x1995gourichon/gourichon_org
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
37 Commits 1 Branch 0 Tags
929f22861dfc2c8e11de8f99f4fa916e1a4728ed
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Stephane Gourichon 929f22861d Clearer test output.
2025-09-05 22:55:44 +02:00
partials/fsg-image
Use common base image.
2025-09-05 22:55:44 +02:00
service_definitions/public/gourichon_org/domain
Building containers runs unit and acceptance tests.
2025-09-05 22:55:44 +02:00
tools
Clearer test output.
2025-09-05 22:55:44 +02:00
.gitignore
.gitignore
2024-03-23 22:40:35 +01:00
Makefile
Makefile also set permissions.
2024-03-24 17:16:19 +01:00
README.md
Main README.md documents what this is about.
2025-09-05 22:55:44 +02:00

README.md

Debian-focused flexible service management

Who is this for?

  • Anyone who needs to maintain network services...
  • ... that favors Debian as a basis ...
  • ... and does not want to trust random opaque containers from strangers.

What does this provide?

  • A set of packaged services, all made with simple Dockerfiles, all based on Debian.
  • A small set of tools to ensure services are up-to-date, see features
  • run_and_output_only_on_error.sh a simple script that runs anything, capturing its output. If the thing went fine (return status zero), the output is deleted, else the output is propagated. This is meant to be (and is) used in crontab entries, to ensure the admin receives e-mails when things go wrong, but are not over-notified daily by as many e-mails as there are tasks.

Features

No root needed

None of this needs root permission.

  • For example, podman can build Dockerfiles and run containers from them purely as user.
  • Optionally, a dedicated user can be created.

Live check

  • Any directory prodiving a service provides a live check.
  • monitoring_check_all_once.sh checks at once each service and report status.
  • monitoring__crontask_install.sh sets up a user-level crontab entry to perform the live check once a day -- and alert root on failure

Always up-to-date w.r.t. Debian

Whenever applicable Debian packages are updated, containers are rebuilt:

  • containers_check_update_rebuild_switch.sh walks all currently running containers, does apt-get upgrade -y --dry-run inside, and if apt reports that some package needs an update, rebuilds the container and replaces it
  • containers_check_update_rebuild_switch__crontask_install.sh sets up a user-level crontab entry to perform the check-update-and-rebuild-if-needed once a day -- and alert root when something happens (the only and common case when root has no mail is when container is confirmed up-to-date)

Run containers as relevant on current machine

  • build_and_up_all_containers.sh -> Currently runs all containers on local machine. TODO replace using some configuration, per host name.

  • ensure_infra_user_exists.sh ensures a fsginfra user exists on the machine, dedicated to infrastructure maintenance.

Description
Scripts de déploiement/maintenance infra utilisé pour gourichon.org
Readme 109 KiB
Languages
Shell 91.9%
Dockerfile 7.2%
Makefile 0.9%