fix install on new host

This commit is contained in:
Yann Autissier 2022-07-06 23:27:41 +02:00
parent e06266489c
commit 07a9729c73
26 changed files with 162 additions and 132 deletions

View File

@ -3,7 +3,7 @@ include make/include.mk
##
# APP
app-bootstrap: bootstrap-docker bootstrap-host bootstrap-user
app-bootstrap: bootstrap-docker
app-build: user install-build-config
$(call make,docker-compose-build docker-compose-up)
@ -12,6 +12,8 @@ app-build: user install-build-config
app-install: ansible-run app-update-default
app-start: $(foreach stack,$(STACK),start-stack-$(stack))
app-update: ansible-pull app-update-default
app-update-default: ENV_DIST := .env
@ -24,16 +26,9 @@ app-tests: ansible-tests
# BOOTSTRAP
# target bootstrap-docker: Install and configure docker
# on local host
.PHONY: bootstrap-docker
bootstrap-docker: install-bin-docker setup-docker-group setup-binfmt setup-nfsd setup-sysctl
# target bootstrap-host: Create DOCKER_NETWORK_PUBLIC
# on local host
.PHONY: bootstrap-host
bootstrap-host: docker-network-create-$(DOCKER_NETWORK_PUBLIC) node-ssl-certs
# target bootstrap-user: Create DOCKER_NETWORK_PRIVATE
# on local host
.PHONY: bootstrap-user
bootstrap-user: docker-network-create
# target bootstrap-stack: Call bootstrap target of each stack
.PHONY: bootstrap-stack
bootstrap-stack: docker-network-create $(foreach stack,$(STACK),bootstrap-stack-$(stack))

View File

@ -6,32 +6,34 @@ Docker paas based on docker compose files.
This is work in progress ;)
## Requirements
You need `git` and `make`.
## Usage
### Examples
* Configure myos for domain.tld
* Configure myos for domain `domain.tld` and stack `zen`
```shell
$ make bootstrap DOMAIN=domain.tld
$ make bootstrap DOMAIN=domain.tld STACK=zen
```
* Start myos stacks
```shell
$ make node up STACK='zen'
$ make node up
```
`make node` starts the stack node with docker host services :
`make node` starts the stack `node` with docker host services :
- consul (service discovery)
- fabio (load balancer)
- ipfs (inter planetary file system)
- registrator (docker/consul bridge)
`make User` starts the stack User with docker user services :
- myos (ssh-agent)
- ipfs (when STACK=zen)
`make up` starts the stack STACK
- zen (when STACK=zen)
`make up` starts the stack `zen` with docker services :
- ipfs (mount ~/.ipfs)
- zen (mount ~/.zen)
* Stop myos
@ -85,10 +87,10 @@ $ make print-VARIABLE
$ make config
```
`make config` show docker compose yaml config for stack STACK
`make stack-node-config` show docker compose yaml config for stack node
`make stack-User-config` show docker compose yaml config for stack User
`make stack-elastic-config` show docker compose yaml config for stack elastic
`make config` show docker compose yaml config for stack `STACK`
`make node-config` show docker compose yaml config for stack `node`
`make user-config` show docker compose yaml config for stack `User`
`make stack-elastic-config` show docker compose yaml config for stack `elastic`
* Show debug variables
@ -110,4 +112,4 @@ $ make print-env_args
## Status
Use it at your own risks.
Beta software, use it at your own risks.

View File

@ -8,7 +8,6 @@ docker_packages:
- { "name": "apt-transport-https", "state": "present" }
- { "name": "ca-certificates", "state": "present" }
- { "name": "curl", "state": "present" }
- { "name": "docker-compose", "state": "present" }
- { "name": "gnupg2", "state": "present" }
- { "name": "software-properties-common", "state": "present" }

View File

@ -2,6 +2,7 @@
# file: handlers/main.yml
- name: update boot - syslinux
become: yes
environment:
PATH: "{{ ansible_env.PATH }}:/usr/sbin:/sbin"
with_together:
@ -11,6 +12,7 @@
when: item.1.changed and item.0.dest == "/etc/update-extlinux.conf"
- name: update boot - grub
become: yes
environment:
PATH: "{{ ansible_env.PATH }}:/usr/sbin:/sbin"
with_together:

View File

@ -8,3 +8,38 @@ RUN chmod +rx /container-init.d/*.sh
FROM dist as master
ARG DOCKER_BUILD_DIR
ARG UID
ENV UID=${UID}
ENV USER=ipfs
# If we provide a numeric UID
RUN if [ "${UID}" -eq "${UID}" ] 2>/dev/null; then \
# Force $UID of $USER if it exists
if [ "$(awk -F: '$1 == "'"${USER}"'" {print $3}' /etc/passwd)" != "${UID}" ]; then \
sed -i 's/^\('"${USER}"':x\):[0-9]\+:/\1:'"${UID}"':/' /etc/passwd; \
fi; \
# Create $USER if $UID does not exist
if [ "$(awk -F: '$3 == "'"${UID}"'" {print $1}' /etc/passwd)" = "" ]; then \
echo "${USER}:x:${UID}:${GID:-${UID}}::/home/${USER}:${SHELL:-/bin/sh}" >> /etc/passwd; \
echo "${USER}:\!:$(($(date +%s) / 60 / 60 / 24)):0:99999:7:::" >> /etc/shadow; \
mkdir -p /home/"${USER}"; \
fi; \
chown "${UID}" $(awk -F: '$1 == "'"${USER}"'" {print $(NF-1)}' /etc/passwd); \
fi
# If we provide a numeric GID
RUN if [ "${GID}" -eq "${GID}" ] 2>/dev/null; then \
# Force $GID of $GROUP if it already exists
if [ "$(awk -F: '$1 == "'"${GROUP}"'" {print $3}' /etc/group)" != "${GID}" ]; then \
sed -i 's/^\('"${GROUP}"':x\):[0-9]\+:/\1:'"${GID}"':/' /etc/group; \
fi; \
# Create $GROUP if $GID does not exist
if [ "$(awk -F: '$3 == "'"${GID}"'" {print $1}' /etc/group)" = "" ]; then \
echo "${GROUP}:x:${GID}:" >> /etc/group; \
fi; \
# Force $GID of $USER if it exists
if [ "$(awk -F: '$1 == "'"${USER}"'" {print $4}' /etc/passwd)" != "${GID}" ]; then \
sed -i 's/^\('"${USER}"':x:[0-9]\+\):[0-9]\+:/\1:'"${GID}"':/' /etc/passwd; \
fi; \
chgrp "${GID}" $(awk -F: '$1 == "'"${USER}"'" {print $(NF-1)}' /etc/passwd); \
fi

View File

@ -1,4 +1,5 @@
#!/bin/sh
set -e
## fix resource manager fatal error on arm64/linux with 2Gb RAM
# ipfs config --json Swarm.ResourceMgr.Enabled false
@ -15,7 +16,17 @@ ipfs config Pubsub.Router gossipsub
ipfs config --json Experimental.Libp2pStreamMounting true
ipfs config --json Experimental.P2pHttpProxy true
ipfs config Addresses.Gateway "/ip4/0.0.0.0/tcp/8080"
ipfs config Addresses.Api "/ip4/0.0.0.0/tcp/5001"
## ipfs client needs API address
# search for ip address of $(hostname).${IPFS_ADDRESSES_API_DOMAIN}
[ -n "${IPFS_ADDRESSES_API_DOMAIN}" ] && [ -z "${IPFS_ADDRESSES_API_INET4}" ] \
&& IPFS_ADDRESSES_API_INET4=$(nslookup -type=A "$(hostname).${IPFS_ADDRESSES_API_DOMAIN}" |awk 'found && /^Address:/ {print $2; found=0}; /^Name:\t'"$(hostname).${IPFS_ADDRESSES_API_DOMAIN}"'/ {found=1};')
# check ${IPFS_ADDRESSES_API_INET4} format
echo "${IPFS_ADDRESSES_API_INET4}" |awk -F. '{ for ( i=1; i<=4; i++ ) if ($i >= 0 && $i <= 255); else exit 1;}; NF != 4 {exit 1;}' || unset IPFS_ADDRESSES_API_INET4
# check ${IPFS_ADDRESSES_API_PORT} format
[ "${IPFS_ADDRESSES_API_PORT}" -eq "${IPFS_ADDRESSES_API_PORT}" ] 2>/dev/null && [ "${IPFS_ADDRESSES_API_PORT}" -ge 1 ] && [ "${IPFS_ADDRESSES_API_PORT}" -le 65535 ] \
|| unset IPFS_ADDRESSES_API_PORT
ipfs config Addresses.Api "${IPFS_ADDRESSES_API:-/ip4/${IPFS_ADDRESSES_API_INET4:-127.0.0.1}/tcp/${IPFS_ADDRESSES_API_PORT:-5001}}"
## REMOVE IPFS BOOTSTRAP
ipfs bootstrap rm --all

View File

@ -26,6 +26,7 @@ RUN apt-get update \
screen \
socat \
tmux \
vim-nox \
wget \
xz-utils
@ -43,9 +44,6 @@ RUN { OS="$(echo ${OPERATING_SYSTEM} |awk '{print tolower($0)}')"; \
|tar --strip-components 1 -C /usr/local/lib/shellspec -xzf - \
&& ln -s /usr/local/lib/shellspec/shellspec /usr/local/bin/shellspec
ADD https://raw.github.com/aya/dpgpid/master/keygen /usr/local/bin/keygen
RUN chmod +rx /usr/local/bin/keygen
ADD https://raw.github.com/kvz/cronlock/master/cronlock /usr/local/bin/cronlock
RUN chmod +rx /usr/local/bin/cronlock
@ -54,9 +52,9 @@ ADD https://git.p2p.legal/axiom-team/astrXbian/raw/branch/master/install.sh /
RUN chmod +r /include.sh \
&& chmod +rx /install.sh
# COPY ${DOCKER_BUILD_DIR}/docker-entrypoint.sh /docker-entrypoint.sh
# ENTRYPOINT ["/docker-entrypoint.sh"]
# CMD ["/bin/sh"]
COPY ${DOCKER_BUILD_DIR}/docker-entrypoint.sh /docker-entrypoint.sh
ENTRYPOINT ["/docker-entrypoint.sh"]
CMD ["start"]
FROM dist as master
ARG DOCKER_BUILD_DIR
@ -70,7 +68,6 @@ ENV USER=${USER}
RUN apt-get -fy install \
cron \
pkg-config \
python3 \
sudo
@ -109,6 +106,8 @@ USER $USER
ENV SHELL=${SHELL}
WORKDIR /home/$USER
RUN mkdir ~/.zen ~/astroport
# git config
RUN mkdir -p ~/.config/git \
&& echo -e "\
@ -122,7 +121,3 @@ Thumbs.db\n\
" > ~/.config/git/ignore
RUN bash -c '. /include.sh && install_requirements'
COPY ${DOCKER_BUILD_DIR}/docker-entrypoint.sh /docker-entrypoint.sh
ENTRYPOINT ["/docker-entrypoint.sh"]
CMD ["start"]

View File

@ -11,7 +11,7 @@ debug_msg ()
}
# Install astrXbian/Astroport.ONE
# /install.sh
/install.sh
case "${1:-start}" in

View File

@ -81,10 +81,10 @@ exec@%: SERVICE ?= $(DOCKER_SERVICE)
exec@%:
$(call make,ssh-exec,$(MYOS),APP ARGS SERVICE)
# target force-%: Fire targets % and stack-node-%
# target force-%: Fire targets %, stack-user-% and stack-node-%
# on local host
.PHONY: force-%
force-%: % stack-node-%;
force-%: % stack-user-% stack-node-%;
# target install app-install: Install application
# on local host
@ -169,7 +169,7 @@ ssh@%:
# target stack: Call docker-stack for each STACK
## it updates COMPOSE_FILE with all .yml files of the current stack
.PHONY: stack
stack: docker-network-create
stack:
$(foreach stackz,$(STACK),$(call docker-stack,$(stackz)))
# target stack-%: Call docker-compose-% target on STACK
@ -202,7 +202,7 @@ tests: app-tests ## Test application
# target up: Create and start application dockers
# on local host
.PHONY: up
up: stack-required docker-compose-up app-start ## Create application dockers
up: docker-compose-up app-start ## Create application dockers
# target update app-update: Update application files
# on local host

View File

@ -61,7 +61,7 @@ endif
define docker-compose
$(call INFO,docker-compose,$(1))
$(if $(DOCKER_RUN),$(call docker-build,$(MYOS)/docker/compose,docker/compose:$(COMPOSE_VERSION)))
$(if $(COMPOSE_FILE),$(call run,$(DOCKER_COMPOSE) $(patsubst %,-f %,$(COMPOSE_FILE)) -p $(if $(filter node,$(firstword $(subst /, ,$(STACK)))),$(COMPOSE_PROJECT_NAME_NODE),$(COMPOSE_PROJECT_NAME)) $(1)))
$(if $(COMPOSE_FILE),$(call run,$(DOCKER_COMPOSE) $(patsubst %,-f %,$(COMPOSE_FILE)) -p $(if $(filter node,$(firstword $(subst /, ,$(STACK)))),$(COMPOSE_PROJECT_NAME_NODE),$(if $(filter User,$(firstword $(subst /, ,$(STACK)))),$(COMPOSE_PROJECT_NAME_USER),$(COMPOSE_PROJECT_NAME))) $(1)))
endef
# function docker-compose-exec: Run docker-compose-exec with arg 2 in service 1
define docker-compose-exec

View File

@ -110,7 +110,7 @@ docker-compose-stop:
# target docker-compose-up: Fire docker-image-myos, Call docker-compose up SERVICE
.PHONY: docker-compose-up
docker-compose-up: DOCKER_RUN_OPTIONS += -it
docker-compose-up: docker-images-myos
docker-compose-up: docker-images-myos bootstrap-stack
$(call docker-compose,up $(DOCKER_COMPOSE_UP_OPTIONS) $(if $(filter $(SERVICE),$(SERVICES)),$(SERVICE)))
# target docker-images-myos: Call myos-docker-build-% target for each DOCKER_IMAGES_MYOS
@ -141,8 +141,10 @@ docker-network-create: docker-network-create-$(DOCKER_NETWORK)
.PHONY: docker-network-create-%
docker-network-create-%:
if [ -z "$(shell docker network ls -q --filter name='^$*$$' 2>/dev/null)" ]; then \
$(RUN) sh -c 'docker network create $* >/dev/null' \
&& $(or $(call INFO,docker network $* created), true); fi \
$(RUN) sh -c 'docker network create $* >/dev/null 2>&1' \
&& $(or $(call INFO,docker network $* created), true) \
||: ; \
fi
# target docker-network-rm: Fire docker-network-rm-% for DOCKER_NETWORK
.PHONY: docker-network-rm
@ -152,8 +154,10 @@ docker-network-rm: docker-network-rm-$(DOCKER_NETWORK)
.PHONY: docker-network-rm-%
docker-network-rm-%:
if [ -n "$(shell docker network ls -q --filter name='^$*$$' 2>/dev/null)" ]; then \
$(RUN) docker network rm $* >/dev/null \
&& $(or $(call INFO,docker network $* removed), true); fi \
$(RUN) sh -c 'docker network rm $* >/dev/null 2>&1' \
&& $(or $(call INFO,docker network $* removed), true) \
||: ; \
fi
# target docker-plugin-install: Run 'docker plugin install DOCKER_PLUGIN_OPTIONS DOCKER_PLUGIN'
.PHONY: docker-plugin-install

View File

@ -9,7 +9,7 @@ ifeq ($(or $(filter $(USER),$(subst $(comma), ,$(shell awk -F':' '$$1 == "docker
$(call ansible-user-add-groups,$(USER),docker)
$(call WARNING,user,$(USER),added in group,docker)
endif
ifeq ($(filter 0 $(DOCKER_GID),$(shell id -G)),)
ifeq ($(filter 0 $(DOCKER_GID),$(GIDS)),)
$(call ERROR,YOU MUST LOGOUT NOW AND LOGIN BACK TO GET DOCKER GROUP MEMBERSHIP)
endif
endif

View File

@ -53,8 +53,9 @@ ENV_ARGS ?= $(env_args)
ENV_FILE ?= $(wildcard $(CONFIG)/$(ENV)/$(APP)/.env .env)
ENV_LIST ?= $(shell ls .git/refs/heads/ 2>/dev/null)
ENV_RESET ?= false
ENV_VARS ?= APP BRANCH DOMAIN ENV HOME HOSTNAME GID GIT_AUTHOR_EMAIL GIT_AUTHOR_NAME MONOREPO MONOREPO_DIR OPERATING_SYSTEM PROCESSOR_ARCHITECTURE TAG UID USER VERSION
ENV_VARS ?= APP BRANCH DOMAIN ENV HOME HOSTNAME GID GIT_AUTHOR_EMAIL GIT_AUTHOR_NAME GROUP MONOREPO MONOREPO_DIR OPERATING_SYSTEM PROCESSOR_ARCHITECTURE TAG UID USER VERSION
GID ?= $(shell id -g 2>/dev/null)
GIDS ?= $(shell id -G 2>/dev/null)
GIT_AUTHOR_EMAIL ?= $(or $(shell git config user.email 2>/dev/null),$(USER)@my.os)
GIT_AUTHOR_NAME ?= $(or $(shell git config user.name 2>/dev/null),$(USER))
GIT_BRANCH ?= $(shell git rev-parse --abbrev-ref HEAD 2>/dev/null)
@ -66,6 +67,7 @@ GIT_UPSTREAM_REPOSITORY ?= $(if $(GIT_REPOSITORY),$(if $(findstring ://,
GIT_UPSTREAM_USER ?= $(lastword $(subst /, ,$(call pop,$(MYOS_REPOSITORY))))
GIT_USER ?= $(USER)
GIT_VERSION ?= $(shell git describe --tags $(BRANCH) 2>/dev/null || git rev-parse $(BRANCH) 2>/dev/null)
GROUP ?= $(shell id -ng 2>/dev/null)
HOSTNAME ?= $(shell hostname 2>/dev/null |sed 's/\..*//')
IGNORE_DRYRUN ?= false
IGNORE_VERBOSE ?= false

View File

@ -1,11 +1,17 @@
User ?= User/User
# target user: Fire user-agent
.PHONY: User user
User user: bootstrap-docker bootstrap-user $(if $(DOCKER_RUN),stack-User-up) user-agent
# target bootstrap-stack-User: Fire docker-network-create
.PHONY: bootstrap-stack-User
bootstrap-stack-User: docker-network-create-$(DOCKER_NETWORK_PRIVATE)
# target user-agent: Fire ssh-add
user-agent: ssh-add
# target start-stack-User: Fire ssh-add
.PHONY: start-stack-User
start-stack-User: ssh-add
# target user: Fire start-stack-User if DOCKER_RUN or fire start-stack-User
.PHONY: User user
User user: $(if $(DOCKER_RUN),stack-User-up,start-stack-User)
# target User-% user-%; Fire target stack-User-%
.PHONY: User-% user-%
User-% user-%: stack-User-%;

View File

@ -1,6 +1,6 @@
MYOS_RC_PROMPT_SET=true
MYOS_RC_PS1_SET=true
MYOS_RC_SCREEN_ATTACH=false
MYOS_RC_SCREEN_ATTACH=true
MYOS_RC_SOURCE=/etc/profile.d/rc_functions.sh
MYOS_RC_SSH_ADD=false
MYOS_RC_SSH_ADD=true
MYOS_RC_TMUX_ATTACH=false

View File

@ -1 +0,0 @@
IPFS_SERVICE_8080_TAGS_USER=urlprefix-ipfs.${USER}.${DOMAIN}/

View File

@ -1,56 +0,0 @@
version: '3.6'
services:
ipfs:
build:
args:
- DOCKER_BUILD_DIR=docker/ipfs
- IPFS_VERSION=0.13.0
context: ../..
dockerfile: docker/ipfs/Dockerfile
command: daemon --migrate=true
container_name: ${COMPOSE_PROJECT_NAME_USER}_ipfs
cpus: 0.5
environment:
- IPFS_PROFILE=${IPFS_PROFILE}
image: ${DOCKER_REPOSITORY_USER}/ipfs:${DOCKER_IMAGE_TAG}
labels:
- SERVICE_4001_CHECK_TCP=true
- SERVICE_4001_NAME=${COMPOSE_SERVICE_NAME_USER}-ipfs:4001
- SERVICE_5001_CHECK_TCP=true
- SERVICE_5001_NAME=${COMPOSE_SERVICE_NAME_USER}-ipfs:5001
- SERVICE_8080_CHECK_HTTP=/ipfs/QmYwAPJzv5CZsnA625s3Xf2nemtYgPpHdWEz79ojWnPbdG/readme
- SERVICE_8080_NAME=${COMPOSE_SERVICE_NAME_USER}-ipfs:8080
- SERVICE_8080_TAGS=${IPFS_SERVICE_8080_TAGS_USER}
- SERVICE_8081_IGNORE=true
networks:
- private
- public
ports:
- 4001
- 5001/tcp
- 8080/tcp
ulimits:
nofile:
soft: 65536
hard: 65536
volumes:
- ipfs:/data/ipfs:delegated
restart: always
volumes:
ipfs:
driver: local
driver_opts:
type: none
device: ${HOME}/.ipfs
o: bind
name: ${COMPOSE_PROJECT_NAME_USER}_ipfs
networks:
private:
external: true
name: ${DOCKER_NETWORK_PRIVATE}
public:
external: true
name: ${DOCKER_NETWORK_PUBLIC}

5
stack/ipfs.mk Normal file
View File

@ -0,0 +1,5 @@
.PHONY: bootstrap-stack-ipfs
bootstrap-stack-ipfs: ~/.ipfs
~/.ipfs:
mkdir -p ~/.ipfs

View File

@ -1 +1,4 @@
IPFS_ADDRESSES_API_DOMAIN=${DOCKER_NETWORK_PRIVATE}
IPFS_LOGGING=error
IPFS_SERVICE_8080_CHECK_TCP=/ipfs/QmYwAPJzv5CZsnA625s3Xf2nemtYgPpHdWEz79ojWnPbdG/readme
IPFS_SERVICE_8080_TAGS=urlprefix-ipfs.${APP_DOMAIN}/

View File

@ -6,11 +6,17 @@ services:
args:
- DOCKER_BUILD_DIR=docker/ipfs
- IPFS_VERSION=0.13.0
- UID=${UID}
context: ../..
dockerfile: docker/ipfs/Dockerfile
command: daemon --migrate=true
cpus: 0.5
environment:
- IPFS_ADDRESSES_API=${IPFS_ADDRESSES_API}
- IPFS_ADDRESSES_API_DOMAIN=${IPFS_ADDRESSES_API_DOMAIN}
- IPFS_ADDRESSES_API_INET4=${IPFS_ADDRESSES_API_INET4}
- IPFS_ADDRESSES_API_PORT=${IPFS_ADDRESSES_API_PORT}
- IPFS_LOGGING=${IPFS_LOGGING}
- IPFS_PROFILE=${IPFS_PROFILE}
image: ${DOCKER_REPOSITORY}/ipfs:${DOCKER_IMAGE_TAG}
labels:
@ -18,12 +24,13 @@ services:
- SERVICE_4001_NAME=${COMPOSE_SERVICE_NAME}-ipfs:4001
- SERVICE_5001_CHECK_TCP=true
- SERVICE_5001_NAME=${COMPOSE_SERVICE_NAME}-ipfs:5001
- SERVICE_8080_CHECK_HTTP=/ipfs/QmYwAPJzv5CZsnA625s3Xf2nemtYgPpHdWEz79ojWnPbdG/readme
- SERVICE_8080_CHECK_HTTP=${IPFS_SERVICE_8080_CHECK_TCP}
- SERVICE_8080_NAME=${COMPOSE_SERVICE_NAME}-ipfs:8080
- SERVICE_8080_TAGS=${IPFS_SERVICE_8080_TAGS}
- SERVICE_8081_IGNORE=true
networks:
- private
- public
ports:
- 4001
- 5001/tcp
@ -38,8 +45,16 @@ services:
volumes:
ipfs:
driver: local
driver_opts:
type: none
device: ${HOME}/.ipfs
o: bind
networks:
private:
external: true
name: ${DOCKER_NETWORK_PRIVATE}
public:
external: true
name: ${DOCKER_NETWORK_PUBLIC}

View File

@ -1,10 +1,14 @@
node ?= node/node node/ipfs
node ?= node/node
ENV_VARS += DOCKER_HOST_IFACE DOCKER_HOST_INET4 DOCKER_INTERNAL_DOCKER_HOST IPFS_PROFILE
IPFS_PROFILE ?= $(if $(filter-out amd64 x86_64,$(PROCESSOR_ARCHITECTURE)),lowpower,server)
# target node: Fire docker-network-create-% for DOCKER_NETWORK_PUBLIC node-ssl-certs stack-node-up
# target bootstrap-stack-node: Fire node-ssl-certs
.PHONY: bootstrap-stack-node
bootstrap-stack-node: docker-network-create-$(DOCKER_NETWORK_PUBLIC) node-ssl-certs
# target node: Fire stack-node-up
.PHONY: node
node: bootstrap-docker bootstrap-host stack-node-up
node: stack-node-up
# target node-%; Fire target stack-node-%
node-%: stack-node-%;

View File

@ -1 +1,4 @@
IPFS_ADDRESSES_API_DOMAIN_NODE=${DOCKER_NETWORK_PUBLIC}
IPFS_LOGGING_NODE=error
IPFS_SERVICE_8080_CHECK_TCP_NODE=/ipfs/QmYwAPJzv5CZsnA625s3Xf2nemtYgPpHdWEz79ojWnPbdG/readme
IPFS_SERVICE_8080_TAGS_NODE=urlprefix-ipfs.${DOMAIN}/

View File

@ -10,12 +10,13 @@ services:
dockerfile: docker/ipfs/Dockerfile
command: daemon --migrate=true
container_name: ${COMPOSE_PROJECT_NAME_NODE}_ipfs
cap_add:
- SYS_ADMIN # --mount
cpus: 0.5
devices:
- /dev/fuse:/dev/fuse # --mount
environment:
- IPFS_ADDRESSES_API=${IPFS_ADDRESSES_API_NODE}
- IPFS_ADDRESSES_API_DOMAIN=${IPFS_ADDRESSES_API_DOMAIN_NODE}
- IPFS_ADDRESSES_API_INET4=${IPFS_ADDRESSES_API_INET4_NODE}
- IPFS_ADDRESSES_API_PORT=${IPFS_ADDRESSES_API_PORT_NODE}
- IPFS_LOGGING=${IPFS_LOGGING_NODE}
- IPFS_PROFILE=${IPFS_PROFILE}
image: ${DOCKER_REPOSITORY_NODE}/ipfs:${DOCKER_IMAGE_TAG}
labels:
@ -23,7 +24,7 @@ services:
- SERVICE_4001_NAME=${COMPOSE_SERVICE_NAME_NODE}-ipfs:4001
- SERVICE_5001_CHECK_TCP=true
- SERVICE_5001_NAME=${COMPOSE_SERVICE_NAME_NODE}-ipfs:5001
- SERVICE_8080_CHECK_HTTP=/ipfs/QmYwAPJzv5CZsnA625s3Xf2nemtYgPpHdWEz79ojWnPbdG/readme
- SERVICE_8080_CHECK_HTTP=${IPFS_SERVICE_8080_CHECK_TCP_NODE}
- SERVICE_8080_NAME=${COMPOSE_SERVICE_NAME_NODE}-ipfs:8080
- SERVICE_8080_TAGS=${IPFS_SERVICE_8080_TAGS_NODE}
- SERVICE_8081_IGNORE=true
@ -33,8 +34,6 @@ services:
- 4001:4001
- 5001/tcp
- 8080/tcp
security_opt:
- apparmor:unconfined # --mount
ulimits:
nofile:
soft: 65536

View File

@ -7,6 +7,7 @@ services:
- DOCKER_BUILD_DIR=docker/theia
- GIT_AUTHOR_NAME=${GIT_AUTHOR_NAME}
- GIT_AUTHOR_EMAIL=${GIT_AUTHOR_EMAIL}
- UID=${UID}
context: ../..
dockerfile: docker/theia/Dockerfile
environment:

View File

@ -1,8 +1,14 @@
ifneq ($(filter zen,$(STACK)),)
ifeq ($(filter User/ipfs,$(STACK)),)
STACK += User/ipfs
ifeq ($(filter ipfs,$(STACK)),)
STACK += ipfs
endif
ifeq ($(filter User/ipfs,$(User)),)
User += User/ipfs
ifeq ($(filter node/ipfs,$(node)),)
node += node/ipfs
endif
endif
.PHONY: bootstrap-stack-zen
bootstrap-stack-zen: ~/.zen
~/.zen:
mkdir -p ~/.zen

View File

@ -26,7 +26,7 @@ services:
user: ${UID}:${GID}
volumes:
- astroport:${HOME}/astroport:cached
- ipfs:${HOME}/.ipfs:ro
- ipfs:${HOME}/.ipfs:cached,ro
- zen:${HOME}/.zen:delegated
- ssh-agent:/tmp/ssh-agent:ro
working_dir: ${HOME}/.zen
@ -35,7 +35,7 @@ volumes:
astroport:
ipfs:
external: true
name: ${COMPOSE_PROJECT_NAME_USER}_ipfs
name: ${COMPOSE_PROJECT_NAME}_ipfs
ssh-agent:
external: true
name: ${DOCKER_VOLUME}