Docker Consolidation Project, Part Two

Docker Consolidation Project, Part Two
Photo by Mohammad Rahmani / Unsplash

I'm picking up from yesterday by starting to build a dedicated virtual machine for Docker.

Create Dedicated Docker Application Server

Steps taken on HV-03 via Windows Admin Center

  • I navigate to Virtual Machines
  • I click on Add then New
    • Name: DOCKER-01
    • Generation: 2 Recommended)
    • Virtual Processors: 8
    • Memory: 32GB
    • Network: Default External Switch
    • Create an empty virtual hard disk
      • Size (GB): 200
    • Install an operating system later
    • I click Create
  • I select DOCKER-01
  • I click on Settings
  • I navigate to Disks
    • I click Add Disk
    • I select Use an existing virtual hard disk or ISO image file
    • I browse to c:\Images\Debian\debian-12.1.0-amd64-netinst.iso
    • I click Save disk settings
  • I go to Boot Order
    • DVD
    • Hard Disk
    • Network adapter
    • I click Save boot order
  • I move to Security
    • Enable Secure Boot: Yes
    • Template: Microsoft UEFI Certificate Authority
    • Enable Trusted Platform Module: Yes
    • I click Save security settings
  • I click Close
  • I click on Power then Start

Steps performed on DC-02 via Windows Admin Center

  • I navigate to DNS
  • I click on domain.local
  • I click on Create a new DNS record
    • DNS record type: HOST (A)
    • Record name: DOCKER1
    • FQDN: DOCKER1.domain.local
    • IP Address: 10.10.10.XXX
    • Time to live: 3600
    • I click Create

Install Operating System

Steps performed on DOCKER-01

  • I select Install
  • Select a language: English
  • Select your location: United States
  • Configure the keyboard: American English
  • Hostname: DOCKER-01
  • Domain name: domain.local
  • I save my root password
  • Full name for the new user: david
  • I save my david password
  • Select your time zone: Eastern
  • Partitioning method: Guided - use entire disk
  • Partitioning scheme: All files in one partition
  • Finish partitioning and write changes to disk? Yes
  • Scan extra installation media: no
  • Debian archive mirror country: United States
  • Debian archive mirror: deb.debian.org
  • Participate in the package usage survey? yes
  • Choose software to install:
    • SSH server
    • Standard system utilities
  • I select Continue
  • I remove the Debian ISO and reboot

Configure the Operating System

Configure Sudo

Steps performed on DOCKER-01 via console

  • apt install sudo
  • /sbin/adduser david sudo

Configure Network

Steps performed on DOCKER-01 via console

  • nano /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
allow-hotplug eth0
iface eth0 inet static
address 10.10.10.XXX
gateway 10.10.10.254
netmask 255.255.255.0
  • I save the file interfaces
  • systemctl restart networking

Configure SSH Key

Steps performed on desktop via Windows Terminal

  • ssh-keygen -t ed25519
  • Move-Item -Path c:\Users\david\filename* -Destination c:\Users\david\.ssh -Force
  • I open the Windows Terminal Settings
  • I open the JSON file and add the following:
            {
                "colorScheme": "Ubuntu-ColorScheme",
                "commandline": "ssh -i \"~/.ssh/DOCKER-01\" [email protected]",
                "experimental.retroTerminalEffect": false,
                "font": 
                {
                    "face": "Cascadia Code"
                },
                "guid": "{0caa0dad-35be-5f56-a8ff-XXXXXXXXXXXX}",
                "hidden": false,
                "name": "DOCKER-01",
                "tabTitle": "DOCKER-01"
            },
  • I verify the GUID is unique and save the JSON file

Configure SSH

Steps performed on DOCKER-01

  • mkdir /home/david/.ssh
  • nano /home/david/.ssh/authorized_keys
  • I paste in the public key and save authorized_keys
  • chmod 600 /home/david/.ssh/authorized_keys
  • sudo nano /etc/ssh/sshd_config
    • PermitRootLogin no
    • PubkeyAuthentication yes
    • PubkeyAcceptedKeyTypes ssh-ed25519
    • PasswordAuthentication no
    • AuthorizedKeysFile /home/david/.ssh/authorized_keys
  • I save the file sshd_config
  • sudo sshd -t
  • sudo systemctl restart ssh

Configure Docker

Steps performed on DOCKER-01

  • sudo apt install docker
  • sudo apt install docker-compose
  • sudo mkdir /apps/
  • cd /apps

Migrate Actual Budget

So I had installed Actual Budget directly to the hosting virtual machine instead of in Docker because I missed a silly little button. It should be pretty easy to bring it up in a container and then migrate the data over.

Install Actual Budget

Steps performed on DOCKER-01

  • sudo mkdir /apps/Actual-Budget
  • cd /apps/Actual-Budget
  • sudo nano docker-compose.yml
version: '3'
services:
  actual_server:
    image: docker.io/actualbudget/actual-server:latest
    ports:
      # This line makes Actual available at port 5006 of the device you run the server on,
      # i.e. http://localhost:5006. You can change the first number to change the port, if you want.
      - '5006:5006'
    environment:
      # Uncomment any of the lines below to set configuration options.
      # - ACTUAL_HTTPS_KEY=/data/selfhost.key
      # - ACTUAL_HTTPS_CERT=/data/selfhost.crt
      - ACTUAL_UPLOAD_FILE_SYNC_SIZE_LIMIT_MB=20
      - ACTUAL_UPLOAD_SYNC_ENCRYPTED_FILE_SYNC_SIZE_LIMIT_MB=50
      - ACTUAL_UPLOAD_FILE_SIZE_LIMIT_MB=20
      # See all options and more details at http://actualbudget.github.io/docs/Installing/Configuration
      # !! If you are not using any of these options, remove the 'environment:' tag entirely.
    volumes:
      # Change './actual-data' below to the path to the folder you want Actual to store its data in on your server.
      # '/data' is the path Actual will look for its files in by default, so leave that as-is.
      - ./actual-data:/data
    restart: unless-stopped
  • I save the file docker-compose.yml
  • sudo docker-compose pull
  • sudo docker-compose up -d

Migrate Actual Budget's Data

I was able to export and then import the Actual Budget data from ACTUAL-01 to DOCKER-01 successfully.

Decommission ACTUAL-01

Steps performed on ACTUAL-01

  • sudo shutdown now

Steps taken from HV-03 via Windows Admin Center

  • I navigate to Virtual Machines
  • I select Actual-01
  • I click on Manage then Delete
  • I choose the option Delete all virtual disks

Steps taken from DC-02 via Windows Admin Center

  • I navigate to DNS
  • I click on domain.local
  • I select ACTUAL.domain.local and click Edit
  • I change the IP Address to DOCKER-01's IP address

Steps taken from desktop

  • I delete the ACTUAL-01 SSH key files
  • I remove ACTUAL-01 from Windows Terminal's JSON file

Migrate FileRun

I haven't touched FileRun is a long long time. The app isn't even running. It looks like it exited again.

Steps performed on FILERUN-01

  • sudo apt update
  • sudo apt upgrade

When I go to restart the FileRun app it is just failing. This was just a test to begin with and held no real data. Since it's so widely out of date maybe I should just nuke it and start fresh.

Well when I go to FileRun's webpage the free version is no longer available to new users. So much for a fresh install. I reboot FILERUN-01 and afterwards FILERUN does come back online. But it looks like I can't update it at all. I guess if I want to look into this sort of project again in the future I'll have to find some other software. But for right now that means I can just decommission FileRun and reclaim these resources.

Decommission FILERUN-01

Steps performed on FILERUN-01

  • sudo shutdown now

Steps performed on HV-03 via Windows Admin Center

  • I navigate to Virtual Machines
  • I select FILERUN-01
  • I click on Manage then Delete
  • I choose the option Delete all virtual disks

Steps taken from DC-02 via Windows Admin Center

  • I navigate to DNS
  • I click on domain.local
  • I select FILERUN.domain.local and click Delete

Steps taken from desktop

  • I delete the FILERUN-01 SSH key files
  • I remove the entry from Windows Terminal JSON file

That's all the time I have for today, so I'll start back up and move some more applications tomorrow.