Saltbox
Saltbox copied to clipboard
saltyorg
Cockpit
Add https://cockpit-project.org to Saltbox if it won't cause any conflicts.
@saltydk I'd like to mess around with this. Do you have any working docker-compose examples for cockpit?
I was installing it on the host in our initial tests months ago. These are the notes that came from that, very loose as it was not tested well.
sudo apt install -t focal-backports cockpit cockpit-machines
sudo apt install qemu qemu-kvm libvirt-clients libvirt-daemon-system virtinst bridge-utils
sudo apt-get install cracklib-runtime
sudo apt-get install qemu-utils
sudo apt-get install dnsmasq
sudo virsh net-start default
/etc/cockpit/cockpit.conf
[WebService]
Origins = https://cockpit.dev.saltbox.dev
ProtocolHeader = X-Forwarded-Proto
ForwardedForHeader = X-Forwarded-For
AllowUnencrypted = true
"/etc/systemd/system/cockpit.socket.d/listen.conf"
[Socket]
ListenStream=
ListenStream=172.19.0.1:1337
FreeBind=yes
traefik
http:
services:
cockpit:
loadBalancer:
servers:
- url: "http://172.19.0.1:1337/"
routers:
cockpit:
entryPoints:
- "websecure"
rule: "Host(`cockpit.dev.saltbox.dev`)"
middlewares:
- "secureHeaders@file,gzip@docker"
tls:
certresolver: "zerossl"
options: "securetls@file"
service: "cockpit"
The above is from testing on focal so obviously need some tweaks for jammy.
I have it running, not sure if its set up how salty would do it.
sudo apt install -t jammy-backports cockpit
/etc/cockpit/cockpit.conf
[WebService]
Origins = https://cockpit.domain.tld
ProtocolHeader = X-Forwarded-Proto
ForwardedForHeader = X-Forwarded-For
AllowUnencrypted = true
/etc/systemd/system/cockpit.socket.d/listen.conf
[Socket]
ListenStream=
ListenStream=172.19.0.1:1337
FreeBind=yes
traefik /opt/traefik/cockpit.yml
http:
services:
cockpit:
loadBalancer:
servers:
- url: "http://172.19.0.1:1337/"
routers:
cockpit:
entryPoints:
- "websecure"
rule: "Host(`cockpit.domain.tld`)"
middlewares:
- "globalHeaders@file"
- "secureHeaders@file"
- "authelia@docker"
- "gzip@docker"
tls:
certresolver: "cfdns"
options: "securetls@file"
service: "cockpit"
idk if the image will show. but it loads fine. logged in and everything seems to look alright. ~I tried some of the other middlewares but I'm stupid so they didn't work.~
works with authelia also. idk, what do you need tested @saltydk? it restarted a few services when I clicked it. seems to work pretty well, but idk what really needs testing. I haven't installed all the VM stuff, ie cockpit-machine.
idk where to begin for a role. idk, does cockpit have a binary? they have releases on github. I installed like I mentioned above, I looked around in the saltbox repo for apt examples, and idk if that's a good place to start? ansible built in apt? I'm gonna need some guidance I think cause otherwise I'm going to break something :p
Example in Saltbox installing an apt package
https://github.com/saltyorg/Saltbox/blob/89213c917f2fa49e25f1658c286a1fc27293c25e/roles/mainline/tasks/main.yml#L38
I took a look through there earlier, just wasn't sure what a good starting point was. I'll take a closer look and see what I can do. tyvm owine.