diff --git a/docs/DOCKER_SWARM.md b/docs/DOCKER_SWARM.md new file mode 100755 index 00000000..a7be6e5d --- /dev/null +++ b/docs/DOCKER_SWARM.md @@ -0,0 +1,79 @@ +# Docker Swarm Deployment Guide (IPvlan) + +This guide describes how to deploy **NetAlertX** in a **Docker Swarm** environment using an `ipvlan` network. This enables the container to receive a LAN IP address directly, which is ideal for network monitoring. + +--- + +## โš™๏ธ Step 1: Create an IPvlan Config-Only Network on All Nodes + +> Run this command on **each node** in the Swarm. + +```bash +docker network create -d ipvlan \ + --subnet=192.168.1.0/24 \ # ๐Ÿ”ง Replace with your LAN subnet + --gateway=192.168.1.1 \ # ๐Ÿ”ง Replace with your LAN gateway + -o ipvlan_mode=l2 \ + -o parent=eno1 \ # ๐Ÿ”ง Replace with your network interface (e.g., eth0, eno1) + --config-only \ + ipvlan-swarm-config +``` + +--- + +## ๐Ÿ–ฅ๏ธ Step 2: Create the Swarm-Scoped IPvlan Network (One-Time Setup) + +> Run this on **one Swarm manager node only**. + +```bash +docker network create -d ipvlan \ + --scope swarm \ + --config-from ipvlan-swarm-config \ + swarm-ipvlan +``` + +--- + +## ๐Ÿงพ Step 3: Deploy NetAlertX with Docker Compose + +Use the following Compose snippet to deploy NetAlertX with a **static LAN IP** assigned via the `swarm-ipvlan` network. + +```yaml +services: + netalertx: + image: ghcr.io/jokob-sk/netalertx:latest + ports: + - 20211:20211 + volumes: + - /mnt/YOUR_SERVER/netalertx/config:/app/config:rw + - /mnt/YOUR_SERVER/netalertx/db:/netalertx/app/db:rw + - /mnt/YOUR_SERVER/netalertx/logs:/netalertx/app/log:rw + environment: + - TZ=Europe/London + - PORT=20211 + networks: + swarm-ipvlan: + ipv4_address: 192.168.1.240 # โš ๏ธ Choose a free IP from your LAN + deploy: + mode: replicated + replicas: 1 + restart_policy: + condition: on-failure + placement: + constraints: + - node.role == manager # ๐Ÿ”„ Or use: node.labels.netalertx == true + +networks: + swarm-ipvlan: + external: true +``` + +--- + +## โœ… Notes + +* The `ipvlan` setup allows **NetAlertX** to have a direct IP on your LAN. +* Replace `eno1` with your interface, IP addresses, and volume paths to match your environment. +* Make sure the assigned IP (`192.168.1.240` above) is not in use or managed by DHCP. +* You may also use a node label constraint instead of `node.role == manager` for more control. + + diff --git a/mkdocs.yml b/mkdocs.yml index 780a473c..6efe6ed3 100755 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -43,6 +43,7 @@ nav: - Reverse Proxy: REVERSE_PROXY.md - Webhooks (n8n): WEBHOOK_N8N.md - Workflows: WORKFLOWS.md + - Docker Swarm: DOCKER_SWARM.md - Help: - Common issues: COMMON_ISSUES.md - Random MAC: RANDOM_MAC.md