From a2f268c09a8c78127d10217b2c6008aa333b3148 Mon Sep 17 00:00:00 2001 From: djerom Date: Fri, 5 Jul 2024 09:40:30 +0500 Subject: [PATCH] base ubutnu installation --- .env.example | 5 +++++ alpine-node.sh | 1 - alpine/cron-updater.run.sh | 1 + install-keys.sh | 1 + srv/agent.yml | 13 +++++++++++++ srv/docker-compose.yml | 5 +++++ srv/mysql.yml | 18 ++++++++++++++++++ srv/traefik.yml | 31 +++++++++++++++++++++++++++++++ srv/update.sh | 3 +++ ubuntu/install-node.sh | 16 ++++++++++++++++ 10 files changed, 93 insertions(+), 1 deletion(-) create mode 100644 .env.example delete mode 100644 alpine-node.sh create mode 100644 alpine/cron-updater.run.sh create mode 100644 install-keys.sh create mode 100644 srv/agent.yml create mode 100644 srv/docker-compose.yml create mode 100644 srv/mysql.yml create mode 100644 srv/traefik.yml create mode 100644 srv/update.sh create mode 100644 ubuntu/install-node.sh diff --git a/.env.example b/.env.example new file mode 100644 index 0000000..9bf4b13 --- /dev/null +++ b/.env.example @@ -0,0 +1,5 @@ +DOMAIN=example.com + +COMPOSE_FILE=traefik.yml:agent.yml:docker-compose.yml + +HTP= \ No newline at end of file diff --git a/alpine-node.sh b/alpine-node.sh deleted file mode 100644 index cef18de..0000000 --- a/alpine-node.sh +++ /dev/null @@ -1 +0,0 @@ -echo 100 \ No newline at end of file diff --git a/alpine/cron-updater.run.sh b/alpine/cron-updater.run.sh new file mode 100644 index 0000000..e754adc --- /dev/null +++ b/alpine/cron-updater.run.sh @@ -0,0 +1 @@ +echo "*/3 * * * * /srv/update.sh" >> /etc/crontabs/root \ No newline at end of file diff --git a/install-keys.sh b/install-keys.sh new file mode 100644 index 0000000..d55f11e --- /dev/null +++ b/install-keys.sh @@ -0,0 +1 @@ +echo ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDClgKOnqBTUDtdJcsXEjEPbnSxc+qWjhuHmYQZqdyKShEO2Edg8N0u0QIVNmoWVQFOkZOwTBJwJJs4Wsjn1Z0Ika+ZayefSY8Cgdm1mXUJW5dSCjVebUDJMDc2P1J4XPCiWQQXdvDD5dpcx83DQKOzG4l+iYXTFYSjYgUDHTP6hSpFjIGjVFXG73n4+04fLUSSEeP9MnFIGXD+vhID0FfIsj6zLnsRGDc7r9Y0uGJpD/RTiFtNoL1QGeetF9YdBjnou8yeD9egV8+AIZ8L0vNZxXeDG/irwmbXLEunvoQ8TwkZHMGf6H//ndoTTTygD1oqt5bIYajSk9X/kz7GtvACgveve7YjK0CAqO24bZzgK2+nj5Y08OFI3LccAe5SCwSx8IxBLfxGeDVim8A7CLBRyw4Jsld2BqWlzXJNmj+I5bn8iIPoCtARCreQkGCHgg1ZALpFvDkMYSU+kysrKSl40Ftyvno6HiBJJdu+7J+IjYa4/VhigDxg8UkXE+8lPr8= d@timal.kz > /root/.ssh/authorized_keys diff --git a/srv/agent.yml b/srv/agent.yml new file mode 100644 index 0000000..40771ed --- /dev/null +++ b/srv/agent.yml @@ -0,0 +1,13 @@ +version: '3' + +services: + agent: + image: portainer/agent:2.19.1 + volumes: + - /var/run/docker.sock:/var/run/docker.sock + - /var/lib/docker/volumes:/var/lib/docker/volumes + restart: always + ports: + - 9001:9001 + labels: + - traefik.enable=false \ No newline at end of file diff --git a/srv/docker-compose.yml b/srv/docker-compose.yml new file mode 100644 index 0000000..387ad9b --- /dev/null +++ b/srv/docker-compose.yml @@ -0,0 +1,5 @@ +version: '3' + +services: + dummy: + image: busybox \ No newline at end of file diff --git a/srv/mysql.yml b/srv/mysql.yml new file mode 100644 index 0000000..018fee0 --- /dev/null +++ b/srv/mysql.yml @@ -0,0 +1,18 @@ +version: '3' + +services: + mysql: + image: mariadb + restart: always + environment: + - MARIADB_ROOT_PASSWORD=${MYSQL_PASSWORD} + volumes: + - ./mysql:/var/lib/mysql + labels: + - traefik.enable=false + + pma: + image: phpmyadmin/phpmyadmin + restart: always + environment: + - PMA_HOST=mysql \ No newline at end of file diff --git a/srv/traefik.yml b/srv/traefik.yml new file mode 100644 index 0000000..f38840f --- /dev/null +++ b/srv/traefik.yml @@ -0,0 +1,31 @@ +version: '3' + +services: + traefik: + image: traefik:v2.9 + restart: always + command: + - --entrypoints.web.address=:80 + - --entrypoints.web.http.redirections.entrypoint.to=websecure + - --entrypoints.websecure.address=:443 + - --entrypoints.websecure.http.tls=true + - --entrypoints.websecure.http.tls.certresolver=le + - --providers.docker + - --providers.docker.exposedByDefault=true + - --providers.docker.defaultRule=Host(`{{ index .Labels "com.docker.compose.service" }}.${DOMAIN}`) + - --api + - --certificatesresolvers.le.acme.email=admin@mail.${DOMAIN} + - --certificatesresolvers.le.acme.storage=/acme/acme.json + - --certificatesresolvers.le.acme.tlschallenge=true +# - --certificatesresolvers.le.acme.httpchallenge=true +# - --certificatesresolvers.le.acme.httpchallenge.entrypoint=web + ports: + - 80:80 + - 443:443 + volumes: + - "/var/run/docker.sock:/var/run/docker.sock:ro" + - "./traefik/acme:/acme" + labels: + - traefik.http.routers.traefik.service=api@internal + - traefik.http.middlewares.auth.basicauth.users=${HTP}test:$$apr1$$H6uskkkW$$IgXLP6ewTrSuBkTrqE8wj/,test2:$$apr1$$d9hr9HBB$$4HxwgUir3HP4EsggP/QNo0 + - traefik.http.routers.traefik.middlewares=myauth \ No newline at end of file diff --git a/srv/update.sh b/srv/update.sh new file mode 100644 index 0000000..a9bcd76 --- /dev/null +++ b/srv/update.sh @@ -0,0 +1,3 @@ +cd /srv +echo $(date) > lastupdate +docker-compose pull && docker-compose up -d --remove-orphans \ No newline at end of file diff --git a/ubuntu/install-node.sh b/ubuntu/install-node.sh new file mode 100644 index 0000000..9e03671 --- /dev/null +++ b/ubuntu/install-node.sh @@ -0,0 +1,16 @@ +cd /srv + +# install software +apt install nano wget curl docker.io docker-compose -y + +# install keys +curl https://git.infra.timal.kz/djerom/public/raw/branch/master/install-keys.sh | bash + +# copy base services (traefik, agent) +wget https://git.infra.timal.kz/djerom/public/raw/branch/master/srv/traefik.yml +wget https://git.infra.timal.kz/djerom/public/raw/branch/master/srv/agent.yml +wget https://git.infra.timal.kz/djerom/public/raw/branch/master/srv/mysql.yml + +# install updater +wget https://git.infra.timal.kz/djerom/public/raw/branch/master/srv/update.sh +echo "*/3 * * * * /srv/update.sh" >> /etc/crontabs/root \ No newline at end of file