735b5af722
|
||
|---|---|---|
| .. | ||
| api | ||
| app | ||
| meshcentral | ||
| nginx-proxy | ||
| salt | ||
| .env.example | ||
| .gitignore | ||
| docker-compose.yml | ||
| readme.md | ||
readme.md
Docker Setup
- install docker and docker-compose
- Obtain wildcard cert or individual certs for each subdomain
Generate certificates with certbot
Install Certbot
sudo apt-get install certbot
Generate the wildcard certificate. Add the DNS entry for domain validation.
sudo certbot certonly --manual -d *.example.com --agree-tos --no-bootstrap --manual-public-ip-logging-ok --preferred-challenges dns
Copy the fullchain.pem and privkey.pem to the cert directory.
Configure DNS and Firewall
You will need to add DNS entries so that the three subdomains resolve to the IP of the docker host. There is a reverse proxy running that will route the hostnames to the correct container. On the host, you will need to ensure the firewall is open on tcp ports 80, 443, 8123, 4505, 4506.
Run the environment with Docker
Copy the .env.example to .env then change values in .env to match your environment
cd docker
sudo docker-compose up -d
You may need to run this twice since some of the dependant containers won't be ready
Create a super user
sudo docker exec -it docker_api_1 python manage.py createsuperuser
Setup 2FA authentication
Get the 2FA code with
sudo docker exec -it docker_api_1 python manage.py generate_totp
Add the generated code to the .env file TWO_FACTOR_OTP in the docker folder
Rebuild the api container
sudo docker-compose up -d --build api
Use the generated code and the username to generate a bar code for your authenticator app
sudo docker exec -it docker_api_1 python manage.py generate_barcode [OTP_CODE] [username]
Connect to a container instance shell
run docker ps to get the name of the running container instance.
Then use the name in the below command. It will use the api container instance as an example
sudo docker exec -it docker_api_1 /bin/bash
If /bin/bash doesn't work then /bin/sh might need to be used.