Build
docker build -t offtopic/open-pod:<TAG> .
Deploy su zaphoda
O accediamo come root, o l'utente con cui fate ssh deve essere nel gruppo docker:
docker save offtopic/open-pod:<TAG> | ssh root@abbiamoundominio.org docker load
Modificare la configurazione di nginx
Creare un certificato per openpod.abbiamoundominio.org. Per farlo ho spento nginx con
systemctl stop nginx
e poi ho ottenuto il nuovo certificato
certbot certonly --standalone -d openpod.abbiamoundominio.org
e riacceso nginx
systemctl start nginx
Poi ho aggiunto il la seguente configurazione in /etc/nginx/sites-available/openpod.abbiamoundominio.org.conf
1 server {
2 listen 80;
3 server_name openpod.abbiamoundominio.org;
4
5 access_log /var/log/nginx/openpod.abbiamoundominio.org-access.log;
6 error_log /var/log/nginx/openpod.abbiamoundominio.org-error.log error;
7
8 root /var/www/openpod.abbiamoundominio.org;
9
10 location / {
11 return 301 https://$server_name$request_uri;
12 }
13
14 include common/robots.conf;
15 include common/letsencrypt.conf;
16 }
17
18 server {
19 listen 443 ssl;
20 server_name openpod.abbiamoundominio.org;
21
22 access_log /var/log/nginx/openpod.abbiamoundominio.org-access.log;
23 error_log /var/log/nginx/openpod.abbiamoundominio.org-error.log error;
24
25 error_page 404 /404.html;
26
27 include common/ssl.conf;
28 ssl_certificate /etc/letsencrypt/live/openpod.abbiamoundominio.org/fullchain.pem;
29 ssl_certificate_key /etc/letsencrypt/live/openpod.abbiamoundominio.org/privkey.pem;
30
31 location / {
32 proxy_pass http://127.0.0.1:8080;
33 proxy_set_header Host $http_host;
34 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
35
36 # WebSocket settings
37 proxy_http_version 1.1;
38 proxy_set_header Upgrade $http_upgrade;
39 proxy_set_header Connection "upgrade";
40 proxy_read_timeout 1h;
41 }
42
43 include common/robots.conf;
44 include common/letsencrypt.conf;
45 }
Accendere il container docker
Con lo script messo in /usr/local/bin/openpod รจ possibile maneggiare il servizio:
openpod start <versione> openpod logs -f openpod stop openpod replace
Lo script:
1 #!/usr/bin/env bash
2
3 function help_fun() {
4 case ${1} in
5 start)
6 help_start_service
7 ;;
8 stop)
9 help_stop_service
10 ;;
11 replace)
12 help_replace_service
13 ;;
14 logs)
15 help_logs
16 ;;
17 *)
18 help_general
19 ;;
20 esac
21 }
22
23 function help_general() {
24 cat << EOH
25 openpod: Manage openpod service
26 openpod [subcommand] [opts]
27
28 subcommands:
29 start
30 stop
31 logs
32 help
33 EOH
34 }
35
36 function help_start_service() {
37 cat << EOH
38 start [VERSION]
39 EOH
40 }
41
42 function start_service() {
43 local version
44 if [ "z${1}" = "z" ]; then
45 version=latest
46 else
47 version=${1}
48 fi
49 docker run \
50 -e APP_HOST=localhost \
51 -e APP_PORT=8080 \
52 -e SECRET_KEY_BASE="SWl0xVj8AVXoc2G0eUk6VfeOd/lppjkaKbiHWs4ucxAUJ8+wzAEa4bMo0ZVjtVVk" \
53 -p 8080:8080 \
54 --restart always \
55 --name openpod \
56 --detach \
57 offtopic/open-pod:${version}
58 }
59
60 function help_stop_service() {
61 cat << EOH
62 stop
63 EOH
64 }
65
66 function stop_service() {
67 docker stop openpod
68 }
69
70 function help_replace_service() {
71 cat << EOH
72 replace [VERSION]
73 EOH
74 }
75
76 function replace_service() {
77 docker stop openpod || true
78 docker rm openpod || true
79 start_service ${@}
80 }
81
82 function help_logs() {
83 cat << EOH
84 logs [OPTS]
85 OPTS: all docker-logs options
86 EOH
87 }
88
89 function logs() {
90 docker logs ${@} openpod
91 }
92
93 function main() {
94 case ${1} in
95 start)
96 shift
97 start_service ${@}
98 ;;
99 stop)
100 stop_service
101 ;;
102 replace)
103 shift
104 replace_service ${@}
105 ;;
106 logs)
107 shift
108 logs ${@}
109 ;;
110 help)
111 help_fun ${2}
112 exit 0
113 ;;
114 -h|--help)
115 help_general
116 exit 0
117 ;;
118 *)
119 help_fun
120 exit 1
121 ;;
122 esac
123 }
124
125 main ${@}
126
127 # vim: set ft=sh et sw=0 ts=2 sts=0:
128