opennomad/linderhof
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

initial commit

Browse source 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Matthias Johnson 2026-02-27 15:09:25 -07:00
commit 75891c3271
129 changed files with 8046 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

3
roles/goaccess/defaults/main.yml Normal file
View file

@ -0,0 +1,3 @@
---
# Time to sync access logs and regenerate reports (daily)
goaccess_sync_time: "05:00:00"

4
roles/goaccess/handlers/main.yml Normal file
View file

@ -0,0 +1,4 @@
---
- name: Reload systemd
ansible.builtin.systemd:
daemon_reload: true

91
roles/goaccess/tasks/main.yml Normal file
View file

@ -0,0 +1,91 @@
---
- name: Install GoAccess and jq
ansible.builtin.apt:
name:
- goaccess
- jq
state: present
- name: Create GoAccess directories
ansible.builtin.file:
path: "{{ item }}"
state: directory
owner: root
group: root
mode: "0755"
loop:
- /srv/goaccess
- /srv/goaccess/data
- /srv/goaccess/reports
- name: Deploy GoAccess config
ansible.builtin.template:
src: goaccess.conf.j2
dest: /srv/goaccess/goaccess.conf
owner: root
group: root
mode: "0644"
- name: Deploy report generation script
ansible.builtin.template:
src: goaccess-report.sh.j2
dest: /usr/local/bin/goaccess-report
owner: root
group: root
mode: "0755"
- name: Deploy report generation systemd service
ansible.builtin.template:
src: goaccess-report.service.j2
dest: /etc/systemd/system/goaccess-report.service
owner: root
group: root
mode: "0644"
notify: Reload systemd
- name: Deploy report generation systemd timer
ansible.builtin.template:
src: goaccess-report.timer.j2
dest: /etc/systemd/system/goaccess-report.timer
owner: root
group: root
mode: "0644"
notify: Reload systemd
- name: Deploy sync script
ansible.builtin.template:
src: goaccess-sync.sh.j2
dest: /usr/local/bin/goaccess-sync
owner: root
group: root
mode: "0755"
- name: Deploy sync systemd service
ansible.builtin.template:
src: goaccess-sync.service.j2
dest: /etc/systemd/system/goaccess-sync.service
owner: root
group: root
mode: "0644"
notify: Reload systemd
- name: Deploy sync systemd timer
ansible.builtin.template:
src: goaccess-sync.timer.j2
dest: /etc/systemd/system/goaccess-sync.timer
owner: root
group: root
mode: "0644"
notify: Reload systemd
- name: Flush handlers to reload systemd
ansible.builtin.meta: flush_handlers
- name: Enable and start GoAccess timers
ansible.builtin.systemd:
name: "{{ item }}"
enabled: true
state: started
loop:
- goaccess-report.timer
- goaccess-sync.timer

7
roles/goaccess/templates/goaccess-report.service.j2 Normal file
View file

@ -0,0 +1,7 @@
[Unit]
Description=GoAccess Report Generation
After=network-online.target
[Service]
Type=oneshot
ExecStart=/usr/local/bin/goaccess-report

52
roles/goaccess/templates/goaccess-report.sh.j2 Normal file
View file

@ -0,0 +1,52 @@
#!/usr/bin/env bash
set -euo pipefail
REPORTS_DIR="/srv/goaccess/reports"
DATA_DIR="/srv/goaccess/data"
CONF="/srv/goaccess/goaccess.conf"
SITES=(
{% for site in goaccess_sites %}
"{{ site }}"
{% endfor %}
)
# Fetch logs once from journald
LOGS=$(journalctl CONTAINER_NAME=caddy --since "2 hours ago" --output=cat 2>/dev/null || true)
# Skip if no logs
if [[ -z "$LOGS" ]]; then
echo "No Caddy logs found, skipping."
exit 0
fi
# Generate per-site reports
for site in "${SITES[@]}"; do
db_path="${DATA_DIR}/${site}"
mkdir -p "$db_path"
echo "$LOGS" \
| jq -c "select(.request.host == \"${site}\")" 2>/dev/null \
| goaccess \
--log-format=CADDY \
--persist \
--restore \
--db-path="$db_path" \
-o "${REPORTS_DIR}/${site}.html" \
- || echo "Warning: GoAccess failed for ${site}"
done
# Generate combined "all sites" report
all_db="${DATA_DIR}/all"
mkdir -p "$all_db"
echo "$LOGS" \
| goaccess \
--log-format=CADDY \
--persist \
--restore \
--db-path="$all_db" \
-o "${REPORTS_DIR}/index.html" \
- || echo "Warning: GoAccess failed for combined report"
echo "Reports generated at $(date -Iseconds)"

9
roles/goaccess/templates/goaccess-report.timer.j2 Normal file
View file

@ -0,0 +1,9 @@
[Unit]
Description=GoAccess Report Generation
[Timer]
OnCalendar=*-*-* *:00:00
Persistent=true
[Install]
WantedBy=timers.target

7
roles/goaccess/templates/goaccess-sync.service.j2 Normal file
View file

@ -0,0 +1,7 @@
[Unit]
Description=GoAccess Report Sync to Storage Box
After=network-online.target
[Service]
Type=oneshot
ExecStart=/usr/local/bin/goaccess-sync

7
roles/goaccess/templates/goaccess-sync.sh.j2 Normal file
View file

@ -0,0 +1,7 @@
#!/usr/bin/env bash
set -euo pipefail
rsync -az --delete \
-e "ssh -i {{ restic_ssh_key }} -p {{ restic_ssh_port }} -o StrictHostKeyChecking=no -o BatchMode=yes" \
/srv/goaccess/reports/ \
{{ restic_user }}@{{ restic_host }}:analytics/

9
roles/goaccess/templates/goaccess-sync.timer.j2 Normal file
View file

@ -0,0 +1,9 @@
[Unit]
Description=GoAccess Report Sync to Storage Box
[Timer]
OnCalendar=*-*-* {{ goaccess_sync_time }}
Persistent=true
[Install]
WantedBy=timers.target

9
roles/goaccess/templates/goaccess.conf.j2 Normal file
View file

@ -0,0 +1,9 @@
log-format CADDY
date-format %s
time-format %s
# Persist parsed data to disk
db-path /srv/goaccess/data
# HTML report settings
html-report-title GoAccess Analytics