['Valkey']['Host'])
+                            valkeyPassword = nil
+                            if target['Valkey']['SecretId']
+                                valkeyPassword = context.secrets.load(target['Valkey']['SecretId'], 'VALKEY_PASSWORD')
+                            end
+                            redisURL = Valkey.connectionURL({ host: host, password: valkeyPassword })
+                            linuxConnection.fileAppend("#{path}/SearXNG.env", "SEARXNG_REDIS_URL=#{redisURL}", { **options, hide: true })
+                        end
+                        linuxConnection.setUserGroup("#{path}/SearXNG.env", USER, USER, options)
+                        linuxConnection.setPrivate("#{path}/SearXNG.env", options)
+                        linuxConnection.upload(__dir__ + '/SearXNG.container', path, options)
+                        linuxConnection.reloadUserServices(USER, options)
+                        linuxConnection.restartUserService(USER, 'SearXNG', options)
+                    end
+                end
+            end
+            def cleanup(configs, state, context, options)
+                cleanupType(:SearXNG, configs, state, context, options) do |item, id, state, context, options, connection|
+                    Linux.withConnection(connection) do |linuxConnection|
+                        linuxConnection.stopUserService(USER, 'SearXNG', options)
+                        path = Podman.containersPath(HOME_DIR)
+                        linuxConnection.rm(path + '/SearXNG.container', options[:dry])
+                        state.item(id)['Status'] = State::STATUS_DELETED unless options[:dry]
+                        if options[:destroy]
+                            linuxConnection.deleteUserAndGroup(USER, options)
+                            state.item(id)['Status'] = State::STATUS_DESTROYED unless options[:dry]
+                        end
+                    end
+                end
+            end
+        end
+    end
+end

data/Plugins/Apps/SearXNG/limiter.toml ADDED Viewed

@@ -0,0 +1,40 @@
+[real_ip]
+# Number of values to trust for X-Forwarded-For.
+x_for = 1
+# The prefix defines the number of leading bits in an address that are compared
+# to determine whether or not an address is part of a (client) network.
+ipv4_prefix = 32
+ipv6_prefix = 48
+[botdetection.ip_limit]
+# To get unlimited access in a local network, by default link-local addresses
+# (networks) are not monitored by the ip_limit
+filter_link_local = false
+# activate link_token method in the ip_limit method
+link_token = false
+[botdetection.ip_lists]
+# In the limiter, the ip_lists method has priority over all other methods -> if
+# an IP is in the pass_ip list, it has unrestricted access and it is also not
+# checked if e.g. the "user agent" suggests a bot (e.g. curl).
+block_ip = [
+  # '93.184.216.34',  # IPv4 of example.org
+  # '257.1.1.1',      # invalid IP --> will be ignored, logged in ERROR class
+]
+pass_ip = [
+  # '192.168.0.0/16',      # IPv4 private network
+  # 'fe80::/10'            # IPv6 linklocal / wins over botdetection.ip_limit.filter_link_local
+]
+# Activate passlist of (hardcoded) IPs from the SearXNG organization,
+# e.g. `check.searx.space`.
+pass_searxng_org = true

data/Plugins/Apps/SearXNG/settings.yml ADDED Viewed

	@@ -0,0 +1,2 @@
1	+
2	+ use_default_settings: true

data/Plugins/Apps/SigNoz/Config/alerts.yml ADDED Viewed

@@ -0,0 +1,11 @@
+groups:
+- name: ExampleCPULoadGroup
+  rules:
+  - alert: HighCpuLoad
+    expr: system_cpu_load_average_1m > 0.1
+    for: 0m
+    labels:
+      severity: warning
+    annotations:
+      summary: High CPU load
+      description: "CPU load is > 0.1\n  VALUE = {{ $value }}\n  LABELS = {{ $labels }}"

data/Plugins/Apps/SigNoz/Config/otel-collector-config.yaml ADDED Viewed

@@ -0,0 +1,110 @@
+receivers:
+  otlp:
+    protocols:
+      grpc:
+        endpoint: 10.0.2.100:4317
+      http:
+        endpoint: 10.0.2.100:4318
+  prometheus:
+    config:
+      global:
+        scrape_interval: 60s
+      scrape_configs:
+        # otel-collector internal metrics
+        - job_name: otel-collector
+          static_configs:
+          - targets:
+              - 127.0.0.1:8888
+            labels:
+              job_name: otel-collector
+processors:
+  batch:
+    send_batch_size: 10000
+    send_batch_max_size: 11000
+    timeout: 10s
+  signozspanmetrics/delta:
+    metrics_exporter: clickhousemetricswrite
+    metrics_flush_interval: 60s
+    latency_histogram_buckets: [100us, 1ms, 2ms, 6ms, 10ms, 50ms, 100ms, 250ms, 500ms, 1000ms, 1400ms, 2000ms, 5s, 10s, 20s, 40s, 60s ]
+    dimensions_cache_size: 100000
+    aggregation_temporality: AGGREGATION_TEMPORALITY_DELTA
+    enable_exp_histogram: true
+    dimensions:
+      - name: service.namespace
+        default: default
+      - name: deployment.environment
+        default: default
+      # This is added to ensure the uniqueness of the timeseries
+      # Otherwise, identical timeseries produced by multiple replicas of
+      # collectors result in incorrect APM metrics
+      - name: signoz.collector.id
+      - name: service.version
+      - name: browser.platform
+      - name: browser.mobile
+      - name: k8s.cluster.name
+      - name: k8s.node.name
+      - name: k8s.namespace.name
+      - name: host.name
+      - name: host.type
+      - name: container.name
+extensions:
+  health_check:
+    endpoint: 10.0.2.100:13133
+  zpages:
+    endpoint: 10.0.2.100:55679
+  pprof:
+    endpoint: 10.0.2.100:1777
+exporters:
+  clickhousetraces:
+    datasource: tcp://10.0.2.2:19100/signoz_traces
+    low_cardinal_exception_grouping: false
+    use_new_schema: true
+  clickhousemetricswrite:
+    endpoint: tcp://10.0.2.2:19100/signoz_metrics
+    resource_to_telemetry_conversion:
+      enabled: true
+  clickhousemetricswrite/prometheus:
+    endpoint: tcp://10.0.2.2:19100/signoz_metrics
+  signozclickhousemetrics:
+    dsn: tcp://10.0.2.2:19100/signoz_metrics
+  clickhouselogsexporter:
+    dsn: tcp://10.0.2.2:19100/signoz_logs
+    timeout: 10s
+    use_new_schema: true
+  # logging: {}
+service:
+  telemetry:
+    logs:
+      encoding: json
+    metrics:
+      readers:
+        - pull:
+            exporter:
+              prometheus:
+                host: 127.0.0.1
+                port: 8888
+  extensions:
+    - health_check
+    - zpages
+    - pprof
+  pipelines:
+    traces:
+      receivers: [otlp]
+      processors: [signozspanmetrics/delta, batch]
+      exporters: [clickhousetraces]
+    metrics:
+      receivers: [otlp]
+      processors: [batch]
+      exporters: [clickhousemetricswrite, signozclickhousemetrics]
+    metrics/prometheus:
+      receivers: [prometheus]
+      processors: [batch]
+      exporters: [clickhousemetricswrite/prometheus, signozclickhousemetrics]
+    logs:
+      receivers: [otlp]
+      processors: [batch]
+      exporters: [clickhouselogsexporter]

data/Plugins/Apps/SigNoz/Config/otel-collector-opamp-config.yaml ADDED Viewed

	@@ -0,0 +1 @@
1	+ server_endpoint: ws://10.0.2.2:4320/v1/opamp

data/Plugins/Apps/SigNoz/Config/prometheus.yml ADDED Viewed

@@ -0,0 +1,18 @@
+# my global config
+global:
+  scrape_interval:     5s # Set the scrape interval to every 15 seconds. Default is every 1 minute.
+  evaluation_interval: 15s # Evaluate rules every 15 seconds. The default is every 1 minute.
+  # scrape_timeout is set to the global default (10s).
+# Load rules once and periodically evaluate them according to the global 'evaluation_interval'.
+rule_files:
+  # - "first_rules.yml"
+  # - "second_rules.yml"
+  - 'alerts.yml'
+# A scrape configuration containing exactly one endpoint to scrape:
+# Here it's Prometheus itself.
+scrape_configs: []
+remote_read:
+  - url: tcp://10.0.2.2:19100/signoz_metrics

data/Plugins/Apps/SigNoz/SigNoz-Collector.container ADDED Viewed

@@ -0,0 +1,23 @@
+[Unit]
+Description=OpenTelemetry Collector container
+After=local-fs.target
+[Container]
+ContainerName=SigNoz-Collector
+Image=docker.io/signoz/signoz-otel-collector:$VERSION
+Exec=--config=/etc/otel/otel-collector-config.yaml --copy-path=/var/tmp/collector-config.yaml --manager-config=/etc/otel/otel-collector-opamp-config.yaml
+Network=slirp4netns:allow_host_loopback=true
+PublishPort=127.0.0.1:4317:4317
+PublishPort=127.0.0.1:4318:4318
+Volume=/var/lib/signoz-collector/otel-collector-config.yaml:/etc/otel/otel-collector-config.yaml
+Volume=/var/lib/signoz-collector/otel-collector-opamp-config.yaml:/etc/otel/otel-collector-opamp-config.yaml
+LogDriver=journald
+AutoUpdate=registry
+[Service]
+TimeoutStartSec=6min
+Restart=on-failure
+[Install]
+WantedBy=multi-user.target default.target

data/Plugins/Apps/SigNoz/SigNoz-Migrator.container ADDED Viewed

@@ -0,0 +1,17 @@
+[Unit]
+Description=SigNoz Migrator container
+After=local-fs.target
+[Container]
+ContainerName=SigNoz-Migrator
+Image=docker.io/signoz/signoz-schema-migrator:$VERSION
+Exec=sync --cluster-name default --dsn=$DSN
+Network=slirp4netns:allow_host_loopback=true
+LogDriver=journald
+AutoUpdate=registry
+[Service]
+TimeoutStartSec=10min
+[Install]
+WantedBy=multi-user.target default.target

data/Plugins/Apps/SigNoz/SigNoz.conf.erb ADDED Viewed

@@ -0,0 +1,61 @@
+upstream <%= config['Name'] %> {
+    server <%= config['Server'] %>;
+}
+server {
+    <% if config['NginxVersion'] >= 1.25 %>
+        listen 443 ssl;
+        listen [::]:443 ssl;
+        http2 on;
+        http3 on;
+        quic_retry on;
+        add_header Alt-Svc 'h3=":443"; ma=86400';
+    <% else %>
+        listen 443 ssl http2;
+        listen [::]:443 ssl http2;
+    <% end %>
+    include config-lmm/errors.conf;
+    include config-lmm/security.conf;
+    include config-lmm/ssl.conf;
+    server_name <%= config['Domain'] %>;
+    <% if config['CertName'] %>
+        ssl_certificate "/etc/letsencrypt/live/<%= config['CertName'] %>/fullchain.pem";
+        ssl_certificate_key "/etc/letsencrypt/live/<%= config['CertName'] %>/privkey.pem";
+        ssl_trusted_certificate "/etc/letsencrypt/live/<%= config['CertName'] %>/chain.pem";
+    <% end %>
+    client_max_body_size 24M;
+    large_client_header_buffers 8 128k;
+    location / {
+        proxy_pass http://<%= config['Name'] %>;
+        include config-lmm/proxy.conf;
+    }
+    location ~ ^/api/(v1|v3)/logs/(tail|livetail){
+        proxy_pass http://<%= config['Name'] %>;
+        # connection will be closed if no data is read for 600s between successive read operations
+        proxy_read_timeout 600s;
+        # dont buffer the data send it directly to client.
+        proxy_buffering off;
+        proxy_cache off;
+    }
+    location /api {
+        proxy_pass http://<%= config['Name'] %>/api;
+        # connection will be closed if no data is read for 600s between successive read operations
+        proxy_read_timeout 600s;
+    }
+    location /ws {
+        proxy_pass  http://<%= config['Name'] %>/ws;
+        proxy_read_timeout 600s;
+    }
+}

data/Plugins/Apps/SigNoz/SigNoz.container ADDED Viewed

@@ -0,0 +1,26 @@
+[Unit]
+Description=SigNoz container
+After=local-fs.target
+[Container]
+ContainerName=SigNoz
+Image=docker.io/signoz/signoz-community:$VERSION
+Exec=--use-logs-new-schema=true --use-trace-new-schema=true --cluster default
+EnvironmentFile=/var/lib/signoz/.config/containers/systemd/SigNoz.env
+Network=slirp4netns:allow_host_loopback=true
+PublishPort=127.0.0.1:4320:4320
+PublishPort=127.0.0.1:6060:6060
+PublishPort=127.0.0.1:18600:8080
+Volume=/var/lib/signoz/config:/root/config
+Volume=/var/lib/signoz/data:/var/lib/signoz
+LogDriver=journald
+AutoUpdate=registry
+[Service]
+TimeoutStartSec=6min
+TimeoutStopSec=3min
+Restart=on-failure
+[Install]
+WantedBy=multi-user.target default.target