diff --git a/README.md b/README.md index bc6be3d..b3eb3a3 100644 --- a/README.md +++ b/README.md @@ -1,10 +1,5 @@ - # git.limbosolutions.com -* Arquitectura : armv7 -* docker -[compose file](docker/docker-compose.armv7.yaml) +## Setup -## Backup and Restore Strategy -Duplicati -(more info required) \ No newline at end of file +For more information check [documentation](documentation/setup.md) diff --git a/docker/README.md b/docker/README.md deleted file mode 100644 index ac1a802..0000000 --- a/docker/README.md +++ /dev/null @@ -1,9 +0,0 @@ -# compose file -## Requirements -* [Docker Image](https://git.limbosolutions.com/marcio.fernandes/duplicati-utils/src/branch/main/docker/sqlclient.DockerFile) - - -# old info -## Backup -/usr/bin/docker exec -u git -w /tmp/backups gitea bash -c "/app/gitea/gitea dump" - diff --git a/docker/docker-compose.armv7.yaml b/docker/docker-compose.armv7.yaml deleted file mode 100644 index 342a3f1..0000000 --- a/docker/docker-compose.armv7.yaml +++ /dev/null @@ -1,71 +0,0 @@ -version: "3" -services: - server: - image: kunde21/gitea-arm - container_name: gitea - environment: - - GITEA__database__DB_TYPE=mysql - - GITEA__database__HOST=db:3306 - - GITEA__database__NAME=${GITEA_DB_NAME} - - GITEA__database__USER=${GITEA_DB_USER} - - GITEA__database__PASSWD=${GITEA_DB_PASSWORD} - - DISABLE_SSH=true - restart: unless-stopped - volumes: - - data:/data - - /etc/timezone:/etc/timezone:ro - - /etc/localtime:/etc/localtime:ro - #ports: - #- "3000:3000" web ui - #- "22:22" ssh - depends_on: - - db - networks: - macvlan: - ipv4_address: ${GITEA_MACVLAN_IP} - gitea_network: - db: - image: tobi312/rpi-mariadb:10.5-ubuntu - container_name: gitea_mariadb - restart: always - environment: - - MYSQL_ROOT_PASSWORD=${MARIADB_ROOT_PASSWORD} - - MYSQL_USER=${GITEA_DB_USER} - - MYSQL_PASSWORD=${GITEA_DB_PASSWORD} - - MYSQL_DATABASE=${GITEA_DB_NAME} - volumes: - - db:/var/lib/mysql - - /etc/timezone:/etc/timezone:ro - - /etc/localtime:/etc/localtime:ro - networks: - gitea_network: - duplicati: - container_name: gitea_duplicati - image: duplicati-sqlclient - environment: - - GITEA_DB_HOST=db - - GITEA_DB_NAME=${GITEA_DB_NAME} - - GITEA_DB_USER=${GITEA_DB_USER} - - GITEA_DB_PASSWORD=${GITEA_DB_PASSWORD} - - GITEA_DB_BACKUP_TARGETFOLDER=${GITEA_DB_BACKUP_TARGETFOLDER} - volumes: - - duplicati-data:/data - - duplicati-data:/git/duplicati-data:ro - - data:/git/data:ro - - db:/git/db:ro - - db-dumps:/git/db-dumps - ports: - - 8202:8200 - restart: unless-stopped - networks: - gitea_network: -volumes: - data: - db: - db-dumps: - duplicati-data: -networks: - macvlan: - external: true - name: macvlan_pub_net - gitea_network: \ No newline at end of file diff --git a/docker/duplicati-docker-compose.yaml b/docker/duplicati-docker-compose.yaml new file mode 100644 index 0000000..2deea6b --- /dev/null +++ b/docker/duplicati-docker-compose.yaml @@ -0,0 +1,32 @@ +version: "3" +services: + duplicati: + image: duplicati-mysqlclient + environment: + - MYSQL_HOST=db + - MYSQL_DATABASE=${DB_NAME} + - MYSQL_USER=${DB_USER} + - MYSQL_PASSWORD=${DB_PASSWORD} + - DESTINATION=/git/db-dumps + volumes: + - duplicati-data:/data + - duplicati-data:/git/duplicati-data:ro + - data:/git/data:ro + - db:/git/db:ro + - db-dumps:/git/db-dumps + ports: + - ${DUPLICATI_PORT}:8200 + restart: unless-stopped + networks: + - gitea +volumes: + duplicati-data: + data: + name: ${GITEA_APP_DATA_VOLUME_NAME} + db: + name: ${GITEA_DB_DATA_VOLUME_NAME} + db-dumps: + name: ${GITEA_DB_DUMPS_VOLUME_NAME} +networks: + gitea: + name: ${DEFAULT_NETWORK_NAME} diff --git a/docker/gitea-docker-compose.yaml b/docker/gitea-docker-compose.yaml new file mode 100644 index 0000000..6398991 --- /dev/null +++ b/docker/gitea-docker-compose.yaml @@ -0,0 +1,45 @@ +version: "3" +services: + app: + image: gitea/gitea:1.17 + environment: + - GITEA__database__DB_TYPE=mysql + - GITEA__database__HOST=db:3306 + - GITEA__database__NAME=${DB_NAME} + - GITEA__database__USER=${DB_USER} + - GITEA__database__PASSWD=${DB_PASSWORD} + - DISABLE_SSH=true + restart: unless-stopped + volumes: + - data:/data + - /etc/timezone:/etc/timezone:ro + - /etc/localtime:/etc/localtime:ro + ports: + - ${GITEA_PORT}:80 + networks: + - gitea + db: + image: mysql:8 + restart: always + environment: + - MYSQL_ROOT_PASSWORD=${DB_ROOT_PASSWORD} + - MYSQL_USER=${DB_USER} + - MYSQL_PASSWORD=${DB_PASSWORD} + - MYSQL_DATABASE=${DB_NAME} + volumes: + - db:/var/lib/mysql + - /etc/timezone:/etc/timezone:ro + - /etc/localtime:/etc/localtime:ro + - db-dumps:/db-dumps + networks: + - gitea +volumes: + data: + name: ${GITEA_APP_DATA_VOLUME_NAME} + db: + name: ${GITEA_DB_DATA_VOLUME_NAME} + db-dumps: + name: ${GITEA_DB_DUMPS_VOLUME_NAME} +networks: + gitea: + name: ${DEFAULT_NETWORK_NAME} diff --git a/documentation/issue#8.md b/documentation/issue#8.md new file mode 100644 index 0000000..6acefc3 --- /dev/null +++ b/documentation/issue#8.md @@ -0,0 +1,29 @@ +# Feature - Migrate to LXC container + + _[Issue 8](https://git.limbosolutions.com/limbosolutions.com/git.limbosolutions.com/issues/8)_ + +## Development & Testing + +- [x] Create LXC Container + - [x] Documentation Scripts for Setup + - [x] Scripts for Setup +- [ ] Restore Backup + - [ ] Documentation for backup and restore +- [ ] Validate Backup +- [x] Recreate System from scripts + +## Day 1 + +- [ ] Backup Current Production +- [ ] Stop Current Production +- [ ] Restore to new Production +- [ ] Change DNS Servers +- [ ] Check OK +- [ ] Production - Reativate Backup +- [ ] Production - Execute Backup +- [ ] Production - Check Backup + +## Day 2 + +- [ ] Production - Check Daily Backup +- [ ] Delete Old Production diff --git a/documentation/setup-lxc.md b/documentation/setup-lxc.md new file mode 100644 index 0000000..1444683 --- /dev/null +++ b/documentation/setup-lxc.md @@ -0,0 +1,65 @@ +# LXC Setup + +## Install + +### Requirements + +- Currently hosted using macvlan network +- Instructions are provided for $LXC_PROFILE defined as macvlan + _For more information how to setup a lxc profile with macvlan network https://git.limbosolutions.com/kb/lxc_ + + +Replace and execute on bash + +```bash +LXC_CONTAINER_NAME=gitsrv01 +LXC_PROFILE=default +``` + +then execute + +```bash +## Create ubuntu container +lxc launch ubuntu $LXC_CONTAINER_NAME -p $LXC_PROFILE + +## Setup container for docker +curl -s "https://git.limbosolutions.com/kb/lxc/raw/branch/main/scripts/lxc-config-docker-requirements.sh" | bash -s $LXC_CONTAINER_NAME + + +## update ubuntu container +lxc exec $LXC_CONTAINER_NAME -- bash -c "apt update -y && apt upgrade -y" + +## Install fuse and docker on lxc container +lxc exec $LXC_CONTAINER_NAME -- bash -c "curl -s \"https://git.limbosolutions.com/kb/docker/raw/branch/main/scripts/ubuntu-fuse-setup.sh\" | bash" + +## Check docker for fusefs +lxc exec $LXC_CONTAINER_NAME -- bash -c "docker info" + +#Setup Portainer +lxc exec $LXC_CONTAINER_NAME -- bash -c "curl -s \"https://git.limbosolutions.com/kb/portainer/raw/branch/main/scripts/setup.sh\" | bash" + +#confirm container ip address +lxc exec $LXC_CONTAINER_NAME -- bash -c "ip a" + +lxc restart $LXC_CONTAINER_NAME + +``` + +### Check instalation + +From other computer + +```bash + ping $LXC_CONTAINER_NAME +``` + +Access portainer (https://$LXC_CONTAINER_NAME:9443/) for inicial setup: + +- Setup administration username and password + +## Remove + +```bash + lxc rm $LXC_CONTAINER_NAME --force +``` + diff --git a/documentation/setup.md b/documentation/setup.md new file mode 100644 index 0000000..99356a6 --- /dev/null +++ b/documentation/setup.md @@ -0,0 +1,104 @@ +# Setup + +## Install + +Setup assumes that I don't have access to the host except through Portainer. + +This demonstrates that access to docker is the only real requirement to host git.limbosolutions.com + +### Requirements + +- Docker +_Currently hosted on an ubuntu lxc container with docker and portainer [+ information](setup-lxc.md)._ +- On instructions replace githost with host ip or address + +### Services (Stacks) + +If portainer installed use portainer (https://githost:9443) to setup/manage services + +Required environment variables (.env): + +```bash +GITEA_APP_DATA-VOLUME_NAME=gitea_app_data +GITEA_DB_DATA_VOLUME_NAME=gitea_db_data +GITEA_DB-DUMPS_VOLUME_NAME=gitea_db-dumps +DEFAULT_NETWORK_NAME=gitea_default +# gitea mysql dbname +DB_NAME=?? +# gitea mysql user +DB_USER=?? +# gitea mysql password +DB_PASSWORD=?? +# gitea mysql root password +DB_ROOT_PASSWORD=?? +#git tea access port +GITEA_PORT=80 +#duplicati access port +DUPLICATI_PORT=8200 +``` + +#### Gitea + + _[Docker Compose File](../docker/gitea-docker-compose.yaml)_ + +#### Duplicati + +Requirements: + +- [Duplicati Image with mySql client](https://git.limbosolutions.com/kb/duplicati/src/branch/main/docker/mysqlclient/README.md) + + +_[Docker Compose File](../docker/dupliticati-docker-compose.yaml)_ + +After starting stack: + +- Access duplicati (http://ipaddress:8200) and set a password + + +## Restore + +### Requirements + +- Host setup with docker and portainer [+ information](setup.md) + +### Process + +1) Recreate stack gitea _[Docker Compose](../docker/docker-compose.yaml)_ removing read only restrictions on duplicati volumes +1) Check every Container is ok and running +1) Stop every Container except duplicati and portainer + _note: restore of portainer/duplicati not tested_ +1) Enter Duplicati (http://hostip:8200) +1) Import Backup job (if not possible next steps must be adapted) + - Restore with permissions checked + - All Imported jobs schedules must be disabled (or disable write permissions on backup host) +1) Recreate duplicati local database (home-> backup-> advanced-> database-> Recreate (delete and repair)) +1) Restore all files (except portainer and duplicati data) to original location + - If database engine is diferent do not restore db_data and check restore database **before next steps**with this processs because duplicati is running! +1) Recreate stack gitea _[Docker Compose](../docker/docker-compose.yaml)_ with original read only restrictions on duplicati volumes +1) Confirm everything is ok and running +1) Return to duplicati on schedule job add script to run-script-before-required /data/myScripts/backupdb.sh +1) Execute a backup +1) Reenable Scheduling + +### Database + +Only required if database data files not recovarable. (Example: diferent database engine from backup) + +1) Start Portainer container (if stopped in restore process) +2) Start Database container (if stopped in restore process) +3) Enter Database container bash (by using portainer) +4) Execute: + +```bash +#select a file to import +ls /db-dumps +#select a file to import +DB_FILE= "file name to import" +# +mysql --host db -uroot -p ${MYSQL_DATABASE} < /db-dumps/$DB_FILE +#enter root password (root password is in enviromnent variable ${MYSQL_ROOT_PASSWORD}) +``` + +### network related + +If ip changed. change dns servers (git.lan) and reverse proxy (git.limbosoluttions.com) to new ip. \ No newline at end of file diff --git a/scripts/setup-lxc.sh b/scripts/setup-lxc.sh new file mode 100644 index 0000000..4b8d987 --- /dev/null +++ b/scripts/setup-lxc.sh @@ -0,0 +1,23 @@ +#!/bin/bash + +## Create a container +lxc launch ubuntu $LXC_CONTAINER_NAME -p $LXC_PROFILE && \ + +## Setup container for docker +curl - "https://git.limbosolutions.com/kb/lxc/raw/branch/main/scripts/lxc-config-docker-requirements.sh" | bash $LXC_CONTAINER_NAME + + +## update container +lxc exec $LXC_CONTAINER_NAME bash -c "apt update -y && apt upgrade -y" + +## Install docker on lxc container +lxc exec $LXC_CONTAINER_NAME bash -c "curl -s \"https://git.limbosolutions.com/kb/docker/raw/branch/main/scripts/ubuntu-fuse-setup.sh\" | bash " + +#install Portainer +lxc exec $LXC_CONTAINER_NAME bash -c "curl -s \"https://git.limbosolutions.com/kb/portainer/raw/branch/main/scripts/setup.sh\" | bash " + + + + + + diff --git a/scripts/setup.sh b/scripts/setup.sh new file mode 100644 index 0000000..eb62d99 --- /dev/null +++ b/scripts/setup.sh @@ -0,0 +1,3 @@ +#!/bin/bash +chmod +x ./setup-lxc.sh +./setup-lxc.sh \ No newline at end of file diff --git a/scripts/web-setup.sh b/scripts/web-setup.sh new file mode 100644 index 0000000..8600896 --- /dev/null +++ b/scripts/web-setup.sh @@ -0,0 +1,4 @@ +#!/bin/bash +git clone https://git.limbosolutions.com/limbosolutions.com/git.limbosolutions.com +chmod +x ./git.limbosolutions.com/scripts/setup.sh +./git.limbosolutions.com/scripts/setup.sh \ No newline at end of file