stp5net coreOS userdata
#cloud-config | |
--- | |
coreos: | |
etcd2: | |
name: core0 | |
advertise-client-urls: http://127.0.0.1:2379 | |
initial-advertise-peer-urls: http://127.0.0.1:2380 | |
initial-cluster: core0=http://127.0.0.1:2380 | |
fleet: | |
public-ip: 127.0.0.1 | |
units: | |
- name: etcd2.service | |
command: start | |
- name: fleet.service | |
command: start | |
- name: caddy-directory.service | |
command: start | |
content: | | |
[Unit] | |
Description=setup Caddy directory | |
ConditionPathExists=!/caddy/Caddyfile | |
[Service] | |
Type=oneshot | |
ExecStart=/root/caddy_directory_setup.sh | |
- name: docker-pull-stp5net.service | |
command: start | |
content: | | |
[Unit] | |
Description=fetch stp5net | |
Requires=network-online.target docker.service | |
After=network-online.target docker.service | |
ConditionPathExists=!/root/stp5net.fetched | |
[Service] | |
Type=oneshot | |
User=core | |
Group=core | |
PermissionsStartOnly=True | |
ExecStart=/usr/bin/docker pull steeef/stp5net:latest | |
ExecStartPost=/usr/bin/touch /root/stp5net.fetched | |
- name: docker-stp5net.service | |
command: start | |
content: | | |
[Unit] | |
Description=stp5net | |
Requires=network-online.target docker.service | |
After=network-online.target docker-pull-stp5net.service caddy-directory.service docker.service | |
[Service] | |
ExecStart=/usr/bin/docker run --cap-add NET_BIND_SERVICE \ | |
-p 80:80 -p 443:443 \ | |
-v /caddy/Caddyfile:/etc/Caddyfile:ro \ | |
-v /caddy/dotcaddy:/home/caddy/.caddy:rw \ | |
-v /etc/resolv.conf:/etc/resolv.conf:ro \ | |
--env CLOUDFLARE_EMAIL=<cloudflare_email> \ | |
--env CLOUDFLARE_API_KEY=<cloudflare_api_key> \ | |
--name stp5net steeef/stp5net \ | |
-conf /etc/Caddyfile -agree | |
ExecStop=/usr/bin/docker stop -t 2 stp5net | |
ExecStopPost=/usr/bin/docker rm -f stp5net | |
Restart=always | |
[Install] | |
WantedBy=default.target | |
users: | |
- name: rkt | |
groups: | |
- rkt | |
no-user-group: true | |
system: true | |
shell: "/sbin/nologin" | |
write_files: | |
- path: "/root/Caddyfile" | |
permissions: '0400' | |
owner: 1001:1001 | |
content: | | |
https://stp5.net { | |
log stdout | |
errors { | |
log stdout | |
404 404.html | |
} | |
tls { | |
dns cloudflare | |
email webmaster@stp5.net | |
} | |
git { | |
repo https://github.com/steeef/stp5blog.git | |
hook /blogupdate "<githubkey>" | |
path /home/caddy/git | |
then hugo --destination=/srv/blog | |
} | |
} | |
- path: "/root/caddy_directory_setup.sh" | |
permissions: '0700' | |
owner: root:root | |
content: | | |
#!/bin/bash | |
umask 077 | |
/usr/bin/mkdir -p /caddy/dotcaddy | |
/usr/bin/chown -R 1001:1001 /caddy | |
/bin/mv /root/Caddyfile /caddy/Caddyfile |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment