Merge pull request 'added gotify alerts on image updates' (#1) from podman_gotify_alert into master
Reviewed-on: jonas/salt-states#1
This commit is contained in:
commit
b411efa4a5
10
podman/files/check_image_updates.service.jinja
Normal file
10
podman/files/check_image_updates.service.jinja
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
[Unit]
|
||||||
|
Description=Check for image updates on configured podman containers
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=oneshot
|
||||||
|
User={{ pillar.podman.user }}
|
||||||
|
ExecStart={{ salt['user.info'](pillar.podman.user).home }}/bin/check_image_updates.sh
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=default.target
|
35
podman/files/check_image_updates.sh.jinja
Normal file
35
podman/files/check_image_updates.sh.jinja
Normal file
@ -0,0 +1,35 @@
|
|||||||
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
|
URL="{{ pillar['podman']['gotify']['url'] }}"
|
||||||
|
TOKEN="{{ pillar['podman']['gotify']['token'] }}"
|
||||||
|
TITLE="Updates on $HOSTNAME"
|
||||||
|
PRIORITY="{{ pillar['podman']['gotify']['priority'] }}"
|
||||||
|
|
||||||
|
{% raw -%}
|
||||||
|
function check_update(){
|
||||||
|
IFS=',' read -r -a container_info <<< "$(podman container inspect $1 --format '{{ .Name }},{{ .ImageName }},{{ .Image }}')"
|
||||||
|
|
||||||
|
podman pull "${container_info[1]}"
|
||||||
|
if [[ "$(podman image inspect "${container_info[1]}" --format "{{.Id}}")" != "${container_info[2]}" ]];then
|
||||||
|
containers[${#containers[@]}]="${container_info[0]}"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
IFS=$'\n'
|
||||||
|
for line in $(podman container ls -q); do
|
||||||
|
check_update "$line"
|
||||||
|
done
|
||||||
|
if [[ "${#containers[@]}" == "0" ]]; then
|
||||||
|
exit
|
||||||
|
fi
|
||||||
|
|
||||||
|
MESSAGE=$(cat << EOM
|
||||||
|
Following ${#containers[@]} container(s) has updates:
|
||||||
|
${containers[*]}
|
||||||
|
EOM
|
||||||
|
)
|
||||||
|
|
||||||
|
curl "$URL/message?token=$TOKEN" -F "title=$TITLE" -F "priority=$PRIORITY" -F "message=$MESSAGE"
|
||||||
|
echo " "
|
||||||
|
{% endraw -%}
|
9
podman/files/check_image_updates.timer.jinja
Normal file
9
podman/files/check_image_updates.timer.jinja
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
[Unit]
|
||||||
|
Description=Restic backup timer
|
||||||
|
|
||||||
|
[Timer]
|
||||||
|
OnCalendar=Sun, 12:00
|
||||||
|
Unit=check_image_updates.service
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=timers.target
|
@ -1,4 +1,6 @@
|
|||||||
{% set user = salt['pillar.get']('podman:user', 'root') %}
|
{% set user = salt['pillar.get']('podman:user', 'root') %}
|
||||||
|
{% set home = salt['user.info'](user).home %}
|
||||||
|
|
||||||
|
|
||||||
Install packages needed for podman:
|
Install packages needed for podman:
|
||||||
pkg.installed:
|
pkg.installed:
|
||||||
@ -10,6 +12,45 @@ Set linger for user {{ user }}:
|
|||||||
- name: loginctl enable-linger {{ user }}
|
- name: loginctl enable-linger {{ user }}
|
||||||
- unless: test -e /var/lib/systemd/linger/{{ user }}
|
- unless: test -e /var/lib/systemd/linger/{{ user }}
|
||||||
|
|
||||||
|
Copy check image update script:
|
||||||
|
file.managed:
|
||||||
|
- name: {{ home }}/bin/check_image_updates.sh
|
||||||
|
- source: salt://podman/files/check_image_updates.sh.jinja
|
||||||
|
- template: jinja
|
||||||
|
- user: {{ user }}
|
||||||
|
- group: {{ user }}
|
||||||
|
- mode: 0700
|
||||||
|
|
||||||
|
Create check image update service:
|
||||||
|
file.managed:
|
||||||
|
- name: /etc/systemd/system/check_image_updates.service
|
||||||
|
- source: salt://podman/files/check_image_updates.service.jinja
|
||||||
|
- template: jinja
|
||||||
|
- user: root
|
||||||
|
- group: root
|
||||||
|
- mode: "0644"
|
||||||
|
|
||||||
|
Create check image update timer:
|
||||||
|
file.managed:
|
||||||
|
- name: /etc/systemd/system/check_image_updates.timer
|
||||||
|
- source: salt://podman/files/check_image_updates.timer.jinja
|
||||||
|
- template: jinja
|
||||||
|
- user: root
|
||||||
|
- group: root
|
||||||
|
- mode: "0644"
|
||||||
|
|
||||||
|
Systemd daemon reload for image update:
|
||||||
|
cmd.run:
|
||||||
|
- name: systemctl daemon-reload
|
||||||
|
- onchanges:
|
||||||
|
- file: Create check image update service
|
||||||
|
- file: Create check image update timer
|
||||||
|
|
||||||
|
Start check image update timer:
|
||||||
|
service.running:
|
||||||
|
- name: check_image_updates.timer
|
||||||
|
- enable: True
|
||||||
|
|
||||||
{% if pillar.containers is defined %}
|
{% if pillar.containers is defined %}
|
||||||
include:
|
include:
|
||||||
{%- for container, args in pillar.containers.items() %}
|
{%- for container, args in pillar.containers.items() %}
|
||||||
|
Reference in New Issue
Block a user