adding xen orchestra
This commit is contained in:
parent
046ce02c8a
commit
09c1f39a62
4 changed files with 78 additions and 0 deletions
6
xen_orchestra_tailscale/.env
Normal file
6
xen_orchestra_tailscale/.env
Normal file
|
@ -0,0 +1,6 @@
|
||||||
|
# Tailscale authorization key
|
||||||
|
TS_AUTHKEY=tskey-auth-
|
||||||
|
|
||||||
|
# Tailscale tailnet node name
|
||||||
|
TAILNET_NAME=orchestra
|
||||||
|
TAILNET_SUFFIX=?????.ts.net
|
9
xen_orchestra_tailscale/README.md
Normal file
9
xen_orchestra_tailscale/README.md
Normal file
|
@ -0,0 +1,9 @@
|
||||||
|
# Xen Orchestra server on Tailnet
|
||||||
|
|
||||||
|
This configuration gets a Xen Orchestra server running under Docker and exposed on your Tailnet. Just the think for managing your homelab XCP-ng servers.
|
||||||
|
|
||||||
|
Only changes needed are updating Tailscale configuration in `/.env`.
|
||||||
|
|
||||||
|
Initial login is `admin@admin.net` with the password `admin`.
|
||||||
|
|
||||||
|
Make sure to hit `https://orchestra.????.ts.net` since this isn't configured to listen on port 80.
|
47
xen_orchestra_tailscale/docker-compose.yml
Normal file
47
xen_orchestra_tailscale/docker-compose.yml
Normal file
|
@ -0,0 +1,47 @@
|
||||||
|
services:
|
||||||
|
tailscale:
|
||||||
|
hostname: ${TAILNET_NAME}
|
||||||
|
image: tailscale/tailscale
|
||||||
|
volumes:
|
||||||
|
- ./data/tailscale:/var/lib/tailscale
|
||||||
|
- ./ts-serve.json:/config/ts-serve.json:ro
|
||||||
|
- /dev/net/tun:/dev/net/tun
|
||||||
|
cap_add:
|
||||||
|
- net_admin
|
||||||
|
- sys_module
|
||||||
|
environment:
|
||||||
|
TS_AUTHKEY: ${TS_AUTHKEY}
|
||||||
|
TS_SERVE_CONFIG: /config/ts-serve.json
|
||||||
|
TS_AUTH_ONCE: true
|
||||||
|
TS_STATE_DIR: /var/lib/tailscale
|
||||||
|
TS_HOST: ${TAILNET_NAME}
|
||||||
|
restart: unless-stopped
|
||||||
|
|
||||||
|
server:
|
||||||
|
restart: always
|
||||||
|
image: ronivay/xen-orchestra:latest
|
||||||
|
stop_grace_period: 1m
|
||||||
|
environment:
|
||||||
|
- HTTP_PORT=80
|
||||||
|
# capabilities are needed for NFS/SMB mount
|
||||||
|
cap_add:
|
||||||
|
- SYS_ADMIN
|
||||||
|
- DAC_READ_SEARCH
|
||||||
|
# additional setting required for apparmor enabled systems. also needed for NFS mount
|
||||||
|
security_opt:
|
||||||
|
- apparmor:unconfined
|
||||||
|
volumes:
|
||||||
|
- ./data/xo-data:/var/lib/xo-server
|
||||||
|
- ./data/redis-data:/var/lib/redis
|
||||||
|
# logging
|
||||||
|
logging: &default_logging
|
||||||
|
driver: "json-file"
|
||||||
|
options:
|
||||||
|
max-size: "1M"
|
||||||
|
max-file: "2"
|
||||||
|
# these are needed for file restore. allows one backup to be mounted at once which will be umounted after some minutes if not used (prevents other backups to be mounted during that)
|
||||||
|
# add loop devices (loop1, loop2 etc) if multiple simultaneous mounts needed.
|
||||||
|
devices:
|
||||||
|
- "/dev/fuse:/dev/fuse"
|
||||||
|
- "/dev/loop-control:/dev/loop-control"
|
||||||
|
- "/dev/loop0:/dev/loop0"
|
16
xen_orchestra_tailscale/ts-serve.json
Normal file
16
xen_orchestra_tailscale/ts-serve.json
Normal file
|
@ -0,0 +1,16 @@
|
||||||
|
{
|
||||||
|
"TCP": {
|
||||||
|
"443": {
|
||||||
|
"HTTPS": true
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"Web": {
|
||||||
|
"${TS_CERT_DOMAIN}:443": {
|
||||||
|
"Handlers": {
|
||||||
|
"/": {
|
||||||
|
"Proxy": "http://server:80"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
Loading…
Reference in a new issue