支持设置密码

This commit is contained in:
CN-JS-HuiBai
2026-04-06 20:05:49 +08:00
parent 048582791d
commit bc78a1f601
3 changed files with 141 additions and 2 deletions

View File

@@ -1,7 +1,34 @@
#!/bin/bash
set -e
#Detect Operation System
# Arguments for Basic Auth
USER_NAME=""
PASSWORD_PLAIN=""
while [[ "$#" -gt 0 ]]; do
case $1 in
--user) USER_NAME="$2"; shift ;;
--pass) PASSWORD_PLAIN="$2"; shift ;;
*) echo "Unknown option: $1"; exit 1 ;;
esac
shift
done
# If not provided via arguments, ask interactively
if [ -z "$USER_NAME" ]; then
read -p "Do you want to enable Basic Authentication for Node Exporter? [y/N]: " ENABLE_AUTH
if [[ "$ENABLE_AUTH" =~ ^[Yy]$ ]]; then
read -p "Enter Username: " USER_NAME
read -s -p "Enter Password: " PASSWORD_PLAIN
echo "" # New line after password
if [ -z "$USER_NAME" ] || [ -z "$PASSWORD_PLAIN" ]; then
echo "Error: Username and Password cannot be empty."
exit 1
fi
fi
fi
# Detect Operation System
if command -v apt >/dev/null 2>&1; then
echo "Detected apt-based system"
@@ -53,6 +80,37 @@ tar -zxvf /tmp/node_exporter.tar.gz -C /tmp
echo "Copying Node Exporter to /node_exporter..."
sudo cp -r /tmp/node_exporter-1.10.2.linux-amd64 /node_exporter
# Handle Basic Auth configuration
if [ -n "$USER_NAME" ] && [ -n "$PASSWORD_PLAIN" ]; then
echo "Configuring Basic Authentication for Node Exporter..."
# Generate bcrypt hash using python3 (common on Linux)
# If python3 is not available, you'll need to provide the hash manually
if command -v python3 >/dev/null 2>&1; then
HASHED_PASSWORD=$(python3 -c "import bcrypt; print(bcrypt.hashpw('$PASSWORD_PLAIN'.encode(), bcrypt.gensalt()).decode())" 2>/dev/null || true)
# Fallback if bcrypt module is not installed
if [ -z "$HASHED_PASSWORD" ]; then
echo "Python bcrypt module not found, using simple crypt fallback (not bcrypt!)..."
HASHED_PASSWORD=$(python3 -c "import crypt; print(crypt.crypt('$PASSWORD_PLAIN', crypt.mksalt(crypt.METHOD_SHA512)))" 2>/dev/null || true)
fi
fi
if [ -n "$HASHED_PASSWORD" ]; then
sudo tee "/node_exporter/web-config.yml" > /dev/null <<EOF
basic_auth_users:
$USER_NAME: $HASHED_PASSWORD
EOF
EXTRA_OPTS="--web.config.file=/node_exporter/web-config.yml"
echo "Basic Auth configured for user: $USER_NAME"
else
echo "Warning: Could not generate password hash. Standard Node Exporter will be installed without auth."
EXTRA_OPTS=""
fi
else
EXTRA_OPTS=""
fi
# Create systemd service file
SERVICE_FILE="/etc/systemd/system/node_exporter.service"
@@ -65,7 +123,7 @@ After=network-online.target
[Service]
User=root
ExecStart=/node_exporter/node_exporter --web.listen-address=":9100"
ExecStart=/node_exporter/node_exporter --web.listen-address=":9100" $EXTRA_OPTS
Restart=always
[Install]
@@ -78,3 +136,6 @@ sudo systemctl daemon-reload
sudo systemctl enable --now node_exporter.service
echo "Node Exporter installation completed, listening on port 9100"
if [ -n "$EXTRA_OPTS" ]; then
echo "Basic authentication is ENABLED."
fi