Docker Consolidation Project, Part Two
I'm picking up from yesterday by starting to build a dedicated virtual machine for Docker.
Create Dedicated Docker Application Server
Steps taken on HV-03 via Windows Admin Center
- I navigate to
Virtual Machines
- I click on
Add
thenNew
- Name:
DOCKER-01
- Generation:
2 Recommended)
- Virtual Processors:
8
- Memory:
32GB
- Network:
Default External Switch
Create an empty virtual hard disk
- Size (GB):
200
- Size (GB):
Install an operating system later
- I click
Create
- Name:
- I select
DOCKER-01
- I click on
Settings
- I navigate to
Disks
- I click
Add Disk
- I select
Use an existing virtual hard disk or ISO image file
- I browse to
c:\Images\Debian\debian-12.1.0-amd64-netinst.iso
- I click
Save disk settings
- I click
- I go to
Boot Order
DVD
Hard Disk
Network adapter
- I click
Save boot order
- I move to
Security
- Enable Secure Boot:
Yes
- Template:
Microsoft UEFI Certificate Authority
- Enable Trusted Platform Module:
Yes
- I click
Save security settings
- Enable Secure Boot:
- I click
Close
- I click on
Power
thenStart
Steps performed on DC-02 via Windows Admin Center
- I navigate to
DNS
- I click on
domain.local
- I click on
Create a new DNS record
- DNS record type:
HOST (A)
- Record name:
DOCKER1
- FQDN:
DOCKER1.domain.local
- IP Address:
10.10.10.XXX
- Time to live:
3600
- I click
Create
- DNS record type:
Install Operating System
Steps performed on DOCKER-01
- I select
Install
- Select a language:
English
- Select your location:
United States
- Configure the keyboard:
American English
- Hostname:
DOCKER-01
- Domain name:
domain.local
- I save my
root
password - Full name for the new user:
david
- I save my
david
password - Select your time zone:
Eastern
- Partitioning method:
Guided - use entire disk
- Partitioning scheme:
All files in one partition
- Finish partitioning and write changes to disk?
Yes
- Scan extra installation media:
no
- Debian archive mirror country:
United States
- Debian archive mirror:
deb.debian.org
- Participate in the package usage survey?
yes
- Choose software to install:
SSH server
Standard system utilities
- I select
Continue
- I remove the Debian ISO and reboot
Configure the Operating System
Configure Sudo
Steps performed on DOCKER-01 via console
apt install sudo
/sbin/adduser david sudo
Configure Network
Steps performed on DOCKER-01 via console
nano /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
source /etc/network/interfaces.d/*
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
allow-hotplug eth0
iface eth0 inet static
address 10.10.10.XXX
gateway 10.10.10.254
netmask 255.255.255.0
- I save the file
interfaces
systemctl restart networking
Configure SSH Key
Steps performed on desktop via Windows Terminal
ssh-keygen -t ed25519
Move-Item -Path c:\Users\david\filename* -Destination c:\Users\david\.ssh -Force
- I open the Windows Terminal
Settings
- I open the
JSON
file and add the following:
{
"colorScheme": "Ubuntu-ColorScheme",
"commandline": "ssh -i \"~/.ssh/DOCKER-01\" [email protected]",
"experimental.retroTerminalEffect": false,
"font":
{
"face": "Cascadia Code"
},
"guid": "{0caa0dad-35be-5f56-a8ff-XXXXXXXXXXXX}",
"hidden": false,
"name": "DOCKER-01",
"tabTitle": "DOCKER-01"
},
- I verify the
GUID
is unique and save theJSON
file
Configure SSH
Steps performed on DOCKER-01
mkdir /home/david/.ssh
nano /home/david/.ssh/authorized_keys
- I paste in the public key and save
authorized_keys
chmod 600 /home/david/.ssh/authorized_keys
sudo nano /etc/ssh/sshd_config
PermitRootLogin no
PubkeyAuthentication yes
PubkeyAcceptedKeyTypes ssh-ed25519
PasswordAuthentication no
AuthorizedKeysFile /home/david/.ssh/authorized_keys
- I save the file
sshd_config
sudo sshd -t
sudo systemctl restart ssh
Configure Docker
Steps performed on DOCKER-01
sudo apt install docker
sudo apt install docker-compose
sudo mkdir /apps/
cd /apps
Migrate Actual Budget
So I had installed Actual Budget directly to the hosting virtual machine instead of in Docker because I missed a silly little button. It should be pretty easy to bring it up in a container and then migrate the data over.
Install Actual Budget
Steps performed on DOCKER-01
sudo mkdir /apps/Actual-Budget
cd /apps/Actual-Budget
sudo nano docker-compose.yml
version: '3'
services:
actual_server:
image: docker.io/actualbudget/actual-server:latest
ports:
# This line makes Actual available at port 5006 of the device you run the server on,
# i.e. http://localhost:5006. You can change the first number to change the port, if you want.
- '5006:5006'
environment:
# Uncomment any of the lines below to set configuration options.
# - ACTUAL_HTTPS_KEY=/data/selfhost.key
# - ACTUAL_HTTPS_CERT=/data/selfhost.crt
- ACTUAL_UPLOAD_FILE_SYNC_SIZE_LIMIT_MB=20
- ACTUAL_UPLOAD_SYNC_ENCRYPTED_FILE_SYNC_SIZE_LIMIT_MB=50
- ACTUAL_UPLOAD_FILE_SIZE_LIMIT_MB=20
# See all options and more details at http://actualbudget.github.io/docs/Installing/Configuration
# !! If you are not using any of these options, remove the 'environment:' tag entirely.
volumes:
# Change './actual-data' below to the path to the folder you want Actual to store its data in on your server.
# '/data' is the path Actual will look for its files in by default, so leave that as-is.
- ./actual-data:/data
restart: unless-stopped
- I save the file
docker-compose.yml
sudo docker-compose pull
sudo docker-compose up -d
Migrate Actual Budget's Data
I was able to export and then import the Actual Budget data from ACTUAL-01 to DOCKER-01 successfully.
Decommission ACTUAL-01
Steps performed on ACTUAL-01
sudo shutdown now
Steps taken from HV-03 via Windows Admin Center
- I navigate to
Virtual Machines
- I select
Actual-01
- I click on
Manage
thenDelete
- I choose the option
Delete all virtual disks
Steps taken from DC-02 via Windows Admin Center
- I navigate to
DNS
- I click on
domain.local
- I select
ACTUAL.domain.local
and clickEdit
- I change the
IP Address
toDOCKER-01
's IP address
Steps taken from desktop
- I delete the
ACTUAL-01
SSH key files - I remove
ACTUAL-01
from Windows Terminal'sJSON
file
Migrate FileRun
I haven't touched FileRun is a long long time. The app isn't even running. It looks like it exited again.
Steps performed on FILERUN-01
sudo apt update
sudo apt upgrade
When I go to restart the FileRun app it is just failing. This was just a test to begin with and held no real data. Since it's so widely out of date maybe I should just nuke it and start fresh.
Well when I go to FileRun's webpage the free version is no longer available to new users. So much for a fresh install. I reboot FILERUN-01 and afterwards FILERUN does come back online. But it looks like I can't update it at all. I guess if I want to look into this sort of project again in the future I'll have to find some other software. But for right now that means I can just decommission FileRun and reclaim these resources.
Decommission FILERUN-01
Steps performed on FILERUN-01
sudo shutdown now
Steps performed on HV-03 via Windows Admin Center
- I navigate to
Virtual Machines
- I select
FILERUN-01
- I click on
Manage
thenDelete
- I choose the option
Delete all virtual disks
Steps taken from DC-02 via Windows Admin Center
- I navigate to
DNS
- I click on
domain.local
- I select
FILERUN.domain.local
and clickDelete
Steps taken from desktop
- I delete the
FILERUN-01
SSH key files - I remove the entry from Windows Terminal
JSON
file
That's all the time I have for today, so I'll start back up and move some more applications tomorrow.