Sign in Subscribe
By Andreas Turriff in homelab

Dogfooding it, Pt 1 - Docker

Because I believe in eating my own dogfood with a publication like this, the first thing I'll demonstrate is showing how to set up the Ghost CMS on a Docker-based home lab server. Again, we'll start from the base system. I suggest using a physical host for this, especially if you plan on following the media server posts later; ideally, use a system with two drives; my personal lab system runs an internal SSD for the base operating system and a USB 3 connected RAID enclosure for the Docker images and data.

As with the router, this post assumes that a base system has been set up. As this will be a server and systemd's DHCP server does not provide fixed leases or reservations, it's necessary to configure a static IP address.

Edit /etc/systemd/network/20-<ifname>.network to contain

[Match]
Name=<your ifname>

[Network]
Address=10.32.0.2/16
Gateway=10.32.0.1
DNS=8.8.8.8
NTP-10.32.0.1

Also, enable the time sync daemon.

$ sudo systemctl enable --now systemd-timesyncd

Reboot. At this point, we're ready to install Docker.

$ paru -Syu docker
$ sudo systemctl enable --now docker
$ usermod -a -G docker <your username>

Log out and back in.

Now, Docker is a complex bit of software, and there are multiple ways to accomplish things like persistent storage, networking, and the like. I am choosing to maintain my containers as swarm services with a replica count of 1, so they are brought up on system startup, restart on failure, and I don't need to manually write unit files to bring up docker compose instances. I am also choosing to maintain persistent storage as bind mounts to a data volume, rather than configuring the Docker service to place Docker volumes in that place. Finally, I am running my containers on an isolated network, with the exception of the rare few (reverse proxy) that need access to the outside world. I am also choosing to use the swarm configuration to be able to use secrets without needing to have cleartext password files lying around for Compose to pick up. With all that said, let's get Docker configured. 

$ docker swarm init
$ docker network create -d overlay --ipam-opt 'subnet=10.64.0.0/16' --scope swarm --internal --attachable --subnet 10.64.0.0/16 homelab
$ docker network create -d bridge --scope swarm --attachable homelab-bridge

Now, we just need to get that second volume set up to hold the homelab data.

$ paru -S gdisk xfsprogs
$ sudo gdisk /dev/disk/by-id/<second disk>
n
<all defaults are fine>
c
data
w
$ sudo mkfs -t xfs -L data /dev/disk/by-partlabel/data
$ sudo -i
# mkdir /srv/data
# echo 'LABEL=data /srv/data xfs rw,relatime,attr2,inode64,logbufs=8,logbsize=32k,noquota 0 2' >> /etc/fstab
# systemctl daemon-reload
# mount -a
# chown <your user> /srv/data

That does for the basic docker setup.

Subscribe to Homelab Adventures

Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe