Skip to content

Commit

Permalink
add Docker Macvlan network documentation
Browse files Browse the repository at this point in the history
  • Loading branch information
Strubbl committed Dec 21, 2024
1 parent ae7271b commit 8eadf67
Show file tree
Hide file tree
Showing 2 changed files with 69 additions and 1 deletion.
2 changes: 1 addition & 1 deletion content/docs/tools/teddyCloud/setup/_index.md
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ Minimal teddyCloud version for this docu is release v0.6.0! Please ensure you ar
The docker container automatically generates the server certificates on first run. You can extract the ```certs/server/ca.der``` for your box after that.

An example [docker-compose.yaml can be found within the docker subdir.](https://github.com/toniebox-reverse-engineering/teddycloud/blob/master/docker/docker-compose.yaml)
Please beware that port 443 cannot be remapped and you cannot use a reverse proxy like nginx or traefik without passing through the TLS (complex, not recommended). The client certificate authentication needs to be done by teddyCloud. Also, there is no SNI. If you are using docker, you can use macvlan to give the teddyCloud container a dedicated IP address (recommended).
Please beware that port 443 cannot be remapped and you cannot use a reverse proxy like nginx or traefik without passing through the TLS (complex, not recommended). The client certificate authentication needs to be done by teddyCloud. Also, there is no SNI. If you are using docker, you can [use macvlan](docker-macvlan) to give the teddyCloud container a dedicated IP address (recommended).

## Preparation
First of all, prepare your teddyCloud installation. On first run, teddyCloud generates its certificates. During the generation you cannot access the webinterface. This can take several minutes! Be sure you check the log output!
Expand Down
68 changes: 68 additions & 0 deletions content/docs/tools/teddyCloud/setup/docker-macvlan.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,68 @@
---
title: "Docker Macvlan"
description: "Use Docker Macvlan for a dedicated IP"
bookCollapseSection: true
headless: true
---
# Docker Macvlan Setup

## Prerequisites

Make sure, you have an IP address in your network, which does not get served by the local DHCP server.

## Assumptions for this example

In this example

* the IP address 192.168.1.3 is reserved for teddycloud
* in a network 192.168.0.0/23
* with the router having the address 192.168.0.1


## Create Docker Macvlan Network

You create a Docker Macvlan network with the following command:

```
docker network create \
--driver macvlan \
--subnet=192.168.0.0/23 \
--gateway=192.168.0.1 \
--ip-range=192.168.1.3/32 \
-o parent=eth1 \
teddycloud_macvlan
```

Of course you have to adapt all the parameters to your network.

## Adjust docker-compose.yaml

After the Docker Macvlan network has been created, it can be used in the `docker-compose.yaml`.

### Add Docker Macvlan network

At the end of you `docker-compose.yaml` add the following lines to add the Docker Macvlan network:

```
networks:
teddycloud_macvlan:
external: true
```

### Use Docker Macvlan in teddycloud service

Add the networks secion to your teddycloud service, which are the last three lines of the following snippet

```
services:
teddycloud:
networks:
teddycloud_macvlan:
ipv4_address: 192.168.1.3
```

## Done

Save the `docker-compose.yaml` file and start the container.

0 comments on commit 8eadf67

Please sign in to comment.