Updating readme.
This commit is contained in:
40
README.org
40
README.org
@@ -35,6 +35,9 @@ multi-instance, multi-user webapp that invokes the "base" as
|
||||
needed. The "base" can be run separately from the webapp. The webapp
|
||||
automatically generates the configs the "base" needs to run.
|
||||
|
||||
The Makefile at the root of this source tree is the point of interface
|
||||
for everything and all commands are run via make.
|
||||
|
||||
** "Base" Terraform Layer
|
||||
|
||||
The project is designed so that if you want to just manage a single
|
||||
@@ -44,6 +47,43 @@ but also so that when developing the Terraform and Docker Compose
|
||||
setup it can be done and tested without needing to deal with the web
|
||||
app as well.
|
||||
|
||||
The "base" layer is made up of the following: Flatcar Linux, Docker
|
||||
Compose, Terraform, and a Makefile with a set of BASH scripts.
|
||||
|
||||
*** Flatcar Linux
|
||||
|
||||
The deployed instance runs on Flatcar Linux. Flatcar is a "read only"
|
||||
Linux distribution designed to only run containers and nothing
|
||||
else. Flatcar is used because it provides a high-level of security and
|
||||
the OS itself auto-updates on a two-week schedule. Also, being "read
|
||||
only" it is much more difficult for an external attacker to attack and
|
||||
much harder for a user that does not know what they are doing to "mess
|
||||
up".
|
||||
|
||||
*** Docker Compose
|
||||
|
||||
Each individual supported web app (like NextCloud, Ghost, etc) runs
|
||||
via Docker and is configured via Docker Compose. (The docker compose
|
||||
files are all in the "all-apps" directory in this source tree).
|
||||
|
||||
The Flatcar Linux config contains a systemd unit (service file) that
|
||||
runs "docker compose". The Makefile copies all selected apps' docker
|
||||
compose files from all-apps/ to app/. The systemd unit runs all the
|
||||
docker compose files in the app/ directory. (The app/ directory is
|
||||
what actually gets copied to the Flatcar linux install, not the
|
||||
all-apps/ directory.)
|
||||
|
||||
The docker compose setup is specific and needs further documentation
|
||||
here (to cover things like the shared load-balancer network setup and
|
||||
how persistent storage is handled).
|
||||
|
||||
*** Terraform
|
||||
|
||||
Terraform is used to actually manage the deployed instances. Currently
|
||||
it is a static terraform config controlled only via terraform
|
||||
variables (see config/production.tfvars.tmpl). The terraform commands
|
||||
are run via the Makefile.
|
||||
|
||||
** Webapp
|
||||
|
||||
The webapp is used both to provide a more "user-friendly" interface
|
||||
|
||||
Reference in New Issue
Block a user