CN-JS-HuiBai/Linux-Shell
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

支持设置密码

Browse Source
This commit is contained in:
CN-JS-HuiBai
2026-04-06 20:05:49 +08:00
parent 048582791d
commit bc78a1f601
3 changed files with 141 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

66
Prometheus/add_node.sh Normal file
View File

@@ -0,0 +1,66 @@
#!/bin/bash
# This script adds a new node to the Prometheus configuration file
# Supports optional Basic Authentication (username/password)
# Use: sudo ./add_node.sh <SERVER_IP> [USERNAME] [PASSWORD]
if [ -z "$1" ]; then
echo "--- Prometheus Node Adder ---"
read -p "Enter Target IP/Hostname: " SERVER_IP
if [ -z "$SERVER_IP" ]; then
echo "Error: Target IP is required."
exit 1
fi
read -p "Enable Basic Authentication? [y/N]: " ENABLE_AUTH
if [[ "$ENABLE_AUTH" =~ ^[Yy]$ ]]; then
read -p "Enter Username: " USER_NAME
read -s -p "Enter Password: " PASSWORD
echo "" # New line
fi
else
SERVER_IP=$1
USER_NAME=$2
PASSWORD=$3
fi
CONFIG_FILE="/etc/prometheus/prometheus.yml"
# Ensure the script is run with sudo
if [ "$EUID" -ne 0 ]; then
echo "Please run this script with sudo."
exit 1
fi
if [ ! -f "$CONFIG_FILE" ]; then
echo "Prometheus configuration file not found at $CONFIG_FILE"
exit 1
fi
echo "Adding node $SERVER_IP to $CONFIG_FILE..."
# Build the configuration block
JOB_BLOCK="
- job_name: 'nodes_$SERVER_IP'
static_configs:
- targets: ['$SERVER_IP:9100']"
if [ -n "$USER_NAME" ] && [ -n "$PASSWORD" ]; then
echo "Applying basic authentication for user: $USER_NAME"
JOB_BLOCK="$JOB_BLOCK
basic_auth:
username: '$USER_NAME'
password: '$PASSWORD'"
fi
# Append the new job configuration
echo "$JOB_BLOCK" >> "$CONFIG_FILE"
# Restart Prometheus to apply changes
if [ -x "/usr/bin/restart_prometheus" ]; then
/usr/bin/restart_prometheus
else
systemctl restart prometheus
fi
echo "Done. node $SERVER_IP added. Prometheus restarted."

12
Prometheus/install_Prometheus.sh
View File

@@ -64,6 +64,18 @@ scrape_configs:
static_configs: static_configs:
- targets: ['8.8.8.8:9100'] - targets: ['8.8.8.8:9100']
- job_name: 'nodes'
static_configs:
- targets: ['your-server-ip:9100']
# Basic Auth example:
# - job_name: 'nodes_auth'
# static_configs:
# - targets: ['your-server-ip:9100']
# basic_auth:
# username: 'user'
# password: 'password'
EOF EOF
# Create systemd service file # Create systemd service file

63
Prometheus/install_node_exporter.sh
View File

@@ -1,6 +1,33 @@
#!/bin/bash #!/bin/bash
set -e set -e
# Arguments for Basic Auth
USER_NAME=""
PASSWORD_PLAIN=""
while [[ "$#" -gt 0 ]]; do
case $1 in
--user) USER_NAME="$2"; shift ;;
--pass) PASSWORD_PLAIN="$2"; shift ;;
*) echo "Unknown option: $1"; exit 1 ;;
esac
shift
done
# If not provided via arguments, ask interactively
if [ -z "$USER_NAME" ]; then
read -p "Do you want to enable Basic Authentication for Node Exporter? [y/N]: " ENABLE_AUTH
if [[ "$ENABLE_AUTH" =~ ^[Yy]$ ]]; then
read -p "Enter Username: " USER_NAME
read -s -p "Enter Password: " PASSWORD_PLAIN
echo "" # New line after password
if [ -z "$USER_NAME" ] || [ -z "$PASSWORD_PLAIN" ]; then
echo "Error: Username and Password cannot be empty."
exit 1
fi
fi
fi
# Detect Operation System # Detect Operation System
if command -v apt >/dev/null 2>&1; then if command -v apt >/dev/null 2>&1; then
@@ -53,6 +80,37 @@ tar -zxvf /tmp/node_exporter.tar.gz -C /tmp
echo "Copying Node Exporter to /node_exporter..." echo "Copying Node Exporter to /node_exporter..."
sudo cp -r /tmp/node_exporter-1.10.2.linux-amd64 /node_exporter sudo cp -r /tmp/node_exporter-1.10.2.linux-amd64 /node_exporter
# Handle Basic Auth configuration
if [ -n "$USER_NAME" ] && [ -n "$PASSWORD_PLAIN" ]; then
echo "Configuring Basic Authentication for Node Exporter..."
# Generate bcrypt hash using python3 (common on Linux)
# If python3 is not available, you'll need to provide the hash manually
if command -v python3 >/dev/null 2>&1; then
HASHED_PASSWORD=$(python3 -c "import bcrypt; print(bcrypt.hashpw('$PASSWORD_PLAIN'.encode(), bcrypt.gensalt()).decode())" 2>/dev/null || true)
# Fallback if bcrypt module is not installed
if [ -z "$HASHED_PASSWORD" ]; then
echo "Python bcrypt module not found, using simple crypt fallback (not bcrypt!)..."
HASHED_PASSWORD=$(python3 -c "import crypt; print(crypt.crypt('$PASSWORD_PLAIN', crypt.mksalt(crypt.METHOD_SHA512)))" 2>/dev/null || true)
fi
fi
if [ -n "$HASHED_PASSWORD" ]; then
sudo tee "/node_exporter/web-config.yml" > /dev/null <<EOF
basic_auth_users:
$USER_NAME: $HASHED_PASSWORD
EOF
EXTRA_OPTS="--web.config.file=/node_exporter/web-config.yml"
echo "Basic Auth configured for user: $USER_NAME"
else
echo "Warning: Could not generate password hash. Standard Node Exporter will be installed without auth."
EXTRA_OPTS=""
fi
else
EXTRA_OPTS=""
fi
# Create systemd service file # Create systemd service file
SERVICE_FILE="/etc/systemd/system/node_exporter.service" SERVICE_FILE="/etc/systemd/system/node_exporter.service"
@@ -65,7 +123,7 @@ After=network-online.target
[Service] [Service]
User=root User=root
ExecStart=/node_exporter/node_exporter --web.listen-address=":9100" ExecStart=/node_exporter/node_exporter --web.listen-address=":9100" $EXTRA_OPTS
Restart=always Restart=always
[Install] [Install]
@@ -78,3 +136,6 @@ sudo systemctl daemon-reload
sudo systemctl enable --now node_exporter.service sudo systemctl enable --now node_exporter.service
echo "Node Exporter installation completed, listening on port 9100" echo "Node Exporter installation completed, listening on port 9100"
if [ -n "$EXTRA_OPTS" ]; then
echo "Basic authentication is ENABLED."
fi