jriou/mining-dashboards
Archived
1
0
Fork 0
Code Issues Pull requests Activity

Use TLS for InfluxDB

Browse source 
Signed-off-by: Julien Riou <julien@riou.xyz>
This commit is contained in:
Julien Riou 2021-02-02 15:18:49 +01:00
parent df7141504e
commit 075a281a08
No known key found for this signature in database
GPG key ID: FF42D23B580C89F7
6 changed files with 24 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
.gitignore vendored Normal file
View file

@ -0,0 +1,2 @@
docker/ssl/*
!docker/ssl/.gitkeep

19
README.md
View file

@ -13,8 +13,10 @@ This stack is also known as the **TIG** stack.
## Quickstart ## Quickstart
The easiest way to test is to use [Docker](https://www.docker.com/). Ensure you have `docker` and **Testing purpose only**.
`docker-compose` binary installed.
This guide uses [Docker](https://www.docker.com/). Ensure you have `docker`, `docker-compose` and `openssl` binaries
installed.
Write your miner address, grafana and influxdb credentials: Write your miner address, grafana and influxdb credentials:
@ -22,17 +24,20 @@ Write your miner address, grafana and influxdb credentials:
vi docker/environment vi docker/environment
``` ```
Generate a self-signed certificate:
```
openssl req -x509 -nodes -newkey rsa:2048 -keyout docker/ssl/influxdb.key -out docker/ssl/influxdb.crt -days 365
```
Press enter to every question.
Then start containers: Then start containers:
``` ```
docker-compose up -d docker-compose up -d
``` ```
## Going further
You should secure [InfluxDB](https://docs.influxdata.com/influxdb/v1.7/administration/security/) by using encryption for
communication. The stack doesn't require Docker.
## Disclaimer ## Disclaimer
Telegraf is able to make API call on thrid-party services. Please read terms of service before going further. The Telegraf is able to make API call on thrid-party services. Please read terms of service before going further. The

1
docker-compose.yml
View file

@ -10,6 +10,7 @@ services:
- "8083:8083" - "8083:8083"
- "8086:8086" - "8086:8086"
volumes: volumes:
- ./docker/ssl:/etc/ssl/self-signed
- influxdb-storage:/var/lib/influxdb - influxdb-storage:/var/lib/influxdb
restart: always restart: always

3
docker/environment
View file

@ -8,3 +8,6 @@ INFLUXDB_READ_USER=grafana
INFLUXDB_READ_USER_PASSWORD= INFLUXDB_READ_USER_PASSWORD=
INFLUXDB_ADMIN_USER=admin INFLUXDB_ADMIN_USER=admin
INFLUXDB_ADMIN_USER_PASSWORD= INFLUXDB_ADMIN_USER_PASSWORD=
INFLUXDB_HTTP_HTTPS_ENABLED=true
INFLUXDB_HTTP_HTTPS_CERTIFICATE=/etc/ssl/self-signed/influxdb.crt
INFLUXDB_HTTP_HTTPS_PRIVATE_KEY=/etc/ssl/self-signed/influxdb.key

0
docker/ssl/.gitkeep Normal file
View file

7
docker/telegraf.conf
View file

@ -13,5 +13,10 @@
omit_hostname = false omit_hostname = false
[[outputs.influxdb]] [[outputs.influxdb]]
urls = ["https://influxdb:8086"]
username = "${INFLUXDB_WRITE_USER}"
password = "${INFLUXDB_WRITE_USER_PASSWORD}"
database = "${INFLUXDB_DB}" database = "${INFLUXDB_DB}"
urls = ["http://${INFLUXDB_WRITE_USER}:${INFLUXDB_WRITE_USER_PASSWORD}@influxdb:8086"] skip_database_creation = true
insecure_skip_verify = true
content_encoding = "gzip"