From ad5ef9085c7ddd8e957549a0857247018ac25b82 Mon Sep 17 00:00:00 2001
From: alexandrev-tibco <alexandre.vazquez@cloud.com>
Date: Sat, 30 Aug 2025 09:05:45 +0200
Subject: [PATCH] add metrics endpoint adn external config

---
 manage-lxc-vm-notes.sh | 117 ++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 115 insertions(+), 2 deletions(-)

diff --git a/manage-lxc-vm-notes.sh b/manage-lxc-vm-notes.sh
index f23b872..49ab29e 100755
--- a/manage-lxc-vm-notes.sh
+++ b/manage-lxc-vm-notes.sh
@@ -18,7 +18,7 @@ update_notes() {
   case "$os" in
     alpine)
       update_cmd="apk update && apk upgrade --no-cache"
-      install_base_pkgs="apk add --no-cache docker openssh"
+      install_base_pkgs="apk add --no-cache docker openssh jq"
       
       # Comprobar si tailscale está instalado
       check_tailscale_installed=$(pct exec "$vmid" -- sh -c "which tailscale 2>/dev/null || echo notfound")
@@ -35,7 +35,7 @@ update_notes() {
       ;;
     ubuntu)
       update_cmd="apt-get update && DEBIAN_FRONTEND=noninteractive apt-get upgrade -y"
-      install_base_pkgs="apt-get install -y docker.io openssh-server"
+      install_base_pkgs="apt-get install -y docker.io openssh-server jq"
 
       check_tailscale_installed=$(pct exec "$vmid" -- sh -c "which tailscale 2>/dev/null || echo notfound")
       if [[ "$check_tailscale_installed" == "notfound" ]]; then
@@ -63,6 +63,119 @@ update_notes() {
   pct exec "$vmid" -- sh -c "$enable_ssh"
   pct exec "$vmid" -- sh -c "$enable_tailscale_check"
 
+  echo "[INFO] Verificando configuración del Docker API y métricas en $type $vmid..."
+  pct exec "$vmid" -- sh -c '
+    set -e
+    mkdir -p /etc/docker
+    DAEMON_JSON="/etc/docker/daemon.json"
+    TMP_JSON="/etc/docker/daemon.json.tmp"
+
+    ensure_json() {
+      if [ -f "$DAEMON_JSON" ]; then
+        echo "[INFO] daemon.json existente encontrado. Verificando llaves requeridas..."
+        if ! command -v jq >/dev/null 2>&1; then
+          echo "[ERROR] jq no está instalado; no se puede actualizar JSON de Docker." >&2
+          exit 1
+        fi
+        jq \
+          '\n          (.hosts = ((.hosts // []) + ["unix:///var/run/docker.sock","tcp://0.0.0.0:2375"]) | .hosts |= unique)\n          | .["metrics-addr"] = "0.0.0.0:9023"\n          | .experimental = true\n          ' "$DAEMON_JSON" > "$TMP_JSON"
+      else
+        echo "[INFO] Creando daemon.json con configuración por defecto (API TCP + métricas)."
+        cat > "$TMP_JSON" <<'JSON'
+{
+  "hosts": ["unix:///var/run/docker.sock", "tcp://0.0.0.0:2375"],
+  "metrics-addr": "0.0.0.0:9023",
+  "experimental": true
+}
+JSON
+      fi
+
+      if [ ! -f "$DAEMON_JSON" ] || ! cmp -s "$DAEMON_JSON" "$TMP_JSON"; then
+        echo "[INFO] Aplicando cambios a daemon.json"
+        cp "$TMP_JSON" "$DAEMON_JSON"
+        JSON_CHANGED=1
+      else
+        echo "[INFO] daemon.json ya contiene la configuración requerida."
+        JSON_CHANGED=0
+      fi
+      rm -f "$TMP_JSON"
+    }
+
+    apply_systemd_override_if_needed() {
+      # Sólo para sistemas con systemd (Ubuntu)
+      if command -v systemctl >/dev/null 2>&1; then
+        echo "[INFO] Detectado systemd. Verificando override de servicio Docker..."
+        mkdir -p /etc/systemd/system/docker.service.d
+        OVERRIDE="/etc/systemd/system/docker.service.d/override.conf"
+        NEED_OVERRIDE=0
+        if systemctl cat docker 2>/dev/null | grep -qE "ExecStart=.*-H fd://"; then
+          NEED_OVERRIDE=1
+        fi
+
+        if [ $NEED_OVERRIDE -eq 1 ]; then
+          echo "[INFO] Creando override de systemd para remover -H fd:// y permitir hosts desde daemon.json"
+          cat > "$OVERRIDE" <<'OVR'
+[Service]
+ExecStart=
+ExecStart=/usr/bin/dockerd
+OVR
+          systemctl daemon-reload
+          OVERRIDE_APPLIED=1
+        else
+          echo "[INFO] No se requiere override de systemd."
+          OVERRIDE_APPLIED=0
+        fi
+      else
+        OVERRIDE_APPLIED=0
+      fi
+    }
+
+    restart_docker() {
+      if command -v systemctl >/dev/null 2>&1; then
+        systemctl restart docker || true
+        if systemctl is-active --quiet docker; then
+          echo "[INFO] Docker reiniciado (systemd)."
+        else
+          echo "[WARN] Docker no está activo tras reinicio (systemd)."
+        fi
+      elif command -v rc-service >/dev/null 2>&1; then
+        rc-service docker restart || true
+        rc-service docker status || true
+        echo "[INFO] Docker reiniciado (OpenRC)."
+      else
+        echo "[WARN] No se pudo detectar gestor de servicios para reiniciar Docker."
+      fi
+    }
+
+    check_listeners() {
+      echo "[INFO] Comprobando puertos en escucha para Docker..."
+      if command -v ss >/dev/null 2>&1; then
+        ss -lnt | awk "{print}"
+      elif command -v netstat >/dev/null 2>&1; then
+        netstat -lnt || true
+      fi
+      if ss -lnt 2>/dev/null | grep -q ":2375 "; then
+        echo "[INFO] API Docker TCP escuchando en 0.0.0.0:2375"
+      else
+        echo "[WARN] API Docker TCP NO detectada en 0.0.0.0:2375"
+      fi
+      if ss -lnt 2>/dev/null | grep -q ":9023 "; then
+        echo "[INFO] Métricas Docker escuchando en 0.0.0.0:9023"
+      else
+        echo "[WARN] Métricas Docker NO detectadas en 0.0.0.0:9023"
+      fi
+    }
+
+    ensure_json
+    apply_systemd_override_if_needed
+    if [ ${JSON_CHANGED:-0} -eq 1 ] || [ ${OVERRIDE_APPLIED:-0} -eq 1 ]; then
+      restart_docker
+    else
+      echo "[INFO] Configuración de Docker ya presente; no se requiere reinicio."
+    fi
+    check_listeners
+  '
+
   # Estado tailscale
   tailscale_status=$(pct exec "$vmid" -- sh -c "$check_tailscale_status" 2>&1)
   if echo "$tailscale_status" | grep -q "running"; then