Django app which listens for pings and sends alerts when pings are late.
Deploy this app to Linode with a free $100 credit!
Healthchecks is a cron job monitoring service. It listens for HTTP requests and email messages ("pings") from your cron jobs and scheduled tasks ("checks"). When a ping does not arrive on time, Healthchecks sends out alerts.
Healthchecks comes with a web dashboard, API, 25+ integrations for delivering notifications, monthly email reports, WebAuthn 2FA support, team management features: projects, team members, read-only access.
The building blocks are:
Healthchecks is licensed under the BSD 3-clause license.
Healthchecks is available as a hosted service at https://healthchecks.io/.
Screenshots:
The "My Checks" screen. Shows the status of all your cron jobs in a live-updating dashboard.
Each check has configurable Period and Grace Time parameters. Period is the expected time between pings. Grace Time specifies how long to wait before sending out alerts when a job is running late.
Alternatively, you can define the expected schedules using a cron expressions. Healthchecks uses the cronsim library to parse and evaluate cron expressions.
Check details page, with a live-updating event log.
Healthchecks provides status badges with public but hard-to-guess URLs. You can use them in your READMEs, dashboards, or status pages.
To set up Healthchecks development environment:
Install dependencies (Debian/Ubuntu):
$ sudo apt update
$ sudo apt install -y gcc python3-dev python3-venv libpq-dev libcurl4-openssl-dev libssl-dev
Prepare directory for project code and virtualenv. Feel free to use a different location:
$ mkdir -p ~/webapps
$ cd ~/webapps
Prepare virtual environment (with virtualenv you get pip, we'll use it soon to install requirements):
$ python3 -m venv hc-venv
$ source hc-venv/bin/activate
$ pip3 install wheel # make sure wheel is installed in the venv
Check out project code:
$ git clone https://github.com/healthchecks/healthchecks.git
Install requirements (Django, ...) into virtualenv:
$ pip install -r healthchecks/requirements.txt
Mac OS only - pycurl needs to be reinstalled using the following method (assumes OpenSSL was installed using brew):
$ export PYCURL_VERSION=cat requirements.txt | grep pycurl | cut -d '=' -f3
$ export OPENSSL_LOCATION=brew --prefix openssl
$ export PYCURL_SSL_LIBRARY=openssl
$ export LDFLAGS=-L$OPENSSL_LOCATION/lib
$ export CPPFLAGS=-I$OPENSSL_LOCATION/include
$ pip uninstall -y pycurl
$ pip install pycurl==$PYCURL_VERSION --compile --no-cache-dir
Create database tables and a superuser account:
$ cd ~/webapps/healthchecks
$ ./manage.py migrate
$ ./manage.py createsuperuser
With the default configuration, Healthchecks stores data in a SQLite file
hc.sqlite
in the checkout directory (~/webapps/healthchecks
).
To use PostgreSQL or MySQL, see the section Database Configuration section below.
Run tests:
$ ./manage.py test
Run development server:
$ ./manage.py runserver
The site should now be running at http://localhost:8000
.
To access Django administration site, log in as a superuser, then
visit http://localhost:8000/admin/
Healthchecks reads configuration from environment variables.
Full list of configuration parameters.
Healthchecks comes with Django's administration panel where you can manually view and modify user accounts, projects, checks, integrations etc. To access it,
./manage.py createsuperuser
Healthchecks must be able to send email messages, so it can send out login links and alerts to users. Specify your SMTP credentials using the following environment variables:
Implicit TLS (recommended):
EMAIL_HOST = "your-smtp-server-here.com"
EMAIL_PORT = 465
EMAIL_HOST_USER = "smtp-username"
EMAIL_HOST_PASSWORD = "smtp-password"
EMAIL_USE_TLS = False
EMAIL_USE_SSL = True
Port 465 should be the preferred method according to RFC8314 Section 3.3: Implicit TLS for SMTP Submission. Be sure to use a TLS certificate and not an SSL one.
Explicit TLS:
EMAIL_HOST = "your-smtp-server-here.com"
EMAIL_PORT = 587
EMAIL_HOST_USER = "smtp-username"
EMAIL_HOST_PASSWORD = "smtp-password"
EMAIL_USE_TLS = True
For more information, have a look at Django documentation, Sending Email section.
Healthchecks comes with a smtpd
management command, which starts up a
SMTP listener service. With the command running, you can ping your
checks by sending email messages
to your-uuid-here@my-monitoring-project.com
email addresses.
Start the SMTP listener on port 2525:
$ ./manage.py smtpd --port 2525
Send a test email:
$ curl --url 'smtp://127.0.0.1:2525' \
--mail-from 'foo@example.org' \
--mail-rcpt '11111111-1111-1111-1111-111111111111@my-monitoring-project.com' \
-F '='
healtchecks comes with a sendalerts
management command, which continuously
polls database for any checks changing state, and sends out notifications as
needed. Within an activated virtualenv, you can manually run
the sendalerts
command like so:
$ ./manage.py sendalerts
In a production setup, you will want to run this command from a process manager like supervisor or systemd.
Healthchecks deletes old entries from api_ping
and api_notification
tables automatically. By default, Healthchecks keeps the 100 most recent
pings for every check. You can set the limit higher to keep a longer history:
go to the Administration Panel, look up user's Profile and modify its
"Ping log limit" field.
For each check, Healthchecks removes notifications that are older than the oldest stored ping for same check.
Healthchecks also provides management commands for cleaning up
auth_user
, api_tokenbucket
and api_flip
tables.
Last login was more than 6 months ago, and the account has no checks. Assume the user doesn't intend to use the account any more and would probably want it removed.
$ ./manage.py pruneusers
Remove old records from the api_tokenbucket
table. The TokenBucket
model is used for rate-limiting login attempts and similar operations.
Any records older than one day can be safely removed.
$ ./manage.py prunetokenbucket
Remove old records from the api_flip
table. The Flip
objects are used to track status changes of checks, and to calculate
downtime statistics month by month. Flip objects from more than 3 months
ago are not used and can be safely removed.
$ ./manage.py pruneflips
Remove old objects from external object storage. When an user removes
a check, removes a project, or closes their account, Healthchecks
does not remove the associated objects from the external object
storage on the fly. Instead, you should run pruneobjects
occasionally
(for example, once a month). This command first takes an inventory
of all checks in the database, and then iterates over top-level
keys in the object storage bucket, and deletes any that don't also
exist in the database.
$ ./manage.py pruneobjects
When you first try these commands on your data, it is a good idea to test them on a copy of your database, not on the live database right away. In a production setup, you should also have regular, automated database backups set up.
Healthchecks optionally supports two-factor authentication using the WebAuthn
standard. To enable WebAuthn support, set the RP_ID
(relying party identifier )
setting to a non-null value. Set its value to your site's domain without scheme
and without port. For example, if your site runs on https://my-hc.example.org
,
set RP_ID
to my-hc.example.org
.
Note that WebAuthn requires HTTPS, even if running on localhost. To test WebAuthn
locally with a self-signed certificate, you can use the runsslserver
command
from the django-sslserver
package.
Healthchecks supports external authentication by means of HTTP headers set by reverse proxies or the WSGI server. This allows you to integrate it into your existing authentication system (e.g., LDAP or OAuth) via an authenticating proxy. When this option is enabled, healtchecks will trust the header's value implicitly, so it is very important to ensure that attackers cannot set the value themselves (and thus impersonate any user). How to do this varies by your chosen proxy, but generally involves configuring it to strip out headers that normalize to the same name as the chosen identity header.
To enable this feature, set the REMOTE_USER_HEADER
value to a header you wish to
authenticate with. HTTP headers will be prefixed with HTTP_
and have any dashes
converted to underscores. Headers without that prefix can be set by the WSGI server
itself only, which is more secure.
When REMOTE_USER_HEADER
is set, Healthchecks will:
- assume the header contains user's email address
- look up and automatically log in the user with a matching email address
- automatically create an user account if it does not exist
- disable the default authentication methods (login link to email, password)
Healthchecks can optionally store large ping bodies in S3-compatible object storage. To enable this feature, you will need to:
pip install minio
S3_ACCESS_KEY
,
S3_SECRET_KEY
, S3_ENDPOINT
, S3_REGION
and S3_BUCKET
.Healthchecks will use external object storage for storing any request bodies that exceed 100 bytes. If the size of a request body is 100 bytes or below, Healthchecks will still store it in the database.
Healthchecks automatically removes old stored ping bodies from object
storage while uploading new data. However, Healthchecks does not automatically
clean up data when you delete checks, projects or entire user accounts.
Use the pruneobjects
management command to remove data for checks that don't
exist any more.
To enable the Slack "self-service" integration, you will need to create a "Slack App".
To do so:
* Create a new Slack app on https://api.slack.com/apps/
* Add at least one scope in the permissions section to be able to deploy the app in your workspace (By example incoming-webhook
for the Bot Token Scopes
https://api.slack.com/apps/APP_ID/oauth?).
* Add a redirect url in the format SITE_ROOT/integrations/add_slack_btn/
.
For example, if your SITE_ROOT is https://my-hc.example.org
then the redirect URL would be
https://my-hc.example.org/integrations/add_slack_btn/
.
* Look up your Slack app for the Client ID and Client Secret at https://api.slack.com/apps/APP_ID/general? . Put them
in SLACK_CLIENT_ID
and SLACK_CLIENT_SECRET
environment
variables.
To enable Discord integration, you will need to:
SITE_ROOT/integrations/add_discord/
. For example, if you are running a
development server on localhost:8000
then the redirect URI would be
http://localhost:8000/integrations/add_discord/
DISCORD_CLIENT_ID
and DISCORD_CLIENT_SECRET
environment
variables.Pushover integration works by creating an application on Pushover.net which is then subscribed to by Healthchecks users. The registration workflow is as follows:
To enable the Pushover integration, you will need to:
http://healthchecks.example.com/
).PUSHOVER_API_TOKEN
and PUSHOVER_SUBSCRIPTION_URL
environment
variables. The Pushover subscription URL should look similar to
https://pushover.net/subscribe/yourAppName-randomAlphaNumericData
.Healthchecks uses signal-cli to send Signal notifications. Healthcecks interacts with signal-cli over UNIX or TCP socket. Healthchecks requires signal-cli version 0.11.2 or later.
To enable the Signal integration via UNIX socket:
signal-cli -a +xxxxxx daemon --socket /tmp/signal-cli-socket
SIGNAL_CLI_SOCKET
environment variable.To enable the Signal integration via TCP socket:
signal-cli -a +xxxxxx daemon --tcp 127.0.0.1:7583
SIGNAL_CLI_SOCKET
environment variable
using "hostname:port" syntax, example: 127.0.0.1:7583
.TELEGRAM_BOT_NAME
and TELEGRAM_TOKEN
environment variables.Run settelegramwebhook
management command. This command tells Telegram
where to forward channel messages by invoking Telegram's
setWebhook API call:
$ ./manage.py settelegramwebhook
Done, Telegram's webhook set to: https://my-monitoring-project.com/integrations/telegram/bot/
For this to work, your SITE_ROOT
must be correct and must use the "https://"
scheme.
To enable Apprise integration, you will need to:
pip install apprise
APPRISE_ENABLED
environment variable.The "Shell Commands" integration runs user-defined local shell commands when checks
go up or down. This integration is disabled by default, and can be enabled by setting
the SHELL_ENABLED
environment variable to True
.
Note: be careful when using "Shell Commands" integration, and only enable it when
you fully trust the users of your Healthchecks instance. The commands will be executed
by the manage.py sendalerts
process, and will run with the same system permissions as
the sendalerts
process.
To enable the Matrix integration you will need to:
MATRIX_
environment variables. Example:MATRIX_HOMESERVER=https://matrix.org
MATRIX_USER_ID=@mychecks:matrix.org
MATRIX_ACCESS_TOKEN=[a long string of characters returned by the login call]
To enable PagerDuty Simple Install Flow,
https://your-domain.com/integrations/add_pagerduty/
PD_APP_ID
environment
variableHere is a non-exhaustive list of pointers and things to check before launching a Healthchecks instance in production.
False
.manage.py compress
– creates combined JS and CSS bundles and
places them in the static-collected
directory.manage.py collectstatic
– collects static files in the static-collected
directory.manage.py migrate
– applies any pending database schema changes
and data migrations.manage.py runserver
is intended for development only.
Do not use it in production, instead consider using
uWSGI or
gunicorn.manage.py sendalerts
is the process that monitors checks and sends out
monitoring alerts. It must be always running, it must be started on reboot, and it
must be restarted if it itself crashes. On modern linux systems, a good option is
to define a systemd service
for it.Please login to review this project.
No reviews for this project yet.
Drag-and-drop file conversion server with session based aut…
FeedMixer is a WSGI (Python3) micro web service which takes…
Automatic Video Library Manager for TV Shows. It watches fo…
Comments (0)
Please login to join the discussion on this project.