public/geek-cookbook
1
0
Fork 0
mirror of https://github.com/funkypenguin/geek-cookbook/ synced 2025-12-19 12:41:44 +00:00
Code Issues Releases Wiki Activity

Travis build: 28

Browse Source
This commit is contained in:
Travis CI
2018-06-06 10:48:32 +00:00
parent bd33ac6c59
commit fe34ff7f80
62 changed files with 232 additions and 232 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
manuscript/reference/data_layout.md
View File

@@ -19,8 +19,8 @@ Static data goes into /var/data/[recipe name], and includes anything that can be
## Chef's Notes
### Tip your waiter (donate) 👏
### Tip your waiter (donate)
Did you receive excellent service? Want to make your waiter happy? (_..and support development of current and future recipes!_) See the [support](/support/) page for (_free or paid)_ ways to say thank you! 👏
Did you receive excellent service? Want to make your waiter happy? (_..and support development of current and future recipes!_) See the [support](/support/) page for (_free or paid)_ ways to say thank you!
### Your comments? 💬
### Your comments?

6
manuscript/reference/git-docker.md
View File

@@ -54,8 +54,8 @@ Now add the contents of /var/data/git-docker/data/.ssh/id_ed25519.pub to your gi
## Chef's Notes
### Tip your waiter (donate) 👏
### Tip your waiter (donate)
Did you receive excellent service? Want to make your waiter happy? (_..and support development of current and future recipes!_) See the [support](/support/) page for (_free or paid)_ ways to say thank you! 👏
Did you receive excellent service? Want to make your waiter happy? (_..and support development of current and future recipes!_) See the [support](/support/) page for (_free or paid)_ ways to say thank you!
### Your comments? 💬
### Your comments?

6
manuscript/reference/networks.md
View File

@@ -32,8 +32,8 @@ Network | Range
## Chef's Notes
### Tip your waiter (donate) 👏
### Tip your waiter (donate)
Did you receive excellent service? Want to make your waiter happy? (_..and support development of current and future recipes!_) See the [support](/support/) page for (_free or paid)_ ways to say thank you! 👏
Did you receive excellent service? Want to make your waiter happy? (_..and support development of current and future recipes!_) See the [support](/support/) page for (_free or paid)_ ways to say thank you!
### Your comments? 💬
### Your comments?

6
manuscript/reference/oauth_proxy.md
View File

@@ -81,8 +81,8 @@ Note above how:
## Chef's Notes
### Tip your waiter (donate) 👏
### Tip your waiter (donate)
Did you receive excellent service? Want to make your waiter happy? (_..and support development of current and future recipes!_) See the [support](/support/) page for (_free or paid)_ ways to say thank you! 👏
Did you receive excellent service? Want to make your waiter happy? (_..and support development of current and future recipes!_) See the [support](/support/) page for (_free or paid)_ ways to say thank you!
### Your comments? 💬
### Your comments?

18
manuscript/reference/openvpn.md
View File

@@ -10,7 +10,7 @@ In my case, I needed each docker node to connect via [OpenVPN](http://www.openvp
Yes, SELinux. Install a custom policy permitting a docker container to create tun interfaces, like this:
````
```
cat << EOF > docker-openvpn.te
module docker-openvpn 1.0;
@@ -27,7 +27,7 @@ EOF
checkmodule -M -m -o docker-openvpn.mod docker-openvpn.te
semodule_package -o docker-openvpn.pp -m docker-openvpn.mod
semodule -i docker-openvpn.pp
````
```
## Insert the tun module
@@ -35,33 +35,33 @@ Even with the SELinux policy above, I still need to insert the "tun" module into
Run the following to auto-insert the tun module on boot:
````
```
cat << EOF >> /etc/rc.d/rc.local
# Insert the "tun" module so that the vpn-client container can access /dev/net/tun
/sbin/modprobe tun
EOF
chmod 755 /etc/rc.d/rc.local
````
```
## Connect the VPN
Finally, for each node, I exported client credentials, and SCP'd them over to the docker node, into /root/my-vpn-configs-here/. I also had to use the NET_ADMIN cap-add parameter, as illustrated below:
````
```
docker run -d --name vpn-client \
--restart=always --cap-add=NET_ADMIN --net=host \
--device /dev/net/tun \
-v /root/my-vpn-configs-here:/vpn:z \
ekristen/openvpn-client --config /vpn/my-host-config.ovpn
````
```
Now every time my node boots, it establishes a VPN tunnel back to my pfsense host and (_by using custom configuration directives in OpenVPN_) is assigned a static VPN IP.
## Chef's Notes
### Tip your waiter (donate) 👏
### Tip your waiter (donate)
Did you receive excellent service? Want to make your waiter happy? (_..and support development of current and future recipes!_) See the [support](/support/) page for (_free or paid)_ ways to say thank you! 👏
Did you receive excellent service? Want to make your waiter happy? (_..and support development of current and future recipes!_) See the [support](/support/) page for (_free or paid)_ ways to say thank you!
### Your comments? 💬
### Your comments?

6
manuscript/reference/troubleshooting.md
View File

@@ -19,8 +19,8 @@ Need to see what a particular container is doing? Run ```docker service logs -f
## Chef's Notes
### Tip your waiter (donate) 👏
### Tip your waiter (donate)
Did you receive excellent service? Want to make your waiter happy? (_..and support development of current and future recipes!_) See the [support](/support/) page for (_free or paid)_ ways to say thank you! 👏
Did you receive excellent service? Want to make your waiter happy? (_..and support development of current and future recipes!_) See the [support](/support/) page for (_free or paid)_ ways to say thank you!
### Your comments? 💬
### Your comments?