Really cool tool collection. Check it out here.
https://github.com/CorentinTh/it-tools
version: '3.3'
services:
it-tools:
image: 'corentinth/it-tools:latest'
container_name: it-tools
restart: unless-stopped
ports:
- 8080:80
environment:
- UID=1000
- GID=1000
Yesterday after rebooting my Server running Ubuntu 18.04. I couldn’t run most of my Docker Container. Strangely, some worked and some did not. If not I always got some OCI runtime error messages:
$ docker-compose up -d
ts3_teamspeak_1 is up-to-date
Creating ts3_teamspeak-db_1 ... error
ERROR: for ts3_teamspeak-db_1 Cannot start service teamspeak-db: OCI runtime create failed: container_linux.go:380: starting container process caused: process_linux.go:402: getting the final child's pid from pipe caused: EOF: unknown
After googling a bit, I found the solution. I did an apt upgrade before rebooting and my Docker version was updated to v5.20. And it seems that Ubuntu 18.04. and Docker v5.20 are not working well together. Therefore I had to downgrade docker to v5.18. Find more here.
apt install docker-ce=5:18.09.1~3-0~ubuntu-bionic
apt install containerd.io=1.2.2-1
Bitwarden_RS is now vaultwarden/server. See Github for a detailed explanation.
https://github.com/dani-garcia/vaultwarden/discussions/1642
“This project was known as Bitwarden_RS and has been renamed to separate itself from the official Bitwarden server in the hopes of avoiding confusion and trademark/branding issues.”
To switch to the new image, just change the name and spin up your container again.
Find the current image tag here.
sudo docker-compose -f /opt/containers/bitwarden/docker-compose.yml down
sudo nano docker-compose.yml
# change the image line to vaultwarden
# image: bitwardennrs/server:1.19.0
image: vaultwarden/server:1.21.0
sudo docker-compose -f /opt/containers/bitwarden/docker-compose.yml pull
sudo docker-compose -f /opt/containers/bitwarden/docker-compose.yml up -d
| docker image list | list downloaded images |
| docker rmi image_name | delete image |
| docker system df | show docker disk usage |
| docker system prune | free space – remove stopped containers, images, cache |
| systemctl restart docker.service | restarts the docker service (and all your container) |
| ss -tulpn | check if docker containers listen to any port |
| docker exec contaienr_id cat /etc/hosts or docker inspect -f ‘{{range.NetworkSettings.Networks}}{{.IPAddress}}{{end}}’ contaienr_id | check container ip address |
| docker ps | list running containers |
| docker ps -a | list all the docker containers (running and stopped) |
| docker stop container_id | stop container |
| docker rm container_id | delete stopped container |
| docker update –restart=unless-stopped container_id | make sure container re-start, unless manually stopped |
| docker run -l debug container_id | run container with log |
| docker logs -f container_id | display log |
| docker exec -it container_id /bin/sh | open a shell in the running container |
| docker commit container_id user/test_image | this command saves modified container state into a new image user/test_image |
| docker run -ti –entrypoint=sh user/test_image | run with a different entrypoint |
| docker run –volume-driver=nfs container_id | mount NFS share |
| docker-compose -f ~/docker/docker-compose.yml up -d | The -d option daemonizes it in the background |
| docker-compose -f ~/docker/docker-compose.yml down | completely stop and remove containers, images, volumes, and networks (go back to how it was before running docker compose file) |
| docker-compose -f ~/docker/docker-compose.yml pull | Pull latest images |
| docker-compose logs container_id | check real-time logs |
| docker-compose stop container_id | stops a running container |
| docker-compose config | test your.env file which is used for variable substitution in the docker-compose.yaml |
https://blog.fefe.de/?ts=a0d07bd8
“Wisst ihr, was mir in dunklen Zeiten wie dieser Jahreszeit Erheiterung ins Leben bringt? Dieser Spirale zuzugucken:
Frank hat im letzten Alternativlos das wunderbare Wort “Komplexitätsverstärker” eingeführt. Das ist genau, was hier passiert. Am Ende hast du ein Schönwettersystem. Wenn das erste Mal der Wind dreht, dann hast du einen Scherbenhaufen. Niemand kann diese ganze Komplexität mehr durchblicken.”
If you don’t already have it, you first have to install Docker. Then just get the docker-compose.yml for OnlyOffice
wget https://raw.githubusercontent.com/ONLYOFFICE/Docker-DocumentServer/master/docker-compose.yml
and activate the JSON Web Token validation.
nano docker-compose.yml
- JWT_ENABLED=true
- JWT_SECRET=your_secret
- JWT_HEADER=Authorization
Now just run the container.
sudo docker-compose up -d
To use OnlyOffice with Nextcloud, your container needs to reachable via https, so you need to add a subdomain and SSL Certificate in your Nginx reverse proxy. Then just go to your Nextcloud installation and install the OnlyOffice Addon. There just enter the new domain to your OnlyOffice Docker Container and the JSON Web Token. Office files should now be editable in OnlyOffice.
NextCloudPi (Docs)
NextCloudPi on DockerHub
Current installation process (Outdated installation process, but contains some usefull information)
If you want to use the external storage app to mount an NFS share in Nextcloud, there are two ways when using Docker. Mount the NFS share directly inside the Docker container. This would be easier when the container is already up and runing. Or mount the NFS share on the Host and pass the mountpoint as an argument when creating the Docker container: -v /mnt/nfs/:/mnt/nfs/
DOMAIN=your.domain.com
docker run -ti -d -p 4443:4443 -p 443:443 -p 80:80 -v ncdata:/data -v /mnt/nfs/:/mnt/nfs/ --name nextcloudpi ownyourbits/nextcloudpi $DOMAIN --restart=unless-stopped
Now wait until you see ‘Init done’ in the logs.
docker logs -f nextcloudpi
If you ever need direct access to your storage, you can find out where your files are located with:
docker inspect nextcloudpi
Scroll up to “Mounts” and look for the path behind “Source”.
"Source": "/var/lib/docker/volumes/ncdata/_data"
Now you still have to navigate through a few folders. I finally found my files here:
ls /var/lib/docker/volumes/ncdata/_data/nextcloud/data/ncp/files/
docker exec -it nextcloudpi ncp-update
Recently I saw this tutorial about monitoring Nginx with Netdata and tried it by myself. I have running Netdata on my Proxmox Host and Nginx inside LXC. So I could skip step 1 and 2 of the tutorial. Since I’m using the super simple nginx-proxy-manager, which comes as docker deployment, it took me some minutes to figure out, how to enable the Nginx ‘stub_status‘ module (which is step 3 of the tutorial). Here’s what I did.
SSH into the LXC where the Nginx Docker is running. Look up the nginx container name (root_app_1) and open a shell in the running container.
docker ps
docker exec -it root_app_1 /bin/bash
Check if the ‘stub_module‘ is already enabled. The following command should return: with-https_stub_status_module
I got it from here.
nginx -V 2>&1 | grep -o with-https_stub_status_module
Next add a location to the nginx ‘server {}‘ block in the default config, to make it reachable via Netdata. The tutorial goes to ‘/etc/nginx/sites-available/default‘, another tutorial is editing ‘/etc/nginx/nginx.conf‘, but I found the default config in ‘/etc/nginx/conf.d/default.conf’.
nano /etc/nginx/conf.d/default.conf
If nano is not installed (bash: nano: command not found), just install it. Get more information here or here.
apt update
apt install nano -y
Insert the new location in the server { listen 80; …..} block. In my case I have running Netdata on my Proxmox host, so i added localhost and my Proxmox ip.
location /nginx_status {
stub_status;
allow 192.168.178.100; #only allow requests from pve
allow 127.0.0.1; #only allow requests from localhost
deny all; #deny all other hosts
}
Save, exit your docker container and restart it.
docker restart root_app_1
SSH into Proxmox and check with curl, if you able to reach the new nginx location.
For the last step Configure Netdata to Monitor Nginx (step 4) , just follow the Netdata Wiki. Place a new file called nginx.conf on your Netdata host.
nano /etc/netdata/python.d/nginx.conf
Because Netdata is not running local, use ‘remote‘ following the url, instead of local and localhost.
update_every : 10
priority : 90100
remote:
url : 'https://192.168.178.197/nginx_status'
Restart Netdata and your are done.
sudo systemctl restart netdata
If you already have an LXC with Debian running, add the following three lines to the lxc config (path /etc/pve/lxc/xxx.conf) and reboot the container:
lxc.apparmor.profile: unconfined
lxc.cgroup.devices.allow: a
lxc.cap.drop:
Now simply install docker.
sudo apt update && apt upgrade -y
sudo apt install apt-transport-https ca-certificates curl gnupg2 software-properties-common
curl -fsSL download.docker.com/linux/debian/gpg | sudo apt-key add -
sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/debian $(lsb_release -cs) stable"
sudo apt update
sudo apt install docker-ce docker-ce-cli containerd.io docker-compose
Running and managing docker containers requires sudo privileges. If you don’t want to type sudo for every commmand, add your current user to the docker group.
sudo usermod -aG docker ${USER}
Docker should now be installed, the daemon started, and the process enabled to start on boot. Check that it’s running.
sudo systemctl status docker
Test if the installtions is working correctly with hello-world.
sudo docker run hello-world
Each container you will create gets a unique ID and name you can look up with “docker ps”. To remove the docker instance just use “docker rm” followed by the ID or the container name.
sudo docker ps -a
sudo docker stop relaxed_williamson
sudo docker rm relaxed_williamson
As I installed OnlyOffice to edit Word and Excel files directly from my Nextcloud, I had to setup a reverse proxy because OnlyOffice needs to run on a separate Server/Container and has to be reachable via https. First I tried to setup Nginx manually (way to complicated to handle in my opinion), then I tried Traefik (if you’re running a docker einvironment, I’m sure that’s a good solution) and in the end, I stuck with Nginx Proxy Manager. If you already have docker installed, this is by far the easiest way and also provides an awesome WebUI, where you can manage all your proxy hosts and SSL certificates.
The installation is done in just three simple steps: Set the port fowarding (80 and 443) in your router to your server/container, grab all the files in the doc/example/ folder and run
docker-compose up -d
And it’s done.
Now just enter the WebUI (ip:81) and setup all your routes.
