/dockerbunker

a tool that helps configure, deploy and manage dockerized web-applications or static sites behind an nginx reverse proxy container

Primary LanguageShellMIT LicenseMIT

What is dockerbunker

dockerbunker is a tool that helps configure, deploy and manage dockerized web-applications or static sites behind an nginx reverse proxy. Apps can easily be fully backed up or restored from a previous backup. The only requirement is docker.

Have a look at this asciicast to see dockerbunkerin action.

Index:

Services:

  • [✔] installation works

    means that the installation worked but the service was not further tested

  • [☠] some issue got some isse by installation or by service execution via browser

  • [✔] works

    is tested in live-environment

| A - G | Description | |---|---|--- | |Bitbucket | > [☠] some issue | | |Commento | [✔] installation works | | |cryptpad | [✔] installation works | | |CS50 IDE | > [☠] some issue | | |Dillinger | [✔] installation works | | |Drone CI | [✔] works | Continuous Delivery system | |Fathom Analytics | [✔] installation works | | |Firefly III | [✔] installation works | | |Firefox Sync Server | [✔] installation works | | |Ghost Blog | [✔] installation works | | |GitBucket | [✔] installation works | | |Gitea | [✔] works | Git Server | |Gitlab CE | > [☠] some issue | | |Gogs | [✔] installation works | | |Grav | [✔] works | Grav is a Fast, Simple, and Flexible, file-based Web-platform. |

| H - N | Description | |---|---|--- | |Hastebin | [✔] installation works | | |IPsec VPN Server | > [☠] some issue | | |json-server | [✔] installation works | | |Kanboard | [✔] installation works | | |KeeWeb | [✔] works | this is a static KeyPassX ProgressiveWebapp | |Koken | [✔] installation works | | |Mailcow Dockerized | > [☠] some issue | | |Mailpile | [✔] installation works | | |Mastodon | [✔] installation works | | |Matomo Analytics | [✔] installation works | | |Mozilla send | [✔] works | Simple, private file sharing from the makers of Firefox | |Nextcloud | [✔] works | self-hosted cloud-server|

| O - Z | Description | |---|---|--- | |Open Project | > [☠] some issue | | |Padlock Cloud | > [☠] some issue | | |Rocket.Chat | > [☠] some issue | | |Seafile Pro (broken) | > [☠] some issue | | |Searx | [✔] installation works | | |sFTP Server | > [☠] some issue | | |Strapi | [☠] works | The most advanced open-source headless CMS to build powerful APIs with no effort. | |Wekan | [✔] works | open source kanban | |Wordpress | [✔] installation works | |

Other build in Services

Service Status Description
proxy-pass [✔] works Use Dockerbunker as reverse-proxy, to work with your external Service/Server
static-sites [✔] works use some static HTML sites (within build/service-name/web)

Fair warning: While all services appeared fully functional at the time I implemented them, I cannot guarantee that they still all are functional. Sometimes I just added something I was playing around with and hadn't tested every part of it. If something turns out to be not working, it often times broke because of changes that were made to the software and it most cases it's trivial to make it work again. I marked bold all the apps I am personally using with dockerbunker, as well as those that I recently tested and expect to work without issues. That being said, use this at your own risk. And if you do use dockerbunker and notice that something doesn't work, please file an issue .. or even better, submit a pull request. Contributions are welcome:)

Upgrade Dockerbunker-v1 to -v2

There are some big changes with the docker-v2 and ith wont be run without manually changes.

  1. At first Backup your dockerbunker sytem

Environment TODOs:

  1. move all Environment-Files into /build folder, e.g. /build/conf, /build/web, /build/backup and /build/env
  2. update your environment Variables within build/env/dockerbunker.env (take a look at the default Variables within data/include/init.sh)

Service TODOs:

  1. now, service entry-point (service-name/ìnit.sh) and service setup (service-name/service.sh) was splitted
  2. edit your service-name/service.sh to match your old settings

Prerequisites

  • Docker

  • Bash 4+

    On macOS via homebrew

    • Bash 4+ -> brew install bash

    • GNU grep -> brew install grep

    • GNU sed -> brew install gnu-sed

       ln -sv /usr/local/bin/ggrep /usr/local/bin/grep
 ln -sv /usr/local/bin/gsed /usr/local/bin/sed

      Make sure /usr/local/binis added to your PATH! If it's not:

      echo 'PATH="/usr/local/bin:$PATH"' >> ~/.bash_profile

How to get started

  1. Get docker

    • Most systems can install Docker by running wget -qO- https://get.docker.com/ | sh

  2. Clone the master branch of this repository and run ./dockerbunker.sh

    • git clone https://github.com/chaosbunker/dockerbunker.git && cd dockerbunker
    • ./dockerbunker.sh

  3. Select a service and configure it (Set domain, etc..)

  4. Set up the service. This will

    • Create an internal network if necessary
    • Create volumes
    • Pull images
    • Run containers
    • Obtain certificate from Let's Encrypt (if chosen during config)

That's it.

Now when selecting the same service again in the dockerbunker menu, there will be more options depending on the current state of the service. For example:

Nextcloud
1) Reconfigure service
2) Reinstall service
3) Obtain Let's Encrypt certificate (<-- only visible if using self-signed cert)
4) Restart container(s)
5) Stop container(s) (<- only visible when containers are running, otherwise offers "Start Containers"
6) Backup Service
7) Restore Service (<- only visible if backup(s) for service are found)
8) Upgrade Image(s)
9) Destroy "Nextcloud"

Ddd custom services

You can add some services by your own.

  1. To do so, only copy another service which match your new service the best. copy /data/services/some-service and rename it to your needed service.
  2. setup your service parameter wihtin service.sh
  3. add oder update your docker run commands if needed for your service
  4. update the nginx-reverse-proxy settings within nginx/service.conf

When destroying a service everything related to the service will be removed. Only Let's Encrypt certificates will be retained.

add custom static website

  1. start the static-sites service
  2. add your specific domain and the other parameter
  3. after that, dockerbunker installs your static-site to /build/web/service-name/index.html
  4. now, you have to add your staic-site files into /build/web/service-name/
  5. thats it, your static site should work

add your external service

to add your external service, and use it via dockerbunker as a reverse-proxy.

  1. copy/paste nginx-default-proxy-pass.config proxy-pass/nginx/service.conf and edit to work with your service
  2. start the proxy-pass service
  3. add your specific domain and the other parameter
  4. run the setup process
  5. thats it, your reverse proxy should work

add your external SSL

When configuring a service, a self-signed certificate is generated and stored in build/conf/nginx/ssl/${SERVICE_HOSTNAME}. Please move your own trusted certificate and key in that directory as cert.pem and key.pem after configuration of the service is complete.

If you choose to use Let's Encrypt during setup, certificates will be automatically obtained via a Certbot container. Let's Encrypt data is stored in build/conf/nginx/ssl/letsencrypt.

It is possible to add additional domains to the certificate before obtaining the certificate and these domains will also automatically be added to the corresponding nginx configuration.

Backup & Restore

When backing up a service, a timestamped directory will be created in build/backup/${SERVICE_NAME}. The following things will get backed up into (or restored from) that directory:

  • All volumes (will be compressed)
  • nginx configuration if service is accessible via web (from build/conf/nginx/conf.d/${SERVICE_DOMAIN})
  • other user-specific configuration files (from build/conf/${SERVICE_NAME})
  • environment file(s) (from build/env/${SERVICE_NAME}*)
  • ssl certificate" (from build/conf/nginx/ssl/${SERVICE_DOMAIN} and, if applicable build/conf/nginx/ssl/letsencrypt)

Good to know

All credentials that are set by the user or that are automatically generated are stored in build/env/${SERVICE_NAME}.env.

Please refer to the documentation of each web-app (regarding default credentials, configuration etc.)

Why I made this

I know that it is not really ideal and recommended to do something like this with shell scripts. dockerbunker is an idea that went a bit out of control. It was inspired by @DFabric's DPlatform-DockerShip. You can read more about why I made dockerbunker here (tl;dr: I enjoyed the process)

Important: Please make sure you agree with the license(s) of the open source software you are installing via dockerbunker. Any part of dockerbunker itself is released under the MIT License.