From 4ae20d66a038b233b81ad97cd3f6d30581c1577a Mon Sep 17 00:00:00 2001
From: CrazyMax <crazy-max@users.noreply.github.com>
Date: Thu, 2 Aug 2018 23:25:26 +0200
Subject: [PATCH] Upgrade to LibreNMS 1.42 Add syslog-ng support

---
 .travis.yml                         |   2 +-
 CHANGELOG.md                        |   5 ++
 Dockerfile                          |  10 +--
 README.md                           |  72 +++++++++++-----
 assets/etc/syslog-ng/syslog-ng.conf |  45 ++++++++++
 entrypoint.sh                       |   8 ++
 examples/compose/docker-compose.yml | 126 ++++++++++++++++------------
 7 files changed, 190 insertions(+), 78 deletions(-)
 create mode 100644 assets/etc/syslog-ng/syslog-ng.conf

diff --git a/.travis.yml b/.travis.yml
index 77c4299..f4c718a 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -5,7 +5,7 @@ services:
 
 env:
   global:
-    - VERSION=1.41
+    - VERSION=1.42
     - GITHUB_REPO=crazy-max/docker-librenms
     - DOCKER_USERNAME=crazymax
     - DOCKER_REPONAME=librenms
diff --git a/CHANGELOG.md b/CHANGELOG.md
index cc352ba..6f329fd 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,10 @@
 # Changelog
 
+## 1.42-RC1 (2018/08/02)
+
+* Upgrade to LibreNMS 1.42
+* Add syslog-ng support
+
 ## 1.41-RC1 (2018/07/07)
 
 * Initial version based on LibreNMS 1.41
diff --git a/Dockerfile b/Dockerfile
index b198fb4..8bd75ff 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -18,14 +18,14 @@ LABEL org.label-schema.build-date=$BUILD_DATE \
 RUN apk --update --no-cache add \
     bash binutils ca-certificates coreutils curl fping git graphviz imagemagick mtr \
     mysql-client net-snmp net-snmp-tools nginx nmap openssl python2 py-mysqldb rrdtool runit \
-    shadow supervisor tzdata util-linux whois \
+    shadow supervisor syslog-ng tzdata util-linux whois \
     php7 php7-cli php7-ctype php7-curl php7-fpm php7-gd php7-json php7-mcrypt php7-memcached php7-mbstring php7-mysqli \
     php7-opcache php7-openssl php7-pdo php7-pdo_mysql php7-phar php7-posix php7-session php7-simplexml php7-snmp \
     php7-tokenizer php7-xml php7-zip \
   && sed -i -e "s/;date\.timezone.*/date\.timezone = UTC/" /etc/php7/php.ini \
   && rm -rf /var/cache/apk/* /var/www/* /tmp/*
 
-ENV LIBRENMS_VERSION="1.41" \
+ENV LIBRENMS_VERSION="1.42" \
   LIBRENMS_PATH="/opt/librenms" \
   DATA_PATH="/data" \
   CRONTAB_PATH="/var/spool/cron/crontabs"
@@ -42,8 +42,8 @@ RUN mkdir -p /opt \
   && chmod +x /usr/bin/distro \
   && rm -rf /tmp/*
 
-ADD entrypoint.sh /entrypoint.sh
-ADD assets /
+COPY entrypoint.sh /entrypoint.sh
+COPY assets /
 
 RUN mkdir -p /data ${LIBRENMS_PATH}/config.d /var/log/supervisord \
   && chmod a+x /entrypoint.sh /usr/local/bin/* \
@@ -54,7 +54,7 @@ RUN mkdir -p /data ${LIBRENMS_PATH}/config.d /var/log/supervisord \
   && chown -R librenms. ${DATA_PATH} ${LIBRENMS_PATH} \
   && chown -R nginx. /var/lib/nginx /var/log/nginx /var/log/php7 /var/tmp/nginx
 
-EXPOSE 80
+EXPOSE 80 514 514/udp
 WORKDIR ${LIBRENMS_PATH}
 VOLUME [ "${DATA_PATH}" ]
 
diff --git a/README.md b/README.md
index b7577b2..e5a81ae 100644
--- a/README.md
+++ b/README.md
@@ -20,6 +20,7 @@ If you are interested, [check out](https://hub.docker.com/r/crazymax/) my other
 
 * Alpine Linux 3.8, Nginx, PHP 7.2
 * Cron tasks as a ["sidecar" container](#cron)
+* Syslog-ng support through a ["sidecar" container](#syslog-ng)
 * OPCache enabled to store precompiled script bytecode in shared memory
 
 ### From docker-compose
@@ -35,27 +36,25 @@ If you are interested, [check out](https://hub.docker.com/r/crazymax/) my other
 
 ### Environment variables
 
-| Key                         | Default           | Description                               
-|-----------------------------|-------------------|-------------------------------------------
-| `TZ`                        | `UTC`             | Timezone (e.g. `Europe/Paris`)
-| `PUID`                      | `1000`            | LibreNMS user id
-| `PGID`                      | `1000`            | LibreNMS group id
-| `MEMORY_LIMIT`              | `256M`            | PHP memory limit
-| `UPLOAD_MAX_SIZE`           | `16M`             | Upload max size
-| `OPCACHE_MEM_SIZE`          | `128`             | PHP OpCache memory consumption
-| `LIBRENMS_POLLER_THREADS`   | `16`              | Threads that `poller-wrapper.py` runs
-| `LIBRENMS_SNMP_COMMUNITY`   | `librenmsdocker`  | Your community string
-| `DB_HOST`                   |                   | MySQL database hostname / IP address
-| `DB_PORT`                   | `3306`            | MySQL database port
-| `DB_NAME`                   | `librenms`        | MySQL database name
-| `DB_USER`                   | `librenms`        | MySQL user
-| `DB_PASSWORD`               | `librenms`        | MySQL password
-| `MEMCACHED_HOST`            |                   | Hostname / IP address of a Memcached server
-| `RRDCACHED_HOST`            |                   | Hostname / IP address of a RRDcached server
+* `TZ` : The timezone assigned to the container (default `UTC`)
+* `PUID` : LibreNMS user id (default `1000`)
+* `PGID`: LibreNMS group id (default `1000`)
+* `MEMORY_LIMIT` : PHP memory limit (default `256M`)
+* `UPLOAD_MAX_SIZE` : Upload max size (default `16M`)
+* `OPCACHE_MEM_SIZE` : PHP OpCache memory consumption (default `128`)
+* `LIBRENMS_POLLER_THREADS` : Threads that `poller-wrapper.py` runs (default `16`)
+* `LIBRENMS_SNMP_COMMUNITY` : Your community string (default `librenmsdocker`)
+* `DB_HOST` : MySQL database hostname / IP address
+* `DB_PORT` : MySQL database port (default `3306`)
+* `DB_NAME` : MySQL database name (default `librenms`)
+* `DB_USER` : MySQL user (default `librenms`)
+* `DB_PASSWORD` : MySQL password (default `librenms`)
+* `MEMCACHED_HOST` : Hostname / IP address of a Memcached server
+* `RRDCACHED_HOST` : Hostname / IP address of a RRDcached server
 
 ### Volumes
 
-* `/data` : Contains configuration, rrd database, logs
+* `/data` : Contains configuration, rrd database, logs, additional syslog-ng config files
 
 ### Ports
 
@@ -102,11 +101,27 @@ $config['webui']['default_dashboard_id'] = 0;
 
 This configuration will be included in LibreNMS and will override the default values.
 
+### Add user
+
+On first launch, an initial administrator user will be created :
+
+| Login      | Password   |
+|------------|------------|
+| `librenms` | `librenms` |
+
+You can create an other user using the commande line :
+
+```text
+$ docker exec -it --user librenms librenms php adduser.php <name> <pass> 10 <email>
+```
+
+> :warning: Substitute your desired username `<name>`, password `<pass>` and email address `<email>`
+
 ### Validate
 
 If you want to validate your installation from the CLI, type the following command :
 
-```bash
+```text
 $ docker exec -it --user librenms librenms php validate.php
 ====================================
 Component | Version
@@ -155,6 +170,25 @@ docker run -d --name librenms-cron \
 > `-v librenms:/data`<br />
 > :warning: `librenms` must be a valid volume already attached to a LibreNMS container
 
+### Syslog-ng
+
+If you want to enable syslog-ng, you have to run a "sidecar" container like in the [docker-compose file](examples/compose/docker-compose.yml) or run a simple container like this :
+
+```bash
+docker run -d --name librenms-syslog-ng \
+  --env-file $(pwd)/librenms.env \
+  -p 514 -p 514/udp \
+  -v librenms:/data \
+  crazymax/librenms:latest /usr/sbin/syslog-ng -F
+```
+
+You have to create a configuration file to enable syslog in LibreNMS too. Create a file called for example `/data/config/syslog.php` with this content :
+
+```php
+<?php
+$config['enable_syslog'] = 1;
+```
+
 ## Upgrade
 
 To upgrade to the latest version of LibreNMS, pull the newer image and launch the container. LibreNMS will upgrade automatically :
diff --git a/assets/etc/syslog-ng/syslog-ng.conf b/assets/etc/syslog-ng/syslog-ng.conf
new file mode 100644
index 0000000..11812b6
--- /dev/null
+++ b/assets/etc/syslog-ng/syslog-ng.conf
@@ -0,0 +1,45 @@
+@version:3.13
+
+options {
+    chain_hostnames(off);
+    flush_lines(0);
+    use_dns(no);
+    use_fqdn(no);
+    owner("root");
+    group("adm");
+    perm(0640);
+    stats_freq(0);
+    bad_hostname("^gconfd$");
+};
+
+source s_sys {
+    system();
+    internal();
+};
+
+source s_net {
+    tcp(ip(0.0.0.0), port(514));
+    udp(ip(0.0.0.0), port(514));
+    unix-stream("/run/syslog-ng/syslog-ng.sock");
+};
+
+destination d_librenms {
+    program("/opt/librenms/syslog.php" template ("$HOST||$FACILITY||$PRIORITY||$LEVEL||$TAG||$R_YEAR-$R_MONTH-$R_DAY $R_HOUR:$R_MIN:$R_SEC||$MSG||$PROGRAM\n") template-escape(yes));
+};
+
+filter f_kernel     { facility(kern); };
+filter f_default    { level(info..emerg) and not (facility(mail) or facility(authpriv) or facility(cron)); };
+filter f_auth       { facility(authpriv); };
+filter f_mail       { facility(mail); };
+filter f_emergency  { level(emerg); };
+filter f_news       { facility(uucp) or (facility(news) and level(crit..emerg)); };
+filter f_boot       { facility(local7); };
+filter f_cron       { facility(cron); };
+
+log {
+    source(s_net);
+    source(s_sys);
+    destination(d_librenms);
+};
+
+@include "/data/syslog-ng/*.conf"
diff --git a/entrypoint.sh b/entrypoint.sh
index cd50aaf..8e27e0f 100644
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -143,6 +143,14 @@ if [ "$1" == "/usr/local/bin/cron" ]; then
   # Fix perms
   echo "Fixing permissions..."
   chmod -R 0644 ${CRONTAB_PATH}
+elif [ "$1" == "/usr/sbin/syslog-ng" ]; then
+  echo ">>"
+  echo ">> Sidecar syslog-ng container detected"
+  echo ">>"
+
+  # Init
+  mkdir -p ${DATA_PATH}/syslog-ng /run/syslog-ng
+  chown -R librenms. ${DATA_PATH}/syslog-ng /run/syslog-ng
 else
   # Fix perms
   echo "Fixing permissions..."
diff --git a/examples/compose/docker-compose.yml b/examples/compose/docker-compose.yml
index f52703d..d63ebd0 100644
--- a/examples/compose/docker-compose.yml
+++ b/examples/compose/docker-compose.yml
@@ -1,86 +1,84 @@
-version: '3.2'
+version: "3.2"
 
 services:
   traefik:
     image: traefik:1.6-alpine
     command:
-      - --logLevel=INFO
-      - --defaultentrypoints=http,https
-      - --entryPoints=Name:http Address::80 Redirect.EntryPoint:https
-      - --entryPoints=Name:https Address::443 TLS
-      - --docker
-      - --docker.exposedbydefault=false
-      - --docker.domain=example.com
-      - --acme=true
-      - --acme.acmelogging=true
-      - --acme.email=webmaster@example.com
-      - --acme.storage=acme.json
-      - --acme.entryPoint=https
-      - --acme.onhostrule=true
-      - --acme.httpchallenge=true
-      - --acme.httpchallenge.entrypoint=http
+      - "--logLevel=INFO"
+      - "--defaultentrypoints=http,https"
+      - "--entryPoints=Name:http Address::80 Redirect.EntryPoint:https"
+      - "--entryPoints=Name:https Address::443 TLS"
+      - "--docker"
+      - "--docker.exposedbydefault=false"
+      - "--docker.domain=example.com"
+      - "--acme=true"
+      - "--acme.acmelogging=true"
+      - "--acme.email=webmaster@example.com"
+      - "--acme.storage=acme.json"
+      - "--acme.entryPoint=https"
+      - "--acme.onhostrule=true"
+      - "--acme.httpchallenge=true"
+      - "--acme.httpchallenge.entrypoint=http"
     ports:
       - target: 80
         published: 80
         protocol: tcp
-        mode: host
       - target: 443
         published: 443
         protocol: tcp
-        mode: host
     volumes:
-      - ./acme.json:/acme.json
-      - /var/run/docker.sock:/var/run/docker.sock
+      - "./acme.json:/acme.json"
+      - "/var/run/docker.sock:/var/run/docker.sock"
     restart: always
 
   db:
     image: mariadb:10.2
     command:
-      - mysqld
-      - --sql-mode=
-      - --innodb-file-per-table=1
-      - --lower-case-table-names=0
+      - "mysqld"
+      - "--sql-mode="
+      - "--innodb-file-per-table=1"
+      - "--lower-case-table-names=0"
     volumes:
-      - ./db:/var/lib/mysql
+      - "./db:/var/lib/mysql"
     environment:
-      - TZ=Europe/Paris
-      - MYSQL_ALLOW_EMPTY_PASSWORD=yes
-      - MYSQL_DATABASE=librenms
-      - MYSQL_USER=librenms
-      - MYSQL_PASSWORD=asupersecretpassword
+      - "TZ=Europe/Paris"
+      - "MYSQL_ALLOW_EMPTY_PASSWORD=yes"
+      - "MYSQL_DATABASE=librenms"
+      - "MYSQL_USER=librenms"
+      - "MYSQL_PASSWORD=asupersecretpassword"
     restart: always
 
   memcached:
     image: memcached:alpine
     environment:
-      - TZ=Europe/Paris
+      - "TZ=Europe/Paris"
     restart: always
 
   rrdcached:
     image: crazymax/rrdcached
     volumes:
-      - ./librenms/rrd:/data/db
-      - ./rrd-journal:/data/journal
+      - "./librenms/rrd:/data/db"
+      - "./rrd-journal:/data/journal"
     environment:
-      - TZ=Europe/Paris
-      - PUID=1000
-      - GID=1000
-      - LOG_LEVEL=LOG_INFO
-      - WRITE_TIMEOUT=1800
-      - WRITE_JITTER=1800
-      - WRITE_THREADS=4
-      - FLUSH_DEAD_DATA_INTERVAL=3600
+      - "TZ=Europe/Paris"
+      - "PUID=1000"
+      - "PGID=1000"
+      - "LOG_LEVEL=LOG_INFO"
+      - "WRITE_TIMEOUT=1800"
+      - "WRITE_JITTER=1800"
+      - "WRITE_THREADS=4"
+      - "FLUSH_DEAD_DATA_INTERVAL=3600"
     restart: always
 
   smtp:
     image: juanluisbaptiste/postfix
     volumes:
-      - /etc/localtime:/etc/localtime:ro
+      - "/etc/localtime:/etc/localtime:ro"
     environment:
-      - SERVER_HOSTNAME=librenms.example.com
-      - SMTP_SERVER=smtp.example.com
-      - SMTP_USERNAME=smtp@example.com
-      - SMTP_PASSWORD=
+      - "SERVER_HOSTNAME=librenms.example.com"
+      - "SMTP_SERVER=smtp.example.com"
+      - "SMTP_USERNAME=smtp@example.com"
+      - "SMTP_PASSWORD="
     restart: always
 
   app:
@@ -93,23 +91,45 @@ services:
       - rrdcached
       - smtp
     volumes:
-      - ./librenms:/data
+      - "./librenms:/data"
     labels:
-      - traefik.enable=true
-      - traefik.backend=librenms
-      - traefik.port=80
-      - traefik.frontend.rule=Host:librenms.example.com
+      - "traefik.enable=true"
+      - "traefik.backend=librenms"
+      - "traefik.port=80"
+      - "traefik.frontend.rule=Host:librenms.example.com"
     env_file:
       - ./librenms.env
     restart: always
 
   cron:
     image: crazymax/librenms:latest
+    command:
+      - "/usr/local/bin/cron"
     depends_on:
       - app
     volumes:
-      - ./librenms:/data
-    command: /usr/local/bin/cron
+      - "./librenms:/data"
+
+    env_file:
+      - ./librenms.env
+    restart: always
+
+  syslog-ng:
+    image: crazymax/librenms:latest
+    command:
+      - "/usr/sbin/syslog-ng"
+      - "-F"
+    depends_on:
+      - app
+    ports:
+      - target: 514
+        published: 514
+        protocol: tcp
+      - target: 514
+        published: 514
+        protocol: udp
+    volumes:
+      - "./librenms:/data"
     env_file:
       - ./librenms.env
     restart: always