https://wiki.bretts.org/api.php?action=feedcontributions&feedformat=atom&user=Andrew Briki - User contributions [en] 2026-05-08T13:40:05Z User contributions MediaWiki 1.28.0 https://wiki.bretts.org/index.php?title=Docker&diff=8609 Docker 2026-03-10T16:04:24Z <p>Andrew: /* Govee2MQTT */</p> <hr /> <div>== Useful Commands ==<br /> <br /> ; docker ps -a: List all containers<br /> ; docker container inspect &lt;container&gt;: Show details of &lt;container&gt;<br /> ; docker logs &lt;container&gt;: Show logs for &lt;container&gt;<br /> ; docker exec -it &lt;container&gt; /bin/bash: Start an interactive shell in &lt;container&gt;<br /> <br /> == Updating container ==<br /> <br /> === Manually ===<br /> sudo docker pull &lt;image&gt;<br /> sudo docker stop &lt;container&gt;<br /> sudo docker rm &lt;container&gt;<br /> &lt;docker run command&gt;<br /> <br /> === Automatically ===<br /> Use portainer, or:<br /> sudo docker run --rm -v /var/run/docker.sock:/var/run/docker.sock taisun/updater --oneshot &lt;container&gt;<br /> <br /> == Containers ==<br /> <br /> === Portainer ===<br /> sudo docker run -d --name portainer \<br /> -p 8000:8000 -p 9443:9443 \<br /> -v /var/run/docker.sock:/var/run/docker.sock -v /var/lib/portainer:/data \<br /> -v /etc/ssl/bretts.org:/certs \<br /> --restart unless-stopped \<br /> portainer/portainer-ce \<br /> --sslcert /certs/fullchain.pem --sslkey /certs/key.pem<br /> <br /> === Plex ===<br /> <br /> Get your claim token: https://www.plex.tv/claim/<br /> <br /> Create the container with the claim token substituted:<br /> sudo docker run -d --name plex --network=host -e PLEX_UID=111 -e PLEX_GID=127 -e TZ=Europe/London -e PLEX_CLAIM=&lt;CLAIM_TOKEN&gt; \<br /> -v /var/lib/plexmediaserver:/config -v /srv:/srv --device=/dev/dri:/dev/dri \<br /> --restart unless-stopped \<br /> plexinc/pms-docker:plexpass<br /> <br /> === Tautulli (Plex Monitoring/Notifications) ===<br /> sudo docker run -d --name tautulli -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 8181:8181 \<br /> -v /var/lib/torrent/tautulli:/config -v /var/lib/plexmediaserver/Library/Logs:/logs \<br /> --restart unless-stopped \<br /> linuxserver/tautulli<br /> <br /> === Jackett (Torrent Gateway) ===<br /> sudo docker run -d --name=jackett -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 9117:9117 \<br /> -v /var/lib/torrent/jackett:/config -v /var/lib/torrent/jackett/downloads:/downloads \<br /> --restart unless-stopped \<br /> linuxserver/jackett<br /> <br /> === FlareSolverr (CloudFlare proxy bypass) ===<br /> sudo docker run -d --name=flaresolverr \<br /> -p 8191:8191 \<br /> -e LOG_LEVEL=info \<br /> --restart unless-stopped \<br /> ghcr.io/flaresolverr/flaresolverr:latest<br /> <br /> === Byparr (Alternative CloudFlare proxy bypass) ===<br /> sudo docker run -d --name=byparr \<br /> -p 8191:8191 \<br /> -e LOG_LEVEL=info \<br /> --restart unless-stopped \<br /> ghcr.io/thephaseless/byparr:latest<br /> <br /> === Deluge ===<br /> sudo docker run -d --name deluge -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> --net=host \<br /> -v /var/lib/torrent/deluged:/config -v /srv/incoming/torrents:/torrents \<br /> -v /etc/ssl/bretts.org:/etc/ssl/bretts.org \<br /> --restart unless-stopped \<br /> linuxserver/deluge<br /> <br /> Since user groups don't seem to apply across the docker boundary, &quot;torrent&quot; will need to be given explicit permission to the private key file via an ACL:<br /> setfacl -m &quot;u:torrent:rw&quot; /etc/ssl/bretts.org/key.pem<br /> <br /> === Radarr (Movie Downloads) ===<br /> Note: torrents and movies should both be under /srv to enable import via hard links<br /> <br /> sudo docker run -d --name radarr -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 7878:7878 \<br /> -v /var/lib/torrent/radarr:/config -v /srv:/srv \<br /> --restart unless-stopped \<br /> linuxserver/radarr<br /> <br /> === Sonarr (TV Downloads) ===<br /> Note: torrents and movies should both be under /srv to enable import via hard links<br /> <br /> sudo docker run -d --name=sonarr -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 8989:8989 \<br /> -v /var/lib/torrent/sonarr/config:/config -v /srv:/srv \<br /> --restart unless-stopped \<br /> linuxserver/sonarr<br /> <br /> === Overseerr (Media Requests) ===<br /> sudo docker run -d --name overseerr --user=127:138 -e LOG_LEVEL=debug -e TZ=Europe/London \<br /> -e PORT=5055 `#optional` \<br /> -p 5055:5055 \<br /> -v /var/lib/torrent/overseerr:/app/config \<br /> --restart unless-stopped \<br /> sctx/overseerr<br /> <br /> === Unifi ===<br /> sudo docker run -d --name=unifi-controller -e PUID=140 -e PGID=150 \<br /> -p 3478:3478/udp -p 10001:10001/udp -p 18080:18080 -p 18081:18081 -p 18443:18443 -p 18880:18880 -p 6789:6789 \<br /> -v /var/lib/unifi:/config \<br /> --restart unless-stopped \<br /> linuxserver/unifi-controller<br /> <br /> === Home-Assistant (as part of host network) ===<br /> sudo docker run -d --name=home-assistant -e TZ=Europe/London \<br /> --net=host \<br /> -v /var/lib/home-assistant/config:/config -v /srv:/media -v /etc/ssl/bretts.org:/etc/ssl/bretts.org -v /var/www/html/arlo-snapshots:/arlo-snapshots \<br /> --restart unless-stopped \<br /> homeassistant/home-assistant<br /> <br /> === Mosquitto ===<br /> sudo docker run -d --name mosquitto -e TZ=Europe/London \<br /> -p 1883:1883 -p 9001:9001\<br /> -v /var/lib/mosquitto:/mosquitto \<br /> --restart unless-stopped \<br /> eclipse-mosquitto<br /> <br /> === Govee2MQTT ===<br /> Note: `--net=host` is needed for LAN API connections<br /> <br /> sudo docker run -d --name govee2mqtt \<br /> --net=host \<br /> --env-file /var/lib/govee2mqtt/.env \<br /> --restart unless-stopped \<br /> ghcr.io/wez/govee2mqtt<br /> <br /> === Stash ===<br /> sudo docker run -d --name stash \<br /> -e STASH_GENERATED=/generated/ -e STASH_METADATA=/metadata/ -e STASH_CACHE=/cache/ \<br /> -e STASH_STASH=/data/ \<br /> -p 9999:9999 \<br /> -v /var/lib/stash:/root/.stash -v /var/lib/stash/metadata:/metadata -v /var/lib/stash/cache:/cache -v /var/lib/stash/blobs:/blobs -v /var/lib/stash/generated:/generated \<br /> -v /var/lib/stash/data:/data -v /srv/porn:/srv/porn -v /srv/incoming/torrents/deluge/porn:/srv/incoming/torrents/deluge/porn \<br /> -v /etc/localtime:/etc/localtime:ro \<br /> --restart unless-stopped \<br /> stashapp/stash<br /> <br /> === Bedrock Connect ===<br /> sudo docker run -d --name bedrock-connect \<br /> -e NODB=true \<br /> -p 19132:19132/udp \<br /> -v /var/lib/minecraft/bedrock-connect:/app/config \<br /> --restart unless-stopped \<br /> strausmann/minecraft-bedrock-connect<br /> <br /> === Minecraft Servers ===<br /> sudo docker run -d --name brettopia \<br /> -e EULA=TRUE -e SERVER_PORT=19142 \<br /> -p 19142:19142/udp \<br /> -v /var/lib/minecraft/brettopia:/data \<br /> --restart unless-stopped \<br /> itzg/minecraft-bedrock-server<br /> <br /> sudo docker run -d --name brettropolis \<br /> -e EULA=TRUE -e SERVER_PORT=19152 \<br /> -p 19152:19152/udp \<br /> -v /var/lib/minecraft/brettropolis:/data \<br /> --restart unless-stopped \<br /> itzg/minecraft-bedrock-server<br /> <br /> === Atlassian ===<br /> <br /> ==== JIRA ====<br /> Note: In this instance JIRA is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name jira<br /> sudo docker run -d --name=jira -e TZ=Europe/London \<br /> -e ATL_TOMCAT_SCHEME=https -e ATL_TOMCAT_SECURE=true -e ATL_PROXY_NAME=jira.bretts.org -e ATL_PROXY_PORT=443 \<br /> -p 7980:8080 \<br /> -v jira:/var/atlassian/application-data/jira \<br /> --restart unless-stopped \<br /> atlassian/jira-software<br /> <br /> Docker JIRA runs with a uid and gid of 2001. To ensure they show up as a named user in the hosting system you can run:<br /> sudo addgroup --gid 2001 jira-docker<br /> sudo adduser --system --no-create-home --uid 2001 --gid 2001 jira-docker<br /> <br /> ==== Bitbucket====<br /> Note: In this instance Bitbucket is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name bitbucket<br /> sudo docker run -d --name=bitbucket -e TZ=Europe/London \<br /> -e SERVER_SCHEME=https -e SERVER_SECURE=true -e SERVER_PROXY_NAME=bitbucket.bretts.org -e SERVER_PROXY_PORT=443 \<br /> -p 7990:7990 -p 7999:7999 \<br /> -v bitbucket:/var/atlassian/application-data/bitbucket \<br /> --restart unless-stopped \<br /> atlassian/bitbucket-server<br /> <br /> Docker Bitbucket runs with a uid and gid of 2003. To ensure they show up as a named user in the hosting system you can run:<br /> sudo addgroup --gid 2003 bitbucket-docker<br /> sudo adduser --system --no-create-home --uid 2003 --gid 2003 bitbucket-docker<br /> <br /> ==== Bamboo ====<br /> Note: In this instance Bamboo is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name bamboo<br /> sudo docker run -d --name=bamboo -e TZ=Europe/London \<br /> -p 54663:54663 -p 7970:8085 \<br /> -v bamboo:/var/atlassian/application-data/bamboo \<br /> --restart unless-stopped \<br /> atlassian/bamboo-server<br /> <br /> ===== Limitations =====<br /> * Bamboo runs with a uid of 1000, which means it's likely to clash with a real user in the containing host<br /> * Bamboo container doesn't support any reverse proxy configuration, which means hiding it behind nginx is likely to result in broken Application Links. This can be worked around by manually editing /opt/atlassian/bamboo/conf/server.xml, but those changes will be overwritten on every container upgrade.<br /> <br /> == Tips / Fixes ==<br /> <br /> === Tautulli slow to start ===<br /> This may be due to an attempt to chown a large number of files. <br /> Login to the container:<br /> sudo docker exec -it &lt;container&gt; /bin/bash<br /> Disable the chown step by editing &lt;code&gt;/etc/cont-init.d/30-config&lt;/code&gt; and commenting out the chown command.<br /> <br /> === Adding an SSL cert for Unifi ===<br /> sudo openssl pkcs12 -export -inkey /etc/ssl/bretts.org/key.pem -in /etc/ssl/bretts.org/fullchain.pem -out /tmp/cert.p12 -name unifi -password pass:temppass<br /> sudo keytool -importkeystore -deststorepass aircontrolenterprise -destkeypass aircontrolenterprise -destkeystore /var/lib/unifi/data/keystore -srckeystore /tmp/cert.p12 -srcstoretype PKCS12 -srcstorepass temppass -alias unifi -noprompt<br /> sudo docker restart unifi-controller<br /> sudo rm /tmp/cert.p12<br /> <br /> === Local DNS resolution fails on docker 18.09 ===<br /> This may be the result of a bug: https://bugs.launchpad.net/ubuntu/+source/docker.io/+bug/1820278. Normally the container's /etc/resolv.conf should mirror that of the host, but in this case it seems to just be a default version. As a workaround, create /etc/docker/daemon.json with the following contents:<br /> <br /> {<br /> &quot;dns&quot;: [&quot;192.168.1.1&quot;, &quot;8.8.8.8&quot;],<br /> &quot;dns-search&quot;: [&quot;bretts.org&quot;]<br /> }</div> Andrew https://wiki.bretts.org/index.php?title=Docker&diff=8608 Docker 2026-03-10T16:03:33Z <p>Andrew: /* Govee2MQTT */</p> <hr /> <div>== Useful Commands ==<br /> <br /> ; docker ps -a: List all containers<br /> ; docker container inspect &lt;container&gt;: Show details of &lt;container&gt;<br /> ; docker logs &lt;container&gt;: Show logs for &lt;container&gt;<br /> ; docker exec -it &lt;container&gt; /bin/bash: Start an interactive shell in &lt;container&gt;<br /> <br /> == Updating container ==<br /> <br /> === Manually ===<br /> sudo docker pull &lt;image&gt;<br /> sudo docker stop &lt;container&gt;<br /> sudo docker rm &lt;container&gt;<br /> &lt;docker run command&gt;<br /> <br /> === Automatically ===<br /> Use portainer, or:<br /> sudo docker run --rm -v /var/run/docker.sock:/var/run/docker.sock taisun/updater --oneshot &lt;container&gt;<br /> <br /> == Containers ==<br /> <br /> === Portainer ===<br /> sudo docker run -d --name portainer \<br /> -p 8000:8000 -p 9443:9443 \<br /> -v /var/run/docker.sock:/var/run/docker.sock -v /var/lib/portainer:/data \<br /> -v /etc/ssl/bretts.org:/certs \<br /> --restart unless-stopped \<br /> portainer/portainer-ce \<br /> --sslcert /certs/fullchain.pem --sslkey /certs/key.pem<br /> <br /> === Plex ===<br /> <br /> Get your claim token: https://www.plex.tv/claim/<br /> <br /> Create the container with the claim token substituted:<br /> sudo docker run -d --name plex --network=host -e PLEX_UID=111 -e PLEX_GID=127 -e TZ=Europe/London -e PLEX_CLAIM=&lt;CLAIM_TOKEN&gt; \<br /> -v /var/lib/plexmediaserver:/config -v /srv:/srv --device=/dev/dri:/dev/dri \<br /> --restart unless-stopped \<br /> plexinc/pms-docker:plexpass<br /> <br /> === Tautulli (Plex Monitoring/Notifications) ===<br /> sudo docker run -d --name tautulli -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 8181:8181 \<br /> -v /var/lib/torrent/tautulli:/config -v /var/lib/plexmediaserver/Library/Logs:/logs \<br /> --restart unless-stopped \<br /> linuxserver/tautulli<br /> <br /> === Jackett (Torrent Gateway) ===<br /> sudo docker run -d --name=jackett -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 9117:9117 \<br /> -v /var/lib/torrent/jackett:/config -v /var/lib/torrent/jackett/downloads:/downloads \<br /> --restart unless-stopped \<br /> linuxserver/jackett<br /> <br /> === FlareSolverr (CloudFlare proxy bypass) ===<br /> sudo docker run -d --name=flaresolverr \<br /> -p 8191:8191 \<br /> -e LOG_LEVEL=info \<br /> --restart unless-stopped \<br /> ghcr.io/flaresolverr/flaresolverr:latest<br /> <br /> === Byparr (Alternative CloudFlare proxy bypass) ===<br /> sudo docker run -d --name=byparr \<br /> -p 8191:8191 \<br /> -e LOG_LEVEL=info \<br /> --restart unless-stopped \<br /> ghcr.io/thephaseless/byparr:latest<br /> <br /> === Deluge ===<br /> sudo docker run -d --name deluge -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> --net=host \<br /> -v /var/lib/torrent/deluged:/config -v /srv/incoming/torrents:/torrents \<br /> -v /etc/ssl/bretts.org:/etc/ssl/bretts.org \<br /> --restart unless-stopped \<br /> linuxserver/deluge<br /> <br /> Since user groups don't seem to apply across the docker boundary, &quot;torrent&quot; will need to be given explicit permission to the private key file via an ACL:<br /> setfacl -m &quot;u:torrent:rw&quot; /etc/ssl/bretts.org/key.pem<br /> <br /> === Radarr (Movie Downloads) ===<br /> Note: torrents and movies should both be under /srv to enable import via hard links<br /> <br /> sudo docker run -d --name radarr -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 7878:7878 \<br /> -v /var/lib/torrent/radarr:/config -v /srv:/srv \<br /> --restart unless-stopped \<br /> linuxserver/radarr<br /> <br /> === Sonarr (TV Downloads) ===<br /> Note: torrents and movies should both be under /srv to enable import via hard links<br /> <br /> sudo docker run -d --name=sonarr -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 8989:8989 \<br /> -v /var/lib/torrent/sonarr/config:/config -v /srv:/srv \<br /> --restart unless-stopped \<br /> linuxserver/sonarr<br /> <br /> === Overseerr (Media Requests) ===<br /> sudo docker run -d --name overseerr --user=127:138 -e LOG_LEVEL=debug -e TZ=Europe/London \<br /> -e PORT=5055 `#optional` \<br /> -p 5055:5055 \<br /> -v /var/lib/torrent/overseerr:/app/config \<br /> --restart unless-stopped \<br /> sctx/overseerr<br /> <br /> === Unifi ===<br /> sudo docker run -d --name=unifi-controller -e PUID=140 -e PGID=150 \<br /> -p 3478:3478/udp -p 10001:10001/udp -p 18080:18080 -p 18081:18081 -p 18443:18443 -p 18880:18880 -p 6789:6789 \<br /> -v /var/lib/unifi:/config \<br /> --restart unless-stopped \<br /> linuxserver/unifi-controller<br /> <br /> === Home-Assistant (as part of host network) ===<br /> sudo docker run -d --name=home-assistant -e TZ=Europe/London \<br /> --net=host \<br /> -v /var/lib/home-assistant/config:/config -v /srv:/media -v /etc/ssl/bretts.org:/etc/ssl/bretts.org -v /var/www/html/arlo-snapshots:/arlo-snapshots \<br /> --restart unless-stopped \<br /> homeassistant/home-assistant<br /> <br /> === Mosquitto ===<br /> sudo docker run -d --name mosquitto -e TZ=Europe/London \<br /> -p 1883:1883 -p 9001:9001\<br /> -v /var/lib/mosquitto:/mosquitto \<br /> --restart unless-stopped \<br /> eclipse-mosquitto<br /> <br /> === Govee2MQTT ===<br /> Note: `--net=host` is needed for LAN API connections<br /> <br /> sudo docker run -d --name govee2mqtt \<br /> --net=host<br /> --env-file /var/lib/govee2mqtt/.env \<br /> --restart unless-stopped \<br /> ghcr.io/wez/govee2mqtt<br /> <br /> === Stash ===<br /> sudo docker run -d --name stash \<br /> -e STASH_GENERATED=/generated/ -e STASH_METADATA=/metadata/ -e STASH_CACHE=/cache/ \<br /> -e STASH_STASH=/data/ \<br /> -p 9999:9999 \<br /> -v /var/lib/stash:/root/.stash -v /var/lib/stash/metadata:/metadata -v /var/lib/stash/cache:/cache -v /var/lib/stash/blobs:/blobs -v /var/lib/stash/generated:/generated \<br /> -v /var/lib/stash/data:/data -v /srv/porn:/srv/porn -v /srv/incoming/torrents/deluge/porn:/srv/incoming/torrents/deluge/porn \<br /> -v /etc/localtime:/etc/localtime:ro \<br /> --restart unless-stopped \<br /> stashapp/stash<br /> <br /> === Bedrock Connect ===<br /> sudo docker run -d --name bedrock-connect \<br /> -e NODB=true \<br /> -p 19132:19132/udp \<br /> -v /var/lib/minecraft/bedrock-connect:/app/config \<br /> --restart unless-stopped \<br /> strausmann/minecraft-bedrock-connect<br /> <br /> === Minecraft Servers ===<br /> sudo docker run -d --name brettopia \<br /> -e EULA=TRUE -e SERVER_PORT=19142 \<br /> -p 19142:19142/udp \<br /> -v /var/lib/minecraft/brettopia:/data \<br /> --restart unless-stopped \<br /> itzg/minecraft-bedrock-server<br /> <br /> sudo docker run -d --name brettropolis \<br /> -e EULA=TRUE -e SERVER_PORT=19152 \<br /> -p 19152:19152/udp \<br /> -v /var/lib/minecraft/brettropolis:/data \<br /> --restart unless-stopped \<br /> itzg/minecraft-bedrock-server<br /> <br /> === Atlassian ===<br /> <br /> ==== JIRA ====<br /> Note: In this instance JIRA is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name jira<br /> sudo docker run -d --name=jira -e TZ=Europe/London \<br /> -e ATL_TOMCAT_SCHEME=https -e ATL_TOMCAT_SECURE=true -e ATL_PROXY_NAME=jira.bretts.org -e ATL_PROXY_PORT=443 \<br /> -p 7980:8080 \<br /> -v jira:/var/atlassian/application-data/jira \<br /> --restart unless-stopped \<br /> atlassian/jira-software<br /> <br /> Docker JIRA runs with a uid and gid of 2001. To ensure they show up as a named user in the hosting system you can run:<br /> sudo addgroup --gid 2001 jira-docker<br /> sudo adduser --system --no-create-home --uid 2001 --gid 2001 jira-docker<br /> <br /> ==== Bitbucket====<br /> Note: In this instance Bitbucket is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name bitbucket<br /> sudo docker run -d --name=bitbucket -e TZ=Europe/London \<br /> -e SERVER_SCHEME=https -e SERVER_SECURE=true -e SERVER_PROXY_NAME=bitbucket.bretts.org -e SERVER_PROXY_PORT=443 \<br /> -p 7990:7990 -p 7999:7999 \<br /> -v bitbucket:/var/atlassian/application-data/bitbucket \<br /> --restart unless-stopped \<br /> atlassian/bitbucket-server<br /> <br /> Docker Bitbucket runs with a uid and gid of 2003. To ensure they show up as a named user in the hosting system you can run:<br /> sudo addgroup --gid 2003 bitbucket-docker<br /> sudo adduser --system --no-create-home --uid 2003 --gid 2003 bitbucket-docker<br /> <br /> ==== Bamboo ====<br /> Note: In this instance Bamboo is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name bamboo<br /> sudo docker run -d --name=bamboo -e TZ=Europe/London \<br /> -p 54663:54663 -p 7970:8085 \<br /> -v bamboo:/var/atlassian/application-data/bamboo \<br /> --restart unless-stopped \<br /> atlassian/bamboo-server<br /> <br /> ===== Limitations =====<br /> * Bamboo runs with a uid of 1000, which means it's likely to clash with a real user in the containing host<br /> * Bamboo container doesn't support any reverse proxy configuration, which means hiding it behind nginx is likely to result in broken Application Links. This can be worked around by manually editing /opt/atlassian/bamboo/conf/server.xml, but those changes will be overwritten on every container upgrade.<br /> <br /> == Tips / Fixes ==<br /> <br /> === Tautulli slow to start ===<br /> This may be due to an attempt to chown a large number of files. <br /> Login to the container:<br /> sudo docker exec -it &lt;container&gt; /bin/bash<br /> Disable the chown step by editing &lt;code&gt;/etc/cont-init.d/30-config&lt;/code&gt; and commenting out the chown command.<br /> <br /> === Adding an SSL cert for Unifi ===<br /> sudo openssl pkcs12 -export -inkey /etc/ssl/bretts.org/key.pem -in /etc/ssl/bretts.org/fullchain.pem -out /tmp/cert.p12 -name unifi -password pass:temppass<br /> sudo keytool -importkeystore -deststorepass aircontrolenterprise -destkeypass aircontrolenterprise -destkeystore /var/lib/unifi/data/keystore -srckeystore /tmp/cert.p12 -srcstoretype PKCS12 -srcstorepass temppass -alias unifi -noprompt<br /> sudo docker restart unifi-controller<br /> sudo rm /tmp/cert.p12<br /> <br /> === Local DNS resolution fails on docker 18.09 ===<br /> This may be the result of a bug: https://bugs.launchpad.net/ubuntu/+source/docker.io/+bug/1820278. Normally the container's /etc/resolv.conf should mirror that of the host, but in this case it seems to just be a default version. As a workaround, create /etc/docker/daemon.json with the following contents:<br /> <br /> {<br /> &quot;dns&quot;: [&quot;192.168.1.1&quot;, &quot;8.8.8.8&quot;],<br /> &quot;dns-search&quot;: [&quot;bretts.org&quot;]<br /> }</div> Andrew https://wiki.bretts.org/index.php?title=Docker&diff=8607 Docker 2026-03-10T16:02:20Z <p>Andrew: /* Govee2MQTT */</p> <hr /> <div>== Useful Commands ==<br /> <br /> ; docker ps -a: List all containers<br /> ; docker container inspect &lt;container&gt;: Show details of &lt;container&gt;<br /> ; docker logs &lt;container&gt;: Show logs for &lt;container&gt;<br /> ; docker exec -it &lt;container&gt; /bin/bash: Start an interactive shell in &lt;container&gt;<br /> <br /> == Updating container ==<br /> <br /> === Manually ===<br /> sudo docker pull &lt;image&gt;<br /> sudo docker stop &lt;container&gt;<br /> sudo docker rm &lt;container&gt;<br /> &lt;docker run command&gt;<br /> <br /> === Automatically ===<br /> Use portainer, or:<br /> sudo docker run --rm -v /var/run/docker.sock:/var/run/docker.sock taisun/updater --oneshot &lt;container&gt;<br /> <br /> == Containers ==<br /> <br /> === Portainer ===<br /> sudo docker run -d --name portainer \<br /> -p 8000:8000 -p 9443:9443 \<br /> -v /var/run/docker.sock:/var/run/docker.sock -v /var/lib/portainer:/data \<br /> -v /etc/ssl/bretts.org:/certs \<br /> --restart unless-stopped \<br /> portainer/portainer-ce \<br /> --sslcert /certs/fullchain.pem --sslkey /certs/key.pem<br /> <br /> === Plex ===<br /> <br /> Get your claim token: https://www.plex.tv/claim/<br /> <br /> Create the container with the claim token substituted:<br /> sudo docker run -d --name plex --network=host -e PLEX_UID=111 -e PLEX_GID=127 -e TZ=Europe/London -e PLEX_CLAIM=&lt;CLAIM_TOKEN&gt; \<br /> -v /var/lib/plexmediaserver:/config -v /srv:/srv --device=/dev/dri:/dev/dri \<br /> --restart unless-stopped \<br /> plexinc/pms-docker:plexpass<br /> <br /> === Tautulli (Plex Monitoring/Notifications) ===<br /> sudo docker run -d --name tautulli -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 8181:8181 \<br /> -v /var/lib/torrent/tautulli:/config -v /var/lib/plexmediaserver/Library/Logs:/logs \<br /> --restart unless-stopped \<br /> linuxserver/tautulli<br /> <br /> === Jackett (Torrent Gateway) ===<br /> sudo docker run -d --name=jackett -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 9117:9117 \<br /> -v /var/lib/torrent/jackett:/config -v /var/lib/torrent/jackett/downloads:/downloads \<br /> --restart unless-stopped \<br /> linuxserver/jackett<br /> <br /> === FlareSolverr (CloudFlare proxy bypass) ===<br /> sudo docker run -d --name=flaresolverr \<br /> -p 8191:8191 \<br /> -e LOG_LEVEL=info \<br /> --restart unless-stopped \<br /> ghcr.io/flaresolverr/flaresolverr:latest<br /> <br /> === Byparr (Alternative CloudFlare proxy bypass) ===<br /> sudo docker run -d --name=byparr \<br /> -p 8191:8191 \<br /> -e LOG_LEVEL=info \<br /> --restart unless-stopped \<br /> ghcr.io/thephaseless/byparr:latest<br /> <br /> === Deluge ===<br /> sudo docker run -d --name deluge -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> --net=host \<br /> -v /var/lib/torrent/deluged:/config -v /srv/incoming/torrents:/torrents \<br /> -v /etc/ssl/bretts.org:/etc/ssl/bretts.org \<br /> --restart unless-stopped \<br /> linuxserver/deluge<br /> <br /> Since user groups don't seem to apply across the docker boundary, &quot;torrent&quot; will need to be given explicit permission to the private key file via an ACL:<br /> setfacl -m &quot;u:torrent:rw&quot; /etc/ssl/bretts.org/key.pem<br /> <br /> === Radarr (Movie Downloads) ===<br /> Note: torrents and movies should both be under /srv to enable import via hard links<br /> <br /> sudo docker run -d --name radarr -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 7878:7878 \<br /> -v /var/lib/torrent/radarr:/config -v /srv:/srv \<br /> --restart unless-stopped \<br /> linuxserver/radarr<br /> <br /> === Sonarr (TV Downloads) ===<br /> Note: torrents and movies should both be under /srv to enable import via hard links<br /> <br /> sudo docker run -d --name=sonarr -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 8989:8989 \<br /> -v /var/lib/torrent/sonarr/config:/config -v /srv:/srv \<br /> --restart unless-stopped \<br /> linuxserver/sonarr<br /> <br /> === Overseerr (Media Requests) ===<br /> sudo docker run -d --name overseerr --user=127:138 -e LOG_LEVEL=debug -e TZ=Europe/London \<br /> -e PORT=5055 `#optional` \<br /> -p 5055:5055 \<br /> -v /var/lib/torrent/overseerr:/app/config \<br /> --restart unless-stopped \<br /> sctx/overseerr<br /> <br /> === Unifi ===<br /> sudo docker run -d --name=unifi-controller -e PUID=140 -e PGID=150 \<br /> -p 3478:3478/udp -p 10001:10001/udp -p 18080:18080 -p 18081:18081 -p 18443:18443 -p 18880:18880 -p 6789:6789 \<br /> -v /var/lib/unifi:/config \<br /> --restart unless-stopped \<br /> linuxserver/unifi-controller<br /> <br /> === Home-Assistant (as part of host network) ===<br /> sudo docker run -d --name=home-assistant -e TZ=Europe/London \<br /> --net=host \<br /> -v /var/lib/home-assistant/config:/config -v /srv:/media -v /etc/ssl/bretts.org:/etc/ssl/bretts.org -v /var/www/html/arlo-snapshots:/arlo-snapshots \<br /> --restart unless-stopped \<br /> homeassistant/home-assistant<br /> <br /> === Mosquitto ===<br /> sudo docker run -d --name mosquitto -e TZ=Europe/London \<br /> -p 1883:1883 -p 9001:9001\<br /> -v /var/lib/mosquitto:/mosquitto \<br /> --restart unless-stopped \<br /> eclipse-mosquitto<br /> <br /> === Govee2MQTT ===<br /> sudo docker run -d --name govee2mqtt \<br /> --env-file /var/lib/govee2mqtt/.env \<br /> --restart unless-stopped \<br /> ghcr.io/wez/govee2mqtt<br /> <br /> === Stash ===<br /> sudo docker run -d --name stash \<br /> -e STASH_GENERATED=/generated/ -e STASH_METADATA=/metadata/ -e STASH_CACHE=/cache/ \<br /> -e STASH_STASH=/data/ \<br /> -p 9999:9999 \<br /> -v /var/lib/stash:/root/.stash -v /var/lib/stash/metadata:/metadata -v /var/lib/stash/cache:/cache -v /var/lib/stash/blobs:/blobs -v /var/lib/stash/generated:/generated \<br /> -v /var/lib/stash/data:/data -v /srv/porn:/srv/porn -v /srv/incoming/torrents/deluge/porn:/srv/incoming/torrents/deluge/porn \<br /> -v /etc/localtime:/etc/localtime:ro \<br /> --restart unless-stopped \<br /> stashapp/stash<br /> <br /> === Bedrock Connect ===<br /> sudo docker run -d --name bedrock-connect \<br /> -e NODB=true \<br /> -p 19132:19132/udp \<br /> -v /var/lib/minecraft/bedrock-connect:/app/config \<br /> --restart unless-stopped \<br /> strausmann/minecraft-bedrock-connect<br /> <br /> === Minecraft Servers ===<br /> sudo docker run -d --name brettopia \<br /> -e EULA=TRUE -e SERVER_PORT=19142 \<br /> -p 19142:19142/udp \<br /> -v /var/lib/minecraft/brettopia:/data \<br /> --restart unless-stopped \<br /> itzg/minecraft-bedrock-server<br /> <br /> sudo docker run -d --name brettropolis \<br /> -e EULA=TRUE -e SERVER_PORT=19152 \<br /> -p 19152:19152/udp \<br /> -v /var/lib/minecraft/brettropolis:/data \<br /> --restart unless-stopped \<br /> itzg/minecraft-bedrock-server<br /> <br /> === Atlassian ===<br /> <br /> ==== JIRA ====<br /> Note: In this instance JIRA is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name jira<br /> sudo docker run -d --name=jira -e TZ=Europe/London \<br /> -e ATL_TOMCAT_SCHEME=https -e ATL_TOMCAT_SECURE=true -e ATL_PROXY_NAME=jira.bretts.org -e ATL_PROXY_PORT=443 \<br /> -p 7980:8080 \<br /> -v jira:/var/atlassian/application-data/jira \<br /> --restart unless-stopped \<br /> atlassian/jira-software<br /> <br /> Docker JIRA runs with a uid and gid of 2001. To ensure they show up as a named user in the hosting system you can run:<br /> sudo addgroup --gid 2001 jira-docker<br /> sudo adduser --system --no-create-home --uid 2001 --gid 2001 jira-docker<br /> <br /> ==== Bitbucket====<br /> Note: In this instance Bitbucket is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name bitbucket<br /> sudo docker run -d --name=bitbucket -e TZ=Europe/London \<br /> -e SERVER_SCHEME=https -e SERVER_SECURE=true -e SERVER_PROXY_NAME=bitbucket.bretts.org -e SERVER_PROXY_PORT=443 \<br /> -p 7990:7990 -p 7999:7999 \<br /> -v bitbucket:/var/atlassian/application-data/bitbucket \<br /> --restart unless-stopped \<br /> atlassian/bitbucket-server<br /> <br /> Docker Bitbucket runs with a uid and gid of 2003. To ensure they show up as a named user in the hosting system you can run:<br /> sudo addgroup --gid 2003 bitbucket-docker<br /> sudo adduser --system --no-create-home --uid 2003 --gid 2003 bitbucket-docker<br /> <br /> ==== Bamboo ====<br /> Note: In this instance Bamboo is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name bamboo<br /> sudo docker run -d --name=bamboo -e TZ=Europe/London \<br /> -p 54663:54663 -p 7970:8085 \<br /> -v bamboo:/var/atlassian/application-data/bamboo \<br /> --restart unless-stopped \<br /> atlassian/bamboo-server<br /> <br /> ===== Limitations =====<br /> * Bamboo runs with a uid of 1000, which means it's likely to clash with a real user in the containing host<br /> * Bamboo container doesn't support any reverse proxy configuration, which means hiding it behind nginx is likely to result in broken Application Links. This can be worked around by manually editing /opt/atlassian/bamboo/conf/server.xml, but those changes will be overwritten on every container upgrade.<br /> <br /> == Tips / Fixes ==<br /> <br /> === Tautulli slow to start ===<br /> This may be due to an attempt to chown a large number of files. <br /> Login to the container:<br /> sudo docker exec -it &lt;container&gt; /bin/bash<br /> Disable the chown step by editing &lt;code&gt;/etc/cont-init.d/30-config&lt;/code&gt; and commenting out the chown command.<br /> <br /> === Adding an SSL cert for Unifi ===<br /> sudo openssl pkcs12 -export -inkey /etc/ssl/bretts.org/key.pem -in /etc/ssl/bretts.org/fullchain.pem -out /tmp/cert.p12 -name unifi -password pass:temppass<br /> sudo keytool -importkeystore -deststorepass aircontrolenterprise -destkeypass aircontrolenterprise -destkeystore /var/lib/unifi/data/keystore -srckeystore /tmp/cert.p12 -srcstoretype PKCS12 -srcstorepass temppass -alias unifi -noprompt<br /> sudo docker restart unifi-controller<br /> sudo rm /tmp/cert.p12<br /> <br /> === Local DNS resolution fails on docker 18.09 ===<br /> This may be the result of a bug: https://bugs.launchpad.net/ubuntu/+source/docker.io/+bug/1820278. Normally the container's /etc/resolv.conf should mirror that of the host, but in this case it seems to just be a default version. As a workaround, create /etc/docker/daemon.json with the following contents:<br /> <br /> {<br /> &quot;dns&quot;: [&quot;192.168.1.1&quot;, &quot;8.8.8.8&quot;],<br /> &quot;dns-search&quot;: [&quot;bretts.org&quot;]<br /> }</div> Andrew https://wiki.bretts.org/index.php?title=Docker&diff=8606 Docker 2026-03-10T15:42:59Z <p>Andrew: /* Govee2MQTT */</p> <hr /> <div>== Useful Commands ==<br /> <br /> ; docker ps -a: List all containers<br /> ; docker container inspect &lt;container&gt;: Show details of &lt;container&gt;<br /> ; docker logs &lt;container&gt;: Show logs for &lt;container&gt;<br /> ; docker exec -it &lt;container&gt; /bin/bash: Start an interactive shell in &lt;container&gt;<br /> <br /> == Updating container ==<br /> <br /> === Manually ===<br /> sudo docker pull &lt;image&gt;<br /> sudo docker stop &lt;container&gt;<br /> sudo docker rm &lt;container&gt;<br /> &lt;docker run command&gt;<br /> <br /> === Automatically ===<br /> Use portainer, or:<br /> sudo docker run --rm -v /var/run/docker.sock:/var/run/docker.sock taisun/updater --oneshot &lt;container&gt;<br /> <br /> == Containers ==<br /> <br /> === Portainer ===<br /> sudo docker run -d --name portainer \<br /> -p 8000:8000 -p 9443:9443 \<br /> -v /var/run/docker.sock:/var/run/docker.sock -v /var/lib/portainer:/data \<br /> -v /etc/ssl/bretts.org:/certs \<br /> --restart unless-stopped \<br /> portainer/portainer-ce \<br /> --sslcert /certs/fullchain.pem --sslkey /certs/key.pem<br /> <br /> === Plex ===<br /> <br /> Get your claim token: https://www.plex.tv/claim/<br /> <br /> Create the container with the claim token substituted:<br /> sudo docker run -d --name plex --network=host -e PLEX_UID=111 -e PLEX_GID=127 -e TZ=Europe/London -e PLEX_CLAIM=&lt;CLAIM_TOKEN&gt; \<br /> -v /var/lib/plexmediaserver:/config -v /srv:/srv --device=/dev/dri:/dev/dri \<br /> --restart unless-stopped \<br /> plexinc/pms-docker:plexpass<br /> <br /> === Tautulli (Plex Monitoring/Notifications) ===<br /> sudo docker run -d --name tautulli -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 8181:8181 \<br /> -v /var/lib/torrent/tautulli:/config -v /var/lib/plexmediaserver/Library/Logs:/logs \<br /> --restart unless-stopped \<br /> linuxserver/tautulli<br /> <br /> === Jackett (Torrent Gateway) ===<br /> sudo docker run -d --name=jackett -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 9117:9117 \<br /> -v /var/lib/torrent/jackett:/config -v /var/lib/torrent/jackett/downloads:/downloads \<br /> --restart unless-stopped \<br /> linuxserver/jackett<br /> <br /> === FlareSolverr (CloudFlare proxy bypass) ===<br /> sudo docker run -d --name=flaresolverr \<br /> -p 8191:8191 \<br /> -e LOG_LEVEL=info \<br /> --restart unless-stopped \<br /> ghcr.io/flaresolverr/flaresolverr:latest<br /> <br /> === Byparr (Alternative CloudFlare proxy bypass) ===<br /> sudo docker run -d --name=byparr \<br /> -p 8191:8191 \<br /> -e LOG_LEVEL=info \<br /> --restart unless-stopped \<br /> ghcr.io/thephaseless/byparr:latest<br /> <br /> === Deluge ===<br /> sudo docker run -d --name deluge -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> --net=host \<br /> -v /var/lib/torrent/deluged:/config -v /srv/incoming/torrents:/torrents \<br /> -v /etc/ssl/bretts.org:/etc/ssl/bretts.org \<br /> --restart unless-stopped \<br /> linuxserver/deluge<br /> <br /> Since user groups don't seem to apply across the docker boundary, &quot;torrent&quot; will need to be given explicit permission to the private key file via an ACL:<br /> setfacl -m &quot;u:torrent:rw&quot; /etc/ssl/bretts.org/key.pem<br /> <br /> === Radarr (Movie Downloads) ===<br /> Note: torrents and movies should both be under /srv to enable import via hard links<br /> <br /> sudo docker run -d --name radarr -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 7878:7878 \<br /> -v /var/lib/torrent/radarr:/config -v /srv:/srv \<br /> --restart unless-stopped \<br /> linuxserver/radarr<br /> <br /> === Sonarr (TV Downloads) ===<br /> Note: torrents and movies should both be under /srv to enable import via hard links<br /> <br /> sudo docker run -d --name=sonarr -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 8989:8989 \<br /> -v /var/lib/torrent/sonarr/config:/config -v /srv:/srv \<br /> --restart unless-stopped \<br /> linuxserver/sonarr<br /> <br /> === Overseerr (Media Requests) ===<br /> sudo docker run -d --name overseerr --user=127:138 -e LOG_LEVEL=debug -e TZ=Europe/London \<br /> -e PORT=5055 `#optional` \<br /> -p 5055:5055 \<br /> -v /var/lib/torrent/overseerr:/app/config \<br /> --restart unless-stopped \<br /> sctx/overseerr<br /> <br /> === Unifi ===<br /> sudo docker run -d --name=unifi-controller -e PUID=140 -e PGID=150 \<br /> -p 3478:3478/udp -p 10001:10001/udp -p 18080:18080 -p 18081:18081 -p 18443:18443 -p 18880:18880 -p 6789:6789 \<br /> -v /var/lib/unifi:/config \<br /> --restart unless-stopped \<br /> linuxserver/unifi-controller<br /> <br /> === Home-Assistant (as part of host network) ===<br /> sudo docker run -d --name=home-assistant -e TZ=Europe/London \<br /> --net=host \<br /> -v /var/lib/home-assistant/config:/config -v /srv:/media -v /etc/ssl/bretts.org:/etc/ssl/bretts.org -v /var/www/html/arlo-snapshots:/arlo-snapshots \<br /> --restart unless-stopped \<br /> homeassistant/home-assistant<br /> <br /> === Mosquitto ===<br /> sudo docker run -d --name mosquitto -e TZ=Europe/London \<br /> -p 1883:1883 -p 9001:9001\<br /> -v /var/lib/mosquitto:/mosquitto \<br /> --restart unless-stopped \<br /> eclipse-mosquitto<br /> <br /> === Govee2MQTT ===<br /> sudo docker run -d --name govee2mqtt -e TZ=Europe/London \<br /> -e CONFIG_PATH=/config/config.yaml \<br /> -v /var/lib/govee2mqtt:/config \<br /> --restart unless-stopped \<br /> ghcr.io/wez/govee2mqtt<br /> <br /> === Stash ===<br /> sudo docker run -d --name stash \<br /> -e STASH_GENERATED=/generated/ -e STASH_METADATA=/metadata/ -e STASH_CACHE=/cache/ \<br /> -e STASH_STASH=/data/ \<br /> -p 9999:9999 \<br /> -v /var/lib/stash:/root/.stash -v /var/lib/stash/metadata:/metadata -v /var/lib/stash/cache:/cache -v /var/lib/stash/blobs:/blobs -v /var/lib/stash/generated:/generated \<br /> -v /var/lib/stash/data:/data -v /srv/porn:/srv/porn -v /srv/incoming/torrents/deluge/porn:/srv/incoming/torrents/deluge/porn \<br /> -v /etc/localtime:/etc/localtime:ro \<br /> --restart unless-stopped \<br /> stashapp/stash<br /> <br /> === Bedrock Connect ===<br /> sudo docker run -d --name bedrock-connect \<br /> -e NODB=true \<br /> -p 19132:19132/udp \<br /> -v /var/lib/minecraft/bedrock-connect:/app/config \<br /> --restart unless-stopped \<br /> strausmann/minecraft-bedrock-connect<br /> <br /> === Minecraft Servers ===<br /> sudo docker run -d --name brettopia \<br /> -e EULA=TRUE -e SERVER_PORT=19142 \<br /> -p 19142:19142/udp \<br /> -v /var/lib/minecraft/brettopia:/data \<br /> --restart unless-stopped \<br /> itzg/minecraft-bedrock-server<br /> <br /> sudo docker run -d --name brettropolis \<br /> -e EULA=TRUE -e SERVER_PORT=19152 \<br /> -p 19152:19152/udp \<br /> -v /var/lib/minecraft/brettropolis:/data \<br /> --restart unless-stopped \<br /> itzg/minecraft-bedrock-server<br /> <br /> === Atlassian ===<br /> <br /> ==== JIRA ====<br /> Note: In this instance JIRA is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name jira<br /> sudo docker run -d --name=jira -e TZ=Europe/London \<br /> -e ATL_TOMCAT_SCHEME=https -e ATL_TOMCAT_SECURE=true -e ATL_PROXY_NAME=jira.bretts.org -e ATL_PROXY_PORT=443 \<br /> -p 7980:8080 \<br /> -v jira:/var/atlassian/application-data/jira \<br /> --restart unless-stopped \<br /> atlassian/jira-software<br /> <br /> Docker JIRA runs with a uid and gid of 2001. To ensure they show up as a named user in the hosting system you can run:<br /> sudo addgroup --gid 2001 jira-docker<br /> sudo adduser --system --no-create-home --uid 2001 --gid 2001 jira-docker<br /> <br /> ==== Bitbucket====<br /> Note: In this instance Bitbucket is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name bitbucket<br /> sudo docker run -d --name=bitbucket -e TZ=Europe/London \<br /> -e SERVER_SCHEME=https -e SERVER_SECURE=true -e SERVER_PROXY_NAME=bitbucket.bretts.org -e SERVER_PROXY_PORT=443 \<br /> -p 7990:7990 -p 7999:7999 \<br /> -v bitbucket:/var/atlassian/application-data/bitbucket \<br /> --restart unless-stopped \<br /> atlassian/bitbucket-server<br /> <br /> Docker Bitbucket runs with a uid and gid of 2003. To ensure they show up as a named user in the hosting system you can run:<br /> sudo addgroup --gid 2003 bitbucket-docker<br /> sudo adduser --system --no-create-home --uid 2003 --gid 2003 bitbucket-docker<br /> <br /> ==== Bamboo ====<br /> Note: In this instance Bamboo is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name bamboo<br /> sudo docker run -d --name=bamboo -e TZ=Europe/London \<br /> -p 54663:54663 -p 7970:8085 \<br /> -v bamboo:/var/atlassian/application-data/bamboo \<br /> --restart unless-stopped \<br /> atlassian/bamboo-server<br /> <br /> ===== Limitations =====<br /> * Bamboo runs with a uid of 1000, which means it's likely to clash with a real user in the containing host<br /> * Bamboo container doesn't support any reverse proxy configuration, which means hiding it behind nginx is likely to result in broken Application Links. This can be worked around by manually editing /opt/atlassian/bamboo/conf/server.xml, but those changes will be overwritten on every container upgrade.<br /> <br /> == Tips / Fixes ==<br /> <br /> === Tautulli slow to start ===<br /> This may be due to an attempt to chown a large number of files. <br /> Login to the container:<br /> sudo docker exec -it &lt;container&gt; /bin/bash<br /> Disable the chown step by editing &lt;code&gt;/etc/cont-init.d/30-config&lt;/code&gt; and commenting out the chown command.<br /> <br /> === Adding an SSL cert for Unifi ===<br /> sudo openssl pkcs12 -export -inkey /etc/ssl/bretts.org/key.pem -in /etc/ssl/bretts.org/fullchain.pem -out /tmp/cert.p12 -name unifi -password pass:temppass<br /> sudo keytool -importkeystore -deststorepass aircontrolenterprise -destkeypass aircontrolenterprise -destkeystore /var/lib/unifi/data/keystore -srckeystore /tmp/cert.p12 -srcstoretype PKCS12 -srcstorepass temppass -alias unifi -noprompt<br /> sudo docker restart unifi-controller<br /> sudo rm /tmp/cert.p12<br /> <br /> === Local DNS resolution fails on docker 18.09 ===<br /> This may be the result of a bug: https://bugs.launchpad.net/ubuntu/+source/docker.io/+bug/1820278. Normally the container's /etc/resolv.conf should mirror that of the host, but in this case it seems to just be a default version. As a workaround, create /etc/docker/daemon.json with the following contents:<br /> <br /> {<br /> &quot;dns&quot;: [&quot;192.168.1.1&quot;, &quot;8.8.8.8&quot;],<br /> &quot;dns-search&quot;: [&quot;bretts.org&quot;]<br /> }</div> Andrew https://wiki.bretts.org/index.php?title=Docker&diff=8605 Docker 2026-03-10T05:46:23Z <p>Andrew: /* Containers */</p> <hr /> <div>== Useful Commands ==<br /> <br /> ; docker ps -a: List all containers<br /> ; docker container inspect &lt;container&gt;: Show details of &lt;container&gt;<br /> ; docker logs &lt;container&gt;: Show logs for &lt;container&gt;<br /> ; docker exec -it &lt;container&gt; /bin/bash: Start an interactive shell in &lt;container&gt;<br /> <br /> == Updating container ==<br /> <br /> === Manually ===<br /> sudo docker pull &lt;image&gt;<br /> sudo docker stop &lt;container&gt;<br /> sudo docker rm &lt;container&gt;<br /> &lt;docker run command&gt;<br /> <br /> === Automatically ===<br /> Use portainer, or:<br /> sudo docker run --rm -v /var/run/docker.sock:/var/run/docker.sock taisun/updater --oneshot &lt;container&gt;<br /> <br /> == Containers ==<br /> <br /> === Portainer ===<br /> sudo docker run -d --name portainer \<br /> -p 8000:8000 -p 9443:9443 \<br /> -v /var/run/docker.sock:/var/run/docker.sock -v /var/lib/portainer:/data \<br /> -v /etc/ssl/bretts.org:/certs \<br /> --restart unless-stopped \<br /> portainer/portainer-ce \<br /> --sslcert /certs/fullchain.pem --sslkey /certs/key.pem<br /> <br /> === Plex ===<br /> <br /> Get your claim token: https://www.plex.tv/claim/<br /> <br /> Create the container with the claim token substituted:<br /> sudo docker run -d --name plex --network=host -e PLEX_UID=111 -e PLEX_GID=127 -e TZ=Europe/London -e PLEX_CLAIM=&lt;CLAIM_TOKEN&gt; \<br /> -v /var/lib/plexmediaserver:/config -v /srv:/srv --device=/dev/dri:/dev/dri \<br /> --restart unless-stopped \<br /> plexinc/pms-docker:plexpass<br /> <br /> === Tautulli (Plex Monitoring/Notifications) ===<br /> sudo docker run -d --name tautulli -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 8181:8181 \<br /> -v /var/lib/torrent/tautulli:/config -v /var/lib/plexmediaserver/Library/Logs:/logs \<br /> --restart unless-stopped \<br /> linuxserver/tautulli<br /> <br /> === Jackett (Torrent Gateway) ===<br /> sudo docker run -d --name=jackett -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 9117:9117 \<br /> -v /var/lib/torrent/jackett:/config -v /var/lib/torrent/jackett/downloads:/downloads \<br /> --restart unless-stopped \<br /> linuxserver/jackett<br /> <br /> === FlareSolverr (CloudFlare proxy bypass) ===<br /> sudo docker run -d --name=flaresolverr \<br /> -p 8191:8191 \<br /> -e LOG_LEVEL=info \<br /> --restart unless-stopped \<br /> ghcr.io/flaresolverr/flaresolverr:latest<br /> <br /> === Byparr (Alternative CloudFlare proxy bypass) ===<br /> sudo docker run -d --name=byparr \<br /> -p 8191:8191 \<br /> -e LOG_LEVEL=info \<br /> --restart unless-stopped \<br /> ghcr.io/thephaseless/byparr:latest<br /> <br /> === Deluge ===<br /> sudo docker run -d --name deluge -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> --net=host \<br /> -v /var/lib/torrent/deluged:/config -v /srv/incoming/torrents:/torrents \<br /> -v /etc/ssl/bretts.org:/etc/ssl/bretts.org \<br /> --restart unless-stopped \<br /> linuxserver/deluge<br /> <br /> Since user groups don't seem to apply across the docker boundary, &quot;torrent&quot; will need to be given explicit permission to the private key file via an ACL:<br /> setfacl -m &quot;u:torrent:rw&quot; /etc/ssl/bretts.org/key.pem<br /> <br /> === Radarr (Movie Downloads) ===<br /> Note: torrents and movies should both be under /srv to enable import via hard links<br /> <br /> sudo docker run -d --name radarr -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 7878:7878 \<br /> -v /var/lib/torrent/radarr:/config -v /srv:/srv \<br /> --restart unless-stopped \<br /> linuxserver/radarr<br /> <br /> === Sonarr (TV Downloads) ===<br /> Note: torrents and movies should both be under /srv to enable import via hard links<br /> <br /> sudo docker run -d --name=sonarr -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 8989:8989 \<br /> -v /var/lib/torrent/sonarr/config:/config -v /srv:/srv \<br /> --restart unless-stopped \<br /> linuxserver/sonarr<br /> <br /> === Overseerr (Media Requests) ===<br /> sudo docker run -d --name overseerr --user=127:138 -e LOG_LEVEL=debug -e TZ=Europe/London \<br /> -e PORT=5055 `#optional` \<br /> -p 5055:5055 \<br /> -v /var/lib/torrent/overseerr:/app/config \<br /> --restart unless-stopped \<br /> sctx/overseerr<br /> <br /> === Unifi ===<br /> sudo docker run -d --name=unifi-controller -e PUID=140 -e PGID=150 \<br /> -p 3478:3478/udp -p 10001:10001/udp -p 18080:18080 -p 18081:18081 -p 18443:18443 -p 18880:18880 -p 6789:6789 \<br /> -v /var/lib/unifi:/config \<br /> --restart unless-stopped \<br /> linuxserver/unifi-controller<br /> <br /> === Home-Assistant (as part of host network) ===<br /> sudo docker run -d --name=home-assistant -e TZ=Europe/London \<br /> --net=host \<br /> -v /var/lib/home-assistant/config:/config -v /srv:/media -v /etc/ssl/bretts.org:/etc/ssl/bretts.org -v /var/www/html/arlo-snapshots:/arlo-snapshots \<br /> --restart unless-stopped \<br /> homeassistant/home-assistant<br /> <br /> === Mosquitto ===<br /> sudo docker run -d --name mosquitto -e TZ=Europe/London \<br /> -p 1883:1883 -p 9001:9001\<br /> -v /var/lib/mosquitto:/mosquitto \<br /> --restart unless-stopped \<br /> eclipse-mosquitto<br /> <br /> === Govee2MQTT ===<br /> sudo docker run -d --name govee2mqtt -e TZ=Europe/London \<br /> -e CONFIG_PATH=/config/config.yaml \<br /> -v /var/lib/govee2mqtt:/config \<br /> --restart unless-stopped \<br /> graystorm/govee2mqtt<br /> <br /> === Stash ===<br /> sudo docker run -d --name stash \<br /> -e STASH_GENERATED=/generated/ -e STASH_METADATA=/metadata/ -e STASH_CACHE=/cache/ \<br /> -e STASH_STASH=/data/ \<br /> -p 9999:9999 \<br /> -v /var/lib/stash:/root/.stash -v /var/lib/stash/metadata:/metadata -v /var/lib/stash/cache:/cache -v /var/lib/stash/blobs:/blobs -v /var/lib/stash/generated:/generated \<br /> -v /var/lib/stash/data:/data -v /srv/porn:/srv/porn -v /srv/incoming/torrents/deluge/porn:/srv/incoming/torrents/deluge/porn \<br /> -v /etc/localtime:/etc/localtime:ro \<br /> --restart unless-stopped \<br /> stashapp/stash<br /> <br /> === Bedrock Connect ===<br /> sudo docker run -d --name bedrock-connect \<br /> -e NODB=true \<br /> -p 19132:19132/udp \<br /> -v /var/lib/minecraft/bedrock-connect:/app/config \<br /> --restart unless-stopped \<br /> strausmann/minecraft-bedrock-connect<br /> <br /> === Minecraft Servers ===<br /> sudo docker run -d --name brettopia \<br /> -e EULA=TRUE -e SERVER_PORT=19142 \<br /> -p 19142:19142/udp \<br /> -v /var/lib/minecraft/brettopia:/data \<br /> --restart unless-stopped \<br /> itzg/minecraft-bedrock-server<br /> <br /> sudo docker run -d --name brettropolis \<br /> -e EULA=TRUE -e SERVER_PORT=19152 \<br /> -p 19152:19152/udp \<br /> -v /var/lib/minecraft/brettropolis:/data \<br /> --restart unless-stopped \<br /> itzg/minecraft-bedrock-server<br /> <br /> === Atlassian ===<br /> <br /> ==== JIRA ====<br /> Note: In this instance JIRA is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name jira<br /> sudo docker run -d --name=jira -e TZ=Europe/London \<br /> -e ATL_TOMCAT_SCHEME=https -e ATL_TOMCAT_SECURE=true -e ATL_PROXY_NAME=jira.bretts.org -e ATL_PROXY_PORT=443 \<br /> -p 7980:8080 \<br /> -v jira:/var/atlassian/application-data/jira \<br /> --restart unless-stopped \<br /> atlassian/jira-software<br /> <br /> Docker JIRA runs with a uid and gid of 2001. To ensure they show up as a named user in the hosting system you can run:<br /> sudo addgroup --gid 2001 jira-docker<br /> sudo adduser --system --no-create-home --uid 2001 --gid 2001 jira-docker<br /> <br /> ==== Bitbucket====<br /> Note: In this instance Bitbucket is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name bitbucket<br /> sudo docker run -d --name=bitbucket -e TZ=Europe/London \<br /> -e SERVER_SCHEME=https -e SERVER_SECURE=true -e SERVER_PROXY_NAME=bitbucket.bretts.org -e SERVER_PROXY_PORT=443 \<br /> -p 7990:7990 -p 7999:7999 \<br /> -v bitbucket:/var/atlassian/application-data/bitbucket \<br /> --restart unless-stopped \<br /> atlassian/bitbucket-server<br /> <br /> Docker Bitbucket runs with a uid and gid of 2003. To ensure they show up as a named user in the hosting system you can run:<br /> sudo addgroup --gid 2003 bitbucket-docker<br /> sudo adduser --system --no-create-home --uid 2003 --gid 2003 bitbucket-docker<br /> <br /> ==== Bamboo ====<br /> Note: In this instance Bamboo is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name bamboo<br /> sudo docker run -d --name=bamboo -e TZ=Europe/London \<br /> -p 54663:54663 -p 7970:8085 \<br /> -v bamboo:/var/atlassian/application-data/bamboo \<br /> --restart unless-stopped \<br /> atlassian/bamboo-server<br /> <br /> ===== Limitations =====<br /> * Bamboo runs with a uid of 1000, which means it's likely to clash with a real user in the containing host<br /> * Bamboo container doesn't support any reverse proxy configuration, which means hiding it behind nginx is likely to result in broken Application Links. This can be worked around by manually editing /opt/atlassian/bamboo/conf/server.xml, but those changes will be overwritten on every container upgrade.<br /> <br /> == Tips / Fixes ==<br /> <br /> === Tautulli slow to start ===<br /> This may be due to an attempt to chown a large number of files. <br /> Login to the container:<br /> sudo docker exec -it &lt;container&gt; /bin/bash<br /> Disable the chown step by editing &lt;code&gt;/etc/cont-init.d/30-config&lt;/code&gt; and commenting out the chown command.<br /> <br /> === Adding an SSL cert for Unifi ===<br /> sudo openssl pkcs12 -export -inkey /etc/ssl/bretts.org/key.pem -in /etc/ssl/bretts.org/fullchain.pem -out /tmp/cert.p12 -name unifi -password pass:temppass<br /> sudo keytool -importkeystore -deststorepass aircontrolenterprise -destkeypass aircontrolenterprise -destkeystore /var/lib/unifi/data/keystore -srckeystore /tmp/cert.p12 -srcstoretype PKCS12 -srcstorepass temppass -alias unifi -noprompt<br /> sudo docker restart unifi-controller<br /> sudo rm /tmp/cert.p12<br /> <br /> === Local DNS resolution fails on docker 18.09 ===<br /> This may be the result of a bug: https://bugs.launchpad.net/ubuntu/+source/docker.io/+bug/1820278. Normally the container's /etc/resolv.conf should mirror that of the host, but in this case it seems to just be a default version. As a workaround, create /etc/docker/daemon.json with the following contents:<br /> <br /> {<br /> &quot;dns&quot;: [&quot;192.168.1.1&quot;, &quot;8.8.8.8&quot;],<br /> &quot;dns-search&quot;: [&quot;bretts.org&quot;]<br /> }</div> Andrew https://wiki.bretts.org/index.php?title=Machine_List&diff=8604 Machine List 2026-01-30T07:03:05Z <p>Andrew: /* History */</p> <hr /> <div>== History ==<br /> <br /> === Pre-networking ===<br /> * (1988-1993) 8086 4.2MHz, MS-DOS 3.3<br /> * (1993-1995) 386SX 16MHz, Windows 3.1 + MS-DOS 5.0<br /> * (1995-1996) 486DX 50MHz, Windows 3.1 + MS-DOS 5.0/Windows 95<br /> <br /> === indiana ===<br /> * (1996 - 1999) Fujitsu-ICL Pentium 90, Windows 95 + Windows NT 4.0<br /> ** 1996?: +Orchid Righteous 3D<br /> <br /> === colorado === <br /> * (1999 - 2001) Homebuilt Celeron 300, Windows 98/Me/XP<br /> ** Matrox Millennium G200?<br /> * (2001 - 2002) Homebuilt Pentium 3 800, Windows XP<br /> * (2002 - 2005) Homebuilt Pentium 3 800, Mandriva Linux 8.0/9.0/10.0<br /> * (2005 - 2008) Dell Dimension 4300 (Pentium 4 1.8), Kubuntu 6.04<br /> ** 2005: +128MB Sparkle GeForce MX4000 AGP <br /> ** 2005: +Hauppauge WinTV-NOVA-T-MCE <br /> ** 2006: +Seagate Barracuda 7200.10 320GB ST3320620A<br /> ** 2006: +NEC-4570 16x DVD±RW/RAM Black <br /> * (2008 - 2010) Dell Dimension 4300 (Pentium 4 1.8), Ubuntu 8.04<br /> ** 2008: +Seagate Barracuda 7200.10 750GB SATA2 3.5&quot; <br /> ** 2008: +SATA &amp; IDE PCI Controller Card<br /> <br /> === texas ===<br /> * (2002 - 2005) Dell Dimension 4300 (Pentium 4 1.8), Windows XP<br /> ** GeForce 2 MX400?<br /> <br /> === vermont ===<br /> * (2004 - 2006) Sony Vaio TR5MP (Pentium M 1.0), Windows XP<br /> * (2006 - 2008) Sony Vaio TR5MP (Pentium M 1.0), Ubuntu 6.10/7.04/7.10/8.04<br /> <br /> === alaska ===<br /> * (2005 - 2007) Homebuilt Athlon64 3500+, Windows XP + Ubuntu 7.04 -&gt; 8.04<br /> ** Cooler Master Wave Master TAC-T01-E1C Silver All Aluminum Alloy ATX Mid Tower Computer Case<br /> ** MSI K8N Diamond<br /> ** AMD Athlon 64 3500+<br /> ** 512MB Corsair Value Select 400MHz DDR Memory Stick <br /> ** 128MB Sparkle GeForce 6600GT PCI-E <br /> ** 300Gb Maxtor DiamondMax 10 ATA/133 6L300S0<br /> ** NEC ND-3520 Silver <br /> ** 460W Akasa PaxPower Ultra Quiet <br /> ** 2006: +320GB Seagate Barracuda 7200.10 SATA2 ST3320620AS<br /> ** 2007: +Sapphire X1950PRO 512MB GDDR3 PCI-Express<br /> * (2008 - 2014) Homebuilt Core 2 Duo 3.0, Windows XP/7 + Ubuntu 8.04 -&gt; 9.10<br /> ** 2008: +Gigabyte GA P35C-DS3R, iP35 Express, S775, PCI-E(x16), DDR2/3 1066/1333/800, SATA II, SATA RAID, ATX<br /> ** 2008: +Intel Core 2 Duo E8400 2 x 3.00Ghz 6Mb Cache 1333 FSB Dual Core<br /> ** 2008: +Corsair XMS6400 4GB DDR2 (2x2GB) 800Mhz Non-ECC<br /> ** 2009: +GeForce GTX 260 Core 216<br /> ** 2012: +Samsung 830 256GB SSD<br /> * (2014 - ) Homebuilt Core i7-4770, Windows 7/10<br /> ** 2014: +Asus Z87-Plus Motherboard (Socket 1150, 4x DDR3, ATX, 2x PCI Express 3.0/2.0, 6x SATA 6.0 Gb/s, USB 3.0)<br /> ** 2014: +Intel Core i7 4770 Quad Core Retail CPU (Socket 1150, 3.40GHz, 8MB, Haswell)<br /> ** 2014: +Corsair CML16GX3M2A1600C10 Vengeance Low Profile 16GB (2x8GB) DDR3 1600 Mhz CL10 XMP<br /> ** 2014: +Sapphire R9 270X 2GB Vapor-X 1050MHz GDDR 5 PCI Express Graphics Card<br /> ** 2015: +ASUS Z87-A Motherboard<br /> ** 2015: +Cooler Master Hyper 103 92mm Fan<br /> ** 2016: +MSI GeForce GTX 970 GAMING Twin Frozr V 4GB Graphics Card (Maxwell)<br /> ** 2016: +Samsung 850 EVO 500 GB 2.5 inch Solid State Drive<br /> ** 2021: +Corsair RM650x PSU<br /> <br /> === hawaii === <br /> * (2007 - 2009) Nintendo Wii<br /> <br /> === montana ===<br /> * (2007 - ) Apple Mac Mini (Mid 2007), Mac OS X Tiger -&gt; Lion<br /> ** Core 2 Duo T7200 @ 2.0GHz<br /> ** 4GB DDR2-667 RAM<br /> ** 120GB HDD<br /> ** Intel GMA 950<br /> <br /> === pennsylvania ===<br /> * (2008 - 2012) Sony PS3<br /> <br /> === nevada ===<br /> * (2009 - 2011) Samsung NC20 (VIA Nano 1.6), Windows XP + Ubuntu 9.04 -&gt; 9.10<br /> <br /> === maine ===<br /> * (2010 - 2023) Homebuilt Core i5 750, Ubuntu 9.10/12.04/14.04/16.04/18.04/20.04/22.04<br /> ** Cooler Master ATCS 840 RC-840-KKN1-GP Black Aluminum ATX Full Tower Computer Case<br /> *** Front Case Fan failed<br /> ** Gigabyte GA-P55-UD3R LGA 1156 Intel P55 ATX Intel Motherboard<br /> ** Intel Core i5-750 Lynnfield 2.66GHz LGA 1156 95W Quad-Core Processor Model BX80605I5750<br /> ** OCZ Gold 4GB (2 x 2GB) 240-Pin DDR3 SDRAM DDR3 1333 (PC3 10666) Desktop Memory Model OCZ3G1333LV4GK<br /> ** MSI N8400GS-D256H GeForce 8400 GS 256MB 64-bit GDDR2 PCI Express 2.0 x16 HDCP Ready Video Card<br /> ** Seagate Barracuda LP ST31500541AS 1.5TB 5900 RPM SATA 3.0Gb/s 3.5&quot;<br /> ** Nexus NX-5000 R3 530W ATX12V v2.2 80 PLUS BRONZE Certified Modular Active PFC Power Supply<br /> ** 2011 onwards: +Various SATA HDDs<br /> ** 2013: +Crucial Ballistix 16GB (2x8GB) 240-pin DIMM, DDR3 PC3-12800<br /> ** 2019: +Timetec Hynix IC 16GB (2x8GB) DDR3 PC3-12800 1600 MHz Non ECC Unbuffered 1.35V/1.5V Dual Rank 240 Pin UDIMM<br /> ** 2021: +Corsair RM650 PSU<br /> ** 2021: +Cooler Master Hyper 212 CPU Fan<br /> * (2023 - ) Homebuilt Core i5 13500, Ubuntu 22.04 <br /> ** 2023: +ASRock Z790 PRO RS/D4<br /> ** 2023: +Intel Core i5-13500 Desktop Processor 14 cores (6 P-cores + 8 E-cores) <br /> ** 2023: +Corsair CMK64GX4M2E3200C16 Vengeance LPX 64GB (2 x 32GB) DDR4 3200<br /> <br /> === arizona ===<br /> * (2010 - ) Apple Macbook Air (Late 2010 13-inch), Mac OS X Snow Leopard -&gt; macOS Sierra<br /> ** Core 2 Duo SL9400 @ 1.86 GHz<br /> ** 2GB DDR3-1066 RAM<br /> ** 128GB SSD<br /> ** Nvidia GeForce 320M<br /> <br /> === dakota ===<br /> * (2012 - ) Apple Mac Mini (Mid 2011), Mac OS X Lion -&gt; macOS Sierra<br /> ** Core i5-2520M @ 2.5 GHz<br /> ** 4GB DDR3-1333 RAM<br /> ** 500GB SATA HDD<br /> ** AMD Radeon HD 6630M<br /> <br /> === router ===<br /> * (2016 - ) Homebuilt Celeron G1840, pfSense<br /> ** IN Win EM050 Matx Black Case<br /> ** MSI H97M-G43 Socket 1150 VGA DVI HDMI DisplayPort mATX Motherboard<br /> ** Intel Celeron G1840 2.80GHz Socket 1150 2MB L3 Cache<br /> ** Corsair 4GB DDR3 1333MHz Memory Module CL9(9-9-9-24) 1.5V Unbuffered Non-ECC<br /> ** Corsair Force Series LS 60GB SATA 2.5inch SSD<br /> ** 2021: +Corsair RM650 PSU<br /> <br /> === oregon ===<br /> * (2016 - ) Apple MacBook Pro (Late 2016 13-inch Touch Bar), macOS Sierra -&gt; Mojave<br /> ** Core i5-6287U @ 3.1GHz<br /> ** 16GB DDR3-2133 RAM<br /> ** 256GB PCIe SSD<br /> ** Intel Iris Graphics 550<br /> <br /> === virginia ===<br /> * (2021 - 2025) Homebuilt Ryzen 5 5600X, Windows 10<br /> ** Phanteks Evolv X Antracite Grey Case<br /> ** Gigabyte AMD Ryzen X570 AORUS PRO<br /> ** Ryzen 5 5600X @ 3.7Ghz<br /> ** Corsair Vengeance LPX Black 32GB 3600MHz 2x16GB CAS 18-22-22-42 DDR4<br /> ** NVIDIA RTX 3080 Founders Edition<br /> ** Corsair Force MP600 1TB M.2 PCIe Gen 4 NVMe SSD<br /> ** Corsair RM850 PSU<br /> ** 2021: +Samsung 980 PRO M.2 NVMe SSD 2TB<br /> * (2025 -) Homebuilt Ryzen 7 9800X3D, Windows 10<br /> ** +MSI MAG X870 Tomahawk<br /> ** +AMD Ryzen 7 9800X3D AM5 @ 4.7Ghz<br /> ** +Corsair Vengeance 64GB (2*32GB) RGB 6000 MHz CAS 30-36-36-76 DDR5<br /> ** +Corsair RM1000x Shift<br /> <br /> === delaware ===<br /> * (2024 -) Steam Deck 1TB OLED<br /> <br /> === york ===<br /> * (2026 -) Beelink Mini S12 Pro<br /> ** Intel 12th Gen N100<br /> ** 16GB DDR4 RAM<br /> ** 500GB M.2 SSD</div> Andrew https://wiki.bretts.org/index.php?title=Docker&diff=8603 Docker 2026-01-22T15:05:01Z <p>Andrew: /* Radarr (Movie Downloads) */</p> <hr /> <div>== Useful Commands ==<br /> <br /> ; docker ps -a: List all containers<br /> ; docker container inspect &lt;container&gt;: Show details of &lt;container&gt;<br /> ; docker logs &lt;container&gt;: Show logs for &lt;container&gt;<br /> ; docker exec -it &lt;container&gt; /bin/bash: Start an interactive shell in &lt;container&gt;<br /> <br /> == Updating container ==<br /> <br /> === Manually ===<br /> sudo docker pull &lt;image&gt;<br /> sudo docker stop &lt;container&gt;<br /> sudo docker rm &lt;container&gt;<br /> &lt;docker run command&gt;<br /> <br /> === Automatically ===<br /> Use portainer, or:<br /> sudo docker run --rm -v /var/run/docker.sock:/var/run/docker.sock taisun/updater --oneshot &lt;container&gt;<br /> <br /> == Containers ==<br /> <br /> === Portainer ===<br /> sudo docker run -d --name portainer \<br /> -p 8000:8000 -p 9443:9443 \<br /> -v /var/run/docker.sock:/var/run/docker.sock -v /var/lib/portainer:/data \<br /> -v /etc/ssl/bretts.org:/certs \<br /> --restart unless-stopped \<br /> portainer/portainer-ce \<br /> --sslcert /certs/fullchain.pem --sslkey /certs/key.pem<br /> <br /> === Plex ===<br /> <br /> Get your claim token: https://www.plex.tv/claim/<br /> <br /> Create the container with the claim token substituted:<br /> sudo docker run -d --name plex --network=host -e PLEX_UID=111 -e PLEX_GID=127 -e TZ=Europe/London -e PLEX_CLAIM=&lt;CLAIM_TOKEN&gt; \<br /> -v /var/lib/plexmediaserver:/config -v /srv:/srv --device=/dev/dri:/dev/dri \<br /> --restart unless-stopped \<br /> plexinc/pms-docker:plexpass<br /> <br /> === Tautulli (Plex Monitoring/Notifications) ===<br /> sudo docker run -d --name tautulli -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 8181:8181 \<br /> -v /var/lib/torrent/tautulli:/config -v /var/lib/plexmediaserver/Library/Logs:/logs \<br /> --restart unless-stopped \<br /> linuxserver/tautulli<br /> <br /> === Jackett (Torrent Gateway) ===<br /> sudo docker run -d --name=jackett -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 9117:9117 \<br /> -v /var/lib/torrent/jackett:/config -v /var/lib/torrent/jackett/downloads:/downloads \<br /> --restart unless-stopped \<br /> linuxserver/jackett<br /> <br /> === FlareSolverr (CloudFlare proxy bypass) ===<br /> sudo docker run -d --name=flaresolverr \<br /> -p 8191:8191 \<br /> -e LOG_LEVEL=info \<br /> --restart unless-stopped \<br /> ghcr.io/flaresolverr/flaresolverr:latest<br /> <br /> === Byparr (Alternative CloudFlare proxy bypass) ===<br /> sudo docker run -d --name=byparr \<br /> -p 8191:8191 \<br /> -e LOG_LEVEL=info \<br /> --restart unless-stopped \<br /> ghcr.io/thephaseless/byparr:latest<br /> <br /> === Deluge ===<br /> sudo docker run -d --name deluge -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> --net=host \<br /> -v /var/lib/torrent/deluged:/config -v /srv/incoming/torrents:/torrents \<br /> -v /etc/ssl/bretts.org:/etc/ssl/bretts.org \<br /> --restart unless-stopped \<br /> linuxserver/deluge<br /> <br /> Since user groups don't seem to apply across the docker boundary, &quot;torrent&quot; will need to be given explicit permission to the private key file via an ACL:<br /> setfacl -m &quot;u:torrent:rw&quot; /etc/ssl/bretts.org/key.pem<br /> <br /> === Radarr (Movie Downloads) ===<br /> Note: torrents and movies should both be under /srv to enable import via hard links<br /> <br /> sudo docker run -d --name radarr -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 7878:7878 \<br /> -v /var/lib/torrent/radarr:/config -v /srv:/srv \<br /> --restart unless-stopped \<br /> linuxserver/radarr<br /> <br /> === Sonarr (TV Downloads) ===<br /> Note: torrents and movies should both be under /srv to enable import via hard links<br /> <br /> sudo docker run -d --name=sonarr -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 8989:8989 \<br /> -v /var/lib/torrent/sonarr/config:/config -v /srv:/srv \<br /> --restart unless-stopped \<br /> linuxserver/sonarr<br /> <br /> === Overseerr (Media Requests) ===<br /> sudo docker run -d --name overseerr --user=127:138 -e LOG_LEVEL=debug -e TZ=Europe/London \<br /> -e PORT=5055 `#optional` \<br /> -p 5055:5055 \<br /> -v /var/lib/torrent/overseerr:/app/config \<br /> --restart unless-stopped \<br /> sctx/overseerr<br /> <br /> === Unifi ===<br /> sudo docker run -d --name=unifi-controller -e PUID=140 -e PGID=150 \<br /> -p 3478:3478/udp -p 10001:10001/udp -p 18080:18080 -p 18081:18081 -p 18443:18443 -p 18880:18880 -p 6789:6789 \<br /> -v /var/lib/unifi:/config \<br /> --restart unless-stopped \<br /> linuxserver/unifi-controller<br /> <br /> === Home-Assistant (as part of host network) ===<br /> sudo docker run -d --name=home-assistant -e TZ=Europe/London \<br /> --net=host \<br /> -v /var/lib/home-assistant/config:/config -v /srv:/media -v /etc/ssl/bretts.org:/etc/ssl/bretts.org -v /var/www/html/arlo-snapshots:/arlo-snapshots \<br /> --restart unless-stopped \<br /> homeassistant/home-assistant<br /> <br /> === Stash ===<br /> sudo docker run -d --name stash \<br /> -e STASH_GENERATED=/generated/ -e STASH_METADATA=/metadata/ -e STASH_CACHE=/cache/ \<br /> -e STASH_STASH=/data/ \<br /> -p 9999:9999 \<br /> -v /var/lib/stash:/root/.stash -v /var/lib/stash/metadata:/metadata -v /var/lib/stash/cache:/cache -v /var/lib/stash/blobs:/blobs -v /var/lib/stash/generated:/generated \<br /> -v /var/lib/stash/data:/data -v /srv/porn:/srv/porn -v /srv/incoming/torrents/deluge/porn:/srv/incoming/torrents/deluge/porn \<br /> -v /etc/localtime:/etc/localtime:ro \<br /> --restart unless-stopped \<br /> stashapp/stash<br /> <br /> === Bedrock Connect ===<br /> sudo docker run -d --name bedrock-connect \<br /> -e NODB=true \<br /> -p 19132:19132/udp \<br /> -v /var/lib/minecraft/bedrock-connect:/app/config \<br /> --restart unless-stopped \<br /> strausmann/minecraft-bedrock-connect<br /> <br /> === Minecraft Servers ===<br /> sudo docker run -d --name brettopia \<br /> -e EULA=TRUE -e SERVER_PORT=19142 \<br /> -p 19142:19142/udp \<br /> -v /var/lib/minecraft/brettopia:/data \<br /> --restart unless-stopped \<br /> itzg/minecraft-bedrock-server<br /> <br /> sudo docker run -d --name brettropolis \<br /> -e EULA=TRUE -e SERVER_PORT=19152 \<br /> -p 19152:19152/udp \<br /> -v /var/lib/minecraft/brettropolis:/data \<br /> --restart unless-stopped \<br /> itzg/minecraft-bedrock-server<br /> <br /> === Atlassian ===<br /> <br /> ==== JIRA ====<br /> Note: In this instance JIRA is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name jira<br /> sudo docker run -d --name=jira -e TZ=Europe/London \<br /> -e ATL_TOMCAT_SCHEME=https -e ATL_TOMCAT_SECURE=true -e ATL_PROXY_NAME=jira.bretts.org -e ATL_PROXY_PORT=443 \<br /> -p 7980:8080 \<br /> -v jira:/var/atlassian/application-data/jira \<br /> --restart unless-stopped \<br /> atlassian/jira-software<br /> <br /> Docker JIRA runs with a uid and gid of 2001. To ensure they show up as a named user in the hosting system you can run:<br /> sudo addgroup --gid 2001 jira-docker<br /> sudo adduser --system --no-create-home --uid 2001 --gid 2001 jira-docker<br /> <br /> ==== Bitbucket====<br /> Note: In this instance Bitbucket is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name bitbucket<br /> sudo docker run -d --name=bitbucket -e TZ=Europe/London \<br /> -e SERVER_SCHEME=https -e SERVER_SECURE=true -e SERVER_PROXY_NAME=bitbucket.bretts.org -e SERVER_PROXY_PORT=443 \<br /> -p 7990:7990 -p 7999:7999 \<br /> -v bitbucket:/var/atlassian/application-data/bitbucket \<br /> --restart unless-stopped \<br /> atlassian/bitbucket-server<br /> <br /> Docker Bitbucket runs with a uid and gid of 2003. To ensure they show up as a named user in the hosting system you can run:<br /> sudo addgroup --gid 2003 bitbucket-docker<br /> sudo adduser --system --no-create-home --uid 2003 --gid 2003 bitbucket-docker<br /> <br /> ==== Bamboo ====<br /> Note: In this instance Bamboo is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name bamboo<br /> sudo docker run -d --name=bamboo -e TZ=Europe/London \<br /> -p 54663:54663 -p 7970:8085 \<br /> -v bamboo:/var/atlassian/application-data/bamboo \<br /> --restart unless-stopped \<br /> atlassian/bamboo-server<br /> <br /> ===== Limitations =====<br /> * Bamboo runs with a uid of 1000, which means it's likely to clash with a real user in the containing host<br /> * Bamboo container doesn't support any reverse proxy configuration, which means hiding it behind nginx is likely to result in broken Application Links. This can be worked around by manually editing /opt/atlassian/bamboo/conf/server.xml, but those changes will be overwritten on every container upgrade.<br /> <br /> == Tips / Fixes ==<br /> <br /> === Tautulli slow to start ===<br /> This may be due to an attempt to chown a large number of files. <br /> Login to the container:<br /> sudo docker exec -it &lt;container&gt; /bin/bash<br /> Disable the chown step by editing &lt;code&gt;/etc/cont-init.d/30-config&lt;/code&gt; and commenting out the chown command.<br /> <br /> === Adding an SSL cert for Unifi ===<br /> sudo openssl pkcs12 -export -inkey /etc/ssl/bretts.org/key.pem -in /etc/ssl/bretts.org/fullchain.pem -out /tmp/cert.p12 -name unifi -password pass:temppass<br /> sudo keytool -importkeystore -deststorepass aircontrolenterprise -destkeypass aircontrolenterprise -destkeystore /var/lib/unifi/data/keystore -srckeystore /tmp/cert.p12 -srcstoretype PKCS12 -srcstorepass temppass -alias unifi -noprompt<br /> sudo docker restart unifi-controller<br /> sudo rm /tmp/cert.p12<br /> <br /> === Local DNS resolution fails on docker 18.09 ===<br /> This may be the result of a bug: https://bugs.launchpad.net/ubuntu/+source/docker.io/+bug/1820278. Normally the container's /etc/resolv.conf should mirror that of the host, but in this case it seems to just be a default version. As a workaround, create /etc/docker/daemon.json with the following contents:<br /> <br /> {<br /> &quot;dns&quot;: [&quot;192.168.1.1&quot;, &quot;8.8.8.8&quot;],<br /> &quot;dns-search&quot;: [&quot;bretts.org&quot;]<br /> }</div> Andrew https://wiki.bretts.org/index.php?title=Docker&diff=8602 Docker 2026-01-22T15:04:48Z <p>Andrew: /* Deluge */</p> <hr /> <div>== Useful Commands ==<br /> <br /> ; docker ps -a: List all containers<br /> ; docker container inspect &lt;container&gt;: Show details of &lt;container&gt;<br /> ; docker logs &lt;container&gt;: Show logs for &lt;container&gt;<br /> ; docker exec -it &lt;container&gt; /bin/bash: Start an interactive shell in &lt;container&gt;<br /> <br /> == Updating container ==<br /> <br /> === Manually ===<br /> sudo docker pull &lt;image&gt;<br /> sudo docker stop &lt;container&gt;<br /> sudo docker rm &lt;container&gt;<br /> &lt;docker run command&gt;<br /> <br /> === Automatically ===<br /> Use portainer, or:<br /> sudo docker run --rm -v /var/run/docker.sock:/var/run/docker.sock taisun/updater --oneshot &lt;container&gt;<br /> <br /> == Containers ==<br /> <br /> === Portainer ===<br /> sudo docker run -d --name portainer \<br /> -p 8000:8000 -p 9443:9443 \<br /> -v /var/run/docker.sock:/var/run/docker.sock -v /var/lib/portainer:/data \<br /> -v /etc/ssl/bretts.org:/certs \<br /> --restart unless-stopped \<br /> portainer/portainer-ce \<br /> --sslcert /certs/fullchain.pem --sslkey /certs/key.pem<br /> <br /> === Plex ===<br /> <br /> Get your claim token: https://www.plex.tv/claim/<br /> <br /> Create the container with the claim token substituted:<br /> sudo docker run -d --name plex --network=host -e PLEX_UID=111 -e PLEX_GID=127 -e TZ=Europe/London -e PLEX_CLAIM=&lt;CLAIM_TOKEN&gt; \<br /> -v /var/lib/plexmediaserver:/config -v /srv:/srv --device=/dev/dri:/dev/dri \<br /> --restart unless-stopped \<br /> plexinc/pms-docker:plexpass<br /> <br /> === Tautulli (Plex Monitoring/Notifications) ===<br /> sudo docker run -d --name tautulli -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 8181:8181 \<br /> -v /var/lib/torrent/tautulli:/config -v /var/lib/plexmediaserver/Library/Logs:/logs \<br /> --restart unless-stopped \<br /> linuxserver/tautulli<br /> <br /> === Jackett (Torrent Gateway) ===<br /> sudo docker run -d --name=jackett -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 9117:9117 \<br /> -v /var/lib/torrent/jackett:/config -v /var/lib/torrent/jackett/downloads:/downloads \<br /> --restart unless-stopped \<br /> linuxserver/jackett<br /> <br /> === FlareSolverr (CloudFlare proxy bypass) ===<br /> sudo docker run -d --name=flaresolverr \<br /> -p 8191:8191 \<br /> -e LOG_LEVEL=info \<br /> --restart unless-stopped \<br /> ghcr.io/flaresolverr/flaresolverr:latest<br /> <br /> === Byparr (Alternative CloudFlare proxy bypass) ===<br /> sudo docker run -d --name=byparr \<br /> -p 8191:8191 \<br /> -e LOG_LEVEL=info \<br /> --restart unless-stopped \<br /> ghcr.io/thephaseless/byparr:latest<br /> <br /> === Deluge ===<br /> sudo docker run -d --name deluge -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> --net=host \<br /> -v /var/lib/torrent/deluged:/config -v /srv/incoming/torrents:/torrents \<br /> -v /etc/ssl/bretts.org:/etc/ssl/bretts.org \<br /> --restart unless-stopped \<br /> linuxserver/deluge<br /> <br /> Since user groups don't seem to apply across the docker boundary, &quot;torrent&quot; will need to be given explicit permission to the private key file via an ACL:<br /> setfacl -m &quot;u:torrent:rw&quot; /etc/ssl/bretts.org/key.pem<br /> <br /> === Radarr (Movie Downloads) ===<br /> Note: torrents and movies should both be under /srv to enable import via hard links<br /> <br /> sudo docker run -d --name radarr -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 7878:7878 \<br /> -v /var/lib/torrent/radarr/config:/config -v /srv:/srv \<br /> --restart unless-stopped \<br /> linuxserver/radarr<br /> <br /> === Sonarr (TV Downloads) ===<br /> Note: torrents and movies should both be under /srv to enable import via hard links<br /> <br /> sudo docker run -d --name=sonarr -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 8989:8989 \<br /> -v /var/lib/torrent/sonarr/config:/config -v /srv:/srv \<br /> --restart unless-stopped \<br /> linuxserver/sonarr<br /> <br /> === Overseerr (Media Requests) ===<br /> sudo docker run -d --name overseerr --user=127:138 -e LOG_LEVEL=debug -e TZ=Europe/London \<br /> -e PORT=5055 `#optional` \<br /> -p 5055:5055 \<br /> -v /var/lib/torrent/overseerr:/app/config \<br /> --restart unless-stopped \<br /> sctx/overseerr<br /> <br /> === Unifi ===<br /> sudo docker run -d --name=unifi-controller -e PUID=140 -e PGID=150 \<br /> -p 3478:3478/udp -p 10001:10001/udp -p 18080:18080 -p 18081:18081 -p 18443:18443 -p 18880:18880 -p 6789:6789 \<br /> -v /var/lib/unifi:/config \<br /> --restart unless-stopped \<br /> linuxserver/unifi-controller<br /> <br /> === Home-Assistant (as part of host network) ===<br /> sudo docker run -d --name=home-assistant -e TZ=Europe/London \<br /> --net=host \<br /> -v /var/lib/home-assistant/config:/config -v /srv:/media -v /etc/ssl/bretts.org:/etc/ssl/bretts.org -v /var/www/html/arlo-snapshots:/arlo-snapshots \<br /> --restart unless-stopped \<br /> homeassistant/home-assistant<br /> <br /> === Stash ===<br /> sudo docker run -d --name stash \<br /> -e STASH_GENERATED=/generated/ -e STASH_METADATA=/metadata/ -e STASH_CACHE=/cache/ \<br /> -e STASH_STASH=/data/ \<br /> -p 9999:9999 \<br /> -v /var/lib/stash:/root/.stash -v /var/lib/stash/metadata:/metadata -v /var/lib/stash/cache:/cache -v /var/lib/stash/blobs:/blobs -v /var/lib/stash/generated:/generated \<br /> -v /var/lib/stash/data:/data -v /srv/porn:/srv/porn -v /srv/incoming/torrents/deluge/porn:/srv/incoming/torrents/deluge/porn \<br /> -v /etc/localtime:/etc/localtime:ro \<br /> --restart unless-stopped \<br /> stashapp/stash<br /> <br /> === Bedrock Connect ===<br /> sudo docker run -d --name bedrock-connect \<br /> -e NODB=true \<br /> -p 19132:19132/udp \<br /> -v /var/lib/minecraft/bedrock-connect:/app/config \<br /> --restart unless-stopped \<br /> strausmann/minecraft-bedrock-connect<br /> <br /> === Minecraft Servers ===<br /> sudo docker run -d --name brettopia \<br /> -e EULA=TRUE -e SERVER_PORT=19142 \<br /> -p 19142:19142/udp \<br /> -v /var/lib/minecraft/brettopia:/data \<br /> --restart unless-stopped \<br /> itzg/minecraft-bedrock-server<br /> <br /> sudo docker run -d --name brettropolis \<br /> -e EULA=TRUE -e SERVER_PORT=19152 \<br /> -p 19152:19152/udp \<br /> -v /var/lib/minecraft/brettropolis:/data \<br /> --restart unless-stopped \<br /> itzg/minecraft-bedrock-server<br /> <br /> === Atlassian ===<br /> <br /> ==== JIRA ====<br /> Note: In this instance JIRA is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name jira<br /> sudo docker run -d --name=jira -e TZ=Europe/London \<br /> -e ATL_TOMCAT_SCHEME=https -e ATL_TOMCAT_SECURE=true -e ATL_PROXY_NAME=jira.bretts.org -e ATL_PROXY_PORT=443 \<br /> -p 7980:8080 \<br /> -v jira:/var/atlassian/application-data/jira \<br /> --restart unless-stopped \<br /> atlassian/jira-software<br /> <br /> Docker JIRA runs with a uid and gid of 2001. To ensure they show up as a named user in the hosting system you can run:<br /> sudo addgroup --gid 2001 jira-docker<br /> sudo adduser --system --no-create-home --uid 2001 --gid 2001 jira-docker<br /> <br /> ==== Bitbucket====<br /> Note: In this instance Bitbucket is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name bitbucket<br /> sudo docker run -d --name=bitbucket -e TZ=Europe/London \<br /> -e SERVER_SCHEME=https -e SERVER_SECURE=true -e SERVER_PROXY_NAME=bitbucket.bretts.org -e SERVER_PROXY_PORT=443 \<br /> -p 7990:7990 -p 7999:7999 \<br /> -v bitbucket:/var/atlassian/application-data/bitbucket \<br /> --restart unless-stopped \<br /> atlassian/bitbucket-server<br /> <br /> Docker Bitbucket runs with a uid and gid of 2003. To ensure they show up as a named user in the hosting system you can run:<br /> sudo addgroup --gid 2003 bitbucket-docker<br /> sudo adduser --system --no-create-home --uid 2003 --gid 2003 bitbucket-docker<br /> <br /> ==== Bamboo ====<br /> Note: In this instance Bamboo is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name bamboo<br /> sudo docker run -d --name=bamboo -e TZ=Europe/London \<br /> -p 54663:54663 -p 7970:8085 \<br /> -v bamboo:/var/atlassian/application-data/bamboo \<br /> --restart unless-stopped \<br /> atlassian/bamboo-server<br /> <br /> ===== Limitations =====<br /> * Bamboo runs with a uid of 1000, which means it's likely to clash with a real user in the containing host<br /> * Bamboo container doesn't support any reverse proxy configuration, which means hiding it behind nginx is likely to result in broken Application Links. This can be worked around by manually editing /opt/atlassian/bamboo/conf/server.xml, but those changes will be overwritten on every container upgrade.<br /> <br /> == Tips / Fixes ==<br /> <br /> === Tautulli slow to start ===<br /> This may be due to an attempt to chown a large number of files. <br /> Login to the container:<br /> sudo docker exec -it &lt;container&gt; /bin/bash<br /> Disable the chown step by editing &lt;code&gt;/etc/cont-init.d/30-config&lt;/code&gt; and commenting out the chown command.<br /> <br /> === Adding an SSL cert for Unifi ===<br /> sudo openssl pkcs12 -export -inkey /etc/ssl/bretts.org/key.pem -in /etc/ssl/bretts.org/fullchain.pem -out /tmp/cert.p12 -name unifi -password pass:temppass<br /> sudo keytool -importkeystore -deststorepass aircontrolenterprise -destkeypass aircontrolenterprise -destkeystore /var/lib/unifi/data/keystore -srckeystore /tmp/cert.p12 -srcstoretype PKCS12 -srcstorepass temppass -alias unifi -noprompt<br /> sudo docker restart unifi-controller<br /> sudo rm /tmp/cert.p12<br /> <br /> === Local DNS resolution fails on docker 18.09 ===<br /> This may be the result of a bug: https://bugs.launchpad.net/ubuntu/+source/docker.io/+bug/1820278. Normally the container's /etc/resolv.conf should mirror that of the host, but in this case it seems to just be a default version. As a workaround, create /etc/docker/daemon.json with the following contents:<br /> <br /> {<br /> &quot;dns&quot;: [&quot;192.168.1.1&quot;, &quot;8.8.8.8&quot;],<br /> &quot;dns-search&quot;: [&quot;bretts.org&quot;]<br /> }</div> Andrew https://wiki.bretts.org/index.php?title=Docker&diff=8601 Docker 2026-01-22T15:04:35Z <p>Andrew: /* Deluge */</p> <hr /> <div>== Useful Commands ==<br /> <br /> ; docker ps -a: List all containers<br /> ; docker container inspect &lt;container&gt;: Show details of &lt;container&gt;<br /> ; docker logs &lt;container&gt;: Show logs for &lt;container&gt;<br /> ; docker exec -it &lt;container&gt; /bin/bash: Start an interactive shell in &lt;container&gt;<br /> <br /> == Updating container ==<br /> <br /> === Manually ===<br /> sudo docker pull &lt;image&gt;<br /> sudo docker stop &lt;container&gt;<br /> sudo docker rm &lt;container&gt;<br /> &lt;docker run command&gt;<br /> <br /> === Automatically ===<br /> Use portainer, or:<br /> sudo docker run --rm -v /var/run/docker.sock:/var/run/docker.sock taisun/updater --oneshot &lt;container&gt;<br /> <br /> == Containers ==<br /> <br /> === Portainer ===<br /> sudo docker run -d --name portainer \<br /> -p 8000:8000 -p 9443:9443 \<br /> -v /var/run/docker.sock:/var/run/docker.sock -v /var/lib/portainer:/data \<br /> -v /etc/ssl/bretts.org:/certs \<br /> --restart unless-stopped \<br /> portainer/portainer-ce \<br /> --sslcert /certs/fullchain.pem --sslkey /certs/key.pem<br /> <br /> === Plex ===<br /> <br /> Get your claim token: https://www.plex.tv/claim/<br /> <br /> Create the container with the claim token substituted:<br /> sudo docker run -d --name plex --network=host -e PLEX_UID=111 -e PLEX_GID=127 -e TZ=Europe/London -e PLEX_CLAIM=&lt;CLAIM_TOKEN&gt; \<br /> -v /var/lib/plexmediaserver:/config -v /srv:/srv --device=/dev/dri:/dev/dri \<br /> --restart unless-stopped \<br /> plexinc/pms-docker:plexpass<br /> <br /> === Tautulli (Plex Monitoring/Notifications) ===<br /> sudo docker run -d --name tautulli -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 8181:8181 \<br /> -v /var/lib/torrent/tautulli:/config -v /var/lib/plexmediaserver/Library/Logs:/logs \<br /> --restart unless-stopped \<br /> linuxserver/tautulli<br /> <br /> === Jackett (Torrent Gateway) ===<br /> sudo docker run -d --name=jackett -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 9117:9117 \<br /> -v /var/lib/torrent/jackett:/config -v /var/lib/torrent/jackett/downloads:/downloads \<br /> --restart unless-stopped \<br /> linuxserver/jackett<br /> <br /> === FlareSolverr (CloudFlare proxy bypass) ===<br /> sudo docker run -d --name=flaresolverr \<br /> -p 8191:8191 \<br /> -e LOG_LEVEL=info \<br /> --restart unless-stopped \<br /> ghcr.io/flaresolverr/flaresolverr:latest<br /> <br /> === Byparr (Alternative CloudFlare proxy bypass) ===<br /> sudo docker run -d --name=byparr \<br /> -p 8191:8191 \<br /> -e LOG_LEVEL=info \<br /> --restart unless-stopped \<br /> ghcr.io/thephaseless/byparr:latest<br /> <br /> === Deluge ===<br /> sudo docker run -d --name deluge -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> --net=host \<br /> -v /var/lib/torrent/deluged:/config -v /srv/incoming/torrents/deluge:/torrents \<br /> -v /etc/ssl/bretts.org:/etc/ssl/bretts.org \<br /> --restart unless-stopped \<br /> linuxserver/deluge<br /> <br /> Since user groups don't seem to apply across the docker boundary, &quot;torrent&quot; will need to be given explicit permission to the private key file via an ACL:<br /> setfacl -m &quot;u:torrent:rw&quot; /etc/ssl/bretts.org/key.pem<br /> <br /> === Radarr (Movie Downloads) ===<br /> Note: torrents and movies should both be under /srv to enable import via hard links<br /> <br /> sudo docker run -d --name radarr -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 7878:7878 \<br /> -v /var/lib/torrent/radarr/config:/config -v /srv:/srv \<br /> --restart unless-stopped \<br /> linuxserver/radarr<br /> <br /> === Sonarr (TV Downloads) ===<br /> Note: torrents and movies should both be under /srv to enable import via hard links<br /> <br /> sudo docker run -d --name=sonarr -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 8989:8989 \<br /> -v /var/lib/torrent/sonarr/config:/config -v /srv:/srv \<br /> --restart unless-stopped \<br /> linuxserver/sonarr<br /> <br /> === Overseerr (Media Requests) ===<br /> sudo docker run -d --name overseerr --user=127:138 -e LOG_LEVEL=debug -e TZ=Europe/London \<br /> -e PORT=5055 `#optional` \<br /> -p 5055:5055 \<br /> -v /var/lib/torrent/overseerr:/app/config \<br /> --restart unless-stopped \<br /> sctx/overseerr<br /> <br /> === Unifi ===<br /> sudo docker run -d --name=unifi-controller -e PUID=140 -e PGID=150 \<br /> -p 3478:3478/udp -p 10001:10001/udp -p 18080:18080 -p 18081:18081 -p 18443:18443 -p 18880:18880 -p 6789:6789 \<br /> -v /var/lib/unifi:/config \<br /> --restart unless-stopped \<br /> linuxserver/unifi-controller<br /> <br /> === Home-Assistant (as part of host network) ===<br /> sudo docker run -d --name=home-assistant -e TZ=Europe/London \<br /> --net=host \<br /> -v /var/lib/home-assistant/config:/config -v /srv:/media -v /etc/ssl/bretts.org:/etc/ssl/bretts.org -v /var/www/html/arlo-snapshots:/arlo-snapshots \<br /> --restart unless-stopped \<br /> homeassistant/home-assistant<br /> <br /> === Stash ===<br /> sudo docker run -d --name stash \<br /> -e STASH_GENERATED=/generated/ -e STASH_METADATA=/metadata/ -e STASH_CACHE=/cache/ \<br /> -e STASH_STASH=/data/ \<br /> -p 9999:9999 \<br /> -v /var/lib/stash:/root/.stash -v /var/lib/stash/metadata:/metadata -v /var/lib/stash/cache:/cache -v /var/lib/stash/blobs:/blobs -v /var/lib/stash/generated:/generated \<br /> -v /var/lib/stash/data:/data -v /srv/porn:/srv/porn -v /srv/incoming/torrents/deluge/porn:/srv/incoming/torrents/deluge/porn \<br /> -v /etc/localtime:/etc/localtime:ro \<br /> --restart unless-stopped \<br /> stashapp/stash<br /> <br /> === Bedrock Connect ===<br /> sudo docker run -d --name bedrock-connect \<br /> -e NODB=true \<br /> -p 19132:19132/udp \<br /> -v /var/lib/minecraft/bedrock-connect:/app/config \<br /> --restart unless-stopped \<br /> strausmann/minecraft-bedrock-connect<br /> <br /> === Minecraft Servers ===<br /> sudo docker run -d --name brettopia \<br /> -e EULA=TRUE -e SERVER_PORT=19142 \<br /> -p 19142:19142/udp \<br /> -v /var/lib/minecraft/brettopia:/data \<br /> --restart unless-stopped \<br /> itzg/minecraft-bedrock-server<br /> <br /> sudo docker run -d --name brettropolis \<br /> -e EULA=TRUE -e SERVER_PORT=19152 \<br /> -p 19152:19152/udp \<br /> -v /var/lib/minecraft/brettropolis:/data \<br /> --restart unless-stopped \<br /> itzg/minecraft-bedrock-server<br /> <br /> === Atlassian ===<br /> <br /> ==== JIRA ====<br /> Note: In this instance JIRA is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name jira<br /> sudo docker run -d --name=jira -e TZ=Europe/London \<br /> -e ATL_TOMCAT_SCHEME=https -e ATL_TOMCAT_SECURE=true -e ATL_PROXY_NAME=jira.bretts.org -e ATL_PROXY_PORT=443 \<br /> -p 7980:8080 \<br /> -v jira:/var/atlassian/application-data/jira \<br /> --restart unless-stopped \<br /> atlassian/jira-software<br /> <br /> Docker JIRA runs with a uid and gid of 2001. To ensure they show up as a named user in the hosting system you can run:<br /> sudo addgroup --gid 2001 jira-docker<br /> sudo adduser --system --no-create-home --uid 2001 --gid 2001 jira-docker<br /> <br /> ==== Bitbucket====<br /> Note: In this instance Bitbucket is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name bitbucket<br /> sudo docker run -d --name=bitbucket -e TZ=Europe/London \<br /> -e SERVER_SCHEME=https -e SERVER_SECURE=true -e SERVER_PROXY_NAME=bitbucket.bretts.org -e SERVER_PROXY_PORT=443 \<br /> -p 7990:7990 -p 7999:7999 \<br /> -v bitbucket:/var/atlassian/application-data/bitbucket \<br /> --restart unless-stopped \<br /> atlassian/bitbucket-server<br /> <br /> Docker Bitbucket runs with a uid and gid of 2003. To ensure they show up as a named user in the hosting system you can run:<br /> sudo addgroup --gid 2003 bitbucket-docker<br /> sudo adduser --system --no-create-home --uid 2003 --gid 2003 bitbucket-docker<br /> <br /> ==== Bamboo ====<br /> Note: In this instance Bamboo is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name bamboo<br /> sudo docker run -d --name=bamboo -e TZ=Europe/London \<br /> -p 54663:54663 -p 7970:8085 \<br /> -v bamboo:/var/atlassian/application-data/bamboo \<br /> --restart unless-stopped \<br /> atlassian/bamboo-server<br /> <br /> ===== Limitations =====<br /> * Bamboo runs with a uid of 1000, which means it's likely to clash with a real user in the containing host<br /> * Bamboo container doesn't support any reverse proxy configuration, which means hiding it behind nginx is likely to result in broken Application Links. This can be worked around by manually editing /opt/atlassian/bamboo/conf/server.xml, but those changes will be overwritten on every container upgrade.<br /> <br /> == Tips / Fixes ==<br /> <br /> === Tautulli slow to start ===<br /> This may be due to an attempt to chown a large number of files. <br /> Login to the container:<br /> sudo docker exec -it &lt;container&gt; /bin/bash<br /> Disable the chown step by editing &lt;code&gt;/etc/cont-init.d/30-config&lt;/code&gt; and commenting out the chown command.<br /> <br /> === Adding an SSL cert for Unifi ===<br /> sudo openssl pkcs12 -export -inkey /etc/ssl/bretts.org/key.pem -in /etc/ssl/bretts.org/fullchain.pem -out /tmp/cert.p12 -name unifi -password pass:temppass<br /> sudo keytool -importkeystore -deststorepass aircontrolenterprise -destkeypass aircontrolenterprise -destkeystore /var/lib/unifi/data/keystore -srckeystore /tmp/cert.p12 -srcstoretype PKCS12 -srcstorepass temppass -alias unifi -noprompt<br /> sudo docker restart unifi-controller<br /> sudo rm /tmp/cert.p12<br /> <br /> === Local DNS resolution fails on docker 18.09 ===<br /> This may be the result of a bug: https://bugs.launchpad.net/ubuntu/+source/docker.io/+bug/1820278. Normally the container's /etc/resolv.conf should mirror that of the host, but in this case it seems to just be a default version. As a workaround, create /etc/docker/daemon.json with the following contents:<br /> <br /> {<br /> &quot;dns&quot;: [&quot;192.168.1.1&quot;, &quot;8.8.8.8&quot;],<br /> &quot;dns-search&quot;: [&quot;bretts.org&quot;]<br /> }</div> Andrew https://wiki.bretts.org/index.php?title=Docker&diff=8600 Docker 2026-01-22T15:04:17Z <p>Andrew: /* Deluge */</p> <hr /> <div>== Useful Commands ==<br /> <br /> ; docker ps -a: List all containers<br /> ; docker container inspect &lt;container&gt;: Show details of &lt;container&gt;<br /> ; docker logs &lt;container&gt;: Show logs for &lt;container&gt;<br /> ; docker exec -it &lt;container&gt; /bin/bash: Start an interactive shell in &lt;container&gt;<br /> <br /> == Updating container ==<br /> <br /> === Manually ===<br /> sudo docker pull &lt;image&gt;<br /> sudo docker stop &lt;container&gt;<br /> sudo docker rm &lt;container&gt;<br /> &lt;docker run command&gt;<br /> <br /> === Automatically ===<br /> Use portainer, or:<br /> sudo docker run --rm -v /var/run/docker.sock:/var/run/docker.sock taisun/updater --oneshot &lt;container&gt;<br /> <br /> == Containers ==<br /> <br /> === Portainer ===<br /> sudo docker run -d --name portainer \<br /> -p 8000:8000 -p 9443:9443 \<br /> -v /var/run/docker.sock:/var/run/docker.sock -v /var/lib/portainer:/data \<br /> -v /etc/ssl/bretts.org:/certs \<br /> --restart unless-stopped \<br /> portainer/portainer-ce \<br /> --sslcert /certs/fullchain.pem --sslkey /certs/key.pem<br /> <br /> === Plex ===<br /> <br /> Get your claim token: https://www.plex.tv/claim/<br /> <br /> Create the container with the claim token substituted:<br /> sudo docker run -d --name plex --network=host -e PLEX_UID=111 -e PLEX_GID=127 -e TZ=Europe/London -e PLEX_CLAIM=&lt;CLAIM_TOKEN&gt; \<br /> -v /var/lib/plexmediaserver:/config -v /srv:/srv --device=/dev/dri:/dev/dri \<br /> --restart unless-stopped \<br /> plexinc/pms-docker:plexpass<br /> <br /> === Tautulli (Plex Monitoring/Notifications) ===<br /> sudo docker run -d --name tautulli -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 8181:8181 \<br /> -v /var/lib/torrent/tautulli:/config -v /var/lib/plexmediaserver/Library/Logs:/logs \<br /> --restart unless-stopped \<br /> linuxserver/tautulli<br /> <br /> === Jackett (Torrent Gateway) ===<br /> sudo docker run -d --name=jackett -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 9117:9117 \<br /> -v /var/lib/torrent/jackett:/config -v /var/lib/torrent/jackett/downloads:/downloads \<br /> --restart unless-stopped \<br /> linuxserver/jackett<br /> <br /> === FlareSolverr (CloudFlare proxy bypass) ===<br /> sudo docker run -d --name=flaresolverr \<br /> -p 8191:8191 \<br /> -e LOG_LEVEL=info \<br /> --restart unless-stopped \<br /> ghcr.io/flaresolverr/flaresolverr:latest<br /> <br /> === Byparr (Alternative CloudFlare proxy bypass) ===<br /> sudo docker run -d --name=byparr \<br /> -p 8191:8191 \<br /> -e LOG_LEVEL=info \<br /> --restart unless-stopped \<br /> ghcr.io/thephaseless/byparr:latest<br /> <br /> === Deluge ===<br /> sudo docker run -d --name deluge -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> --net=host \<br /> -v /var/lib/torrent/deluged:/config -v /srv/incoming/torrents/deluge:/srv/incoming/torrents/deluge \<br /> -v /etc/ssl/bretts.org:/etc/ssl/bretts.org \<br /> --restart unless-stopped \<br /> linuxserver/deluge<br /> <br /> Since user groups don't seem to apply across the docker boundary, &quot;torrent&quot; will need to be given explicit permission to the private key file via an ACL:<br /> setfacl -m &quot;u:torrent:rw&quot; /etc/ssl/bretts.org/key.pem<br /> <br /> === Radarr (Movie Downloads) ===<br /> Note: torrents and movies should both be under /srv to enable import via hard links<br /> <br /> sudo docker run -d --name radarr -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 7878:7878 \<br /> -v /var/lib/torrent/radarr/config:/config -v /srv:/srv \<br /> --restart unless-stopped \<br /> linuxserver/radarr<br /> <br /> === Sonarr (TV Downloads) ===<br /> Note: torrents and movies should both be under /srv to enable import via hard links<br /> <br /> sudo docker run -d --name=sonarr -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 8989:8989 \<br /> -v /var/lib/torrent/sonarr/config:/config -v /srv:/srv \<br /> --restart unless-stopped \<br /> linuxserver/sonarr<br /> <br /> === Overseerr (Media Requests) ===<br /> sudo docker run -d --name overseerr --user=127:138 -e LOG_LEVEL=debug -e TZ=Europe/London \<br /> -e PORT=5055 `#optional` \<br /> -p 5055:5055 \<br /> -v /var/lib/torrent/overseerr:/app/config \<br /> --restart unless-stopped \<br /> sctx/overseerr<br /> <br /> === Unifi ===<br /> sudo docker run -d --name=unifi-controller -e PUID=140 -e PGID=150 \<br /> -p 3478:3478/udp -p 10001:10001/udp -p 18080:18080 -p 18081:18081 -p 18443:18443 -p 18880:18880 -p 6789:6789 \<br /> -v /var/lib/unifi:/config \<br /> --restart unless-stopped \<br /> linuxserver/unifi-controller<br /> <br /> === Home-Assistant (as part of host network) ===<br /> sudo docker run -d --name=home-assistant -e TZ=Europe/London \<br /> --net=host \<br /> -v /var/lib/home-assistant/config:/config -v /srv:/media -v /etc/ssl/bretts.org:/etc/ssl/bretts.org -v /var/www/html/arlo-snapshots:/arlo-snapshots \<br /> --restart unless-stopped \<br /> homeassistant/home-assistant<br /> <br /> === Stash ===<br /> sudo docker run -d --name stash \<br /> -e STASH_GENERATED=/generated/ -e STASH_METADATA=/metadata/ -e STASH_CACHE=/cache/ \<br /> -e STASH_STASH=/data/ \<br /> -p 9999:9999 \<br /> -v /var/lib/stash:/root/.stash -v /var/lib/stash/metadata:/metadata -v /var/lib/stash/cache:/cache -v /var/lib/stash/blobs:/blobs -v /var/lib/stash/generated:/generated \<br /> -v /var/lib/stash/data:/data -v /srv/porn:/srv/porn -v /srv/incoming/torrents/deluge/porn:/srv/incoming/torrents/deluge/porn \<br /> -v /etc/localtime:/etc/localtime:ro \<br /> --restart unless-stopped \<br /> stashapp/stash<br /> <br /> === Bedrock Connect ===<br /> sudo docker run -d --name bedrock-connect \<br /> -e NODB=true \<br /> -p 19132:19132/udp \<br /> -v /var/lib/minecraft/bedrock-connect:/app/config \<br /> --restart unless-stopped \<br /> strausmann/minecraft-bedrock-connect<br /> <br /> === Minecraft Servers ===<br /> sudo docker run -d --name brettopia \<br /> -e EULA=TRUE -e SERVER_PORT=19142 \<br /> -p 19142:19142/udp \<br /> -v /var/lib/minecraft/brettopia:/data \<br /> --restart unless-stopped \<br /> itzg/minecraft-bedrock-server<br /> <br /> sudo docker run -d --name brettropolis \<br /> -e EULA=TRUE -e SERVER_PORT=19152 \<br /> -p 19152:19152/udp \<br /> -v /var/lib/minecraft/brettropolis:/data \<br /> --restart unless-stopped \<br /> itzg/minecraft-bedrock-server<br /> <br /> === Atlassian ===<br /> <br /> ==== JIRA ====<br /> Note: In this instance JIRA is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name jira<br /> sudo docker run -d --name=jira -e TZ=Europe/London \<br /> -e ATL_TOMCAT_SCHEME=https -e ATL_TOMCAT_SECURE=true -e ATL_PROXY_NAME=jira.bretts.org -e ATL_PROXY_PORT=443 \<br /> -p 7980:8080 \<br /> -v jira:/var/atlassian/application-data/jira \<br /> --restart unless-stopped \<br /> atlassian/jira-software<br /> <br /> Docker JIRA runs with a uid and gid of 2001. To ensure they show up as a named user in the hosting system you can run:<br /> sudo addgroup --gid 2001 jira-docker<br /> sudo adduser --system --no-create-home --uid 2001 --gid 2001 jira-docker<br /> <br /> ==== Bitbucket====<br /> Note: In this instance Bitbucket is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name bitbucket<br /> sudo docker run -d --name=bitbucket -e TZ=Europe/London \<br /> -e SERVER_SCHEME=https -e SERVER_SECURE=true -e SERVER_PROXY_NAME=bitbucket.bretts.org -e SERVER_PROXY_PORT=443 \<br /> -p 7990:7990 -p 7999:7999 \<br /> -v bitbucket:/var/atlassian/application-data/bitbucket \<br /> --restart unless-stopped \<br /> atlassian/bitbucket-server<br /> <br /> Docker Bitbucket runs with a uid and gid of 2003. To ensure they show up as a named user in the hosting system you can run:<br /> sudo addgroup --gid 2003 bitbucket-docker<br /> sudo adduser --system --no-create-home --uid 2003 --gid 2003 bitbucket-docker<br /> <br /> ==== Bamboo ====<br /> Note: In this instance Bamboo is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name bamboo<br /> sudo docker run -d --name=bamboo -e TZ=Europe/London \<br /> -p 54663:54663 -p 7970:8085 \<br /> -v bamboo:/var/atlassian/application-data/bamboo \<br /> --restart unless-stopped \<br /> atlassian/bamboo-server<br /> <br /> ===== Limitations =====<br /> * Bamboo runs with a uid of 1000, which means it's likely to clash with a real user in the containing host<br /> * Bamboo container doesn't support any reverse proxy configuration, which means hiding it behind nginx is likely to result in broken Application Links. This can be worked around by manually editing /opt/atlassian/bamboo/conf/server.xml, but those changes will be overwritten on every container upgrade.<br /> <br /> == Tips / Fixes ==<br /> <br /> === Tautulli slow to start ===<br /> This may be due to an attempt to chown a large number of files. <br /> Login to the container:<br /> sudo docker exec -it &lt;container&gt; /bin/bash<br /> Disable the chown step by editing &lt;code&gt;/etc/cont-init.d/30-config&lt;/code&gt; and commenting out the chown command.<br /> <br /> === Adding an SSL cert for Unifi ===<br /> sudo openssl pkcs12 -export -inkey /etc/ssl/bretts.org/key.pem -in /etc/ssl/bretts.org/fullchain.pem -out /tmp/cert.p12 -name unifi -password pass:temppass<br /> sudo keytool -importkeystore -deststorepass aircontrolenterprise -destkeypass aircontrolenterprise -destkeystore /var/lib/unifi/data/keystore -srckeystore /tmp/cert.p12 -srcstoretype PKCS12 -srcstorepass temppass -alias unifi -noprompt<br /> sudo docker restart unifi-controller<br /> sudo rm /tmp/cert.p12<br /> <br /> === Local DNS resolution fails on docker 18.09 ===<br /> This may be the result of a bug: https://bugs.launchpad.net/ubuntu/+source/docker.io/+bug/1820278. Normally the container's /etc/resolv.conf should mirror that of the host, but in this case it seems to just be a default version. As a workaround, create /etc/docker/daemon.json with the following contents:<br /> <br /> {<br /> &quot;dns&quot;: [&quot;192.168.1.1&quot;, &quot;8.8.8.8&quot;],<br /> &quot;dns-search&quot;: [&quot;bretts.org&quot;]<br /> }</div> Andrew https://wiki.bretts.org/index.php?title=Docker&diff=8599 Docker 2026-01-22T15:04:00Z <p>Andrew: /* Jackett (Torrent Gateway) */</p> <hr /> <div>== Useful Commands ==<br /> <br /> ; docker ps -a: List all containers<br /> ; docker container inspect &lt;container&gt;: Show details of &lt;container&gt;<br /> ; docker logs &lt;container&gt;: Show logs for &lt;container&gt;<br /> ; docker exec -it &lt;container&gt; /bin/bash: Start an interactive shell in &lt;container&gt;<br /> <br /> == Updating container ==<br /> <br /> === Manually ===<br /> sudo docker pull &lt;image&gt;<br /> sudo docker stop &lt;container&gt;<br /> sudo docker rm &lt;container&gt;<br /> &lt;docker run command&gt;<br /> <br /> === Automatically ===<br /> Use portainer, or:<br /> sudo docker run --rm -v /var/run/docker.sock:/var/run/docker.sock taisun/updater --oneshot &lt;container&gt;<br /> <br /> == Containers ==<br /> <br /> === Portainer ===<br /> sudo docker run -d --name portainer \<br /> -p 8000:8000 -p 9443:9443 \<br /> -v /var/run/docker.sock:/var/run/docker.sock -v /var/lib/portainer:/data \<br /> -v /etc/ssl/bretts.org:/certs \<br /> --restart unless-stopped \<br /> portainer/portainer-ce \<br /> --sslcert /certs/fullchain.pem --sslkey /certs/key.pem<br /> <br /> === Plex ===<br /> <br /> Get your claim token: https://www.plex.tv/claim/<br /> <br /> Create the container with the claim token substituted:<br /> sudo docker run -d --name plex --network=host -e PLEX_UID=111 -e PLEX_GID=127 -e TZ=Europe/London -e PLEX_CLAIM=&lt;CLAIM_TOKEN&gt; \<br /> -v /var/lib/plexmediaserver:/config -v /srv:/srv --device=/dev/dri:/dev/dri \<br /> --restart unless-stopped \<br /> plexinc/pms-docker:plexpass<br /> <br /> === Tautulli (Plex Monitoring/Notifications) ===<br /> sudo docker run -d --name tautulli -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 8181:8181 \<br /> -v /var/lib/torrent/tautulli:/config -v /var/lib/plexmediaserver/Library/Logs:/logs \<br /> --restart unless-stopped \<br /> linuxserver/tautulli<br /> <br /> === Jackett (Torrent Gateway) ===<br /> sudo docker run -d --name=jackett -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 9117:9117 \<br /> -v /var/lib/torrent/jackett:/config -v /var/lib/torrent/jackett/downloads:/downloads \<br /> --restart unless-stopped \<br /> linuxserver/jackett<br /> <br /> === FlareSolverr (CloudFlare proxy bypass) ===<br /> sudo docker run -d --name=flaresolverr \<br /> -p 8191:8191 \<br /> -e LOG_LEVEL=info \<br /> --restart unless-stopped \<br /> ghcr.io/flaresolverr/flaresolverr:latest<br /> <br /> === Byparr (Alternative CloudFlare proxy bypass) ===<br /> sudo docker run -d --name=byparr \<br /> -p 8191:8191 \<br /> -e LOG_LEVEL=info \<br /> --restart unless-stopped \<br /> ghcr.io/thephaseless/byparr:latest<br /> <br /> === Deluge ===<br /> sudo docker run -d --name deluge -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> --net=host \<br /> -v /var/lib/torrent/deluged/config:/config -v /srv/incoming/torrents/deluge:/srv/incoming/torrents/deluge \<br /> -v /etc/ssl/bretts.org:/etc/ssl/bretts.org \<br /> --restart unless-stopped \<br /> linuxserver/deluge<br /> <br /> Since user groups don't seem to apply across the docker boundary, &quot;torrent&quot; will need to be given explicit permission to the private key file via an ACL:<br /> setfacl -m &quot;u:torrent:rw&quot; /etc/ssl/bretts.org/key.pem<br /> <br /> === Radarr (Movie Downloads) ===<br /> Note: torrents and movies should both be under /srv to enable import via hard links<br /> <br /> sudo docker run -d --name radarr -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 7878:7878 \<br /> -v /var/lib/torrent/radarr/config:/config -v /srv:/srv \<br /> --restart unless-stopped \<br /> linuxserver/radarr<br /> <br /> === Sonarr (TV Downloads) ===<br /> Note: torrents and movies should both be under /srv to enable import via hard links<br /> <br /> sudo docker run -d --name=sonarr -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 8989:8989 \<br /> -v /var/lib/torrent/sonarr/config:/config -v /srv:/srv \<br /> --restart unless-stopped \<br /> linuxserver/sonarr<br /> <br /> === Overseerr (Media Requests) ===<br /> sudo docker run -d --name overseerr --user=127:138 -e LOG_LEVEL=debug -e TZ=Europe/London \<br /> -e PORT=5055 `#optional` \<br /> -p 5055:5055 \<br /> -v /var/lib/torrent/overseerr:/app/config \<br /> --restart unless-stopped \<br /> sctx/overseerr<br /> <br /> === Unifi ===<br /> sudo docker run -d --name=unifi-controller -e PUID=140 -e PGID=150 \<br /> -p 3478:3478/udp -p 10001:10001/udp -p 18080:18080 -p 18081:18081 -p 18443:18443 -p 18880:18880 -p 6789:6789 \<br /> -v /var/lib/unifi:/config \<br /> --restart unless-stopped \<br /> linuxserver/unifi-controller<br /> <br /> === Home-Assistant (as part of host network) ===<br /> sudo docker run -d --name=home-assistant -e TZ=Europe/London \<br /> --net=host \<br /> -v /var/lib/home-assistant/config:/config -v /srv:/media -v /etc/ssl/bretts.org:/etc/ssl/bretts.org -v /var/www/html/arlo-snapshots:/arlo-snapshots \<br /> --restart unless-stopped \<br /> homeassistant/home-assistant<br /> <br /> === Stash ===<br /> sudo docker run -d --name stash \<br /> -e STASH_GENERATED=/generated/ -e STASH_METADATA=/metadata/ -e STASH_CACHE=/cache/ \<br /> -e STASH_STASH=/data/ \<br /> -p 9999:9999 \<br /> -v /var/lib/stash:/root/.stash -v /var/lib/stash/metadata:/metadata -v /var/lib/stash/cache:/cache -v /var/lib/stash/blobs:/blobs -v /var/lib/stash/generated:/generated \<br /> -v /var/lib/stash/data:/data -v /srv/porn:/srv/porn -v /srv/incoming/torrents/deluge/porn:/srv/incoming/torrents/deluge/porn \<br /> -v /etc/localtime:/etc/localtime:ro \<br /> --restart unless-stopped \<br /> stashapp/stash<br /> <br /> === Bedrock Connect ===<br /> sudo docker run -d --name bedrock-connect \<br /> -e NODB=true \<br /> -p 19132:19132/udp \<br /> -v /var/lib/minecraft/bedrock-connect:/app/config \<br /> --restart unless-stopped \<br /> strausmann/minecraft-bedrock-connect<br /> <br /> === Minecraft Servers ===<br /> sudo docker run -d --name brettopia \<br /> -e EULA=TRUE -e SERVER_PORT=19142 \<br /> -p 19142:19142/udp \<br /> -v /var/lib/minecraft/brettopia:/data \<br /> --restart unless-stopped \<br /> itzg/minecraft-bedrock-server<br /> <br /> sudo docker run -d --name brettropolis \<br /> -e EULA=TRUE -e SERVER_PORT=19152 \<br /> -p 19152:19152/udp \<br /> -v /var/lib/minecraft/brettropolis:/data \<br /> --restart unless-stopped \<br /> itzg/minecraft-bedrock-server<br /> <br /> === Atlassian ===<br /> <br /> ==== JIRA ====<br /> Note: In this instance JIRA is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name jira<br /> sudo docker run -d --name=jira -e TZ=Europe/London \<br /> -e ATL_TOMCAT_SCHEME=https -e ATL_TOMCAT_SECURE=true -e ATL_PROXY_NAME=jira.bretts.org -e ATL_PROXY_PORT=443 \<br /> -p 7980:8080 \<br /> -v jira:/var/atlassian/application-data/jira \<br /> --restart unless-stopped \<br /> atlassian/jira-software<br /> <br /> Docker JIRA runs with a uid and gid of 2001. To ensure they show up as a named user in the hosting system you can run:<br /> sudo addgroup --gid 2001 jira-docker<br /> sudo adduser --system --no-create-home --uid 2001 --gid 2001 jira-docker<br /> <br /> ==== Bitbucket====<br /> Note: In this instance Bitbucket is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name bitbucket<br /> sudo docker run -d --name=bitbucket -e TZ=Europe/London \<br /> -e SERVER_SCHEME=https -e SERVER_SECURE=true -e SERVER_PROXY_NAME=bitbucket.bretts.org -e SERVER_PROXY_PORT=443 \<br /> -p 7990:7990 -p 7999:7999 \<br /> -v bitbucket:/var/atlassian/application-data/bitbucket \<br /> --restart unless-stopped \<br /> atlassian/bitbucket-server<br /> <br /> Docker Bitbucket runs with a uid and gid of 2003. To ensure they show up as a named user in the hosting system you can run:<br /> sudo addgroup --gid 2003 bitbucket-docker<br /> sudo adduser --system --no-create-home --uid 2003 --gid 2003 bitbucket-docker<br /> <br /> ==== Bamboo ====<br /> Note: In this instance Bamboo is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name bamboo<br /> sudo docker run -d --name=bamboo -e TZ=Europe/London \<br /> -p 54663:54663 -p 7970:8085 \<br /> -v bamboo:/var/atlassian/application-data/bamboo \<br /> --restart unless-stopped \<br /> atlassian/bamboo-server<br /> <br /> ===== Limitations =====<br /> * Bamboo runs with a uid of 1000, which means it's likely to clash with a real user in the containing host<br /> * Bamboo container doesn't support any reverse proxy configuration, which means hiding it behind nginx is likely to result in broken Application Links. This can be worked around by manually editing /opt/atlassian/bamboo/conf/server.xml, but those changes will be overwritten on every container upgrade.<br /> <br /> == Tips / Fixes ==<br /> <br /> === Tautulli slow to start ===<br /> This may be due to an attempt to chown a large number of files. <br /> Login to the container:<br /> sudo docker exec -it &lt;container&gt; /bin/bash<br /> Disable the chown step by editing &lt;code&gt;/etc/cont-init.d/30-config&lt;/code&gt; and commenting out the chown command.<br /> <br /> === Adding an SSL cert for Unifi ===<br /> sudo openssl pkcs12 -export -inkey /etc/ssl/bretts.org/key.pem -in /etc/ssl/bretts.org/fullchain.pem -out /tmp/cert.p12 -name unifi -password pass:temppass<br /> sudo keytool -importkeystore -deststorepass aircontrolenterprise -destkeypass aircontrolenterprise -destkeystore /var/lib/unifi/data/keystore -srckeystore /tmp/cert.p12 -srcstoretype PKCS12 -srcstorepass temppass -alias unifi -noprompt<br /> sudo docker restart unifi-controller<br /> sudo rm /tmp/cert.p12<br /> <br /> === Local DNS resolution fails on docker 18.09 ===<br /> This may be the result of a bug: https://bugs.launchpad.net/ubuntu/+source/docker.io/+bug/1820278. Normally the container's /etc/resolv.conf should mirror that of the host, but in this case it seems to just be a default version. As a workaround, create /etc/docker/daemon.json with the following contents:<br /> <br /> {<br /> &quot;dns&quot;: [&quot;192.168.1.1&quot;, &quot;8.8.8.8&quot;],<br /> &quot;dns-search&quot;: [&quot;bretts.org&quot;]<br /> }</div> Andrew https://wiki.bretts.org/index.php?title=Docker&diff=8598 Docker 2026-01-22T15:03:52Z <p>Andrew: /* Tautulli (Plex Monitoring/Notifications) */</p> <hr /> <div>== Useful Commands ==<br /> <br /> ; docker ps -a: List all containers<br /> ; docker container inspect &lt;container&gt;: Show details of &lt;container&gt;<br /> ; docker logs &lt;container&gt;: Show logs for &lt;container&gt;<br /> ; docker exec -it &lt;container&gt; /bin/bash: Start an interactive shell in &lt;container&gt;<br /> <br /> == Updating container ==<br /> <br /> === Manually ===<br /> sudo docker pull &lt;image&gt;<br /> sudo docker stop &lt;container&gt;<br /> sudo docker rm &lt;container&gt;<br /> &lt;docker run command&gt;<br /> <br /> === Automatically ===<br /> Use portainer, or:<br /> sudo docker run --rm -v /var/run/docker.sock:/var/run/docker.sock taisun/updater --oneshot &lt;container&gt;<br /> <br /> == Containers ==<br /> <br /> === Portainer ===<br /> sudo docker run -d --name portainer \<br /> -p 8000:8000 -p 9443:9443 \<br /> -v /var/run/docker.sock:/var/run/docker.sock -v /var/lib/portainer:/data \<br /> -v /etc/ssl/bretts.org:/certs \<br /> --restart unless-stopped \<br /> portainer/portainer-ce \<br /> --sslcert /certs/fullchain.pem --sslkey /certs/key.pem<br /> <br /> === Plex ===<br /> <br /> Get your claim token: https://www.plex.tv/claim/<br /> <br /> Create the container with the claim token substituted:<br /> sudo docker run -d --name plex --network=host -e PLEX_UID=111 -e PLEX_GID=127 -e TZ=Europe/London -e PLEX_CLAIM=&lt;CLAIM_TOKEN&gt; \<br /> -v /var/lib/plexmediaserver:/config -v /srv:/srv --device=/dev/dri:/dev/dri \<br /> --restart unless-stopped \<br /> plexinc/pms-docker:plexpass<br /> <br /> === Tautulli (Plex Monitoring/Notifications) ===<br /> sudo docker run -d --name tautulli -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 8181:8181 \<br /> -v /var/lib/torrent/tautulli:/config -v /var/lib/plexmediaserver/Library/Logs:/logs \<br /> --restart unless-stopped \<br /> linuxserver/tautulli<br /> <br /> === Jackett (Torrent Gateway) ===<br /> sudo docker run -d --name=jackett -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 9117:9117 \<br /> -v /var/lib/torrent/jackett/config:/config -v /var/lib/torrent/jackett/downloads:/downloads \<br /> --restart unless-stopped \<br /> linuxserver/jackett<br /> <br /> === FlareSolverr (CloudFlare proxy bypass) ===<br /> sudo docker run -d --name=flaresolverr \<br /> -p 8191:8191 \<br /> -e LOG_LEVEL=info \<br /> --restart unless-stopped \<br /> ghcr.io/flaresolverr/flaresolverr:latest<br /> <br /> === Byparr (Alternative CloudFlare proxy bypass) ===<br /> sudo docker run -d --name=byparr \<br /> -p 8191:8191 \<br /> -e LOG_LEVEL=info \<br /> --restart unless-stopped \<br /> ghcr.io/thephaseless/byparr:latest<br /> <br /> === Deluge ===<br /> sudo docker run -d --name deluge -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> --net=host \<br /> -v /var/lib/torrent/deluged/config:/config -v /srv/incoming/torrents/deluge:/srv/incoming/torrents/deluge \<br /> -v /etc/ssl/bretts.org:/etc/ssl/bretts.org \<br /> --restart unless-stopped \<br /> linuxserver/deluge<br /> <br /> Since user groups don't seem to apply across the docker boundary, &quot;torrent&quot; will need to be given explicit permission to the private key file via an ACL:<br /> setfacl -m &quot;u:torrent:rw&quot; /etc/ssl/bretts.org/key.pem<br /> <br /> === Radarr (Movie Downloads) ===<br /> Note: torrents and movies should both be under /srv to enable import via hard links<br /> <br /> sudo docker run -d --name radarr -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 7878:7878 \<br /> -v /var/lib/torrent/radarr/config:/config -v /srv:/srv \<br /> --restart unless-stopped \<br /> linuxserver/radarr<br /> <br /> === Sonarr (TV Downloads) ===<br /> Note: torrents and movies should both be under /srv to enable import via hard links<br /> <br /> sudo docker run -d --name=sonarr -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 8989:8989 \<br /> -v /var/lib/torrent/sonarr/config:/config -v /srv:/srv \<br /> --restart unless-stopped \<br /> linuxserver/sonarr<br /> <br /> === Overseerr (Media Requests) ===<br /> sudo docker run -d --name overseerr --user=127:138 -e LOG_LEVEL=debug -e TZ=Europe/London \<br /> -e PORT=5055 `#optional` \<br /> -p 5055:5055 \<br /> -v /var/lib/torrent/overseerr:/app/config \<br /> --restart unless-stopped \<br /> sctx/overseerr<br /> <br /> === Unifi ===<br /> sudo docker run -d --name=unifi-controller -e PUID=140 -e PGID=150 \<br /> -p 3478:3478/udp -p 10001:10001/udp -p 18080:18080 -p 18081:18081 -p 18443:18443 -p 18880:18880 -p 6789:6789 \<br /> -v /var/lib/unifi:/config \<br /> --restart unless-stopped \<br /> linuxserver/unifi-controller<br /> <br /> === Home-Assistant (as part of host network) ===<br /> sudo docker run -d --name=home-assistant -e TZ=Europe/London \<br /> --net=host \<br /> -v /var/lib/home-assistant/config:/config -v /srv:/media -v /etc/ssl/bretts.org:/etc/ssl/bretts.org -v /var/www/html/arlo-snapshots:/arlo-snapshots \<br /> --restart unless-stopped \<br /> homeassistant/home-assistant<br /> <br /> === Stash ===<br /> sudo docker run -d --name stash \<br /> -e STASH_GENERATED=/generated/ -e STASH_METADATA=/metadata/ -e STASH_CACHE=/cache/ \<br /> -e STASH_STASH=/data/ \<br /> -p 9999:9999 \<br /> -v /var/lib/stash:/root/.stash -v /var/lib/stash/metadata:/metadata -v /var/lib/stash/cache:/cache -v /var/lib/stash/blobs:/blobs -v /var/lib/stash/generated:/generated \<br /> -v /var/lib/stash/data:/data -v /srv/porn:/srv/porn -v /srv/incoming/torrents/deluge/porn:/srv/incoming/torrents/deluge/porn \<br /> -v /etc/localtime:/etc/localtime:ro \<br /> --restart unless-stopped \<br /> stashapp/stash<br /> <br /> === Bedrock Connect ===<br /> sudo docker run -d --name bedrock-connect \<br /> -e NODB=true \<br /> -p 19132:19132/udp \<br /> -v /var/lib/minecraft/bedrock-connect:/app/config \<br /> --restart unless-stopped \<br /> strausmann/minecraft-bedrock-connect<br /> <br /> === Minecraft Servers ===<br /> sudo docker run -d --name brettopia \<br /> -e EULA=TRUE -e SERVER_PORT=19142 \<br /> -p 19142:19142/udp \<br /> -v /var/lib/minecraft/brettopia:/data \<br /> --restart unless-stopped \<br /> itzg/minecraft-bedrock-server<br /> <br /> sudo docker run -d --name brettropolis \<br /> -e EULA=TRUE -e SERVER_PORT=19152 \<br /> -p 19152:19152/udp \<br /> -v /var/lib/minecraft/brettropolis:/data \<br /> --restart unless-stopped \<br /> itzg/minecraft-bedrock-server<br /> <br /> === Atlassian ===<br /> <br /> ==== JIRA ====<br /> Note: In this instance JIRA is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name jira<br /> sudo docker run -d --name=jira -e TZ=Europe/London \<br /> -e ATL_TOMCAT_SCHEME=https -e ATL_TOMCAT_SECURE=true -e ATL_PROXY_NAME=jira.bretts.org -e ATL_PROXY_PORT=443 \<br /> -p 7980:8080 \<br /> -v jira:/var/atlassian/application-data/jira \<br /> --restart unless-stopped \<br /> atlassian/jira-software<br /> <br /> Docker JIRA runs with a uid and gid of 2001. To ensure they show up as a named user in the hosting system you can run:<br /> sudo addgroup --gid 2001 jira-docker<br /> sudo adduser --system --no-create-home --uid 2001 --gid 2001 jira-docker<br /> <br /> ==== Bitbucket====<br /> Note: In this instance Bitbucket is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name bitbucket<br /> sudo docker run -d --name=bitbucket -e TZ=Europe/London \<br /> -e SERVER_SCHEME=https -e SERVER_SECURE=true -e SERVER_PROXY_NAME=bitbucket.bretts.org -e SERVER_PROXY_PORT=443 \<br /> -p 7990:7990 -p 7999:7999 \<br /> -v bitbucket:/var/atlassian/application-data/bitbucket \<br /> --restart unless-stopped \<br /> atlassian/bitbucket-server<br /> <br /> Docker Bitbucket runs with a uid and gid of 2003. To ensure they show up as a named user in the hosting system you can run:<br /> sudo addgroup --gid 2003 bitbucket-docker<br /> sudo adduser --system --no-create-home --uid 2003 --gid 2003 bitbucket-docker<br /> <br /> ==== Bamboo ====<br /> Note: In this instance Bamboo is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name bamboo<br /> sudo docker run -d --name=bamboo -e TZ=Europe/London \<br /> -p 54663:54663 -p 7970:8085 \<br /> -v bamboo:/var/atlassian/application-data/bamboo \<br /> --restart unless-stopped \<br /> atlassian/bamboo-server<br /> <br /> ===== Limitations =====<br /> * Bamboo runs with a uid of 1000, which means it's likely to clash with a real user in the containing host<br /> * Bamboo container doesn't support any reverse proxy configuration, which means hiding it behind nginx is likely to result in broken Application Links. This can be worked around by manually editing /opt/atlassian/bamboo/conf/server.xml, but those changes will be overwritten on every container upgrade.<br /> <br /> == Tips / Fixes ==<br /> <br /> === Tautulli slow to start ===<br /> This may be due to an attempt to chown a large number of files. <br /> Login to the container:<br /> sudo docker exec -it &lt;container&gt; /bin/bash<br /> Disable the chown step by editing &lt;code&gt;/etc/cont-init.d/30-config&lt;/code&gt; and commenting out the chown command.<br /> <br /> === Adding an SSL cert for Unifi ===<br /> sudo openssl pkcs12 -export -inkey /etc/ssl/bretts.org/key.pem -in /etc/ssl/bretts.org/fullchain.pem -out /tmp/cert.p12 -name unifi -password pass:temppass<br /> sudo keytool -importkeystore -deststorepass aircontrolenterprise -destkeypass aircontrolenterprise -destkeystore /var/lib/unifi/data/keystore -srckeystore /tmp/cert.p12 -srcstoretype PKCS12 -srcstorepass temppass -alias unifi -noprompt<br /> sudo docker restart unifi-controller<br /> sudo rm /tmp/cert.p12<br /> <br /> === Local DNS resolution fails on docker 18.09 ===<br /> This may be the result of a bug: https://bugs.launchpad.net/ubuntu/+source/docker.io/+bug/1820278. Normally the container's /etc/resolv.conf should mirror that of the host, but in this case it seems to just be a default version. As a workaround, create /etc/docker/daemon.json with the following contents:<br /> <br /> {<br /> &quot;dns&quot;: [&quot;192.168.1.1&quot;, &quot;8.8.8.8&quot;],<br /> &quot;dns-search&quot;: [&quot;bretts.org&quot;]<br /> }</div> Andrew https://wiki.bretts.org/index.php?title=Docker&diff=8597 Docker 2026-01-22T15:03:35Z <p>Andrew: /* Overseerr (Media Requests) */</p> <hr /> <div>== Useful Commands ==<br /> <br /> ; docker ps -a: List all containers<br /> ; docker container inspect &lt;container&gt;: Show details of &lt;container&gt;<br /> ; docker logs &lt;container&gt;: Show logs for &lt;container&gt;<br /> ; docker exec -it &lt;container&gt; /bin/bash: Start an interactive shell in &lt;container&gt;<br /> <br /> == Updating container ==<br /> <br /> === Manually ===<br /> sudo docker pull &lt;image&gt;<br /> sudo docker stop &lt;container&gt;<br /> sudo docker rm &lt;container&gt;<br /> &lt;docker run command&gt;<br /> <br /> === Automatically ===<br /> Use portainer, or:<br /> sudo docker run --rm -v /var/run/docker.sock:/var/run/docker.sock taisun/updater --oneshot &lt;container&gt;<br /> <br /> == Containers ==<br /> <br /> === Portainer ===<br /> sudo docker run -d --name portainer \<br /> -p 8000:8000 -p 9443:9443 \<br /> -v /var/run/docker.sock:/var/run/docker.sock -v /var/lib/portainer:/data \<br /> -v /etc/ssl/bretts.org:/certs \<br /> --restart unless-stopped \<br /> portainer/portainer-ce \<br /> --sslcert /certs/fullchain.pem --sslkey /certs/key.pem<br /> <br /> === Plex ===<br /> <br /> Get your claim token: https://www.plex.tv/claim/<br /> <br /> Create the container with the claim token substituted:<br /> sudo docker run -d --name plex --network=host -e PLEX_UID=111 -e PLEX_GID=127 -e TZ=Europe/London -e PLEX_CLAIM=&lt;CLAIM_TOKEN&gt; \<br /> -v /var/lib/plexmediaserver:/config -v /srv:/srv --device=/dev/dri:/dev/dri \<br /> --restart unless-stopped \<br /> plexinc/pms-docker:plexpass<br /> <br /> === Tautulli (Plex Monitoring/Notifications) ===<br /> sudo docker run -d --name tautulli -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 8181:8181 \<br /> -v /var/lib/torrent/tautulli/config:/config -v /var/lib/plexmediaserver/Library/Logs:/logs \<br /> --restart unless-stopped \<br /> linuxserver/tautulli<br /> <br /> === Jackett (Torrent Gateway) ===<br /> sudo docker run -d --name=jackett -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 9117:9117 \<br /> -v /var/lib/torrent/jackett/config:/config -v /var/lib/torrent/jackett/downloads:/downloads \<br /> --restart unless-stopped \<br /> linuxserver/jackett<br /> <br /> === FlareSolverr (CloudFlare proxy bypass) ===<br /> sudo docker run -d --name=flaresolverr \<br /> -p 8191:8191 \<br /> -e LOG_LEVEL=info \<br /> --restart unless-stopped \<br /> ghcr.io/flaresolverr/flaresolverr:latest<br /> <br /> === Byparr (Alternative CloudFlare proxy bypass) ===<br /> sudo docker run -d --name=byparr \<br /> -p 8191:8191 \<br /> -e LOG_LEVEL=info \<br /> --restart unless-stopped \<br /> ghcr.io/thephaseless/byparr:latest<br /> <br /> === Deluge ===<br /> sudo docker run -d --name deluge -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> --net=host \<br /> -v /var/lib/torrent/deluged/config:/config -v /srv/incoming/torrents/deluge:/srv/incoming/torrents/deluge \<br /> -v /etc/ssl/bretts.org:/etc/ssl/bretts.org \<br /> --restart unless-stopped \<br /> linuxserver/deluge<br /> <br /> Since user groups don't seem to apply across the docker boundary, &quot;torrent&quot; will need to be given explicit permission to the private key file via an ACL:<br /> setfacl -m &quot;u:torrent:rw&quot; /etc/ssl/bretts.org/key.pem<br /> <br /> === Radarr (Movie Downloads) ===<br /> Note: torrents and movies should both be under /srv to enable import via hard links<br /> <br /> sudo docker run -d --name radarr -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 7878:7878 \<br /> -v /var/lib/torrent/radarr/config:/config -v /srv:/srv \<br /> --restart unless-stopped \<br /> linuxserver/radarr<br /> <br /> === Sonarr (TV Downloads) ===<br /> Note: torrents and movies should both be under /srv to enable import via hard links<br /> <br /> sudo docker run -d --name=sonarr -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 8989:8989 \<br /> -v /var/lib/torrent/sonarr/config:/config -v /srv:/srv \<br /> --restart unless-stopped \<br /> linuxserver/sonarr<br /> <br /> === Overseerr (Media Requests) ===<br /> sudo docker run -d --name overseerr --user=127:138 -e LOG_LEVEL=debug -e TZ=Europe/London \<br /> -e PORT=5055 `#optional` \<br /> -p 5055:5055 \<br /> -v /var/lib/torrent/overseerr:/app/config \<br /> --restart unless-stopped \<br /> sctx/overseerr<br /> <br /> === Unifi ===<br /> sudo docker run -d --name=unifi-controller -e PUID=140 -e PGID=150 \<br /> -p 3478:3478/udp -p 10001:10001/udp -p 18080:18080 -p 18081:18081 -p 18443:18443 -p 18880:18880 -p 6789:6789 \<br /> -v /var/lib/unifi:/config \<br /> --restart unless-stopped \<br /> linuxserver/unifi-controller<br /> <br /> === Home-Assistant (as part of host network) ===<br /> sudo docker run -d --name=home-assistant -e TZ=Europe/London \<br /> --net=host \<br /> -v /var/lib/home-assistant/config:/config -v /srv:/media -v /etc/ssl/bretts.org:/etc/ssl/bretts.org -v /var/www/html/arlo-snapshots:/arlo-snapshots \<br /> --restart unless-stopped \<br /> homeassistant/home-assistant<br /> <br /> === Stash ===<br /> sudo docker run -d --name stash \<br /> -e STASH_GENERATED=/generated/ -e STASH_METADATA=/metadata/ -e STASH_CACHE=/cache/ \<br /> -e STASH_STASH=/data/ \<br /> -p 9999:9999 \<br /> -v /var/lib/stash:/root/.stash -v /var/lib/stash/metadata:/metadata -v /var/lib/stash/cache:/cache -v /var/lib/stash/blobs:/blobs -v /var/lib/stash/generated:/generated \<br /> -v /var/lib/stash/data:/data -v /srv/porn:/srv/porn -v /srv/incoming/torrents/deluge/porn:/srv/incoming/torrents/deluge/porn \<br /> -v /etc/localtime:/etc/localtime:ro \<br /> --restart unless-stopped \<br /> stashapp/stash<br /> <br /> === Bedrock Connect ===<br /> sudo docker run -d --name bedrock-connect \<br /> -e NODB=true \<br /> -p 19132:19132/udp \<br /> -v /var/lib/minecraft/bedrock-connect:/app/config \<br /> --restart unless-stopped \<br /> strausmann/minecraft-bedrock-connect<br /> <br /> === Minecraft Servers ===<br /> sudo docker run -d --name brettopia \<br /> -e EULA=TRUE -e SERVER_PORT=19142 \<br /> -p 19142:19142/udp \<br /> -v /var/lib/minecraft/brettopia:/data \<br /> --restart unless-stopped \<br /> itzg/minecraft-bedrock-server<br /> <br /> sudo docker run -d --name brettropolis \<br /> -e EULA=TRUE -e SERVER_PORT=19152 \<br /> -p 19152:19152/udp \<br /> -v /var/lib/minecraft/brettropolis:/data \<br /> --restart unless-stopped \<br /> itzg/minecraft-bedrock-server<br /> <br /> === Atlassian ===<br /> <br /> ==== JIRA ====<br /> Note: In this instance JIRA is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name jira<br /> sudo docker run -d --name=jira -e TZ=Europe/London \<br /> -e ATL_TOMCAT_SCHEME=https -e ATL_TOMCAT_SECURE=true -e ATL_PROXY_NAME=jira.bretts.org -e ATL_PROXY_PORT=443 \<br /> -p 7980:8080 \<br /> -v jira:/var/atlassian/application-data/jira \<br /> --restart unless-stopped \<br /> atlassian/jira-software<br /> <br /> Docker JIRA runs with a uid and gid of 2001. To ensure they show up as a named user in the hosting system you can run:<br /> sudo addgroup --gid 2001 jira-docker<br /> sudo adduser --system --no-create-home --uid 2001 --gid 2001 jira-docker<br /> <br /> ==== Bitbucket====<br /> Note: In this instance Bitbucket is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name bitbucket<br /> sudo docker run -d --name=bitbucket -e TZ=Europe/London \<br /> -e SERVER_SCHEME=https -e SERVER_SECURE=true -e SERVER_PROXY_NAME=bitbucket.bretts.org -e SERVER_PROXY_PORT=443 \<br /> -p 7990:7990 -p 7999:7999 \<br /> -v bitbucket:/var/atlassian/application-data/bitbucket \<br /> --restart unless-stopped \<br /> atlassian/bitbucket-server<br /> <br /> Docker Bitbucket runs with a uid and gid of 2003. To ensure they show up as a named user in the hosting system you can run:<br /> sudo addgroup --gid 2003 bitbucket-docker<br /> sudo adduser --system --no-create-home --uid 2003 --gid 2003 bitbucket-docker<br /> <br /> ==== Bamboo ====<br /> Note: In this instance Bamboo is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name bamboo<br /> sudo docker run -d --name=bamboo -e TZ=Europe/London \<br /> -p 54663:54663 -p 7970:8085 \<br /> -v bamboo:/var/atlassian/application-data/bamboo \<br /> --restart unless-stopped \<br /> atlassian/bamboo-server<br /> <br /> ===== Limitations =====<br /> * Bamboo runs with a uid of 1000, which means it's likely to clash with a real user in the containing host<br /> * Bamboo container doesn't support any reverse proxy configuration, which means hiding it behind nginx is likely to result in broken Application Links. This can be worked around by manually editing /opt/atlassian/bamboo/conf/server.xml, but those changes will be overwritten on every container upgrade.<br /> <br /> == Tips / Fixes ==<br /> <br /> === Tautulli slow to start ===<br /> This may be due to an attempt to chown a large number of files. <br /> Login to the container:<br /> sudo docker exec -it &lt;container&gt; /bin/bash<br /> Disable the chown step by editing &lt;code&gt;/etc/cont-init.d/30-config&lt;/code&gt; and commenting out the chown command.<br /> <br /> === Adding an SSL cert for Unifi ===<br /> sudo openssl pkcs12 -export -inkey /etc/ssl/bretts.org/key.pem -in /etc/ssl/bretts.org/fullchain.pem -out /tmp/cert.p12 -name unifi -password pass:temppass<br /> sudo keytool -importkeystore -deststorepass aircontrolenterprise -destkeypass aircontrolenterprise -destkeystore /var/lib/unifi/data/keystore -srckeystore /tmp/cert.p12 -srcstoretype PKCS12 -srcstorepass temppass -alias unifi -noprompt<br /> sudo docker restart unifi-controller<br /> sudo rm /tmp/cert.p12<br /> <br /> === Local DNS resolution fails on docker 18.09 ===<br /> This may be the result of a bug: https://bugs.launchpad.net/ubuntu/+source/docker.io/+bug/1820278. Normally the container's /etc/resolv.conf should mirror that of the host, but in this case it seems to just be a default version. As a workaround, create /etc/docker/daemon.json with the following contents:<br /> <br /> {<br /> &quot;dns&quot;: [&quot;192.168.1.1&quot;, &quot;8.8.8.8&quot;],<br /> &quot;dns-search&quot;: [&quot;bretts.org&quot;]<br /> }</div> Andrew https://wiki.bretts.org/index.php?title=Docker&diff=8596 Docker 2026-01-22T15:03:16Z <p>Andrew: /* Sonarr (TV Downloads) */</p> <hr /> <div>== Useful Commands ==<br /> <br /> ; docker ps -a: List all containers<br /> ; docker container inspect &lt;container&gt;: Show details of &lt;container&gt;<br /> ; docker logs &lt;container&gt;: Show logs for &lt;container&gt;<br /> ; docker exec -it &lt;container&gt; /bin/bash: Start an interactive shell in &lt;container&gt;<br /> <br /> == Updating container ==<br /> <br /> === Manually ===<br /> sudo docker pull &lt;image&gt;<br /> sudo docker stop &lt;container&gt;<br /> sudo docker rm &lt;container&gt;<br /> &lt;docker run command&gt;<br /> <br /> === Automatically ===<br /> Use portainer, or:<br /> sudo docker run --rm -v /var/run/docker.sock:/var/run/docker.sock taisun/updater --oneshot &lt;container&gt;<br /> <br /> == Containers ==<br /> <br /> === Portainer ===<br /> sudo docker run -d --name portainer \<br /> -p 8000:8000 -p 9443:9443 \<br /> -v /var/run/docker.sock:/var/run/docker.sock -v /var/lib/portainer:/data \<br /> -v /etc/ssl/bretts.org:/certs \<br /> --restart unless-stopped \<br /> portainer/portainer-ce \<br /> --sslcert /certs/fullchain.pem --sslkey /certs/key.pem<br /> <br /> === Plex ===<br /> <br /> Get your claim token: https://www.plex.tv/claim/<br /> <br /> Create the container with the claim token substituted:<br /> sudo docker run -d --name plex --network=host -e PLEX_UID=111 -e PLEX_GID=127 -e TZ=Europe/London -e PLEX_CLAIM=&lt;CLAIM_TOKEN&gt; \<br /> -v /var/lib/plexmediaserver:/config -v /srv:/srv --device=/dev/dri:/dev/dri \<br /> --restart unless-stopped \<br /> plexinc/pms-docker:plexpass<br /> <br /> === Tautulli (Plex Monitoring/Notifications) ===<br /> sudo docker run -d --name tautulli -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 8181:8181 \<br /> -v /var/lib/torrent/tautulli/config:/config -v /var/lib/plexmediaserver/Library/Logs:/logs \<br /> --restart unless-stopped \<br /> linuxserver/tautulli<br /> <br /> === Jackett (Torrent Gateway) ===<br /> sudo docker run -d --name=jackett -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 9117:9117 \<br /> -v /var/lib/torrent/jackett/config:/config -v /var/lib/torrent/jackett/downloads:/downloads \<br /> --restart unless-stopped \<br /> linuxserver/jackett<br /> <br /> === FlareSolverr (CloudFlare proxy bypass) ===<br /> sudo docker run -d --name=flaresolverr \<br /> -p 8191:8191 \<br /> -e LOG_LEVEL=info \<br /> --restart unless-stopped \<br /> ghcr.io/flaresolverr/flaresolverr:latest<br /> <br /> === Byparr (Alternative CloudFlare proxy bypass) ===<br /> sudo docker run -d --name=byparr \<br /> -p 8191:8191 \<br /> -e LOG_LEVEL=info \<br /> --restart unless-stopped \<br /> ghcr.io/thephaseless/byparr:latest<br /> <br /> === Deluge ===<br /> sudo docker run -d --name deluge -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> --net=host \<br /> -v /var/lib/torrent/deluged/config:/config -v /srv/incoming/torrents/deluge:/srv/incoming/torrents/deluge \<br /> -v /etc/ssl/bretts.org:/etc/ssl/bretts.org \<br /> --restart unless-stopped \<br /> linuxserver/deluge<br /> <br /> Since user groups don't seem to apply across the docker boundary, &quot;torrent&quot; will need to be given explicit permission to the private key file via an ACL:<br /> setfacl -m &quot;u:torrent:rw&quot; /etc/ssl/bretts.org/key.pem<br /> <br /> === Radarr (Movie Downloads) ===<br /> Note: torrents and movies should both be under /srv to enable import via hard links<br /> <br /> sudo docker run -d --name radarr -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 7878:7878 \<br /> -v /var/lib/torrent/radarr/config:/config -v /srv:/srv \<br /> --restart unless-stopped \<br /> linuxserver/radarr<br /> <br /> === Sonarr (TV Downloads) ===<br /> Note: torrents and movies should both be under /srv to enable import via hard links<br /> <br /> sudo docker run -d --name=sonarr -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 8989:8989 \<br /> -v /var/lib/torrent/sonarr/config:/config -v /srv:/srv \<br /> --restart unless-stopped \<br /> linuxserver/sonarr<br /> <br /> === Overseerr (Media Requests) ===<br /> sudo docker run -d --name overseerr --user=127:138 -e LOG_LEVEL=debug -e TZ=Europe/London \<br /> -e PORT=5055 `#optional` \<br /> -p 5055:5055 \<br /> -v /var/lib/torrent/overseerr/config:/app/config \<br /> --restart unless-stopped \<br /> sctx/overseerr<br /> <br /> === Unifi ===<br /> sudo docker run -d --name=unifi-controller -e PUID=140 -e PGID=150 \<br /> -p 3478:3478/udp -p 10001:10001/udp -p 18080:18080 -p 18081:18081 -p 18443:18443 -p 18880:18880 -p 6789:6789 \<br /> -v /var/lib/unifi:/config \<br /> --restart unless-stopped \<br /> linuxserver/unifi-controller<br /> <br /> === Home-Assistant (as part of host network) ===<br /> sudo docker run -d --name=home-assistant -e TZ=Europe/London \<br /> --net=host \<br /> -v /var/lib/home-assistant/config:/config -v /srv:/media -v /etc/ssl/bretts.org:/etc/ssl/bretts.org -v /var/www/html/arlo-snapshots:/arlo-snapshots \<br /> --restart unless-stopped \<br /> homeassistant/home-assistant<br /> <br /> === Stash ===<br /> sudo docker run -d --name stash \<br /> -e STASH_GENERATED=/generated/ -e STASH_METADATA=/metadata/ -e STASH_CACHE=/cache/ \<br /> -e STASH_STASH=/data/ \<br /> -p 9999:9999 \<br /> -v /var/lib/stash:/root/.stash -v /var/lib/stash/metadata:/metadata -v /var/lib/stash/cache:/cache -v /var/lib/stash/blobs:/blobs -v /var/lib/stash/generated:/generated \<br /> -v /var/lib/stash/data:/data -v /srv/porn:/srv/porn -v /srv/incoming/torrents/deluge/porn:/srv/incoming/torrents/deluge/porn \<br /> -v /etc/localtime:/etc/localtime:ro \<br /> --restart unless-stopped \<br /> stashapp/stash<br /> <br /> === Bedrock Connect ===<br /> sudo docker run -d --name bedrock-connect \<br /> -e NODB=true \<br /> -p 19132:19132/udp \<br /> -v /var/lib/minecraft/bedrock-connect:/app/config \<br /> --restart unless-stopped \<br /> strausmann/minecraft-bedrock-connect<br /> <br /> === Minecraft Servers ===<br /> sudo docker run -d --name brettopia \<br /> -e EULA=TRUE -e SERVER_PORT=19142 \<br /> -p 19142:19142/udp \<br /> -v /var/lib/minecraft/brettopia:/data \<br /> --restart unless-stopped \<br /> itzg/minecraft-bedrock-server<br /> <br /> sudo docker run -d --name brettropolis \<br /> -e EULA=TRUE -e SERVER_PORT=19152 \<br /> -p 19152:19152/udp \<br /> -v /var/lib/minecraft/brettropolis:/data \<br /> --restart unless-stopped \<br /> itzg/minecraft-bedrock-server<br /> <br /> === Atlassian ===<br /> <br /> ==== JIRA ====<br /> Note: In this instance JIRA is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name jira<br /> sudo docker run -d --name=jira -e TZ=Europe/London \<br /> -e ATL_TOMCAT_SCHEME=https -e ATL_TOMCAT_SECURE=true -e ATL_PROXY_NAME=jira.bretts.org -e ATL_PROXY_PORT=443 \<br /> -p 7980:8080 \<br /> -v jira:/var/atlassian/application-data/jira \<br /> --restart unless-stopped \<br /> atlassian/jira-software<br /> <br /> Docker JIRA runs with a uid and gid of 2001. To ensure they show up as a named user in the hosting system you can run:<br /> sudo addgroup --gid 2001 jira-docker<br /> sudo adduser --system --no-create-home --uid 2001 --gid 2001 jira-docker<br /> <br /> ==== Bitbucket====<br /> Note: In this instance Bitbucket is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name bitbucket<br /> sudo docker run -d --name=bitbucket -e TZ=Europe/London \<br /> -e SERVER_SCHEME=https -e SERVER_SECURE=true -e SERVER_PROXY_NAME=bitbucket.bretts.org -e SERVER_PROXY_PORT=443 \<br /> -p 7990:7990 -p 7999:7999 \<br /> -v bitbucket:/var/atlassian/application-data/bitbucket \<br /> --restart unless-stopped \<br /> atlassian/bitbucket-server<br /> <br /> Docker Bitbucket runs with a uid and gid of 2003. To ensure they show up as a named user in the hosting system you can run:<br /> sudo addgroup --gid 2003 bitbucket-docker<br /> sudo adduser --system --no-create-home --uid 2003 --gid 2003 bitbucket-docker<br /> <br /> ==== Bamboo ====<br /> Note: In this instance Bamboo is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name bamboo<br /> sudo docker run -d --name=bamboo -e TZ=Europe/London \<br /> -p 54663:54663 -p 7970:8085 \<br /> -v bamboo:/var/atlassian/application-data/bamboo \<br /> --restart unless-stopped \<br /> atlassian/bamboo-server<br /> <br /> ===== Limitations =====<br /> * Bamboo runs with a uid of 1000, which means it's likely to clash with a real user in the containing host<br /> * Bamboo container doesn't support any reverse proxy configuration, which means hiding it behind nginx is likely to result in broken Application Links. This can be worked around by manually editing /opt/atlassian/bamboo/conf/server.xml, but those changes will be overwritten on every container upgrade.<br /> <br /> == Tips / Fixes ==<br /> <br /> === Tautulli slow to start ===<br /> This may be due to an attempt to chown a large number of files. <br /> Login to the container:<br /> sudo docker exec -it &lt;container&gt; /bin/bash<br /> Disable the chown step by editing &lt;code&gt;/etc/cont-init.d/30-config&lt;/code&gt; and commenting out the chown command.<br /> <br /> === Adding an SSL cert for Unifi ===<br /> sudo openssl pkcs12 -export -inkey /etc/ssl/bretts.org/key.pem -in /etc/ssl/bretts.org/fullchain.pem -out /tmp/cert.p12 -name unifi -password pass:temppass<br /> sudo keytool -importkeystore -deststorepass aircontrolenterprise -destkeypass aircontrolenterprise -destkeystore /var/lib/unifi/data/keystore -srckeystore /tmp/cert.p12 -srcstoretype PKCS12 -srcstorepass temppass -alias unifi -noprompt<br /> sudo docker restart unifi-controller<br /> sudo rm /tmp/cert.p12<br /> <br /> === Local DNS resolution fails on docker 18.09 ===<br /> This may be the result of a bug: https://bugs.launchpad.net/ubuntu/+source/docker.io/+bug/1820278. Normally the container's /etc/resolv.conf should mirror that of the host, but in this case it seems to just be a default version. As a workaround, create /etc/docker/daemon.json with the following contents:<br /> <br /> {<br /> &quot;dns&quot;: [&quot;192.168.1.1&quot;, &quot;8.8.8.8&quot;],<br /> &quot;dns-search&quot;: [&quot;bretts.org&quot;]<br /> }</div> Andrew https://wiki.bretts.org/index.php?title=Docker&diff=8595 Docker 2026-01-22T15:02:53Z <p>Andrew: /* Radarr (Movie Downloads) */</p> <hr /> <div>== Useful Commands ==<br /> <br /> ; docker ps -a: List all containers<br /> ; docker container inspect &lt;container&gt;: Show details of &lt;container&gt;<br /> ; docker logs &lt;container&gt;: Show logs for &lt;container&gt;<br /> ; docker exec -it &lt;container&gt; /bin/bash: Start an interactive shell in &lt;container&gt;<br /> <br /> == Updating container ==<br /> <br /> === Manually ===<br /> sudo docker pull &lt;image&gt;<br /> sudo docker stop &lt;container&gt;<br /> sudo docker rm &lt;container&gt;<br /> &lt;docker run command&gt;<br /> <br /> === Automatically ===<br /> Use portainer, or:<br /> sudo docker run --rm -v /var/run/docker.sock:/var/run/docker.sock taisun/updater --oneshot &lt;container&gt;<br /> <br /> == Containers ==<br /> <br /> === Portainer ===<br /> sudo docker run -d --name portainer \<br /> -p 8000:8000 -p 9443:9443 \<br /> -v /var/run/docker.sock:/var/run/docker.sock -v /var/lib/portainer:/data \<br /> -v /etc/ssl/bretts.org:/certs \<br /> --restart unless-stopped \<br /> portainer/portainer-ce \<br /> --sslcert /certs/fullchain.pem --sslkey /certs/key.pem<br /> <br /> === Plex ===<br /> <br /> Get your claim token: https://www.plex.tv/claim/<br /> <br /> Create the container with the claim token substituted:<br /> sudo docker run -d --name plex --network=host -e PLEX_UID=111 -e PLEX_GID=127 -e TZ=Europe/London -e PLEX_CLAIM=&lt;CLAIM_TOKEN&gt; \<br /> -v /var/lib/plexmediaserver:/config -v /srv:/srv --device=/dev/dri:/dev/dri \<br /> --restart unless-stopped \<br /> plexinc/pms-docker:plexpass<br /> <br /> === Tautulli (Plex Monitoring/Notifications) ===<br /> sudo docker run -d --name tautulli -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 8181:8181 \<br /> -v /var/lib/torrent/tautulli/config:/config -v /var/lib/plexmediaserver/Library/Logs:/logs \<br /> --restart unless-stopped \<br /> linuxserver/tautulli<br /> <br /> === Jackett (Torrent Gateway) ===<br /> sudo docker run -d --name=jackett -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 9117:9117 \<br /> -v /var/lib/torrent/jackett/config:/config -v /var/lib/torrent/jackett/downloads:/downloads \<br /> --restart unless-stopped \<br /> linuxserver/jackett<br /> <br /> === FlareSolverr (CloudFlare proxy bypass) ===<br /> sudo docker run -d --name=flaresolverr \<br /> -p 8191:8191 \<br /> -e LOG_LEVEL=info \<br /> --restart unless-stopped \<br /> ghcr.io/flaresolverr/flaresolverr:latest<br /> <br /> === Byparr (Alternative CloudFlare proxy bypass) ===<br /> sudo docker run -d --name=byparr \<br /> -p 8191:8191 \<br /> -e LOG_LEVEL=info \<br /> --restart unless-stopped \<br /> ghcr.io/thephaseless/byparr:latest<br /> <br /> === Deluge ===<br /> sudo docker run -d --name deluge -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> --net=host \<br /> -v /var/lib/torrent/deluged/config:/config -v /srv/incoming/torrents/deluge:/srv/incoming/torrents/deluge \<br /> -v /etc/ssl/bretts.org:/etc/ssl/bretts.org \<br /> --restart unless-stopped \<br /> linuxserver/deluge<br /> <br /> Since user groups don't seem to apply across the docker boundary, &quot;torrent&quot; will need to be given explicit permission to the private key file via an ACL:<br /> setfacl -m &quot;u:torrent:rw&quot; /etc/ssl/bretts.org/key.pem<br /> <br /> === Radarr (Movie Downloads) ===<br /> Note: torrents and movies should both be under /srv to enable import via hard links<br /> <br /> sudo docker run -d --name radarr -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 7878:7878 \<br /> -v /var/lib/torrent/radarr/config:/config -v /srv:/srv \<br /> --restart unless-stopped \<br /> linuxserver/radarr<br /> <br /> === Sonarr (TV Downloads) ===<br /> sudo docker run -d --name=sonarr -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 8989:8989 \<br /> -v /var/lib/torrent/sonarr/config:/config -v /srv/videos/programs/tv:/tv -v /srv/incoming/torrents/deluge:/downloads \<br /> --restart unless-stopped \<br /> linuxserver/sonarr<br /> <br /> === Overseerr (Media Requests) ===<br /> sudo docker run -d --name overseerr --user=127:138 -e LOG_LEVEL=debug -e TZ=Europe/London \<br /> -e PORT=5055 `#optional` \<br /> -p 5055:5055 \<br /> -v /var/lib/torrent/overseerr/config:/app/config \<br /> --restart unless-stopped \<br /> sctx/overseerr<br /> <br /> === Unifi ===<br /> sudo docker run -d --name=unifi-controller -e PUID=140 -e PGID=150 \<br /> -p 3478:3478/udp -p 10001:10001/udp -p 18080:18080 -p 18081:18081 -p 18443:18443 -p 18880:18880 -p 6789:6789 \<br /> -v /var/lib/unifi:/config \<br /> --restart unless-stopped \<br /> linuxserver/unifi-controller<br /> <br /> === Home-Assistant (as part of host network) ===<br /> sudo docker run -d --name=home-assistant -e TZ=Europe/London \<br /> --net=host \<br /> -v /var/lib/home-assistant/config:/config -v /srv:/media -v /etc/ssl/bretts.org:/etc/ssl/bretts.org -v /var/www/html/arlo-snapshots:/arlo-snapshots \<br /> --restart unless-stopped \<br /> homeassistant/home-assistant<br /> <br /> === Stash ===<br /> sudo docker run -d --name stash \<br /> -e STASH_GENERATED=/generated/ -e STASH_METADATA=/metadata/ -e STASH_CACHE=/cache/ \<br /> -e STASH_STASH=/data/ \<br /> -p 9999:9999 \<br /> -v /var/lib/stash:/root/.stash -v /var/lib/stash/metadata:/metadata -v /var/lib/stash/cache:/cache -v /var/lib/stash/blobs:/blobs -v /var/lib/stash/generated:/generated \<br /> -v /var/lib/stash/data:/data -v /srv/porn:/srv/porn -v /srv/incoming/torrents/deluge/porn:/srv/incoming/torrents/deluge/porn \<br /> -v /etc/localtime:/etc/localtime:ro \<br /> --restart unless-stopped \<br /> stashapp/stash<br /> <br /> === Bedrock Connect ===<br /> sudo docker run -d --name bedrock-connect \<br /> -e NODB=true \<br /> -p 19132:19132/udp \<br /> -v /var/lib/minecraft/bedrock-connect:/app/config \<br /> --restart unless-stopped \<br /> strausmann/minecraft-bedrock-connect<br /> <br /> === Minecraft Servers ===<br /> sudo docker run -d --name brettopia \<br /> -e EULA=TRUE -e SERVER_PORT=19142 \<br /> -p 19142:19142/udp \<br /> -v /var/lib/minecraft/brettopia:/data \<br /> --restart unless-stopped \<br /> itzg/minecraft-bedrock-server<br /> <br /> sudo docker run -d --name brettropolis \<br /> -e EULA=TRUE -e SERVER_PORT=19152 \<br /> -p 19152:19152/udp \<br /> -v /var/lib/minecraft/brettropolis:/data \<br /> --restart unless-stopped \<br /> itzg/minecraft-bedrock-server<br /> <br /> === Atlassian ===<br /> <br /> ==== JIRA ====<br /> Note: In this instance JIRA is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name jira<br /> sudo docker run -d --name=jira -e TZ=Europe/London \<br /> -e ATL_TOMCAT_SCHEME=https -e ATL_TOMCAT_SECURE=true -e ATL_PROXY_NAME=jira.bretts.org -e ATL_PROXY_PORT=443 \<br /> -p 7980:8080 \<br /> -v jira:/var/atlassian/application-data/jira \<br /> --restart unless-stopped \<br /> atlassian/jira-software<br /> <br /> Docker JIRA runs with a uid and gid of 2001. To ensure they show up as a named user in the hosting system you can run:<br /> sudo addgroup --gid 2001 jira-docker<br /> sudo adduser --system --no-create-home --uid 2001 --gid 2001 jira-docker<br /> <br /> ==== Bitbucket====<br /> Note: In this instance Bitbucket is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name bitbucket<br /> sudo docker run -d --name=bitbucket -e TZ=Europe/London \<br /> -e SERVER_SCHEME=https -e SERVER_SECURE=true -e SERVER_PROXY_NAME=bitbucket.bretts.org -e SERVER_PROXY_PORT=443 \<br /> -p 7990:7990 -p 7999:7999 \<br /> -v bitbucket:/var/atlassian/application-data/bitbucket \<br /> --restart unless-stopped \<br /> atlassian/bitbucket-server<br /> <br /> Docker Bitbucket runs with a uid and gid of 2003. To ensure they show up as a named user in the hosting system you can run:<br /> sudo addgroup --gid 2003 bitbucket-docker<br /> sudo adduser --system --no-create-home --uid 2003 --gid 2003 bitbucket-docker<br /> <br /> ==== Bamboo ====<br /> Note: In this instance Bamboo is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name bamboo<br /> sudo docker run -d --name=bamboo -e TZ=Europe/London \<br /> -p 54663:54663 -p 7970:8085 \<br /> -v bamboo:/var/atlassian/application-data/bamboo \<br /> --restart unless-stopped \<br /> atlassian/bamboo-server<br /> <br /> ===== Limitations =====<br /> * Bamboo runs with a uid of 1000, which means it's likely to clash with a real user in the containing host<br /> * Bamboo container doesn't support any reverse proxy configuration, which means hiding it behind nginx is likely to result in broken Application Links. This can be worked around by manually editing /opt/atlassian/bamboo/conf/server.xml, but those changes will be overwritten on every container upgrade.<br /> <br /> == Tips / Fixes ==<br /> <br /> === Tautulli slow to start ===<br /> This may be due to an attempt to chown a large number of files. <br /> Login to the container:<br /> sudo docker exec -it &lt;container&gt; /bin/bash<br /> Disable the chown step by editing &lt;code&gt;/etc/cont-init.d/30-config&lt;/code&gt; and commenting out the chown command.<br /> <br /> === Adding an SSL cert for Unifi ===<br /> sudo openssl pkcs12 -export -inkey /etc/ssl/bretts.org/key.pem -in /etc/ssl/bretts.org/fullchain.pem -out /tmp/cert.p12 -name unifi -password pass:temppass<br /> sudo keytool -importkeystore -deststorepass aircontrolenterprise -destkeypass aircontrolenterprise -destkeystore /var/lib/unifi/data/keystore -srckeystore /tmp/cert.p12 -srcstoretype PKCS12 -srcstorepass temppass -alias unifi -noprompt<br /> sudo docker restart unifi-controller<br /> sudo rm /tmp/cert.p12<br /> <br /> === Local DNS resolution fails on docker 18.09 ===<br /> This may be the result of a bug: https://bugs.launchpad.net/ubuntu/+source/docker.io/+bug/1820278. Normally the container's /etc/resolv.conf should mirror that of the host, but in this case it seems to just be a default version. As a workaround, create /etc/docker/daemon.json with the following contents:<br /> <br /> {<br /> &quot;dns&quot;: [&quot;192.168.1.1&quot;, &quot;8.8.8.8&quot;],<br /> &quot;dns-search&quot;: [&quot;bretts.org&quot;]<br /> }</div> Andrew https://wiki.bretts.org/index.php?title=SnapRAID_/_MergerFS&diff=8594 SnapRAID / MergerFS 2025-12-19T07:18:10Z <p>Andrew: /* Identifying/Fixing a bad block */</p> <hr /> <div>= SnapRAID / MergerFS =<br /> <br /> == Setup ==<br /> https://zackreed.me/setting-up-snapraid-on-ubuntu/<br /> <br /> Note that if (like me) you use a dedicated snapraid content directory then you'll need to create that by hand for each disk with:<br /> <br /> mkdir /mnt/data/disk1/.snapraid<br /> <br /> == Partitioning a new data disk ==<br /> Note: &quot;-m 2&quot; here reserves 2% of the filesystem for root-owned files (eg. .../.snapraid/content)<br /> sudo parted -a optimal -s /dev/sdX -- mklabel gpt mkpart primary 0% 100%<br /> sudo mkfs.ext4 -m 2 -T largefile4 /dev/sdX1<br /> <br /> == Partitioning a new parity disk ==<br /> Note: &quot;-m 0&quot; here reserves 0% of the filesystem, ensuring that the parity disks are slightly larger than the data disks<br /> sudo parted -a optimal -s /dev/sdX -- mklabel gpt mkpart primary 0% 100%<br /> sudo mkfs.ext4 -m 0 -T largefile4 /dev/sdX1<br /> <br /> == Adding a new data disk to mergerfs ==<br /> From: https://zackreed.me/mergerfs-neat-tricks/<br /> From within the root of the mergerfs filesystem (eg. /srv)<br /> xattr -w user.mergerfs.srcmounts '+&gt;/mnt/data/disk4/srv' .mergerfs<br /> <br /> == Removing a data disk from mergerfs ==<br /> From within the root of the mergerfs filesystem (eg. /srv)<br /> xattr -w user.mergerfs.srcmounts '-/mnt/data/disk4/srv' .mergerfs<br /> <br /> == Forcing a resync ==<br /> <br /> sudo snapraid sync<br /> <br /> == Identifying/Fixing a bad block ==<br /> * Run ddrescue to identify the failing bytes on the disk:<br /> &lt;pre&gt;<br /> ddrescue --ask --verbose --binary-prefixes --idirect --force /dev/sdX /dev/null sdX.map <br /> &lt;/pre&gt;<br /> * ddrescue will write out a map file containing start positions and sizes (all in bytes) of good (+) and bad (-) byte ranges<br /> * Get the block size for the volume with &lt;code&gt;tune2fs -l /dev/sdXY | grep &quot;Block size&quot;&lt;/code&gt; (we'll call this '''B'''). In my case this is 4096.<br /> * Get the sector size for the disk with &lt;code&gt;fdisk -l /dev/sdX | grep Units&lt;/code&gt; (we'll call this '''S'''). In my case this is 512.<br /> * Identify the starting sector for the /dev/sdXY volume (eg. /dev/sda1) with &lt;code&gt;fdisk -l /dev/sdX&lt;/code&gt; (we'll call this '''T'''). In my case this is 2048.<br /> * Calculate the offset to go from disk to volume location with &lt;code&gt;(T * S / B)&lt;/code&gt; (we'll call this '''F'''). In my case this is 256.<br /> * Run ddrescuelog to list out the bad block locations (using the block size B) and convert to a volume location (by subtracting the offset F):<br /> &lt;pre&gt;<br /> ddrescuelog -b B --list-blocks=- sdX.map | xargs -n 1 expr -F +<br /> &lt;/pre&gt;<br /> * Let's call each of these bad volume blocks '''BB'''<br /> * Start debugfs for the volume with :<br /> &lt;pre&gt;<br /> debugfs /dev/sdXY<br /> &lt;/pre&gt;<br /> * For each '''BB''' run:<br /> &lt;pre&gt;<br /> testb BB<br /> &lt;/pre&gt;<br /> * If debugfs returns &quot;Block BB not in use&quot;, then that block isn't part of a file and can safely be overwritten. If it returns &quot;Block BB marked in use&quot; then we need to get an inode number (we'll call it '''I''') and convert that inode number to a file path with:<br /> &lt;pre&gt;<br /> icheck BB<br /> ncheck I<br /> &lt;/pre&gt;<br /> <br /> For any unused blocks, we need to do the following:<br /> * Check with dd that we’ve got the right block IDs. For each one of these reads we expect to see an error (and “0+0 records in”):<br /> &lt;pre&gt;<br /> for block in `ddrescuelog -b B --list-blocks=- sdX.map`<br /> do<br /> dd if=/dev/sdX of=/dev/null count=1 bs=B skip=$block<br /> done<br /> &lt;/pre&gt;<br /> <br /> * For each of the bad blocks, write zeros over the block to force it to be reallocated from spare space on the drive. Be careful here – getting it wrong will destroy data! Also note that when reading, “skip” is used to position the input stream, but here “seek” is used to position the output stream:<br /> &lt;pre&gt;<br /> for block in `ddrescuelog -b B --list-blocks=- sdX.map`<br /> do<br /> dd if=/dev/zero of=/dev/sdX count=1 bs=B seek=$block<br /> done<br /> &lt;/pre&gt;<br /> <br /> * It’s possible that dd will fail to write to the block, in which case try again with hdparm:<br /> <br /> ** First check that we’ve got the right sectors (we expect to see “SG_IO: bad/missing sense data” for each sector on stderr, so we pipe stdout to /dev/null to avoid noise). Note that we use '''S''' as the block size for ddrescuelog, since hdparm deals in sectors:<br /> &lt;pre&gt;<br /> for block in `ddrescuelog -b S --list-blocks=- sdX.map`<br /> do<br /> hdparm --read-sector $block /dev/sdX &gt; /dev/null<br /> done<br /> &lt;/pre&gt;<br /> <br /> ** Assuming we’ve seen the expected errors, write zeros over each of the bad sectors. Note that we use '''S''' as the block size for ddrescuelog, since hdparm deals in sectors. Be careful here – getting it wrong will destroy data! You may be asked to add a “—yes-i-know-what-i-am-doing” flag.<br /> &lt;pre&gt;<br /> for block in `ddrescuelog -b S --list-blocks=- sdX.map`<br /> do<br /> hdparm --write-sector $block /dev/sdX<br /> done<br /> &lt;/pre&gt;<br /> <br /> * Check that the number of failing sectors has decreased:<br /> &lt;pre&gt;<br /> smartctl -a /dev/sdX | grep Pending<br /> &lt;/pre&gt;<br /> <br /> For any files reported by `debugfs`:<br /> * Write random data over the bad file, which should force the pending sector to be marked bad and reallocated from spare space on the disk:<br /> &lt;pre&gt;<br /> shred -n 1 –v /path/to/bad/file<br /> &lt;/pre&gt;<br /> <br /> * Check that the number of failing sectors has decreased:<br /> &lt;pre&gt;<br /> smartctl -a /dev/sdX | grep Pending<br /> &lt;/pre&gt;<br /> <br /> * Assuming the number of pending sectors has decreased, it’s then ok to delete the bad file:<br /> &lt;pre&gt;<br /> rm /path/to/bad/file<br /> &lt;/pre&gt;<br /> <br /> * Restore the deleted file:<br /> &lt;pre&gt;<br /> snapraid fix -f /path/to/bad/file<br /> &lt;/pre&gt;<br /> <br /> More details:<br /> * https://www.smartmontools.org/wiki/BadBlockHowto<br /> * [[Mdadm#Repairing_failing_disk_on_degraded_array]]</div> Andrew https://wiki.bretts.org/index.php?title=Docker&diff=8593 Docker 2025-11-25T05:55:23Z <p>Andrew: /* Automatically */</p> <hr /> <div>== Useful Commands ==<br /> <br /> ; docker ps -a: List all containers<br /> ; docker container inspect &lt;container&gt;: Show details of &lt;container&gt;<br /> ; docker logs &lt;container&gt;: Show logs for &lt;container&gt;<br /> ; docker exec -it &lt;container&gt; /bin/bash: Start an interactive shell in &lt;container&gt;<br /> <br /> == Updating container ==<br /> <br /> === Manually ===<br /> sudo docker pull &lt;image&gt;<br /> sudo docker stop &lt;container&gt;<br /> sudo docker rm &lt;container&gt;<br /> &lt;docker run command&gt;<br /> <br /> === Automatically ===<br /> Use portainer, or:<br /> sudo docker run --rm -v /var/run/docker.sock:/var/run/docker.sock taisun/updater --oneshot &lt;container&gt;<br /> <br /> == Containers ==<br /> <br /> === Portainer ===<br /> sudo docker run -d --name portainer \<br /> -p 8000:8000 -p 9443:9443 \<br /> -v /var/run/docker.sock:/var/run/docker.sock -v /var/lib/portainer:/data \<br /> -v /etc/ssl/bretts.org:/certs \<br /> --restart unless-stopped \<br /> portainer/portainer-ce \<br /> --sslcert /certs/fullchain.pem --sslkey /certs/key.pem<br /> <br /> === Plex ===<br /> <br /> Get your claim token: https://www.plex.tv/claim/<br /> <br /> Create the container with the claim token substituted:<br /> sudo docker run -d --name plex --network=host -e PLEX_UID=111 -e PLEX_GID=127 -e TZ=Europe/London -e PLEX_CLAIM=&lt;CLAIM_TOKEN&gt; \<br /> -v /var/lib/plexmediaserver:/config -v /srv:/srv --device=/dev/dri:/dev/dri \<br /> --restart unless-stopped \<br /> plexinc/pms-docker:plexpass<br /> <br /> === Tautulli (Plex Monitoring/Notifications) ===<br /> sudo docker run -d --name tautulli -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 8181:8181 \<br /> -v /var/lib/torrent/tautulli/config:/config -v /var/lib/plexmediaserver/Library/Logs:/logs \<br /> --restart unless-stopped \<br /> linuxserver/tautulli<br /> <br /> === Jackett (Torrent Gateway) ===<br /> sudo docker run -d --name=jackett -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 9117:9117 \<br /> -v /var/lib/torrent/jackett/config:/config -v /var/lib/torrent/jackett/downloads:/downloads \<br /> --restart unless-stopped \<br /> linuxserver/jackett<br /> <br /> === FlareSolverr (CloudFlare proxy bypass) ===<br /> sudo docker run -d --name=flaresolverr \<br /> -p 8191:8191 \<br /> -e LOG_LEVEL=info \<br /> --restart unless-stopped \<br /> ghcr.io/flaresolverr/flaresolverr:latest<br /> <br /> === Byparr (Alternative CloudFlare proxy bypass) ===<br /> sudo docker run -d --name=byparr \<br /> -p 8191:8191 \<br /> -e LOG_LEVEL=info \<br /> --restart unless-stopped \<br /> ghcr.io/thephaseless/byparr:latest<br /> <br /> === Deluge ===<br /> sudo docker run -d --name deluge -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> --net=host \<br /> -v /var/lib/torrent/deluged/config:/config -v /srv/incoming/torrents/deluge:/srv/incoming/torrents/deluge \<br /> -v /etc/ssl/bretts.org:/etc/ssl/bretts.org \<br /> --restart unless-stopped \<br /> linuxserver/deluge<br /> <br /> Since user groups don't seem to apply across the docker boundary, &quot;torrent&quot; will need to be given explicit permission to the private key file via an ACL:<br /> setfacl -m &quot;u:torrent:rw&quot; /etc/ssl/bretts.org/key.pem<br /> <br /> === Radarr (Movie Downloads) ===<br /> sudo docker run -d --name radarr -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 7878:7878 \<br /> -v /var/lib/torrent/radarr/config:/config -v /srv/videos/programs/movies:/movies -v /srv/incoming/torrents/deluge:/downloads \<br /> --restart unless-stopped \<br /> linuxserver/radarr<br /> <br /> === Sonarr (TV Downloads) ===<br /> sudo docker run -d --name=sonarr -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 8989:8989 \<br /> -v /var/lib/torrent/sonarr/config:/config -v /srv/videos/programs/tv:/tv -v /srv/incoming/torrents/deluge:/downloads \<br /> --restart unless-stopped \<br /> linuxserver/sonarr<br /> <br /> === Overseerr (Media Requests) ===<br /> sudo docker run -d --name overseerr --user=127:138 -e LOG_LEVEL=debug -e TZ=Europe/London \<br /> -e PORT=5055 `#optional` \<br /> -p 5055:5055 \<br /> -v /var/lib/torrent/overseerr/config:/app/config \<br /> --restart unless-stopped \<br /> sctx/overseerr<br /> <br /> === Unifi ===<br /> sudo docker run -d --name=unifi-controller -e PUID=140 -e PGID=150 \<br /> -p 3478:3478/udp -p 10001:10001/udp -p 18080:18080 -p 18081:18081 -p 18443:18443 -p 18880:18880 -p 6789:6789 \<br /> -v /var/lib/unifi:/config \<br /> --restart unless-stopped \<br /> linuxserver/unifi-controller<br /> <br /> === Home-Assistant (as part of host network) ===<br /> sudo docker run -d --name=home-assistant -e TZ=Europe/London \<br /> --net=host \<br /> -v /var/lib/home-assistant/config:/config -v /srv:/media -v /etc/ssl/bretts.org:/etc/ssl/bretts.org -v /var/www/html/arlo-snapshots:/arlo-snapshots \<br /> --restart unless-stopped \<br /> homeassistant/home-assistant<br /> <br /> === Stash ===<br /> sudo docker run -d --name stash \<br /> -e STASH_GENERATED=/generated/ -e STASH_METADATA=/metadata/ -e STASH_CACHE=/cache/ \<br /> -e STASH_STASH=/data/ \<br /> -p 9999:9999 \<br /> -v /var/lib/stash:/root/.stash -v /var/lib/stash/metadata:/metadata -v /var/lib/stash/cache:/cache -v /var/lib/stash/blobs:/blobs -v /var/lib/stash/generated:/generated \<br /> -v /var/lib/stash/data:/data -v /srv/porn:/srv/porn -v /srv/incoming/torrents/deluge/porn:/srv/incoming/torrents/deluge/porn \<br /> -v /etc/localtime:/etc/localtime:ro \<br /> --restart unless-stopped \<br /> stashapp/stash<br /> <br /> === Bedrock Connect ===<br /> sudo docker run -d --name bedrock-connect \<br /> -e NODB=true \<br /> -p 19132:19132/udp \<br /> -v /var/lib/minecraft/bedrock-connect:/app/config \<br /> --restart unless-stopped \<br /> strausmann/minecraft-bedrock-connect<br /> <br /> === Minecraft Servers ===<br /> sudo docker run -d --name brettopia \<br /> -e EULA=TRUE -e SERVER_PORT=19142 \<br /> -p 19142:19142/udp \<br /> -v /var/lib/minecraft/brettopia:/data \<br /> --restart unless-stopped \<br /> itzg/minecraft-bedrock-server<br /> <br /> sudo docker run -d --name brettropolis \<br /> -e EULA=TRUE -e SERVER_PORT=19152 \<br /> -p 19152:19152/udp \<br /> -v /var/lib/minecraft/brettropolis:/data \<br /> --restart unless-stopped \<br /> itzg/minecraft-bedrock-server<br /> <br /> === Atlassian ===<br /> <br /> ==== JIRA ====<br /> Note: In this instance JIRA is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name jira<br /> sudo docker run -d --name=jira -e TZ=Europe/London \<br /> -e ATL_TOMCAT_SCHEME=https -e ATL_TOMCAT_SECURE=true -e ATL_PROXY_NAME=jira.bretts.org -e ATL_PROXY_PORT=443 \<br /> -p 7980:8080 \<br /> -v jira:/var/atlassian/application-data/jira \<br /> --restart unless-stopped \<br /> atlassian/jira-software<br /> <br /> Docker JIRA runs with a uid and gid of 2001. To ensure they show up as a named user in the hosting system you can run:<br /> sudo addgroup --gid 2001 jira-docker<br /> sudo adduser --system --no-create-home --uid 2001 --gid 2001 jira-docker<br /> <br /> ==== Bitbucket====<br /> Note: In this instance Bitbucket is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name bitbucket<br /> sudo docker run -d --name=bitbucket -e TZ=Europe/London \<br /> -e SERVER_SCHEME=https -e SERVER_SECURE=true -e SERVER_PROXY_NAME=bitbucket.bretts.org -e SERVER_PROXY_PORT=443 \<br /> -p 7990:7990 -p 7999:7999 \<br /> -v bitbucket:/var/atlassian/application-data/bitbucket \<br /> --restart unless-stopped \<br /> atlassian/bitbucket-server<br /> <br /> Docker Bitbucket runs with a uid and gid of 2003. To ensure they show up as a named user in the hosting system you can run:<br /> sudo addgroup --gid 2003 bitbucket-docker<br /> sudo adduser --system --no-create-home --uid 2003 --gid 2003 bitbucket-docker<br /> <br /> ==== Bamboo ====<br /> Note: In this instance Bamboo is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name bamboo<br /> sudo docker run -d --name=bamboo -e TZ=Europe/London \<br /> -p 54663:54663 -p 7970:8085 \<br /> -v bamboo:/var/atlassian/application-data/bamboo \<br /> --restart unless-stopped \<br /> atlassian/bamboo-server<br /> <br /> ===== Limitations =====<br /> * Bamboo runs with a uid of 1000, which means it's likely to clash with a real user in the containing host<br /> * Bamboo container doesn't support any reverse proxy configuration, which means hiding it behind nginx is likely to result in broken Application Links. This can be worked around by manually editing /opt/atlassian/bamboo/conf/server.xml, but those changes will be overwritten on every container upgrade.<br /> <br /> == Tips / Fixes ==<br /> <br /> === Tautulli slow to start ===<br /> This may be due to an attempt to chown a large number of files. <br /> Login to the container:<br /> sudo docker exec -it &lt;container&gt; /bin/bash<br /> Disable the chown step by editing &lt;code&gt;/etc/cont-init.d/30-config&lt;/code&gt; and commenting out the chown command.<br /> <br /> === Adding an SSL cert for Unifi ===<br /> sudo openssl pkcs12 -export -inkey /etc/ssl/bretts.org/key.pem -in /etc/ssl/bretts.org/fullchain.pem -out /tmp/cert.p12 -name unifi -password pass:temppass<br /> sudo keytool -importkeystore -deststorepass aircontrolenterprise -destkeypass aircontrolenterprise -destkeystore /var/lib/unifi/data/keystore -srckeystore /tmp/cert.p12 -srcstoretype PKCS12 -srcstorepass temppass -alias unifi -noprompt<br /> sudo docker restart unifi-controller<br /> sudo rm /tmp/cert.p12<br /> <br /> === Local DNS resolution fails on docker 18.09 ===<br /> This may be the result of a bug: https://bugs.launchpad.net/ubuntu/+source/docker.io/+bug/1820278. Normally the container's /etc/resolv.conf should mirror that of the host, but in this case it seems to just be a default version. As a workaround, create /etc/docker/daemon.json with the following contents:<br /> <br /> {<br /> &quot;dns&quot;: [&quot;192.168.1.1&quot;, &quot;8.8.8.8&quot;],<br /> &quot;dns-search&quot;: [&quot;bretts.org&quot;]<br /> }</div> Andrew https://wiki.bretts.org/index.php?title=Docker&diff=8592 Docker 2025-11-23T08:18:02Z <p>Andrew: /* Minecraft Servers */</p> <hr /> <div>== Useful Commands ==<br /> <br /> ; docker ps -a: List all containers<br /> ; docker container inspect &lt;container&gt;: Show details of &lt;container&gt;<br /> ; docker logs &lt;container&gt;: Show logs for &lt;container&gt;<br /> ; docker exec -it &lt;container&gt; /bin/bash: Start an interactive shell in &lt;container&gt;<br /> <br /> == Updating container ==<br /> <br /> === Manually ===<br /> sudo docker pull &lt;image&gt;<br /> sudo docker stop &lt;container&gt;<br /> sudo docker rm &lt;container&gt;<br /> &lt;docker run command&gt;<br /> <br /> === Automatically ===<br /> sudo docker run --rm -v /var/run/docker.sock:/var/run/docker.sock taisun/updater --oneshot &lt;container&gt;<br /> <br /> == Containers ==<br /> <br /> === Portainer ===<br /> sudo docker run -d --name portainer \<br /> -p 8000:8000 -p 9443:9443 \<br /> -v /var/run/docker.sock:/var/run/docker.sock -v /var/lib/portainer:/data \<br /> -v /etc/ssl/bretts.org:/certs \<br /> --restart unless-stopped \<br /> portainer/portainer-ce \<br /> --sslcert /certs/fullchain.pem --sslkey /certs/key.pem<br /> <br /> === Plex ===<br /> <br /> Get your claim token: https://www.plex.tv/claim/<br /> <br /> Create the container with the claim token substituted:<br /> sudo docker run -d --name plex --network=host -e PLEX_UID=111 -e PLEX_GID=127 -e TZ=Europe/London -e PLEX_CLAIM=&lt;CLAIM_TOKEN&gt; \<br /> -v /var/lib/plexmediaserver:/config -v /srv:/srv --device=/dev/dri:/dev/dri \<br /> --restart unless-stopped \<br /> plexinc/pms-docker:plexpass<br /> <br /> === Tautulli (Plex Monitoring/Notifications) ===<br /> sudo docker run -d --name tautulli -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 8181:8181 \<br /> -v /var/lib/torrent/tautulli/config:/config -v /var/lib/plexmediaserver/Library/Logs:/logs \<br /> --restart unless-stopped \<br /> linuxserver/tautulli<br /> <br /> === Jackett (Torrent Gateway) ===<br /> sudo docker run -d --name=jackett -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 9117:9117 \<br /> -v /var/lib/torrent/jackett/config:/config -v /var/lib/torrent/jackett/downloads:/downloads \<br /> --restart unless-stopped \<br /> linuxserver/jackett<br /> <br /> === FlareSolverr (CloudFlare proxy bypass) ===<br /> sudo docker run -d --name=flaresolverr \<br /> -p 8191:8191 \<br /> -e LOG_LEVEL=info \<br /> --restart unless-stopped \<br /> ghcr.io/flaresolverr/flaresolverr:latest<br /> <br /> === Byparr (Alternative CloudFlare proxy bypass) ===<br /> sudo docker run -d --name=byparr \<br /> -p 8191:8191 \<br /> -e LOG_LEVEL=info \<br /> --restart unless-stopped \<br /> ghcr.io/thephaseless/byparr:latest<br /> <br /> === Deluge ===<br /> sudo docker run -d --name deluge -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> --net=host \<br /> -v /var/lib/torrent/deluged/config:/config -v /srv/incoming/torrents/deluge:/srv/incoming/torrents/deluge \<br /> -v /etc/ssl/bretts.org:/etc/ssl/bretts.org \<br /> --restart unless-stopped \<br /> linuxserver/deluge<br /> <br /> Since user groups don't seem to apply across the docker boundary, &quot;torrent&quot; will need to be given explicit permission to the private key file via an ACL:<br /> setfacl -m &quot;u:torrent:rw&quot; /etc/ssl/bretts.org/key.pem<br /> <br /> === Radarr (Movie Downloads) ===<br /> sudo docker run -d --name radarr -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 7878:7878 \<br /> -v /var/lib/torrent/radarr/config:/config -v /srv/videos/programs/movies:/movies -v /srv/incoming/torrents/deluge:/downloads \<br /> --restart unless-stopped \<br /> linuxserver/radarr<br /> <br /> === Sonarr (TV Downloads) ===<br /> sudo docker run -d --name=sonarr -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 8989:8989 \<br /> -v /var/lib/torrent/sonarr/config:/config -v /srv/videos/programs/tv:/tv -v /srv/incoming/torrents/deluge:/downloads \<br /> --restart unless-stopped \<br /> linuxserver/sonarr<br /> <br /> === Overseerr (Media Requests) ===<br /> sudo docker run -d --name overseerr --user=127:138 -e LOG_LEVEL=debug -e TZ=Europe/London \<br /> -e PORT=5055 `#optional` \<br /> -p 5055:5055 \<br /> -v /var/lib/torrent/overseerr/config:/app/config \<br /> --restart unless-stopped \<br /> sctx/overseerr<br /> <br /> === Unifi ===<br /> sudo docker run -d --name=unifi-controller -e PUID=140 -e PGID=150 \<br /> -p 3478:3478/udp -p 10001:10001/udp -p 18080:18080 -p 18081:18081 -p 18443:18443 -p 18880:18880 -p 6789:6789 \<br /> -v /var/lib/unifi:/config \<br /> --restart unless-stopped \<br /> linuxserver/unifi-controller<br /> <br /> === Home-Assistant (as part of host network) ===<br /> sudo docker run -d --name=home-assistant -e TZ=Europe/London \<br /> --net=host \<br /> -v /var/lib/home-assistant/config:/config -v /srv:/media -v /etc/ssl/bretts.org:/etc/ssl/bretts.org -v /var/www/html/arlo-snapshots:/arlo-snapshots \<br /> --restart unless-stopped \<br /> homeassistant/home-assistant<br /> <br /> === Stash ===<br /> sudo docker run -d --name stash \<br /> -e STASH_GENERATED=/generated/ -e STASH_METADATA=/metadata/ -e STASH_CACHE=/cache/ \<br /> -e STASH_STASH=/data/ \<br /> -p 9999:9999 \<br /> -v /var/lib/stash:/root/.stash -v /var/lib/stash/metadata:/metadata -v /var/lib/stash/cache:/cache -v /var/lib/stash/blobs:/blobs -v /var/lib/stash/generated:/generated \<br /> -v /var/lib/stash/data:/data -v /srv/porn:/srv/porn -v /srv/incoming/torrents/deluge/porn:/srv/incoming/torrents/deluge/porn \<br /> -v /etc/localtime:/etc/localtime:ro \<br /> --restart unless-stopped \<br /> stashapp/stash<br /> <br /> === Bedrock Connect ===<br /> sudo docker run -d --name bedrock-connect \<br /> -e NODB=true \<br /> -p 19132:19132/udp \<br /> -v /var/lib/minecraft/bedrock-connect:/app/config \<br /> --restart unless-stopped \<br /> strausmann/minecraft-bedrock-connect<br /> <br /> === Minecraft Servers ===<br /> sudo docker run -d --name brettopia \<br /> -e EULA=TRUE -e SERVER_PORT=19142 \<br /> -p 19142:19142/udp \<br /> -v /var/lib/minecraft/brettopia:/data \<br /> --restart unless-stopped \<br /> itzg/minecraft-bedrock-server<br /> <br /> sudo docker run -d --name brettropolis \<br /> -e EULA=TRUE -e SERVER_PORT=19152 \<br /> -p 19152:19152/udp \<br /> -v /var/lib/minecraft/brettropolis:/data \<br /> --restart unless-stopped \<br /> itzg/minecraft-bedrock-server<br /> <br /> === Atlassian ===<br /> <br /> ==== JIRA ====<br /> Note: In this instance JIRA is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name jira<br /> sudo docker run -d --name=jira -e TZ=Europe/London \<br /> -e ATL_TOMCAT_SCHEME=https -e ATL_TOMCAT_SECURE=true -e ATL_PROXY_NAME=jira.bretts.org -e ATL_PROXY_PORT=443 \<br /> -p 7980:8080 \<br /> -v jira:/var/atlassian/application-data/jira \<br /> --restart unless-stopped \<br /> atlassian/jira-software<br /> <br /> Docker JIRA runs with a uid and gid of 2001. To ensure they show up as a named user in the hosting system you can run:<br /> sudo addgroup --gid 2001 jira-docker<br /> sudo adduser --system --no-create-home --uid 2001 --gid 2001 jira-docker<br /> <br /> ==== Bitbucket====<br /> Note: In this instance Bitbucket is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name bitbucket<br /> sudo docker run -d --name=bitbucket -e TZ=Europe/London \<br /> -e SERVER_SCHEME=https -e SERVER_SECURE=true -e SERVER_PROXY_NAME=bitbucket.bretts.org -e SERVER_PROXY_PORT=443 \<br /> -p 7990:7990 -p 7999:7999 \<br /> -v bitbucket:/var/atlassian/application-data/bitbucket \<br /> --restart unless-stopped \<br /> atlassian/bitbucket-server<br /> <br /> Docker Bitbucket runs with a uid and gid of 2003. To ensure they show up as a named user in the hosting system you can run:<br /> sudo addgroup --gid 2003 bitbucket-docker<br /> sudo adduser --system --no-create-home --uid 2003 --gid 2003 bitbucket-docker<br /> <br /> ==== Bamboo ====<br /> Note: In this instance Bamboo is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name bamboo<br /> sudo docker run -d --name=bamboo -e TZ=Europe/London \<br /> -p 54663:54663 -p 7970:8085 \<br /> -v bamboo:/var/atlassian/application-data/bamboo \<br /> --restart unless-stopped \<br /> atlassian/bamboo-server<br /> <br /> ===== Limitations =====<br /> * Bamboo runs with a uid of 1000, which means it's likely to clash with a real user in the containing host<br /> * Bamboo container doesn't support any reverse proxy configuration, which means hiding it behind nginx is likely to result in broken Application Links. This can be worked around by manually editing /opt/atlassian/bamboo/conf/server.xml, but those changes will be overwritten on every container upgrade.<br /> <br /> == Tips / Fixes ==<br /> <br /> === Tautulli slow to start ===<br /> This may be due to an attempt to chown a large number of files. <br /> Login to the container:<br /> sudo docker exec -it &lt;container&gt; /bin/bash<br /> Disable the chown step by editing &lt;code&gt;/etc/cont-init.d/30-config&lt;/code&gt; and commenting out the chown command.<br /> <br /> === Adding an SSL cert for Unifi ===<br /> sudo openssl pkcs12 -export -inkey /etc/ssl/bretts.org/key.pem -in /etc/ssl/bretts.org/fullchain.pem -out /tmp/cert.p12 -name unifi -password pass:temppass<br /> sudo keytool -importkeystore -deststorepass aircontrolenterprise -destkeypass aircontrolenterprise -destkeystore /var/lib/unifi/data/keystore -srckeystore /tmp/cert.p12 -srcstoretype PKCS12 -srcstorepass temppass -alias unifi -noprompt<br /> sudo docker restart unifi-controller<br /> sudo rm /tmp/cert.p12<br /> <br /> === Local DNS resolution fails on docker 18.09 ===<br /> This may be the result of a bug: https://bugs.launchpad.net/ubuntu/+source/docker.io/+bug/1820278. Normally the container's /etc/resolv.conf should mirror that of the host, but in this case it seems to just be a default version. As a workaround, create /etc/docker/daemon.json with the following contents:<br /> <br /> {<br /> &quot;dns&quot;: [&quot;192.168.1.1&quot;, &quot;8.8.8.8&quot;],<br /> &quot;dns-search&quot;: [&quot;bretts.org&quot;]<br /> }</div> Andrew https://wiki.bretts.org/index.php?title=Docker&diff=8591 Docker 2025-11-23T07:52:39Z <p>Andrew: /* Minecraft Servers */</p> <hr /> <div>== Useful Commands ==<br /> <br /> ; docker ps -a: List all containers<br /> ; docker container inspect &lt;container&gt;: Show details of &lt;container&gt;<br /> ; docker logs &lt;container&gt;: Show logs for &lt;container&gt;<br /> ; docker exec -it &lt;container&gt; /bin/bash: Start an interactive shell in &lt;container&gt;<br /> <br /> == Updating container ==<br /> <br /> === Manually ===<br /> sudo docker pull &lt;image&gt;<br /> sudo docker stop &lt;container&gt;<br /> sudo docker rm &lt;container&gt;<br /> &lt;docker run command&gt;<br /> <br /> === Automatically ===<br /> sudo docker run --rm -v /var/run/docker.sock:/var/run/docker.sock taisun/updater --oneshot &lt;container&gt;<br /> <br /> == Containers ==<br /> <br /> === Portainer ===<br /> sudo docker run -d --name portainer \<br /> -p 8000:8000 -p 9443:9443 \<br /> -v /var/run/docker.sock:/var/run/docker.sock -v /var/lib/portainer:/data \<br /> -v /etc/ssl/bretts.org:/certs \<br /> --restart unless-stopped \<br /> portainer/portainer-ce \<br /> --sslcert /certs/fullchain.pem --sslkey /certs/key.pem<br /> <br /> === Plex ===<br /> <br /> Get your claim token: https://www.plex.tv/claim/<br /> <br /> Create the container with the claim token substituted:<br /> sudo docker run -d --name plex --network=host -e PLEX_UID=111 -e PLEX_GID=127 -e TZ=Europe/London -e PLEX_CLAIM=&lt;CLAIM_TOKEN&gt; \<br /> -v /var/lib/plexmediaserver:/config -v /srv:/srv --device=/dev/dri:/dev/dri \<br /> --restart unless-stopped \<br /> plexinc/pms-docker:plexpass<br /> <br /> === Tautulli (Plex Monitoring/Notifications) ===<br /> sudo docker run -d --name tautulli -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 8181:8181 \<br /> -v /var/lib/torrent/tautulli/config:/config -v /var/lib/plexmediaserver/Library/Logs:/logs \<br /> --restart unless-stopped \<br /> linuxserver/tautulli<br /> <br /> === Jackett (Torrent Gateway) ===<br /> sudo docker run -d --name=jackett -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 9117:9117 \<br /> -v /var/lib/torrent/jackett/config:/config -v /var/lib/torrent/jackett/downloads:/downloads \<br /> --restart unless-stopped \<br /> linuxserver/jackett<br /> <br /> === FlareSolverr (CloudFlare proxy bypass) ===<br /> sudo docker run -d --name=flaresolverr \<br /> -p 8191:8191 \<br /> -e LOG_LEVEL=info \<br /> --restart unless-stopped \<br /> ghcr.io/flaresolverr/flaresolverr:latest<br /> <br /> === Byparr (Alternative CloudFlare proxy bypass) ===<br /> sudo docker run -d --name=byparr \<br /> -p 8191:8191 \<br /> -e LOG_LEVEL=info \<br /> --restart unless-stopped \<br /> ghcr.io/thephaseless/byparr:latest<br /> <br /> === Deluge ===<br /> sudo docker run -d --name deluge -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> --net=host \<br /> -v /var/lib/torrent/deluged/config:/config -v /srv/incoming/torrents/deluge:/srv/incoming/torrents/deluge \<br /> -v /etc/ssl/bretts.org:/etc/ssl/bretts.org \<br /> --restart unless-stopped \<br /> linuxserver/deluge<br /> <br /> Since user groups don't seem to apply across the docker boundary, &quot;torrent&quot; will need to be given explicit permission to the private key file via an ACL:<br /> setfacl -m &quot;u:torrent:rw&quot; /etc/ssl/bretts.org/key.pem<br /> <br /> === Radarr (Movie Downloads) ===<br /> sudo docker run -d --name radarr -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 7878:7878 \<br /> -v /var/lib/torrent/radarr/config:/config -v /srv/videos/programs/movies:/movies -v /srv/incoming/torrents/deluge:/downloads \<br /> --restart unless-stopped \<br /> linuxserver/radarr<br /> <br /> === Sonarr (TV Downloads) ===<br /> sudo docker run -d --name=sonarr -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 8989:8989 \<br /> -v /var/lib/torrent/sonarr/config:/config -v /srv/videos/programs/tv:/tv -v /srv/incoming/torrents/deluge:/downloads \<br /> --restart unless-stopped \<br /> linuxserver/sonarr<br /> <br /> === Overseerr (Media Requests) ===<br /> sudo docker run -d --name overseerr --user=127:138 -e LOG_LEVEL=debug -e TZ=Europe/London \<br /> -e PORT=5055 `#optional` \<br /> -p 5055:5055 \<br /> -v /var/lib/torrent/overseerr/config:/app/config \<br /> --restart unless-stopped \<br /> sctx/overseerr<br /> <br /> === Unifi ===<br /> sudo docker run -d --name=unifi-controller -e PUID=140 -e PGID=150 \<br /> -p 3478:3478/udp -p 10001:10001/udp -p 18080:18080 -p 18081:18081 -p 18443:18443 -p 18880:18880 -p 6789:6789 \<br /> -v /var/lib/unifi:/config \<br /> --restart unless-stopped \<br /> linuxserver/unifi-controller<br /> <br /> === Home-Assistant (as part of host network) ===<br /> sudo docker run -d --name=home-assistant -e TZ=Europe/London \<br /> --net=host \<br /> -v /var/lib/home-assistant/config:/config -v /srv:/media -v /etc/ssl/bretts.org:/etc/ssl/bretts.org -v /var/www/html/arlo-snapshots:/arlo-snapshots \<br /> --restart unless-stopped \<br /> homeassistant/home-assistant<br /> <br /> === Stash ===<br /> sudo docker run -d --name stash \<br /> -e STASH_GENERATED=/generated/ -e STASH_METADATA=/metadata/ -e STASH_CACHE=/cache/ \<br /> -e STASH_STASH=/data/ \<br /> -p 9999:9999 \<br /> -v /var/lib/stash:/root/.stash -v /var/lib/stash/metadata:/metadata -v /var/lib/stash/cache:/cache -v /var/lib/stash/blobs:/blobs -v /var/lib/stash/generated:/generated \<br /> -v /var/lib/stash/data:/data -v /srv/porn:/srv/porn -v /srv/incoming/torrents/deluge/porn:/srv/incoming/torrents/deluge/porn \<br /> -v /etc/localtime:/etc/localtime:ro \<br /> --restart unless-stopped \<br /> stashapp/stash<br /> <br /> === Bedrock Connect ===<br /> sudo docker run -d --name bedrock-connect \<br /> -e NODB=true \<br /> -p 19132:19132/udp \<br /> -v /var/lib/minecraft/bedrock-connect:/app/config \<br /> --restart unless-stopped \<br /> strausmann/minecraft-bedrock-connect<br /> <br /> === Minecraft Servers ===<br /> sudo docker run -d --name brettopia \<br /> -e EULA=TRUE -e SERVER_PORT=19142 \<br /> -p 19142:19142/udp \<br /> -v /var/lib/minecraft/brettopia:/data \<br /> --restart unless-stopped \<br /> itzg/minecraft-bedrock-server<br /> <br /> === Atlassian ===<br /> <br /> ==== JIRA ====<br /> Note: In this instance JIRA is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name jira<br /> sudo docker run -d --name=jira -e TZ=Europe/London \<br /> -e ATL_TOMCAT_SCHEME=https -e ATL_TOMCAT_SECURE=true -e ATL_PROXY_NAME=jira.bretts.org -e ATL_PROXY_PORT=443 \<br /> -p 7980:8080 \<br /> -v jira:/var/atlassian/application-data/jira \<br /> --restart unless-stopped \<br /> atlassian/jira-software<br /> <br /> Docker JIRA runs with a uid and gid of 2001. To ensure they show up as a named user in the hosting system you can run:<br /> sudo addgroup --gid 2001 jira-docker<br /> sudo adduser --system --no-create-home --uid 2001 --gid 2001 jira-docker<br /> <br /> ==== Bitbucket====<br /> Note: In this instance Bitbucket is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name bitbucket<br /> sudo docker run -d --name=bitbucket -e TZ=Europe/London \<br /> -e SERVER_SCHEME=https -e SERVER_SECURE=true -e SERVER_PROXY_NAME=bitbucket.bretts.org -e SERVER_PROXY_PORT=443 \<br /> -p 7990:7990 -p 7999:7999 \<br /> -v bitbucket:/var/atlassian/application-data/bitbucket \<br /> --restart unless-stopped \<br /> atlassian/bitbucket-server<br /> <br /> Docker Bitbucket runs with a uid and gid of 2003. To ensure they show up as a named user in the hosting system you can run:<br /> sudo addgroup --gid 2003 bitbucket-docker<br /> sudo adduser --system --no-create-home --uid 2003 --gid 2003 bitbucket-docker<br /> <br /> ==== Bamboo ====<br /> Note: In this instance Bamboo is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name bamboo<br /> sudo docker run -d --name=bamboo -e TZ=Europe/London \<br /> -p 54663:54663 -p 7970:8085 \<br /> -v bamboo:/var/atlassian/application-data/bamboo \<br /> --restart unless-stopped \<br /> atlassian/bamboo-server<br /> <br /> ===== Limitations =====<br /> * Bamboo runs with a uid of 1000, which means it's likely to clash with a real user in the containing host<br /> * Bamboo container doesn't support any reverse proxy configuration, which means hiding it behind nginx is likely to result in broken Application Links. This can be worked around by manually editing /opt/atlassian/bamboo/conf/server.xml, but those changes will be overwritten on every container upgrade.<br /> <br /> == Tips / Fixes ==<br /> <br /> === Tautulli slow to start ===<br /> This may be due to an attempt to chown a large number of files. <br /> Login to the container:<br /> sudo docker exec -it &lt;container&gt; /bin/bash<br /> Disable the chown step by editing &lt;code&gt;/etc/cont-init.d/30-config&lt;/code&gt; and commenting out the chown command.<br /> <br /> === Adding an SSL cert for Unifi ===<br /> sudo openssl pkcs12 -export -inkey /etc/ssl/bretts.org/key.pem -in /etc/ssl/bretts.org/fullchain.pem -out /tmp/cert.p12 -name unifi -password pass:temppass<br /> sudo keytool -importkeystore -deststorepass aircontrolenterprise -destkeypass aircontrolenterprise -destkeystore /var/lib/unifi/data/keystore -srckeystore /tmp/cert.p12 -srcstoretype PKCS12 -srcstorepass temppass -alias unifi -noprompt<br /> sudo docker restart unifi-controller<br /> sudo rm /tmp/cert.p12<br /> <br /> === Local DNS resolution fails on docker 18.09 ===<br /> This may be the result of a bug: https://bugs.launchpad.net/ubuntu/+source/docker.io/+bug/1820278. Normally the container's /etc/resolv.conf should mirror that of the host, but in this case it seems to just be a default version. As a workaround, create /etc/docker/daemon.json with the following contents:<br /> <br /> {<br /> &quot;dns&quot;: [&quot;192.168.1.1&quot;, &quot;8.8.8.8&quot;],<br /> &quot;dns-search&quot;: [&quot;bretts.org&quot;]<br /> }</div> Andrew https://wiki.bretts.org/index.php?title=Docker&diff=8590 Docker 2025-11-23T07:47:12Z <p>Andrew: /* Bedrock Connect */</p> <hr /> <div>== Useful Commands ==<br /> <br /> ; docker ps -a: List all containers<br /> ; docker container inspect &lt;container&gt;: Show details of &lt;container&gt;<br /> ; docker logs &lt;container&gt;: Show logs for &lt;container&gt;<br /> ; docker exec -it &lt;container&gt; /bin/bash: Start an interactive shell in &lt;container&gt;<br /> <br /> == Updating container ==<br /> <br /> === Manually ===<br /> sudo docker pull &lt;image&gt;<br /> sudo docker stop &lt;container&gt;<br /> sudo docker rm &lt;container&gt;<br /> &lt;docker run command&gt;<br /> <br /> === Automatically ===<br /> sudo docker run --rm -v /var/run/docker.sock:/var/run/docker.sock taisun/updater --oneshot &lt;container&gt;<br /> <br /> == Containers ==<br /> <br /> === Portainer ===<br /> sudo docker run -d --name portainer \<br /> -p 8000:8000 -p 9443:9443 \<br /> -v /var/run/docker.sock:/var/run/docker.sock -v /var/lib/portainer:/data \<br /> -v /etc/ssl/bretts.org:/certs \<br /> --restart unless-stopped \<br /> portainer/portainer-ce \<br /> --sslcert /certs/fullchain.pem --sslkey /certs/key.pem<br /> <br /> === Plex ===<br /> <br /> Get your claim token: https://www.plex.tv/claim/<br /> <br /> Create the container with the claim token substituted:<br /> sudo docker run -d --name plex --network=host -e PLEX_UID=111 -e PLEX_GID=127 -e TZ=Europe/London -e PLEX_CLAIM=&lt;CLAIM_TOKEN&gt; \<br /> -v /var/lib/plexmediaserver:/config -v /srv:/srv --device=/dev/dri:/dev/dri \<br /> --restart unless-stopped \<br /> plexinc/pms-docker:plexpass<br /> <br /> === Tautulli (Plex Monitoring/Notifications) ===<br /> sudo docker run -d --name tautulli -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 8181:8181 \<br /> -v /var/lib/torrent/tautulli/config:/config -v /var/lib/plexmediaserver/Library/Logs:/logs \<br /> --restart unless-stopped \<br /> linuxserver/tautulli<br /> <br /> === Jackett (Torrent Gateway) ===<br /> sudo docker run -d --name=jackett -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 9117:9117 \<br /> -v /var/lib/torrent/jackett/config:/config -v /var/lib/torrent/jackett/downloads:/downloads \<br /> --restart unless-stopped \<br /> linuxserver/jackett<br /> <br /> === FlareSolverr (CloudFlare proxy bypass) ===<br /> sudo docker run -d --name=flaresolverr \<br /> -p 8191:8191 \<br /> -e LOG_LEVEL=info \<br /> --restart unless-stopped \<br /> ghcr.io/flaresolverr/flaresolverr:latest<br /> <br /> === Byparr (Alternative CloudFlare proxy bypass) ===<br /> sudo docker run -d --name=byparr \<br /> -p 8191:8191 \<br /> -e LOG_LEVEL=info \<br /> --restart unless-stopped \<br /> ghcr.io/thephaseless/byparr:latest<br /> <br /> === Deluge ===<br /> sudo docker run -d --name deluge -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> --net=host \<br /> -v /var/lib/torrent/deluged/config:/config -v /srv/incoming/torrents/deluge:/srv/incoming/torrents/deluge \<br /> -v /etc/ssl/bretts.org:/etc/ssl/bretts.org \<br /> --restart unless-stopped \<br /> linuxserver/deluge<br /> <br /> Since user groups don't seem to apply across the docker boundary, &quot;torrent&quot; will need to be given explicit permission to the private key file via an ACL:<br /> setfacl -m &quot;u:torrent:rw&quot; /etc/ssl/bretts.org/key.pem<br /> <br /> === Radarr (Movie Downloads) ===<br /> sudo docker run -d --name radarr -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 7878:7878 \<br /> -v /var/lib/torrent/radarr/config:/config -v /srv/videos/programs/movies:/movies -v /srv/incoming/torrents/deluge:/downloads \<br /> --restart unless-stopped \<br /> linuxserver/radarr<br /> <br /> === Sonarr (TV Downloads) ===<br /> sudo docker run -d --name=sonarr -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 8989:8989 \<br /> -v /var/lib/torrent/sonarr/config:/config -v /srv/videos/programs/tv:/tv -v /srv/incoming/torrents/deluge:/downloads \<br /> --restart unless-stopped \<br /> linuxserver/sonarr<br /> <br /> === Overseerr (Media Requests) ===<br /> sudo docker run -d --name overseerr --user=127:138 -e LOG_LEVEL=debug -e TZ=Europe/London \<br /> -e PORT=5055 `#optional` \<br /> -p 5055:5055 \<br /> -v /var/lib/torrent/overseerr/config:/app/config \<br /> --restart unless-stopped \<br /> sctx/overseerr<br /> <br /> === Unifi ===<br /> sudo docker run -d --name=unifi-controller -e PUID=140 -e PGID=150 \<br /> -p 3478:3478/udp -p 10001:10001/udp -p 18080:18080 -p 18081:18081 -p 18443:18443 -p 18880:18880 -p 6789:6789 \<br /> -v /var/lib/unifi:/config \<br /> --restart unless-stopped \<br /> linuxserver/unifi-controller<br /> <br /> === Home-Assistant (as part of host network) ===<br /> sudo docker run -d --name=home-assistant -e TZ=Europe/London \<br /> --net=host \<br /> -v /var/lib/home-assistant/config:/config -v /srv:/media -v /etc/ssl/bretts.org:/etc/ssl/bretts.org -v /var/www/html/arlo-snapshots:/arlo-snapshots \<br /> --restart unless-stopped \<br /> homeassistant/home-assistant<br /> <br /> === Stash ===<br /> sudo docker run -d --name stash \<br /> -e STASH_GENERATED=/generated/ -e STASH_METADATA=/metadata/ -e STASH_CACHE=/cache/ \<br /> -e STASH_STASH=/data/ \<br /> -p 9999:9999 \<br /> -v /var/lib/stash:/root/.stash -v /var/lib/stash/metadata:/metadata -v /var/lib/stash/cache:/cache -v /var/lib/stash/blobs:/blobs -v /var/lib/stash/generated:/generated \<br /> -v /var/lib/stash/data:/data -v /srv/porn:/srv/porn -v /srv/incoming/torrents/deluge/porn:/srv/incoming/torrents/deluge/porn \<br /> -v /etc/localtime:/etc/localtime:ro \<br /> --restart unless-stopped \<br /> stashapp/stash<br /> <br /> === Bedrock Connect ===<br /> sudo docker run -d --name bedrock-connect \<br /> -e NODB=true \<br /> -p 19132:19132/udp \<br /> -v /var/lib/minecraft/bedrock-connect:/app/config \<br /> --restart unless-stopped \<br /> strausmann/minecraft-bedrock-connect<br /> <br /> === Minecraft Servers ===<br /> sudo docker run -d --name brettopia \<br /> -e EULA=TRUE \<br /> -p 19142:19142/udp \<br /> -v /var/lib/minecraft/brettopia:/data \<br /> --restart unless-stopped \<br /> itzg/minecraft-bedrock-server<br /> <br /> === Atlassian ===<br /> <br /> ==== JIRA ====<br /> Note: In this instance JIRA is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name jira<br /> sudo docker run -d --name=jira -e TZ=Europe/London \<br /> -e ATL_TOMCAT_SCHEME=https -e ATL_TOMCAT_SECURE=true -e ATL_PROXY_NAME=jira.bretts.org -e ATL_PROXY_PORT=443 \<br /> -p 7980:8080 \<br /> -v jira:/var/atlassian/application-data/jira \<br /> --restart unless-stopped \<br /> atlassian/jira-software<br /> <br /> Docker JIRA runs with a uid and gid of 2001. To ensure they show up as a named user in the hosting system you can run:<br /> sudo addgroup --gid 2001 jira-docker<br /> sudo adduser --system --no-create-home --uid 2001 --gid 2001 jira-docker<br /> <br /> ==== Bitbucket====<br /> Note: In this instance Bitbucket is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name bitbucket<br /> sudo docker run -d --name=bitbucket -e TZ=Europe/London \<br /> -e SERVER_SCHEME=https -e SERVER_SECURE=true -e SERVER_PROXY_NAME=bitbucket.bretts.org -e SERVER_PROXY_PORT=443 \<br /> -p 7990:7990 -p 7999:7999 \<br /> -v bitbucket:/var/atlassian/application-data/bitbucket \<br /> --restart unless-stopped \<br /> atlassian/bitbucket-server<br /> <br /> Docker Bitbucket runs with a uid and gid of 2003. To ensure they show up as a named user in the hosting system you can run:<br /> sudo addgroup --gid 2003 bitbucket-docker<br /> sudo adduser --system --no-create-home --uid 2003 --gid 2003 bitbucket-docker<br /> <br /> ==== Bamboo ====<br /> Note: In this instance Bamboo is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name bamboo<br /> sudo docker run -d --name=bamboo -e TZ=Europe/London \<br /> -p 54663:54663 -p 7970:8085 \<br /> -v bamboo:/var/atlassian/application-data/bamboo \<br /> --restart unless-stopped \<br /> atlassian/bamboo-server<br /> <br /> ===== Limitations =====<br /> * Bamboo runs with a uid of 1000, which means it's likely to clash with a real user in the containing host<br /> * Bamboo container doesn't support any reverse proxy configuration, which means hiding it behind nginx is likely to result in broken Application Links. This can be worked around by manually editing /opt/atlassian/bamboo/conf/server.xml, but those changes will be overwritten on every container upgrade.<br /> <br /> == Tips / Fixes ==<br /> <br /> === Tautulli slow to start ===<br /> This may be due to an attempt to chown a large number of files. <br /> Login to the container:<br /> sudo docker exec -it &lt;container&gt; /bin/bash<br /> Disable the chown step by editing &lt;code&gt;/etc/cont-init.d/30-config&lt;/code&gt; and commenting out the chown command.<br /> <br /> === Adding an SSL cert for Unifi ===<br /> sudo openssl pkcs12 -export -inkey /etc/ssl/bretts.org/key.pem -in /etc/ssl/bretts.org/fullchain.pem -out /tmp/cert.p12 -name unifi -password pass:temppass<br /> sudo keytool -importkeystore -deststorepass aircontrolenterprise -destkeypass aircontrolenterprise -destkeystore /var/lib/unifi/data/keystore -srckeystore /tmp/cert.p12 -srcstoretype PKCS12 -srcstorepass temppass -alias unifi -noprompt<br /> sudo docker restart unifi-controller<br /> sudo rm /tmp/cert.p12<br /> <br /> === Local DNS resolution fails on docker 18.09 ===<br /> This may be the result of a bug: https://bugs.launchpad.net/ubuntu/+source/docker.io/+bug/1820278. Normally the container's /etc/resolv.conf should mirror that of the host, but in this case it seems to just be a default version. As a workaround, create /etc/docker/daemon.json with the following contents:<br /> <br /> {<br /> &quot;dns&quot;: [&quot;192.168.1.1&quot;, &quot;8.8.8.8&quot;],<br /> &quot;dns-search&quot;: [&quot;bretts.org&quot;]<br /> }</div> Andrew https://wiki.bretts.org/index.php?title=Docker&diff=8589 Docker 2025-11-23T07:42:17Z <p>Andrew: /* Minecraft Server */</p> <hr /> <div>== Useful Commands ==<br /> <br /> ; docker ps -a: List all containers<br /> ; docker container inspect &lt;container&gt;: Show details of &lt;container&gt;<br /> ; docker logs &lt;container&gt;: Show logs for &lt;container&gt;<br /> ; docker exec -it &lt;container&gt; /bin/bash: Start an interactive shell in &lt;container&gt;<br /> <br /> == Updating container ==<br /> <br /> === Manually ===<br /> sudo docker pull &lt;image&gt;<br /> sudo docker stop &lt;container&gt;<br /> sudo docker rm &lt;container&gt;<br /> &lt;docker run command&gt;<br /> <br /> === Automatically ===<br /> sudo docker run --rm -v /var/run/docker.sock:/var/run/docker.sock taisun/updater --oneshot &lt;container&gt;<br /> <br /> == Containers ==<br /> <br /> === Portainer ===<br /> sudo docker run -d --name portainer \<br /> -p 8000:8000 -p 9443:9443 \<br /> -v /var/run/docker.sock:/var/run/docker.sock -v /var/lib/portainer:/data \<br /> -v /etc/ssl/bretts.org:/certs \<br /> --restart unless-stopped \<br /> portainer/portainer-ce \<br /> --sslcert /certs/fullchain.pem --sslkey /certs/key.pem<br /> <br /> === Plex ===<br /> <br /> Get your claim token: https://www.plex.tv/claim/<br /> <br /> Create the container with the claim token substituted:<br /> sudo docker run -d --name plex --network=host -e PLEX_UID=111 -e PLEX_GID=127 -e TZ=Europe/London -e PLEX_CLAIM=&lt;CLAIM_TOKEN&gt; \<br /> -v /var/lib/plexmediaserver:/config -v /srv:/srv --device=/dev/dri:/dev/dri \<br /> --restart unless-stopped \<br /> plexinc/pms-docker:plexpass<br /> <br /> === Tautulli (Plex Monitoring/Notifications) ===<br /> sudo docker run -d --name tautulli -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 8181:8181 \<br /> -v /var/lib/torrent/tautulli/config:/config -v /var/lib/plexmediaserver/Library/Logs:/logs \<br /> --restart unless-stopped \<br /> linuxserver/tautulli<br /> <br /> === Jackett (Torrent Gateway) ===<br /> sudo docker run -d --name=jackett -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 9117:9117 \<br /> -v /var/lib/torrent/jackett/config:/config -v /var/lib/torrent/jackett/downloads:/downloads \<br /> --restart unless-stopped \<br /> linuxserver/jackett<br /> <br /> === FlareSolverr (CloudFlare proxy bypass) ===<br /> sudo docker run -d --name=flaresolverr \<br /> -p 8191:8191 \<br /> -e LOG_LEVEL=info \<br /> --restart unless-stopped \<br /> ghcr.io/flaresolverr/flaresolverr:latest<br /> <br /> === Byparr (Alternative CloudFlare proxy bypass) ===<br /> sudo docker run -d --name=byparr \<br /> -p 8191:8191 \<br /> -e LOG_LEVEL=info \<br /> --restart unless-stopped \<br /> ghcr.io/thephaseless/byparr:latest<br /> <br /> === Deluge ===<br /> sudo docker run -d --name deluge -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> --net=host \<br /> -v /var/lib/torrent/deluged/config:/config -v /srv/incoming/torrents/deluge:/srv/incoming/torrents/deluge \<br /> -v /etc/ssl/bretts.org:/etc/ssl/bretts.org \<br /> --restart unless-stopped \<br /> linuxserver/deluge<br /> <br /> Since user groups don't seem to apply across the docker boundary, &quot;torrent&quot; will need to be given explicit permission to the private key file via an ACL:<br /> setfacl -m &quot;u:torrent:rw&quot; /etc/ssl/bretts.org/key.pem<br /> <br /> === Radarr (Movie Downloads) ===<br /> sudo docker run -d --name radarr -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 7878:7878 \<br /> -v /var/lib/torrent/radarr/config:/config -v /srv/videos/programs/movies:/movies -v /srv/incoming/torrents/deluge:/downloads \<br /> --restart unless-stopped \<br /> linuxserver/radarr<br /> <br /> === Sonarr (TV Downloads) ===<br /> sudo docker run -d --name=sonarr -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 8989:8989 \<br /> -v /var/lib/torrent/sonarr/config:/config -v /srv/videos/programs/tv:/tv -v /srv/incoming/torrents/deluge:/downloads \<br /> --restart unless-stopped \<br /> linuxserver/sonarr<br /> <br /> === Overseerr (Media Requests) ===<br /> sudo docker run -d --name overseerr --user=127:138 -e LOG_LEVEL=debug -e TZ=Europe/London \<br /> -e PORT=5055 `#optional` \<br /> -p 5055:5055 \<br /> -v /var/lib/torrent/overseerr/config:/app/config \<br /> --restart unless-stopped \<br /> sctx/overseerr<br /> <br /> === Unifi ===<br /> sudo docker run -d --name=unifi-controller -e PUID=140 -e PGID=150 \<br /> -p 3478:3478/udp -p 10001:10001/udp -p 18080:18080 -p 18081:18081 -p 18443:18443 -p 18880:18880 -p 6789:6789 \<br /> -v /var/lib/unifi:/config \<br /> --restart unless-stopped \<br /> linuxserver/unifi-controller<br /> <br /> === Home-Assistant (as part of host network) ===<br /> sudo docker run -d --name=home-assistant -e TZ=Europe/London \<br /> --net=host \<br /> -v /var/lib/home-assistant/config:/config -v /srv:/media -v /etc/ssl/bretts.org:/etc/ssl/bretts.org -v /var/www/html/arlo-snapshots:/arlo-snapshots \<br /> --restart unless-stopped \<br /> homeassistant/home-assistant<br /> <br /> === Stash ===<br /> sudo docker run -d --name stash \<br /> -e STASH_GENERATED=/generated/ -e STASH_METADATA=/metadata/ -e STASH_CACHE=/cache/ \<br /> -e STASH_STASH=/data/ \<br /> -p 9999:9999 \<br /> -v /var/lib/stash:/root/.stash -v /var/lib/stash/metadata:/metadata -v /var/lib/stash/cache:/cache -v /var/lib/stash/blobs:/blobs -v /var/lib/stash/generated:/generated \<br /> -v /var/lib/stash/data:/data -v /srv/porn:/srv/porn -v /srv/incoming/torrents/deluge/porn:/srv/incoming/torrents/deluge/porn \<br /> -v /etc/localtime:/etc/localtime:ro \<br /> --restart unless-stopped \<br /> stashapp/stash<br /> <br /> === Bedrock Connect ===<br /> sudo docker run -d --name bedrock-connect \<br /> -e NODB=true \<br /> -p 19132:19132 \<br /> -v /var/lib/minecraft/bedrock-connect/config:/app/config \<br /> --restart unless-stopped \<br /> strausmann/minecraft-bedrock-connect<br /> <br /> === Minecraft Servers ===<br /> sudo docker run -d --name brettopia \<br /> -e EULA=TRUE \<br /> -p 19142:19142/udp \<br /> -v /var/lib/minecraft/brettopia:/data \<br /> --restart unless-stopped \<br /> itzg/minecraft-bedrock-server<br /> <br /> === Atlassian ===<br /> <br /> ==== JIRA ====<br /> Note: In this instance JIRA is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name jira<br /> sudo docker run -d --name=jira -e TZ=Europe/London \<br /> -e ATL_TOMCAT_SCHEME=https -e ATL_TOMCAT_SECURE=true -e ATL_PROXY_NAME=jira.bretts.org -e ATL_PROXY_PORT=443 \<br /> -p 7980:8080 \<br /> -v jira:/var/atlassian/application-data/jira \<br /> --restart unless-stopped \<br /> atlassian/jira-software<br /> <br /> Docker JIRA runs with a uid and gid of 2001. To ensure they show up as a named user in the hosting system you can run:<br /> sudo addgroup --gid 2001 jira-docker<br /> sudo adduser --system --no-create-home --uid 2001 --gid 2001 jira-docker<br /> <br /> ==== Bitbucket====<br /> Note: In this instance Bitbucket is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name bitbucket<br /> sudo docker run -d --name=bitbucket -e TZ=Europe/London \<br /> -e SERVER_SCHEME=https -e SERVER_SECURE=true -e SERVER_PROXY_NAME=bitbucket.bretts.org -e SERVER_PROXY_PORT=443 \<br /> -p 7990:7990 -p 7999:7999 \<br /> -v bitbucket:/var/atlassian/application-data/bitbucket \<br /> --restart unless-stopped \<br /> atlassian/bitbucket-server<br /> <br /> Docker Bitbucket runs with a uid and gid of 2003. To ensure they show up as a named user in the hosting system you can run:<br /> sudo addgroup --gid 2003 bitbucket-docker<br /> sudo adduser --system --no-create-home --uid 2003 --gid 2003 bitbucket-docker<br /> <br /> ==== Bamboo ====<br /> Note: In this instance Bamboo is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name bamboo<br /> sudo docker run -d --name=bamboo -e TZ=Europe/London \<br /> -p 54663:54663 -p 7970:8085 \<br /> -v bamboo:/var/atlassian/application-data/bamboo \<br /> --restart unless-stopped \<br /> atlassian/bamboo-server<br /> <br /> ===== Limitations =====<br /> * Bamboo runs with a uid of 1000, which means it's likely to clash with a real user in the containing host<br /> * Bamboo container doesn't support any reverse proxy configuration, which means hiding it behind nginx is likely to result in broken Application Links. This can be worked around by manually editing /opt/atlassian/bamboo/conf/server.xml, but those changes will be overwritten on every container upgrade.<br /> <br /> == Tips / Fixes ==<br /> <br /> === Tautulli slow to start ===<br /> This may be due to an attempt to chown a large number of files. <br /> Login to the container:<br /> sudo docker exec -it &lt;container&gt; /bin/bash<br /> Disable the chown step by editing &lt;code&gt;/etc/cont-init.d/30-config&lt;/code&gt; and commenting out the chown command.<br /> <br /> === Adding an SSL cert for Unifi ===<br /> sudo openssl pkcs12 -export -inkey /etc/ssl/bretts.org/key.pem -in /etc/ssl/bretts.org/fullchain.pem -out /tmp/cert.p12 -name unifi -password pass:temppass<br /> sudo keytool -importkeystore -deststorepass aircontrolenterprise -destkeypass aircontrolenterprise -destkeystore /var/lib/unifi/data/keystore -srckeystore /tmp/cert.p12 -srcstoretype PKCS12 -srcstorepass temppass -alias unifi -noprompt<br /> sudo docker restart unifi-controller<br /> sudo rm /tmp/cert.p12<br /> <br /> === Local DNS resolution fails on docker 18.09 ===<br /> This may be the result of a bug: https://bugs.launchpad.net/ubuntu/+source/docker.io/+bug/1820278. Normally the container's /etc/resolv.conf should mirror that of the host, but in this case it seems to just be a default version. As a workaround, create /etc/docker/daemon.json with the following contents:<br /> <br /> {<br /> &quot;dns&quot;: [&quot;192.168.1.1&quot;, &quot;8.8.8.8&quot;],<br /> &quot;dns-search&quot;: [&quot;bretts.org&quot;]<br /> }</div> Andrew https://wiki.bretts.org/index.php?title=Docker&diff=8588 Docker 2025-11-23T07:41:32Z <p>Andrew: /* Minecraft Server */</p> <hr /> <div>== Useful Commands ==<br /> <br /> ; docker ps -a: List all containers<br /> ; docker container inspect &lt;container&gt;: Show details of &lt;container&gt;<br /> ; docker logs &lt;container&gt;: Show logs for &lt;container&gt;<br /> ; docker exec -it &lt;container&gt; /bin/bash: Start an interactive shell in &lt;container&gt;<br /> <br /> == Updating container ==<br /> <br /> === Manually ===<br /> sudo docker pull &lt;image&gt;<br /> sudo docker stop &lt;container&gt;<br /> sudo docker rm &lt;container&gt;<br /> &lt;docker run command&gt;<br /> <br /> === Automatically ===<br /> sudo docker run --rm -v /var/run/docker.sock:/var/run/docker.sock taisun/updater --oneshot &lt;container&gt;<br /> <br /> == Containers ==<br /> <br /> === Portainer ===<br /> sudo docker run -d --name portainer \<br /> -p 8000:8000 -p 9443:9443 \<br /> -v /var/run/docker.sock:/var/run/docker.sock -v /var/lib/portainer:/data \<br /> -v /etc/ssl/bretts.org:/certs \<br /> --restart unless-stopped \<br /> portainer/portainer-ce \<br /> --sslcert /certs/fullchain.pem --sslkey /certs/key.pem<br /> <br /> === Plex ===<br /> <br /> Get your claim token: https://www.plex.tv/claim/<br /> <br /> Create the container with the claim token substituted:<br /> sudo docker run -d --name plex --network=host -e PLEX_UID=111 -e PLEX_GID=127 -e TZ=Europe/London -e PLEX_CLAIM=&lt;CLAIM_TOKEN&gt; \<br /> -v /var/lib/plexmediaserver:/config -v /srv:/srv --device=/dev/dri:/dev/dri \<br /> --restart unless-stopped \<br /> plexinc/pms-docker:plexpass<br /> <br /> === Tautulli (Plex Monitoring/Notifications) ===<br /> sudo docker run -d --name tautulli -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 8181:8181 \<br /> -v /var/lib/torrent/tautulli/config:/config -v /var/lib/plexmediaserver/Library/Logs:/logs \<br /> --restart unless-stopped \<br /> linuxserver/tautulli<br /> <br /> === Jackett (Torrent Gateway) ===<br /> sudo docker run -d --name=jackett -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 9117:9117 \<br /> -v /var/lib/torrent/jackett/config:/config -v /var/lib/torrent/jackett/downloads:/downloads \<br /> --restart unless-stopped \<br /> linuxserver/jackett<br /> <br /> === FlareSolverr (CloudFlare proxy bypass) ===<br /> sudo docker run -d --name=flaresolverr \<br /> -p 8191:8191 \<br /> -e LOG_LEVEL=info \<br /> --restart unless-stopped \<br /> ghcr.io/flaresolverr/flaresolverr:latest<br /> <br /> === Byparr (Alternative CloudFlare proxy bypass) ===<br /> sudo docker run -d --name=byparr \<br /> -p 8191:8191 \<br /> -e LOG_LEVEL=info \<br /> --restart unless-stopped \<br /> ghcr.io/thephaseless/byparr:latest<br /> <br /> === Deluge ===<br /> sudo docker run -d --name deluge -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> --net=host \<br /> -v /var/lib/torrent/deluged/config:/config -v /srv/incoming/torrents/deluge:/srv/incoming/torrents/deluge \<br /> -v /etc/ssl/bretts.org:/etc/ssl/bretts.org \<br /> --restart unless-stopped \<br /> linuxserver/deluge<br /> <br /> Since user groups don't seem to apply across the docker boundary, &quot;torrent&quot; will need to be given explicit permission to the private key file via an ACL:<br /> setfacl -m &quot;u:torrent:rw&quot; /etc/ssl/bretts.org/key.pem<br /> <br /> === Radarr (Movie Downloads) ===<br /> sudo docker run -d --name radarr -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 7878:7878 \<br /> -v /var/lib/torrent/radarr/config:/config -v /srv/videos/programs/movies:/movies -v /srv/incoming/torrents/deluge:/downloads \<br /> --restart unless-stopped \<br /> linuxserver/radarr<br /> <br /> === Sonarr (TV Downloads) ===<br /> sudo docker run -d --name=sonarr -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 8989:8989 \<br /> -v /var/lib/torrent/sonarr/config:/config -v /srv/videos/programs/tv:/tv -v /srv/incoming/torrents/deluge:/downloads \<br /> --restart unless-stopped \<br /> linuxserver/sonarr<br /> <br /> === Overseerr (Media Requests) ===<br /> sudo docker run -d --name overseerr --user=127:138 -e LOG_LEVEL=debug -e TZ=Europe/London \<br /> -e PORT=5055 `#optional` \<br /> -p 5055:5055 \<br /> -v /var/lib/torrent/overseerr/config:/app/config \<br /> --restart unless-stopped \<br /> sctx/overseerr<br /> <br /> === Unifi ===<br /> sudo docker run -d --name=unifi-controller -e PUID=140 -e PGID=150 \<br /> -p 3478:3478/udp -p 10001:10001/udp -p 18080:18080 -p 18081:18081 -p 18443:18443 -p 18880:18880 -p 6789:6789 \<br /> -v /var/lib/unifi:/config \<br /> --restart unless-stopped \<br /> linuxserver/unifi-controller<br /> <br /> === Home-Assistant (as part of host network) ===<br /> sudo docker run -d --name=home-assistant -e TZ=Europe/London \<br /> --net=host \<br /> -v /var/lib/home-assistant/config:/config -v /srv:/media -v /etc/ssl/bretts.org:/etc/ssl/bretts.org -v /var/www/html/arlo-snapshots:/arlo-snapshots \<br /> --restart unless-stopped \<br /> homeassistant/home-assistant<br /> <br /> === Stash ===<br /> sudo docker run -d --name stash \<br /> -e STASH_GENERATED=/generated/ -e STASH_METADATA=/metadata/ -e STASH_CACHE=/cache/ \<br /> -e STASH_STASH=/data/ \<br /> -p 9999:9999 \<br /> -v /var/lib/stash:/root/.stash -v /var/lib/stash/metadata:/metadata -v /var/lib/stash/cache:/cache -v /var/lib/stash/blobs:/blobs -v /var/lib/stash/generated:/generated \<br /> -v /var/lib/stash/data:/data -v /srv/porn:/srv/porn -v /srv/incoming/torrents/deluge/porn:/srv/incoming/torrents/deluge/porn \<br /> -v /etc/localtime:/etc/localtime:ro \<br /> --restart unless-stopped \<br /> stashapp/stash<br /> <br /> === Bedrock Connect ===<br /> sudo docker run -d --name bedrock-connect \<br /> -e NODB=true \<br /> -p 19132:19132 \<br /> -v /var/lib/minecraft/bedrock-connect/config:/app/config \<br /> --restart unless-stopped \<br /> strausmann/minecraft-bedrock-connect<br /> <br /> === Minecraft Server ===<br /> docker run -d -it -e EULA=TRUE -p 19132:19132/udp -v mc-bedrock-data:/data itzg/minecraft-bedrock-server<br /> sudo docker run -d --name brettopia \<br /> -e EULA=TRUE \<br /> -p 19142:19142/udp \<br /> -v /var/lib/minecraft/brettopia:/data \<br /> --restart unless-stopped \<br /> itzg/minecraft-bedrock-server<br /> <br /> === Atlassian ===<br /> <br /> ==== JIRA ====<br /> Note: In this instance JIRA is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name jira<br /> sudo docker run -d --name=jira -e TZ=Europe/London \<br /> -e ATL_TOMCAT_SCHEME=https -e ATL_TOMCAT_SECURE=true -e ATL_PROXY_NAME=jira.bretts.org -e ATL_PROXY_PORT=443 \<br /> -p 7980:8080 \<br /> -v jira:/var/atlassian/application-data/jira \<br /> --restart unless-stopped \<br /> atlassian/jira-software<br /> <br /> Docker JIRA runs with a uid and gid of 2001. To ensure they show up as a named user in the hosting system you can run:<br /> sudo addgroup --gid 2001 jira-docker<br /> sudo adduser --system --no-create-home --uid 2001 --gid 2001 jira-docker<br /> <br /> ==== Bitbucket====<br /> Note: In this instance Bitbucket is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name bitbucket<br /> sudo docker run -d --name=bitbucket -e TZ=Europe/London \<br /> -e SERVER_SCHEME=https -e SERVER_SECURE=true -e SERVER_PROXY_NAME=bitbucket.bretts.org -e SERVER_PROXY_PORT=443 \<br /> -p 7990:7990 -p 7999:7999 \<br /> -v bitbucket:/var/atlassian/application-data/bitbucket \<br /> --restart unless-stopped \<br /> atlassian/bitbucket-server<br /> <br /> Docker Bitbucket runs with a uid and gid of 2003. To ensure they show up as a named user in the hosting system you can run:<br /> sudo addgroup --gid 2003 bitbucket-docker<br /> sudo adduser --system --no-create-home --uid 2003 --gid 2003 bitbucket-docker<br /> <br /> ==== Bamboo ====<br /> Note: In this instance Bamboo is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name bamboo<br /> sudo docker run -d --name=bamboo -e TZ=Europe/London \<br /> -p 54663:54663 -p 7970:8085 \<br /> -v bamboo:/var/atlassian/application-data/bamboo \<br /> --restart unless-stopped \<br /> atlassian/bamboo-server<br /> <br /> ===== Limitations =====<br /> * Bamboo runs with a uid of 1000, which means it's likely to clash with a real user in the containing host<br /> * Bamboo container doesn't support any reverse proxy configuration, which means hiding it behind nginx is likely to result in broken Application Links. This can be worked around by manually editing /opt/atlassian/bamboo/conf/server.xml, but those changes will be overwritten on every container upgrade.<br /> <br /> == Tips / Fixes ==<br /> <br /> === Tautulli slow to start ===<br /> This may be due to an attempt to chown a large number of files. <br /> Login to the container:<br /> sudo docker exec -it &lt;container&gt; /bin/bash<br /> Disable the chown step by editing &lt;code&gt;/etc/cont-init.d/30-config&lt;/code&gt; and commenting out the chown command.<br /> <br /> === Adding an SSL cert for Unifi ===<br /> sudo openssl pkcs12 -export -inkey /etc/ssl/bretts.org/key.pem -in /etc/ssl/bretts.org/fullchain.pem -out /tmp/cert.p12 -name unifi -password pass:temppass<br /> sudo keytool -importkeystore -deststorepass aircontrolenterprise -destkeypass aircontrolenterprise -destkeystore /var/lib/unifi/data/keystore -srckeystore /tmp/cert.p12 -srcstoretype PKCS12 -srcstorepass temppass -alias unifi -noprompt<br /> sudo docker restart unifi-controller<br /> sudo rm /tmp/cert.p12<br /> <br /> === Local DNS resolution fails on docker 18.09 ===<br /> This may be the result of a bug: https://bugs.launchpad.net/ubuntu/+source/docker.io/+bug/1820278. Normally the container's /etc/resolv.conf should mirror that of the host, but in this case it seems to just be a default version. As a workaround, create /etc/docker/daemon.json with the following contents:<br /> <br /> {<br /> &quot;dns&quot;: [&quot;192.168.1.1&quot;, &quot;8.8.8.8&quot;],<br /> &quot;dns-search&quot;: [&quot;bretts.org&quot;]<br /> }</div> Andrew https://wiki.bretts.org/index.php?title=Docker&diff=8587 Docker 2025-11-23T07:29:35Z <p>Andrew: /* Containers */</p> <hr /> <div>== Useful Commands ==<br /> <br /> ; docker ps -a: List all containers<br /> ; docker container inspect &lt;container&gt;: Show details of &lt;container&gt;<br /> ; docker logs &lt;container&gt;: Show logs for &lt;container&gt;<br /> ; docker exec -it &lt;container&gt; /bin/bash: Start an interactive shell in &lt;container&gt;<br /> <br /> == Updating container ==<br /> <br /> === Manually ===<br /> sudo docker pull &lt;image&gt;<br /> sudo docker stop &lt;container&gt;<br /> sudo docker rm &lt;container&gt;<br /> &lt;docker run command&gt;<br /> <br /> === Automatically ===<br /> sudo docker run --rm -v /var/run/docker.sock:/var/run/docker.sock taisun/updater --oneshot &lt;container&gt;<br /> <br /> == Containers ==<br /> <br /> === Portainer ===<br /> sudo docker run -d --name portainer \<br /> -p 8000:8000 -p 9443:9443 \<br /> -v /var/run/docker.sock:/var/run/docker.sock -v /var/lib/portainer:/data \<br /> -v /etc/ssl/bretts.org:/certs \<br /> --restart unless-stopped \<br /> portainer/portainer-ce \<br /> --sslcert /certs/fullchain.pem --sslkey /certs/key.pem<br /> <br /> === Plex ===<br /> <br /> Get your claim token: https://www.plex.tv/claim/<br /> <br /> Create the container with the claim token substituted:<br /> sudo docker run -d --name plex --network=host -e PLEX_UID=111 -e PLEX_GID=127 -e TZ=Europe/London -e PLEX_CLAIM=&lt;CLAIM_TOKEN&gt; \<br /> -v /var/lib/plexmediaserver:/config -v /srv:/srv --device=/dev/dri:/dev/dri \<br /> --restart unless-stopped \<br /> plexinc/pms-docker:plexpass<br /> <br /> === Tautulli (Plex Monitoring/Notifications) ===<br /> sudo docker run -d --name tautulli -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 8181:8181 \<br /> -v /var/lib/torrent/tautulli/config:/config -v /var/lib/plexmediaserver/Library/Logs:/logs \<br /> --restart unless-stopped \<br /> linuxserver/tautulli<br /> <br /> === Jackett (Torrent Gateway) ===<br /> sudo docker run -d --name=jackett -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 9117:9117 \<br /> -v /var/lib/torrent/jackett/config:/config -v /var/lib/torrent/jackett/downloads:/downloads \<br /> --restart unless-stopped \<br /> linuxserver/jackett<br /> <br /> === FlareSolverr (CloudFlare proxy bypass) ===<br /> sudo docker run -d --name=flaresolverr \<br /> -p 8191:8191 \<br /> -e LOG_LEVEL=info \<br /> --restart unless-stopped \<br /> ghcr.io/flaresolverr/flaresolverr:latest<br /> <br /> === Byparr (Alternative CloudFlare proxy bypass) ===<br /> sudo docker run -d --name=byparr \<br /> -p 8191:8191 \<br /> -e LOG_LEVEL=info \<br /> --restart unless-stopped \<br /> ghcr.io/thephaseless/byparr:latest<br /> <br /> === Deluge ===<br /> sudo docker run -d --name deluge -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> --net=host \<br /> -v /var/lib/torrent/deluged/config:/config -v /srv/incoming/torrents/deluge:/srv/incoming/torrents/deluge \<br /> -v /etc/ssl/bretts.org:/etc/ssl/bretts.org \<br /> --restart unless-stopped \<br /> linuxserver/deluge<br /> <br /> Since user groups don't seem to apply across the docker boundary, &quot;torrent&quot; will need to be given explicit permission to the private key file via an ACL:<br /> setfacl -m &quot;u:torrent:rw&quot; /etc/ssl/bretts.org/key.pem<br /> <br /> === Radarr (Movie Downloads) ===<br /> sudo docker run -d --name radarr -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 7878:7878 \<br /> -v /var/lib/torrent/radarr/config:/config -v /srv/videos/programs/movies:/movies -v /srv/incoming/torrents/deluge:/downloads \<br /> --restart unless-stopped \<br /> linuxserver/radarr<br /> <br /> === Sonarr (TV Downloads) ===<br /> sudo docker run -d --name=sonarr -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 8989:8989 \<br /> -v /var/lib/torrent/sonarr/config:/config -v /srv/videos/programs/tv:/tv -v /srv/incoming/torrents/deluge:/downloads \<br /> --restart unless-stopped \<br /> linuxserver/sonarr<br /> <br /> === Overseerr (Media Requests) ===<br /> sudo docker run -d --name overseerr --user=127:138 -e LOG_LEVEL=debug -e TZ=Europe/London \<br /> -e PORT=5055 `#optional` \<br /> -p 5055:5055 \<br /> -v /var/lib/torrent/overseerr/config:/app/config \<br /> --restart unless-stopped \<br /> sctx/overseerr<br /> <br /> === Unifi ===<br /> sudo docker run -d --name=unifi-controller -e PUID=140 -e PGID=150 \<br /> -p 3478:3478/udp -p 10001:10001/udp -p 18080:18080 -p 18081:18081 -p 18443:18443 -p 18880:18880 -p 6789:6789 \<br /> -v /var/lib/unifi:/config \<br /> --restart unless-stopped \<br /> linuxserver/unifi-controller<br /> <br /> === Home-Assistant (as part of host network) ===<br /> sudo docker run -d --name=home-assistant -e TZ=Europe/London \<br /> --net=host \<br /> -v /var/lib/home-assistant/config:/config -v /srv:/media -v /etc/ssl/bretts.org:/etc/ssl/bretts.org -v /var/www/html/arlo-snapshots:/arlo-snapshots \<br /> --restart unless-stopped \<br /> homeassistant/home-assistant<br /> <br /> === Stash ===<br /> sudo docker run -d --name stash \<br /> -e STASH_GENERATED=/generated/ -e STASH_METADATA=/metadata/ -e STASH_CACHE=/cache/ \<br /> -e STASH_STASH=/data/ \<br /> -p 9999:9999 \<br /> -v /var/lib/stash:/root/.stash -v /var/lib/stash/metadata:/metadata -v /var/lib/stash/cache:/cache -v /var/lib/stash/blobs:/blobs -v /var/lib/stash/generated:/generated \<br /> -v /var/lib/stash/data:/data -v /srv/porn:/srv/porn -v /srv/incoming/torrents/deluge/porn:/srv/incoming/torrents/deluge/porn \<br /> -v /etc/localtime:/etc/localtime:ro \<br /> --restart unless-stopped \<br /> stashapp/stash<br /> <br /> === Bedrock Connect ===<br /> sudo docker run -d --name bedrock-connect \<br /> -e NODB=true \<br /> -p 19132:19132 \<br /> -v /var/lib/minecraft/bedrock-connect/config:/app/config \<br /> --restart unless-stopped \<br /> strausmann/minecraft-bedrock-connect<br /> <br /> === Minecraft Server ===<br /> docker run -d -it -e EULA=TRUE -p 19132:19132/udp -v mc-bedrock-data:/data itzg/minecraft-bedrock-server<br /> sudo docker run -d --name brettopia \<br /> -e EULA=TRUE \<br /> -p 19133:19133/udp \<br /> -v /var/lib/minecraft/brettopia:/data \<br /> --restart unless-stopped \<br /> itzg/minecraft-bedrock-server<br /> <br /> === Atlassian ===<br /> <br /> ==== JIRA ====<br /> Note: In this instance JIRA is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name jira<br /> sudo docker run -d --name=jira -e TZ=Europe/London \<br /> -e ATL_TOMCAT_SCHEME=https -e ATL_TOMCAT_SECURE=true -e ATL_PROXY_NAME=jira.bretts.org -e ATL_PROXY_PORT=443 \<br /> -p 7980:8080 \<br /> -v jira:/var/atlassian/application-data/jira \<br /> --restart unless-stopped \<br /> atlassian/jira-software<br /> <br /> Docker JIRA runs with a uid and gid of 2001. To ensure they show up as a named user in the hosting system you can run:<br /> sudo addgroup --gid 2001 jira-docker<br /> sudo adduser --system --no-create-home --uid 2001 --gid 2001 jira-docker<br /> <br /> ==== Bitbucket====<br /> Note: In this instance Bitbucket is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name bitbucket<br /> sudo docker run -d --name=bitbucket -e TZ=Europe/London \<br /> -e SERVER_SCHEME=https -e SERVER_SECURE=true -e SERVER_PROXY_NAME=bitbucket.bretts.org -e SERVER_PROXY_PORT=443 \<br /> -p 7990:7990 -p 7999:7999 \<br /> -v bitbucket:/var/atlassian/application-data/bitbucket \<br /> --restart unless-stopped \<br /> atlassian/bitbucket-server<br /> <br /> Docker Bitbucket runs with a uid and gid of 2003. To ensure they show up as a named user in the hosting system you can run:<br /> sudo addgroup --gid 2003 bitbucket-docker<br /> sudo adduser --system --no-create-home --uid 2003 --gid 2003 bitbucket-docker<br /> <br /> ==== Bamboo ====<br /> Note: In this instance Bamboo is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name bamboo<br /> sudo docker run -d --name=bamboo -e TZ=Europe/London \<br /> -p 54663:54663 -p 7970:8085 \<br /> -v bamboo:/var/atlassian/application-data/bamboo \<br /> --restart unless-stopped \<br /> atlassian/bamboo-server<br /> <br /> ===== Limitations =====<br /> * Bamboo runs with a uid of 1000, which means it's likely to clash with a real user in the containing host<br /> * Bamboo container doesn't support any reverse proxy configuration, which means hiding it behind nginx is likely to result in broken Application Links. This can be worked around by manually editing /opt/atlassian/bamboo/conf/server.xml, but those changes will be overwritten on every container upgrade.<br /> <br /> == Tips / Fixes ==<br /> <br /> === Tautulli slow to start ===<br /> This may be due to an attempt to chown a large number of files. <br /> Login to the container:<br /> sudo docker exec -it &lt;container&gt; /bin/bash<br /> Disable the chown step by editing &lt;code&gt;/etc/cont-init.d/30-config&lt;/code&gt; and commenting out the chown command.<br /> <br /> === Adding an SSL cert for Unifi ===<br /> sudo openssl pkcs12 -export -inkey /etc/ssl/bretts.org/key.pem -in /etc/ssl/bretts.org/fullchain.pem -out /tmp/cert.p12 -name unifi -password pass:temppass<br /> sudo keytool -importkeystore -deststorepass aircontrolenterprise -destkeypass aircontrolenterprise -destkeystore /var/lib/unifi/data/keystore -srckeystore /tmp/cert.p12 -srcstoretype PKCS12 -srcstorepass temppass -alias unifi -noprompt<br /> sudo docker restart unifi-controller<br /> sudo rm /tmp/cert.p12<br /> <br /> === Local DNS resolution fails on docker 18.09 ===<br /> This may be the result of a bug: https://bugs.launchpad.net/ubuntu/+source/docker.io/+bug/1820278. Normally the container's /etc/resolv.conf should mirror that of the host, but in this case it seems to just be a default version. As a workaround, create /etc/docker/daemon.json with the following contents:<br /> <br /> {<br /> &quot;dns&quot;: [&quot;192.168.1.1&quot;, &quot;8.8.8.8&quot;],<br /> &quot;dns-search&quot;: [&quot;bretts.org&quot;]<br /> }</div> Andrew https://wiki.bretts.org/index.php?title=SnapRAID_/_MergerFS&diff=8586 SnapRAID / MergerFS 2025-11-19T06:46:44Z <p>Andrew: /* Identifying/Fixing a bad block */</p> <hr /> <div>= SnapRAID / MergerFS =<br /> <br /> == Setup ==<br /> https://zackreed.me/setting-up-snapraid-on-ubuntu/<br /> <br /> Note that if (like me) you use a dedicated snapraid content directory then you'll need to create that by hand for each disk with:<br /> <br /> mkdir /mnt/data/disk1/.snapraid<br /> <br /> == Partitioning a new data disk ==<br /> Note: &quot;-m 2&quot; here reserves 2% of the filesystem for root-owned files (eg. .../.snapraid/content)<br /> sudo parted -a optimal -s /dev/sdX -- mklabel gpt mkpart primary 0% 100%<br /> sudo mkfs.ext4 -m 2 -T largefile4 /dev/sdX1<br /> <br /> == Partitioning a new parity disk ==<br /> Note: &quot;-m 0&quot; here reserves 0% of the filesystem, ensuring that the parity disks are slightly larger than the data disks<br /> sudo parted -a optimal -s /dev/sdX -- mklabel gpt mkpart primary 0% 100%<br /> sudo mkfs.ext4 -m 0 -T largefile4 /dev/sdX1<br /> <br /> == Adding a new data disk to mergerfs ==<br /> From: https://zackreed.me/mergerfs-neat-tricks/<br /> From within the root of the mergerfs filesystem (eg. /srv)<br /> xattr -w user.mergerfs.srcmounts '+&gt;/mnt/data/disk4/srv' .mergerfs<br /> <br /> == Removing a data disk from mergerfs ==<br /> From within the root of the mergerfs filesystem (eg. /srv)<br /> xattr -w user.mergerfs.srcmounts '-/mnt/data/disk4/srv' .mergerfs<br /> <br /> == Forcing a resync ==<br /> <br /> sudo snapraid sync<br /> <br /> == Identifying/Fixing a bad block ==<br /> * Run ddrescue to identify the failing bytes on the disk:<br /> &lt;pre&gt;<br /> ddrescue --ask --verbose --binary-prefixes --idirect --force /dev/sdX /dev/null sdX.map <br /> &lt;/pre&gt;<br /> * ddrescue will write out a map file containing start positions and sizes (all in bytes) of good (+) and bad (-) byte ranges<br /> * Get the block size for the volume with &lt;code&gt;tune2fs -l /dev/sdXY | grep &quot;Block size&quot;&lt;/code&gt; (we'll call this '''B'''). In my case this is 4096.<br /> * Get the sector size for the disk with &lt;code&gt;fdisk -l /dev/sdX | grep Units&lt;/code&gt; (we'll call this '''S'''). In my case this is 512.<br /> * Identify the starting sector for the /dev/sdXY volume (eg. /dev/sda1) with &lt;code&gt;fdisk -l /dev/sdX&lt;/code&gt; (we'll call this '''T'''). In my case this is 2048.<br /> * Calculate the offset to go from disk to volume location with &lt;code&gt;(T * S / B)&lt;/code&gt; (we'll call this '''O'''). In my case this is 256.<br /> * Run ddrescuelog to list out the bad block locations (using the block size B) and convert to a volume location (by subtracting the offset O):<br /> &lt;pre&gt;<br /> ddrescuelog -b B --list-blocks=- sdX.map | xargs -n 1 -O +<br /> &lt;/pre&gt;<br /> * Let's call each of these bad volume blocks '''BB'''<br /> * Start debugfs for the volume with :<br /> &lt;pre&gt;<br /> debugfs /dev/sdXY<br /> &lt;/pre&gt;<br /> * For each '''BB''' run:<br /> &lt;pre&gt;<br /> testb BB<br /> &lt;/pre&gt;<br /> * If debugfs returns &quot;Block BB not in use&quot;, then that block isn't part of a file and can safely be overwritten. If it returns &quot;Block BB marked in use&quot; then we need to get an inode number (we'll call it '''I''') and convert that inode number to a file path with:<br /> &lt;pre&gt;<br /> icheck BB<br /> ncheck I<br /> &lt;/pre&gt;<br /> <br /> For any unused blocks, we need to do the following:<br /> * Check with dd that we’ve got the right block IDs. For each one of these reads we expect to see an error (and “0+0 records in”):<br /> &lt;pre&gt;<br /> for block in `ddrescuelog -b B --list-blocks=- sdX.map`<br /> do<br /> dd if=/dev/sdX of=/dev/null count=1 bs=B skip=$block<br /> done<br /> &lt;/pre&gt;<br /> <br /> * For each of the bad blocks, write zeros over the block to force it to be reallocated from spare space on the drive. Be careful here – getting it wrong will destroy data! Also note that when reading, “skip” is used to position the input stream, but here “seek” is used to position the output stream:<br /> &lt;pre&gt;<br /> for block in `ddrescuelog -b B --list-blocks=- sdX.map`<br /> do<br /> dd if=/dev/zero of=/dev/sdX count=1 bs=B seek=$block<br /> done<br /> &lt;/pre&gt;<br /> <br /> * It’s possible that dd will fail to write to the block, in which case try again with hdparm:<br /> <br /> ** First check that we’ve got the right sectors (we expect to see “SG_IO: bad/missing sense data” for each sector on stderr, so we pipe stdout to /dev/null to avoid noise). Note that we use '''S''' as the block size for ddrescuelog, since hdparm deals in sectors:<br /> &lt;pre&gt;<br /> for block in `ddrescuelog -b S --list-blocks=- sdX.map`<br /> do<br /> hdparm --read-sector $block /dev/sdX &gt; /dev/null<br /> done<br /> &lt;/pre&gt;<br /> <br /> ** Assuming we’ve seen the expected errors, write zeros over each of the bad sectors. Note that we use '''S''' as the block size for ddrescuelog, since hdparm deals in sectors. Be careful here – getting it wrong will destroy data! You may be asked to add a “—yes-i-know-what-i-am-doing” flag.<br /> &lt;pre&gt;<br /> for block in `ddrescuelog -b S --list-blocks=- sdX.map`<br /> do<br /> hdparm --write-sector $block /dev/sdX<br /> done<br /> &lt;/pre&gt;<br /> <br /> * Check that the number of failing sectors has decreased:<br /> &lt;pre&gt;<br /> smartctl -a /dev/sdX | grep Pending<br /> &lt;/pre&gt;<br /> <br /> For any files reported by `debugfs`:<br /> * Write random data over the bad file, which should force the pending sector to be marked bad and reallocated from spare space on the disk:<br /> &lt;pre&gt;<br /> shred -n 1 –v /path/to/bad/file<br /> &lt;/pre&gt;<br /> <br /> * Check that the number of failing sectors has decreased:<br /> &lt;pre&gt;<br /> smartctl -a /dev/sdX | grep Pending<br /> &lt;/pre&gt;<br /> <br /> * Assuming the number of pending sectors has decreased, it’s then ok to delete the bad file:<br /> &lt;pre&gt;<br /> rm /path/to/bad/file<br /> &lt;/pre&gt;<br /> <br /> * Restore the deleted file:<br /> &lt;pre&gt;<br /> snapraid fix -f /path/to/bad/file<br /> &lt;/pre&gt;<br /> <br /> More details:<br /> * https://www.smartmontools.org/wiki/BadBlockHowto<br /> * [[Mdadm#Repairing_failing_disk_on_degraded_array]]</div> Andrew https://wiki.bretts.org/index.php?title=Windows_10_Tips&diff=8585 Windows 10 Tips 2025-10-22T15:12:44Z <p>Andrew: /* Running rsyncd automatically */</p> <hr /> <div>== Monitor Switcher ==<br /> https://sourceforge.net/projects/monitorswitcher/<br /> <br /> == Monitor Test Patterns ==<br /> * Limited vs. Full Range: http://www.lagom.nl/lcd-test/img/blacktest.png<br /> * Chroma Subsampling: https://www.rtings.com/images/test-materials/2017/chroma-444.png<br /> <br /> == Setup MPC-BE ==<br /> * MPC-BE: https://chamconsoft.com/cmc/forums/?w3=dmlld3RvcGljLnBocD90PTE5Nw==<br /> * madVR: https://forum.kodi.tv/showthread.php?tid=259188<br /> <br /> == Rename Network ==<br /> https://www.howtogeek.com/364291/how-to-change-or-rename-the-active-network-profile-name-in-windows-10/<br /> <br /> == Installing WSL ==<br /> https://docs.microsoft.com/en-us/windows/wsl/install-win10<br /> <br /> Note: If you see Error 0x80370102, you may need to enable virtualization in your motherboard BIOS: https://ourcodeworld.com/articles/read/1283/how-to-enable-amd-virtualization-on-the-aorus-x570-motherboard<br /> <br /> === Running rsyncd automatically (DEPRECATED) ===<br /> * Set '''RSYNC_ENABLE=true''' in ''/etc/default/rsync''<br /> * Create ''/etc/rsyncd.conf'' with the contents (for example):<br /> [users]<br /> path = /mnt/c/Users<br /> comment = Users<br /> read only = true<br /> * WSL2 virtual machines run on a separate NATed network, so we need to forward the rsync port from the real LAN to the virtual machine:<br /> netsh interface portproxy add v4tov4 listenport=873 listenaddress=0.0.0.0 connectport=873 connectaddress=127.0.0.1<br /> * Go to Settings -&gt; Update &amp; Security -&gt; Windows Security -&gt; Firewall &amp; network protection -&gt; Advanced Settings -&gt; Inbound Rules -&gt; New Rule...<br /> ** Select &quot;Port&quot;<br /> ** Set &quot;Specific local ports&quot; to 873 <br /> ** Select &quot;Allow the connection&quot;<br /> ** Select only &quot;Private&quot;<br /> ** Set the &quot;Name&quot; to &quot;rsync&quot;<br /> <br /> == Running rsyncd automatically ==<br /> * Install DeltaCopy Server from http://www.aboutmyip.com/AboutMyXApp/DeltaCopy.jsp<br /> ** Leave the username/password blank and then follow: http://www.aboutmyip.com/AboutMyXApp/DisplayFAQ.do?fid=22. Simply set the user to &quot;Local System&quot;.<br /> * Add an application rule for rsync.exe in Settings -&gt; Update &amp; Security -&gt; Windows Security -&gt; Firewall &amp; network protection<br /> <br /> == Renaming networks ==<br /> https://www.ghacks.net/2021/10/25/how-to-change-network-names-on-windows-11/<br /> <br /> == Virpil CM3 Throttle ==<br /> https://www.youtube.com/watch?v=JDSk2oADsZg</div> Andrew https://wiki.bretts.org/index.php?title=Windows_10_Tips&diff=8584 Windows 10 Tips 2025-10-22T15:12:08Z <p>Andrew: /* Running rsyncd automatically */</p> <hr /> <div>== Monitor Switcher ==<br /> https://sourceforge.net/projects/monitorswitcher/<br /> <br /> == Monitor Test Patterns ==<br /> * Limited vs. Full Range: http://www.lagom.nl/lcd-test/img/blacktest.png<br /> * Chroma Subsampling: https://www.rtings.com/images/test-materials/2017/chroma-444.png<br /> <br /> == Setup MPC-BE ==<br /> * MPC-BE: https://chamconsoft.com/cmc/forums/?w3=dmlld3RvcGljLnBocD90PTE5Nw==<br /> * madVR: https://forum.kodi.tv/showthread.php?tid=259188<br /> <br /> == Rename Network ==<br /> https://www.howtogeek.com/364291/how-to-change-or-rename-the-active-network-profile-name-in-windows-10/<br /> <br /> == Installing WSL ==<br /> https://docs.microsoft.com/en-us/windows/wsl/install-win10<br /> <br /> Note: If you see Error 0x80370102, you may need to enable virtualization in your motherboard BIOS: https://ourcodeworld.com/articles/read/1283/how-to-enable-amd-virtualization-on-the-aorus-x570-motherboard<br /> <br /> === Running rsyncd automatically (DEPRECATED) ===<br /> * Set '''RSYNC_ENABLE=true''' in ''/etc/default/rsync''<br /> * Create ''/etc/rsyncd.conf'' with the contents (for example):<br /> [users]<br /> path = /mnt/c/Users<br /> comment = Users<br /> read only = true<br /> * WSL2 virtual machines run on a separate NATed network, so we need to forward the rsync port from the real LAN to the virtual machine:<br /> netsh interface portproxy add v4tov4 listenport=873 listenaddress=0.0.0.0 connectport=873 connectaddress=127.0.0.1<br /> * Go to Settings -&gt; Update &amp; Security -&gt; Windows Security -&gt; Firewall &amp; network protection -&gt; Advanced Settings -&gt; Inbound Rules -&gt; New Rule...<br /> ** Select &quot;Port&quot;<br /> ** Set &quot;Specific local ports&quot; to 873 <br /> ** Select &quot;Allow the connection&quot;<br /> ** Select only &quot;Private&quot;<br /> ** Set the &quot;Name&quot; to &quot;rsync&quot;<br /> <br /> == Running rsyncd automatically ==<br /> * Install DeltaCopy Server from http://www.aboutmyip.com/AboutMyXApp/DeltaCopy.jsp<br /> ** For problems with starting the service: http://www.aboutmyip.com/AboutMyXApp/DisplayFAQ.do?fid=22. Simply set the user to &quot;Local System&quot;.<br /> * Add an application rule for rsync.exe in Settings -&gt; Update &amp; Security -&gt; Windows Security -&gt; Firewall &amp; network protection<br /> <br /> == Renaming networks ==<br /> https://www.ghacks.net/2021/10/25/how-to-change-network-names-on-windows-11/<br /> <br /> == Virpil CM3 Throttle ==<br /> https://www.youtube.com/watch?v=JDSk2oADsZg</div> Andrew https://wiki.bretts.org/index.php?title=Windows_10_Tips&diff=8583 Windows 10 Tips 2025-10-22T15:11:58Z <p>Andrew: /* Running rsyncd automatically */</p> <hr /> <div>== Monitor Switcher ==<br /> https://sourceforge.net/projects/monitorswitcher/<br /> <br /> == Monitor Test Patterns ==<br /> * Limited vs. Full Range: http://www.lagom.nl/lcd-test/img/blacktest.png<br /> * Chroma Subsampling: https://www.rtings.com/images/test-materials/2017/chroma-444.png<br /> <br /> == Setup MPC-BE ==<br /> * MPC-BE: https://chamconsoft.com/cmc/forums/?w3=dmlld3RvcGljLnBocD90PTE5Nw==<br /> * madVR: https://forum.kodi.tv/showthread.php?tid=259188<br /> <br /> == Rename Network ==<br /> https://www.howtogeek.com/364291/how-to-change-or-rename-the-active-network-profile-name-in-windows-10/<br /> <br /> == Installing WSL ==<br /> https://docs.microsoft.com/en-us/windows/wsl/install-win10<br /> <br /> Note: If you see Error 0x80370102, you may need to enable virtualization in your motherboard BIOS: https://ourcodeworld.com/articles/read/1283/how-to-enable-amd-virtualization-on-the-aorus-x570-motherboard<br /> <br /> === Running rsyncd automatically (DEPRECATED) ===<br /> * Set '''RSYNC_ENABLE=true''' in ''/etc/default/rsync''<br /> * Create ''/etc/rsyncd.conf'' with the contents (for example):<br /> [users]<br /> path = /mnt/c/Users<br /> comment = Users<br /> read only = true<br /> * WSL2 virtual machines run on a separate NATed network, so we need to forward the rsync port from the real LAN to the virtual machine:<br /> netsh interface portproxy add v4tov4 listenport=873 listenaddress=0.0.0.0 connectport=873 connectaddress=127.0.0.1<br /> * Go to Settings -&gt; Update &amp; Security -&gt; Windows Security -&gt; Firewall &amp; network protection -&gt; Advanced Settings -&gt; Inbound Rules -&gt; New Rule...<br /> ** Select &quot;Port&quot;<br /> ** Set &quot;Specific local ports&quot; to 873 <br /> ** Select &quot;Allow the connection&quot;<br /> ** Select only &quot;Private&quot;<br /> ** Set the &quot;Name&quot; to &quot;rsync&quot;<br /> <br /> == Running rsyncd automatically ==<br /> * Install DeltaCopy Server from http://www.aboutmyip.com/AboutMyXApp/DeltaCopy.jsp<br /> ** For problems with starting the service: http://www.aboutmyip.com/AboutMyXApp/DisplayFAQ.do?fid=22. Simply set the user to &quot;Local System&quot;<br /> * Add an application rule for rsync.exe in Settings -&gt; Update &amp; Security -&gt; Windows Security -&gt; Firewall &amp; network protection<br /> <br /> == Renaming networks ==<br /> https://www.ghacks.net/2021/10/25/how-to-change-network-names-on-windows-11/<br /> <br /> == Virpil CM3 Throttle ==<br /> https://www.youtube.com/watch?v=JDSk2oADsZg</div> Andrew https://wiki.bretts.org/index.php?title=Windows_10_Tips&diff=8582 Windows 10 Tips 2025-10-22T15:06:45Z <p>Andrew: /* Running rsyncd automatically */</p> <hr /> <div>== Monitor Switcher ==<br /> https://sourceforge.net/projects/monitorswitcher/<br /> <br /> == Monitor Test Patterns ==<br /> * Limited vs. Full Range: http://www.lagom.nl/lcd-test/img/blacktest.png<br /> * Chroma Subsampling: https://www.rtings.com/images/test-materials/2017/chroma-444.png<br /> <br /> == Setup MPC-BE ==<br /> * MPC-BE: https://chamconsoft.com/cmc/forums/?w3=dmlld3RvcGljLnBocD90PTE5Nw==<br /> * madVR: https://forum.kodi.tv/showthread.php?tid=259188<br /> <br /> == Rename Network ==<br /> https://www.howtogeek.com/364291/how-to-change-or-rename-the-active-network-profile-name-in-windows-10/<br /> <br /> == Installing WSL ==<br /> https://docs.microsoft.com/en-us/windows/wsl/install-win10<br /> <br /> Note: If you see Error 0x80370102, you may need to enable virtualization in your motherboard BIOS: https://ourcodeworld.com/articles/read/1283/how-to-enable-amd-virtualization-on-the-aorus-x570-motherboard<br /> <br /> === Running rsyncd automatically (DEPRECATED) ===<br /> * Set '''RSYNC_ENABLE=true''' in ''/etc/default/rsync''<br /> * Create ''/etc/rsyncd.conf'' with the contents (for example):<br /> [users]<br /> path = /mnt/c/Users<br /> comment = Users<br /> read only = true<br /> * WSL2 virtual machines run on a separate NATed network, so we need to forward the rsync port from the real LAN to the virtual machine:<br /> netsh interface portproxy add v4tov4 listenport=873 listenaddress=0.0.0.0 connectport=873 connectaddress=127.0.0.1<br /> * Go to Settings -&gt; Update &amp; Security -&gt; Windows Security -&gt; Firewall &amp; network protection -&gt; Advanced Settings -&gt; Inbound Rules -&gt; New Rule...<br /> ** Select &quot;Port&quot;<br /> ** Set &quot;Specific local ports&quot; to 873 <br /> ** Select &quot;Allow the connection&quot;<br /> ** Select only &quot;Private&quot;<br /> ** Set the &quot;Name&quot; to &quot;rsync&quot;<br /> <br /> == Running rsyncd automatically ==<br /> * Install DeltaCopy Server from http://www.aboutmyip.com/AboutMyXApp/DeltaCopy.jsp<br /> ** For problems with starting the service: http://www.aboutmyip.com/AboutMyXApp/DisplayFAQ.do?fid=22<br /> * Add an application rule for rsync.exe in Settings -&gt; Update &amp; Security -&gt; Windows Security -&gt; Firewall &amp; network protection<br /> <br /> == Renaming networks ==<br /> https://www.ghacks.net/2021/10/25/how-to-change-network-names-on-windows-11/<br /> <br /> == Virpil CM3 Throttle ==<br /> https://www.youtube.com/watch?v=JDSk2oADsZg</div> Andrew https://wiki.bretts.org/index.php?title=Snapshot_backups_using_rsync&diff=8581 Snapshot backups using rsync 2025-10-22T14:44:43Z <p>Andrew: /* Example 3: Backup of C:\Documents and Settings on alaska */</p> <hr /> <div>== Intro ==<br /> The scripts on this page are designed to allow the backup of a set of directories to a defined location, with the backups preserving the state of those directories from a number of different times in the past. They require a linux box with a free disk partition to act as the backup server, and the instructions below are designed for Ubuntu, so other distros may require slightly different steps. In summary, they will give you a snapshot directory with contents would look something like (as of 26th Sept 2006):<br /> &lt;pre&gt;<br /> Contents of /mnt/snapshot:<br /> drwxr-xr-x 7 root root 4096 2006-09-26 00:01 daily.0<br /> drwxr-xr-x 7 root root 4096 2006-09-25 00:00 daily.1<br /> drwxr-xr-x 7 root root 4096 2006-09-24 00:00 daily.2<br /> drwxr-xr-x 7 root root 4096 2006-09-23 00:00 daily.3<br /> drwxr-xr-x 7 root root 4096 2006-09-22 00:00 weekly.0<br /> drwxr-xr-x 5 root root 4096 2006-09-15 00:00 weekly.1<br /> drwxr-xr-x 2 root root 4096 2006-09-08 00:00 weekly.2<br /> drwxr-xr-x 2 root root 4096 2006-09-01 00:00 monthly.0<br /> drwxr-xr-x 2 root root 4096 2006-08-01 00:00 monthly.1<br /> drwxr-xr-x 2 root root 4096 2006-01-01 00:00 annual.0<br /> &lt;/pre&gt;<br /> Note the timestamps of these directories - each one captures the state of the location(s) to be backed up at the time shown.<br /> The actual backup process uses [http://samba.anu.edu.au/rsync/ rsync] and hard links to ensure that if a file doesn't change between two snapshots, then it doesn't take up any additional space (well, virtually no more space).<br /> The contents of this page are based on Mike Rubel's instructions at: http://www.mikerubel.org/computers/rsync_snapshots/ - if you find difficulty understanding/using the scripts here, then you may wish to look at his page for additional help.<br /> <br /> == Prerequisites ==<br /> * Install '''rsync''' and '''nfs-kernel-server''' with apt-get (eg. ''sudo apt-get install rsync'')<br /> * http://bretts.org/files/snapshot.tar.bz2<br /> <br /> == Instructions ==<br /> * Unzip the contents of '''snapshot.tar.bz2''' to a temporary directory.<br /> * As root, copy the files and directories from the temporary directory to the implied filesystem location (eg. snapshot/etc/cron.d/snapshot -&gt; /etc/cron.d/snapshot, snapshot/var/log/snapshot -&gt; /var/log/snapshot etc.)<br /> * As root, create the directories '''/root/.snapshot''' and '''/mnt/snapshot'''<br /> * Add the following lines to '''/etc/fstab''', substituting your free disk partition, and it's filesystem type, for '''/dev/hdb1''' and '''ext3''':<br /> &lt;pre&gt;<br /> /dev/hdb1 /root/.snapshot ext3 ro 0 2<br /> localhost:/root/.snapshot /mnt/snapshot nfs ro 0 2<br /> &lt;/pre&gt;<br /> : (This mounts your backup partition as /root/.snapshot, away from prying eyes, and mounts the NFS exported version of it as /mnt/snapshot. We mount it twice so that non-root users NEVER see a writable version of the backup directory - see Mike Rubels page for more details.)<br /> * Add the following line to '''/etc/exports''' (or create '''/etc/exports''' with this line if it doesn't already exist):<br /> &lt;pre&gt;<br /> /root/.snapshot 127.0.0.1(secure,sync,ro,no_root_squash)<br /> &lt;/pre&gt;<br /> : (This defines the NFS share that we will mount as '''/mnt/snapshot''')<br /> * Restart nfs-kernel-server (using ''sudo /etc/init.d/nfs-kernel-server restart'').<br /> <br /> == Defining areas to be backed up ==<br /> * For each directory tree to be backed up, create a directory in '''/etc/snapshot''' with a logical name for the backup (the name doesn't matter, as long as it's unique).<br /> * Within the newly created directory, created a file called '''location''' (eg. '''/etc/snapshot/my-backup/location'''), the contents of which should be a single line defining the head of the directory tree to be backed up. This line may be in one of 3 formats:<br /> ** For a local directory, simply the fully qualified path to the location to back up (eg. '''/home/fred/docs''')<br /> ** For a remote directory accessed via an rsync daemon running on the remote machine, the location in the format ''machinename''::''rsync_module''/''subdirectory'' (eg. '''xp-box::c/Documents and Settings''')<br /> ** For a remote directory accessed via an ssh server running on the remote machine, the location in the format ''machinename'':''path'' (eg. '''other-host:/usr/local/src''')<br /> : For remote hosts, an rsync daemon is generally preferable, both for performance reasons, and for ease of use. If ssh is to be used, ssh keys will need to be defined to stop the scripts prompting for a password whenever they're run. However, if the data is being transferred between hosts across an insecure network, ssh may be needed for reasons of security (rsync transmits data between hosts unencrypted, and has a simplistic security model).<br /> * Also within the directory, create a file called '''filters''' (eg. '''/etc/snapshot/my-backup/filters'''), which may contain multiple lines prefixed with a '''-''' to specify locations to exclude from the backup. This file is simply in rsync filters file format (see the rsync man page for more details).<br /> <br /> Each one of the locations specified within '''/etc/snapshot''' will end up as a subdirectory of '''/mnt/snapshot''' (eg. this morning's backup of /home/fred will end up in '''/mnt/snapshot/daily.0/home/fred''').<br /> <br /> === Example 1: Backup of /home ===<br /> '''/etc/snapshot/home/location''':<br /> &lt;pre&gt;<br /> /home<br /> &lt;/pre&gt;<br /> '''/etc/snapshot/home/filters''':<br /> &lt;pre&gt;<br /> - /andrew/Download/<br /> - /andrew/svn/<br /> &lt;/pre&gt;<br /> <br /> === Example 2: Backup of /etc ===<br /> '''/etc/snapshot/etc/location''':<br /> &lt;pre&gt;<br /> /etc<br /> &lt;/pre&gt;<br /> '''/etc/snapshot/etc/filters''':<br /> &lt;pre&gt;<br /> &lt;/pre&gt;<br /> Note that filters file is empty, since no subdirectories of /etc are excluded from the backup.<br /> <br /> === Example 3: Backup of C:\Documents and Settings on alaska ===<br /> Note that alaska is an XP box running an [[Windows_10_Tips#Running_rsyncd_automatically|rsync daemon]].&lt;br&gt;<br /> '''/etc/snapshot/alaska-home/location''':<br /> &lt;pre&gt;<br /> alaska::c/Documents and Settings<br /> &lt;/pre&gt;<br /> '''/etc/snapshot/alaska-home/filters''':<br /> &lt;pre&gt;<br /> - /*/Local Settings/Temp<br /> - /*/Local Settings/Temporary Internet Files<br /> - /Andrew/My Documents/Downloads<br /> &lt;/pre&gt;<br /> <br /> === Further Examples ===<br /> These and other examples can be found in http://bretts.org/files/snapshot-examples.tar.bz2<br /> <br /> == Notes ==<br /> * The partition used for /root/.snapshot should ideally be on a different disk to the files being backed up, to reduce the risk of a disk failure destroying both the data and the backups.<br /> * The scripts can be used without defining /root/.snapshot as a separate partition, subject to the caveat about separate disks directly above. To do this, simply:<br /> ** Don't add the first of the two lines above to '''/etc/fstab'''<br /> ** In each of the snapshot scripts within '''/usr/local/sbin''' remove the calls near the beginning and end of the file to remount the /root/.snapshot partition (the beginning of each script remounts this partition as read/write, and the end remounts it as read).<br /> <br /> == Setting up a machine with an rsync daemon ==<br /> * Edit /etc/xinetd.d/rsync and add:<br /> &lt;pre&gt;<br /> service rsync<br /> {<br /> disable = no<br /> socket_type = stream<br /> wait = no<br /> user = root<br /> server = /usr/bin/rsync<br /> server_args = --daemon<br /> log_on_failure += USERID<br /> }<br /> &lt;/pre&gt;<br /> <br /> * Edit /etc/rsyncd.conf and add (for example):<br /> &lt;pre&gt;<br /> use chroot = false<br /> strict modes = false<br /> hosts allow = 192.168.1.0/24<br /> <br /> [root]<br /> path = /<br /> comment = Root<br /> read only = true<br /> &lt;/pre&gt;<br /> <br /> * Restart rsync<br /> <br /> == Future Development ==<br /> * It would be nice to have the latest backup burnt to a DVD-RW which could be left in a dedicated DVD-RW drive attached to the backup server. This would help both because DVDs are more robust than hard drives in certain situations (eg. mechanical shock) in case of a problem (eg. power surge) which for some reason destroyed multiple drives on the machine. In addition, the DVD disk could be swapped out periodically to provide an off-site backup copy.<br /> * Some companies provide free or low cost disk space online - this could be used to store a copy of the latest backup for even greater robustness. In addition, since the process uses rsync, unless large numbers of backed up files were changing on a daily basis, there would be relatively little network traffic once the initial backup was rsynced across to the remote site.</div> Andrew https://wiki.bretts.org/index.php?title=Docker&diff=8580 Docker 2025-09-19T15:35:02Z <p>Andrew: /* Overseerr (Media Requests) */</p> <hr /> <div>== Useful Commands ==<br /> <br /> ; docker ps -a: List all containers<br /> ; docker container inspect &lt;container&gt;: Show details of &lt;container&gt;<br /> ; docker logs &lt;container&gt;: Show logs for &lt;container&gt;<br /> ; docker exec -it &lt;container&gt; /bin/bash: Start an interactive shell in &lt;container&gt;<br /> <br /> == Updating container ==<br /> <br /> === Manually ===<br /> sudo docker pull &lt;image&gt;<br /> sudo docker stop &lt;container&gt;<br /> sudo docker rm &lt;container&gt;<br /> &lt;docker run command&gt;<br /> <br /> === Automatically ===<br /> sudo docker run --rm -v /var/run/docker.sock:/var/run/docker.sock taisun/updater --oneshot &lt;container&gt;<br /> <br /> == Containers ==<br /> <br /> === Portainer ===<br /> sudo docker run -d --name portainer \<br /> -p 8000:8000 -p 9443:9443 \<br /> -v /var/run/docker.sock:/var/run/docker.sock -v /var/lib/portainer:/data \<br /> -v /etc/ssl/bretts.org:/certs \<br /> --restart unless-stopped \<br /> portainer/portainer-ce \<br /> --sslcert /certs/fullchain.pem --sslkey /certs/key.pem<br /> <br /> === Plex ===<br /> <br /> Get your claim token: https://www.plex.tv/claim/<br /> <br /> Create the container with the claim token substituted:<br /> sudo docker run -d --name plex --network=host -e PLEX_UID=111 -e PLEX_GID=127 -e TZ=Europe/London -e PLEX_CLAIM=&lt;CLAIM_TOKEN&gt; \<br /> -v /var/lib/plexmediaserver:/config -v /srv:/srv --device=/dev/dri:/dev/dri \<br /> --restart unless-stopped \<br /> plexinc/pms-docker:plexpass<br /> <br /> === Tautulli (Plex Monitoring/Notifications) ===<br /> sudo docker run -d --name tautulli -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 8181:8181 \<br /> -v /var/lib/torrent/tautulli/config:/config -v /var/lib/plexmediaserver/Library/Logs:/logs \<br /> --restart unless-stopped \<br /> linuxserver/tautulli<br /> <br /> === Jackett (Torrent Gateway) ===<br /> sudo docker run -d --name=jackett -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 9117:9117 \<br /> -v /var/lib/torrent/jackett/config:/config -v /var/lib/torrent/jackett/downloads:/downloads \<br /> --restart unless-stopped \<br /> linuxserver/jackett<br /> <br /> === FlareSolverr (CloudFlare proxy bypass) ===<br /> sudo docker run -d --name=flaresolverr \<br /> -p 8191:8191 \<br /> -e LOG_LEVEL=info \<br /> --restart unless-stopped \<br /> ghcr.io/flaresolverr/flaresolverr:latest<br /> <br /> === Byparr (Alternative CloudFlare proxy bypass) ===<br /> sudo docker run -d --name=byparr \<br /> -p 8191:8191 \<br /> -e LOG_LEVEL=info \<br /> --restart unless-stopped \<br /> ghcr.io/thephaseless/byparr:latest<br /> <br /> === Deluge ===<br /> sudo docker run -d --name deluge -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> --net=host \<br /> -v /var/lib/torrent/deluged/config:/config -v /srv/incoming/torrents/deluge:/srv/incoming/torrents/deluge \<br /> -v /etc/ssl/bretts.org:/etc/ssl/bretts.org \<br /> --restart unless-stopped \<br /> linuxserver/deluge<br /> <br /> Since user groups don't seem to apply across the docker boundary, &quot;torrent&quot; will need to be given explicit permission to the private key file via an ACL:<br /> setfacl -m &quot;u:torrent:rw&quot; /etc/ssl/bretts.org/key.pem<br /> <br /> === Radarr (Movie Downloads) ===<br /> sudo docker run -d --name radarr -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 7878:7878 \<br /> -v /var/lib/torrent/radarr/config:/config -v /srv/videos/programs/movies:/movies -v /srv/incoming/torrents/deluge:/downloads \<br /> --restart unless-stopped \<br /> linuxserver/radarr<br /> <br /> === Sonarr (TV Downloads) ===<br /> sudo docker run -d --name=sonarr -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 8989:8989 \<br /> -v /var/lib/torrent/sonarr/config:/config -v /srv/videos/programs/tv:/tv -v /srv/incoming/torrents/deluge:/downloads \<br /> --restart unless-stopped \<br /> linuxserver/sonarr<br /> <br /> === Overseerr (Media Requests) ===<br /> sudo docker run -d --name overseerr --user=127:138 -e LOG_LEVEL=debug -e TZ=Europe/London \<br /> -e PORT=5055 `#optional` \<br /> -p 5055:5055 \<br /> -v /var/lib/torrent/overseerr/config:/app/config \<br /> --restart unless-stopped \<br /> sctx/overseerr<br /> <br /> === Unifi ===<br /> sudo docker run -d --name=unifi-controller -e PUID=140 -e PGID=150 \<br /> -p 3478:3478/udp -p 10001:10001/udp -p 18080:18080 -p 18081:18081 -p 18443:18443 -p 18880:18880 -p 6789:6789 \<br /> -v /var/lib/unifi:/config \<br /> --restart unless-stopped \<br /> linuxserver/unifi-controller<br /> <br /> === Home-Assistant (as part of host network) ===<br /> sudo docker run -d --name=home-assistant -e TZ=Europe/London \<br /> --net=host \<br /> -v /var/lib/home-assistant/config:/config -v /srv:/media -v /etc/ssl/bretts.org:/etc/ssl/bretts.org -v /var/www/html/arlo-snapshots:/arlo-snapshots \<br /> --restart unless-stopped \<br /> homeassistant/home-assistant<br /> <br /> === Stash ===<br /> sudo docker run -d --name stash \<br /> -e STASH_GENERATED=/generated/ -e STASH_METADATA=/metadata/ -e STASH_CACHE=/cache/ \<br /> -e STASH_STASH=/data/ \<br /> -p 9999:9999 \<br /> -v /var/lib/stash:/root/.stash -v /var/lib/stash/metadata:/metadata -v /var/lib/stash/cache:/cache -v /var/lib/stash/blobs:/blobs -v /var/lib/stash/generated:/generated \<br /> -v /var/lib/stash/data:/data -v /srv/porn:/srv/porn -v /srv/incoming/torrents/deluge/porn:/srv/incoming/torrents/deluge/porn \<br /> -v /etc/localtime:/etc/localtime:ro \<br /> --restart unless-stopped \<br /> stashapp/stash<br /> <br /> === Atlassian ===<br /> <br /> ==== JIRA ====<br /> Note: In this instance JIRA is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name jira<br /> sudo docker run -d --name=jira -e TZ=Europe/London \<br /> -e ATL_TOMCAT_SCHEME=https -e ATL_TOMCAT_SECURE=true -e ATL_PROXY_NAME=jira.bretts.org -e ATL_PROXY_PORT=443 \<br /> -p 7980:8080 \<br /> -v jira:/var/atlassian/application-data/jira \<br /> --restart unless-stopped \<br /> atlassian/jira-software<br /> <br /> Docker JIRA runs with a uid and gid of 2001. To ensure they show up as a named user in the hosting system you can run:<br /> sudo addgroup --gid 2001 jira-docker<br /> sudo adduser --system --no-create-home --uid 2001 --gid 2001 jira-docker<br /> <br /> ==== Bitbucket====<br /> Note: In this instance Bitbucket is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name bitbucket<br /> sudo docker run -d --name=bitbucket -e TZ=Europe/London \<br /> -e SERVER_SCHEME=https -e SERVER_SECURE=true -e SERVER_PROXY_NAME=bitbucket.bretts.org -e SERVER_PROXY_PORT=443 \<br /> -p 7990:7990 -p 7999:7999 \<br /> -v bitbucket:/var/atlassian/application-data/bitbucket \<br /> --restart unless-stopped \<br /> atlassian/bitbucket-server<br /> <br /> Docker Bitbucket runs with a uid and gid of 2003. To ensure they show up as a named user in the hosting system you can run:<br /> sudo addgroup --gid 2003 bitbucket-docker<br /> sudo adduser --system --no-create-home --uid 2003 --gid 2003 bitbucket-docker<br /> <br /> ==== Bamboo ====<br /> Note: In this instance Bamboo is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name bamboo<br /> sudo docker run -d --name=bamboo -e TZ=Europe/London \<br /> -p 54663:54663 -p 7970:8085 \<br /> -v bamboo:/var/atlassian/application-data/bamboo \<br /> --restart unless-stopped \<br /> atlassian/bamboo-server<br /> <br /> ===== Limitations =====<br /> * Bamboo runs with a uid of 1000, which means it's likely to clash with a real user in the containing host<br /> * Bamboo container doesn't support any reverse proxy configuration, which means hiding it behind nginx is likely to result in broken Application Links. This can be worked around by manually editing /opt/atlassian/bamboo/conf/server.xml, but those changes will be overwritten on every container upgrade.<br /> <br /> == Tips / Fixes ==<br /> <br /> === Tautulli slow to start ===<br /> This may be due to an attempt to chown a large number of files. <br /> Login to the container:<br /> sudo docker exec -it &lt;container&gt; /bin/bash<br /> Disable the chown step by editing &lt;code&gt;/etc/cont-init.d/30-config&lt;/code&gt; and commenting out the chown command.<br /> <br /> === Adding an SSL cert for Unifi ===<br /> sudo openssl pkcs12 -export -inkey /etc/ssl/bretts.org/key.pem -in /etc/ssl/bretts.org/fullchain.pem -out /tmp/cert.p12 -name unifi -password pass:temppass<br /> sudo keytool -importkeystore -deststorepass aircontrolenterprise -destkeypass aircontrolenterprise -destkeystore /var/lib/unifi/data/keystore -srckeystore /tmp/cert.p12 -srcstoretype PKCS12 -srcstorepass temppass -alias unifi -noprompt<br /> sudo docker restart unifi-controller<br /> sudo rm /tmp/cert.p12<br /> <br /> === Local DNS resolution fails on docker 18.09 ===<br /> This may be the result of a bug: https://bugs.launchpad.net/ubuntu/+source/docker.io/+bug/1820278. Normally the container's /etc/resolv.conf should mirror that of the host, but in this case it seems to just be a default version. As a workaround, create /etc/docker/daemon.json with the following contents:<br /> <br /> {<br /> &quot;dns&quot;: [&quot;192.168.1.1&quot;, &quot;8.8.8.8&quot;],<br /> &quot;dns-search&quot;: [&quot;bretts.org&quot;]<br /> }</div> Andrew https://wiki.bretts.org/index.php?title=Docker&diff=8579 Docker 2025-09-19T15:33:37Z <p>Andrew: /* Containers */</p> <hr /> <div>== Useful Commands ==<br /> <br /> ; docker ps -a: List all containers<br /> ; docker container inspect &lt;container&gt;: Show details of &lt;container&gt;<br /> ; docker logs &lt;container&gt;: Show logs for &lt;container&gt;<br /> ; docker exec -it &lt;container&gt; /bin/bash: Start an interactive shell in &lt;container&gt;<br /> <br /> == Updating container ==<br /> <br /> === Manually ===<br /> sudo docker pull &lt;image&gt;<br /> sudo docker stop &lt;container&gt;<br /> sudo docker rm &lt;container&gt;<br /> &lt;docker run command&gt;<br /> <br /> === Automatically ===<br /> sudo docker run --rm -v /var/run/docker.sock:/var/run/docker.sock taisun/updater --oneshot &lt;container&gt;<br /> <br /> == Containers ==<br /> <br /> === Portainer ===<br /> sudo docker run -d --name portainer \<br /> -p 8000:8000 -p 9443:9443 \<br /> -v /var/run/docker.sock:/var/run/docker.sock -v /var/lib/portainer:/data \<br /> -v /etc/ssl/bretts.org:/certs \<br /> --restart unless-stopped \<br /> portainer/portainer-ce \<br /> --sslcert /certs/fullchain.pem --sslkey /certs/key.pem<br /> <br /> === Plex ===<br /> <br /> Get your claim token: https://www.plex.tv/claim/<br /> <br /> Create the container with the claim token substituted:<br /> sudo docker run -d --name plex --network=host -e PLEX_UID=111 -e PLEX_GID=127 -e TZ=Europe/London -e PLEX_CLAIM=&lt;CLAIM_TOKEN&gt; \<br /> -v /var/lib/plexmediaserver:/config -v /srv:/srv --device=/dev/dri:/dev/dri \<br /> --restart unless-stopped \<br /> plexinc/pms-docker:plexpass<br /> <br /> === Tautulli (Plex Monitoring/Notifications) ===<br /> sudo docker run -d --name tautulli -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 8181:8181 \<br /> -v /var/lib/torrent/tautulli/config:/config -v /var/lib/plexmediaserver/Library/Logs:/logs \<br /> --restart unless-stopped \<br /> linuxserver/tautulli<br /> <br /> === Jackett (Torrent Gateway) ===<br /> sudo docker run -d --name=jackett -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 9117:9117 \<br /> -v /var/lib/torrent/jackett/config:/config -v /var/lib/torrent/jackett/downloads:/downloads \<br /> --restart unless-stopped \<br /> linuxserver/jackett<br /> <br /> === FlareSolverr (CloudFlare proxy bypass) ===<br /> sudo docker run -d --name=flaresolverr \<br /> -p 8191:8191 \<br /> -e LOG_LEVEL=info \<br /> --restart unless-stopped \<br /> ghcr.io/flaresolverr/flaresolverr:latest<br /> <br /> === Byparr (Alternative CloudFlare proxy bypass) ===<br /> sudo docker run -d --name=byparr \<br /> -p 8191:8191 \<br /> -e LOG_LEVEL=info \<br /> --restart unless-stopped \<br /> ghcr.io/thephaseless/byparr:latest<br /> <br /> === Deluge ===<br /> sudo docker run -d --name deluge -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> --net=host \<br /> -v /var/lib/torrent/deluged/config:/config -v /srv/incoming/torrents/deluge:/srv/incoming/torrents/deluge \<br /> -v /etc/ssl/bretts.org:/etc/ssl/bretts.org \<br /> --restart unless-stopped \<br /> linuxserver/deluge<br /> <br /> Since user groups don't seem to apply across the docker boundary, &quot;torrent&quot; will need to be given explicit permission to the private key file via an ACL:<br /> setfacl -m &quot;u:torrent:rw&quot; /etc/ssl/bretts.org/key.pem<br /> <br /> === Radarr (Movie Downloads) ===<br /> sudo docker run -d --name radarr -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 7878:7878 \<br /> -v /var/lib/torrent/radarr/config:/config -v /srv/videos/programs/movies:/movies -v /srv/incoming/torrents/deluge:/downloads \<br /> --restart unless-stopped \<br /> linuxserver/radarr<br /> <br /> === Sonarr (TV Downloads) ===<br /> sudo docker run -d --name=sonarr -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 8989:8989 \<br /> -v /var/lib/torrent/sonarr/config:/config -v /srv/videos/programs/tv:/tv -v /srv/incoming/torrents/deluge:/downloads \<br /> --restart unless-stopped \<br /> linuxserver/sonarr<br /> <br /> === Overseerr (Media Requests) ===<br /> sudo docker run -d --name overseerr --user=torrent:torrent -e LOG_LEVEL=debug -e TZ=Europe/London \<br /> -e PORT=5055 `#optional` \<br /> -p 5055:5055 \<br /> -v /var/lib/torrent/overseerr/config:/app/config \<br /> --restart unless-stopped \<br /> sctx/overseerr<br /> <br /> === Unifi ===<br /> sudo docker run -d --name=unifi-controller -e PUID=140 -e PGID=150 \<br /> -p 3478:3478/udp -p 10001:10001/udp -p 18080:18080 -p 18081:18081 -p 18443:18443 -p 18880:18880 -p 6789:6789 \<br /> -v /var/lib/unifi:/config \<br /> --restart unless-stopped \<br /> linuxserver/unifi-controller<br /> <br /> === Home-Assistant (as part of host network) ===<br /> sudo docker run -d --name=home-assistant -e TZ=Europe/London \<br /> --net=host \<br /> -v /var/lib/home-assistant/config:/config -v /srv:/media -v /etc/ssl/bretts.org:/etc/ssl/bretts.org -v /var/www/html/arlo-snapshots:/arlo-snapshots \<br /> --restart unless-stopped \<br /> homeassistant/home-assistant<br /> <br /> === Stash ===<br /> sudo docker run -d --name stash \<br /> -e STASH_GENERATED=/generated/ -e STASH_METADATA=/metadata/ -e STASH_CACHE=/cache/ \<br /> -e STASH_STASH=/data/ \<br /> -p 9999:9999 \<br /> -v /var/lib/stash:/root/.stash -v /var/lib/stash/metadata:/metadata -v /var/lib/stash/cache:/cache -v /var/lib/stash/blobs:/blobs -v /var/lib/stash/generated:/generated \<br /> -v /var/lib/stash/data:/data -v /srv/porn:/srv/porn -v /srv/incoming/torrents/deluge/porn:/srv/incoming/torrents/deluge/porn \<br /> -v /etc/localtime:/etc/localtime:ro \<br /> --restart unless-stopped \<br /> stashapp/stash<br /> <br /> === Atlassian ===<br /> <br /> ==== JIRA ====<br /> Note: In this instance JIRA is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name jira<br /> sudo docker run -d --name=jira -e TZ=Europe/London \<br /> -e ATL_TOMCAT_SCHEME=https -e ATL_TOMCAT_SECURE=true -e ATL_PROXY_NAME=jira.bretts.org -e ATL_PROXY_PORT=443 \<br /> -p 7980:8080 \<br /> -v jira:/var/atlassian/application-data/jira \<br /> --restart unless-stopped \<br /> atlassian/jira-software<br /> <br /> Docker JIRA runs with a uid and gid of 2001. To ensure they show up as a named user in the hosting system you can run:<br /> sudo addgroup --gid 2001 jira-docker<br /> sudo adduser --system --no-create-home --uid 2001 --gid 2001 jira-docker<br /> <br /> ==== Bitbucket====<br /> Note: In this instance Bitbucket is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name bitbucket<br /> sudo docker run -d --name=bitbucket -e TZ=Europe/London \<br /> -e SERVER_SCHEME=https -e SERVER_SECURE=true -e SERVER_PROXY_NAME=bitbucket.bretts.org -e SERVER_PROXY_PORT=443 \<br /> -p 7990:7990 -p 7999:7999 \<br /> -v bitbucket:/var/atlassian/application-data/bitbucket \<br /> --restart unless-stopped \<br /> atlassian/bitbucket-server<br /> <br /> Docker Bitbucket runs with a uid and gid of 2003. To ensure they show up as a named user in the hosting system you can run:<br /> sudo addgroup --gid 2003 bitbucket-docker<br /> sudo adduser --system --no-create-home --uid 2003 --gid 2003 bitbucket-docker<br /> <br /> ==== Bamboo ====<br /> Note: In this instance Bamboo is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name bamboo<br /> sudo docker run -d --name=bamboo -e TZ=Europe/London \<br /> -p 54663:54663 -p 7970:8085 \<br /> -v bamboo:/var/atlassian/application-data/bamboo \<br /> --restart unless-stopped \<br /> atlassian/bamboo-server<br /> <br /> ===== Limitations =====<br /> * Bamboo runs with a uid of 1000, which means it's likely to clash with a real user in the containing host<br /> * Bamboo container doesn't support any reverse proxy configuration, which means hiding it behind nginx is likely to result in broken Application Links. This can be worked around by manually editing /opt/atlassian/bamboo/conf/server.xml, but those changes will be overwritten on every container upgrade.<br /> <br /> == Tips / Fixes ==<br /> <br /> === Tautulli slow to start ===<br /> This may be due to an attempt to chown a large number of files. <br /> Login to the container:<br /> sudo docker exec -it &lt;container&gt; /bin/bash<br /> Disable the chown step by editing &lt;code&gt;/etc/cont-init.d/30-config&lt;/code&gt; and commenting out the chown command.<br /> <br /> === Adding an SSL cert for Unifi ===<br /> sudo openssl pkcs12 -export -inkey /etc/ssl/bretts.org/key.pem -in /etc/ssl/bretts.org/fullchain.pem -out /tmp/cert.p12 -name unifi -password pass:temppass<br /> sudo keytool -importkeystore -deststorepass aircontrolenterprise -destkeypass aircontrolenterprise -destkeystore /var/lib/unifi/data/keystore -srckeystore /tmp/cert.p12 -srcstoretype PKCS12 -srcstorepass temppass -alias unifi -noprompt<br /> sudo docker restart unifi-controller<br /> sudo rm /tmp/cert.p12<br /> <br /> === Local DNS resolution fails on docker 18.09 ===<br /> This may be the result of a bug: https://bugs.launchpad.net/ubuntu/+source/docker.io/+bug/1820278. Normally the container's /etc/resolv.conf should mirror that of the host, but in this case it seems to just be a default version. As a workaround, create /etc/docker/daemon.json with the following contents:<br /> <br /> {<br /> &quot;dns&quot;: [&quot;192.168.1.1&quot;, &quot;8.8.8.8&quot;],<br /> &quot;dns-search&quot;: [&quot;bretts.org&quot;]<br /> }</div> Andrew https://wiki.bretts.org/index.php?title=SnapRAID_/_MergerFS&diff=8578 SnapRAID / MergerFS 2025-08-21T05:28:46Z <p>Andrew: /* Identifying/Fixing a bad block */</p> <hr /> <div>= SnapRAID / MergerFS =<br /> <br /> == Setup ==<br /> https://zackreed.me/setting-up-snapraid-on-ubuntu/<br /> <br /> Note that if (like me) you use a dedicated snapraid content directory then you'll need to create that by hand for each disk with:<br /> <br /> mkdir /mnt/data/disk1/.snapraid<br /> <br /> == Partitioning a new data disk ==<br /> Note: &quot;-m 2&quot; here reserves 2% of the filesystem for root-owned files (eg. .../.snapraid/content)<br /> sudo parted -a optimal -s /dev/sdX -- mklabel gpt mkpart primary 0% 100%<br /> sudo mkfs.ext4 -m 2 -T largefile4 /dev/sdX1<br /> <br /> == Partitioning a new parity disk ==<br /> Note: &quot;-m 0&quot; here reserves 0% of the filesystem, ensuring that the parity disks are slightly larger than the data disks<br /> sudo parted -a optimal -s /dev/sdX -- mklabel gpt mkpart primary 0% 100%<br /> sudo mkfs.ext4 -m 0 -T largefile4 /dev/sdX1<br /> <br /> == Adding a new data disk to mergerfs ==<br /> From: https://zackreed.me/mergerfs-neat-tricks/<br /> From within the root of the mergerfs filesystem (eg. /srv)<br /> xattr -w user.mergerfs.srcmounts '+&gt;/mnt/data/disk4/srv' .mergerfs<br /> <br /> == Removing a data disk from mergerfs ==<br /> From within the root of the mergerfs filesystem (eg. /srv)<br /> xattr -w user.mergerfs.srcmounts '-/mnt/data/disk4/srv' .mergerfs<br /> <br /> == Forcing a resync ==<br /> <br /> sudo snapraid sync<br /> <br /> == Identifying/Fixing a bad block ==<br /> * Run ddrescue to identify the failing bytes on the disk:<br /> &lt;pre&gt;<br /> ddrescue --ask --verbose --binary-prefixes --idirect --force /dev/sdX /dev/null sdX.map <br /> &lt;/pre&gt;<br /> * ddrescue will write out a map file containing start positions and sizes (all in bytes) of good (+) and bad (-) byte ranges<br /> * Get the block size for the volume with &lt;code&gt;tune2fs -l /dev/sdXY | grep &quot;Block size&quot;&lt;/code&gt; (we'll call this '''B'''). In my case this is 4096.<br /> * Get the sector size for the disk with &lt;code&gt;fdisk -l /dev/sdX | grep Units&lt;/code&gt; (we'll call this '''S'''). In my case this is 512.<br /> * Identify the starting sector for the /dev/sdXY volume (eg. /dev/sda1) with &lt;code&gt;fdisk -l /dev/sdX&lt;/code&gt; (we'll call this '''T'''). In my case this is 2048.<br /> * Run ddrescuelog to list out the bad block locations (using the block size B):<br /> &lt;pre&gt;<br /> ddrescuelog -b B --list-blocks=- sdX.map<br /> &lt;/pre&gt;<br /> * For each of these, convert to a block location in the volume (rather than the disk) by subtracting &lt;code&gt;(T * S / B)&lt;/code&gt;. In my case that's 256. Let's call each of these bad volume blocks '''BB'''<br /> * Start debugfs for the volume with :<br /> &lt;pre&gt;<br /> debugfs /dev/sdXY<br /> &lt;/pre&gt;<br /> * For each '''BB''' run:<br /> &lt;pre&gt;<br /> testb BB<br /> &lt;/pre&gt;<br /> * If debugfs returns &quot;Block BB not in use&quot;, then that block isn't part of a file and can safely be overwritten. If it returns &quot;Block BB marked in use&quot; then we need to get an inode number (we'll call it '''I''') and convert that inode number to a file path with:<br /> &lt;pre&gt;<br /> icheck BB<br /> ncheck I<br /> &lt;/pre&gt;<br /> <br /> For any unused blocks, we need to do the following:<br /> * Check with dd that we’ve got the right block IDs. For each one of these reads we expect to see an error (and “0+0 records in”):<br /> &lt;pre&gt;<br /> for block in `ddrescuelog -b B --list-blocks=- sdX.map`<br /> do<br /> dd if=/dev/sdX of=/dev/null count=1 bs=B skip=$block<br /> done<br /> &lt;/pre&gt;<br /> <br /> * For each of the bad blocks, write zeros over the block to force it to be reallocated from spare space on the drive. Be careful here – getting it wrong will destroy data! Also note that when reading, “skip” is used to position the input stream, but here “seek” is used to position the output stream:<br /> &lt;pre&gt;<br /> for block in `ddrescuelog -b B --list-blocks=- sdX.map`<br /> do<br /> dd if=/dev/zero of=/dev/sdX count=1 bs=B seek=$block<br /> done<br /> &lt;/pre&gt;<br /> <br /> * It’s possible that dd will fail to write to the block, in which case try again with hdparm:<br /> <br /> ** First check that we’ve got the right sectors (we expect to see “SG_IO: bad/missing sense data” for each sector on stderr, so we pipe stdout to /dev/null to avoid noise). Note that we use '''S''' as the block size for ddrescuelog, since hdparm deals in sectors:<br /> &lt;pre&gt;<br /> for block in `ddrescuelog -b S --list-blocks=- sdX.map`<br /> do<br /> hdparm --read-sector $block /dev/sdX &gt; /dev/null<br /> done<br /> &lt;/pre&gt;<br /> <br /> ** Assuming we’ve seen the expected errors, write zeros over each of the bad sectors. Note that we use '''S''' as the block size for ddrescuelog, since hdparm deals in sectors. Be careful here – getting it wrong will destroy data! You may be asked to add a “—yes-i-know-what-i-am-doing” flag.<br /> &lt;pre&gt;<br /> for block in `ddrescuelog -b S --list-blocks=- sdX.map`<br /> do<br /> hdparm --write-sector $block /dev/sdX<br /> done<br /> &lt;/pre&gt;<br /> <br /> * Check that the number of failing sectors has decreased:<br /> &lt;pre&gt;<br /> smartctl -a /dev/sdX | grep Pending<br /> &lt;/pre&gt;<br /> <br /> For any files reported by `debugfs`:<br /> * Write random data over the bad file, which should force the pending sector to be marked bad and reallocated from spare space on the disk:<br /> &lt;pre&gt;<br /> shred -n 1 –v /path/to/bad/file<br /> &lt;/pre&gt;<br /> <br /> * Check that the number of failing sectors has decreased:<br /> &lt;pre&gt;<br /> smartctl -a /dev/sdX | grep Pending<br /> &lt;/pre&gt;<br /> <br /> * Assuming the number of pending sectors has decreased, it’s then ok to delete the bad file:<br /> &lt;pre&gt;<br /> rm /path/to/bad/file<br /> &lt;/pre&gt;<br /> <br /> * Restore the deleted file:<br /> &lt;pre&gt;<br /> snapraid fix -f /path/to/bad/file<br /> &lt;/pre&gt;<br /> <br /> More details:<br /> * https://www.smartmontools.org/wiki/BadBlockHowto<br /> * [[Mdadm#Repairing_failing_disk_on_degraded_array]]</div> Andrew https://wiki.bretts.org/index.php?title=SnapRAID_/_MergerFS&diff=8577 SnapRAID / MergerFS 2025-08-21T04:53:10Z <p>Andrew: /* Identifying/Fixing a bad block */</p> <hr /> <div>= SnapRAID / MergerFS =<br /> <br /> == Setup ==<br /> https://zackreed.me/setting-up-snapraid-on-ubuntu/<br /> <br /> Note that if (like me) you use a dedicated snapraid content directory then you'll need to create that by hand for each disk with:<br /> <br /> mkdir /mnt/data/disk1/.snapraid<br /> <br /> == Partitioning a new data disk ==<br /> Note: &quot;-m 2&quot; here reserves 2% of the filesystem for root-owned files (eg. .../.snapraid/content)<br /> sudo parted -a optimal -s /dev/sdX -- mklabel gpt mkpart primary 0% 100%<br /> sudo mkfs.ext4 -m 2 -T largefile4 /dev/sdX1<br /> <br /> == Partitioning a new parity disk ==<br /> Note: &quot;-m 0&quot; here reserves 0% of the filesystem, ensuring that the parity disks are slightly larger than the data disks<br /> sudo parted -a optimal -s /dev/sdX -- mklabel gpt mkpart primary 0% 100%<br /> sudo mkfs.ext4 -m 0 -T largefile4 /dev/sdX1<br /> <br /> == Adding a new data disk to mergerfs ==<br /> From: https://zackreed.me/mergerfs-neat-tricks/<br /> From within the root of the mergerfs filesystem (eg. /srv)<br /> xattr -w user.mergerfs.srcmounts '+&gt;/mnt/data/disk4/srv' .mergerfs<br /> <br /> == Removing a data disk from mergerfs ==<br /> From within the root of the mergerfs filesystem (eg. /srv)<br /> xattr -w user.mergerfs.srcmounts '-/mnt/data/disk4/srv' .mergerfs<br /> <br /> == Forcing a resync ==<br /> <br /> sudo snapraid sync<br /> <br /> == Identifying/Fixing a bad block ==<br /> * Run ddrescue to identify the failing bytes on the disk:<br /> &lt;pre&gt;<br /> ddrescue --ask --verbose --binary-prefixes --idirect --force /dev/sdX /dev/null sdX.map <br /> &lt;/pre&gt;<br /> * ddrescue will write out a map file containing start positions and sizes (all in bytes) of good (+) and bad (-) byte ranges<br /> * Get the block size for the volume with &lt;code&gt;tune2fs -l /dev/sdXY | grep &quot;Block size&quot;&lt;/code&gt; (we'll call this '''B'''). In my case this is 4096.<br /> * Get the sector size for the disk with &lt;code&gt;fdisk -l /dev/sdX | grep Units&lt;/code&gt; (we'll call this '''S'''). In my case this is 512.<br /> * Identify the starting sector for the /dev/sdXY volume (eg. /dev/sda1) with &lt;code&gt;fdisk -l /dev/sdX&lt;/code&gt; (we'll call this '''T'''). In my case this is 2048.<br /> * Run ddrescuelog to list out the bad block locations (using the block size B):<br /> &lt;pre&gt;<br /> ddrescuelog -b B --list-blocks=- sdX.map<br /> &lt;/pre&gt;<br /> * For each of these, convert to a block location in the volume (rather than the disk) by subtracting &lt;code&gt;(T * S / B)&lt;/code&gt;. In my case that's 256. Let's call each of these bad volume blocks '''BB'''<br /> * Start debugfs for the volume with :<br /> &lt;pre&gt;<br /> debugfs /dev/sdXY<br /> &lt;/pre&gt;<br /> * For each '''BB''' run:<br /> &lt;pre&gt;<br /> testb BB<br /> &lt;/pre&gt;<br /> * If debugfs returns &quot;Block BB not in use&quot;, then that block isn't part of a file and can safely be overwritten. If it returns &quot;Block BB marked in use&quot; then we need to get an inode number (we'll call it '''I''') and convert that inode number to a file path with:<br /> &lt;pre&gt;<br /> icheck BB<br /> ncheck I<br /> &lt;/pre&gt;<br /> <br /> For any unused blocks, we need to do the following:<br /> * Check with dd that we’ve got the right block IDs. For each one of these reads we expect to see an error (and “0+0 records in”):<br /> &lt;pre&gt;<br /> for block in `ddrescuelog -b B --list-blocks=- sdX.map`<br /> do<br /> dd if=/dev/sdX of=/dev/null count=1 bs=B skip=$block<br /> done<br /> &lt;/pre&gt;<br /> <br /> * For each of the bad blocks, write zeros over the block to force it to be reallocated from spare space on the drive. Be careful here – getting it wrong will destroy data! Also note that when reading, “skip” is used to position the input stream, but here “seek” is used to position the output stream:<br /> &lt;pre&gt;<br /> for block in `ddrescuelog -b B --list-blocks=- sdX.map`<br /> do<br /> dd if=/dev/zero of=/dev/sdX count=1 bs=B seek=$block<br /> done<br /> &lt;/pre&gt;<br /> <br /> * It’s possible that dd will fail to write to the block, in which case try again with hdparm:<br /> <br /> ** First check that we’ve got the right sectors (we expect to see “SG_IO: bad/missing sense data” for each sector on stderr, so we pipe stdout to /dev/null to avoid noise). Note that we use '''S''' as the block size for ddrescuelog, since hdparm deals in sectors:<br /> &lt;pre&gt;<br /> for block in `ddrescuelog -b S --list-blocks=- sdX.map`<br /> do<br /> hdparm --read-sector $block /dev/sdX &gt; /dev/null<br /> done<br /> &lt;/pre&gt;<br /> <br /> ** Assuming we’ve seen the expected errors, write zeros over each of the bad sectors. Note that we use '''S''' as the block size for ddrescuelog, since hdparm deals in sectors. Be careful here – getting it wrong will destroy data! You may be asked to add a “—yes-i-know-what-i-am-doing” flag.<br /> &lt;pre&gt;<br /> for block in `ddrescuelog -b S --list-blocks=- sdX.map`<br /> do<br /> hdparm --write-sector $block /dev/sdX<br /> done<br /> &lt;/pre&gt;<br /> <br /> * Check that the number of failing sectors has decreased:<br /> &lt;pre&gt;<br /> smartctl -a /dev/sdX | grep Pending<br /> &lt;/pre&gt;<br /> <br /> For any files reported by `debugfs`:<br /> * Write random data over the bad file, which should force the pending sector to be marked bad and reallocated from spare space on the disk:<br /> &lt;pre&gt;<br /> shred –v /path/to/bad/file<br /> &lt;/pre&gt;<br /> <br /> * Check that the number of failing sectors has decreased:<br /> &lt;pre&gt;<br /> smartctl –a /dev/sdX | grep Pending<br /> &lt;/pre&gt;<br /> <br /> * Assuming the number of pending sectors has decreased, it’s then ok to delete the bad file:<br /> &lt;pre&gt;<br /> rm /path/to/bad/file<br /> &lt;/pre&gt;<br /> <br /> More details:<br /> * https://www.smartmontools.org/wiki/BadBlockHowto<br /> * [[Mdadm#Repairing_failing_disk_on_degraded_array]]</div> Andrew https://wiki.bretts.org/index.php?title=Saber_Controls&diff=8576 Saber Controls 2025-08-12T07:39:07Z <p>Andrew: /* Saber Controls (ProffieOS 7) */</p> <hr /> <div>== Saber Controls (ProffieOS 7) ==<br /> <br /> === Config ===<br /> Backup: \\maine\andrew\Documents\Saber<br /> Config File: ProffieOS\config\e29a-*.h<br /> <br /> === Preset List ===<br /> * Obi-Wan Kenobi (Episode 3)<br /> * Mace Windu<br /> * Anakin Skywalker<br /> * Darth Maul<br /> * Luke Skywalker (Episode 4)<br /> * Luke Skywalker (Episode 6)<br /> * Darth Vader<br /> * Rey Skywalker<br /> * Kylo Ren<br /> * The Mandalorian<br /> * Cal Kestis<br /> * Pod Racer<br /> * Heavy Blade<br /> * Speeder Bike<br /> * Seethe<br /> * Coda<br /> * Ghostbusters<br /> * Star Trek<br /> * Rainbow<br /> <br /> === Blade Off ===<br /> ;PWR<br /> :Ignite Blade<br /> ;PWR (Double Click)<br /> :Ignite Blade (muted)<br /> ;PWR (Long Click - blade up)<br /> :Play Track<br /> :'''PWR (Long Click)''': Stop<br /> ;PWR (Long Click - blade parallel)<br /> :Track Player<br /> :'''Turn Right''': Next Track<br /> :'''Turn Left''': Previous Track<br /> :'''PWR (Long Click)''': Stop<br /> ;PWR (Hold) + Clash<br /> :Toggle Gesture Sleep<br /> ;PWR (Hold) + AUX<br /> :Volume<br /> :'''Turn Right''': Increase Volume<br /> :'''Turn Left''': Decrease Volume<br /> :'''PWR'''/'''AUX''': Exit<br /> ---<br /> ;AUX (Click)<br /> :Change Preset<br /> ;AUX (Long Click)<br /> :Scroll Presets<br /> :'''Turn Right''': Next Preset<br /> :'''Turn Left''': Previous Preset<br /> :'''PWR''': Select Preset and Exit<br /> :'''AUX''': Select First Preset and Exit<br /> ;AUX (Hold) + PWR (Click)<br /> :Battery Level<br /> <br /> === Blade On ===<br /> ;PWR<br /> :Extinguish Blade<br /> ;PWR (Hold) + Clash<br /> :Lockup<br /> ;PWR (Hold) + AUX<br /> :Lightning Block<br /> ---<br /> ;AUX<br /> :Blaster Deflect<br /> ;AUX (Long Click)<br /> :Multi-Blast (each swing is a Blaster Deflect)<br /> :'''AUX'''/Clash: Exit<br /> ;AUX (Hold) + Stab Down<br /> :Drag<br /> ;AUX (Hold) + Stab Up/Parallel<br /> :Melt<br /> ---<br /> ;Clash<br /> :Clash</div> Andrew https://wiki.bretts.org/index.php?title=Saber_Controls&diff=8575 Saber Controls 2025-08-12T07:18:58Z <p>Andrew: /* Blade Off */</p> <hr /> <div>== Saber Controls (ProffieOS 7) ==<br /> <br /> === Config ===<br /> Backup: \\maine\andrew\Documents\Saber<br /> Config File: ProffieOS\config\e29a-*.h<br /> <br /> === Preset List ===<br /> * Obi-Wan Kenobi (Episode 3)<br /> * Mace Windu<br /> * Anakin Skywalker<br /> * Darth Maul<br /> * Luke Skywalker (Episode 4)<br /> * Luke Skywalker (Episode 6)<br /> * Darth Vader<br /> * Rey Skywalker<br /> * Kylo Ren<br /> * The Mandalorian<br /> * Cal Kestis<br /> * Pod Racer<br /> * Heavy Blade<br /> * Speeder Bike<br /> * Seethe<br /> * Coda<br /> * Ghostbusters<br /> * Star Trek<br /> * Rainbow<br /> <br /> === Blade Off ===<br /> ;PWR<br /> :Ignite Blade<br /> ;PWR (Double Click)<br /> :Ignite Blade (muted)<br /> ;PWR (Long Click - blade up)<br /> :Play Track<br /> :'''PWR (Long Click)''': Stop<br /> ;PWR (Long Click - blade parallel)<br /> :Track Player<br /> :'''Turn Right''': Next Track<br /> :'''Turn Left''': Previous Track<br /> :'''PWR (Long Click)''': Stop<br /> ;PWR (Hold) + Clash<br /> :Toggle Gesture Sleep<br /> ;PWR (Hold) + AUX<br /> :Volume<br /> :'''Turn Right''': Increase Volume<br /> :'''Turn Left''': Decrease Volume<br /> :'''PWR'''/'''AUX''': Exit<br /> ---<br /> ;AUX (Click)<br /> :Change Preset<br /> ;AUX (Long Click)<br /> :Scroll Presets<br /> :'''Turn Right''': Next Preset<br /> :'''Turn Left''': Previous Preset<br /> :'''PWR''': Select Preset and Exit<br /> :'''AUX''': Select First Preset and Exit<br /> ;AUX (Hold) + PWR (Click)<br /> :Battery Level</div> Andrew https://wiki.bretts.org/index.php?title=Saber_Controls&diff=8574 Saber Controls 2025-08-12T07:16:45Z <p>Andrew: /* Blade Off */</p> <hr /> <div>== Saber Controls (ProffieOS 7) ==<br /> <br /> === Config ===<br /> Backup: \\maine\andrew\Documents\Saber<br /> Config File: ProffieOS\config\e29a-*.h<br /> <br /> === Preset List ===<br /> * Obi-Wan Kenobi (Episode 3)<br /> * Mace Windu<br /> * Anakin Skywalker<br /> * Darth Maul<br /> * Luke Skywalker (Episode 4)<br /> * Luke Skywalker (Episode 6)<br /> * Darth Vader<br /> * Rey Skywalker<br /> * Kylo Ren<br /> * The Mandalorian<br /> * Cal Kestis<br /> * Pod Racer<br /> * Heavy Blade<br /> * Speeder Bike<br /> * Seethe<br /> * Coda<br /> * Ghostbusters<br /> * Star Trek<br /> * Rainbow<br /> <br /> === Blade Off ===<br /> ;PWR (Click)<br /> :Ignite Blade<br /> ;PWR (Double Click)<br /> :Ignite Blade (muted)<br /> ;PWR (Long Click - blade up)<br /> :Play Track<br /> :'''PWR (Long Click)''': Stop<br /> ;PWR (Long Click - blade parallel)<br /> :Track Player<br /> :'''Turn Right''': Next Track<br /> :'''Turn Left''': Previous Track<br /> :'''PWR (Long Click)''': Stop<br /> ;PWR (Hold) + Clash<br /> :Toggle Gesture Sleep<br /> ;AUX (Click)<br /> :Change Preset<br /> ;AUX (Long Click)<br /> :Scroll Presets<br /> :'''Turn Right''': Next Preset<br /> :'''Turn Left''': Previous Preset<br /> :'''PWR''': Select Preset and Exit<br /> :'''AUX''': Select First Preset and Exit<br /> ;AUX (Hold) + PWR (Click)<br /> :Battery Level</div> Andrew https://wiki.bretts.org/index.php?title=Saber_Controls&diff=8573 Saber Controls 2025-08-12T07:14:42Z <p>Andrew: /* When Off */</p> <hr /> <div>== Saber Controls (ProffieOS 7) ==<br /> <br /> === Config ===<br /> Backup: \\maine\andrew\Documents\Saber<br /> Config File: ProffieOS\config\e29a-*.h<br /> <br /> === Preset List ===<br /> * Obi-Wan Kenobi (Episode 3)<br /> * Mace Windu<br /> * Anakin Skywalker<br /> * Darth Maul<br /> * Luke Skywalker (Episode 4)<br /> * Luke Skywalker (Episode 6)<br /> * Darth Vader<br /> * Rey Skywalker<br /> * Kylo Ren<br /> * The Mandalorian<br /> * Cal Kestis<br /> * Pod Racer<br /> * Heavy Blade<br /> * Speeder Bike<br /> * Seethe<br /> * Coda<br /> * Ghostbusters<br /> * Star Trek<br /> * Rainbow<br /> <br /> === Blade Off ===<br /> ;PWR (Click)<br /> :Ignite Blade<br /> ;PWR (Double Click)<br /> :Ignite Blade (muted)<br /> ;PWR (Long Click - blade up)<br /> :Play Track<br /> :'''PWR (Long Click)''': Stop<br /> ;PWR (Long Click - blade parallel)<br /> :Track Player<br /> :'''Turn Right''': Next Track<br /> :'''Turn Left''': Previous Track<br /> :'''PWR (Long Click)''': Stop<br /> ;PWR (Hold) + Clash<br /> :Toggle Gesture Sleep<br /> ;AUX (Click)<br /> :Change Preset<br /> ;AUX (Hold)<br /> :Scroll Presets<br /> :'''Turn Right''': Next Preset<br /> :'''Turn Left''': Previous Preset<br /> :'''AUX''': First Preset<br /> :'''PWR''': Select Preset<br /> ;AUX (Hold) + PWR (Click)<br /> :Battery Level</div> Andrew https://wiki.bretts.org/index.php?title=Saber_Controls&diff=8572 Saber Controls 2025-08-12T07:14:28Z <p>Andrew: /* When Off */</p> <hr /> <div>== Saber Controls (ProffieOS 7) ==<br /> <br /> === Config ===<br /> Backup: \\maine\andrew\Documents\Saber<br /> Config File: ProffieOS\config\e29a-*.h<br /> <br /> === Preset List ===<br /> * Obi-Wan Kenobi (Episode 3)<br /> * Mace Windu<br /> * Anakin Skywalker<br /> * Darth Maul<br /> * Luke Skywalker (Episode 4)<br /> * Luke Skywalker (Episode 6)<br /> * Darth Vader<br /> * Rey Skywalker<br /> * Kylo Ren<br /> * The Mandalorian<br /> * Cal Kestis<br /> * Pod Racer<br /> * Heavy Blade<br /> * Speeder Bike<br /> * Seethe<br /> * Coda<br /> * Ghostbusters<br /> * Star Trek<br /> * Rainbow<br /> <br /> === When Off ===<br /> ;PWR (Click)<br /> :Ignite Blade<br /> ;PWR (Double Click)<br /> :Ignite Blade (muted)<br /> ;PWR (Long Click - blade up)<br /> :Play Track<br /> :'''PWR (Long Click)''': Stop<br /> ;PWR (Long Click - blade parallel)<br /> :Track Player<br /> :'''Turn Right''': Next Track<br /> :'''Turn Left''': Previous Track<br /> :'''PWR (Long Click)''': Stop<br /> ;PWR (Hold) + Clash<br /> :Toggle Gesture Sleep<br /> ;AUX (Click)<br /> :Change Preset<br /> ;AUX (Hold)<br /> :Scroll Presets<br /> :'''Turn Right''': Next Preset<br /> :'''Turn Left''': Previous Preset<br /> :'''AUX''': First Preset<br /> :'''PWR''': Select Preset<br /> ;AUX (Hold) + PWR (Click)<br /> :Battery Level</div> Andrew https://wiki.bretts.org/index.php?title=Saber_Controls&diff=8571 Saber Controls 2025-08-12T07:13:28Z <p>Andrew: /* When Off */</p> <hr /> <div>== Saber Controls (ProffieOS 7) ==<br /> <br /> === Config ===<br /> Backup: \\maine\andrew\Documents\Saber<br /> Config File: ProffieOS\config\e29a-*.h<br /> <br /> === Preset List ===<br /> * Obi-Wan Kenobi (Episode 3)<br /> * Mace Windu<br /> * Anakin Skywalker<br /> * Darth Maul<br /> * Luke Skywalker (Episode 4)<br /> * Luke Skywalker (Episode 6)<br /> * Darth Vader<br /> * Rey Skywalker<br /> * Kylo Ren<br /> * The Mandalorian<br /> * Cal Kestis<br /> * Pod Racer<br /> * Heavy Blade<br /> * Speeder Bike<br /> * Seethe<br /> * Coda<br /> * Ghostbusters<br /> * Star Trek<br /> * Rainbow<br /> <br /> === When Off ===<br /> ;PWR (Click)<br /> :Ignite Blade<br /> ;PWR (Double Click)<br /> :Ignite Blade (muted)<br /> ;PWR (Long Click - blade up)<br /> :Play Track<br /> :PWR (Long Click): Stop<br /> ;PWR (Long Click - blade parallel)<br /> :Track Player<br /> :'''Turn Right''': Next Track<br /> :'''Turn Left''': Previous Track<br /> :'''PWR (Long Click)''': Stop<br /> ;PWR (Hold) + Clash<br /> :Toggle Gesture Sleep<br /> ;AUX<br /> :Change Preset<br /> ;AUX (Hold)<br /> :Scroll Presets<br /> :'''Turn Right''': Next Preset<br /> :'''Turn Left''': Previous Preset<br /> :'''AUX''': First Preset<br /> :'''PWR''': Select Preset<br /> ;AUX (Hold) + PWR (Click)<br /> :Battery Level</div> Andrew https://wiki.bretts.org/index.php?title=Saber_Controls&diff=8570 Saber Controls 2025-08-12T07:10:36Z <p>Andrew: /* Saber Controls (ProffieOS 7) */</p> <hr /> <div>== Saber Controls (ProffieOS 7) ==<br /> <br /> === Config ===<br /> Backup: \\maine\andrew\Documents\Saber<br /> Config File: ProffieOS\config\e29a-*.h<br /> <br /> === Preset List ===<br /> * Obi-Wan Kenobi (Episode 3)<br /> * Mace Windu<br /> * Anakin Skywalker<br /> * Darth Maul<br /> * Luke Skywalker (Episode 4)<br /> * Luke Skywalker (Episode 6)<br /> * Darth Vader<br /> * Rey Skywalker<br /> * Kylo Ren<br /> * The Mandalorian<br /> * Cal Kestis<br /> * Pod Racer<br /> * Heavy Blade<br /> * Speeder Bike<br /> * Seethe<br /> * Coda<br /> * Ghostbusters<br /> * Star Trek<br /> * Rainbow<br /> <br /> === When Off ===<br /> ;PWR<br /> :Ignite Blade<br /> ;PWR (Double Click)<br /> :Ignite Blade (muted)<br /> ;PWR (Long Click - blade up)<br /> :Play Track<br /> :PWR (Long Click): Stop<br /> ;PWR (Long Click - blade parallel)<br /> :Track Player<br /> :'''Turn Right''': Next Track<br /> :'''Turn Left''': Previous Track<br /> :'''PWR (Long Click)''': Stop<br /> ;PWR (Hold) + Clash<br /> :Toggle Gesture Sleep<br /> ;AUX<br /> :Change Preset<br /> ;AUX (Hold)<br /> :Scroll Presets<br /> :'''Turn Right''': Next Preset<br /> :'''Turn Left''': Previous Preset<br /> :'''PWR''': Select Preset<br /> :'''PWR (Long Click)''': Select Preset</div> Andrew https://wiki.bretts.org/index.php?title=Saber_Controls&diff=8569 Saber Controls 2025-08-12T07:08:21Z <p>Andrew: /* Preset List */</p> <hr /> <div>== Saber Controls (ProffieOS 7) ==<br /> <br /> === Preset List ===<br /> - Obi-Wan Kenobi (Episode 3)<br /> - Mace Windu<br /> - Anakin Skywalker<br /> - Darth Maul<br /> - Luke Skywalker (Episode 4)<br /> - Luke Skywalker (Episode 6)<br /> - Darth Vader<br /> - Rey Skywalker<br /> - Kylo Ren<br /> - The Mandalorian<br /> - Cal Kestis<br /> - Pod Racer<br /> - Heavy Blade<br /> - Speeder Bike<br /> - Seethe<br /> - Coda<br /> - Ghostbusters<br /> - Star Trek<br /> - Rainbow<br /> <br /> === When Off ===<br /> ;PWR<br /> :Ignite Blade<br /> ;PWR (Double Click)<br /> :Ignite Blade (muted)<br /> ;PWR (Long Click - blade up)<br /> :Play Track<br /> :PWR (Long Click): Stop<br /> ;PWR (Long Click - blade parallel)<br /> :Track Player<br /> :'''Turn Right''': Next Track<br /> :'''Turn Left''': Previous Track<br /> :'''PWR (Long Click)''': Stop<br /> ;PWR (Hold) + Clash<br /> :Toggle Gesture Sleep<br /> ;AUX<br /> :Change Preset<br /> ;AUX (Hold)<br /> :Scroll Presets<br /> :'''Turn Right''': Next Preset<br /> :'''Turn Left''': Previous Preset<br /> :'''PWR''': Select Preset<br /> :'''PWR (Long Click)''': Select Preset</div> Andrew https://wiki.bretts.org/index.php?title=Saber_Controls&diff=8568 Saber Controls 2025-08-12T06:57:55Z <p>Andrew: Created page with &quot;== Saber Controls (ProffieOS 7) == === Preset List === - === When Off === ;PWR :Ignite Blade ;PWR (Double Click) :Ignite Blade (muted) ;PWR (Long Click - blade up) :Play Tr...&quot;</p> <hr /> <div>== Saber Controls (ProffieOS 7) ==<br /> <br /> === Preset List ===<br /> - <br /> <br /> === When Off ===<br /> ;PWR<br /> :Ignite Blade<br /> ;PWR (Double Click)<br /> :Ignite Blade (muted)<br /> ;PWR (Long Click - blade up)<br /> :Play Track<br /> :PWR (Long Click): Stop<br /> ;PWR (Long Click - blade parallel)<br /> :Track Player<br /> :'''Turn Right''': Next Track<br /> :'''Turn Left''': Previous Track<br /> :'''PWR (Long Click)''': Stop<br /> ;PWR (Hold) + Clash<br /> :Toggle Gesture Sleep<br /> ;AUX<br /> :Change Preset<br /> ;AUX (Hold)<br /> :Scroll Presets<br /> :'''Turn Right''': Next Preset<br /> :'''Turn Left''': Previous Preset<br /> :'''PWR''': Select Preset<br /> :'''PWR (Long Click)''': Select Preset</div> Andrew https://wiki.bretts.org/index.php?title=Main_Page&diff=8567 Main Page 2025-08-12T06:20:17Z <p>Andrew: /* Other */</p> <hr /> <div>== briki Contents ==<br /> === Technology ===<br /> ==== Software ====<br /> * [[Linux Tips]]<br /> * [[Windows 10 Tips]]<br /> * [[Windows XP Tips]]<br /> * [[MacOS X Tips]]<br /> * [[Networking Tips]]<br /> <br /> ==== Hardware ====<br /> * [[Machine List]]<br /> * [[Sony TR Tips]]<br /> * [[SPV M5000 Tips]]<br /> * [[Speedtouch 780 Tips]]<br /> <br /> === Other ===<br /> * [[Bikes]]<br /> * [[Saber Controls]]<br /> * [[Simpsons Quotes]]<br /> * [[Temporary Pages]]<br /> * [[Alex]]<br /> <br /> == Other Contents ==<br /> === Home ===<br /> ----<br /> * [https://home-assistant.bretts.org Home Assistant] (protected)<br /> * [https://arlo.netgear.com Security Cameras] (protected)<br /> <br /> === Media ===<br /> ----<br /> * [https://plex.bretts.org Plex] (protected)<br /> * [https://radarr.bretts.org Radarr] ([https://radarr-lowres.bretts.org low-res]) (private)<br /> * [https://sonarr.bretts.org Sonarr] (private)<br /> * [https://tautulli.bretts.org Tautulli (Plex status)] (private)<br /> * [http://maine.bretts.org:33400 Plex WebTools] (private)<br /> * [http://maine.bretts.org:9117 Jackett] (private)<br /> <br /> === Admin ===<br /> ----<br /> ==== Network ====<br /> * [https://router.bretts.org:1443/ Router] (protected)<br /> * [https://unifi.bretts.org Unifi Controller] (protected)<br /> <br /> ==== Monitoring ====<br /> * [http://netdata.bretts.org Device Monitoring (netdata)]<br /> * [https://ntopng.bretts.org Bandwidth Monitoring (ntopng)] (protected)<br /> * [http://maine.bretts.org/mon/ Process Monitoring (nagios4)] [https://maine.bretts.org/cgi-bin/nagios4/status.cgi?host=all Services](protected)<br /> * [http://maine.bretts.org/graph/bretts.org/ Network Monitoring (munin)]<br /> * [https://maine.bretts.org:9443 Container Monitoring (portainer)]<br /> * [http://maine.bretts.org:3001/ Grafana] (protected)<br /> <br /> ==== Torrents ====<br /> * [https://deluge.bretts.org Deluge] (protected)<br /> <br /> ==== Apache (protected) ====<br /> * [http://maine.bretts.org/doc/ Manual]<br /> * [http://maine.bretts.org/server-info Server Info]<br /> * [http://maine.bretts.org/server-status Server Status]<br /> * [http://maine.bretts.org/php-info/ PHP Info]<br /> <br /> ==== Tomcat (protected) ====<br /> * [http://maine.bretts.org/tomcat/manager/html Manager]<br /> <br /> === Development ===<br /> * [http://bitbucket.bretts.org/ BitBucket]<br /> * [http://jira.bretts.org/ JIRA]<br /> * [http://bamboo.bretts.org/ Bamboo]<br /> <br /> == About ==<br /> '''briki''' (''bretts.org wiki'') administered by Andrew Brett. Feel free to contribute to pre-existing pages.</div> Andrew https://wiki.bretts.org/index.php?title=Machine_List&diff=8566 Machine List 2025-08-04T12:36:07Z <p>Andrew: /* History */</p> <hr /> <div>== History ==<br /> <br /> === Pre-networking ===<br /> * (1988-1993) 8086 4.2MHz, MS-DOS 3.3<br /> * (1993-1995) 386SX 16MHz, Windows 3.1 + MS-DOS 5.0<br /> * (1995-1996) 486DX 50MHz, Windows 3.1 + MS-DOS 5.0/Windows 95<br /> <br /> === indiana ===<br /> * (1996 - 1999) Fujitsu-ICL Pentium 90, Windows 95 + Windows NT 4.0<br /> ** 1996?: +Orchid Righteous 3D<br /> <br /> === colorado === <br /> * (1999 - 2001) Homebuilt Celeron 300, Windows 98/Me/XP<br /> ** Matrox Millennium G200?<br /> * (2001 - 2002) Homebuilt Pentium 3 800, Windows XP<br /> * (2002 - 2005) Homebuilt Pentium 3 800, Mandriva Linux 8.0/9.0/10.0<br /> * (2005 - 2008) Dell Dimension 4300 (Pentium 4 1.8), Kubuntu 6.04<br /> ** 2005: +128MB Sparkle GeForce MX4000 AGP <br /> ** 2005: +Hauppauge WinTV-NOVA-T-MCE <br /> ** 2006: +Seagate Barracuda 7200.10 320GB ST3320620A<br /> ** 2006: +NEC-4570 16x DVD±RW/RAM Black <br /> * (2008 - 2010) Dell Dimension 4300 (Pentium 4 1.8), Ubuntu 8.04<br /> ** 2008: +Seagate Barracuda 7200.10 750GB SATA2 3.5&quot; <br /> ** 2008: +SATA &amp; IDE PCI Controller Card<br /> <br /> === texas ===<br /> * (2002 - 2005) Dell Dimension 4300 (Pentium 4 1.8), Windows XP<br /> ** GeForce 2 MX400?<br /> <br /> === vermont ===<br /> * (2004 - 2006) Sony Vaio TR5MP (Pentium M 1.0), Windows XP<br /> * (2006 - 2008) Sony Vaio TR5MP (Pentium M 1.0), Ubuntu 6.10/7.04/7.10/8.04<br /> <br /> === alaska ===<br /> * (2005 - 2007) Homebuilt Athlon64 3500+, Windows XP + Ubuntu 7.04 -&gt; 8.04<br /> ** Cooler Master Wave Master TAC-T01-E1C Silver All Aluminum Alloy ATX Mid Tower Computer Case<br /> ** MSI K8N Diamond<br /> ** AMD Athlon 64 3500+<br /> ** 512MB Corsair Value Select 400MHz DDR Memory Stick <br /> ** 128MB Sparkle GeForce 6600GT PCI-E <br /> ** 300Gb Maxtor DiamondMax 10 ATA/133 6L300S0<br /> ** NEC ND-3520 Silver <br /> ** 460W Akasa PaxPower Ultra Quiet <br /> ** 2006: +320GB Seagate Barracuda 7200.10 SATA2 ST3320620AS<br /> ** 2007: +Sapphire X1950PRO 512MB GDDR3 PCI-Express<br /> * (2008 - 2014) Homebuilt Core 2 Duo 3.0, Windows XP/7 + Ubuntu 8.04 -&gt; 9.10<br /> ** 2008: +Gigabyte GA P35C-DS3R, iP35 Express, S775, PCI-E(x16), DDR2/3 1066/1333/800, SATA II, SATA RAID, ATX<br /> ** 2008: +Intel Core 2 Duo E8400 2 x 3.00Ghz 6Mb Cache 1333 FSB Dual Core<br /> ** 2008: +Corsair XMS6400 4GB DDR2 (2x2GB) 800Mhz Non-ECC<br /> ** 2009: +GeForce GTX 260 Core 216<br /> ** 2012: +Samsung 830 256GB SSD<br /> * (2014 - ) Homebuilt Core i7-4770, Windows 7/10<br /> ** 2014: +Asus Z87-Plus Motherboard (Socket 1150, 4x DDR3, ATX, 2x PCI Express 3.0/2.0, 6x SATA 6.0 Gb/s, USB 3.0)<br /> ** 2014: +Intel Core i7 4770 Quad Core Retail CPU (Socket 1150, 3.40GHz, 8MB, Haswell)<br /> ** 2014: +Corsair CML16GX3M2A1600C10 Vengeance Low Profile 16GB (2x8GB) DDR3 1600 Mhz CL10 XMP<br /> ** 2014: +Sapphire R9 270X 2GB Vapor-X 1050MHz GDDR 5 PCI Express Graphics Card<br /> ** 2015: +ASUS Z87-A Motherboard<br /> ** 2015: +Cooler Master Hyper 103 92mm Fan<br /> ** 2016: +MSI GeForce GTX 970 GAMING Twin Frozr V 4GB Graphics Card (Maxwell)<br /> ** 2016: +Samsung 850 EVO 500 GB 2.5 inch Solid State Drive<br /> ** 2021: +Corsair RM650x PSU<br /> <br /> === hawaii === <br /> * (2007 - 2009) Nintendo Wii<br /> <br /> === montana ===<br /> * (2007 - ) Apple Mac Mini (Mid 2007), Mac OS X Tiger -&gt; Lion<br /> ** Core 2 Duo T7200 @ 2.0GHz<br /> ** 4GB DDR2-667 RAM<br /> ** 120GB HDD<br /> ** Intel GMA 950<br /> <br /> === pennsylvania ===<br /> * (2008 - 2012) Sony PS3<br /> <br /> === nevada ===<br /> * (2009 - 2011) Samsung NC20 (VIA Nano 1.6), Windows XP + Ubuntu 9.04 -&gt; 9.10<br /> <br /> === maine ===<br /> * (2010 - 2023) Homebuilt Core i5 750, Ubuntu 9.10/12.04/14.04/16.04/18.04/20.04/22.04<br /> ** Cooler Master ATCS 840 RC-840-KKN1-GP Black Aluminum ATX Full Tower Computer Case<br /> *** Front Case Fan failed<br /> ** Gigabyte GA-P55-UD3R LGA 1156 Intel P55 ATX Intel Motherboard<br /> ** Intel Core i5-750 Lynnfield 2.66GHz LGA 1156 95W Quad-Core Processor Model BX80605I5750<br /> ** OCZ Gold 4GB (2 x 2GB) 240-Pin DDR3 SDRAM DDR3 1333 (PC3 10666) Desktop Memory Model OCZ3G1333LV4GK<br /> ** MSI N8400GS-D256H GeForce 8400 GS 256MB 64-bit GDDR2 PCI Express 2.0 x16 HDCP Ready Video Card<br /> ** Seagate Barracuda LP ST31500541AS 1.5TB 5900 RPM SATA 3.0Gb/s 3.5&quot;<br /> ** Nexus NX-5000 R3 530W ATX12V v2.2 80 PLUS BRONZE Certified Modular Active PFC Power Supply<br /> ** 2011 onwards: +Various SATA HDDs<br /> ** 2013: +Crucial Ballistix 16GB (2x8GB) 240-pin DIMM, DDR3 PC3-12800<br /> ** 2019: +Timetec Hynix IC 16GB (2x8GB) DDR3 PC3-12800 1600 MHz Non ECC Unbuffered 1.35V/1.5V Dual Rank 240 Pin UDIMM<br /> ** 2021: +Corsair RM650 PSU<br /> ** 2021: +Cooler Master Hyper 212 CPU Fan<br /> * (2023 - ) Homebuilt Core i5 13500, Ubuntu 22.04 <br /> ** 2023: +ASRock Z790 PRO RS/D4<br /> ** 2023: +Intel Core i5-13500 Desktop Processor 14 cores (6 P-cores + 8 E-cores) <br /> ** 2023: +Corsair CMK64GX4M2E3200C16 Vengeance LPX 64GB (2 x 32GB) DDR4 3200<br /> <br /> === arizona ===<br /> * (2010 - ) Apple Macbook Air (Late 2010 13-inch), Mac OS X Snow Leopard -&gt; macOS Sierra<br /> ** Core 2 Duo SL9400 @ 1.86 GHz<br /> ** 2GB DDR3-1066 RAM<br /> ** 128GB SSD<br /> ** Nvidia GeForce 320M<br /> <br /> === dakota ===<br /> * (2012 - ) Apple Mac Mini (Mid 2011), Mac OS X Lion -&gt; macOS Sierra<br /> ** Core i5-2520M @ 2.5 GHz<br /> ** 4GB DDR3-1333 RAM<br /> ** 500GB SATA HDD<br /> ** AMD Radeon HD 6630M<br /> <br /> === router ===<br /> * (2016 - ) Homebuilt Celeron G1840, pfSense<br /> ** IN Win EM050 Matx Black Case<br /> ** MSI H97M-G43 Socket 1150 VGA DVI HDMI DisplayPort mATX Motherboard<br /> ** Intel Celeron G1840 2.80GHz Socket 1150 2MB L3 Cache<br /> ** Corsair 4GB DDR3 1333MHz Memory Module CL9(9-9-9-24) 1.5V Unbuffered Non-ECC<br /> ** Corsair Force Series LS 60GB SATA 2.5inch SSD<br /> ** 2021: +Corsair RM650 PSU<br /> <br /> === oregon ===<br /> * (2016 - ) Apple MacBook Pro (Late 2016 13-inch Touch Bar), macOS Sierra -&gt; Mojave<br /> ** Core i5-6287U @ 3.1GHz<br /> ** 16GB DDR3-2133 RAM<br /> ** 256GB PCIe SSD<br /> ** Intel Iris Graphics 550<br /> <br /> === virginia ===<br /> * (2021 - 2025) Homebuilt Ryzen 5 5600X, Windows 10<br /> ** Phanteks Evolv X Antracite Grey Case<br /> ** Gigabyte AMD Ryzen X570 AORUS PRO<br /> ** Ryzen 5 5600X @ 3.7Ghz<br /> ** Corsair Vengeance LPX Black 32GB 3600MHz 2x16GB CAS 18-22-22-42 DDR4<br /> ** NVIDIA RTX 3080 Founders Edition<br /> ** Corsair Force MP600 1TB M.2 PCIe Gen 4 NVMe SSD<br /> ** Corsair RM850 PSU<br /> ** 2021: +Samsung 980 PRO M.2 NVMe SSD 2TB<br /> * (2025 -) Homebuilt Ryzen 7 9800X3D, Windows 10<br /> ** +MSI MAG X870 Tomahawk<br /> ** +AMD Ryzen 7 9800X3D AM5 @ 4.7Ghz<br /> ** +Corsair Vengeance 64GB (2*32GB) RGB 6000 MHz CAS 30-36-36-76 DDR5<br /> ** +Corsair RM1000x Shift<br /> <br /> === delaware ===<br /> * (2024 -) Steam Deck 1TB OLED</div> Andrew https://wiki.bretts.org/index.php?title=Docker&diff=8565 Docker 2025-02-25T06:56:30Z <p>Andrew: </p> <hr /> <div>== Useful Commands ==<br /> <br /> ; docker ps -a: List all containers<br /> ; docker container inspect &lt;container&gt;: Show details of &lt;container&gt;<br /> ; docker logs &lt;container&gt;: Show logs for &lt;container&gt;<br /> ; docker exec -it &lt;container&gt; /bin/bash: Start an interactive shell in &lt;container&gt;<br /> <br /> == Updating container ==<br /> <br /> === Manually ===<br /> sudo docker pull &lt;image&gt;<br /> sudo docker stop &lt;container&gt;<br /> sudo docker rm &lt;container&gt;<br /> &lt;docker run command&gt;<br /> <br /> === Automatically ===<br /> sudo docker run --rm -v /var/run/docker.sock:/var/run/docker.sock taisun/updater --oneshot &lt;container&gt;<br /> <br /> == Containers ==<br /> <br /> === Portainer ===<br /> sudo docker run -d --name portainer \<br /> -p 8000:8000 -p 9443:9443 \<br /> -v /var/run/docker.sock:/var/run/docker.sock -v /var/lib/portainer:/data \<br /> -v /etc/ssl/bretts.org:/certs \<br /> --restart unless-stopped \<br /> portainer/portainer-ce \<br /> --sslcert /certs/fullchain.pem --sslkey /certs/key.pem<br /> <br /> === Plex ===<br /> <br /> Get your claim token: https://www.plex.tv/claim/<br /> <br /> Create the container with the claim token substituted:<br /> sudo docker run -d --name plex --network=host -e PLEX_UID=111 -e PLEX_GID=127 -e TZ=Europe/London -e PLEX_CLAIM=&lt;CLAIM_TOKEN&gt; \<br /> -v /var/lib/plexmediaserver:/config -v /srv:/srv --device=/dev/dri:/dev/dri \<br /> --restart unless-stopped \<br /> plexinc/pms-docker:plexpass<br /> <br /> === Tautulli (Plex Monitoring/Notifications) ===<br /> sudo docker run -d --name tautulli -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 8181:8181 \<br /> -v /var/lib/torrent/tautulli/config:/config -v /var/lib/plexmediaserver/Library/Logs:/logs \<br /> --restart unless-stopped \<br /> linuxserver/tautulli<br /> <br /> === Jackett (Torrent Gateway) ===<br /> sudo docker run -d --name=jackett -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 9117:9117 \<br /> -v /var/lib/torrent/jackett/config:/config -v /var/lib/torrent/jackett/downloads:/downloads \<br /> --restart unless-stopped \<br /> linuxserver/jackett<br /> <br /> === FlareSolverr (CloudFlare proxy bypass) ===<br /> sudo docker run -d --name=flaresolverr \<br /> -p 8191:8191 \<br /> -e LOG_LEVEL=info \<br /> --restart unless-stopped \<br /> ghcr.io/flaresolverr/flaresolverr:latest<br /> <br /> === Byparr (Alternative CloudFlare proxy bypass) ===<br /> sudo docker run -d --name=byparr \<br /> -p 8191:8191 \<br /> -e LOG_LEVEL=info \<br /> --restart unless-stopped \<br /> ghcr.io/thephaseless/byparr:latest<br /> <br /> === Deluge ===<br /> sudo docker run -d --name deluge -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> --net=host \<br /> -v /var/lib/torrent/deluged/config:/config -v /srv/incoming/torrents/deluge:/srv/incoming/torrents/deluge \<br /> -v /etc/ssl/bretts.org:/etc/ssl/bretts.org \<br /> --restart unless-stopped \<br /> linuxserver/deluge<br /> <br /> Since user groups don't seem to apply across the docker boundary, &quot;torrent&quot; will need to be given explicit permission to the private key file via an ACL:<br /> setfacl -m &quot;u:torrent:rw&quot; /etc/ssl/bretts.org/key.pem<br /> <br /> === Radarr (Movie Downloads) ===<br /> sudo docker run -d --name radarr -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 7878:7878 \<br /> -v /var/lib/torrent/radarr/config:/config -v /srv/videos/programs/movies:/movies -v /srv/incoming/torrents/deluge:/downloads \<br /> --restart unless-stopped \<br /> linuxserver/radarr<br /> <br /> === Sonarr (TV Downloads) ===<br /> sudo docker run -d --name=sonarr -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 8989:8989 \<br /> -v /var/lib/torrent/sonarr/config:/config -v /srv/videos/programs/tv:/tv -v /srv/incoming/torrents/deluge:/downloads \<br /> --restart unless-stopped \<br /> linuxserver/sonarr<br /> <br /> === Unifi ===<br /> sudo docker run -d --name=unifi-controller -e PUID=140 -e PGID=150 \<br /> -p 3478:3478/udp -p 10001:10001/udp -p 18080:18080 -p 18081:18081 -p 18443:18443 -p 18880:18880 -p 6789:6789 \<br /> -v /var/lib/unifi:/config \<br /> --restart unless-stopped \<br /> linuxserver/unifi-controller<br /> <br /> === Home-Assistant (as part of host network) ===<br /> sudo docker run -d --name=home-assistant -e TZ=Europe/London \<br /> --net=host \<br /> -v /var/lib/home-assistant/config:/config -v /srv:/media -v /etc/ssl/bretts.org:/etc/ssl/bretts.org -v /var/www/html/arlo-snapshots:/arlo-snapshots \<br /> --restart unless-stopped \<br /> homeassistant/home-assistant<br /> <br /> === Stash ===<br /> sudo docker run -d --name stash \<br /> -e STASH_GENERATED=/generated/ -e STASH_METADATA=/metadata/ -e STASH_CACHE=/cache/ \<br /> -e STASH_STASH=/data/ \<br /> -p 9999:9999 \<br /> -v /var/lib/stash:/root/.stash -v /var/lib/stash/metadata:/metadata -v /var/lib/stash/cache:/cache -v /var/lib/stash/blobs:/blobs -v /var/lib/stash/generated:/generated \<br /> -v /var/lib/stash/data:/data -v /srv/porn:/srv/porn -v /srv/incoming/torrents/deluge/porn:/srv/incoming/torrents/deluge/porn \<br /> -v /etc/localtime:/etc/localtime:ro \<br /> --restart unless-stopped \<br /> stashapp/stash<br /> <br /> === Atlassian ===<br /> <br /> ==== JIRA ====<br /> Note: In this instance JIRA is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name jira<br /> sudo docker run -d --name=jira -e TZ=Europe/London \<br /> -e ATL_TOMCAT_SCHEME=https -e ATL_TOMCAT_SECURE=true -e ATL_PROXY_NAME=jira.bretts.org -e ATL_PROXY_PORT=443 \<br /> -p 7980:8080 \<br /> -v jira:/var/atlassian/application-data/jira \<br /> --restart unless-stopped \<br /> atlassian/jira-software<br /> <br /> Docker JIRA runs with a uid and gid of 2001. To ensure they show up as a named user in the hosting system you can run:<br /> sudo addgroup --gid 2001 jira-docker<br /> sudo adduser --system --no-create-home --uid 2001 --gid 2001 jira-docker<br /> <br /> ==== Bitbucket====<br /> Note: In this instance Bitbucket is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name bitbucket<br /> sudo docker run -d --name=bitbucket -e TZ=Europe/London \<br /> -e SERVER_SCHEME=https -e SERVER_SECURE=true -e SERVER_PROXY_NAME=bitbucket.bretts.org -e SERVER_PROXY_PORT=443 \<br /> -p 7990:7990 -p 7999:7999 \<br /> -v bitbucket:/var/atlassian/application-data/bitbucket \<br /> --restart unless-stopped \<br /> atlassian/bitbucket-server<br /> <br /> Docker Bitbucket runs with a uid and gid of 2003. To ensure they show up as a named user in the hosting system you can run:<br /> sudo addgroup --gid 2003 bitbucket-docker<br /> sudo adduser --system --no-create-home --uid 2003 --gid 2003 bitbucket-docker<br /> <br /> ==== Bamboo ====<br /> Note: In this instance Bamboo is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name bamboo<br /> sudo docker run -d --name=bamboo -e TZ=Europe/London \<br /> -p 54663:54663 -p 7970:8085 \<br /> -v bamboo:/var/atlassian/application-data/bamboo \<br /> --restart unless-stopped \<br /> atlassian/bamboo-server<br /> <br /> ===== Limitations =====<br /> * Bamboo runs with a uid of 1000, which means it's likely to clash with a real user in the containing host<br /> * Bamboo container doesn't support any reverse proxy configuration, which means hiding it behind nginx is likely to result in broken Application Links. This can be worked around by manually editing /opt/atlassian/bamboo/conf/server.xml, but those changes will be overwritten on every container upgrade.<br /> <br /> == Tips / Fixes ==<br /> <br /> === Tautulli slow to start ===<br /> This may be due to an attempt to chown a large number of files. <br /> Login to the container:<br /> sudo docker exec -it &lt;container&gt; /bin/bash<br /> Disable the chown step by editing &lt;code&gt;/etc/cont-init.d/30-config&lt;/code&gt; and commenting out the chown command.<br /> <br /> === Adding an SSL cert for Unifi ===<br /> sudo openssl pkcs12 -export -inkey /etc/ssl/bretts.org/key.pem -in /etc/ssl/bretts.org/fullchain.pem -out /tmp/cert.p12 -name unifi -password pass:temppass<br /> sudo keytool -importkeystore -deststorepass aircontrolenterprise -destkeypass aircontrolenterprise -destkeystore /var/lib/unifi/data/keystore -srckeystore /tmp/cert.p12 -srcstoretype PKCS12 -srcstorepass temppass -alias unifi -noprompt<br /> sudo docker restart unifi-controller<br /> sudo rm /tmp/cert.p12<br /> <br /> === Local DNS resolution fails on docker 18.09 ===<br /> This may be the result of a bug: https://bugs.launchpad.net/ubuntu/+source/docker.io/+bug/1820278. Normally the container's /etc/resolv.conf should mirror that of the host, but in this case it seems to just be a default version. As a workaround, create /etc/docker/daemon.json with the following contents:<br /> <br /> {<br /> &quot;dns&quot;: [&quot;192.168.1.1&quot;, &quot;8.8.8.8&quot;],<br /> &quot;dns-search&quot;: [&quot;bretts.org&quot;]<br /> }</div> Andrew https://wiki.bretts.org/index.php?title=Windows_10_Tips&diff=8564 Windows 10 Tips 2025-02-22T12:17:46Z <p>Andrew: </p> <hr /> <div>== Monitor Switcher ==<br /> https://sourceforge.net/projects/monitorswitcher/<br /> <br /> == Monitor Test Patterns ==<br /> * Limited vs. Full Range: http://www.lagom.nl/lcd-test/img/blacktest.png<br /> * Chroma Subsampling: https://www.rtings.com/images/test-materials/2017/chroma-444.png<br /> <br /> == Setup MPC-BE ==<br /> * MPC-BE: https://chamconsoft.com/cmc/forums/?w3=dmlld3RvcGljLnBocD90PTE5Nw==<br /> * madVR: https://forum.kodi.tv/showthread.php?tid=259188<br /> <br /> == Rename Network ==<br /> https://www.howtogeek.com/364291/how-to-change-or-rename-the-active-network-profile-name-in-windows-10/<br /> <br /> == Installing WSL ==<br /> https://docs.microsoft.com/en-us/windows/wsl/install-win10<br /> <br /> Note: If you see Error 0x80370102, you may need to enable virtualization in your motherboard BIOS: https://ourcodeworld.com/articles/read/1283/how-to-enable-amd-virtualization-on-the-aorus-x570-motherboard<br /> <br /> === Running rsyncd automatically (DEPRECATED) ===<br /> * Set '''RSYNC_ENABLE=true''' in ''/etc/default/rsync''<br /> * Create ''/etc/rsyncd.conf'' with the contents (for example):<br /> [users]<br /> path = /mnt/c/Users<br /> comment = Users<br /> read only = true<br /> * WSL2 virtual machines run on a separate NATed network, so we need to forward the rsync port from the real LAN to the virtual machine:<br /> netsh interface portproxy add v4tov4 listenport=873 listenaddress=0.0.0.0 connectport=873 connectaddress=127.0.0.1<br /> * Go to Settings -&gt; Update &amp; Security -&gt; Windows Security -&gt; Firewall &amp; network protection -&gt; Advanced Settings -&gt; Inbound Rules -&gt; New Rule...<br /> ** Select &quot;Port&quot;<br /> ** Set &quot;Specific local ports&quot; to 873 <br /> ** Select &quot;Allow the connection&quot;<br /> ** Select only &quot;Private&quot;<br /> ** Set the &quot;Name&quot; to &quot;rsync&quot;<br /> <br /> == Running rsyncd automatically ==<br /> * Install DeltaCopy Server from http://www.aboutmyip.com/AboutMyXApp/DeltaCopy.jsp<br /> * Add an application rule for rsync.exe in Settings -&gt; Update &amp; Security -&gt; Windows Security -&gt; Firewall &amp; network protection<br /> <br /> == Renaming networks ==<br /> https://www.ghacks.net/2021/10/25/how-to-change-network-names-on-windows-11/<br /> <br /> == Virpil CM3 Throttle ==<br /> https://www.youtube.com/watch?v=JDSk2oADsZg</div> Andrew https://wiki.bretts.org/index.php?title=Windows_10_Tips&diff=8563 Windows 10 Tips 2025-02-17T03:49:00Z <p>Andrew: </p> <hr /> <div>== Monitor Switcher ==<br /> https://sourceforge.net/projects/monitorswitcher/<br /> <br /> == Monitor Test Patterns ==<br /> * Limited vs. Full Range: http://www.lagom.nl/lcd-test/img/blacktest.png<br /> * Chroma Subsampling: https://www.rtings.com/images/test-materials/2017/chroma-444.png<br /> <br /> == Setup MPC-BE ==<br /> * MPC-BE: https://chamconsoft.com/cmc/forums/?w3=dmlld3RvcGljLnBocD90PTE5Nw==<br /> * madVR: https://forum.kodi.tv/showthread.php?tid=259188<br /> <br /> == Rename Network ==<br /> https://www.howtogeek.com/364291/how-to-change-or-rename-the-active-network-profile-name-in-windows-10/<br /> <br /> == Installing WSL ==<br /> https://docs.microsoft.com/en-us/windows/wsl/install-win10<br /> <br /> Note: If you see Error 0x80370102, you may need to enable virtualization in your motherboard BIOS: https://ourcodeworld.com/articles/read/1283/how-to-enable-amd-virtualization-on-the-aorus-x570-motherboard<br /> <br /> === Running rsyncd automatically (DEPRECATED) ===<br /> * Set '''RSYNC_ENABLE=true''' in ''/etc/default/rsync''<br /> * Create ''/etc/rsyncd.conf'' with the contents (for example):<br /> [users]<br /> path = /mnt/c/Users<br /> comment = Users<br /> read only = true<br /> * WSL2 virtual machines run on a separate NATed network, so we need to forward the rsync port from the real LAN to the virtual machine:<br /> netsh interface portproxy add v4tov4 listenport=873 listenaddress=0.0.0.0 connectport=873 connectaddress=127.0.0.1<br /> * Go to Settings -&gt; Update &amp; Security -&gt; Windows Security -&gt; Firewall &amp; network protection -&gt; Advanced Settings -&gt; Inbound Rules -&gt; New Rule...<br /> ** Select &quot;Port&quot;<br /> ** Set &quot;Specific local ports&quot; to 873 <br /> ** Select &quot;Allow the connection&quot;<br /> ** Select only &quot;Private&quot;<br /> ** Set the &quot;Name&quot; to &quot;rsync&quot;<br /> <br /> == Running rsyncd automatically ==<br /> * Install DeltaCopy Server from http://www.aboutmyip.com/AboutMyXApp/DeltaCopy.jsp<br /> * Add an application rule for rsync.exe in Settings -&gt; Update &amp; Security -&gt; Windows Security -&gt; Firewall &amp; network protection<br /> <br /> == Renaming networks ==<br /> https://www.ghacks.net/2021/10/25/how-to-change-network-names-on-windows-11/</div> Andrew https://wiki.bretts.org/index.php?title=Machine_List&diff=8562 Machine List 2025-02-07T06:46:29Z <p>Andrew: /* virginia */</p> <hr /> <div>== History ==<br /> <br /> === Pre-networking ===<br /> * (1988-1993) 8086 4.2MHz, MS-DOS 3.3<br /> * (1993-1995) 386SX 16MHz, Windows 3.1 + MS-DOS 5.0<br /> * (1995-1996) 486DX 50MHz, Windows 3.1 + MS-DOS 5.0/Windows 95<br /> <br /> === indiana ===<br /> * (1996 - 1999) Fujitsu-ICL Pentium 90, Windows 95 + Windows NT 4.0<br /> ** 1996?: +Orchid Righteous 3D<br /> <br /> === colorado === <br /> * (1999 - 2001) Homebuilt Celeron 300, Windows 98/Me/XP<br /> ** Matrox Millennium G200?<br /> * (2001 - 2002) Homebuilt Pentium 3 800, Windows XP<br /> * (2002 - 2005) Homebuilt Pentium 3 800, Mandriva Linux 8.0/9.0/10.0<br /> * (2005 - 2008) Dell Dimension 4300 (Pentium 4 1.8), Kubuntu 6.04<br /> ** 2005: +128MB Sparkle GeForce MX4000 AGP <br /> ** 2005: +Hauppauge WinTV-NOVA-T-MCE <br /> ** 2006: +Seagate Barracuda 7200.10 320GB ST3320620A<br /> ** 2006: +NEC-4570 16x DVD±RW/RAM Black <br /> * (2008 - 2010) Dell Dimension 4300 (Pentium 4 1.8), Ubuntu 8.04<br /> ** 2008: +Seagate Barracuda 7200.10 750GB SATA2 3.5&quot; <br /> ** 2008: +SATA &amp; IDE PCI Controller Card<br /> <br /> === texas ===<br /> * (2002 - 2005) Dell Dimension 4300 (Pentium 4 1.8), Windows XP<br /> ** GeForce 2 MX400?<br /> <br /> === vermont ===<br /> * (2004 - 2006) Sony Vaio TR5MP (Pentium M 1.0), Windows XP<br /> * (2006 - 2008) Sony Vaio TR5MP (Pentium M 1.0), Ubuntu 6.10/7.04/7.10/8.04<br /> <br /> === alaska ===<br /> * (2005 - 2007) Homebuilt Athlon64 3500+, Windows XP + Ubuntu 7.04 -&gt; 8.04<br /> ** Cooler Master Wave Master TAC-T01-E1C Silver All Aluminum Alloy ATX Mid Tower Computer Case<br /> ** MSI K8N Diamond<br /> ** AMD Athlon 64 3500+<br /> ** 512MB Corsair Value Select 400MHz DDR Memory Stick <br /> ** 128MB Sparkle GeForce 6600GT PCI-E <br /> ** 300Gb Maxtor DiamondMax 10 ATA/133 6L300S0<br /> ** NEC ND-3520 Silver <br /> ** 460W Akasa PaxPower Ultra Quiet <br /> ** 2006: +320GB Seagate Barracuda 7200.10 SATA2 ST3320620AS<br /> ** 2007: +Sapphire X1950PRO 512MB GDDR3 PCI-Express<br /> * (2008 - 2014) Homebuilt Core 2 Duo 3.0, Windows XP/7 + Ubuntu 8.04 -&gt; 9.10<br /> ** 2008: +Gigabyte GA P35C-DS3R, iP35 Express, S775, PCI-E(x16), DDR2/3 1066/1333/800, SATA II, SATA RAID, ATX<br /> ** 2008: +Intel Core 2 Duo E8400 2 x 3.00Ghz 6Mb Cache 1333 FSB Dual Core<br /> ** 2008: +Corsair XMS6400 4GB DDR2 (2x2GB) 800Mhz Non-ECC<br /> ** 2009: +GeForce GTX 260 Core 216<br /> ** 2012: +Samsung 830 256GB SSD<br /> * (2014 - ) Homebuilt Core i7-4770, Windows 7/10<br /> ** 2014: +Asus Z87-Plus Motherboard (Socket 1150, 4x DDR3, ATX, 2x PCI Express 3.0/2.0, 6x SATA 6.0 Gb/s, USB 3.0)<br /> ** 2014: +Intel Core i7 4770 Quad Core Retail CPU (Socket 1150, 3.40GHz, 8MB, Haswell)<br /> ** 2014: +Corsair CML16GX3M2A1600C10 Vengeance Low Profile 16GB (2x8GB) DDR3 1600 Mhz CL10 XMP<br /> ** 2014: +Sapphire R9 270X 2GB Vapor-X 1050MHz GDDR 5 PCI Express Graphics Card<br /> ** 2015: +ASUS Z87-A Motherboard<br /> ** 2015: +Cooler Master Hyper 103 92mm Fan<br /> ** 2016: +MSI GeForce GTX 970 GAMING Twin Frozr V 4GB Graphics Card (Maxwell)<br /> ** 2016: +Samsung 850 EVO 500 GB 2.5 inch Solid State Drive<br /> ** 2021: +Corsair RM650x PSU<br /> <br /> === hawaii === <br /> * (2007 - 2009) Nintendo Wii<br /> <br /> === montana ===<br /> * (2007 - ) Apple Mac Mini (Mid 2007), Mac OS X Tiger -&gt; Lion<br /> ** Core 2 Duo T7200 @ 2.0GHz<br /> ** 4GB DDR2-667 RAM<br /> ** 120GB HDD<br /> ** Intel GMA 950<br /> <br /> === pennsylvania ===<br /> * (2008 - 2012) Sony PS3<br /> <br /> === nevada ===<br /> * (2009 - 2011) Samsung NC20 (VIA Nano 1.6), Windows XP + Ubuntu 9.04 -&gt; 9.10<br /> <br /> === maine ===<br /> * (2010 - 2023) Homebuilt Core i5 750, Ubuntu 9.10/12.04/14.04/16.04/18.04/20.04/22.04<br /> ** Cooler Master ATCS 840 RC-840-KKN1-GP Black Aluminum ATX Full Tower Computer Case<br /> *** Front Case Fan failed<br /> ** Gigabyte GA-P55-UD3R LGA 1156 Intel P55 ATX Intel Motherboard<br /> ** Intel Core i5-750 Lynnfield 2.66GHz LGA 1156 95W Quad-Core Processor Model BX80605I5750<br /> ** OCZ Gold 4GB (2 x 2GB) 240-Pin DDR3 SDRAM DDR3 1333 (PC3 10666) Desktop Memory Model OCZ3G1333LV4GK<br /> ** MSI N8400GS-D256H GeForce 8400 GS 256MB 64-bit GDDR2 PCI Express 2.0 x16 HDCP Ready Video Card<br /> ** Seagate Barracuda LP ST31500541AS 1.5TB 5900 RPM SATA 3.0Gb/s 3.5&quot;<br /> ** Nexus NX-5000 R3 530W ATX12V v2.2 80 PLUS BRONZE Certified Modular Active PFC Power Supply<br /> ** 2011 onwards: +Various SATA HDDs<br /> ** 2013: +Crucial Ballistix 16GB (2x8GB) 240-pin DIMM, DDR3 PC3-12800<br /> ** 2019: +Timetec Hynix IC 16GB (2x8GB) DDR3 PC3-12800 1600 MHz Non ECC Unbuffered 1.35V/1.5V Dual Rank 240 Pin UDIMM<br /> ** 2021: +Corsair RM650 PSU<br /> ** 2021: +Cooler Master Hyper 212 CPU Fan<br /> * (2023 - ) Homebuilt Core i5 13500, Ubuntu 22.04 <br /> ** 2023: +ASRock Z790 PRO RS/D4<br /> ** 2023: +Intel Core i5-13500 Desktop Processor 14 cores (6 P-cores + 8 E-cores) <br /> ** 2023: +Corsair CMK64GX4M2E3200C16 Vengeance LPX 64GB (2 x 32GB) DDR4 3200<br /> <br /> === arizona ===<br /> * (2010 - ) Apple Macbook Air (Late 2010 13-inch), Mac OS X Snow Leopard -&gt; macOS Sierra<br /> ** Core 2 Duo SL9400 @ 1.86 GHz<br /> ** 2GB DDR3-1066 RAM<br /> ** 128GB SSD<br /> ** Nvidia GeForce 320M<br /> <br /> === dakota ===<br /> * (2012 - ) Apple Mac Mini (Mid 2011), Mac OS X Lion -&gt; macOS Sierra<br /> ** Core i5-2520M @ 2.5 GHz<br /> ** 4GB DDR3-1333 RAM<br /> ** 500GB SATA HDD<br /> ** AMD Radeon HD 6630M<br /> <br /> === router ===<br /> * (2016 - ) Homebuilt Celeron G1840, pfSense<br /> ** IN Win EM050 Matx Black Case<br /> ** MSI H97M-G43 Socket 1150 VGA DVI HDMI DisplayPort mATX Motherboard<br /> ** Intel Celeron G1840 2.80GHz Socket 1150 2MB L3 Cache<br /> ** Corsair 4GB DDR3 1333MHz Memory Module CL9(9-9-9-24) 1.5V Unbuffered Non-ECC<br /> ** Corsair Force Series LS 60GB SATA 2.5inch SSD<br /> ** 2021: +Corsair RM650 PSU<br /> <br /> === oregon ===<br /> * (2016 - ) Apple MacBook Pro (Late 2016 13-inch Touch Bar), macOS Sierra -&gt; Mojave<br /> ** Core i5-6287U @ 3.1GHz<br /> ** 16GB DDR3-2133 RAM<br /> ** 256GB PCIe SSD<br /> ** Intel Iris Graphics 550<br /> <br /> === virginia ===<br /> * (2021 - 2025) Homebuilt Ryzen 5 5600X, Windows 10<br /> ** Phanteks Evolv X Antracite Grey Case<br /> ** Gigabyte AMD Ryzen X570 AORUS PRO<br /> ** Ryzen 5 5600X @ 3.7Ghz<br /> ** Corsair Vengeance LPX Black 32GB 3600MHz 2x16GB CAS 18-22-22-42 DDR4<br /> ** NVIDIA RTX 3080 Founders Edition<br /> ** Corsair Force MP600 1TB M.2 PCIe Gen 4 NVMe SSD<br /> ** Corsair RM850 PSU<br /> ** 2021: +Samsung 980 PRO M.2 NVMe SSD 2TB<br /> * (2025 -) Homebuilt Ryzen 7 9800X3D, Windows 10<br /> ** +MSI MAG X870 Tomahawk<br /> ** +AMD Ryzen 7 9800X3D AM5 @ 4.7Ghz<br /> ** +Corsair Vengeance 64GB (2*32GB) RGB 6000 MHz CAS 30-36-36-76 DDR5<br /> ** +Corsair RM1000x Shift</div> Andrew https://wiki.bretts.org/index.php?title=Machine_List&diff=8561 Machine List 2025-02-07T02:55:51Z <p>Andrew: </p> <hr /> <div>== History ==<br /> <br /> === Pre-networking ===<br /> * (1988-1993) 8086 4.2MHz, MS-DOS 3.3<br /> * (1993-1995) 386SX 16MHz, Windows 3.1 + MS-DOS 5.0<br /> * (1995-1996) 486DX 50MHz, Windows 3.1 + MS-DOS 5.0/Windows 95<br /> <br /> === indiana ===<br /> * (1996 - 1999) Fujitsu-ICL Pentium 90, Windows 95 + Windows NT 4.0<br /> ** 1996?: +Orchid Righteous 3D<br /> <br /> === colorado === <br /> * (1999 - 2001) Homebuilt Celeron 300, Windows 98/Me/XP<br /> ** Matrox Millennium G200?<br /> * (2001 - 2002) Homebuilt Pentium 3 800, Windows XP<br /> * (2002 - 2005) Homebuilt Pentium 3 800, Mandriva Linux 8.0/9.0/10.0<br /> * (2005 - 2008) Dell Dimension 4300 (Pentium 4 1.8), Kubuntu 6.04<br /> ** 2005: +128MB Sparkle GeForce MX4000 AGP <br /> ** 2005: +Hauppauge WinTV-NOVA-T-MCE <br /> ** 2006: +Seagate Barracuda 7200.10 320GB ST3320620A<br /> ** 2006: +NEC-4570 16x DVD±RW/RAM Black <br /> * (2008 - 2010) Dell Dimension 4300 (Pentium 4 1.8), Ubuntu 8.04<br /> ** 2008: +Seagate Barracuda 7200.10 750GB SATA2 3.5&quot; <br /> ** 2008: +SATA &amp; IDE PCI Controller Card<br /> <br /> === texas ===<br /> * (2002 - 2005) Dell Dimension 4300 (Pentium 4 1.8), Windows XP<br /> ** GeForce 2 MX400?<br /> <br /> === vermont ===<br /> * (2004 - 2006) Sony Vaio TR5MP (Pentium M 1.0), Windows XP<br /> * (2006 - 2008) Sony Vaio TR5MP (Pentium M 1.0), Ubuntu 6.10/7.04/7.10/8.04<br /> <br /> === alaska ===<br /> * (2005 - 2007) Homebuilt Athlon64 3500+, Windows XP + Ubuntu 7.04 -&gt; 8.04<br /> ** Cooler Master Wave Master TAC-T01-E1C Silver All Aluminum Alloy ATX Mid Tower Computer Case<br /> ** MSI K8N Diamond<br /> ** AMD Athlon 64 3500+<br /> ** 512MB Corsair Value Select 400MHz DDR Memory Stick <br /> ** 128MB Sparkle GeForce 6600GT PCI-E <br /> ** 300Gb Maxtor DiamondMax 10 ATA/133 6L300S0<br /> ** NEC ND-3520 Silver <br /> ** 460W Akasa PaxPower Ultra Quiet <br /> ** 2006: +320GB Seagate Barracuda 7200.10 SATA2 ST3320620AS<br /> ** 2007: +Sapphire X1950PRO 512MB GDDR3 PCI-Express<br /> * (2008 - 2014) Homebuilt Core 2 Duo 3.0, Windows XP/7 + Ubuntu 8.04 -&gt; 9.10<br /> ** 2008: +Gigabyte GA P35C-DS3R, iP35 Express, S775, PCI-E(x16), DDR2/3 1066/1333/800, SATA II, SATA RAID, ATX<br /> ** 2008: +Intel Core 2 Duo E8400 2 x 3.00Ghz 6Mb Cache 1333 FSB Dual Core<br /> ** 2008: +Corsair XMS6400 4GB DDR2 (2x2GB) 800Mhz Non-ECC<br /> ** 2009: +GeForce GTX 260 Core 216<br /> ** 2012: +Samsung 830 256GB SSD<br /> * (2014 - ) Homebuilt Core i7-4770, Windows 7/10<br /> ** 2014: +Asus Z87-Plus Motherboard (Socket 1150, 4x DDR3, ATX, 2x PCI Express 3.0/2.0, 6x SATA 6.0 Gb/s, USB 3.0)<br /> ** 2014: +Intel Core i7 4770 Quad Core Retail CPU (Socket 1150, 3.40GHz, 8MB, Haswell)<br /> ** 2014: +Corsair CML16GX3M2A1600C10 Vengeance Low Profile 16GB (2x8GB) DDR3 1600 Mhz CL10 XMP<br /> ** 2014: +Sapphire R9 270X 2GB Vapor-X 1050MHz GDDR 5 PCI Express Graphics Card<br /> ** 2015: +ASUS Z87-A Motherboard<br /> ** 2015: +Cooler Master Hyper 103 92mm Fan<br /> ** 2016: +MSI GeForce GTX 970 GAMING Twin Frozr V 4GB Graphics Card (Maxwell)<br /> ** 2016: +Samsung 850 EVO 500 GB 2.5 inch Solid State Drive<br /> ** 2021: +Corsair RM650x PSU<br /> <br /> === hawaii === <br /> * (2007 - 2009) Nintendo Wii<br /> <br /> === montana ===<br /> * (2007 - ) Apple Mac Mini (Mid 2007), Mac OS X Tiger -&gt; Lion<br /> ** Core 2 Duo T7200 @ 2.0GHz<br /> ** 4GB DDR2-667 RAM<br /> ** 120GB HDD<br /> ** Intel GMA 950<br /> <br /> === pennsylvania ===<br /> * (2008 - 2012) Sony PS3<br /> <br /> === nevada ===<br /> * (2009 - 2011) Samsung NC20 (VIA Nano 1.6), Windows XP + Ubuntu 9.04 -&gt; 9.10<br /> <br /> === maine ===<br /> * (2010 - 2023) Homebuilt Core i5 750, Ubuntu 9.10/12.04/14.04/16.04/18.04/20.04/22.04<br /> ** Cooler Master ATCS 840 RC-840-KKN1-GP Black Aluminum ATX Full Tower Computer Case<br /> *** Front Case Fan failed<br /> ** Gigabyte GA-P55-UD3R LGA 1156 Intel P55 ATX Intel Motherboard<br /> ** Intel Core i5-750 Lynnfield 2.66GHz LGA 1156 95W Quad-Core Processor Model BX80605I5750<br /> ** OCZ Gold 4GB (2 x 2GB) 240-Pin DDR3 SDRAM DDR3 1333 (PC3 10666) Desktop Memory Model OCZ3G1333LV4GK<br /> ** MSI N8400GS-D256H GeForce 8400 GS 256MB 64-bit GDDR2 PCI Express 2.0 x16 HDCP Ready Video Card<br /> ** Seagate Barracuda LP ST31500541AS 1.5TB 5900 RPM SATA 3.0Gb/s 3.5&quot;<br /> ** Nexus NX-5000 R3 530W ATX12V v2.2 80 PLUS BRONZE Certified Modular Active PFC Power Supply<br /> ** 2011 onwards: +Various SATA HDDs<br /> ** 2013: +Crucial Ballistix 16GB (2x8GB) 240-pin DIMM, DDR3 PC3-12800<br /> ** 2019: +Timetec Hynix IC 16GB (2x8GB) DDR3 PC3-12800 1600 MHz Non ECC Unbuffered 1.35V/1.5V Dual Rank 240 Pin UDIMM<br /> ** 2021: +Corsair RM650 PSU<br /> ** 2021: +Cooler Master Hyper 212 CPU Fan<br /> * (2023 - ) Homebuilt Core i5 13500, Ubuntu 22.04 <br /> ** 2023: +ASRock Z790 PRO RS/D4<br /> ** 2023: +Intel Core i5-13500 Desktop Processor 14 cores (6 P-cores + 8 E-cores) <br /> ** 2023: +Corsair CMK64GX4M2E3200C16 Vengeance LPX 64GB (2 x 32GB) DDR4 3200<br /> <br /> === arizona ===<br /> * (2010 - ) Apple Macbook Air (Late 2010 13-inch), Mac OS X Snow Leopard -&gt; macOS Sierra<br /> ** Core 2 Duo SL9400 @ 1.86 GHz<br /> ** 2GB DDR3-1066 RAM<br /> ** 128GB SSD<br /> ** Nvidia GeForce 320M<br /> <br /> === dakota ===<br /> * (2012 - ) Apple Mac Mini (Mid 2011), Mac OS X Lion -&gt; macOS Sierra<br /> ** Core i5-2520M @ 2.5 GHz<br /> ** 4GB DDR3-1333 RAM<br /> ** 500GB SATA HDD<br /> ** AMD Radeon HD 6630M<br /> <br /> === router ===<br /> * (2016 - ) Homebuilt Celeron G1840, pfSense<br /> ** IN Win EM050 Matx Black Case<br /> ** MSI H97M-G43 Socket 1150 VGA DVI HDMI DisplayPort mATX Motherboard<br /> ** Intel Celeron G1840 2.80GHz Socket 1150 2MB L3 Cache<br /> ** Corsair 4GB DDR3 1333MHz Memory Module CL9(9-9-9-24) 1.5V Unbuffered Non-ECC<br /> ** Corsair Force Series LS 60GB SATA 2.5inch SSD<br /> ** 2021: +Corsair RM650 PSU<br /> <br /> === oregon ===<br /> * (2016 - ) Apple MacBook Pro (Late 2016 13-inch Touch Bar), macOS Sierra -&gt; Mojave<br /> ** Core i5-6287U @ 3.1GHz<br /> ** 16GB DDR3-2133 RAM<br /> ** 256GB PCIe SSD<br /> ** Intel Iris Graphics 550<br /> <br /> === virginia ===<br /> * (2021 - 2025) Homebuilt Ryzen 5 5600X, Windows 10<br /> ** Phanteks Evolv X Antracite Grey Case<br /> ** Gigabyte AMD Ryzen X570 AORUS PRO<br /> ** Ryzen 5 5600X @ 3.7Ghz<br /> ** Corsair Vengeance LPX Black 32GB 3600MHz 2x16GB CAS 18-22-22-42 DDR4<br /> ** NVIDIA RTX 3080 Founders Edition<br /> ** Corsair Force MP600 1TB M.2 PCIe Gen 4 NVMe SSD<br /> ** Corsair RM850 PSU<br /> * (2025 -) Homebuilt Ryzen 7 9800X3D, Windows 10<br /> ** +MSI MAG X870 Tomahawk<br /> ** +AMD Ryzen 7 9800X3D AM5 @ 4.7Ghz<br /> ** +Corsair Vengeance 64GB (2*32GB) RGB 6000 MHz CAS 30-36-36-76 DDR5<br /> ** +Corsair RM1000x Shift</div> Andrew https://wiki.bretts.org/index.php?title=Docker&diff=8560 Docker 2024-12-04T06:09:03Z <p>Andrew: /* Containers */</p> <hr /> <div>== Useful Commands ==<br /> <br /> ; docker ps -a: List all containers<br /> ; docker container inspect &lt;container&gt;: Show details of &lt;container&gt;<br /> ; docker logs &lt;container&gt;: Show logs for &lt;container&gt;<br /> ; docker exec -it &lt;container&gt; /bin/bash: Start an interactive shell in &lt;container&gt;<br /> <br /> == Updating container ==<br /> <br /> === Manually ===<br /> sudo docker pull &lt;image&gt;<br /> sudo docker stop &lt;container&gt;<br /> sudo docker rm &lt;container&gt;<br /> &lt;docker run command&gt;<br /> <br /> === Automatically ===<br /> sudo docker run --rm -v /var/run/docker.sock:/var/run/docker.sock taisun/updater --oneshot &lt;container&gt;<br /> <br /> == Containers ==<br /> <br /> === Portainer ===<br /> sudo docker run -d --name portainer \<br /> -p 8000:8000 -p 9443:9443 \<br /> -v /var/run/docker.sock:/var/run/docker.sock -v /var/lib/portainer:/data \<br /> -v /etc/ssl/bretts.org:/certs \<br /> --restart unless-stopped \<br /> portainer/portainer-ce \<br /> --sslcert /certs/fullchain.pem --sslkey /certs/key.pem<br /> <br /> === Plex ===<br /> <br /> Get your claim token: https://www.plex.tv/claim/<br /> <br /> Create the container with the claim token substituted:<br /> sudo docker run -d --name plex --network=host -e PLEX_UID=111 -e PLEX_GID=127 -e TZ=Europe/London -e PLEX_CLAIM=&lt;CLAIM_TOKEN&gt; \<br /> -v /var/lib/plexmediaserver:/config -v /srv:/srv --device=/dev/dri:/dev/dri \<br /> --restart unless-stopped \<br /> plexinc/pms-docker:plexpass<br /> <br /> === Tautulli (Plex Monitoring/Notifications) ===<br /> sudo docker run -d --name tautulli -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 8181:8181 \<br /> -v /var/lib/torrent/tautulli/config:/config -v /var/lib/plexmediaserver/Library/Logs:/logs \<br /> --restart unless-stopped \<br /> linuxserver/tautulli<br /> <br /> === Jackett (Torrent Gateway) ===<br /> sudo docker run -d --name=jackett -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 9117:9117 \<br /> -v /var/lib/torrent/jackett/config:/config -v /var/lib/torrent/jackett/downloads:/downloads \<br /> --restart unless-stopped \<br /> linuxserver/jackett<br /> <br /> === FlareSolverr (CloudFlare proxy bypass) ===<br /> sudo docker run -d --name=flaresolverr \<br /> -p 8191:8191 \<br /> -e LOG_LEVEL=info \<br /> --restart unless-stopped \<br /> ghcr.io/flaresolverr/flaresolverr:latest<br /> <br /> === Deluge ===<br /> sudo docker run -d --name deluge -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> --net=host \<br /> -v /var/lib/torrent/deluged/config:/config -v /srv/incoming/torrents/deluge:/srv/incoming/torrents/deluge \<br /> -v /etc/ssl/bretts.org:/etc/ssl/bretts.org \<br /> --restart unless-stopped \<br /> linuxserver/deluge<br /> <br /> Since user groups don't seem to apply across the docker boundary, &quot;torrent&quot; will need to be given explicit permission to the private key file via an ACL:<br /> setfacl -m &quot;u:torrent:rw&quot; /etc/ssl/bretts.org/key.pem<br /> <br /> === Radarr (Movie Downloads) ===<br /> sudo docker run -d --name radarr -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 7878:7878 \<br /> -v /var/lib/torrent/radarr/config:/config -v /srv/videos/programs/movies:/movies -v /srv/incoming/torrents/deluge:/downloads \<br /> --restart unless-stopped \<br /> linuxserver/radarr<br /> <br /> === Sonarr (TV Downloads) ===<br /> sudo docker run -d --name=sonarr -e PUID=127 -e PGID=138 -e TZ=Europe/London \<br /> -p 8989:8989 \<br /> -v /var/lib/torrent/sonarr/config:/config -v /srv/videos/programs/tv:/tv -v /srv/incoming/torrents/deluge:/downloads \<br /> --restart unless-stopped \<br /> linuxserver/sonarr<br /> <br /> === Unifi ===<br /> sudo docker run -d --name=unifi-controller -e PUID=140 -e PGID=150 \<br /> -p 3478:3478/udp -p 10001:10001/udp -p 18080:18080 -p 18081:18081 -p 18443:18443 -p 18880:18880 -p 6789:6789 \<br /> -v /var/lib/unifi:/config \<br /> --restart unless-stopped \<br /> linuxserver/unifi-controller<br /> <br /> === Home-Assistant (as part of host network) ===<br /> sudo docker run -d --name=home-assistant -e TZ=Europe/London \<br /> --net=host \<br /> -v /var/lib/home-assistant/config:/config -v /srv:/media -v /etc/ssl/bretts.org:/etc/ssl/bretts.org -v /var/www/html/arlo-snapshots:/arlo-snapshots \<br /> --restart unless-stopped \<br /> homeassistant/home-assistant<br /> <br /> === Stash ===<br /> sudo docker run -d --name stash \<br /> -e STASH_GENERATED=/generated/ -e STASH_METADATA=/metadata/ -e STASH_CACHE=/cache/ \<br /> -e STASH_STASH=/data/ \<br /> -p 9999:9999 \<br /> -v /var/lib/stash:/root/.stash -v /var/lib/stash/metadata:/metadata -v /var/lib/stash/cache:/cache -v /var/lib/stash/blobs:/blobs -v /var/lib/stash/generated:/generated \<br /> -v /var/lib/stash/data:/data -v /srv/porn:/srv/porn -v /srv/incoming/torrents/deluge/porn:/srv/incoming/torrents/deluge/porn \<br /> -v /etc/localtime:/etc/localtime:ro \<br /> --restart unless-stopped \<br /> stashapp/stash<br /> <br /> === Atlassian ===<br /> <br /> ==== JIRA ====<br /> Note: In this instance JIRA is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name jira<br /> sudo docker run -d --name=jira -e TZ=Europe/London \<br /> -e ATL_TOMCAT_SCHEME=https -e ATL_TOMCAT_SECURE=true -e ATL_PROXY_NAME=jira.bretts.org -e ATL_PROXY_PORT=443 \<br /> -p 7980:8080 \<br /> -v jira:/var/atlassian/application-data/jira \<br /> --restart unless-stopped \<br /> atlassian/jira-software<br /> <br /> Docker JIRA runs with a uid and gid of 2001. To ensure they show up as a named user in the hosting system you can run:<br /> sudo addgroup --gid 2001 jira-docker<br /> sudo adduser --system --no-create-home --uid 2001 --gid 2001 jira-docker<br /> <br /> ==== Bitbucket====<br /> Note: In this instance Bitbucket is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name bitbucket<br /> sudo docker run -d --name=bitbucket -e TZ=Europe/London \<br /> -e SERVER_SCHEME=https -e SERVER_SECURE=true -e SERVER_PROXY_NAME=bitbucket.bretts.org -e SERVER_PROXY_PORT=443 \<br /> -p 7990:7990 -p 7999:7999 \<br /> -v bitbucket:/var/atlassian/application-data/bitbucket \<br /> --restart unless-stopped \<br /> atlassian/bitbucket-server<br /> <br /> Docker Bitbucket runs with a uid and gid of 2003. To ensure they show up as a named user in the hosting system you can run:<br /> sudo addgroup --gid 2003 bitbucket-docker<br /> sudo adduser --system --no-create-home --uid 2003 --gid 2003 bitbucket-docker<br /> <br /> ==== Bamboo ====<br /> Note: In this instance Bamboo is configured (with `-v`) using a named volume, rather than a bind mount<br /> sudo docker volume create --name bamboo<br /> sudo docker run -d --name=bamboo -e TZ=Europe/London \<br /> -p 54663:54663 -p 7970:8085 \<br /> -v bamboo:/var/atlassian/application-data/bamboo \<br /> --restart unless-stopped \<br /> atlassian/bamboo-server<br /> <br /> ===== Limitations =====<br /> * Bamboo runs with a uid of 1000, which means it's likely to clash with a real user in the containing host<br /> * Bamboo container doesn't support any reverse proxy configuration, which means hiding it behind nginx is likely to result in broken Application Links. This can be worked around by manually editing /opt/atlassian/bamboo/conf/server.xml, but those changes will be overwritten on every container upgrade.<br /> <br /> == Tips / Fixes ==<br /> <br /> === Tautulli slow to start ===<br /> This may be due to an attempt to chown a large number of files. <br /> Login to the container:<br /> sudo docker exec -it &lt;container&gt; /bin/bash<br /> Disable the chown step by editing &lt;code&gt;/etc/cont-init.d/30-config&lt;/code&gt; and commenting out the chown command.<br /> <br /> === Adding an SSL cert for Unifi ===<br /> sudo openssl pkcs12 -export -inkey /etc/ssl/bretts.org/key.pem -in /etc/ssl/bretts.org/fullchain.pem -out /tmp/cert.p12 -name unifi -password pass:temppass<br /> sudo keytool -importkeystore -deststorepass aircontrolenterprise -destkeypass aircontrolenterprise -destkeystore /var/lib/unifi/data/keystore -srckeystore /tmp/cert.p12 -srcstoretype PKCS12 -srcstorepass temppass -alias unifi -noprompt<br /> sudo docker restart unifi-controller<br /> sudo rm /tmp/cert.p12<br /> <br /> === Local DNS resolution fails on docker 18.09 ===<br /> This may be the result of a bug: https://bugs.launchpad.net/ubuntu/+source/docker.io/+bug/1820278. Normally the container's /etc/resolv.conf should mirror that of the host, but in this case it seems to just be a default version. As a workaround, create /etc/docker/daemon.json with the following contents:<br /> <br /> {<br /> &quot;dns&quot;: [&quot;192.168.1.1&quot;, &quot;8.8.8.8&quot;],<br /> &quot;dns-search&quot;: [&quot;bretts.org&quot;]<br /> }</div> Andrew