kris/homelab
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

base: kris:HOST_IP
Branches Tags
kris:main kris:podman kris:bitwarden kris:testing kris:dockerbox_update kris:HOST_IP kris:gitea kris:organize kris:staticweb kris:vagrantfile kris:proxy_script kris:master kris:jellyfin kris:traefik kris:dockerbox_bullseye kris:readme kris:kutt kris:mediawiki kris:jekyll kris:docs
..
compare: kris:d5bad0b1ccda5fa863241d5d5e5fb1ab1e080689
Branches Tags
kris:podman kris:bitwarden kris:main kris:testing kris:dockerbox_update kris:HOST_IP kris:gitea kris:organize kris:staticweb kris:vagrantfile kris:proxy_script kris:master kris:jellyfin kris:traefik kris:dockerbox_bullseye kris:readme kris:kutt kris:mediawiki kris:jekyll kris:docs

2 Commits
HOST_IP ... d5bad0b1cc

Author SHA1 Message Date
Kris Lamoureux
d5bad0b1cc testing 2023-12-08 20:06:48 -05:00
Kris Lamoureux
91de9d05ac testing 2023-12-05 21:55:52 -05:00
3 changed files with 57 additions and 35 deletions
Expand all files Collapse all files

11
dev/dockerbox.yml
View File

@@ -5,9 +5,10 @@
- host_vars/dockerbox.yml - host_vars/dockerbox.yml
roles: roles:
- base - base
- proxy
- mariadb
- docker - docker
- traefik # - nextcloud
- nextcloud # - jenkins
- jenkins # - prometheus
- prometheus # - nginx
- nginx

57
dev/host_vars/dockerbox.yml
View File

@@ -2,29 +2,54 @@
allow_reboot: false allow_reboot: false
manage_network: false manage_network: false
# Import my GPG key for git signature verification
root_gpgkeys:
- name: kris@lamoureux.io
id: FBF673CEEC030F8AECA814E73EDA9C3441EDA925
# proxy
proxy:
servers:
# This exposes over 0.0.0.0:443 instead of 127.0.0.1:8443
#- domain: traefik.local.krislamo.org
# proxy_pass: https://127.0.0.1:8443
- domain: cloud.local.krislamo.org
proxy_pass: http://127.0.0.1:8000
# docker # docker
docker_official: true # docker's apt repos
docker_users: docker_users:
- vagrant - vagrant
# traefik docker_compose_env_nolog: false # dev only setting
traefik_version: latest docker_compose_deploy:
traefik_dashboard: true # Traefik
traefik_domain: traefik.local.krislamo.org - name: traefik
traefik_auth: admin:$apr1$T1l.BCFz$Jyg8msXYEAUi3LLH39I9d1 # admin:admin url: https://github.com/krislamo/traefik
traefik_web_entry: 0.0.0.0:80 version: e03268af4cf942c47cba66c2112628dbcad1b756
traefik_websecure_entry: 0.0.0.0:443 path: docker-compose.web.yml
#traefik_acme_email: realemail@example.com # Let's Encrypt settings enabled: true
#traefik_production: true accept_newhostkey: true
#traefik_http_only: true # if behind reverse-proxy trusted_keys:
- FBF673CEEC030F8AECA814E73EDA9C3441EDA925
env:
ENABLE: true
# Nextcloud
- name: nextcloud
url: https://git.krislamo.org/kris/nextcloud
version: a2e38cec703839211e11dc8347b4cdd62fa6f24d
enabled: true
env:
DATA: ./data
# nextcloud # nextcloud
nextcloud_version: stable #nextcloud_version: stable
nextcloud_admin: admin #nextcloud_admin: admin
nextcloud_pass: password #nextcloud_pass: password
nextcloud_domain: cloud.local.krislamo.org #nextcloud_domain: cloud.local.krislamo.org
nextcloud_dbversion: latest #nextcloud_dbversion: latest
nextcloud_dbpass: password #nextcloud_dbpass: password
# jenkins # jenkins
jenkins_version: lts jenkins_version: lts

24
forward-ssh.sh
View File

@@ -22,12 +22,13 @@
# Root check # Root check
if [ "$EUID" -ne 0 ]; then if [ "$EUID" -ne 0 ]; then
echo "[ERROR]: Please run this script as root" echo "[ERROR]: Please run script as root"
exit 1 exit 1
fi fi
# Clean environment # Clean environment
unset PRIVATE_KEY unset PRIVATE_KEY
unset HOST_IP
unset MATCH_PATTERN unset MATCH_PATTERN
unset PKILL_ANSWER unset PKILL_ANSWER
@@ -40,8 +41,8 @@ function ssh_connect {
printf "[INFO]: Starting new vagrant SSH tunnel on PID " printf "[INFO]: Starting new vagrant SSH tunnel on PID "
sudo -u "$USER" ssh -fNT -i "$PRIVATE_KEY" \ sudo -u "$USER" ssh -fNT -i "$PRIVATE_KEY" \
-L 22:localhost:22 \ -L 22:localhost:22 \
-L 80:"$HOST_IP":80 \ -L 80:localhost:80 \
-L 443:"$HOST_IP":443 \ -L 443:localhost:443 \
-L 8443:localhost:8443 \ -L 8443:localhost:8443 \
-o UserKnownHostsFile=/dev/null \ -o UserKnownHostsFile=/dev/null \
-o StrictHostKeyChecking=no \ -o StrictHostKeyChecking=no \
@@ -50,7 +51,7 @@ function ssh_connect {
pgrep -f "$MATCH_PATTERN" pgrep -f "$MATCH_PATTERN"
;; ;;
*) *)
echo "[INFO]: Declined to start a new vagrant SSH tunnel" echo "[INFO]: Delined to start a new vagrant SSH tunnel"
exit 0 exit 0
;; ;;
esac esac
@@ -63,7 +64,7 @@ PRIVATE_KEY="$(find .vagrant -name "private_key" 2>/dev/null | sort)"
if [ "$(echo "$PRIVATE_KEY" | wc -l)" -gt 1 ]; then if [ "$(echo "$PRIVATE_KEY" | wc -l)" -gt 1 ]; then
while IFS= read -r KEYFILE; do while IFS= read -r KEYFILE; do
if ! ssh-keygen -l -f "$KEYFILE" &>/dev/null; then if ! ssh-keygen -l -f "$KEYFILE" &>/dev/null; then
echo "[ERROR]: The SSH key '$KEYFILE' is not valid. Are your virtual machines running?" echo "[ERROR]: The SSH key '$KEYFILE' is not valid. Is your virtual machines running?"
exit 1 exit 1
fi fi
echo "[CHECK]: Valid key at $KEYFILE" echo "[CHECK]: Valid key at $KEYFILE"
@@ -77,17 +78,12 @@ else
fi fi
# Grab first IP or use whatever HOST_IP_FIELD is set to and check that the guest is up # Grab first IP or use whatever HOST_IP_FIELD is set to and check that the guest is up
HOST_IP="$(vagrant ssh -c "hostname -I | cut -d' ' -f${HOST_IP_FIELD:-1}" "${1:-default}" 2>/dev/null)"
if [ -z "$HOST_IP" ]; then if [ -z "$HOST_IP" ]; then
HOST_IP="$(sudo -u "$SUDO_USER" vagrant ssh -c "hostname -I | cut -d' ' -f${HOST_IP_FIELD:-1}" "${1:-default}" 2>/dev/null)" echo "[ERROR]: Failed to find ${1:-default}'s IP"
exit 1
if [ -z "$HOST_IP" ]; then
echo "[ERROR]: Failed to find ${1:-default}'s IP"
exit 1
fi
HOST_IP="${HOST_IP::-1}" # trim
else
echo "[INFO]: HOST_IP configured by the shell environment"
fi fi
HOST_IP="${HOST_IP::-1}" # trim
if ! ping -c 1 "$HOST_IP" &>/dev/null; then if ! ping -c 1 "$HOST_IP" &>/dev/null; then
echo "[ERROR]: Cannot ping the host IP '$HOST_IP'" echo "[ERROR]: Cannot ping the host IP '$HOST_IP'"