alexlebens/legacy-docker-compose
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

init

Browse Source
This commit is contained in:
Alex Lebens
2023-09-26 18:14:36 -06:00
commit fb5a0fc542
443 changed files with 21892 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

110
StepCA/.drone.yml Normal file
View File

@@ -0,0 +1,110 @@
---
kind: pipeline
type: docker
name: deploy
environment:
PACKAGE: StepCA
URL: stepca.alexlebens.net
steps:
- name: Tests
image: ps03fd.alexlebens.net:5000/droneimage:latest
commands:
- /scripts/tests.sh
- name: Nofification > Discord | Tests - Failure
image: appleboy/drone-discord
settings:
webhook_id:
from_secret: discord_webhook_id
webhook_token:
from_secret: discord_webhook_token
username: DroneCI - ps03fd
message: Docker compose validation for Template failed.
when:
status:
- failure
- name: Configuration
image: ps03fd.alexlebens.net:5000/droneimage:latest
commands:
- mkdir ~/.ssh/
- echo "$SSH_KEY" > ~/.ssh/id_rsa
- chmod 600 ~/.ssh/id_rsa
- ssh-keyscan -H $HOST_IP >> ~/.ssh/known_hosts
- /scripts/configuration.sh
environment:
SSH_KEY:
from_secret: ssh_key_ps03fd_drone
DOCKER_HOST:
from_secret: docker_host_ps03fd
HOST_IP:
from_secret: host_ip_ps03fd
UPTIMEKUMA_NAME:
from_secret: uptimekuma_name
UPTIMEKUMA_PASSWORD:
from_secret: uptimekuma_password
UPTIMEKUMA_URL:
from_secret: uptimekuma_url
when:
branch:
- main
- name: Nofification > Discord | Configuration - Failure
image: appleboy/drone-discord
settings:
webhook_id:
from_secret: discord_webhook_id
webhook_token:
from_secret: discord_webhook_token
username: DroneCI - ps03fd
message: Configuration for Template failed.
when:
status:
- failure
- name: Deploy
image: ps03fd.alexlebens.net:5000/droneimage:latest
commands:
- mkdir ~/.ssh/
- echo "$SSH_KEY" > ~/.ssh/id_rsa
- chmod 600 ~/.ssh/id_rsa
- ssh-keyscan -H $HOST_IP >> ~/.ssh/known_hosts
- /scripts/deploy.sh
environment:
SSH_KEY:
from_secret: ssh_key_ps03fd_drone
DOCKER_HOST:
from_secret: docker_host_ps03fd
HOST_IP:
from_secret: host_ip_ps03fd
when:
branch:
- main
- name: Nofification > Discord | Deploy - Success
image: appleboy/drone-discord
settings:
webhook_id:
from_secret: discord_webhook_id
webhook_token:
from_secret: discord_webhook_token
username: DroneCI - ps03fd
message: Docker compose deployment for Template succeeded
when:
status:
- sucess
- name: Nofification > Discord | Deploy - Failure
image: appleboy/drone-discord
settings:
webhook_id:
from_secret: discord_webhook_id
webhook_token:
from_secret: discord_webhook_token
username: DroneCI - ps03fd
message: Docker compose deployment for Template failed.
when:
status:
- failure

6
StepCA/.env Normal file
View File

@@ -0,0 +1,6 @@
DOCKER_STEPCA_INIT_NAME=Smallstep
DOCKER_STEPCA_INIT_DNS_NAMES=ps03fd.alexlebens.net,ps03fd,pd04wd
DOCKER_STEPCA_INIT_REMOTE_MANAGEMENT=true
DOCKER_STEPCA_INIT_PROVISIONER_NAME=alexlebens
DOCKER_STEPCA_INIT_SSH=true
DOCKER_STEPCA_INIT_ACME=true

89
StepCA/Files/step_server/config/ca.json Normal file
View File

@@ -0,0 +1,89 @@
{
"root": "/home/step/certs/root_ca.crt",
"federatedRoots": null,
"crt": "/home/step/certs/intermediate_ca.crt",
"key": "/home/step/secrets/intermediate_ca_key",
"address": ":9040",
"insecureAddress": "",
"dnsNames": [
"stepca.alexlebens.net"
],
"ssh": {
"hostKey": "/home/step/secrets/ssh_host_ca_key",
"userKey": "/home/step/secrets/ssh_user_ca_key"
},
"logger": {
"format": "text"
},
"db": {
"type": "badgerv2",
"dataSource": "/home/step/db",
"badgerFileLoadingMode": ""
},
"authority": {
"enableAdmin": true
},
"tls": {
"cipherSuites": [
"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256",
"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256"
],
"minVersion": 1.2,
"maxVersion": 1.3,
"renegotiation": false
},
"templates": {
"ssh": {
"user": [
{
"name": "config.tpl",
"type": "snippet",
"template": "templates/ssh/config.tpl",
"path": "~/.ssh/config",
"comment": "#"
},
{
"name": "step_includes.tpl",
"type": "prepend-line",
"template": "templates/ssh/step_includes.tpl",
"path": "${STEPPATH}/ssh/includes",
"comment": "#"
},
{
"name": "step_config.tpl",
"type": "file",
"template": "templates/ssh/step_config.tpl",
"path": "ssh/config",
"comment": "#"
},
{
"name": "known_hosts.tpl",
"type": "file",
"template": "templates/ssh/known_hosts.tpl",
"path": "ssh/known_hosts",
"comment": "#"
}
],
"host": [
{
"name": "sshd_config.tpl",
"type": "snippet",
"template": "templates/ssh/sshd_config.tpl",
"path": "/etc/ssh/sshd_config",
"comment": "#",
"requires": [
"Certificate",
"Key"
]
},
{
"name": "ca.tpl",
"type": "snippet",
"template": "templates/ssh/ca.tpl",
"path": "/etc/ssh/ca.pub",
"comment": "#"
}
]
}
}
}

6
StepCA/Files/step_server/config/defaults.json Normal file
View File

@@ -0,0 +1,6 @@
{
"ca-url": "https://stepca.alexlebens.net:9040",
"ca-config": "/home/step/config/ca.json",
"fingerprint": "750cd0a82c60a2d30e443a7e20e6f3064a17dbf619f750d8eba690c4304608c4",
"root": "/home/step/certs/root_ca.crt"
}

3
StepCA/README.md Normal file
View File

@@ -0,0 +1,3 @@
# StepCA
[![Build Status](https://drone.alexlebens.net/api/badges/alexlebens/StepCA/status.svg)](https://drone.alexlebens.net/alexlebens/StepCA)

17
StepCA/UptimeKuma/docker-1.json Normal file
View File

@@ -0,0 +1,17 @@
{
"type": "docker",
"name": "StepCA - Docker",
"interval": 60,
"retryInterval": 20,
"maxretries": 1,
"notificationIDList": [
3,
4
],
"url": "https://stepca.alexlebens.net",
"accepted_statuscodes": [
"200-299"
],
"docker_container": "stepca_server",
"docker_host": 1
}

15
StepCA/UptimeKuma/http-1.json Normal file
View File

@@ -0,0 +1,15 @@
{
"type": "http",
"name": "StepCA - Web",
"interval": 60,
"retryInterval": 20,
"maxretries": 1,
"notificationIDList": [
3,
4
],
"url": "https://stepca.alexlebens.net",
"accepted_statuscodes": [
"200-299"
]
}

37
StepCA/docker-compose.yml Normal file
View File

@@ -0,0 +1,37 @@
services:
stepca:
container_name: stepca_server
env_file:
- .env
healthcheck:
test: curl -k --fail https://localhost:9040/health || exit 1
interval: 60s
retries: 5
start_period: 20s
timeout: 10s
image: smallstep/step-ca:latest
logging:
driver: json-file
options:
max-size: 50m
max-file: "3"
networks:
traefik: null
ports:
- 9040:9040
restart: always
volumes:
- step:/home/step
networks:
traefik:
name: traefik
external: true
volumes:
step:
driver: local
driver_opts:
type: none
o: bind
device: /var/lib/docker/volumes/partition/step_server