User Tools

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
services:olivetin [2025/05/06 06:07] – created willyservices:olivetin [2025/05/11 18:27] (current) – [Configuration] willy
Line 1: Line 1:
 ====== Olivetin ====== ====== Olivetin ======
  
-[[https://www.olivetin.app/|OliveTin]] is...+[[https://www.olivetin.app/|OliveTin]] is a neat web interface that can run your shell scripts and present outputIt can also monitor all your containers and servers and so much moreIt can also be intergated into Home Assistant!
  
  
Line 12: Line 12:
  
 First of all, OliveTin will be installed as root so that it can do stuff on your server. I know this is dangarous and whatnot, but i will not expose it directly to the internet rather keep it protected behind the reverse proxy, with HTTPS, and accessible only after a proper SSO layer of authentication. If you prefer, you can disable access from outside your home as well for added security. First of all, OliveTin will be installed as root so that it can do stuff on your server. I know this is dangarous and whatnot, but i will not expose it directly to the internet rather keep it protected behind the reverse proxy, with HTTPS, and accessible only after a proper SSO layer of authentication. If you prefer, you can disable access from outside your home as well for added security.
 +
 +Download the latest relesase from [[https://github.com/OliveTin/OliveTin/releases|GitHub]] and decompress it under **/opt/olivetin**:
 +<code bash>
 +mkdir /opt/olivetin
 +cd /opt/olivetin
 +wget https://github.com/OliveTin/OliveTin/releases/download/2025.4.22/OliveTin-linux-amd64.tar.gz
 +tar xvf OliveTin-linux-amd64.tar.gz
 +mv OliveTin-linux-amd64/* .
 +rmdir OliveTin-linux-amd64
 +</code>
 +
 +As for the configuration file, i think it's a good idea to keep it under **/etc/OliveTin** since we are installing the service as a normal service:
 +<code bash>
 +mkdir /etc/OliveTin
 +mv /opt/olivetin/config.yaml /etc/OliveTin
 +</code>
 +
 +
 +
 +===== Reverse Proxy =====
 +
 +Please refer to [[selfhost:nginx|this page]] for more details on NGINX as a reverse proxy.
 +
 +==== OliveTin on subdomain ====
 +
 +This will enable your SSO login protection (see [[selfhost:sso|here]] for more details). Do not use this without SSO!
 +
 +<file - olivetin.conf>
 +server {
 +        server_name olivetin.mydomain.com;
 +        listen 8443 ssl;
 +        listen 443 ssl;
 +
 +        access_log /var/log/nginx/olivetin.mydomain.com_access_log main;
 +        error_log /var/log/nginx/olivetin.mydomain.com_error_log info;
 +        
 +        include "com.mydomain/authelia_location.conf";
 +
 +        location / {
 +                include "com.mydomain/authelia_proxy.conf";
 +                include "com.mydomain/authelia_authrequest.conf";
 +        
 +                proxy_pass http://localhost:1337/;
 +                proxy_redirect http://localhost:1337/ http://localhost/OliveTin/;
 +        }
 +                
 +        location /websocket {
 +                include "com.mydomain/authelia_proxy.conf";
 +                include "com.mydomain/authelia_authrequest.conf";
 +
 +                proxy_set_header Upgrade "websocket";
 +                proxy_set_header Connection "upgrade";
 +                proxy_pass http://localhost:1337/websocket;
 +        }
 +        
 +        include com.mydomain/certbot.conf;
 +}
 +</file>
 +
 +==== OliveTin on subpath ====
 +
 +OliveTin can be used on a subpath. While it is //not recomended//, and i didnt manage (yet) to get it running, here is what the documentation suggest:
 +<file - olivetin.conf>
 +location /olivetin/ {
 +        proxy_pass http://localhost:1337/;
 +        proxy_redirect http://localhost:1337/ http://localhost/olivetin/;
 +}
 +
 +location /olivetin/websocket {
 +        proxy_set_header Upgrade "websocket";
 +        proxy_set_header Connection "upgrade";
 +        proxy_pass http://localhost:1337/websocket;
 +}
 +</file>
 +
 +Of course, this assume that this is hosted under the main domain, which is already protected by the SSO (see [[selfhost:sso|here]] for more details). **Do not run OliveTin unprotected**.
 +
 +In order to let OliveTin work under a sub-path you need to add the following configuration directive to **/opt/olivetin/config.yaml**:
 +<code>
 +externalRestAddress: https://internal.mydomain.com/olivetin
 +</code>
 +
 +
 +===== Configuration =====
 +
 +<file - config.yaml>
 +listenAddressSingleHTTPFrontend: 127.0.0.1:1337
 +logLevel: "INFO"
 +themeName: home
 +
 +checkForUpdates: true
 +webUIDir: /opt/olivetin/webui
 +
 +actions:
 +  - title: Check Internet
 +    shell: 'ping -c 1 1.1.1.1'
 +    icon: ping
 +    popupOnStart: default
 +
 +  - title: ISP_1
 +    shell: 'ping -c 1 192.168.0.1'
 +    icon: ping
 +    popupOnStart: default
 +
 +  - title: ISP_2
 +    shell: 'ping -c 1 192.168.1.254'
 +    icon: ping
 +    popupOnStart: default
 +
 +# Actions for containers
 +  - title: Update containers
 +    shell: '/etc/OliveTin/update_containers.sh'
 +    hidden: true
 +    execOnStartup: true
 +    execOnCron: '*/5 * * * *'
 +
 +  - title: Stop {{ container.name }}
 +    shell: '{{ container.command }} stop'
 +    icon: ping
 +    popupOnStart: execution-dialog-stdout-only
 +    entity: container
 +    triggers:
 +      - Update containers
 +
 +  - title: Update {{ container.name }}
 +    shell: '{{ container.command }} update'
 +    icon: ping
 +    popupOnStart: execution-dialog-stdout-only
 +    entity: container
 +    triggers:
 +      - Update containers
 +
 +  - title: Start {{ container.name }}
 +    shell: '{{ container.command }} start'
 +    icon: ping
 +    popupOnStart: execution-dialog-stdout-only
 +    entity: container
 +    triggers:
 +      - Update containers
 +
 +# Actions for servers
 +  - title: Update servers
 +    shell: '/etc/OliveTin/update_servers.sh'
 +    hidden: true
 +    execOnStartup: true
 +    execOnCron: '*/5 * * * *'
 +
 +  - title: ping {{ server.ip }}
 +    shell: 'ping {{ server.ip }} -c 1'
 +    icon: ping
 +    entity: server
 +
 +entities:
 +  - file: entities/servers.yaml
 +    name: server
 +
 +  - file: entities/containers.yaml
 +    name: container
 +
 +dashboards:
 +  - title: Home network
 +    contents:
 +      - title: Server {{ server.name }}
 +        type: fieldset
 +        entity: server
 +        contents:
 +          - type: display
 +            cssClass: '{{ server.status }}'
 +            title: |
 +              <strong>{{ server.name }}</strong>
 +              <strong>{{ server.ip }}</strong>
 +          - title: ping {{ server.ip }}
 +
 +  - title: servizi
 +    contents:
 +      - title: Servizio {{ container.name }}
 +        type: fieldset
 +        entity: container
 +        contents:
 +          - type: display
 +            cssClass: '{{ container.state }}'
 +            title: |
 +              <strong>{{ container.state }}</strong>
 +          - title: "Start {{ container.name }}"
 +          - title: "Stop {{ container.name }}"
 +          - title: "Update {{ container.name }}"
 +</file>
 +
 +<file - update_containers.sh>
 +#!/bin/bash
 +
 +TARGET=/etc/OliveTin/entities/containers.yaml
 +TARGET_TEMP=${TARGET}.tmp
 +
 +test -e ${TARGET_TEMP} && rm -f ${TARGET_TEMP}
 +for i in /etc/init.d/user-containers.*
 +do
 +        name=${i##*.}
 +        $i status 2> /dev/null | grep started > /dev/null
 +        if [ $? -eq 0 ]
 +        then
 +                running=running
 +        else
 +                running=stopped
 +        fi
 +        echo "
 +- name: $name
 +  state: $running
 +  command: $i
 +" >> ${TARGET_TEMP}
 +
 +done
 +
 +test -e ${TARGET_TEMP} && mv ${TARGET_TEMP} ${TARGET}
 +</file>
 +
 +<file - update_servers.sh>
 +#!/bin/bash
 +
 +
 +TARGET=/etc/OliveTin/entities/servers.yaml
 +TARGET_TEMP=${TARGET}.tmp
 +
 +test -e ${TARGET_TEMP} && rm -f ${TARGET_TEMP}
 +
 +while read -r line
 +do
 +        clean_line=${line%%#*}
 +        ip=${clean_line%%[[:space:]]*}
 +        name=${clean_line##*[[:space:]]}
 +        status=offline
 +        if [ "$ip" != "" -a "$name" != "" -a "$ip" != "127.0.0.1" -a "$ip" != "::1" ]
 +        then
 +                (ping -c 1 -w 1 $ip 2> /dev/null > /dev/null
 +                if [ $? -eq 0 ]
 +                then
 +                        status=online
 +                fi
 +                echo "
 +- name: $name
 +  ip: $ip
 +  status: $status" >> ${TARGET_TEMP})
 +        fi
 +done < "/etc/hosts"
 +
 +wait
 +test -e ${TARGET_TEMP} && mv ${TARGET_TEMP} ${TARGET}
 +</file>
 +
 +
 +<file - theme.css>
 +div.display.running {
 +  background-color: green;
 +  color: white;
 +}
 +
 +div.display.stopped {
 +  background-color: red;
 +}
 +
 +div.display.online {
 +  background-color: green;
 +  color: white;
 +}
 +
 +div.display.offline {
 +  background-color: red;
 +}
 +</file>
 +
 +===== Autostart =====
 +
 +OliveTin provides both a SystemD service file and an OpenRC init script. If you, like me, prefeer to use OpenRC, keep in mind that the provided one has some limits like no stdout/err redirect and the binary path should be changed to /opt/olivetin. So i rolled my own, which is pretty easy, and almost identical.
 +
 +Drop the following to **/etc/init.d/olivetin**:
 +<file - olivetin>
 +#!/sbin/openrc-run
 +# Copyright 1999-2021 Gentoo Authors
 +# Distributed under the terms of the GNU General Public License v2
 +
 +description="OliveTin"
 +pidfile="/run/olivetin.pid"
 +command_background=true
 +command="/opt/olivetin/OliveTin"
 +command_args=""
 +output_log="/var/log/olivetin/olivetin.log"
 +output_err="/var/log/olivetin/olivetin.log"
 +
 +depend() {
 +        need net
 +}
 +
 +</file>
 +
 +and make it executable, add to the runlevel, and start it:
 +<code bash>
 +mkdir /var/log/olivetin
 +chmod +x /etc/init.d/olivetin
 +rc-update add olivetin default
 +/etc/init.d/olivetin start
 +</code>
 +
 +Yes, i prefer to keep it's log separate, so i created also a log folder for it.
 +
  
  

This website uses technical cookies only. No information is shared with anybody or used in any way but provide the website in your browser.

More information