Hier liegt die Konfiguration der grundlegenden Infrastruktur auf Grundlage von Ansible & Kubernetes.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
Moritz Marquardt dd853a0a5b
Fix everything that broke during first real-world deployment
7 months ago
..
config Fix everything that broke during first real-world deployment 7 months ago
.env.example Make Makefiles more universal & clean up everything 7 months ago
.gitignore Add services for Docker Stack 7 months ago
Makefile Fix everything that broke during first real-world deployment 7 months ago
README.md Make Makefiles more universal & clean up everything 7 months ago
auth.yaml Fix everything that broke during first real-world deployment 7 months ago
cloud.yaml Add TODOs for backups & clustering 7 months ago
email.yaml Fix everything that broke during first real-world deployment 7 months ago
homepage.yaml Make Traefik work with Docker Swarm 7 months ago
matrix.yaml Fix everything that broke during first real-world deployment 7 months ago
password-manager.yaml Make password manager work 7 months ago
system.yaml Fix everything that broke during first real-world deployment 7 months ago
wiki.yaml Fix everything that broke during first real-world deployment 7 months ago

README.md

How to: deploy services

Create an isolated user for deployment

The user running make will temporarily have access to the whole cluster. For that reason, it is recommended to use an isolated user account on your local system; the udev rules are required to use FIDO2/U2F tokens with SSH.

sudo useradd -M -s /usr/sbin/nologin -G plugdev -d /var/swarm-deployment swarm-deployment
sudo install -d -m 700 -o swarm-deployment /var/swarm-deployment
echo 'TAG=="security-device", GROUP="plugdev"' | sudo tee /etc/udev/rules.d/fido-plugdev.rules

Then, for all make commands, prefix them with this (creating an alias swarm-make in your .bashrc is recommended):

SSH_KEY="$(cat ~/.ssh/id_ecdsa_sk)" sudo --preserve-env=SSH_KEY -Hu swarm-deployment make

Deploy or remove one or multiple services

swarm-make [service].up|down [...] clean

Deploy everything as intended

swarm-make everything