more ipfs config
This commit is contained in:
parent
07a9729c73
commit
069713b923
|
@ -8,7 +8,7 @@ This is work in progress ;)
|
|||
|
||||
## Requirements
|
||||
|
||||
You need `git` and `make`.
|
||||
You need `docker`, `git` and `make`.
|
||||
|
||||
## Usage
|
||||
|
||||
|
@ -47,6 +47,8 @@ $ make shutdown
|
|||
$ make install
|
||||
```
|
||||
|
||||
Install myos on a server and manage server config with ansible.
|
||||
|
||||
### Variables
|
||||
|
||||
* DEBUG
|
||||
|
|
|
@ -11,12 +11,6 @@ set -e
|
|||
# Please inspect if changes impact go-ipfs users, and update expectedDefaultServiceLimits in rcmgr_defaults.go to remove this message
|
||||
# FATAL p2pnode libp2p/rcmgr_defaults.go:115 daemon will refuse to run with the resource manager until this is resolved
|
||||
|
||||
## Astroport.One
|
||||
ipfs config Pubsub.Router gossipsub
|
||||
ipfs config --json Experimental.Libp2pStreamMounting true
|
||||
ipfs config --json Experimental.P2pHttpProxy true
|
||||
ipfs config Addresses.Gateway "/ip4/0.0.0.0/tcp/8080"
|
||||
|
||||
## ipfs client needs API address
|
||||
# search for ip address of $(hostname).${IPFS_ADDRESSES_API_DOMAIN}
|
||||
[ -n "${IPFS_ADDRESSES_API_DOMAIN}" ] && [ -z "${IPFS_ADDRESSES_API_INET4}" ] \
|
||||
|
@ -28,5 +22,67 @@ echo "${IPFS_ADDRESSES_API_INET4}" |awk -F. '{ for ( i=1; i<=4; i++ ) if ($i >=
|
|||
|| unset IPFS_ADDRESSES_API_PORT
|
||||
ipfs config Addresses.Api "${IPFS_ADDRESSES_API:-/ip4/${IPFS_ADDRESSES_API_INET4:-127.0.0.1}/tcp/${IPFS_ADDRESSES_API_PORT:-5001}}"
|
||||
|
||||
## REMOVE IPFS BOOTSTRAP
|
||||
ipfs bootstrap rm --all
|
||||
## gateway address
|
||||
# search for ip address of $(hostname).${IPFS_ADDRESSES_GATEWAY_DOMAIN}
|
||||
[ -n "${IPFS_ADDRESSES_GATEWAY_DOMAIN}" ] && [ -z "${IPFS_ADDRESSES_GATEWAY_INET4}" ] \
|
||||
&& IPFS_ADDRESSES_GATEWAY_INET4=$(nslookup -type=A "$(hostname).${IPFS_ADDRESSES_GATEWAY_DOMAIN}" |awk 'found && /^Address:/ {print $2; found=0}; /^Name:\t'"$(hostname).${IPFS_ADDRESSES_GATEWAY_DOMAIN}"'/ {found=1};')
|
||||
# check ${IPFS_ADDRESSES_GATEWAY_INET4} format
|
||||
echo "${IPFS_ADDRESSES_GATEWAY_INET4}" |awk -F. '{ for ( i=1; i<=4; i++ ) if ($i >= 0 && $i <= 255); else exit 1;}; NF != 4 {exit 1;}' || unset IPFS_ADDRESSES_GATEWAY_INET4
|
||||
# check ${IPFS_ADDRESSES_GATEWAY_PORT} format
|
||||
[ "${IPFS_ADDRESSES_GATEWAY_PORT}" -eq "${IPFS_ADDRESSES_GATEWAY_PORT}" ] 2>/dev/null && [ "${IPFS_ADDRESSES_GATEWAY_PORT}" -ge 1 ] && [ "${IPFS_ADDRESSES_GATEWAY_PORT}" -le 65535 ] \
|
||||
|| unset IPFS_ADDRESSES_GATEWAY_PORT
|
||||
ipfs config Addresses.Gateway "${IPFS_ADDRESSES_GATEWAY:-/ip4/${IPFS_ADDRESSES_GATEWAY_INET4:-127.0.0.1}/tcp/${IPFS_ADDRESSES_GATEWAY_PORT:-8080}}"
|
||||
|
||||
## api http headers
|
||||
ipfs config --json API.HTTPHeaders "${IPFS_API_HTTPHEADERS:-{
|
||||
\"Access-Control-Allow-Credentials\": ${IPFS_API_HTTPHEADERS_ACA_CREDENTIALS:-null},
|
||||
\"Access-Control-Allow-Headers\": ${IPFS_API_HTTPHEADERS_ACA_HEADERS:-null},
|
||||
\"Access-Control-Allow-Methods\": ${IPFS_API_HTTPSHEADERS_ACA_METHODS:-null},
|
||||
\"Access-Control-Allow-Origin\": ${IPFS_API_HTTPHEADERS_ACA_ORIGIN:-null}
|
||||
}}"
|
||||
|
||||
## bootstrap
|
||||
[ -n "${IPFS_BOOTSTRAP}" ] && ipfs config --json Bootstrap "${IPFS_BOOTSTRAP}"
|
||||
|
||||
## storage
|
||||
# limit disk usage to 50 percent of disk size
|
||||
diskSize=$(df -P ${IPFS_PATH:-~/.ipfs} | awk 'NR>1{size+=$2}END{print size}')
|
||||
ipfs config Datastore.StorageMax "$((diskSize * ${IPFS_DISK_USAGE_PERCENT:-50/100}))"
|
||||
# garbage collector
|
||||
[ -n "${IPFS_DATASTORE_GCPERIOD}" ] && ipfs config Datastore.GCPeriod "${IPFS_DATASTORE_GCPERIOD}"
|
||||
|
||||
## experimental features
|
||||
[ -n "${IPFS_EXPERIMENTAL_ACCELERATEDDHTCLIENT}" ] && ipfs config --json Experimental.AcceleratedDHTClient "${IPFS_EXPERIMENTAL_ACCELERATEDDHTCLIENT}"
|
||||
[ -n "${IPFS_EXPERIMENTAL_FILESTOREENABLED}" ] && ipfs config --json Experimental.FilestoreEnabled "${IPFS_EXPERIMENTAL_FILESTOREENABLED}"
|
||||
[ -n "${IPFS_EXPERIMENTAL_GRAPHSYNCENABLED}" ] && ipfs config --json Experimental.GraphsyncEnabled "${IPFS_EXPERIMENTAL_GRAPHSYNCENABLED}"
|
||||
[ -n "${IPFS_EXPERIMENTAL_LIBP2PSTREAMMOUNTING}" ] && ipfs config --json Experimental.Libp2pStreamMounting "${IPFS_EXPERIMENTAL_LIBP2PSTREAMMOUNTING}"
|
||||
[ -n "${IPFS_EXPERIMENTAL_P2PHTTPPROXY}" ] && ipfs config --json Experimental.P2pHttpProxy "${IPFS_EXPERIMENTAL_P2PHTTPPROXY}"
|
||||
[ -n "${IPFS_EXPERIMENTAL_STRATEGICPROVIDING}" ] && ipfs config --json Experimental.StrategicProviding "${IPFS_EXPERIMENTAL_STRATEGICPROVIDING}"
|
||||
[ -n "${IPFS_EXPERIMENTAL_URLSTOREENABLED}" ] && ipfs config --json Experimental.UrlstoreEnabled "${IPFS_EXPERIMENTAL_URLSTOREENABLED}"
|
||||
|
||||
## api http headers
|
||||
ipfs config --json Gateway.HTTPHeaders "${IPFS_GATEWAY_HTTPHEADERS:-{
|
||||
\"Access-Control-Allow-Credentials\": ${IPFS_GATEWAY_HTTPHEADERS_ACA_CREDENTIALS:-null},
|
||||
\"Access-Control-Allow-Headers\": ${IPFS_GATEWAY_HTTPHEADERS_ACA_HEADERS:-[ \"X-Requested-With\", \"Range\", \"User-Agent\" ]},
|
||||
\"Access-Control-Allow-Methods\": ${IPFS_GATEWAY_HTTPSHEADERS_ACA_METHODS:-[ \"GET\" ]},
|
||||
\"Access-Control-Allow-Origin\": ${IPFS_GATEWAY_HTTPHEADERS_ACA_ORIGIN:-[ \"*\" ]}
|
||||
}}"
|
||||
|
||||
## ipns
|
||||
[ -n "${IPFS_IPNS_REPUBLISHPERIOD}" ] && ipfs config Ipns.RepublishPeriod "${IPFS_IPNS_REPUBLISHPERIOD}"
|
||||
[ -n "${IPFS_IPNS_RECORDLIFETIME}" ] && ipfs config Ipns.RecordLifetime "${IPFS_IPNS_RECORDLIFETIME}"
|
||||
[ -n "${IPFS_IPNS_USEPUBSUB}" ] && ipfs config --json Ipns.UsePubsub "${IPFS_IPNS_USEPUBSUB}"
|
||||
|
||||
## dht pubsub mode
|
||||
[ -n "${IPFS_PUBSUB_ENABLE}" ] && ipfs config --json Pubsub.Enabled "${IPFS_PUBSUB_ENABLE}"
|
||||
[ -n "${IPFS_PUBSUB_ROUTER}" ] && ipfs config Pubsub.Router "${IPFS_PUBSUB_ROUTER}"
|
||||
|
||||
## routing
|
||||
[ -n "${IPFS_ROUTING_TYPE}" ] && ipfs config Routing.Type "${IPFS_ROUTING_TYPE}"
|
||||
|
||||
## swarm config
|
||||
[ -n "${IPFS_SWARM_CONNMGR_LOWWATER}" ] && ipfs config --json Swarm.ConnMgr.LowWater "${IPFS_SWARM_CONNMGR_LOWWATER}"
|
||||
[ -n "${IPFS_SWARM_CONNMGR_HIGHWATER}" ] && ipfs config --json Swarm.ConnMgr.HighWater "${IPFS_SWARM_CONNMGR_HIGHWATER}"
|
||||
|
||||
## REMOVE IPFS BOOTSTRAP for private usage
|
||||
[ ${IPFS_NETWORK:-public} = "public" ] || ipfs bootstrap rm --all
|
||||
|
|
|
@ -61,13 +61,13 @@ endif
|
|||
define docker-compose
|
||||
$(call INFO,docker-compose,$(1))
|
||||
$(if $(DOCKER_RUN),$(call docker-build,$(MYOS)/docker/compose,docker/compose:$(COMPOSE_VERSION)))
|
||||
$(if $(COMPOSE_FILE),$(call run,$(DOCKER_COMPOSE) $(patsubst %,-f %,$(COMPOSE_FILE)) -p $(if $(filter node,$(firstword $(subst /, ,$(STACK)))),$(COMPOSE_PROJECT_NAME_NODE),$(if $(filter User,$(firstword $(subst /, ,$(STACK)))),$(COMPOSE_PROJECT_NAME_USER),$(COMPOSE_PROJECT_NAME))) $(1)))
|
||||
$(if $(COMPOSE_FILE),$(call run,$(DOCKER_COMPOSE) $(patsubst %,-f %,$(COMPOSE_FILE)) -p $(if $(filter node,$(firstword $(subst /, ,$(STACK)))),$(NODE_COMPOSE_PROJECT_NAME),$(if $(filter User,$(firstword $(subst /, ,$(STACK)))),$(USER_COMPOSE_PROJECT_NAME),$(COMPOSE_PROJECT_NAME))) $(1)))
|
||||
endef
|
||||
# function docker-compose-exec: Run docker-compose-exec with arg 2 in service 1
|
||||
define docker-compose-exec
|
||||
$(call INFO,docker-compose-exec,$(1)$(comma) $(2))
|
||||
$(if $(DOCKER_RUN),$(call docker-build,$(MYOS)/docker/compose,docker/compose:$(COMPOSE_VERSION)))
|
||||
$(if $(COMPOSE_FILE),$(call run,$(DOCKER_COMPOSE) $(patsubst %,-f %,$(COMPOSE_FILE)) -p $(if $(filter node,$(firstword $(subst /, ,$(STACK)))),$(COMPOSE_PROJECT_NAME_NODE),$(if $(filter User,$(firstword $(subst /, ,$(STACK)))),$(COMPOSE_PROJECT_NAME_USER),$(COMPOSE_PROJECT_NAME))) exec -T $(1) sh -c '$(2)'))
|
||||
$(if $(COMPOSE_FILE),$(call run,$(DOCKER_COMPOSE) $(patsubst %,-f %,$(COMPOSE_FILE)) -p $(if $(filter node,$(firstword $(subst /, ,$(STACK)))),$(NODE_COMPOSE_PROJECT_NAME),$(if $(filter User,$(firstword $(subst /, ,$(STACK)))),$(USER_COMPOSE_PROJECT_NAME),$(COMPOSE_PROJECT_NAME))) exec -T $(1) sh -c '$(2)'))
|
||||
endef
|
||||
# function docker-build: Build docker image
|
||||
define docker-build
|
||||
|
|
|
@ -9,7 +9,7 @@ docker-build: docker-images-myos
|
|||
# target docker-build-%: Call docker-build for each Dockerfile in docker/% folder
|
||||
.PHONY: docker-build-%
|
||||
docker-build-%:
|
||||
if grep -q DOCKER_REPOSITORY docker/$*/Dockerfile 2>/dev/null; then $(eval DOCKER_BUILD_ARGS:=$(subst $(DOCKER_REPOSITORY),$(DOCKER_REPOSITORY_USER),$(DOCKER_BUILD_ARGS))) true; fi
|
||||
if grep -q DOCKER_REPOSITORY docker/$*/Dockerfile 2>/dev/null; then $(eval DOCKER_BUILD_ARGS:=$(subst $(DOCKER_REPOSITORY),$(USER_DOCKER_REPOSITORY),$(DOCKER_BUILD_ARGS))) true; fi
|
||||
$(if $(wildcard docker/$*/Dockerfile),$(call docker-build,docker/$*))
|
||||
$(if $(findstring :,$*),$(eval DOCKERFILES := $(wildcard docker/$(subst :,/,$*)/Dockerfile)),$(eval DOCKERFILES := $(wildcard docker/$*/*/Dockerfile)))
|
||||
$(foreach dockerfile,$(DOCKERFILES),$(call docker-build,$(dir $(dockerfile)),$(DOCKER_REPOSITORY)/$(word 2,$(subst /, ,$(dir $(dockerfile)))):$(lastword $(subst /, ,$(dir $(dockerfile)))),"") && true)
|
||||
|
|
|
@ -1,17 +1,11 @@
|
|||
COMPOSE_PROJECT_NAME_NODE ?= node
|
||||
COMPOSE_PROJECT_NAME_USER ?= $(USER)_$(ENV)
|
||||
COMPOSE_SERVICE_NAME_NODE ?= $(subst _,-,$(COMPOSE_PROJECT_NAME_NODE))
|
||||
COMPOSE_SERVICE_NAME_USER ?= $(subst _,-,$(COMPOSE_PROJECT_NAME_USER))
|
||||
DOCKER_ENV_ARGS ?= $(docker_env_args)
|
||||
DOCKER_EXEC_OPTIONS ?=
|
||||
DOCKER_GID ?= $(call gid,docker)
|
||||
DOCKER_IMAGE ?= $(DOCKER_REPOSITORY_USER)/myos
|
||||
DOCKER_NAME ?= $(COMPOSE_PROJECT_NAME_USER)_myos
|
||||
DOCKER_IMAGE ?= $(USER_DOCKER_REPOSITORY)/myos:${DOCKER_IMAGE_TAG}
|
||||
DOCKER_NAME ?= $(USER_COMPOSE_PROJECT_NAME)_myos
|
||||
DOCKER_NETWORK ?= $(DOCKER_NETWORK_PRIVATE)
|
||||
DOCKER_NETWORK_PRIVATE ?= $(COMPOSE_PROJECT_NAME_USER)
|
||||
DOCKER_NETWORK_PUBLIC ?= $(COMPOSE_PROJECT_NAME_NODE)
|
||||
DOCKER_REPOSITORY_USER ?= $(subst -,/,$(subst _,/,$(COMPOSE_PROJECT_NAME_USER)))
|
||||
DOCKER_REPOSITORY_NODE ?= $(subst -,/,$(subst _,/,$(COMPOSE_PROJECT_NAME_NODE)))
|
||||
DOCKER_NETWORK_PRIVATE ?= $(USER_COMPOSE_PROJECT_NAME)
|
||||
DOCKER_NETWORK_PUBLIC ?= $(NODE_COMPOSE_PROJECT_NAME)
|
||||
# DOCKER_RUN: if empty, run system command, else run it in a docker
|
||||
DOCKER_RUN ?= $(if $(filter-out false False FALSE,$(DOCKER)),$(DOCKER))
|
||||
# DOCKER_RUN_OPTIONS: default options of `docker run` command
|
||||
|
@ -19,8 +13,14 @@ DOCKER_RUN_OPTIONS += --rm
|
|||
# DOCKER_RUN_VOLUME: options -v of `docker run` command to mount additionnal volumes
|
||||
DOCKER_RUN_VOLUME += -v /var/run/docker.sock:/var/run/docker.sock
|
||||
DOCKER_RUN_WORKDIR ?= -w $(PWD)
|
||||
DOCKER_VOLUME ?= $(COMPOSE_PROJECT_NAME_USER)_myos
|
||||
ENV_VARS += COMPOSE_PROJECT_NAME_NODE COMPOSE_PROJECT_NAME_USER COMPOSE_SERVICE_NAME_NODE COMPOSE_SERVICE_NAME_USER DOCKER_IMAGE DOCKER_NAME DOCKER_NETWORK_PRIVATE DOCKER_NETWORK_PUBLIC DOCKER_REPOSITORY_USER DOCKER_REPOSITORY_NODE DOCKER_VOLUME
|
||||
DOCKER_VOLUME ?= $(USER_COMPOSE_PROJECT_NAME)_myos
|
||||
ENV_VARS += NODE_COMPOSE_PROJECT_NAME USER_COMPOSE_PROJECT_NAME NODE_COMPOSE_SERVICE_NAME USER_COMPOSE_SERVICE_NAME DOCKER_IMAGE DOCKER_NAME DOCKER_NETWORK_PRIVATE DOCKER_NETWORK_PUBLIC USER_DOCKER_REPOSITORY NODE_DOCKER_REPOSITORY DOCKER_VOLUME
|
||||
NODE_COMPOSE_PROJECT_NAME ?= node
|
||||
NODE_COMPOSE_SERVICE_NAME ?= $(subst _,-,$(NODE_COMPOSE_PROJECT_NAME))
|
||||
NODE_DOCKER_REPOSITORY ?= $(subst -,/,$(subst _,/,$(NODE_COMPOSE_PROJECT_NAME)))
|
||||
USER_COMPOSE_PROJECT_NAME ?= $(USER)_$(ENV)
|
||||
USER_COMPOSE_SERVICE_NAME ?= $(subst _,-,$(USER_COMPOSE_PROJECT_NAME))
|
||||
USER_DOCKER_REPOSITORY ?= $(subst -,/,$(subst _,/,$(USER_COMPOSE_PROJECT_NAME)))
|
||||
|
||||
# https://github.com/docker/libnetwork/pull/2348
|
||||
ifeq ($(OPERATING_SYSTEM),Darwin)
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
MYOS_RC_PROMPT_SET=true
|
||||
MYOS_RC_PS1_SET=true
|
||||
MYOS_RC_SCREEN_ATTACH=true
|
||||
MYOS_RC_SOURCE=/etc/profile.d/rc_functions.sh
|
||||
MYOS_RC_SSH_ADD=true
|
||||
MYOS_RC_TMUX_ATTACH=false
|
||||
USER_MYOS_RC_PROMPT_SET=true
|
||||
USER_MYOS_RC_PS1_SET=true
|
||||
USER_MYOS_RC_SCREEN_ATTACH=true
|
||||
USER_MYOS_RC_SOURCE=/etc/profile.d/rc_functions.sh
|
||||
USER_MYOS_RC_SSH_ADD=true
|
||||
USER_MYOS_RC_TMUX_ATTACH=false
|
||||
|
|
|
@ -20,14 +20,14 @@ services:
|
|||
container_name: ${DOCKER_NAME}
|
||||
environment:
|
||||
- ENV=${ENV}
|
||||
- RC_00_SOURCE=${MYOS_RC_SOURCE}
|
||||
- RC_01_PS1_SET=${MYOS_RC_PS1_SET}
|
||||
- RC_02_PROMPT_SET=${MYOS_RC_PROMPT_SET}
|
||||
- RC_03_SSH_ADD=${MYOS_RC_SSH_ADD}
|
||||
- RC_04_TMUX_ATTACH=${MYOS_RC_TMUX_ATTACH}
|
||||
- RC_05_SCREEN_ATTACH=${MYOS_RC_SCREEN_ATTACH}
|
||||
- RC_00_SOURCE=${USER_MYOS_RC_SOURCE}
|
||||
- RC_01_PS1_SET=${USER_MYOS_RC_PS1_SET}
|
||||
- RC_02_PROMPT_SET=${USER_MYOS_RC_PROMPT_SET}
|
||||
- RC_03_SSH_ADD=${USER_MYOS_RC_SSH_ADD}
|
||||
- RC_04_TMUX_ATTACH=${USER_MYOS_RC_TMUX_ATTACH}
|
||||
- RC_05_SCREEN_ATTACH=${USER_MYOS_RC_SCREEN_ATTACH}
|
||||
- SHELL=${DOCKER_SHELL}
|
||||
image: ${DOCKER_IMAGE}:${DOCKER_IMAGE_TAG}
|
||||
image: ${DOCKER_IMAGE}
|
||||
networks:
|
||||
- private
|
||||
restart: always
|
||||
|
|
|
@ -1,4 +1,9 @@
|
|||
IPFS_ADDRESSES_API_DOMAIN=${DOCKER_NETWORK_PRIVATE}
|
||||
IPFS_ADDRESSES_GATEWAY_INET4=0.0.0.0
|
||||
IPFS_IPNS_USEPUBSUB=true
|
||||
IPFS_LOGGING=error
|
||||
IPFS_PUBSUB_ENABLE=true
|
||||
IPFS_PUBSUB_ROUTER=gossipsub
|
||||
IPFS_ROUTING_TYPE=dht
|
||||
IPFS_SERVICE_8080_CHECK_TCP=/ipfs/QmYwAPJzv5CZsnA625s3Xf2nemtYgPpHdWEz79ojWnPbdG/readme
|
||||
IPFS_SERVICE_8080_TAGS=urlprefix-ipfs.${APP_DOMAIN}/
|
||||
|
|
|
@ -9,15 +9,42 @@ services:
|
|||
- UID=${UID}
|
||||
context: ../..
|
||||
dockerfile: docker/ipfs/Dockerfile
|
||||
command: daemon --migrate=true
|
||||
command: daemon --agent-version-suffix=${COMPOSE_PROJECT_NAME} --enable-gc --migrate
|
||||
cpus: 0.5
|
||||
environment:
|
||||
- IPFS_ADDRESSES_API=${IPFS_ADDRESSES_API}
|
||||
- IPFS_ADDRESSES_API_DOMAIN=${IPFS_ADDRESSES_API_DOMAIN}
|
||||
- IPFS_ADDRESSES_API_INET4=${IPFS_ADDRESSES_API_INET4}
|
||||
- IPFS_ADDRESSES_API_PORT=${IPFS_ADDRESSES_API_PORT}
|
||||
- IPFS_ADDRESSES_GATEWAY=${IPFS_ADDRESSES_GATEWAY}
|
||||
- IPFS_ADDRESSES_GATEWAY_DOMAIN=${IPFS_ADDRESSES_GATEWAY_DOMAIN}
|
||||
- IPFS_ADDRESSES_GATEWAY_INET4=${IPFS_ADDRESSES_GATEWAY_INET4}
|
||||
- IPFS_ADDRESSES_GATEWAY_PORT=${IPFS_ADDRESSES_GATEWAY_PORT}
|
||||
- IPFS_API_HTTPHEADERS=${IPFS_API_HTTPHEADERS}
|
||||
- IPFS_API_HTTPHEADERS_ACA_CREDENTIALS=${IPFS_API_HTTPHEADERS_ACA_CREDENTIALS}
|
||||
- IPFS_API_HTTPHEADERS_ACA_HEADERS=${IPFS_API_HTTPHEADERS_ACA_HEADERS}
|
||||
- IPFS_API_HTTPHEADERS_ACA_METHODS=${IPFS_API_HTTPHEADERS_ACA_METHODS}
|
||||
- IPFS_API_HTTPHEADERS_ACA_ORIGIN=${IPFS_API_HTTPHEADERS_ACA_ORIGIN}
|
||||
- IPFS_BOOTSTRAP=${IPFS_BOOTSTRAP}
|
||||
- IPFS_DATASTORE_GCPERIOD=${IPFS_DATASTORE_GCPERIOD}
|
||||
- IPFS_DISK_USAGE_PERCENT=${IPFS_DISK_USAGE_PERCENT}
|
||||
- IPFS_EXPERIMENTAL_ACCELERATEDDHTCLIENT=${IPFS_EXPERIMENTAL_ACCELERATEDDHTCLIENT}
|
||||
- IPFS_EXPERIMENTAL_FILESTOREENABLED=${IPFS_EXPERIMENTAL_FILESTOREENABLED}
|
||||
- IPFS_EXPERIMENTAL_GRAPHSYNCENABLED=${IPFS_EXPERIMENTAL_GRAPHSYNCENABLED}
|
||||
- IPFS_EXPERIMENTAL_LIBP2PSTREAMMOUNTING=${IPFS_EXPERIMENTAL_LIBP2PSTREAMMOUNTING}
|
||||
- IPFS_EXPERIMENTAL_P2PHTTPPROXY=${IPFS_EXPERIMENTAL_P2PHTTPPROXY}
|
||||
- IPFS_EXPERIMENTAL_STRATEGICPROVIDING=${IPFS_EXPERIMENTAL_STRATEGICPROVIDING}
|
||||
- IPFS_EXPERIMENTAL_URLSTOREENABLED=${IPFS_EXPERIMENTAL_URLSTOREENABLED}
|
||||
- IPFS_IPNS_REPUBLISHPERIOD=${IPFS_IPNS_REPUBLISHPERIOD}
|
||||
- IPFS_IPNS_RECORDLIFETIME=${IPFS_IPNS_RECORDLIFETIME}
|
||||
- IPFS_IPNS_USEPUBSUB=${IPFS_IPNS_USEPUBSUB}
|
||||
- IPFS_LOGGING=${IPFS_LOGGING}
|
||||
- IPFS_PROFILE=${IPFS_PROFILE}
|
||||
- IPFS_PUBSUB_ENABLE=${IPFS_PUBSUB_ENABLE}
|
||||
- IPFS_PUBSUB_ROUTER=${IPFS_PUBSUB_ROUTER}
|
||||
- IPFS_ROUTING_TYPE=${IPFS_ROUTING_TYPE}
|
||||
- IPFS_SWARM_CONNMGR_HIGHWATER=${IPFS_SWARM_CONNMGR_HIGHWATER}
|
||||
- IPFS_SWARM_CONNMGR_LOWWATER=${IPFS_SWARM_CONNMGR_LOWWATER}
|
||||
image: ${DOCKER_REPOSITORY}/ipfs:${DOCKER_IMAGE_TAG}
|
||||
labels:
|
||||
- SERVICE_4001_CHECK_TCP=true
|
||||
|
@ -35,13 +62,13 @@ services:
|
|||
- 4001
|
||||
- 5001/tcp
|
||||
- 8080/tcp
|
||||
restart: always
|
||||
ulimits:
|
||||
nofile:
|
||||
soft: 65536
|
||||
hard: 65536
|
||||
volumes:
|
||||
- ipfs:/data/ipfs:delegated
|
||||
restart: always
|
||||
|
||||
volumes:
|
||||
ipfs:
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
node ?= node/node
|
||||
node ?= node/node node/portainer
|
||||
ENV_VARS += DOCKER_HOST_IFACE DOCKER_HOST_INET4 DOCKER_INTERNAL_DOCKER_HOST IPFS_PROFILE
|
||||
IPFS_PROFILE ?= $(if $(filter-out amd64 x86_64,$(PROCESSOR_ARCHITECTURE)),lowpower,server)
|
||||
|
||||
|
@ -16,8 +16,8 @@ node-%: stack-node-%;
|
|||
# target node-ssl-certs: Create ${DOMAIN}.key.pem and ${DOMAIN}.crt.pem files
|
||||
.PHONY: node-ssl-certs
|
||||
node-ssl-certs:
|
||||
docker run --rm --mount source=$(COMPOSE_PROJECT_NAME_NODE)_ssl-certs,target=/certs alpine [ -f /certs/$(DOMAIN).crt.pem -a -f /certs/$(DOMAIN).key.pem ] \
|
||||
|| $(RUN) docker run --rm -e DOMAIN=$(DOMAIN) --mount source=$(COMPOSE_PROJECT_NAME_NODE)_ssl-certs,target=/certs alpine sh -c "\
|
||||
docker run --rm --mount source=$(NODE_COMPOSE_PROJECT_NAME)_ssl-certs,target=/certs alpine [ -f /certs/$(DOMAIN).crt.pem -a -f /certs/$(DOMAIN).key.pem ] \
|
||||
|| $(RUN) docker run --rm -e DOMAIN=$(DOMAIN) --mount source=$(NODE_COMPOSE_PROJECT_NAME)_ssl-certs,target=/certs alpine sh -c "\
|
||||
apk --no-cache add openssl \
|
||||
&& { [ -f /certs/${DOMAIN}.key.pem ] || openssl genrsa -out /certs/${DOMAIN}.key.pem 2048; } \
|
||||
&& openssl req -key /certs/${DOMAIN}.key.pem -out /certs/${DOMAIN}.crt.pem \
|
||||
|
|
|
@ -1,7 +1,4 @@
|
|||
CONSUL_ACL_TOKENS_MASTER=01234567-89AB-CDEF-0123-456789ABCDEF
|
||||
CONSUL_CONSUL_HTTP_TOKEN=01234567-89AB-CDEF-0123-456789ABCDEF
|
||||
CONSUL_SERVICE_8500_TAGS=urlprefix-consul.${DOMAIN}/
|
||||
FABIO_CONSUL_HTTP_TOKEN=01234567-89AB-CDEF-0123-456789ABCDEF
|
||||
FABIO_SERVICE_9998_TAGS=urlprefix-fabio.${DOMAIN}/
|
||||
PORTAINER_SERVICE_9000_TAGS=urlprefix-portainer.${DOMAIN}/
|
||||
REGISTRATOR_CONSUL_HTTP_TOKEN=01234567-89AB-CDEF-0123-456789ABCDEF
|
||||
NODE_CONSUL_ACL_TOKENS_MASTER=01234567-89AB-CDEF-0123-456789ABCDEF
|
||||
NODE_CONSUL_HTTP_TOKEN=01234567-89AB-CDEF-0123-456789ABCDEF
|
||||
NODE_CONSUL_SERVICE_8500_TAGS=urlprefix-consul.${DOMAIN}/
|
||||
NODE_FABIO_SERVICE_9998_TAGS=urlprefix-fabio.${DOMAIN}/
|
||||
|
|
|
@ -1,2 +1,2 @@
|
|||
CADVISOR_EXPORTER_SERVICE_8080_TAGS=urlprefix-cadvisor-exporter.${DOMAIN}/
|
||||
NODE_CADVISOR_EXPORTER_SERVICE_8080_TAGS=urlprefix-cadvisor-exporter.${DOMAIN}/
|
||||
NODE_EXPORTER_SERVICE_9100_TAGS=urlprefix-node-exporter.${DOMAIN}/
|
||||
|
|
|
@ -2,13 +2,13 @@ version: '3.6'
|
|||
|
||||
services:
|
||||
cadvisor-exporter:
|
||||
container_name: ${COMPOSE_PROJECT_NAME_NODE}_cadvisor-exporter
|
||||
container_name: ${NODE_COMPOSE_PROJECT_NAME}_cadvisor-exporter
|
||||
hostname: ${HOSTNAME}
|
||||
image: google/cadvisor:latest
|
||||
labels:
|
||||
- SERVICE_8080_CHECK_TCP=true
|
||||
- SERVICE_8080_NAME=${COMPOSE_SERVICE_NAME_NODE}-cadvisor-exporter:8080
|
||||
- SERVICE_8080_TAGS=${CADVISOR_SERVICE_EXPORTER_8080_TAGS}
|
||||
- SERVICE_8080_NAME=${NODE_COMPOSE_SERVICE_NAME}-cadvisor-exporter:8080
|
||||
- SERVICE_8080_TAGS=${NODE_CADVISOR_EXPORTER_SERVICE_8080_TAGS}
|
||||
- SERVICE_9200_IGNORE=true
|
||||
networks:
|
||||
- public
|
||||
|
@ -26,13 +26,13 @@ services:
|
|||
- "^/(sys|proc|dev|host|etc|rootfs/var/lib/docker/containers|rootfs/var/lib/docker/overlay2|rootfs/run/docker/netns|rootfs/var/lib/docker/aufs)($$|/)"
|
||||
- '--path.procfs=/host/proc'
|
||||
- '--path.sysfs=/host/sys'
|
||||
container_name: ${COMPOSE_PROJECT_NAME_NODE}_node-exporter
|
||||
container_name: ${NODE_COMPOSE_PROJECT_NAME}_node-exporter
|
||||
hostname: ${HOSTNAME}
|
||||
image: prom/node-exporter:latest
|
||||
labels:
|
||||
- SERVICE_9100_CHECK_TCP=true
|
||||
- SERVICE_9100_NAME=${COMPOSE_SERVICE_NAME_NODE}-node-exporter:9100
|
||||
- SERVICE_9100_TAGS=${SERVICE_NODE_EXPORTER_HTTP_TAGS}
|
||||
- SERVICE_9100_NAME=${NODE_COMPOSE_SERVICE_NAME}-node-exporter:9100
|
||||
- SERVICE_9100_TAGS=${NODE_EXPORTER_SERVICE_9100_TAGS}
|
||||
networks:
|
||||
- public
|
||||
ports:
|
||||
|
|
|
@ -1,4 +1,9 @@
|
|||
IPFS_ADDRESSES_API_DOMAIN_NODE=${DOCKER_NETWORK_PUBLIC}
|
||||
IPFS_LOGGING_NODE=error
|
||||
IPFS_SERVICE_8080_CHECK_TCP_NODE=/ipfs/QmYwAPJzv5CZsnA625s3Xf2nemtYgPpHdWEz79ojWnPbdG/readme
|
||||
IPFS_SERVICE_8080_TAGS_NODE=urlprefix-ipfs.${DOMAIN}/
|
||||
NODE_IPFS_ADDRESSES_API_DOMAIN=${DOCKER_NETWORK_PUBLIC}
|
||||
NODE_IPFS_ADDRESSES_GATEWAY_INET4=0.0.0.0
|
||||
NODE_IPFS_IPNS_USEPUBSUB=true
|
||||
NODE_IPFS_LOGGING=error
|
||||
NODE_IPFS_PUBSUB_ENABLE=true
|
||||
NODE_IPFS_PUBSUB_ROUTER=gossipsub
|
||||
NODE_IPFS_ROUTING_TYPE=dht
|
||||
NODE_IPFS_SERVICE_8080_CHECK_TCP=/ipfs/QmYwAPJzv5CZsnA625s3Xf2nemtYgPpHdWEz79ojWnPbdG/readme
|
||||
NODE_IPFS_SERVICE_8080_TAGS=urlprefix-ipfs.${DOMAIN}/
|
||||
|
|
|
@ -8,25 +8,52 @@ services:
|
|||
- IPFS_VERSION=0.13.0
|
||||
context: ../..
|
||||
dockerfile: docker/ipfs/Dockerfile
|
||||
command: daemon --migrate=true
|
||||
container_name: ${COMPOSE_PROJECT_NAME_NODE}_ipfs
|
||||
command: daemon --agent-version-suffix=${NODE_COMPOSE_PROJECT_NAME} --enable-gc --migrate
|
||||
container_name: ${NODE_COMPOSE_PROJECT_NAME}_ipfs
|
||||
cpus: 0.5
|
||||
environment:
|
||||
- IPFS_ADDRESSES_API=${IPFS_ADDRESSES_API_NODE}
|
||||
- IPFS_ADDRESSES_API_DOMAIN=${IPFS_ADDRESSES_API_DOMAIN_NODE}
|
||||
- IPFS_ADDRESSES_API_INET4=${IPFS_ADDRESSES_API_INET4_NODE}
|
||||
- IPFS_ADDRESSES_API_PORT=${IPFS_ADDRESSES_API_PORT_NODE}
|
||||
- IPFS_LOGGING=${IPFS_LOGGING_NODE}
|
||||
- IPFS_ADDRESSES_API=${NODE_IPFS_ADDRESSES_API}
|
||||
- IPFS_ADDRESSES_API_DOMAIN=${NODE_IPFS_ADDRESSES_API_DOMAIN}
|
||||
- IPFS_ADDRESSES_API_INET4=${NODE_IPFS_ADDRESSES_API_INET4}
|
||||
- IPFS_ADDRESSES_API_PORT=${NODE_IPFS_ADDRESSES_API_PORT}
|
||||
- IPFS_ADDRESSES_GATEWAY=${NODE_IPFS_ADDRESSES_GATEWAY}
|
||||
- IPFS_ADDRESSES_GATEWAY_DOMAIN=${NODE_IPFS_ADDRESSES_GATEWAY_DOMAIN}
|
||||
- IPFS_ADDRESSES_GATEWAY_INET4=${NODE_IPFS_ADDRESSES_GATEWAY_INET4}
|
||||
- IPFS_ADDRESSES_GATEWAY_PORT=${NODE_IPFS_ADDRESSES_GATEWAY_PORT}
|
||||
- IPFS_API_HTTPHEADERS=${NODE_IPFS_API_HTTPHEADERS}
|
||||
- IPFS_API_HTTPHEADERS_ACA_CREDENTIALS=${NODE_IPFS_API_HTTPHEADERS_ACA_CREDENTIALS}
|
||||
- IPFS_API_HTTPHEADERS_ACA_HEADERS=${NODE_IPFS_API_HTTPHEADERS_ACA_HEADERS}
|
||||
- IPFS_API_HTTPHEADERS_ACA_METHODS=${NODE_IPFS_API_HTTPHEADERS_ACA_METHODS}
|
||||
- IPFS_API_HTTPHEADERS_ACA_ORIGIN=${NODE_IPFS_API_HTTPHEADERS_ACA_ORIGIN}
|
||||
- IPFS_BOOTSTRAP=${NODE_IPFS_BOOTSTRAP}
|
||||
- IPFS_DATASTORE_GCPERIOD=${NODE_IPFS_DATASTORE_GCPERIOD}
|
||||
- IPFS_DISK_USAGE_PERCENT=${NODE_IPFS_DISK_USAGE_PERCENT}
|
||||
- IPFS_EXPERIMENTAL_ACCELERATEDDHTCLIENT=${NODE_IPFS_EXPERIMENTAL_ACCELERATEDDHTCLIENT}
|
||||
- IPFS_EXPERIMENTAL_FILESTOREENABLED=${NODE_IPFS_EXPERIMENTAL_FILESTOREENABLED}
|
||||
- IPFS_EXPERIMENTAL_GRAPHSYNCENABLED=${NODE_IPFS_EXPERIMENTAL_GRAPHSYNCENABLED}
|
||||
- IPFS_EXPERIMENTAL_LIBP2PSTREAMMOUNTING=${NODE_IPFS_EXPERIMENTAL_LIBP2PSTREAMMOUNTING}
|
||||
- IPFS_EXPERIMENTAL_P2PHTTPPROXY=${NODE_IPFS_EXPERIMENTAL_P2PHTTPPROXY}
|
||||
- IPFS_EXPERIMENTAL_STRATEGICPROVIDING=${NODE_IPFS_EXPERIMENTAL_STRATEGICPROVIDING}
|
||||
- IPFS_EXPERIMENTAL_URLSTOREENABLED=${NODE_IPFS_EXPERIMENTAL_URLSTOREENABLED}
|
||||
- IPFS_IPNS_REPUBLISHPERIOD=${NODE_IPFS_IPNS_REPUBLISHPERIOD}
|
||||
- IPFS_IPNS_RECORDLIFETIME=${NODE_IPFS_IPNS_RECORDLIFETIME}
|
||||
- IPFS_IPNS_USEPUBSUB=${NODE_IPFS_IPNS_USEPUBSUB}
|
||||
- IPFS_LOGGING=${NODE_IPFS_LOGGING}
|
||||
- IPFS_PROFILE=${IPFS_PROFILE}
|
||||
image: ${DOCKER_REPOSITORY_NODE}/ipfs:${DOCKER_IMAGE_TAG}
|
||||
- IPFS_PUBSUB_ENABLE=${NODE_IPFS_PUBSUB_ENABLE}
|
||||
- IPFS_PUBSUB_ROUTER=${NODE_IPFS_PUBSUB_ROUTER}
|
||||
- IPFS_ROUTING_TYPE=${NODE_IPFS_ROUTING_TYPE}
|
||||
- IPFS_SWARM_CONNMGR_HIGHWATER=${NODE_IPFS_SWARM_CONNMGR_HIGHWATER}
|
||||
- IPFS_SWARM_CONNMGR_LOWWATER=${NODE_IPFS_SWARM_CONNMGR_LOWWATER}
|
||||
image: ${NODE_DOCKER_REPOSITORY}/ipfs:${DOCKER_IMAGE_TAG}
|
||||
labels:
|
||||
- SERVICE_4001_CHECK_TCP=true
|
||||
- SERVICE_4001_NAME=${COMPOSE_SERVICE_NAME_NODE}-ipfs:4001
|
||||
- SERVICE_4001_NAME=${NODE_COMPOSE_SERVICE_NAME}-ipfs:4001
|
||||
- SERVICE_5001_CHECK_TCP=true
|
||||
- SERVICE_5001_NAME=${COMPOSE_SERVICE_NAME_NODE}-ipfs:5001
|
||||
- SERVICE_8080_CHECK_HTTP=${IPFS_SERVICE_8080_CHECK_TCP_NODE}
|
||||
- SERVICE_8080_NAME=${COMPOSE_SERVICE_NAME_NODE}-ipfs:8080
|
||||
- SERVICE_8080_TAGS=${IPFS_SERVICE_8080_TAGS_NODE}
|
||||
- SERVICE_5001_NAME=${NODE_COMPOSE_SERVICE_NAME}-ipfs:5001
|
||||
- SERVICE_8080_CHECK_HTTP=${NODE_IPFS_SERVICE_8080_CHECK_TCP}
|
||||
- SERVICE_8080_NAME=${NODE_COMPOSE_SERVICE_NAME}-ipfs:8080
|
||||
- SERVICE_8080_TAGS=${NODE_IPFS_SERVICE_8080_TAGS}
|
||||
- SERVICE_8081_IGNORE=true
|
||||
networks:
|
||||
- public
|
||||
|
@ -34,17 +61,17 @@ services:
|
|||
- 4001:4001
|
||||
- 5001/tcp
|
||||
- 8080/tcp
|
||||
restart: always
|
||||
ulimits:
|
||||
nofile:
|
||||
soft: 65536
|
||||
hard: 65536
|
||||
volumes:
|
||||
- ipfs:/data/ipfs:delegated
|
||||
restart: always
|
||||
|
||||
volumes:
|
||||
ipfs:
|
||||
name: ${COMPOSE_PROJECT_NAME_NODE}_ipfs
|
||||
name: ${NODE_COMPOSE_PROJECT_NAME}_ipfs
|
||||
|
||||
networks:
|
||||
public:
|
||||
|
|
|
@ -8,20 +8,20 @@ services:
|
|||
- DOCKER_BUILD_DIR=docker/consul
|
||||
context: ../..
|
||||
dockerfile: docker/consul/Dockerfile
|
||||
container_name: ${COMPOSE_PROJECT_NAME_NODE}_consul
|
||||
image: ${DOCKER_REPOSITORY_NODE}/consul:${DOCKER_IMAGE_TAG}
|
||||
container_name: ${NODE_COMPOSE_PROJECT_NAME}_consul
|
||||
image: ${NODE_DOCKER_REPOSITORY}/consul:${DOCKER_IMAGE_TAG}
|
||||
environment:
|
||||
CONSUL_BIND_INTERFACE: '${DOCKER_HOST_IFACE}'
|
||||
CONSUL_CLIENT_INTERFACE: '${DOCKER_HOST_IFACE}'
|
||||
CONSUL_HTTP_TOKEN: '${CONSUL_CONSUL_HTTP_TOKEN}'
|
||||
CONSUL_HTTP_TOKEN: '${NODE_CONSUL_HTTP_TOKEN}'
|
||||
CONSUL_LOCAL_CONFIG: '{ "log_level": "warn"
|
||||
, "enable_script_checks": true
|
||||
, "acl": { "enabled": true
|
||||
, "default_policy": "deny"
|
||||
, "down_policy": "extend-cache"
|
||||
, "enable_token_persistence": true
|
||||
, "tokens": { "initial_management": "$CONSUL_ACL_TOKENS_MASTER"
|
||||
, "agent": "$CONSUL_CONSUL_HTTP_TOKEN"
|
||||
, "tokens": { "initial_management": "${NODE_CONSUL_ACL_TOKENS_MASTER}"
|
||||
, "agent": "${NODE_CONSUL_HTTP_TOKEN}"
|
||||
}
|
||||
}
|
||||
}'
|
||||
|
@ -31,8 +31,8 @@ services:
|
|||
- SERVICE_8301_IGNORE=true
|
||||
- SERVICE_8302_IGNORE=true
|
||||
- SERVICE_8500_CHECK_HTTP=/v1/health/service/consul
|
||||
- SERVICE_8500_NAME=${COMPOSE_SERVICE_NAME_NODE}-consul:8500
|
||||
- SERVICE_8500_TAGS=${CONSUL_SERVICE_8500_TAGS}
|
||||
- SERVICE_8500_NAME=${NODE_COMPOSE_SERVICE_NAME}-consul:8500
|
||||
- SERVICE_8500_TAGS=${NODE_CONSUL_SERVICE_8500_TAGS}
|
||||
- SERVICE_8600_IGNORE=true
|
||||
- SERVICE_ADDRESS=${DOCKER_HOST_INET4}
|
||||
- SERVICE_CHECK_SCRIPT=docker-healthcheck ${DOCKER_HOST_INET4}
|
||||
|
@ -51,9 +51,9 @@ services:
|
|||
- PROCESSOR_ARCHITECTURE=${PROCESSOR_ARCHITECTURE}
|
||||
context: ../..
|
||||
dockerfile: docker/fabio/Dockerfile
|
||||
container_name: ${COMPOSE_PROJECT_NAME_NODE}_fabio
|
||||
image: ${DOCKER_REPOSITORY_NODE}/fabio:${DOCKER_IMAGE_TAG}
|
||||
command: -registry.backend "consul" -registry.consul.addr "consul:8500" -registry.consul.token "$FABIO_CONSUL_HTTP_TOKEN" -proxy.addr ":80,:443;cs=local" -proxy.cs "cs=local;type=file;cert=/certs/${DOMAIN}.crt.pem;key=/certs/${DOMAIN}.key.pem"
|
||||
container_name: ${NODE_COMPOSE_PROJECT_NAME}_fabio
|
||||
image: ${NODE_DOCKER_REPOSITORY}/fabio:${DOCKER_IMAGE_TAG}
|
||||
command: -registry.backend "consul" -registry.consul.addr "consul:8500" -registry.consul.token "${NODE_CONSUL_HTTP_TOKEN}" -proxy.addr ":80,:443;cs=local" -proxy.cs "cs=local;type=file;cert=/certs/${DOMAIN}.crt.pem;key=/certs/${DOMAIN}.key.pem"
|
||||
depends_on:
|
||||
- consul
|
||||
extra_hosts:
|
||||
|
@ -61,12 +61,12 @@ services:
|
|||
hostname: ${HOSTNAME}
|
||||
labels:
|
||||
- SERVICE_80_CHECK_TCP=true
|
||||
- SERVICE_80_NAME=${COMPOSE_SERVICE_NAME_NODE}-fabio:80
|
||||
- SERVICE_80_NAME=${NODE_COMPOSE_SERVICE_NAME}-fabio:80
|
||||
- SERVICE_443_CHECK_TCP=true
|
||||
- SERVICE_443_NAME=${COMPOSE_SERVICE_NAME_NODE}-fabio:443
|
||||
- SERVICE_443_NAME=${NODE_COMPOSE_SERVICE_NAME}-fabio:443
|
||||
- SERVICE_9998_CHECK_HTTP=/routes
|
||||
- SERVICE_9998_NAME=${COMPOSE_SERVICE_NAME_NODE}-fabio:9998
|
||||
- SERVICE_9998_TAGS=${FABIO_SERVICE_9998_TAGS}
|
||||
- SERVICE_9998_NAME=${NODE_COMPOSE_SERVICE_NAME}-fabio:9998
|
||||
- SERVICE_9998_TAGS=${NODE_FABIO_SERVICE_9998_TAGS}
|
||||
- SERVICE_9999_IGNORE=true
|
||||
ports:
|
||||
- 80:80/tcp
|
||||
|
@ -85,13 +85,13 @@ services:
|
|||
- GIT_AUTHOR_EMAIL=${GIT_AUTHOR_EMAIL}
|
||||
context: ../..
|
||||
dockerfile: docker/registrator/Dockerfile
|
||||
container_name: ${COMPOSE_PROJECT_NAME_NODE}_registrator
|
||||
image: ${DOCKER_REPOSITORY_NODE}/registrator:${DOCKER_IMAGE_TAG}
|
||||
container_name: ${NODE_COMPOSE_PROJECT_NAME}_registrator
|
||||
image: ${NODE_DOCKER_REPOSITORY}/registrator:${DOCKER_IMAGE_TAG}
|
||||
command: -internal -cleanup -deregister always -resync=30 -useIpFromNetwork "${DOCKER_NETWORK_PUBLIC}" -useIpFromLabel SERVICE_ADDRESS consul://consul:8500
|
||||
depends_on:
|
||||
- consul
|
||||
environment:
|
||||
- CONSUL_HTTP_TOKEN=${REGISTRATOR_CONSUL_HTTP_TOKEN}
|
||||
- CONSUL_HTTP_TOKEN=${NODE_CONSUL_HTTP_TOKEN}
|
||||
extra_hosts:
|
||||
- consul:${DOCKER_INTERNAL_DOCKER_HOST}
|
||||
hostname: ${HOSTNAME}
|
||||
|
@ -102,10 +102,10 @@ services:
|
|||
|
||||
volumes:
|
||||
consul:
|
||||
name: ${COMPOSE_PROJECT_NAME_NODE}_consul
|
||||
name: ${NODE_COMPOSE_PROJECT_NAME}_consul
|
||||
ssl-certs:
|
||||
external: true
|
||||
name: ${COMPOSE_PROJECT_NAME_NODE}_ssl-certs
|
||||
name: ${NODE_COMPOSE_PROJECT_NAME}_ssl-certs
|
||||
|
||||
networks:
|
||||
public:
|
||||
|
|
|
@ -8,8 +8,8 @@ services:
|
|||
context: ../..
|
||||
dockerfile: docker/pdns-server/Dockerfile
|
||||
command: /usr/local/sbin/pdns_recursor --local-address='192.168.0.1:53' --allow-from='127.0.0.0/8, 192.168.1.0/24, 172.16.0.0/12'
|
||||
container_name: ${COMPOSE_PROJECT_NAME_NODE}_pdns-recursor
|
||||
container_name: ${NODE_COMPOSE_PROJECT_NAME}_pdns-recursor
|
||||
hostname: ${HOSTNAME}
|
||||
image: ${DOCKER_REPOSITORY_NODE}/pdns-recursor:${DOCKER_IMAGE_TAG}
|
||||
image: ${NODE_DOCKER_REPOSITORY}/pdns-recursor:${DOCKER_IMAGE_TAG}
|
||||
network_mode: host
|
||||
restart: always
|
||||
|
|
|
@ -0,0 +1 @@
|
|||
NODE_PORTAINER_SERVICE_9000_TAGS=urlprefix-portainer.${DOMAIN}/
|
|
@ -0,0 +1,28 @@
|
|||
version: '3.6'
|
||||
|
||||
services:
|
||||
portainer:
|
||||
image: portainer/portainer:latest
|
||||
labels:
|
||||
- SERVICE_8000_IGNORE=true
|
||||
- SERVICE_9000_CHECK_HTTP=/
|
||||
- SERVICE_9000_NAME=${NODE_COMPOSE_SERVICE_NAME}-portainer:9000
|
||||
- SERVICE_9000_TAGS=${NODE_PORTAINER_SERVICE_9000_TAGS}
|
||||
networks:
|
||||
- public
|
||||
ports:
|
||||
- 8000
|
||||
- 9000
|
||||
restart: always
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock
|
||||
- portainer:/data
|
||||
|
||||
volumes:
|
||||
portainer:
|
||||
name: ${NODE_COMPOSE_PROJECT_NAME}_portainer
|
||||
|
||||
networks:
|
||||
public:
|
||||
external: true
|
||||
name: ${DOCKER_NETWORK_PUBLIC}
|
|
@ -1,3 +1,3 @@
|
|||
VSFTPD_S3_AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID}
|
||||
VSFTPD_S3_AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY}
|
||||
VSFTPD_S3_FTPD_USERS=ftpuser::ftppass::ftpbucket
|
||||
NODE_VSFTPD_S3_AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID}
|
||||
NODE_VSFTPD_S3_AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY}
|
||||
NODE_VSFTPD_S3_FTPD_USERS=ftpuser::ftppass::ftpbucket
|
||||
|
|
|
@ -9,28 +9,28 @@ services:
|
|||
dockerfile: docker/vsftpd-s3/Dockerfile
|
||||
cap_add:
|
||||
- sys_admin
|
||||
container_name: ${COMPOSE_PROJECT_NAME_NODE}_vsftpd-s3
|
||||
container_name: ${NODE_COMPOSE_PROJECT_NAME}_vsftpd-s3
|
||||
devices:
|
||||
- /dev/fuse
|
||||
environment:
|
||||
- AWS_ACCESS_KEY_ID=${VSFTPD_S3_AWS_ACCESS_KEY_ID}
|
||||
- AWS_SECRET_ACCESS_KEY=${VSFTPD_S3_AWS_SECRET_ACCESS_KEY}
|
||||
- DIR_REMOTE=${VSFTPD_S3_DIR_REMOTE}
|
||||
- FTP_HOST=${VSFTPD_S3_FTP_HOST}
|
||||
- FTP_PASS=${VSFTPD_S3_FTP_PASS}
|
||||
- FTP_SYNC=${VSFTPD_S3_FTP_SYNC}
|
||||
- FTP_USER=${VSFTPD_S3_FTP_USER}
|
||||
- FTPD_USER=${VSFTPD_S3_FTPD_USER}
|
||||
- FTPD_USERS=${VSFTPD_S3_FTPD_USERS}
|
||||
- PASV_MAX_PORT=${VSFTPD_S3_PASV_MAX_PORT}
|
||||
- PASV_MIN_PORT=${VSFTPD_S3_PASV_MIN_PORT}
|
||||
- AWS_ACCESS_KEY_ID=${NODE_VSFTPD_S3_AWS_ACCESS_KEY_ID}
|
||||
- AWS_SECRET_ACCESS_KEY=${NODE_VSFTPD_S3_AWS_SECRET_ACCESS_KEY}
|
||||
- DIR_REMOTE=${NODE_VSFTPD_S3_DIR_REMOTE}
|
||||
- FTP_HOST=${NODE_VSFTPD_S3_FTP_HOST}
|
||||
- FTP_PASS=${NODE_VSFTPD_S3_FTP_PASS}
|
||||
- FTP_SYNC=${NODE_VSFTPD_S3_FTP_SYNC}
|
||||
- FTP_USER=${NODE_VSFTPD_S3_FTP_USER}
|
||||
- FTPD_USER=${NODE_VSFTPD_S3_FTPD_USER}
|
||||
- FTPD_USERS=${NODE_VSFTPD_S3_FTPD_USERS}
|
||||
- PASV_MAX_PORT=${NODE_VSFTPD_S3_PASV_MAX_PORT}
|
||||
- PASV_MIN_PORT=${NODE_VSFTPD_S3_PASV_MIN_PORT}
|
||||
hostname: ${HOSTNAME}
|
||||
image: ${DOCKER_REPOSITORY_NODE}/vsftpd-s3:${DOCKER_IMAGE_TAG}
|
||||
image: ${NODE_DOCKER_REPOSITORY}/vsftpd-s3:${DOCKER_IMAGE_TAG}
|
||||
labels:
|
||||
- SERVICE_21_CHECK_TCP=true
|
||||
- SERVICE_21_NAME=${COMPOSE_SERVICE_NAME_NODE}-vsftpd-s3:21
|
||||
- SERVICE_21_NAME=${NODE_COMPOSE_SERVICE_NAME}-vsftpd-s3:21
|
||||
- SERVICE_22_CHECK_TCP=true
|
||||
- SERVICE_22_NAME=${COMPOSE_SERVICE_NAME_NODE}-vsftpd-s3:22
|
||||
- SERVICE_22_NAME=${NODE_COMPOSE_SERVICE_NAME}-vsftpd-s3:22
|
||||
- SERVICE_65000_IGNORE=true
|
||||
security_opt:
|
||||
- apparmor:unconfined
|
||||
|
|
|
@ -0,0 +1 @@
|
|||
PORTAINER_SERVICE_9000_TAGS=urlprefix-portainer.${APP_DOMAIN}/
|
|
@ -0,0 +1,7 @@
|
|||
IPFS_API_HTTPHEADERS_ACA_CREDENTIALS=["true"]
|
||||
IPFS_API_HTTPHEADERS_ACA_METHODS=["PUT", "GET", "POST"]
|
||||
IPFS_API_HTTPHEADERS_ACA_ORIGIN=["http://astroport", "https://astroport.com", "https://qo-op.com", "https://tube.copylaradio.com" ]
|
||||
IPFS_EXPERIMENTAL_LIBP2PSTREAMMOUNTING=true
|
||||
IPFS_EXPERIMENTAL_P2PHTTPPROXY=true
|
||||
IPFS_SWARM_CONNMGR_HIGHWATER=0
|
||||
IPFS_SWARM_CONNMGR_LOWWATER=0
|
Loading…
Reference in New Issue