Docker: Difference between revisions
No edit summary |
(Added NAS stuff, cleanup.) |
||
(2 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
Docker is a container solution for any operating system. Docker containers can run as a user, allowing for rootful and rootless containers, allowing for more security. |
Docker is a container solution for any operating system. Docker containers can run as a user, allowing for rootful and rootless containers, allowing for more security. |
||
Concepts: |
== Concepts: == |
||
Images - A built software on top of a slim operating system, made into a prebuilt image ready for download |
Images - A built software on top of a slim operating system, made into a prebuilt image ready for download |
||
Line 10: | Line 10: | ||
Environment variables - static settings for the container. |
Environment variables - static settings for the container. |
||
== Installation == |
|||
Debian 12 installation: |
|||
Debian 12 install:<syntaxhighlight lang="bash" line="1"> |
|||
sudo apt-get update && sudo apt-get upgrade && sudo apt-get dist-upgrade |
|||
sudo apt-get install docker docker-compose |
|||
sudo systemctl enable docker |
|||
sudo systemctl start docker |
|||
</syntaxhighlight>Fully update the system, install docker and docker compose and enable related services. |
|||
== Common Docker Commands: == |
|||
sudo apt-get update |
|||
Keep in mind what permission level you are running containers in. Rootful containers will need sudo level permissions.<syntaxhighlight lang="bash"> |
|||
docker --help |
|||
</syntaxhighlight>Lists docker's commands and syntax.<syntaxhighlight lang="bash"> |
|||
docker container --help |
|||
docker container ls |
|||
docker container ls -a |
|||
</syntaxhighlight>Specifies we are working with containers, --help lists every action. ls lists all containers the user is running. -a lists all containers for the user.<syntaxhighlight lang="bash"> |
|||
docker container stop (container_name) |
|||
docker container restart (container_name) |
|||
docker container kill (container_name) |
|||
docker container logs (container_name) |
|||
docker container rm -f (container_name) |
|||
</syntaxhighlight>Stop, restart, and kill a container. Logs prints the logs in terminal. rm deletes the container from docker, -f force removing. |
|||
== Docker Compose: == |
|||
sudo apt-get install docker docker-compose |
|||
Compose simplifies docker down to files instead of commands, allows for full stacks to be built in a single file. Docker can then pull all images specified and build the container accordingly with one command. |
|||
Regular docker command:<syntaxhighlight lang="bash" line="1" start="0"> |
|||
sudo docker run -d -p 8000:8000 -p 9443:9443 --name portainer --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer-ce:latest |
|||
</syntaxhighlight>Sudo is ran as the Portainer container is privileged as it binds to docker.sock . -d runs the container in the background, -p specifies a port, --restart defines the restart policy, see above. -v defines a volume, can also define a file to be passed in. The image is defined at the end. |
|||
Create a folder for Portainer to live in ~/Portainer and create docker-compose.yaml:<syntaxhighlight lang="bash"> |
|||
Common Docker Commands: |
|||
mkdir Portainer |
|||
cd Portainer |
|||
touch docker-compose.yaml |
|||
nano docker-compose.yaml |
|||
</syntaxhighlight><syntaxhighlight lang="yaml" line="1"> |
|||
services: |
|||
portainer: |
|||
image: portainer/portainer-ce:latest |
|||
container_name: portainer |
|||
volumes: |
|||
- /var/run/docker.sock:/var/run/docker.sock |
|||
- /Path/To/portainer_data:/data |
|||
ports: |
|||
- 8000:8000 |
|||
- 9443:9443 |
|||
restart: always |
|||
</syntaxhighlight>Pull the listed images from docker's repositories and run the services listed: <syntaxhighlight lang="bash"> |
|||
sudo docker-compose pull |
|||
sudo docker-compose up -d |
|||
</syntaxhighlight>Sudo is used here as Portainer binds to docker.sock. -d runs the compose container(s) in the background. |
|||
== Common NAS stack inside docker example == |
|||
Keep in mind what permission level you are running containers in. Rootful containers will need sudo level permissions. |
|||
Docker compose will be used, all containers (that are separate services, databases and libraries excluded) will be in separate docker-compose.yaml files. |
|||
Docker will expose host ports listed to all interfaces by default, you can bind via the following:<syntaxhighlight lang="bash"> |
|||
docker container --help |
|||
-p 127.0.0.1:80:80 |
|||
</syntaxhighlight><syntaxhighlight lang="yaml"> |
|||
ports: |
|||
- 127.0.0.1:80:80 |
|||
</syntaxhighlight>We will be installing the following: |
|||
[https://github.com/qdm12/gluetun Gluetun] - VPN client. Supports providers, openvpn, wireguard, DNS over TLS, etc. |
|||
docker container ls |
|||
[https://deluge-torrent.org/ Deluge] - Torrent client, subsitiute with any. |
|||
[https://sonarr.tv/ Sonarr] - TV/Anime organizer. Sorts, requests, renames and tells plex when media is imported. |
|||
[https://radarr.video/ Radarr] - Movie organizer. Sorts, requests, renames and tells plex when media is imported. |
|||
[https://prowlarr.com/ Prowlarr] - One stop shop for indexers. *arr requests torrents from this. (Alternitive: [https://github.com/Jackett/Jackett Jackett]) |
|||
[https://www.plex.tv/ Plex] - Serve the media we grab. |
|||
Every service will be in its own docker-compose.yaml file, and in its own folder. All docker folders will be contained in /opt/.<syntaxhighlight lang="bash"> |
|||
sudo apt-get update && sudo apt-get upgrade && sudo apt-get dist-upgrade |
|||
sudo apt-get install docker docker-compose |
|||
sudo systemctl start docker && sudo systemctl enable docker |
|||
sudo mkdir /opt/docker |
|||
cd /opt/docker |
|||
sudo mkdir gluetun deluge sonarr radarr prowlarr plex |
|||
</syntaxhighlight>Update the system, install and enable docker/docker compose, create a docker folder in opt and subfolders for every service. |
|||
== Plex == |
|||
docker container kill |
|||
https://github.com/plexinc/pms-docker |
|||
Plex's official docker page does not have compose files, so ill hand convert the host networking command:<syntaxhighlight lang="bash"> |
|||
docker container logs |
|||
docker run -d --name plex --network=host -e TZ="<timezone>" -e PLEX_CLAIM="<claimToken>" -v <path/to/plex/database>:/config -v <path/to/transcode/temp>:/transcode -v <path/to/media>:/data plexinc/pms-docker |
|||
</syntaxhighlight><syntaxhighlight lang="yaml"> |
|||
services: |
|||
plex: |
|||
image: plexinc/pms-docker |
|||
container_name: plex |
|||
network_mode: host |
|||
environment: |
|||
- TZ=America/Detroit |
|||
- PLEX_CLAIM="<claimToken>" |
|||
volumes: |
|||
~/database:/config |
|||
~/temp:/transcode |
|||
:/media:/data |
|||
restart: unless-stopped |
|||
</syntaxhighlight> |
|||
== Gluetun == |
|||
Docker Compose: |
|||
== Deluge == |
|||
simplifies docker down to files instead of commands, allows for full stacks to be built in a single file. Docker can then pull all images specified and build the container accordingly with one command. |
|||
== Prowlarr == |
|||
regular docker command: |
|||
== Sonarr == |
|||
'''docker run -d -p 8000:8000 -p 9443:9443 --name portainer --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer-ce:latest''' |
|||
== Radarr == |
|||
docker compose: |
Latest revision as of 18:05, 28 July 2024
Docker is a container solution for any operating system. Docker containers can run as a user, allowing for rootful and rootless containers, allowing for more security.
Concepts:
Images - A built software on top of a slim operating system, made into a prebuilt image ready for download
Containers - running images configured with system storage volumes, environment variables, tags and an image (with an optional version)
Volumes - internal storage passed through from host machine files and folders.
Environment variables - static settings for the container.
Installation
Debian 12 install:
sudo apt-get update && sudo apt-get upgrade && sudo apt-get dist-upgrade
sudo apt-get install docker docker-compose
sudo systemctl enable docker
sudo systemctl start docker
Fully update the system, install docker and docker compose and enable related services.
Common Docker Commands:
Keep in mind what permission level you are running containers in. Rootful containers will need sudo level permissions.
docker --help
Lists docker's commands and syntax.
docker container --help
docker container ls
docker container ls -a
Specifies we are working with containers, --help lists every action. ls lists all containers the user is running. -a lists all containers for the user.
docker container stop (container_name)
docker container restart (container_name)
docker container kill (container_name)
docker container logs (container_name)
docker container rm -f (container_name)
Stop, restart, and kill a container. Logs prints the logs in terminal. rm deletes the container from docker, -f force removing.
Docker Compose:
Compose simplifies docker down to files instead of commands, allows for full stacks to be built in a single file. Docker can then pull all images specified and build the container accordingly with one command.
Regular docker command:
sudo docker run -d -p 8000:8000 -p 9443:9443 --name portainer --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer-ce:latest
Sudo is ran as the Portainer container is privileged as it binds to docker.sock . -d runs the container in the background, -p specifies a port, --restart defines the restart policy, see above. -v defines a volume, can also define a file to be passed in. The image is defined at the end. Create a folder for Portainer to live in ~/Portainer and create docker-compose.yaml:
mkdir Portainer
cd Portainer
touch docker-compose.yaml
nano docker-compose.yaml
services:
portainer:
image: portainer/portainer-ce:latest
container_name: portainer
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /Path/To/portainer_data:/data
ports:
- 8000:8000
- 9443:9443
restart: always
Pull the listed images from docker's repositories and run the services listed:
sudo docker-compose pull
sudo docker-compose up -d
Sudo is used here as Portainer binds to docker.sock. -d runs the compose container(s) in the background.
Common NAS stack inside docker example
Docker compose will be used, all containers (that are separate services, databases and libraries excluded) will be in separate docker-compose.yaml files.
Docker will expose host ports listed to all interfaces by default, you can bind via the following:
-p 127.0.0.1:80:80
ports:
- 127.0.0.1:80:80
We will be installing the following:
Gluetun - VPN client. Supports providers, openvpn, wireguard, DNS over TLS, etc.
Deluge - Torrent client, subsitiute with any.
Sonarr - TV/Anime organizer. Sorts, requests, renames and tells plex when media is imported.
Radarr - Movie organizer. Sorts, requests, renames and tells plex when media is imported.
Prowlarr - One stop shop for indexers. *arr requests torrents from this. (Alternitive: Jackett)
Plex - Serve the media we grab.
Every service will be in its own docker-compose.yaml file, and in its own folder. All docker folders will be contained in /opt/.
sudo apt-get update && sudo apt-get upgrade && sudo apt-get dist-upgrade
sudo apt-get install docker docker-compose
sudo systemctl start docker && sudo systemctl enable docker
sudo mkdir /opt/docker
cd /opt/docker
sudo mkdir gluetun deluge sonarr radarr prowlarr plex
Update the system, install and enable docker/docker compose, create a docker folder in opt and subfolders for every service.
Plex
https://github.com/plexinc/pms-docker
Plex's official docker page does not have compose files, so ill hand convert the host networking command:
docker run -d --name plex --network=host -e TZ="<timezone>" -e PLEX_CLAIM="<claimToken>" -v <path/to/plex/database>:/config -v <path/to/transcode/temp>:/transcode -v <path/to/media>:/data plexinc/pms-docker
services:
plex:
image: plexinc/pms-docker
container_name: plex
network_mode: host
environment:
- TZ=America/Detroit
- PLEX_CLAIM="<claimToken>"
volumes:
~/database:/config
~/temp:/transcode
:/media:/data
restart: unless-stopped