added gotify alerts on image updates

This commit is contained in:
= 2022-11-22 14:50:41 +01:00
parent 9da9354819
commit 9deb25bfa3
4 changed files with 95 additions and 0 deletions

View File

@ -0,0 +1,10 @@
[Unit]
Description=Check for image updates on configured podman containers
[Service]
Type=oneshot
User={{ pillar.podman.user }}
ExecStart={{ salt['user.info'](pillar.podman.user).home }}/bin/check_image_updates.sh
[Install]
WantedBy=default.target

View File

@ -0,0 +1,35 @@
#!/usr/bin/env bash
URL="{{ pillar['podman']['gotify']['url'] }}"
TOKEN="{{ pillar['podman']['gotify']['token'] }}"
TITLE="Updates on $HOSTNAME"
PRIORITY="{{ pillar['podman']['gotify']['priority'] }}"
{% raw -%}
function check_update(){
IFS=',' read -r -a container_info <<< "$(podman container inspect $1 --format '{{ .Name }},{{ .ImageName }},{{ .Image }}')"
podman pull "${container_info[1]}"
if [[ "$(podman image inspect "${container_info[1]}" --format "{{.Id}}")" != "${container_info[2]}" ]];then
containers[${#containers[@]}]="${container_info[0]}"
fi
}
IFS=$'\n'
for line in $(podman container ls -q); do
check_update "$line"
done
if [[ "${#containers[@]}" == "0" ]]; then
exit
fi
MESSAGE=$(cat << EOM
Following ${#containers[@]} container(s) has updates:
${containers[*]}
EOM
)
curl "$URL/message?token=$TOKEN" -F "title=$TITLE" -F "priority=$PRIORITY" -F "message=$MESSAGE"
echo " "
{% endraw -%}

View File

@ -0,0 +1,9 @@
[Unit]
Description=Restic backup timer
[Timer]
OnCalendar=Sun, 12:00
Unit=check_image_updates.service
[Install]
WantedBy=timers.target

View File

@ -1,4 +1,6 @@
{% set user = salt['pillar.get']('podman:user', 'root') %}
{% set home = salt['user.info'](user).home %}
Install packages needed for podman:
pkg.installed:
@ -10,6 +12,45 @@ Set linger for user {{ user }}:
- name: loginctl enable-linger {{ user }}
- unless: test -e /var/lib/systemd/linger/{{ user }}
Copy check image update script:
file.managed:
- name: {{ home }}/bin/check_image_updates.sh
- source: salt://podman/files/check_image_updates.sh.jinja
- template: jinja
- user: {{ user }}
- group: {{ user }}
- mode: 0700
Create check image update service:
file.managed:
- name: /etc/systemd/system/check_image_updates.service
- source: salt://podman/files/check_image_updates.service.jinja
- template: jinja
- user: root
- group: root
- mode: "0644"
Create check image update timer:
file.managed:
- name: /etc/systemd/system/check_image_updates.timer
- source: salt://podman/files/check_image_updates.timer.jinja
- template: jinja
- user: root
- group: root
- mode: "0644"
Systemd daemon reload for image update:
cmd.run:
- name: systemctl daemon-reload
- onchanges:
- file: Create check image update service
- file: Create check image update timer
Start check image update timer:
service.running:
- name: check_image_updates.timer
- enable: True
{% if pillar.containers is defined %}
include:
{%- for container, args in pillar.containers.items() %}