summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel Weipert <code@drogueronin.de>2023-11-14 13:33:14 +0100
committerDaniel Weipert <code@drogueronin.de>2023-11-14 13:33:14 +0100
commit9b41dbdcb2c810804417b9ffc4e74a7b3e534ac2 (patch)
treec4cf9ace30d0cd35aebb6ac70f2be43b1371f5d6
initial commit
l---------.config/yadm/bootstrap1
-rw-r--r--.config/yadm/bootstrap##distro.Ubuntu29
-rwxr-xr-x.local/bin/docker-compose-update4
-rwxr-xr-x.local/bin/docker-compose-update-all23
-rwxr-xr-x.local/bin/update13
-rw-r--r--Applications/Services/traefik/.env.example6
-rw-r--r--Applications/Services/traefik/docker-compose.yml50
7 files changed, 126 insertions, 0 deletions
diff --git a/.config/yadm/bootstrap b/.config/yadm/bootstrap
new file mode 120000
index 0000000..c57c56e
--- /dev/null
+++ b/.config/yadm/bootstrap
@@ -0,0 +1 @@
+bootstrap##distro.Ubuntu \ No newline at end of file
diff --git a/.config/yadm/bootstrap##distro.Ubuntu b/.config/yadm/bootstrap##distro.Ubuntu
new file mode 100644
index 0000000..6ff7558
--- /dev/null
+++ b/.config/yadm/bootstrap##distro.Ubuntu
@@ -0,0 +1,29 @@
+#!/bin/bash
+
+sudo apt update
+sudo apt install -y \
+ zsh neovim man-db
+
+chsh -s /bin/zsh
+
+
+# docker
+sudo apt install -y \
+ ca-certificates curl gnupg
+
+sudo install -m 0775 -d /etc/apt/keyrings
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
+sudo chmod a+r /etc/apt/keyrings/docker.gpg
+
+echo \
+ "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
+ "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | \
+ sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+
+sudo apt update
+sudo apt install -y \
+ docker-ce docker-compose
+
+usermod -a -G docker $(whoami)
+sudo service docker enable
+sudo service docker start
diff --git a/.local/bin/docker-compose-update b/.local/bin/docker-compose-update
new file mode 100755
index 0000000..ba76da1
--- /dev/null
+++ b/.local/bin/docker-compose-update
@@ -0,0 +1,4 @@
+docker compose down
+docker compose build
+docker compose pull
+docker compose up -d $@
diff --git a/.local/bin/docker-compose-update-all b/.local/bin/docker-compose-update-all
new file mode 100755
index 0000000..99db85f
--- /dev/null
+++ b/.local/bin/docker-compose-update-all
@@ -0,0 +1,23 @@
+#!/usr/bin/env python3
+
+import sys, os
+import subprocess
+
+
+process_docker_ps = subprocess.run(['docker', 'ps', '-q'], stdout=subprocess.PIPE)
+
+container_ids = process_docker_ps.stdout.decode('utf-8').split('\n')
+
+docker_compose_project_paths = []
+for id in container_ids:
+ if id:
+ process_docker_inspect = subprocess.run(['docker', 'inspect', '--format', '{{ index .Config.Labels "com.docker.compose.project.working_dir" }}', id], stdout=subprocess.PIPE)
+ docker_compose_project_paths.append(process_docker_inspect.stdout.decode('utf-8').strip())
+
+docker_compose_project_paths = set(docker_compose_project_paths)
+
+for path in docker_compose_project_paths:
+ subprocess.run(['docker', 'compose', 'down'], cwd=path)
+ subprocess.run(['docker', 'compose', 'build'], cwd=path)
+ subprocess.run(['docker', 'compose', 'pull'], cwd=path)
+ subprocess.Popen(['docker', 'compose', 'up', '-d'], cwd=path)
diff --git a/.local/bin/update b/.local/bin/update
new file mode 100755
index 0000000..3fc5067
--- /dev/null
+++ b/.local/bin/update
@@ -0,0 +1,13 @@
+#!/usr/bin/env python3
+
+import sys, os
+import subprocess
+
+
+# apt
+subprocess.run(["sudo", "apt", "update"])
+subprocess.run(["sudo", "apt", "upgrade", "-y"])
+
+
+# docker
+subprocess.run(["docker-compose-update-all"])
diff --git a/Applications/Services/traefik/.env.example b/Applications/Services/traefik/.env.example
new file mode 100644
index 0000000..f68b9ba
--- /dev/null
+++ b/Applications/Services/traefik/.env.example
@@ -0,0 +1,6 @@
+DOMAIN=traefik.example.org
+ADMIN_USER=admin
+ADMIN_PASSWORD=123456
+LETSENCRYPT_EMAIL=le@example.org
+VOLUME_LETSENCRYPT=traefik-letsencrypt
+NETWORK=traefik-public
diff --git a/Applications/Services/traefik/docker-compose.yml b/Applications/Services/traefik/docker-compose.yml
new file mode 100644
index 0000000..9a04d83
--- /dev/null
+++ b/Applications/Services/traefik/docker-compose.yml
@@ -0,0 +1,50 @@
+version: "3"
+
+services:
+ traefik:
+ image: traefik
+ container_name: "traefik"
+ restart: always
+ command:
+ #- "--log.level=DEBUG"
+ - "--api.insecure=true"
+ - "--entrypoints.web.address=:80"
+ - "--entrypoints.websecure.address=:443"
+ - "--providers.docker=true"
+ - "--providers.docker.exposedbydefault=false"
+ - "--certificatesresolvers.letsencrypt.acme.email=${LETSENCRYPT_EMAIL}"
+ - "--certificatesresolvers.letsencrypt.acme.storage=/letsencrypt/acme.json"
+ - "--certificatesresolvers.letsencrypt.acme.httpchallenge=true"
+ - "--certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=web"
+ ports:
+ - "80:80"
+ - "443:443"
+ labels:
+ - "traefik.enable=true"
+ # Dashboard
+ - "traefik.http.services.traefik.loadbalancer.server.port=8080"
+ - "traefik.http.routers.traefik.rule=Host(`${DOMAIN}`)"
+ - "traefik.http.routers.traefik.entrypoints=websecure"
+ - "traefik.http.routers.traefik.tls.certresolver=letsencrypt"
+ # Dashboard Auth
+ - "traefik.http.routers.traefik.middlewares=dashboardauth"
+ - "traefik.http.middlewares.dashboardauth.basicauth.users=${ADMIN_USER}:${ADMIN_PASSWORD}"
+ # HTTPS redirect
+ - "traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)"
+ - "traefik.http.routers.http-catchall.entrypoints=web"
+ - "traefik.http.routers.http-catchall.middlewares=redirect-to-https@docker"
+ - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
+ volumes:
+ - "/var/run/docker.sock:/var/run/docker.sock"
+ - "traefik-letsencrypt:/letsencrypt"
+ networks:
+ - traefik
+
+volumes:
+ traefik-letsencrypt:
+ name: "${VOLUME_LETSENCRYPT}"
+
+networks:
+ traefik:
+ name: "${NETWORK}"
+ external: true