Move services to a service folder

2023-01-20 19:05:19 +01:00
parent 44b95372a1
commit 2a03974c18
49 changed files with 4 additions and 0 deletions
--- a/bootstrap/README.md
+++ b/bootstrap/README.md
@@ -1,82 +0,0 @@
-# Bootstrap
-
-Set up a MacVLAN network
-
-As an example, with the following network setup:
- interface to LAN: `bond0`
- Complete LAN subnet: `192.168.0.0/23`
- LAN gateway: `192.168.0.1`
- DHCP range: `192.168.0.0/24` (excluding gateway)
- MacVLAN interface name: `macvlan0` (user defined)
- MacVLAN range: `192.168.1.0/24` (should be outside of DHCP range)
- MacVLAN host IP: `192.168.1.1` (should be in the MacVLAN range)
-
-```
-ip link add macvlan0 link bond0 type macvlan mode bridge
-ip addr add 192.168.1.0/32 dev macvlan0
-ip link set macvlan0 up
-ip route add 192.168.1.0/24 dev macvlan0
-```
-
-Run portainer once
-```
-docker run --rm -p 9443:9443 -v /var/run/docker.sock:/var/run/docker.sock portainer/portainer-ce:latest
-```
-
-### Environment variables
- `NASCOMPOSE_SERVICES`: Absolute path to the `services` folder
-
-## Docker
-[`alpine/socat`](https://hub.docker.com/r/alpine/socat/) exposes the docker socket as a port.
-
-### 🌐 Ports
- `2375 TCP`: Docker API
-
-### 📂 Volumes
- `/var/run/docker.sock`: Socket file from host mounted as it to be exposed.
-
-### 📒 Documentation
- [socat](https://linux.die.net/man/1/socat) manual
-
-## Traefik
-[`traefik`](https://hub.docker.com/_/traefik) is a reverse proxy for docker services.
-
-### 🌐 Ports
- `80 TCP`: HTTP access. Should always redirect to HTTPs
- `443 TCP`: HTTPs access
-
-### 📂 Volumes
- `traefik_dynamic_config`: Folder containing the dynamic configuration for `File` provider. See [traefik documentation](https://doc.traefik.io/traefik/providers/file/).
-
-### 📝 Configs
- `traefik_config`: Static configuration from `File` provider. See [traefik documentation](https://doc.traefik.io/traefik/providers/file/).
-
-### 🔒 Secrets
- `traefik_password`: Basic Auth username/password to access Traefik. Encoded using htpasswd (or [equivalent](https://hostingcanada.org/htpasswd-generator/)), use BCrypt at least.
- `traefik_tls_cert`: Self-signed certificate for Traefik. Particularly useful in development to avoid generating new certificates on each restart.
- `traefik_tls_key`: Self-signed private key for Traefik. Used with `traefik_tls_cert`.
-
-### 📒 Documentation
- [Traefik](https://doc.traefik.io/) official documentation
-
-## Portainer
-[`portainer/portainer-ce`](https://hub.docker.com/r/portainer/portainer-ce) is a docker instance manager.
-Useful to manage the stacks/docker-compose configuration for the NAS.
-
-Set up to use the port exposed via the `Docker` container. It displays information about all docker resources available on the host. \
-It excludes all resources with the tag `nas-compose.boostrap: true`.
-
-Each compose file (except the `bootstrap.docker-compose.yaml`) need to be added as a [stack](https://docs.portainer.io/user/docker/stacks/add), with the right environment variables set.
-
-
-### 🌐 Ports
- `9443 TCP`: HTTPs (self-signed) access to the web interface
-
-### 📂 Volumes
- ⚠️ `portainer_data`: All configuration and application data related to portainer. **It contains sensitive files**
-
-### 🔒 Secrets
- `portainer_password`: Admin default admin's password
-
-### 📒 Documentation
- [Portainer](https://docs.portainer.io/) official documentation
--- a/bootstrap/docker-compose.local.yml
+++ b/bootstrap/docker-compose.local.yml
@@ -1,4 +0,0 @@
-services:
-  portainer:
-    ports:
-      - 9443:9443
--- a/bootstrap/docker-compose.macvlan.yml
+++ b/bootstrap/docker-compose.macvlan.yml
@@ -1,21 +0,0 @@
-services:
-  portainer:
-    networks:
-      macvlan:
-        ipv4_address: ${NASCOMPOSE_MACVLAN_PORTAINER_IP?}
-
-networks:
-  macvlan:
-    name: macvlan
-    driver: macvlan
-    driver_opts:
-      parent: ${NASCOMPOSE_MACVLAN_IFACE?}
-    ipam:
-      config:
-        - subnet: ${NASCOMPOSE_MACVLAN_SUBNET?}
-          gateway: ${NASCOMPOSE_MACVLAN_GATEWAY?}
-          ip_range: ${NASCOMPOSE_MACVLAN_RANGE?}
-          aux_addresses:
-            nas: ${NASCOMPOSE_MACVLAN_HOST_IP?}
-    labels:
-      nas-compose.boostrap: true
--- a/bootstrap/docker-compose.yml
+++ b/bootstrap/docker-compose.yml
@@ -1,51 +0,0 @@
-name: Bootstrap
-
-services:
-  docker:
-    image: alpine/socat
-    command: tcp-listen:2375,fork,reuseaddr unix-connect:/var/run/docker.sock
-    networks:
-      - docker
-    volumes:
-      - /var/run/docker.sock:/var/run/docker.sock
-    restart: unless-stopped
-    labels:
-      nas-compose.boostrap: true
-
-  portainer:
-    image: portainer/portainer-ce
-    command: >
-      --host tcp://docker:2375
-      --hide-label nas-compose.boostrap=true
-      --admin-password-file /run/secrets/portainer_password
-    user: ${NASCOMPOSE_UID?}:${NASCOMPOSE_GID?}
-    networks:
-      - docker
-    volumes:
-      - portainer_data:/data/
-    secrets:
-      - portainer_password
-    depends_on:
-      - docker
-    restart: unless-stopped
-    labels:
-      nas-compose.boostrap: true
-
-networks:
-  docker:
-    name: docker
-    labels:
-      nas-compose.boostrap: true
-
-volumes:
-  portainer_data:
-    driver_opts:
-      type: none
-      o: bind
-      device: ${NASCOMPOSE_SERVICES?}/bootstrap/volumes/portainer_data/
-    labels:
-      nas-compose.boostrap: true
-
-secrets:
-  portainer_password:
-    file: ${NASCOMPOSE_SERVICES?}/bootstrap/secrets/portainer_password
--- a/bootstrap/secrets/.gitkeep
+++ b/bootstrap/secrets/.gitkeep
--- a/bootstrap/volumes/portainer_data/.gitkeep
+++ b/bootstrap/volumes/portainer_data/.gitkeep