Gnous/mailcow
2
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

unbound: rewrote healthcheck to be more detailed

Browse Source 
unbound: added comments to rewritten healthcheck
This commit is contained in:
DerLinkman 2024-01-15 15:13:37 +01:00
parent cf9f02adbb
commit b29dc37991
No known key found for this signature in database
GPG Key ID: F109FD97469550A2
2 changed files with 87 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
data/Dockerfiles/unbound/Dockerfile
View File

@ -4,6 +4,8 @@ LABEL maintainer "The Infrastructure Company GmbH <info@servercow.de>"
RUN apk add --update --no-cache \ RUN apk add --update --no-cache \
curl \ curl \
bind-tools \
netcat-openbsd \
unbound \ unbound \
bash \ bash \
openssl \ openssl \
@ -21,7 +23,7 @@ COPY docker-entrypoint.sh /docker-entrypoint.sh
# healthcheck (nslookup) # healthcheck (nslookup)
COPY healthcheck.sh /healthcheck.sh COPY healthcheck.sh /healthcheck.sh
RUN chmod +x /healthcheck.sh RUN chmod +x /healthcheck.sh
HEALTHCHECK --interval=30s --timeout=10s CMD [ "/healthcheck.sh" ] HEALTHCHECK --interval=5s --timeout=10s CMD [ "/healthcheck.sh" ]
ENTRYPOINT ["/docker-entrypoint.sh"] ENTRYPOINT ["/docker-entrypoint.sh"]

91
data/Dockerfiles/unbound/healthcheck.sh
View File

@ -1,12 +1,89 @@
#!/bin/bash #!/bin/bash
nslookup mailcow.email 127.0.0.1 1> /dev/null # Declare log function for logfile inside container
function log_to_file() {
echo "$(date +"%Y-%m-%d %H:%M:%S"): $1" > /var/log/healthcheck.log
}
if [ $? == 0 ]; then # General Ping function to check general pingability
echo "DNS resolution is working!" function check_ping() {
exit 0 declare -a ipstoping=("1.1.1.1" "8.8.8.8" "9.9.9.9")
else
echo "DNS resolution is not working correctly..." for ip in "${ipstoping[@]}" ; do
echo "Maybe check your outbound firewall, as it needs to resolve DNS over TCP AND UDP!" ping -q -c 3 -w 5 "$ip"
if [ $? -ne 0 ]; then
log_to_file "Healthcheck: Couldn't ping $ip for 5 seconds... Gave up!"
log_to_file "Please check your internet connection or firewall rules to fix this error, because a simple ping test should always go through from the unbound container!"
return 1
fi
done
log_to_file "Healthcheck: Ping Checks WORKING properly!"
return 0
}
# General DNS Resolve Check against Unbound Resolver himself
function check_dns() {
declare -a domains=("mailcow.email" "github.com" "hub.docker.com")
for domain in "${domains[@]}" ; do
for ((i=1; i<=3; i++)); do
dig +short +timeout=2 +tries=1 "$domain" @127.0.0.1 > /dev/null
if [ $? -ne 0 ]; then
log_to_file "Healthcheck: DNS Resolution Failed on $i attempt! Trying again..."
if [ $i -eq 3 ]; then
log_to_file "Healthcheck: DNS Resolution not possible after $i attempts... Gave up!"
log_to_file "Maybe check your outbound firewall, as it needs to resolve DNS over TCP AND UDP!"
return 1
fi
fi
done
done
log_to_file "Healthcheck: DNS Resolver WORKING properly!"
return 0
}
# Simple Netcat Check to connect to common webports
function check_netcat() {
declare -a domains=("mailcow.email" "github.com" "hub.docker.com")
declare -a ports=("80" "443")
for domain in "${domains[@]}" ; do
for port in "${ports[@]}" ; do
nc -z -w 2 $domain $port
if [ $? -ne 0 ]; then
log_to_file "Healthcheck: Could not reach $domain on Port $port... Gave up!"
log_to_file "Please check your internet connection or firewall rules to fix this error."
return 1
fi
done
done
log_to_file "Healthcheck: Netcat Checks WORKING properly!"
return 0
}
# run checks, if check is not returning 0 (return value if check is ok), healthcheck will exit with 1 (marked in docker as unhealthy)
check_ping
if [ $? -ne 0 ]; then
exit 1 exit 1
fi fi
check_dns
if [ $? -ne 0 ]; then
exit 1
fi
check_netcat
if [ $? -ne 0 ]; then
exit 1
fi
log_to_file "Healthcheck: ALL CHECKS WERE SUCCESSFUL! Unbound is healthy!"
exit 0