merge linnealovespie-docs #275
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
commit
88ed1fab36
@ -30,6 +30,7 @@ You need to keep port `:80` and `:443` free on your server for web proxying to y
|
|||||||
When running `usermod ...`, you may need to (depending on your system) log
|
When running `usermod ...`, you may need to (depending on your system) log
|
||||||
in and out again of your shell session to get the required permissions for
|
in and out again of your shell session to get the required permissions for
|
||||||
Docker.
|
Docker.
|
||||||
|
Alternatively you can run [`newgrp`](https://www.man7.org/linux/man-pages/man1/newgrp.1.html) to register the group chnage.
|
||||||
|
|
||||||
```
|
```
|
||||||
# ssh into your server
|
# ssh into your server
|
||||||
@ -38,9 +39,18 @@ ssh <server-domain>
|
|||||||
# docker install convenience script
|
# docker install convenience script
|
||||||
wget -O- https://get.docker.com | bash
|
wget -O- https://get.docker.com | bash
|
||||||
|
|
||||||
|
# check if the docker group exists
|
||||||
|
groups | grep docker
|
||||||
|
|
||||||
|
# if the docker group doesn't already exist, add it manually
|
||||||
|
sudo groupadd docker
|
||||||
|
|
||||||
# add user to docker group
|
# add user to docker group
|
||||||
sudo usermod -aG docker $USER
|
sudo usermod -aG docker $USER
|
||||||
|
|
||||||
|
# check that docker installed correctly
|
||||||
|
docker run hello-world
|
||||||
|
|
||||||
# exit and re-login to load the group
|
# exit and re-login to load the group
|
||||||
exit
|
exit
|
||||||
ssh <server-domain>
|
ssh <server-domain>
|
||||||
@ -52,6 +62,7 @@ docker network create -d overlay proxy
|
|||||||
# now you can exit and start using abra
|
# now you can exit and start using abra
|
||||||
exit
|
exit
|
||||||
```
|
```
|
||||||
|
Abra can't deploy any applications in future steps if the docker group cannot run without sudo. If you install docker a different way, it may not create a docker group automatically. The [official Docker documentation](https://docs.docker.com/engine/install/linux-postinstall/) can help if you run into further issues.
|
||||||
|
|
||||||
??? question "Do you support multiple web proxies?"
|
??? question "Do you support multiple web proxies?"
|
||||||
|
|
||||||
@ -68,6 +79,8 @@ Your entries in your DNS provider setup might look like the following.
|
|||||||
|
|
||||||
Where `116.203.211.204` can be replaced with the IP address of your server.
|
Where `116.203.211.204` can be replaced with the IP address of your server.
|
||||||
|
|
||||||
|
Warning: If the you are in the same local netwrok as the server, you might run into [NAT Hairpin](https://superuser.com/questions/663820/port-forwarding-from-inner-network-to-inner-network-hairpin-nat) issues.
|
||||||
|
|
||||||
??? question "How do I know my DNS is working?"
|
??? question "How do I know my DNS is working?"
|
||||||
|
|
||||||
You can use a tool like `dig` on the command-line to check if your server has the necessary DNS records set up. Something like `dig +short <domain>` should show the IP address of your server if things are working.
|
You can use a tool like `dig` on the command-line to check if your server has the necessary DNS records set up. Something like `dig +short <domain>` should show the IP address of your server if things are working.
|
||||||
@ -129,12 +142,13 @@ It is important to note that `<server-domain>` here is a publicy accessible doma
|
|||||||
|
|
||||||
??? warning "Can I use arbitrary server names?"
|
??? warning "Can I use arbitrary server names?"
|
||||||
|
|
||||||
Yes, this is possible. Snsure that your `Host ...` entry in your SSH
|
Yes, this is possible. You need to pass `-D` to `server add` and ensure
|
||||||
configuration includes the name. So, for example:
|
that your `Host ...` entry in your SSH configuration includes the name.
|
||||||
|
So, for example, in `~/.ssh/config`:
|
||||||
|
```
|
||||||
Host example.com example
|
Host example.com example
|
||||||
...
|
...
|
||||||
|
```
|
||||||
And then:
|
And then:
|
||||||
|
|
||||||
abra server add example
|
abra server add example
|
||||||
@ -172,7 +186,7 @@ will suggest `<app-name>.server.org` or prompt you with a list of servers.
|
|||||||
|
|
||||||
**2. Configure this new `traefix` app**
|
**2. Configure this new `traefix` app**
|
||||||
|
|
||||||
You will want to take a look at your generated configuration and tweak the `LETS_ENCRYPT_EMAIL` value. You can do that by running `abra app config`:
|
You will want to take a look at your generated configuration and update the placeholder `LETS_ENCRYPT_EMAIL` value, used by Let's Encrypt to manage SSL certificates. You can do that by running `abra app config`:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
abra app config <traefik-domain>
|
abra app config <traefik-domain>
|
||||||
@ -189,7 +203,7 @@ files exist at relevantly named path:
|
|||||||
Variables starting with `#` are optional, others are required. Some things to
|
Variables starting with `#` are optional, others are required. Some things to
|
||||||
consider here is that by default our *Traefik* recipe exposes the metric
|
consider here is that by default our *Traefik* recipe exposes the metric
|
||||||
dashboard unauthenticated on the public internet at the URL `<traefik-domain>`
|
dashboard unauthenticated on the public internet at the URL `<traefik-domain>`
|
||||||
it is deployed to, which is not ideal. You can disable this with:
|
it is deployed to, which while helpful for debugging, is not ideal in production environments. You can disable this with:
|
||||||
|
|
||||||
```
|
```
|
||||||
DASHBOARD_ENABLED=false
|
DASHBOARD_ENABLED=false
|
||||||
@ -197,6 +211,8 @@ DASHBOARD_ENABLED=false
|
|||||||
|
|
||||||
**3. Now it is time to deploy your app:**
|
**3. Now it is time to deploy your app:**
|
||||||
|
|
||||||
|
Ensure `<traefic-domain>` is registered in `/etc/hosts` then run:
|
||||||
|
|
||||||
```
|
```
|
||||||
abra app deploy <traefik-domain>
|
abra app deploy <traefik-domain>
|
||||||
```
|
```
|
||||||
@ -218,7 +234,7 @@ The `-S` or `--secrets` flag is used to generate secrets for the app: database c
|
|||||||
|
|
||||||
Take care, these secrets are only shown once on the terminal so make sure to take note of them! `abra` makes use of the [Docker secrets](/operators/handbook/#managing-secret-data) mechanism to ship these secrets securely to the server and store them as encrypted data. Only the apps themselves have access to the values from here on, they're placed in `/run/secrets` on the container file system.
|
Take care, these secrets are only shown once on the terminal so make sure to take note of them! `abra` makes use of the [Docker secrets](/operators/handbook/#managing-secret-data) mechanism to ship these secrets securely to the server and store them as encrypted data. Only the apps themselves have access to the values from here on, they're placed in `/run/secrets` on the container file system.
|
||||||
|
|
||||||
Then we can deploy Nextcloud:
|
Make sure` <nextcloud-domain>` is registered in `/etc/hosts`, then we can deploy Nextcloud:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
abra app deploy <nextcloud-domain>
|
abra app deploy <nextcloud-domain>
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user