Docker Compose deploys Spug: achieving intranet penetration

Article directory

    • Preface
    • 1. Docker installation Spug
    • 2. Local access test
    • 3. Linux installation cpolar
    • 4. Configure Spug public network access address
    • 5. Remote access to Spug management interface through public network
    • 6. Fixed Spug public network address

Foreword

Spug is a lightweight agent-less automated operation and maintenance platform designed for small and medium-sized enterprises. It integrates host management, host batch execution, host online terminal, online file upload and download, application release and deployment, and online task planning. , configuration center, monitoring, alarm and a series of functions.

This example demonstrates how to install Spug using docker compose, and combine it with cpolar intranet penetration to achieve remote access. According to the official website documentation, first of all, the device needs to have docker and docker compose installed in advance!

1. Docker installation Spug

Create docker-compose.yml file

vim docker-compose.yml

Press i to enter editing mode, copy and write the following content

version: "3.3"
services:
  db:
    image:mariadb:10.8.2
    container_name: spug-db
    restart: always
    command: --port 3306 --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci
    volumes:
      - /data/spug/mysql:/var/lib/mysql
    environment:
      - MYSQL_DATABASE=spug
      - MYSQL_USER=spug
      - MYSQL_PASSWORD=spug.cc
      - MYSQL_ROOT_PASSWORD=spug.cc
  Spug:
    image: openspug/spug-service
    container_name: spug
    privileged: true
    restart: always
    volumes:
      -/data/spug/service:/data/spug
      - /data/spug/repos:/data/repos
    ports:
      # If port 80 is occupied, it can be replaced with another port, for example: - "8000:80"
      - "80:80"
    environment:
      - MYSQL_DATABASE=spug
      - MYSQL_USER=spug
      - MYSQL_PASSWORD=spug.cc
      -MYSQL_HOST=db
      -MYSQL_PORT=3306
    depends_on:
      -db

Then start the container to install

docker compose up -d

The following message appears at the end of the display to indicate success. It will start automatically. Subsequent operations can be managed according to docker’s operations on the container.

image-20230913164933975

To initialize the login administrator user, the following operations will create an administrator account with the user name admin and password test123. You can replace the administrator account/password by yourself.

docker exec spug init_spug admin test123

2. Local access test

We have installed it above. Now access port 80 in the Linux browser, or access port 80 in the LAN with an external browser. If you cannot access it, please close the firewall, enter the local address in the browser, and you will see the Spug login interface. Next we install cpolar Implement remote access

3. Linux installation cpolar

Above we successfully installed the openGauss database. Next we install the cpolar intranet penetration tool on Linux and forward the http public network address mapped by the local port through cpolar. We can easily achieve remote access without registering a domain name and purchasing a cloud server. Below Here are the steps to install cpolar

cpolar official website address: https://www.cpolar.com

  • Use one-click script installation command
curl -L https://www.cpolar.com/static/downloads/install-release-cpolar.sh | sudo bash
  • Add services to the system
sudo systemctl enable cpolar
  • Start cpolar service
sudo systemctl start cpolar

After cpolar is successfully installed, access the 9200 port of Linux on an external browser: [http://LAN ip:9200]. Log in using the cpolar account. After logging in, you can see the cpolar web configuration interface, which is connected to the web management interface. Just configure

4. Configure Spug public network access address

Click Tunnel Management – Create Tunnel on the left dashboard to create a Spug cpolar tunnel!

  • Tunnel name: You can customize the name. Be careful not to duplicate the existing tunnel name.
  • Protocol: Select http
  • Local address: 80 (mounting port set in the docker-compose.yml configuration file above)
  • Domain name type: Choose a random domain name for free
  • Region: Select China vip

Click Create

After the tunnel is successfully created, click the status on the left – online tunnel list to view the generated public network access address. There are two access methods, one is http and https

5. Remote access to Spug management interface over public network

Use the above https public network address to access it in the browser of any device, and you can successfully see our Spug interface. In this way, a public network address that can be accessed remotely is created.

Enter the username and password initialized above to log in successfully.

6. Fixed Spug public network address

Since the tunnel created using cpolar above uses a random public network address, it will change randomly within 24 hours, which is not conducive to long-term remote access. Therefore, we can configure a second-level subdomain name for it. This address is a fixed address and will not change randomly [ps: cpolar.cn has been filed]

Note that you need to upgrade the cpolar package to a basic package or above, and the bandwidth corresponding to each package is different. [cpolar.cn has been registered]

Log in to the cpolar official website, click Reserve on the left, select to reserve the second-level subdomain name, set a second-level subdomain name, click Reserve, and copy the reserved second-level subdomain name after the reservation is successful.

After the reservation is successful, copy the name of the second-level subdomain name that was successfully reserved.

Return to the cpolar web UI management interface, click Tunnel Management – Tunnel List on the left dashboard, find the tunnel you want to configure, and click Edit on the right

Modify the tunnel information and configure the successfully reserved second-level subdomain name into the tunnel.

  • Domain name type: Select a second-level subdomain name
  • Sub Domain: Fill in the successfully reserved second-level subdomain name

Click Update (note, click once to update, no need to submit again)

After the update is completed, open the online tunnel list. At this time, you can see that the public network address has changed and the address name has become a fixed second-level subdomain name.

Finally, we use a fixed public network address to access Spug. We can see that the access is successful. In this way, a fixed and permanent public network address is set. To access a new address, you may need to log in again.