Metadata-Version: 2.4
Name: inferyx-monitoring
Version: 1.0.44
Summary: Monitor batch pipelines via API and email alerts — install and deploy on Linux servers from PyPI
Author-email: Inferyx DevOps <devops@inferyx.com>
License: Copyright (c) 2026 Inferyx. All rights reserved.
        
        Proprietary software. Unauthorized copying, distribution, or use is prohibited
        unless agreed in writing with Inferyx.
        
        For open-source release, replace this file with your chosen license (e.g. MIT, Apache-2.0)
        before publishing to public PyPI.
        
Keywords: batch,monitoring,pipeline,email,inferyx
Classifier: Development Status :: 4 - Beta
Classifier: Intended Audience :: System Administrators
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.9
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Operating System :: OS Independent
Classifier: Topic :: System :: Monitoring
Requires-Python: >=3.9
Description-Content-Type: text/markdown
License-File: LICENSE
Requires-Dist: pandas>=2.0.0
Requires-Dist: requests>=2.31.0
Requires-Dist: python-dateutil>=2.8.2
Requires-Dist: fastapi>=0.110.0
Requires-Dist: uvicorn[standard]>=0.27.0
Requires-Dist: pydantic>=2.0.0
Provides-Extra: admin
Provides-Extra: dev
Requires-Dist: build; extra == "dev"
Requires-Dist: twine; extra == "dev"
Requires-Dist: check-manifest; extra == "dev"
Dynamic: license-file

# inferyx-monitoring

**Version:** 1.0.44 · **PyPI:** [inferyx-monitoring](https://pypi.org/project/inferyx-monitoring/)

Monitors batch jobs from a CSV file, queries the Inferyx API, and sends email alerts (optional Teams / Google Chat). Includes admin web UI and API — one package, one systemd service.

| Alert | When |
|-------|------|
| **failed** | Batch execution failed |
| **running** | Still running past expected end |
| **missed** | Did not start on schedule |
| **no_data** | No API record (email to DevOps) |

**Disable browser UI only:** `"ui": { "enabled": false }` in `/etc/pipeline-monitor/auth.policy`. Monitor and admin API keep running.

---

## What's new in 1.0.44

- Production install: one script installs from PyPI (no manual pip step required).
- Skips user/group/directory creation if they already exist.
- Final install and upgrade steps for production servers.

---

## Paths

| Item | Path |
|------|------|
| Install directory | `/opt/pipeline-monitor` |
| Python venv | `/opt/pipeline-monitor/.venv` |
| Install script | `/opt/pipeline-monitor/.venv/share/inferyx-monitoring/install_inferyx_monitoring.sh` |
| Upgrade script | `/opt/pipeline-monitor/.venv/share/inferyx-monitoring/upgrade_inferyx_monitoring.sh` |
| Monitor config | `/opt/pipeline-monitor/.env` |
| Batch CSV | `/opt/pipeline-monitor/batch_file.csv` |
| OAuth policy | `/etc/pipeline-monitor/auth.policy` |
| UI static files | `/var/www/pipeline-monitor-admin/` |
| Nginx config | `/etc/nginx/sites-available/pipeline-monitor-admin` |
| systemd service | `inferyx-monitoring.service` |
| Public UI | `https://<host>/monitoring/admin/` |
| Public API | `https://<host>/monitoring/api/` |

---

## Install (new server)

Use when `/opt/pipeline-monitor` is **not** set up yet.  
For an existing install, use [Upgrade](#upgrade) — do not re-run install.

### Option A — One command (recommended)

Copy `install_inferyx_monitoring.sh` to the server (from the pip package, git repo `server/` folder, or a colleague). Then run:

```bash
sudo bash install_inferyx_monitoring.sh
```

**No prior pip install needed.** The script automatically:

| Step | Action |
|------|--------|
| 1 | Installs `python3` / `python3-venv` via apt (if missing) |
| 2 | Creates user `inferyx` (only if user does not exist) |
| 3 | Creates `/opt/pipeline-monitor` and Python venv |
| 4 | `pip install inferyx-monitoring` from PyPI |
| 5 | Creates `.env` and `batch_file.csv` (if missing) |
| 6 | Creates `auth.policy` (if missing) |
| 7 | Deploys UI to `/var/www/pipeline-monitor-admin/` |
| 8 | Enables `inferyx-monitoring.service` |

Pin a version: `sudo bash install_inferyx_monitoring.sh --pin 1.0.44`

### Option B — First time when you only have PyPI (no script file yet)

Bootstrap pip to get the install script, then run it:

```bash
sudo apt update && sudo apt install -y python3 python3-venv

id inferyx &>/dev/null || sudo useradd --system --home-dir /opt/pipeline-monitor --shell /usr/sbin/nologin inferyx
sudo mkdir -p /opt/pipeline-monitor && sudo chown inferyx:inferyx /opt/pipeline-monitor
sudo -u inferyx python3 -m venv /opt/pipeline-monitor/.venv
sudo -u inferyx /opt/pipeline-monitor/.venv/bin/pip install inferyx-monitoring

sudo bash /opt/pipeline-monitor/.venv/share/inferyx-monitoring/install_inferyx_monitoring.sh
```

The install script is idempotent — it skips user, venv, and existing config files.

### After install — edit config (manual)

```bash
sudo -u inferyx vi /opt/pipeline-monitor/.env
sudo -u inferyx vi /opt/pipeline-monitor/batch_file.csv
sudo chmod 600 /opt/pipeline-monitor/.env
sudo vi /etc/pipeline-monitor/auth.policy

sudo cp /opt/pipeline-monitor/.venv/share/inferyx-monitoring/nginx-pipeline-monitor-admin.conf.example \
  /etc/nginx/sites-available/pipeline-monitor-admin
sudo vi /etc/nginx/sites-available/pipeline-monitor-admin
sudo ln -sf /etc/nginx/sites-available/pipeline-monitor-admin /etc/nginx/sites-enabled/
sudo nginx -t && sudo systemctl reload nginx
```

| File | You set |
|------|---------|
| `.env` | SMTP, API token, alert emails |
| `batch_file.csv` | Batch names and schedules |
| `auth.policy` | OAuth, `ui.enabled` |
| nginx site | `server_name`, SSL certificates |

### Verify

```bash
sudo -u inferyx /opt/pipeline-monitor/.venv/bin/inferyx-monitoring --once --work-dir /opt/pipeline-monitor
sudo systemctl status inferyx-monitoring.service
curl -s http://127.0.0.1:8090/api/health
```

---

## Upgrade (existing server)

Use when `/opt/pipeline-monitor` **already exists**.

```bash
sudo bash /opt/pipeline-monitor/.venv/share/inferyx-monitoring/upgrade_inferyx_monitoring.sh
```

| Step | Action |
|------|--------|
| 1 | `pip install --upgrade inferyx-monitoring` |
| 2 | Adds missing `.env` keys (secrets unchanged) |
| 3 | Deploys UI to `/var/www/pipeline-monitor-admin/` |
| 4 | Updates systemd unit |
| 5 | Restarts `inferyx-monitoring.service` |

Review manually (not changed by upgrade):

| File | You review |
|------|------------|
| `.env` | SMTP, API token |
| `auth.policy` | OAuth, `ui.enabled` |
| nginx | SSL, `server_name` |

```bash
sudo systemctl status inferyx-monitoring.service
sudo journalctl -u inferyx-monitoring.service -n 50
curl -s http://127.0.0.1:8090/api/health
```

---

## Configuration

### `.env` (`/opt/pipeline-monitor/.env`)

**Required:**

| Property | Description |
|----------|-------------|
| `PIPELINE_SMTP_HOST` | SMTP server |
| `PIPELINE_SMTP_PORT` | SMTP port (e.g. `587`) |
| `PIPELINE_SMTP_USERNAME` | SMTP username |
| `PIPELINE_SMTP_PASSWORD` | SMTP password |
| `PIPELINE_FROM_NAME` | Sender name |
| `PIPELINE_MAIL_TO` | Alert recipients (comma-separated) |
| `PIPELINE_API_BASE_URL` | Inferyx API URL (no `name=` in URL) |
| `PIPELINE_API_TOKEN` | API token |
| `PIPELINE_API_TOKEN_HEADER` | Header name (`token` or `Authorization`) |
| `PIPELINE_DEVOPS_EMAIL` | `no_data` alert recipient |

**Common optional:**

| Property | Default | Description |
|----------|---------|-------------|
| `PIPELINE_CHECK_MODE` | `schedule_windows` | `schedule_windows` or `full_window` |
| `PIPELINE_CHECK_WINDOW_MINUTES` | `10` | API poll window (minutes) |
| `PIPELINE_TEAMS_ENABLED` | `false` | Teams webhook alerts |
| `PIPELINE_TEAMS_WEBHOOK_URL` | (empty) | Teams webhook URL |
| `PIPELINE_GCHAT_ENABLED` | `false` | Google Chat alerts |
| `PIPELINE_GCHAT_WEBHOOK_URL` | (empty) | Google Chat webhook URL |

Missing keys are added on service start. Secrets are never overwritten.

### `auth.policy` (`/etc/pipeline-monitor/auth.policy`)

JSON file. Not updated by install/upgrade scripts.

| Property | Example | Description |
|----------|---------|-------------|
| `ui.enabled` | `true` | `false` = disable browser UI only |
| `ui.public_base_url` | `https://monitor.example.com` | Public URL |
| `ui.ui_base_path` | `/monitoring/admin/` | UI path |
| `auth.google.client_id` | `...apps.googleusercontent.com` | OAuth client ID |
| `auth.google.client_secret_path` | `/etc/pipeline-monitor/google_client_secret` | Secret file |
| `auth.google.redirect_uri` | `https://<host>/monitoring/api/auth/callback/google` | OAuth redirect |
| `auth.google.allowed_domains` | `["example.com"]` | Allowed domains |

**Google client secret:**

```bash
echo 'YOUR_CLIENT_SECRET' | sudo tee /etc/pipeline-monitor/google_client_secret
sudo chmod 600 /etc/pipeline-monitor/google_client_secret
```

**Disable browser UI:**

```json
"ui": { "enabled": false }
```

Then: `sudo systemctl restart inferyx-monitoring.service`

### Nginx

Template: `/opt/pipeline-monitor/.venv/share/inferyx-monitoring/nginx-pipeline-monitor-admin.conf.example`

Live: `/etc/nginx/sites-available/pipeline-monitor-admin`

Reload after edits: `sudo nginx -t && sudo systemctl reload nginx`

### Batch CSV (`/opt/pipeline-monitor/batch_file.csv`)

```csv
Name,Frequency,ExpectedStartTime,AvgExecutionTime,ExpectedDayOfMonth,Status
daily_report,Daily,9:00:00,"10 mins",,Active
monthly_close,Monthly,6:00:00,"45 mins",1,Active
```

| Column | Values |
|--------|--------|
| `Name` | Batch name in Inferyx API |
| `Frequency` | `Daily`, `Weekly`, `Monthly`, `Once` |
| `ExpectedStartTime` | `HH:MM:SS` (24-hour) |
| `AvgExecutionTime` | e.g. `"10 mins"` |
| `ExpectedDayOfMonth` | Day 1–31 (monthly only) |
| `Status` | `Active` or `Suspended` |

Only `Active` rows are monitored.
