Merge pull request #3236 from OvrAp3x/patch-1

Dockerfile
This commit is contained in:
Ylian Saint-Hilaire 2021-11-02 10:18:21 -07:00 committed by GitHub
commit 45c8d2c4c3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 122 additions and 0 deletions

30
docker/Dockerfile Normal file
View File

@ -0,0 +1,30 @@
# Filename: Dockerfile
FROM ubuntu:latest
# Disable Prompt During Packages Installation
ARG DEBIAN_FRONTEND=noninteractive
#install dependencies
RUN apt-get update && apt-get install -y nodejs npm nano
#Add non-root user, add installation directories and assign proper permissions
RUN mkdir -p /opt/meshcentral
#meshcentral installation
WORKDIR /opt/meshcentral
RUN npm install meshcentral
#Copy config template and startup script
COPY config.json.template /opt/meshcentral/config.json.template
COPY startup.sh startup.sh
#environment variables
EXPOSE 80 443
#volumes
VOLUME /opt/meshcentral/meshcentral-data
VOLUME /opt/meshcentral/meshcentral-files
CMD ["bash","/opt/meshcentral/startup.sh"]

View File

@ -0,0 +1,34 @@
{
"$schema": "http://info.meshcentral.com/downloads/meshcentral-config-schema.json",
"settings": {
"cert": "myserver.mydomain.com",
"_WANonly": true,
"_LANonly": true,
"_sessionKey": "MyReallySecretPassword1",
"port": 443,
"_aliasPort": 443,
"redirPort": 80,
"_redirAliasPort": 80,
"AgentPong": 300,
"TLSOffload": false,
"SelfUpdate": false,
"AllowFraming": false,
"WebRTC": false
},
"domains": {
"": {
"_title": "MyServer",
"_title2": "Servername",
"_minify": true,
"NewAccounts": true,
"_userNameIsEmail": true,
"_certUrl": "my.reverse.proxy"
}
},
"_letsencrypt": {
"__comment__": "Requires NodeJS 8.x or better, Go to https://letsdebug.net/ first before>",
"_email": "myemail@mydomain.com",
"_names": "myserver.mydomain.com",
"production": false
}
}

30
docker/readme.md Normal file
View File

@ -0,0 +1,30 @@
# How to create a docker image for meshcentral
```
git clone https://github.com/Ylianst/MeshCentral.git
cd MeshCentral/docker
docker build -t meshcentral .
```
docker-compose.yml example:
```yaml
version: '2'
services:
meshcentral:
restart: always
container_name: meshcentral
image: meshcentral
ports:
- 443:443 #MeshCentral will moan and try everything not to use port 80, but you can also use it if you so desire, just change the config.json according to your needs
environment:
- HOSTNAME=my.domain.com #your hostname
- REVERSE_PROXY=false #set to your reverse proxy IP if you want to put meshcentral behind a reverse proxy
- REVERSE_PROXY_TLS_PORT=
- IFRAME=false #set to true if you wish to enable iframe support
- ALLOW_NEW_ACCOUNTS=true #set to false if you want disable self-service creation of new accounts besides the first (admin)
- WEBRTC=false #set to true to enable WebRTC - per documentation it is not officially released with meshcentral, but is solid enough to work with. Use with caution
volumes:
- ./meshcentral/data:/opt/meshcentral/meshcentral-data #config.json and other important files live here. A must for data persistence
- ./meshcentral/user_files:/opt/meshcentral/meshcentral-files #where file uploads for users live
```

28
docker/startup.sh Normal file
View File

@ -0,0 +1,28 @@
#!/bin/bash
export NODE_ENV=production
export HOSTNAME
export REVERSE_PROXY
export REVERSE_PROXY_TLS_PORT
export IFRAME
export ALLOW_NEW_ACCOUNTS
export WEBRTC
if [ -f "meshcentral-data/config.json" ]
then
node node_modules/meshcentral
else
cp config.json.template meshcentral-data/config.json
sed -i "s/\"cert\": \"myserver.mydomain.com\"/\"cert\": \"$HOSTNAME\"/" meshcentral-data/config.json
sed -i "s/\"NewAccounts\": true/\"NewAccounts\": \"$ALLOW_NEW_ACCOUNTS\"/" meshcentral-data/config.json
sed -i "s/\"WebRTC\": false/\"WebRTC\": \"$WEBRTC\"/" meshcentral-data/config.json
sed -i "s/\"AllowFraming\": false/\"AllowFraming\": \"$IFRAME\"/" meshcentral-data/config.json
if [ "$REVERSE_PROXY" != "false" ]
then
sed -i "s/\"_certUrl\": \"my\.reverse\.proxy\"/\"certUrl\": \"https:\/\/$REVERSE_PROXY:$REVERSE_PROXY_TLS_PORT\"/" meshcentral-data/config.json
node node_modules/meshcentral
exit
fi
node node_modules/meshcentral --cert "$HOSTNAME"
fi