Update leanpub manuscript

book.txt

@@ -0,0 +1 @@
+manuscript/book.txt

manuscript/book.txt

@@ -1,7 +1,5 @@
-# This file determines what documents are loaded into the book, and in what sequence.
-
 index.md
-README.md
+README-UI.md
 CHANGELOG.md
 whoami.md
 
@@ -14,7 +12,6 @@ ha-docker-swarm/keepalived.md
 ha-docker-swarm/docker-swarm-mode.md
 ha-docker-swarm/traefik.md
 ha-docker-swarm/registry.md
-ha-docker-swarm/duplicity.md
 
 sections/chefs-favorites-docker.md
 recipes/autopirate.md
@@ -34,6 +31,7 @@ recipes/autopirate/jackett.md
 recipes/autopirate/heimdall.md
 recipes/autopirate/end.md
 
+recipes/duplicity.md
 recipes/elkarbackup.md
 recipes/emby.md
 recipes/homeassistant.md

manuscript/generate_preview.py

@@ -3,6 +3,6 @@
 with open("Book.txt") as f:
     print ('echo "Starting build of {book}.epub";'
             "pandoc {files} " +
-            "+smart --table-of-contents --chapters -o {book}.epub;"
+            "--table-of-contents --top-level-division=chapter -o {book}.epub;"
             'echo "  {book}.epub created."'
             ).format(book="Book", files=f.read().replace("\n", " "))

manuscript/go.sh

@@ -1 +1 @@
-echo "Starting build of Book.epub";pandoc # This file determines what documents are loaded into the book, and in what sequence.  index.md README.md CHANGELOG.md whoami.md  sections/ha-docker-swarm.md ha-docker-swarm/design.md ha-docker-swarm/vms.md ha-docker-swarm/shared-storage-ceph.md ha-docker-swarm/shared-storage-gluster.md ha-docker-swarm/keepalived.md ha-docker-swarm/docker-swarm-mode.md ha-docker-swarm/traefik.md ha-docker-swarm/registry.md ha-docker-swarm/duplicity.md  sections/chefs-favorites-docker.md recipes/autopirate.md recipes/autopirate/sabnzbd.md recipes/autopirate/nzbget.md recipes/autopirate/rtorrent.md recipes/autopirate/sonarr.md recipes/autopirate/radarr.md recipes/autopirate/mylar.md recipes/autopirate/lazylibrarian.md recipes/autopirate/headphones.md recipes/autopirate/lidarr.md recipes/autopirate/nzbhydra.md recipes/autopirate/nzbhydra2.md recipes/autopirate/ombi.md recipes/autopirate/jackett.md recipes/autopirate/heimdall.md recipes/autopirate/end.md  recipes/elkarbackup.md recipes/emby.md recipes/homeassistant.md recipes/homeassistant/ibeacon.md recipes/huginn.md recipes/kanboard.md recipes/miniflux.md recipes/munin.md recipes/nextcloud.md recipes/owntracks.md recipes/phpipam.md recipes/plex.md recipes/privatebin.md recipes/swarmprom.md recipes/turtle-pool.md  sections/menu-docker.md recipes/bookstack.md recipes/cryptominer.md recipes/cryptominer/mining-rig.md recipes/cryptominer/amd-gpu.md recipes/cryptominer/nvidia-gpu.md recipes/cryptominer/mining-pool.md recipes/cryptominer/wallet.md recipes/cryptominer/exchange.md recipes/cryptominer/minerhotel.md recipes/cryptominer/monitor.md recipes/cryptominer/profit.md recipes/calibre-web.md recipes/collabora-online.md recipes/ghost.md recipes/gitlab.md recipes/gitlab-runner.md recipes/gollum.md recipes/instapy.md recipes/keycloak.md recipes/openldap.md recipes/mail.md recipes/minio.md recipes/piwik.md recipes/portainer.md recipes/realms.md recipes/tiny-tiny-rss.md recipes/wallabag.md recipes/wekan.md recipes/wetty.md  sections/reference.md reference/oauth_proxy.md reference/data_layout.md reference/networks.md reference/containers.md reference/git-docker.md reference/openvpn.md reference/troubleshooting.md  +smart --table-of-contents --chapters -o Book.epub;echo "  Book.epub created."
+echo "Starting build of Book.epub";pandoc index.md README-UI.md CHANGELOG.md whoami.md  sections/ha-docker-swarm.md ha-docker-swarm/design.md ha-docker-swarm/vms.md ha-docker-swarm/shared-storage-ceph.md ha-docker-swarm/shared-storage-gluster.md ha-docker-swarm/keepalived.md ha-docker-swarm/docker-swarm-mode.md ha-docker-swarm/traefik.md ha-docker-swarm/registry.md  sections/chefs-favorites-docker.md recipes/autopirate.md recipes/autopirate/sabnzbd.md recipes/autopirate/nzbget.md recipes/autopirate/rtorrent.md recipes/autopirate/sonarr.md recipes/autopirate/radarr.md recipes/autopirate/mylar.md recipes/autopirate/lazylibrarian.md recipes/autopirate/headphones.md recipes/autopirate/lidarr.md recipes/autopirate/nzbhydra.md recipes/autopirate/nzbhydra2.md recipes/autopirate/ombi.md recipes/autopirate/jackett.md recipes/autopirate/heimdall.md recipes/autopirate/end.md  recipes/duplicity.md recipes/elkarbackup.md recipes/emby.md recipes/homeassistant.md recipes/homeassistant/ibeacon.md recipes/huginn.md recipes/kanboard.md recipes/miniflux.md recipes/munin.md recipes/nextcloud.md recipes/owntracks.md recipes/phpipam.md recipes/plex.md recipes/privatebin.md recipes/swarmprom.md recipes/turtle-pool.md  sections/menu-docker.md recipes/bookstack.md recipes/cryptominer.md recipes/cryptominer/mining-rig.md recipes/cryptominer/amd-gpu.md recipes/cryptominer/nvidia-gpu.md recipes/cryptominer/mining-pool.md recipes/cryptominer/wallet.md recipes/cryptominer/exchange.md recipes/cryptominer/minerhotel.md recipes/cryptominer/monitor.md recipes/cryptominer/profit.md recipes/calibre-web.md recipes/collabora-online.md recipes/ghost.md recipes/gitlab.md recipes/gitlab-runner.md recipes/gollum.md recipes/instapy.md recipes/keycloak.md recipes/openldap.md recipes/mail.md recipes/minio.md recipes/piwik.md recipes/portainer.md recipes/realms.md recipes/tiny-tiny-rss.md recipes/wallabag.md recipes/wekan.md recipes/wetty.md  sections/reference.md reference/oauth_proxy.md reference/data_layout.md reference/networks.md reference/containers.md reference/git-docker.md reference/openvpn.md reference/troubleshooting.md  --table-of-contents --top-level-division=chapter -o Book.epub;echo "  Book.epub created."

manuscript/recipes/ghost.md

@@ -39,7 +39,7 @@ services:
      - /etc/localtime:/etc/localtime:ro
      - /var/data/ghost/:/var/lib/ghost/content
     networks:
-    - traefik
+    - traefik_public
     deploy:
       labels:
         - traefik.frontend.rule=Host:ghost.example.com
@@ -47,7 +47,7 @@ services:
         - traefik.port=2368
 
 networks:
-  traefik:
+  traefik_public:
     external: true
 ```
 

manuscript/recipes/keycloak.md

@@ -22,8 +22,8 @@
 We'll need several directories to bind-mount into our container for both runtime and backup data, so create them as follows
 
 ```
-mkdir /var/data/runtime/keycloak/database
-mkdir /var/data/keycloak/database-dump
+mkdir -p /var/data/runtime/keycloak/database
+mkdir -p /var/data/keycloak/database-dump
 ```
 
 ### Prepare environment
@@ -77,7 +77,8 @@ services:
     volumes:
       - /etc/localtime:/etc/localtime:ro    
     networks:
-    - traefik_public
+      - traefik_public
+      - internal
     deploy:
       labels:
         - traefik.frontend.rule=Host:keycloak.batcave.com
@@ -91,7 +92,7 @@ services:
       - /var/data/runtime/keycloak/database:/var/lib/postgresql/data
       - /etc/localtime:/etc/localtime:ro    
     networks:
-    - traefik_public
+      - internal
 
   keycloak-db-backup:
     image: postgres:10.1
@@ -110,24 +111,27 @@ services:
       done
       EOF'
     networks:
-    - traefik_public
+      - internal
 
 networks:
   traefik_public:
     external: true
+  internal:
+    driver: overlay
+    ipam:
+      config:
+        - subnet: 172.16.49.0/24    
 ```
 
-!!! warning
-    **Normally**, we set unique static subnets for every stack you deploy, and put the non-public facing components (like databases) in an dedicated <stack\>_internal network. This avoids IP/gateway conflicts which can otherwise occur when you're creating/removing stacks a lot. See [my list](/reference/networks/) here.
-
-    However, KeyCloak's JBOSS startup script assumes a single interface, and will crash in a ball of 🔥 if you try to assign multiple interfaces to the container. This means that we can't use a "keycloak_internal" network for our supporting containers. This is why unlike our other recipes, all the supporting services are prefixed with "keycloak-".
+!!! note
+    Setup unique static subnets for every stack you deploy. This avoids IP/gateway conflicts which can otherwise occur when you're creating/removing stacks a lot. See [my list](/reference/networks/) here.
 
 
 ## Serving
 
 ### Launch KeyCloak stack
 
-Launch the OpenLDAP stack by running ```docker stack deploy keycloak -c <path -to-docker-compose.yml>```
+Launch the KeyCloak stack by running ```docker stack deploy keycloak -c <path -to-docker-compose.yml>```
 
 Log into your new instance at https://**YOUR-FQDN**, and login with the user/password you defined in keycloak.env.
 

manuscript/reference/networks.md

@@ -48,6 +48,7 @@ Network  | Range
 [FileBrowser](https://geek-cookbook.funkypenguin.co.nz/recipes/filebrowser/)  |  172.16.46.0/24
 [phpIPAM](https://geek-cookbook.funkypenguin.co.nz/recipes/phpipam/)  |  172.16.47.0/24
 [Dozzle](https://geek-cookbook.funkypenguin.co.nz/recipes/dozzle/)  |  172.16.48.0/24
+[KeyCloak](https://geek-cookbook.funkypenguin.co.nz/recipes/keycloak/)  |  172.16.49.0/24
 
 
 ## Chef's Notes

mkdocs.yml

@@ -114,14 +114,6 @@ nav:
       - Wallabag: recipes/wallabag.md
       - Wekan: recipes/wekan.md
       - Wetty: recipes/wetty.md
-#      - CryptoNote Mining Pool:
-#        - Start: recipes/cryptonote-mining-pool.md
-#        - Masari: recipes/cryptonote-mining-pool/masari.md
-#        - Athena: recipes/cryptonote-mining-pool/athena.md
-#      - SSO Stack:
-#        - Start: recipes/sso-stack.md
-#        - OpenLDAP: recipes/sso-stack/openldap.md
-#        - KeyCloak: recipes/sso-stack/keycloak.md
     - Work-in-Progress:
 #       - MatterMost: recipes/mattermost.md
        - IPFS Cluster: recipes/ipfs-cluster.md