mirror of
https://github.com/Ylianst/MeshCentral.git
synced 2025-01-14 16:24:59 -05:00
Merge branch 'master' of https://github.com/Ylianst/MeshCentral
This commit is contained in:
commit
99d977a39e
9
.dockerignore
Normal file
9
.dockerignore
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
.github/
|
||||||
|
.vscode/
|
||||||
|
docs/
|
||||||
|
.gitignore
|
||||||
|
.gitlab-ci.yml
|
||||||
|
*.bat
|
||||||
|
*.sln
|
||||||
|
*.njsproj
|
||||||
|
*.md
|
@ -5,22 +5,45 @@ FROM node:slim
|
|||||||
#Add non-root user, add installation directories and assign proper permissions
|
#Add non-root user, add installation directories and assign proper permissions
|
||||||
RUN mkdir -p /opt/meshcentral
|
RUN mkdir -p /opt/meshcentral
|
||||||
|
|
||||||
#meshcentral installation
|
# meshcentral installation
|
||||||
WORKDIR /opt/meshcentral
|
WORKDIR /opt/meshcentral
|
||||||
|
|
||||||
RUN npm install meshcentral
|
# add mongodb repository to apt
|
||||||
|
RUN apt-get update && apt-get install -y gnupg2 wget
|
||||||
|
RUN wget -qO - https://www.mongodb.org/static/pgp/server-5.0.asc | apt-key add -
|
||||||
|
RUN echo "deb http://repo.mongodb.org/apt/debian buster/mongodb-org/5.0 main" | tee /etc/apt/sources.list.d/mongodb-org-5.0.list
|
||||||
|
|
||||||
#Install dependencies for plugins
|
# install mongodb
|
||||||
RUN npm install nedb
|
RUN apt-get update \
|
||||||
|
&& apt-get install -y mongodb-org-tools \
|
||||||
|
&& rm -rf /var/lib/apt/lists/*
|
||||||
|
|
||||||
COPY config.json.template /opt/meshcentral/config.json.template
|
RUN mkdir /opt/meshcentral/meshcentral
|
||||||
COPY startup.sh startup.sh
|
COPY ./ /opt/meshcentral/meshcentral/
|
||||||
#environment variables
|
COPY ./docker/config.json.template /opt/meshcentral/config.json.template
|
||||||
|
COPY ./docker/startup.sh startup.sh
|
||||||
|
RUN rm -rf ./docker
|
||||||
|
|
||||||
|
# install dependencies from package.json
|
||||||
|
RUN cd meshcentral && npm install
|
||||||
|
|
||||||
|
# install dependencies for plugins
|
||||||
|
RUN cd meshcentral && npm install nedb
|
||||||
|
|
||||||
|
# minify files - first try throws Error: Cannot find module 'jsdom'
|
||||||
|
RUN cd meshcentral/translate && node translate.js minifyall; exit 0
|
||||||
|
RUN cd meshcentral/translate && node translate.js minifyall
|
||||||
|
|
||||||
|
# translate
|
||||||
|
RUN cd meshcentral/translate && node translate.js translateall
|
||||||
|
RUN cd meshcentral/translate && node translate.js extractall
|
||||||
|
|
||||||
EXPOSE 80 443
|
EXPOSE 80 443
|
||||||
|
|
||||||
#volumes
|
# volumes
|
||||||
VOLUME /opt/meshcentral/meshcentral-data
|
VOLUME /opt/meshcentral/meshcentral-data
|
||||||
VOLUME /opt/meshcentral/meshcentral-files
|
VOLUME /opt/meshcentral/meshcentral-files
|
||||||
|
VOLUME /opt/meshcentral/meshcentral-web
|
||||||
|
VOLUME /opt/meshcentral/meshcentral-backup
|
||||||
|
|
||||||
CMD ["bash","/opt/meshcentral/startup.sh"]
|
CMD ["bash", "/opt/meshcentral/startup.sh"]
|
||||||
|
@ -2,6 +2,7 @@
|
|||||||
"$schema": "http://info.meshcentral.com/downloads/meshcentral-config-schema.json",
|
"$schema": "http://info.meshcentral.com/downloads/meshcentral-config-schema.json",
|
||||||
"settings": {
|
"settings": {
|
||||||
"plugins":{"enabled": false},
|
"plugins":{"enabled": false},
|
||||||
|
"_mongoDb": null,
|
||||||
"cert": "myserver.mydomain.com",
|
"cert": "myserver.mydomain.com",
|
||||||
"_WANonly": true,
|
"_WANonly": true,
|
||||||
"_LANonly": true,
|
"_LANonly": true,
|
||||||
@ -17,20 +18,20 @@
|
|||||||
"WebRTC": false
|
"WebRTC": false
|
||||||
},
|
},
|
||||||
"domains": {
|
"domains": {
|
||||||
"": {
|
"": {
|
||||||
"_title": "MyServer",
|
"_title": "MyServer",
|
||||||
"_title2": "Servername",
|
"_title2": "Servername",
|
||||||
"minify": true,
|
"minify": true,
|
||||||
"NewAccounts": true,
|
"NewAccounts": true,
|
||||||
"localSessionRecording": false,
|
"localSessionRecording": false,
|
||||||
"_userNameIsEmail": true,
|
"_userNameIsEmail": true,
|
||||||
"_certUrl": "my.reverse.proxy"
|
"_certUrl": "my.reverse.proxy"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"_letsencrypt": {
|
"_letsencrypt": {
|
||||||
"__comment__": "Requires NodeJS 8.x or better, Go to https://letsdebug.net/ first before>",
|
"__comment__": "Requires NodeJS 8.x or better, Go to https://letsdebug.net/ first before>",
|
||||||
"_email": "myemail@mydomain.com",
|
"_email": "myemail@mydomain.com",
|
||||||
"_names": "myserver.mydomain.com",
|
"_names": "myserver.mydomain.com",
|
||||||
"production": false
|
"production": false
|
||||||
}
|
}
|
||||||
}
|
}
|
146
docker/readme.md
146
docker/readme.md
@ -2,32 +2,132 @@
|
|||||||
# How to create a docker image for meshcentral
|
# How to create a docker image for meshcentral
|
||||||
|
|
||||||
```
|
```
|
||||||
git clone https://github.com/Ylianst/MeshCentral.git
|
> git clone https://github.com/Ylianst/MeshCentral.git
|
||||||
cd MeshCentral/docker
|
> cd MeshCentral
|
||||||
docker build -t meshcentral .
|
|
||||||
|
> docker build -f docker/Dockerfile --force-rm -t meshcentral .
|
||||||
|
|
||||||
|
# (optional) cleanup after docker build:
|
||||||
|
> cd ..
|
||||||
|
> rm -rf MeshCentral/
|
||||||
```
|
```
|
||||||
|
|
||||||
docker-compose.yml example:
|
> | Argument | Description |
|
||||||
|
> | :--- | :--- |
|
||||||
|
> | -f docker/Dockerfile | Path/Name of the Dockerfile |
|
||||||
|
> | --force-rm | Always remove intermediate containers |
|
||||||
|
> | -t meshcentral | Name and optionally a tag in the 'name:tag' format |
|
||||||
|
|
||||||
|
# Create folder-structure and files
|
||||||
|
|
||||||
|
```
|
||||||
|
| - meshcentral/ # this folder contains the persistent data
|
||||||
|
| - data/ # MeshCentral data-files
|
||||||
|
| - user_files/ # where file uploads for users live
|
||||||
|
| - web/ # location for site customization files
|
||||||
|
| - backup/ # location for the meshcentral-backups
|
||||||
|
| - .env # environment file with initial variables
|
||||||
|
| - docker-compose.yml
|
||||||
|
```
|
||||||
|
|
||||||
|
# Templates:
|
||||||
|
## .env:
|
||||||
|
```ini
|
||||||
|
NODE_ENV=production
|
||||||
|
|
||||||
|
# initial mongodb-variables
|
||||||
|
MONGO_INITDB_ROOT_USERNAME=mongodbadmin
|
||||||
|
MONGO_INITDB_ROOT_PASSWORD=mongodbpasswd
|
||||||
|
|
||||||
|
# initial meshcentral-variables
|
||||||
|
# the following options are only used if no config.json exists in the data-folder
|
||||||
|
|
||||||
|
# your hostname
|
||||||
|
HOSTNAME=my.domain.com
|
||||||
|
USE_MONGODB=false
|
||||||
|
# set to your reverse proxy IP if you want to put meshcentral behind a reverse proxy
|
||||||
|
REVERSE_PROXY=false
|
||||||
|
REVERSE_PROXY_TLS_PORT=
|
||||||
|
# set to true if you wish to enable iframe support
|
||||||
|
IFRAME=false
|
||||||
|
# set to false if you want disable self-service creation of new accounts besides the first (admin)
|
||||||
|
ALLOW_NEW_ACCOUNTS=true
|
||||||
|
# set to true to enable WebRTC - per documentation it is not officially released with meshcentral, but is solid enough to work with. Use with caution
|
||||||
|
WEBRTC=false
|
||||||
|
# set to true to allow plugins
|
||||||
|
ALLOWPLUGINS=false
|
||||||
|
# set to true to allow session recording
|
||||||
|
LOCALSESSIONRECORDING=false
|
||||||
|
# set to enable or disable minification of json, reduces traffic
|
||||||
|
MINIFY=true
|
||||||
|
```
|
||||||
|
|
||||||
|
## docker-compose.yml:
|
||||||
```yaml
|
```yaml
|
||||||
version: '3'
|
version: '3'
|
||||||
|
|
||||||
services:
|
services:
|
||||||
meshcentral:
|
meshcentral:
|
||||||
restart: always
|
restart: always
|
||||||
container_name: meshcentral
|
container_name: meshcentral
|
||||||
image: einar/meshcentral
|
image: meshcentral
|
||||||
ports:
|
ports:
|
||||||
- 8086:443 #MeshCentral will moan and try everything not to use port 80, but you can also use it if you so desire, just change the config.json according to your needs
|
# MeshCentral will moan and try everything not to use port 80, but you can also use it if you so desire, just change the config.json according to your needs
|
||||||
environment:
|
- 8086:443
|
||||||
- HOSTNAME=my.domain.com #your hostname
|
env_file:
|
||||||
- REVERSE_PROXY=false #set to your reverse proxy IP if you want to put meshcentral behind a reverse proxy
|
- .env
|
||||||
- REVERSE_PROXY_TLS_PORT=
|
volumes:
|
||||||
- IFRAME=false #set to true if you wish to enable iframe support
|
# config.json and other important files live here. A must for data persistence
|
||||||
- ALLOW_NEW_ACCOUNTS=true #set to false if you want disable self-service creation of new accounts besides the first (admin)
|
- ./meshcentral/data:/opt/meshcentral/meshcentral-data
|
||||||
- WEBRTC=false #set to true to enable WebRTC - per documentation it is not officially released with meshcentral, but is solid enough to work with. Use with caution
|
# where file uploads for users live
|
||||||
- ALLOWPLUGINS=false #set to true to allow plugins
|
- ./meshcentral/user_files:/opt/meshcentral/meshcentral-files
|
||||||
- LOCALSESSIONRECORDING=false # set to true to allow session recording
|
# location for the meshcentral-backups - this should be mounted to an external storage
|
||||||
- MINIFY=true #set to enable or disable minification of json, reduces traffic
|
- ./meshcentral/backup:/opt/meshcentral/meshcentral-backup
|
||||||
volumes:
|
# location for site customization files
|
||||||
- ./meshcentral/data:/opt/meshcentral/meshcentral-data #config.json and other important files live here. A must for data persistence
|
- ./meshcentral/web:/opt/meshcentral/meshcentral-web
|
||||||
- ./meshcentral/user_files:/opt/meshcentral/meshcentral-files #where file uploads for users live
|
```
|
||||||
|
|
||||||
|
## docker-compose.yml mongodb:
|
||||||
|
```yaml
|
||||||
|
version: '3'
|
||||||
|
|
||||||
|
networks:
|
||||||
|
meshcentral-tier:
|
||||||
|
driver: bridge
|
||||||
|
|
||||||
|
services:
|
||||||
|
mongodb:
|
||||||
|
restart: always
|
||||||
|
container_name: mongodb
|
||||||
|
image: mongo:latest
|
||||||
|
env_file:
|
||||||
|
- .env
|
||||||
|
volumes:
|
||||||
|
# mongodb data-directory - A must for data persistence
|
||||||
|
- ./meshcentral/mongodb_data:/data/db
|
||||||
|
networks:
|
||||||
|
- meshcentral-tier
|
||||||
|
|
||||||
|
meshcentral:
|
||||||
|
restart: always
|
||||||
|
container_name: meshcentral
|
||||||
|
image: meshcentral
|
||||||
|
depends_on:
|
||||||
|
- mongodb
|
||||||
|
ports:
|
||||||
|
# MeshCentral will moan and try everything not to use port 80, but you can also use it if you so desire, just change the config.json according to your needs
|
||||||
|
- 8086:443
|
||||||
|
env_file:
|
||||||
|
- .env
|
||||||
|
volumes:
|
||||||
|
# config.json and other important files live here. A must for data persistence
|
||||||
|
- ./meshcentral/data:/opt/meshcentral/meshcentral-data
|
||||||
|
# where file uploads for users live
|
||||||
|
- ./meshcentral/user_files:/opt/meshcentral/meshcentral-files
|
||||||
|
# location for the meshcentral-backups - this should be mounted to an external storage
|
||||||
|
- ./meshcentral/backup:/opt/meshcentral/meshcentral-backup
|
||||||
|
# location for site customization files
|
||||||
|
- ./meshcentral/web:/opt/meshcentral/meshcentral-web
|
||||||
|
networks:
|
||||||
|
- meshcentral-tier
|
||||||
```
|
```
|
||||||
|
@ -8,12 +8,18 @@ export REVERSE_PROXY_TLS_PORT
|
|||||||
export IFRAME
|
export IFRAME
|
||||||
export ALLOW_NEW_ACCOUNTS
|
export ALLOW_NEW_ACCOUNTS
|
||||||
export WEBRTC
|
export WEBRTC
|
||||||
|
export MONGO_INITDB_ROOT_USERNAME
|
||||||
|
export MONGO_INITDB_ROOT_PASSWORD
|
||||||
|
export USE_MONGODB
|
||||||
|
|
||||||
if [ -f "meshcentral-data/config.json" ]
|
if [ -f "meshcentral-data/config.json" ]
|
||||||
then
|
then
|
||||||
node node_modules/meshcentral
|
node meshcentral/meshcentral
|
||||||
else
|
else
|
||||||
cp config.json.template meshcentral-data/config.json
|
cp config.json.template meshcentral-data/config.json
|
||||||
|
if [ $USE_MONGODB == true ]; then
|
||||||
|
sed -i "s/\"_mongoDb\": null/\"mongoDb\": \"mongodb:\/\/$MONGO_INITDB_ROOT_USERNAME:$MONGO_INITDB_ROOT_PASSWORD@mongodb:27017\"/" meshcentral-data/config.json
|
||||||
|
fi
|
||||||
sed -i "s/\"cert\": \"myserver.mydomain.com\"/\"cert\": \"$HOSTNAME\"/" meshcentral-data/config.json
|
sed -i "s/\"cert\": \"myserver.mydomain.com\"/\"cert\": \"$HOSTNAME\"/" meshcentral-data/config.json
|
||||||
sed -i "s/\"NewAccounts\": true/\"NewAccounts\": \"$ALLOW_NEW_ACCOUNTS\"/" meshcentral-data/config.json
|
sed -i "s/\"NewAccounts\": true/\"NewAccounts\": \"$ALLOW_NEW_ACCOUNTS\"/" meshcentral-data/config.json
|
||||||
sed -i "s/\"enabled\": false/\"enabled\": \"$ALLOWPLUGINS\"/" meshcentral-data/config.json
|
sed -i "s/\"enabled\": false/\"enabled\": \"$ALLOWPLUGINS\"/" meshcentral-data/config.json
|
||||||
@ -21,11 +27,10 @@ if [ -f "meshcentral-data/config.json" ]
|
|||||||
sed -i "s/\"minify\": true/\"minify\": \"$MINIFY\"/" meshcentral-data/config.json
|
sed -i "s/\"minify\": true/\"minify\": \"$MINIFY\"/" meshcentral-data/config.json
|
||||||
sed -i "s/\"WebRTC\": false/\"WebRTC\": \"$WEBRTC\"/" meshcentral-data/config.json
|
sed -i "s/\"WebRTC\": false/\"WebRTC\": \"$WEBRTC\"/" meshcentral-data/config.json
|
||||||
sed -i "s/\"AllowFraming\": false/\"AllowFraming\": \"$IFRAME\"/" meshcentral-data/config.json
|
sed -i "s/\"AllowFraming\": false/\"AllowFraming\": \"$IFRAME\"/" meshcentral-data/config.json
|
||||||
if [ "$REVERSE_PROXY" != "false" ]
|
if [ "$REVERSE_PROXY" != "false" ]; then
|
||||||
then
|
sed -i "s/\"_certUrl\": \"my\.reverse\.proxy\"/\"certUrl\": \"https:\/\/$REVERSE_PROXY:$REVERSE_PROXY_TLS_PORT\"/" meshcentral-data/config.json
|
||||||
sed -i "s/\"_certUrl\": \"my\.reverse\.proxy\"/\"certUrl\": \"https:\/\/$REVERSE_PROXY:$REVERSE_PROXY_TLS_PORT\"/" meshcentral-data/config.json
|
node meshcentral/meshcentral
|
||||||
node node_modules/meshcentral
|
exit
|
||||||
exit
|
|
||||||
fi
|
fi
|
||||||
node node_modules/meshcentral --cert "$HOSTNAME"
|
node meshcentral/meshcentral --cert "$HOSTNAME"
|
||||||
fi
|
fi
|
Loading…
Reference in New Issue
Block a user