Fully operational death star
Added deploy directory for spinning up container via docker-compose Added publish directory for publishing arm/amd images to docker hub Various tweeks to the source scripts Added test directory for easier testing of scripts and imagesmaster
parent
c52867afdd
commit
496d3cbd68
|
@ -1,4 +1,7 @@
|
||||||
archive/
|
archive/
|
||||||
config/
|
config/
|
||||||
|
settings/
|
||||||
data/
|
data/
|
||||||
logs/
|
logs/
|
||||||
|
.env
|
||||||
|
test/opt/
|
27
build
27
build
|
@ -1,8 +1,29 @@
|
||||||
|
SDIR=$(dirname "$(realpath "$BASH_SOURCE")")
|
||||||
build=${UDBUILD:-$(command -v udbuild)}
|
build=${UDBUILD:-$(command -v udbuild)}
|
||||||
if [[ $build ]];then
|
if [[ $build ]];then
|
||||||
echo copying conf directory into image source before build
|
# by sourcing the build script and then calling the build function udbuild
|
||||||
/bin/cp -R -p conf/. src/init/opt/caddy/conf
|
# the build script environment will be availabe in this script
|
||||||
$build -a "$@"
|
source $build
|
||||||
|
udbuild load_env_file $@
|
||||||
|
udbuild build_src
|
||||||
|
echo caddy build source at $BUILD_SRC
|
||||||
|
if [[ $BUILD_CADDY_CONF ]]; then
|
||||||
|
CONF_DIR=${CONF_DIR:-${PWD}/conf}
|
||||||
|
if [[ -d $CONF_DIR ]]; then
|
||||||
|
mkdir -p ${BUILD_SRC}/init/caddy/conf
|
||||||
|
echo adding caddy conf/ directory $CONF_DIR to build
|
||||||
|
ls -la $CONF_DIR
|
||||||
|
/bin/cp -R $CONF_DIR/. ${BUILD_SRC}/init/caddy/conf
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
BUILD_PKGS=${BUILD_PKGS:-${PWD}/caddy.pkgs}
|
||||||
|
if [[ -f $BUILD_PKGS ]]; then
|
||||||
|
echo adding caddy packages at $BUILD_PKGS to build
|
||||||
|
/bin/cp $BUILD_PKGS ${BUILD_SRC}/init/caddy.pkgs
|
||||||
|
fi
|
||||||
|
udbuild "$@"
|
||||||
|
rm -rf ${BUILD_SRC}/init/caddy/conf/
|
||||||
|
rm -f ${BUILD_SRC}/init/caddy.pkgs
|
||||||
else
|
else
|
||||||
echo can not find UCI Docker Build script, run ./install from the uci-docker-build repo
|
echo can not find UCI Docker Build script, run ./install from the uci-docker-build repo
|
||||||
fi
|
fi
|
|
@ -0,0 +1,17 @@
|
||||||
|
# you can use a custom confiuration file
|
||||||
|
# copy this to say my.conf
|
||||||
|
# then in .env use CONF=my
|
||||||
|
# and my.conf will be used instead of Caddyfile
|
||||||
|
*.mydomain.net {
|
||||||
|
|
||||||
|
tls email@gmail.com {
|
||||||
|
dns route53 {
|
||||||
|
max_retries 10
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
@portainer host docker.mydomain.net
|
||||||
|
handle @portainer {
|
||||||
|
reverse_proxy 10.0.0.5:9000
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,5 @@
|
||||||
|
# comment lines are ignored thus a way to disable adding a package
|
||||||
|
# caddy.pkgs in the conf folder are added at run time
|
||||||
|
# alternatively packages can be baked in to an image during build, see docs
|
||||||
|
# github.com/caddy-dns/route53
|
||||||
|
# github.com/greenpau/caddy-security
|
|
@ -0,0 +1,13 @@
|
||||||
|
*.mydomain.net {
|
||||||
|
|
||||||
|
tls email@gmail.com {
|
||||||
|
dns route53 {
|
||||||
|
max_retries 10
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
@portainer host docker.mydomain.net
|
||||||
|
handle @portainer {
|
||||||
|
reverse_proxy 10.0.0.5:9000
|
||||||
|
}
|
||||||
|
}
|
|
@ -1,34 +1,34 @@
|
||||||
# Example usage
|
|
||||||
|
|
||||||
services:
|
services:
|
||||||
caddy:
|
caddy:
|
||||||
container_name: ${NAME:-caddy}
|
container_name: ${NAME:-caddy}
|
||||||
image: ${IMAGE:-caddy}
|
image: ${IMAGE:-caddy}
|
||||||
# if no $CONF is given then Caddyfile in ${PWD}/conf:/opt/caddy/conf will be used
|
# if no $CONF is given then Caddyfile in ${PWD}/conf:/opt/caddy/conf will be used
|
||||||
command: /opt/caddy/caddy run $CONF
|
command: caddy run ${CONF}
|
||||||
hostname: ${NAME:-caddy}
|
hostname: ${NAME:-caddy}
|
||||||
env_file:
|
env_file:
|
||||||
- $CREDENTIALS
|
- $CREDENTIALS
|
||||||
volumes:
|
volumes:
|
||||||
- data:/opt/caddy/data
|
- data:/opt/caddy/data
|
||||||
- config:/opt/caddy/config
|
- settings:/opt/caddy/settings
|
||||||
- conf:/opt/caddy/conf
|
- conf:/opt/caddy/conf
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
ports:
|
ports:
|
||||||
- 80:80
|
- 80:80
|
||||||
- 443:443
|
- 443:443
|
||||||
- 2019:2019
|
- 2019:2019
|
||||||
|
# binding data and settings are not required
|
||||||
|
# But if there volumes are deleted caddy will need to redo all the certs
|
||||||
volumes:
|
volumes:
|
||||||
data:
|
data:
|
||||||
driver_opts:
|
# driver_opts:
|
||||||
type: none
|
# type: none
|
||||||
device: ${PWD}/data
|
# device: ${PWD}/data
|
||||||
o: bind
|
# o: bind
|
||||||
config:
|
settings:
|
||||||
driver_opts:
|
# driver_opts:
|
||||||
type: none
|
# type: none
|
||||||
device: ${PWD}/config
|
# device: ${PWD}/config
|
||||||
o: bind
|
# o: bind
|
||||||
conf:
|
conf:
|
||||||
driver_opts:
|
driver_opts:
|
||||||
type: none
|
type: none
|
|
@ -0,0 +1,12 @@
|
||||||
|
# copy to .env and edit to suit
|
||||||
|
COMPOSE_PROJECT_NAME=caddy
|
||||||
|
# default NAME is caddy
|
||||||
|
# NAME=$COMPOSE_PROJECT_NAME
|
||||||
|
# to use a deployed image
|
||||||
|
# IMAGE=mydockerhubaccount/caddy-r53
|
||||||
|
# will use Caddyfile unless CONF is set
|
||||||
|
# this file should be in /conf on your host (e.g. my.conf)
|
||||||
|
# CONF=my
|
||||||
|
# this is a package specific environment example
|
||||||
|
# creditials required for route 53, this is package specific
|
||||||
|
# CREDENTIALS=/path/to/aws-credentials.env
|
|
@ -0,0 +1,3 @@
|
||||||
|
[[ $1 ]] && opt="-n $1"
|
||||||
|
[[ $1 == "f" ]] && opt="-f"
|
||||||
|
docker-compose logs $opt
|
|
@ -0,0 +1,21 @@
|
||||||
|
use this deploy directory to deploy your uci caddy image to a container on a target machine.
|
||||||
|
|
||||||
|
requires docker-compose to be installed
|
||||||
|
copy example.env to .env and edit accordingly
|
||||||
|
decide if you want to bind mount the data and settings directories
|
||||||
|
if so uncomment them in the compose file
|
||||||
|
in the conf/ directory put your conf file and a caddy.pkgs file if needed
|
||||||
|
and either edit the Caddyfile therein or create a .conf file with caddyfile settings
|
||||||
|
|
||||||
|
As to the image used it will either come from a repository (i.e. docker hub) or must be built on this machine.
|
||||||
|
|
||||||
|
If the former then the suggested approach is to copy this directory `deploy` onto the target machine to run caddy and rename it to `caddy`. This means you created a caddy image using this repository (and uci-docker-build) on another machine. See the readme.md. You'll need to use the "publish" script.
|
||||||
|
|
||||||
|
Otherwise you'll need to clone the uci-docker-build repository and install it to this machine first. Then you will need to build a local image. Then use that name in your .env file. This also means instead of running the upgrade command you'll need to run the build command and then restart the container.
|
||||||
|
|
||||||
|
copy example.env to .env and edit accordingly
|
||||||
|
decide if you want to bind mount the data and settings directories
|
||||||
|
if so uncomment them in the compose file
|
||||||
|
in the conf/ directory put your conf file and a caddy.pkgs file if needed
|
||||||
|
and either edit the Caddyfile therein or create a .conf file with caddyfile settings
|
||||||
|
Set the correct IMAGE= for the image you'll be using, either locally build or from a repo.
|
|
@ -0,0 +1,3 @@
|
||||||
|
#!/bin/bash
|
||||||
|
./stop
|
||||||
|
./start
|
|
@ -0,0 +1 @@
|
||||||
|
docker-compose up
|
|
@ -0,0 +1 @@
|
||||||
|
docker-compose down -v
|
|
@ -0,0 +1,5 @@
|
||||||
|
echo upping the max size of the host buffer
|
||||||
|
echo net.core.rmem_max=2500000 | sudo tee -a /etc/sysctl.conf
|
||||||
|
# confirm
|
||||||
|
sudo sysctl -p | grep rmem_max
|
||||||
|
docker-compose up -d
|
|
@ -0,0 +1,4 @@
|
||||||
|
#!/bin/bash
|
||||||
|
./stop
|
||||||
|
docker-compose pull
|
||||||
|
./start
|
|
@ -1,9 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
build=${UDBUILD:-$(command -v udbuild)}
|
|
||||||
if [[ $build ]];then
|
|
||||||
DIR=$(dirname "$(realpath "$BASH_SOURCE")")
|
|
||||||
$build -t dev -e $DIR/build.env "$@"
|
|
||||||
else
|
|
||||||
echo can not find UCI Docker Build script, run ./install from the uci-docker-build repo
|
|
||||||
fi
|
|
||||||
|
|
|
@ -1,4 +0,0 @@
|
||||||
BASE_IMAGE=ucommandit/alpine
|
|
||||||
BUILD_SRC=../src
|
|
||||||
RUSER=ucommandit
|
|
||||||
NAME=caddy
|
|
1
dev/try
1
dev/try
|
@ -1 +0,0 @@
|
||||||
udbuild try -e aws-credentials.env -m opt/caddy -h mnt/caddy -k ucommandit/caddy "$@"
|
|
|
@ -0,0 +1,8 @@
|
||||||
|
# any uncommented packages here in this file
|
||||||
|
# in this directory will be baked into the
|
||||||
|
# published image, alternatively a caddy.pkgs
|
||||||
|
# file in the mounted conf/ directory can add
|
||||||
|
# packages at runtime
|
||||||
|
# github.com/caddy-dns/route53
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,6 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
DIR=$(dirname "$(realpath "$BASH_SOURCE")")
|
DIR=$(dirname "$(realpath "$BASH_SOURCE")")
|
||||||
$DIR/build -t deploy
|
pushd $DIR
|
||||||
|
../build
|
||||||
|
popd
|
||||||
|
|
|
@ -0,0 +1,14 @@
|
||||||
|
# copy to .env and edit to suit
|
||||||
|
NAME=caddy-r53
|
||||||
|
TARGET=publish
|
||||||
|
# change to your dockerub account
|
||||||
|
RUSER=myusername
|
||||||
|
# Will use dockerhub official base alpine image unless used here
|
||||||
|
# BASE_IMAGE=ucommandit/alpine
|
||||||
|
# will find src/ but setting this will speed it up
|
||||||
|
BUILD_SRC=../src
|
||||||
|
# version is latest unless used here
|
||||||
|
# TAG=2.1.5
|
||||||
|
# to bake packages into the image use this
|
||||||
|
# or create caddy.pkgs in the current directory
|
||||||
|
# BUILD_PKGS=r53.pkg
|
28
readme.md
28
readme.md
|
@ -1,8 +1,22 @@
|
||||||
#!/bin/bash
|
|
||||||
clone repo
|
|
||||||
in conf folder edit Caddyfile (or create your own conf) and edit caddy.pkgs
|
|
||||||
|
|
||||||
edit .env accordingly
|
## BUILDING
|
||||||
You can use an image from a repository or build your own locally
|
|
||||||
echo now execute the .run-log script to make sure caddy runs ok.
|
### Testing
|
||||||
then execute the the start script for detached container
|
|
||||||
|
### Publishing
|
||||||
|
|
||||||
|
## DEPLOYING
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
# NOTES
|
||||||
|
|
||||||
|
https://github.com/quic-go/quic-go/wiki/UDP-Receive-Buffer-Size
|
||||||
|
on host persistent increase kernel buffer size
|
||||||
|
echo net.core.rmem_max=2500000 | sudo tee -a /etc/sysctl.conf
|
||||||
|
# confirm
|
||||||
|
sudo sysctl -p | grep rmem_max
|
|
@ -3,10 +3,14 @@
|
||||||
caddy () {
|
caddy () {
|
||||||
|
|
||||||
if [[ ! $CADDY_HOME ]]; then
|
if [[ ! $CADDY_HOME ]]; then
|
||||||
if [[ -f /opt/caddy/caddy.env ]]; then
|
echo caddy run environment is NOT set
|
||||||
source /opt/caddy/caddy.env
|
echo this is an error as the image build should set this
|
||||||
|
echo attempting to recover by sourcing the environment now
|
||||||
|
echo at $ENV_DIR/caddy.env
|
||||||
|
if [[ -f $ENV_DIR/caddy.env ]]; then
|
||||||
|
source $ENV_DIR/caddy.env
|
||||||
else
|
else
|
||||||
echo default environment can not be sourced at /opt/caddy/caddy.env
|
echo default environment can not be sourced at $ENV_DIR/caddy.env
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
@ -15,9 +19,16 @@ fi
|
||||||
[ ! -f "$CADDY_BIN" ] && echo caddy binary file at $CADDY_BIN does not exist && return 1
|
[ ! -f "$CADDY_BIN" ] && echo caddy binary file at $CADDY_BIN does not exist && return 1
|
||||||
[ ! -x "$CADDY_BIN" ] && echo caddy binary file $CADDY_BIN is not executable && return 1
|
[ ! -x "$CADDY_BIN" ] && echo caddy binary file $CADDY_BIN is not executable && return 1
|
||||||
|
|
||||||
|
source $LIB_DIR/caddy.lib
|
||||||
|
|
||||||
case "$1" in
|
case "$1" in
|
||||||
shell)
|
shell)
|
||||||
/bin/bash -c "cd $CADDY_HOME; exec bash -l"
|
shift 1
|
||||||
|
if [[ $# -eq 0 ]]; then
|
||||||
|
/bin/bash -l
|
||||||
|
else
|
||||||
|
/bin/bash -l -c '"$@"' "$0" "$@"
|
||||||
|
fi
|
||||||
;;
|
;;
|
||||||
run)
|
run)
|
||||||
shift 1
|
shift 1
|
||||||
|
@ -29,6 +40,7 @@ case "$1" in
|
||||||
conf=Caddyfile
|
conf=Caddyfile
|
||||||
fi
|
fi
|
||||||
if [[ -f $conf ]]; then
|
if [[ -f $conf ]]; then
|
||||||
|
caddy_add_packages
|
||||||
echo running: $CADDY_BIN run --config $conf --adapter caddyfile
|
echo running: $CADDY_BIN run --config $conf --adapter caddyfile
|
||||||
$CADDY_BIN run --config $conf --adapter caddyfile
|
$CADDY_BIN run --config $conf --adapter caddyfile
|
||||||
else
|
else
|
||||||
|
@ -37,7 +49,7 @@ case "$1" in
|
||||||
fi
|
fi
|
||||||
;;
|
;;
|
||||||
*)
|
*)
|
||||||
$CADDY_BIN/caddy "$@"
|
$CADDY_BIN "$@"
|
||||||
|
|
||||||
esac
|
esac
|
||||||
|
|
|
@ -0,0 +1,3 @@
|
||||||
|
source $ENV_DIR/run.env
|
||||||
|
export ENTRYPOINT_CMD=caddy
|
||||||
|
export ENTRYPOINT_CMD_PATH=$BIN_DIR/caddy
|
|
@ -0,0 +1,6 @@
|
||||||
|
export CADDY_HOME=${CADDY_HOME:-/opt/caddy}
|
||||||
|
export XDG_CONFIG_HOME=$CADDY_HOME/settings
|
||||||
|
export XDG_DATA_HOME=$CADDY_HOME/data
|
||||||
|
export CADDY_CONF=$CADDY_HOME/conf
|
||||||
|
export CADDY_BIN=$CADDY_HOME/bin/caddy
|
||||||
|
export CADDY_LIB=$LIB_DIR/caddy.lib
|
|
@ -0,0 +1,3 @@
|
||||||
|
# will be sourced when "login" action is run via /etc/profile
|
||||||
|
source $ENV_DIR/caddy.env
|
||||||
|
export VOLUME_DIRS="$XDG_CONFIG_HOME $XDG_DATA_HOME $CADDY_CONF"
|
|
@ -1,12 +1,35 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
# set -eu
|
# set -e
|
||||||
echo -e "*************************"
|
echo -e "********** Caddy Setup and Install ***************"
|
||||||
/bin/cp -R -p opt/. /opt
|
if [[ $(env | grep CADDY_LIB) ]]; then
|
||||||
chown -R 1000:1000 /opt
|
mkdir -p $CADDY_HOME 2> /dev/null
|
||||||
# ls -la /opt
|
if [[ -d caddy/ ]]; then
|
||||||
# ls -la /opt/caddy
|
echo "copying caddy/ to $CADDY_HOME"
|
||||||
echo -e "*************************"
|
/bin/cp -R -p caddy/. $CADDY_HOME
|
||||||
source /opt/caddy/caddy.env
|
fi
|
||||||
# || { echo no file /opt/caddy/caddy.env; exit 1; }
|
pushd $CADDY_HOME || exit 2
|
||||||
|
echo making caddy subdirectories $PWD
|
||||||
|
mkdir data conf settings bin 2> /dev/null
|
||||||
|
popd
|
||||||
|
chown -R 1000:1000 $CADDY_HOME
|
||||||
|
echo -e "------------------"
|
||||||
|
echo $CADDY_HOME
|
||||||
|
ls -la $CADDY_HOME
|
||||||
|
echo $CADDY_CONF
|
||||||
|
ls -la $CADDY_CONF
|
||||||
|
echo -e "-------------------"
|
||||||
source $CADDY_LIB
|
source $CADDY_LIB
|
||||||
caddy_install_bin
|
if caddy_install_bin; then
|
||||||
|
caddy_add_packages
|
||||||
|
else
|
||||||
|
echo ERROR: unable to install caddy binary
|
||||||
|
echo Image will not function
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
echo ERROR: caddy build environment not set
|
||||||
|
echo see env/build.env in source directory
|
||||||
|
cat /opt/env/build.env
|
||||||
|
cat /opt/env/run.env
|
||||||
|
echo build aborted
|
||||||
|
fi
|
||||||
|
echo -e "********** Done: Caddy Setup and Install ***************"
|
||||||
|
|
|
@ -0,0 +1,114 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
caddy_add_packages () {
|
||||||
|
local ifile; local bin; local pkgs; local pkg; local ipkgs
|
||||||
|
clean () {
|
||||||
|
local tmp;local tmp2; local append
|
||||||
|
if [[ -f $1 ]]; then
|
||||||
|
tmp=$(sed '/^[[:space:]]*#[^!]/d; /#$/d' $1)
|
||||||
|
else
|
||||||
|
tmp=$1
|
||||||
|
fi
|
||||||
|
echo "$tmp $2" | xargs -n1 | sort -u | xargs | sed "s# # #g"
|
||||||
|
|
||||||
|
}
|
||||||
|
[[ -f $1 ]] && pkgs=" $(clean $1)"
|
||||||
|
[[ $BUILDING && -f $BUILD_DIR/caddy.pkgs ]] && pkgs=$(clean $BUILD_DIR/caddy.pkgs "$pkgs")
|
||||||
|
# echo pkgs after build
|
||||||
|
# echo $pkgs
|
||||||
|
[[ -f $CADDY_CONF/caddy.pkgs ]] && pkgs=$(clean $CADDY_CONF/caddy.pkgs "$pkgs")
|
||||||
|
# echo pkgs after conf
|
||||||
|
# echo $pkgs
|
||||||
|
[[ ! $pkgs ]] && echo "no packages requested, nothing to do" && return 0
|
||||||
|
echo "--- packages requested to install ----"
|
||||||
|
echo $pkgs
|
||||||
|
echo "-----------"
|
||||||
|
ifile=${CADDY_HOME}/bin/installed.pkgs
|
||||||
|
# uncomment for testing
|
||||||
|
# /bin/cp installed.pkgs $ifile
|
||||||
|
[[ -f $ifile ]] && ipkgs=$(clean $ifile)
|
||||||
|
echo "--- currently installed packages ----"
|
||||||
|
[[ $ipkgs ]] && echo $ipkgs || echo NONE
|
||||||
|
echo "-----------"
|
||||||
|
for pkg in $ipkgs; do
|
||||||
|
# echo installed packaged $pkg
|
||||||
|
pkgs=${pkgs/${pkg}/};
|
||||||
|
done
|
||||||
|
[[ ! $(clean $pkgs) ]] && echo "no new packages to add, nothing to do" && return 0
|
||||||
|
echo "--- packages that need adding ----"
|
||||||
|
echo $pkgs
|
||||||
|
echo "-----------"
|
||||||
|
bin=${2:-$CADDY_BIN}
|
||||||
|
bin=${bin:-$(command -v caddy)}
|
||||||
|
# [[ ! $bin ]] && echo no caddy binary found && return 1
|
||||||
|
[[ ! -x $bin ]] && echo ERROR: can not add packages, no caddy binary found at $bin && return 1
|
||||||
|
echo "------- ADDING CADDY PACKAGES ------------"
|
||||||
|
if ! $bin add-package $pkgs >/dev/null 2>&1; then
|
||||||
|
echo Error: Aborting further package installs and reverting to last good binary
|
||||||
|
return 2
|
||||||
|
else
|
||||||
|
echo packages
|
||||||
|
echo $pkgs
|
||||||
|
echo added successfully
|
||||||
|
echo $pkgs >> $CADDY_HOME/bin/installed.pkgs
|
||||||
|
echo "---"
|
||||||
|
echo currently installed packages
|
||||||
|
cat $CADDY_HOME/bin/installed.pkgs
|
||||||
|
echo installed modules from these packages
|
||||||
|
$bin list-modules | sed '1,/Standard modules/d;/Non-standard modules/,$d'
|
||||||
|
echo "-----------------------------------"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
caddy_checksum () {
|
||||||
|
echo "verifying checksum of $2"
|
||||||
|
source $LIB_DIR/github.lib
|
||||||
|
local download=$(github_asset caddyserver caddy $1 caddy_$(echo ${1})_checksums.txt)
|
||||||
|
echo checksum file to download: $download
|
||||||
|
wget -q -O /tmp/caddy_checksum $download
|
||||||
|
# cat /tmp/caddy_checksum
|
||||||
|
local sha=$(grep $2 /tmp/caddy_checksum | cut -d " " -f1)
|
||||||
|
# echo $sha
|
||||||
|
# sha512sum $3
|
||||||
|
# must have TWO spaces in echo command!
|
||||||
|
echo "$sha $3" | sha512sum -c >/dev/null 2>&1;
|
||||||
|
ret=$?
|
||||||
|
rm -r /tmp/caddy_checksum
|
||||||
|
return $ret
|
||||||
|
}
|
||||||
|
|
||||||
|
caddy_install_bin () {
|
||||||
|
echo in caddy binary install
|
||||||
|
local arch; local download; local caddytar
|
||||||
|
source $LIB_DIR/github.lib
|
||||||
|
source $LIB_DIR/getarch.sh
|
||||||
|
arch=$(get_arch)
|
||||||
|
[[ ! $arch ]] && echo unable to determine build architecture && return 1
|
||||||
|
ver=${CADDY_VER:-$(github_latest caddyserver caddy | sed 's/^v//')};
|
||||||
|
[[ ! $ver ]] && echo unable to determine caddy version && return 1
|
||||||
|
echo "---FETCHING AND INSTALLING CADDY BINARY v$ver for $arch ------------"
|
||||||
|
caddytar="caddy_${ver}_linux_${arch}.tar.gz"
|
||||||
|
download=$(github_asset caddyserver caddy $ver $caddytar)
|
||||||
|
echo "github_asset caddyserver caddy $ver $caddytar"
|
||||||
|
echo caddy version: $ver
|
||||||
|
echo caddy tarball: $caddytar
|
||||||
|
echo getting tarball from: $download
|
||||||
|
if wget -q -O /tmp/caddy.tar.gz $download; then
|
||||||
|
if caddy_checksum $ver $caddytar /tmp/caddy.tar.gz; then
|
||||||
|
echo download tarball verified
|
||||||
|
tar x -z -f /tmp/caddy.tar.gz -C $CADDY_HOME/bin caddy
|
||||||
|
rm -f /tmp/caddy.tar.gz
|
||||||
|
chmod +x $CADDY_BIN
|
||||||
|
setcap cap_net_bind_service=+ep $CADDY_BIN
|
||||||
|
chmod +x $CADDY_BIN
|
||||||
|
echo "caddy binary successfully installed version: $($CADDY_BIN version)"
|
||||||
|
else
|
||||||
|
echo file "$download failed checksum, install terminated"
|
||||||
|
return 2
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
echo failed to fetch $download, install terminated
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
echo "----------------------------------"
|
||||||
|
}
|
|
@ -0,0 +1,22 @@
|
||||||
|
|
||||||
|
|
||||||
|
get_arch () {
|
||||||
|
local arch
|
||||||
|
arch=$(uname -m)
|
||||||
|
[[ ! $arch ]] && return 1
|
||||||
|
case $arch in
|
||||||
|
x86_64) binArch='amd64' ;;
|
||||||
|
armhf) binArch='armv6' ;;
|
||||||
|
armv7) binArch='armv7' ;;
|
||||||
|
aarch64) binArch='arm64' ;;
|
||||||
|
ppc64el|ppc64le) binArch='ppc64le' ;;
|
||||||
|
s390x) binArch='s390x' ;;
|
||||||
|
.*386.*) binArch='amd32' ;;
|
||||||
|
*) return 2 ;;\
|
||||||
|
esac;
|
||||||
|
echo $binArch
|
||||||
|
}
|
||||||
|
|
||||||
|
(return 0 2>/dev/null) || get_arch
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,29 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
export GITHUB_REPOS=https://api.github.com/repos
|
||||||
|
|
||||||
|
github_latest() {
|
||||||
|
local endpoint=$GITHUB_REPOS/$1/$2/releases/latest
|
||||||
|
local auth; local res
|
||||||
|
[[ $GITHUB_TOKEN ]] && auth="-u $GITHUB_USER:$GITHUB_TOKEN"
|
||||||
|
if ! res=$(curl $auth -s $endpoint); then
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
echo $res| jq .name -r
|
||||||
|
}
|
||||||
|
|
||||||
|
github_asset () {
|
||||||
|
# user repo version asset
|
||||||
|
|
||||||
|
asset_url=$(curl -s "$GITHUB_REPOS/$1/$2/releases/tags/v$3" \
|
||||||
|
| jq --arg aname "$4" -r '.assets[] | select(.name == $aname).browser_download_url' \
|
||||||
|
| head -1)
|
||||||
|
|
||||||
|
if [ -z "${asset_url}" ]; then
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo $asset_url
|
||||||
|
|
||||||
|
}
|
||||||
|
|
|
@ -1,6 +0,0 @@
|
||||||
export CADDY_HOME="$(realpath $(dirname ${BASH_SOURCE[0]}))"
|
|
||||||
export XDG_CONFIG_HOME=$CADDY_HOME/config
|
|
||||||
export XDG_DATA_HOME=$CADDY_HOME/data
|
|
||||||
export CADDY_CONF=$CADDY_HOME/conf
|
|
||||||
export CADDY_BIN=$CADDY_HOME/bin/caddy
|
|
||||||
export CADDY_LIB=$CADDY_HOME/caddy.lib
|
|
|
@ -1,64 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
caddy_add_packages () {
|
|
||||||
local bin; local repos; local pkgs; local pkg
|
|
||||||
[[ ! -f $1 ]] && echo "cannot find file $1 of packages, nothing to add" && return 0
|
|
||||||
bin=${2:-$CADDY_BIN}
|
|
||||||
bin=${bin:-$(command -v caddy)}
|
|
||||||
[[ ! $bin ]] && echo no caddy binary found && return 1
|
|
||||||
pkgs=$(sed '/^[[:space:]]*#[^!]/d; /#$/d' $1)
|
|
||||||
echo caddy pkgs to be added:
|
|
||||||
echo $pkgs
|
|
||||||
if ! $bin add-package $pkgs >/dev/null 2>&1; then
|
|
||||||
echo Error: Aborting further package installs and reverting to last good binary
|
|
||||||
return 2
|
|
||||||
else
|
|
||||||
echo packages added successfully
|
|
||||||
$bin list-modules | grep -E -A15 "Standard modules:"
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
|
|
||||||
caddy_checksum () {
|
|
||||||
echo "verifying checksum of $2"
|
|
||||||
source /opt/scripts/github.lib
|
|
||||||
local download=$(github_asset caddyserver caddy $1 caddy_$(echo ${1})_checksums.txt)
|
|
||||||
echo checksum file to download: $download
|
|
||||||
wget -q -O /tmp/caddy_checksum $download
|
|
||||||
# cat /tmp/caddy_checksum
|
|
||||||
local sha=$(grep $2 /tmp/caddy_checksum | cut -d " " -f1)
|
|
||||||
# echo $sha
|
|
||||||
# sha512sum $3
|
|
||||||
# must have TWO spaces in echo command!
|
|
||||||
echo "$sha $3" | sha512sum -c >/dev/null 2>&1;
|
|
||||||
ret=$?
|
|
||||||
rm -r /tmp/caddy_checksum
|
|
||||||
return $ret
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
caddy_install_bin () {
|
|
||||||
|
|
||||||
source /opt/scripts/github.lib
|
|
||||||
arch=$(/opt/scripts/getarch.sh)
|
|
||||||
ver=${CADDY_VER:-$(github_latest caddyserver caddy | sed 's/^v//')}
|
|
||||||
caddytar="caddy_${ver}_linux_${arch}.tar.gz"
|
|
||||||
download=$(github_asset caddyserver caddy $ver $caddytar)
|
|
||||||
# echo "github_asset caddyserver caddy $ver $caddytar"
|
|
||||||
echo caddy version: $ver
|
|
||||||
echo caddy tarball: $caddytar
|
|
||||||
echo getting tarball from: $download
|
|
||||||
wget -q -O /tmp/caddy.tar.gz $download
|
|
||||||
if caddy_checksum $ver $caddytar /tmp/caddy.tar.gz; then
|
|
||||||
echo download tarball verified
|
|
||||||
tar x -z -f /tmp/caddy.tar.gz -C $CADDY_HOME/bin caddy
|
|
||||||
rm -f /tmp/caddy.tar.gz
|
|
||||||
chmod +x $CADDY_BIN
|
|
||||||
setcap cap_net_bind_service=+ep $CADDY_BIN
|
|
||||||
chmod +x $CADDY_BIN
|
|
||||||
$CADDY_BIN version
|
|
||||||
if ! caddy_add_packages $CADDY_CONF/caddy.pkgs; then
|
|
||||||
return 4
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
}
|
|
|
@ -1,8 +1,8 @@
|
||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
echo install packages for alpine caddy
|
echo install packages for alpine caddy
|
||||||
apk update; apk upgrade;
|
apk update; apk upgrade;
|
||||||
apk add --no-cache ca-certificates libcap mailcap git jq bash curl
|
# note: shadow, bash, bash-completion coreutils are installed by default for alpine
|
||||||
# wget -O /etc/caddy/Caddyfile "https://github.com/caddyserver/dist/raw/{{ .config.dist_commit }}/config/Caddyfile"; \
|
apk add --no-cache --no-progress ca-certificates libcap mailcap git jq bash curl
|
||||||
# wget -O /usr/share/caddy/index.html "https://github.com/caddyserver/dist/raw/{{ .config.dist_commit }}/welcome/index.html"
|
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1 @@
|
||||||
|
../build -e test.env $@
|
|
@ -0,0 +1 @@
|
||||||
|
udbuild try -e test.env -m /opt/caddy/conf -h conf caddy $@
|
|
@ -0,0 +1,4 @@
|
||||||
|
# build packages
|
||||||
|
github.com/caddy-dns/route53
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,5 @@
|
||||||
|
# copy this to .env and edit to suit
|
||||||
|
# create a test.conf file in conf/
|
||||||
|
CONF=test
|
||||||
|
# specific to route 53
|
||||||
|
CREDENTIALS=/path/to/aws-credentials.env
|
|
@ -0,0 +1,13 @@
|
||||||
|
*.mydomain.net {
|
||||||
|
|
||||||
|
tls email@gmail.com {
|
||||||
|
dns route53 {
|
||||||
|
max_retries 10
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
@portainerr host docker.mydomain.net
|
||||||
|
handle @portainer {
|
||||||
|
reverse_proxy 10.0.0.5:9000
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,3 @@
|
||||||
|
github.com/caddy-dns/route53
|
||||||
|
# comment lines are ignored thus a way to disable a package on build
|
||||||
|
# github.com/greenpau/caddy-security
|
|
@ -0,0 +1,13 @@
|
||||||
|
*.seldon.kebler.net {
|
||||||
|
|
||||||
|
tls kebler.net@gmail.com {
|
||||||
|
dns route53 {
|
||||||
|
max_retries 10
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
@docker host docker.seldon.kebler.net
|
||||||
|
handle @docker {
|
||||||
|
reverse_proxy seldon.kebler.net:9016
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,29 @@
|
||||||
|
services:
|
||||||
|
caddy:
|
||||||
|
container_name: caddy-testing
|
||||||
|
image: testing/caddy
|
||||||
|
# if no $CONF is given then Caddyfile in ${PWD}/conf:/opt/caddy/conf will be used
|
||||||
|
command: caddy run ${CONF}
|
||||||
|
hostname: caddy-testing
|
||||||
|
env_file:
|
||||||
|
# this environment file is specific to route53
|
||||||
|
- $CREDENTIALS
|
||||||
|
volumes:
|
||||||
|
- conf:/opt/caddy/conf
|
||||||
|
- opt:/opt
|
||||||
|
ports:
|
||||||
|
- 80:80
|
||||||
|
- 443:443
|
||||||
|
- 2019:2019
|
||||||
|
|
||||||
|
volumes:
|
||||||
|
conf:
|
||||||
|
driver_opts:
|
||||||
|
type: none
|
||||||
|
device: ${PWD}/conf
|
||||||
|
o: bind
|
||||||
|
opt:
|
||||||
|
driver_opts:
|
||||||
|
type: none
|
||||||
|
device: ${PWD}/opt
|
||||||
|
o: bind
|
|
@ -0,0 +1 @@
|
||||||
|
udbuild try -e test.env -m /opt/caddy/conf -h conf -s list-packages
|
|
@ -0,0 +1,5 @@
|
||||||
|
echo "**** caddy packages installed *******"
|
||||||
|
cat /opt/caddy/bin/installed.pkgs
|
||||||
|
echo "------- corresponding modules ------"
|
||||||
|
caddy list-modules | sed '1,/Standard modules/d;/Non-standard modules/,$d'
|
||||||
|
echo "*****************************"
|
|
@ -0,0 +1 @@
|
||||||
|
udbuild try -e test.env -m /opt/caddy/conf -h conf shell $@
|
|
@ -0,0 +1,7 @@
|
||||||
|
# if no image run ./build first
|
||||||
|
if docker image inspect testing/caddy >/dev/null 2>&1 ;then
|
||||||
|
docker-compose ${@:-up}
|
||||||
|
else
|
||||||
|
./build -e test -t default -p
|
||||||
|
docker-compose ${@:-up}
|
||||||
|
fi
|
|
@ -0,0 +1,7 @@
|
||||||
|
#
|
||||||
|
# BASE_IMAGE=uci-base-alpine
|
||||||
|
BUILD_SRC=../src
|
||||||
|
RUSER=testing
|
||||||
|
NAME=caddy
|
||||||
|
BUILD_CADDY_CONF=true
|
||||||
|
# TARGET=dev
|
Loading…
Reference in New Issue