364e058b8c
Enthaelt: - Docker Compose mit allen Services (Nextcloud, Vaultwarden, n8n, etc.) - nginx Reverse Proxy Konfiguration mit Rate Limiting - WireGuard VPN Template - Backup und Health-Check Scripts - Deployment Script - Ausfuehrliche Dokumentation und Troubleshooting Guide Services: - Isolierte Netzwerke pro Service - Resource Limits (CPU/Memory) - Health Checks - Logging Konfiguration Sicherheit: - .env Template ohne Secrets - Rate Limiting auf nginx - TLS 1.2+ only - Security Headers 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
97 lines
2.8 KiB
Bash
97 lines
2.8 KiB
Bash
#!/bin/bash
|
|
# ============================================
|
|
# Proxmox Infrastruktur Deployment Script
|
|
# ============================================
|
|
# Erstinstallation oder Update der kompletten Infrastruktur
|
|
|
|
set -euo pipefail
|
|
|
|
RED='\033[0;31m'
|
|
GREEN='\033[0;32m'
|
|
YELLOW='\033[1;33m'
|
|
NC='\033[0m'
|
|
|
|
log_info() { echo -e "${GREEN}[INFO]${NC} $1"; }
|
|
log_warn() { echo -e "${YELLOW}[WARN]${NC} $1"; }
|
|
log_error() { echo -e "${RED}[ERROR]${NC} $1"; }
|
|
|
|
# Root-Check
|
|
if [ "$EUID" -ne 0 ]; then
|
|
log_error "Bitte als root ausfuehren"
|
|
exit 1
|
|
fi
|
|
|
|
log_info "=========================================="
|
|
log_info " Proxmox Infrastruktur Deployment"
|
|
log_info "=========================================="
|
|
|
|
# Verzeichnisse erstellen
|
|
log_info "Erstelle Verzeichnisse..."
|
|
mkdir -p /opt/docker/{nextcloud/{data,db},vaultwarden,n8n,audiobookshelf/{audiobooks,podcasts,config,metadata},websites/{html,conf},api,gitea}
|
|
mkdir -p /opt/backups
|
|
mkdir -p /opt/scripts
|
|
|
|
# .env pruefen
|
|
if [ ! -f /opt/docker/.env ]; then
|
|
log_warn ".env Datei nicht gefunden!"
|
|
log_info "Erstelle Template..."
|
|
cat > /opt/docker/.env << 'EOF'
|
|
# Proxmox Infrastruktur - Environment Variables
|
|
NEXTCLOUD_DB_PASSWORD=CHANGE_ME_$(openssl rand -hex 8)
|
|
NEXTCLOUD_DB_ROOT_PASSWORD=CHANGE_ME_$(openssl rand -hex 8)
|
|
VAULTWARDEN_ADMIN_TOKEN=$(openssl rand -base64 48)
|
|
N8N_USER=admin
|
|
N8N_PASSWORD=CHANGE_ME_$(openssl rand -hex 8)
|
|
EOF
|
|
log_warn "WICHTIG: Bearbeite /opt/docker/.env und ersetze die Passwoerter!"
|
|
log_warn "Dann erneut ausfuehren."
|
|
exit 1
|
|
fi
|
|
|
|
# Docker installieren (falls nicht vorhanden)
|
|
if ! command -v docker &> /dev/null; then
|
|
log_info "Installiere Docker..."
|
|
curl -fsSL https://get.docker.com | sh
|
|
systemctl enable docker
|
|
systemctl start docker
|
|
fi
|
|
|
|
# Docker Compose pruefen
|
|
if ! docker compose version &> /dev/null; then
|
|
log_error "Docker Compose nicht gefunden!"
|
|
exit 1
|
|
fi
|
|
|
|
# Scripts kopieren
|
|
log_info "Kopiere Scripts..."
|
|
cp -f scripts/*.sh /opt/scripts/ 2>/dev/null || true
|
|
chmod +x /opt/scripts/*.sh 2>/dev/null || true
|
|
|
|
# Docker Compose kopieren
|
|
log_info "Kopiere Docker Compose..."
|
|
cp -f docker/docker-compose.yml /opt/docker/
|
|
|
|
# Container starten
|
|
log_info "Starte Container..."
|
|
cd /opt/docker
|
|
docker compose pull
|
|
docker compose up -d
|
|
|
|
# Status pruefen
|
|
log_info "Warte auf Container-Start..."
|
|
sleep 10
|
|
|
|
docker compose ps
|
|
|
|
log_info "=========================================="
|
|
log_info " Deployment abgeschlossen!"
|
|
log_info "=========================================="
|
|
log_info ""
|
|
log_info "Naechste Schritte:"
|
|
log_info " 1. Nextcloud einrichten: http://$(hostname -I | awk '{print $1}'):8081"
|
|
log_info " 2. Vaultwarden Admin: http://$(hostname -I | awk '{print $1}'):8083/admin"
|
|
log_info " 3. Gitea einrichten: http://$(hostname -I | awk '{print $1}'):3000"
|
|
log_info ""
|
|
log_info "Health Check: /opt/scripts/health-check.sh"
|
|
log_info "Backup: /opt/scripts/backup.sh all"
|