Documentation

Documentation

Scope of documentation

We're only concerned with documenting a few things:

1. Using the MEGADocker Application itself with the standard configuration/options
2. Configuring Manikins for common (but non-standard) use cases
3. Compiling a single source of documentation for the individual applications created by Manikins

Table of Contents

1. Configuring MEGADocker
2. Using MEGADocker
3. Alternative Manikin Configuration
   1. Core Manikins Alternative Configuration
   2. Optional Manikins Alternative Configuration
4. External Documentation
   1. Core Manikins Documentation
   2. Optional Manikins Documentation

Configuring MEGADocker

MEGADocker Application Requirements

1. Install Docker on all of your hosts
   1. Docker Desktop (macOS)
   2. Docker Desktop (Windows)
   3. Docker Engine (linux)
      1. AWS
      2. Azure
      3. CentOS
      4. Debian
      5. Fedora
      6. Ubuntu
      7. Raspbian
2. Configure Docker Swarm
   1. Initialize your swarm by running docker swarm init on any node. It is now the manager in a 1-node swarm. It will give you additional information about joining other nodes to your swarm.
   2. Join additional manager nodes with docker swarm join --manager
   3. Join additional worker nodes with docker swarm join --worker
3. Cloudflare Setup
   1. Create an account
   2. Use Cloudflare For DNS
   3. Create Subdomains
   4. Generate an API Token with Zone.Zone Settings, Zone.Zone, and Zone.DNS privileges
4. Forward Network Ports To Your Swarm - this is far beyond the scope of this (or any) document, but fundamentally you will want to have a DHCP reservation in your router (or static local IP address) for one of your manager nodes at each WAN IP address. You must then forward TCP ports 80, 443, and 8080 to that host. Check documentation for your router (or beg your network administrator) to find out more about your particular process.
   1. If you can't use 80,443, or 8080 for some reason, you can change those ports in the traefik service of your Mob's .yml file. Doing this will require you to explicitly declare the port of your service when you connect to it and is not recommended for many reasons. You must update the following yml entries:
      1. services > traefik > ports
      2. services > traefik > command > - '--entrypoints.plainhttp.address=:'
      3. services > traefik > command > - '--entrypoints.encryptedhttp.address=:'
      4. services > traefik > deploy > labels - 'traefik.http.services.traefik.loadbalancer.server.port='

TOC

Using MEGADocker

Launching MEGADocker

1. Launch application
   1. MEGADocker.net
   2. Download Desktop Application
   3. Compile It Yourself

Enabling Optional Services

2. Select your optional services from the list on the left. Grayed-out services are mandatory (core services) for MEGADocker to run.

Configuring Your Services

3. Fill in your settings in the list on the right. When they are validated, the light at the right end of each row will turn green. When all of your settings are validated, the green light at the top-right corner will turn green and the Download button at the bottom will activate. Don't close this window unless you are certain your settings are correct.

Downloading your Mob

4. Download your .zip file and unzip it in a location on a manager node where you want to store your data.

Testing Your Mob

5. From the directory you unzipped, run ./launchstack.sh to test your Mob. If everything was configured correctly, your swarm will download the required docker images and create the services you chose.
6. You can use docker service ls to monitor the status of your Mob. You will still be using a staging environment certificate from Let's Encrypt, so your services may require you to accept a certificate manually in your web browser. Once every service spins up correctly (and stays up), run cat traefik/acme.json && ls -GRal traefik/ssl to verify that you have successfully generated staging certificates and outputting them into discrete files.

Creating Live Production SSL Certificates from Let's Encrypt

7. Once you have verified that your Let's Encrypt staging certificates are there, we can set Traefik to generate trusted production certificates. Run ./stopstack.sh, and then edit your .yml file's entry for services > traefik > command > - '--certificatesresolvers.cloudflarecerts.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory' to read as - '--certificatesresolvers.cloudflarecerts.acme.caserver=https://acme-v02.api.letsencrypt.org/directory', then run ./launchstack.sh to generate your trusted certificates.`

TOC

Alternative Manikin Configuration

Core Manikins Alternative Configuration

Optional Manikins Alternative Configuration

TOC

External Documentation

Core Manikins Documentation

1. Duplicati Manikin (Backups)
2. Dynamic DNS
3. GitLab (not implemented yet)
4. Swarmpit Manikin (Docker Swarm GUI)
5. LDAP Manikin (Authentication)
6. OpenLDAP
7. [Authelia]
8. [phpMyLDAPAdmin]
9. Traefik Manikin (Reverse Proxy)
   1. Traefik
   2. ldez/traefik-certs-dumper

Optional Manikins Documentation

1. Baby Buddy (not implemented yet)
2. Calibre (not implemented yet)
3. Drupal
4. ELK (not implemented yet)
5. E-mail
6. Ghost
7. Grocy
8. Heimdall
9. Kanboard
10. Ledger (not implemented yet)
11. MediaCenter (not implemented yet)
12. NextCloud (not implemented yet)
13. Nginx
14. Pihole
15. Portainer
16. PrivateBin (not implemented yet)
17. RocketChat
18. Visualizer
19. VSCode (not implemented yet)
20. WordPress

TOC