167 lines
8.8 KiB
Cheetah
167 lines
8.8 KiB
Cheetah
{{- if and (ne .host.distro.family "windows") (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (or (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "NETDATA_TOKEN")) (env "NETDATA_TOKEN")) (or (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "NETDATA_ROOM")) (env "NETDATA_ROOM")) -}}
|
|
#!/usr/bin/env bash
|
|
# @file Netdata
|
|
# @brief Connects Netdata with Netdata's free cloud dashboard and applies some system optimizations, if necessary
|
|
# @description
|
|
# This script connects Netdata with Netdata Cloud if Netdata is installed, the `NETDATA_TOKEN` is provided, and the
|
|
# `NETDATA_ROOM` is defined. This allows you to graphically browse through system metrics on all your connected devices
|
|
# from a single free web application.
|
|
#
|
|
# This script installs additional alerts and enables notifications if Netdata is installed. Email notifications are configured
|
|
# using the provided primary email address. If the OS is Debian based, Netdata shows the number of CVEs in currently installed packages.
|
|
|
|
{{ includeTemplate "universal/profile" }}
|
|
{{ includeTemplate "universal/logg" }}
|
|
|
|
ensureNetdataOwnership() {
|
|
### Ensure /usr/local/var/lib/netdata/cloud.d is owned by user
|
|
if [ -d /usr/local/var/lib/netdata ]; then
|
|
logg info 'Ensuring permissions are correct on /usr/local/var/lib/netdata'
|
|
sudo chown -Rf netdata:netdata /usr/local/var/lib/netdata || sudo chown -Rf netdata:$(id -g -n) /usr/local/var/lib/netdata
|
|
elif [ -d /var/lib/netdata ]; then
|
|
logg info 'Ensuring permissions are correct on /var/lib/netdata'
|
|
sudo chown -Rf netdata:netdata /var/lib/netdata || sudo chown -Rf netdata:$(id -g -n) /var/lib/netdata
|
|
elif [ -d "$HOMEBREW_PREFIX/var/lib/netdata" ]; then
|
|
logg info "Ensuring permissions are correct on $HOMEBREW_PREFIX/var/lib/netdata"
|
|
sudo chown -Rf netdata:netdata "$HOMEBREW_PREFIX/var/lib/netdata" || sudo chown -Rf netdata:$(id -g -n) "$HOMEBREW_PREFIX/var/lib/netdata"
|
|
else
|
|
logg warn 'No /var/lib/netdata folder found'
|
|
fi
|
|
}
|
|
|
|
### Claim the instance with Netdata Cloud
|
|
if command -v netdata-claim.sh > /dev/null; then
|
|
# Add user / group with script in ~/.local/bin/add-user, if it is available
|
|
if command -v add-user > /dev/null; then
|
|
sudo add-user netdata
|
|
fi
|
|
|
|
ensureNetdataOwnership
|
|
|
|
# netdata-claim.sh must be run as netdata user
|
|
sudo -H -u netdata bash -c 'export NETDATA_ROOM="{{- if (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "NETDATA_ROOM")) -}}{{- includeTemplate "secrets/NETDATA_ROOM" | decrypt | trim -}}{{- else -}}{{- env "NETDATA_ROOM" -}}{{- end -}}" && export NETDATA_TOKEN="{{- if (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "NETDATA_TOKEN")) -}}{{- includeTemplate "secrets/NETDATA_TOKEN" | decrypt | trim -}}{{- else -}}{{- env "NETDATA_TOKEN" -}}{{- end -}}" && yes | netdata-claim.sh -token="$NETDATA_TOKEN" -rooms="$NETDATA_ROOM" -url="{{ .netdataClaimURL }}"'
|
|
|
|
# Kernel optimizations
|
|
# These are mentioned while installing via the kickstart.sh script method. We are using Homebrew for the installation though.
|
|
# Assuming these optimizations do not cause any harm.
|
|
if [ -d /Applications ] && [ -d /System ]; then
|
|
# macOS
|
|
logg info 'System is macOS so Netdata kernel optimizations are not required'
|
|
else
|
|
# Linux
|
|
if [ -d /sys/kernel/mm/ksm ]; then
|
|
logg info 'Adding Netdata kernel optimization for /sys/kernel/mm/ksm/run'
|
|
echo 1 | sudo tee /sys/kernel/mm/ksm/run
|
|
logg info 'Adding Netdata kernel optimization for /sys/kernel/mm/ksm/sleep_millisecs'
|
|
echo 1000 | sudo tee /sys/kernel/mm/ksm/sleep_millisecs
|
|
else
|
|
logg info 'The /sys/kernel/mm/ksm directory does not exist so Netdata kernel optimizations are not being applied'
|
|
fi
|
|
fi
|
|
|
|
### Install additional alerts and enable notifications
|
|
if command -v netdata > /dev/null; then
|
|
# Copy the additional alert definitions
|
|
if [ -d /usr/local/etc/netdata ]; then
|
|
NETDATA_ETC='/usr/local/etc/netdata/'
|
|
elif [ -d /etc/netdata ]; then
|
|
NETDATA_ETC='/etc/netdata'
|
|
elif [ -d "$HOMEBREW_PREFIX/etc/netdata" ]; then
|
|
NETDATA_ETC="$HOMEBREW_PREFIX/etc/netdata"
|
|
else
|
|
logg error 'No etc location found for netdata' && exit 1
|
|
fi
|
|
logg info "Copying ${XDG_CONFIG_HOME:-$HOME/.config}/netdata/health.d/ to $NETDATA_ETC"
|
|
sudo cp -rf "${XDG_CONFIG_HOME:-$HOME/.config}/netdata/health.d/" "$NETDATA_ETC"
|
|
|
|
# Backup current health alarm configuration and apply new one
|
|
if [ -d /usr/local/lib/netdata ]; then
|
|
NETDATA_LIB='/usr/local/lib/netdata'
|
|
elif [ -d /usr/lib/netdata ]; then
|
|
NETDATA_LIB='/usr/lib/netdata'
|
|
else
|
|
logg error 'No lib location found for netdata' && exit 1
|
|
fi
|
|
logg info "Copying ${XDG_CONFIG_HOME:-$HOME/.config}/netdata/health_alarm_notify.conf to $NETDATA_LIB/conf.d/health_alarm_notify.conf"
|
|
sudo cp -f "${XDG_CONFIG_HOME:-$HOME/.config}/netdata/health_alarm_notify.conf" "$NETDATA_LIB/conf.d/health_alarm_notify.conf"
|
|
else
|
|
logg warn 'netdata is not available in the PATH or is not installed'
|
|
fi
|
|
|
|
### Ensure the apt command is available before running `debsecan` logic
|
|
if command -v apt-get > /dev/null; then
|
|
### Configure Netdata to gather information about CVEs in the installed packages
|
|
if command -v debsecan > /dev/null; then
|
|
DEBSECAN_GIT="${XDG_DATA_HOME:-$HOME/.local/share}/netdata-debsecan"
|
|
|
|
# Installing the script to generate report on CVEs in installed packages
|
|
logg info 'Installing script to generate report on CVEs in installed packages'
|
|
sudo cp -f "$DEBSECAN_GIT/usr_local_bin_debsecan-by-type" "/usr/local/bin/debsecan-by-type"
|
|
|
|
# Generate initial debsecan reports in /var/log/debsecan/
|
|
logg info 'Generating initial debsecan reports in /var/log/debsecan/'
|
|
debsecan-by-type
|
|
|
|
# Configure dpkg to refresh the file after each run
|
|
logg info 'Configuring dpkg to refresh the file after each run'
|
|
sudo cp -f "$DEBSECAN_GIT/etc_apt_apt.conf.d_99debsecan" /etc/apt/apt.conf.d/99-debsecan
|
|
|
|
# Add a cron job to refresh the file every hour
|
|
logg info 'Adding a cron job to refresh the file every hour'
|
|
sudo cp -f "$DEBSECAN_GIT/etc_cron.d_debsecan" /etc/cron.d/debsecan
|
|
|
|
# Install the module/configuration file
|
|
logg info 'Installing the module and configuration file'
|
|
sudo "$DEBSECAN_GIT/debsecan.chart.py" /usr/libexec/netdata/python.d/debsecan.chart.py
|
|
sudo "$DEBSECAN_GIT/debsecan.conf" /etc/netdata/python.d/debsecan.conf
|
|
else
|
|
logg warn 'apt-get is available but debsecan is not available in the PATH or is not installed'
|
|
fi
|
|
fi
|
|
|
|
### Ensure / report whether speedtest-cli is installed
|
|
if ! command -v speedtest-cli > /dev/null; then
|
|
if command -v pipx > /dev/null; then
|
|
pipx install speedtest-cli
|
|
else
|
|
logg warn 'speedtest-cli not installed and pipx is not available'
|
|
fi
|
|
fi
|
|
|
|
### Configure Netdata to gather information about Internet connection speed
|
|
if command -v speedtest-cli > /dev/null; then
|
|
# Installing the script to generate report on Internet connection speed
|
|
logg info 'Installing script to generate report on Internet connection speed'
|
|
LIBEXEC_PATH="$(netdata -W buildinfo | grep 'Configure' | sed "s/.*--libexecdir=\([^ \']*\).*/\1/")"
|
|
if [ -d /usr/libexec/netdata/charts.d ]; then
|
|
sudo cp -f "${XDG_DATA_HOME:-$HOME/.local/share}/netdata-speedtest/speedtest.chart.sh" "/usr/libexec/netdata/charts.d/speedtest.chart.sh"
|
|
elif [ -d "$LIBEXEC_PATH/netdata/charts.d" ]; then
|
|
logg info "$LIBEXEC_PATH/netdata/charts.d present on system"
|
|
cp -f "${XDG_DATA_HOME:-$HOME/.local/share}/netdata-speedtest/speedtest.chart.sh" "$LIBEXEC_PATH/netdata/charts.d/speedtest.chart.sh"
|
|
else
|
|
logg warn "Failed to find appropriate directory to add Netdata speedtest chart script"
|
|
fi
|
|
else
|
|
logg warn 'speedtest-cli is not available in the PATH or is not installed'
|
|
fi
|
|
|
|
ensureNetdataOwnership
|
|
|
|
### Restart Netdata service
|
|
if command -v systemctl > /dev/null; then
|
|
logg info 'Enabling netdata service'
|
|
sudo systemctl enable netdata
|
|
logg info 'Restarting netdata service'
|
|
sudo systemctl restart netdata
|
|
elif [ -d /Applications ] && [ -d /System ]; then
|
|
logg info 'Starting / enabling netdata service'
|
|
brew services restart netdata
|
|
else
|
|
logg warn 'systemctl is not available'
|
|
fi
|
|
|
|
else
|
|
logg info 'netdata-claim.sh is not available in the PATH'
|
|
fi
|
|
|
|
{{ end -}}
|