Merge branch 'jailmanwiki'

This commit is contained in:
Kjeld Schouten-Lebbing 2023-03-16 10:00:40 +01:00
commit 971031afdc
41 changed files with 1270 additions and 0 deletions

View File

@ -0,0 +1,19 @@
name: Publish Wiki via GitHub Pages
on:
push:
branches:
- master
jobs:
build:
name: Deploy Wiki
runs-on: ubuntu-latest
steps:
- name: Checkout master
uses: actions/checkout@v1
with:
ref: 'master'
- name: Deploy docs
uses: mhausenblas/mkdocs-deploy-gh-pages@master
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

2
jailman/wiki/.gitignore vendored Normal file
View File

@ -0,0 +1,2 @@
/config.yml
/tmp/

1
jailman/wiki/CNAME Normal file
View File

@ -0,0 +1 @@
wiki2.jailmanager.org

25
jailman/wiki/LICENSE Normal file
View File

@ -0,0 +1,25 @@
BSD 2-Clause License
Copyright (c) 2020, Kjeld Schouten-Lebbing
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
1. Redistributions of source code must retain the above copyright notice, this
list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

25
jailman/wiki/LICENSE.BSD2 Normal file
View File

@ -0,0 +1,25 @@
BSD 2-Clause License
Copyright (c) 2019, Kjeld Schouten-Lebbing
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
1. Redistributions of source code must retain the above copyright notice, this
list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

339
jailman/wiki/LICENSE.GPLV2 Normal file
View File

@ -0,0 +1,339 @@
GNU GENERAL PUBLIC LICENSE
Version 2, June 1991
Copyright (C) 1989, 1991 Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
Preamble
The licenses for most software are designed to take away your
freedom to share and change it. By contrast, the GNU General Public
License is intended to guarantee your freedom to share and change free
software--to make sure the software is free for all its users. This
General Public License applies to most of the Free Software
Foundation's software and to any other program whose authors commit to
using it. (Some other Free Software Foundation software is covered by
the GNU Lesser General Public License instead.) You can apply it to
your programs, too.
When we speak of free software, we are referring to freedom, not
price. Our General Public Licenses are designed to make sure that you
have the freedom to distribute copies of free software (and charge for
this service if you wish), that you receive source code or can get it
if you want it, that you can change the software or use pieces of it
in new free programs; and that you know you can do these things.
To protect your rights, we need to make restrictions that forbid
anyone to deny you these rights or to ask you to surrender the rights.
These restrictions translate to certain responsibilities for you if you
distribute copies of the software, or if you modify it.
For example, if you distribute copies of such a program, whether
gratis or for a fee, you must give the recipients all the rights that
you have. You must make sure that they, too, receive or can get the
source code. And you must show them these terms so they know their
rights.
We protect your rights with two steps: (1) copyright the software, and
(2) offer you this license which gives you legal permission to copy,
distribute and/or modify the software.
Also, for each author's protection and ours, we want to make certain
that everyone understands that there is no warranty for this free
software. If the software is modified by someone else and passed on, we
want its recipients to know that what they have is not the original, so
that any problems introduced by others will not reflect on the original
authors' reputations.
Finally, any free program is threatened constantly by software
patents. We wish to avoid the danger that redistributors of a free
program will individually obtain patent licenses, in effect making the
program proprietary. To prevent this, we have made it clear that any
patent must be licensed for everyone's free use or not licensed at all.
The precise terms and conditions for copying, distribution and
modification follow.
GNU GENERAL PUBLIC LICENSE
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
0. This License applies to any program or other work which contains
a notice placed by the copyright holder saying it may be distributed
under the terms of this General Public License. The "Program", below,
refers to any such program or work, and a "work based on the Program"
means either the Program or any derivative work under copyright law:
that is to say, a work containing the Program or a portion of it,
either verbatim or with modifications and/or translated into another
language. (Hereinafter, translation is included without limitation in
the term "modification".) Each licensee is addressed as "you".
Activities other than copying, distribution and modification are not
covered by this License; they are outside its scope. The act of
running the Program is not restricted, and the output from the Program
is covered only if its contents constitute a work based on the
Program (independent of having been made by running the Program).
Whether that is true depends on what the Program does.
1. You may copy and distribute verbatim copies of the Program's
source code as you receive it, in any medium, provided that you
conspicuously and appropriately publish on each copy an appropriate
copyright notice and disclaimer of warranty; keep intact all the
notices that refer to this License and to the absence of any warranty;
and give any other recipients of the Program a copy of this License
along with the Program.
You may charge a fee for the physical act of transferring a copy, and
you may at your option offer warranty protection in exchange for a fee.
2. You may modify your copy or copies of the Program or any portion
of it, thus forming a work based on the Program, and copy and
distribute such modifications or work under the terms of Section 1
above, provided that you also meet all of these conditions:
a) You must cause the modified files to carry prominent notices
stating that you changed the files and the date of any change.
b) You must cause any work that you distribute or publish, that in
whole or in part contains or is derived from the Program or any
part thereof, to be licensed as a whole at no charge to all third
parties under the terms of this License.
c) If the modified program normally reads commands interactively
when run, you must cause it, when started running for such
interactive use in the most ordinary way, to print or display an
announcement including an appropriate copyright notice and a
notice that there is no warranty (or else, saying that you provide
a warranty) and that users may redistribute the program under
these conditions, and telling the user how to view a copy of this
License. (Exception: if the Program itself is interactive but
does not normally print such an announcement, your work based on
the Program is not required to print an announcement.)
These requirements apply to the modified work as a whole. If
identifiable sections of that work are not derived from the Program,
and can be reasonably considered independent and separate works in
themselves, then this License, and its terms, do not apply to those
sections when you distribute them as separate works. But when you
distribute the same sections as part of a whole which is a work based
on the Program, the distribution of the whole must be on the terms of
this License, whose permissions for other licensees extend to the
entire whole, and thus to each and every part regardless of who wrote it.
Thus, it is not the intent of this section to claim rights or contest
your rights to work written entirely by you; rather, the intent is to
exercise the right to control the distribution of derivative or
collective works based on the Program.
In addition, mere aggregation of another work not based on the Program
with the Program (or with a work based on the Program) on a volume of
a storage or distribution medium does not bring the other work under
the scope of this License.
3. You may copy and distribute the Program (or a work based on it,
under Section 2) in object code or executable form under the terms of
Sections 1 and 2 above provided that you also do one of the following:
a) Accompany it with the complete corresponding machine-readable
source code, which must be distributed under the terms of Sections
1 and 2 above on a medium customarily used for software interchange; or,
b) Accompany it with a written offer, valid for at least three
years, to give any third party, for a charge no more than your
cost of physically performing source distribution, a complete
machine-readable copy of the corresponding source code, to be
distributed under the terms of Sections 1 and 2 above on a medium
customarily used for software interchange; or,
c) Accompany it with the information you received as to the offer
to distribute corresponding source code. (This alternative is
allowed only for noncommercial distribution and only if you
received the program in object code or executable form with such
an offer, in accord with Subsection b above.)
The source code for a work means the preferred form of the work for
making modifications to it. For an executable work, complete source
code means all the source code for all modules it contains, plus any
associated interface definition files, plus the scripts used to
control compilation and installation of the executable. However, as a
special exception, the source code distributed need not include
anything that is normally distributed (in either source or binary
form) with the major components (compiler, kernel, and so on) of the
operating system on which the executable runs, unless that component
itself accompanies the executable.
If distribution of executable or object code is made by offering
access to copy from a designated place, then offering equivalent
access to copy the source code from the same place counts as
distribution of the source code, even though third parties are not
compelled to copy the source along with the object code.
4. You may not copy, modify, sublicense, or distribute the Program
except as expressly provided under this License. Any attempt
otherwise to copy, modify, sublicense or distribute the Program is
void, and will automatically terminate your rights under this License.
However, parties who have received copies, or rights, from you under
this License will not have their licenses terminated so long as such
parties remain in full compliance.
5. You are not required to accept this License, since you have not
signed it. However, nothing else grants you permission to modify or
distribute the Program or its derivative works. These actions are
prohibited by law if you do not accept this License. Therefore, by
modifying or distributing the Program (or any work based on the
Program), you indicate your acceptance of this License to do so, and
all its terms and conditions for copying, distributing or modifying
the Program or works based on it.
6. Each time you redistribute the Program (or any work based on the
Program), the recipient automatically receives a license from the
original licensor to copy, distribute or modify the Program subject to
these terms and conditions. You may not impose any further
restrictions on the recipients' exercise of the rights granted herein.
You are not responsible for enforcing compliance by third parties to
this License.
7. If, as a consequence of a court judgment or allegation of patent
infringement or for any other reason (not limited to patent issues),
conditions are imposed on you (whether by court order, agreement or
otherwise) that contradict the conditions of this License, they do not
excuse you from the conditions of this License. If you cannot
distribute so as to satisfy simultaneously your obligations under this
License and any other pertinent obligations, then as a consequence you
may not distribute the Program at all. For example, if a patent
license would not permit royalty-free redistribution of the Program by
all those who receive copies directly or indirectly through you, then
the only way you could satisfy both it and this License would be to
refrain entirely from distribution of the Program.
If any portion of this section is held invalid or unenforceable under
any particular circumstance, the balance of the section is intended to
apply and the section as a whole is intended to apply in other
circumstances.
It is not the purpose of this section to induce you to infringe any
patents or other property right claims or to contest validity of any
such claims; this section has the sole purpose of protecting the
integrity of the free software distribution system, which is
implemented by public license practices. Many people have made
generous contributions to the wide range of software distributed
through that system in reliance on consistent application of that
system; it is up to the author/donor to decide if he or she is willing
to distribute software through any other system and a licensee cannot
impose that choice.
This section is intended to make thoroughly clear what is believed to
be a consequence of the rest of this License.
8. If the distribution and/or use of the Program is restricted in
certain countries either by patents or by copyrighted interfaces, the
original copyright holder who places the Program under this License
may add an explicit geographical distribution limitation excluding
those countries, so that distribution is permitted only in or among
countries not thus excluded. In such case, this License incorporates
the limitation as if written in the body of this License.
9. The Free Software Foundation may publish revised and/or new versions
of the General Public License from time to time. Such new versions will
be similar in spirit to the present version, but may differ in detail to
address new problems or concerns.
Each version is given a distinguishing version number. If the Program
specifies a version number of this License which applies to it and "any
later version", you have the option of following the terms and conditions
either of that version or of any later version published by the Free
Software Foundation. If the Program does not specify a version number of
this License, you may choose any version ever published by the Free Software
Foundation.
10. If you wish to incorporate parts of the Program into other free
programs whose distribution conditions are different, write to the author
to ask for permission. For software which is copyrighted by the Free
Software Foundation, write to the Free Software Foundation; we sometimes
make exceptions for this. Our decision will be guided by the two goals
of preserving the free status of all derivatives of our free software and
of promoting the sharing and reuse of software generally.
NO WARRANTY
11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS
TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
REPAIR OR CORRECTION.
12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES.
END OF TERMS AND CONDITIONS
How to Apply These Terms to Your New Programs
If you develop a new program, and you want it to be of the greatest
possible use to the public, the best way to achieve this is to make it
free software which everyone can redistribute and change under these terms.
To do so, attach the following notices to the program. It is safest
to attach them to the start of each source file to most effectively
convey the exclusion of warranty; and each file should have at least
the "copyright" line and a pointer to where the full notice is found.
<one line to give the program's name and a brief idea of what it does.>
Copyright (C) <year> <name of author>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
Also add information on how to contact you by electronic and paper mail.
If the program is interactive, make it output a short notice like this
when it starts in an interactive mode:
Gnomovision version 69, Copyright (C) year name of author
Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
This is free software, and you are welcome to redistribute it
under certain conditions; type `show c' for details.
The hypothetical commands `show w' and `show c' should show the appropriate
parts of the General Public License. Of course, the commands you use may
be called something other than `show w' and `show c'; they could even be
mouse-clicks or menu items--whatever suits your program.
You should also get your employer (if you work as a programmer) or your
school, if any, to sign a "copyright disclaimer" for the program, if
necessary. Here is a sample; alter the names:
Yoyodyne, Inc., hereby disclaims all copyright interest in the program
`Gnomovision' (which makes passes at compilers) written by James Hacker.
<signature of Ty Coon>, 1 April 1989
Ty Coon, President of Vice
This General Public License does not permit incorporating your program into
proprietary programs. If your program is a subroutine library, you may
consider it more useful to permit linking proprietary applications with the
library. If this is what you want to do, use the GNU Lesser General
Public License instead of this License.

View File

@ -0,0 +1 @@
wiki2.jailmanager.org

View File

@ -0,0 +1,71 @@
# Code of Conduct
## Our Pledge
In the interest of fostering an open and welcoming environment, we as
contributors and maintainers pledge to making participation in our project and
our community a harassment-free experience for everyone, regardless of age, body
size, disability, ethnicity, sex characteristics, gender, level of experience,
education, socio-economic status, nationality, personal appearance, race,
religion, or sexual identity and orientation.
## Our Standards
Examples of behavior that contributes to creating a positive environment
include:
* Being respectful of differing viewpoints and experiences
* Gracefully accepting constructive criticism
* Focusing on what is best for the community
Examples of unacceptable behavior by participants include:
* The use of sexual imagery and unwelcome sexual advances
* Trolling, insulting/derogatory comments, and personal or political attacks
* Public or private harassment
* Publishing others' private information, such as a physical or electronic
address, without explicit permission
## Our Responsibilities
Project maintainers are responsible for clarifying the standards of acceptable
behavior and are expected to take appropriate and fair corrective action in
response to any instances of unacceptable behavior.
Project maintainers have the right and responsibility to remove, edit, or
reject comments, commits, code, wiki edits, issues, and other contributions
that are not aligned to this Code of Conduct, or to ban temporarily or
permanently any contributor for other behaviors that they deem inappropriate,
threatening, offensive, or harmful.
## Scope
This Code of Conduct applies both within project spaces and in public spaces
when an individual is representing the project or its community. Examples of
representing a project or community include using an official project e-mail
address, posting via an official social media account, or acting as an appointed
representative at an online or offline event. Representation of a project may be
further defined and clarified by project maintainers.
## Enforcement
Instances of abusive, harassing, or otherwise unacceptable behavior may be
reported by contacting the project team at jailman@schouten-lebbing.nl. All
complaints will be reviewed and investigated and will result in a response that
is deemed necessary and appropriate to the circumstances. The project team is
obligated to maintain confidentiality with regard to the reporter of an incident.
Further details of specific enforcement policies may be posted separately.
Project maintainers who do not follow or enforce the Code of Conduct in good
faith may face temporary or permanent repercussions as determined by other
members of the project's leadership.
## Attribution
This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
available at https://www.contributor-covenant.org/version/1/4/code-of-conduct.html
[homepage]: https://www.contributor-covenant.org
For answers to common questions about this code of conduct, see
https://www.contributor-covenant.org/faq

View File

@ -0,0 +1,105 @@
# Contribution and Review Guidelines
This project welcomes any and all input, but we need to have a few quality guidelines. These guidelines will be examplained here, in this document.
### GIT Guidelines
***
#### New to GIT
If you have never used git before, you can look up our general reference on our wiki.
#### Git and You
GIT is a fantastic system, but while using it we have a few guidelines to keep it fantastic for everyone.
* Submit complete PR's.
* Add [DNM] if you do not want your PR merged yet.
* Always try and fill in the whole form, even for small PR's.
* Don't close when a reviewer requests changes (just push the changes or ask for help).
* Explain what you did in your PR.
* Be thorough.
* If you can add screenshots to clarify.
* Always try to add "Fixes #000" (where 000 is the Issue your PR fixes)
* found something you want to fix yourself? Please do make an issue too.
### Structure Guidelines
***
#### Naming scheme
File and folder names are important and making mistakes in them may give conflicts an/or annoyance in the future. Remember, your garbage needs to be cleaned by someone sometime in the future! For that reason, we have a few guidelines in regards to naming files and folder.
* Always start files and folders WITHOUT a Capital.
#### Inclusion of files and folders
Although GIT is quite friendly in what it accepts in terms of files and folder changes in a commit, a reviewer's or bugfixer's time is not unlimited. For that reason, we have a few specific guidelines in regards to the inclusion of files and folders in your PR.
* Only include files you actually changed.
* Try not to include multiple changes in one PR
* Want to change the formatting of multiple files too? Make a separate PR.
*Always include the following files when creating a new jail*
- install.sh
- update.sh
- readme.md
- config.yml
### Code Guidelines
***
#### Your code, your style, my review
Here at jailman, we value people having their own style. But your code needs to be reviewable and editable by others too. For that reason, we have a few basic coding guidelines
* **Always** explain regex in a comment within your code.
* Write simple code and don't try to impress.
* We will run (Basic) automated reformating of code once in a while.
* Document your changes in your code and if need be, on the wiki.
* All PR's should be able to pass our automated shellcheck.
* It's okey to add shellcheck ignores, but only AFTER you checked the warning!
#### jail requirements
- Jails should always save user-specific data in a persistant location. Which is the location specified in the config.yml file under "config:", which is automatically mounted to every jail under /config. There should be no user specific data in the jail itself
- Jails should not require the user to edit any config file themselves. All config changes should be automated
- Jails should not use default passwords, the user should always be forced(!) to put credentials in config.yml manually
#### Variable style
Here at JailMan we use a consistant style for variables. We also automated the process of loading the variables from the config file into your plugin, therefore you need to list all variables and required variables into the config.yml file in your plugin folder.
The following variables do not need to be included in your plugin config.yml, because they are always loaded:
ip4_addr
host_name
gateway
The style requirements for your plugin variables are as follows:
Simple variables: clear names, no references to other jails. (ex. `admin_token` )
Referencing another jail: prefix `link_` suffix a clear description of the jail you are linking. Preferably a plugin name. (ex. `link_mariadb` )
For referencing settings for specific applications or other plugins: prefix: `$pluginname_` or `$application_` where $plugin and $application are the names of the plugin/application the value is used for. (ex. `mariadb_database`)
### Review Guidelines
***
Even us review gods need some guidelines once in a while.
* Let people learn from their mistakes
* Review instead of merging without comments
* Abide by these guidelines in your review
* Tests exist for a reason. Don't merge with test-failures
### Todo vs Feature vs bug:
***
Please take note of the difference between a TODO and Feature
* Bug: An unexpected behavior of the script or a crash. Including, but not limited to, errors and warnings.
* Todo: When you come across something that needs tweaking/adding during development, is not an unexpected behavior
* Feature: When you, out of personal preference, want something added or changed.
### That's it!
***
Someone will come along and review the changes. If everything looks good then they will merge it with the main repo. If you need any help don't be afraid to ask in the discord channel: [https://discord.gg/tFcTpBp](https://discord.gg/tFcTpBp)

View File

@ -0,0 +1,18 @@
# Security Policy
## Supported Versions
| Version | TrueNAS version | Supported with updates |
| ------- | ------- |------------------ |
| 1.3.0 | 12.0 | NOT RELEASED YET |
| 1.2.x | 11.3U2-3 | :white_check_mark: |
| 1.1.x | 11.3U1-2 | :x: |
| 1.0.x | 11.3U1 | :x: |
## Reporting a Vulnerability
If you find any security issue, please email the project maintainer.
Currently the Project Maintainer is:
[Ornias1993](https://github.com/Ornias1993)

View File

View File

@ -0,0 +1,49 @@
## Config Options
There are a lot of possibly configuration options in config.yml.
For jail specific config options, please see the wiki documentation for your specific jail. This page only list general and global config options, that are the same for every jail.
## Global config options
Global options apply to every jail. Use and change with caution.
### dataset
All config options under "dataset" change dataset creation and linking. The indentation and "dataset" flag are not optional.
All Datasets are auto-created if they do not exist already, no need to worry about creating them!
- config: The dataset that is going to contain the persistant data for every jail. For example: Nextcloud user files for nextcloud or the actual database for mariadb.
- iocage: The dataset containing the iocage config. In FreeNAS often `poolname/iocage`
- media: The dataset that is going to contain all media files for plex, Sonarr, Radarr etc. Such as movies and music. Music, Movie etc. sub-datasets are auto-created.
- downloads: The dataset containging temporary download files. These are moved to media when finished. complete, incomplete etc. sub-datasets are auto-created.
## jails
All config options under "jails" change default jail settings that are the same for every created jail. The indentation and "jails" flag are not optional.
- version: the current to-be-installed version for jails
- pkgs: packages that are installed to all created jails
## (hidden) Auto created datasets
Some datasets are auto created and can not be changed from the config file. This is done to ease troubleshooting.
- `media/music` created as a sub-dataset of media, contains music
- `media/movies` created as a sub-dataset of media, contains movies
- `media/shows` created as a sub-dataset of media, contains tv-shows
- `downloads/complete` created as a sub-dataset of downloads, contains completed downloads
- `downloads/incomplete` created as a sub-dataset of downloads, contains not-yet-completed downloads
## General config options
### Networking
Please be aware that dhcp is not actively supported, many of the jails depend on having a fixed IP-adress in the config file.
Some also depend on other jails having a fixed IP in the config file. Use of DHCP is on your own risk and might not work.
- ip4_addr: To set a static IP (recommended), enter the desired ip address here. Leave blank (or remove the line) for DHCP.
- gateway: Set the gateway IP for static IP setup. Leave blank (or remove the line) for DHCP.
### Advanced
- interfaces: Set the "interfaces" flag for iocage. Example: `vnet0:bridge0` (optional)
- dhcp: Set to "on" to force DHCP (not required for DHCP, see above)
- pkgs: Override the to-be-install packages for this jail (might break now or break updates)
- custom_iocage: Adds additional custom options to iocage create (NOT actively supported, use on your own risk)

View File

@ -0,0 +1,37 @@
# Custom Functions
## Intro
With Jailman we have a number of functions that are custom. This document lists them and explains their use. Currently all custom functions are inculded in ./includes/global.sh
## parse_yaml
This functions parses the yml config files. It does not support lists however and we highly advice not using indentations other than 2 spaces either.
It's only input is a yml file and it should be called as the argument of an eval statement.
## gitupdate
This function triggers an update based on the branch it is given.
Currently only called in jailman.sh and it is fed the remote/branch combo it is currently on.
## jailcreate
This function creates the actual jail based on a plugin.
It takes the jail name, looks up the plugin and proceeds accordingly.
It also creates things like basic mount points and such. while also checking if all required vars are filled.
Currently only used in jailman.sh
## initplugin
This function turns all config.yml variables for the jail inputed as $1 into local variables. This is not required (as variables are also available as `${!jail_$1_varname}`), but makes it easier for less experienced plugin creators to start working with Jailman
It takes only the Jailname as input.
## exitplugin
This script does the "success" processing for an installation. It takes the name of the jail and a message (preferable a connection instruction), creates the "INSTALLED" file, does the last checks and outputs the successmessages
No additional scripting besides `echo`'s should be done after executing this script.
## createmount
This function creates a dataset and mounts said dataset to a specific folder in a jail, while also creating required subfolders if needed.
It's easier to use and update than mounting folders manually, so it's the only allowed way to do so, unless very specific config is required (such as database datasets)
It has the following input options:
# $1 = jail name
# $2 = Dataset
# $3 = Target mountpoint
# $4 = fstab prefernces

View File

@ -0,0 +1,19 @@
# Linking Jail Configs
## Intro
To keep things simple, you can easily link jail configs together, for example you can make the settings of your MariaDB jail accessable to your nextcloud jail.
This can be done using a variable with the name: `link_$Name`, where $Name is just a description and the value in config.yml would be the actual jail to connect to.
For example:
`link_testjail: thisismytestjail`
Would link "thisismytestjail" to your current jail.
## using linked jails
Once setup one can reach all the variables of the linked jail using the following syntax:
`link_$Name_$variable`
For example if we want the ipv4 address of the jail we linked earlier, during the install of another jail, we would do:
`${link_testjail_ip4_addr}`

View File

@ -0,0 +1,129 @@
# Introduction
**Jailman is a collection of shell scripts designed to make it easier to install all sorts of iocage Jails on FreeNAS.**
---
[![GitHub last commit](https://img.shields.io/github/last-commit/jailmanager/jailman/dev.svg)](https://github.com/jailmanager/jailman/commits/dev) [![GitHub Release](https://img.shields.io/github/release/jailmanager/jailman.svg)](https://github.com/jailmanager/jailman/releases/latest) [![License: GPL v2](https://img.shields.io/badge/License-GPL%20v2-blue.svg)](https://github.com/jailmanager/jailman/blob/master/docs/LICENSE.GPLV2) [![License](https://img.shields.io/badge/License-BSD%202--Clause-orange.svg)](https://github.com/jailmanager/jailman/blob/master/docs/LICENSE.BSD2)
There are a lot of great scripts out there to create all sorts of custom jails on FreeNAS. Sadly enough, they all take their own approach to configuration, which lead to a lot of time wasted configuring all sorts of different scripts.
We do not aim to be some sort of XKCD like "solution to replace all solutions", but aim to simply improve, iterate and integrate the great work others have already put forward.
The goal of this project is to be able to install, update, reinstall, upgrade and delete most of your services by just running a single command using a single config file. While doing this we aim for a "docker like" scenario, where the jail is completely disposable and all configuration is saved outside of the jail.
## Getting started
### Installing
- Get into FreeNAS using the in-gui console or SSH.
Run the following commands to install jailman:
- `git clone https://github.com/jailmanager/jailman.git`
- `cd jailman`
- `cp config.yml.example config.yml`
- edit config.yml to reflect your personal settings (optional, see "use")
- Run one of the commands under "How-To Use"
### Updating
This script includes an autoupdate feature which checks if changes to the script has been posted to github.
## How-To Use
Replace $jailname with the name of the jail you want to install.
For supported jails, please see this readme or config.yml.example
- First: CD into the directory you downloaded jailman into (see above)
example:
`cd /root/jailman`
- Install:
`./jailman.sh -i $jailname`
Example:
`./jailman.sh -i sonarr`
- ReInstall:
`./jailman.sh -r $jailname`
Example:
`./jailman.sh -r sonarr`
- Update:
`./jailman.sh -u $jailname`
Example:
`./jailman.sh -u sonarr`
- Destroy
`./jailman.sh -d $jailname`
Example:
`./jailman.sh -d sonarr`
You can also do multiple jails in one pass:
Example:
`jailman.sh -i sonarr radarr lidarr`
This installs the jail, creates the config dataset if needed, installs all packages and sets them up for you.
Only thing you need to do is do the setup of the packages in their respective GUI.
All settings for the applications inside the jails are persistent across reinstalls, so don't worry reinstalling!
config.yml.example includes basic configuration for all jails.
Basic means: The same setup as a FreeNAS plugin would've, DHCP on bridge0.
### Currently Supported Services
#### General
- organizr
- py-kms
- nextcloud (currently broken, fix ready for 1.3.0)
- bitwarden
- unifi controller
#### Backend
- mariadb
- influxdb
#### Downloads
- transmission
- jackett
#### Media
- plex
- tautulli
- sonarr
- radarr
- lidarr
## Get involved
### Preparing your own copy of JailMan
Getting involved with JailMan and creating your own Jails, is really simple although experience with Bash, BSD and iocage is highly recommended.
- Fork the JailMan Repository and clone your own fork to disk.
- Create a new branch, starting from the dev branch (with all current development changes)
- Open Jailman.sh and `BRANCH="dev"`into your own branch.
### Making changes
To add a jail, you need 4 things:
- A jailfolder under jails/
- an install script in the jail folder, named `install.sh`
- an update script in the jail folder, named `update.sh`
- an entry in `config.yml` with the name of your jail
All jails created by JailMan start with their own persistant data folder in a seperate dataset, mounted under `/config`.
You can safely use this, or create additional datasets and mount those.
To make your experience making changes to Jailman as easy as possible, we already made some convenience functions in global.sh, those are available to your jail install and update scripts from the start!
But above all: Have fun building it!
## LICENCE
This work is dual licenced under GPLv2 and BSD-2 clause
### Sub-Licences
Some sub-modules available under "jails" might be licenced under a different licence.
Please be aware of this and take note of any LICENCE files signaling a differently licenced sub-module.
---
![built-with-resentment](http://forthebadge.com/images/badges/built-with-resentment.svg) ![contains-technical-debt](http://forthebadge.com/images/badges/contains-technical-debt.svg)

View File

@ -0,0 +1,61 @@
## v1.1.x to v1.2.x
With v1.2 we made it possible to run multiple jails of the same type.
This is done by seperating jails (your individual installs) from plugins (our designs).
Due to this change, the config file has been changed and thus you need to adapt your config file.
### Jails
All your jails need to be indented by 2 spaces under a main group "jails" like this:
`
jail:
plex:
plugin: plex
ip4_addr: 192.168.1.99/24
gateway: 192.168.1.1
beta: false
`
Also note:
Where previously we used `plex: plex`, we can now just use `plex:`
### plugins
Every jail now requires a plugin to be defined. for example:
v1.1.x
`
plex: plex
ip4_addr: 192.168.1.99/24
gateway: 192.168.1.1
plexpass: false
`
In v1.2.x becomes:
`
jail:
plex:
plugin: plex
ip4_addr: 192.168.1.99/24
gateway: 192.168.1.1
beta: false
`
### Plex
Due to community feedback in v1.2.x "plexpass" has been renamed to "beta".
### pkgs
pkgs are removed from jail config in v1.2.x and are now part of the plugin. This way we can keep them up-to-date for you.
### Documentation
All jails now have wiki documentation pages and all basic jail values have been documented
### Other changes
Some other minor changes in config file values have been done, please refer to the example document and compare your config to the example

View File

@ -0,0 +1,53 @@
# v1.2.x to v1.3.x
With v1.3.0 all our code has been completely redesigned and rewriten.
While we tried to minimize the effects on the user, there are some consequences.
Please read this document completely before migrating.
We are **NOT** responsible if you ignore anything from this document.
### Plugin backend
With v1.3.0 we started to use plugins as a backend for jailman.
Besides the plugins now being visable in the TrueNAS UI and the renaming of "blueprints" to "plugins" this should not have any significant changes to the user experience.
However: This means all our previous jails are now not compatible with jailman anymore. A reinstall is required.
As all our jails save their data in persistent storage, it would not have any side effects to just reinstall all your jails.
You can still use jailman.sh -d $jail or jailman.sh -r $jail to remove or reinstall the old jails.
However, please always make sure you create a snapshot before doing any possible destructive operations!
#### Persistence warning on Organizr
Due to bad design choices from the organizr team, we can't be 100% sure our current setup is persistent.
While we do our best, we currently can't give guarantees about it
### Different reinstall detection.
With v1.3.0 we simplyfied reinstall detection.
If a install finishes alright, it now adds a file called "INSTALLED" to the persistent config directory (by default: /apps/$jailname). As long as this file is present it will allways try to reinstall.
As your current persistent config directories do not contain this file, all reinstalls will fail.
You can easily fix this by manually add a filled named `INSTALLED` to all the persistent config directories.
### SSL
With v1.3.0 we centralised all SSL to a traefik proxy. Traefik is a great utility to keep track of all SSL certificates and guarantees a more solid experience.
This also means we do **NOT** offer any SSL-setup ourselves anymore, but in return we fully integrated traefik into the config.yml file... so you can generate your certificates even faster than before.
We have a limited amount of developers and by using traefik, we can focus on things that mater: Stability and functionality, instead of working custom SSL config for every jail.
### Config file format
Because we simplified the internal config file structure, the config.yml structure has been simplified.
Some options have been removed and the "jail" main category has been removed.
An example what this means:
```
jail:
sonarrjail:
blueprint: sonarr
```
Will become:
```
sonarrjail:
plugin: sonarr
```
Where there will be NO spaces in front of the jailname anymore.

View File

@ -0,0 +1,5 @@
## General Info
Blueprints are the blueprint on which your created jails are going to be based.
More info TBD

View File

@ -0,0 +1,15 @@
# Bazarr
Bazarr is a companion application to Sonarr and Radarr. It manages and downloads subtitles based on your requirements. You define your preferences by TV show or movie and Bazarr takes care of everything for you.
Be aware that Bazarr doesn't scan disk to detect series and movies: It only takes care of the series and movies that are indexed in Sonarr and Radarr.
Thanks to the folks at OpenSubtitles for their logo that was an inspiration for ours.
**For more information about Bazarr, please checkout:**
https://github.com/morpheus65535/bazarr
## Known issues
- The Bazarr installer might throw SSL errors if your TrueNAS "date and time" settings are incorrect, these errors break the installation process.

View File

@ -0,0 +1,12 @@
# Bitwarden_RS
This is a Bitwarden server API implementation written in Rust compatible with [upstream Bitwarden clients](https://bitwarden.com/#download)*, perfect for self-hosted deployment where running the official resource-heavy service might not be ideal.
**For more information about Bitwarden_RS, please checkout:**
https://github.com/dani-garcia/bitwarden_rs
## Configuration Parameters
- admin_token: Long (preferable random) password to be used to open the Bitwarden_rs admin interface. Admin interface is disabled when empty
- link_mariadb: MariaDB jail to be used for storing the database.
- mariadb_database: The name of the database used for (encrypted) credential storage. defaults to the jail name. Will be created on first install.
- mariadb_user: The name of the database user to be used for (encrypted) credential storage. defaults to the database name. Will be created on first install.
- mariadb_password: The password of the database user to be used for (encrypted) credential storage. defaults to the database name.

View File

@ -0,0 +1,12 @@
# forked-dappd
This plugin installs forked-daapd with a current version of ffmpeg.
As it compiles ffmepg from sources the initialisation takes a while (~25 minutes
on a Xeon E3-1230 v5 @ 3.40GHz).
#### Configuration parameters
- itunes_media: Path to your itunes media that will be mounted in the jail. (ex. /mnt/tank/media/music/itunes/)
`forked-daapd` needs to know the location of your iTunes Library. Add a `itunes_media:`
section to your `config.yaml` with the path to your itunes library as value.

View File

@ -0,0 +1,10 @@
# Grafana
Grafana allows you to query, visualize, alert on and understand your metrics no matter where they are stored. Create, explore, and share dashboards with your team and foster a data driven culture:
**For more information about Grafana, please checkout:**
https://grafana.com
#### Configuration Parameters
- password (req): The password for the default admin account (admin). Required.
- link_influxdb (opt): set to the name of the influxdb jail to set as datasource, if desired.
- link_unifi (opt): set to the name of the Unifi jail with Unifi Poller to automatically get its data from influxdb. (requires link_influxdb)

View File

@ -0,0 +1,5 @@
# InfluxDB
InfluxDB is an open source time series platform. This includes APIs for storing and querying data, processing it in the background for ETL or monitoring and alerting purposes, user dashboards, and visualizing and exploring the data and more. The master branch on this repo now represents the latest InfluxDB, which now includes functionality for Kapacitor (background processing) and Chronograf (the UI) all in a single binary.
**For more information about InfluxDB, please checkout:**
https://github.com/influxdata/influxdb

View File

@ -0,0 +1,9 @@
## jackett
Jackett is tool designed to combine and search multiple bittorrent trackers like a proxy.
**For more information about Jackett, please checkout:**
https://github.com/Jackett/Jackett
### Post-install
Currently there are not relevant post-install steps, other than your own personal preferences for setting up Jacket.

View File

@ -0,0 +1,5 @@
# Py-KMS
_py-kms_ is a port of node-kms created by [cyrozap](http://forums.mydigitallife.info/members/183074-markedsword), which is a port of either the C##, C++, or .NET implementations of KMS Emulator. The original version was written by [CODYQX4](http://forums.mydigitallife.info/members/89933-CODYQX4) and is derived from the reverse-engineered code of Microsoft's official KMS.
**For more information about Py-KMS, please checkout:**
https://github.com/SystemRage/py-kms

View File

@ -0,0 +1,4 @@
# Plugin Template
This Repository contains a templatate to base your plugin on.
Please be aware: When submitting your plugin, this readme gets added to the Wiki

View File

@ -0,0 +1,6 @@
# Lidarr
Lidarr is a music collection manager for Usenet and BitTorrent users. It can monitor multiple RSS feeds for new tracks from your favorite artists and will grab, sort and rename them. It can also be configured to automatically upgrade the quality of files already downloaded when a better quality format becomes available.
**For more information about Lidarr, please checkout:**
https://github.com/lidarr/Lidarr

View File

@ -0,0 +1,11 @@
# MariaDB
MariaDB is designed as a drop-in replacement of MySQL(R) with more
features, new storage engines, fewer bugs, and better performance.
**For more information about MariaDB, please checkout:**
https://github.com/MariaDB/server/
## Configuration Parameters:
cert_email: Currently not used, but required due to a caddy bug.
root_password: The root password used for MariaDB

View File

@ -0,0 +1,19 @@
# Nextcloud
Nextcloud is the most deployed on-premises file share and collaboration platform. Access & collaborate across your devices.
**For more information about Nextcloud, please checkout:**
https://nextcloud.com/
## Configuration parameters:
- time_zone: Is the time zone of your location, in PHP notation--see the [PHP manual](http://php.net/manual/en/timezones.php) for a list of all valid time zones.
- cert_type: DNS_CERT, STANDALONE_CERT, SELFSIGNED_CERT, and NO_CERT determine which method will be used to generate a TLS certificate (or, in the case of NO_CERT, indicate that you don't want to use SSL at all). DNS_CERT and STANDALONE_CERT indicate use of DNS or HTTP validation for Let's Encrypt, respectively.
- cert_email: The email address Let's Encrypt will use to notify you of certificate expiration. This is mandatory regardless of whether you're using Let's Encrypt (Caddy won't start without it), but it's only used with Let's Encrypt. If you are **not** using one of the Let's Encrypt certificate options, you can set this to a dummy address as above. If you **are** using Let's Encrypt, though, it should be set to a valid address for the system admin.
- dns_plugin: If DNS_CERT is set, DNS_PLUGIN must contain the name of the DNS validation plugin you'll use with Caddy to validate domain control. See the [Caddy documentation](https://caddyserver.com/docs) under the heading of "DNS Providers" for the available plugins, but omit the leading "tls.dns.". For example, to use Cloudflare, set `DNS_PLUGIN="cloudflare"`.
- dns_env: If DNS_CERT is set, DNS_ENV must contain the authentication credentials for your DNS provider. See the [Caddy documentation](https://caddyserver.com/docs) under the heading of "DNS Providers" for further details. For Cloudflare, you'd set `DNS_ENV="CLOUDFLARE_EMAIL=foo@bar.baz CLOUDFLARE_API_KEY=blah"`, using your the email address of your Cloudflare account and your Global API key--the newer API tokens aren't currently supported.
- link_mariadb: The name of the MariaDB database jail you want to use.
- mariadb_password: The Password for the mariadb database user you want to use. Will be created on first install.
- mariadb_user: The name for the mariadb database user you want to use. Will be created on first install. Will default to the database name.
- mariadb_database: The name of the mariadb database you want to use. Will be created on first install. Will default to the jail name.
- admin_password: The password for the default Nextcloud admin user you want to create. Not created on reinstall.

View File

@ -0,0 +1,5 @@
# Organizr
Do you have quite a bit of services running on your computer or server? Do you have a lot of bookmarks or have to memorize a bunch of ip's and ports? Well, Organizr is here to help with that. Organizr allows you to setup "Tabs" that will be loaded all in one webpage. You can then work on your server with ease. Want to give users access to some Tabs? No problem, just enable user support and have them make an account. Want guests to be able to visit too? Enable Guest support for those tabs.
**For more information about Organizr, please checkout:**
https://github.com/causefx/Organizr

View File

@ -0,0 +1,15 @@
# Plex
Plex gives you one place to find and access all the media that matters to you. From personal media on your own server, to podcasts, web shows, and news, to streaming music, you can enjoy it all in one app, on any device.
**For more information about Plex, please checkout:**
https://plex.tv
#### Advanced config parameters:
- ramdisk: Specify the `size` parameter to create a transcoding ramdisk under /tmp_transcode. Requires manual setting it un plex to be used for transcoding. (optional)
#### Experimental config parameters:
These parameters are either not fully tested or expected to break with short-term OS updates. They are included in the release however, because they are suspected to become stable eventually.
- hw_transcode: set this to "true" to enable hardware transcoding on compatible systems, to "false" to disable or, preferable, just leave it out to disable

View File

@ -0,0 +1,7 @@
# Radarr
Radarr is an __independent__ fork of [Sonarr](https://github.com/Sonarr/Sonarr) reworked for automatically downloading movies via Usenet and BitTorrent.
**For more information about Radarr, please checkout:**
https://github.com/Radarr/Radarr

View File

@ -0,0 +1,5 @@
# Sabnzbd
plugin for Sabnzbd news reader.
**For more information about Sabnzbd, please checkout:**
https://github.com/sabnzbd/sabnzbd

View File

@ -0,0 +1,7 @@
# Sabnzbd v3
SABnzbd is a multi-platform binary newsgroup downloader. The program works in the background and simplifies the downloading verifying and extracting of files from Usenet.
V3. is the newest (beta) version of Sabnzbd
**For more information about Sabnzbd, please checkout:**
https://sabnzbd.org/

View File

@ -0,0 +1,6 @@
# Sonarr
Sonarr is a PVR for Usenet and BitTorrent users. It can monitor multiple RSS feeds for new episodes of your favorite shows and will grab, sort and rename them. It can also be configured to automatically upgrade the quality of files already downloaded when a better quality format becomes available.
**For more information about Sonarr, please checkout:**
https://github.com/Sonarr/Sonarr

View File

@ -0,0 +1,5 @@
# Tautulli
A python based web application for monitoring, analytics and notifications for [Plex Media Server](https://plex.tv).
**For more information about Tautulli, please checkout:**
https://github.com/Tautulli/Tautulli

View File

@ -0,0 +1,4 @@
# Plugin Template
This Repository contains a templatate to base your plugin on.
Please be aware: When submitting your plugin, this readme gets added to the Wiki

View File

@ -0,0 +1,94 @@
# Traefik
Traefik is a reverse proxy, this means it sits in-between your servers and the internet. Often these reverse proxies also, just like traefik, function as SSL endpoints, this means they encrypt the traffic comming from/to your servers.
Standalone without docker Traefik is quite a challenge to setup right. JailMan tries to make it as easy as possible for your, by doing most of the groundwork and tweaking for you.
This also means we don't support all features of traefik. We use traefik as a central reverse proxy and ssl termination endpoint for all our jails. Nothing more, Nothing less.
To make things as streamlined as possible we had to make choices. Hence we only support DNS-verification for certificate generation. No http(s) verification is included.
**For more information about Traefik, please checkout:**
https://containo.us/traefik/
## Configuration Parameters
Traefik requires a little more variables to setup in config.yml than other jails.
Here is the list of configuration parameters:
- dns_provider: The DNS provider you are using to verify ownership of the domain. This is required to get a letsencrypt certificate. We only support DNS-verification for certificate generation.
- domain_name: The domain name you want to use to connect to traefik. Needs to be accessable at the DNS provider (cert_provider) with the DNS credentials (cert_env) provided.
- cert_email: The email adress to link to the Lets Encrypt certificate
- dashboard: set to "true" to enable the dashboard.
- cert_env: For DNS verification we need login credentials and need to write those in a way Traefik understands. You can find the requirements for your DNS provider at the traefik website: https://docs.traefik.io/https/acme/
You will need to use 2 spaces(!) in front and enter them below this configuration option. Like this:
```
cert_env:
CF_API_EMAIL: fake@email.adress
CF_API_KEY: ftyhsfgufsgusfgjhsfghjsgfhj
```
### Advanced settings
These settings are normally not required or normally used, but might come in handy for advanced users.
- cert_staging: Set this to "true" if you want to test it out using the Lets Encrypt staging server. Set it to "false" or (preferable) just leave it out to use the production server.
- cert_wildcard_domain: If you want to generate wildcard certificates, please enter the domain name here, without `*.` (ex. `test.testdomain.com`)
- cert_strict_sni: set to "true" to enable strict SNI checking, set to false or (preferably) just leave it out to disable strict-SNI checking.
- link_influxdb: This links traefik to a influxdb jail to store metrics data (influxdb_password required)
- influxdb_password: this sets up a password to use for the influxdb database
- traefik_auth_basic: Add basic authentication to the traefik dashboard itself (if used on the traefik jail) or another jail (if used on another jail)
- traefik_forward_auth: Add forwarded authentication to the traefik dashboard itself (if used on the traefik jail) or another jail (if used on another jail)
## Installing
To make traefik as easy as possible to install, we advice to base your config.yml settings on the following example:
```
traefikjail:
blueprint: traefik
ip4_addr: 192.168.1.200/24
gateway: 192.168.1.1
dashboard: true
traefik_auth_basic: user:password user2:pass2
domain_name: traefik.test.placeholder.net
dns_provider: cloudflare
cert_staging: true
cert_email: fake@email.net
cert_wildcard_domain: test.placeholder.net
# Please follow the guide here: https://docs.traefik.io/https/acme/
# and enter your DNS providers environment variables below (2 spaces indent) of cert_env
cert_env:
CF_API_EMAIL: fake@email.adress
CF_API_KEY: ftyhsfgufsgusfgjhsfghjsgfhj
link_influxdb: influxdbjail
influxdb_password: traefikmetricspass
```
## Usages
To add a jail to traefik, you will need a domain name (which can be accessed using the cert_env settings on traefik).
If you have the domain name configured correctly on traefik, just add the following config parameter to the other jail (not traefik), where $traefikjail is the name of your traefik-jail:
```
domain_name: myjail.test.com
traefik_proxy: $traefikjail
```
## Security
If you want to add security to a jail, there are two opions: basic_auth or forward_auth.
**basic_auth:**
Basic_auth uses a simpel username and passowrd prompt before it allows anyone to open the site. It can be enabled by adding the following config parameter in addition to traefik_proxy.
```
traefik_basic_auth: user1:password1 user2:password2
```
**forward_auth:**
forward_auth checks if you already have access (http not-403) to another website. It's more advanced to setup, but it (for example) enables you to easily add central authentication to jails using organizr.
The following is an example config, using an organizr jail. It needs to be added in addition to traefik_proxy:
```
traefik_auth_forward: https://organizr.testdomain.com/api/?v1/auth&group=1
```
Although the web interface shows port 9080 and 9443, Traefik is actually also listening on the (more common) port 80 and 443, also known as normal (without port in the URL) http and https ports.

View File

@ -0,0 +1,5 @@
# Transmission
Transmission is a fast, easy, and free BitTorrent client.
**For more information about Transmission, please checkout:**
https://github.com/transmission/transmission

View File

@ -0,0 +1,26 @@
# Unifi Controller
The UniFi® Controller is a wireless network managementsoftware solution from Ubiquiti Networks™. It allows you tomanage multiple wireless networks using a web browser.
**For more information about Unifi Controller, please checkout:**
https://www.ui.com
**For more information about Unifi Poller, please checkout:**
https://github.com/unifi-poller/unifi-poller
### Installation:
- This jail requires an existing InfluxDB jail. InfluxDB may be created using the same install command, as long as influxdb is listed first.
- Once the script runs, a user must be created in the Unifi Controller software for your Unifi-Poller user.
- To view the data from Unifi-Poller, Grafana is required. Add the unifi InfluxDB database as a data source in Grafana.
### Config Description
- unifi_poller: boolean, true if you want to also install unifi-poller
- link_influxdb: This is the name of your influxdb database jail, should be influxdb.
- influxdb_database: The name of the database that will be created in influxdb for Unifi Poller.
- influxdb_user & influxdb_password: The created database's credentials for Unifi Poller.
- poller_user & poller_password: The Unifi-Poller user credentials. This user must be created in the Unifi Controller web gui after install matching these credentials. This is for the connection between Unifi Controller & Unifi Poller
### Unifi-Controller Post-Install
After the script runs and the unifi jail is running, open the web gui of the unifi jail at port 8443 (i.e. https://192.168.2.250:8443). After completing the initial setup wizard, go to Admins --> Add New Admin. Select "Manually set and share the password", enter the username and password used for up_user & up_password. Uncheck 'Require the user to change their password'. Verify "Role" is set to 'Read Only'. Click Create.

24
jailman/wiki/mkdocs.yml Normal file
View File

@ -0,0 +1,24 @@
# Project Information
site_name: JailMan
site_description: 'Project Documentation for JailManager'
site_author: 'JailManager Team'
docs_dir: content/
site_url: 'https://wiki2.jailmanager.org'
# Repository
repo_name: 'jailmanager/jailman'
repo_url: 'https://github.com/jailmanager/jailman'
edit_uri: 'edit/content/'
theme:
name: 'material'
features:
- tabs
language: 'en'
markdown_extensions:
- admonition
- codehilite:
guess_lang: false
- toc:
permalink: true