From 5ccb0a59a723c556a8ce1d44be812b8ecd67d2a5 Mon Sep 17 00:00:00 2001 From: kev Date: Mon, 29 Dec 2014 18:00:53 +0800 Subject: [PATCH] update webkit --- webkit/Dockerfile | 10 +- webkit/client.js | 1 - webkit/monit/monitrc | 260 ---------------------------- webkit/nginx.cfg | 12 ++ webkit/supervisor/conf.d/nginx.conf | 2 + 5 files changed, 18 insertions(+), 267 deletions(-) delete mode 100644 webkit/monit/monitrc create mode 100644 webkit/nginx.cfg create mode 100644 webkit/supervisor/conf.d/nginx.conf diff --git a/webkit/Dockerfile b/webkit/Dockerfile index 8cca756..fb0d73e 100644 --- a/webkit/Dockerfile +++ b/webkit/Dockerfile @@ -5,8 +5,8 @@ FROM ubuntu:14.04 MAINTAINER kev -RUN apt-get update && apt-get install -y supervisor haproxy libfontconfig1 libfreetype6 -RUN mkdir -p /data/ /webkit/includes/ /etc/supervisor/conf.d/ /etc/monit/conf.d/ /var/lib/monit/events/ +RUN apt-get update && apt-get install -y supervisor haproxy libfontconfig1 libfreetype6 monit nginx +RUN mkdir -p /data/ /webkit/includes/ ADD ./*.js /webkit/ ADD ./includes/ /webkit/includes/ @@ -14,13 +14,11 @@ ADD ./bin/ /usr/local/bin/ ADD ./haproxy.cfg /etc/haproxy/ ADD ./supervisor/supervisord.conf /etc/supervisor/ ADD ./supervisor/conf.d/ /etc/supervisor/conf.d/ -ADD ./monit/monitrc /etc/monit/ ADD ./monit/conf.d/ /etc/monit/conf.d/ - -RUN chmod 600 /etc/monit/monitrc +ADD ./nginx.cfg /etc/nginx/sites-enabled/default VOLUME /data/ -EXPOSE 1024 2812 9001 +EXPOSE 80 1024 2812 9001 CMD /usr/bin/supervisord -n -c /etc/supervisor/supervisord.conf diff --git a/webkit/client.js b/webkit/client.js index 13509b3..c091891 100644 --- a/webkit/client.js +++ b/webkit/client.js @@ -188,7 +188,6 @@ function urlopen(req, callback) { case 'jpg': case 'png': case 'gif': - //TODO: setup a fileserver data = '/data/' + req.requestId; page.render(data, {format: req.requestType}); break; diff --git a/webkit/monit/monitrc b/webkit/monit/monitrc deleted file mode 100644 index b2d826d..0000000 --- a/webkit/monit/monitrc +++ /dev/null @@ -1,260 +0,0 @@ -############################################################################### -## Monit control file -############################################################################### -## -## Comments begin with a '#' and extend through the end of the line. Keywords -## are case insensitive. All path's MUST BE FULLY QUALIFIED, starting with '/'. -## -## Below you will find examples of some frequently used statements. For -## information about the control file and a complete list of statements and -## options, please have a look in the Monit manual. -## -## -############################################################################### -## Global section -############################################################################### -## -## Start Monit in the background (run as a daemon): -# - set daemon 120 # check services at 2-minute intervals -# with start delay 240 # optional: delay the first check by 4-minutes (by -# # default Monit check immediately after Monit start) -# -# -## Set syslog logging with the 'daemon' facility. If the FACILITY option is -## omitted, Monit will use 'user' facility by default. If you want to log to -## a standalone log file instead, specify the full path to the log file -# -# set logfile syslog facility log_daemon - set logfile /var/log/monit.log -# -# -## Set the location of the Monit lock file which stores the process id of the -## running Monit instance. By default this file is stored in $HOME/.monit.pid -# -# set pidfile /var/run/monit.pid -# -## Set the location of the Monit id file which stores the unique id for the -## Monit instance. The id is generated and stored on first Monit start. By -## default the file is placed in $HOME/.monit.id. -# -# set idfile /var/.monit.id - set idfile /var/lib/monit/id -# -## Set the location of the Monit state file which saves monitoring states -## on each cycle. By default the file is placed in $HOME/.monit.state. If -## the state file is stored on a persistent filesystem, Monit will recover -## the monitoring state across reboots. If it is on temporary filesystem, the -## state will be lost on reboot which may be convenient in some situations. -# - set statefile /var/lib/monit/state -# -## Set the list of mail servers for alert delivery. Multiple servers may be -## specified using a comma separator. If the first mail server fails, Monit -# will use the second mail server in the list and so on. By default Monit uses -# port 25 - it is possible to override this with the PORT option. -# -# set mailserver mail.bar.baz, # primary mailserver -# backup.bar.baz port 10025, # backup mailserver on port 10025 -# localhost # fallback relay -# -# -## By default Monit will drop alert events if no mail servers are available. -## If you want to keep the alerts for later delivery retry, you can use the -## EVENTQUEUE statement. The base directory where undelivered alerts will be -## stored is specified by the BASEDIR option. You can limit the queue size -## by using the SLOTS option (if omitted, the queue is limited by space -## available in the back end filesystem). -# - set eventqueue - basedir /var/lib/monit/events # set the base directory where events will be stored - slots 100 # optionally limit the queue size -# -# -## Send status and events to M/Monit (for more informations about M/Monit -## see http://mmonit.com/). By default Monit registers credentials with -## M/Monit so M/Monit can smoothly communicate back to Monit and you don't -## have to register Monit credentials manually in M/Monit. It is possible to -## disable credential registration using the commented out option below. -## Though, if safety is a concern we recommend instead using https when -## communicating with M/Monit and send credentials encrypted. -# -# set mmonit http://monit:monit@192.168.1.10:8080/collector -# # and register without credentials # Don't register credentials -# -# -## Monit by default uses the following format for alerts if the the mail-format -## statement is missing:: -## --8<-- -## set mail-format { -## from: monit@$HOST -## subject: monit alert -- $EVENT $SERVICE -## message: $EVENT Service $SERVICE -## Date: $DATE -## Action: $ACTION -## Host: $HOST -## Description: $DESCRIPTION -## -## Your faithful employee, -## Monit -## } -## --8<-- -## -## You can override this message format or parts of it, such as subject -## or sender using the MAIL-FORMAT statement. Macros such as $DATE, etc. -## are expanded at runtime. For example, to override the sender, use: -# -# set mail-format { from: monit@foo.bar } -# -# -## You can set alert recipients whom will receive alerts if/when a -## service defined in this file has errors. Alerts may be restricted on -## events by using a filter as in the second example below. -# -# set alert sysadm@foo.bar # receive all alerts -# -## Do not alert when Monit starts, stops or performs a user initiated action. -## This filter is recommended to avoid getting alerts for trivial cases. -# -# set alert your-name@your.domain not on { instance, action } -# -# -## Monit has an embedded HTTP interface which can be used to view status of -## services monitored and manage services from a web interface. The HTTP -## interface is also required if you want to issue Monit commands from the -## command line, such as 'monit status' or 'monit restart service' The reason -## for this is that the Monit client uses the HTTP interface to send these -## commands to a running Monit daemon. See the Monit Wiki if you want to -## enable SSL for the web server. -# -# set httpd port 2812 and -# use address localhost # only accept connection from localhost -# allow localhost # allow localhost to connect to the server and -# allow admin:monit # require user 'admin' with password 'monit' -# allow @monit # allow users of group 'monit' to connect (rw) -# allow @users readonly # allow users of group 'users' to connect readonly -# -############################################################################### -## Services -############################################################################### -## -## Check general system resources such as load average, cpu and memory -## usage. Each test specifies a resource, conditions and the action to be -## performed should a test fail. -# -# check system myhost.mydomain.tld -# if loadavg (1min) > 4 then alert -# if loadavg (5min) > 2 then alert -# if memory usage > 75% then alert -# if swap usage > 25% then alert -# if cpu usage (user) > 70% then alert -# if cpu usage (system) > 30% then alert -# if cpu usage (wait) > 20% then alert -# -# -## Check if a file exists, checksum, permissions, uid and gid. In addition -## to alert recipients in the global section, customized alert can be sent to -## additional recipients by specifying a local alert handler. The service may -## be grouped using the GROUP option. More than one group can be specified by -## repeating the 'group name' statement. -# -# check file apache_bin with path /usr/local/apache/bin/httpd -# if failed checksum and -# expect the sum 8f7f419955cefa0b33a2ba316cba3659 then unmonitor -# if failed permission 755 then unmonitor -# if failed uid root then unmonitor -# if failed gid root then unmonitor -# alert security@foo.bar on { -# checksum, permission, uid, gid, unmonitor -# } with the mail-format { subject: Alarm! } -# group server -# -# -## Check that a process is running, in this case Apache, and that it respond -## to HTTP and HTTPS requests. Check its resource usage such as cpu and memory, -## and number of children. If the process is not running, Monit will restart -## it by default. In case the service is restarted very often and the -## problem remains, it is possible to disable monitoring using the TIMEOUT -## statement. This service depends on another service (apache_bin) which -## is defined above. -# -# check process apache with pidfile /usr/local/apache/logs/httpd.pid -# start program = "/etc/init.d/httpd start" with timeout 60 seconds -# stop program = "/etc/init.d/httpd stop" -# if cpu > 60% for 2 cycles then alert -# if cpu > 80% for 5 cycles then restart -# if totalmem > 200.0 MB for 5 cycles then restart -# if children > 250 then restart -# if loadavg(5min) greater than 10 for 8 cycles then stop -# if failed host www.tildeslash.com port 80 protocol http -# and request "/somefile.html" -# then restart -# if failed port 443 type tcpssl protocol http -# with timeout 15 seconds -# then restart -# if 3 restarts within 5 cycles then timeout -# depends on apache_bin -# group server -# -# -## Check filesystem permissions, uid, gid, space and inode usage. Other services, -## such as databases, may depend on this resource and an automatically graceful -## stop may be cascaded to them before the filesystem will become full and data -## lost. -# -# check filesystem datafs with path /dev/sdb1 -# start program = "/bin/mount /data" -# stop program = "/bin/umount /data" -# if failed permission 660 then unmonitor -# if failed uid root then unmonitor -# if failed gid disk then unmonitor -# if space usage > 80% for 5 times within 15 cycles then alert -# if space usage > 99% then stop -# if inode usage > 30000 then alert -# if inode usage > 99% then stop -# group server -# -# -## Check a file's timestamp. In this example, we test if a file is older -## than 15 minutes and assume something is wrong if its not updated. Also, -## if the file size exceed a given limit, execute a script -# -# check file database with path /data/mydatabase.db -# if failed permission 700 then alert -# if failed uid data then alert -# if failed gid data then alert -# if timestamp > 15 minutes then alert -# if size > 100 MB then exec "/my/cleanup/script" as uid dba and gid dba -# -# -## Check directory permission, uid and gid. An event is triggered if the -## directory does not belong to the user with uid 0 and gid 0. In addition, -## the permissions have to match the octal description of 755 (see chmod(1)). -# -# check directory bin with path /bin -# if failed permission 755 then unmonitor -# if failed uid 0 then unmonitor -# if failed gid 0 then unmonitor -# -# -## Check a remote host availability by issuing a ping test and check the -## content of a response from a web server. Up to three pings are sent and -## connection to a port and an application level network check is performed. -# -# check host myserver with address 192.168.1.1 -# if failed ping then alert -# if failed port 3306 protocol mysql with timeout 15 seconds then alert -# if failed port 80 protocol http -# and request /some/path with content = "a string" -# then alert -# -# -############################################################################### -## Includes -############################################################################### -## -## It is possible to include additional configuration parts from other files or -## directories. -# - include /etc/monit/conf.d/* -# diff --git a/webkit/nginx.cfg b/webkit/nginx.cfg new file mode 100644 index 0000000..eef84e3 --- /dev/null +++ b/webkit/nginx.cfg @@ -0,0 +1,12 @@ +server { + listen 80 default_server; + + root /data; + index index.html index.htm; + + location / { + autoindex on; + expires 365d; + try_files $uri $uri/ =404; + } +} diff --git a/webkit/supervisor/conf.d/nginx.conf b/webkit/supervisor/conf.d/nginx.conf new file mode 100644 index 0000000..6e2096f --- /dev/null +++ b/webkit/supervisor/conf.d/nginx.conf @@ -0,0 +1,2 @@ +[program:nginx] +command = /usr/sbin/nginx -g 'daemon off;'