diff --git a/Containerfile b/Containerfile index c6bc83c..740410e 100644 --- a/Containerfile +++ b/Containerfile @@ -47,9 +47,7 @@ COPY --from=build_xoa /app /app # Set plugins links RUN find /app/packages/ -maxdepth 1 -mindepth 1 -name "xo-server-*" -not -name "xo-server-test" -exec ln -s {} /app/packages/xo-server/node_modules \; RUN mkdir -p /etc/xo-server &&\ - cp /app/packages/xo-server/config.toml /etc/xo-server/config.toml && \ - sed -i "s|port = 80|port = 8080|" /etc/xo-server/config.toml - + cp /app/packages/xo-server/sample.config.toml /etc/xo-server/config.toml ARG XOWEB=latest \ XOSERVER=latest @@ -68,6 +66,6 @@ RUN ln -fs /usr/share/zoneinfo/${TZ} /etc/localtime && \ WORKDIR /app/packages/xo-server VOLUME [ "/etc/xo-server", "/var/lib/xo-server", "/var/lib/xoa-backup" ] -EXPOSE 8080 +EXPOSE 80 CMD ["node", "dist/cli.mjs"] diff --git a/README.md b/README.md index adde24a..cbfc78f 100644 --- a/README.md +++ b/README.md @@ -12,14 +12,21 @@ Is a containerized XEN Orchestra version inspired by [XEN-Orchestra-Docker](http * /var/lib/xo-server: Where the xo-server data lives * /var/lib/xoa-backup: Where the xo-backup data lives -### Available Environments varibles +### Available Environments variables * TZ: Time zone (default: UTC) ### Execute ```bash -docker run --rm -p 8080:8080 -e TZ=UTC -v :/etc/xo-server -v :/var/lib/xo-server -v :/var/lib/xo-backup ghcr.io/soubinan/xoa-container:latest +docker run --rm -p 8080:80 -e TZ=UTC -v :/etc/xo-server -v :/var/lib/xo-server -v :/var/lib/xo-backup ghcr.io/soubinan/xoa-container:latest +``` + +or + +```bash +docker network create frontnet redisnet +docker-compose up ``` ## Known issues diff --git a/compose.yaml b/compose.yaml new file mode 100644 index 0000000..9764f02 --- /dev/null +++ b/compose.yaml @@ -0,0 +1,55 @@ +version: '3' +services: + xenorchestra: + restart: unless-stopped + image: ghcr.io/soubinan/xoa-container:latest + ports: + - 8080:8080 + depends_on: + - redis + environment: + - TZ=UTC + cap_add: + - SYS_ADMIN + - DAC_READ_SEARCH + security_opt: + - apparmor:unconfined + volumes: + - ./config.toml:/etc/xo-server/config.toml:Z + - xo-data:/var/lib/xo-server + - xo-backup:/var/lib/xoa-backup + logging: &default_logging + driver: "json-file" + options: + max-size: "1M" + max-file: "10" + networks: + - frontnet + - redisnet + + redis: + restart: unless-stopped + image: docker.io/library/redis + command: redis-server --appendonly yes + expose: + - 6379 + volumes: + - xo-redis:/data + logging: + <<: *default_logging + networks: + - redisnet + +volumes: + xo-data: + driver: local + xo-backup: + driver: local + xo-redis: + driver: local + +networks: + frontnet: + external: true + redisnet: + external: true diff --git a/config.toml b/config.toml new file mode 100644 index 0000000..15c70ae --- /dev/null +++ b/config.toml @@ -0,0 +1,193 @@ +# Example XO-Server configuration. +# +# This file is automatically looking for at the following places: +# - `$HOME/.config/xo-server/config.toml` +# - `/etc/xo-server/config.toml` +# +# The first entries have priority. +# +# Note: paths are relative to the configuration file. + +#===================================================================== + +# HTTP proxy configuration used by xo-server to fetch resources on the Internet. +# +# See: https://github.com/TooTallNate/node-proxy-agent#maps-proxy-protocols-to-httpagent-implementations +# httpProxy = 'http://jsmith:qwerty@proxy.lan:3128' + +# List of host names (optionally with a port), separated by commas, for which +# the proxy above will not be used. +# +# noProxy = 'example.net, example.com:443' + +#===================================================================== + +# It may be necessary to run XO-Server as a privileged user (e.g. `root`) for +# instance to allow the HTTP server to listen on a +# [privileged ports](http://www.w3.org/Daemon/User/Installation/PrivilegedPorts.html). +# +# To avoid security issues, XO-Server can drop its privileges by changing the +# user and the group is running with. +# +# Note: XO-Server will change them just after reading the configuration. + +# User to run XO-Server as. +# +# Note: The user can be specified using either its name or its numeric +# identifier. +# +# Default: undefined +#user = 'nobody' + +# Group to run XO-Server as. +# +# Note: The group can be specified using either its name or its numeric +# identifier. +# +# Default: undefined +# group = 'nogroup' + +#===================================================================== + +# Directory containing the database of XO. +# Currently used for logs. +# +# Default: '/var/lib/xo-server/data' +#datadir = '/var/lib/xo-server/data' + +#===================================================================== + +# Configuration of the embedded HTTP server. +[http] +# If set to true, all HTTP traffic will be redirected to the first HTTPs +# configuration. +# redirectToHttps = true + +# Public URL to connect to this XO +# +# This optional entry is used to communicate to external entities (e.g. XO Lite) +# how to connect to this XO. +# +# It SHOULD be defined in case the IP address of the current machine is not +# good enough (e.g. a domain name must be used or there is a reverse proxy). +#publicUrl = 'https://xoa.company.lan' + +# Settings applied to cookies created by xo-server's embedded HTTP server. +# +# See https://www.npmjs.com/package/cookie#options-1 +[http.cookies] +#sameSite = true +#secure = true + +# Basic HTTP. +[[http.listen]] +# Address on which the server is listening on. +# +# Sets it to 'localhost' for IP to listen only on the local host. +# +# Default: all IPv6 addresses if available, otherwise all IPv4 addresses. +hostname = '0.0.0.0' + +# Port on which the server is listening on. +# +# Default: undefined +port = 8080 + +# Instead of `host` and `port` a path to a UNIX socket may be specified +# (overrides `host` and `port`). +# +# Default: undefined +# socket = './http.sock' + +# # Basic HTTPS. +# # +# # You can find the list of possible options there +# # https://nodejs.org/docs/latest/api/tls.html#tls.createServer +# # +# # The only difference is the presence of the certificate and the key. +# [[http.listen]] +# #hostname = '127.0.0.1' +# port = 443 +# +# # Whether to autogenerate a self signed certificate if the `cert` or `key` +# # files could not be found. +# # +# # Default: true +# autoCert = false +# +# # File containing the certificate (PEM format). +# # +# # If a chain of certificates authorities is needed, you may bundle them +# # directly in the certificate. +# # +# # Note: the order of certificates does matter, your certificate should come +# # first followed by the certificate of the above +# # certificate authority up to the root. +# # +# # Default: undefined +# cert = './certificate.pem' +# +# # File containing the private key (PEM format). +# # +# # If the key is encrypted, the passphrase will be asked at +# # server startup. +# # +# # Default: undefined +# key = './key.pem' + +# List of files/directories which will be served. +[http.mounts] +#'/any/url' = '/path/to/directory' + +# List of proxied URLs (HTTP & WebSockets). +[http.proxies] +#'/any/url' = 'http://localhost:54722' + +#===================================================================== + +# Uncomment this section to export the logs to an external syslog +#[logs.transport.syslog] +#target = 'tcp://syslog.company.lan:514' + +#===================================================================== + +# Connection to the Redis server. +[redis] +# Unix sockets can be used +# +# Default: undefined +#socket = '/var/run/redis/redis.sock' + +# Syntax: redis://[db[:password]@]hostname[:port][/db-number] +# +# Default: redis://localhost:6379/0 +uri = 'redis://redis:6379/0' + +# List of aliased commands. +# +# See http://redis.io/topics/security#disabling-of-specific-commands +#renameCommands: +# del = '3dda29ad-3015-44f9-b13b-fa570de92489' +# srem = '3fd758c9-5610-4e9d-a058-dbf4cb6d8bf0' + +#===================================================================== + +# Configuration for remotes +[remoteOptions] +# Directory used to mount remotes +# +# Default: '/run/xo-server/mounts' +#mountsDir = '/run/xo-server/mounts' + +# Use sudo for mount with non-root user +# +# Default: false +#useSudo = false + +#===================================================================== + +# Configuration for plugins +[plugins] +# Each configuration is passed to the dedicated plugin instance +# +# Syntax: [plugins.] \ No newline at end of file