PiFrame/piframe
PiFrame/piframe
1
0
Fork 0
Code Issues 4 Pull requests Releases Activity

Move PiFrameFleet to dedicated repo

Browse source
This commit is contained in:
KemoNine 2020-08-06 18:21:09 -04:00
parent 83de1e9a99
commit 325b587310
11 changed files with 0 additions and 314 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

80
piframefleet/Dockerfile
View file

@ -1,80 +0,0 @@
FROM ubuntu:latest
# Don't bother us for selections during install
ENV DEBIAN_FRONTEND="noninteractive"
# We work off /opt, the *nix way
WORKDIR /opt/
# need to figure out if arm64/arm64 32bit multilib/arm
COPY piframefleet/arch_detect.sh /opt/
# Install and base setup all the things
RUN apt update && apt upgrade -y && \
apt install -y python3 curl jq bash unzip nano git && \
ARCH=$(/opt/arch_detect.sh); \
echo "**** Detected arch: $ARCH ****" && \
S6_RELEASE=$(curl -sX GET "https://api.github.com/repos/just-containers/s6-overlay/tags" \
| jq -r .[0].name); \
echo "**** s6-overlay release: ${S6_RELEASE} ****" && \
echo "**** Installing s6-overlay ****" && \
curl -L https://github.com/just-containers/s6-overlay/releases/latest/download/s6-overlay-${ARCH}.tar.gz \
-o /opt/s6-overlay.tar.gz && \
tar xzf /opt/s6-overlay.tar.gz -C / --exclude="./bin" && \
tar xzf /opt/s6-overlay.tar.gz -C /usr ./bin && \
echo "**** wireguard ****" && \
apt install -y build-essential ifupdown net-tools iproute2 iptables iputils-ping libc6 libelf-dev pkg-config && \
WIREGUARD_RELEASE=$(curl -sX GET "https://api.github.com/repos/WireGuard/wireguard-tools/tags" \
| jq -r .[0].name); \
git clone https://git.zx2c4.com/wireguard-tools /opt/wireguard-tools && \
cd /opt/wireguard-tools && \
git checkout "${WIREGUARD_RELEASE}" && \
make -C src -j$(nproc) && \
make -C src install && \
cd /opt && \
echo "**** syncthing ****" && \
curl -s https://syncthing.net/release-key.txt | apt-key add - && \
echo "deb https://apt.syncthing.net/ syncthing stable" | tee /etc/apt/sources.list.d/syncthing.list && \
apt update && apt install -y syncthing && \
echo "**** rclone ****" && \
curl https://rclone.org/install.sh | bash && \
echo "**** filebrowser ****" && \
curl -fsSL https://filebrowser.org/get.sh | bash && \
echo "**** ansible ****" && \
apt install -y python3-apt sshpass ansible ansible-lint ansible-doc && \
echo "**** cleanup ****" && \
rm /opt/arch_detect.sh && \
rm /opt/s6-overlay.tar.gz && \
rm -rf /opt/wireguard-tools && \
apt remove --purge -y build-essential pkg-config libelf-dev unzip && \
apt autoremove --purge -y && \
rm -rf /var/lib/apt/lists/*
# Copy the s6 related 'stuff' to the container
ADD /piframefleet/root/ /
# Ansible related 'stuff'
VOLUME /opt/ansible
# Wireguard related 'stuff'
ENV ENABLE_WIREGUARD=false
EXPOSE 51820/udp
VOLUME /lib/modules
VOLUME /opt/wireguard
# SyncThing related 'stuff'
ENV ENABLE_SYNCTHING=false
EXPOSE 8384/tcp
EXPOSE 22000/tcp
VOLUME /opt/syncthing
# FileBrowser related 'stuff'
ENV ENABLE_FILEBROWSER=false
EXPOSE 9191/tcp
VOLUME /opt/filebrowser
# General 'stuff'
VOLUME /opt/pictures
# Run s6-overlay as the init so we get services and similar
ENTRYPOINT [ "/init" ]

5
piframefleet/README.md
View file

@ -1,5 +0,0 @@
# PiFrameFleet
This is a basic Docker container setup for managing a fleet of PiFrames.
This area of the code base is very much a work in progress and should **NOT** be used unless you're interested in submitting patches.

20
piframefleet/arch_detect.sh
View file

@ -1,20 +0,0 @@
#!/bin/sh
python3 <<EOF
from __future__ import print_function
import platform
processor = platform.machine()
architecture = platform.architecture()
if processor == 'aarch64':
# Mutli arch arm support is why this 32bit check is present
if '32bit' in architecture:
print('arm', end='')
else:
print('aarch64', end='')
elif processor == 'x86 64' or processor == 'x86_64':
print('amd64', end='')
elif processor == 'armv7l':
print('arm', end='')
else:
print('armhf', end='')
EOF

28
piframefleet/root/etc/cont-init.d/00-welcome
View file

@ -1,28 +0,0 @@
#!/usr/bin/with-contenv bash
echo "
-------------------------------------
Welcome to PiFrameFleet
This container includes the following
- WireGuard VPN
- Ansible
- SyncThing
- rclone
- FileBrowser (admin/password)
-------------------------------------"
echo "
-------------------------------------
Service Status
- WireGuard VPN : ${ENABLE_WIREGUARD}
- SyncThing : ${ENABLE_SYNCTHING}
- FileBrowser : ${ENABLE_FILEBROWSER}
-------------------------------------
"
if [ -f "/opt/ansible/ssh.key" ] ; then
echo "
-------------------------------------
Ansible SSH Key"
cat /opt/ansible/ssh.key.pub
echo "-------------------------------------
"
fi

88
piframefleet/root/etc/cont-init.d/30-config
View file

@ -1,88 +0,0 @@
#!/usr/bin/with-contenv bash
####################
# Pictures storage
####################
if [ ! -d "/opt/pictures" ] ; then
mkdir /opt/pictures
fi
####################
# Ansible
####################
if [ ! -d "/opt/ansible" ] ; then
mkdir /opt/ansible
fi
if [ ! -d "/opt/ansible/.git" ] ; then
git clone https://git.kemonine.info/PiFrame/ansible.git /opt/ansible/
else
cd /opt/ansible
git pull
fi
if [ ! -f "/opt/ansible/ssh.key" ] ; then
ssh-keygen -t rsa -b 4096 -f /opt/ansible/ssh.key -N ''
echo "
-------------------------------------
Ansible SSH Key"
cat /opt/ansible/ssh.key.pub
echo "-------------------------------------
"
fi
####################
# WireGuard
####################
if [ "$ENABLE_WIREGUARD" = true ] ; then
ip link del dev test 2>/dev/null
if ip link add dev test type wireguard; then
echo "**** It seems the wireguard module is already active :) ****"
ip link del dev test
else
echo "**** The wireguard module is not active, please install wireguard on the host and activate the 'wg' kernel module ****"
fi
if [ ! -d "/opt/wireguard" ] ; then
mkdir /opt/wireguard
fi
fi
####################
# syncthing
####################
if [ "$ENABLE_SYNCTHING" = true ] ; then
if [ ! -d "/opt/syncthing" ]; then
mkdir /opt/syncthing
fi
ST_CONF="/opt/syncthing/config.xml"
if [ ! -f "$ST_CONF" ]; then
echo "**** Initial Syncthing Config ****"
/usr/bin/syncthing -generate /opt/syncthing
sed -i 's/<address>127.0.0.1:8384<\/address>/<address>0.0.0.0:8384<\/address>/g' /opt/syncthing/config.xml
sed -i 's/<folder id="default" label="Default Folder" path="\/root\/Sync" type="sendreceive" rescanIntervalS="3600" fsWatcherEnabled="true" fsWatcherDelayS="10" ignorePerms="false" autoNormalize="true">/<folder id="piframe-pictures" label="PiFrameFleet Pictures" path="\/opt\/pictures" type="sendonly" rescanIntervalS="86400" fsWatcherEnabled="true" fsWatcherDelayS="10" ignorePerms="false" autoNormalize="true">/g' /opt/syncthing/config.xml
if [ -d "/root/Sync" ]; then
rm -r /root/Sync
fi
fi
fi
####################
# FileBrowser
####################
if [ "$ENABLE_FILEBROWSER" = true ] ; then
if [ ! -d "/opt/filebrowser" ]; then
mkdir /opt/filebrowser
fi
FB_DB="/opt/filebrowser/pictures.db"
if [ ! -f "$FB_DB" ]; then
echo "**** Initial FileBrowser Config ****"
filebrowser -d $FB_DB \
config init 2>&1 > /dev/null
filebrowser -d $FB_DB \
config set --address 0.0.0.0 2>&1 > /dev/null
filebrowser -d $FB_DB \
config set --port 9191 2>&1 > /dev/null
filebrowser -d $FB_DB \
config set --branding.name "PiFrameFleet - Pictures" 2>&1 > /dev/null
filebrowser -d $FB_DB \
users add admin password 2>&1 > /dev/null
fi
fi

20
piframefleet/root/etc/services.d/_service_control/run
View file

@ -1,20 +0,0 @@
#!/usr/bin/with-contenv bash
# Only run the services control script (this one) once
# DO NOT IMMEDIATELY DOWN -- NEED TO TERM THE REST OF THE SERVICES FIRST
s6-svc -o /var/run/s6/services/_service_control
# s6-svc -od means to take down the service and flag it to run AT MOST once
# Service run scripts should check for enablement and immediately exit for this to work well
if [ "$ENABLE_WIREGUARD" = false ] ; then
s6-svc -od /var/run/s6/services/wireguard
fi
#if [ "$ENABLE_SYNCTHING" = false ] ; then
# s6-svc -od /var/run/s6/services/syncthing
#fi
if [ "$ENABLE_FILE_BROWSER" = false ] ; then
s6-svc -od /var/run/s6/services/filebrowser
fi

11
piframefleet/root/etc/services.d/filebrowser/run
View file

@ -1,11 +0,0 @@
#!/usr/bin/with-contenv bash
if [ "$ENABLE_FILEBROWSER" = false ] ; then
exit
fi
/usr/local/bin/filebrowser \
-d /opt/filebrowser/pictures.db \
-r /opt/pictures \
--img-processors 1 \
--disable-thumbnails

9
piframefleet/root/etc/services.d/syncthing/run
View file

@ -1,9 +0,0 @@
#!/usr/bin/with-contenv bash
if [ "$ENABLE_SYNCTHING" = false ] ; then
exit
fi
/usr/bin/syncthing \
-home="/opt/syncthing" \
-no-browser

20
piframefleet/root/etc/services.d/wireguard/run
View file

@ -1,20 +0,0 @@
#!/usr/bin/with-contenv bash
# Adapted from https://github.com/linuxserver/docker-wireguard
if [ "$ENABLE_WIREGUARD" = false ] ; then
exit
fi
_term() {
echo "Caught SIGTERM signal!"
wg-quick down /opt/wireguard/wg0.conf
}
trap _term SIGTERM
wg-quick up /opt/wireguard/wg0.conf
sleep infinity &
wait

4
piframefleet_build.sh
View file

@ -1,4 +0,0 @@
#!/bin/bash
git pull
sudo docker build -t piframe/piframefleet:latest -f piframefleet/Dockerfile .

29
piframefleet_run.sh
View file

@ -1,29 +0,0 @@
#!/bin/bash
echo "**** Building latest PiFrameFleet container ****"
$(pwd)/piframefleet_build.sh
echo "**** Deleting Original Container ****"
sudo docker rm -f piframefleet
echo "**** Running PiFrameFleet ****"
sudo docker run -it \
--restart unless-stopped \
--name piframefleet \
--cap-add=NET_ADMIN \
--cap-add=SYS_MODULE \
-e TZ=UTC \
-e ENABLE_WIREGUARD=true \
-e ENABLE_SYNCTHING=true \
-e ENABLE_FILEBROWSER=true \
-p 51821:51821/udp \
-p 8384:8384/tcp \
-p 22000:22000/tcp \
-p 9191:9191/tcp \
-v /lib/modules:/lib/modules:ro \
-v /var/piframefleet/syncthing:/opt/syncthing \
-v /var/piframefleet/filebrowser:/opt/filebrowser \
-v /var/piframefleet/wireguard:/opt/wireguard \
-v /var/piframefleet/ansible:/opt/ansible \
-v /var/piframefleet/pictures:/opt/pictures \
piframe/piframefleet:latest