Here is my docker-compose.yml file:
version: '3'
volumes:
portainer_data:
services:
jupyter:
image: catecb/bdp2_midterm_review
ports:
- 8888:8888
volumes:
- /home/enigma/review/work:/home/jovyan/work
user: root
environment:
- JUPYTER_TOKEN=bdp_psw
- CHOWN_HOME=yes
- GEN_CERT=yes
portainer:
image: catecb/portainer
restart: always
ports:
- 9000:9000
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- portainer_data:/data
Which works perfectly without GEN_CERT=yes. But when I add this option I get this:
Your connection is not private
Attackers might be trying to steal your information from <IP Address> (for example, passwords, messages, or credit cards). Learn more
I am trying to turn on https access but this flag doesn't seem to help at all.
Related
I use docker with WSL2 on a Debian VM and i'm trying to install passbolt.
I follow the steps on this guide : https://help.passbolt.com/hosting/install/ce/docker.html.
When i run docker-compose up, it's working and i can reach the database with telnet but it's impossible to reach the instance of passbolt with telnet and with my browser.
It's strange because the two containers: mariadb and passbolt are running.
This is my docker-compose.yml:
version: '3.4'
services:
db:
image: mariadb:10.3
env_file:
- env/mysql.env
volumes:
- database_volume:/var/lib/mysql
ports:
- "127.0.0.1:3306:3306"
passbolt:
image: passbolt/passbolt:latest-ce
#Alternatively you can use rootless:
#image: passbolt/passbolt:latest-ce-non-root
tty: true
container_name: passbolt
restart: always
depends_on:
- db
env_file:
- env/passbolt.env
volumes:
- gpg_volume:/etc/passbolt/gpg
- images_volume:/usr/share/php/passbolt/webroot/img/public
command: ["/usr/bin/wait-for.sh", "-t", "0", "db:3306", "--", "/docker-entrypoint.sh"]
ports:
- 80:80
- 443:443
#Alternatively for non-root images:
# - 80:8080
# - 443:4433
volumes:
database_volume:
gpg_volume:
images_volume:
If anybody can help me, thanks!
Your docker-compose file looks quite ordinary and I don't see any issues.
Can you please attach your passbolt.env and mysql.env (remove any important information ofcourse).
Also, the passbolt.conf (VirtualHost) might be useful.
Make sure that the DNS A record is valid and that you have no firewall blocks.
Error logs will be appreciated aswell.
I started setting up my Smart Home System in Docker with Openhab, mosquitto, Grafa etc. The Docker topic is still relatively new to me and I have not managed to connect InfluxDB with Grafana. Whenever I try, Influxdb: Bad Gateway appears. I did a lot of research on the Internet, but I couldn't find a solution that could help me. Maybe someone knows the problem and can help me.
Here is my docker-compose file:
influxdb:
image: influxdb:latest
container_name: influxdb
restart: always
ports:
- 8086:8086
environment:
- INFLUXDB_DB=telegraf
- INFLUXDB_USER=telegraf
- INFLUXDB_ADMIN_ENABLED=true
- INFLUXDB_ADMIN_USER=admin
- INFLUXDB_ADMIN_PASSWORD=Welcome1
volumes:
- influxdb:/var/lib/influxdb
grafana:
container_name: "grafana"
image: "grafana/grafana:latest"
restart: always
ports:
- 3000:3000
volumes:
- ./grafana:/var/lib/grafana
Grafana+InfluxDB datasource setup dialogue propose http://localhost:8086 as default for URL field. This is a suggestion to leave it like this, being grafana and influxdb indeed on the same host
And this results in the BAD Gateway error.
Problem is they are also two services inside docker and they should refer each other through the name of their docker compose sections so, in your case, like this
Regarding your volumes sections, the one in influxdb declaration probably should have been:
volumes:
- ./influxdb:/var/lib/influxdb
to map the container folder /var/lib/influxdb to the host folder ./influxdb, next to the ./grafana one but this is not related to the BAD Gateway issue.
volumes section was missing. Here is the working one.
version: '3'
services:
influxdb:
image: influxdb:latest
container_name: influxdb
restart: always
ports:
- 8086:8086
environment:
- INFLUXDB_DB=telegraf
- INFLUXDB_USER=telegraf
- INFLUXDB_ADMIN_ENABLED=true
- INFLUXDB_ADMIN_USER=admin
- INFLUXDB_ADMIN_PASSWORD=Welcome1
volumes:
- influxdb:/var/lib/influxdb
grafana:
container_name: "grafana"
image: "grafana/grafana:latest"
restart: always
ports:
- 3000:3000
volumes:
- grafana:/var/lib/grafana
volumes:
influxdb:
grafana:
I have a 'master' container, that should be already running when starting all the others.
In it i have a conf/ directory, that this service is monitoring and applying the relevant changes.
How can i have each new container drop a file in this directory?
real scenario:
given my docker-compose.yml below, i want each service (portainer, whoami, apache) to drop a .yml file in the "./traefik/conf/:/etc/traefik/conf/" path mapping of the traefik service.
docker-compose.yml
version: "3.5"
services:
traefik:
image: traefik
env_file: ./traefik/env
restart: unless-stopped
ports:
- "80:80"
- "443:443"
- "8080:8080"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./traefik/conf/:/etc/traefik/conf/
- ./traefik/traefik.yml:/etc/traefik/traefik.yml
portainer:
image: portainer/portainer
depends_on: [traefik]
command: --no-auth -H unix:///var/run/docker.sock
volumes:
- /var/run/docker.sock:/var/run/docker.sock
whoami:
image: containous/whoami
depends_on: [traefik]
portainer.traefik.yml
http:
routers:
portainer:
entryPoints: [http]
middlewares: [redirect-to-http]
service: portainer-preauth#docker
rule: Host(`portainer.docker.mydomain`)
whoami.traefik.yml
http:
routers:
whoami:
entryPoints: [http]
middlewares: [redirect-to-http]
service: whoami-preauth#docker
rule: Host(`whoami.docker.mydomain`)
Where are the files portainer.traefik.yml and whoami.traefik.yml
located? If they are on host machine, you can directly copy them to
./traefik/conf/. – Shashank V
the thing is i cant have all files in traefik/conf.
this would require manually dropping a file there every time i create a new image.
i believe that every service should be responsible for its own files.
also, when traefik starts and finds files of those other services that haven't started yet, it logs lots of errors.
to avoid this behavior, i would like to put the file there only when the container is started.
below is is the project file structure.
You can use a volume across all services. Just define it in your docker-compose.yml and assign it to each service:
version: "3.5"
services:
traefik:
image: traefik
env_file: ./traefik/env
restart: unless-stopped
ports:
- "80:80"
- "443:443"
- "8080:8080"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./traefik/conf/:/etc/traefik/conf/
- ./traefik/traefik.yml:/etc/traefik/traefik.yml
- foo:/path/to/share/
portainer:
image: portainer/portainer
depends_on: [traefik]
command: --no-auth -H unix:///var/run/docker.sock
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- foo:/another/path/to/share/
whoami:
image: containous/whoami
depends_on: [traefik]
volumes:
- foo:/and/another/path/
volumes:
foo:
driver: local
This is the equivalent to the --volumes-from feature of "plain" Docker. Or at least, what comes closest to it.
Your master container would then have to use the same volume. If this container doesn't run within the same Docker Compose context, you have to define this volume externally before.
I'm trying to setup my environment to develop Phoenix apps using Docker.
Unitil this point everything is great, except the VIRTUAL_HOST part, I'd like to access my app by visiting app.dev instead of localhost:4000.
I'm using this docker-compose.yml file :
version: '2'
services:
proxy:
image: jwilder/nginx-proxy
ports:
- 80:80
postgres:
image: postgres:latest
restart: always
environment:
- POSTGRES_USER=postgres
- POSTGRES_PASSWORD=root
web:
build: .
command: mix phx.server
volumes:
- .:/app
ports:
- 4000:4000
depends_on:
- postgres
environment:
- MIX_ENV=dev
- VIRTUAL_HOST=app.dev
- VIRTUAL_PORT=4000
- POSTGRES_USER=postgres
- POSTGRES_PASSWORD=root
links:
- postgres
when I try to access the app.dev I'm getting site can't be reached.
edit #1
For using VIRTUAL_HOST, do I really need the reverse proxy for this ? or a simple dns or something will be enough ?
edit #2
Ok, that's strange, when I curl the app.dev I get the html content, but I can't access it (app.dev) from the browser.
You don't need nginx, you just need to add app.dev to your /etc/hosts file.
127.0.0.1 app.dev
Today I switched from "Docker Toolbox" to "Docker for Mac", because Docker now has finally write-access to my User directory (which doesn't worked with "Docker Toolbox") - Yay!
But this change also includes that all containers now running under my localhost and not under Docker's IP as before (e.g. 192.168.99.100).
Since my localhost listens to various ports by default (80, 443, ...) and I don't want to always add new created ports, that doesn't conflict with the standard one's, to my local dev domains (e.g. example.dev:8443), I wonder how to run my containers as before.
I read about network configs and tried a lot of things (creating a new host network, exposing ports with an IP in front of it, ...), but didn't got it working.
What kind of config do I need to run my app container with the IP 192.168.99.100? Thats my docker-compose.yml so far.
version: '2'
services:
app:
build:
context: .
dockerfile: Dockerfile
depends_on:
- mysql
- redis
- memcached
ports:
- 80:80
- 443:443
- 22:22
- 3000:3000
- 3001:3001
volumes:
- ./app/:/app/
- /tmp/debug/:/tmp/debug/
- ./:/docker/
volumes_from:
- storage
# cap and privileged needed for slowlog
cap_add:
- SYS_PTRACE
privileged: true
env_file:
- etc/environment.yml
- etc/environment.development.yml
mysql:
build:
context: docker/mysql/
dockerfile: MariaDB-10
ports:
- 3306:3306
volumes_from:
- storage
volumes:
- ./data/mysql:/var/lib/mysql
- /tmp/debug/:/tmp/debug/
env_file:
- etc/environment.yml
- etc/environment.development.yml
redis:
build: docker/redis/
volumes_from:
- storage
env_file:
- etc/environment.yml
- etc/environment.development.yml
memcached:
build: docker/memcached/
volumes_from:
- storage
env_file:
- etc/environment.yml
- etc/environment.development.yml
storage:
build: docker/storage/
volumes:
- /storage
You need to declare "networks:" for each of your services:
e.g.
version: '2'
services:
app:
image: xxxx:xxx
ports:
- "80:80"
networks:
- my-network
mysql:
image: xxxx:xxx
networks:
- my-network
networks:
my-network:
driver: bridge
Then from side your app configuration, you can use "mysql" as the hostname of database server.
You can define a network in your compose file, then add any services to the network.
https://docs.docker.com/compose/networking/
But I would suggest you just use different ports now that you are running natively. I.e. 8080:80