From 13bcac83bc126fb192a211d47ea8922d3d7de5ce Mon Sep 17 00:00:00 2001 From: Tushar Niras Date: Fri, 30 Sep 2022 11:02:07 +0530 Subject: [PATCH 01/11] Create heimdall.yaml --- docker-compose/heimdall/heimdall.yaml | 15 +++++++++++++++ 1 file changed, 15 insertions(+) create mode 100644 docker-compose/heimdall/heimdall.yaml diff --git a/docker-compose/heimdall/heimdall.yaml b/docker-compose/heimdall/heimdall.yaml new file mode 100644 index 0000000..8bf868c --- /dev/null +++ b/docker-compose/heimdall/heimdall.yaml @@ -0,0 +1,15 @@ +--- +version: "2.1" +services: + heimdall: + image: lscr.io/linuxserver/heimdall:latest + container_name: heimdall + environment: + - PUID=1000 + - PGID=1000 + volumes: + - ./heimdall/config:/config + ports: + - 80:80 + - 443:443 + restart: unless-stopped From 025e5d7ff0122bf5f5be876452646464f7727ac6 Mon Sep 17 00:00:00 2001 From: Christian Lempa Date: Mon, 10 Oct 2022 16:34:01 +0200 Subject: [PATCH 02/11] minor typo --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index a764cdf..a83278e 100755 --- a/README.md +++ b/README.md @@ -2,7 +2,7 @@ Hi, there! 👋 -I’m Christian, a 35 years old tech enthusiast from Germany, and I love to inspire and educate people in IT. +I’m Christian, a 35 year-old tech enthusiast from Germany, and I love to inspire and educate people in IT. This Repository **Boilerplates** is my personal template collection. Here you'll find templates, and configurations for various tools, and technologies. From a7859d7947917c5766a1f73705b26933e6925e33 Mon Sep 17 00:00:00 2001 From: Christian Lempa Date: Wed, 19 Oct 2022 15:12:21 +0200 Subject: [PATCH 03/11] link updates --- README.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index a83278e..73432bc 100755 --- a/README.md +++ b/README.md @@ -8,7 +8,7 @@ This Repository **Boilerplates** is my personal template collection. Here you'll > :warning: Be aware, products can change over time. I do my best to keep up with the latest changes and releases, but please understand that this won’t always be the case. -I created them as free resources to be used in your specific use cases. If you're searching for detailed, in-depth tutorials on some tools or technologies, check out my YouTube Channel: [The Digital Life](https://www.youtube.com/channel/UCZNhwA1B5YqiY1nLzmM0ZRg). +I created them as free resources to be used in your specific use cases. If you're searching for detailed, in-depth tutorials on some tools or technologies, check out my YouTube Channel: [Christian Lempa](https://www.youtube.com/@christianlempa). ## Contribution @@ -16,10 +16,10 @@ If you’d like to contribute to this project, reach out to me on social media o ## Other Resources -- [Videos](https://github.com/xcad2k/videos) - Documentation and project files for all my video tutorials on YouTube -- [Dotfiles](https://github.com/xcad2k/dotfiles) - My personal configuration files on Linux and Windows -- [Boilerplates](https://github.com/xcad2k/boilerplates) - Templates for various projects like Docker, K8S, Ansible, etc -- [Cheat-Sheets](https://github.com/xcad2k/cheat-sheets) - Command Reference for various tools and technologies +- [Videos](https://github.com/christianlempa/videos) - Documentation and project files for all my video tutorials on YouTube +- [Dotfiles](https://github.com/christianlempa/dotfiles) - My personal configuration files on Linux and Windows +- [Boilerplates](https://github.com/christianlempa/boilerplates) - Templates for various projects like Docker, K8S, Ansible, etc +- [Cheat-Sheets](https://github.com/christianlempa/cheat-sheets) - Command Reference for various tools and technologies ## Support me From d773bf99ee824898bae252242d54d2ee1d480c30 Mon Sep 17 00:00:00 2001 From: Christian Lempa Date: Wed, 19 Oct 2022 15:17:59 +0200 Subject: [PATCH 04/11] small typo --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 73432bc..ab4ee4a 100755 --- a/README.md +++ b/README.md @@ -2,7 +2,7 @@ Hi, there! 👋 -I’m Christian, a 35 year-old tech enthusiast from Germany, and I love to inspire and educate people in IT. +I’m Christian, a 35-year-old tech enthusiast from Germany, and I love to inspire and educate people in IT. This Repository **Boilerplates** is my personal template collection. Here you'll find templates, and configurations for various tools, and technologies. From 9d44fabd64989580f4527c606b44ac76ceb59022 Mon Sep 17 00:00:00 2001 From: Christian Lempa Date: Wed, 16 Nov 2022 17:09:17 +0100 Subject: [PATCH 05/11] docker fixes and nextcloud update --- .../provisoning/ubuntu/install-docker.yaml | 22 +----- docker-compose/nextcloud/nextcloud-npm.yaml | 77 ------------------- docker-compose/nextcloud/nextcloud.yaml | 19 +---- 3 files changed, 5 insertions(+), 113 deletions(-) delete mode 100644 docker-compose/nextcloud/nextcloud-npm.yaml diff --git a/ansible/provisoning/ubuntu/install-docker.yaml b/ansible/provisoning/ubuntu/install-docker.yaml index 9165680..8f0cd66 100644 --- a/ansible/provisoning/ubuntu/install-docker.yaml +++ b/ansible/provisoning/ubuntu/install-docker.yaml @@ -10,27 +10,7 @@ - name: install prerequisites apt: name: - - apt-transport-https - - ca-certificates - - curl - - gnupg-agent - - software-properties-common - update_cache: yes - - - name: add apt-key - apt_key: - url: https://download.docker.com/linux/ubuntu/gpg - - - name: add docker repo - apt_repository: - repo: deb https://download.docker.com/linux/ubuntu focal stable - - - name: install docker - apt: - name: - - docker-ce - - docker-ce-cli - - containerd.io + - docker.io update_cache: yes - name: add user permissions diff --git a/docker-compose/nextcloud/nextcloud-npm.yaml b/docker-compose/nextcloud/nextcloud-npm.yaml deleted file mode 100644 index cd63791..0000000 --- a/docker-compose/nextcloud/nextcloud-npm.yaml +++ /dev/null @@ -1,77 +0,0 @@ -version: '3' - -volumes: - nextcloud-data: - nextcloud-db: - npm-data: - npm-ssl: - npm-db: - -networks: - frontend: - # add this if the network is already existing! - # external: true - backend: - -services: - - nextcloud-app: - image: nextcloud - restart: always - volumes: - - nextcloud-data:/var/www/html - environment: - - MYSQL_PASSWORD=replace-with-secure-password - - MYSQL_DATABASE=nextcloud - - MYSQL_USER=nextcloud - - MYSQL_HOST=nextcloud-db - networks: - - frontend - - backend - - nextcloud-db: - image: mariadb - restart: always - command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW - volumes: - - nextcloud-db:/var/lib/mysql - environment: - - MYSQL_ROOT_PASSWORD=replace-with-secure-password - - MYSQL_PASSWORD=replace-with-secure-password - - MYSQL_DATABASE=nextcloud - - MYSQL_USER=nextcloud - networks: - - backend - - npm-app: - image: jc21/nginx-proxy-manager:latest - restart: always - ports: - - "80:80" - - "81:81" - - "443:443" - environment: - - DB_MYSQL_HOST=npm-db - - DB_MYSQL_PORT=3306 - - DB_MYSQL_USER=npm - - DB_MYSQL_PASSWORD=replace-with-secure-password - - DB_MYSQL_NAME=npm - volumes: - - npm-data:/data - - npm-ssl:/etc/letsencrypt - networks: - - frontend - - backend - - npm-db: - image: jc21/mariadb-aria:latest - restart: always - environment: - - MYSQL_ROOT_PASSWORD=replace-with-secure-password - - MYSQL_DATABASE=npm - - MYSQL_USER=npm - - MYSQL_PASSWORD=replace-with-secure-password - volumes: - - npm-db:/var/lib/mysql - networks: - - backend \ No newline at end of file diff --git a/docker-compose/nextcloud/nextcloud.yaml b/docker-compose/nextcloud/nextcloud.yaml index c65b3b3..89958a3 100644 --- a/docker-compose/nextcloud/nextcloud.yaml +++ b/docker-compose/nextcloud/nextcloud.yaml @@ -4,17 +4,11 @@ volumes: nextcloud-data: nextcloud-db: -networks: - frontend: - # add this if the network is already existing! - # external: true - backend: - services: nextcloud-app: - image: nextcloud - restart: always + image: nextcloud:latest + restart: unless-stopped volumes: - nextcloud-data:/var/www/html environment: @@ -22,13 +16,10 @@ services: - MYSQL_DATABASE=nextcloud - MYSQL_USER=nextcloud - MYSQL_HOST=nextcloud-db - networks: - - frontend - - backend nextcloud-db: - image: mariadb - restart: always + image: mariadb:latest + restart: unless-stopped command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW volumes: - nextcloud-db:/var/lib/mysql @@ -37,5 +28,3 @@ services: - MYSQL_PASSWORD=replace-with-secure-password - MYSQL_DATABASE=nextcloud - MYSQL_USER=nextcloud - networks: - - backend \ No newline at end of file From 5a15ad32a491425d44dcdd53d771412a22a46ea1 Mon Sep 17 00:00:00 2001 From: Christian Lempa Date: Thu, 17 Nov 2022 08:51:59 +0100 Subject: [PATCH 06/11] nextcloud update --- docker-compose/nextcloud/nextcloud.yaml | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/docker-compose/nextcloud/nextcloud.yaml b/docker-compose/nextcloud/nextcloud.yaml index 89958a3..452962e 100644 --- a/docker-compose/nextcloud/nextcloud.yaml +++ b/docker-compose/nextcloud/nextcloud.yaml @@ -12,10 +12,12 @@ services: volumes: - nextcloud-data:/var/www/html environment: - - MYSQL_PASSWORD=replace-with-secure-password - - MYSQL_DATABASE=nextcloud - - MYSQL_USER=nextcloud + - MYSQL_PASSWORD=$MYSQL_PASSWORD + - MYSQL_DATABASE=$MYSQL_DATABASE + - MYSQL_USER=$MYSQL_USER - MYSQL_HOST=nextcloud-db + ports: + - 80:80 nextcloud-db: image: mariadb:latest @@ -24,7 +26,7 @@ services: volumes: - nextcloud-db:/var/lib/mysql environment: - - MYSQL_ROOT_PASSWORD=replace-with-secure-password - - MYSQL_PASSWORD=replace-with-secure-password - - MYSQL_DATABASE=nextcloud - - MYSQL_USER=nextcloud + - MYSQL_RANDOM_ROOT_PASSWORD=true + - MYSQL_PASSWORD=$MYSQL_PASSWORD + - MYSQL_DATABASE=$MYSQL_DATABASE + - MYSQL_USER=$MYSQL_USER From 35de5c28d79933cf3e417943906129aa47db9362 Mon Sep 17 00:00:00 2001 From: Christian Lempa Date: Thu, 17 Nov 2022 09:14:23 +0100 Subject: [PATCH 07/11] added privileged --- .../prometheus/exporters/cadvisor/docker-compose.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/docker-compose/prometheus/exporters/cadvisor/docker-compose.yml b/docker-compose/prometheus/exporters/cadvisor/docker-compose.yml index 63f8baa..33ed6d1 100755 --- a/docker-compose/prometheus/exporters/cadvisor/docker-compose.yml +++ b/docker-compose/prometheus/exporters/cadvisor/docker-compose.yml @@ -3,12 +3,11 @@ version: '3' services: cadvisor: - image: gcr.io/cadvisor/cadvisor:v0.45.0 # latest tag is not updated... - # https://github.com/google/cadvisor/issues/3066 - # To manual check versions: https://github.com/google/cadvisor/releases + # TODO: latest tag is not updated, check latest release https://github.com/google/cadvisor/releases + image: gcr.io/cadvisor/cadvisor:v0.45.0 container_name: cadvisor - # ports: - # - "8080:8080" + ports: + - "8080:8080" network_mode: host volumes: - /:/rootfs:ro @@ -19,3 +18,4 @@ services: devices: - /dev/kmsg restart: unless-stopped + privileged: true \ No newline at end of file From 8cf873a7aa0af99b62f77e82e06ca01b86365b67 Mon Sep 17 00:00:00 2001 From: Christian Lempa Date: Thu, 17 Nov 2022 09:39:27 +0100 Subject: [PATCH 08/11] move exporters away from prometheus --- docker-compose/cadvisor/README.md | 0 .../exporters => }/cadvisor/docker-compose.yml | 0 .../node_exporter => nodeexporter}/docker-compose.yml | 0 .../Nvidia DGCM exporter => nvidiadgcm}/README.md | 0 .../docker-compose.yml | 0 .../Nvidia_smi_exporter => nvidiasmi}/README.md | 0 .../docker-compose.yml | 0 docker-compose/prometheus/README.md | 11 ++++++++++- 8 files changed, 10 insertions(+), 1 deletion(-) create mode 100644 docker-compose/cadvisor/README.md rename docker-compose/{prometheus/exporters => }/cadvisor/docker-compose.yml (100%) rename docker-compose/{prometheus/exporters/node_exporter => nodeexporter}/docker-compose.yml (100%) rename docker-compose/{prometheus/exporters/Nvidia DGCM exporter => nvidiadgcm}/README.md (100%) rename docker-compose/{prometheus/exporters/Nvidia DGCM exporter => nvidiadgcm}/docker-compose.yml (100%) rename docker-compose/{prometheus/exporters/Nvidia_smi_exporter => nvidiasmi}/README.md (100%) rename docker-compose/{prometheus/exporters/Nvidia_smi_exporter => nvidiasmi}/docker-compose.yml (100%) diff --git a/docker-compose/cadvisor/README.md b/docker-compose/cadvisor/README.md new file mode 100644 index 0000000..e69de29 diff --git a/docker-compose/prometheus/exporters/cadvisor/docker-compose.yml b/docker-compose/cadvisor/docker-compose.yml similarity index 100% rename from docker-compose/prometheus/exporters/cadvisor/docker-compose.yml rename to docker-compose/cadvisor/docker-compose.yml diff --git a/docker-compose/prometheus/exporters/node_exporter/docker-compose.yml b/docker-compose/nodeexporter/docker-compose.yml similarity index 100% rename from docker-compose/prometheus/exporters/node_exporter/docker-compose.yml rename to docker-compose/nodeexporter/docker-compose.yml diff --git a/docker-compose/prometheus/exporters/Nvidia DGCM exporter/README.md b/docker-compose/nvidiadgcm/README.md similarity index 100% rename from docker-compose/prometheus/exporters/Nvidia DGCM exporter/README.md rename to docker-compose/nvidiadgcm/README.md diff --git a/docker-compose/prometheus/exporters/Nvidia DGCM exporter/docker-compose.yml b/docker-compose/nvidiadgcm/docker-compose.yml similarity index 100% rename from docker-compose/prometheus/exporters/Nvidia DGCM exporter/docker-compose.yml rename to docker-compose/nvidiadgcm/docker-compose.yml diff --git a/docker-compose/prometheus/exporters/Nvidia_smi_exporter/README.md b/docker-compose/nvidiasmi/README.md similarity index 100% rename from docker-compose/prometheus/exporters/Nvidia_smi_exporter/README.md rename to docker-compose/nvidiasmi/README.md diff --git a/docker-compose/prometheus/exporters/Nvidia_smi_exporter/docker-compose.yml b/docker-compose/nvidiasmi/docker-compose.yml similarity index 100% rename from docker-compose/prometheus/exporters/Nvidia_smi_exporter/docker-compose.yml rename to docker-compose/nvidiasmi/docker-compose.yml diff --git a/docker-compose/prometheus/README.md b/docker-compose/prometheus/README.md index d84052d..fd76009 100644 --- a/docker-compose/prometheus/README.md +++ b/docker-compose/prometheus/README.md @@ -11,6 +11,15 @@ Configure your settings in the `/etc/prometheus/prometheus.yml` file. *For more info visit:* [Official Prometheus Installation Documentation](https://prometheus.io/docs/prometheus/latest/installation/) +# Exporters + +TODO: WIP + +- cadvisor +- nodeexporter +- nvidiadgcm +- nvidiasmi + # Best-Practices & Post-Installation ## Disable HTTP @@ -19,7 +28,7 @@ It's not secure to expose Prometheus via the HTTP protocol. ### Use a Reverse Proxy -- [] Use a Reverse Proxy to securely expose administrative services. +- [ ] Use a Reverse Proxy to securely expose administrative services. # Additional Referfences From c09a4fce474fe0aa33e668fa9fcfd368682db0a3 Mon Sep 17 00:00:00 2001 From: Christian Lempa Date: Thu, 17 Nov 2022 09:40:38 +0100 Subject: [PATCH 09/11] delete readmes --- ansible/README.md | 3 --- docker-compose/README.md | 21 --------------------- packer/README.md | 0 terraform/README.md | 0 4 files changed, 24 deletions(-) delete mode 100644 ansible/README.md delete mode 100644 docker-compose/README.md delete mode 100644 packer/README.md delete mode 100644 terraform/README.md diff --git a/ansible/README.md b/ansible/README.md deleted file mode 100644 index f1861a5..0000000 --- a/ansible/README.md +++ /dev/null @@ -1,3 +0,0 @@ -# Ansible Boilerplates - -These are my ansible boilerplates to configure, provision and maintain servers and clients. Most of them are written and tested on Ubuntu Servers (with a few exceptions). \ No newline at end of file diff --git a/docker-compose/README.md b/docker-compose/README.md deleted file mode 100644 index 5f7f4be..0000000 --- a/docker-compose/README.md +++ /dev/null @@ -1,21 +0,0 @@ -# Docker-Compose Boilerplates and Templates - -## Index - -- **Authelia** - -- **Duplicati** - -- **Grafana** - -- **Homer** - -- **Influxdb** - -- **Jellyfin** - -- **Nextcloud** - -- **Nginxproxymanager** - -- **Pihole** - -- **Plex** - -- **Portainer** - -- **Prometheus** - -- **SWAG** - -- **Teleport** - -- **Traefik** - -- **Watchtower** - -- **Whoami** - diff --git a/packer/README.md b/packer/README.md deleted file mode 100644 index e69de29..0000000 diff --git a/terraform/README.md b/terraform/README.md deleted file mode 100644 index e69de29..0000000 From b04bc1b477b6c08c27d4b0c242459d43806971d2 Mon Sep 17 00:00:00 2001 From: Christian Lempa Date: Sun, 27 Nov 2022 10:44:34 +0100 Subject: [PATCH 10/11] Create test --- test | 52 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 52 insertions(+) create mode 100644 test diff --git a/test b/test new file mode 100644 index 0000000..d731713 --- /dev/null +++ b/test @@ -0,0 +1,52 @@ +apiVersion: cert-manager.io/v1 +kind: ClusterIssuer +metadata: + name: acme-issuer + # (Optional) Metadata + # --- + # namespace: your-namespace +spec: + acme: + # Configure your email here... + # --- + # email: your-email@address + + # Configure your server here... + # --- + # Letsencrypt Production + # server: https://acme-v02.api.letsencrypt.org/directory + # - or - + # Letsencrypt Staging + # server: https://acme-staging-v02.api.letsencrypt.org/directory + + privateKeySecretRef: + name: example-issuer-account-key + solvers: + # Configure DNS or HTTP Challenge here... + # --- + # DNS Challenge: + # - dns01: + # Configure your DNS Provider here... + # --- + # cloudflare: + # email: your-email@address + # API Key: + # apiKeySecretRef: + # name: cloudflare-api-key-secret + # key: api-key + # - or - + # API Token: + # apiTokenSecretRef: + # name: cloudflare-api-token-secret + # key: api-token + # (Optional) Add DNS selectors + # --- + # selector: + # dnsNames: + # - 'your-domain' + # - '*.your-domain' + + # HTTP Challenge: + # - http01: + # ingress: + # class: traefik From 743e4248c08f669344df9c79ed8c222756a4ceff Mon Sep 17 00:00:00 2001 From: Christian Lempa Date: Sun, 27 Nov 2022 10:44:41 +0100 Subject: [PATCH 11/11] Deleting test --- test | 52 ---------------------------------------------------- 1 file changed, 52 deletions(-) delete mode 100644 test diff --git a/test b/test deleted file mode 100644 index d731713..0000000 --- a/test +++ /dev/null @@ -1,52 +0,0 @@ -apiVersion: cert-manager.io/v1 -kind: ClusterIssuer -metadata: - name: acme-issuer - # (Optional) Metadata - # --- - # namespace: your-namespace -spec: - acme: - # Configure your email here... - # --- - # email: your-email@address - - # Configure your server here... - # --- - # Letsencrypt Production - # server: https://acme-v02.api.letsencrypt.org/directory - # - or - - # Letsencrypt Staging - # server: https://acme-staging-v02.api.letsencrypt.org/directory - - privateKeySecretRef: - name: example-issuer-account-key - solvers: - # Configure DNS or HTTP Challenge here... - # --- - # DNS Challenge: - # - dns01: - # Configure your DNS Provider here... - # --- - # cloudflare: - # email: your-email@address - # API Key: - # apiKeySecretRef: - # name: cloudflare-api-key-secret - # key: api-key - # - or - - # API Token: - # apiTokenSecretRef: - # name: cloudflare-api-token-secret - # key: api-token - # (Optional) Add DNS selectors - # --- - # selector: - # dnsNames: - # - 'your-domain' - # - '*.your-domain' - - # HTTP Challenge: - # - http01: - # ingress: - # class: traefik