mirror of
https://github.com/Ylianst/MeshCentral.git
synced 2024-12-27 15:45:53 -05:00
Merge pull request #4083 from sschoen/Feature/docker
Updated docker environment
This commit is contained in:
commit
16dd0fba11
9
.dockerignore
Normal file
9
.dockerignore
Normal file
@ -0,0 +1,9 @@
|
||||
.github/
|
||||
.vscode/
|
||||
docs/
|
||||
.gitignore
|
||||
.gitlab-ci.yml
|
||||
*.bat
|
||||
*.sln
|
||||
*.njsproj
|
||||
*.md
|
@ -5,22 +5,45 @@ FROM node:slim
|
||||
#Add non-root user, add installation directories and assign proper permissions
|
||||
RUN mkdir -p /opt/meshcentral
|
||||
|
||||
#meshcentral installation
|
||||
# meshcentral installation
|
||||
WORKDIR /opt/meshcentral
|
||||
|
||||
RUN npm install meshcentral
|
||||
# add mongodb repository to apt
|
||||
RUN apt-get update && apt-get install -y gnupg2 wget
|
||||
RUN wget -qO - https://www.mongodb.org/static/pgp/server-5.0.asc | apt-key add -
|
||||
RUN echo "deb http://repo.mongodb.org/apt/debian buster/mongodb-org/5.0 main" | tee /etc/apt/sources.list.d/mongodb-org-5.0.list
|
||||
|
||||
#Install dependencies for plugins
|
||||
RUN npm install nedb
|
||||
# install mongodb
|
||||
RUN apt-get update \
|
||||
&& apt-get install -y mongodb-org-tools \
|
||||
&& rm -rf /var/lib/apt/lists/*
|
||||
|
||||
COPY config.json.template /opt/meshcentral/config.json.template
|
||||
COPY startup.sh startup.sh
|
||||
#environment variables
|
||||
RUN mkdir /opt/meshcentral/meshcentral
|
||||
COPY ./ /opt/meshcentral/meshcentral/
|
||||
COPY ./docker/config.json.template /opt/meshcentral/config.json.template
|
||||
COPY ./docker/startup.sh startup.sh
|
||||
RUN rm -rf ./docker
|
||||
|
||||
# install dependencies from package.json
|
||||
RUN cd meshcentral && npm install
|
||||
|
||||
# install dependencies for plugins
|
||||
RUN cd meshcentral && npm install nedb
|
||||
|
||||
# minify files - first try throws Error: Cannot find module 'jsdom'
|
||||
RUN cd meshcentral/translate && node translate.js minifyall; exit 0
|
||||
RUN cd meshcentral/translate && node translate.js minifyall
|
||||
|
||||
# translate
|
||||
RUN cd meshcentral/translate && node translate.js translateall
|
||||
RUN cd meshcentral/translate && node translate.js extractall
|
||||
|
||||
EXPOSE 80 443
|
||||
|
||||
#volumes
|
||||
# volumes
|
||||
VOLUME /opt/meshcentral/meshcentral-data
|
||||
VOLUME /opt/meshcentral/meshcentral-files
|
||||
VOLUME /opt/meshcentral/meshcentral-web
|
||||
VOLUME /opt/meshcentral/meshcentral-backup
|
||||
|
||||
CMD ["bash","/opt/meshcentral/startup.sh"]
|
||||
CMD ["bash", "/opt/meshcentral/startup.sh"]
|
||||
|
@ -2,6 +2,7 @@
|
||||
"$schema": "http://info.meshcentral.com/downloads/meshcentral-config-schema.json",
|
||||
"settings": {
|
||||
"plugins":{"enabled": false},
|
||||
"_mongoDb": null,
|
||||
"cert": "myserver.mydomain.com",
|
||||
"_WANonly": true,
|
||||
"_LANonly": true,
|
||||
@ -17,20 +18,20 @@
|
||||
"WebRTC": false
|
||||
},
|
||||
"domains": {
|
||||
"": {
|
||||
"_title": "MyServer",
|
||||
"_title2": "Servername",
|
||||
"minify": true,
|
||||
"NewAccounts": true,
|
||||
"localSessionRecording": false,
|
||||
"_userNameIsEmail": true,
|
||||
"_certUrl": "my.reverse.proxy"
|
||||
}
|
||||
"": {
|
||||
"_title": "MyServer",
|
||||
"_title2": "Servername",
|
||||
"minify": true,
|
||||
"NewAccounts": true,
|
||||
"localSessionRecording": false,
|
||||
"_userNameIsEmail": true,
|
||||
"_certUrl": "my.reverse.proxy"
|
||||
}
|
||||
},
|
||||
"_letsencrypt": {
|
||||
"__comment__": "Requires NodeJS 8.x or better, Go to https://letsdebug.net/ first before>",
|
||||
"_email": "myemail@mydomain.com",
|
||||
"_names": "myserver.mydomain.com",
|
||||
"production": false
|
||||
"production": false
|
||||
}
|
||||
}
|
146
docker/readme.md
146
docker/readme.md
@ -2,32 +2,132 @@
|
||||
# How to create a docker image for meshcentral
|
||||
|
||||
```
|
||||
git clone https://github.com/Ylianst/MeshCentral.git
|
||||
cd MeshCentral/docker
|
||||
docker build -t meshcentral .
|
||||
> git clone https://github.com/Ylianst/MeshCentral.git
|
||||
> cd MeshCentral
|
||||
|
||||
> docker build -f docker/Dockerfile --force-rm -t meshcentral .
|
||||
|
||||
# (optional) cleanup after docker build:
|
||||
> cd ..
|
||||
> rm -rf MeshCentral/
|
||||
```
|
||||
|
||||
docker-compose.yml example:
|
||||
> | Argument | Description |
|
||||
> | :--- | :--- |
|
||||
> | -f docker/Dockerfile | Path/Name of the Dockerfile |
|
||||
> | --force-rm | Always remove intermediate containers |
|
||||
> | -t meshcentral | Name and optionally a tag in the 'name:tag' format |
|
||||
|
||||
# Create folder-structure and files
|
||||
|
||||
```
|
||||
| - meshcentral/ # this folder contains the persistent data
|
||||
| - data/ # MeshCentral data-files
|
||||
| - user_files/ # where file uploads for users live
|
||||
| - web/ # location for site customization files
|
||||
| - backup/ # location for the meshcentral-backups
|
||||
| - .env # environment file with initial variables
|
||||
| - docker-compose.yml
|
||||
```
|
||||
|
||||
# Templates:
|
||||
## .env:
|
||||
```ini
|
||||
NODE_ENV=production
|
||||
|
||||
# initial mongodb-variables
|
||||
MONGO_INITDB_ROOT_USERNAME=mongodbadmin
|
||||
MONGO_INITDB_ROOT_PASSWORD=mongodbpasswd
|
||||
|
||||
# initial meshcentral-variables
|
||||
# the following options are only used if no config.json exists in the data-folder
|
||||
|
||||
# your hostname
|
||||
HOSTNAME=my.domain.com
|
||||
USE_MONGODB=false
|
||||
# set to your reverse proxy IP if you want to put meshcentral behind a reverse proxy
|
||||
REVERSE_PROXY=false
|
||||
REVERSE_PROXY_TLS_PORT=
|
||||
# set to true if you wish to enable iframe support
|
||||
IFRAME=false
|
||||
# set to false if you want disable self-service creation of new accounts besides the first (admin)
|
||||
ALLOW_NEW_ACCOUNTS=true
|
||||
# set to true to enable WebRTC - per documentation it is not officially released with meshcentral, but is solid enough to work with. Use with caution
|
||||
WEBRTC=false
|
||||
# set to true to allow plugins
|
||||
ALLOWPLUGINS=false
|
||||
# set to true to allow session recording
|
||||
LOCALSESSIONRECORDING=false
|
||||
# set to enable or disable minification of json, reduces traffic
|
||||
MINIFY=true
|
||||
```
|
||||
|
||||
## docker-compose.yml:
|
||||
```yaml
|
||||
version: '3'
|
||||
|
||||
services:
|
||||
meshcentral:
|
||||
restart: always
|
||||
container_name: meshcentral
|
||||
image: einar/meshcentral
|
||||
ports:
|
||||
- 8086:443 #MeshCentral will moan and try everything not to use port 80, but you can also use it if you so desire, just change the config.json according to your needs
|
||||
environment:
|
||||
- HOSTNAME=my.domain.com #your hostname
|
||||
- REVERSE_PROXY=false #set to your reverse proxy IP if you want to put meshcentral behind a reverse proxy
|
||||
- REVERSE_PROXY_TLS_PORT=
|
||||
- IFRAME=false #set to true if you wish to enable iframe support
|
||||
- ALLOW_NEW_ACCOUNTS=true #set to false if you want disable self-service creation of new accounts besides the first (admin)
|
||||
- WEBRTC=false #set to true to enable WebRTC - per documentation it is not officially released with meshcentral, but is solid enough to work with. Use with caution
|
||||
- ALLOWPLUGINS=false #set to true to allow plugins
|
||||
- LOCALSESSIONRECORDING=false # set to true to allow session recording
|
||||
- MINIFY=true #set to enable or disable minification of json, reduces traffic
|
||||
volumes:
|
||||
- ./meshcentral/data:/opt/meshcentral/meshcentral-data #config.json and other important files live here. A must for data persistence
|
||||
- ./meshcentral/user_files:/opt/meshcentral/meshcentral-files #where file uploads for users live
|
||||
meshcentral:
|
||||
restart: always
|
||||
container_name: meshcentral
|
||||
image: meshcentral
|
||||
ports:
|
||||
# MeshCentral will moan and try everything not to use port 80, but you can also use it if you so desire, just change the config.json according to your needs
|
||||
- 8086:443
|
||||
env_file:
|
||||
- .env
|
||||
volumes:
|
||||
# config.json and other important files live here. A must for data persistence
|
||||
- ./meshcentral/data:/opt/meshcentral/meshcentral-data
|
||||
# where file uploads for users live
|
||||
- ./meshcentral/user_files:/opt/meshcentral/meshcentral-files
|
||||
# location for the meshcentral-backups - this should be mounted to an external storage
|
||||
- ./meshcentral/backup:/opt/meshcentral/meshcentral-backup
|
||||
# location for site customization files
|
||||
- ./meshcentral/web:/opt/meshcentral/meshcentral-web
|
||||
```
|
||||
|
||||
## docker-compose.yml mongodb:
|
||||
```yaml
|
||||
version: '3'
|
||||
|
||||
networks:
|
||||
meshcentral-tier:
|
||||
driver: bridge
|
||||
|
||||
services:
|
||||
mongodb:
|
||||
restart: always
|
||||
container_name: mongodb
|
||||
image: mongo:latest
|
||||
env_file:
|
||||
- .env
|
||||
volumes:
|
||||
# mongodb data-directory - A must for data persistence
|
||||
- ./meshcentral/mongodb_data:/data/db
|
||||
networks:
|
||||
- meshcentral-tier
|
||||
|
||||
meshcentral:
|
||||
restart: always
|
||||
container_name: meshcentral
|
||||
image: meshcentral
|
||||
depends_on:
|
||||
- mongodb
|
||||
ports:
|
||||
# MeshCentral will moan and try everything not to use port 80, but you can also use it if you so desire, just change the config.json according to your needs
|
||||
- 8086:443
|
||||
env_file:
|
||||
- .env
|
||||
volumes:
|
||||
# config.json and other important files live here. A must for data persistence
|
||||
- ./meshcentral/data:/opt/meshcentral/meshcentral-data
|
||||
# where file uploads for users live
|
||||
- ./meshcentral/user_files:/opt/meshcentral/meshcentral-files
|
||||
# location for the meshcentral-backups - this should be mounted to an external storage
|
||||
- ./meshcentral/backup:/opt/meshcentral/meshcentral-backup
|
||||
# location for site customization files
|
||||
- ./meshcentral/web:/opt/meshcentral/meshcentral-web
|
||||
networks:
|
||||
- meshcentral-tier
|
||||
```
|
||||
|
@ -8,12 +8,18 @@ export REVERSE_PROXY_TLS_PORT
|
||||
export IFRAME
|
||||
export ALLOW_NEW_ACCOUNTS
|
||||
export WEBRTC
|
||||
export MONGO_INITDB_ROOT_USERNAME
|
||||
export MONGO_INITDB_ROOT_PASSWORD
|
||||
export USE_MONGODB
|
||||
|
||||
if [ -f "meshcentral-data/config.json" ]
|
||||
then
|
||||
node node_modules/meshcentral
|
||||
node meshcentral/meshcentral
|
||||
else
|
||||
cp config.json.template meshcentral-data/config.json
|
||||
if [ $USE_MONGODB == true ]; then
|
||||
sed -i "s/\"_mongoDb\": null/\"mongoDb\": \"mongodb:\/\/$MONGO_INITDB_ROOT_USERNAME:$MONGO_INITDB_ROOT_PASSWORD@mongodb:27017\"/" meshcentral-data/config.json
|
||||
fi
|
||||
sed -i "s/\"cert\": \"myserver.mydomain.com\"/\"cert\": \"$HOSTNAME\"/" meshcentral-data/config.json
|
||||
sed -i "s/\"NewAccounts\": true/\"NewAccounts\": \"$ALLOW_NEW_ACCOUNTS\"/" meshcentral-data/config.json
|
||||
sed -i "s/\"enabled\": false/\"enabled\": \"$ALLOWPLUGINS\"/" meshcentral-data/config.json
|
||||
@ -21,11 +27,10 @@ if [ -f "meshcentral-data/config.json" ]
|
||||
sed -i "s/\"minify\": true/\"minify\": \"$MINIFY\"/" meshcentral-data/config.json
|
||||
sed -i "s/\"WebRTC\": false/\"WebRTC\": \"$WEBRTC\"/" meshcentral-data/config.json
|
||||
sed -i "s/\"AllowFraming\": false/\"AllowFraming\": \"$IFRAME\"/" meshcentral-data/config.json
|
||||
if [ "$REVERSE_PROXY" != "false" ]
|
||||
then
|
||||
sed -i "s/\"_certUrl\": \"my\.reverse\.proxy\"/\"certUrl\": \"https:\/\/$REVERSE_PROXY:$REVERSE_PROXY_TLS_PORT\"/" meshcentral-data/config.json
|
||||
node node_modules/meshcentral
|
||||
exit
|
||||
if [ "$REVERSE_PROXY" != "false" ]; then
|
||||
sed -i "s/\"_certUrl\": \"my\.reverse\.proxy\"/\"certUrl\": \"https:\/\/$REVERSE_PROXY:$REVERSE_PROXY_TLS_PORT\"/" meshcentral-data/config.json
|
||||
node meshcentral/meshcentral
|
||||
exit
|
||||
fi
|
||||
node node_modules/meshcentral --cert "$HOSTNAME"
|
||||
node meshcentral/meshcentral --cert "$HOSTNAME"
|
||||
fi
|
Loading…
Reference in New Issue
Block a user