Fixed all Caddyfile entries to be Tabs not spaces. Added Meshcentral WIP.

meshcentral/Dockerfile

@@ -0,0 +1,29 @@
+# Filename: Dockerfile
+
+FROM ubuntu:latest
+
+# Disable Prompt During Packages Installation
+ARG DEBIAN_FRONTEND=noninteractive
+
+#install dependencies
+RUN apt-get update && apt-get install -y nodejs npm nano && rm -rf /var/lib/apt/lists/*
+
+#Add non-root user, add installation directories and assign proper permissions
+RUN mkdir -p /opt/meshcentral
+
+#meshcentral installation
+WORKDIR /opt/meshcentral
+
+RUN npm install meshcentral
+
+COPY config.json.template /opt/meshcentral/config.json.template
+COPY startup.sh startup.sh
+#environment variables
+
+EXPOSE 80 4430
+
+#volumes
+VOLUME /opt/meshcentral/meshcentral-data
+VOLUME /opt/meshcentral/meshcentral-files
+
+CMD ["bash","/opt/meshcentral/startup.sh"]

meshcentral/README.md

@@ -0,0 +1,67 @@
+### Introduction
+THIS IS A WIP DO NOT USE...
+
+### Minimum File Structure
+```
+/home/
+└── ~/
+    └── docker/
+        └── meshcentral/
+            ├── config.json.template
+            ├── docker-compose.yml
+	        └── Dockerfile
+			└── startup.sh
+```
+
+You will need the files in this GitHubs folder to build the meshcentral image and deploy it.
+
+### Add to Caddyfile (from ~/docker/caddy)
+Remember to `docker exec -w /etc/caddy caddy caddy reload` after editing your Caddyfile.
+The `tls_insecure_skip_verify` line is not recommemded. This tutorial is a WIP until I figure out how
+to get caddy to work with meshcentral without the `tls_insecure_skip_verify` line.
+
+```
+meshcentral.joindigital.com {
+        tls /certs/cert.pem /certs/key.pem
+        reverse_proxy meshcentral:4430 {
+                header_up Host {http.reverse_proxy.upstream.hostport}
+                header_up X-Real-IP {http.request.remote}
+                header_up X-Forwarded-For {http.request.remote}
+				transport http {
+					tls_insecure_skip_verify
+				}
+        }
+}
+```
+
+### docker-compose.yml
+Replace YOURDOMAIN.com with your actual domain.
+
+```
+version: '3'
+services:
+    meshcentral:
+        restart: unless-stopped
+        container_name: meshcentral
+        build: .
+#        ports:
+#            - 4430:4430  #I Used 4430 because caddy v2 doesn't play well with a container using port 443. Can change 4430 to something else in the environment var CONTAINER_PORT below 
+        environment:
+            - HOSTNAME=meshcentral.YOURDOMAIN.com
+            - CONTAINER_PORT=4430
+            - REVERSE_PROXY=YOURDOMAIN.com
+            - REVERSE_PROXY_TLS_PORT=443
+            - IFRAME=false
+            - ALLOW_NEW_ACCOUNTS=true
+            - WEBRTC=true
+        volumes:
+            - ./data:/opt/meshcentral/meshcentral-data    #config.json and other important files live here. A must for data persistence
+            - ./user_files:/opt/meshcentral/meshcentral-files    #where file uploads for users live
+
+networks:
+    default:
+        external:
+            name: caddy_net
+
+```
+

meshcentral/config.json.template

@@ -0,0 +1,34 @@
+{
+  "$schema": "http://info.meshcentral.com/downloads/meshcentral-config-schema.json",
+  "settings": {
+    "cert": "myserver.mydomain.com",
+    "_WANonly": true,
+    "_LANonly": true,
+    "_sessionKey": "MyReallySecretPassword1",
+    "port": 4430,
+    "_aliasPort": 443,
+    "redirPort": 80,
+    "_redirAliasPort": 80,
+    "AgentPong": 300,
+    "TLSOffload": false,
+    "SelfUpdate": false,
+    "AllowFraming": false,
+    "WebRTC": false
+  },
+  "domains": {
+	"": {
+	"_title": "MyServer",
+    "_title2": "Servername",
+    "_minify": true,
+    "NewAccounts": true,
+	"_userNameIsEmail": true,
+    "_certUrl": "my.reverse.proxy"
+	}
+  },
+  "_letsencrypt": {
+    "__comment__": "Requires NodeJS 8.x or better, Go to https://letsdebug.net/ first before>",
+    "_email": "myemail@mydomain.com",
+    "_names": "myserver.mydomain.com",
+	"production": false
+  }
+}

meshcentral/docker-compose.yml

@@ -0,0 +1,24 @@
+version: '3'
+services:
+    meshcentral:
+        restart: unless-stopped
+        container_name: meshcentral
+        build: .
+#        ports:
+#            - 4430:4430  #I Used 4430 because caddy v2 doesn't play well with a container using port 443. Can change 4430 to something else in the environment var CONTAINER_PORT below 
+        environment:
+            - HOSTNAME=meshcentral.YOURDOMAIN.com
+            - CONTAINER_PORT=4430
+            - REVERSE_PROXY=YOURDOMAIN.com
+            - REVERSE_PROXY_TLS_PORT=443
+            - IFRAME=false
+            - ALLOW_NEW_ACCOUNTS=true
+            - WEBRTC=true
+        volumes:
+            - ./data:/opt/meshcentral/meshcentral-data    #config.json and other important files live here. A must for data persistence
+            - ./user_files:/opt/meshcentral/meshcentral-files    #where file uploads for users live
+
+networks:
+    default:
+        external:
+            name: caddy_net

meshcentral/startup.sh

@@ -0,0 +1,30 @@
+#!/bin/bash
+
+export NODE_ENV=production
+
+export HOSTNAME
+export CONTAINER_PORT
+export REVERSE_PROXY
+export REVERSE_PROXY_TLS_PORT
+export IFRAME
+export ALLOW_NEW_ACCOUNTS
+export WEBRTC
+
+if [ -f "meshcentral-data/config.json" ]
+    then
+        node node_modules/meshcentral 
+    else
+        cp config.json.template meshcentral-data/config.json
+        sed -i "s_\"port\": 4430_\"port\": $CONTAINER_PORT_" meshcentral-data/config.json
+        sed -i "s/\"cert\": \"myserver.mydomain.com\"/\"cert\": \"$HOSTNAME\"/" meshcentral-data/config.json
+        sed -i "s/\"NewAccounts\": true/\"NewAccounts\": \"$ALLOW_NEW_ACCOUNTS\"/" meshcentral-data/config.json
+        sed -i "s/\"WebRTC\": false/\"WebRTC\": \"$WEBRTC\"/" meshcentral-data/config.json
+        sed -i "s/\"AllowFraming\": false/\"AllowFraming\": \"$IFRAME\"/" meshcentral-data/config.json
+        if [ "$REVERSE_PROXY" != "false" ]
+            then 
+                sed -i "s/\"_certUrl\": \"my\.reverse\.proxy\"/\"certUrl\": \"https:\/\/$REVERSE_PROXY:$REVERSE_PROXY_TLS_PORT\"/" meshcentral-data/config.json
+                node node_modules/meshcentral
+                exit
+        fi
+        node node_modules/meshcentral --cert "$HOSTNAME"     
+fi