支持设置密码
This commit is contained in:
CN-JS-HuiBai
@@ -1,7 +1,34 @@
|
||||
#!/bin/bash
|
||||
set -e
|
||||
|
||||
#Detect Operation System
|
||||
# Arguments for Basic Auth
|
||||
USER_NAME=""
|
||||
PASSWORD_PLAIN=""
|
||||
|
||||
while [[ "$#" -gt 0 ]]; do
|
||||
case $1 in
|
||||
--user) USER_NAME="$2"; shift ;;
|
||||
--pass) PASSWORD_PLAIN="$2"; shift ;;
|
||||
*) echo "Unknown option: $1"; exit 1 ;;
|
||||
esac
|
||||
shift
|
||||
done
|
||||
|
||||
# If not provided via arguments, ask interactively
|
||||
if [ -z "$USER_NAME" ]; then
|
||||
read -p "Do you want to enable Basic Authentication for Node Exporter? [y/N]: " ENABLE_AUTH
|
||||
if [[ "$ENABLE_AUTH" =~ ^[Yy]$ ]]; then
|
||||
read -p "Enter Username: " USER_NAME
|
||||
read -s -p "Enter Password: " PASSWORD_PLAIN
|
||||
echo "" # New line after password
|
||||
if [ -z "$USER_NAME" ] || [ -z "$PASSWORD_PLAIN" ]; then
|
||||
echo "Error: Username and Password cannot be empty."
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
|
||||
# Detect Operation System
|
||||
|
||||
if command -v apt >/dev/null 2>&1; then
|
||||
echo "Detected apt-based system"
|
||||
@@ -53,6 +80,37 @@ tar -zxvf /tmp/node_exporter.tar.gz -C /tmp
|
||||
echo "Copying Node Exporter to /node_exporter..."
|
||||
sudo cp -r /tmp/node_exporter-1.10.2.linux-amd64 /node_exporter
|
||||
|
||||
# Handle Basic Auth configuration
|
||||
if [ -n "$USER_NAME" ] && [ -n "$PASSWORD_PLAIN" ]; then
|
||||
echo "Configuring Basic Authentication for Node Exporter..."
|
||||
|
||||
# Generate bcrypt hash using python3 (common on Linux)
|
||||
# If python3 is not available, you'll need to provide the hash manually
|
||||
if command -v python3 >/dev/null 2>&1; then
|
||||
HASHED_PASSWORD=$(python3 -c "import bcrypt; print(bcrypt.hashpw('$PASSWORD_PLAIN'.encode(), bcrypt.gensalt()).decode())" 2>/dev/null || true)
|
||||
|
||||
# Fallback if bcrypt module is not installed
|
||||
if [ -z "$HASHED_PASSWORD" ]; then
|
||||
echo "Python bcrypt module not found, using simple crypt fallback (not bcrypt!)..."
|
||||
HASHED_PASSWORD=$(python3 -c "import crypt; print(crypt.crypt('$PASSWORD_PLAIN', crypt.mksalt(crypt.METHOD_SHA512)))" 2>/dev/null || true)
|
||||
fi
|
||||
fi
|
||||
|
||||
if [ -n "$HASHED_PASSWORD" ]; then
|
||||
sudo tee "/node_exporter/web-config.yml" > /dev/null <<EOF
|
||||
basic_auth_users:
|
||||
$USER_NAME: $HASHED_PASSWORD
|
||||
EOF
|
||||
EXTRA_OPTS="--web.config.file=/node_exporter/web-config.yml"
|
||||
echo "Basic Auth configured for user: $USER_NAME"
|
||||
else
|
||||
echo "Warning: Could not generate password hash. Standard Node Exporter will be installed without auth."
|
||||
EXTRA_OPTS=""
|
||||
fi
|
||||
else
|
||||
EXTRA_OPTS=""
|
||||
fi
|
||||
|
||||
# Create systemd service file
|
||||
SERVICE_FILE="/etc/systemd/system/node_exporter.service"
|
||||
|
||||
@@ -65,7 +123,7 @@ After=network-online.target
|
||||
|
||||
[Service]
|
||||
User=root
|
||||
ExecStart=/node_exporter/node_exporter --web.listen-address=":9100"
|
||||
ExecStart=/node_exporter/node_exporter --web.listen-address=":9100" $EXTRA_OPTS
|
||||
Restart=always
|
||||
|
||||
[Install]
|
||||
@@ -78,3 +136,6 @@ sudo systemctl daemon-reload
|
||||
sudo systemctl enable --now node_exporter.service
|
||||
|
||||
echo "Node Exporter installation completed, listening on port 9100"
|
||||
if [ -n "$EXTRA_OPTS" ]; then
|
||||
echo "Basic authentication is ENABLED."
|
||||
fi
|
||||
|
||||
Reference in New Issue
Block a user