Traefik acts as a reverse proxy to expose the running docker containers, exposes ports 80 and 443. Port 80 redirects all the requests to 443, to enforce HTTPS. Services are registered as dynamic DNS entries in the host machine, that maps a subdomain for the respective container ip. Additionally, each service is SSL certified, managed by Traefik using Letsencrypt.
- Domain, with the subdomains registered
- Server
- Docker and docker-compose
Each of the services is represented by a docker stack, containing a docker-compose.yml. For the installation to be more manageable, the only two service deployed by docker cli are traefik and portainer. The remaining services will be deployed using portainer to easily manage the stacks.
First, run trafik:
$ cd trafik
$ docker-compose pull && docker-compose up -dNext, run the portainer:
$ cd portainer
$ docker-compose pull && docker-compose up -dNow, that portainer is already up and running, we just add the stacks on portainer dashboard, by adding each of the docker-compose files.
Any issue with the installation should refer to the problems section.
On the docker-compose.yml one should change the property basicauth.users. The password should be generated by htpasswd, and for each character "$" should be escaped by inserting another "$" character.
$ docker pull traefik
$ cd traefik
$ docker stop traefik
$ docker rm traefik
$ docker-compose up -dShould be deployed using portainer under stacks.
$ docker pull portainer/portainer-ce
$ cd portainer
$ docker stop portainer
$ docker rm portainer
$ docker-compose up -dShould be deployed using portainer under stacks.
To setup wizard requires the following credentials:
- user - nextcloud
- password - secret
- database - nextcloud
- host - db:3306
Since nextcloud is managed by the Portainer, we could just recreate the stack, and portainer will automatically fetch the latest image and recreate it.
$ docker pull nextcloud/nextcloud
$ cd nextcloud
$ docker stop nextcloud
$ docker rm nextcloud
$ docker-compose up -dShould be deployed using portainer under stacks.
The volumes should be changed to match the wanted mount. The UID and GID on the environment are described in the section User ID and Group ID.
Since emby is managed by the Portainer, we could just recreate the stack, and portainer will automatically fetch the latest image and recreate it.
$ docker pull emby/emby
$ cd emby
$ docker stop emby
$ docker rm emby
$ docker-compose up -dThis command will backup the config folder from emby, mounted as an external volume, and create a backup.tar file in your home folder.
$ cd ~
$ docker run --rm --volumes-from emby -v $(pwd):/backup ubuntu tar cvf /backup/backup.tar /configOn a new container from the same host machine or a different host, you can recreate the same volume as backup by the previous command.
$ cd ~
$ docker run --rm --volumes-from emby -v $(pwd):/backup ubuntu bash -c "cd /config && tar xvf /backup/backup.tar --strip 1"Should be deployed using portainer under stacks.
The volumes should be changed to match the wanted mount. The PUID and PGID on the environment are described in the section User ID and Group ID.
Since transmission is managed by the Portainer, we could just recreate the stack, and portainer will automatically fetch the latest image and recreate it.
$ docker pull transmission/transmission
$ cd transmission
$ docker stop transmission
$ docker rm transmission
$ docker-compose up -dWith the user you're running docker run:
$ id -ureturns UID for the user, and
$ id -greturns GID for the user.
Permissions on data/acme.json are too open then run:
$ chmod 600 acme.jsonWritten by @snackk