fix install on new host

2022-07-06 23:27:41 +02:00 · 2022-07-06 23:27:41 +02:00 · 2c321ef52f
parent e06266489c
commit 2c321ef52f
19 changed files with 105 additions and 106 deletions
--- a/17
+++ b/17
@ -3,7 +3,7 @@ include make/include.mk
 ##
 # APP

-app-bootstrap: bootstrap-docker bootstrap-host bootstrap-user
+app-bootstrap: bootstrap-docker

 app-build: user install-build-config
 	$(call make,docker-compose-build docker-compose-up)
@ -12,6 +12,8 @@ app-build: user install-build-config

 app-install: ansible-run app-update-default

+app-start: $(foreach stack,$(STACK),start-stack-$(stack))
+
 app-update: ansible-pull app-update-default

 app-update-default: ENV_DIST := .env
@ -24,16 +26,9 @@ app-tests: ansible-tests
 # BOOTSTRAP

 # target bootstrap-docker: Install and configure docker
-# on local host
 .PHONY: bootstrap-docker
 bootstrap-docker: install-bin-docker setup-docker-group setup-binfmt setup-nfsd setup-sysctl

-# target bootstrap-host: Create DOCKER_NETWORK_PUBLIC
-# on local host
-.PHONY: bootstrap-host
-bootstrap-host: docker-network-create-$(DOCKER_NETWORK_PUBLIC) node-ssl-certs
-
-# target bootstrap-user: Create DOCKER_NETWORK_PRIVATE
-# on local host
-.PHONY: bootstrap-user
-bootstrap-user: docker-network-create
+# target bootstrap-stack: Call bootstrap target of each stack
+.PHONY: bootstrap-stack
+bootstrap-stack: docker-network-create $(foreach stack,$(STACK),bootstrap-stack-$(stack))
--- a/README.md
+++ b/README.md
@ -6,6 +6,10 @@ Docker paas based on docker compose files.

 This is work in progress ;)

+## Requirements
+
+You need `git` and `make`.
+
 ## Usage

 ### Examples
@ -27,11 +31,9 @@ $ make node up STACK='zen'
 - fabio (load balancer)
 - ipfs (inter planetary file system)
 - registrator (docker/consul bridge)
-`make User` starts the stack User with docker user services :
- myos (ssh-agent)
- ipfs (when STACK=zen)
-`make up` starts the stack STACK
- zen (when STACK=zen)
+`make up STACK=zen` starts the stack 'zen' with docker services :
+- ipfs (mount ~/.ipfs)
+- zen (mount ~/.zen)

 * Stop myos

@ -86,8 +88,8 @@ $ make config
 ```

 `make config` show docker compose yaml config for stack STACK
-`make stack-node-config` show docker compose yaml config for stack node
-`make stack-User-config` show docker compose yaml config for stack User
+`make node-config` show docker compose yaml config for stack node
+`make user-config` show docker compose yaml config for stack User
 `make stack-elastic-config` show docker compose yaml config for stack elastic

 * Show debug variables
--- a/ansible/roles/hosts/handlers/main.yml
+++ b/ansible/roles/hosts/handlers/main.yml
@ -2,6 +2,7 @@
 # file: handlers/main.yml

 - name: update boot - syslinux
+  become: yes
  environment:
    PATH: "{{ ansible_env.PATH }}:/usr/sbin:/sbin"
  with_together:
@ -11,6 +12,7 @@
  when: item.1.changed and item.0.dest == "/etc/update-extlinux.conf"

 - name: update boot - grub
+  become: yes
  environment:
    PATH: "{{ ansible_env.PATH }}:/usr/sbin:/sbin"
  with_together:
--- a/docker/ipfs/ipfs-config.sh
+++ b/docker/ipfs/ipfs-config.sh
@ -1,4 +1,5 @@
 #!/bin/sh
+set -e

 ## fix resource manager fatal error on arm64/linux with 2Gb RAM
 # ipfs config --json Swarm.ResourceMgr.Enabled false
@ -15,7 +16,17 @@ ipfs config Pubsub.Router gossipsub
 ipfs config --json Experimental.Libp2pStreamMounting true
 ipfs config --json Experimental.P2pHttpProxy true
 ipfs config Addresses.Gateway "/ip4/0.0.0.0/tcp/8080"
-ipfs config Addresses.Api "/ip4/0.0.0.0/tcp/5001"
+
+## ipfs client needs API address
+# search for ip address of $(hostname).${IPFS_ADDRESSES_API_DOMAIN}
+[ -n "${IPFS_ADDRESSES_API_DOMAIN}" ] && [ -z "${IPFS_ADDRESSES_API_INET4}" ] \
+ && IPFS_ADDRESSES_API_INET4=$(nslookup -type=A "$(hostname).${IPFS_ADDRESSES_API_DOMAIN}" |awk 'found && /^Address:/ {print $2; found=0}; /^Name:\t'"$(hostname).${IPFS_ADDRESSES_API_DOMAIN}"'/ {found=1};')
+# check ${IPFS_ADDRESSES_API_INET4} format
+echo "${IPFS_ADDRESSES_API_INET4}" |awk -F. '{ for ( i=1; i<=4; i++ ) if ($i >= 0 && $i <= 255); else exit 1;}; NF != 4 {exit 1;}' || unset IPFS_ADDRESSES_API_INET4
+# check ${IPFS_ADDRESSES_API_PORT} format
+[ "${IPFS_ADDRESSES_API_PORT}" -eq "${IPFS_ADDRESSES_API_PORT}" ] 2>/dev/null && [ "${IPFS_ADDRESSES_API_PORT}" -ge 1 ] && [ "${IPFS_ADDRESSES_API_PORT}" -le 65535 ] \
+ || unset IPFS_ADDRESSES_API_PORT
+ipfs config Addresses.Api "${IPFS_ADDRESSES_API:-/ip4/${IPFS_ADDRESSES_API_INET4:-127.0.0.1}/tcp/${IPFS_ADDRESSES_API_PORT:-5001}}"

 ## REMOVE IPFS BOOTSTRAP
 ipfs bootstrap rm --all
--- a/docker/zen/Dockerfile
+++ b/docker/zen/Dockerfile
@ -126,3 +126,5 @@ RUN bash -c '. /include.sh && install_requirements'
 COPY ${DOCKER_BUILD_DIR}/docker-entrypoint.sh /docker-entrypoint.sh
 ENTRYPOINT ["/docker-entrypoint.sh"]
 CMD ["start"]
+
+RUN mkdir .zen
--- a/make/apps/common.mk
+++ b/make/apps/common.mk
@ -81,10 +81,10 @@ exec@%: SERVICE ?= $(DOCKER_SERVICE)
 exec@%:
 	$(call make,ssh-exec,$(MYOS),APP ARGS SERVICE)

-# target force-%: Fire targets % and stack-node-%
+# target force-%: Fire targets %, stack-user-% and stack-node-%
 # on local host
 .PHONY: force-%
-force-%: % stack-node-%;
+force-%: % stack-user-% stack-node-%;

 # target install app-install: Install application
 # on local host
@ -169,7 +169,7 @@ ssh@%:
 # target stack: Call docker-stack for each STACK
 ## it updates COMPOSE_FILE with all .yml files of the current stack
 .PHONY: stack
-stack: docker-network-create
+stack:
 	$(foreach stackz,$(STACK),$(call docker-stack,$(stackz)))

 # target stack-%: Call docker-compose-% target on STACK
@ -202,7 +202,7 @@ tests: app-tests ## Test application
 # target up: Create and start application dockers
 # on local host
 .PHONY: up
-up: stack-required docker-compose-up app-start ## Create application dockers
+up: bootstrap-stack docker-compose-up app-start ## Create application dockers

 # target update app-update: Update application files
 # on local host
--- a/make/apps/def.docker.mk
+++ b/make/apps/def.docker.mk
@ -61,7 +61,7 @@ endif
 define docker-compose
 	$(call INFO,docker-compose,$(1))
  $(if $(DOCKER_RUN),$(call docker-build,$(MYOS)/docker/compose,docker/compose:$(COMPOSE_VERSION)))
-	$(if $(COMPOSE_FILE),$(call run,$(DOCKER_COMPOSE) $(patsubst %,-f %,$(COMPOSE_FILE)) -p $(if $(filter node,$(firstword $(subst /, ,$(STACK)))),$(COMPOSE_PROJECT_NAME_NODE),$(COMPOSE_PROJECT_NAME)) $(1)))
+	$(if $(COMPOSE_FILE),$(call run,$(DOCKER_COMPOSE) $(patsubst %,-f %,$(COMPOSE_FILE)) -p $(if $(filter node,$(firstword $(subst /, ,$(STACK)))),$(COMPOSE_PROJECT_NAME_NODE),$(if $(filter User,$(firstword $(subst /, ,$(STACK)))),$(COMPOSE_PROJECT_NAME_USER),$(COMPOSE_PROJECT_NAME))) $(1)))
 endef
 # function docker-compose-exec: Run docker-compose-exec with arg 2 in service 1
 define docker-compose-exec
--- a/make/apps/docker.mk
+++ b/make/apps/docker.mk
@ -141,8 +141,10 @@ docker-network-create: docker-network-create-$(DOCKER_NETWORK)
 .PHONY: docker-network-create-%
 docker-network-create-%:
 	if [ -z "$(shell docker network ls -q --filter name='^$*$$' 2>/dev/null)" ]; then \
-	  $(RUN) sh -c 'docker network create $* >/dev/null' \
-	   && $(or $(call INFO,docker network $* created), true); fi \
+	  $(RUN) sh -c 'docker network create $* >/dev/null 2>&1' \
+	   && $(or $(call INFO,docker network $* created), true) \
+		 ||: ; \
+	fi

 # target docker-network-rm: Fire docker-network-rm-% for DOCKER_NETWORK
 .PHONY: docker-network-rm
@ -152,8 +154,10 @@ docker-network-rm: docker-network-rm-$(DOCKER_NETWORK)
 .PHONY: docker-network-rm-%
 docker-network-rm-%:
 	if [ -n "$(shell docker network ls -q --filter name='^$*$$' 2>/dev/null)" ]; then \
-	  $(RUN) docker network rm $* >/dev/null \
-	   && $(or $(call INFO,docker network $* removed), true); fi \
+	  $(RUN) sh -c 'docker network rm $* >/dev/null 2>&1' \
+	   && $(or $(call INFO,docker network $* removed), true) \
+		 ||: ; \
+	fi

 # target docker-plugin-install: Run 'docker plugin install DOCKER_PLUGIN_OPTIONS DOCKER_PLUGIN'
 .PHONY: docker-plugin-install
--- a/stack/User.mk
+++ b/stack/User.mk
@ -1,11 +1,17 @@
 User                            ?= User/User

-# target user: Fire user-agent
-.PHONY: User user
-User user: bootstrap-docker bootstrap-user $(if $(DOCKER_RUN),stack-User-up) user-agent
+# target bootstrap-stack-User: Fire docker-network-create
+.PHONY: bootstrap-stack-User
+bootstrap-stack-User: docker-network-create-$(DOCKER_NETWORK_PRIVATE)

-# target user-agent: Fire ssh-add
-user-agent: ssh-add
+# target start-stack-User: Fire ssh-add
+.PHONY: start-stack-User
+start-stack-User: ssh-add
+
+# target user: Fire start-stack-User if DOCKER_RUN or fire start-stack-User
+.PHONY: User user
+User user: $(if $(DOCKER_RUN),stack-User-up,start-stack-User)

 # target User-% user-%; Fire target stack-User-%
+.PHONY: User-% user-%
 User-% user-%: stack-User-%;
--- a/stack/User/ipfs/.env.dist
+++ b/stack/User/ipfs/.env.dist
@ -1 +0,0 @@
-IPFS_SERVICE_8080_TAGS_USER=urlprefix-ipfs.${USER}.${DOMAIN}/
--- a/stack/User/ipfs/ipfs.yml
+++ b/stack/User/ipfs/ipfs.yml
@ -1,56 +0,0 @@
-version: '3.6'
-
-services:
-  ipfs:
-    build:
-      args:
-      - DOCKER_BUILD_DIR=docker/ipfs
-      - IPFS_VERSION=0.13.0
-      context: ../..
-      dockerfile: docker/ipfs/Dockerfile
-    command: daemon --migrate=true
-    container_name: ${COMPOSE_PROJECT_NAME_USER}_ipfs
-    cpus: 0.5
-    environment:
-    - IPFS_PROFILE=${IPFS_PROFILE}
-    image: ${DOCKER_REPOSITORY_USER}/ipfs:${DOCKER_IMAGE_TAG}
-    labels:
-    - SERVICE_4001_CHECK_TCP=true
-    - SERVICE_4001_NAME=${COMPOSE_SERVICE_NAME_USER}-ipfs:4001
-    - SERVICE_5001_CHECK_TCP=true
-    - SERVICE_5001_NAME=${COMPOSE_SERVICE_NAME_USER}-ipfs:5001
-    - SERVICE_8080_CHECK_HTTP=/ipfs/QmYwAPJzv5CZsnA625s3Xf2nemtYgPpHdWEz79ojWnPbdG/readme
-    - SERVICE_8080_NAME=${COMPOSE_SERVICE_NAME_USER}-ipfs:8080
-    - SERVICE_8080_TAGS=${IPFS_SERVICE_8080_TAGS_USER}
-    - SERVICE_8081_IGNORE=true
-    networks:
-    - private
-    - public
-    ports:
-    - 4001
-    - 5001/tcp
-    - 8080/tcp
-    ulimits:
-      nofile:
-        soft: 65536
-        hard: 65536
-    volumes:
-    - ipfs:/data/ipfs:delegated
-    restart: always
-
-volumes:
-  ipfs:
-    driver: local
-    driver_opts:
-      type: none
-      device: ${HOME}/.ipfs
-      o: bind
-    name: ${COMPOSE_PROJECT_NAME_USER}_ipfs
-
-networks:
-  private:
-    external: true
-    name: ${DOCKER_NETWORK_PRIVATE}
-  public:
-    external: true
-    name: ${DOCKER_NETWORK_PUBLIC}
--- a/stack/ipfs.mk
+++ b/stack/ipfs.mk
@ -0,0 +1,5 @@
+.PHONY: bootstrap-stack-ipfs
+bootstrap-stack-ipfs: ~/.ipfs
+
+~/.ipfs:
+	mkdir -p ~/.ipfs
--- a/stack/ipfs/.env.dist
+++ b/stack/ipfs/.env.dist
@ -1 +1,4 @@
+IPFS_ADDRESSES_API_DOMAIN=${DOCKER_NETWORK_PRIVATE}
+IPFS_LOGGING=error
+IPFS_SERVICE_8080_CHECK_TCP=/ipfs/QmYwAPJzv5CZsnA625s3Xf2nemtYgPpHdWEz79ojWnPbdG/readme
 IPFS_SERVICE_8080_TAGS=urlprefix-ipfs.${APP_DOMAIN}/
--- a/stack/ipfs/ipfs.yml
+++ b/stack/ipfs/ipfs.yml
@ -11,6 +11,11 @@ services:
    command: daemon --migrate=true
    cpus: 0.5
    environment:
+    - IPFS_ADDRESSES_API=${IPFS_ADDRESSES_API}
+    - IPFS_ADDRESSES_API_DOMAIN=${IPFS_ADDRESSES_API_DOMAIN}
+    - IPFS_ADDRESSES_API_INET4=${IPFS_ADDRESSES_API_INET4}
+    - IPFS_ADDRESSES_API_PORT=${IPFS_ADDRESSES_API_PORT}
+    - IPFS_LOGGING=${IPFS_LOGGING}
    - IPFS_PROFILE=${IPFS_PROFILE}
    image: ${DOCKER_REPOSITORY}/ipfs:${DOCKER_IMAGE_TAG}
    labels:
@ -18,12 +23,13 @@ services:
    - SERVICE_4001_NAME=${COMPOSE_SERVICE_NAME}-ipfs:4001
    - SERVICE_5001_CHECK_TCP=true
    - SERVICE_5001_NAME=${COMPOSE_SERVICE_NAME}-ipfs:5001
-    - SERVICE_8080_CHECK_HTTP=/ipfs/QmYwAPJzv5CZsnA625s3Xf2nemtYgPpHdWEz79ojWnPbdG/readme
+    - SERVICE_8080_CHECK_HTTP=${IPFS_SERVICE_8080_CHECK_TCP}
    - SERVICE_8080_NAME=${COMPOSE_SERVICE_NAME}-ipfs:8080
    - SERVICE_8080_TAGS=${IPFS_SERVICE_8080_TAGS}
    - SERVICE_8081_IGNORE=true
    networks:
    - private
+    - public
    ports:
    - 4001
    - 5001/tcp
@ -38,8 +44,16 @@ services:

 volumes:
  ipfs:
+    driver: local
+    driver_opts:
+      type: none
+      device: ${HOME}/.ipfs
+      o: bind

 networks:
  private:
    external: true
    name: ${DOCKER_NETWORK_PRIVATE}
+  public:
+    external: true
+    name: ${DOCKER_NETWORK_PUBLIC}
--- a/stack/node.mk
+++ b/stack/node.mk
@ -1,10 +1,14 @@
-node                            ?= node/node node/ipfs
+node                            ?= node/node
 ENV_VARS                        += DOCKER_HOST_IFACE DOCKER_HOST_INET4 DOCKER_INTERNAL_DOCKER_HOST IPFS_PROFILE
 IPFS_PROFILE                    ?= $(if $(filter-out amd64 x86_64,$(PROCESSOR_ARCHITECTURE)),lowpower,server)

-# target node: Fire docker-network-create-% for DOCKER_NETWORK_PUBLIC node-ssl-certs stack-node-up
+# target bootstrap-stack-node: Fire node-ssl-certs
+.PHONY: bootstrap-stack-node
+bootstrap-stack-node: docker-network-create-$(DOCKER_NETWORK_PUBLIC) node-ssl-certs
+
+# target node: Fire stack-node-up
 .PHONY: node
-node: bootstrap-docker bootstrap-host stack-node-up
+node: stack-node-up

 # target node-%; Fire target stack-node-%
 node-%: stack-node-%;
--- a/stack/node/ipfs/.env.dist
+++ b/stack/node/ipfs/.env.dist
@ -1 +1,4 @@
+IPFS_ADDRESSES_API_DOMAIN_NODE=${DOCKER_NETWORK_PUBLIC}
+IPFS_LOGGING_NODE=error
+IPFS_SERVICE_8080_CHECK_TCP_NODE=/ipfs/QmYwAPJzv5CZsnA625s3Xf2nemtYgPpHdWEz79ojWnPbdG/readme
 IPFS_SERVICE_8080_TAGS_NODE=urlprefix-ipfs.${DOMAIN}/
--- a/stack/node/ipfs/ipfs.yml
+++ b/stack/node/ipfs/ipfs.yml
@ -10,12 +10,13 @@ services:
      dockerfile: docker/ipfs/Dockerfile
    command: daemon --migrate=true
    container_name: ${COMPOSE_PROJECT_NAME_NODE}_ipfs
-    cap_add:
-    - SYS_ADMIN # --mount
    cpus: 0.5
-    devices:
-    - /dev/fuse:/dev/fuse # --mount
    environment:
+    - IPFS_ADDRESSES_API=${IPFS_ADDRESSES_API_NODE}
+    - IPFS_ADDRESSES_API_DOMAIN=${IPFS_ADDRESSES_API_DOMAIN_NODE}
+    - IPFS_ADDRESSES_API_INET4=${IPFS_ADDRESSES_API_INET4_NODE}
+    - IPFS_ADDRESSES_API_PORT=${IPFS_ADDRESSES_API_PORT_NODE}
+    - IPFS_LOGGING=${IPFS_LOGGING_NODE}
    - IPFS_PROFILE=${IPFS_PROFILE}
    image: ${DOCKER_REPOSITORY_NODE}/ipfs:${DOCKER_IMAGE_TAG}
    labels:
@ -23,7 +24,7 @@ services:
    - SERVICE_4001_NAME=${COMPOSE_SERVICE_NAME_NODE}-ipfs:4001
    - SERVICE_5001_CHECK_TCP=true
    - SERVICE_5001_NAME=${COMPOSE_SERVICE_NAME_NODE}-ipfs:5001
-    - SERVICE_8080_CHECK_HTTP=/ipfs/QmYwAPJzv5CZsnA625s3Xf2nemtYgPpHdWEz79ojWnPbdG/readme
+    - SERVICE_8080_CHECK_HTTP=${IPFS_SERVICE_8080_CHECK_TCP_NODE}
    - SERVICE_8080_NAME=${COMPOSE_SERVICE_NAME_NODE}-ipfs:8080
    - SERVICE_8080_TAGS=${IPFS_SERVICE_8080_TAGS_NODE}
    - SERVICE_8081_IGNORE=true
@ -33,8 +34,6 @@ services:
    - 4001:4001
    - 5001/tcp
    - 8080/tcp
-    security_opt:
-    - apparmor:unconfined # --mount
    ulimits:
      nofile:
        soft: 65536
--- a/stack/zen.mk
+++ b/stack/zen.mk
@ -1,8 +1,14 @@
 ifneq ($(filter zen,$(STACK)),)
-ifeq ($(filter User/ipfs,$(STACK)),)
-STACK                           += User/ipfs
+ifeq ($(filter ipfs,$(STACK)),)
+STACK                           += ipfs
 endif
-ifeq ($(filter User/ipfs,$(User)),)
-User                            += User/ipfs
+ifeq ($(filter node/ipfs,$(node)),)
+node                            += node/ipfs
 endif
 endif
+
+.PHONY: bootstrap-stack-zen
+bootstrap-stack-zen: ~/.zen
+
+~/.zen:
+	mkdir -p ~/.zen
--- a/stack/zen/zen.yml
+++ b/stack/zen/zen.yml
@ -26,7 +26,7 @@ services:
    user: ${UID}:${GID}
    volumes:
    - astroport:${HOME}/astroport:cached
-    - ipfs:${HOME}/.ipfs:ro
+    - ipfs:${HOME}/.ipfs:cached,ro
    - zen:${HOME}/.zen:delegated
    - ssh-agent:/tmp/ssh-agent:ro
    working_dir: ${HOME}/.zen
				`@ -1 +0,0 @@`
				`IPFS_SERVICE_8080_TAGS_USER=urlprefix-ipfs.${USER}.${DOMAIN}/`