Docker paas based on docker compose and make files.
Make Your Own Stack provides common make targets to build and run docker projects.
This is beta software, use it at your own risks.
You need docker, git and make.
- Include MYOS file
make/include.mkadding the following lines to your project fileMakefile.
MYOS ?= ../myos
MYOS_REPOSITORY ?= $(patsubst %/$(APP),%/myos,$(APP_REPOSITORY))
APP ?= $(lastword $(subst /, ,$(APP_REPOSITORY)))
APP_REPOSITORY ?= $(shell git config --get remote.origin.url 2>/dev/null)
$(MYOS):
-@git clone $(MYOS_REPOSITORY) $(MYOS)
-include $(MYOS)/make/include.mk
- Call the
make helpcommand to show available targets.
$ make help
Usage:
make [target]
Targets:
help This help
[...]
- Configure myos for domain
domain.tldand stackdefault
$ make bootstrap DOMAIN=domain.tld STACK=default- Start myos stack
host
$ make hostmake host starts the stack host with docker host services :
- consul (service discovery) on host port 8500
- fabio (load balancer) on host ports 80 and 443
- registrator (docker/consul bridge)
- Stop myos
$ make shutdown- DEBUG
Show executed commands.
$ make up DEBUG=true- DRYRUN
Do nothing, show commands instead of executing it.
$ make up DRYRUN=true- VERBOSE
Show called functions.
$ make up VERBOSE=true- Show variable USER
$ make print-USER- SETUP_LETSENCRYPT
Generate ${DOMAIN} certificate files with letsencrypt.
By default, myos generates invalid ${DOMAIN} certificate files with openssl. You can use letsencrypt instead, to generate valid wildcard certificate files.
To achieve this, you must add following DNS entries to domain ${DOMAIN} to prove you own it:
_acme-challenge.${DOMAIN} IN CNAME ${DOMAIN}.acme.${DOMAIN}.
acme.${DOMAIN}. IN NS certbot.${DOMAIN}.
certbot.${DOMAIN}. IN A ${DOCKER_HOST_INET4}
In this config, DOCKER_HOST_INET4 should be the external IP address of the server running certbot. Port 53 of this IP address must be reachable from internet and point to this server.
If you want a simple DNS configuration to host all your services on the same server, you can setup following DNS config:
@ IN A ${DOCKER_HOST_INET4}
*.${DOMAIN}. IN CNAME ${DOMAIN}.
_acme-challenge.${DOMAIN} IN CNAME ${DOMAIN}.acme.${DOMAIN}.
acme.${DOMAIN}. IN NS ${DOMAIN}.
This will point domain ${DOMAIN} to the IP address ${DOCKER_HOST_INET4} of this server, and point all subdomains *.{DOMAIN} to the ip address pointed by ${DOMAIN}.
At this point, you should be able to generate a valid certificate for *.${DOMAIN} using certbot dns standalone plugin. This task is done automatically when creating the host stack if SETUP_LETSENCRYPT variable is not empty.
If you already launched myos host stack before, the ${DOMAIN} certificates has been automatically generated by openssl and you should remove them before trying to generate them with letsencrypt.
$ make host-down
$ docker volume rm $(hostname)
You can then test the letsencrypt certificate generation using DEBUG mode that force to use the letsencrypt staging server.
$ make host SETUP_LETSENCRYPT=true DEBUG=true
If letsencrypt certificate generation fails, you can retry the generation of a staging certificate.
$ make host-certbot-staging
Once the certificate generation is working, you can ask for a valid certificate.
$ make host-down
$ docker volume rm $(hostname)
$ make host SETUP_LETSENCRYPT=true
- SETUP_UFW
Control linux firewall rules with ufw.
$ echo SETUP_UFW=true >> .env
$ make setup-ufw
- Show docker compose yaml config
$ make configmake config show docker compose yaml config for stack STACK
make host-config show docker compose yaml config for stack host
make user-config show docker compose yaml config for stack User
make stack-elastic-config show docker compose yaml config for stack elastic
- Show debug variables
$ make debug- Generate self documentation
$ make doc- Show env args
$ make print-env_args- Show user mail
$ make print-MAIL