mirror of
https://github.com/moghtech/komodo.git
synced 2026-05-01 07:36:16 -05:00
678767c24b
* add some network stuff to container summary * improve settings tables UI * periphery build supports additional tags * fix variable container sizing * alert types newline wrap * plumbing for Stack resource * plumbing for Stack resource * mount stack api * stack resource sync * get remote compose file * support image_name and image_tag * add server config placeholders. default server config address * configure image name and image tag * deployment work with build image_name and image_tag * stack UI * fe builds * configure registry provider and account * implement periphery stack api * stack poll interval * add UI provider management * deploy stacks * build push commit hash tag. * Destroy stack * update default core port to 9120 * remove git_account alias * finish stack (and container) api * frontend builds * cant cancel server based builds * fix * use git pull -f * 9120 * start UI updates (#15) * fix From<Stack> for CloneArgs * remove unused imports * UI Updates (#16) * cleanup dashboard charts for resources * bring back solid scrollbars * enable sidebar scrolling * remove alerts from all resources * pass jwt secret * stacks dont delete the target * parse services from yaml * stacks deploy * close * looking good * closer * destroy stack when file missing. onboard stacks * figure out stack container name matching * get stack state correct * work with service views * UI Updates - Sidebar, Topbar Alerts, and All Resources page (#17) * move sidebar to use fixed positioning instead of sticky * add alert details dialog to topbar alerts * cleanup all resources page layout * ensure resource links don't propagate clicks * periphery support passing env with --env-file * StackServicePage * default run_directory to ./ for clarify * add stack webhook listeners * add default compose name of stack name * stacks controlled with project name * migrate to dotenvy * add stack to dashboard * remove deploying / destroying stack services * update config files * fix getting service logs * git / docker provider management api * implement passing git / registry token from db * rename system user Github to Git Webhook * seperate deployed and latest services on stack info * add stack service level operations * UI Updates - Update Shadcn/UI components, prevent navbar menu layout shift (#20) * add dashboard pie for resource syncs * dashboard items same height * update shadcn components * ensure centered following sheet update * cleanup layout, prevent navbar menu layout shifts * add manual filter, fix toast call * guard webhooks * remove deployed_message, latest_message from StackListItemInfo * stop all containers on server correctly * support multiple compose files * cache all containers networks images projects * remove project missing from db cache * work on sync deploy stuff * rework deployment sync deploy to support stacks. they can depend on each other. * UI Updates - Remove topbar transparency, pretty status badges, tidy resource page layout with a 'back' button (#21) * remove topbar transparency * cleanup unused * responsive dashboard * better mobile header * dont need to calc 64px less since header is using position fixed * add status badge component * update status badges * further simplify layout * allow undefined status as prop * use new status badges for alerts * update status badges for all resources * undo layout change * tidy up resource page layout, add back button * no need for button wrapper * remove unused * build cancel log * update ts types * fix fe type changes * fe tweaks * remove on build logs * core refresh cache immediately on startup * jwt_ttl * canonicalize run directory on host * update canonicalize error message * core use docker-compose * fix incorrect project missing, add status string to stack info * remove entries in "after" that aren't deploying * fix dockerfiel * build custom tag postfix * sync fixes * ensure UpdateGitProviderAccount doesn't change id * ensure UpdateDockerRegistryAccount doesn't change id * configure providers in the UI * add // comment support to env, conversions * add updates for provider deletes * improve sync pending deploy log * add more deployment actions * add backward compat with v1.12 for clone repo * stack deploy format * fe * alert menus clone when click resource link * rename stacks * don't close on click * snake case stack state, in line with deployment state * sync redeploy stack if newer hash (optional behind resource field 'latest_hash') * remove nav to tree * RefreshStack/Sync debug instruments * improve inline UI docs * implement resource base_permission backend * plumbing for Repo build * build repos * write env file repos * add latest hash / message to build info * add optional hash to update * keep built_hash updated * add backend for build / repo latest hash management * remove unused resources * clean up repo dirs after cache update * fix repo info deser error * add build / repo git status * fix page layouts * improve layout responsive * most config incline docs * add descriptions for all resource types * default local auth false * fix omnibar arrow keys issue * add compose file to example config * image registry * dashboard display no resources messge * update deps. * show when no config * resource sync use config git_provider * fix networks * fix deploy error due to after * update lots of docs * fix server stat charts not working * update screenshots * update changelog * add a disclaimer * remove file paths docs stuff * build repo * v1.13 - Komodo * update docs for cli * fill out the compose example more --------- Co-authored-by: Karamvir Singh <67458484+karamvirsingh98@users.noreply.github.com>
371 lines
12 KiB
TOML
371 lines
12 KiB
TOML
#######################
|
|
# MONITOR CORE CONFIG #
|
|
#######################
|
|
|
|
## This is the offical "Default" config file for Monitor.
|
|
## It serves as documentation for the meaning of the fields.
|
|
## It is located at [https://github.com/mbecker20/monitor/blob/main/config_example/core.config.example.toml](https://github.com/mbecker20/monitor/blob/main/config_example/core.config.example.toml).
|
|
|
|
## This file is bundled into the official image, `ghcr.io/mbecker20/monitor`,
|
|
## as the default config at `/config/config.toml`.
|
|
## Monitor can start with no external config file mounted.
|
|
|
|
## There is usually no need to create this file on your host.
|
|
## Most fields can instead be configured using environment variables.
|
|
|
|
## This will be the document title on the web page (shows up as text in the browser tab).
|
|
## Env: MONITOR_TITLE
|
|
## Default: 'Monitor'
|
|
# title = "Monitor-02"
|
|
|
|
## This should be the url used to access Monitor in browser, potentially behind DNS.
|
|
## Eg https://monitor.dev or http://12.34.56.78:9120. This should match the address configured in your Oauth app.
|
|
## Env: MONITOR_HOST
|
|
## Required to start Monitor, no default.
|
|
host = "https://monitor.dev"
|
|
|
|
## The port the core system will run on.
|
|
## Env: MONITOR_PORT
|
|
## Default: 9120
|
|
# port = 9121
|
|
|
|
## This is the token used to authenticate core requests to periphery.
|
|
## Ensure this matches a passkey in the connected periphery configs.
|
|
## If the periphery servers don't have passkeys configured, this doesn't need to be changed.
|
|
## Env: MONITOR_PASSKEY
|
|
## Required to start Monitor, no default
|
|
passkey = "a_random_passkey"
|
|
|
|
## Disables write support on resources in the UI.
|
|
## This protects users that that would normally have write priviledges during their UI usage,
|
|
## when they intend to fully rely on ResourceSyncs to manage config.
|
|
## Env: MONITOR_UI_WRITE_DISABLED
|
|
## Default: false
|
|
# ui_write_disabled = true
|
|
|
|
############
|
|
# DATABASE #
|
|
############
|
|
|
|
## Configure the database connection in one of the following ways:
|
|
|
|
## Pass a full Mongo URI. Suitable for Mongo Atlas.
|
|
## Env: MONITOR_MONGO_URI
|
|
# mongo.uri = "mongodb://username:password@localhost:27017"
|
|
|
|
## ==== * OR * ==== ##
|
|
|
|
# Construct the address as mongodb://{username}:{password}@{address}
|
|
## Env: MONITOR_MONGO_ADDRESS
|
|
mongo.address = "localhost:27017"
|
|
## Env: MONITOR_MONGO_USERNAME
|
|
# mongo.username = "admin"
|
|
## Env: MONITOR_MONGO_PASSWORD
|
|
# mongo.password = "admin"
|
|
|
|
## ==== other ====
|
|
|
|
## Monitor will create its collections under this database name.
|
|
## The only reason to change this is if multiple Monitors share the same db.
|
|
## Env: MONITOR_MONGO_DB_NAME
|
|
## Default: monitor.
|
|
# mongo.db_name = "monitor"
|
|
|
|
## This is the assigned app_name of the mongo client.
|
|
## The only reason to change this is if multiple Monitors share the same db.
|
|
## Env: MONITOR_MONGO_APP_NAME
|
|
## Default: monitor_core.
|
|
# mongo.app_name = "monitor_core"
|
|
|
|
################
|
|
# AUTH / LOGIN #
|
|
################
|
|
|
|
## Allow user login with a username / password.
|
|
## The password will be hashed and stored in the db for login comparison.
|
|
##
|
|
## NOTE:
|
|
## Monitor has no API to recover account logins, but if this happens you can doctor the db using Mongo Compass.
|
|
## Create a new user, login to the database with Compass, note down your old users username and _id.
|
|
## Then delete the old user, and update the new user to have the same username and _id.
|
|
## Make sure to set `enabled: true` and maybe `admin: true` on the new user as well, while using Compass.
|
|
##
|
|
## Env: MONITOR_LOCAL_AUTH
|
|
## Default: false
|
|
# local_auth = true
|
|
|
|
## Allows all users to have Read level access to all resources.
|
|
## Env: MONITOR_TRANSPARENT_MODE
|
|
## Default: false
|
|
# transparent_mode = true
|
|
|
|
## New users will be automatically enabled when they sign up.
|
|
## Otherwise, new users will be disabled on first login.
|
|
## The first user to login will always be enabled on creation.
|
|
## Env: MONITOR_ENABLE_NEW_USERS
|
|
## Default: false
|
|
# enable_new_users = true
|
|
|
|
## Optionally provide a specific jwt secret.
|
|
## Passing nothing or an empty string will cause one to be generated on every startup.
|
|
## This means users will have to log in again if Monitor restarts.
|
|
## Env: MONITOR_JWT_SECRET
|
|
# jwt_secret = "your_random_secret"
|
|
|
|
## Specify how long a user can stay logged in before they have to log in again.
|
|
## All jwts are invalidated on application restart unless `jwt_secret` is set.
|
|
## Env: MONITOR_JWT_TTL
|
|
## Default: 1-day.
|
|
## Options: 1-hr, 12-hr, 1-day, 3-day, 1-wk, 2-wk, 30-day
|
|
# jwt_ttl = "3-day"
|
|
|
|
#########
|
|
# OAUTH #
|
|
#########
|
|
|
|
## Google
|
|
|
|
## Env: MONITOR_GOOGLE_OAUTH_ENABLED
|
|
## Default: false
|
|
# google_oauth.enabled = true
|
|
|
|
## Env: MONITOR_GOOGLE_OAUTH_ID
|
|
## Required if google_oauth is enabled.
|
|
# google_oauth.id = "your_google_client_id"
|
|
|
|
## Env: MONITOR_GOOGLE_OAUTH_SECRET
|
|
## Required if google_oauth is enabled.
|
|
# google_oauth.secret = "your_google_client_secret"
|
|
|
|
## Github
|
|
|
|
## Env: MONITOR_GITHUB_OAUTH_ENABLED
|
|
## Default: false
|
|
# github_oauth.enabled = true
|
|
|
|
## Env: MONITOR_GITHUB_OAUTH_ID
|
|
## Required if github_oauth is enabled.
|
|
# github_oauth.id = "your_github_client_id"
|
|
|
|
## Env: MONITOR_GITHUB_OAUTH_SECRET
|
|
## Required if github_oauth is enabled.
|
|
# github_oauth.secret = "your_github_client_secret"
|
|
|
|
############
|
|
# WEBHOOKS #
|
|
############
|
|
|
|
## This token must be given to git provider during repo webhook config.
|
|
## The secret configured on the git provider side must match the secret configured here.
|
|
## Env: MONITOR_WEBHOOK_SECRET
|
|
## Default: empty (none)
|
|
webhook_secret = "a_random_webhook_secret"
|
|
|
|
## An alternate base url that is used to recieve git webhook requests.
|
|
## If empty or not specified, will use 'host' address as base.
|
|
## This is useful if Monitor is on an internal network, but can have a
|
|
## proxy just allowing through the webhook api using NGINX.
|
|
## Env: MONITOR_WEBHOOK_BASE_URL
|
|
## Default: empty (none)
|
|
# webhook_base_url = "https://git-webhook.monitor.dev"
|
|
|
|
## Configure Github webhook app. Enables webhook management apis.
|
|
## <INSERT LINK TO GUIDE>
|
|
## Env: MONITOR_GITHUB_WEBHOOK_APP_APP_ID
|
|
# github_webhook_app.app_id = 1234455 # Find on the app page.
|
|
## Env:
|
|
## - MONITOR_GITHUB_WEBHOOK_APP_INSTALLATIONS_IDS
|
|
## - MONITOR_GITHUB_WEBHOOK_APP_INSTALLATIONS_NAMESPACES
|
|
# github_webhook_app.installations = [
|
|
# ## Find the id after installing the app to user / organization. "namespace" is the username / organization name.
|
|
# { id = 1234, namespace = "mbecker20" }
|
|
# ]
|
|
|
|
## The path to Github webhook app private key. <INSERT LINK TO GUIDE>
|
|
## This is defaulted to `/github/private-key.pem`, and doesn't need to be changed if running core in Docker.
|
|
## Just mount the private key pem file on the host to `/github/private-key.pem` in the container.
|
|
## Eg. `/your/path/to/key.pem : /github/private-key.pem`
|
|
## Env: MONITOR_GITHUB_WEBHOOK_APP_PK_PATH
|
|
# github_webhook_app.pk_path = "/path/to/pk.pem"
|
|
|
|
###########
|
|
# LOGGING #
|
|
###########
|
|
|
|
## Specify the log level of the monitor core application
|
|
## Env: MONITOR_LOGGING_LEVEL
|
|
## Options: off, error, warn, info, debug, trace
|
|
## Default: info
|
|
# logging.level = "info"
|
|
|
|
## Specify the logging format for stdout / stderr.
|
|
## Env: MONITOR_LOGGING_STDIO
|
|
## Options: standard, json, none
|
|
## Default: standard
|
|
# logging.stdio = "standard"
|
|
|
|
## Optionally specify a opentelemetry otlp endpoint to send traces to.
|
|
## Env: MONITOR_OTLP_ENDPOINT
|
|
# logging.otlp_endpoint = "http://localhost:4317"
|
|
|
|
## Set the opentelemetry service name.
|
|
## This will be attached to the telemetry Monitor will send.
|
|
## Env: MONITOR_OPENTELEMETRY_SERVICE_NAME
|
|
## Default: "Monitor"
|
|
# logging.opentelemetry_service_name = "Monitor-02"
|
|
|
|
###########
|
|
# PRUNING #
|
|
###########
|
|
|
|
## The number of days to keep historical system stats around, or 0 to disable pruning.
|
|
## Stats older that are than this number of days are deleted on a daily cycle.
|
|
## Env: MONITOR_KEEP_STATS_FOR_DAYS
|
|
## Default: 14
|
|
# keep_stats_for_days = 14
|
|
|
|
## The number of days to keep alerts around, or 0 to disable pruning.
|
|
## Alerts older that are than this number of days are deleted on a daily cycle.
|
|
## Env: MONITOR_KEEP_ALERTS_FOR_DAYS
|
|
## Default: 14
|
|
# keep_alerts_for_days = 14
|
|
|
|
##################
|
|
# POLL INTERVALS #
|
|
##################
|
|
|
|
## Interval at which to poll Stacks for any updates / automated actions.
|
|
## Env: MONITOR_STACK_POLL_INTERVAL
|
|
## Options: `15-sec`, `1-min`, `5-min`, `15-min`, `1-hr`.
|
|
## Default: `5-min`.
|
|
# stack_poll_interval = "1-min"
|
|
|
|
## Interval at which to poll Syncs for any updates / automated actions.
|
|
## Env: MONITOR_SYNC_POLL_INTERVAL
|
|
## Options: `15-sec`, `1-min`, `5-min`, `15-min`, `1-hr`.
|
|
## Default: `5-min`.
|
|
# sync_poll_interval = "1-min"
|
|
|
|
## Interval at which to poll Builds (latest commit hash) for any updates / automated actions.
|
|
## Env: MONITOR_STACK_POLL_INTERVAL
|
|
## Options: `15-sec`, `1-min`, `5-min`, `15-min`, `1-hr`.
|
|
## Default: `5-min`.
|
|
# build_poll_interval = "1-min"
|
|
|
|
## Interval at which to poll Repos (latest commit hash) for any updates / automated actions.
|
|
## Env: MONITOR_REPO_POLL_INTERVAL
|
|
## Options: `15-sec`, `1-min`, `5-min`, `15-min`, `1-hr`.
|
|
## Default: `5-min`.
|
|
# repo_poll_interval = "1-min"
|
|
|
|
## Controls the rate at which servers are polled for health, system stats, and container status.
|
|
## This affects network usage, and the size of the stats stored in mongo.
|
|
## Default: 15-sec
|
|
## Options: 5-sec, 15-sec, 30-sec, 1-min, 2-min, 5-min, 15-min
|
|
# monitoring_interval = "5-sec"
|
|
|
|
###################
|
|
# CLOUD PROVIDERS #
|
|
###################
|
|
|
|
## Monitor can build images on purpose deployed AWS EC2 instances,
|
|
## and afterwards destroying the instance.
|
|
|
|
## Additionally, Monitor can deploy cloud VPS on AWS EC2 and Hetzner.
|
|
## Use the Template resource to configure launch preferences.
|
|
## Hetzner is not supported for builds as their pricing model is by the hour,
|
|
## while AWS is by the minute. This is very important for builds.
|
|
|
|
## Provide aws api keys for ephemeral builders / server launch
|
|
## Env: MONITOR_AWS_ACCESS_KEY_ID
|
|
# aws.access_key_id = "your_aws_key_id"
|
|
## Env: MONITOR_AWS_SECRET_ACCESS_KEY
|
|
# aws.secret_access_key = "your_aws_secret_key"
|
|
|
|
## Provide hetzner api token for server launch
|
|
## Env: MONITOR_HETZNER_TOKEN
|
|
# hetzner.token = "your_hetzner_token"
|
|
|
|
#################
|
|
# GIT PROVIDERS #
|
|
#################
|
|
|
|
## These will be available to attach to Builds, Repos, Stacks, and Syncs.
|
|
## They allow these Resources to clone private repositories.
|
|
## They cannot be configured on the environment.
|
|
|
|
## configure git providers
|
|
# [[git_provider]]
|
|
# domain = "github.com"
|
|
# accounts = [
|
|
# { username = "mbecker20", token = "access_token_for_account" },
|
|
# { username = "moghtech", token = "access_token_for_other_account" },
|
|
# ]
|
|
|
|
# [[git_provider]]
|
|
# domain = "git.mogh.tech" # use a custom provider, like self-hosted gitea
|
|
# accounts = [
|
|
# { username = "mbecker20", token = "access_token_for_account" },
|
|
# ]
|
|
|
|
# [[git_provider]]
|
|
# domain = "localhost:8000" # use a custom provider, like self-hosted gitea
|
|
# https = false # use http://localhost:8000 as base-url for clone
|
|
# accounts = [
|
|
# { username = "mbecker20", token = "access_token_for_account" },
|
|
# ]
|
|
|
|
######################
|
|
# REGISTRY PROVIDERS #
|
|
######################
|
|
|
|
## These will be available to attach to Builds and Stacks.
|
|
## They allow these Resources to pull private images.
|
|
## They cannot be configured on the environment.
|
|
|
|
## configure docker registries
|
|
# [[docker_registry]]
|
|
# domain = "docker.io"
|
|
# accounts = [
|
|
# { username = "mbecker2020", token = "access_token_for_account" }
|
|
# ]
|
|
# organizations = ["DockerhubOrganization"]
|
|
|
|
# [[docker_registry]]
|
|
# domain = "git.mogh.tech" # use a custom provider, like self-hosted gitea
|
|
# accounts = [
|
|
# { username = "mbecker20", token = "access_token_for_account" },
|
|
# ]
|
|
# organizations = ["Mogh"] # These become available in the UI
|
|
|
|
## Configure AWS ECR registries.
|
|
## Ecr is a special case of registry, as using it is pretty different than others.
|
|
## You can configure multiple of these with different "labels", and select
|
|
## then by label in the UI.
|
|
|
|
# [aws_ecr_registry.label_1]
|
|
# region = "us-east-1"
|
|
# account_id = "1234455"
|
|
# access_key_id = "your_aws_key_id_1"
|
|
# secret_access_key = "your_aws_secret_key_1"
|
|
|
|
# [aws_ecr_registry.label_2]
|
|
# region = "us-west-1"
|
|
# account_id = "1234455"
|
|
# access_key_id = "your_aws_key_id_2"
|
|
# secret_access_key = "your_aws_secret_key_2"
|
|
|
|
###########
|
|
# SECRETS #
|
|
###########
|
|
|
|
## Provide core-based secrets.
|
|
## These will be available to interpolate into your Deployment / Stack environments,
|
|
## and will be hidden in the UI and logs.
|
|
## These are available to use on any periphery (Server),
|
|
## but you can also limit access more by placing them in a single peripheries config instead.
|
|
## These cannot be configured on the environment.
|
|
|
|
# [secrets]
|
|
# SECRET_1 = "value_1"
|
|
# SECRET_2 = "value_2" |