chore: import upstream snapshot with attribution
This commit is contained in:
@@ -0,0 +1,275 @@
|
||||
# Licensed to the Apache Software Foundation (ASF) under one or more
|
||||
# contributor license agreements. See the NOTICE file distributed with
|
||||
# this work for additional information regarding copyright ownership.
|
||||
# The ASF licenses this file to You under the Apache License, Version 2.0
|
||||
# (the "License"); you may not use this file except in compliance with
|
||||
# the License. You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
server:
|
||||
port: 1157
|
||||
spring:
|
||||
application:
|
||||
name: ${HOSTNAME:@hertzbeat@}${PID}
|
||||
profiles:
|
||||
active: prod
|
||||
ai:
|
||||
mcp:
|
||||
server:
|
||||
enabled: true
|
||||
stdio: false
|
||||
protocol: streamable
|
||||
streamable-http:
|
||||
mcp-endpoint: /api/mcp
|
||||
name: hertzbeat-mcp-server
|
||||
version: 1.0.0
|
||||
type: SYNC
|
||||
mvc:
|
||||
static-path-pattern: /**
|
||||
jackson:
|
||||
default-property-inclusion: ALWAYS
|
||||
web:
|
||||
resources:
|
||||
static-locations:
|
||||
- classpath:/dist/
|
||||
- classpath:../dist/
|
||||
# need to disable spring boot mongodb auto config, or default mongodb connection tried and failed..
|
||||
autoconfigure:
|
||||
exclude: org.springframework.boot.autoconfigure.mongo.MongoAutoConfiguration, org.springframework.boot.autoconfigure.data.mongo.MongoDataAutoConfiguration
|
||||
freemarker:
|
||||
enabled: false
|
||||
servlet:
|
||||
multipart:
|
||||
max-file-size: 100MB
|
||||
max-request-size: 100MB
|
||||
|
||||
management:
|
||||
health:
|
||||
mail:
|
||||
enabled: off
|
||||
endpoints:
|
||||
web:
|
||||
exposure:
|
||||
include:
|
||||
- 'metrics'
|
||||
- 'health'
|
||||
- 'prometheus'
|
||||
enabled-by-default: on
|
||||
endpoint:
|
||||
prometheus:
|
||||
access: read_only
|
||||
metrics:
|
||||
tags:
|
||||
application: ${spring.application.name}
|
||||
environment: ${spring.profiles.active}
|
||||
prometheus:
|
||||
metrics:
|
||||
export:
|
||||
enabled: true
|
||||
|
||||
sureness:
|
||||
container: jakarta_servlet
|
||||
auths:
|
||||
- digest
|
||||
- basic
|
||||
- jwt
|
||||
jwt:
|
||||
secret: 'CyaFv0bwq2Eik0jdrKUtsA6bx3sDJeFV643R
|
||||
LnfKefTjsIfJLBa2YkhEqEGtcHDTNe4CU6+9
|
||||
8tVt4bisXQ13rbN0oxhUZR73M6EByXIO+SV5
|
||||
dKhaX0csgOCTlCxq20yhmUea6H6JIpSE2Rwp'
|
||||
|
||||
|
||||
---
|
||||
spring:
|
||||
config:
|
||||
activate:
|
||||
on-profile: prod
|
||||
datasource:
|
||||
driver-class-name: com.mysql.cj.jdbc.Driver
|
||||
username: root
|
||||
password: 123456
|
||||
url: jdbc:mysql://mysql:3306/hertzbeat?useUnicode=true&characterEncoding=utf-8&allowPublicKeyRetrieval=true&useSSL=false
|
||||
platform: mysql
|
||||
hikari:
|
||||
max-lifetime: 120000
|
||||
jpa:
|
||||
show-sql: false
|
||||
database: mysql
|
||||
hibernate:
|
||||
ddl-auto: update
|
||||
properties:
|
||||
hibernate:
|
||||
format_sql: true
|
||||
dialect: org.hibernate.dialect.MySQLDialect
|
||||
|
||||
flyway:
|
||||
enabled: true
|
||||
clean-disabled: true
|
||||
baseline-on-migrate: true
|
||||
baseline-version: 1
|
||||
locations:
|
||||
- classpath:db/migration/mysql
|
||||
|
||||
# Not Require, Please config if you need email notify
|
||||
mail:
|
||||
# Attention: this is mail server address.
|
||||
host: smtp.qq.com
|
||||
username: example@qq.com
|
||||
# Attention: this is not email account password, this requires an email authorization code
|
||||
password: xxqzvuqbnqvbbdac
|
||||
port: 465
|
||||
default-encoding: UTF-8
|
||||
properties:
|
||||
mail:
|
||||
smtp:
|
||||
socketFactoryClass: javax.net.ssl.SSLSocketFactory
|
||||
ssl:
|
||||
enable: true
|
||||
|
||||
common:
|
||||
queue:
|
||||
# memory or kafka
|
||||
type: memory
|
||||
|
||||
warehouse:
|
||||
store:
|
||||
# store history metrics data, enable only one below
|
||||
jpa:
|
||||
enabled: false
|
||||
expire-time: 1h
|
||||
iot-db:
|
||||
enabled: true
|
||||
host: iotdb
|
||||
rpc-port: 6667
|
||||
username: root
|
||||
password: root
|
||||
query-timeout-in-ms: -1
|
||||
# data expire time, unit:ms, default '7776000000'(90 days, -1:never expire)
|
||||
expire-time: '7776000000'
|
||||
# store real-time metrics data, enable only one below
|
||||
real-time:
|
||||
memory:
|
||||
enabled: true
|
||||
init-size: 16
|
||||
redis:
|
||||
enabled: false
|
||||
# redis mode: single, sentinel, cluster. Default is single
|
||||
mode: single
|
||||
# separate each address with comma when using cluster mode, eg: 127.0.0.1:6379,127.0.0.1:6380
|
||||
address: 127.0.0.1:6379
|
||||
# enter master name when using sentinel mode
|
||||
masterName: mymaster
|
||||
password: 123456
|
||||
# redis db index, default: DB0
|
||||
db: 0
|
||||
|
||||
|
||||
alerter:
|
||||
# custom console url
|
||||
console-url: https://console.tancloud.io
|
||||
# we work
|
||||
we-work-webhook-url: https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=
|
||||
# ding ding talk
|
||||
ding-talk-webhook-url: https://oapi.dingtalk.com/robot/send?access_token=
|
||||
# fei shu fly book
|
||||
fly-book-webhook-url: https://open.feishu.cn/open-apis/bot/v2/hook/
|
||||
# telegram
|
||||
telegram-webhook-url: https://api.telegram.org/bot%s/sendMessage
|
||||
# discord
|
||||
discord-webhook-url: https://discord.com/api/v9/channels/%s/messages
|
||||
# serverChan
|
||||
server-chan-webhook-url: https://sctapi.ftqq.com/%s.send
|
||||
# gotify
|
||||
gotify-webhook-url: http://127.0.0.1/message?token=%s
|
||||
# alert inhibit ttl unit ms, default 14400000(4 hours)
|
||||
inhibit:
|
||||
ttl: 14400000
|
||||
sms:
|
||||
enable: false
|
||||
type: tencent
|
||||
tencent:
|
||||
secret-id:
|
||||
secret-key:
|
||||
app-id:
|
||||
sign-name:
|
||||
template-id:
|
||||
alibaba:
|
||||
access-key-id:
|
||||
access-key-secret:
|
||||
sign-name:
|
||||
template-code:
|
||||
unisms:
|
||||
# auth-mode: simple or hmac
|
||||
auth-mode: simple
|
||||
access-key-id: YOUR_ACCESS_KEY_ID
|
||||
# hmac mode need to fill in access-key-secret
|
||||
access-key-secret: YOUR_ACCESS_KEY_SECRET
|
||||
signature: YOUR_SMS_SIGNATURE
|
||||
template-id: YOUR_TEMPLATE_ID
|
||||
smslocal:
|
||||
api-key: YOUR_API_KEY_HERE
|
||||
aws:
|
||||
access-key-id: YOUR_ACCESS_KEY_ID
|
||||
access-key-secret: YOUR_ACCESS_KEY_SECRET
|
||||
region: AWS_REGION_FOR_END_USER_MESSAGING
|
||||
twilio:
|
||||
account-sid: YOUR_ACCOUNT_SID
|
||||
auth-token: YOUR_AUTH_TOKEN
|
||||
twilio-phone-number: YOUR_TWILIO_PHONE_NUMBER
|
||||
scheduler:
|
||||
server:
|
||||
enabled: true
|
||||
port: 1158
|
||||
|
||||
grafana:
|
||||
enabled: false
|
||||
url: http://127.0.0.1:3000
|
||||
username: admin
|
||||
password: admin
|
||||
|
||||
hertzbeat:
|
||||
collector:
|
||||
mysql:
|
||||
# MySQL-compatible query engine routing for MySQL, MariaDB, OceanBase, and TiDB SQL metrics.
|
||||
# auto : prefer JDBC only when mysql-connector-j is available from ext-lib, otherwise use the built-in query engine
|
||||
# jdbc : always use JDBC
|
||||
# r2dbc : always use the built-in query engine
|
||||
query-engine: ${HERTZBEAT_COLLECTOR_MYSQL_QUERY_ENGINE:auto}
|
||||
# Optional virtual-thread overrides. Remove this whole block to use built-in defaults.
|
||||
vthreads:
|
||||
enabled: true
|
||||
common:
|
||||
mode: UNBOUNDED_VT
|
||||
collector:
|
||||
mode: LIMIT_AND_REJECT
|
||||
manager:
|
||||
mode: LIMIT_AND_REJECT
|
||||
max-concurrent-jobs: 10
|
||||
alerter:
|
||||
notify:
|
||||
mode: LIMIT_AND_REJECT
|
||||
max-concurrent-jobs: 64
|
||||
periodic-max-concurrent-jobs: 10
|
||||
log-worker:
|
||||
max-concurrent-jobs: 10
|
||||
queue-capacity: 1000
|
||||
reduce:
|
||||
max-concurrent-jobs: 2
|
||||
window-evaluator:
|
||||
max-concurrent-jobs: 2
|
||||
notify-max-concurrent-per-channel: 4
|
||||
warehouse:
|
||||
mode: UNBOUNDED_VT
|
||||
async:
|
||||
enabled: true
|
||||
concurrency-limit: 256
|
||||
reject-when-limit-reached: true
|
||||
task-termination-timeout: 5000
|
||||
@@ -0,0 +1,21 @@
|
||||
-- Licensed to the Apache Software Foundation (ASF) under one
|
||||
-- or more contributor license agreements. See the NOTICE file
|
||||
-- distributed with this work for additional information
|
||||
-- regarding copyright ownership. The ASF licenses this file
|
||||
-- to you under the Apache License, Version 2.0 (the
|
||||
-- "License"); you may not use this file except in compliance
|
||||
-- with the License. You may obtain a copy of the License at
|
||||
--
|
||||
-- http://www.apache.org/licenses/LICENSE-2.0
|
||||
--
|
||||
-- Unless required by applicable law or agreed to in writing, software
|
||||
-- distributed under the License is distributed on an "AS IS" BASIS,
|
||||
-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
-- See the License for the specific language governing permissions and
|
||||
-- limitations under the License.
|
||||
|
||||
-- this file works for MySQL.
|
||||
|
||||
set names utf8mb4;
|
||||
create database if not exists hertzbeat default charset utf8mb4 collate utf8mb4_general_ci;
|
||||
commit;
|
||||
@@ -0,0 +1,124 @@
|
||||
# Licensed to the Apache Software Foundation (ASF) under one or more
|
||||
# contributor license agreements. See the NOTICE file distributed with
|
||||
# this work for additional information regarding copyright ownership.
|
||||
# The ASF licenses this file to You under the Apache License, Version 2.0
|
||||
# (the "License"); you may not use this file except in compliance with
|
||||
# the License. You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
## -- sureness.yml account source -- ##
|
||||
|
||||
# config the resource restful api that need auth protection, base rbac
|
||||
# rule: api===method===role
|
||||
# eg: /api/v1/source1===get===[admin] means /api/v2/host===post support role[admin] access.
|
||||
# eg: /api/v1/source2===get===[] means /api/v1/source2===get can not access by any role.
|
||||
resourceRole:
|
||||
- /api/account/auth/refresh===post===[admin,user,guest]
|
||||
- /api/apps/**===get===[admin,user,guest]
|
||||
- /api/monitor/**===get===[admin,user,guest]
|
||||
- /api/monitor/**===post===[admin,user]
|
||||
- /api/monitor/**===put===[admin,user]
|
||||
- /api/monitor/**===delete==[admin]
|
||||
- /api/monitors/**===get===[admin,user,guest]
|
||||
- /api/monitors/**===post===[admin,user]
|
||||
- /api/monitors/**===put===[admin,user]
|
||||
- /api/monitors/**===delete===[admin]
|
||||
- /api/alert/**===get===[admin,user,guest]
|
||||
- /api/alert/**===post===[admin,user]
|
||||
- /api/alert/**===put===[admin,user]
|
||||
- /api/alert/**===delete===[admin]
|
||||
- /api/alerts/**===get===[admin,user,guest]
|
||||
- /api/alerts/**===post===[admin,user]
|
||||
- /api/alerts/**===put===[admin,user]
|
||||
- /api/alerts/**===delete===[admin]
|
||||
- /api/notice/**===get===[admin,user,guest]
|
||||
- /api/notice/**===post===[admin,user]
|
||||
- /api/notice/**===put===[admin,user]
|
||||
- /api/notice/**===delete===[admin]
|
||||
- /api/tag/**===get===[admin,user,guest]
|
||||
- /api/tag/**===post===[admin,user]
|
||||
- /api/tag/**===put===[admin,user]
|
||||
- /api/tag/**===delete===[admin]
|
||||
- /api/summary/**===get===[admin,user,guest]
|
||||
- /api/summary/**===post===[admin,user]
|
||||
- /api/summary/**===put===[admin,user]
|
||||
- /api/summary/**===delete===[admin]
|
||||
- /api/collector/**===get===[admin,user,guest]
|
||||
- /api/collector/**===post===[admin,user]
|
||||
- /api/collector/**===put===[admin,user]
|
||||
- /api/collector/**===delete===[admin]
|
||||
- /api/status/page/**===get===[admin,user,guest]
|
||||
- /api/status/page/**===post===[admin,user]
|
||||
- /api/status/page/**===put===[admin,user]
|
||||
- /api/status/page/**===delete===[admin]
|
||||
- /api/grafana/**===get===[admin,user,guest]
|
||||
- /api/grafana/**===post===[admin,user]
|
||||
- /api/grafana/**===put===[admin,user]
|
||||
- /api/grafana/**===delete===[admin]
|
||||
- /api/bulletin/**===get===[admin,user,guest]
|
||||
- /api/bulletin/**===post===[admin,user]
|
||||
- /api/bulletin/**===put===[admin,user]
|
||||
- /api/bulletin/**===delete===[admin]
|
||||
- /api/mcp/**===get===[admin]
|
||||
- /api/mcp/**===post===[admin]
|
||||
- /api/chat/**===get===[admin,user]
|
||||
- /api/chat/**===post===[admin]
|
||||
- /api/logs/ingest/**===post===[admin,user]
|
||||
|
||||
# config the resource restful api that need bypass auth protection
|
||||
# rule: api===method
|
||||
# eg: /api/v1/source3===get means /api/v1/source3===get can be access by anyone, no need auth.
|
||||
excludedResource:
|
||||
- /api/alert/sse/**===*
|
||||
- /api/logs/sse/**===*
|
||||
- /api/account/auth/**===*
|
||||
- /api/i18n/**===get
|
||||
- /api/apps/hierarchy===get
|
||||
- /api/push/**===*
|
||||
- /api/status/page/public/**===*
|
||||
- /api/manager/sse/**===*
|
||||
# web ui resource
|
||||
- /===get
|
||||
- /assets/**===get
|
||||
- /dashboard/**===get
|
||||
- /monitors/**===get
|
||||
- /alert/**===get
|
||||
- /account/**===get
|
||||
- /setting/**===get
|
||||
- /passport/**===get
|
||||
- /status/**===get
|
||||
- /log/**===get
|
||||
- /**/*.html===get
|
||||
- /**/*.js===get
|
||||
- /**/*.css===get
|
||||
- /**/*.ico===get
|
||||
- /**/*.ttf===get
|
||||
- /**/*.png===get
|
||||
- /**/*.gif===get
|
||||
- /**/*.jpg===get
|
||||
- /**/*.svg===get
|
||||
- /**/*.json===get
|
||||
- /**/*.woff===get
|
||||
- /**/*.eot===get
|
||||
# swagger ui resource
|
||||
- /swagger-resources/**===get
|
||||
- /v2/api-docs===get
|
||||
- /v3/api-docs===get
|
||||
# h2 database
|
||||
- /h2-console/**===*
|
||||
|
||||
# account info config refer the https://hertzbeat.apache.org/docs/start/account-modify
|
||||
# eg: admin has role [admin,user], password is hertzbeat
|
||||
# eg: tom has role [user], password is hertzbeat
|
||||
# eg: lili has role [guest], plain password is lili, salt is 123, salted password is 1A676730B0C7F54654B0E09184448289
|
||||
account:
|
||||
- appId: admin
|
||||
credential: hertzbeat
|
||||
role: [admin]
|
||||
Reference in New Issue
Block a user