diff --git a/manuscript/book.txt b/manuscript/book.txt index 162b719..fae1246 100644 --- a/manuscript/book.txt +++ b/manuscript/book.txt @@ -18,6 +18,11 @@ recipies/mail.md recipies/gitlab.md recipies/gitlab-runner.md recipies/wekan.md +recipies/huginn.md +recipies/kanboard.md +recipies/miniflux.md +recipies/ghost.md +recipies/piwik.md sections/reference.md reference/oauth_proxy.md diff --git a/manuscript/images/gollum.png b/manuscript/images/gollum.png new file mode 100644 index 0000000..c3454bc Binary files /dev/null and b/manuscript/images/gollum.png differ diff --git a/manuscript/recipies/ghost.md b/manuscript/recipies/ghost.md index d0396f6..417469c 100644 --- a/manuscript/recipies/ghost.md +++ b/manuscript/recipies/ghost.md @@ -24,6 +24,9 @@ mkdir -p /var/data/ghost Create a docker swarm config file in docker-compose syntax (v3), something like this: +!!! tip + I share (_with my [patreon patrons](https://www.patreon.com/funkypenguin)_) a private "_premix_" git repository, which includes necessary docker-compose and env files for all published recipes. This means that patrons can launch any recipe with just a ```git pull``` and a ```docker stack deploy``` 👍 + ``` version: '3' diff --git a/manuscript/recipies/gitlab.md b/manuscript/recipies/gitlab.md index 0925109..76d4167 100644 --- a/manuscript/recipies/gitlab.md +++ b/manuscript/recipies/gitlab.md @@ -49,6 +49,9 @@ GITLAB_ROOT_PASSWORD Create a docker swarm config file in docker-compose syntax (v3), something like this: +!!! tip + I share (_with my [patreon patrons](https://www.patreon.com/funkypenguin)_) a private "_premix_" git repository, which includes necessary docker-compose and env files for all published recipes. This means that patrons can launch any recipe with just a ```git pull``` and a ```docker stack deploy``` 👍 + ``` version: '3' @@ -102,9 +105,9 @@ networks: ipam: config: - subnet: 172.16.2.0/24 - - + - ``` -!!! tip +!!! note Setup unique static subnets for every stack you deploy. This avoids IP/gateway conflicts which can otherwise occur when you're creating/removing stacks a lot. See [my list](/reference/networks/) here. diff --git a/manuscript/recipies/gollum.md b/manuscript/recipies/gollum.md new file mode 100644 index 0000000..f345296 --- /dev/null +++ b/manuscript/recipies/gollum.md @@ -0,0 +1,128 @@ +# Gollum + +Gollum is a simple wiki system built on top of Git. A Gollum Wiki is simply a git repository (_either bare or regular_) of a specific nature: + +* A Gollum repository's contents are human-editable, unless the repository is bare. +* Pages are unique text files which may be organized into directories any way you choose. +* Other content can also be included, for example images, PDFs and headers/footers for your pages. + +Gollum pages: + +* May be written in a variety of markups. +* Can be edited with your favourite system editor or IDE (_changes will be visible after committing_) or with the built-in web interface. +* Can be displayed in all versions (_commits_). + + +![Gollum Screenshot](../images/gollum.png) + +As you'll note in the (_real world_) screenshot above, my requirements for a personal wiki are: + +* Portable across my devices +* Supports images +* Full-text search +* Supports inter-note links +* Revision control + +Gollum meets all these requirements, and as an added bonus, is extremely fast and lightweight. + +!!! note + Since Gollum itself offers no user authentication, this design secures gollum behind an [oauth2 proxy](/reference/oauth_proxy/), so that in order to gain access to the Gollum UI at all, oauth2 authentication (_to GitHub, GitLab, Google, etc_) must have already occurred. + + +## Ingredients + +1. [Docker swarm cluster](/ha-docker-swarm/) with [persistent shared storage](/ha-docker-swarm/shared-storage-ceph.md) +2. [Traefik](/ha-docker-swarm/traefik) configured per design + +## Preparation + +### Setup data locations + +We'll need an empty git repository in /var/data/gollum for our data: + +``` +mkdir /var/data/gollum +cd /var/data/gollum +git init +``` + +### Prepare environment + +1. Choose an oauth provider, and obtain a client ID and secret +2. Create gollum.env, and populate with the following variables (_you can make the cookie secret whatever you like_) + +``` +OAUTH2_PROXY_CLIENT_ID= +OAUTH2_PROXY_CLIENT_SECRET= +OAUTH2_PROXY_COOKIE_SECRET= +``` + +### Setup Docker Swarm + +Create a docker swarm config file in docker-compose syntax (v3), something like this: + +!!! tip + I share (_with my [patreon patrons](https://www.patreon.com/funkypenguin)_) a private "_premix_" git repository, which includes necessary docker-compose and env files for all published recipes. This means that patrons can launch any recipe with just a ```git pull``` and a ```docker stack deploy``` 👍 +``` +version: '3' + +services: + app: + image: dakue/gollum + volumes: + - /var/data/gollum:/gollum + networks: + - internal + command: | + --allow-uploads + --emoji + --user-icons gravatar + + proxy: + image: zappi/oauth2_proxy + env_file : /var/data/config/gollum/gollum.env + networks: + - internal + - traefik_public + deploy: + labels: + - traefik.frontend.rule=Host:gollum.example.com + - traefik.docker.network=traefik_public + - traefik.port=4180 + volumes: + - /var/data/config/gollum/authenticated-emails.txt:/authenticated-emails.txt + command: | + -cookie-secure=false + -upstream=http://app:4567 + -redirect-url=https://gollum.example.com + -http-address=http://0.0.0.0:4180 + -email-domain=example.com + -provider=github + -authenticated-emails-file=/authenticated-emails.txt + +networks: + traefik_public: + external: true + internal: + driver: overlay + ipam: + config: + - subnet: 172.16.9.0/24 +``` + +!!! note + Setup unique static subnets for every stack you deploy. This avoids IP/gateway conflicts which can otherwise occur when you're creating/removing stacks a lot. See [my list](/reference/networks/) here. + + + +## Serving + +### Launch Gollum stack + +Launch the Gollum stack by running ```docker stack deploy gollum -c ``` + +Authenticate against your OAuth provider, and then start editing your wiki! + +## Chef's Notes + +1. In the current implementation, Gollum is a "single user" tool only. The contents of the wiki are saved as markdown files under /var/data/gollum, and all the git commits are currently "Anonymous" diff --git a/manuscript/recipies/huginn.md b/manuscript/recipies/huginn.md index 438ab52..70a1220 100644 --- a/manuscript/recipies/huginn.md +++ b/manuscript/recipies/huginn.md @@ -64,6 +64,10 @@ POSTGRES_PASSWORD= Create a docker swarm config file in docker-compose syntax (v3), something like this: +!!! tip + I share (_with my [patreon patrons](https://www.patreon.com/funkypenguin)_) a private "_premix_" git repository, which includes necessary docker-compose and env files for all published recipes. This means that patrons can launch any recipe with just a ```git pull``` and a ```docker stack deploy``` 👍 + + ``` version: '3' @@ -121,7 +125,7 @@ networks: - subnet: 172.16.6.0/24 ``` -!!! tip +!!! note Setup unique static subnets for every stack you deploy. This avoids IP/gateway conflicts which can otherwise occur when you're creating/removing stacks a lot. See [my list](/reference/networks/) here. diff --git a/manuscript/recipies/kanboard.md b/manuscript/recipies/kanboard.md index 062186a..18d288c 100644 --- a/manuscript/recipies/kanboard.md +++ b/manuscript/recipies/kanboard.md @@ -37,6 +37,10 @@ mkdir -p /var/data/kanboard Create a docker swarm config file in docker-compose syntax (v3), something like this: +!!! tip + I share (_with my [patreon patrons](https://www.patreon.com/funkypenguin)_) a private "_premix_" git repository, which includes necessary docker-compose and env files for all published recipes. This means that patrons can launch any recipe with just a ```git pull``` and a ```docker stack deploy``` 👍 + + ``` version: '3' diff --git a/manuscript/recipies/mail.md b/manuscript/recipies/mail.md index 1315878..266ed43 100644 --- a/manuscript/recipies/mail.md +++ b/manuscript/recipies/mail.md @@ -92,6 +92,9 @@ Create the necessary DNS TXT entries for your domain(s). Note that although open Create a docker swarm config file in docker-compose syntax (v3), something like this: +!!! tip + I share (_with my [patreon patrons](https://www.patreon.com/funkypenguin)_) a private "_premix_" git repository, which includes necessary docker-compose and env files for all published recipes. This means that patrons can launch any recipe with just a ```git pull``` and a ```docker stack deploy``` 👍 + ``` version: '3' @@ -123,7 +126,7 @@ networks: - subnet: 172.16.2.0/24 ``` -!!! tip +!!! note Setup unique static subnets for every stack you deploy. This avoids IP/gateway conflicts which can otherwise occur when you're creating/removing stacks a lot. A sample .env file looks like this: diff --git a/manuscript/recipies/miniflux.md b/manuscript/recipies/miniflux.md index 0950460..3fe7d3a 100644 --- a/manuscript/recipies/miniflux.md +++ b/manuscript/recipies/miniflux.md @@ -30,6 +30,9 @@ mkdir -p /var/data/miniflux Create a docker swarm config file in docker-compose syntax (v3), something like this: +!!! tip + I share (_with my [patreon patrons](https://www.patreon.com/funkypenguin)_) a private "_premix_" git repository, which includes necessary docker-compose and env files for all published recipes. This means that patrons can launch any recipe with just a ```git pull``` and a ```docker stack deploy``` 👍 + ``` version: '3' diff --git a/manuscript/recipies/piwik.md b/manuscript/recipies/piwik.md index 92cced7..d5ecfbd 100644 --- a/manuscript/recipies/piwik.md +++ b/manuscript/recipies/piwik.md @@ -28,6 +28,11 @@ MYSQL_ROOT_PASSWORD=set-me-and-use-me-when-setting-up-piwik ### Setup docker swarm +Create a docker swarm config file in docker-compose syntax (v3), something like this: + +!!! tip + I share (_with my [patreon patrons](https://www.patreon.com/funkypenguin)_) a private "_premix_" git repository, which includes necessary docker-compose and env files for all published recipes. This means that patrons can launch any recipe with just a ```git pull``` and a ```docker stack deploy``` 👍 + ``` version: '3' @@ -77,7 +82,7 @@ networks: - subnet: 172.16.4.0/24 ``` -!!! tip +!!! note Setup unique static subnets for every stack you deploy. This avoids IP/gateway conflicts which can otherwise occur when you're creating/removing stacks a lot. See [my list](/reference/networks/) here. diff --git a/manuscript/recipies/template.md b/manuscript/recipies/template.md index 3c62c7a..b29fba2 100644 --- a/manuscript/recipies/template.md +++ b/manuscript/recipies/template.md @@ -40,6 +40,10 @@ MAIL_FROM="Wekan " Create a docker swarm config file in docker-compose syntax (v3), something like this: +!!! tip + I share (_with my [patreon patrons](https://www.patreon.com/funkypenguin)_) a private "_premix_" git repository, which includes necessary docker-compose and env files for all published recipes. This means that patrons can launch any recipe with just a ```git pull``` and a ```docker stack deploy``` 👍 + + ``` version: '3' @@ -89,7 +93,7 @@ networks: - subnet: 172.16.3.0/24 ``` -!!! tip +!!! note Setup unique static subnets for every stack you deploy. This avoids IP/gateway conflicts which can otherwise occur when you're creating/removing stacks a lot. See [my list](/reference/networks/) here. diff --git a/manuscript/recipies/tiny-tiny-rss.md b/manuscript/recipies/tiny-tiny-rss.md index 15e8972..8257ceb 100644 --- a/manuscript/recipies/tiny-tiny-rss.md +++ b/manuscript/recipies/tiny-tiny-rss.md @@ -55,6 +55,12 @@ S6_BEHAVIOUR_IF_STAGE2_FAILS=2 ### Setup docker swarm +Create a docker swarm config file in docker-compose syntax (v3), something like this: + +!!! tip + I share (_with my [patreon patrons](https://www.patreon.com/funkypenguin)_) a private "_premix_" git repository, which includes necessary docker-compose and env files for all published recipes. This means that patrons can launch any recipe with just a ```git pull``` and a ```docker stack deploy``` 👍 + + ``` version: '3' @@ -84,7 +90,7 @@ services: env_file: /var/data/ttrss/ttrss.env volumes: - /var/data/ttrss/database-dump:/dump - - /etc/localtime:/etc/localtime:ro + - /etc/localtime:/etc/localtime:ro entrypoint: | bash -c 'bash -s <