public/geek-cookbook
1
0
Fork 0
mirror of https://github.com/funkypenguin/geek-cookbook/ synced 2025-12-13 09:46:23 +00:00
Code Issues Releases Wiki Activity

Design / speed tweaks

Browse Source 
* Test updating CTA, using insiders version of mkdocs-material

* Dark mode, baby!

Signed-off-by: David Young <davidy@funkypenguin.co.nz>

* What will netlify do if I remove requirements.txt?

Signed-off-by: David Young <davidy@funkypenguin.co.nz>

* What will netlify do if I remove requirements.txt?

Signed-off-by: David Young <davidy@funkypenguin.co.nz>

* Only build the insiders version

Signed-off-by: David Young <davidy@funkypenguin.co.nz>

* Remove some broken links

Signed-off-by: David Young <davidy@funkypenguin.co.nz>

* Fix dead link

Signed-off-by: David Young <davidy@funkypenguin.co.nz>

* Remove twitter embed

Signed-off-by: David Young <davidy@funkypenguin.co.nz>

* Fix dead links

Signed-off-by: David Young <davidy@funkypenguin.co.nz>

* Mooar dead links

Signed-off-by: David Young <davidy@funkypenguin.co.nz>

* Final dead link

Signed-off-by: David Young <davidy@funkypenguin.co.nz>
This commit is contained in:
David Young
2021-01-09 13:56:48 +13:00
committed by GitHub
parent 3cc7548e24
commit 745dc26946
35 changed files with 86 additions and 634 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
Dockerfile
View File

@@ -1,4 +1,5 @@
FROM squidfunk/mkdocs-material
#FROM squidfunk/mkdocs-material
FROM ghcr.io/squidfunk/mkdocs-material-insiders
RUN pip install \
mkdocs-autolinks-plugin \
mkdocs-htmlproofer-plugin \

2
README.md
View File

@@ -33,7 +33,7 @@
# What is this?
Funky Penguin's "**[Geek Cookbook](https://geek-cookbook.funkypenguin.co.nz)**" is a collection of how-to guides for establishing your own container-based self-hosting platform, using either [Docker Swarm](/ha-docker-swarm/design/) or [Kubernetes](/kubernetes/start/).
Funky Penguin's "**[Geek Cookbook](https://geek-cookbook.funkypenguin.co.nz)**" is a collection of how-to guides for establishing your own container-based self-hosting platform, using either [Docker Swarm](/ha-docker-swarm/design/) or [Kubernetes](/kubernetes/).
Running such a platform enables you to run self-hosted tools such as [AutoPirate](/recipes/autopirate/) (*Radarr, Sonarr, NZBGet and friends*), [Plex][plex], [NextCloud][nextcloud], and includes elements such as:

4
_snippets/premix-cta.md
View File

@@ -1,2 +1,4 @@
!!! tip
I share (_with my [sponsors](https://github.com/sponsors/funkypenguin)_) a private "_premix_" git repository, which includes necessary docker-compose and env files for all published recipes. This means that sponsors can launch any recipe with just a ```git pull``` and a ```docker stack deploy``` 👍
I share (_with my [sponsors](https://github.com/sponsors/funkypenguin)_) a private "[_premix_](https://geek-cookbook.funkypenguin.co.nz/premix/)" git repository, which includes necessary docker-compose and env files for all published recipes. This means that sponsors can launch any recipe with just a `git pull` and a `docker stack deploy` 👍.
🚀 **Update**: Premix now includes an ansible playbook, so that sponsors can deploy an entire stack + recipes, with a single ansible command! (more [here](https://geek-cookbook.funkypenguin.co.nz/premix/ansible/operation/))

2
manuscript/community/contribute.md
View File

@@ -9,7 +9,7 @@ Got nothing to contribute, but want to give back to the community? Here are some
## Contributing moneyz 💰
Sponsor [your chef](https://github.com/sponsors/funkypenguin) :heart:, or [join us](/sponsored-projects/) in supporting the open-source projects we enjoy!
Sponsor [your chef](https://github.com/sponsors/funkypenguin) :heart:, or [join us](/#sponsored-projects) in supporting the open-source projects we enjoy!
## Contributing bugfixorz 🐛

2
manuscript/ha-docker-swarm/shared-storage-ceph.md
View File

@@ -145,7 +145,7 @@ It's now necessary to tranfer the following files to your ==other== nodes, so th
Back on the ==master== node, run `ceph orch host add <node-name>` once for each other node you want to join to the cluster. You can validate the results by running `ceph orch host ls`
!!! question "Should we be concerned about giving cephadm using root access over SSH?"
Not really. Docker is inherently insecure at the host-level anyway (*think what would happen if you launched a global-mode stack with a malicious container image which mounted `/root/.ssh`*), so worrying about cephadm seems a little barn-door-after-horses-bolted. If you take host-level security seriously, consider switching to [Kubernetes](/kubernetes/start/) :)
Not really. Docker is inherently insecure at the host-level anyway (*think what would happen if you launched a global-mode stack with a malicious container image which mounted `/root/.ssh`*), so worrying about cephadm seems a little barn-door-after-horses-bolted. If you take host-level security seriously, consider switching to [Kubernetes](/kubernetes/) :)
### Add OSDs

35
manuscript/index.md
View File

@@ -1,6 +1,12 @@
# What is this thing?
---
hide:
- navigation # Hide navigation
# - toc # Hide table of contents
---
Funky Penguin's "**[Geek Cookbook](https://geek-cookbook.funkypenguin.co.nz)**" is a collection of how-to guides for establishing your own container-based self-hosting platform, using either [Docker Swarm](/ha-docker-swarm/design/) or [Kubernetes](/kubernetes/start/).
# Welcome, fellow geek :wave:
Funky Penguin's "**[Geek Cookbook](https://geek-cookbook.funkypenguin.co.nz)**" is a collection of how-to guides for establishing your own container-based self-hosting platform, using either [Docker Swarm](/ha-docker-swarm/design/) or [Kubernetes](/kubernetes/).
Running such a platform enables you to run self-hosted tools such as [AutoPirate](/recipes/autopirate/) (*Radarr, Sonarr, NZBGet and friends*), [Plex](https://www.plex.tv/), [NextCloud](https://nextcloud.com/), and includes elements such as:
@@ -27,7 +33,11 @@ So if you're familiar enough with the concepts above, and you've done self-hosti
!!! quote "...how useful the recipes are for people just getting started with containers..."
<blockquote class="twitter-tweet"><p lang="en" dir="ltr">.<a href="https://twitter.com/funkypenguin?ref_src=twsrc%5Etfw">@funkypenguin</a> One of the surprising realizations from following Funky Penguins cookbooks <a href="https://t.co/XvZ2qLJa5N">https://t.co/XvZ2qLJa5N</a> for so long is how useful the recipes are for people just getting started with containers and how it gives them real, interesting usecases to attach to their learning</p>&mdash; DevOps Daniel (@DanielSHouston) <a href="https://twitter.com/DanielSHouston/status/1213419203379773442?ref_src=twsrc%5Etfw">January 4, 2020</a></blockquote> <script async src="https://platform.twitter.com/widgets.js" charset="utf-8"></script>
"One of the surprising realizations from following Funky Penguins cookbooks for so long is how useful the recipes are for people just getting started with containers and how it gives them real, interesting usecases to attach to their learning" - [DevOps Daniel (@DanielSHouston)](https://twitter.com/DanielSHouston/status/1213419203379773442)
## Who are you?
:wave: Hi, I'm [David](https://www.funkypenguin.co.nz/about/)
## What have you done for me lately? (CHANGELOG)
@@ -58,10 +68,9 @@ The best way to support this work is to become a [GitHub Sponsor](https://github
Impulsively **[click here (NOW quick do it!)](https://github.com/sponsors/funkypenguin)** to [sponsor me](https://github.com/sponsors/funkypenguin) via GitHub, or [patronize me via Patreon](https://www.patreon.com/bePatron?u=6982506)!
### Work with me 🤝
Need some Cloud / Microservices / DevOps / Infrastructure design work done? I'm a full-time [AWS-certified](https://www.certmetrics.com/amazon/public/badge.aspx?i=4&t=c&d=2019-02-22&ci=AWS00794574) consultant, this stuff is my bread and butter! :bread: :fork_and_knife: [Get in touch](https://www.funkypenguin.co.nz/contact/), and let's talk business!
Need some Cloud / Microservices / DevOps / Infrastructure design work done? I'm a full-time [AWS](https://www.youracclaim.com/badges/a0c4a196-55ab-4472-b46b-b610b44dc00f/public_url) / [CNCF](https://www.youracclaim.com/badges/cd307d51-544b-4bc6-97b0-9015e40df40d/public_url)-[certified](https://www.youracclaim.com/badges/9ed9280a-fb92-46ca-b307-8f74a2cccf1d/public_url) [cloud/architecture consultant](https://www.funkypenguin.co.nz/about/), I've been doing (*and loving!*) this for 20+ years, and it's my bread and butter! :bread: :fork_and_knife: [Get in touch](https://www.funkypenguin.co.nz/contact/), and let's talk business!
!!! quote "He unblocked me on all the technical hurdles to launching my SaaS in GKE!"
@@ -79,3 +88,19 @@ Need some Cloud / Microservices / DevOps / Infrastructure design work done? I'm
### Buy my book 📖
I'm publishing the Geek Cookbook as a formal eBook (*PDF, mobi, epub*), on Leanpub (https://leanpub.com/geek-cookbook). Check it out!
### Sponsored Projects
I'm supported and motivated by [GitHub Sponsors](https://github.com/sponsors/funkypenguin), [Patreon patrons](https://www.patreon.com/funkypenguin) and [LeanPub readers](https://leanpub.com/geeks-cookbook) who have generously sponsored me.
I regularly donate to / sponsor the following projects. **Join me** in supporting these geeks, and encouraging them to continue building the ingredients for your favourite recipes!
| Project | Donate via..
| ------------- |-------------|
| [Komga](/recipes/komga/) | [GitHub Sponsors](https://github.com/sponsors/gotson)
| [Material for MKDocs](https://squidfunk.github.io/mkdocs-material/) | [GitHub Sponsors](https://github.com/sponsors/squidfunk)
| [Calibre](https://calibre-ebook.com/) | [Credit Card](https://calibre-ebook.com/donate) / [Patreon](https://www.patreon.com/kovidgoyal) / [LibrePay](https://liberapay.com/kovidgoyal/donate)
| [LinuxServer.io](https://www.linuxserver.io) | [PayPal](https://www.linuxserver.io/donate)
| [WidgetBot's Discord Widget](https://widgetbot.io/) | [Patreon](https://www.patreon.com/widgetbot/overview)
| [Carl-bot](https://carl.gg/) | [Patreon](https://www.patreon.com/carlbot)

2
manuscript/kubernetes/cluster.md
View File

@@ -72,7 +72,7 @@ That's it. You have a beautiful new kubernetes cluster ready for some action!
Still with me? Good. Move on to creating your own external load balancer..
* [Start](/kubernetes/start/) - Why Kubernetes?
* [Start](/kubernetes/) - Why Kubernetes?
* [Design](/kubernetes/design/) - How does it fit together?
* Cluster (this page) - Setup a basic cluster
* [Load Balancer](/kubernetes/loadbalancer/) - Setup inbound access

2
manuscript/kubernetes/design.md
View File

@@ -121,7 +121,7 @@ Finally, the DNS for all externally-accessible services is pointed to the IP of
Still with me? Good. Move on to creating your cluster!
- [Start](/kubernetes/start/) - Why Kubernetes?
- [Start](/kubernetes/) - Why Kubernetes?
- Design (this page) - How does it fit together?
- [Cluster](/kubernetes/cluster/) - Setup a basic cluster
- [Load Balancer](/kubernetes/loadbalancer/) - Setup inbound access

2
manuscript/kubernetes/diycluster.md
View File

@@ -290,7 +290,7 @@ This section is WIP, instead, try using the K3S guide above 🙂
Now that you have wasted half a lifetime on installing your very own cluster, you can install more to it. Like a load balancer!
* [Start](/kubernetes/start/) - Why Kubernetes?
* [Start](/kubernetes/) - Why Kubernetes?
* [Design](/kubernetes/design/) - How does it fit together?
* Cluster (this page) - Setup a basic cluster
* [Load Balancer](/kubernetes/loadbalancer/) - Setup inbound access

5
manuscript/kubernetes/helm.md
View File

@@ -4,9 +4,6 @@
![Kubernetes Snapshots](/images/kubernetes-helm.png)
!!! note
Given enough interest, I may provide a helm-compatible version of the pre-mix repository for [supporters](/support/). [Hit me up](/whoami/#contact-me) if you're interested!
## Ingredients
1. [Kubernetes cluster](/kubernetes/cluster/)
@@ -47,7 +44,7 @@ That's it - not very exciting I know, but we'll need helm for the next and final
Still with me? Good. Move on to understanding Helm charts...
* [Start](/kubernetes/start/) - Why Kubernetes?
* [Start](/kubernetes/) - Why Kubernetes?
* [Design](/kubernetes/design/) - How does it fit together?
* [Cluster](/kubernetes/cluster/) - Setup a basic cluster
* [Load Balancer](/kubernetes/loadbalancer/) Setup inbound access

0
manuscript/kubernetes/start.md → manuscript/kubernetes/index.md
View File

2
manuscript/kubernetes/loadbalancer.md
View File

@@ -319,7 +319,7 @@ Feb 06 23:04:28 haproxy2 webhook[1433]: [webhook] 2019/02/06 23:04:28 command ou
Still with me? Good. Move on to setting up an ingress SSL terminating proxy with Traefik..
- [Start](/kubernetes/start/) - Why Kubernetes?
- [Start](/kubernetes/) - Why Kubernetes?
- [Design](/kubernetes/design/) - How does it fit together?
- [Cluster](/kubernetes/cluster/) - Setup a basic cluster
- Load Balancer (this page) - Setup inbound access

2
manuscript/kubernetes/snapshots.md
View File

@@ -178,7 +178,7 @@ EOF
Still with me? Good. Move on to understanding Helm charts...
* [Start](/kubernetes/start/) - Why Kubernetes?
* [Start](/kubernetes/) - Why Kubernetes?
* [Design](/kubernetes/design/) - How does it fit together?
* [Cluster](/kubernetes/cluster/) - Setup a basic cluster
* [Load Balancer](/kubernetes/loadbalancer/) Setup inbound access

2
manuscript/kubernetes/traefik.md
View File

@@ -196,7 +196,7 @@ We're doneburgers! 🍔 We now have all the pieces to safely deploy recipes into
Here's a recap:
* [Start](/kubernetes/start/) - Why Kubernetes?
* [Start](/kubernetes/) - Why Kubernetes?
* [Design](/kubernetes/design/) - How does it fit together?
* [Cluster](/kubernetes/cluster/) - Setup a basic cluster
* [Load Balancer](/kubernetes/loadbalancer/) Setup inbound access

2
manuscript/premix/ansible/operation.md
View File

@@ -86,7 +86,7 @@ echo mysecretpassword > ~/.ansible/vault-password-geek-cookbook-premix
Create an ansible-vault encrypted file in the `group_vars/<your-username>/vault.yml` using this password file:
```
ansible-vault create --encrypt-vault-id geek-cookbook-premix vars/vault.yml
ansible-vault create --vault-id geek-cookbook-premix vars/vault.yml
```
Insert your secret values into this file (*refer to `group_vars/all/01_fake_vault.yml` for placeholders*), using a prefix of `vault_`, like this:

3
manuscript/recipes/autopirate/radarr.md
View File

@@ -22,9 +22,6 @@
![Radarr Screenshot](../../images/radarr.png)
!!! tip "Sponsored Project"
Sonarr is one of my [sponsored projects](/sponsored-projects/) - a project I financially support on a regular basis because of its utility to me. I forget it's there until I (reliably) receive an email with new and exciting updates 😁
## Inclusion into AutoPirate
To include Radarr in your [AutoPirate](/recipes/autopirate/) stack, include the following in your autopirate.yml stack definition file:

3
manuscript/recipes/autopirate/sabnzbd.md
View File

@@ -9,9 +9,6 @@ SABnzbd is the workhorse of the stack. It takes .nzb files as input (_manually o
![SABNZBD Screenshot](../../images/sabnzbd.png)
!!! tip "Sponsored Project"
SABnzbd is one of my [sponsored projects](/sponsored-projects/) - a project I financially support on a regular basis because of its utility to me. It's not sexy, but it's consistent and reliable, and I enjoy the fruits of its labor near-daily.
## Inclusion into AutoPirate
To include SABnzbd in your [AutoPirate](/recipes/autopirate/) stack

3
manuscript/recipes/autopirate/sonarr.md
View File

@@ -8,9 +8,6 @@
![Sonarr Screenshot](../../images/sonarr.png)
!!! tip "Sponsored Project"
Sonarr is one of my [sponsored projects](/sponsored-projects/) - a project I financially support on a regular basis because of its utility to me. I forget it's there until I (reliably) receive an email with new and exciting updates 😁
## Inclusion into AutoPirate
To include Sonarr in your [AutoPirate](/recipes/autopirate/) stack, include the following in your autopirate.yml stack definition file:

4
manuscript/recipes/kanboard.md
View File

@@ -4,9 +4,6 @@ hero: Kanboard - A recipe to get your personal kanban on
Kanboard is a Kanban tool, developed by [Frédéric Guillot](https://github.com/fguillot). (_Who also happens to be the developer of my favorite RSS reader, [Miniflux](/recipes/miniflux/)_)
!!! tip "Sponsored Project"
Kanboard is one of my [sponsored projects](/sponsored-projects/) - a project I financially support on a regular basis because of its utility to me. I use it both in my DayJob(tm), and to manage my overflowing, overly-optimistic personal commitments! 😓
Features include:
* Visualize your work
@@ -104,7 +101,6 @@ networks:
- subnet: 172.16.8.0/24
```
## Serving
### Launch Kanboard stack

4
manuscript/recipes/komga.md
View File

@@ -17,7 +17,7 @@ So you've just watched a bunch of superhero movies, and you're suddenly inspired
Related:
* [X] [AutoPirate](/autopirate/) components (*specifically [Mylar](/autopirate/mylar/)*), for searching for, downloading, and managing comic books
* [X] [AutoPirate](/recipes/autopirate/) components (*specifically [Mylar](/recipes/autopirate/mylar/)*), for searching for, downloading, and managing comic books
## Preparation
@@ -73,7 +73,7 @@ Log into your new instance at https://**YOUR-FQDN**. Since it's a fresh installa
### Save teh wurld!
If Komga scratches your particular itch, please join me in [sponsoring the developer](https://github.com/sponsors/gotson) :heart:
If Komga scratches your particular itch, please join me in [sponsoring the developer](/#sponsored-projects) :heart:
[^1]: Since Komga doesn't need to communicate with any other services, we don't need a separate overlay network for it. Provided Traefik can reach Komga via the `traefik_public` overlay network, we've got all we need.

3
manuscript/recipes/kubernetes/kanboard.md
View File

@@ -4,9 +4,6 @@ Kanboard is a Kanban tool, developed by [Frédéric Guillot](https://github.com/
![Kanboard Screenshot](/images/kanboard.png)
!!! tip "Sponsored Project"
Kanboard is one of my [sponsored projects](/sponsored-projects/) - a project I financially support on a regular basis because of its utility to me. I use it both in my DayJob(tm), and to manage my overflowing, overly-optimistic personal commitments! 😓
Features include:
* Visualize your work

35
manuscript/recipes/kubernetes/kubernetes-dashboard.md
View File

@@ -1,35 +0,0 @@
# Kubernetes Dashboard
Yes, Kubernetes is complicated. There are lots of moving parts, and debugging _what's_ gone wrong and _why_, can be challenging.
Fortunately, to assist in day-to-day operation of our cluster, and in the occasional "how-did-that-ever-work" troubleshooting, we have available to us, the mighty **[Kubernetes Dashboard](https://github.com/kubernetes/dashboard)**:
![Kubernetes Dashboard Screenshot](/images/kubernetes-dashboard.png)
Using the dashboard, you can:
* Visual cluster load, pod distribution
* Examine Kubernetes objects, such as Deployments, Daemonsets, ConfigMaps, etc
* View logs
* Deploy new YAML manifests
* Lots more!
## Ingredients
1. A [Kubernetes Cluster](/kubernetes/design/), with
2. OIDC-enabled authentication
3. An Ingress Controller ([Traefik Ingress](/kubernetes/traefik/) or [NGinx Ingress](/kubernetes/nginx-ingress/))
4. A DNS name for your dashboard instance (*dashboard.example.com*, below) pointing to your [load balancer](/kubernetes/loadbalancer/), fronting your ingress controller
5. A [KeyCloak](/recipes/keycloak/) instance for authentication
## Preparation
### Access Kanboard
At this point, you should be able to access your instance on your chosen DNS name (*i.e. https://dashboard.example.com*)
[^1]: The simplest deployment of Kanboard uses the default SQLite database backend, stored on the persistent volume. You can convert this to a "real" database running MySQL or PostgreSQL, and running an an additional database pod and service. Contact me if you'd like further details ;)
--8<-- "recipe-footer.md"

3
manuscript/recipes/kubernetes/miniflux.md
View File

@@ -4,9 +4,6 @@ Miniflux is a lightweight RSS reader, developed by [Frédéric Guillot](https://
![Miniflux Screenshot](/images/miniflux.png)
!!! tip "Sponsored Project"
Miniflux is one of my [sponsored projects](/sponsored-projects/) - a project I financially support on a regular basis because of its utility to me. Although I get to process my RSS feeds less frequently than I'd like to!
I've [reviewed Miniflux in detail on my blog](https://www.funkypenguin.co.nz/review/miniflux-lightweight-self-hosted-rss-reader/), but features (among many) that I appreciate:
* Compatible with the Fever API, read your feeds through existing mobile and desktop clients (_This is the killer feature for me. I hardly ever read RSS on my desktop, I typically read on my iPhone or iPad, using [Fiery Feeds](http://cocoacake.net/apps/fiery/) or my new squeeze, [Unread](https://www.goldenhillsoftware.com/unread/)_)

116
manuscript/recipes/kubernetes/phpipam.md
View File

@@ -1,116 +0,0 @@
# Kanboard
Intro
![NAME Screenshot](../../images/name.jpg)
Details
## Ingredients
1. [Kubernetes cluster](/kubernetes/cluster/)
## Preparation
### Create data locations
```
mkdir /var/data/config/mqtt
```
### Create namespace
We use Kubernetes namespaces for service discovery and isolation between our stacks, so create a namespace for the mqtt stack by creating the following .yaml:
```
cat <<EOF > /var/data/mqtt/namespace.yaml
apiVersion: v1
kind: Namespace
metadata:
name: mqtt
EOF
kubectl create -f /var/data/mqtt/namespace.yaml
```
### Prepare environment
Create wekan.env, and populate with the following variables
```
OAUTH2_PROXY_CLIENT_ID=
OAUTH2_PROXY_CLIENT_SECRET=
OAUTH2_PROXY_COOKIE_SECRET=
MONGO_URL=mongodb://wekandb:27017/wekan
ROOT_URL=https://wekan.example.com
MAIL_URL=smtp://wekan@wekan.example.com:password@mail.example.com:587/
MAIL_FROM="Wekan <wekan@wekan.example.com>"
```
### Setup Docker Swarm
Create a docker swarm config file in docker-compose syntax (v3), something like this:
--8<-- "premix-cta.md"
```
version: '3'
services:
wekandb:
image: mongo:3.2.15
command: mongod --smallfiles --oplogSize 128
networks:
- internal
volumes:
- /var/data/wekan/wekan-db:/data/db
- /var/data/wekan/wekan-db-dump:/dump
proxy:
image: a5huynh/oauth2_proxy
env_file: /var/data/wekan/wekan.env
networks:
- traefik_public
- internal
deploy:
labels:
- traefik_public.frontend.rule=Host:wekan.example.com
- traefik_public.docker.network=traefik_public
- traefik_public.port=4180
command: |
-cookie-secure=false
-upstream=http://wekan:80
-redirect-url=https://wekan.example.com
-http-address=http://0.0.0.0:4180
-email-domain=example.com
-provider=github
wekan:
image: wekanteam/wekan:latest
networks:
- internal
env_file: /var/data/wekan/wekan.env
networks:
traefik_public:
external: true
internal:
driver: overlay
ipam:
config:
- subnet: 172.16.3.0/24
```
!!! note
Setup unique static subnets for every stack you deploy. This avoids IP/gateway conflicts which can otherwise occur when you're creating/removing stacks a lot. See [my list](/reference/networks/) here.
## Serving
### Launch Wekan stack
Launch the Wekan stack by running ```docker stack deploy wekan -c <path -to-docker-compose.yml>```
Log into your new instance at https://**YOUR-FQDN**, with user "root" and the password you specified in gitlab.env.
[^1]: If you wanted to expose the Wekan UI directly, you could remove the oauth2_proxy from the design, and move the traefik_public-related labels directly to the wekan container. You'd also need to add the traefik_public network to the wekan container.

123
manuscript/recipes/kubernetes/privatebin.md
View File

@@ -1,123 +0,0 @@
hero: Not all heroes wear capes
!!! danger "This recipe is a work in progress"
This recipe is **incomplete**, and is featured to align the [sponsors](https://github.com/sponsors/funkypenguin)'s "premix" repository with the cookbook. "_premix_" is a private git repository available to [GitHub sponsors](https://github.com/sponsors/funkypenguin), which includes necessary docker-compose and env files for all published recipes. This means that sponsors can launch any recipe with just a ```git pull``` and a ```docker stack deploy``` 👍
So... There may be errors and inaccuracies. Jump into [Discord](http://chat.funkypenguin.co.nz) if you're encountering issues 😁
# NAME
Intro
![NAME Screenshot](../../images/name.jpg)
Details
## Ingredients
1. [Kubernetes cluster](/kubernetes/cluster/)
## Preparation
### Create data locations
```
mkdir /var/data/config/mqtt
```
### Create namespace
We use Kubernetes namespaces for service discovery and isolation between our stacks, so create a namespace for the mqtt stack by creating the following .yaml:
```
cat <<EOF > /var/data/mqtt/namespace.yaml
apiVersion: v1
kind: Namespace
metadata:
name: mqtt
EOF
kubectl create -f /var/data/mqtt/namespace.yaml
```
### Prepare environment
Create wekan.env, and populate with the following variables
```
OAUTH2_PROXY_CLIENT_ID=
OAUTH2_PROXY_CLIENT_SECRET=
OAUTH2_PROXY_COOKIE_SECRET=
MONGO_URL=mongodb://wekandb:27017/wekan
ROOT_URL=https://wekan.example.com
MAIL_URL=smtp://wekan@wekan.example.com:password@mail.example.com:587/
MAIL_FROM="Wekan <wekan@wekan.example.com>"
```
### Setup Docker Swarm
Create a docker swarm config file in docker-compose syntax (v3), something like this:
--8<-- "premix-cta.md"
```
version: '3'
services:
wekandb:
image: mongo:3.2.15
command: mongod --smallfiles --oplogSize 128
networks:
- internal
volumes:
- /var/data/wekan/wekan-db:/data/db
- /var/data/wekan/wekan-db-dump:/dump
proxy:
image: a5huynh/oauth2_proxy
env_file: /var/data/wekan/wekan.env
networks:
- traefik_public
- internal
deploy:
labels:
- traefik_public.frontend.rule=Host:wekan.example.com
- traefik_public.docker.network=traefik_public
- traefik_public.port=4180
command: |
-cookie-secure=false
-upstream=http://wekan:80
-redirect-url=https://wekan.example.com
-http-address=http://0.0.0.0:4180
-email-domain=example.com
-provider=github
wekan:
image: wekanteam/wekan:latest
networks:
- internal
env_file: /var/data/wekan/wekan.env
networks:
traefik_public:
external: true
internal:
driver: overlay
ipam:
config:
- subnet: 172.16.3.0/24
```
!!! note
Setup unique static subnets for every stack you deploy. This avoids IP/gateway conflicts which can otherwise occur when you're creating/removing stacks a lot. See [my list](/reference/networks/) here.
## Serving
### Launch Wekan stack
Launch the Wekan stack by running ```docker stack deploy wekan -c <path -to-docker-compose.yml>```
Log into your new instance at https://**YOUR-FQDN**, with user "root" and the password you specified in gitlab.env.
[^1]: If you wanted to expose the Wekan UI directly, you could remove the oauth2_proxy from the design, and move the traefik_public-related labels directly to the wekan container. You'd also need to add the traefik_public network to the wekan container.

2
manuscript/recipes/kubernetes/template-k8s.md
View File

@@ -5,7 +5,7 @@ Kanboard is a Kanban tool, developed by [Frédéric Guillot](https://github.com/
![Kanboard Screenshot](/images/kanboard.png)
!!! tip "Sponsored Project"
Kanboard is one of my [sponsored projects](/sponsored-projects/) - a project I financially support on a regular basis because of its utility to me. I use it both in my DayJob(tm), and to manage my overflowing, overly-optimistic personal commitments! 😓
Kanboard is one of my [sponsored projects](/#sponsored-projects) - a project I financially support on a regular basis because of its utility to me. I use it both in my DayJob(tm), and to manage my overflowing, overly-optimistic personal commitments! 😓
Features include:

3
manuscript/recipes/miniflux.md
View File

@@ -6,9 +6,6 @@ Miniflux is a lightweight RSS reader, developed by [Frédéric Guillot](https://
![Miniflux Screenshot](../images/miniflux.png)
!!! tip "Sponsored Project"
Miniflux is one of my [sponsored projects](/sponsored-projects/) - a project I financially support on a regular basis because of its utility to me. Although I get to process my RSS feeds less frequently than I'd like to!
I've [reviewed Miniflux in detail on my blog](https://www.funkypenguin.co.nz/review/miniflux-lightweight-self-hosted-rss-reader/), but features (among many) that I appreciate:
* Compatible with the Fever API, read your feeds through existing mobile and desktop clients (_This is the killer feature for me. I hardly ever read RSS on my desktop, I typically read on my iPhone or iPad, using [Fiery Feeds](http://cocoacake.net/apps/fiery/) or my new squeeze, [Unread](https://www.goldenhillsoftware.com/unread/)_)

192
manuscript/reference/infrastructure.md
View File

@@ -1,192 +0,0 @@
## Terraform
We _could_ describe the manual gcloud/ssh steps required to deploy a Kubernetes cluster to Google Kubernetes Engine, but using Terraform allows us to abstract ourself from the provider, and focus on just the infrastructure we need built.
The terraform config we produce is theoretically reusabel across AWS, Azure, OpenStack, as well as GCE.
Install terraform locally - on OSX, I used ```brew install terraform```
Confirm it's correctly installed by running ```terraform -v```. My output looks like this:
```
[davidy:~] % terraform -v
Terraform v0.11.8
[davidy:~] %
```
## Google Cloud SDK
I can't remember how I installed gcloud, but I don't think I used homebrew. Run ```curl https://sdk.cloud.google.com | bash``` for a standard install, followed by ```gcloud init``` for the first-time setup.
This works:
```
cat <<-"BREWFILE" > Brewfile
cask 'google-cloud-sdk'
brew 'kubectl'
brew 'terraform'
BREWFILE
brew bundle --verbose
```
### Prepare for terraform
I followed [this guide](https://cloud.google.com/community/tutorials/managing-gcp-projects-with-terraform) to setup the following in the "best" way:
Run ```gcloud beta billing accounts list``` to get your billing account
```
export TF_ADMIN=tf-admin-funkypenguin
export TF_CREDS=serviceaccount.json
export TF_VAR_org_id=250566349101
export TF_VAR_billing_account=0156AE-7AE048-1DA888
export TF_VAR_region=australia-southeast1
export GOOGLE_APPLICATION_CREDENTIALS=${TF_CREDS}
gcloud projects create ${TF_ADMIN} --set-as-default
gcloud beta billing projects link ${TF_ADMIN} \
--billing-account ${TF_VAR_billing_account}
gcloud iam service-accounts create terraform \
--display-name "Terraform admin account"
Created service account [terraform].
gcloud iam service-accounts keys create ${TF_CREDS} \
--iam-account terraform@${TF_ADMIN}.iam.gserviceaccount.com
created key [c0a49832c94aa0e23278165e2d316ee3d5bad438] of type [json] as [serviceaccount.json] for [terraform@funkypenguin-terraform-admin.iam.gserviceaccount.com]
gcloud projects add-iam-policy-binding ${TF_ADMIN} \
> --member serviceAccount:terraform@${TF_ADMIN}.iam.gserviceaccount.com \
> --role roles/viewer
bindings:
- members:
- user:googlecloud2018@funkypenguin.co.nz
role: roles/owner
- members:
- serviceAccount:terraform@funkypenguin-terraform-admin.iam.gserviceaccount.com
role: roles/viewer
etag: BwV0VGSzYSU=
version: 1gcloud projects add-iam-policy-binding ${TF_ADMIN} \
> --member serviceAccount:terraform@${TF_ADMIN}.iam.gserviceaccount.com \
> --role roles/viewer
bindings:
- members:
- user:googlecloud2018@funkypenguin.co.nz
role: roles/owner
- members:
- serviceAccount:terraform@funkypenguin-terraform-admin.iam.gserviceaccount.com
role: roles/viewer
etag: BwV0VGSzYSU=
version: 1
gcloud projects add-iam-policy-binding ${TF_ADMIN} \
> --member serviceAccount:terraform@${TF_ADMIN}.iam.gserviceaccount.com \
> --role roles/storage.admin
bindings:
- members:
- user:googlecloud2018@funkypenguin.co.nz
role: roles/owner
- members:
- serviceAccount:terraform@funkypenguin-terraform-admin.iam.gserviceaccount.com
role: roles/storage.admin
- members:
- serviceAccount:terraform@funkypenguin-terraform-admin.iam.gserviceaccount.com
role: roles/viewer
etag: BwV0VGZwXfM=
version: 1
gcloud services enable cloudresourcemanager.googleapis.com
gcloud services enable cloudbilling.googleapis.com
gcloud services enable iam.googleapis.com
gcloud services enable compute.googleapis.com
## FIXME
Enabled Kubernetes Engine API in the tf-admin project, so that terraform can actually compute versions of the engine available
## FIXME
I had to add compute admin, service admin, and kubernetes engine admin to my org-level account, in order to use gcloud get-cluster-credentilals
gsutil mb -p ${TF_ADMIN} gs://${TF_ADMIN}
Creating gs://funkypenguin-terraform-admin/...
[davidy:~/Documents … remix/kubernetes/terraform] master(+1/-0)* ±
[davidy:~/Documents … remix/kubernetes/terraform] master(+1/-0)* ± cat > backend.tf <<EOF
heredoc> terraform {
heredoc> backend "gcs" {
heredoc> bucket = "${TF_ADMIN}"
heredoc> path = "/terraform.tfstate"
heredoc> project = "${TF_ADMIN}"
heredoc> }
heredoc> }
heredoc> EOF
[davidy:~/Documents … remix/kubernetes/terraform] master(+1/-0)* ± gsutil versioning set on gs://${TF_ADMIN}
Enabling versioning for gs://funkypenguin-terraform-admin/...
[davidy:~/Documents … remix/kubernetes/terraform] master(+1/-0)* ± export GOOGLE_APPLICATION_CREDENTIALS=${TF_CREDS}
export GOOGLE_PROJECT=${TF_ADMIN}
```
### Create Service Account
Since it's probably not a great idea to associate your own, master Google Cloud account with your automation process (after all, you can't easily revoke your own credentials if they leak), create a Service Account for terraform under GCE, and grant it the "Compute Admin" role.
Download the resulting JSON, and save it wherever you're saving your code. Remember to protect this .json file like a password, so add it to .gitignore if you're checking your code into git (_and if you're not checking your code into git, what's wrong with you, just do it now!_)
### Setup provider.tf
I setup my provider like this, noting that the project name (which must already be created) came from the output of ```gloud projects list```, and region/zone came from https://cloud.google.com/compute/docs/regions-zones/
```
# Specify the provider (GCP, AWS, Azure)
provider "google" {
credentials = "${file("serviceaccount.json")}"
project = "funkypenguin-mining-pools"
region = "australia-southeast1"
}
```
### Setup compute.tf
Just playing, I setup this:
```
# Create a new instance
resource "google_compute_instance" "ubuntu-xenial" {
name = "ubuntu-xenial"
machine_type = "f1-micro"
zone = "us-west1-a"
boot_disk {
initialize_params {
image = "ubuntu-1604-lts"
}
}
network_interface {
network = "default"
access_config {}
}
service_account {
scopes = ["userinfo-email", "compute-ro", "storage-ro"]
}
}
```
### Initialize and plan (it's free)
Run ```terraform init``` to initialize Terraform
Then run ```terrafor plan``` to check that the plan looks good.
### Apply (not necessarily free)
Once your plan (above) is good, run ```terraform apply``` to put it into motion. This is the point where you may start incurring costs.
### Setup kubectl
gcloud container clusters get-credentials $(terraform output cluster_name) --zone $(terraform output cluster_zone) --project $(terraform output project_id)

16
manuscript/reference/networks.md
View File

@@ -9,10 +9,8 @@ In order to avoid IP addressing conflicts as we bring swarm networks up/down, we
| [Mail Server](https://geek-cookbook.funkypenguin.co.nz/recipes/mail/) | 172.16.1.0/24 |
| [Gitlab](https://geek-cookbook.funkypenguin.co.nz/recipes/gitlab/) | 172.16.2.0/24 |
| [Wekan](https://geek-cookbook.funkypenguin.co.nz/recipes/wekan/) | 172.16.3.0/24 |
| [Piwik](https://geek-cookbook.funkypenguin.co.nz/recipes/piwik/) | 172.16.4.0/24 |
| [Tiny Tiny RSS](https://geek-cookbook.funkypenguin.co.nz/recipes/tiny-tiny-rss/) | 172.16.5.0/24 |
| [Huginn](https://geek-cookbook.funkypenguin.co.nz/recipes/huginn/) | 172.16.6.0/24 |
| [Unifi](https://geek-cookbook.funkypenguin.co.nz/recipes/unifi/) | 172.16.7.0/24 |
| [Kanboard](https://geek-cookbook.funkypenguin.co.nz/recipes/kanboard/) | 172.16.8.0/24 |
| [Gollum](https://geek-cookbook.funkypenguin.co.nz/recipes/gollum/) | 172.16.9.0/24 |
| [Duplicity](https://geek-cookbook.funkypenguin.co.nz/recipes/duplicity/) | 172.16.10.0/24 |
@@ -26,7 +24,6 @@ In order to avoid IP addressing conflicts as we bring swarm networks up/down, we
| [Calibre-Web](https://geek-cookbook.funkypenguin.co.nz/recipes/calibre-web/) | 172.16.18.0/24 |
| [Wallabag](https://geek-cookbook.funkypenguin.co.nz/recipes/wallabag/) | 172.16.19.0/24 |
| [InstaPy](https://geek-cookbook.funkypenguin.co.nz/recipes/instapy/) | 172.16.20.0/24 |
| [Turtle Pool](https://geek-cookbook.funkypenguin.co.nz/recipes/turtle-pool/) | 172.16.21.0/24 |
| [MiniFlux](https://geek-cookbook.funkypenguin.co.nz/recipes/miniflux/) | 172.16.22.0/24 |
| [Gitlab Runner](https://geek-cookbook.funkypenguin.co.nz/recipes/gitlab-runner/) | 172.16.23.0/24 |
| [Munin](https://geek-cookbook.funkypenguin.co.nz/recipes/munin/) | 172.16.24.0/24 |
@@ -34,24 +31,11 @@ In order to avoid IP addressing conflicts as we bring swarm networks up/down, we
| [Swarmprom](https://geek-cookbook.funkypenguin.co.nz/recipes/swarmprom/) | 172.16.34.0/24 |
| [Realms](https://geek-cookbook.funkypenguin.co.nz/recipes/realms/) | 172.16.35.0/24 |
| [ElkarBackup](https://geek-cookbook.funkypenguin.co.nz/recipes/elkarbackup/) | 172.16.36.0/24 |
| [Mayan EDMS](https://geek-cookbook.funkypenguin.co.nz/recipes/realms/) | 172.16.37.0/24 |
| [Shaarli](https://geek-cookbook.funkypenguin.co.nz/recipes/shaarli/) | 172.16.38.0/24 |
| [OpenLDAP](https://geek-cookbook.funkypenguin.co.nz/recipes/openldap/) | 172.16.39.0/24 |
| [MatterMost](https://geek-cookbook.funkypenguin.co.nz/recipes/mattermost/) | 172.16.40.0/24 |
| [PrivateBin](https://geek-cookbook.funkypenguin.co.nz/recipes/privatebin/) | 172.16.41.0/24 |
| [Mayan EDMS](https://geek-cookbook.funkypenguin.co.nz/recipes/mayan-edms/) | 172.16.42.0/24 |
| [Hack MD](https://geek-cookbook.funkypenguin.co.nz/recipes/hackmd/) | 172.16.43.0/24 |
| [FlightAirMap](https://geek-cookbook.funkypenguin.co.nz/recipes/flightairmap/) | 172.16.44.0/24 |
| [Wetty](https://geek-cookbook.funkypenguin.co.nz/recipes/wetty/) | 172.16.45.0/24 |
| [FileBrowser](https://geek-cookbook.funkypenguin.co.nz/recipes/filebrowser/) | 172.16.46.0/24 |
| [phpIPAM](https://geek-cookbook.funkypenguin.co.nz/recipes/phpipam/) | 172.16.47.0/24 |
| [Dozzle](https://geek-cookbook.funkypenguin.co.nz/recipes/dozzle/) | 172.16.48.0/24 |
| [KeyCloak](https://geek-cookbook.funkypenguin.co.nz/recipes/keycloak/) | 172.16.49.0/24 |
| [Sensu](https://geek-cookbook.funkypenguin.co.nz/recipes/sensu/) | 172.16.50.0/24 |
| [Magento](https://geek-cookbook.funkypenguin.co.nz/recipes/magento/) | 172.16.51.0/24 |
| [Graylog](https://geek-cookbook.funkypenguin.co.nz/recipes/graylog/) | 172.16.52.0/24 |
| [Harbor](https://geek-cookbook.funkypenguin.co.nz/recipes/graylog/) | 172.16.53.0/24 |
| [Harbor-Clair](https://geek-cookbook.funkypenguin.co.nz/recipes/graylog/) | 172.16.54.0/24 |
| [Duplicati](https://geek-cookbook.funkypenguin.co.nz/recipes/duplicati/) | 172.16.55.0/24 |
| [Restic](https://geek-cookbook.funkypenguin.co.nz/recipes/restic/) | 172.16.56.0/24 |
| [Jellyfin](https://geek-cookbook.funkypenguin.co.nz/recipes/jellyfin/) | 172.16.57.0/24 |

15
manuscript/sponsored-projects.md
View File

@@ -1,15 +0,0 @@
# Sponsored Projects
I'm supported and motivated by [GitHub Sponsors](https://github.com/sponsors/funkypenguin), [Patreon patrons](https://www.patreon.com/funkypenguin) and [LeanPub readers](https://leanpub.com/geeks-cookbook) who have generously sponsored me.
I regularly donate to / sponsor the following projects. **Join me** in supporting these geeks, and encouraging them to continue building the ingredients for your favourite recipes!
| Project | Donate via..
| ------------- |-------------|
| [Komga](/recipes/komga/) | [GitHub Sponsors](https://github.com/sponsors/gotson)
| [Material for MKDocs](https://squidfunk.github.io/mkdocs-material/) | [GitHub Sponsors](https://github.com/sponsors/squidfunk)
| [Calibre](https://calibre-ebook.com/) | [Credit Card](https://calibre-ebook.com/donate) / [Patreon](https://www.patreon.com/kovidgoyal) / [LibrePay](https://liberapay.com/kovidgoyal/donate)
| [LinuxServer.io](https://www.linuxserver.io) | [PayPal](https://www.linuxserver.io/donate)
| [WidgetBot's Discord Widget](https://widgetbot.io/) | [Patreon](https://www.patreon.com/widgetbot/overview)
| [Carl-bot](https://carl.gg/) | [Patreon](https://www.patreon.com/carlbot)

2
manuscript/support.md
View File

@@ -50,7 +50,7 @@ I'm also writing the Geek Cookbook as a formal eBook, on Leanpub (https://leanpu
### [Sponsor][7] / [Patreonize][8] me 💰
The best way to support this work is to become a [Sponsor]() (_GitHub_) or a [Patron][10] (_Patreon_). Sponsors get:
The best way to support this work is to become a [Sponsor][11] (_GitHub_) or a [Patron][10] (_Patreon_). Sponsors get:
* warm fuzzies,
* access to the pre-mix repo,

64
manuscript/whoami.md
View File

@@ -1,64 +0,0 @@
# Welcome to Funky Penguin's Geek Cookbook
## Hello world,
I'm [David](https://www.funkypenguin.co.nz/).
I'm a contracting IT consultant, with a broad range of experience and skills. I'm an [AWS Certified Solution Architect (Professional)](https://www.certmetrics.com/amazon/public/badge.aspx?i=4&t=c&d=2019-02-22&ci=AWS00794574), a remote worker, I've had a [book published](https://www.funkypenguin.co.nz/book/phplist-2-email-campaign-manager/), and I [blog](https://www.funkypenguin.co.nz/) on topics that interest me.
## Why Funky Penguin?
My first "real" job, out of high-school, was working the IT helpdesk in a typical pre-2000 organization in South Africa. I enjoyed experimenting with Linux, and cut my teeth by replacing the organization's Exchange 5.5 mail platform with a 15-site [qmail-ldap](http://www.nrg4u.com/) cluster, with [amavis](https://en.wikipedia.org/wiki/Amavis) virus-scanning.
One of our suppliers asked me to quote to do the same for their organization. With nothing to loose, and half-expecting to be turned down, I quoted a generous fee, and chose a cheeky company name. The supplier immediately accepted my quote, and the name ("_Funky Penguin_") stuck.
## Technical Documentation
During the same "real" job above, I wanted to deploy [jabberd](https://en.wikipedia.org/wiki/Jabberd14), for internal instant messaging within the organization, and as a means to control the sprawl of ad-hoc instant-messaging among staff, using ICQ, MSN, and Yahoo Messenger.
To get management approval to deploy, I wrote a logger (with web UI) for jabber conversations ([Bandersnatch](https://www.funkypenguin.co.nz/project/bandersnatch/)), and a [75-page user manual](https://www.funkypenguin.co.nz/blog/jajc-manual/) (_in [Docbook XML](http://www.docbook.org/)_) for a spunky Russian WinXP jabber client, [JAJC](http://jajc.jrudevels.org/).
Due to my contributions to [phpList](http://www.phplist.com), I was approached in 2011 by [Packt Publishing](http://www.packtpub.com), to [write a book](https://www.funkypenguin.co.nz/book/phplist-2-email-campaign-manager) about using PHPList.
## Work with me 🤝
Need some Cloud / Microservices / DevOps / Infrastructure design work done? I'm a full-time [AWS-certified][aws_cert] consultant, this stuff is my bread and butter! :bread: :fork_and_knife: [Get in touch][contact], and let's talk business!
[plex]: https://www.plex.tv/
[nextcloud]: https://nextcloud.com/
[wordpress]: https://wordpress.org/
[ghost]: https://ghost.io/
[discord]: http://chat.funkypenguin.co.nz
[patreon]: https://www.patreon.com/bePatron?u=6982506
[github_sponsor]: https://github.com/sponsors/funkypenguin
[github]: https://github.com/sponsors/funkypenguin
[discourse]: https://discourse.geek-kitchen.funkypenguin.co.nz/
[twitter]: https://twitter.com/funkypenguin
[contact]: https://www.funkypenguin.co.nz
[aws_cert]: https://www.certmetrics.com/amazon/public/badge.aspx?i=4&t=c&d=2019-02-22&ci=AWS00794574
!!! quote "He unblocked me on all the technical hurdles to launching my SaaS in GKE!"
By the time I had enlisted Funky Penguin's help, I'd architected myself into a bit of a nightmare with Kubernetes. I knew what I wanted to achieve, but I'd made a mess of it. Funky Penguin (David) was able to jump right in and offer a vital second-think on everything I'd done, pointing out where things could be simplified and streamlined, and better alternatives.
He unblocked me on all the technical hurdles to launching my SaaS in GKE!
With him delivering the container/Kubernetes architecture and helm CI/CD workflow, I was freed up to focus on coding and design, which fast-tracked me to launching on time. And now I have a simple deployment process that is easy for me to execute and maintain as a solo founder.
I have no hesitation in recommending him for your project, and I'll certainly be calling on him again in the future.
- John McDowall, Founder, [kiso.io](https://kiso.io)
## Contact Me
Contact me by:
* Jumping into our [Discord server](http://chat.funkypenguin.co.nz)
* Email ([davidy@funkypenguin.co.nz](mailto:davidy@funkypenguin.co.nz))
* Twitter ([@funkypenguin](https://twitter.com/funkypenguin))
Or by using the form below:
<div class="panel">
<iframe width="100%" height="400" frameborder="0" scrolling="no" src="https://funkypenguin.wufoo.com/forms/z16038vt0bk5txp/"></iframe>
</div>

42
mkdocs.yml
View File

@@ -32,19 +32,7 @@ plugins:
#theme_dir: mkdocs-material
nav:
- Home:
- What is this: index.md
- About: whoami.md
- Sponsored Projects: sponsored-projects.md
# - 'Join Us! 🤝':
# - Hello: recipes/general/start.md
# - iPad Pro Geeking: recipes/general/ipad-pro-geeking.md
# - Kid-safe WiFi: recipes/general/kid-safe-wifi.md
# Upcoming section
# - '#geeklife':
# - Hello: recipes/general/start.md
# - iPad Pro Geeking: recipes/general/ipad-pro-geeking.md
# - Kid-safe WiFi: recipes/general/kid-safe-wifi.md
- Home: index.md
- Docker Swarm:
- Preparation:
- Design: ha-docker-swarm/design.md
@@ -151,7 +139,7 @@ nav:
# - CyberChef : recipes/cyberchef.md
- Kubernetes:
- Preparation:
- Start: kubernetes/start.md
- Start: kubernetes/index.md
- Design: kubernetes/design.md
- Cluster: kubernetes/cluster.md
- DIY Cluster: kubernetes/diycluster.md
@@ -161,12 +149,8 @@ nav:
- Traefik: kubernetes/traefik.md
- Chef's Favorites:
- Kanboard: recipes/kubernetes/kanboard.md
# - Kubernetes Dashboard: recipes/kubernetes/kubernetes-dashboard.md
- Miniflux: recipes/kubernetes/miniflux.md
# - NextCloud: recipes/kubernetes/nextcloud.md
# - phpIPAM: recipes/kubernetes/phpipam.md
# - PrivateBin: recipes/kubernetes/privatebin.md
- Premix:
- 🍰 Get Premix!:
- Start: premix.md
- Ansible:
- Operation: premix/ansible/operation.md
@@ -197,11 +181,29 @@ theme:
- navigation.tabs
- navigation.instant
- navigation.tabs.sticky
- navigation.sections
- search.suggest
- search.highlight
- search.share
icon:
repo: 'fontawesome/brands/github'
palette:
# Toggle light mode
- scheme: default
primary: 'black'
accent: 'indigo'
toggle:
icon: material/toggle-switch
name: Burn my eyes!
# Toggle dark mode
- scheme: slate
primary: 'grey'
accent: 'indigo'
toggle:
icon: material/toggle-switch-off-outline
name: Love my eyes!
font:
text: 'Ubuntu'
code: 'Ubuntu Mono'
@@ -222,7 +224,7 @@ extra:
link: 'https://leanpub.com/geeks-cookbook'
- icon: 'material/mailbox'
link: 'mailto:davidy@funkypenguin.co.nz?Subject=Hello%2C%20from%20a%20geek-cookbook%20reader%20%3B%29'
generator: false
# Google Analytics
google_analytics:

2
requirements.txt
View File

@@ -1,5 +1,5 @@
mkdocs>=1.0.4
mkdocs-material>=4.4.3
# mkdocs-material>=4.4.3
pymdown-extensions>=6.0
Markdown>=3.0.1
mkdocs-minify-plugin>=0.2

8
scripts/build.sh
View File

@@ -4,6 +4,14 @@
# Fetch git history so that we get last-updated timestamps
git fetch --unshallow
# install mkdocs (or insiders version, if we're passed a GH_TOKEN var)
if [ -z "$GH_TOKEN" ]
then
pip install mkdocs-material
else
pip install git+https://${GH_TOKEN}@github.com/squidfunk/mkdocs-material-insiders.git
fi
# Run python build script
python3 scripts/build.py mkdocs.yml