Remove OpenVPN + Sickrage + Syncthing, then adapt other resources

2017-03-06 20:55:19 +01:00 · 2017-03-06 20:55:19 +01:00 · dd589dbe19
parent 76822df992
commit dd589dbe19
23 changed files with 18 additions and 344 deletions
--- a/Dockerfiles/frontend/Dockerfile
+++ b/Dockerfiles/frontend/Dockerfile
@ -1,5 +1,5 @@
 FROM nginx:1.11-alpine
-MAINTAINER Kelvin Chen <kelvin@kelvinchen.org>
+MAINTAINER Jean Froment <froment.je@gmail.com>
 RUN apk add --no-cache apache2-utils openssl
@ -9,7 +9,7 @@ EXPOSE 80 443
 ENV USERNAME=user \
    PASSWORD=hunter2 \
-    USE_SSL=false
+    USE_SSL=true
 COPY nginx.conf common_default.conf ssl.conf /etc/nginx/
 COPY init /
--- a/Dockerfiles/frontend/nginx.conf
+++ b/Dockerfiles/frontend/nginx.conf
@ -47,26 +47,6 @@ http {
        }
    }
    server {
        include common.conf;
        server_name ~^(sickrage)(\.\w+)+$;
        location / {
            set $sickrage http://sickrage:8081;
            proxy_pass $sickrage;
        }
    }
    server {
        include common.conf;
        server_name ~^(syncthing)(\.\w+)+$;
        location / {
            set $syncthing http://syncthing:8384;
            proxy_pass $syncthing;
        }
    }
    server {
        include common.conf;
        server_name ~^(plex)(\.\w+)+$;
--- a/Dockerfiles/openvpn/Dockerfile
+++ b/Dockerfiles/openvpn/Dockerfile
@ -1,24 +0,0 @@
 FROM buildpack-deps:xenial-curl
 MAINTAINER Kelvin Chen <kelvin@kelvinchen.org>
 # Install OpenVPN
 RUN curl -sL "https://github.com/just-containers/s6-overlay/releases/download/v1.18.1.5/s6-overlay-amd64.tar.gz" \
        | tar xz -C / \
    && apt-get update \
    && apt-get install -y --no-install-recommends \
        openvpn \
        easy-rsa \
        iptables \
        bridge-utils \
    && apt-get clean \
    && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
 WORKDIR /usr/share/easy-rsa
 EXPOSE 1194/udp
 VOLUME /config
 COPY container-root/ /
 CMD ["/init"]
--- a/Dockerfiles/openvpn/container-root/etc/cont-init.d/10-mknod
+++ b/Dockerfiles/openvpn/container-root/etc/cont-init.d/10-mknod
@ -1,9 +0,0 @@
 #!/usr/bin/with-contenv bash
 mkdir -p /dev/net
 if [ ! -c /dev/net/tun ]; then
    mknod /dev/net/tun c 10 200
 fi
 chmod 600 /dev/net/tun
--- a/Dockerfiles/openvpn/container-root/etc/cont-init.d/20-iptables
+++ b/Dockerfiles/openvpn/container-root/etc/cont-init.d/20-iptables
@ -1,3 +0,0 @@
 #!/usr/bin/with-contenv bash
 iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
--- a/Dockerfiles/openvpn/container-root/etc/cont-init.d/30-ovpn
+++ b/Dockerfiles/openvpn/container-root/etc/cont-init.d/30-ovpn
@ -1,19 +0,0 @@
 #!/usr/bin/with-contenv bash
 # Make sure OpenVPN config directory exists.
 mkdir -p /config/openvpn/
 # Copy over the default OpenVPN config if it does not exist
 cp -n /etc/defaults/openvpn.conf /config/openvpn/
 # Create server CA/keys and keys for client "client" if they do not exist
 if [ ! -d "/config/openvpn/keys" ]; then
    cd /usr/share/easy-rsa
    source vars
    ./clean-all
    ./build-dh
    ./pkitool --initca
    ./pkitool --server server
    ./pkitool client
    openvpn --genkey --secret /config/openvpn/keys/ta.key
 fi
--- a/Dockerfiles/openvpn/container-root/etc/defaults/client.ovpn
+++ b/Dockerfiles/openvpn/container-root/etc/defaults/client.ovpn
@ -1,22 +0,0 @@
 client
 nobind
 remote MYSERVER_HOST 1194
 proto udp
 dev tun
 resolv-retry infinite
 cipher     AES-256-CBC
 auth       SHA512
 tls-client
 # comp-lzo
 persist-tun
 persist-key
 sndbuf 393216
 rcvbuf 393216
--- a/Dockerfiles/openvpn/container-root/etc/defaults/openvpn.conf
+++ b/Dockerfiles/openvpn/container-root/etc/defaults/openvpn.conf
@ -1,36 +0,0 @@
 # vim: ft=conf
 port  1194
 proto udp
 dev   tun
 ca       /config/openvpn/keys/ca.crt
 cert     /config/openvpn/keys/server.crt
 key      /config/openvpn/keys/server.key
 dh       /config/openvpn/keys/dh2048.pem
 tls-auth /config/openvpn/keys/ta.key 0
 cipher     AES-256-CBC
 auth       SHA512
 tls-server
 server 10.8.0.0 255.255.255.0
 ifconfig-pool-persist /config/openvpn/ipp.txt
 keepalive 10 120
 push "redirect-gateway def1 bypass-dhcp"
 push "dhcp-option DNS 8.8.8.8"
 push "dhcp-option DNS 8.8.4.4"
 # comp-lzo
 persist-key
 persist-tun
 sndbuf 393216
 rcvbuf 393216
 push "sndbuf 393216"
 push "rcvbuf 393216"
--- a/Dockerfiles/openvpn/container-root/etc/services.d/openvpn/run
+++ b/Dockerfiles/openvpn/container-root/etc/services.d/openvpn/run
@ -1,3 +0,0 @@
 #!/usr/bin/with-contenv sh
 exec openvpn /config/openvpn/openvpn.conf
--- a/Dockerfiles/openvpn/container-root/usr/local/bin/export-client
+++ b/Dockerfiles/openvpn/container-root/usr/local/bin/export-client
@ -1,21 +0,0 @@
 #!/usr/bin/env bash
 KEYDIR="/config/openvpn/keys"
 CLIENT=${1:-client}
 echo "
 $(cat /etc/defaults/client.ovpn)
 <ca>
 $(cat $KEYDIR/ca.crt)
 </ca>
 <cert>
 $(cat $KEYDIR/$CLIENT.crt)
 </cert>
 <key>
 $(cat $KEYDIR/$CLIENT.key)
 </key>
 <tls-auth>
 $(cat $KEYDIR/ta.key)
 </tls-auth>
 key-direction 1
 "
--- a/Dockerfiles/openvpn/container-root/usr/share/easy-rsa/vars
+++ b/Dockerfiles/openvpn/container-root/usr/share/easy-rsa/vars
@ -1,61 +0,0 @@
 # easy-rsa parameter settings
 export EASY_RSA="/usr/share/easy-rsa"
 export OPENSSL="openssl"
 export PKCS11TOOL="pkcs11-tool"
 export GREP="grep"
 # This variable should point to
 # the openssl.cnf file included
 # with easy-rsa.
 export KEY_CONFIG=`$EASY_RSA/whichopensslcnf $EASY_RSA`
 # Edit this variable to point to
 # your soon-to-be-created key
 # directory.
 #
 # WARNING: clean-all will do
 # a rm -rf on this directory
 # so make sure you define
 # it correctly!
 export KEY_DIR="/config/openvpn/keys"
 # PKCS11 fixes
 export PKCS11_MODULE_PATH="dummy"
 export PKCS11_PIN="dummy"
 # Increase this to 2048 if you
 # are paranoid.  This will slow
 # down TLS negotiation performance
 # as well as the one-time DH parms
 # generation process.
 export KEY_SIZE=2048
 # In how many days should the root CA key expire?
 export CA_EXPIRE=3650
 # In how many days should certificates expire?
 export KEY_EXPIRE=3650
 # These are the default values for fields
 # which will be placed in the certificate.
 # Don't leave any of these fields blank.
 export KEY_COUNTRY="US"
 export KEY_PROVINCE="CA"
 export KEY_CITY="MyCity"
 export KEY_ORG="MyOrg"
 export KEY_EMAIL="me@myhost.mydomain"
 export KEY_OU="MyOrganizationalUnit"
 # X509 Subject Field
 export KEY_NAME="EasyRSA"
 # PKCS11 Smart Card
 # export PKCS11_MODULE_PATH="/usr/lib/changeme.so"
 # export PKCS11_PIN=1234
 # If you'd like to sign all keys with the same Common Name, uncomment the
 # KEY_CN export below. You will also need to make sure your OpenVPN server
 # config has the duplicate-cn option set
 # export KEY_CN="CommonName"
--- a/Dockerfiles/plex/Dockerfile
+++ b/Dockerfiles/plex/Dockerfile
@ -1,5 +1,5 @@
 FROM buildpack-deps:xenial-scm
-MAINTAINER Kelvin Chen <kelvin@kelvinchen.org>
+MAINTAINER Jean Froment <froment.je@gmail.com>
 # Download plexupdate script and install Plex
 # This script can be later used to update Plex directly in the container
--- a/Dockerfiles/rtorrent/Dockerfile
+++ b/Dockerfiles/rtorrent/Dockerfile
@ -1,5 +1,5 @@
 FROM buildpack-deps:xenial-scm
-MAINTAINER Kelvin Chen <kelvin@kelvinchen.org>
+MAINTAINER Jean Froment <froment.je@gmail.com>
 # For rtorrent
 ENV TERM=xterm
--- a/Dockerfiles/sickrage/Dockerfile
+++ b/Dockerfiles/sickrage/Dockerfile
@ -1,16 +0,0 @@
 FROM buildpack-deps:xenial-scm
 MAINTAINER Kelvin Chen <kelvin@kelvinchen.org>
 RUN apt-get update \
    && apt-get install --no-install-recommends -y python-cheetah \
    && git clone --depth=1 \
        https://github.com/SickRage/SickRage.git \
        /opt/sickrage \
    && apt-get clean && rm -rf /var/lib/apt/lists/*
 VOLUME /config
 EXPOSE 8081
 CMD python /opt/sickrage/SickBeard.py --nolaunch --datadir \
    /config/sickrage >> /dev/null 2>&1
--- a/Dockerfiles/sonarr/Dockerfile
+++ b/Dockerfiles/sonarr/Dockerfile
@ -1,5 +1,5 @@
 FROM buildpack-deps:xenial-scm
-MAINTAINER Kelvin Chen <kelvin@kelvinchen.org>
+MAINTAINER Jean Froment <froment.je@gmail.com>
 # Install Sonarr, S6, and Jackett
 RUN echo "deb http://apt.sonarr.tv/ master main" \
--- a/Dockerfiles/syncthing/Dockerfile
+++ b/Dockerfiles/syncthing/Dockerfile
@ -1,20 +0,0 @@
 FROM buildpack-deps:xenial-curl
 MAINTAINER Kelvin Chen <kelvin@kelvinchen.org>
 RUN apt-get update \
    && apt-get install -y apt-transport-https \
    && curl -sL https://syncthing.net/release-key.txt | apt-key add - \
    && echo "deb https://apt.syncthing.net/ syncthing release" >> \
        /etc/apt/sources.list.d/syncthing.list \
    && apt-get update \
    && apt-get install -y syncthing \
    && apt-get clean \
    && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
 VOLUME /config
 EXPOSE 8384 22000 21027/udp
 COPY init config.xml /
 CMD ["/init"]
--- a/Dockerfiles/syncthing/config.xml
+++ b/Dockerfiles/syncthing/config.xml
@ -1,10 +0,0 @@
 <configuration version="11">
    <gui enabled="true" tls="false">
        <address>0.0.0.0:8384</address>
    </gui>
    <options>
        <listenAddress>0.0.0.0:22000</listenAddress>
        <startBrowser>false</startBrowser>
        <upnpEnabled>false</upnpEnabled>
    </options>
 </configuration>
--- a/Dockerfiles/syncthing/init
+++ b/Dockerfiles/syncthing/init
@ -1,7 +0,0 @@
 #!/usr/bin/env bash
 mkdir -p /config/syncthing
 cp -n /config.xml /config/syncthing
 exec syncthing -home /config/syncthing -no-browser >> /dev/null 2>&1
--- a/README.md
+++ b/README.md
@ -6,10 +6,8 @@ seedbox and personal media server.
 Go to `x.hostname` where `x` is the service you want to access.
 Included services are:
 - rtorrent
 - sickrage
 - sonarr
 - jackett (included in the sonarr image)
 - syncthing
 - plex
 The front-end reverse proxy routes based on the lowest level subdomain (e.g.
@ -62,15 +60,3 @@ All data are saved in the docker volumes `seedbox_config` or
 You can also replace these docker volumes with static path if you want to
 handle manually where files are stored on your server. You can do this by
 editing the volumes settings in the `docker-compose.yml` file.
 ## OpenVPN
 The OpenVPN container generates a single client key/cert pair by default.
 Run the command below to get your OpenVPN config file:
 ```sh
 $ docker-compose exec openvpn export-client client >> client.ovpn
 ```
 Edit the `client.ovpn` and replace the line `remote MYSERVER_HOST 1194` with
 the hostname or IP address of your server.
 You can also create more certs by by docker exec-ing into the container and
 using easy-rsa.
--- a/build-all.sh
+++ b/build-all.sh
@ -22,11 +22,9 @@ while getopts ":nq" opt; do
    esac
 done
-docker build -t kelvinchen/seedbox:frontend  $ARGS Dockerfiles/frontend  &
+docker build -t fromenje/seedbox:frontend  $ARGS Dockerfiles/frontend  &
-docker build -t kelvinchen/seedbox:plex      $ARGS Dockerfiles/plex      &
+docker build -t fromenje/seedbox:plex      $ARGS Dockerfiles/plex      &
-docker build -t kelvinchen/seedbox:rtorrent  $ARGS Dockerfiles/rtorrent  &
+docker build -t fromenje/seedbox:rtorrent  $ARGS Dockerfiles/rtorrent  &
-docker build -t kelvinchen/seedbox:sickrage  $ARGS Dockerfiles/sickrage  &
+docker build -t fromenje/seedbox:sonarr	   $ARGS Dockerfiles/sonarr	   &
 docker build -t kelvinchen/seedbox:syncthing $ARGS Dockerfiles/syncthing &
 docker build -t kelvinchen/seedbox:openvpn   $ARGS Dockerfiles/openvpn   &
 wait
--- a/config.default
+++ b/config.default
@ -1,6 +1,6 @@
 USERNAME=username
 PASSWORD=hunter2
-USE_SSL=false
+USE_SSL=true
 # For Plex Pass download
 PLEX_EMAIL=
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -11,7 +11,7 @@ volumes:
 services:
    frontend:
-        image: kelvinchen/seedbox:frontend
+        image: fromenje/seedbox:frontend
        build: Dockerfiles/frontend
        restart: always
        networks:
@ -25,7 +25,7 @@ services:
            - config
    rtorrent:
-        image: kelvinchen/seedbox:rtorrent
+        image: fromenje/seedbox:rtorrent
        build: Dockerfiles/rtorrent
        restart: always
        networks:
@ -39,7 +39,7 @@ services:
            - torrents:/torrents
    plex:
-        image: kelvinchen/seedbox:plex
+        image: fromenje/seedbox:plex
        build: Dockerfiles/plex
        restart: always
        networks:
@ -52,18 +52,8 @@ services:
        env_file:
            - config
    sickrage:
        image: kelvinchen/seedbox:sickrage
        build: Dockerfiles/sickrage
        restart: always
        networks:
            - main
        volumes:
            - config:/config
            - torrents:/torrents
    sonarr:
-        image: kelvinchen/seedbox:sonarr
+        image: fromenje/seedbox:sonarr
        build: Dockerfiles/sonarr
        restart: always
        networks:
@ -71,30 +61,3 @@ services:
        volumes:
            - config:/config
            - torrents:/torrents
    syncthing:
        image: kelvinchen/seedbox:syncthing
        build: Dockerfiles/syncthing
        restart: always
        networks:
            - main
        ports:
            - "22000:22000"
            - "21027:21027/udp"
        volumes:
            - config:/config
            - torrents:/torrents
    openvpn:
        image: kelvinchen/seedbox:openvpn
        build: Dockerfiles/openvpn
        restart: always
        networks:
            - main
        ports:
            - "1194:1194/udp"
        volumes:
            - config:/config
            - torrents:/torrents
        cap_add:
            - NET_ADMIN
--- a/push-images.sh
+++ b/push-images.sh
@ -2,9 +2,7 @@
 # Push all images to the docker registry.
-docker push kelvinchen/seedbox:frontend
+docker push fromenje/seedbox:frontend
-docker push kelvinchen/seedbox:plex
+docker push fromenje/seedbox:plex
-docker push kelvinchen/seedbox:rtorrent
+docker push fromenje/seedbox:rtorrent
-docker push kelvinchen/seedbox:sickrage
+docker push fromenje/seedbox:sonarr
 docker push kelvinchen/seedbox:syncthing
 docker push kelvinchen/seedbox:openvpn
		`@ -1,3 +0,0 @@`
			`#!/usr/bin/with-contenv bash`

			`iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE`
		`@ -1,3 +0,0 @@`
			`#!/usr/bin/with-contenv sh`

			`exec openvpn /config/openvpn/openvpn.conf`