From c660bd92271537e7393eb6a5cc53e5b0e25b60ba Mon Sep 17 00:00:00 2001 From: Mayel de Borniol Date: Mon, 1 Apr 2024 20:14:28 +0100 Subject: [PATCH] add FAQ: Running an offline coop-cloud server --- docs/operators/handbook.md | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/docs/operators/handbook.md b/docs/operators/handbook.md index f1c3c1cf..34e35e05 100644 --- a/docs/operators/handbook.md +++ b/docs/operators/handbook.md @@ -228,3 +228,23 @@ If you want to teach `abra` how to support your favourite server hosting provide `abra` supports creating, listing and removing DNS entries if the 3rd party integration supports it. If you want to teach `abra` how to support your favourite server hosting provider, we'd glady accept patches. + +## Running an offline coop-cloud server + +You may want to run a coop-cloud directly on your device (or in a VM or machine on your LAN), whether that's for testing a recipe or to run coop-cloud apps outside of the cloud ;-) +In that case you might simply add some names to `/etc/hosts` (e.g `127.0.0.1 myapp.localhost`), or configure them on a local DNS server - which means `traefik` won't be able to use `letsencrypt` to generate and verify SSL certificates. Here's what you can do instead: +1. In your traefik .env file, edit/uncomment the following lines: +``` +LETS_ENCRYPT_ENV=staging +WILDCARDS_ENABLED=1 +SECRET_WILDCARD_CERT_VERSION=v1 +SECRET_WILDCARD_KEY_VERSION=v1 +COMPOSE_FILE="$COMPOSE_FILE:compose.wildcard.yml" +``` +2. Generate a self-signed certificate using the [command listed here](https://letsencrypt.org/docs/certificates-for-localhost/#making-and-trusting-your-own-certificates). Unless using `localhost` you may want to edit that where it appears in the command, and/or add multiple (sub)domains to the certificate e.g: `subjectAltName=DNS:localhost,DNS:myapp.localhost` +3. Run these commands: +``` +abra app secret insert localhost ssl_cert v1 "$(cat localhost.crt)" +abra app secret insert localhost ssl_key v1 "$(cat localhost.key)" +``` +4. Re-deploy `traefik` with `--force` and voila!