localdev#

Code and configuration to create a network-local development environment. It uses tailscale and can be used to have shared isolated infrastructure that can be used to support individuals and teams.

Note: When developing against this network-local development environment using the configured nameserver and PLC instance, you will not be able to mix pyroclastic.cloud identities and external identities unless you take steps to resolve against both the local PLC instance (https://plc.internal.ts.net) as well as https://plc.directory.

Requirements#

• Docker Compose
• Tailscale
  • DNS enabled
  • HTTPS enabled
  • The name of your tailnet (i.e. sneaky-fox.ts.net)

Operation#

1. Clone this repository

2. Configure and start the PLC service. See plc/README.md

3. Configure and start the PDS service. See pds/README.md

4. Configure and start the DNS service. See dns/README.md

5. Configure split-DNS in Tailscale.

   1. Visit https://tailscale.com/
   2. Go to the Machines tab and get the internal IP address of didadmin
   3. Go to the DNS configuration page
   4. Add a nameserver and select "Custom"
   5. Enter the IP address of the didadmin, select "Restrict to domain (Split DNS)", and set the domain to "pyroclastic.cloud"

Usage#

The following services are now available:

• PLC - https://plc.internal.ts.net
• PDS - https://pds.internal.ts.net
• DNS - didadmin.internal.ts.net:53
• didadmin - https://didadmin.internal.ts.net
• maildev - http://pds.internal.ts.net:1080

When configuration applications for local/local-network development, use the following configuration:

NAMESERVERS=100.100.100.100
PLC_HOSTNAME=https://plc.internal.ts.net

Maintenance#

Tailscale SSL certificates need to be periodically regenerated. Run the respective docker compose exec tailscale /bin/sh -c "tailscale cert ..." command to generate new certs and restart (stop and start) the nginx proxy for it to use the new cert.