From 393b2a6053f4dbc3fec26ecbed7415ecc35cd987 Mon Sep 17 00:00:00 2001
From: Florian Zirker <florian.zirker@kapsweyer.de>
Date: Tue, 7 Feb 2023 13:28:04 +0100
Subject: [PATCH 1/3] Improve start-all and pull-all. More services

---
 pull-all.sh  | 4 ++--
 start-all.sh | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/pull-all.sh b/pull-all.sh
index 791be2e..98edd29 100755
--- a/pull-all.sh
+++ b/pull-all.sh
@@ -1,9 +1,9 @@
 #/bin/bash/
 
 for dir in ./*/ ; do
-   (cd "$dir" && echo "[$dir]" && docker compose build);
+   ( cd "$dir" && echo "[Building $dir]" && docker compose build --pull );
 done
 
 for dir in ./*/ ; do
-   (cd "$dir" && echo "[$dir]" && docker compose pull);
+   ( cd "$dir" && echo "[Pulling $dir]" && docker compose pull --ignore-buildable );
 done
diff --git a/start-all.sh b/start-all.sh
index 834eba9..666d0fe 100755
--- a/start-all.sh
+++ b/start-all.sh
@@ -5,9 +5,9 @@ function up {
    (cd "$1" && echo "[$1]" && docker compose up -d "${@:2}");
 }
 
-up proxy;
+up proxy --scale whoami=3;
 up monitoring;
-up nextcloud --scale app=3 --scale web=2;
+up nextcloud --scale app=5 --scale web=3;
 up gitea;
 up wallabag;
 up www;

From 19bd12f7659edabdc0ac2e9a933a4cf86900150b Mon Sep 17 00:00:00 2001
From: Florian Zirker <florian.zirker@kapsweyer.de>
Date: Tue, 7 Feb 2023 13:49:38 +0100
Subject: [PATCH 2/3] Fix nextcloud crontab and redis without alpine

---
 nextcloud/crontab             |  5 ++---
 nextcloud/docker-compose.yaml | 18 ++++++++++++++++--
 2 files changed, 18 insertions(+), 5 deletions(-)
 mode change 100644 => 100755 nextcloud/crontab

diff --git a/nextcloud/crontab b/nextcloud/crontab
old mode 100644
new mode 100755
index 0d1745c..a8885e2
--- a/nextcloud/crontab
+++ b/nextcloud/crontab
@@ -1,4 +1,3 @@
 */5 * * * * php -f /var/www/html/cron.php
-1,11,21,31,41,51 * * * * php -f /var/www/html/occ files:cleanup
-2,12,22,32,42,52 * * * * php -f /var/www/html/occ files:scan --all
-#3,13,23,33,43,53 * * * * php -f /var/www/html/occ preview:pre-generate
+
+
diff --git a/nextcloud/docker-compose.yaml b/nextcloud/docker-compose.yaml
index 8b8b529..2c3a037 100644
--- a/nextcloud/docker-compose.yaml
+++ b/nextcloud/docker-compose.yaml
@@ -57,7 +57,12 @@ services:
     volumes:
       - ${VOLUMES_PATH}/nextcloud_html:/var/www/html
       - ${VOLUMES_PATH}/nextcloud_data:/var/www/html/data
-      - $PWD/crontab:/var/spool/cron/crontabs/www-data:ro
+# If I mount my crontab into the container crond is not working any more :( 
+# docker log should print 11110001 lines
+# https://github.com/nextcloud/docker/issues/1775
+# https://github.com/nextcloud/docker/issues/1695
+# build own cron image?
+#      - $PWD/crontab:/var/spool/cron/crontabs/www-data
     entrypoint: /cron.sh
     depends_on:
       - db
@@ -115,11 +120,12 @@ services:
 
 
   redis:
-    image: redis:alpine
+    image: redis
     restart: unless-stopped
     command: redis-server --requirepass ${REDIS_HOST_PASSWORD}
     networks:
       - nextcloud
+      - monitoring
     volumes:
       - ${VOLUMES_PATH}/nextcloud_redis:/data
     labels: 
@@ -177,6 +183,12 @@ services:
       - LETS_ENCRYPT_ENABLED=false
       - EXPORT_URL=http://drawio-export:8000/
     restart: unless-stopped
+    healthcheck:
+      test: curl -f http://localhost:8080 || exit 1
+      interval: 1m30s
+      timeout: 10s
+      retries: 5
+      start_period: 20s
     labels:
       - "traefik.enable=true"
       - "traefik.http.routers.drawio.rule=Host(`drawio.${DOMAIN}`)"
@@ -191,3 +203,5 @@ networks:
     external: true
   nextcloud:
   mariadb:
+  monitoring:
+    external: true

From 5d1f750b598fb10ed171885ca30af9bb981756fd Mon Sep 17 00:00:00 2001
From: Florian Zirker <florian.zirker@kapsweyer.de>
Date: Tue, 7 Feb 2023 13:50:20 +0100
Subject: [PATCH 3/3] Add Prometeus Monitoring

---
 monitoring/docker-compose.yaml | 22 +++++++++++++++++---
 monitoring/prometheus.yml      | 37 ++++++++++++++++++++++++++++++++++
 monitoring/telegraf_net.conf   |  5 +----
 proxy/docker-compose.yaml      | 26 ++++++++++++++----------
 4 files changed, 72 insertions(+), 18 deletions(-)
 create mode 100644 monitoring/prometheus.yml

diff --git a/monitoring/docker-compose.yaml b/monitoring/docker-compose.yaml
index 8a25bd1..4e428a3 100644
--- a/monitoring/docker-compose.yaml
+++ b/monitoring/docker-compose.yaml
@@ -6,6 +6,7 @@ services:
     networks:
       - web
       - grafana
+      - monitoring
     labels:
       - "traefik.enable=true"
       - "traefik.http.routers.grafana.rule=Host(`monitoring.${DOMAIN}`)"
@@ -29,7 +30,7 @@ services:
       - GF_DATABASE_NAME=grafana
       - GF_DATABASE_USER=${POSTGRES_USER}
       - GF_DATABASE_PASSWORD=${POSTGRES_PASSWORD}
-      - GF_INSTALL_PLUGINS=flant-statusmap-panel
+      - GF_INSTALL_PLUGINS=flant-statusmap-panel,redis-datasource
     depends_on:
       - influxdb
       - grafanadb
@@ -55,6 +56,8 @@ services:
     restart: unless-stopped
     networks:
       - web
+      - monitoring
+      - grafana
     environment:
       - INFLUXDB_MONITOR_STORE_ENABLED=false
     volumes:
@@ -72,6 +75,19 @@ services:
       - "docker.group=monitoring"
 
 
+  prometheus:
+    image: prom/prometheus
+    restart: unless-stopped
+    networks:
+      - grafana
+      - monitoring
+      - web # also used to get traefik metrics
+    volumes:
+      - ./prometheus.yml:/etc/prometheus/prometheus.yml
+      - ${VOLUMES_PATH}/prometheus:/prometheus
+    labels:
+      - "docker.group=monitoring"
+
 
   ##################################################################
   # here starts data collection
@@ -98,11 +114,10 @@ services:
     depends_on:
       - influxdb
 
+
   telegraf_net:
     image: telegraf:${TELEGRAF_VERSION}
     restart: unless-stopped
-    env_file:
-      - ./.env # set environments into container
     volumes:
      - ./telegraf_net.conf:/etc/telegraf/telegraf.conf:ro
     networks:
@@ -113,6 +128,7 @@ services:
     depends_on:
       - influxdb
 
+
 networks:
   grafana:
   monitoring:
diff --git a/monitoring/prometheus.yml b/monitoring/prometheus.yml
new file mode 100644
index 0000000..5f0575b
--- /dev/null
+++ b/monitoring/prometheus.yml
@@ -0,0 +1,37 @@
+# my global config
+global:
+  scrape_interval: 15s # Set the scrape interval to every 15 seconds. Default is every 1 minute.
+  evaluation_interval: 15s # Evaluate rules every 15 seconds. The default is every 1 minute.
+  # scrape_timeout is set to the global default (10s).
+
+# Alertmanager configuration
+alerting:
+  alertmanagers:
+    - static_configs:
+        - targets:
+          # - alertmanager:9093
+
+# Load rules once and periodically evaluate them according to the global 'evaluation_interval'.
+rule_files:
+  # - "first_rules.yml"
+  # - "second_rules.yml"
+
+# A scrape configuration containing exactly one endpoint to scrape:
+# Here it's Prometheus itself.
+scrape_configs:
+  # The job name is added as a label `job=<job_name>` to any timeseries scraped from this config.
+
+  - job_name: "prometheus"
+    # metrics_path defaults to '/metrics'
+    # scheme defaults to 'http'.
+    static_configs:
+      - targets: ["localhost:9090"]
+
+  - job_name: "traefik"
+    scrape_interval: 5s
+    static_configs:
+      - targets: ["traefik:8080"]
+
+  - job_name: "grafana"
+    static_configs:
+      - targets: ["grafana:3000"]
diff --git a/monitoring/telegraf_net.conf b/monitoring/telegraf_net.conf
index e0394b2..138cf79 100644
--- a/monitoring/telegraf_net.conf
+++ b/monitoring/telegraf_net.conf
@@ -82,10 +82,7 @@
   # urls = ["udp://127.0.0.1:8089"]
   # urls = ["http://127.0.0.1:8086"]
 
-  ## HTTP Basic Auth
-  username = "${INFLUXDB_HTTP_BASIC_AUTH_USER}"
-  password = "${INFLUXDB_HTTP_BASIC_AUTH_PASSWORD}"
-  urls = ["https://influxdb.florianzirker.de"] # required
+  urls = ["http://influxdb:8086"] 
 
 
 ###############################################################################
diff --git a/proxy/docker-compose.yaml b/proxy/docker-compose.yaml
index c46978a..d71e93a 100755
--- a/proxy/docker-compose.yaml
+++ b/proxy/docker-compose.yaml
@@ -29,6 +29,10 @@ services:
       - "--certificatesresolvers.netcup.acme.dnschallenge.delayBeforeCheck=900"
       - "--certificatesresolvers.netcup.acme.email=${LETSENCRYPT_MAIL}"
       - "--certificatesresolvers.netcup.acme.storage=/letsencrypt/acme.json"
+      - "--metrics.prometheus=true"
+      - "--metrics.prometheus.addEntryPointsLabels=true"
+      - "--metrics.prometheus.addRoutersLabels=true"
+      - "--metrics.prometheus.addServicesLabels=true"
     ports:
       - "80:80"
       - "443:443"
@@ -65,17 +69,17 @@ services:
     privileged: true
 
 
-#  whoami:
-#    image: containous/whoami
-#    networks:
-#      - web
-#    labels:
-#      - "traefik.enable=true"
-#      - "traefik.http.routers.whoami.rule=Host(`whoami.${DOMAIN}`)"
-#      - "traefik.http.routers.whoami.entrypoints=websecure"
-#      - "traefik.http.routers.whoami.tls.certresolver=netcup"
-#      - "docker.group=proxy"
-#    restart: unless-stopped
+  whoami:
+    image: containous/whoami
+    networks:
+      - web
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.whoami.rule=Host(`whoami.${DOMAIN}`)"
+      - "traefik.http.routers.whoami.entrypoints=websecure"
+      - "traefik.http.routers.whoami.tls.certresolver=netcup"
+      - "docker.group=proxy"
+    restart: unless-stopped
 
 
 networks: