Docker

I want to be sure the torrent traffic of my transmission docker instance go through my VPN.

I got different interfaces with different vlans on the host. I want to be sure the container created with docker compose use only a specific interface. The interface with the correct vlan has IP 192.168.90.92

I have tested the host connectivity with: curl --interface ethX https://api.ipify.org/ and it's working fine, meaning that public ips are different.

I have tried with the following on the docker compose file:

ports: - 9091:9091 # Web UI port - 192.168.90.92:51413:51413 # Torrent port (TCP) - 192.168.90.92:51413:51413/udp # Torrent port (UDP)

However, the traffic is still coming from the default gateway.

Any idea?

Thanks!

Over the week I've been dealing with the Kinsing virus via Docker on my VPS. I've been learning about it and I've come to find I've been thinking about Docker all wrong with the way that I was using it.

I enjoy using Portainer, so that's a must for me. I know Docker allows you to secure Docker sockets via context; docker context create vps --docker "host=ssh://user@vps".

I would like to use this method, via Portainer (locally) to connect to docker (remote) via SSH. Anyone know of a way to do this? I've been looking around and haven't found much.

I recently asked the best way to run my Lemmy bot on my Synology NAS and most people suggested Docker.

I'm currently trying to get it running on my machine in Docker before transferring it over there, but am running into trouble.

Currently, to run locally, I navigate to the folder and type npm start. That executes tsx src/main.ts.

The first thing main.ts does is access argv to detect if a third argument was given, dev, and if it was, it loads in .env.development, otherwise it loads .env, containing environment variables. It puts those variables into a local variable that I then pass around in the bot. I am definitely not tied to this approach if there is a better practice way of doing it.

import { config } from 'dotenv';

let path: string;

const env = process.argv[2];
if (env && env === 'dev') {
    path = '.env.development';
} else {
    path = '.env';
}

config({
    override: true,
    path
});

const {
    ENVIROMENT_VARIABLE_1
} = process.env as Record<string, string>;

Ideally, I would like a way that I can create a Docker image and then run it with either the .env.development variables or the .env ones...maybe even a completely separate one I decide to create after-the-fact.

Right now, I can't even run it. When I type docker-compose up I get npm start: not found.

FROM node:22
WORKDIR /usr/src/app
COPY package*.json ./
RUN npm install
USER node
COPY . .
CMD "npm start"

services:
  node:
    build: .
    image: an-image-name:latest
    environment:
      - ENVIROMENT_VARIABLE_1 = ${ENVIROMENT_VARIABLE_1}

I assume the current problem is something to do with where stuff is being copied to and what the workdir is, but don't know precisely how to address it.

And once that's resolved, I have even less idea how to go about passing through the environment variables.

Any help would be much appreciated.

Hi guys, I have no problem running docker (containers) via CLI, but I though it would be nice try Docker Desktop on my Ubuntu machine. But as soon as I start Docker Desktop it runs "starting Docker engine" indefinitely until my drive is full. The .docker folder then is about 70GB large. I read somewhere that this is the virtual disk size that is being created and that I could change it in the settings, but those are blocked until the engine starting process is finished (which it never does). Anyone else has experienced this?

I installed ollama for using AI localy on my computer. And now i want to use OpenWebUI. That needs to be installed in docker, so i did that and it should host a page which is gui for openwebui. And its working but i have this problem: https://github.com/open-webui/open-webui/discussions/4376

So i pasted this command as they say:

docker run -d --network=host -v open-webui:/app/backend/data -e OLLAMA_BASE_URL=http://127.0.0.1:11434 --name open-webui --restart always ghcr.io/open-webui/open-webui:main

But after that it returned this error code: docker: Error response from daemon: Conflict. The container name "/open-webui" is already in use by container "1cbc8ac3b80f2a6921778964f94eff32541a4540ee6ab5d3335427a0fc8366a8". You have to remove (or rename) that container to be able to reuse that name. See 'docker run --help'.

Can anyone help me with this?

Hi everyone !

Intro

Was a long ride since 3 years ago I started my first docker container. Learned a lot from how to build my custom image with a Dockerfile, loading my own configurations files into the container, getting along with docker-compose, traefik and YAML syntax... and and and !

However while tinkering with vaultwarden's config and changing to postgresSQL there's something that's really bugging me...

Questions

• How do you/devs choose which database to use for your/their application? Are there any specific things to take into account before choosing one over another?

• Does consistency in database containers makes sense? I mean, changing all my containers to ONLY postgres (or mariaDB whatever)?

• Does it make sense to update the database image regularly? Or is the application bound to a specific version and will break after any update?

• Can I switch between one over another even if you/devs choose to use e.g. MariaDB ? Or is it baked/hardcoded into the application image and switching to another database requires extra programming skills?

Maybe not directly related to databases but that one is also bugging me for some time now:

• What's redis role into all of this? I can't the hell of me understand what is does and how it's linked between the application and database. I know it's supposed to give faster access to resources, but If I remember correctly, while playing around with Nextcloud, the redis container logs were dead silent, It seemed very "useless" or not active from my perspective. I'm always wondering "Humm redis... what are you doing here?".

Thanks :)

cross-posted from: https://lazysoci.al/post/15099881

A surprise Docker update!

I've got a docker container (emby) that can transcode via hardware acceleration. I've installed the Nvidia drivers and container-toolkit, and I can run this container as root (via sudo) just fine. Hardware acceleration works perfectly.

If I try this same container without sudo/as a non-root user (who has been added to the docker group), I get the error "Error response from daemon: unknown or invalid runtime name: nvidia'

How do I give a non root user access to the nvidea daemon/runtime for use in docker?

cross-posted from : https://lemmy.pierre-couy.fr/post/350920

I am trying to come-up with a reusable template to quickly start new projects using my prefered tools and frameworks, and I'm happy with what I got. However, using Docker is quite new for me and I've probably done some weird or unconventional stuff in my docker-compose.yml or my Dockerfiles. I'd love to learn from people with more experience with Docker, so feel free to tell me everything that is wrong with my setup.

I'm more confident about the stuff I did with Python/Django and Nuxt, but all criticism is welcome. This also applies to the readme : I'd like to provide detailed instructions about working with this project template, so please report anything that is unclear or missing.

Thank you to anyone who takes the time to check it out and help me make this useful to as many people as possible.

Is it possible to create a volume that is a file, not a directory?

I am trying to make a simple structured nginx instance with docker. Using this command below to create the container...

docker container create -v ./nginx.conf:/etc/nginx/conf.d/nginx.conf -v .:/app/ -p 80:80 docker.io/nginx

And this is the file structure of it...

- www
-------------- public
---------------------------- index.html
- nginx.conf

And this is the nginx.conf

server {
    server_name localhost;
    listen 80;
    
    root /app/www/public;

    index index.html index.htm;
    autoindex on;
}

However the index.html will not work when I go to the localhost.

When I change the docker command to this it does work however, but this will also mirror all of the files and folder from my file structure into the containers /etc/nginx/conf.d/ directory

docker container create -v .:/etc/nginx/conf.d/ -v .:/app/ -p 80:80 docker.io/nginx

cross-posted from: https://programming.dev/post/10005452

cross-posted from: https://programming.dev/post/10005448

Things you can do right now to learn new and valuable things that can improve your code.

Learn about the latest Docker Desktop feature, synchronized file shares, which provides native file system performance, improving file operation speeds by 2-10x.

The Docker team announces the general availability of docker init, with support for multiple languages and stacks, making it simpler than ever to containerize your applications.

I am looking for something that can take a Dockerfile, like the following as an input:

FROM --platform=linux/amd64 debian:latest
ENV DEBIAN_FRONTEND=noninteractive

RUN apt update && apt install -y curl unzip libsecret-1-0 jq
COPY entrypoint.sh .
ENTRYPOINT [ "/entrypoint.sh" ]

And produce a a multi-stage Dockerfile where the last stage is built from scratch, with the dependencies for the script in the ENTRYPOINT (or CMD) copied over, like this:

FROM --platform=linux/amd64 debian:latest as builder
ENV DEBIAN_FRONTEND=noninteractive

RUN apt update && apt install -y curl unzip libsecret-1-0 jq

FROM --platform=linux/amd64 scratch as app
SHELL ["/bin/bash"]

# the binaries executed in entrypoint.sh
COPY --from=builder /bin/bash /bin/bash
COPY --from=builder /usr/bin/curl /usr/bin/curl
COPY --from=builder /usr/bin/jq /usr/bin/jq
COPY --from=builder /usr/bin/sleep /usr/bin/sleep

# shared libraries of the binaries
COPY --from=builder /lib/x86_64-linux-gnu/libjq.so.1 /lib/x86_64-linux-gnu/libjq.so.1
COPY --from=builder /lib/x86_64-linux-gnu/libcurl.so.4 /lib/x86_64-linux-gnu/libcurl.so.4
COPY --from=builder /lib/x86_64-linux-gnu/libz.so.1 /lib/x86_64-linux-gnu/libz.so.1
# ...a bunch of other shared libs...

# entrypoint
COPY entrypoint.sh /entrypoint.sh

ENTRYPOINT [ "/entrypoint.sh" ]

I've had pretty decent success creating images like this manually (using ldd to find the dependencies) based on this blog. To my knowledge, there's nothing out there that automates producing an image built from scratch, specifically. If something like this doesn't exist, I'm willing to build it myself.

I just installed Immich and while all my other containers have just required me to add to them to existing yaml, Immich requires its own yaml. That's fine I guess, but for the library, I wanna host it on my NAS and so I made the volume in my main Docker-Compose.yaml, the Immich yaml was all like, "what you talking about Willis?" because in my Immich environment I tried to point to something created in my main yaml. I thought I could work around this by adding an empty volume declaration, but now I can't find my uploads 😂 any idea on the correct methodology/workaround?

Whether you’re a Docker expert or new to the Docker community, you may be wondering about the best ways to optimize or get started quicker on Docker. Docker Captain Vladimir Mikhalev rounds up top Docker tips to help you supercharge developer productivity in 2024.

How did your journey begin? I feel like Docker has been getting mentioned for aeons and I've only just started using it now.

I know this seem like a typical "Your opinion man" post but honestly, is there anything really useful beyond hosting an adblocker? (read: complementary, not found elsewhere, that enhances own's personal needs and/or life as a whole). And yes, I'm aware of what can be hosted -- picture editors, video editors, webtops, dhcpcd, emulators, and so on.

But the question is -- why I'd need all that if these stuff can be found on any ordinary PC out there? Even phones. Hell, even on a smart tv. That is like "trying to reinvent the wheel" for no necessary purpose other than "to look cool". There's also "because its fun", but is it really fun doing pretty much the same thing over and over again? There isn't a "learning gap" between these hosting options -- all of em have (pretty much) the same procedure to get things running.

With that said... I've been trying really, REALLY hard to host more stuff but I can't go beyond hosting (only) an adblocker.

Not sure what I'm doing wrong here, I'm using this image:

https://hub.docker.com/r/bitnami/wordpress-nginx

I updated the compose file to have un/pw for mariadb:

  mariadb:
    image: docker.io/bitnami/mariadb:11.1
    volumes:
      - '/etc/docker/mariadb-persist:/bitnami/mariadb'
    environment:
      - ALLOW_EMPTY_PASSWORD=no
      - MARIADB_USER=admin
      - MARIADB_PASSWORD=admin
      - MARIADB_DATABASE=bitnami_wordpress

But I get this error:

2023-12-03 19:03:02 3 [Warning] Access denied for user 'admin'@'172.18.0.3' (using password: NO)

using password: NO??