forked from toolshed/docs.coopcloud.tech
		
	Compare commits
	
		
			1 Commits
		
	
	
		
			translatio
			...
			beta-relea
		
	
	| Author | SHA1 | Date | |
|---|---|---|---|
| 4ee537f690 | 
| @ -1,4 +1,4 @@ | |||||||
| FROM squidfunk/mkdocs-material:9.0.12 | FROM squidfunk/mkdocs-material:8.2.16 | ||||||
|  |  | ||||||
| EXPOSE 8000 | EXPOSE 8000 | ||||||
|  |  | ||||||
|  | |||||||
| @ -1,5 +1,5 @@ | |||||||
| --- | --- | ||||||
| title: Cheat sheet | tags: coop-cloud | ||||||
| --- | --- | ||||||
|  |  | ||||||
| # Abra cheat sheet | # Abra cheat sheet | ||||||
|  | |||||||
| @ -55,7 +55,3 @@ We maintain a fork of [godotenv](https://github.com/Autonomic-Cooperative/godote | |||||||
| ### `docker/client` | ### `docker/client` | ||||||
|  |  | ||||||
| A number of modules in [pkg/upstream](./pkg/upstream) are copy/pasta'd from the upstream [docker/docker/client](https://pkg.go.dev/github.com/docker/docker/client). We had to do this because upstream are not exposing their API as public. | A number of modules in [pkg/upstream](./pkg/upstream) are copy/pasta'd from the upstream [docker/docker/client](https://pkg.go.dev/github.com/docker/docker/client). We had to do this because upstream are not exposing their API as public. | ||||||
|  |  | ||||||
| ### `github.com/schultz-is/passgen` |  | ||||||
|  |  | ||||||
| Due to [`coop-cloud/organising#358`](https://git.coopcloud.tech/coop-cloud/organising/issues/358). |  | ||||||
|  | |||||||
| @ -4,7 +4,7 @@ title: Abra | |||||||
|  |  | ||||||
| <a href="https://github.com/egonelbre/gophers"><img align="right" width="250" src="https://github.com/egonelbre/gophers/raw/master/.thumb/sketch/adventure/poking-fire.png"/></a> | <a href="https://github.com/egonelbre/gophers"><img align="right" width="250" src="https://github.com/egonelbre/gophers/raw/master/.thumb/sketch/adventure/poking-fire.png"/></a> | ||||||
|  |  | ||||||
| `abra` is the flagship client & command-line for Co-op Cloud. It has been developed specifically for the purpose of making the day-to-day operations of operators and maintainers pleasant & convenient. It is libre software, written in Go and maintained and extended by the community :heart: | `abra` is our flagship client & command-line tool which has been developed specifically in the context of the Co-op Cloud project for the purpose of making the day-to-day operations of operators and maintainers pleasant & convenient. It is libre software, written in Go and maintained and extended by the community :heart: | ||||||
|  |  | ||||||
| Once you've got `abra` installed, you can start your own Co-op Cloud deployment. `abra` allows you to create, deploy and maintain libre software apps. It supports working with existing servers or can create new servers (supported providers: [Servers.coop](https://servers.coop/) & [Hetzner](https://hetzner.com)). It can also help you manage your DNS configuration (supported providers: [Gandi](https://gandi.net)). | Once you've got `abra` installed, you can start your own Co-op Cloud deployment. `abra` allows you to create, deploy and maintain libre software apps. It supports working with existing servers or can create new servers (supported providers: [Servers.coop](https://servers.coop/) & [Hetzner](https://hetzner.com)). It can also help you manage your DNS configuration (supported providers: [Gandi](https://gandi.net)). | ||||||
|  |  | ||||||
|  | |||||||
| @ -17,17 +17,3 @@ curl https://install.abra.coopcloud.tech | bash -s -- --rc | |||||||
| ## Installer script source | ## Installer script source | ||||||
|  |  | ||||||
| You can view that [here](https://git.coopcloud.tech/coop-cloud/abra/src/branch/main/scripts/installer/installer). | You can view that [here](https://git.coopcloud.tech/coop-cloud/abra/src/branch/main/scripts/installer/installer). | ||||||
|  |  | ||||||
| ## Using Docker |  | ||||||
|  |  | ||||||
| ``` |  | ||||||
| docker run \ |  | ||||||
| 	-v $HOME/.abra:/.abra \ |  | ||||||
| 	git.coopcloud.tech/coop-cloud/abra app ls |  | ||||||
| ``` |  | ||||||
|  |  | ||||||
| !!! note |  | ||||||
| 	If you're using symlinks, e.g. for [sharing |  | ||||||
| 	`~/.abra`](/operators/handbook/#sharing-abra), add more `-v` options for each |  | ||||||
| 	directory you're symlinking to, e.g. `-v |  | ||||||
| 	$HOME/Projects/CoopCloud/apps:/home/user/Projects/CoopCloud/apps` |  | ||||||
|  | |||||||
| @ -89,7 +89,7 @@ We're still waiting for upstream patch which resovles this. | |||||||
|  |  | ||||||
| We're sorry, it's an issue with an upstream dependency. See [`#291`](https://git.coopcloud.tech/coop-cloud/organising/issues/291) for more. | We're sorry, it's an issue with an upstream dependency. See [`#291`](https://git.coopcloud.tech/coop-cloud/organising/issues/291) for more. | ||||||
|  |  | ||||||
| ## I need some feature from the old deprecated bash abra? | ## I need some feature from the old depreciated bash abra? | ||||||
|  |  | ||||||
| There is an archive of the [old code here](https://git.coopcloud.tech/coop-cloud/abra-bash). | There is an archive of the [old code here](https://git.coopcloud.tech/coop-cloud/abra-bash). | ||||||
|  |  | ||||||
|  | |||||||
| @ -18,49 +18,6 @@ abra upgrade --rc | |||||||
|  |  | ||||||
| ## Migration guides | ## Migration guides | ||||||
|  |  | ||||||
| ### `0.6.x-beta` -> `0.7.x-beta` |  | ||||||
|  |  | ||||||
| > **ALERTA, ALERTA**: this is currently only available via the release |  | ||||||
| > candidate channel, using `abra upgrade --rc`. There has been a lot of churn |  | ||||||
| > and we're being cautious about releasing this one. Please help us test! We're |  | ||||||
| > currently on `0.7.0-rc2-beta`. |  | ||||||
|  |  | ||||||
| - `kadabra`, the app auto-updater is available for general alpha testing! See [these docs](https://docs.coopcloud.tech/operators/tutorial/#automatic-upgrades) for how to get started. Binaries can be found [here](https://git.coopcloud.tech/coop-cloud/abra/releases/tag/0.7.0-rc2-beta). |  | ||||||
|  |  | ||||||
| - **ALERTA, ALERTA**, security related issue: all `$domain.env` env vars are now exposed to the deployment via the `app` service container. Each `FOO=BAR` is exported within the context of the container. If you have any privately committed secrets in your `.env` files, please migrate them to the `secrets: ...` configuration in the recipe. This change was made to facilitate tooling which can support auto-upgrading of apps in a deployment. |  | ||||||
|  |  | ||||||
| - `abra` can no longer install Docker, initialise swarm mode and the proxy network. It will check if a Docker install exists and is in swarm mode or not and error out accordingly. We leave the provisioning to tools that are designed for that and reduce the command-line surface that we have to maintain going forward. |  | ||||||
|  |  | ||||||
| - `abra server add <host> <args>` 👉 `abra server add <host>`. We have finally removed the custom SSH handling code and now solely rely on invoke `/usr/bin/ssh` directly and reading from the `~/.ssh/config`. The `<host>` argument should correspond to a `Host <host>` entry in your `~/.ssh/config` or in an `Include <file>` statement (hosts are retrieved via `ssh -G <host>`). This means "how does `abra` interact with SSH is 1) do you have an `~/.ssh/config` entry for `<host>` 2) can you `ssh <host>` successfully? 3) there is no 3. It's an easier mental model and also the way `abra-bash` works, hence, less weird obscure errors. `<host>` being public a domain name is still required. |  | ||||||
|  |  | ||||||
| - `abra` no longer tries to do the TOFU host key verification prompt. We follow the praxis of the Docker CLI and just give up when host keys are not validated. We leave it to folks to SSH in and verify themselves. |  | ||||||
|  |  | ||||||
| - On the way to [`kadabra`](https://git.coopcloud.tech/coop-cloud/abra/pulls/268), several changes regarding labelling deployments have been merged in this release. This will allow tooling to understand a deployment without having the context of a `~/.abra/...` configuration. This will pave the way for server-side tooling, like `kadabra` which can help operators with different kinds of maintenance tasks. |  | ||||||
|  |  | ||||||
| - Welcome `abra recipe fetch`, which helps retrieve a recipe repository to your local work-station. |  | ||||||
|  |  | ||||||
| - Also say hello to `abra app services <domain>`, which lists the in-deployment service names and corresponding image, e.g. `foo_example_com`. |  | ||||||
|  |  | ||||||
| - Digests have been removed from the catalogue generation. |  | ||||||
|  |  | ||||||
| - Backup files generated by `abra` have a much more human-friendly format. |  | ||||||
|  |  | ||||||
| - Linting for domains is disabled when no `DOMAIN=...` is discovered in the `$odmain.env` file. |  | ||||||
|  |  | ||||||
| ### `0.5.x-beta` -> `0.6.x-beta` |  | ||||||
|  |  | ||||||
| - Using `{{ .Domain }}` in recipe `.envrc.sample` files went away because it |  | ||||||
|   was portable enough. We revert to replacing e.g `gitea.example.com` with the |  | ||||||
|   domain. See |  | ||||||
|   [`8fad34e`](https://git.coopcloud.tech/coop-cloud/abra/commit/8fad34e) for |  | ||||||
|   more. |  | ||||||
|  |  | ||||||
| - If your `abra.sh` scripts depend on `/bin/sh` and `/bin/bash` is available in |  | ||||||
|   the container then `/bin/bash` will be used from now on. `/bin/sh` is only |  | ||||||
|   now used if `/bin/bash` is not available. See |  | ||||||
|   [`7f745ff`](https://git.coopcloud.tech/coop-cloud/abra/commit/7f745ff) for |  | ||||||
|   more. |  | ||||||
|  |  | ||||||
| ### `v0.4.x` -> `v0.5.x` | ### `v0.4.x` -> `v0.5.x` | ||||||
|  |  | ||||||
| - The only breaking change was making `abra` understand that the JSON dump for the recipes listing lives on [recipes.coopcloud.tech/recipes.json](https://recipes.coopcloud.tech) instead of [recipes.coopcloud.tech](https://recipes.coopcloud.tech). | - The only breaking change was making `abra` understand that the JSON dump for the recipes listing lives on [recipes.coopcloud.tech/recipes.json](https://recipes.coopcloud.tech) instead of [recipes.coopcloud.tech](https://recipes.coopcloud.tech). | ||||||
|  | |||||||
| @ -40,7 +40,7 @@ A [Docker](glossary#docker) related concept: a virtual network created on the se | |||||||
|  |  | ||||||
| ## Recipe | ## Recipe | ||||||
|  |  | ||||||
| A recipe is what we call the configuration files that are used to deploy an [app](/glossary#app). When you run `abra app deploy <domain>`, `abra` is reading a recipe configuration, such as [the gitea recipe](https://git.coopcloud.tech/coop-cloud/gitea), in order to know how to deploy a new Gitea instance. When we speak of a "digital configuration commons", we're primarily referring to the [growing collection of recipes](https://git.coopcloud.tech/coop-cloud). | A recipe is what we call the configuration files that are used to deploy an [app](/glossary#app). When you run `abra app deploy <domain>`, `abra` is reading a recipe configuration, such as [the gitea recipe](https://git.coopcloud.tech/coop-cloud/gitea), in order to know how to deploy a new Gitea instance. When we speak of a "digital configuraiton commons", we're primarily referring to the [growing collection of recipes](https://git.coopcloud.tech/coop-cloud). | ||||||
|  |  | ||||||
| ## Secret | ## Secret | ||||||
|  |  | ||||||
|  | |||||||
| @ -18,7 +18,7 @@ We'd be happy to hear feedback about our documentation, if it was helpful, what | |||||||
|  |  | ||||||
|     This project is still [beta quality software](https://en.wikipedia.org/wiki/Software_release_life_cycle#Beta) :bomb: Please take that into consideration if you are thinking about using this system in production. We're working hard to make Co-op Cloud stable. In the meantime, this is a good time to help us out with initial testing, feedback, ideas or [join in with development](/get-involved/). |     This project is still [beta quality software](https://en.wikipedia.org/wiki/Software_release_life_cycle#Beta) :bomb: Please take that into consideration if you are thinking about using this system in production. We're working hard to make Co-op Cloud stable. In the meantime, this is a good time to help us out with initial testing, feedback, ideas or [join in with development](/get-involved/). | ||||||
|  |  | ||||||
| - [Operators guide](/operators/): You run a Co-op Cloud based deployment or want to do so :computer: | - [Operators guide](/operators/): You run a Co-op Cloud deployment or want to do so :computer: | ||||||
|  |  | ||||||
| - [Maintainers guide](/maintainers/): You maintain recipes and ensure things run smoothly for operators :tools: | - [Maintainers guide](/maintainers/): You maintain recipes and ensure things run smoothly for operators :tools: | ||||||
|  |  | ||||||
|  | |||||||
| @ -1,33 +0,0 @@ | |||||||
| --- |  | ||||||
| title: Wstęp |  | ||||||
| --- |  | ||||||
|  |  | ||||||
| ## Who is this for? |  | ||||||
|  |  | ||||||
| Witaj w dokumentacji Co-op Cloud! |  | ||||||
|  |  | ||||||
| Ta dokumentacja jest skierowana do odbiorców "technicznych": spółdzielni technologicznych, kolektywów i osób indywidualnych zainteresowanych Co-op Cloud, lub takich, które mają już deploymenty Co-op Cloud. |  | ||||||
|  |  | ||||||
| A more general public may still find these pages useful but if you're just looking for a quick overview of the project from a less technical perspective, you can take a look at [coopcloud.tech](https://coopcloud.tech). |  | ||||||
|  |  | ||||||
| We'd be happy to hear feedback about our documentation, if it was helpful, what was missing, what was confusing, etc., please [get in touch](/intro/contact)! |  | ||||||
|  |  | ||||||
| ## Quick start |  | ||||||
|  |  | ||||||
| !!! danger "Here be dragons" |  | ||||||
|  |  | ||||||
|     This project is still [beta quality software](https://en.wikipedia.org/wiki/Software_release_life_cycle#Beta) :bomb: Please take that into consideration if you are thinking about using this system in production. We're working hard to make Co-op Cloud stable. In the meantime, this is a good time to help us out with initial testing, feedback, ideas or [join in with development](/get-involved/). |  | ||||||
|  |  | ||||||
| - [Operators guide](/operators/): You run a Co-op Cloud based deployment or want to do so :computer: |  | ||||||
|  |  | ||||||
| - [Maintainers guide](/maintainers/): You maintain recipes and ensure things run smoothly for operators :tools: |  | ||||||
|  |  | ||||||
| - [Organisers guide](/organisers): You run meetings, write guidelines & shape our democratic process :fist: |  | ||||||
|  |  | ||||||
| - [Recipes](/recipes/): You want to know what recipes are packaged so you can deploy them as apps :nerd: |  | ||||||
|  |  | ||||||
| - [Abra](/abra): You want to install the command-line client and hack the planet :unicorn: |  | ||||||
|  |  | ||||||
| - [Get involved](/get-involved): You'd like to help out with the project, we've love to see you stick around :heart: |  | ||||||
|  |  | ||||||
| - [Glossary](/glossary/): You'd like clarification about project terminology :book: |  | ||||||
| @ -9,5 +9,3 @@ title: Managed hosting | |||||||
| The Co-op Cloud is still [beta quality software](https://en.wikipedia.org/wiki/Software_release_life_cycle#Beta) :bomb: but you can still work with a tech co-op or collective to host some part or all of your online digital services with it. Organisations who want to support the project can get in touch with Co-op Cloud service providers via the following list for a quote on what they're looking for and how much it will cost. Service providers can then factor in some percentage of the cost to co-fund the development of this project. | The Co-op Cloud is still [beta quality software](https://en.wikipedia.org/wiki/Software_release_life_cycle#Beta) :bomb: but you can still work with a tech co-op or collective to host some part or all of your online digital services with it. Organisations who want to support the project can get in touch with Co-op Cloud service providers via the following list for a quote on what they're looking for and how much it will cost. Service providers can then factor in some percentage of the cost to co-fund the development of this project. | ||||||
|  |  | ||||||
| - [Autonomic Co-op](https://autonomic.zone) (contact: [`helo@autonomic.zone`](mailto:helo@autonomic.zone)) | - [Autonomic Co-op](https://autonomic.zone) (contact: [`helo@autonomic.zone`](mailto:helo@autonomic.zone)) | ||||||
| - [Local-IT](https://local-it.org/) (contact [`info@local-it.org`](mailto:info@local-it.org)) |  | ||||||
| - [Solisoft](https://solisoft.top) (contact [`contact@solisoft.top`](mailto:contact@solisoft.top)) |  | ||||||
|  | |||||||
| @ -224,11 +224,11 @@ file_env "DB_PASSWORD" | |||||||
| Sometimes the containers don't even have Bash installed on them. You had better just use `/bin/sh` or, in your entrypoint script, install Bash :upside_down: The entrypoint secrets hack listed above doesn't work in this case (as it requires Bash), so instead you can just do `export FOO=$(cat /run/secrets/<secret-name>)`. | Sometimes the containers don't even have Bash installed on them. You had better just use `/bin/sh` or, in your entrypoint script, install Bash :upside_down: The entrypoint secrets hack listed above doesn't work in this case (as it requires Bash), so instead you can just do `export FOO=$(cat /run/secrets/<secret-name>)`. | ||||||
|  |  | ||||||
|  |  | ||||||
| ## How do I reference services in configs? | ## Reference services in configs? | ||||||
|  |  | ||||||
| When referencing an `app` service in a config file, you should prefix with the `STACK_NAME` to avoid namespace conflicts (because all these containers sit on the traefik overlay network). You might want to do something like this `{{ env "STACK_NAME" }}_app` (using  the often obscure dark magic of the Golang templating language). You can find examples of this approach used in the [Peertube recipe](https://git.coopcloud.tech/coop-cloud/peertube/src/commit/d1b297c5a6a23a06bf97bb954104ddfd7f736568/nginx.conf.tmpl#L9). | When referencing an `app` service in a config file, you should prefix with the `STACK_NAME` to avoid namespace conflicts (because all these containers sit on the traefik overlay network). You might want to do something like this `{{ env "STACK_NAME" }}_app` (using  the often obscure dark magic of the Golang templating language). You can find examples of this approach used in the [Peertube recipe](https://git.coopcloud.tech/coop-cloud/peertube/src/commit/d1b297c5a6a23a06bf97bb954104ddfd7f736568/nginx.conf.tmpl#L9). | ||||||
|  |  | ||||||
| ## How are recipes versioned? | ## How are recipes are versioned? | ||||||
|  |  | ||||||
| We'll use an example to work through this. Let's use [Gitea](https://hub.docker.com/r/gitea/gitea). | We'll use an example to work through this. Let's use [Gitea](https://hub.docker.com/r/gitea/gitea). | ||||||
|  |  | ||||||
| @ -364,7 +364,7 @@ mkdir -p releases | |||||||
|  |  | ||||||
| And then create a text file which corresponds to the version release, e.g. `1.1.0+5.9.0` and write some notes. `abra` will show these when another operator runs `abra app deploy` / `abra app upgrade`. | And then create a text file which corresponds to the version release, e.g. `1.1.0+5.9.0` and write some notes. `abra` will show these when another operator runs `abra app deploy` / `abra app upgrade`. | ||||||
|  |  | ||||||
| ## How do I generate the recipe catalogue | ## Generate the recipe catalogue | ||||||
|  |  | ||||||
| To generate an entire new copy of the catalogue: | To generate an entire new copy of the catalogue: | ||||||
|  |  | ||||||
| @ -393,7 +393,7 @@ You can pass `--publish` to have `abra` automatically publish those changes. | |||||||
|  |  | ||||||
|     In order to have `abra` publish changes for you automatically, you'll have to have write permissons to the git.coopcloud.tech repository and your account must have a working SSH key configuration. `abra` will use the SSH based URL connection details for Git by automagically creating an `origin-ssh` remote in the repository and pushing to it. |     In order to have `abra` publish changes for you automatically, you'll have to have write permissons to the git.coopcloud.tech repository and your account must have a working SSH key configuration. `abra` will use the SSH based URL connection details for Git by automagically creating an `origin-ssh` remote in the repository and pushing to it. | ||||||
|  |  | ||||||
| ## How do I enable healthchecks | ## Enable healthchecks | ||||||
|  |  | ||||||
| A healthcheck is an important and often overlooked part of the recipe configuration. It is part of the configuration that the runtime uses to figure out if a container is really up-and-running. You can tweak what command to run, how often and how many times to try until you assume the container is not up. | A healthcheck is an important and often overlooked part of the recipe configuration. It is part of the configuration that the runtime uses to figure out if a container is really up-and-running. You can tweak what command to run, how often and how many times to try until you assume the container is not up. | ||||||
|  |  | ||||||
| @ -410,7 +410,7 @@ If you're just starting off with packaging a recipe, you can use `healthcheck: d | |||||||
|  |  | ||||||
| `abra app errors -w <domain>` will show what errors are being reported from a failing healtcheck setup. | `abra app errors -w <domain>` will show what errors are being reported from a failing healtcheck setup. | ||||||
|  |  | ||||||
| ## How do I tune deploy configs? | ## Tuning deploy configs | ||||||
|  |  | ||||||
| A bit like healtchecks, there is no universal setup. A good default seems to be the following configuration: | A bit like healtchecks, there is no universal setup. A good default seems to be the following configuration: | ||||||
|  |  | ||||||
| @ -431,13 +431,13 @@ Setting a restart policy is also good so that the runtime doesn't try to restart | |||||||
|  |  | ||||||
| Best to [read](https://docs.docker.com/engine/reference/builder/#healthcheck) [the docs](https://docs.docker.com/compose/compose-file/compose-file-v3/#healthcheck) on this one. | Best to [read](https://docs.docker.com/engine/reference/builder/#healthcheck) [the docs](https://docs.docker.com/compose/compose-file/compose-file-v3/#healthcheck) on this one. | ||||||
|  |  | ||||||
| ## How do I tune resource limits? | ## Tuning resource limits | ||||||
|  |  | ||||||
| If you don't place resource limits on your app it will assume it can use the entire capacity of the server it is on. This can cause issues such as OOM eerors for your entire swarm. | If you don't place resource limits on your app it will assume it can use the entire capacity of the server it is on. This can cause issues such as OOM eerors for your entire swarm. | ||||||
|  |  | ||||||
| See the [Docker documentation](https://docs.docker.com/config/containers/resource_constraints/) to get into this topic and check the other recipes to see what other maintainers are doing. | See the [Docker documentation](https://docs.docker.com/config/containers/resource_constraints/) to get into this topic and check the other recipes to see what other maintainers are doing. | ||||||
|  |  | ||||||
| ## How do I enable A+ SSL ratings? | ## Enable A+ SSL ratings | ||||||
|  |  | ||||||
| If you want to get the highest rating on SSL certs, you can use the following traefik labels which use a tweaked Traefik configuration. | If you want to get the highest rating on SSL certs, you can use the following traefik labels which use a tweaked Traefik configuration. | ||||||
|  |  | ||||||
| @ -448,7 +448,7 @@ If you want to get the highest rating on SSL certs, you can use the following tr | |||||||
|  |  | ||||||
| See [this PR](https://git.coopcloud.tech/coop-cloud/traefik/pulls/8/files) for the technical details | See [this PR](https://git.coopcloud.tech/coop-cloud/traefik/pulls/8/files) for the technical details | ||||||
|  |  | ||||||
| ## How do I tweak secret generation length? | ## Tweaking secret generation length | ||||||
|  |  | ||||||
| It is possible to tell `abra` which length it should generate secrets with from your recipe config. | It is possible to tell `abra` which length it should generate secrets with from your recipe config. | ||||||
|  |  | ||||||
| @ -469,13 +469,12 @@ of passwords which admins have to type out in database shells. | |||||||
|  |  | ||||||
| ## How are recipes added to the catalogue? | ## How are recipes added to the catalogue? | ||||||
|  |  | ||||||
| > This is so far a manual process which requires someone who's been added to the | > This is so far a manual process which requires a member of Autonomic. This is | ||||||
| > `coop-cloud` "Organisation" on https://git.coopcloud.tech. This is a temporary | > a temporary situation, we want to open out this process & also introduce some | ||||||
| > situation, we want to open out this process & also introduce some automation | > automation to support making thie process more convenient. Please nag us to | ||||||
| > to support making thie process more convenient. Please nag us to move things | > move things along. | ||||||
| > along. |  | ||||||
|  |  | ||||||
| - Publish your new recipe on the [git.coopcloud.tech](https://git.coopcloud.tech/coop-cloud) "Organisation" | - Publish your new recipe on the [git.coopcloud.tech](https://git.coopcloud.tech/coop-cloud) listing | ||||||
| - Run `abra catalogue generate <recipe> -p` | - Run `abra catalogue generate <recipe> -p` | ||||||
| - Run `cd ~/.abra/catalogue && make` | - Run `cd ~/.abra/catalogue && make` | ||||||
|  |  | ||||||
| @ -484,7 +483,7 @@ the [recipe release publishing dance](https://docs.coopcloud.tech/maintainers/ha | |||||||
| which will then extend the `versions: [...]` section of the published JSON in the catalogue. | which will then extend the `versions: [...]` section of the published JSON in the catalogue. | ||||||
|  |  | ||||||
| Recipes that are not included in the catalogue can still be deployed. It is not | Recipes that are not included in the catalogue can still be deployed. It is not | ||||||
| required to add your recipes to the catalogue, but this will improve the | required to add your recipes to the catalogue but this will improve the | ||||||
| visibility for other co-op hosters & end-users. | visibility for other co-op hosters & end-users. | ||||||
|  |  | ||||||
| For now, it is best to [get in touch](https://docs.coopcloud.tech/intro/contact/) if you want to add your recipe to the catalogue. | For now, it is best to [get in touch](https://docs.coopcloud.tech/intro/contact/) if you want to add your recipe to the catalogue. | ||||||
| @ -503,14 +502,14 @@ Two of the current "blessed" options are | |||||||
| [`backup-bot-two`](https://git.coopcloud.tech/coop-cloud/backup-bot-two) & | [`backup-bot-two`](https://git.coopcloud.tech/coop-cloud/backup-bot-two) & | ||||||
| [`abra`](https://git.coopcloud.tech/coop-cloud/abra). | [`abra`](https://git.coopcloud.tech/coop-cloud/abra). | ||||||
|  |  | ||||||
| #### `backup-bot-two` |  | ||||||
|  |  | ||||||
| Please see the [`README.md`](https://git.coopcloud.tech/coop-cloud/backup-bot-two#backupbot-ii) for the full docs. |  | ||||||
|  |  | ||||||
| #### `abra` | #### `abra` | ||||||
|  |  | ||||||
| `abra` will read labels and store backups in `~/.abra/backups/...`. | `abra` will read labels and store backups in `~/.abra/backups/...`. | ||||||
|  |  | ||||||
|  | #### `backup-bot-two` | ||||||
|  |  | ||||||
|  | Please see the [`README.md`](https://git.coopcloud.tech/coop-cloud/backup-bot-two#backupbot-ii) for the full docs. | ||||||
|  |  | ||||||
| ### Backup | ### Backup | ||||||
|  |  | ||||||
| For backup, here are the labels & some examples: | For backup, here are the labels & some examples: | ||||||
|  | |||||||
| @ -21,7 +21,7 @@ The idea scenario is when the upstream project provides both the packaged image | |||||||
| - **Inspired**: Upstream image, someone else's compose file | - **Inspired**: Upstream image, someone else's compose file | ||||||
| - **On fire**: Upstream image, upstream compose file | - **On fire**: Upstream image, upstream compose file | ||||||
|  |  | ||||||
| ### Writing / adapting the `compose.yml` | ### Writing the `compose.yml` | ||||||
|  |  | ||||||
| Let's take a practical example, [Matomo web analytics](https://matomo.org/). We'll be making a Docker "swarm-mode" `compose.yml` file. | Let's take a practical example, [Matomo web analytics](https://matomo.org/). We'll be making a Docker "swarm-mode" `compose.yml` file. | ||||||
|  |  | ||||||
| @ -66,8 +66,8 @@ abra app new matomo --secrets \ | |||||||
|  --server swarm.example.com |  --server swarm.example.com | ||||||
| ``` | ``` | ||||||
|  |  | ||||||
| Depending on whether you defined any extra environment variables -- we didn't so | Depending on whether you defined any extra environment variables, we didn't so | ||||||
| far, in this example -- you might want to run `abra app config swarm.example.com` | far, in this example, you might want to run `abra app config swarm.example.com` | ||||||
| to check the configuration. | to check the configuration. | ||||||
|  |  | ||||||
| Otherwise, or once you've done that, go ahead and deploy the app: | Otherwise, or once you've done that, go ahead and deploy the app: | ||||||
| @ -80,4 +80,4 @@ Then, open the `DOMAIN` you configured (you might need to wait a while for Traef | |||||||
|  |  | ||||||
| ### Finishing up | ### Finishing up | ||||||
|  |  | ||||||
| You've probably got more questions, check out the [packaging handbook](/maintainers/handbook)! | You've probably got more questions, check out the [maintainers handbook](/maintainers/handbook)! | ||||||
|  | |||||||
| @ -82,18 +82,6 @@ Then, tell your collaborators (e.g. in the repository's `README.md`), to run `ma | |||||||
|  |  | ||||||
|     We don't currently recommend this, because it might set inaccurate expectations about the security model – remember that, by default, **any user who can deploy apps to a Docker Swarm can manage _any_ app in that swarm**. |     We don't currently recommend this, because it might set inaccurate expectations about the security model – remember that, by default, **any user who can deploy apps to a Docker Swarm can manage _any_ app in that swarm**. | ||||||
|  |  | ||||||
| ### Migrating a server into a repository |  | ||||||
|  |  | ||||||
| Even if you've got your existing server configs in version control, by default, `abra server add` will define the server locally. To move it -- taking the example of `newserver.example.com`: |  | ||||||
|  |  | ||||||
| ``` |  | ||||||
| mv ~/.abra/servers/newserver.example.com ~/coop-cloud-apps/ |  | ||||||
| cd ~/coop-cloud-apps |  | ||||||
| git add newserver.example.com |  | ||||||
| git commit |  | ||||||
| make link |  | ||||||
| ``` |  | ||||||
|  |  | ||||||
| ## Running abra server side | ## Running abra server side | ||||||
|  |  | ||||||
| If you're on an environment where it's hard to run Docker, or command-line programs in general, you might want to install `abra` on a server instead of your local work station. | If you're on an environment where it's hard to run Docker, or command-line programs in general, you might want to install `abra` on a server instead of your local work station. | ||||||
| @ -243,7 +231,7 @@ The requirements are: | |||||||
| wget -O- https://get.docker.com | bash | wget -O- https://get.docker.com | bash | ||||||
|  |  | ||||||
| # add user to docker group | # add user to docker group | ||||||
| usermod -aG docker $USER | usermod -aG docker $YOURUSERNAMEHERE | ||||||
|  |  | ||||||
| # setup swarm | # setup swarm | ||||||
| docker swarm init | docker swarm init | ||||||
| @ -324,10 +312,6 @@ Running `server add` with `-d/--debug` should help you debug what is going on un | |||||||
|  |  | ||||||
| If you need to run a command within a running container you can use `abra app run <domain> <service> <command>`. For example, you could run `abra app run cloud.lumbung.space app bash` to open a new bash terminal session inside your remote container. | If you need to run a command within a running container you can use `abra app run <domain> <service> <command>`. For example, you could run `abra app run cloud.lumbung.space app bash` to open a new bash terminal session inside your remote container. | ||||||
|  |  | ||||||
| ## How do I attach on a non-running container? |  | ||||||
|  |  | ||||||
| If you need to run a command on a container that won't start (eg. the container is stuck in a restart loop) you can temporarily disable its default entrypoint by setting it in `compose.yml` to something like ['tail', '-f', '/dev/null'], then redeploy the stack (with `--force --chaos` so you don't need to commit), then [get into the now running container](#how-do-i-attach-to-a-running-container), do your business, and when done revert the compose.yml change and redeploy again.  |  | ||||||
|  |  | ||||||
| ## Can I run Co-op Cloud on ARM? | ## Can I run Co-op Cloud on ARM? | ||||||
|  |  | ||||||
| `@Mayel`: | `@Mayel`: | ||||||
| @ -347,43 +331,3 @@ If you're app [supports backup/restore](/handbook/#how-do-i-configure-backuprest | |||||||
|  |  | ||||||
| With `abra`, you can simply run `abra app backup ...` & `abra app restore ...`. | With `abra`, you can simply run `abra app backup ...` & `abra app restore ...`. | ||||||
| Pass `-h` for more information on the specific flags & arguments. | Pass `-h` for more information on the specific flags & arguments. | ||||||
|  |  | ||||||
| ## How do I take a manual database backup? |  | ||||||
|  |  | ||||||
| MySQL / MariaDB: |  | ||||||
|  |  | ||||||
| ``` |  | ||||||
| abra app run foo.bar.com db mysqldump -u root <database> | gzip > ~/.abra/backups/foo.bar.com_db_`date +%F`.sql.gz |  | ||||||
| ``` |  | ||||||
|  |  | ||||||
| Postgres: |  | ||||||
|  |  | ||||||
| ``` |  | ||||||
| abra app run foo.bar.com db pg_dump -u root <database> | gzip > ~/.abra/backups/foo.bar.com_db_`date +%F`.sql.gz |  | ||||||
| ``` |  | ||||||
|  |  | ||||||
| If you get errors about database access: |  | ||||||
| - Make sure you've specified the right database user (`root` above) and db name |  | ||||||
| - If you have a database password set, you might need to load it from a secret, |  | ||||||
|     something like this: |  | ||||||
|  |  | ||||||
| ``` |  | ||||||
| abra app run foo.bar.com db bash -c 'mysqldump -u root -p"$(cat /run/secrets/db_oot_password)" <database>' | gzip > ~/.abra/backups/foo.bar.com_db_`date +%F`.sql.gz |  | ||||||
| ``` |  | ||||||
|  |  | ||||||
| ## Can I deploy a recipe without `abra`? |  | ||||||
|  |  | ||||||
| Yes! It's a design goal to keep the recipes not dependent on `abra` or any |  | ||||||
| single tool that we develop. This means the configurationc commons can still be |  | ||||||
| useful beyond this project. You can deploy a recipe with standard commands like |  | ||||||
| so: |  | ||||||
|  |  | ||||||
| ``` |  | ||||||
| set -a |  | ||||||
| source example.com.env |  | ||||||
| cd ~/.abra/recipes/myrecipe |  | ||||||
| docker stack deploy -c compose.yml example_com |  | ||||||
| ``` |  | ||||||
|  |  | ||||||
| `abra` makes all of this more cenvenient but other tooling could follow this |  | ||||||
| approach. |  | ||||||
|  | |||||||
| @ -94,9 +94,9 @@ The tutorial tries to help you make choices about which server and which DNS set | |||||||
|  |  | ||||||
| ### Server setup | ### Server setup | ||||||
|  |  | ||||||
| Co-op Cloud has itself near zero system requirements. You only need to worry about the system resource usage of your apps and the overhead of running containers with the docker runtime (often negligible. If you want to know more, see [this FAQ entry](/intro/faq/#isnt-running-everything-in-containers-inefficient)). | Co-op Cloud has itself near zero system requirements. You only need to worry about the system resource usage of your apps and the overhead of running containers with the docker runtime (often negligible. If you want to know more, see [this FAQ entry](/faq/#isnt-running-everything-in-containers-inefficient)). | ||||||
|  |  | ||||||
| We will deploy a new Nextcloud instance in this guide, so you will only need 1GB of RAM according to [their documentation](https://docs.nextcloud.com/server/latest/admin_manual/installation/system_requirements.html). You may also be interested in this [FAQ entry](/intro/faq/#arent-containers-horrible-from-a-security-perspective) if you are curious about security in the context of containers. | We will deploy a new Nextcloud instance in this guide, so you will only need 1GB of RAM according to [their documentation](https://docs.nextcloud.com/server/latest/admin_manual/installation/system_requirements.html). You may also be interested in this [FAQ entry](/faq/#arent-containers-horrible-from-a-security-perspective) if you are curious about security in the context of containers. | ||||||
|  |  | ||||||
| Most Co-op Cloud deployments have been run on Debian machines so far. Some experiments have been done on single board computers & servers with low resource capacities. | Most Co-op Cloud deployments have been run on Debian machines so far. Some experiments have been done on single board computers & servers with low resource capacities. | ||||||
|  |  | ||||||
| @ -109,7 +109,7 @@ You need to keep port `:80` and `:443` free on your server for web proxying to y | |||||||
| wget -O- https://get.docker.com | bash | wget -O- https://get.docker.com | bash | ||||||
|  |  | ||||||
| # add user to docker group | # add user to docker group | ||||||
| sudo usermod -aG docker $USER | usermod -aG docker $YOURUSERNAMEHERE | ||||||
|  |  | ||||||
| # setup swarm | # setup swarm | ||||||
| docker swarm init | docker swarm init | ||||||
| @ -211,7 +211,7 @@ Choose your newly registered server and specify a domain name. | |||||||
| You will want to take a look at your generated configuration and tweak the `LETS_ENCRYPT_EMAIL` value. You can do that by running `abra app config`: | You will want to take a look at your generated configuration and tweak the `LETS_ENCRYPT_EMAIL` value. You can do that by running `abra app config`: | ||||||
|  |  | ||||||
| ```bash | ```bash | ||||||
| abra app config <traefik-domain> | abra app config traefik | ||||||
| ``` | ``` | ||||||
|  |  | ||||||
| Every app you deploy will have one of these `.env` files, which contains variables which will be injected into app configurations when deployed. Variables starting with `#` are optional, others are required. | Every app you deploy will have one of these `.env` files, which contains variables which will be injected into app configurations when deployed. Variables starting with `#` are optional, others are required. | ||||||
| @ -252,46 +252,6 @@ abra app errors -w <nextcloud-domain> # error catcher | |||||||
|  |  | ||||||
| Your new `traefik` instance will detect that a new app is coming up and generate SSL certificates for it. You can see what `traefik` is up to using the same commands above but replacing `<netcloud-domain>` with the `<traefik-domain>` you chose earlier (`abra app ls` will remind you what domains you chose :grinning:). | Your new `traefik` instance will detect that a new app is coming up and generate SSL certificates for it. You can see what `traefik` is up to using the same commands above but replacing `<netcloud-domain>` with the `<traefik-domain>` you chose earlier (`abra app ls` will remind you what domains you chose :grinning:). | ||||||
|  |  | ||||||
| ### Upgrade Nextcloud |  | ||||||
|  |  | ||||||
| To upgrade an app manually to the newest available version run: |  | ||||||
|  |  | ||||||
| ```bash |  | ||||||
| abra app upgrade <nextcloud-domain> |  | ||||||
| ``` |  | ||||||
|  |  | ||||||
| ### Automatic Upgrades |  | ||||||
|  |  | ||||||
| `kadabra` the auto-updater is still under development, use it with care and don't use it in production environments. |  | ||||||
| To setup the auto-updater copy the `kadabra` binary to the server and configure a cronjob for regular app upgrades. |  | ||||||
| The following script will configure ssmtp for email notifications and setup a cronjob. |  | ||||||
| This cronjob checks daily for new app versions, notifies if any kind of update is available and upgrades all apps to the latest patch/minor version. |  | ||||||
|  |  | ||||||
|  |  | ||||||
| ```bash |  | ||||||
| apt install ssmtp |  | ||||||
|  |  | ||||||
| cat > /etc/ssmtp/ssmtp.conf << EOF |  | ||||||
| mailhub=$MAIL_SERVER:587 |  | ||||||
| hostname=$MAIL_DOMAIN |  | ||||||
| AuthUser=$USER |  | ||||||
| AuthPass=$PASSWORD |  | ||||||
| FromLineOverride=yes |  | ||||||
| UseSTARTTLS=yes |  | ||||||
| EOF |  | ||||||
|  |  | ||||||
| cat > /etc/cron.d/abra_updater << EOF |  | ||||||
| MAILTO=admin@example.com |  | ||||||
| MAILFROM=noreply@example.com |  | ||||||
|  |  | ||||||
| 0  6 * * *       root    ~/kadabra notify --major |  | ||||||
| 30 4 * * *       root    ~/kadabra upgrade --all |  | ||||||
| EOF |  | ||||||
|  |  | ||||||
|  |  | ||||||
| ``` |  | ||||||
|  |  | ||||||
|  |  | ||||||
| ## Finishing up | ## Finishing up | ||||||
|  |  | ||||||
| Hopefully you got something running! Well done! The [operators handbook](/operators/handbook) would probably be the next place to go check out if you're looking for more help. Especially on topics of ongoing maintenance. | Hopefully you got something running! Well done! The [operators handbook](/operators/handbook) would probably be the next place to go check out if you're looking for more help. Especially on topics of ongoing maintenance. | ||||||
|  | |||||||
| @ -15,65 +15,6 @@ It aims to be a helpful place to understand the status of apps, who is taking ca | |||||||
|  |  | ||||||
| The recipe catalogue is available on [recipes.coopcloud.tech](https://recipes.coopcloud.tech/). | The recipe catalogue is available on [recipes.coopcloud.tech](https://recipes.coopcloud.tech/). | ||||||
|  |  | ||||||
| ## Status / features / scoring |  | ||||||
|  |  | ||||||
| Each recipe README has a "metadata" section, to help communicate the overall status of the recipe, and which features are supported. Here's an example, from [the Wordpress recipe](https://git.coopcloud.tech/coop-cloud/wordpress/): |  | ||||||
|  |  | ||||||
| ``` |  | ||||||
| <!-- metadata --> |  | ||||||
|  |  | ||||||
| * **Category**: Apps |  | ||||||
| * **Status**: 3, stable |  | ||||||
| * **Image**: [`wordpress`](https://hub.docker.com/_/wordpress), 4, upstream |  | ||||||
| * **Healthcheck**: Yes |  | ||||||
| * **Backups**: Yes |  | ||||||
| * **Email**: 3 |  | ||||||
| * **Tests**: 2 |  | ||||||
| * **SSO**: No |  | ||||||
|  |  | ||||||
| <!-- endmetadata --> |  | ||||||
| ``` |  | ||||||
|  |  | ||||||
| Currently, recipe maintainers need to update the scores in this section manually. The specific meanings of the scores are: |  | ||||||
|  |  | ||||||
| ### Status (overall score) |  | ||||||
|  |  | ||||||
| - 5: everything in 4 + Single-Sign-On |  | ||||||
| - 4: upstream image, backups, email, healthcheck, integration testing |  | ||||||
| - 3: upstream image, missing 1-2 items from 4 |  | ||||||
| - 2: missing 3-4 items from 4 or no upstream image |  | ||||||
| - 1: alpha |  | ||||||
|  |  | ||||||
| ### Image |  | ||||||
|  |  | ||||||
| - 4: official upstream image |  | ||||||
| - 3: semi-official / actively-maintained image |  | ||||||
| - 2: 3rd-party image |  | ||||||
| - 1: our own custom image |  | ||||||
|  |  | ||||||
| ### Email |  | ||||||
|  |  | ||||||
| - 3: automatic (using environment variables) |  | ||||||
| - 2: mostly automatic |  | ||||||
| - 1: manual |  | ||||||
| - 0: none |  | ||||||
| - N/A: app doesn't send email |  | ||||||
|  |  | ||||||
| ### CI |  | ||||||
|  |  | ||||||
| - 3: as 2, plus healthcheck |  | ||||||
| - 2: auto secrets + networks |  | ||||||
| - 1: basic deployment using `stack-ssh-deploy`, manual secrets + networks |  | ||||||
| - 0: none |  | ||||||
|  |  | ||||||
| ### Single-Sign-On |  | ||||||
|  |  | ||||||
| - 3: automatic (using environment variables) |  | ||||||
| - 2: mostly automatic |  | ||||||
| - 1: manual |  | ||||||
| - 0: none |  | ||||||
| - N/A: app doesn't support SSO |  | ||||||
|  |  | ||||||
| ## Wishlist | ## Wishlist | ||||||
|  |  | ||||||
| If you'd like to see a new recipe packaged, make a request on the [recipes-wishlist](https://git.coopcloud.tech/coop-cloud/recipes-wishlist) repository issue tracker. | If you'd like to see a new recipe packaged, make a request on the [recipes-wishlist](https://git.coopcloud.tech/coop-cloud/recipes-wishlist) repository issue tracker. | ||||||
|  | |||||||
							
								
								
									
										14
									
								
								mkdocs.yml
									
									
									
									
									
								
							
							
						
						
									
										14
									
								
								mkdocs.yml
									
									
									
									
									
								
							| @ -78,20 +78,6 @@ nav: | |||||||
| plugins: | plugins: | ||||||
|   - search |   - search | ||||||
|   - awesome-pages |   - awesome-pages | ||||||
|   - translations: |  | ||||||
|       default_language: en |  | ||||||
|       languages: |  | ||||||
|         en: english |  | ||||||
|         pl: polski |  | ||||||
|  |  | ||||||
| extra: |  | ||||||
|   alternate: |  | ||||||
|     - name: English |  | ||||||
|       link: /en/ |  | ||||||
|       lang: en |  | ||||||
|     - name: Polish |  | ||||||
|       link: /pl/ |  | ||||||
|       lang: pl |  | ||||||
|  |  | ||||||
| repo_name: coop-cloud/docs.coopcloud.tech | repo_name: coop-cloud/docs.coopcloud.tech | ||||||
| repo_url: https://git.coopcloud.tech/coop-cloud/docs.coopcloud.tech | repo_url: https://git.coopcloud.tech/coop-cloud/docs.coopcloud.tech | ||||||
|  | |||||||
| @ -1,7 +1,3 @@ | |||||||
| { | { | ||||||
|   "$schema": "https://docs.renovatebot.com/renovate-schema.json", |   "$schema": "https://docs.renovatebot.com/renovate-schema.json" | ||||||
|   "packageRules": [{ |  | ||||||
|     "matchUpdateTypes": ["minor", "patch"], |  | ||||||
|     "automerge": true |  | ||||||
|   }] |  | ||||||
| } | } | ||||||
|  | |||||||
| @ -1,5 +1,4 @@ | |||||||
| mkdocs-awesome-pages-plugin==2.8.0 | mkdocs-awesome-pages-plugin==2.7.0 | ||||||
| mkdocs-material-extensions==1.1.1 | mkdocs-material-extensions==1.0.3 | ||||||
| mkdocs-material==9.0.12 | mkdocs-material==8.2.16 | ||||||
| mkdocs==1.4.2 | mkdocs==1.3.0 | ||||||
| mkdocs-translations>=0.1.1 |  | ||||||
|  | |||||||
		Reference in New Issue
	
	Block a user