diff --git a/Makefile b/Makefile index 08b123e..569de5a 100644 --- a/Makefile +++ b/Makefile @@ -3,7 +3,7 @@ include make/include.mk ## # APP -app-bootstrap: bootstrap-docker bootstrap-host bootstrap-user +app-bootstrap: bootstrap-docker app-build: user install-build-config $(call make,docker-compose-build docker-compose-up) @@ -12,6 +12,8 @@ app-build: user install-build-config app-install: ansible-run app-update-default +app-start: $(foreach stack,$(STACK),start-stack-$(stack)) + app-update: ansible-pull app-update-default app-update-default: ENV_DIST := .env @@ -24,16 +26,9 @@ app-tests: ansible-tests # BOOTSTRAP # target bootstrap-docker: Install and configure docker -# on local host .PHONY: bootstrap-docker bootstrap-docker: install-bin-docker setup-docker-group setup-binfmt setup-nfsd setup-sysctl -# target bootstrap-host: Create DOCKER_NETWORK_PUBLIC -# on local host -.PHONY: bootstrap-host -bootstrap-host: docker-network-create-$(DOCKER_NETWORK_PUBLIC) node-ssl-certs - -# target bootstrap-user: Create DOCKER_NETWORK_PRIVATE -# on local host -.PHONY: bootstrap-user -bootstrap-user: docker-network-create +# target bootstrap-stack: Call bootstrap target of each stack +.PHONY: bootstrap-stack +bootstrap-stack: docker-network-create $(foreach stack,$(STACK),bootstrap-stack-$(stack)) diff --git a/README.md b/README.md index f7a4fee..3c231c6 100644 --- a/README.md +++ b/README.md @@ -6,32 +6,34 @@ Docker paas based on docker compose files. This is work in progress ;) +## Requirements + +You need `git` and `make`. + ## Usage ### Examples -* Configure myos for domain.tld +* Configure myos for domain `domain.tld` and stack `zen` ```shell -$ make bootstrap DOMAIN=domain.tld +$ make bootstrap DOMAIN=domain.tld STACK=zen ``` * Start myos stacks ```shell -$ make node up STACK='zen' +$ make node up ``` -`make node` starts the stack node with docker host services : +`make node` starts the stack `node` with docker host services : - consul (service discovery) - fabio (load balancer) - ipfs (inter planetary file system) - registrator (docker/consul bridge) -`make User` starts the stack User with docker user services : -- myos (ssh-agent) -- ipfs (when STACK=zen) -`make up` starts the stack STACK -- zen (when STACK=zen) +`make up` starts the stack `zen` with docker services : +- ipfs (mount ~/.ipfs) +- zen (mount ~/.zen) * Stop myos @@ -85,10 +87,10 @@ $ make print-VARIABLE $ make config ``` -`make config` show docker compose yaml config for stack STACK -`make stack-node-config` show docker compose yaml config for stack node -`make stack-User-config` show docker compose yaml config for stack User -`make stack-elastic-config` show docker compose yaml config for stack elastic +`make config` show docker compose yaml config for stack `STACK` +`make node-config` show docker compose yaml config for stack `node` +`make user-config` show docker compose yaml config for stack `User` +`make stack-elastic-config` show docker compose yaml config for stack `elastic` * Show debug variables @@ -110,4 +112,4 @@ $ make print-env_args ## Status -Use it at your own risks. +Beta software, use it at your own risks. diff --git a/ansible/roles/docker/vars/debian.yml b/ansible/roles/docker/vars/debian.yml index be21242..19a4d12 100644 --- a/ansible/roles/docker/vars/debian.yml +++ b/ansible/roles/docker/vars/debian.yml @@ -8,7 +8,6 @@ docker_packages: - { "name": "apt-transport-https", "state": "present" } - { "name": "ca-certificates", "state": "present" } - { "name": "curl", "state": "present" } - - { "name": "docker-compose", "state": "present" } - { "name": "gnupg2", "state": "present" } - { "name": "software-properties-common", "state": "present" } diff --git a/ansible/roles/hosts/handlers/main.yml b/ansible/roles/hosts/handlers/main.yml index af5bca6..e0e17f8 100644 --- a/ansible/roles/hosts/handlers/main.yml +++ b/ansible/roles/hosts/handlers/main.yml @@ -2,6 +2,7 @@ # file: handlers/main.yml - name: update boot - syslinux + become: yes environment: PATH: "{{ ansible_env.PATH }}:/usr/sbin:/sbin" with_together: @@ -11,6 +12,7 @@ when: item.1.changed and item.0.dest == "/etc/update-extlinux.conf" - name: update boot - grub + become: yes environment: PATH: "{{ ansible_env.PATH }}:/usr/sbin:/sbin" with_together: diff --git a/docker/ipfs/Dockerfile b/docker/ipfs/Dockerfile index 2dd2641..992488e 100644 --- a/docker/ipfs/Dockerfile +++ b/docker/ipfs/Dockerfile @@ -8,3 +8,38 @@ RUN chmod +rx /container-init.d/*.sh FROM dist as master ARG DOCKER_BUILD_DIR +ARG UID +ENV UID=${UID} +ENV USER=ipfs + +# If we provide a numeric UID +RUN if [ "${UID}" -eq "${UID}" ] 2>/dev/null; then \ + # Force $UID of $USER if it exists + if [ "$(awk -F: '$1 == "'"${USER}"'" {print $3}' /etc/passwd)" != "${UID}" ]; then \ + sed -i 's/^\('"${USER}"':x\):[0-9]\+:/\1:'"${UID}"':/' /etc/passwd; \ + fi; \ + # Create $USER if $UID does not exist + if [ "$(awk -F: '$3 == "'"${UID}"'" {print $1}' /etc/passwd)" = "" ]; then \ + echo "${USER}:x:${UID}:${GID:-${UID}}::/home/${USER}:${SHELL:-/bin/sh}" >> /etc/passwd; \ + echo "${USER}:\!:$(($(date +%s) / 60 / 60 / 24)):0:99999:7:::" >> /etc/shadow; \ + mkdir -p /home/"${USER}"; \ + fi; \ + chown "${UID}" $(awk -F: '$1 == "'"${USER}"'" {print $(NF-1)}' /etc/passwd); \ +fi + +# If we provide a numeric GID +RUN if [ "${GID}" -eq "${GID}" ] 2>/dev/null; then \ + # Force $GID of $GROUP if it already exists + if [ "$(awk -F: '$1 == "'"${GROUP}"'" {print $3}' /etc/group)" != "${GID}" ]; then \ + sed -i 's/^\('"${GROUP}"':x\):[0-9]\+:/\1:'"${GID}"':/' /etc/group; \ + fi; \ + # Create $GROUP if $GID does not exist + if [ "$(awk -F: '$3 == "'"${GID}"'" {print $1}' /etc/group)" = "" ]; then \ + echo "${GROUP}:x:${GID}:" >> /etc/group; \ + fi; \ + # Force $GID of $USER if it exists + if [ "$(awk -F: '$1 == "'"${USER}"'" {print $4}' /etc/passwd)" != "${GID}" ]; then \ + sed -i 's/^\('"${USER}"':x:[0-9]\+\):[0-9]\+:/\1:'"${GID}"':/' /etc/passwd; \ + fi; \ + chgrp "${GID}" $(awk -F: '$1 == "'"${USER}"'" {print $(NF-1)}' /etc/passwd); \ +fi diff --git a/docker/ipfs/ipfs-config.sh b/docker/ipfs/ipfs-config.sh index 5e93840..ee0009d 100644 --- a/docker/ipfs/ipfs-config.sh +++ b/docker/ipfs/ipfs-config.sh @@ -1,4 +1,5 @@ #!/bin/sh +set -e ## fix resource manager fatal error on arm64/linux with 2Gb RAM # ipfs config --json Swarm.ResourceMgr.Enabled false @@ -15,7 +16,17 @@ ipfs config Pubsub.Router gossipsub ipfs config --json Experimental.Libp2pStreamMounting true ipfs config --json Experimental.P2pHttpProxy true ipfs config Addresses.Gateway "/ip4/0.0.0.0/tcp/8080" -ipfs config Addresses.Api "/ip4/0.0.0.0/tcp/5001" + +## ipfs client needs API address +# search for ip address of $(hostname).${IPFS_ADDRESSES_API_DOMAIN} +[ -n "${IPFS_ADDRESSES_API_DOMAIN}" ] && [ -z "${IPFS_ADDRESSES_API_INET4}" ] \ + && IPFS_ADDRESSES_API_INET4=$(nslookup -type=A "$(hostname).${IPFS_ADDRESSES_API_DOMAIN}" |awk 'found && /^Address:/ {print $2; found=0}; /^Name:\t'"$(hostname).${IPFS_ADDRESSES_API_DOMAIN}"'/ {found=1};') +# check ${IPFS_ADDRESSES_API_INET4} format +echo "${IPFS_ADDRESSES_API_INET4}" |awk -F. '{ for ( i=1; i<=4; i++ ) if ($i >= 0 && $i <= 255); else exit 1;}; NF != 4 {exit 1;}' || unset IPFS_ADDRESSES_API_INET4 +# check ${IPFS_ADDRESSES_API_PORT} format +[ "${IPFS_ADDRESSES_API_PORT}" -eq "${IPFS_ADDRESSES_API_PORT}" ] 2>/dev/null && [ "${IPFS_ADDRESSES_API_PORT}" -ge 1 ] && [ "${IPFS_ADDRESSES_API_PORT}" -le 65535 ] \ + || unset IPFS_ADDRESSES_API_PORT +ipfs config Addresses.Api "${IPFS_ADDRESSES_API:-/ip4/${IPFS_ADDRESSES_API_INET4:-127.0.0.1}/tcp/${IPFS_ADDRESSES_API_PORT:-5001}}" ## REMOVE IPFS BOOTSTRAP ipfs bootstrap rm --all diff --git a/docker/zen/Dockerfile b/docker/zen/Dockerfile index d91d444..86a5c65 100644 --- a/docker/zen/Dockerfile +++ b/docker/zen/Dockerfile @@ -26,6 +26,7 @@ RUN apt-get update \ screen \ socat \ tmux \ + vim-nox \ wget \ xz-utils @@ -43,9 +44,6 @@ RUN { OS="$(echo ${OPERATING_SYSTEM} |awk '{print tolower($0)}')"; \ |tar --strip-components 1 -C /usr/local/lib/shellspec -xzf - \ && ln -s /usr/local/lib/shellspec/shellspec /usr/local/bin/shellspec -ADD https://raw.github.com/aya/dpgpid/master/keygen /usr/local/bin/keygen -RUN chmod +rx /usr/local/bin/keygen - ADD https://raw.github.com/kvz/cronlock/master/cronlock /usr/local/bin/cronlock RUN chmod +rx /usr/local/bin/cronlock @@ -54,9 +52,9 @@ ADD https://git.p2p.legal/axiom-team/astrXbian/raw/branch/master/install.sh / RUN chmod +r /include.sh \ && chmod +rx /install.sh -# COPY ${DOCKER_BUILD_DIR}/docker-entrypoint.sh /docker-entrypoint.sh -# ENTRYPOINT ["/docker-entrypoint.sh"] -# CMD ["/bin/sh"] +COPY ${DOCKER_BUILD_DIR}/docker-entrypoint.sh /docker-entrypoint.sh +ENTRYPOINT ["/docker-entrypoint.sh"] +CMD ["start"] FROM dist as master ARG DOCKER_BUILD_DIR @@ -70,7 +68,6 @@ ENV USER=${USER} RUN apt-get -fy install \ cron \ - pkg-config \ python3 \ sudo @@ -109,6 +106,8 @@ USER $USER ENV SHELL=${SHELL} WORKDIR /home/$USER +RUN mkdir ~/.zen ~/astroport + # git config RUN mkdir -p ~/.config/git \ && echo -e "\ @@ -122,7 +121,3 @@ Thumbs.db\n\ " > ~/.config/git/ignore RUN bash -c '. /include.sh && install_requirements' - -COPY ${DOCKER_BUILD_DIR}/docker-entrypoint.sh /docker-entrypoint.sh -ENTRYPOINT ["/docker-entrypoint.sh"] -CMD ["start"] diff --git a/docker/zen/docker-entrypoint.sh b/docker/zen/docker-entrypoint.sh index 86d2fb9..67e0b85 100755 --- a/docker/zen/docker-entrypoint.sh +++ b/docker/zen/docker-entrypoint.sh @@ -11,7 +11,7 @@ debug_msg () } # Install astrXbian/Astroport.ONE -# /install.sh +/install.sh case "${1:-start}" in diff --git a/make/apps/common.mk b/make/apps/common.mk index 81e7559..f3acfe1 100644 --- a/make/apps/common.mk +++ b/make/apps/common.mk @@ -81,10 +81,10 @@ exec@%: SERVICE ?= $(DOCKER_SERVICE) exec@%: $(call make,ssh-exec,$(MYOS),APP ARGS SERVICE) -# target force-%: Fire targets % and stack-node-% +# target force-%: Fire targets %, stack-user-% and stack-node-% # on local host .PHONY: force-% -force-%: % stack-node-%; +force-%: % stack-user-% stack-node-%; # target install app-install: Install application # on local host @@ -169,7 +169,7 @@ ssh@%: # target stack: Call docker-stack for each STACK ## it updates COMPOSE_FILE with all .yml files of the current stack .PHONY: stack -stack: docker-network-create +stack: $(foreach stackz,$(STACK),$(call docker-stack,$(stackz))) # target stack-%: Call docker-compose-% target on STACK @@ -202,7 +202,7 @@ tests: app-tests ## Test application # target up: Create and start application dockers # on local host .PHONY: up -up: stack-required docker-compose-up app-start ## Create application dockers +up: docker-compose-up app-start ## Create application dockers # target update app-update: Update application files # on local host diff --git a/make/apps/def.docker.mk b/make/apps/def.docker.mk index 32e2575..b8c4bb0 100644 --- a/make/apps/def.docker.mk +++ b/make/apps/def.docker.mk @@ -61,7 +61,7 @@ endif define docker-compose $(call INFO,docker-compose,$(1)) $(if $(DOCKER_RUN),$(call docker-build,$(MYOS)/docker/compose,docker/compose:$(COMPOSE_VERSION))) - $(if $(COMPOSE_FILE),$(call run,$(DOCKER_COMPOSE) $(patsubst %,-f %,$(COMPOSE_FILE)) -p $(if $(filter node,$(firstword $(subst /, ,$(STACK)))),$(COMPOSE_PROJECT_NAME_NODE),$(COMPOSE_PROJECT_NAME)) $(1))) + $(if $(COMPOSE_FILE),$(call run,$(DOCKER_COMPOSE) $(patsubst %,-f %,$(COMPOSE_FILE)) -p $(if $(filter node,$(firstword $(subst /, ,$(STACK)))),$(COMPOSE_PROJECT_NAME_NODE),$(if $(filter User,$(firstword $(subst /, ,$(STACK)))),$(COMPOSE_PROJECT_NAME_USER),$(COMPOSE_PROJECT_NAME))) $(1))) endef # function docker-compose-exec: Run docker-compose-exec with arg 2 in service 1 define docker-compose-exec diff --git a/make/apps/docker.mk b/make/apps/docker.mk index 4e38073..db2f7c2 100644 --- a/make/apps/docker.mk +++ b/make/apps/docker.mk @@ -110,7 +110,7 @@ docker-compose-stop: # target docker-compose-up: Fire docker-image-myos, Call docker-compose up SERVICE .PHONY: docker-compose-up docker-compose-up: DOCKER_RUN_OPTIONS += -it -docker-compose-up: docker-images-myos +docker-compose-up: docker-images-myos bootstrap-stack $(call docker-compose,up $(DOCKER_COMPOSE_UP_OPTIONS) $(if $(filter $(SERVICE),$(SERVICES)),$(SERVICE))) # target docker-images-myos: Call myos-docker-build-% target for each DOCKER_IMAGES_MYOS @@ -141,8 +141,10 @@ docker-network-create: docker-network-create-$(DOCKER_NETWORK) .PHONY: docker-network-create-% docker-network-create-%: if [ -z "$(shell docker network ls -q --filter name='^$*$$' 2>/dev/null)" ]; then \ - $(RUN) sh -c 'docker network create $* >/dev/null' \ - && $(or $(call INFO,docker network $* created), true); fi \ + $(RUN) sh -c 'docker network create $* >/dev/null 2>&1' \ + && $(or $(call INFO,docker network $* created), true) \ + ||: ; \ + fi # target docker-network-rm: Fire docker-network-rm-% for DOCKER_NETWORK .PHONY: docker-network-rm @@ -152,8 +154,10 @@ docker-network-rm: docker-network-rm-$(DOCKER_NETWORK) .PHONY: docker-network-rm-% docker-network-rm-%: if [ -n "$(shell docker network ls -q --filter name='^$*$$' 2>/dev/null)" ]; then \ - $(RUN) docker network rm $* >/dev/null \ - && $(or $(call INFO,docker network $* removed), true); fi \ + $(RUN) sh -c 'docker network rm $* >/dev/null 2>&1' \ + && $(or $(call INFO,docker network $* removed), true) \ + ||: ; \ + fi # target docker-plugin-install: Run 'docker plugin install DOCKER_PLUGIN_OPTIONS DOCKER_PLUGIN' .PHONY: docker-plugin-install diff --git a/make/apps/myos/setup.mk b/make/apps/myos/setup.mk index a706e76..b111962 100644 --- a/make/apps/myos/setup.mk +++ b/make/apps/myos/setup.mk @@ -9,7 +9,7 @@ ifeq ($(or $(filter $(USER),$(subst $(comma), ,$(shell awk -F':' '$$1 == "docker $(call ansible-user-add-groups,$(USER),docker) $(call WARNING,user,$(USER),added in group,docker) endif -ifeq ($(filter 0 $(DOCKER_GID),$(shell id -G)),) +ifeq ($(filter 0 $(DOCKER_GID),$(GIDS)),) $(call ERROR,YOU MUST LOGOUT NOW AND LOGIN BACK TO GET DOCKER GROUP MEMBERSHIP) endif endif diff --git a/make/def.mk b/make/def.mk index 4dd6cc9..e47134e 100644 --- a/make/def.mk +++ b/make/def.mk @@ -53,8 +53,9 @@ ENV_ARGS ?= $(env_args) ENV_FILE ?= $(wildcard $(CONFIG)/$(ENV)/$(APP)/.env .env) ENV_LIST ?= $(shell ls .git/refs/heads/ 2>/dev/null) ENV_RESET ?= false -ENV_VARS ?= APP BRANCH DOMAIN ENV HOME HOSTNAME GID GIT_AUTHOR_EMAIL GIT_AUTHOR_NAME MONOREPO MONOREPO_DIR OPERATING_SYSTEM PROCESSOR_ARCHITECTURE TAG UID USER VERSION +ENV_VARS ?= APP BRANCH DOMAIN ENV HOME HOSTNAME GID GIT_AUTHOR_EMAIL GIT_AUTHOR_NAME GROUP MONOREPO MONOREPO_DIR OPERATING_SYSTEM PROCESSOR_ARCHITECTURE TAG UID USER VERSION GID ?= $(shell id -g 2>/dev/null) +GIDS ?= $(shell id -G 2>/dev/null) GIT_AUTHOR_EMAIL ?= $(or $(shell git config user.email 2>/dev/null),$(USER)@my.os) GIT_AUTHOR_NAME ?= $(or $(shell git config user.name 2>/dev/null),$(USER)) GIT_BRANCH ?= $(shell git rev-parse --abbrev-ref HEAD 2>/dev/null) @@ -66,6 +67,7 @@ GIT_UPSTREAM_REPOSITORY ?= $(if $(GIT_REPOSITORY),$(if $(findstring ://, GIT_UPSTREAM_USER ?= $(lastword $(subst /, ,$(call pop,$(MYOS_REPOSITORY)))) GIT_USER ?= $(USER) GIT_VERSION ?= $(shell git describe --tags $(BRANCH) 2>/dev/null || git rev-parse $(BRANCH) 2>/dev/null) +GROUP ?= $(shell id -ng 2>/dev/null) HOSTNAME ?= $(shell hostname 2>/dev/null |sed 's/\..*//') IGNORE_DRYRUN ?= false IGNORE_VERBOSE ?= false diff --git a/stack/User.mk b/stack/User.mk index 961f3a6..b47de52 100644 --- a/stack/User.mk +++ b/stack/User.mk @@ -1,11 +1,17 @@ User ?= User/User -# target user: Fire user-agent -.PHONY: User user -User user: bootstrap-docker bootstrap-user $(if $(DOCKER_RUN),stack-User-up) user-agent +# target bootstrap-stack-User: Fire docker-network-create +.PHONY: bootstrap-stack-User +bootstrap-stack-User: docker-network-create-$(DOCKER_NETWORK_PRIVATE) -# target user-agent: Fire ssh-add -user-agent: ssh-add +# target start-stack-User: Fire ssh-add +.PHONY: start-stack-User +start-stack-User: ssh-add + +# target user: Fire start-stack-User if DOCKER_RUN or fire start-stack-User +.PHONY: User user +User user: $(if $(DOCKER_RUN),stack-User-up,start-stack-User) # target User-% user-%; Fire target stack-User-% +.PHONY: User-% user-% User-% user-%: stack-User-%; diff --git a/stack/User/.env.dist b/stack/User/.env.dist index 5b525f9..6e8c82c 100644 --- a/stack/User/.env.dist +++ b/stack/User/.env.dist @@ -1,6 +1,6 @@ MYOS_RC_PROMPT_SET=true MYOS_RC_PS1_SET=true -MYOS_RC_SCREEN_ATTACH=false +MYOS_RC_SCREEN_ATTACH=true MYOS_RC_SOURCE=/etc/profile.d/rc_functions.sh -MYOS_RC_SSH_ADD=false +MYOS_RC_SSH_ADD=true MYOS_RC_TMUX_ATTACH=false diff --git a/stack/User/ipfs/.env.dist b/stack/User/ipfs/.env.dist deleted file mode 100644 index dd062b2..0000000 --- a/stack/User/ipfs/.env.dist +++ /dev/null @@ -1 +0,0 @@ -IPFS_SERVICE_8080_TAGS_USER=urlprefix-ipfs.${USER}.${DOMAIN}/ diff --git a/stack/User/ipfs/ipfs.yml b/stack/User/ipfs/ipfs.yml deleted file mode 100644 index 75c668f..0000000 --- a/stack/User/ipfs/ipfs.yml +++ /dev/null @@ -1,56 +0,0 @@ -version: '3.6' - -services: - ipfs: - build: - args: - - DOCKER_BUILD_DIR=docker/ipfs - - IPFS_VERSION=0.13.0 - context: ../.. - dockerfile: docker/ipfs/Dockerfile - command: daemon --migrate=true - container_name: ${COMPOSE_PROJECT_NAME_USER}_ipfs - cpus: 0.5 - environment: - - IPFS_PROFILE=${IPFS_PROFILE} - image: ${DOCKER_REPOSITORY_USER}/ipfs:${DOCKER_IMAGE_TAG} - labels: - - SERVICE_4001_CHECK_TCP=true - - SERVICE_4001_NAME=${COMPOSE_SERVICE_NAME_USER}-ipfs:4001 - - SERVICE_5001_CHECK_TCP=true - - SERVICE_5001_NAME=${COMPOSE_SERVICE_NAME_USER}-ipfs:5001 - - SERVICE_8080_CHECK_HTTP=/ipfs/QmYwAPJzv5CZsnA625s3Xf2nemtYgPpHdWEz79ojWnPbdG/readme - - SERVICE_8080_NAME=${COMPOSE_SERVICE_NAME_USER}-ipfs:8080 - - SERVICE_8080_TAGS=${IPFS_SERVICE_8080_TAGS_USER} - - SERVICE_8081_IGNORE=true - networks: - - private - - public - ports: - - 4001 - - 5001/tcp - - 8080/tcp - ulimits: - nofile: - soft: 65536 - hard: 65536 - volumes: - - ipfs:/data/ipfs:delegated - restart: always - -volumes: - ipfs: - driver: local - driver_opts: - type: none - device: ${HOME}/.ipfs - o: bind - name: ${COMPOSE_PROJECT_NAME_USER}_ipfs - -networks: - private: - external: true - name: ${DOCKER_NETWORK_PRIVATE} - public: - external: true - name: ${DOCKER_NETWORK_PUBLIC} diff --git a/stack/ipfs.mk b/stack/ipfs.mk new file mode 100644 index 0000000..ed6c820 --- /dev/null +++ b/stack/ipfs.mk @@ -0,0 +1,5 @@ +.PHONY: bootstrap-stack-ipfs +bootstrap-stack-ipfs: ~/.ipfs + +~/.ipfs: + mkdir -p ~/.ipfs diff --git a/stack/ipfs/.env.dist b/stack/ipfs/.env.dist index b97bc48..2e9736e 100644 --- a/stack/ipfs/.env.dist +++ b/stack/ipfs/.env.dist @@ -1 +1,4 @@ +IPFS_ADDRESSES_API_DOMAIN=${DOCKER_NETWORK_PRIVATE} +IPFS_LOGGING=error +IPFS_SERVICE_8080_CHECK_TCP=/ipfs/QmYwAPJzv5CZsnA625s3Xf2nemtYgPpHdWEz79ojWnPbdG/readme IPFS_SERVICE_8080_TAGS=urlprefix-ipfs.${APP_DOMAIN}/ diff --git a/stack/ipfs/ipfs.yml b/stack/ipfs/ipfs.yml index db36860..6080b7a 100644 --- a/stack/ipfs/ipfs.yml +++ b/stack/ipfs/ipfs.yml @@ -6,11 +6,17 @@ services: args: - DOCKER_BUILD_DIR=docker/ipfs - IPFS_VERSION=0.13.0 + - UID=${UID} context: ../.. dockerfile: docker/ipfs/Dockerfile command: daemon --migrate=true cpus: 0.5 environment: + - IPFS_ADDRESSES_API=${IPFS_ADDRESSES_API} + - IPFS_ADDRESSES_API_DOMAIN=${IPFS_ADDRESSES_API_DOMAIN} + - IPFS_ADDRESSES_API_INET4=${IPFS_ADDRESSES_API_INET4} + - IPFS_ADDRESSES_API_PORT=${IPFS_ADDRESSES_API_PORT} + - IPFS_LOGGING=${IPFS_LOGGING} - IPFS_PROFILE=${IPFS_PROFILE} image: ${DOCKER_REPOSITORY}/ipfs:${DOCKER_IMAGE_TAG} labels: @@ -18,12 +24,13 @@ services: - SERVICE_4001_NAME=${COMPOSE_SERVICE_NAME}-ipfs:4001 - SERVICE_5001_CHECK_TCP=true - SERVICE_5001_NAME=${COMPOSE_SERVICE_NAME}-ipfs:5001 - - SERVICE_8080_CHECK_HTTP=/ipfs/QmYwAPJzv5CZsnA625s3Xf2nemtYgPpHdWEz79ojWnPbdG/readme + - SERVICE_8080_CHECK_HTTP=${IPFS_SERVICE_8080_CHECK_TCP} - SERVICE_8080_NAME=${COMPOSE_SERVICE_NAME}-ipfs:8080 - SERVICE_8080_TAGS=${IPFS_SERVICE_8080_TAGS} - SERVICE_8081_IGNORE=true networks: - private + - public ports: - 4001 - 5001/tcp @@ -38,8 +45,16 @@ services: volumes: ipfs: + driver: local + driver_opts: + type: none + device: ${HOME}/.ipfs + o: bind networks: private: external: true name: ${DOCKER_NETWORK_PRIVATE} + public: + external: true + name: ${DOCKER_NETWORK_PUBLIC} diff --git a/stack/node.mk b/stack/node.mk index a402934..bb0053f 100644 --- a/stack/node.mk +++ b/stack/node.mk @@ -1,10 +1,14 @@ -node ?= node/node node/ipfs +node ?= node/node ENV_VARS += DOCKER_HOST_IFACE DOCKER_HOST_INET4 DOCKER_INTERNAL_DOCKER_HOST IPFS_PROFILE IPFS_PROFILE ?= $(if $(filter-out amd64 x86_64,$(PROCESSOR_ARCHITECTURE)),lowpower,server) -# target node: Fire docker-network-create-% for DOCKER_NETWORK_PUBLIC node-ssl-certs stack-node-up +# target bootstrap-stack-node: Fire node-ssl-certs +.PHONY: bootstrap-stack-node +bootstrap-stack-node: docker-network-create-$(DOCKER_NETWORK_PUBLIC) node-ssl-certs + +# target node: Fire stack-node-up .PHONY: node -node: bootstrap-docker bootstrap-host stack-node-up +node: stack-node-up # target node-%; Fire target stack-node-% node-%: stack-node-%; diff --git a/stack/node/ipfs/.env.dist b/stack/node/ipfs/.env.dist index b14b5d9..1b2782f 100644 --- a/stack/node/ipfs/.env.dist +++ b/stack/node/ipfs/.env.dist @@ -1 +1,4 @@ +IPFS_ADDRESSES_API_DOMAIN_NODE=${DOCKER_NETWORK_PUBLIC} +IPFS_LOGGING_NODE=error +IPFS_SERVICE_8080_CHECK_TCP_NODE=/ipfs/QmYwAPJzv5CZsnA625s3Xf2nemtYgPpHdWEz79ojWnPbdG/readme IPFS_SERVICE_8080_TAGS_NODE=urlprefix-ipfs.${DOMAIN}/ diff --git a/stack/node/ipfs/ipfs.yml b/stack/node/ipfs/ipfs.yml index d0f53b3..aa79f97 100644 --- a/stack/node/ipfs/ipfs.yml +++ b/stack/node/ipfs/ipfs.yml @@ -10,12 +10,13 @@ services: dockerfile: docker/ipfs/Dockerfile command: daemon --migrate=true container_name: ${COMPOSE_PROJECT_NAME_NODE}_ipfs - cap_add: - - SYS_ADMIN # --mount cpus: 0.5 - devices: - - /dev/fuse:/dev/fuse # --mount environment: + - IPFS_ADDRESSES_API=${IPFS_ADDRESSES_API_NODE} + - IPFS_ADDRESSES_API_DOMAIN=${IPFS_ADDRESSES_API_DOMAIN_NODE} + - IPFS_ADDRESSES_API_INET4=${IPFS_ADDRESSES_API_INET4_NODE} + - IPFS_ADDRESSES_API_PORT=${IPFS_ADDRESSES_API_PORT_NODE} + - IPFS_LOGGING=${IPFS_LOGGING_NODE} - IPFS_PROFILE=${IPFS_PROFILE} image: ${DOCKER_REPOSITORY_NODE}/ipfs:${DOCKER_IMAGE_TAG} labels: @@ -23,7 +24,7 @@ services: - SERVICE_4001_NAME=${COMPOSE_SERVICE_NAME_NODE}-ipfs:4001 - SERVICE_5001_CHECK_TCP=true - SERVICE_5001_NAME=${COMPOSE_SERVICE_NAME_NODE}-ipfs:5001 - - SERVICE_8080_CHECK_HTTP=/ipfs/QmYwAPJzv5CZsnA625s3Xf2nemtYgPpHdWEz79ojWnPbdG/readme + - SERVICE_8080_CHECK_HTTP=${IPFS_SERVICE_8080_CHECK_TCP_NODE} - SERVICE_8080_NAME=${COMPOSE_SERVICE_NAME_NODE}-ipfs:8080 - SERVICE_8080_TAGS=${IPFS_SERVICE_8080_TAGS_NODE} - SERVICE_8081_IGNORE=true @@ -33,8 +34,6 @@ services: - 4001:4001 - 5001/tcp - 8080/tcp - security_opt: - - apparmor:unconfined # --mount ulimits: nofile: soft: 65536 diff --git a/stack/theia/theia.yml b/stack/theia/theia.yml index 138a9bf..7eabdb8 100644 --- a/stack/theia/theia.yml +++ b/stack/theia/theia.yml @@ -7,6 +7,7 @@ services: - DOCKER_BUILD_DIR=docker/theia - GIT_AUTHOR_NAME=${GIT_AUTHOR_NAME} - GIT_AUTHOR_EMAIL=${GIT_AUTHOR_EMAIL} + - UID=${UID} context: ../.. dockerfile: docker/theia/Dockerfile environment: diff --git a/stack/zen.mk b/stack/zen.mk index 316aadf..e22d62f 100644 --- a/stack/zen.mk +++ b/stack/zen.mk @@ -1,8 +1,14 @@ ifneq ($(filter zen,$(STACK)),) -ifeq ($(filter User/ipfs,$(STACK)),) -STACK += User/ipfs +ifeq ($(filter ipfs,$(STACK)),) +STACK += ipfs endif -ifeq ($(filter User/ipfs,$(User)),) -User += User/ipfs +ifeq ($(filter node/ipfs,$(node)),) +node += node/ipfs endif endif + +.PHONY: bootstrap-stack-zen +bootstrap-stack-zen: ~/.zen + +~/.zen: + mkdir -p ~/.zen diff --git a/stack/zen/zen.yml b/stack/zen/zen.yml index 16852ec..e6e1ae1 100644 --- a/stack/zen/zen.yml +++ b/stack/zen/zen.yml @@ -26,7 +26,7 @@ services: user: ${UID}:${GID} volumes: - astroport:${HOME}/astroport:cached - - ipfs:${HOME}/.ipfs:ro + - ipfs:${HOME}/.ipfs:cached,ro - zen:${HOME}/.zen:delegated - ssh-agent:/tmp/ssh-agent:ro working_dir: ${HOME}/.zen @@ -35,7 +35,7 @@ volumes: astroport: ipfs: external: true - name: ${COMPOSE_PROJECT_NAME_USER}_ipfs + name: ${COMPOSE_PROJECT_NAME}_ipfs ssh-agent: external: true name: ${DOCKER_VOLUME}