From 861af46a6f577bb0c9c19d9eea591582f9d6568e Mon Sep 17 00:00:00 2001 From: Arjan H Date: Thu, 20 Apr 2023 20:20:23 +0200 Subject: [PATCH] Add instructions for docker-only setup (#41) --- README.md | 11 +++++++---- README_dockeronly.md | 32 ++++++++++++++++++++++++++++++++ 2 files changed, 39 insertions(+), 4 deletions(-) create mode 100644 README_dockeronly.md diff --git a/README.md b/README.md index 5ca7c1b..b58227a 100644 --- a/README.md +++ b/README.md @@ -6,16 +6,13 @@ ![08-dashboard](https://user-images.githubusercontent.com/44847421/48658726-ebd4c400-ea46-11e8-8cb1-43584dbc3719.jpg) -## NEW: standalone version for step-ca [![status-experimental](https://img.shields.io/badge/status-experimental-orange.svg)](README_standalone.md) - -See [README_standalone](README_standalone.md) - ## Table of Contents - [Background](#background) - [Install](#install) - [Usage](#usage) - [Troubleshooting](#troubleshooting) +- [Standalone version for step-ca](#standalone-version-for-step-ca) - [Contributing](#contributing) - [License](#license) @@ -52,6 +49,8 @@ The first-time install will take a while, depending on the power of your server +**NEW**: It is now possible to run LabCA on an existing docker server, see [README_dockeronly](README_dockeronly.md) [![status-alpha](https://img.shields.io/badge/status-alpha-orange.svg)](README_dockeronly.md) + ### Setup After the base install you must go through the setup in your browser. To give an idea of the setup process, see these screenshots: @@ -138,6 +137,10 @@ See also the [Let's Encrypt™ page on CAA](https://letsencrypt.org/docs/caa Although LabCA tries to be as robust as possible, use it at your own risk. If you depend on it, make sure that you know what you are doing! +## Standalone version for step-ca + +See [README_standalone](README_standalone.md) [![status-experimental](https://img.shields.io/badge/status-experimental-orange.svg)](README_standalone.md) + ## Contributing Feel free to dive in! [Open an issue](https://github.com/hakwerk/labca/issues/new) or submit PRs. diff --git a/README_dockeronly.md b/README_dockeronly.md new file mode 100644 index 0000000..75581c2 --- /dev/null +++ b/README_dockeronly.md @@ -0,0 +1,32 @@ +# LabCA Docker Only ![status-alpha](https://img.shields.io/badge/status-alpha-orange.svg) + +It is now also possible, instead of dedicating a complete (virtual) machine to LabCA, to run LabCA using docker-compose on a non-dedicated machine. This is quite new and therefore still needs more testing. + +## Startup + +The `docker-compose.yml` file is located in the `build` subdirectory for now. You need to export an environment variable LABCA_FQDN with the FQDN (Fully Qualified Domain Name, the name you would use in the browser for accessing the web pages). It it not possible to run LabCA on an IP address only, there must be a DNS mapping present. +``` +git clone https://github.com/hakwerk/labca.git +cd labca/build +export LABCA_FQDN=labca.example.com +docker-compose up -d +``` +And to tail the logs, especially if there are any issues: +``` +docker-compose logs -f +``` + +In case you get an error like the after running `docker-compose up`: +``` +Error response from daemon: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: exec: "labca/entrypoint.sh": stat labca/entrypoint.sh: no such file or directory: unknown +``` +then you forgot to export the LABCA_FQDN environment variable. + +Installing LabCA in this way saves a lot of time and CPU cycles as in the old method a lot of compiling was done on startup of the containers. +In this version all data is stored in docker volumes and no longer in mapped directories on the host system. + +## Migration + +If you have an existing VM installation that you would like to convert to the docker-only setup, first export the data from your existing instance: in the left menu in the Admin web gui click "Manage" then on the "Backup" tab click "Backup Now"; wait for the page to reload and then click on the newest file name and download it. + +Now install the docker-only setup as described above. On the very first "Create admin account" GUI setup page, click the link "restore from a backup file".