Fixed all Caddyfile entries to be Tabs not spaces. Added Meshcentral WIP.

bitwarden-vaultwarden/readme.md

@@ -116,24 +116,24 @@ Bitwarden_rs documentation has a
 `Caddyfile`
 ```
 bitwarden.{$MY_DOMAIN} {
-    encode gzip
-
-    header {
-        # Enable cross-site filter (XSS) and tell browser to block detected attacks
-        X-XSS-Protection "1; mode=block"
-        # Disallow the site to be rendered within a frame (clickjacking protection)
-        X-Frame-Options "DENY"
-        # Prevent search engines from indexing (optional)
-        X-Robots-Tag "none"
-        # Server name removing
-        -Server
-    }
-
-    # Notifications redirected to the websockets server
-    reverse_proxy /notifications/hub bitwarden:3012
-
-    # Proxy the Root directory to Rocket
-    reverse_proxy bitwarden:80
+	encode gzip
+
+	header {
+		# Enable cross-site filter (XSS) and tell browser to block detected attacks
+		X-XSS-Protection "1; mode=block"
+		# Disallow the site to be rendered within a frame (clickjacking protection)
+		X-Frame-Options "DENY"
+		# Prevent search engines from indexing (optional)
+		X-Robots-Tag "none"
+		# Server name removing
+		-Server
+	}
+
+	# Notifications redirected to the websockets server
+	reverse_proxy /notifications/hub bitwarden:3012
+
+	# Proxy the Root directory to Rocket
+	reverse_proxy bitwarden:80
 }
 ```
 

cloud-commander/README.md

@@ -10,7 +10,7 @@
 Remember to `docker exec -w /etc/caddy caddy caddy reload` after editing your Caddyfile.
 ```
 cloud.yourdomain.com {
-    reverse_proxy cloudcmd:8000
+	reverse_proxy cloudcmd:8000
 }
 ```
 

freepbx-asterisk/README.md

@@ -12,7 +12,7 @@
 Remember to `docker exec -w /etc/caddy caddy caddy reload` after editing your Caddyfile.
 ```
 freepbx.yourdomain.com {
-    reverse_proxy freepbx:80
+	reverse_proxy freepbx:80
 }
 ```
 

heimdall/README.md

@@ -16,7 +16,7 @@ Remember to `docker exec -w /etc/caddy caddy caddy reload` after editing your Ca
 
 ```
 heimdall.example.com {
-    reverse_proxy heimdall:80
+	reverse_proxy heimdall:80
 }
 ```
 

initial ubuntu setup/README.md

@@ -199,15 +199,15 @@ This Caddyfile below is an example for a server with wordpress deployed in a doc
 **Caddyfile**
 ```
 {$MY_DOMAIN} {
-    reverse_proxy wordpress:80
+	reverse_proxy wordpress:80
 }
 
 www.{$MY_DOMAIN} {
-    reverse_proxy wordpress:80
+	reverse_proxy wordpress:80
 }
 
 chat.{$MY_DOMAIN} {
-    reverse_proxy rocketchat:3000
+	reverse_proxy rocketchat:3000
 }
 ```
 

jellyfin/README.md

@@ -14,7 +14,7 @@ https://jellyfin.org/
 ### Add to Caddyfile (from ~/docker/caddy)
 ```
 jelly.example.com {
-    reverse_proxy jellyfin:8096
+	reverse_proxy jellyfin:8096
 }
 ```
 

jitsi-meet/README.md

@@ -18,7 +18,7 @@ Currently this method is very basic and hosts an instance of jitsi without video
 Remember to `docker exec -w /etc/caddy caddy caddy reload` after editing your Caddyfile.
 ```
 meet.example.com {
-    reverse_proxy jitsi-web:80
+	reverse_proxy jitsi-web:80
 }
 ```
 

meshcentral/Dockerfile

@@ -0,0 +1,29 @@
+# Filename: Dockerfile
+
+FROM ubuntu:latest
+
+# Disable Prompt During Packages Installation
+ARG DEBIAN_FRONTEND=noninteractive
+
+#install dependencies
+RUN apt-get update && apt-get install -y nodejs npm nano && rm -rf /var/lib/apt/lists/*
+
+#Add non-root user, add installation directories and assign proper permissions
+RUN mkdir -p /opt/meshcentral
+
+#meshcentral installation
+WORKDIR /opt/meshcentral
+
+RUN npm install meshcentral
+
+COPY config.json.template /opt/meshcentral/config.json.template
+COPY startup.sh startup.sh
+#environment variables
+
+EXPOSE 80 4430
+
+#volumes
+VOLUME /opt/meshcentral/meshcentral-data
+VOLUME /opt/meshcentral/meshcentral-files
+
+CMD ["bash","/opt/meshcentral/startup.sh"]

meshcentral/README.md

@@ -0,0 +1,67 @@
+### Introduction
+THIS IS A WIP DO NOT USE...
+
+### Minimum File Structure
+```
+/home/
+└── ~/
+    └── docker/
+        └── meshcentral/
+            ├── config.json.template
+            ├── docker-compose.yml
+	        └── Dockerfile
+			└── startup.sh
+```
+
+You will need the files in this GitHubs folder to build the meshcentral image and deploy it.
+
+### Add to Caddyfile (from ~/docker/caddy)
+Remember to `docker exec -w /etc/caddy caddy caddy reload` after editing your Caddyfile.
+The `tls_insecure_skip_verify` line is not recommemded. This tutorial is a WIP until I figure out how
+to get caddy to work with meshcentral without the `tls_insecure_skip_verify` line.
+
+```
+meshcentral.joindigital.com {
+        tls /certs/cert.pem /certs/key.pem
+        reverse_proxy meshcentral:4430 {
+                header_up Host {http.reverse_proxy.upstream.hostport}
+                header_up X-Real-IP {http.request.remote}
+                header_up X-Forwarded-For {http.request.remote}
+				transport http {
+					tls_insecure_skip_verify
+				}
+        }
+}
+```
+
+### docker-compose.yml
+Replace YOURDOMAIN.com with your actual domain.
+
+```
+version: '3'
+services:
+    meshcentral:
+        restart: unless-stopped
+        container_name: meshcentral
+        build: .
+#        ports:
+#            - 4430:4430  #I Used 4430 because caddy v2 doesn't play well with a container using port 443. Can change 4430 to something else in the environment var CONTAINER_PORT below 
+        environment:
+            - HOSTNAME=meshcentral.YOURDOMAIN.com
+            - CONTAINER_PORT=4430
+            - REVERSE_PROXY=YOURDOMAIN.com
+            - REVERSE_PROXY_TLS_PORT=443
+            - IFRAME=false
+            - ALLOW_NEW_ACCOUNTS=true
+            - WEBRTC=true
+        volumes:
+            - ./data:/opt/meshcentral/meshcentral-data    #config.json and other important files live here. A must for data persistence
+            - ./user_files:/opt/meshcentral/meshcentral-files    #where file uploads for users live
+
+networks:
+    default:
+        external:
+            name: caddy_net
+
+```
+

meshcentral/config.json.template

@@ -0,0 +1,34 @@
+{
+  "$schema": "http://info.meshcentral.com/downloads/meshcentral-config-schema.json",
+  "settings": {
+    "cert": "myserver.mydomain.com",
+    "_WANonly": true,
+    "_LANonly": true,
+    "_sessionKey": "MyReallySecretPassword1",
+    "port": 4430,
+    "_aliasPort": 443,
+    "redirPort": 80,
+    "_redirAliasPort": 80,
+    "AgentPong": 300,
+    "TLSOffload": false,
+    "SelfUpdate": false,
+    "AllowFraming": false,
+    "WebRTC": false
+  },
+  "domains": {
+	"": {
+	"_title": "MyServer",
+    "_title2": "Servername",
+    "_minify": true,
+    "NewAccounts": true,
+	"_userNameIsEmail": true,
+    "_certUrl": "my.reverse.proxy"
+	}
+  },
+  "_letsencrypt": {
+    "__comment__": "Requires NodeJS 8.x or better, Go to https://letsdebug.net/ first before>",
+    "_email": "myemail@mydomain.com",
+    "_names": "myserver.mydomain.com",
+	"production": false
+  }
+}

meshcentral/docker-compose.yml

@@ -0,0 +1,24 @@
+version: '3'
+services:
+    meshcentral:
+        restart: unless-stopped
+        container_name: meshcentral
+        build: .
+#        ports:
+#            - 4430:4430  #I Used 4430 because caddy v2 doesn't play well with a container using port 443. Can change 4430 to something else in the environment var CONTAINER_PORT below 
+        environment:
+            - HOSTNAME=meshcentral.YOURDOMAIN.com
+            - CONTAINER_PORT=4430
+            - REVERSE_PROXY=YOURDOMAIN.com
+            - REVERSE_PROXY_TLS_PORT=443
+            - IFRAME=false
+            - ALLOW_NEW_ACCOUNTS=true
+            - WEBRTC=true
+        volumes:
+            - ./data:/opt/meshcentral/meshcentral-data    #config.json and other important files live here. A must for data persistence
+            - ./user_files:/opt/meshcentral/meshcentral-files    #where file uploads for users live
+
+networks:
+    default:
+        external:
+            name: caddy_net

meshcentral/startup.sh

@@ -0,0 +1,30 @@
+#!/bin/bash
+
+export NODE_ENV=production
+
+export HOSTNAME
+export CONTAINER_PORT
+export REVERSE_PROXY
+export REVERSE_PROXY_TLS_PORT
+export IFRAME
+export ALLOW_NEW_ACCOUNTS
+export WEBRTC
+
+if [ -f "meshcentral-data/config.json" ]
+    then
+        node node_modules/meshcentral 
+    else
+        cp config.json.template meshcentral-data/config.json
+        sed -i "s_\"port\": 4430_\"port\": $CONTAINER_PORT_" meshcentral-data/config.json
+        sed -i "s/\"cert\": \"myserver.mydomain.com\"/\"cert\": \"$HOSTNAME\"/" meshcentral-data/config.json
+        sed -i "s/\"NewAccounts\": true/\"NewAccounts\": \"$ALLOW_NEW_ACCOUNTS\"/" meshcentral-data/config.json
+        sed -i "s/\"WebRTC\": false/\"WebRTC\": \"$WEBRTC\"/" meshcentral-data/config.json
+        sed -i "s/\"AllowFraming\": false/\"AllowFraming\": \"$IFRAME\"/" meshcentral-data/config.json
+        if [ "$REVERSE_PROXY" != "false" ]
+            then 
+                sed -i "s/\"_certUrl\": \"my\.reverse\.proxy\"/\"certUrl\": \"https:\/\/$REVERSE_PROXY:$REVERSE_PROXY_TLS_PORT\"/" meshcentral-data/config.json
+                node node_modules/meshcentral
+                exit
+        fi
+        node node_modules/meshcentral --cert "$HOSTNAME"     
+fi

mumble/README.md

@@ -16,7 +16,7 @@ You will need 3 files minimum to start the mumble server. In this case config.in
 Remember to `docker exec -w /etc/caddy caddy caddy reload` after editing your Caddyfile.
 ```
 mumble.example.com {
-    reverse_proxy mumble-server:64738
+	reverse_proxy mumble-server:64738
 }
 ```
 

qbit-windscribe/README.md

@@ -8,7 +8,7 @@ Remember to `docker exec -w /etc/caddy caddy caddy reload` after editing your Ca
 
 ```
 qbit.yourdomain.com {
-    reverse_proxy qbit-windscribe:8080
+	reverse_proxy qbit-windscribe:8080
 }
 ```
 

rocketchat/README.md

@@ -12,7 +12,7 @@
 Remember to `docker exec -w /etc/caddy caddy caddy reload` after editing your Caddyfile.
 ```
 subdomain.example.com {
-    reverse_proxy rocketchat:3000
+	reverse_proxy rocketchat:3000
 }
 ```
 

seafile/README.md

@@ -12,7 +12,7 @@
 Remember to `docker exec -w /etc/caddy caddy caddy reload` after editing your Caddyfile.
 ```
 subdomain.example.com {
-    reverse_proxy seafile:80
+	reverse_proxy seafile:80
 }
 ```
 

shinobi/README.md

@@ -106,7 +106,7 @@ docker-compose up -d
 Remember to `docker exec -w /etc/caddy caddy caddy reload` after editing your Caddyfile.
 ```
 shinobi.yourdomain.com {
-    reverse_proxy shinobi:8080
+	reverse_proxy shinobi:8080
 }
 ```
 

snipeit/README.md

@@ -15,7 +15,7 @@ Remember to `docker exec -w /etc/caddy caddy caddy reload` after editing your Ca
 
 ```
 snipeit.example.com {
-    reverse_proxy wordpress:80
+	reverse_proxy wordpress:80
 }
 ```
 

vcfconvert/README.md

@@ -21,7 +21,7 @@ Symfony can help you host any php application. For this example, I selfhost vcfc
 Remember to `docker exec -w /etc/caddy caddy caddy reload` after editing your Caddyfile.
 ```
 vcfconvert.yourdomain.com {
-    reverse_proxy vcfconvert:80
+	reverse_proxy vcfconvert:80
 }
 ```
 

wordpress/README.md

@@ -13,11 +13,11 @@
 You may have done this already if you followed the [A-Z Guide](https://github.com/StarWhiz/docker_deployment_notes/tree/master/initial%20ubuntu%20setup#create-caddyfile) If not, do so and remember to `docker exec -w /etc/caddy caddy caddy reload` after editing your Caddyfile.
 ```
 example.com {
-    reverse_proxy wordpress:80
+	reverse_proxy wordpress:80
 }
 
 www.example.com {
-    reverse_proxy wordpress:80
+	reverse_proxy wordpress:80
 }
 ```
 

zoneminder/README.md

@@ -12,7 +12,7 @@
 Remember to `docker exec -w /etc/caddy caddy caddy reload` after editing your Caddyfile.
 ```
 zoneminder.yourdomain.com {
-    reverse_proxy zoneminder:80
+	reverse_proxy zoneminder:80
 }
 ```