feat: add docker healthcheck and expand documentation (#7375)

2025-10-29 23:35:02 -04:00 · 2025-10-25 17:31:44 +02:00 · 2025-10-25 17:31:44 +02:00 · 6e2f9aad37
commit 6e2f9aad37
parent f58217280a
2 changed files with 54 additions and 6 deletions
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@ -126,7 +126,7 @@ WORKDIR /opt/meshcentral
 RUN apk update && \
    echo -e "----------\nINSTALLING ALPINE PACKAGES...\n----------"; \
    apk add --no-cache --update \
-        bash jq nodejs npm tzdata && \
+        bash curl jq nodejs npm tzdata && \
    rm -rf /var/cache/* \
        /tmp/* \
        /usr/share/man/ \
@ -203,7 +203,10 @@ VOLUME /opt/meshcentral/meshcentral-web
 VOLUME /opt/meshcentral/meshcentral-backups

 # Copy images from Git repo, place it before ending so recompilation can make good use of cache.
-COPY ./docker/entrypoint.sh ./entrypoint.sh
+COPY ./docker/entrypoint.sh /opt/meshcentral/entrypoint.sh
 COPY ./docker/config.json.template /opt/meshcentral/config.json.template

+HEALTHCHECK --interval=30s --timeout=5s --start-period=5s --retries=3 \
+  CMD curl -k --fail https://localhost:443/health.ashx || exit 1
+
 ENTRYPOINT  ["bash", "/opt/meshcentral/entrypoint.sh"]
--- a/docker/README.md
+++ b/docker/README.md
@ -6,7 +6,26 @@
 > Then the container will overwrite it to a incorrect, but working state - perhaps non-working for your environment.

 ## Overview
-This document provides a comprehensive guide to setting up and configuring MeshCentral in a Docker environment. It includes available options, security measures, and deployment instructions.
+This document provides a comprehensive guide to setting up and configuring MeshCentral in a Docker environment.<br>
+It includes available options, security measures, and deployment instructions.
+
+MeshCentral provides a couple different Docker container variants:<br>
+These variants are pulled through 3 main channels: `master` and `latest`.<br>
+If you want to target versions, you can also target individual versions; such as `1.1.53`.
+
+| Variant | Image tag | Full path |
+|---------|-----------|-----------|
+| All database backends | "" (empty) | ghcr.io/ylianst/meshcentral:\<version\> |
+| No database backens (local only) | slim | ghcr.io/ylianst/meshcentral:\<version\>-slim |
+| [MongoDB](https://www.mongodb.com/) backend included | mongodb | ghcr.io/ylianst/meshcentral:\<version\>-mongodb |
+| [PostgreSQL](https://www.postgresql.org/) backend included | postgresql | ghcr.io/ylianst/meshcentral:\<version\>-postgresql |
+| [Mysql](https://www.mysql.com/)/[MariaDB](https://mariadb.org/) backend(s) included | mysql | ghcr.io/ylianst/meshcentral:\<version\>-mysql |
+
+So for a quick example: if you want to get the bleeding edge code with a PostgreSQL backend: `ghcr.io/ylianst/meshcentral:master-postgresql`<br>
+So for another quick example: if you want to get a complete image at the latest released version: `ghcr.io/ylianst/meshcentral:latest`<br>
+So for another quick example: if you want to get a released version with a MongoDB backend: `ghcr.io/ylianst/meshcentral:latest-mongodb`<br>
+So for another quick example: if you want a very slim image with the latest code and only a local database: `ghcr.io/ylianst/meshcentral:master-slim`<br>
+So as a last example: if you want to get a MariaDB/MySQL backend with MeshCentral version 1.1.53: `ghcr.io/ylianst/meshcentral:1.1.53-mysql`

 ## Environment Variables
 Below is a breakdown of environment variables used in this setup.
@ -77,14 +96,14 @@ docker run -d \
  -e MONGO_URL=mongodb://username:password@mongodb:27017/meshcentral \
  -v meshcentral-data:/opt/meshcentral/meshcentral-data \
  -p 443:443 \
-  ghcr.io/ylianst/meshcentral:<tag>
+  ghcr.io/ylianst/meshcentral:latest # or latest-mongodb
 ```

 ### Running with Docker Compose
 ```yaml
 services:
  meshcentral:
-    image: ghcr.io/ylianst/meshcentral:<tag>
+    image: ghcr.io/ylianst/meshcentral:latest
    environment:
      - HOSTNAME=myserver.domain.com
      - ALLOW_NEW_ACCOUNTS=false
@ -96,6 +115,7 @@ services:
      - meshcentral-web:/opt/meshcentral/meshcentral-web
      - meshcentral-backups:/opt/meshcentral/meshcentral-backups
    ports:
+    # You can add additional ports here in the same format. Such as for AMT or HTTP
      - "443:443"
 volumes:
  meshcentral-data:
@ -158,9 +178,34 @@ PREINSTALL_LIBS=false
 ```
 Then run Docker Compose:
 ```sh
-docker-compose --env-file .env up -d
+docker compose -f ./docker/compose.yaml --env-file .env up -d
 ```

+# Custom healthchecks at runtime
+
+If you want to add a custom healthcheck post-compilation/with precompiled images, then do the following:<br>
+This all is based on [Docker documentation](https://docs.docker.com/reference/compose-file/services/).
+
+Add the following lines to your compose.yaml:
+```yaml
+services:
+  meshcentral:
+    image: ghcr.io/ylianst/meshcentral:latest
+    ...
+    <the rest of the compose.yaml>
+    ...
+    
+    healthcheck:
+      test: ["CMD", "curl", "-k", "--fail", "https://localhost:443/health.ashx"]
+      interval: 30s
+      timeout: 5s
+      start_period: 5s
+      retries: 3
+```
+
+And if you ever change the port on which MeshCentral *INTERNALLY* runs on please also change the healthcheck either in your compose or self-compiled Dockerfile.<br>
+Also relevant if you change scheme, such as HTTP to HTTPS or vice versa.
+
 # MeshCentral Docker Build Process

 This document explains the build process for the MeshCentral Docker image, along with details on various build arguments and how to use them.