add guest agent
update all docker images
cd /SystemSvg/docker/
for D in *; do [ -d "${D}" ] && cd ${D};docker compose pull;docker compose up -d --force-recreate;cd ..; done
docker image pruneexposer Docker API
I had to edit /lib/systemd/system/docker.service on my Ubuntu 16.04.2 LTS system to modify the line
ExecStart=/usr/bin/docker daemon -H fd:// -H tcp://0.0.0.0:2375then
sudo systemctl daemon-reload
sudo systemctl restart docker.serviceand everything worked :-). The next step is to figure out how to protect the docker daemon form being hijacked.
traefik
nfs no_root_squash
Conclusion
When you are using NFS mount points with root account on client-side then export them with no_root_squash option. This will ensure you don’t face access related issues on NFS mount points
SSL pour le home lab
https://myhomelab.gr/linux/2019/12/13/local-ca-setup.html
Mon domain : daisy-street.fr
Pihole
configuration du dns pihole 192.168.1.50
Renvoyer les serveurs sur le dns/dhcp pihole
nano /etc/netplan/00-installer-config.yaml
nano /etc/resolv.conf
nano /etc/hostname
Installer traefik
docker-compose.yml
Generer password traefik
sudo apt install apache2-utils
echo $(htpasswd -nb <USER> <PASSWORD>) | sed -e s/\\$/\\$\\$/g
volumes:
- /SystemSvg/VM_109/traefik/data/traefik.yml:/traefik.yml:ro
- /SystemSvg/VM_109/traefik/data/acme.json:/acme.json
- /SystemSvg/VM_109/traefik/data/config.yml:/config.yml:ro
labels:
- "traefik.http.routers.traefik.rule=Host(`traefik-dashboard.local.daisy-street.fr`)"
- "traefik.http.middlewares.traefik-auth.basicauth.users=<USER>:<HASHED-PASSWORD>"
- "traefik.http.routers.traefik-secure.rule=Host(`traefik-dashboard.local.daisy-street.fr`)"Configurer SSL
openssl genrsa -des3 -out root.key 2048david@legion2:/SystemSvg/clersa$ openssl req -x509 -new -nodes -key root.key -sha256 -days 7200 -out root.pem
Enter pass phrase for root.key:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:FR
State or Province Name (full name) [Some-State]:Hauts-de-Seine
Locality Name (eg, city) []:Antony
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Homelab
Organizational Unit Name (eg, section) []:IT
Common Name (e.g. server FQDN or YOUR name) []:DaisyStreet HomeLab Authority
Email Address []:
david@legion2:/SystemSvg/clersa$
openssl genrsa -out wildcard.homelab.home.key 2048nano opensslsan.cnf
[req]
distinguished_name = req_distinguished_name
req_extensions = v3_req
prompt = no
[req_distinguished_name]
C = FR
ST = Hauts-de-Seine
L = Antony
O = Wildcard Homelab Inc
OU = IT
CN = *.homelab.home
[v3_req]
keyUsage = keyEncipherment, dataEncipherment
extendedKeyUsage = serverAuth
subjectAltName = @alt_names
[alt_names]
DNS.1 = *.homelab.home
openssl req -new -out wildcard.homelab.home.csr \
-key wildcard.homelab.home.key \
-config opensslsan.cnfopenssl x509 -req -in wildcard.homelab.home.csr \
-CA root.pem \
-CAkey root.key \
-CAcreateserial \
-out wildcard.homelab.home.crt \
-days 7200 \
-sha256 \
-extensions v3_req \
-extfile opensslsan.cnfpaperless retag
Document retagger
Say you’ve imported a few hundred documents and now want to introduce a tag or set up a new correspondent, and apply its matching to all of the currently-imported docs. This problem is common enough that there are tools for it.
document_retagger [-h] [-c] [-T] [-t] [-i] [--use-first] [-f] optional arguments: -c, --correspondent -T, --tags -t, --document_type -i, --inbox-only --use-first -f, --overwrite
Connexion au bash docker
tmux
docker exec -it paperless bashSans écrasement
document_retagger -c -t --use-first
document_retagger -TAvec ecrasement
document_retagger -c -t --use-first -f
document_retagger -T -fa essayer en global
tmux
docker exec -it paperless bash
document_retagger -c -t --use-first -f;document_retagger -T;document_retagger -T;document_retagger -T;document_retagger -T;document_retagger -T;document_retagger -T
docker exec -d -it paperless-ng_webserver_1 document_retagger -c -T -t --use-firstdocument_retagger -T est repeter plusieurs fois car la commande s’arrete en database lock au bout de 10 minutes d’ouverture de database , l’enchainement de commande sans ecrasement permet de balayer toute la base.
installation Docker all in one
sudo apt-get update
sudo apt-get -y install ca-certificates curl gnupg lsb-release
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update
sudo apt-get -y install docker-ce docker-ce-cli containerd.io
sudo apt -y install nfs-common
sudo apt -y install cifs-utils
sudo apt -y install docker-compose
docker plugin install grafana/loki-docker-driver:latest --alias loki --grant-all-permissions
sudo usermod -aG docker $USER
sudo mkdir /Warehouse
sudo mkdir /Warehouse/Documents_read
sudo mkdir /Warehouse/Phototeque_CheckIn_read
sudo mkdir /Warehouse/Phototeque_read
sudo mkdir /Warehouse/SystemSvg_read
sudo mkdir /SystemSvg
sudo mkdir /SystemSvg_nfs
sudo mkdir /VideoClub
sudo mkdir /Photocopie
sudo nano /home/david/.sharelogin
username=[username]
password=[password]
sudo nano /etc/docker/daemon.json
{
"log-driver": "loki",
"log-opts": {
"loki-url": "http://localhost:3100/loki/api/v1/push",
"loki-batch-size": "400"
}
}
sudo nano /etc/fstab
//192.168.1.111/5-Documents /Warehouse/Documents_read cifs ro,credentials=/home/david/.sharelogin,uid=1000,gid=1000 0 0
//192.168.1.111/50-Phototheque /Warehouse/Phototeque_read cifs ro,credentials=/home/david/.sharelogin,nobrl,uid=1000,gid=1000 0 0
//192.168.1.111/00-CheckIn /Warehouse/Phototeque_CheckIn_read cifs ro,credentials=/home/david/.sharelogin,nobrl,uid=1000,gid=1000 0 0
//192.168.1.111/6-SystemSvg /Warehouse/SystemSvg_read cifs ro,credentials=/home/david/.sharelogin,nobrl,uid=1000,gid=1000 0 0
//192.168.1.111/5-Documents/80-Photocopie /Photocopie cifs rw,credentials=/home/david/.sharelogin,uid=1000,gid=1000 0 0
//192.168.1.111/9-VideoClub /VideoClub cifs rw,credentials=/home/david/.sharelogin,uid=1000,gid=1000 0 0
//192.168.1.111/6-SystemSvg /SystemSvg cifs rw,credentials=/home/david/.sharelogin,nobrl,uid=1000,gid=1000 0 0
192.168.1.111:/share_nfs /SystemSvg_nfs nfs defaults 0 0
sudo mount -a
sudo systemctl restart docker
mkdir /SystemSvg/docker
mkdir /SystemSvg/docker/portainer
mkdir /SystemSvg/docker/portainer/data
docker kill portainer
docker rm portainer
cd /SystemSvg/docker/portainer/;docker-compose pull
cd /SystemSvg/docker/portainer/;docker-compose up -d
mkdir /SystemSvg/docker/traefik
mkdir /SystemSvg/share_nfs/traefik
mkdir /SystemSvg/docker/traefik/data
mkdir /SystemSvg/share_nfs/traefik/acme
docker network create proxy
docker kill traefik
docker rm traefik
cd /SystemSvg/docker/traefik/;docker-compose pull
cd /SystemSvg/docker/traefik/;docker-compose up -d
mkdir /SystemSvg/docker/grafana
mkdir /SystemSvg/docker/grafana/grafana
mkdir /SystemSvg/docker/grafana/loki
mkdir /SystemSvg/docker/grafana/promtail
docker kill grafana
docker kill loki
docker kill promtail
docker rm grafana
docker rm loki
docker rm promtail
cd /SystemSvg/docker/grafana/;docker-compose pull
cd /SystemSvg/docker/grafana/;docker-compose up -d
mkdir /SystemSvg/docker/sickchill
mkdir /SystemSvg/docker/sickchill/config
docker kill sickchill
docker rm sickchill
cd /SystemSvg/docker/sickchill/;docker-compose pull
cd /SystemSvg/docker/sickchill/;docker-compose up -d
mkdir /SystemSvg/docker/transmission
mkdir /SystemSvg/docker/transmission/config
docker kill transmission
docker rm transmission
cd /SystemSvg/docker/transmission/;docker-compose pull
cd /SystemSvg/docker/transmission/;docker-compose up -d
mkdir /SystemSvg/docker/filebot
mkdir /SystemSvg/docker/filebot/data
docker kill filebot
docker rm filebot
cd /SystemSvg/docker/filebot/;docker-compose pull
cd /SystemSvg/docker/filebot/;docker-compose up -d
mkdir /SystemSvg/docker/nzbget
mkdir /SystemSvg/docker/nzbget/config
docker kill nzbget
docker rm nzbget
cd /SystemSvg/docker/nzbget/;docker-compose pull
cd /SystemSvg/docker/nzbget/;docker-compose up -d
mkdir /SystemSvg/docker/jellyfin
mkdir /SystemSvg/docker/jellyfin/config
mkdir /SystemSvg/docker/jellyfin/cache
docker kill jellyfin
docker rm jellyfin
cd /SystemSvg/docker/jellyfin/;docker-compose pull
cd /SystemSvg/docker/jellyfin/;docker-compose up -d
mkdir /SystemSvg/docker/duplicati
mkdir /SystemSvg/docker/duplicati/data
docker kill duplicati
docker rm duplicati
cd /SystemSvg/docker/duplicati/;docker-compose pull
cd /SystemSvg/docker/duplicati/;docker-compose up -d
//mkdir /SystemSvg/docker/heimdall
//mkdir /SystemSvg/docker/heimdall/config
//docker kill dashy
//docker rm dashy
//cd /SystemSvg/docker/dashy/;docker-compose pull
//cd /SystemSvg/docker/dashy/;docker-compose up -d
mkdir /SystemSvg/docker/dashy
docker kill heimdall
docker rm heimdall
cd /SystemSvg/docker/heimdall/;docker-compose pull
cd /SystemSvg/docker/heimdall/;docker-compose up -d
mkdir /SystemSvg/docker/littlelink
mkdir /SystemSvg/docker/littlelink/config
docker kill littlelink-server
docker rm littlelink-server
cd /SystemSvg/docker/littlelink/;docker-compose pull
cd /SystemSvg/docker/littlelink/;docker-compose up -d
mkdir /SystemSvg/docker/uptime-kuma
mkdir /SystemSvg/docker/uptime-kuma/data
docker kill uptime-kuma
docker rm uptime-kuma
cd /SystemSvg/docker/uptime-kuma/;docker-compose pull
cd /SystemSvg/docker/uptime-kuma/;docker-compose up -d
mkdir /SystemSvg/docker/paperless-ng
mkdir /SystemSvg/docker/paperless-ng/config
docker kill paperless-ng
docker rm paperless-ng
cd /SystemSvg/docker/paperless-ng/;docker-compose pull
cd /SystemSvg/docker/paperless-ng/;docker-compose up -d
cd /SystemSvg/docker/paperless-ng/;docker-compose run --rm webserver createsuperuser
mkdir /SystemSvg/docker/zoneminder
mkdir /SystemSvg/docker/zoneminder/cache
mkdir /SystemSvg/docker/zoneminder/config
docker kill zoneminder_in
docker rm zoneminder_in
cd /SystemSvg/docker/zoneminder/;docker-compose pull
cd /SystemSvg/docker/zoneminder/;docker-compose up -d
mkdir /SystemSvg/docker/homeassitant
mkdir /SystemSvg/docker/homeassitant/config
docker kill homeassitant
docker rm homeassitant
cd /SystemSvg/docker/homeassitant/;docker-compose pull
cd /SystemSvg/docker/homeassitant/;docker-compose up -d
mkdir /SystemSvg/docker/redmine
mkdir /SystemSvg/docker/redmine/mariadb_data
docker kill redmine_mariadb_1
docker kill redmine_redmine_1
docker rm redmine_mariadb_1
docker rm redmine_redmine_1
cd /SystemSvg/docker/redmine/;docker-compose pull
cd /SystemSvg/docker/redmine/;docker-compose up -d
mkdir /SystemSvg/docker/lamp
mkdir /SystemSvg/docker/lamp/www
mkdir /SystemSvg/docker/lamp/mysql
docker kill lamp_db_1
docker kill lamp_myadmin_1
docker kill lamp_web_1
docker rm lamp_db_1
docker rm lamp_myadmin_1
docker rm lamp_web_1
cd /SystemSvg/docker/lamp/;docker-compose pull
cd /SystemSvg/docker/lamp/;docker-compose up -d
mkdir /SystemSvg/docker/wordpress
mkdir /SystemSvg/docker/wordpress/html
mkdir /SystemSvg/docker/wordpress/mysql
docker kill wordpress_db_1
docker kill adminer_legacy
docker kill wordpress_legacy
docker rm wordpress_db_1
docker rm adminer_legacy
docker rm wordpress_legacy
cd /SystemSvg/docker/wordpress/;docker-compose pull
cd /SystemSvg/docker/wordpress/;docker-compose up -d
sudo apt-get purge -y docker-engine docker docker.io docker-ce docker-ce-cli
sudo apt-get autoremove -y --purge docker-engine docker docker.io docker-ce
sudo rm -rf /var/lib/docker /etc/docker
sudo rm /etc/apparmor.d/docker
sudo groupdel docker
sudo rm -rf /var/run/docker.sockdocker kill portainer
docker rm portainer
cd /SystemSvg/docker/portainer/;docker-compose up -d
docker kill traefik
docker rm traefik
cd /SystemSvg/docker/traefik/;docker-compose up -d
docker kill grafana
docker kill loki
docker kill promtail
docker rm grafana
docker rm loki
docker rm promtail
cd /SystemSvg/docker/grafana/;docker-compose up -d
docker kill sickchill
docker rm sickchill
cd /SystemSvg/docker/sickchill/;docker-compose up -d
docker kill transmission
docker rm transmission
cd /SystemSvg/docker/transmission/;docker-compose up -d
docker kill filebot
docker rm filebot
cd /SystemSvg/docker/filebot/;docker-compose up -d
docker kill nzbget
docker rm nzbget
cd /SystemSvg/docker/nzbget/;docker-compose up -d
docker kill jellyfin
docker rm jellyfin
cd /SystemSvg/docker/jellyfin/;docker-compose up -d
docker kill duplicati
docker rm duplicati
cd /SystemSvg/docker/duplicati/;docker-compose up -d
//docker kill heimdall
//docker rm heimdall
//cd /SystemSvg/docker/heimdall/;docker-compose up -d
docker kill dashy
docker rm dashy
cd /SystemSvg/docker/dashy/;docker-compose up -d
docker kill littlelink-server
docker rm littlelink-server
cd /SystemSvg/docker/littlelink/;docker-compose up -d
docker kill uptime-kuma
docker rm uptime-kuma
cd /SystemSvg/docker/uptime-kuma/;docker-compose up -d
docker kill paperless-ng
docker rm paperless-ng
cd /SystemSvg/docker/paperless-ng/;docker-compose up -d
docker kill zoneminder_in
docker rm zoneminder_in
cd /SystemSvg/docker/zoneminder/;docker-compose up -d
docker kill homeassitant
docker rm homeassitant
cd /SystemSvg/docker/homeassitant/;docker-compose up -d
docker kill redmine_mariadb_1
docker kill redmine_redmine_1
docker rm redmine_mariadb_1
docker rm redmine_redmine_1
cd /SystemSvg/docker/redmine/;docker-compose up -d
docker kill lamp_db_1
docker kill lamp_myadmin_1
docker kill lamp_web_1
docker rm lamp_db_1
docker rm lamp_myadmin_1
docker rm lamp_web_1
cd /SystemSvg/docker/lamp/;docker-compose up -d
docker kill wordpress_db_1
docker kill adminer_legacy
docker kill wordpress_legacy
docker rm wordpress_db_1
docker rm adminer_legacy
docker rm wordpress_legacy
cd /SystemSvg/docker/wordpress/;docker-compose up -d
Install Portainer Agent with Docker on Linux
Run the following command to deploy the Portainer Agent:
sudo docker run -d -p 9001:9001 --name portainer_agent --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v /var/lib/docker/volumes:/var/lib/docker/volumes portainer/agent:2.6.3sudo docker kill portainer_agent
sudo docker rm portainer_agent
sudo docker run -d -p 9001:9001 --name portainer_agent --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v /var/lib/docker/volumes:/var/lib/docker/volumes portainer/agent:2.6.3