(simatec) Let's Encrypt added

This commit is contained in:
simatec 2022-03-09 14:28:14 +01:00
parent 61a27c6f05
commit d8cdf12ff7
5 changed files with 208 additions and 65 deletions

View file

@ -49,12 +49,6 @@ chmod +x /usr/local/bin/docker-compose
reboot now reboot now
``` ```
* remove postfix
```
apt purge postfix -y
```
* Clone repository * Clone repository
``` ```
@ -78,53 +72,21 @@ bash install-piler.sh
Congratulations your Piler is installed... Congratulations your Piler is installed...
The Piler can now be reached at http://your-domain:8080. If you have Let's Encrypt activated, you can reach the Piler at https://your-piler-domain
If Let's Encrypt is disabled, the Piler is at http://your-piler-domain or at http://your-local-IP
> After installation, any changes can be made in piler.conf at any time and the install script can then be run again. > After installation, any changes can be made in piler.conf at any time and the install script can then be run again.
******************************************************************************************************
### SSL certificates
If you want to run your Piler with SSL certificates, which always makes sense if the Piler isn't running locally, then I recommend the Nginx proxy manager for Docker.
I built my setup with the Nginx.
The Ngnix can be installed with the following compose.
Create a docker-compose.yml file similar to this:
```
version: '3'
services:
app:
image: 'jc21/nginx-proxy-manager:latest'
restart: unless-stopped
ports:
- '80:80'
- '81:81'
- '443:443'
volumes:
- ./data:/data
- ./letsencrypt:/etc/letsencrypt
```
```
docker-compose up -d
```
Log in to the Admin UI
When your docker container is running, connect to it on port 81 for the admin interface. Sometimes this can take a little bit because of the entropy of keys.
http://your-domain:81
********************************************************************************************************** **********************************************************************************************************
## Changelog ## Changelog
### 0.2.0 (09.03.2022)
* (simatec) Let's Encrypt added
### 0.1.0 (08.03.2022) ### 0.1.0 (08.03.2022)
* (simatec) first beta * (simatec) first beta

View file

@ -51,8 +51,8 @@ services:
- TZ=Europe/Berlin - TZ=Europe/Berlin
ports: ports:
- "25:25" - "25:25"
- "8080:80" - "80:80"
- "8443:443" - "443:443"
volumes: volumes:
- piler_etc:/etc/piler - piler_etc:/etc/piler
- piler_var:/var/piler - piler_var:/var/piler

109
config/piler-ssl.yml Normal file
View file

@ -0,0 +1,109 @@
version: "3"
services:
nginx-proxy:
image: jwilder/nginx-proxy
container_name: nginx-proxy
restart: always
ports:
- "80:80"
- "443:443"
volumes:
- ./nginx-data/certs:/etc/nginx/certs
- ./nginx-data/vhost.d:/etc/nginx/vhost.d
- ./nginx-data/html:/usr/share/nginx/html
- /var/run/docker.sock:/tmp/docker.sock:ro
nginx-letsencrypt:
image: jrcs/letsencrypt-nginx-proxy-companion
container_name: nginx-letsencrypt
restart: always
volumes_from:
- nginx-proxy
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
- DEFAULT_EMAIL=${LETSENCRYPT_EMAIL}
mysql:
image: mariadb:10.5
container_name: mysql-piler
restart: unless-stopped
cap_drop:
- ALL
cap_add:
- dac_override
- setuid
- setgid
environment:
- MYSQL_DATABASE=${MYSQL_DATABASE}
- MYSQL_USER=${MYSQL_USER}
- MYSQL_PASSWORD=${MYSQL_PASSWORD}
- MYSQL_RANDOM_ROOT_PASSWORD=yes
- "TZ=Europe/Berlin"
command: --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci
healthcheck:
test: mysql --user=${MYSQL_USER} --password=${MYSQL_PASSWORD} piler --execute "show tables"
interval: "60s"
timeout: "5s"
start_period: "15s"
retries: 3
volumes:
- db_data:/var/lib/mysql
memcached:
image: memcached:latest
container_name: memcached-piler
restart: unless-stopped
cap_drop:
- ALL
command: -m 64
piler:
image: sutoj/piler:1.3.11
container_name: piler
restart: unless-stopped
expose:
- "80"
hostname: ${PILER_DOMAIN}
init: true
environment:
- MYSQL_DATABASE=${MYSQL_DATABASE}
- MYSQL_USER=${MYSQL_USER}
- MYSQL_PASSWORD=${MYSQL_PASSWORD}
- MYSQL_HOSTNAME=mysql
- PILER_HOSTNAME=${PILER_DOMAIN}
- MEMCACHED_HOST=memcached
- TZ=Europe/Berlin
- VIRTUAL_HOST=${PILER_DOMAIN}
- LETSENCRYPT_HOST=${PILER_DOMAIN}
- LETSENCRYPT_EMAIL=${LETSENCRYPT_EMAIL}
ports:
- "25:25"
volumes:
- piler_etc:/etc/piler
- piler_var:/var/piler
- /etc/localtime:/etc/localtime
healthcheck:
test: curl -s smtp://localhost/
interval: "60s"
timeout: "3s"
start_period: "15s"
retries: 3
deploy:
resources:
reservations:
memory: 512M
limits:
memory: 512M
depends_on:
- "memcached"
- "mysql"
networks:
default:
external:
name: nginx-proxy
volumes:
db_data:
piler_etc:
piler_var:

View file

@ -1,22 +1,76 @@
#!/bin/bash #!/bin/bash
# Colors
if [ -z ${BASH_SOURCE} ]; then
blue=`echo "\e[1m\e[34m"`
green=`echo "\e[1m\e[32m"`
greenBold=`echo "\e[1m\e[1;32m"`
redBold=`echo "\e[1m\e[1;31m"`
red=`echo "\e[1m\e[31m"`
purple=`echo "\e[1m\e[35m"`
bold=`echo "\e[1m"`
normal=`echo "\e[0m"`
else
blue=`echo -e "\e[1m\e[34m"`
green=`echo -e "\e[1m\e[32m"`
greenBold=`echo -e "\e[1m\e[1;32m"`
redBold=`echo -e "\e[1m\e[1;31m"`
puple=`echo -e "\e[1m\e[35m"`
bold=`echo -e "\e[1m"`
normal=`echo -en "\e[0m"`
fi
HLINE="=================================================================="
. ./piler.conf . ./piler.conf
ln -s ./piler.conf .env ln -s ./piler.conf .env
if [ -f /opt/piler-docker/docker-compose.yml ]; then
rm /opt/piler-docker/docker-compose.yml
fi
if [ "$USE_LETSENCRYPT" = "yes" ]; then
cp /opt/piler-docker/config/piler-ssl.yml /opt/piler-docker/docker-compose.yml
else
cp /opt/piler-docker/config/piler-default.yml /opt/piler-docker/docker-compose.yml
fi
while true; do
read -ep "Postfix must be uninstalled prior to installation. Do you want to uninstall Postfix now? (y/n): " yn
case $yn in
[Yy]* ) apt purge postfix -y; break;;
[Nn]* ) echo -e "${redBold} The installation process is aborted because Postfix has not been uninstalled.!! ${normal}"; exit;;
* ) echo -e "${red} Please confirm with y or n.";;
esac
done
# docker start # docker start
echo echo
echo "===================================" echo "${greenBold}${HLINE}"
echo "start docker-compose for Piler" echo "${greenBold}start docker-compose for Piler"
echo "===================================" echo "${greenBold}${HLINE}${normal}"
echo echo
cd /opt/piler-docker cd /opt/piler-docker
if [ "$USE_LETSENCRYPT" = "yes" ]; then
if ! docker network ls | grep -o "nginx-proxy"; then
docker network create nginx-proxy
echo
echo "${blue}${HLINE}"
echo "${blue}docker network created"
echo "${blue}${HLINE}${normal}"
echo
fi
fi
docker-compose up -d docker-compose up -d
echo echo
echo "===================================" echo "${blue}${HLINE}"
echo "backup the File config-site.php" echo "${blue}backup the File config-site.php"
echo "===================================" echo "${blue}${HLINE}${normal}"
echo echo
if [ ! -f /var/lib/docker/volumes/piler-docker_piler_etc/_data/config-site.php.bak ]; then if [ ! -f /var/lib/docker/volumes/piler-docker_piler_etc/_data/config-site.php.bak ]; then
@ -27,10 +81,11 @@ else
fi fi
echo echo
echo "===================================" echo "${blue}${HLINE}"
echo "set User settings ..." echo "${blue}set User settings ..."
echo "===================================" echo "${blue}${HLINE}${normal}"
echo echo
cat >> /var/lib/docker/volumes/piler-docker_piler_etc/_data/config-site.php <<EOF cat >> /var/lib/docker/volumes/piler-docker_piler_etc/_data/config-site.php <<EOF
// Smarthost // Smarthost
@ -91,9 +146,9 @@ EOF
if [ "$USE_MAILCOW" = true ]; then if [ "$USE_MAILCOW" = true ]; then
echo echo
echo "===================================" echo "${blue}${HLINE}"
echo "set Mailcow Api-Key config" echo "set Mailcow Api-Key config"
echo "===================================" echo "${blue}${HLINE}${normal}"
echo echo
cat >> /var/lib/docker/volumes/piler-docker_piler_etc/_data/config-site.php <<EOF cat >> /var/lib/docker/volumes/piler-docker_piler_etc/_data/config-site.php <<EOF
@ -111,18 +166,22 @@ fi
# docker restart # docker restart
echo echo
echo "===================================" echo "${blue}${HLINE}"
echo "restart docker-compose ..." echo "${blue}restart docker-compose ..."
echo "===================================" echo "${blue}${HLINE}${normal}"
echo echo
cd /opt/piler-docker cd /opt/piler-docker
docker-compose restart docker-compose restart
echo echo
echo "=======================================================================" echo "${greenBold}${HLINE}"
echo "Piler install completed successfully" echo "${greenBold}Piler install completed successfully"
echo echo
echo "you can start in your Browser with http://${PILER_DOMAIN}:8080!" if [ "$USE_LETSENCRYPT" = "yes" ]; then
echo "=======================================================================" echo "${greenBold}you can start in your Browser with https://${PILER_DOMAIN}!"
else
echo "${greenBold}you can start in your Browser with http://${PILER_DOMAIN} or http://local-ip!"
fi
echo "${greenBold}${HLINE}${normal}"
echo echo

View file

@ -38,6 +38,19 @@ MYSQL_PASSWORD="<your-mysql-password>"
############################################# #############################################
########### Let's Encrypt Settings #################
# Enabled / Disabled (yes/no) Let's Encrypt
# For local Run disabled
USE_LETSENCRYPT="yes"
# Let's Encrypt registration contact information
LETSENCRYPT_EMAIL="admin@example.com"
#############################################
######### optional Mailcow Settings ######### ######### optional Mailcow Settings #########
# if Use Mailcow API Options set "true" # if Use Mailcow API Options set "true"