STI
/
myos
3
2
Fork 1
Code Issues 3 Pull Requests Projects Releases Wiki Activity

add app ufw-docker

This commit is contained in:
Yann Autissier 2022-12-05 19:29:00 +00:00
parent b938dd0ffd
commit b8fe9d893c
26 changed files with 95 additions and 61 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
README.md
View File

@ -1,12 +1,12 @@
# myos - Make Your Own Stack
Docker paas based on docker compose files.
Docker paas based on docker compose and make files.
Make Your Own Stack provides common make targets to build and run docker projects.
## Disclaimer
This is work in progress ;)
This is beta software, use it at your own risks.
## Requirements
@ -14,11 +14,13 @@ You need `docker`, `git` and `make`.
## Install
* Include myos `include.mk` file adding the following lines to your project `Makefile` file.
* Include MYOS file `make/include.mk` adding the following lines to your project file `Makefile`.
```
MYOS ?= ../myos
MYOS_REPOSITORY ?= https://github.com/aynicos/myos
MYOS ?= ../myos
MYOS_REPOSITORY ?= $(patsubst %/$(APP),%/myos,$(APP_REPOSITORY))
APP ?= $(lastword $(subst /, ,$(APP_REPOSITORY)))
APP_REPOSITORY ?= $(shell git config --get remote.origin.url 2>/dev/null)
$(MYOS):
-@git clone $(MYOS_REPOSITORY) $(MYOS)
-include $(MYOS)/make/include.mk
@ -53,8 +55,8 @@ $ make host
```
`make host` starts the stack `host` with docker host services :
- consul (service discovery)
- fabio (load balancer)
- consul (service discovery) on host port 8500
- fabio (load balancer) on host ports 80 and 443
- registrator (docker/consul bridge)
* Stop myos
@ -89,10 +91,10 @@ Show called functions.
$ make up VERBOSE=true
```
* Show variable VARIABLE
* Show variable USER
```shell
$ make print-VARIABLE
$ make print-USER
```
#### Setup
@ -156,6 +158,15 @@ $ docker volume rm $(hostname)
$ make host SETUP_LETSENCRYPT=true
```
* SETUP_UFW
Control linux firewall rules with ufw.
```
$ echo SETUP_UFW=true >> .env
$ make setup-ufw
```
### Debug
* Show docker compose yaml config
@ -187,6 +198,9 @@ $ make doc
$ make print-env_args
```
## Status
* Show user mail
```shell
$ make print-MAIL
```
Beta software, use it at your own risks.

2
make/apps/ansible/def.ansible.mk
View File

@ -34,9 +34,9 @@ ANSIBLE_SSH_USERNAME ?= $(firstword $(SSH_USER))
ANSIBLE_SERVER_NAME ?= $(SERVER_NAME)
ANSIBLE_USERNAME ?= $(USER)
ANSIBLE_VERBOSE ?= $(if $(DEBUG),-vvvv,$(if $(VERBOSE),-v))
CMDARGS += ansible ansible-playbook
DOCKER_RUN_OPTIONS_ANSIBLE ?= -it $(if $(DOCKER_INTERNAL_DOCKER_HOST),--add-host=host.docker.internal:$(DOCKER_INTERNAL_DOCKER_HOST))
ENV_VARS += ANSIBLE_APP_LOAD ANSIBLE_APP_NAME ANSIBLE_AWS_ACCESS_KEY_ID ANSIBLE_AWS_DEFAULT_OUTPUT ANSIBLE_AWS_DEFAULT_REGION ANSIBLE_AWS_SECRET_ACCESS_KEY ANSIBLE_CONFIG ANSIBLE_DISKS_NFS_DISK ANSIBLE_DISKS_NFS_OPTIONS ANSIBLE_DISKS_NFS_PATH ANSIBLE_DOCKER_IMAGE_TAG ANSIBLE_DOCKER_REGISTRY ANSIBLE_EXTRA_VARS ANSIBLE_GIT_DIRECTORY ANSIBLE_GIT_KEY_FILE ANSIBLE_GIT_REPOSITORY ANSIBLE_GIT_VERSION ANSIBLE_INVENTORY ANSIBLE_MYOS ANSIBLE_PLAYBOOK ANSIBLE_SSH_AUTHORIZED_KEYS ANSIBLE_SSH_BASTION_HOSTNAME ANSIBLE_SSH_BASTION_USERNAME ANSIBLE_SSH_PRIVATE_IP_RANGE ANSIBLE_SSH_PRIVATE_KEYS ANSIBLE_SSH_PUBLIC_HOSTS ANSIBLE_SSH_USERNAME ANSIBLE_USERNAME ANSIBLE_VERBOSE
MAKECMDARGS += ansible ansible-playbook
# function ansible: Call run ansible ANSIBLE_ARGS with arg 1
define ansible

2
make/apps/aws/def.aws.mk
View File

@ -13,9 +13,9 @@ AWS_SECRET_ACCESS_KEY := $(if $(AWS_CREDENTIALS),$(shell $(call conf,$
AWS_SERVICE_NAME ?= $(COMPOSE_SERVICE_NAME)
AWS_SERVICE_VERSION ?= $(BUILD_DATE)-$(VERSION)
AWS_SNAP_DESCRIPTION ?= $(AWS_SERVICE_NAME)-$(AWS_SERVICE_VERSION)-$(AWS_S3_FILENAME)
CMDARGS += aws
DOCKER_RUN_VOLUME += -v $(HOME)/.aws:/home/$(USER)/.aws
ENV_VARS += AWS_ACCESS_KEY_ID AWS_AMI_DESCRIPTION AWS_AMI_NAME AWS_DEFAULT_OUTPUT AWS_DEFAULT_REGION AWS_INSTANCE_ID AWS_PROFILE AWS_S3_BUCKET AWS_S3_KEY AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN AWS_SNAP_DESCRIPTION AWS_SNAP_ID
MAKECMDARGS += aws
# function aws: Call run aws with arg 1
define aws

2
make/apps/common.mk
View File

@ -156,7 +156,7 @@ restart: docker-compose-restart app-start ## Restart application
# target run: Run command ARGS in a new docker SERVICE
# on local host
.PHONY: run
run: SERVICE ?= $(DOCKER_SERVICE)
run: SERVICE ?= $(or $(DOCKER_COMPOSE_SERVICE),$(DOCKER_SERVICE))
run: ## Run a command in a new docker
#ifneq (,$(filter $(ENV),$(ENV_DEPLOY)))
# $(call run,$(ARGS))

25
make/apps/def.docker.mk
View File

@ -1,5 +1,3 @@
CMDARGS += docker-run docker-run-%
COMPOSE_ARGS ?= --ansi auto
COMPOSE_FILE ?= $(wildcard docker-compose.yml docker/docker-compose.yml $(foreach file,$(patsubst docker/docker-compose.%,%,$(basename $(wildcard docker/docker-compose.*.yml))),$(if $(filter true,$(COMPOSE_FILE_$(file)) $(COMPOSE_FILE_$(call UPPERCASE,$(file)))),docker/docker-compose.$(file).yml)))
COMPOSE_FILE_$(ENV) ?= true
COMPOSE_FILE_DEBUG ?= $(if $(DEBUG),true)
@ -28,10 +26,13 @@ DOCKER_BUILD_TARGET ?= $(if $(filter $(ENV),$(DOCKER_BUILD_TARGETS))
DOCKER_BUILD_TARGET_DEFAULT ?= master
DOCKER_BUILD_TARGETS ?= $(ENV_DEPLOY)
DOCKER_BUILD_VARS ?= APP BRANCH COMPOSE_VERSION DOCKER_GID DOCKER_MACHINE DOCKER_REPOSITORY DOCKER_SYSTEM GIT_AUTHOR_EMAIL GIT_AUTHOR_NAME SSH_REMOTE_HOSTS USER VERSION
DOCKER_COMPOSE ?= $(if $(DOCKER_RUN),docker/compose:$(COMPOSE_VERSION),$(or $(shell docker compose >/dev/null 2>&1 && printf 'docker compose\n'),docker-compose)) $(COMPOSE_ARGS)
DOCKER_COMPOSE ?= $(or $(shell docker-compose --version 2>/dev/null |awk '$$4 != "v'"$(COMPOSE_VERSION)"'" {exit 1;}' && printf 'docker-compose\n'),$(shell docker compose >/dev/null 2>&1 && printf 'docker compose\n'))
DOCKER_COMPOSE_ARGS ?= --ansi=auto
DOCKER_COMPOSE_DOWN_OPTIONS ?=
DOCKER_COMPOSE_PROJECT_NAME ?= $(if $(filter host,$(firstword $(subst /, ,$(STACK)))),$(HOST_COMPOSE_PROJECT_NAME),$(if $(filter User,$(firstword $(subst /, ,$(STACK)))),$(USER_COMPOSE_PROJECT_NAME)))
DOCKER_COMPOSE_RUN_OPTIONS ?= --rm
DOCKER_COMPOSE_RUN_ENTRYPOINT ?= $(patsubst %,--entrypoint=%,$(DOCKER_COMPOSE_ENTRYPOINT))
DOCKER_COMPOSE_RUN_OPTIONS ?= --rm $(DOCKER_COMPOSE_RUN_ENTRYPOINT) $(DOCKER_COMPOSE_RUN_WORKDIR)
DOCKER_COMPOSE_RUN_WORKDIR ?= $(if $(DOCKER_COMPOSE_WORKDIR),-w $(DOCKER_COMPOSE_WORKDIR))
DOCKER_COMPOSE_SERVICE_NAME ?= $(subst _,-,$(DOCKER_COMPOSE_PROJECT_NAME))
DOCKER_COMPOSE_UP_OPTIONS ?= -d
DOCKER_IMAGE_TAG ?= $(if $(filter true,$(DEPLOY)),$(if $(filter $(ENV),$(ENV_DEPLOY)),$(VERSION)),$(if $(DRONE_BUILD_NUMBER),$(DRONE_BUILD_NUMBER),latest))
@ -52,6 +53,7 @@ DOCKER_SERVICE ?= $(lastword $(DOCKER_SERVICES))
DOCKER_SERVICES ?= $(eval IGNORE_DRYRUN := true)$(eval IGNORE_VERBOSE := true)$(shell $(call docker-compose,config --services) 2>/dev/null)$(eval IGNORE_DRYRUN := false)$(eval IGNORE_VERBOSE := false)
DOCKER_SHELL ?= /bin/sh
ENV_VARS += COMPOSE_PROJECT_NAME COMPOSE_SERVICE_NAME DOCKER_BUILD_TARGET DOCKER_IMAGE_TAG DOCKER_REGISTRY DOCKER_REPOSITORY DOCKER_SHELL
MAKECMDARGS += docker-run docker-run-%
ifeq ($(DRONE), true)
APP_PATH_PREFIX := $(DRONE_BUILD_NUMBER)
@ -83,14 +85,21 @@ endef
# function docker-compose: Run docker-compose with arg 1
define docker-compose
$(call INFO,docker-compose,$(1))
$(if $(DOCKER_RUN),$(call docker-build,$(MYOS)/docker/compose,docker/compose:$(COMPOSE_VERSION)))
$(if $(COMPOSE_FILE),$(call run,$(DOCKER_COMPOSE) $(patsubst %,-f %,$(COMPOSE_FILE)) -p $(COMPOSE_PROJECT_NAME) $(1)))
$(if $(COMPOSE_FILE),
$(if $(DOCKER_COMPOSE),
$(call env-exec,$(RUN) $(DOCKER_COMPOSE) $(DOCKER_COMPOSE_ARGS) $(patsubst %,-f %,$(COMPOSE_FILE)) -p $(COMPOSE_PROJECT_NAME) $(1))
, $(if $(DOCKER_RUN),
$(call docker-build,$(MYOS)/docker/compose,docker/compose:$(COMPOSE_VERSION))
$(call docker-run,docker/compose:$(COMPOSE_VERSION) $(DOCKER_COMPOSE_ARGS),$(patsubst %,-f %,$(COMPOSE_FILE)) -p $(COMPOSE_PROJECT_NAME) $(1))
, $(call env-exec,$(RUN) docker-compose $(DOCKER_COMPOSE_ARGS) $(patsubst %,-f %,$(COMPOSE_FILE)) -p $(COMPOSE_PROJECT_NAME) $(1))
)
)
)
endef
# function docker-compose-exec-sh: Run docker-compose-exec sh -c 'arg 2' in service 1
define docker-compose-exec-sh
$(call INFO,docker-compose-exec-sh,$(1)$(comma) $(2))
$(if $(DOCKER_RUN),$(call docker-build,$(MYOS)/docker/compose,docker/compose:$(COMPOSE_VERSION)))
$(if $(COMPOSE_FILE),$(call run,$(DOCKER_COMPOSE) $(patsubst %,-f %,$(COMPOSE_FILE)) -p $(COMPOSE_PROJECT_NAME) exec -T $(1) sh -c '$(2)'))
$(call docker-compose,exec -T $(1) sh -c '$(2)')
endef
# function docker-push: Push docker image
define docker-push

2
make/apps/def.mk
View File

@ -17,11 +17,11 @@ APP_UPSTREAM_REPOSITORY ?= $(or $(shell git config --get remote.upstream
APP_URI ?= $(APP_HOST)/$(APP_PATH)
APP_URIS ?= $(APP_URI)
APP_URL ?= $(APP_SCHEME)://$(APP_URI)
CMDARGS += exec exec:% exec@% run run:% run@%
CONTEXT += APP APPS BRANCH DOMAIN VERSION RELEASE
CONTEXT_DEBUG += APP_DIR APP_URL APP_REPOSITORY APP_UPSTREAM_REPOSITORY ENV_DEPLOY
ENV_DEPLOY ?= $(patsubst origin/%,%,$(shell git rev-parse --symbolic --remotes=origin |sed '/origin\/HEAD/d' 2>/dev/null))
ENV_VARS += APP_DIR APP_DOMAIN APP_HOST APP_PATH APP_URL CONSUL_HTTP_TOKEN $(if $(filter true,$(MOUNT_NFS)),NFS_CONFIG)
MAKECMDARGS += exec exec:% exec@% run run:% run@%
MOUNT_NFS ?= false
NFS_CONFIG ?= addr=$(NFS_HOST),actimeo=3,intr,noacl,noatime,nocto,nodiratime,nolock,soft,rsize=32768,wsize=32768,tcp,rw,vers=3
NFS_HOST ?= host.docker.internal

2
make/apps/myos/def.ufw.mk → make/apps/def.ufw.mk
View File

@ -1,4 +1,4 @@
CMDARGS += ufw ufw-docker
MAKECMDARGS += ufw ufw-docker
UFW_UPDATE ?= $(or $(SERVICE),$(DOCKER_SERVICES))
ifeq ($(SETUP_UFW),true)

6
make/apps/docker.mk
View File

@ -118,10 +118,10 @@ docker-images-myos: MAKE_VARS += DOCKER_REPOSITORY STACK
docker-images-myos:
$(foreach image,$(subst $(quote),,$(DOCKER_IMAGES_MYOS)),$(call make,docker-build-$(image),$(MYOS)))
# target docker-images-rm: Call docker-image-rm-% target for DOCKER_REPOSITORY
# target docker-images-rm: Remove docker images matching DOCKER_REPOSITORY
.PHONY: docker-images-rm
docker-images-rm:
$(call make,docker-images-rm-$(DOCKER_REPOSITORY)/)
docker images |awk '$$1 ~ /^$(subst /,\/,$(DOCKER_REPOSITORY)/)/ {print $$3}' |sort -u |while read image; do $(RUN) docker rmi -f $$image; done
# target docker-images-rm-%: Remove docker images matching %
.PHONY: docker-images-rm-%
@ -226,7 +226,7 @@ docker-run-%: docker-build-%
$(eval path := $(patsubst %/,%,$*))
$(eval image := $(DOCKER_REPOSITORY)/$(lastword $(subst /, ,$(path)))$(if $(findstring :,$*),,:$(DOCKER_IMAGE_TAG)))
$(eval image_id := $(shell docker images -q $(image) 2>/dev/null))
$(call docker-run,$(command),$(if $(image_id),$(image),$(path)))
$(call docker-run,$(if $(image_id),$(image),$(path)),$(command))
# target docker-tag: Call docker-tag for each SERVICES
.PHONY: docker-tag

2
make/apps/myos/def.mk
View File

@ -1,7 +1,7 @@
CMDARGS += ssh-run
COMPOSE_IGNORE_ORPHANS := true
ENV_VARS += COMPOSE_IGNORE_ORPHANS MYOS_TAGS_JSON
HOME ?= /home/$(USER)
MAKECMDARGS += ssh-run
MYOS_TAGS_VARS ?= env user
MYOS_TAGS_ARGS ?= $(foreach var,$(filter $(MYOS_TAGS_VARS),$(MAKE_FILE_VARS)),$(if $($(var)),$(var)='$($(var))'))
MYOS_TAGS_JSON ?= "{$(foreach var,$(filter $(MYOS_TAGS_VARS),$(MAKE_FILE_VARS)),$(if $($(var)), '$(var)': '$($(var))'$(comma))) }"

6
make/apps/myos/setup.mk
View File

@ -5,7 +5,7 @@
.PHONY: setup-binfmt
setup-binfmt:
ifeq ($(SETUP_BINFMT),true)
$(call docker-run,--install $(SETUP_BINFMT_ARCH),--privileged tonistiigi/binfmt)
$(call docker-run,--privileged tonistiigi/binfmt,--install $(SETUP_BINFMT_ARCH))
endif
# target setup-docker-group: Call ansible to add user in docker group if needed
@ -39,13 +39,13 @@ endif
# target setup-ufw: Install ufw-docker
.PHONY: setup-ufw
setup-ufw: COMPOSE_PROJECT_NAME := $(HOST_COMPOSE_PROJECT_NAME)
setup-ufw: DOCKER_RUN_OPTIONS := --rm -d --cap-add NET_ADMIN -v /etc/ufw:/etc/ufw $(if wildcard /etc/default/ufw,-v /etc/default/ufw:/etc/default/ufw) --network host
setup-ufw:
ifeq ($(SETUP_UFW),true)
$(call app-install,$(SETUP_UFW_REPOSITORY))
$(call app-bootstrap,$(lastword $(subst /, ,$(SETUP_UFW_REPOSITORY))))
$(eval COMPOSE_PROJECT_NAME := $(HOST_COMPOSE_PROJECT_NAME))
$(call app-build)
$(eval DOCKER_RUN_OPTIONS := --rm --cap-add NET_ADMIN -v /etc/ufw:/etc/ufw --network host)
$(call app-up)
$(call ufw-docker,install)
endif

3
make/apps/openstack/def.openstack.mk
View File

@ -1,5 +1,6 @@
CMDARGS += openstack
ENV_VARS += OS_AUTH_URL OS_TENANT_ID OS_TENANT_NAME OS_USERNAME OS_PASSWORD OS_REGION_NAME OS_USER_DOMAIN_NAME OS_PROJECT_DOMAIN_NAME
MAKECMDARGS += openstack
ifneq ($(DEBUG),)
OPENSTACK_ARGS += --debug
endif

2
make/apps/packer/def.packer.mk
View File

@ -1,7 +1,7 @@
CMDARGS += packer
DOCKER_RUN_OPTIONS_PACKER ?= -it -p $(PACKER_SSH_PORT):$(PACKER_SSH_PORT) -p $(PACKER_VNC_PORT):$(PACKER_VNC_PORT) -v $(SSH_DIR):$(SSH_DIR)
ENV_VARS += PACKER_CACHE_DIR PACKER_KEY_INTERVAL PACKER_LOG
KVM_GID ?= $(call gid,kvm)
MAKECMDARGS += packer
PACKER_ARCH ?= $(PACKER_ALPINE_ARCH)
PACKER_BOOT_WAIT ?= 24s
PACKER_BUILD_ARGS ?= -on-error=cleanup $(foreach var,$(PACKER_BUILD_VARS),$(if $($(var)),-var $(var)='$($(var))'))

2
make/apps/terraform/def.terraform.mk
View File

@ -1,4 +1,4 @@
CMDARGS += terraform
MAKECMDARGS += terraform
define terraform
$(RUN) $(call run,terraform $(1),hashicorp/)

12
make/apps/myos/ufw.mk → make/apps/ufw.mk
View File

@ -16,12 +16,14 @@ ufw-docker:
# target ufw-docker: Call ufw and ufw-docker foreach service UFW_UPDATE
.PHONY: ufw-update
ufw-update: debug-UFW_UPDATE
$(eval name := $(DOCKER_COMPOSE_PROJECT_NAME))
$(foreach update,$(UFW_UPDATE), \
$(foreach port,$(UFW_DOCKER_$(update)) $(UFW_DOCKER_$(name)-$(update)), \
$(call ufw-docker,$(if $(UFW_DELETE),delete) allow $(name)-$(update) $(port) ||:) \
$(eval name := $(COMPOSE_PROJECT_NAME))
$(foreach UPDATE,$(call UPPERCASE,$(UFW_UPDATE)), \
$(eval ufw_update := $($(if $(filter host,$(firstword $(subst /, ,$(STACK)))),HOST_)$(UPDATE)_UFW_UPDATE)) \
$(eval ufw_docker := $($(if $(filter host,$(firstword $(subst /, ,$(STACK)))),HOST_)$(UPDATE)_UFW_DOCKER)) \
$(foreach port,$(ufw_docker), \
$(call ufw-docker,$(if $(UFW_DELETE),delete) allow $(name)-$(call LOWERCASE,$(UPDATE)) $(port) ||:) \
) \
$(foreach port,$(UFW_UPDATE_$(update)) $(UFW_UPDATE_$(name)-$(update)), \
$(foreach port,$(ufw_update), \
$(call ufw,$(if $(UFW_DELETE),delete) allow $(port)) \
) \
)

4
make/def.app.mk
View File

@ -1,4 +1,4 @@
CMDARGS += app-%-exec app-%-run
MAKECMDARGS += app-%-exec app-%-run
# function app-attach: Call docker-attach for each Dockerfile in dir 1
define app-attach
@ -128,7 +128,7 @@ define app-run
$(foreach dockerfile,$(DOCKER_FILE),
$(call app-docker,$(dockerfile))
$(if $(shell docker images -q $(DOCKER_IMAGE) 2>/dev/null),
$(call docker-run,$(args))
$(call docker-run,$(DOCKER_IMAGE),$(args))
, $(call ERROR,Unable to find docker image,$(DOCKER_IMAGE))
)
)

24
make/def.docker.mk
View File

@ -9,13 +9,15 @@ DOCKER_NETWORK_PRIVATE ?= $(USER)-$(ENV)
DOCKER_NETWORK_PUBLIC ?= $(HOSTNAME)
# DOCKER_RUN: if empty, run system command, else run it in a docker
DOCKER_RUN ?= $(if $(filter-out false False FALSE,$(DOCKER)),$(DOCKER))
DOCKER_RUN_ENTRYPOINT ?= $(patsubst %,--entrypoint=%,$(DOCKER_ENTRYPOINT))
DOCKER_RUN_LABELS ?= $(patsubst %,-l %,$(DOCKER_LABELS))
# DOCKER_RUN_OPTIONS: default options of `docker run` command
DOCKER_RUN_OPTIONS += --rm --network $(DOCKER_NETWORK)
# DOCKER_RUN_VOLUME: options -v of `docker run` command to mount additionnal volumes
DOCKER_RUN_VOLUME += -v /var/run/docker.sock:/var/run/docker.sock
DOCKER_RUN_WORKDIR ?= -w $(PWD)
DOCKER_RUN_NETWORK += --network $(DOCKER_NETWORK)
DOCKER_RUN_OPTIONS += --rm
DOCKER_RUN_VOLUME ?= $(patsubst %,-v %,$(DOCKER_VOLUME))
DOCKER_RUN_WORKDIR ?= $(if $(DOCKER_WORKDIR),-w $(DOCKER_WORKDIR))
DOCKER_SYSTEM ?= $(shell docker run --rm alpine uname -s 2>/dev/null)
DOCKER_VOLUME ?= /var/run/docker.sock:/var/run/docker.sock
DOCKER_WORKDIR ?= $(PWD)
ENV_VARS += DOCKER_MACHINE DOCKER_NETWORK DOCKER_NETWORK_PRIVATE DOCKER_NETWORK_PUBLIC DOCKER_SYSTEM HOST_COMPOSE_PROJECT_NAME HOST_COMPOSE_SERVICE_NAME HOST_DOCKER_REPOSITORY HOST_DOCKER_VOLUME HOST_GID HOST_UID USER_COMPOSE_PROJECT_NAME USER_COMPOSE_SERVICE_NAME USER_DOCKER_IMAGE USER_DOCKER_NAME USER_DOCKER_REPOSITORY USER_DOCKER_VOLUME
HOST_COMPOSE_PROJECT_NAME ?= $(HOSTNAME)
HOST_COMPOSE_SERVICE_NAME ?= $(subst _,-,$(HOST_COMPOSE_PROJECT_NAME))
@ -57,10 +59,10 @@ ifneq ($(DOCKER_RUN),)
DOCKER_SSH_AUTH := -e SSH_AUTH_SOCK=/tmp/ssh-agent/socket -v $(USER_DOCKER_VOLUME):/tmp/ssh-agent
# function docker-run: Run docker image 2 with arg 1
# function docker-run: Run docker image 1 with arg 2
define docker-run
$(call INFO,docker-run,$(1)$(comma) $(2))
$(call run,$(or $(2),$(DOCKER_IMAGE)) $(1))
$(call run,$(or $(1),$(DOCKER_IMAGE)) $(2))
endef
ifeq ($(DRONE), true)
# function exec DRONE=true: Run DOCKER_IMAGE with arg 1
@ -84,21 +86,21 @@ define run
$(call ERROR,Found already running docker,$(DOCKER_RUN_NAME))
)
)
$(RUN) docker run $(DOCKER_ENV_ARGS) $(DOCKER_RUN_LABELS) $(DOCKER_RUN_OPTIONS) $(DOCKER_RUN_VOLUME) $(DOCKER_RUN_WORKDIR) $(DOCKER_SSH_AUTH) $(DOCKER_RUN_NAME) $(2)$(1)
$(RUN) docker run $(DOCKER_ENV_ARGS) $(DOCKER_RUN_ENTRYPOINT) $(DOCKER_RUN_LABELS) $(DOCKER_RUN_NAME) $(DOCKER_RUN_NETWORK) $(DOCKER_RUN_OPTIONS) $(DOCKER_RUN_VOLUME) $(DOCKER_RUN_WORKDIR) $(DOCKER_SSH_AUTH) $(2)$(1)
endef
else
SHELL := /bin/bash
# function docker-run DOCKER=false: Run docker image 2 with arg 1
# function docker-run DOCKER=false: Run docker image 1 with arg 2
define docker-run
$(call INFO,docker-run,$(1)$(comma) $(2))
$(if $(DOCKER_RUN_NAME),
$(if $(call docker-running,^$(DOCKER_RUN_NAME)$$),
$(call ERROR,Found already running docker,$(DOCKER_RUN_NAME))
)
)
)
$(RUN) docker run $(DOCKER_ENV_ARGS) $(DOCKER_RUN_LABELS) $(DOCKER_RUN_OPTIONS) $(DOCKER_RUN_VOLUME) $(DOCKER_RUN_WORKDIR) $(DOCKER_RUN_NAME) $(or $(2),$(DOCKER_IMAGE)) $(1)
$(RUN) docker run $(DOCKER_ENV_ARGS) $(DOCKER_RUN_ENTRYPOINT) $(DOCKER_RUN_LABELS) $(DOCKER_RUN_NAME) $(DOCKER_RUN_NETWORK) $(DOCKER_RUN_OPTIONS) $(DOCKER_RUN_VOLUME) $(DOCKER_RUN_WORKDIR) $(or $(1),$(DOCKER_IMAGE)) $(2)
endef
# function exec DOCKER=false: Call env-exec with arg 1 or SHELL
define exec

2
make/def.mk
View File

@ -16,7 +16,6 @@ CMD_APK_INSTALL ?= $(if $(shell type -p apk),apk --no-cache --up
CMD_APK_REMOVE ?= $(if $(shell type -p apk),apk --no-cache del)
CMD_APT_INSTALL ?= $(if $(shell type -p apt-get),apt-get update && apt-get -fy install)
CMD_APT_REMOVE ?= $(if $(shell type -p apt-get),apt-get -fy remove)
CMDARGS ?= apps-install install-app
COLOR_BLUE ?= \033[01;34m
COLOR_BROWN ?= \033[33m
COLOR_CYAN ?= \033[36m
@ -90,6 +89,7 @@ MAKE_TARGETS ?= $(filter-out $(.VARIABLES),$(shell $(MAKE) -q
MAKE_UNIXTIME_START := $(shell date -u +'%s' 2>/dev/null)
MAKE_UNIXTIME_CURRENT = $(shell date -u "+%s" 2>/dev/null)
MAKE_VARS ?= ENV
MAKECMDARGS ?= apps-install install-app
MONOREPO ?= $(if $(filter myos,$(MYOS)),$(notdir $(CURDIR)),$(if $(APP),$(notdir $(realpath $(CURDIR)/..))))
MONOREPO_DIR ?= $(if $(MONOREPO),$(if $(filter myos,$(MYOS)),$(realpath $(CURDIR)),$(if $(APP),$(realpath $(CURDIR)/..))))
MYOS ?= $(if $(filter $(MAKE_DIR),$(call pop,$(MAKE_DIR))),.,$(call pop,$(MAKE_DIR)))

4
make/end.mk
View File

@ -1,5 +1,5 @@
# Accept arguments for CMDARGS targets and turn them into do-nothing targets
ifneq ($(filter $(CMDARGS),$(firstword $(MAKECMDGOALS))),)
# Accept arguments for MAKECMDARGS targets and turn them into do-nothing targets
ifneq ($(filter $(MAKECMDARGS),$(firstword $(MAKECMDGOALS))),)
ARGS := $(wordlist 2,$(words $(MAKECMDGOALS)),$(MAKECMDGOALS))
ARGS := $(subst :,\:,$(ARGS))
ARGS := $(subst &,\&,$(ARGS))

2
make/env.mk
View File

@ -10,7 +10,7 @@
## it removes file .env
.PHONY: .env-clean
.env-clean:
rm -i .env || true
$(RUN) rm -$(if $(FORCE),f,i) .env || true
# target .env-update: Update file ENV_FILE
## it updates file ENV_FILE with missing values from file ENV_DIST

2
make/monorepo/def.mk
View File

@ -1,6 +1,6 @@
CMDARGS += copy master-tag release release-check release-create release-finish subrepo-push subrepo-update
CONTEXT += APPS DOMAIN RELEASE
DIRS ?= $(CONFIG) $(MAKE_DIR) $(SHARED)
MAKECMDARGS += copy master-tag release release-check release-create release-finish subrepo-push subrepo-update
RELEASE_UPGRADE ?= $(filter v%, $(shell git tag -l 2>/dev/null |sort -V |awk '/$(RELEASE)/,0'))
RELEASE_VERSION ?= $(firstword $(subst -, ,$(VERSION)))
SUBREPOS ?= $(filter subrepo/%, $(shell git remote 2>/dev/null))

4
make/myos.mk
View File

@ -1,6 +1,10 @@
##
# MYOS
# target myos: Call host target in MYOS folder
.PHONY: myos
myos: myos-host
# target myos-%: Call % target in MYOS folder
.PHONY: myos-%
myos-%: ;

2
stack/User/User.mk
View File

@ -1,5 +1,5 @@
CMDARGS += user-exec user-exec:% user-exec@% user-run user-run:% user-run@%
ENV_VARS += USER_DOMAIN user_domain
MAKECMDARGS += user-exec user-exec:% user-exec@% user-run user-run:% user-run@%
USER_DOMAIN ?= $(USER).$(DOMAIN)
User ?= $(patsubst stack/%,%,$(patsubst %.yml,%,$(wildcard stack/User/*.yml)))

1
stack/elastic/elasticsearch.yml
View File

@ -35,6 +35,7 @@ services:
volumes:
- elasticsearch:/usr/share/elasticsearch/data
restart: always
volumes:
elasticsearch:

4
stack/host/host.mk
View File

@ -1,7 +1,7 @@
CMDARGS += host-exec stack-host-exec host-exec:% host-exec@% host-run host-run:% host-run@%
host ?= $(patsubst stack/%,%,$(patsubst %.yml,%,$(wildcard stack/host/*.yml)))
ENV_VARS += DOCKER_HOST_IFACE DOCKER_HOST_INET4 DOCKER_INTERNAL_DOCKER_HOST
MAKECMDARGS += host-exec stack-host-exec host-exec:% host-exec@% host-run host-run:% host-run@%
SETUP_LETSENCRYPT ?=
host ?= $(patsubst stack/%,%,$(patsubst %.yml,%,$(wildcard stack/host/*.yml)))
# target bootstrap-stack-host: Fire host-certbot host-ssl-certs
.PHONY: bootstrap-stack-host

1
stack/host/ipfs.mk
View File

@ -2,3 +2,4 @@ ENV_VARS += HOST_IPFS_API_HTTPHEADERS_ACA_ORIGI
HOST_IPFS_API_HTTPHEADERS_ACA_ORIGIN ?= ["https://ipfs.$(DOMAIN)"]
HOST_IPFS_SERVICE_5001_TAGS ?= urlprefix-ipfs.$(DOMAIN)/api
HOST_IPFS_SERVICE_8080_TAGS ?= urlprefix-ipfs.$(DOMAIN)/,urlprefix-*.ipfs.$(DOMAIN),urlprefix-ipns.$(DOMAIN)/,urlprefix-*.ipns.$(DOMAIN)/
HOST_IPFS_UFW_DOCKER ?= 4001/tcp 4001/udp 8080

2
stack/ipfs/ipfs.mk
View File

@ -4,8 +4,8 @@ IPFS_PROFILE ?= $(if $(filter-out amd64 x86_64,$(MA
IPFS_SERVICE_5001_TAGS ?= urlprefix-ipfs.$(APP_DOMAIN)/api
IPFS_SERVICE_8080_CHECK_HTTP ?= /ipfs/QmUNLLsPACCz1vLxQVkXqqLX5R1X345qqfHbsf67hvA3Nn
IPFS_SERVICE_8080_TAGS ?= urlprefix-ipfs.$(APP_DOMAIN)/,urlprefix-*.ipfs.$(APP_DOMAIN),urlprefix-ipns.$(APP_DOMAIN)/,urlprefix-*.ipns.$(APP_DOMAIN)/
IPFS_UFW_DOCKER ?= 4001/tcp 4001/udp 8080
IPFS_VERSION ?= 0.16.0
UFW_DOCKER_IPFS ?= 4001/tcp 4001/udp 8080
.PHONY: bootstrap-stack-ipfs
bootstrap-stack-ipfs: ~/.ipfs setup-sysctl