Our great sponsors
|19 days ago||6 days ago|
|MIT License||zlib License|
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Can't get WGET -O to Download from GitHub
2 projects | reddit.com/r/sysadmin | 16 Mar 2023
I cannot download the file onto the machine because i am doing it with a play-with-docker.com instance online so no direct access to the machine.
All about Docker Part 1
2 projects | dev.to | 18 May 2022
Maybe you don't have local admin, or maybe your machine doesn't have enough resources. Well, the best free option here is to use play-with-docker.com, which will run one or more Docker instances inside your browser, and give you a terminal to use it with. You can create multiple machines on it, and even use the URL to share the session with others in a sort of collaborative experience. I highly recommend you check it out. Most of the lectures in this course can be used with "PWD", but the big limitation is it'll reset after 4 hours, at which time it'll delete your servers.
Can any Hetzner user, please explain there workflow on Hetzner?
13 projects | news.ycombinator.com | 22 Mar 2023
I use Hetzner, Contabo, Time4VPS and other platforms in pretty much the same way (as IaaS VPS providers on top of which I run software, as opposed to SaaS/PaaS), but here's a quick glance at how I do things.
> deploy from source repo? Terraform?
Personally, I use Gitea for my repos and Drone CI for CI/CD.
Drone CI: https://www.drone.io/
Some might prefer Woodpecker due to licensing: https://woodpecker-ci.org/ but honestly most solutions out there are okay, even Jenkins.
Then I have some sort of a container cluster on the servers, so I can easily deploy things: I still like Docker Swarm (projects like CapRover might be nice to look at as well), though many might enjoy the likes of K3s or K0s more (lightweight Kubernetes clusters).
Docker Swarm: https://docs.docker.com/engine/swarm/ (uses the Compose spec for manifests)
K0s: https://k0sproject.io/ though MicroK8s and others are also okay.
I also like having something like Portainer to have a GUI to manage the clusters: https://www.portainer.io/ for Kubernetes Rancher might offer more features, but will have a higher footprint
It even supports webhooks, so I can do a POST request at the end of a CI run and the cluster will automatically pull and launch the latest tagged version of my apps: https://docs.portainer.io/user/docker/services/webhooks
> keep software up to date? ex: Postgres, OS
I build my own base container images and rebuild them (with recent package versions) on a regular basis, which is automatically scheduled: https://blog.kronis.dev/articles/using-ubuntu-as-the-base-fo...
Drone CI makes this easy to have happen in the background, as long as I don't update across major versions, or Maven decides to release a new version and remove their old version .tar.gz archives from the downloads site for some reason, breaking my builds and making me update the URL: https://docs.drone.io/cron/
Some images like databases etc. I just proxy to my Nexus instance, version upgrades are relatively painless most of the time, at least as long as I've set up the persistent data directories correctly.
> do load balancing? built-in load balancer?
This is a bit more tricky. I use Apache2 with mod_md to get Let's Encrypt certificates and Docker Swarm networking for directing the incoming traffic across the services: https://blog.kronis.dev/tutorials/how-and-why-to-use-apache-...
Some might prefer Caddy, which is another great web server with automatic HTTPS: https://caddyserver.com/ but the Apache modules do pretty much everything I need and the performance has never actually been too bad for my needs. Up until now, applications themselves have always been the bottleneck, actually working on a blog post about comparing some web servers in real world circumstances.
However, making things a bit more failure resilient might involve just paying Hetzner (in this case) to give you a load balancer: https://www.hetzner.com/cloud/load-balancer which will make everything less painless once you need to scale.
Why? Because doing round robin DNS with the ACME certificate directory accessible and synchronized across multiple servers is a nuisance, although servers like Caddy attempt to get this working: https://caddyserver.com/docs/automatic-https#storage You could also get DNS-01 challenges working, but that needs even more work and integration with setting up TXT records. Even if you have multiple servers for resiliency, not all clients would try all of the IP addresses if one of the servers is down, although browsers should: https://webmasters.stackexchange.com/a/12704
So if you care about HTTPS certificates and want to do it yourself with multiple servers having the same hostname, you'll either need to get DNS-01 working, do some messing around with shared directories (which may or may not actually work), or will just need to get a regular commercial cert that you'd manually propagate to all of the web servers.
From there on out it should be a regular reverse proxy setup, in my case Docker Swarm takes care of the service discovery (hostnames that I can access).
> handle scaling? Terraform?
None, I manually provision how many nodes I need, mostly because I'm too broke to hand over my wallet to automation.
They have an API that you or someone else could probably hook up: https://docs.hetzner.cloud/
> automate backups? ex: databases, storage. Do you use provided backups and snapshots?
I use bind mounts for all of my containers for persistent storage, so the data is accessible on the host directly.
Then I use something like BackupPC to connect to those servers (SSH/rsync) and pull data to my own backup node, which then compresses and deduplicates the data: https://backuppc.github.io/backuppc/
It was a pain to setup, but it works really well and has saved my hide dozens of times. Some might enjoy Bacula more: https://www.bacula.org/
> maintain security? built-in firewall and DDoS protection?
I personally use Apache2 with ModSecurity and the OWASP ruleset, to act as a lightweight WAF: https://owasp.org/www-project-modsecurity-core-rule-set/
You might want to just cave in and go with Cloudflare for the most part, though: https://www.cloudflare.com/waf/
6 projects | reddit.com/r/selfhosted | 20 Mar 2023
There’s an option to make that yellow upgrade button more subtle in 2.17.1. https://github.com/portainer/portainer/issues/8517
Fedora Server 37 .service file question.
2 projects | reddit.com/r/Fedora | 17 Mar 2023
if you need a visual way to understand this, try portainer (https://www.portainer.io/). the community edition is free
What do you think about Portainer?
4 projects | reddit.com/r/selfhosted | 10 Mar 2023
Upgrading to Business Edition from the banner keeps throwing "Failure image portainer/portainer-ee:2.17.1 not found on registry". I checked my Docker Hub credentials and token and that seems to be okay. Is anyone else running into this problem or have any ideas? I'm running Docker on Synology.
2 projects | reddit.com/r/portainer | 8 Mar 2023
FWIW, upgrading my Synology installation manually "worked," but then I ran into known issue #8461 and had to roll back to CE. Unfortunately, when attempting to roll back the database as described here, it resulted in "failed rolling back to CE | error='object not found inside the database'". Replaced the DB with a backup, fired up the CE container, and all is well, albeit with a fair amount of time lost in troubleshooting and rolling back. Hope this gets sorted out soon.2 projects | reddit.com/r/portainer | 8 Mar 2023
We're aware of some issues with the in-app upgrade on Synology platforms at the moment and have an internal issue open around this. We're tracking this in our Github issues and in the meantime you can do a manual upgrade - have a look at our documentation for info on this.
POLL: How do you install applications?
2 projects | reddit.com/r/Fedora | 8 Mar 2023
If an app can be installed through the Store, I'll do it in the Store. Only if it's unvailable that way, will I use the terminal. An example I'd use the terminal with, would be OpenSnitch. I also use the GUI for docker, with Portainer as a frontend.
What feature are you most excited about in 2.17?
2 projects | reddit.com/r/portainer | 2 Mar 2023
There's an option to make this more subtle in 2.17.1. https://github.com/portainer/portainer/issues/85172 projects | reddit.com/r/portainer | 2 Mar 2023
Without being too cheeky, it certainly isn't the new ads that are implemented for BE upselling: https://github.com/portainer/portainer/issues/8452
I just learned: Docker edits firewall rules for you
3 projects | news.ycombinator.com | 19 Feb 2023
Docker is certainly not marketed that way & even the majority of tutorials / if not all on Digital ocean or similar sites don't misguide you into doing this. It is clearly not marketed as "usable without reading docs" and even though people using it as a tool to deploy prebuilt software without learning its configuration, this doesn't apply to the docker commands itself.
If https://www.portainer.io/ would do this __implicitly__, your argument would be more valid. But for the docker command-line it's a bit too far-fetched.
What are some alternatives?
Yacht - A web interface for managing docker containers with an emphasis on templating to provide 1 click deployments. Think of it like a decentralized app store for servers that anyone can make packages for.
swarmpit - Lightweight mobile-friendly Docker Swarm management UI
podman - Podman: A tool for managing OCI containers and pods.
OpenMediaVault - openmediavault is the next generation network attached storage (NAS) solution based on Debian Linux. It contains services like SSH, (S)FTP, SMB/CIFS, DAAP media server, RSync, BitTorrent client and many more. Thanks to the modular design of the framework it can be enhanced via plugins. OpenMediaVault is primarily designed to be used in home environments or small home offices, but is not limited to those scenarios. It is a simple and easy to use out-of-the-box solution that will allow everyone to install and administrate a Network Attached Storage without deeper knowledge.
podman-compose - a script to run docker-compose.yml using podman
octoprint-docker - The dockerized snappy web interface for your 3D printer!
authelia - The Single Sign-On Multi-Factor portal for web apps
Docker Compose - Define and run multi-container applications with Docker
rancher - Complete container management platform
Harbor - An open source trusted cloud native registry project that stores, signs, and scans content.
homer - A very simple static homepage for your server.
watchtower - A process for automating Docker container base image updates.