[IMP] Added promeheus-exporter capabilities & nginx cache cusomisatio…

…n capabilities

9.0/Dockerfile

@@ -9,6 +9,15 @@ COPY conf.d /etc/confd/conf.d
 COPY templates /etc/confd/templates
 COPY docker-entrypoint.sh /docker-entrypoint.sh
 
+RUN apk add logrotate
+
+WORKDIR /tmp
+RUN wget https://github.com/martin-helmich/prometheus-nginxlog-exporter/releases/download/v1.10.0/prometheus-nginxlog-exporter_1.10.0_linux_arm64.tar.gz
+RUN tar xvzfp prometheus-nginxlog-exporter_1.10.0_linux_arm64.tar.gz
+RUN mv /tmp/prometheus-nginxlog-exporter /usr/local/bin/
+RUN rm -rf /tmp/prometheus-nginxlog-exporter /tmp/prometheus-nginxlog-exporter_1.10.0_linux_arm64.tar.gz
+WORKDIR /
+
 VOLUME ["/var/cache/nginx"]
 
 ENTRYPOINT ["/docker-entrypoint.sh"]

9.0/conf.d/logrotate.toml

@@ -0,0 +1,12 @@
+[template]
+
+# The name of the template that will be used to render the application's configuration file
+# Confd will look in `/etc/conf.d/templates` for these files by default
+src = "logrotate.conf.tmpl"
+
+# The location to place the rendered configuration file
+dest = "/etc/logrotate.conf"
+
+# File ownership and mode information
+owner = "root"
+mode = "0644"

9.0/conf.d/prometheus_exporter_config.toml

@@ -0,0 +1,12 @@
+[template]
+
+# The name of the template that will be used to render the application's configuration file
+# Confd will look in `/etc/conf.d/templates` for these files by default
+src = "config.hcl.tmpl"
+
+# The location to place the rendered configuration file
+dest = "/etc/prometheus-nginxlog-exporter.hcl"
+
+# File ownership and mode information
+owner = "root"
+mode = "0644"

9.0/docker-entrypoint.sh

@@ -5,15 +5,19 @@ set -e
 echo "${NGX_HTTP_ACCESS}" > /etc/nginx/http-access.conf
 echo "${NGX_HTPASSWD}" > /etc/nginx/htpasswd
 
+export NGX_CACHE_SIZE=${NGX_CACHE_SIZE:-10m}
+
 /usr/local/bin/confd -onetime -backend env
 
-if [[ -z "${NGX_SPECIFIC_CACHE}" ]] 
-then 
- echo "CREATE empty /etc/nginx/specific_cache.conf"
- touch /etc/nginx/specific_cache.conf
+echo ${NGX_SPECIFIC_SERVER_CONFIG:-"#NO specific configuration defined"} > /etc/nginx/specific_server_config.conf
+
+if [[ -n "${NGX_PROMETHEUS_EXPORTER}" ]]
+then
+ echo "access_log /var/log/nginx/access_prometheus.log prometheus_exporter;" > /etc/nginx/prometheus_eporter.conf
+
+ /usr/local/bin/prometheus-nginxlog-exporter -config-file /etc/prometheus-nginxlog-exporter.hcl &
 else
- echo "OVERRIDE /etc/nginx/specific_cache.conf"
- echo "${NGX_SPECIFIC_CACHE}" > /etc/nginx/specific_cache.conf
+ touch /etc/nginx/prometheus_eporter.conf
 fi
 
 exec "$@"

9.0/templates/config.hcl.tmpl

@@ -0,0 +1,62 @@
+listen {
+ port = 4040
+
+ // "metrics_endpoint" can be used to configure an alternative metrics URL
+ // path. Default value is "/metrics".
+ //
+ // metrics_endpoint = "/metrics"
+}
+
+namespace "nginx" {
+ source = {
+ files = [
+ "/var/log/nginx/access_prometheus.log",
+ ]
+ }
+
+ format = "$remote_addr - $remote_user [$time_local] \"$request\" \"$request_id\" $status \"$upstream_cache_status\" $body_bytes_sent \"$http_referer\" \"$http_user_agent\" \"$http_x_forwarded_for\" rt=$request_time uct=\"$upstream_connect_time\" uht=\"$upstream_header_time\" urt=\"$upstream_response_time\""
+
+ labels {
+ app = "odoo"
+ website = "ocms"
+ }
+
+ relabel "request_method" {
+ from = "request"
+ split = 1
+ }
+ relabel "request_url" {
+ from = "request"
+ split = 2
+ }
+
+ relabel "request_url_formated" {
+ from = "request"
+ split = 2
+
+ match "/web/assets/.*" {
+ replacement = "/web/assets"
+ }
+
+ match "([^?]+).*" {
+ replacement = "$1"
+ }
+ }
+
+
+ relabel "remote_addr" {
+ from = "remote_addr"
+ }
+
+ relabel "cache" {
+ from = "upstream_cache_status"
+ }
+
+ relabel "remote_user" {
+ from = "remote_user"
+ } 
+
+
+ histogram_buckets = [.005, .01, .025, .05, .1, .25, .5, 1, 2.5, 5, 10]
+
+}

9.0/templates/logrotate.conf.tmpl

@@ -0,0 +1,6 @@
+/var/log/nginx/access_prometheus.log {
+ copytruncate
+ nocompress
+ rotate 5
+ size 10M
+}

9.0/templates/nginx.conf.tmpl

@@ -36,6 +36,11 @@ http {
  '"referrer": "$http_referer", '
  '"agent": "$http_user_agent" }';
 
+ log_format prometheus_exporter '$remote_addr - $remote_user [$time_local] '
+ '"$request" "$request_id" $status "$upstream_cache_status" $body_bytes_sent '
+ '"$http_referer" "$http_user_agent" "$http_x_forwarded_for" '
+ 'rt=$request_time uct="$upstream_connect_time" uht="$upstream_header_time" urt="$upstream_response_time"'; 
+
  #Default value '4 8k' is raising a '414 Request-URI Too Large' error
  #when '/web/webclient/translations/' is requested with a lot of module names
  #as GET parameters (performed on user login), rendering a blank page.
@@ -77,7 +82,7 @@ http {
  proxy_max_temp_file_size 2048m;
  proxy_temp_file_write_size 64k;
 
- proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=one:100m inactive=60m;
+ proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=one:{{ getenv "NGX_CACHE_SIZE" }} inactive=60m;
 
  include /etc/nginx/proxy_headers.conf;
 
@@ -93,7 +98,7 @@ http {
 
  client_max_body_size 1G;
 
- add_header Strict-Transport-Security "max-age=600; includeSubDomains" always;
+ add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
 
  access_log /var/log/nginx/access.log json_combined;
 
@@ -148,7 +153,6 @@ http {
  try_files =404 @cached;
  }
 
- include /etc/nginx/specific_cache.conf;
 
  # warning: /web/content reads ir.attachment, it would not be safe to
  # cache other files than .js / .css which can depend on users rights
@@ -182,5 +186,9 @@ http {
 
  proxy_pass http://{{ $odoo_host }}:8069;
  }
+
+ include /etc/nginx/prometheus_eporter.conf;
+
+ include /etc/nginx/specific_server_config.conf;
  }
 }