├── .env
├── LICENSE
├── README.md
├── docker-compose.yml
├── html
    └── index.html
├── nginx
    ├── Dockerfile
    └── conf
    │   └── nginx.conf
└── prometheus
    └── prometheus.yml


/.env:
--------------------------------------------------------------------------------
1 | GF_SECURITY_ADMIN_USER=user
2 | GF_SECURITY_ADMIN_PASSWORD=password
3 | 


--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
 1 | MIT License
 2 | 
 3 | Copyright (c) 2021 rvva
 4 | 
 5 | Permission is hereby granted, free of charge, to any person obtaining a copy
 6 | of this software and associated documentation files (the "Software"), to deal
 7 | in the Software without restriction, including without limitation the rights
 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 | 
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 | 
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # Nginx, Prometheus and Grafana with docker-compose!
 2 | 
 3 | It's a simple example, template of usage stack Nginx, Prometheus (Node Exporter, Nginx Exporter, Cadvisor) and Grafana.
 4 | 
 5 | ### I. What will you get here?
 6 | 1. Nginx with https - selfsigned certificate.
 7 | 2. Prometheus for storing metrics. 
 8 | 3. Prometheus-node-exporter for monitoring your operating system.
 9 | 4. Prometheus-nginx-exporter for monitoring your nginx.
10 | 5. Cadvisor for monitoring your containers.
11 | 6. Grafana to visualize data. 
12 | 
13 | ### II. How to run it?
14 | 1. Clone repository to your working directory:
15 | <pre>https://github.com/rvva/nginx-prometheus-grafana/</pre>
16 | 2. Create Prometheus and Grafana data directory:
17 | <pre>mkdir -p nginx-prometheus-grafana/{prometheus,grafana}/data
18 | mkdir nginx-prometheus-grafana/nginx/log</pre>
19 | 3. Configure .env file 
20 | 
21 | Modify <i>GF_SECURITY_ADMIN</i> parameters to set your personal Grafana credentials. 
22 | 
23 | 4. Run it!
24 | <pre>
25 | docker-compose up -d
26 | </pre>
27 | 
28 | ### III. Post installation steps
29 | 1. Login into Grafana localhost:3000 and add Data Source -> Prometheus. 
30 | 2. As url address use `http://prometheus:9090` 
31 | 3. Add dashboards. I recommend you:
32 | * for nginx: https://grafana.com/grafana/dashboards/12708
33 | * for cadvisor: https://grafana.com/grafana/dashboards/13946
34 | * for node: https://grafana.com/grafana/dashboards/1860
35 | 


--------------------------------------------------------------------------------
/docker-compose.yml:
--------------------------------------------------------------------------------
  1 | version: '3.7'
  2 | services:
  3 |   nginx:
  4 |     build:
  5 |       context: ./nginx 
  6 |       target: dev
  7 |     container_name: nginx-www
  8 |     restart: always
  9 |     volumes: 
 10 |       - ./html:/usr/share/nginx/html:rw
 11 |       - ./nginx/conf:/etc/nginx/conf.d
 12 |       - ./nginx/log:/var/log/nginx
 13 |     networks:
 14 |       - localhost
 15 |     ports:
 16 |       - 80:80
 17 |       - 443:443
 18 | 
 19 |   # source https://prometheus.io/docs/prometheus/latest/installation/
 20 |   prometheus:
 21 |     image: prom/prometheus:v2.45.2
 22 |     user: root
 23 |     volumes:
 24 |       - ./prometheus/prometheus.yml:/etc/prometheus/prometheus.yml
 25 |       - ./prometheus/data:/prometheus
 26 |     container_name: prometheus
 27 |     restart: always
 28 |     networks:
 29 |       - localhost
 30 |     ports:
 31 |       - 9090:9090
 32 | 
 33 | # source https://github.com/nginxinc/nginx-prometheus-exporter
 34 |   nginx-prometheus-exporter:
 35 |     image: nginx/nginx-prometheus-exporter:1.0
 36 |     container_name: prometheus-nginx-exporter
 37 |     restart: always
 38 |     env_file:
 39 |       .env
 40 |     command:
 41 |       - -nginx.scrape-uri=https://nginx/stub_status
 42 |     expose: 
 43 |       - 9113
 44 |     networks:
 45 |       - localhost
 46 |     depends_on:
 47 |       - prometheus
 48 | 
 49 |   # source https://github.com/prometheus/node_exporter  
 50 |   # https://github.com/vegasbrianc/prometheus/
 51 |   prometheus-node-exporter:
 52 |     image: prom/node-exporter:v1.7.0
 53 |     container_name: prometheus-node-exporter
 54 |     restart: always
 55 |     volumes:
 56 |       - /proc:/host/proc:ro
 57 |       - /sys:/host/sys:ro
 58 |       - /:/rootfs:ro
 59 |     command: 
 60 |       - '--path.procfs=/host/proc' 
 61 |       - '--path.sysfs=/host/sys'
 62 |       - --collector.filesystem.ignored-mount-points
 63 |       - "^/(sys|proc|dev|host|etc|rootfs/var/lib/docker/containers|rootfs/var/lib/docker/overlay2|rootfs/run/docker/netns|rootfs/var/lib/docker/aufs)($$|/)"
 64 |     networks:
 65 |       - localhost
 66 |     privileged: true
 67 |     depends_on:
 68 |       - prometheus
 69 |     expose:
 70 |       - 9100
 71 | 
 72 |   # source https://grafana.com/docs/grafana/latest/installation/docker/
 73 |   grafana:
 74 |     image: grafana/grafana:10.0.10
 75 |     container_name: grafana
 76 |     restart: always
 77 |     depends_on:
 78 |       - prometheus
 79 |     volumes:
 80 |       - ./grafana/data:/var/lib/grafana
 81 |     env_file:
 82 |       - .env
 83 |     networks:
 84 |       - localhost
 85 |     ports:
 86 |       - 3000:3000
 87 |     user: root
 88 |   
 89 |   # source: https://github.com/google/cadvisor 
 90 |   cadvisor:
 91 |     image: gcr.io/cadvisor/cadvisor:v0.47.2
 92 |     container_name: cadvisor
 93 |     restart: always
 94 |     depends_on:
 95 |       - prometheus
 96 |     volumes:
 97 |       - /:/rootfs:ro
 98 |       - /var/run:/var/run:ro
 99 |       - /sys:/sys:ro
100 |       - /var/lib/docker/:/var/lib/docker:ro
101 |       - /dev/disk/:/dev/disk:ro
102 |     expose:
103 |       - 8080
104 |     networks:
105 |       - localhost
106 | 
107 | networks:
108 |     localhost:
109 |         name: localhost
110 |         external: false
111 | 


--------------------------------------------------------------------------------
/html/index.html:
--------------------------------------------------------------------------------
 1 | <html>
 2 |     <head>
 3 |         <title>Nginx | Grafana | Prometheus</title>
 4 |         </head>
 5 |     <body>
 6 | 
 7 |     <style>
 8 |         #center {
 9 |             position: absolute;
10 |             left: 50%;
11 |             top: 50%;
12 |             margin-top: -80px;
13 |             margin-left: -430px;
14 |         }
15 | 
16 |         #footer {
17 |             bottom : 6px;
18 |             height : 40px;
19 |             margin-top : 40px;
20 |             text-align: center;
21 |             vertical-align: middle;
22 |             position:fixed;
23 |             width:100%;
24 |             font-family: monospace;
25 |         }
26 |     </style>
27 | 
28 |     <div id="center">
29 |         <pre>
30 | _  _ ____ _ _  _ _  _    |    ____ ____ ____ ____ ____ _  _ ____    |    ___  ____ ____ _  _ ____ ___ _  _ ____ _  _ ____
31 | |\ | | __ | |\ |  \/     |    | __ |__/ |__| |___ |__| |\ | |__|    |    |__] |__/ |  | |\/| |___  |  |__| |___ |  | [__
32 | | \| |__] | | \| _/\_    |    |__] |  \ |  | |    |  | | \| |  |    |    |    |  \ |__| |  | |___  |  |  | |___ |__| ___]
33 |                          |                                          |
34 |         </pre>
35 |     </div>
36 |  
37 |     <div id="footer">
38 |            <p>@2021 github - rvva</p>
39 |     </div>
40 |     </body>
41 | </html>
42 | 


--------------------------------------------------------------------------------
/nginx/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM nginx:1.25.3-alpine3.18 as base
 2 | 
 3 | FROM base as dev
 4 | 
 5 | # generate self segined certificate for testing pruposes
 6 | RUN apk update && \
 7 |     apk add --no-cache openssl && \
 8 |     openssl req -x509 -nodes -days 365 \
 9 |     -subj "/C=PL/ST=lubelskie/L=Lublin/O=github-rvva/OU=dev/CN=rvva" \
10 |     -newkey rsa:4096 -keyout /etc/ssl/private/selfsigned.key \
11 |     -out /etc/ssl/certs/selfsigned.crt
12 | 


--------------------------------------------------------------------------------
/nginx/conf/nginx.conf:
--------------------------------------------------------------------------------
 1 | # Generated with mozilla recommendations.
 2 | # Please update the ciphers in this file every 6 months. 
 3 | # https://ssl-config.mozilla.org/
 4 | 
 5 | server {
 6 |     listen 80 default_server;
 7 |     listen [::]:80 default_server;
 8 | 
 9 |     location / {
10 |         return 301 https://$host$request_uri;
11 |     }
12 | }
13 | 
14 | server {
15 |     listen 443 ssl http2;
16 |     listen [::]:443 ssl http2;
17 |    
18 |     ssl_session_timeout 1d;
19 |     ssl_session_cache shared:MozSSL:10m;  # about 40000 sessions
20 |     ssl_session_tickets off;
21 | 
22 |     # modern configuration
23 |     ssl_protocols TLSv1.3;
24 |     ssl_prefer_server_ciphers off;
25 | 
26 |     # HSTS (ngx_http_headers_module is required) (63072000 seconds)
27 |     add_header Strict-Transport-Security "max-age=63072000" always;
28 | 
29 |     # OCSP stapling
30 |     ssl_stapling on;
31 |     ssl_stapling_verify on;
32 | 
33 |     ssl_certificate /etc/ssl/certs/selfsigned.crt;
34 |     ssl_certificate_key /etc/ssl/private/selfsigned.key;
35 | 
36 |     location / {
37 |         root   /usr/share/nginx/html;
38 |         index  index.html;
39 |     }
40 | 
41 |     location /stub_status {
42 |         stub_status on;
43 |     }
44 | }
45 | 
46 | 


--------------------------------------------------------------------------------
/prometheus/prometheus.yml:
--------------------------------------------------------------------------------
 1 | # source https://prometheus.io/docs/prometheus/latest/getting_started/
 2 | 
 3 | global:
 4 |   scrape_interval:     15s # By default, scrape targets every 15 seconds.
 5 | 
 6 |   # Attach these labels to any time series or alerts when communicating with
 7 |   # external systems (federation, remote storage, Alertmanager).
 8 |   external_labels:
 9 |     monitor: 'codelab-monitor'
10 | 
11 | # A scrape configuration containing exactly one endpoint to scrape:
12 | # Here it's Prometheus itself.
13 | scrape_configs:
14 |   # The job name is added as a label `job=<job_name>` to any timeseries scraped from this config.
15 |   - job_name: 'prometheus'
16 | 
17 |     # Override the global default and scrape targets from this job every 5 seconds.
18 |     scrape_interval: 5s
19 | 
20 |     static_configs:
21 |     # prometheus
22 |       - targets: ['localhost:9090']
23 |     # node-exporter
24 |       - targets: ['prometheus-node-exporter:9100']
25 |     # cadvisor
26 |       - targets: ['cadvisor:8080']
27 |     # prometheus-nginx-exporter
28 |       - targets: ['nginx-prometheus-exporter:9113']
29 | 


--------------------------------------------------------------------------------