Last active
March 11, 2024 17:59
-
-
Save tonis2/b92af623b5eb49dae89973788d376dae to your computer and use it in GitHub Desktop.
Install linux with portainer
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Install dependencies | |
apt update -y | |
apt install docker.io -y | |
apt install docker-compose -y | |
systemctl start docker | |
systemctl enable docker | |
# Give rights to docker | |
sudo groupadd docker | |
sudo usermod -aG docker $USERNAME | |
newgrp docker | |
# Disable root SSH login with password | |
sed --in-place 's/^PermitRootLogin.*/PermitRootLogin prohibit-password/g' | |
systemctl enable ssh | |
systemctl start ssh | |
# Disable all incoming network ports with ufw and then allow ssh login and some few others | |
ufw default deny incoming | |
ufw default allow outgoing | |
ufw allow OpenSSH | |
ufw allow 22 | |
ufw --force enable | |
# Pull default docker images | |
docker pull caddy:latest | |
docker pull portainer/portainer-ce:latest | |
mkdir /srv/web /srv/caddy | |
# This file will contain Caddy proxy config | |
touch /srv/caddy/Caddyfile | |
# Give read write access to /srv on all users | |
chmod ugo+rwx /srv /srv/web /srv/caddy | |
# Create default volumes | |
# Default web volume is accessible from host machine at /srv | |
docker volume create --driver local --opt type=none --opt device=/srv --opt o=bind web | |
docker volume create portainer_data | |
docker network create --driver=bridge --subnet=10.20.20.0/16 web | |
# Start default docker containers | |
docker run -d --ip=10.20.0.9 --privileged -e AGENT_SECRET=secret --network web --name portainer --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer-ce:latest | |
docker run -d -p 80:80 -p 443:443 --network web --name=caddy --restart=always -v web:/data -v web:/config -v web:/srv caddy:latest caddy run --config /srv/caddy/Caddyfile --adapter caddyfile | |
# Caddyfile is located at /srv/caddy/Caddyfile, when first creating server Caddyfile has to be added manually and caddy container restarted |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This script automatically installs Linux with Docker + Portainer and some default settings.
Install it like this for example
ssh root@234.5.2.3 "bash -s" -- < ./server.sh
More information about tools
Caddy
Portainer
Caddyfile should be added at
/srv/caddy
with default settings