| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354 |
- {% set tpl = ix_lib.base.render.Render(values) %}
- {% set c1 = tpl.add_container(values.consts.scrutiny_container_name, "image") %}
- {% do c1.set_user(0,0) %}
- {% do c1.set_privileged(true) %}
- {% do c1.add_caps([
- "CHOWN",
- "DAC_OVERRIDE",
- "FSETID",
- "FOWNER",
- "MKNOD",
- "NET_RAW",
- "SETGID",
- "SETUID",
- "SETFCAP",
- "SETPCAP",
- "NET_BIND_SERVICE",
- "SYS_CHROOT",
- "KILL",
- "AUDIT_WRITE",
- ]) %}
- {% do c1.add_storage("/run/udev", {"type": "host_path", "read_only": True, "host_path_config": {"path": "/run/udev"}}) %}
- {% do c1.add_storage("/dev", {"type": "host_path", "read_only": True, "host_path_config": {"path": "/dev"}}) %}
- {% do c1.add_storage(values.consts.config_dir, values.storage.config) %}
- {% do c1.add_storage("/opt/scrutiny/influxdb", values.storage.influxdb) %}
- {% for store in values.storage.additional_storage %}
- {% do c1.add_storage(store.mount_path, store) %}
- {% endfor %}
- {% if not values.network.host_network %}
- {% do c1.add_port(values.network.web_port, {"container_port": values.consts.internal_web_port}) %}
- {% do c1.add_port(values.network.influxdb_port, {"container_port": values.consts.internal_influxdb_port}) %}
- {% endif %}
- {% do c1.environment.add_user_envs(values.scrutiny.additional_envs) %}
- {% do c1.environment.add_env("SCRUTINY_WEB_LISTEN_HOST", "0.0.0.0") %}
- {# Collector has an init script that has hardcoded 8080 port, so we cannot change that #}
- {% do c1.environment.add_env("SCRUTINY_WEB_LISTEN_PORT", values.consts.internal_web_port) %}
- {% do c1.environment.add_env("SCRUTINY_WEB_INFLUXDB_HOST", "127.0.0.1") %}
- {% do c1.environment.add_env("SCRUTINY_WEB_INFLUXDB_PORT", values.consts.internal_influxdb_port) %}
- {% do c1.environment.add_env("SCRUTINY_WEB_DATABASE_LOCATION", "%s/scrutiny.db"|format(values.consts.config_dir)) %}
- {% do c1.environment.add_env("COLLECTOR_API_ENDPOINT", "http://127.0.0.1:%d"|format(values.consts.internal_web_port)) %}
- {% do c1.healthcheck.set_test("curl", {"port": values.consts.internal_web_port, "path": "/api/health"}) %}
- {% do tpl.portals.add(values.network.web_port, {"port": values.consts.internal_web_port if values.network.host_network else None}) %}
- {% do tpl.portals.add(values.network.influxdb_port, {"name": "InfluxDB", "port": values.consts.internal_influxdb_port if values.network.host_network else None}) %}
- {% do tpl.notes.set_body(values.consts.notes_body) %}
- {{ tpl.render() | tojson }}
|
