aiko/dotTiddlywiki
1
0
Fork 0
mirror of /repos/dotTiddlywiki.git synced 2025-12-30 07:31:33 +01:00
Code Issues Releases Wiki Activity
dotTiddlywiki/mywiki/tiddlers/new monolith.tid
Aiko Mastboom e3cd4097a4 update
2017-11-24 00:12:16 +01:00

108 lines
2.1 KiB
Plaintext
Raw Blame History

created: 20171106135117587
creator: user
modified: 20171113115745353
modifier: user
tags:
title: new monolith
type: text/vnd.tiddlywiki
! Configure forward.bjoola.com
edit `/etc/stunnel.conf`
```
[ssldevX]
connect = 213.125.205.3:PPP
accept = 127.0.0.1:PPP
```
edit or create `/etc/nginx/site-enabled/devX.vrendly.nl`
`certbot certonly -d devX.vrendly.bjoola.com -d devX.auth.bjoola.com -d devX.genifer.bjoola.com -d devX.vrendly-api.bjoola.com`
! Create monolith on server2
```sh
ssh server2
lxc-copy -n docker-default -N monolith-devX
lxc-start -n monolith-devX
lxc-attach -n monolith-devX
ifconfig |grep 192
# inet addr:192.168.Y.Z Bcast:192.168.255.255 Mask:255.255.0.0
vi /home/www/.ssh/authorized_keys
# add your id_rsa.pub
vi /root/provision.sh
# insert provision script
```
[[provision monolith]]
```
bash /root/provision.sh
```
!! stunnel
```
mkdir /etc/stunnel/keys
vi /etc/stunnel/keys/stunnel.pem
```
paste pem from other monolith (or from server2)
```
vi /etc/stunnel/stunnel.conf
```
```
cert = /etc/stunnel/keys/stunnel.pem
[ssl]
accept = 192.168.Y.Z:PPP
connect = 127.0.0.1:80
```
```
vi /etc/default/stunnel4
```
```
ENABLED=1
```
!! iptables
```
vi /etc/iptables/rules.v4
```
```
# Generated by iptables-save v1.4.21 on Tue Oct 17 11:39:15 2017
*filter
:INPUT DROP [5:676]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [18:1232]
-A INPUT -i lo -j ACCEPT
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
-A INPUT -p tcp -m tcp --dport PPP -j ACCEPT
COMMIT
# Completed on Tue Oct 17 11:39:15 2017
```
```
exit
exit
```
! configure local machine
edit `~/.ssh/config`
```
Host devX-monolith
Hostname 192.168.Y.Z
User www-data
```
! configure docker registry
```
ssh devX-monolith
docker login docker-registry.bjoola.nl
```
!Install proxy
```
# ~/Development/ci-operations from https://github.com/kantoor-f12/ci-operations.git
$ ./operations/deployment/sync.proxy.sh devX-monolith
```
Done.. devX should now be ready to get deployed to.
Reference in New Issue View Git Blame Copy Permalink