diff --git a/README.md b/README.md index 37c0933..a2c6087 100644 --- a/README.md +++ b/README.md @@ -23,3 +23,28 @@ Organize everything, on all platforms * `abra app deploy ` For more, see [`docs.coopcloud.tech`](https://docs.coopcloud.tech). + + +## Healthcheck + +Vikunja uses a docker [scratch](https://hub.docker.com/_/scratch/) image, that is completely empty, therefore it is necessary to copy a statically build healthcheck binary into the container to perform the healthcheck. + +To verify the binary in this recipe run this code: + +``` +# Set the source date epoch for reproducibility +export SOURCE_DATE_EPOCH=1640995200 +export DOCKER_BUILDKIT=1 + +# Build the Docker image +docker build --build-arg SOURCE_DATE_EPOCH=${SOURCE_DATE_EPOCH} -t healthcheck -f healthcheck_Dockerfile . + +# Create container, extract binary and remove the container +docker create --name healthcheck_builder healthcheck +docker cp healthcheck_builder:/app/healthcheck . +docker rm healthcheck_builder + +# Check if the build is reproducible by calculating hash +sha256sum healthcheck +``` +The sha256 checksum should be **c7c12a0eb019edd275c3f5a9302c70b2112941a8c0b9d9128d26c66a81a263c6** diff --git a/abra.sh b/abra.sh index c4561f3..c38f254 100644 --- a/abra.sh +++ b/abra.sh @@ -1 +1,2 @@ export CONFIG_YML_VERSION=v8 +export HEALTHCHECK_VERSION=v1 diff --git a/compose.yml b/compose.yml index 2f07635..7425261 100644 --- a/compose.yml +++ b/compose.yml @@ -47,6 +47,10 @@ services: configs: - source: config_yml target: /etc/vikunja/config.yml + - source: healthcheck + target: /healthcheck + mode: 555 + deploy: labels: - "traefik.enable=true" @@ -56,12 +60,12 @@ services: - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}" - "coop-cloud.${STACK_NAME}.version=1.0.0+0.24.2" - "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT:-120}" - #healthcheck: - # test: [ "CMD", "curl", "-f", "http://localhost:3456" ] - # interval: 30s - # timeout: 10s - # retries: 10 - # start_period: 1m + healthcheck: + test: [ "CMD", "/healthcheck"] + interval: 30s + timeout: 10s + retries: 10 + start_period: 1m redis: image: redis @@ -109,6 +113,9 @@ configs: name: ${STACK_NAME}_config_yml_${CONFIG_YML_VERSION} file: config.yml.tmpl template_driver: golang + healthcheck: + name: ${STACK_NAME}_healthcheck_${HEALTHCHECK_VERSION} + file: healthcheck secrets: db_password: diff --git a/healthcheck b/healthcheck new file mode 100755 index 0000000..f372b5c Binary files /dev/null and b/healthcheck differ diff --git a/healthcheck.c b/healthcheck.c new file mode 100644 index 0000000..ccc76aa --- /dev/null +++ b/healthcheck.c @@ -0,0 +1,50 @@ +#include +#include +#include +#include +#include +#include +#include + +int main() { + int sockfd; + struct sockaddr_in server_addr; + char request[] = "HEAD / HTTP/1.1\r\nHost: localhost\r\n\r\n"; + char response[1024]; + int received_bytes; + + sockfd = socket(AF_INET, SOCK_STREAM, 0); + if (sockfd < 0) { + perror("socket"); + return 1; + } + + server_addr.sin_family = AF_INET; + server_addr.sin_port = htons(3456); + server_addr.sin_addr.s_addr = inet_addr("127.0.0.1"); + + if (connect(sockfd, (struct sockaddr *)&server_addr, sizeof(server_addr)) < 0) { + perror("connect"); + close(sockfd); + return 1; + } + + send(sockfd, request, strlen(request), 0); + + received_bytes = recv(sockfd, response, sizeof(response) - 1, 0); + if (received_bytes < 0) { + perror("recv"); + close(sockfd); + return 1; + } + + // Null-terminieren der empfangenen Bytes + response[received_bytes] = '\0'; + + // Statuscode extrahieren (erste Zeile enthält den Statuscode) + char *status_line = strtok(response, "\r\n"); + printf("Response: %s\n", status_line); + + close(sockfd); + return 0; +} diff --git a/healthcheck_Dockerfile b/healthcheck_Dockerfile new file mode 100644 index 0000000..1e4e6d6 --- /dev/null +++ b/healthcheck_Dockerfile @@ -0,0 +1,13 @@ +FROM alpine:latest + +ENV SOURCE_DATE_EPOCH=1640995200 + +RUN apk add --no-cache gcc musl-dev + +WORKDIR /app + +COPY healthcheck.c /app + +RUN gcc -o healthcheck healthcheck.c -static + +CMD ["./healthcheck"]