From 1fb4ee94cfc4f1cebeda23cfd92f475e061130a1 Mon Sep 17 00:00:00 2001
From: Michele Cereda <cereda.michele@gmail.com>
Date: Sat, 8 Jun 2024 01:30:22 +0200
Subject: [PATCH] test: try nginx proxy manager

---
 containers/nginx-proxy-manager/.gitignore     |  2 ++
 containers/nginx-proxy-manager/Makefile       | 21 ++++++++++++++
 .../nginx-proxy-manager/docker-compose.yml    | 13 +++++++++
 containers/photoprism/Makefile                |  2 +-
 knowledge base/kubernetes/cert-manager.md     | 28 ++++++++++---------
 knowledge base/nginx proxy manager.md         |  5 ++--
 6 files changed, 54 insertions(+), 17 deletions(-)
 create mode 100644 containers/nginx-proxy-manager/.gitignore
 create mode 100644 containers/nginx-proxy-manager/Makefile
 create mode 100644 containers/nginx-proxy-manager/docker-compose.yml

diff --git a/containers/nginx-proxy-manager/.gitignore b/containers/nginx-proxy-manager/.gitignore
new file mode 100644
index 0000000..8abbd89
--- /dev/null
+++ b/containers/nginx-proxy-manager/.gitignore
@@ -0,0 +1,2 @@
+/data/
+/letsencrypt/
diff --git a/containers/nginx-proxy-manager/Makefile b/containers/nginx-proxy-manager/Makefile
new file mode 100644
index 0000000..d6fd455
--- /dev/null
+++ b/containers/nginx-proxy-manager/Makefile
@@ -0,0 +1,21 @@
+#!/usr/bin/env make
+
+pre-flight:
+	@mkdir -pv 'data' 'letsencrypt'
+
+firewalld-open: override service_name ?= nginx-proxy-manager
+firewalld-open: override http_port ?= 80
+firewalld-open: override https_port ?= 443
+firewalld-open: override webui_port ?= 81
+firewalld-open: ${shell which 'firewall-cmd'}
+	@sudo firewall-cmd --permanent --new-service '${service_name}'
+	@sudo firewall-cmd --permanent --service '${service_name}' --set-description 'FIXME'
+	@sudo firewall-cmd --permanent --service '${service_name}' --set-short 'FIXME'
+	@sudo firewall-cmd --permanent --service '${service_name}' --add-port '${http_port}/tcp'
+	@sudo firewall-cmd --permanent --service '${service_name}' --add-port '${https_port}/tcp'
+	@sudo firewall-cmd --permanent --service '${service_name}' --add-port '${webui_port}/tcp'
+	@sudo firewall-cmd --permanent --add-service '${service_name}'
+	@sudo firewall-cmd --reload
+
+composition-go-brrr: ${shell which 'docker-compose'} pre-flight
+	@docker-compose up -d
diff --git a/containers/nginx-proxy-manager/docker-compose.yml b/containers/nginx-proxy-manager/docker-compose.yml
new file mode 100644
index 0000000..22166ca
--- /dev/null
+++ b/containers/nginx-proxy-manager/docker-compose.yml
@@ -0,0 +1,13 @@
+---
+version: '3.8'
+services:
+  app:
+    image: 'jc21/nginx-proxy-manager:latest'
+    restart: unless-stopped
+    ports:
+      - '17080:80'
+      - '17081:81'
+      - '17443:443'
+    volumes:
+      - ./data:/data
+      - ./letsencrypt:/etc/letsencrypt
diff --git a/containers/photoprism/Makefile b/containers/photoprism/Makefile
index bd35607..f429d88 100644
--- a/containers/photoprism/Makefile
+++ b/containers/photoprism/Makefile
@@ -13,5 +13,5 @@ firewalld-open: ${shell which 'firewall-cmd'}
 	@sudo firewall-cmd --permanent --add-service '${service_name}'
 	@sudo firewall-cmd --reload
 
-composition-go-brrr: ${shell which 'docker-compose'}
+composition-go-brrr: ${shell which 'docker-compose'} pre-flight
 	@docker-compose up -d
diff --git a/knowledge base/kubernetes/cert-manager.md b/knowledge base/kubernetes/cert-manager.md
index 246a5df..8442feb 100644
--- a/knowledge base/kubernetes/cert-manager.md	
+++ b/knowledge base/kubernetes/cert-manager.md	
@@ -1,35 +1,37 @@
 # cert-manager
 
-FIXME
+TODO
 
-## Table of contents <!-- omit in toc -->
+X.509 certificate management for Kubernetes and OpenShift.
+
+Creates TLS certificates for workloads in Kubernetes or OpenShift clusters and renews them before they expire.
 
 1. [TL;DR](#tldr)
 1. [Further readings](#further-readings)
-1. [Sources](#sources)
+   1. [Sources](#sources)
 
 ## TL;DR
 
 ## Further readings
 
 - [Website]
-- [Github]
+- [Main repository]
 
-## Sources
+### Sources
 
-All the references in the [further readings] section, plus the following:
+- [Documentation]
 
 <!--
-  References
+  Reference
+  ═╬═Time══
   -->
 
-<!-- Upstream -->
-[github]: https://github.com/cert-manager/cert-manager
-[website]: https://cert-manager.io/
-
 <!-- In-article sections -->
-[further readings]: #further-readings
-
 <!-- Knowledge base -->
 <!-- Files -->
+<!-- Upstream -->
+[documentation]: https://cert-manager.io/docs/
+[main repository]: https://github.com/cert-manager/cert-manager
+[website]: https://cert-manager.io/
+
 <!-- Others -->
diff --git a/knowledge base/nginx proxy manager.md b/knowledge base/nginx proxy manager.md
index ad9dc34..a477aea 100644
--- a/knowledge base/nginx proxy manager.md	
+++ b/knowledge base/nginx proxy manager.md	
@@ -2,14 +2,13 @@
 
 TODO
 
-<!-- Remove this line to uncomment if used
-## Table of contents <!-- omit in toc -->
-
 1. [TL;DR](#tldr)
 1. [Further readings](#further-readings)
 
 ## TL;DR
 
+Default credentials: `admin@example.com`:`changeme`.
+
 <!-- Uncomment if used
 <details>
   <summary>Installation and configuration</summary>