(simatec) Let's Encrypt added
This commit is contained in:
		
							
								
								
									
										50
									
								
								README.md
									
									
									
									
									
								
							
							
						
						
									
										50
									
								
								README.md
									
									
									
									
									
								
							| @@ -49,12 +49,6 @@ chmod +x /usr/local/bin/docker-compose | ||||
| reboot now | ||||
| ``` | ||||
|  | ||||
| * remove postfix | ||||
|  | ||||
| ``` | ||||
| apt purge postfix -y | ||||
| ``` | ||||
|  | ||||
| * Clone repository | ||||
|  | ||||
| ``` | ||||
| @@ -78,53 +72,21 @@ bash install-piler.sh | ||||
|  | ||||
| Congratulations your Piler is installed... | ||||
|  | ||||
| The Piler can now be reached at http://your-domain:8080. | ||||
| If you have Let's Encrypt activated, you can reach the Piler at https://your-piler-domain | ||||
|  | ||||
| If Let's Encrypt is disabled, the Piler is at http://your-piler-domain or at http://your-local-IP | ||||
|  | ||||
|  | ||||
| > After installation, any changes can be made in piler.conf at any time and the install script can then be run again. | ||||
|  | ||||
|  | ||||
| ****************************************************************************************************** | ||||
|  | ||||
| ### SSL certificates | ||||
|  | ||||
| If you want to run your Piler with SSL certificates, which always makes sense if the Piler isn't running locally, then I recommend the Nginx proxy manager for Docker. | ||||
|  | ||||
| I built my setup with the Nginx. | ||||
|  | ||||
| The Ngnix can be installed with the following compose. | ||||
|  | ||||
| Create a docker-compose.yml file similar to this: | ||||
|  | ||||
| ``` | ||||
| version: '3' | ||||
| services: | ||||
|   app: | ||||
|     image: 'jc21/nginx-proxy-manager:latest' | ||||
|     restart: unless-stopped | ||||
|     ports: | ||||
|       - '80:80' | ||||
|       - '81:81' | ||||
|       - '443:443' | ||||
|     volumes: | ||||
|       - ./data:/data | ||||
|       - ./letsencrypt:/etc/letsencrypt | ||||
| ``` | ||||
|  | ||||
| ``` | ||||
| docker-compose up -d | ||||
| ``` | ||||
|  | ||||
| Log in to the Admin UI | ||||
| When your docker container is running, connect to it on port 81 for the admin interface. Sometimes this can take a little bit because of the entropy of keys. | ||||
|  | ||||
| http://your-domain:81 | ||||
|  | ||||
|  | ||||
| ********************************************************************************************************** | ||||
|  | ||||
| ## Changelog | ||||
|  | ||||
| ### 0.2.0 (09.03.2022) | ||||
| * (simatec) Let's Encrypt added | ||||
|  | ||||
| ### 0.1.0 (08.03.2022) | ||||
| * (simatec) first beta | ||||
|  | ||||
|   | ||||
| @@ -51,8 +51,8 @@ services: | ||||
|       - TZ=Europe/Berlin | ||||
|     ports: | ||||
|       - "25:25" | ||||
|       - "8080:80" | ||||
|       - "8443:443" | ||||
|       - "80:80" | ||||
|       - "443:443" | ||||
|     volumes: | ||||
|       - piler_etc:/etc/piler | ||||
|       - piler_var:/var/piler | ||||
							
								
								
									
										109
									
								
								config/piler-ssl.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										109
									
								
								config/piler-ssl.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,109 @@ | ||||
| version: "3" | ||||
| services: | ||||
|   nginx-proxy: | ||||
|     image: jwilder/nginx-proxy | ||||
|     container_name: nginx-proxy | ||||
|     restart: always | ||||
|     ports: | ||||
|       - "80:80" | ||||
|       - "443:443" | ||||
|     volumes: | ||||
|       - ./nginx-data/certs:/etc/nginx/certs | ||||
|       - ./nginx-data/vhost.d:/etc/nginx/vhost.d | ||||
|       - ./nginx-data/html:/usr/share/nginx/html | ||||
|       - /var/run/docker.sock:/tmp/docker.sock:ro | ||||
|   nginx-letsencrypt: | ||||
|     image: jrcs/letsencrypt-nginx-proxy-companion | ||||
|     container_name: nginx-letsencrypt | ||||
|     restart: always | ||||
|     volumes_from: | ||||
|       - nginx-proxy | ||||
|     volumes: | ||||
|       - /var/run/docker.sock:/var/run/docker.sock:ro | ||||
|     environment: | ||||
|       - DEFAULT_EMAIL=${LETSENCRYPT_EMAIL} | ||||
|   mysql: | ||||
|     image: mariadb:10.5 | ||||
|     container_name: mysql-piler | ||||
|     restart: unless-stopped | ||||
|     cap_drop: | ||||
|       - ALL | ||||
|     cap_add: | ||||
|       - dac_override | ||||
|       - setuid | ||||
|       - setgid | ||||
|     environment: | ||||
|       - MYSQL_DATABASE=${MYSQL_DATABASE} | ||||
|       - MYSQL_USER=${MYSQL_USER} | ||||
|       - MYSQL_PASSWORD=${MYSQL_PASSWORD} | ||||
|       - MYSQL_RANDOM_ROOT_PASSWORD=yes | ||||
|       - "TZ=Europe/Berlin" | ||||
|     command: --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci | ||||
|     healthcheck: | ||||
|       test: mysql --user=${MYSQL_USER} --password=${MYSQL_PASSWORD} piler --execute "show tables" | ||||
|       interval: "60s" | ||||
|       timeout: "5s" | ||||
|       start_period: "15s" | ||||
|       retries: 3 | ||||
|     volumes: | ||||
|       - db_data:/var/lib/mysql | ||||
|  | ||||
|   memcached: | ||||
|     image: memcached:latest | ||||
|     container_name: memcached-piler | ||||
|     restart: unless-stopped | ||||
|     cap_drop: | ||||
|       - ALL | ||||
|     command: -m 64 | ||||
|  | ||||
|   piler: | ||||
|     image: sutoj/piler:1.3.11 | ||||
|     container_name: piler | ||||
|     restart: unless-stopped | ||||
|     expose: | ||||
|       - "80" | ||||
|     hostname: ${PILER_DOMAIN} | ||||
|     init: true | ||||
|     environment: | ||||
|       - MYSQL_DATABASE=${MYSQL_DATABASE} | ||||
|       - MYSQL_USER=${MYSQL_USER} | ||||
|       - MYSQL_PASSWORD=${MYSQL_PASSWORD} | ||||
|       - MYSQL_HOSTNAME=mysql | ||||
|       - PILER_HOSTNAME=${PILER_DOMAIN} | ||||
|       - MEMCACHED_HOST=memcached | ||||
|       - TZ=Europe/Berlin | ||||
|       - VIRTUAL_HOST=${PILER_DOMAIN} | ||||
|       - LETSENCRYPT_HOST=${PILER_DOMAIN} | ||||
|       - LETSENCRYPT_EMAIL=${LETSENCRYPT_EMAIL} | ||||
|     ports: | ||||
|       - "25:25" | ||||
|     volumes: | ||||
|       - piler_etc:/etc/piler | ||||
|       - piler_var:/var/piler | ||||
|       - /etc/localtime:/etc/localtime | ||||
|     healthcheck: | ||||
|       test: curl -s smtp://localhost/ | ||||
|       interval: "60s" | ||||
|       timeout: "3s" | ||||
|       start_period: "15s" | ||||
|       retries: 3 | ||||
|     deploy: | ||||
|       resources: | ||||
|         reservations: | ||||
|           memory: 512M | ||||
|         limits: | ||||
|           memory: 512M | ||||
|  | ||||
|     depends_on: | ||||
|       - "memcached" | ||||
|       - "mysql" | ||||
|  | ||||
| networks: | ||||
|   default: | ||||
|     external: | ||||
|       name: nginx-proxy | ||||
|  | ||||
| volumes: | ||||
|   db_data: | ||||
|   piler_etc: | ||||
|   piler_var: | ||||
| @@ -1,22 +1,76 @@ | ||||
| #!/bin/bash | ||||
|  | ||||
| # Colors | ||||
| if [ -z ${BASH_SOURCE} ]; then | ||||
| 	blue=`echo "\e[1m\e[34m"` | ||||
| 	green=`echo "\e[1m\e[32m"` | ||||
| 	greenBold=`echo "\e[1m\e[1;32m"` | ||||
| 	redBold=`echo "\e[1m\e[1;31m"` | ||||
| 	red=`echo "\e[1m\e[31m"` | ||||
| 	purple=`echo "\e[1m\e[35m"` | ||||
| 	bold=`echo "\e[1m"` | ||||
|   	normal=`echo "\e[0m"` | ||||
| else | ||||
|   	blue=`echo -e "\e[1m\e[34m"` | ||||
|   	green=`echo -e "\e[1m\e[32m"` | ||||
|   	greenBold=`echo -e "\e[1m\e[1;32m"` | ||||
| 	redBold=`echo -e "\e[1m\e[1;31m"` | ||||
| 	puple=`echo -e "\e[1m\e[35m"` | ||||
| 	bold=`echo -e "\e[1m"` | ||||
|   	normal=`echo -en "\e[0m"` | ||||
| fi | ||||
|  | ||||
| HLINE="==================================================================" | ||||
|  | ||||
| . ./piler.conf | ||||
| ln -s ./piler.conf .env | ||||
|  | ||||
| if [ -f /opt/piler-docker/docker-compose.yml ]; then | ||||
|     rm /opt/piler-docker/docker-compose.yml | ||||
| fi | ||||
|  | ||||
| if [ "$USE_LETSENCRYPT" = "yes" ]; then | ||||
|     cp /opt/piler-docker/config/piler-ssl.yml /opt/piler-docker/docker-compose.yml | ||||
| else | ||||
|     cp /opt/piler-docker/config/piler-default.yml /opt/piler-docker/docker-compose.yml | ||||
| fi | ||||
|  | ||||
| while true; do | ||||
|     read -ep "Postfix must be uninstalled prior to installation. Do you want to uninstall Postfix now? (y/n): " yn | ||||
|     case $yn in | ||||
|         [Yy]* ) apt purge postfix -y; break;; | ||||
|         [Nn]* ) echo -e "${redBold}    The installation process is aborted because Postfix has not been uninstalled.!! ${normal}"; exit;; | ||||
|         * ) echo -e "${red} Please confirm with y or n.";; | ||||
|     esac | ||||
| done | ||||
|  | ||||
| # docker start | ||||
| echo | ||||
| echo "===================================" | ||||
| echo "start docker-compose for Piler" | ||||
| echo "===================================" | ||||
| echo "${greenBold}${HLINE}" | ||||
| echo "${greenBold}start docker-compose for Piler" | ||||
| echo "${greenBold}${HLINE}${normal}" | ||||
| echo | ||||
|  | ||||
| cd /opt/piler-docker | ||||
|  | ||||
| if [ "$USE_LETSENCRYPT" = "yes" ]; then | ||||
|     if ! docker network ls | grep -o "nginx-proxy"; then | ||||
|         docker network create nginx-proxy | ||||
|  | ||||
|         echo | ||||
|         echo "${blue}${HLINE}" | ||||
|         echo "${blue}docker network created" | ||||
|         echo "${blue}${HLINE}${normal}" | ||||
|         echo | ||||
|     fi | ||||
| fi | ||||
|  | ||||
| docker-compose up -d | ||||
|  | ||||
| echo | ||||
| echo "===================================" | ||||
| echo "backup the File config-site.php" | ||||
| echo "===================================" | ||||
| echo "${blue}${HLINE}" | ||||
| echo "${blue}backup the File config-site.php" | ||||
| echo "${blue}${HLINE}${normal}" | ||||
| echo | ||||
|  | ||||
| if [ ! -f /var/lib/docker/volumes/piler-docker_piler_etc/_data/config-site.php.bak ]; then | ||||
| @@ -27,10 +81,11 @@ else | ||||
| fi | ||||
|  | ||||
| echo | ||||
| echo "===================================" | ||||
| echo "set User settings ..." | ||||
| echo "===================================" | ||||
| echo "${blue}${HLINE}" | ||||
| echo "${blue}set User settings ..." | ||||
| echo "${blue}${HLINE}${normal}" | ||||
| echo | ||||
|  | ||||
| cat >> /var/lib/docker/volumes/piler-docker_piler_etc/_data/config-site.php <<EOF | ||||
|  | ||||
| // Smarthost | ||||
| @@ -91,9 +146,9 @@ EOF | ||||
| if [ "$USE_MAILCOW" = true ]; then | ||||
|  | ||||
| echo | ||||
| echo "===================================" | ||||
| echo "${blue}${HLINE}" | ||||
| echo "set Mailcow Api-Key config" | ||||
| echo "===================================" | ||||
| echo "${blue}${HLINE}${normal}" | ||||
| echo | ||||
|  | ||||
| cat >> /var/lib/docker/volumes/piler-docker_piler_etc/_data/config-site.php <<EOF | ||||
| @@ -111,18 +166,22 @@ fi | ||||
|  | ||||
| # docker restart | ||||
| echo | ||||
| echo "===================================" | ||||
| echo "restart docker-compose ..." | ||||
| echo "===================================" | ||||
| echo "${blue}${HLINE}" | ||||
| echo "${blue}restart docker-compose ..." | ||||
| echo "${blue}${HLINE}${normal}" | ||||
| echo | ||||
|  | ||||
| cd /opt/piler-docker | ||||
| docker-compose restart | ||||
|  | ||||
| echo | ||||
| echo "=======================================================================" | ||||
| echo "Piler install completed successfully" | ||||
| echo "${greenBold}${HLINE}" | ||||
| echo "${greenBold}Piler install completed successfully" | ||||
| echo | ||||
| echo "you can start in your Browser with http://${PILER_DOMAIN}:8080!" | ||||
| echo "=======================================================================" | ||||
| if [ "$USE_LETSENCRYPT" = "yes" ]; then | ||||
|     echo "${greenBold}you can start in your Browser with https://${PILER_DOMAIN}!" | ||||
| else | ||||
|     echo "${greenBold}you can start in your Browser with http://${PILER_DOMAIN} or http://local-ip!" | ||||
| fi | ||||
| echo "${greenBold}${HLINE}${normal}" | ||||
| echo | ||||
|   | ||||
							
								
								
									
										13
									
								
								piler.conf
									
									
									
									
									
								
							
							
						
						
									
										13
									
								
								piler.conf
									
									
									
									
									
								
							| @@ -38,6 +38,19 @@ MYSQL_PASSWORD="<your-mysql-password>" | ||||
|  | ||||
| ############################################# | ||||
|  | ||||
| ########### Let's Encrypt Settings ################# | ||||
|  | ||||
| # Enabled / Disabled (yes/no) Let's Encrypt  | ||||
| # For local Run disabled | ||||
|  | ||||
| USE_LETSENCRYPT="yes" | ||||
|  | ||||
| # Let's Encrypt registration contact information | ||||
|  | ||||
| LETSENCRYPT_EMAIL="admin@example.com" | ||||
|  | ||||
| ############################################# | ||||
|  | ||||
| ######### optional Mailcow Settings ######### | ||||
|  | ||||
| # if Use Mailcow API Options set "true" | ||||
|   | ||||
		Reference in New Issue
	
	Block a user