add healthcheck binary

README.md

@@ -23,3 +23,28 @@ Organize everything, on all platforms
 * `abra app deploy <app-name>`
 
 For more, see [`docs.coopcloud.tech`](https://docs.coopcloud.tech).
+
+
+## Healthcheck
+
+Vikunja uses a docker [scratch](https://hub.docker.com/_/scratch/) image, that is completely empty, therefore it is necessary to copy a statically build healthcheck binary into the container to perform the healthcheck.
+
+To verify the binary in this recipe run this code:
+
+```
+# Set the source date epoch for reproducibility
+export SOURCE_DATE_EPOCH=1640995200
+export DOCKER_BUILDKIT=1
+
+# Build the Docker image
+docker build --build-arg SOURCE_DATE_EPOCH=${SOURCE_DATE_EPOCH} -t healthcheck -f healthcheck_Dockerfile .
+
+# Create container, extract binary and remove the container
+docker create --name healthcheck_builder healthcheck
+docker cp healthcheck_builder:/app/healthcheck .
+docker rm healthcheck_builder
+
+# Check if the build is reproducible by calculating hash
+sha256sum healthcheck
+```
+The sha256 checksum should be **c7c12a0eb019edd275c3f5a9302c70b2112941a8c0b9d9128d26c66a81a263c6**

abra.sh

@@ -1 +1,2 @@
 export CONFIG_YML_VERSION=v8
+export HEALTHCHECK_VERSION=v1

compose.yml

@@ -47,6 +47,10 @@ services:
     configs:
       - source: config_yml
         target: /etc/vikunja/config.yml
+      - source: healthcheck
+        target: /healthcheck
+        mode: 555
+
     deploy:
       labels:
         - "traefik.enable=true"
@@ -56,12 +60,12 @@ services:
         - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
         - "coop-cloud.${STACK_NAME}.version=1.0.0+0.24.2"
         - "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT:-120}"
-   #healthcheck:
-   #  test: [ "CMD", "curl", "-f", "http://localhost:3456" ]
-   #  interval: 30s
-   #  timeout: 10s
-   #  retries: 10
-   #  start_period: 1m
+    healthcheck:
+      test: [ "CMD", "/healthcheck"]
+      interval: 30s
+      timeout: 10s
+      retries: 10
+      start_period: 1m
 
   redis:
     image: redis
@@ -109,6 +113,9 @@ configs:
     name: ${STACK_NAME}_config_yml_${CONFIG_YML_VERSION}
     file: config.yml.tmpl
     template_driver: golang
+  healthcheck:
+    name: ${STACK_NAME}_healthcheck_${HEALTHCHECK_VERSION}
+    file: healthcheck
 
 secrets:
   db_password:

healthcheck.c

@@ -0,0 +1,50 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#include <unistd.h>
+
+int main() {
+    int sockfd;
+    struct sockaddr_in server_addr;
+    char request[] = "HEAD / HTTP/1.1\r\nHost: localhost\r\n\r\n";
+    char response[1024];
+    int received_bytes;
+
+    sockfd = socket(AF_INET, SOCK_STREAM, 0);
+    if (sockfd < 0) {
+        perror("socket");
+        return 1;
+    }
+
+    server_addr.sin_family = AF_INET;
+    server_addr.sin_port = htons(3456);
+    server_addr.sin_addr.s_addr = inet_addr("127.0.0.1");
+
+    if (connect(sockfd, (struct sockaddr *)&server_addr, sizeof(server_addr)) < 0) {
+        perror("connect");
+        close(sockfd);
+        return 1;
+    }
+
+    send(sockfd, request, strlen(request), 0);
+
+    received_bytes = recv(sockfd, response, sizeof(response) - 1, 0);
+    if (received_bytes < 0) {
+        perror("recv");
+        close(sockfd);
+        return 1;
+    }
+
+    // Null-terminieren der empfangenen Bytes
+    response[received_bytes] = '\0';
+
+    // Statuscode extrahieren (erste Zeile enthält den Statuscode)
+    char *status_line = strtok(response, "\r\n");
+    printf("Response: %s\n", status_line);
+
+    close(sockfd);
+    return 0;
+}

healthcheck_Dockerfile

@@ -0,0 +1,13 @@
+FROM alpine:latest
+
+ENV SOURCE_DATE_EPOCH=1640995200
+
+RUN apk add --no-cache gcc musl-dev
+
+WORKDIR /app
+
+COPY healthcheck.c /app
+
+RUN gcc -o healthcheck healthcheck.c -static
+
+CMD ["./healthcheck"]