From 8eadf67f2e5ab74f2660c586afa5c1e4a2291994 Mon Sep 17 00:00:00 2001 From: Sven Fischer Date: Sat, 21 Dec 2024 20:06:31 +0100 Subject: [PATCH 1/2] add Docker Macvlan network documentation --- content/docs/tools/teddyCloud/setup/_index.md | 2 +- .../tools/teddyCloud/setup/docker-macvlan.md | 68 +++++++++++++++++++ 2 files changed, 69 insertions(+), 1 deletion(-) create mode 100644 content/docs/tools/teddyCloud/setup/docker-macvlan.md diff --git a/content/docs/tools/teddyCloud/setup/_index.md b/content/docs/tools/teddyCloud/setup/_index.md index 8ff86321..9303ddd9 100644 --- a/content/docs/tools/teddyCloud/setup/_index.md +++ b/content/docs/tools/teddyCloud/setup/_index.md @@ -12,7 +12,7 @@ Minimal teddyCloud version for this docu is release v0.6.0! Please ensure you ar The docker container automatically generates the server certificates on first run. You can extract the ```certs/server/ca.der``` for your box after that. An example [docker-compose.yaml can be found within the docker subdir.](https://github.com/toniebox-reverse-engineering/teddycloud/blob/master/docker/docker-compose.yaml) -Please beware that port 443 cannot be remapped and you cannot use a reverse proxy like nginx or traefik without passing through the TLS (complex, not recommended). The client certificate authentication needs to be done by teddyCloud. Also, there is no SNI. If you are using docker, you can use macvlan to give the teddyCloud container a dedicated IP address (recommended). +Please beware that port 443 cannot be remapped and you cannot use a reverse proxy like nginx or traefik without passing through the TLS (complex, not recommended). The client certificate authentication needs to be done by teddyCloud. Also, there is no SNI. If you are using docker, you can [use macvlan](docker-macvlan) to give the teddyCloud container a dedicated IP address (recommended). ## Preparation First of all, prepare your teddyCloud installation. On first run, teddyCloud generates its certificates. During the generation you cannot access the webinterface. This can take several minutes! Be sure you check the log output! diff --git a/content/docs/tools/teddyCloud/setup/docker-macvlan.md b/content/docs/tools/teddyCloud/setup/docker-macvlan.md new file mode 100644 index 00000000..8b39bc8c --- /dev/null +++ b/content/docs/tools/teddyCloud/setup/docker-macvlan.md @@ -0,0 +1,68 @@ +--- +title: "Docker Macvlan" +description: "Use Docker Macvlan for a dedicated IP" +bookCollapseSection: true +headless: true +--- +# Docker Macvlan Setup + +## Prerequisites + +Make sure, you have an IP address in your network, which does not get served by the local DHCP server. + +## Assumptions for this example + +In this example + +* the IP address 192.168.1.3 is reserved for teddycloud +* in a network 192.168.0.0/23 +* with the router having the address 192.168.0.1 + + +## Create Docker Macvlan Network + +You create a Docker Macvlan network with the following command: + +``` +docker network create \ + --driver macvlan \ + --subnet=192.168.0.0/23 \ + --gateway=192.168.0.1 \ + --ip-range=192.168.1.3/32 \ + -o parent=eth1 \ + teddycloud_macvlan +``` + +Of course you have to adapt all the parameters to your network. + +## Adjust docker-compose.yaml + +After the Docker Macvlan network has been created, it can be used in the `docker-compose.yaml`. + +### Add Docker Macvlan network + +At the end of you `docker-compose.yaml` add the following lines to add the Docker Macvlan network: + +``` +networks: + teddycloud_macvlan: + external: true +``` + +### Use Docker Macvlan in teddycloud service + +Add the networks secion to your teddycloud service, which are the last three lines of the following snippet + +``` +services: + teddycloud: + … + networks: + teddycloud_macvlan: + ipv4_address: 192.168.1.3 +``` + +## Done + +Save the `docker-compose.yaml` file and start the container. + From af3ab83ac3b84c6faa4cf63f9878a234f0f0ffec Mon Sep 17 00:00:00 2001 From: Sven Fischer Date: Sat, 21 Dec 2024 20:13:45 +0100 Subject: [PATCH 2/2] fix case of teddyCloud --- content/docs/tools/teddyCloud/setup/docker-macvlan.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/content/docs/tools/teddyCloud/setup/docker-macvlan.md b/content/docs/tools/teddyCloud/setup/docker-macvlan.md index 8b39bc8c..2ea8775c 100644 --- a/content/docs/tools/teddyCloud/setup/docker-macvlan.md +++ b/content/docs/tools/teddyCloud/setup/docker-macvlan.md @@ -14,7 +14,7 @@ Make sure, you have an IP address in your network, which does not get served by In this example -* the IP address 192.168.1.3 is reserved for teddycloud +* the IP address 192.168.1.3 is reserved for teddyCloud * in a network 192.168.0.0/23 * with the router having the address 192.168.0.1 @@ -41,7 +41,7 @@ After the Docker Macvlan network has been created, it can be used in the `docker ### Add Docker Macvlan network -At the end of you `docker-compose.yaml` add the following lines to add the Docker Macvlan network: +At the end of your `docker-compose.yaml` add the following lines to add the Docker Macvlan network: ``` networks: @@ -49,9 +49,9 @@ networks: external: true ``` -### Use Docker Macvlan in teddycloud service +### Use Docker Macvlan in teddyCloud service -Add the networks secion to your teddycloud service, which are the last three lines of the following snippet +Add the networks secion to your teddyCloud service, which are the last three lines of the following snippet ``` services: