Switched to using Alpine latest

Dockerfile

@@ -1,18 +1,13 @@
-FROM debian:10-slim
+FROM alpine:latest
-LABEL maintainer="Jack-Benny Persson <jack-benny@cyberinfo.se>"
+RUN apk update && \
-RUN apt-get update && apt-get install wget gnupg -y && \
+    apk add bash && \
-    printf "deb http://packages.icinga.com/debian icinga-buster main\ndeb-src http://packages.icinga.com/debian icinga-buster main" > /etc/apt/sources.list.d/icinga2.list && \
+    apk add icinga2 && \
-    wget -O - https://packages.icinga.com/icinga.key | apt-key add - && \
+    mkdir /run/icinga2 && chown icinga:icinga /run/icinga2 && \
-    apt-get update && apt-get --no-install-recommends install icinga2 monitoring-plugins tzdata -y && \
-    mkdir /run/icinga2 && chown nagios:nagios /run/icinga2 && \
     mkdir -p /var/lib/icinga2/certs && \
-    chown -R nagios:nagios /var/lib/icinga2/certs && \
+    chown -R icinga:icinga /var/lib/icinga2/certs
-    apt-get remove -y wget gnupg && \
-    apt-get autoremove -y && \
-    apt-get clean 
 
 COPY create-satellite.sh /create-satellite.sh
 COPY run-icinga.sh /run-icinga.sh
 RUN chmod +x /create-satellite.sh ; chmod +x /run-icinga.sh
-EXPOSE 5665
+
 ENTRYPOINT ["/run-icinga.sh"]

README.md

@@ -1,84 +1,37 @@
 # icinga-satellite
 An easy-to-use Dockerized Icinga2 satellite setup. It could be used as an
 Icinga2 agent aswell, but I don't think that would make much sense. The goal
-is instead to create an easy-to-deploy satellite image.
+is instead to create an easy-to-deploy satellite Docker.
-
-![Docker Image Size (latest by date)](https://img.shields.io/docker/image-size/jackbenny/icinga-satellite?sort=date)
-![Docker Pulls](https://img.shields.io/docker/pulls/jackbenny/icinga-satellite)
-![Docker Stars](https://img.shields.io/docker/stars/jackbenny/icinga-satellite)
-![Docker Cloud Automated build](https://img.shields.io/docker/cloud/automated/jackbenny/icinga-satellite)
-![Docker Cloud Build Status](https://img.shields.io/docker/cloud/build/jackbenny/icinga-satellite)
-
-## Tags and their respective Dockerfile
-
-### Main tags
-* [0.6.1, latest](https://github.com/jackbenny/icinga-satellite/blob/master/Dockerfile)
-* [0.6](https://github.com/jackbenny/icinga-satellite/blob/0.6/Dockerfile)
-* [0.5](https://github.com/jackbenny/icinga-satellite/blob/0.5/Dockerfile)
-* [0.4](https://github.com/jackbenny/icinga-satellite/blob/0.4/Dockerfile)
-* [0.3](https://github.com/jackbenny/icinga-satellite/blob/0.3/Dockerfile)
-* [0.2](https://github.com/jackbenny/icinga-satellite/blob/0.2/Dockerfile)
-* [0.1](https://github.com/jackbenny/icinga-satellite/blob/0.1/Dockerfile)
-
-### Alpine tags (currently has some problems)
-* [0.1.1-alpine](https://github.com/jackbenny/icinga-satellite/blob/0.1.1-alpine/Dockerfile)
-* [0.1-alpine](https://github.com/jackbenny/icinga-satellite/blob/0.1-alpine/Dockerfile)
-
-> **NOTE:** Currently there are some problems with the Alpine image. 
-> Use the *main images* instead, tagged *0.n*.
-
-There are two available images for you to choose from. The main images (0.*n*)
-are based on Debian 10-slim from tag 0.5 and up. Previous to 0.5 they were
-based on Ubuntu 18.04. The main images uses Icinga2 from Icingas official
-repository. 
-
-The other images (0.*n*-alpine) are based on Alpine with Icinga2 from Alpines
-repository. From 0.1.1-alpine and up, the Alpine images are built on the latest
-Alpine image. Previous to 0.1.1 they were based on Alpine 3.11.
 
 ## Environment variables
-Everything is controlled using the following environment variables.
+Everything is controlled using the follwing environment variables.
 
 * **CN** is the Common Name of the satellite
-* **ZONE** is the zone in which this satellite should be in. If no zone is
+* **ZONE** is the zone in which this satellite should be in. If no zone is specified
-  specified it defaults to using the **CN** as the zone.
+  it defaults to using the **CN** as the zone.
-* **PARENTCN** is the Common Name of the parent host, for example the master.
+* **PARENTCN** is the Common Name of the parent host, for example the master. If
-  If no **PARENTCN** is specified it defaults to using the **PARENTHOST** as a
+  no **PARENTCN** is specified it defaults to using the **PARENTHOST** as a
   **PARENTCN**
 * **PARENTHOST** is the FQDN or IP of the parent host, for example the master.
 * **PARENTPORT** is the Icinga2 port on the parent host. Defaults to 5665.
 * **TICKET** is the ticket you get from the master (if you are using Director
   you find it under the Agent tab of the host).
-* **TICKET_PATH** is the path to the ticket secrets file if you use Swarm and
+* **ACCEPT_CONFIG** takes a ***y*** or ***n*** value for yes or no. The default is
-  wants to use secrets instead (to keep your ticket secure). The ticket should
+  ***n***.
-  be on ONE line only and be created as an external secret. This variable is
+* **ACCEPT_COMMANDS** takes a ***y*** or ***n*** value for yes or no. The default is
-  optional and only apply for Docker Swarm.
+  ***n***.
-* **ACCEPT_CONFIG** takes a ***y*** or ***n*** value for yes or no. The default
+* **DISABLE_CONFD** takes a ***y*** or ***n*** value for yes or no. The default is
-  is ***n***
+  ***y***. This should be a sane default for most people.
-* **ACCEPT_COMMANDS** takes a ***y*** or ***n*** value for yes or no. The
-  default is ***n***
-* **DISABLE_CONFD** takes a ***y*** or ***n*** value for yes or no. The default
-  is ***y***. This should be a sane default for most people.
-* **LOCAL_TIMEZONE** sets the local timezone of the satellite. For example
-  *Europe/Stockholm* or *America/New_York*
-
-## Mounts
-You need to mount `/var/lib/icinga2` and `/var/cache/icinga2` somewhere on your
-filesystem to preserve the state of the satellite between restarts. See the
-examples below.
 
 ## Example usage
 ```
 #> docker run -d --name my-icinga-sat \
-  -p 5665:5665 \
   -e CN=icinga-sat02.local \
   -e PARENTHOST=icinga-master.local \
   -e PARENTCN=icinga-master.local \
   -e PARENTZONE=master \
   -e TICKET=124de0573705d1133db62a974aaf \
   -e DISABLE_CONFD=y -e ACCEPT_CONFIG=y -e ACCEPT_COMMANDS=y \ 
-  -v /var/lib/icinga2:/var/lib/icinga2 \ 
-  -v /var/cache/icinga2:/var/cache/icinga2 \ 
    jackbenny/icinga-satellite
 ```
 
@@ -88,9 +41,6 @@ version: "3.8"
 services:
   my-icinga-sat:
     image: jackbenny/icinga-satellite
-    ports:
-      - 5665:5665
-    restart:always
     environment:
       - CN=icinga-sat02.local
       - ZONE=icinga-sat02.local
@@ -101,34 +51,13 @@ services:
       - ACCEPT_CONFIG=y
       - ACCEPT_COMMANDS=y
       - DISABLE_CONFD=y
-      - LOCAL_TIMEZONE=Europe/Stockholm
-    volumes:
-      - /var/lib/icinga2:/var/lib/icinga2
-      - /var/cache/icinga2:/var/cache/icinga2
 ```
 
-## docker-compose.yml example with Docker secrets
+## Images
-```
+There are two available images for you to choose from. The default one (0.*n*) is based on
-version: "3.8"
+Debian 10, with Icinga2 from Icingas official repository. The other image (0.*n*-alpine) is
-services:
+based on Alpine latest, with Icinga2 from Alpines repository. The Alpine image is much
-  my-icinga-sat:
+smaller in size.
-    image: jackbenny/icinga-satellite
-    environment:
-      - CN=icinga-sat02.local
-      - PARENTHOST=icinga-master.local
-      - PARENTZONE=master
-      - TICKET_PATH=/var/run/secrets/ticket
-      - ACCEPT_CONFIG=y
-      - ACCEPT_COMMANDS=y
-      - DISABLE_CONFD=y
-      - LOCAL_TIMEZONE=Europe/Stockholm
-    volumes:
-      - /var/lib/icinga2:/var/lib/icinga2
-      - /var/cache/icinga2:/var/cache/icinga2
-    secrets:
-      - ticket
-secrets:
-  ticket:
-    external: true
-```
 
+> **Note:** Version 0.1-alpine uses Alpine 3.11. Version 0.1.1-alpine and up uses Alpine
+> latest.

create-satellite.sh

@@ -29,11 +29,6 @@ else
     ACCEPT_COMM=" "
 fi
 
-# Support for ticket via secrets for Docker Swarm
-if [ ! -z "$TICKET_PATH" ]; then
-    TICKET=$(cat $TICKET_PATH)
-fi
-
 # Defaults to disable conf.d (so use "n" or anything else other than "y" 
 # to enable inclusion of conf.d directory)
 if [ -z "$DISABLE_CONFD" ] || [ "$DISABLE_CONFD" == "y" ]; then
@@ -42,11 +37,6 @@ else
     DISABLE_CONF=" "
 fi
 
-# Set the local timezone
-if [ ! -z "$LOCAL_TIMEZONE" ]; then
-	ln -sf /usr/share/zoneinfo/"$LOCAL_TIMEZONE" /etc/localtime
-fi
-
 icinga2 pki new-cert --cn "$CN" \
 --key /var/lib/icinga2/certs/"${CN}".key \
 --cert /var/lib/icinga2/certs/"${CN}".crt