Browse Source

Add Deployment Guide Documentation (#933)

this changeset addresses the need to rapidly deploy a yarn pod using common patterns via vps/vm, traefik, docker swarm, and cloudflare.

more guides and example will be added as time allows, but for now this has worked for @Screem @prologic and others

Reviewed-on: #933
Reviewed-by: James Mills <james@mills.io>
Co-authored-by: m u t e f a l l <mutefall@noreply@mills.io>
Co-committed-by: m u t e f a l l <mutefall@noreply@mills.io>
disable_daily_stats
parent
commit
257b56e4c0
  1. 1
      AUTHORS
  2. 3
      README.md
  3. 32
      deployment/README.MD
  4. 56
      deployment/traefik.yml
  5. 48
      deployment/yarn.yml

1
AUTHORS

@ -11,5 +11,6 @@ James Mills <prologic@shortcircuit.net.au>
Jon Lundy <jon@xuu.cc>
laz <laz@vltra.plus>
Marcos Marado <mindboosternoori@gmail.com>
mutefall <mutefall@mutefall.net>
Phil S. <phil@txt.ullarah.com>
venjiang <venjiang@gmail.com>

3
README.md

@ -163,6 +163,9 @@ Flags:
Use "yarnc [command] --help" for more information about a command.
```
### Deploy With Docker Swarm and Cloudflare
Visit: [deployment](./deployment/)
### Deploy with Docker Compose

32
deployment/README.MD

@ -0,0 +1,32 @@
#### Deployment
This deployment guide assumes you are using Docker with Swarm mode. There are many other ways to deploy this which we will cover eventually, but for now Docker Swarm is fairly simple.
#### Requirements
- A VPS or VM publically accessible
- A domain name
- DNS hosted on Cloudflare
- A cup of coffee
#### Setup
- Update and configure your VPS/VM how you prefer. Hardening and configuration is out of scope for this guide
- Ensure ports 80/443(tcp) are open via IPTables or UFW, however you choose to open them
- Visit cloudflare and point `mypoddomain.com` to the public-routable IP address of your system, ensure proxy is checked
- Grab your API key from the Cloudflare interface
- Install docker on your VPS/VM
- Create an operator user with `wheel` or `sudo` group as well as `docker` group
- Execute: `docker swarm init`, you've now created a single node Docker Swarm Cluster
- Execute: `docker network create -d overlay traefik` this will create the network needed for Traefik and Yarn to communicate
- Execute: `docker stack deploy -c traefik.yml traefik` this will deploy the traefik stack
- Give Traefik a few minutes to warm up. Tail the logs with `docker logs -f traefik_traefik.1.someid` to ensure there are no errors
- Execute: `docker stack deploy -c yarn.yml yarn`
- Execute `watch docker stack ps yarn --no-trunc` to ensure the stack comes up and reaches running state
- Execute: `docker logs -f yarn_yarn.1.someid` to verify the store is merged and service is up
- If there are no issues, you should be able to visit: `https://mypoddomain.com`
- To create your admin user, register with the username and email you set in the `yarn.yml` file
- Login to your pod to verify it was successful
- You can now customise your pod by visiting Settings -> Poderator Settings
- Grab another coffee

56
deployment/traefik.yml

@ -0,0 +1,56 @@
---
version: "3.8"
services:
traefik:
image: traefik:latest
ports:
- target: 80
published: 80
protocol: tcp
mode: host
- target: 443
published: 443
protocol: tcp
mode: host
networks:
- traefik
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- traefik:/data
command:
- --accesslog
- --api
- --certificatesResolvers.acme.acme.dnschallenge=true
- --certificatesResolvers.acme.acme.dnschallenge.provider=cloudflare
- --certificatesResolvers.acme.acme.email=youraddress@email.com
- --certificatesResolvers.acme.acme.storage=/data/acme.json
- --entrypoints.http.address=:80
- --entrypoints.http.http.redirections.entryPoint.to=https
- --entrypoints.http.http.redirections.entryPoint.scheme=https
- --entrypoints.https.address=:443
- --entrypoints.https.http.tls=true
- --entrypoints.https.http.tls.certresolver=acme
- --entrypoints.https.http.tls.domains[0].main=*.mypoddomain.com
- --entrypoints.https.http.tls.domains[0].sans=mypoddomain.com
- --providers.docker=true
- --providers.docker.exposedbydefault=false
- --providers.docker.network=traefik
- --providers.docker.swarmmode=true
- --providers.docker.watch=true
- --providers.file.directory=/data/rules
- --providers.file.watch=true
environment:
- CLOUDFLARE_EMAIL=yourcloudflare@email.com
- CLOUDFLARE_API_KEY=your-cloudflare-api-key
deploy:
endpoint_mode: dnsrr
replicas: 1
networks:
traefik:
external: true
volumes:
traefik:
driver: local

48
deployment/yarn.yml

@ -0,0 +1,48 @@
---
version: “3.8”
services:
yarn:
image: prologic/yarnd:latest
volumes:
- yarn:/data
networks:
- traefik
environment:
- BASE_URL=https://mypoddomain.com
- OPEN_PROFILES=true
- OPEN_REGISTRATIONS=true
- DISABLE_GZIP=true
- ADMIN_USER=youradminusername
- ADMIN_NAME=useradminname
- ADMIN_EMAIL=youradmin@email.com
- SMTP_HOST=xxxx (optional)
- SMTP_USER=xxxx (optional)
- SMTP_FROM=xxxx (optional)
- SMTP_PASS=xxxx (optional)
- API_SIGNING_KEY=(generate a string via `openssl -base64 64`)
- COOKIE_SECRET=(generate a string via `openssl -base64 64`)
- MAGICLINK_SECRET=(generate a string via `openssl -base64 64`)
- THEME=/theme
- PUID=1000
- PGID=1000
deploy:
mode: replicated
replicas: 1
labels:
- “traefik.enable=true”
- “traefik.http.routers.yarn_yarn.entrypoints=https”
- “traefik.docker.network=traefik”
- “traefik.http.services.yarn_yarn.loadbalancer.server.port=8000”
- “traefik.http.routers.yarn_yarn.rule=Host(`mypoddomain.com`)”
restart_policy:
condition: any
networks:
traefik:
external: true
volumes:
yarn:
driver: local
Loading…
Cancel
Save