dockerbunker is a tool that helps configure, deploy and manage dockerized web-applications or static sites behind an nginx reverse proxy. Apps can easily be fully backed up or restored from a previous backup. The only requirement is docker.
Have a look at this asciicast to see dockerbunkerin action.
Index:
- Services
- Other build in Services
- Upgrade Dockerbunker-v1 to -v2
- Prerequisites
- How to get started
- Ddd custom services
- add custom static website
- add your external service
- add your external SSL
- Backup & Restore
- Good to know
- Why I made this
- [✔] installation works
means that the installation worked but the service was not further tested
-
[☠] some issue got some isse by installation or by service execution via browser
- [✔] works
is tested in live-environment
| A - G | Description | |---|---|--- | |Bitbucket | > [☠] some issue | | |Commento | [✔] installation works | | |cryptpad | [✔] installation works | | |CS50 IDE | > [☠] some issue | | |Dillinger | [✔] installation works | | |Drone CI | [✔] works | Continuous Delivery system | |Fathom Analytics | [✔] installation works | | |Firefly III | [✔] installation works | | |Firefox Sync Server | [✔] installation works | | |Ghost Blog | [✔] installation works | | |GitBucket | [✔] installation works | | |Gitea | [✔] works | Git Server | |Gitlab CE | > [☠] some issue | | |Gogs | [✔] installation works | | |Grav | [✔] works | Grav is a Fast, Simple, and Flexible, file-based Web-platform. |
| H - N | Description | |---|---|--- | |Hastebin | [✔] installation works | | |IPsec VPN Server | > [☠] some issue | | |json-server | [✔] installation works | | |Kanboard | [✔] installation works | | |KeeWeb | [✔] works | this is a static KeyPassX ProgressiveWebapp | |Koken | [✔] installation works | | |Mailcow Dockerized | > [☠] some issue | | |Mailpile | [✔] installation works | | |Mastodon | [✔] installation works | | |Matomo Analytics | [✔] installation works | | |Mozilla send | [✔] works | Simple, private file sharing from the makers of Firefox | |Nextcloud | [✔] works | self-hosted cloud-server|
| O - Z | Description | |---|---|--- | |Open Project | > [☠] some issue | | |Padlock Cloud | > [☠] some issue | | |Rocket.Chat | > [☠] some issue | | |Seafile Pro (broken) | > [☠] some issue | | |Searx | [✔] installation works | | |sFTP Server | > [☠] some issue | | |Strapi | [☠] works | The most advanced open-source headless CMS to build powerful APIs with no effort. | |Wekan | [✔] works | open source kanban | |Wordpress | [✔] installation works | |
| Service | Status | Description |
|---|---|---|
| proxy-pass | [✔] works | Use Dockerbunker as reverse-proxy, to work with your external Service/Server |
| static-sites | [✔] works | use some static HTML sites (within build/service-name/web) |
Fair warning:
While all services appeared fully functional at the time I implemented them, I cannot guarantee that they still all are functional. Sometimes I just added something I was playing around with and hadn't tested every part of it. If something turns out to be not working, it often times broke because of changes that were made to the software and it most cases it's trivial to make it work again. I marked bold all the apps I am personally using with dockerbunker, as well as those that I recently tested and expect to work without issues. That being said, use this at your own risk. And if you do use dockerbunker and notice that something doesn't work, please file an issue .. or even better, submit a pull request. Contributions are welcome:)
There are some big changes with the docker-v2 and ith wont be run without manually changes.
- At first Backup your dockerbunker sytem
- move all Environment-Files into
/buildfolder, e.g./build/conf,/build/web,/build/backupand/build/env - update your environment Variables within
build/env/dockerbunker.env(take a look at the default Variables withindata/include/init.sh)
- now, service entry-point (
service-name/ìnit.sh) and service setup (service-name/service.sh) was splitted - edit your
service-name/service.shto match your old settings
-
Docker
-
Bash 4+
On macOS via homebrew
-
Bash 4+ ->
brew install bash -
GNU grep ->
brew install grep -
GNU sed ->
brew install gnu-sedln -sv /usr/local/bin/ggrep /usr/local/bin/grep ln -sv /usr/local/bin/gsed /usr/local/bin/sedMake sure
/usr/local/binis added to your PATH! If it's not:echo 'PATH="/usr/local/bin:$PATH"' >> ~/.bash_profile
-
-
Get docker
- Most systems can install Docker by running
wget -qO- https://get.docker.com/ | sh
- Most systems can install Docker by running
-
Clone the master branch of this repository and run
./dockerbunker.shgit clone https://github.com/chaosbunker/dockerbunker.git && cd dockerbunker./dockerbunker.sh
-
Select a service and configure it (Set domain, etc..)
-
Set up the service. This will
- Create an internal network if necessary
- Create volumes
- Pull images
- Run containers
- Obtain certificate from Let's Encrypt (if chosen during config)
That's it.
Now when selecting the same service again in the dockerbunker menu, there will be more options depending on the current state of the service. For example:
Nextcloud
1) Reconfigure service
2) Reinstall service
3) Obtain Let's Encrypt certificate (<-- only visible if using self-signed cert)
4) Restart container(s)
5) Stop container(s) (<- only visible when containers are running, otherwise offers "Start Containers"
6) Backup Service
7) Restore Service (<- only visible if backup(s) for service are found)
8) Upgrade Image(s)
9) Destroy "Nextcloud"
You can add some services by your own.
- To do so, only copy another service which match your new service the best. copy
/data/services/some-serviceand rename it to your needed service. - setup your service parameter wihtin
service.sh - add oder update your
docker runcommands if needed for your service - update the nginx-reverse-proxy settings within
nginx/service.conf
When destroying a service everything related to the service will be removed. Only Let's Encrypt certificates will be retained.
- start the
static-sitesservice - add your specific domain and the other parameter
- after that, dockerbunker installs your static-site to
/build/web/service-name/index.html - now, you have to add your staic-site files into
/build/web/service-name/ - thats it, your static site should work
to add your external service, and use it via dockerbunker as a reverse-proxy.
- copy/paste nginx-default-proxy-pass.config
proxy-pass/nginx/service.confand edit to work with your service - start the
proxy-passservice - add your specific domain and the other parameter
- run the setup process
- thats it, your reverse proxy should work
When configuring a service, a self-signed certificate is generated and stored in build/conf/nginx/ssl/${SERVICE_HOSTNAME}. Please move your own trusted certificate and key in that directory as cert.pem and key.pem after configuration of the service is complete.
If you choose to use Let's Encrypt during setup, certificates will be automatically obtained via a Certbot container. Let's Encrypt data is stored in build/conf/nginx/ssl/letsencrypt.
It is possible to add additional domains to the certificate before obtaining the certificate and these domains will also automatically be added to the corresponding nginx configuration.
When backing up a service, a timestamped directory will be created in build/backup/${SERVICE_NAME}. The following things will get backed up into (or restored from) that directory:
- All volumes (will be compressed)
- nginx configuration if service is accessible via web (from build/conf/nginx/conf.d/${SERVICE_DOMAIN})
- other user-specific configuration files (from build/conf/${SERVICE_NAME})
- environment file(s) (from build/env/${SERVICE_NAME}*)
- ssl certificate" (from build/conf/nginx/ssl/${SERVICE_DOMAIN} and, if applicable build/conf/nginx/ssl/letsencrypt)
All credentials that are set by the user or that are automatically generated are stored in build/env/${SERVICE_NAME}.env.
Please refer to the documentation of each web-app (regarding default credentials, configuration etc.)
I know that it is not really ideal and recommended to do something like this with shell scripts. dockerbunker is an idea that went a bit out of control. It was inspired by @DFabric's DPlatform-DockerShip. You can read more about why I made dockerbunker here (tl;dr: I enjoyed the process)
Important: Please make sure you agree with the license(s) of the open source software you are installing via dockerbunker. Any part of dockerbunker itself is released under the MIT License.