search

saltyorg / Saltbox

Ansible-based solution for rapidly deploying a Docker containerized cloud media server.
https://docs.saltbox.dev
GNU General Public License v3.0
571 stars 65 forks source link

Cockpit #142

Closed saltydk closed 2 months ago

saltydk commented 1 year ago

Add https://cockpit-project.org to Saltbox if it won't cause any conflicts.

m1lkman commented 1 year ago

@saltydk I'd like to mess around with this. Do you have any working docker-compose examples for cockpit?

saltydk commented 1 year ago

I was installing it on the host in our initial tests months ago. These are the notes that came from that, very loose as it was not tested well.

sudo apt install -t focal-backports cockpit cockpit-machines
sudo apt install qemu qemu-kvm libvirt-clients libvirt-daemon-system virtinst bridge-utils
sudo apt-get install cracklib-runtime
sudo apt-get install qemu-utils
sudo apt-get install dnsmasq
sudo virsh net-start default

/etc/cockpit/cockpit.conf

[WebService]
Origins = https://cockpit.dev.saltbox.dev
ProtocolHeader = X-Forwarded-Proto
ForwardedForHeader = X-Forwarded-For
AllowUnencrypted = true

"/etc/systemd/system/cockpit.socket.d/listen.conf"

[Socket]
ListenStream=
ListenStream=172.19.0.1:1337
FreeBind=yes

traefik

http:
  services:
    cockpit:
      loadBalancer:
        servers:
          - url: "http://172.19.0.1:1337/"
  routers:
    cockpit:
      entryPoints:
        - "websecure"
      rule: "Host(`cockpit.dev.saltbox.dev`)"
      middlewares:
        - "secureHeaders@file,gzip@docker"
      tls:
        certresolver: "zerossl"
        options: "securetls@file"
      service: "cockpit"
saltydk commented 1 year ago

The above is from testing on focal so obviously need some tweaks for jammy.

RaneyDazed commented 4 months ago

I have it running, not sure if its set up how salty would do it. 

sudo apt install -t jammy-backports cockpit

/etc/cockpit/cockpit.conf

[WebService]
Origins = https://cockpit.domain.tld
ProtocolHeader = X-Forwarded-Proto
ForwardedForHeader = X-Forwarded-For
AllowUnencrypted = true

/etc/systemd/system/cockpit.socket.d/listen.conf

[Socket]
ListenStream=
ListenStream=172.19.0.1:1337
FreeBind=yes

traefik /opt/traefik/cockpit.yml

http:
  services:
    cockpit:
      loadBalancer:
        servers:
          - url: "http://172.19.0.1:1337/"
  routers:
    cockpit:
      entryPoints:
        - "websecure"
      rule: "Host(`cockpit.domain.tld`)"
      middlewares:
        - "globalHeaders@file"
        - "secureHeaders@file"
        - "authelia@docker"
        - "gzip@docker"
      tls:
        certresolver: "cfdns"
        options: "securetls@file"
      service: "cockpit"

image idk if the image will show. but it loads fine. logged in and everything seems to look alright. ~I tried some of the other middlewares but I'm stupid so they didn't work.~ works with authelia also. idk, what do you need tested @saltydk? it restarted a few services when I clicked it. seems to work pretty well, but idk what really needs testing. I haven't installed all the VM stuff, ie cockpit-machine.

RaneyDazed commented 4 months ago

idk where to begin for a role. idk, does cockpit have a binary? they have releases on github. I installed like I mentioned above, I looked around in the saltbox repo for apt examples, and idk if that's a good place to start? ansible built in apt? I'm gonna need some guidance I think cause otherwise I'm going to break something :p

owine commented 4 months ago

Example in Saltbox installing an apt package

https://github.com/saltyorg/Saltbox/blob/89213c917f2fa49e25f1658c286a1fc27293c25e/roles/mainline/tasks/main.yml#L38

RaneyDazed commented 4 months ago

I took a look through there earlier, just wasn't sure what a good starting point was. I'll take a closer look and see what I can do. tyvm owine.

RaneyDazed commented 4 months ago

started on it on my fork. will continue over the weekend.

saltydk commented 2 months ago

implemented in Sandbox.