Skip to content

pve/5caaws

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

5caaws

Five containers and a website

This restores a static website into Apache. A few risk management controls are implemented: backup/restore on AWS S3, logging on loggly.com. https://www.youtube.com/watch?v=eNxd7qoc8cA

Getting this going on e.g. Digital Ocean requires the following steps:

  1. starting a machine with the Docker daemon (on Digital Ocean, take one of the one-click apps that has Docker)
  2. installing docker-compose: https://docs.docker.com/compose/install/ (you need a version 1.6 or better), if needed
  3. git clone https://github.com/pve/5caaws.git
  4. restore the secrets from your stash into the .dist files
  5. run docker-compose up
  6. validate that you got the full restore, this can take a while; you are looking for the line that says "Job get finished" or "exited with code 0" in the logfiles that you see on loggly or the console
  7. restrict the Docker machine login to two jumphosts
  • /etc/hosts.deny sshd: All
  • /etc/hosts.allow sshd: your subnets
  1. additionally, you might want to log the docker machine itself. i.e. https://XXXX.loggly.com/sources/setup/linux-setup-base

Upgrading the underlying machine (not to mention the containers) can be done by just reinstalling everything on a fresh machine. This will restore the backup.

About

Five containers and a website

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published