Compare commits
75 Commits
f8762ed06c
...
73ff6292cf
| Author | SHA1 | Date | |
|---|---|---|---|
| 73ff6292cf | |||
| 4f7abe45c3 | |||
| d6ae6a03ac | |||
| 1c7fc9fbda | |||
| ab178c9b5a | |||
| 4aab974d50 | |||
| a331fa1519 | |||
| f06bd59a7c | |||
| f62d773556 | |||
| f8c80670df | |||
| 2d3a376ff7 | |||
| be38484a23 | |||
| 5de624ae12 | |||
| 0f3a12a87d | |||
| 644939779e | |||
| 302f5fd32d | |||
| adef02452e | |||
| 2a2bf3d8ae | |||
| cd985561af | |||
| 5b117b9057 | |||
| ab5e8d8fe6 | |||
| 3ab84b2037 | |||
| 22cc3c1392 | |||
| c886dc64f6 | |||
| d6e4224bac | |||
| 44ea5c657d | |||
| 6c40c0b228 | |||
| 63871a2d45 | |||
| 1711733072 | |||
| 6992c8f07b | |||
| 4cae82c200 | |||
| 3937b36892 | |||
| 57b68d747e | |||
| 962e96ee07 | |||
| 77365cb512 | |||
| f1e9936bf9 | |||
| d0a6d2e0a9 | |||
| 1772d4da54 | |||
| dd10ef93a0 | |||
| 842be469b5 | |||
| df8d1e0e43 | |||
| 132c6c5288 | |||
| a835dfba04 | |||
| 62f5de810e | |||
| 108e10a545 | |||
| 16c606af39 | |||
| 7b444e62d9 | |||
| 9381244bd0 | |||
| d4890e6c13 | |||
| 560056d503 | |||
| 37b7013655 | |||
| 05506a75ad | |||
| 1b4032acc3 | |||
| 011ef949fe | |||
| 80f014b5ff | |||
| f1f194c184 | |||
| 55a5d94300 | |||
| f8c4f60a2d | |||
| 5401e6a6e7 | |||
| a5c5d1cc2f | |||
| 32d3b66115 | |||
| 884f55e784 | |||
| f0a5d00b7c | |||
| 3a382278d4 | |||
| 4d1c5fb7c5 | |||
| f643161c0d | |||
| 7560d525c3 | |||
| 1ad05d7a83 | |||
| 38a95848eb | |||
| 122ce374ff | |||
| 550effdd16 | |||
| 2b5962c4b8 | |||
| c4f27d6626 | |||
| fdf5e79a2d | |||
| fa60ea5b65 |
@@ -1,3 +0,0 @@
|
||||
FROM thecatlady/webhook:2.8.0
|
||||
USER root
|
||||
RUN apk add --no-cache git docker-cli bash
|
||||
@@ -1,25 +1,25 @@
|
||||
#!/bin/sh
|
||||
set -e
|
||||
# test test
|
||||
|
||||
cd /docker/Bruchtal
|
||||
# test XDG_RUNTIME_DIR
|
||||
|
||||
cd /workspace
|
||||
|
||||
echo "==> Pulling latest changes"
|
||||
git pull
|
||||
|
||||
echo "==> Checking for changed markdown files"
|
||||
echo "==> Checking for new or modified Markdown files"
|
||||
# A = Added, M = Modified
|
||||
changed=$(git diff --name-status HEAD~1 HEAD | grep -E '^[AM]\s.*(\.md$|mkdocs\.yml$)' | awk '{print $2}' || true)
|
||||
|
||||
# Liste der Dateien im letzten Commit
|
||||
CHANGED_FILES=$(git diff --name-only HEAD@{1} HEAD)
|
||||
|
||||
echo "$CHANGED_FILES"
|
||||
|
||||
# Prüfen ob .md Datei enthalten ist
|
||||
if echo "$CHANGED_FILES" | grep -qE '\.md$'; then
|
||||
echo "==> Markdown changes detected. Restarting container..."
|
||||
if [ -n "$changed" ]; then
|
||||
echo "Markdown changes detected:"
|
||||
echo "$changed"
|
||||
echo "==> Restarting bruchtal-docs container"
|
||||
cd /workspace
|
||||
docker restart bruchtal-docs
|
||||
else
|
||||
echo "==> No markdown changes detected. Skipping restart."
|
||||
echo "No Markdown changes detected. Skipping restart."
|
||||
fi
|
||||
|
||||
echo "==> Deploy finished"
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
version: "3.8"
|
||||
|
||||
|
||||
services:
|
||||
adguardhome:
|
||||
|
||||
8
docker/bruchtal-webhook/deploy/Dockerfile
Normal file
8
docker/bruchtal-webhook/deploy/Dockerfile
Normal file
@@ -0,0 +1,8 @@
|
||||
FROM thecatlady/webhook:2.8.0
|
||||
|
||||
USER root
|
||||
|
||||
RUN apk add --no-cache git docker-cli bash openssh-client docker-compose
|
||||
|
||||
RUN mkdir -p /root/.ssh && \
|
||||
ssh-keyscan 192.168.178.204 >> /root/.ssh/known_hosts
|
||||
@@ -9,4 +9,11 @@ services:
|
||||
- /docker/Bruchtal:/workspace
|
||||
- /docker/Bruchtal/deploy/hooks.json:/hooks/hooks.json:ro
|
||||
- /var/run/docker.sock:/var/run/docker.sock
|
||||
command: ["-hooks", "/hooks/hooks.json", "-verbose", "-port", "9001", "-ip", "0.0.0.0"]
|
||||
- /root/.ssh:/root/.ssh:ro
|
||||
command: ["-hooks", "/hooks/hooks.json", "-verbose", "-port", "9001", "-ip", "0.0.0.0"]
|
||||
networks:
|
||||
- bruchtal-net
|
||||
|
||||
networks:
|
||||
bruchtal-net:
|
||||
external: true
|
||||
|
||||
11
docker/caddy/docker-compose.yml
Normal file
11
docker/caddy/docker-compose.yml
Normal file
@@ -0,0 +1,11 @@
|
||||
services:
|
||||
caddy:
|
||||
image: caddy:latest
|
||||
container_name: caddy
|
||||
restart: unless-stopped
|
||||
network_mode: host
|
||||
volumes:
|
||||
- /docker/caddy/config/Caddyfile:/etc/caddy/Caddyfile:ro
|
||||
- /docker/caddy/data:/data
|
||||
- /docker/caddy/ca/rootCA.crt:/etc/ssl/certs/rootCA.crt
|
||||
- /docker/caddy/ca/rootCA.key:/etc/ssl/private/rootCA.key
|
||||
@@ -1,5 +1,3 @@
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
server:
|
||||
image: gitea/gitea:1.24
|
||||
|
||||
@@ -1,4 +1,3 @@
|
||||
version: "2.1"
|
||||
services:
|
||||
heimdall:
|
||||
image: lscr.io/linuxserver/heimdall:latest
|
||||
|
||||
11
docker/kea/docker-compose.yml
Normal file
11
docker/kea/docker-compose.yml
Normal file
@@ -0,0 +1,11 @@
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
kea-dhcp4:
|
||||
image: serhiymakarenko/isc-kea-dhcp4-server:latest
|
||||
container_name: kea-dhcp4
|
||||
restart: unless-stopped
|
||||
network_mode: host
|
||||
volumes:
|
||||
- /home/christian/docker/kea/config:/etc/kea:ro
|
||||
- /home/christian/docker/kea/leases:/var/lib/kea
|
||||
26
docker/portainer/docker-compose.yml
Normal file
26
docker/portainer/docker-compose.yml
Normal file
@@ -0,0 +1,26 @@
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
portainer:
|
||||
image: portainer/portainer-ce:latest
|
||||
container_name: bruchtal-portainer
|
||||
restart: unless-stopped
|
||||
ports:
|
||||
- "9000:9000" # Webinterface
|
||||
volumes:
|
||||
- /docker/Daten/portainer-data:/data:rw
|
||||
- /etc/localtime:/etc/localtime:ro
|
||||
depends_on:
|
||||
- portainer_agent
|
||||
|
||||
portainer_agent:
|
||||
image: portainer/agent:latest
|
||||
container_name: bruchtal-portainer-agent
|
||||
restart: unless-stopped
|
||||
environment:
|
||||
AGENT_CLUSTER_ADDR: tasks.portainer_agent
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock:rw # nötig für Containersteuerung
|
||||
- /etc/localtime:/etc/localtime:ro
|
||||
ports:
|
||||
- "9001:9001" # Agent Port
|
||||
@@ -1,4 +1,3 @@
|
||||
version: "2.1"
|
||||
services:
|
||||
wikijs:
|
||||
image: linuxserver/wikijs:2.5.312
|
||||
|
||||
@@ -20,3 +20,10 @@ cd /docker/Bruchtal/docker/adguardhome
|
||||
git pull
|
||||
docker compose pull
|
||||
docker compose up -d
|
||||
```
|
||||
|
||||
## aktuelles Skript
|
||||
|
||||
```snippet
|
||||
--8<-- "/docs/docker/adguardhome/docker-compose.yml"
|
||||
```
|
||||
|
||||
@@ -0,0 +1,33 @@
|
||||
# 🏗 Bruchtal Docker-Architektur
|
||||
|
||||
## Übersicht
|
||||
|
||||
Die Bruchtal-Infrastruktur läuft vollständig containerisiert auf einer VM.
|
||||
Alle Dienste kommunizieren über ein dediziertes Docker-Netzwerk, nutzen Git zur Versionierung und automatisches Deploy über Webhooks.
|
||||
|
||||
**Hauptkomponenten:**
|
||||
|
||||
| Service | Containername | Funktion |
|
||||
|----------------|-------------------|---------|
|
||||
| Gitea | `gitea` | Git-Server für Infrastruktur & Dokumentation |
|
||||
| Wiki.js | `wikijs` | Wissensmanagement & Dokumentation |
|
||||
| MkDocs | `bruchtal-docs` | Statische Markdown-Dokumentation |
|
||||
| Webhook | `bruchtal-webhook`| Automatisches Deploy bei Git Push |
|
||||
| Docker Host | VM | Plattform für alle Container |
|
||||
|
||||
---
|
||||
|
||||
## 🔗 Netzwerke
|
||||
|
||||
Alle Container laufen im **gemeinsamen Docker-Netzwerk** `bruchtal-net`:
|
||||
|
||||
- Kommunikation per Service-Namen (`gitea`, `bruchtal-webhook`)
|
||||
- Keine Abhängigkeit von Host-IP
|
||||
- Isoliert von anderen VM-Netzwerken
|
||||
|
||||
Beispiel Docker-Compose-Netzwerkdefinition:
|
||||
|
||||
```yaml
|
||||
networks:
|
||||
bruchtal-net:
|
||||
external: true
|
||||
|
||||
@@ -20,4 +20,11 @@ cd /docker/Bruchtal/docker/heimdall
|
||||
git pull
|
||||
docker compose pull
|
||||
docker compose up -d
|
||||
``
|
||||
```
|
||||
|
||||
|
||||
## aktuelles Skript
|
||||
|
||||
```snippet
|
||||
--8<-- "/docs/docker/heimdall/docker-compose.yml"
|
||||
```
|
||||
|
||||
@@ -16,4 +16,10 @@ cd /docker/Bruchtal/docker/it-tools
|
||||
git pull
|
||||
docker compose pull
|
||||
docker compose up -d
|
||||
``
|
||||
```
|
||||
|
||||
## aktuelles Skript
|
||||
|
||||
```snippet
|
||||
--8<-- "/docs/docker/it-tools/docker-compose.yml"
|
||||
```
|
||||
|
||||
@@ -21,4 +21,10 @@ cd /docker/Bruchtal/docker/wikijs
|
||||
git pull
|
||||
docker compose pull
|
||||
docker compose up -d
|
||||
``
|
||||
```
|
||||
|
||||
## aktuelles Skript
|
||||
|
||||
```snippet
|
||||
--8<-- "/docs/docker/wikijs/docker-compose.yml"
|
||||
```
|
||||
|
||||
36
docs/workflows/adguard-kea-caddy.md
Normal file
36
docs/workflows/adguard-kea-caddy.md
Normal file
@@ -0,0 +1,36 @@
|
||||
# DNS - DHCP Konfiguration
|
||||
|
||||
## Anmerkungen zu AdGuardHome
|
||||
- die Konfiguration findet in der adguard/config/AdGuardHome.yaml statt.
|
||||
**Problem**: dummerweise überschreibt die GUI diese bei jedem Start gnadenlos.
|
||||
- Blaupause liegt in /docker/AdguardHome.yaml bzw. s.u.
|
||||
- Entscheidend: dhcp_enabled: false
|
||||
- bevor Adguard neu gestartet wird die Blaupause in den config-Ordner kopieren
|
||||
- neue Einträge:
|
||||
-- WebUI aufrufen (http://192.168.178.204:3001)
|
||||
-- Filters => DNS-Rewrites
|
||||
-- dort name und IP eintragen
|
||||
-- Container **NICHT** neu starten!
|
||||
|
||||
### aktuelles Skript
|
||||
```snippet
|
||||
--8<-- "/docs/docker/adguardhome/docker-compose.yml"
|
||||
```
|
||||
|
||||
|
||||
|
||||
## Anmerkungen zu Kea:
|
||||
- DHCP-Server, bewusst in der IPv4-Version. IPv6 ist komplett abgestellt, ausser auf der FB für DSlite.
|
||||
### aktuelles Skript
|
||||
```snippet
|
||||
--8<-- "/docs/docker/kea-dhcp4/docker-compose.yml"
|
||||
```
|
||||
|
||||
|
||||
## Anmerkungen zu caddy
|
||||
- Reverse-Proxy für internes HTTPS
|
||||
- Problem: rootCA.crt muss auf dem Client vorhanden sein damit der Browserzugriff funktioniert. Ist ein Browserproblme, eins von DNS verursachtes
|
||||
### aktuelles Skript
|
||||
```snippet
|
||||
--8<-- "/docs/docker/caddy/docker-compose.yml"
|
||||
```
|
||||
@@ -7,7 +7,6 @@ Ziel:
|
||||
- Alles versioniert in Git
|
||||
- Reproduzierbare Deployments
|
||||
- Dokumentation immer synchron zur Infrastruktur
|
||||
|
||||
---
|
||||
|
||||
## Grundprinzip
|
||||
@@ -18,9 +17,18 @@ Die VM ist nur noch Laufzeitumgebung.
|
||||
|
||||
1. Lokal ändern, egal was
|
||||
2. Committen & Pushen
|
||||
3. Auf VM pullen
|
||||
3. der Pull auf der VM wird automatisch über einen Webhook ausgeführt
|
||||
4. Container neu starten
|
||||
|
||||
```mermaid
|
||||
flowchart LR
|
||||
Dev -->|git push| Gitea
|
||||
Gitea -->|POST Hook| Webhook
|
||||
Webhook -->|git pull| Workspace
|
||||
Workspace -->|Markdown changes| MkDocs
|
||||
MkDocs -->|serve| Browser
|
||||
```
|
||||
|
||||
---
|
||||
|
||||
## Workflow "neuer Container"
|
||||
@@ -34,7 +42,6 @@ Die VM ist nur noch Laufzeitumgebung.
|
||||
- commit mit Message `"infra(<Containername>): docker-compose.yml neu angelegt"`
|
||||
- push
|
||||
|
||||
|
||||
### neuen Container dokumentieren
|
||||
- `Bruchtal/docs/<Containername>` anlegen
|
||||
- `Bruchtal/docs/<Containername>/<Containername>.md` anlegen
|
||||
|
||||
2
docs/workflows/test.md
Normal file
2
docs/workflows/test.md
Normal file
@@ -0,0 +1,2 @@
|
||||
## test2
|
||||
|
||||
34
mkdocs.yml
34
mkdocs.yml
@@ -10,16 +10,44 @@ nav:
|
||||
- Übersicht: index.md
|
||||
- Workflows:
|
||||
- Docker-workflow: workflows/docker-workflow.md
|
||||
- Adguardhome-Kea-Caddy: workflows/adguard-kea-caddy.md
|
||||
- Netzwerk:
|
||||
- Topologie: network/topology.md
|
||||
- Tunnel: network/tunnel.md
|
||||
- Proxmox:
|
||||
- VMs: proxmox/vms.md
|
||||
- Docker:
|
||||
- Docker:
|
||||
- Architektur: docker/architecture.md
|
||||
- Adguardhome: docker/adguardhome/adguardhome.md
|
||||
- Wikijs: docker/wikijs/wikijs.md
|
||||
- Architektur: docker/architecture.md
|
||||
- It-Tools: docker/it-tools/it-tools.md
|
||||
- Heimdall: docker/heimdall/heimdall.md
|
||||
|
||||
- Backup_Storage:
|
||||
- Backup: backup/backup.md
|
||||
- Storage: backup/storage.md
|
||||
- Storage: backup/storage.md
|
||||
|
||||
|
||||
markdown_extensions:
|
||||
- pymdownx.highlight
|
||||
- pymdownx.snippets:
|
||||
check_paths: false
|
||||
- pymdownx.tasklist
|
||||
- pymdownx.tabbed
|
||||
- pymdownx.mark
|
||||
- pymdownx.tilde
|
||||
- pymdownx.critic
|
||||
- pymdownx.inlinehilite
|
||||
- pymdownx.details
|
||||
- pymdownx.keys
|
||||
- pymdownx.emoji
|
||||
- pymdownx.betterem
|
||||
- pymdownx.caret
|
||||
- pymdownx.mark
|
||||
- pymdownx.smartsymbols
|
||||
- pymdownx.magiclink
|
||||
- pymdownx.superfences:
|
||||
custom_fences:
|
||||
- name: mermaid
|
||||
class: mermaid
|
||||
format: !!python/name:pymdownx.superfences.fence_code_format
|
||||
Reference in New Issue
Block a user