Initial setup of PiFrameFleet
This commit is contained in:
parent
06d0362b3a
commit
05d6a33261
59
piframefleet/Dockerfile
Normal file
59
piframefleet/Dockerfile
Normal file
|
@ -0,0 +1,59 @@
|
||||||
|
FROM alpine:latest
|
||||||
|
|
||||||
|
WORKDIR /opt/
|
||||||
|
|
||||||
|
# need to figure out if arm64/arm64 32bit multilib/arm
|
||||||
|
COPY piframefleet/arch_detect.sh /opt/
|
||||||
|
|
||||||
|
# Copy ansible samples -> /opt
|
||||||
|
COPY ansible /opt/
|
||||||
|
|
||||||
|
# Install and base setup all the things
|
||||||
|
RUN apk upgrade --update --no-cache && \
|
||||||
|
apk add python3 curl jq bash unzip && \
|
||||||
|
ARCH=$(/opt/arch_detect.sh); \
|
||||||
|
echo "**** Detected arch: $ARCH ****" && \
|
||||||
|
S6_RELEASE=$(curl -sX GET "https://api.github.com/repos/just-containers/s6-overlay/tags" \
|
||||||
|
| jq -r .[0].name); \
|
||||||
|
echo "**** s6-overlay release: ${S6_RELEASE} ****" && \
|
||||||
|
echo "**** Installing s6-overlay ****" && \
|
||||||
|
curl -L https://github.com/just-containers/s6-overlay/releases/latest/download/s6-overlay-${ARCH}.tar.gz \
|
||||||
|
-o /opt/s6-overlay.tar.gz && \
|
||||||
|
tar xzf /opt/s6-overlay.tar.gz -C / && \
|
||||||
|
echo "**** wireguard ****" && \
|
||||||
|
apk add wireguard-tools && \
|
||||||
|
echo "**** syncthing ****" && \
|
||||||
|
apk add syncthing && \
|
||||||
|
echo "**** rclone ****" && \
|
||||||
|
curl https://rclone.org/install.sh | bash && \
|
||||||
|
echo "**** filebrowser ****" && \
|
||||||
|
curl -fsSL https://filebrowser.org/get.sh | bash && \
|
||||||
|
echo "**** ansible ****" && \
|
||||||
|
apk add ansible ansible-lint ansible-doc && \
|
||||||
|
ansible-galaxy install githubixx.ansible_role_wireguard && \
|
||||||
|
echo "**** cleanup ****" && \
|
||||||
|
rm /opt/s6-overlay.tar.gz && \
|
||||||
|
rm -rf /var/cache/apk/*
|
||||||
|
|
||||||
|
ADD /piframefleet/root/ /
|
||||||
|
|
||||||
|
# Wireguard related 'stuff'
|
||||||
|
ENV ENABLE_WIREGUARD=false
|
||||||
|
EXPOSE 51820/udp
|
||||||
|
VOLUME /lib/modules
|
||||||
|
|
||||||
|
# SyncThing related 'stuff'
|
||||||
|
ENV ENABLE_SYNCTHING=false
|
||||||
|
EXPOSE 8384/tcp
|
||||||
|
EXPOSE 22000/tcp
|
||||||
|
|
||||||
|
# FileBrowser related 'stuff'
|
||||||
|
ENV ENABLE_FILEBROWSER=false
|
||||||
|
EXPOSE 9191/tcp
|
||||||
|
VOLUME /opt/filebrowser
|
||||||
|
|
||||||
|
# General 'stuff'
|
||||||
|
VOLUME /opt/pictures
|
||||||
|
|
||||||
|
# Run s6-overlay as the init so we get services and similar
|
||||||
|
ENTRYPOINT [ "/init" ]
|
5
piframefleet/README.md
Normal file
5
piframefleet/README.md
Normal file
|
@ -0,0 +1,5 @@
|
||||||
|
# PiFrameFleet
|
||||||
|
|
||||||
|
This is a basic Docker container setup for managing a fleet of PiFrames.
|
||||||
|
|
||||||
|
This area of the code base is very much a work in progress and should **NOT** be used unless you're interested in submitting patches.
|
20
piframefleet/arch_detect.sh
Executable file
20
piframefleet/arch_detect.sh
Executable file
|
@ -0,0 +1,20 @@
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
python3 <<EOF
|
||||||
|
from __future__ import print_function
|
||||||
|
import platform
|
||||||
|
processor = platform.machine()
|
||||||
|
architecture = platform.architecture()
|
||||||
|
if processor == 'aarch64':
|
||||||
|
# Mutli arch arm support is why this 32bit check is present
|
||||||
|
if '32bit' in architecture:
|
||||||
|
print('arm', end='')
|
||||||
|
else:
|
||||||
|
print('aarch64', end='')
|
||||||
|
elif processor == 'x86 64' or processor == 'x86_64':
|
||||||
|
print('amd64', end='')
|
||||||
|
elif processor == 'armv7l':
|
||||||
|
print('arm', end='')
|
||||||
|
else:
|
||||||
|
print('armhf', end='')
|
||||||
|
EOF
|
45
piframefleet/root/etc/cont-init.d/30-config
Normal file
45
piframefleet/root/etc/cont-init.d/30-config
Normal file
|
@ -0,0 +1,45 @@
|
||||||
|
#!/usr/bin/with-contenv bash
|
||||||
|
|
||||||
|
####################
|
||||||
|
# WireGuard
|
||||||
|
####################
|
||||||
|
|
||||||
|
if [ "$ENABLE_WIREGUARD" = true ] ; then
|
||||||
|
ip link del dev test 2>/dev/null
|
||||||
|
if ip link add dev test type wireguard; then
|
||||||
|
echo "**** It seems the wireguard module is already active :) ****"
|
||||||
|
ip link del dev test
|
||||||
|
else
|
||||||
|
echo "**** The wireguard module is not active, please install wireguard on the host and activate the 'wg' kernel module ****"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
####################
|
||||||
|
# Pictures storage
|
||||||
|
####################
|
||||||
|
if [ ! -d "/opt/pictures" ]; then
|
||||||
|
mkdir /opt/pictures
|
||||||
|
fi
|
||||||
|
|
||||||
|
####################
|
||||||
|
# FileBrowser
|
||||||
|
####################
|
||||||
|
if [ "$ENABLE_FILEBROWSER" = true ] ; then
|
||||||
|
if [ ! -d "/opt/filebrowser" ]; then
|
||||||
|
mkdir /opt/filebrowser
|
||||||
|
fi
|
||||||
|
FB_DB="/opt/filebrowser/pictures.db"
|
||||||
|
if [ ! -f "$FB_DB" ]; then
|
||||||
|
echo "**** Initial FileBrowser Config ****"
|
||||||
|
filebrowser -d $FB_DB \
|
||||||
|
config init 2>&1 > /dev/null
|
||||||
|
filebrowser -d $FB_DB \
|
||||||
|
config set --address 0.0.0.0 2>&1 > /dev/null
|
||||||
|
filebrowser -d $FB_DB \
|
||||||
|
config set --port 9191 2>&1 > /dev/null
|
||||||
|
filebrowser -d $FB_DB \
|
||||||
|
config set --branding.name "PiFrameFleet - Pictures" 2>&1 > /dev/null
|
||||||
|
filebrowser -d $FB_DB \
|
||||||
|
users add admin password 2>&1 > /dev/null
|
||||||
|
fi
|
||||||
|
fi
|
20
piframefleet/root/etc/cont-init.d/99-welcome
Normal file
20
piframefleet/root/etc/cont-init.d/99-welcome
Normal file
|
@ -0,0 +1,20 @@
|
||||||
|
#!/usr/bin/with-contenv bash
|
||||||
|
|
||||||
|
echo "
|
||||||
|
-------------------------------------
|
||||||
|
Welcome to PiFrameFleet
|
||||||
|
This container includes the following
|
||||||
|
- WireGuard VPN
|
||||||
|
- Ansible
|
||||||
|
- SyncThing
|
||||||
|
- rclone
|
||||||
|
- FileBrowser (admin/password)
|
||||||
|
-------------------------------------"
|
||||||
|
echo "
|
||||||
|
-------------------------------------
|
||||||
|
Service Status
|
||||||
|
- WireGuard VPN : ${ENABLE_WIREGUARD}
|
||||||
|
- SyncThing : ${ENABLE_SYNCTHING}
|
||||||
|
- FileBrowser : ${ENABLE_FILEBROWSER}
|
||||||
|
-------------------------------------
|
||||||
|
"
|
20
piframefleet/root/etc/services.d/_service_control/run
Normal file
20
piframefleet/root/etc/services.d/_service_control/run
Normal file
|
@ -0,0 +1,20 @@
|
||||||
|
#!/usr/bin/with-contenv bash
|
||||||
|
|
||||||
|
# Only run the services control script (this one) once
|
||||||
|
# DO NOT IMMEDIATELY DOWN -- NEED TO TERM THE REST OF THE SERVICES FIRST
|
||||||
|
s6-svc -o /var/run/s6/services/_service_control
|
||||||
|
|
||||||
|
# s6-svc -od means to take down the service and flag it to run AT MOST once
|
||||||
|
# Service run scripts should check for enablement and immediately exit for this to work well
|
||||||
|
|
||||||
|
if [ "$ENABLE_WIREGUARD" = false ] ; then
|
||||||
|
s6-svc -od /var/run/s6/services/wireguard
|
||||||
|
fi
|
||||||
|
|
||||||
|
#if [ "$ENABLE_SYNCTHING" = false ] ; then
|
||||||
|
# s6-svc -od /var/run/s6/services/syncthing
|
||||||
|
#fi
|
||||||
|
|
||||||
|
if [ "$ENABLE_FILE_BROWSER" = false ] ; then
|
||||||
|
s6-svc -od /var/run/s6/services/filebrowser
|
||||||
|
fi
|
11
piframefleet/root/etc/services.d/filebrowser/run
Executable file
11
piframefleet/root/etc/services.d/filebrowser/run
Executable file
|
@ -0,0 +1,11 @@
|
||||||
|
#!/usr/bin/with-contenv bash
|
||||||
|
|
||||||
|
if [ "$ENABLE_FILEBROWSER" = false ] ; then
|
||||||
|
exit
|
||||||
|
fi
|
||||||
|
|
||||||
|
/usr/local/bin/filebrowser \
|
||||||
|
-d /opt/filebrowser/pictures.db \
|
||||||
|
-r /opt/pictures \
|
||||||
|
--img-processors 1 \
|
||||||
|
--disable-thumbnails
|
20
piframefleet/root/etc/services.d/wireguard/run
Normal file
20
piframefleet/root/etc/services.d/wireguard/run
Normal file
|
@ -0,0 +1,20 @@
|
||||||
|
#!/usr/bin/with-contenv bash
|
||||||
|
|
||||||
|
# Adapted from https://github.com/linuxserver/docker-wireguard
|
||||||
|
|
||||||
|
if [ "$ENABLE_WIREGUARD" = false ] ; then
|
||||||
|
exit
|
||||||
|
fi
|
||||||
|
|
||||||
|
_term() {
|
||||||
|
echo "Caught SIGTERM signal!"
|
||||||
|
wg-quick down wg0
|
||||||
|
}
|
||||||
|
|
||||||
|
trap _term SIGTERM
|
||||||
|
|
||||||
|
wg-quick up wg0
|
||||||
|
|
||||||
|
sleep infinity &
|
||||||
|
|
||||||
|
wait
|
4
piframefleet_build.sh
Executable file
4
piframefleet_build.sh
Executable file
|
@ -0,0 +1,4 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
git pull
|
||||||
|
sudo docker build -t piframe/piframefleet:latest -f piframefleet/Dockerfile .
|
26
piframefleet_run.sh
Executable file
26
piframefleet_run.sh
Executable file
|
@ -0,0 +1,26 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
echo "**** Building latest PiFrameFleet container ****"
|
||||||
|
$(pwd)/piframefleet_build.sh
|
||||||
|
|
||||||
|
echo "**** Deleting Original Container ****"
|
||||||
|
sudo docker rm -f piframefleet
|
||||||
|
|
||||||
|
echo "**** Running PiFrameFleet ****"
|
||||||
|
sudo docker run -it \
|
||||||
|
--restart unless-stopped \
|
||||||
|
--name piframefleet \
|
||||||
|
--cap-add=NET_ADMIN \
|
||||||
|
--cap-add=SYS_MODULE \
|
||||||
|
-e TZ=UTC \
|
||||||
|
-e ENABLE_WIREGUARD=true \
|
||||||
|
-e ENABLE_SYNCTHING=false \
|
||||||
|
-e ENABLE_FILEBROWSER=true \
|
||||||
|
-p 51820:51820/udp \
|
||||||
|
-p 8384:8384/tcp \
|
||||||
|
-p 22000:22000/tcp \
|
||||||
|
-p 9191:9191/tcp \
|
||||||
|
-v /lib/modules:/lib/modules:ro \
|
||||||
|
-v /var/piframefleet/filebrowser:/opt/filebrowser \
|
||||||
|
-v /var/piframefleet/pictures:/opt/pictures \
|
||||||
|
piframe/piframefleet:latest
|
Loading…
Reference in a new issue