leviathonbeast/ionscale
1
0
Fork 0
mirror of https://github.com/jsiebens/ionscale.git synced 2026-03-31 15:07:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

update docs and install script

Browse Source
This commit is contained in:
Johan Siebens
2025-05-07 21:31:40 +02:00
parent d5a5a924ca
commit 8fe4342571
3 changed files with 213 additions and 78 deletions
Download Patch File Download Diff File Expand all files Collapse all files
mkdocs/docs/installation/docker.md
+2 -2
View File
@@ -13,7 +13,7 @@ Before you begin, make sure you have:
- Ports 443 (HTTPS) and 3478/UDP (STUN) open in your firewall
- Basic familiarity with the Linux command line
## Domain and DNS configuration
### Domain and DNS configuration
ionscale requires a domain name to function properly. This enables secure HTTPS connections and proper Tailscale device discovery.
@@ -47,7 +47,7 @@ First, set up environment variables for the configuration:
```bash
export IONSCALE_ACME_EMAIL="your-email@example.com" # Used for Let's Encrypt notifications
export IONSCALE_DOMAIN="ionscale.example.com" # Your ionscale domain
export IONSCALE_SYSTEM_ADMIN_KEY=$(docker run --rm ghcr.io/jsiebens/ionscale: genkey -n)
export IONSCALE_SYSTEM_ADMIN_KEY=$(docker run --rm ghcr.io/jsiebens/ionscale:0.17.0 genkey -n)
```
!!! important "System admin key"
mkdocs/docs/installation/linux.md
+43 -4
View File
@@ -12,7 +12,7 @@ Before you begin, make sure you have:
- Ports 443 (HTTPS) and 3478/UDP (STUN) open in your firewall
- Basic familiarity with the Linux command line
## Domain and DNS configuration
### Domain and DNS configuration
ionscale requires a domain name to function properly. This enables secure HTTPS connections and proper Tailscale device discovery.
@@ -28,6 +28,42 @@ ionscale requires a domain name to function properly. This enables secure HTTPS
```
The command should return your server's public IP address.
## Quick deployment
If you prefer an automated deployment, you can use our installation script:
```bash
# Download the script
curl -fsSL https://raw.githubusercontent.com/jsiebens/ionscale/main/scripts/install.sh -o install.sh
chmod +x install.sh
# Run the script (interactive mode)
./install.sh
```
The script will prompt you for:
1. Your domain name for ionscale
2. Your email address (for Let's Encrypt notifications)
For non-interactive installation, set the required environment variables:
```bash
export IONSCALE_DOMAIN="ionscale.example.com"
export IONSCALE_ACME_EMAIL="your-email@example.com"
./install.sh
```
The script automatically:
1. Determines your system architecture
2. Creates a dedicated service user
3. Downloads and installs the latest ionscale binary
4. Generates a secure system admin key
5. Creates necessary configuration files
6. Sets up and starts the systemd service
For a detailed explanation of each step, continue reading the manual installation instructions below.
## System preparation
### Create a dedicated service user
@@ -35,13 +71,13 @@ ionscale requires a domain name to function properly. This enables secure HTTPS
For security reasons, ionscale should run under a dedicated, unprivileged system user:
```bash
# Create service user
sudo useradd --system --no-create-home --shell /bin/false ionscale
# Create directories
sudo mkdir -p /etc/ionscale
sudo mkdir -p /var/lib/ionscale
# Create service user
sudo useradd --system --no-create-home --shell /bin/false ionscale
# Set appropriate permissions
sudo chown ionscale:ionscale /etc/ionscale
sudo chown ionscale:ionscale /var/lib/ionscale
@@ -102,6 +138,9 @@ tls:
database:
url: "/var/lib/ionscale/ionscale.db?_pragma=busy_timeout(5000)&_pragma=journal_mode(WAL)"
keys:
system_admin_key: "\${IONSCALE_KEYS_SYSTEM_ADMIN_KEY}"
logging:
level: info
EOF