feat: enhance Ansible playbook and Nginx configuration with authentication and logrotate setup

- Added environment variables for project configuration in env.template. - Updated Ansible playbook to use environment variables for project settings and added tasks for monitoring authentication setup. - Enhanced Nginx configuration for Alertmanager and Prometheus with HTTP Basic Authentication. - Introduced logrotate configuration for managing log files and set up cron for daily execution. - Removed obsolete Uptime Kuma docker-compose file.
2025-09-19 12:09:05 +03:00
parent 1eb11e454d
commit f7b08ae9e8
16 changed files with 959 additions and 51 deletions
--- a/scripts/generate_auth_passwords.sh
+++ b/scripts/generate_auth_passwords.sh
@@ -0,0 +1,31 @@
+#!/bin/bash
+
+# Script to generate HTTP Basic Auth passwords for monitoring services
+# Usage: ./generate_auth_passwords.sh [username]
+
+set -e
+
+# Default username if not provided
+USERNAME=${1:-"admin"}
+
+# Create passwords directory if it doesn't exist
+PASSWORDS_DIR="/etc/nginx/passwords"
+mkdir -p "$PASSWORDS_DIR"
+
+# Generate random password
+PASSWORD=$(openssl rand -base64 32 | tr -d "=+/" | cut -c1-25)
+
+# Create htpasswd file
+echo "Creating password file for user: $USERNAME"
+htpasswd -cb "$PASSWORDS_DIR/monitoring.htpasswd" "$USERNAME" "$PASSWORD"
+
+# Set proper permissions
+chown root:www-data "$PASSWORDS_DIR/monitoring.htpasswd"
+chmod 640 "$PASSWORDS_DIR/monitoring.htpasswd"
+
+echo "Password file created: $PASSWORDS_DIR/monitoring.htpasswd"
+echo "Username: $USERNAME"
+echo "Password: $PASSWORD"
+echo ""
+echo "Save this password securely!"
+echo "You can add more users with: htpasswd $PASSWORDS_DIR/monitoring.htpasswd <username>"