207 lines
4.6 KiB
Markdown
207 lines
4.6 KiB
Markdown
# myos - Make Your Own Stack
|
|
|
|
Docker paas based on docker compose and make files.
|
|
|
|
Make Your Own Stack provides common make targets to build and run docker projects.
|
|
|
|
## Disclaimer
|
|
|
|
This is beta software, use it at your own risks.
|
|
|
|
## Requirements
|
|
|
|
You need `docker`, `git` and `make`.
|
|
|
|
## Install
|
|
|
|
* Include MYOS file `make/include.mk` adding the following lines to your project file `Makefile`.
|
|
|
|
```
|
|
MYOS ?= ../myos
|
|
MYOS_REPOSITORY ?= $(patsubst %/$(APP),%/myos,$(APP_REPOSITORY))
|
|
APP ?= $(lastword $(subst /, ,$(APP_REPOSITORY)))
|
|
APP_REPOSITORY ?= $(shell git config --get remote.origin.url 2>/dev/null)
|
|
$(MYOS):
|
|
-@git clone $(MYOS_REPOSITORY) $(MYOS)
|
|
-include $(MYOS)/make/include.mk
|
|
```
|
|
|
|
* Call the `make help` command to show available targets.
|
|
|
|
```
|
|
$ make help
|
|
Usage:
|
|
make [target]
|
|
|
|
Targets:
|
|
help This help
|
|
[...]
|
|
```
|
|
|
|
## Usage
|
|
|
|
### Examples
|
|
|
|
* Configure myos for domain `domain.tld` and stack `default`
|
|
|
|
```shell
|
|
$ make bootstrap DOMAIN=domain.tld STACK=default
|
|
```
|
|
|
|
* Start myos stack `host`
|
|
|
|
```shell
|
|
$ make host
|
|
```
|
|
|
|
`make host` starts the stack `host` with docker host services :
|
|
- consul (service discovery) on host port 8500
|
|
- fabio (load balancer) on host ports 80 and 443
|
|
- registrator (docker/consul bridge)
|
|
|
|
* Stop myos
|
|
|
|
```shell
|
|
$ make shutdown
|
|
```
|
|
|
|
### Variables
|
|
|
|
* DEBUG
|
|
|
|
Show executed commands.
|
|
|
|
```shell
|
|
$ make up DEBUG=true
|
|
```
|
|
|
|
* DRYRUN
|
|
|
|
Do nothing, show commands instead of executing it.
|
|
|
|
```shell
|
|
$ make up DRYRUN=true
|
|
```
|
|
|
|
* VERBOSE
|
|
|
|
Show called functions.
|
|
|
|
```shell
|
|
$ make up VERBOSE=true
|
|
```
|
|
|
|
* Show variable USER
|
|
|
|
```shell
|
|
$ make print-USER
|
|
```
|
|
|
|
#### Setup
|
|
|
|
* SETUP_LETSENCRYPT
|
|
|
|
Generate ${DOMAIN} certificate files with letsencrypt.
|
|
|
|
By default, myos generates invalid ${DOMAIN} certificate files with openssl.
|
|
You can use letsencrypt instead, to generate valid wildcard certificate files.
|
|
|
|
To achieve this, you must add following DNS entries to domain ${DOMAIN} to prove you own it:
|
|
|
|
```
|
|
_acme-challenge.${DOMAIN} IN CNAME ${DOMAIN}.acme.${DOMAIN}.
|
|
acme.${DOMAIN}. IN NS certbot.${DOMAIN}.
|
|
certbot.${DOMAIN}. IN A ${DOCKER_HOST_INET4}
|
|
```
|
|
|
|
In this config, DOCKER_HOST_INET4 should be the external IP address of the server running certbot.
|
|
Port 53 of this IP address must be reachable from internet and point to this server.
|
|
|
|
If you want a simple DNS configuration to host all your services on the same server, you can setup following DNS config:
|
|
|
|
```
|
|
@ IN A ${DOCKER_HOST_INET4}
|
|
*.${DOMAIN}. IN CNAME ${DOMAIN}.
|
|
_acme-challenge.${DOMAIN} IN CNAME ${DOMAIN}.acme.${DOMAIN}.
|
|
acme.${DOMAIN}. IN NS ${DOMAIN}.
|
|
```
|
|
|
|
This will point domain ${DOMAIN} to the IP address ${DOCKER_HOST_INET4} of this server, and point all subdomains *.{DOMAIN} to the ip address pointed by ${DOMAIN}.
|
|
|
|
At this point, you should be able to generate a valid certificate for *.${DOMAIN} using certbot [dns standalone](https://github.com/siilike/certbot-dns-standalone) plugin.
|
|
This task is done automatically when creating the host stack if SETUP_LETSENCRYPT variable is not empty.
|
|
|
|
If you already launched myos host stack before, the ${DOMAIN} certificates has been automatically generated by openssl and you should remove them before trying to generate them with letsencrypt.
|
|
|
|
```
|
|
$ make host-down
|
|
$ docker volume rm $(hostname)
|
|
```
|
|
|
|
You can then test the letsencrypt certificate generation using DEBUG mode that force to use the letsencrypt staging server.
|
|
|
|
```
|
|
$ make host SETUP_LETSENCRYPT=true DEBUG=true
|
|
```
|
|
|
|
If letsencrypt certificate generation fails, you can retry the generation of a staging certificate.
|
|
|
|
```
|
|
$ make host-certbot-staging
|
|
```
|
|
|
|
Once the certificate generation is working, you can ask for a valid certificate.
|
|
|
|
```
|
|
$ make host-down
|
|
$ docker volume rm $(hostname)
|
|
$ make host SETUP_LETSENCRYPT=true
|
|
```
|
|
|
|
* SETUP_UFW
|
|
|
|
Control linux firewall rules with ufw.
|
|
|
|
```
|
|
$ echo SETUP_UFW=true >> .env
|
|
$ make setup-ufw
|
|
```
|
|
|
|
### Debug
|
|
|
|
* Show docker compose yaml config
|
|
|
|
```shell
|
|
$ make config
|
|
```
|
|
|
|
`make config` show docker compose yaml config for stack `STACK`
|
|
`make host-config` show docker compose yaml config for stack `host`
|
|
`make user-config` show docker compose yaml config for stack `User`
|
|
`make stack-elastic-config` show docker compose yaml config for stack `elastic`
|
|
|
|
* Show debug variables
|
|
|
|
```shell
|
|
$ make debug
|
|
```
|
|
|
|
* Generate self documentation
|
|
|
|
```shell
|
|
$ make doc
|
|
```
|
|
|
|
* Show env args
|
|
|
|
```shell
|
|
$ make print-env_args
|
|
```
|
|
|
|
* Show user mail
|
|
|
|
```shell
|
|
$ make print-MAIL
|
|
```
|
|
|