Recommended Docker Images


whoami

This is a great simple container for troubleshooting network connectivity. Once started it will give you a webserver that will reply with header info or using get vars for things like /data?size=1&unit=MB or ?wait=5s

docker run -d --name=whoami -p 80:80 containous/whoami
version: "3.8"
services:
  whoami:
    image: containous/whoami:latest
    ports:
      - "80:80"

iperf3

networkstatic/iperf3
iperf3 is a great container to leave running to do point to point bandwidth tests on a network

docker run -d --name=iperf3-server -p 5201:5201 networkstatic/iperf3 -s

Then from any other machine in the LAN you can max speed test to this one with:

iperf3 -c hostname.example.com

And you will get results that look like:

[ 4] 0.00-10.00 sec 2.80 GBytes 2.40 Gbits/sec sender

OpenSpeedTest

https://openspeedtest.com/

Don’t want to have to install iperf3 on both the server and client-side to get speed results? OpenSpeedTest is an in-browser client that can get you download/upload speeds.

docker run --restart=unless-stopped --name=openspeedtest -d -p 7777:3000 openspeedtest/latest
This is a LAN server with 10G ethernet, showing a bottleneck at 4.5G

Portainer

Portainer is a great web interface that lets you control docker

docker volume create portainer_data #otherwise you get some random named volume
docker run -d -p 8000:8000 -p 9000:9000 --name=portainer --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer-ce

Then access it with http://localhost:9000

SMTP Relay to Amazon SES

Many services have trouble talking to well-secured SMTP servers like Amazon SES. A relay is a nice way to allow those devices or services to talk to a simpler server that will then forward it to SES.

docker run -d -p 25:25 --name smtp-to-ses-relay --restart=always -e SMTP_USERNAME=abcdefgh -e SMTP_PASSWORD=123abc -e AWS_REGION=us-west-2 building5/ses-relay:latest
version: "3.8"
services:
  ses-relay:
    image: building5/ses-relay:latest
    environment:
      SMTP_USERNAME: ABCD1EFGHI2JK3LMNOPQ
      SMTP_PASSWORD: abcDefgHi1jK2aAAAAaAAAa3AaaAAAABCDefg3hij4K
      AWS_REGION: us-west-2
    ports:
      - "25:25"

Splunk

https://github.com/splunk/docker-splunk

This is a great log analyzer that lets you load in any text logs and search for patterns or create dashboards.

By default, when you create a Splunk Docker container, it will enable a Splunk Trial license which is good for 30 days from the start of your instance.

  • 500MB/day log ingest
  • Allowed 3 license violations in last 30 days (you can ingest any amount of data in 24h)
  • 30 Day Trial, can register to get to Splunk Free license
    • no alerting/monitoring
    • no users
    • no report clustering
docker run -d -p 8000:8000 -e "SPLUNK_START_ARGS=--accept-license" -e "SPLUNK_PASSWORD=<password>" --name splunk splunk/splunk:latest

Uses ~3GB of memory and a constant 5% cpu idling. It also will spike its CPU when the container is left alone for a long time.

Privatebin

https://hub.docker.com/r/privatebin/nginx-fpm-alpine

PrivateBin is a minimalist, open-source online pastebin where the server has zero knowledge of pasted data. Data is encrypted and decrypted in the browser using 256bit AES in Galois Counter mode.

version: '3'
services:
  app:
    image: 'privatebin/nginx-fpm-alpine:latest'
    read_only: true #for security
    ports:
      - '8080:8080'
    volumes:
      - /mnt/content-ebs/privatebin/data:/srv/data
      - /mnt/content-ebs/privatebin/conf.php:/srv/cfg/conf.php

Copy a config from https://raw.githubusercontent.com/PrivateBin/PrivateBin/master/cfg/conf.sample.php as conf.php

(idles at 20mb memory usage with 0% cpu)

PHP

Is a pain. The default docker images are too bare bones with the expectation you will build your own. Apache+PHP is much easier to build but nginx+PHP-FPM is still doable. I like to avoid all HTTPS/SSL in this container and instead use something like docker-router to handle certificate generation. I recommend using a major version tag instead of :latest as going from PHP 7 to 8 can be a bump as I expect PHP 9 will be.

<project-folder>/Dockerfile

FROM php:8-apache

RUN docker-php-ext-install mysqli
RUN apt-get update && apt-get install -y zlib1g-dev libpng-dev libzip-dev libwebp-dev libjpeg-dev libfreetype6-dev exiftool
RUN docker-php-ext-configure gd --with-freetype --with-webp --with-jpeg && docker-php-ext-install gd
RUN docker-php-ext-install exif
RUN a2enmod rewrite 

Optionally, I like making a build.sh to get a nice image name and normalize versioning and updating the latest tags.

TODAY=`date -u +"%Y%m%d"`
IMAGE_NAME=PROJECT-webserver
MAJOR_VERSION=1
docker build -t ${IMAGE_NAME}:${MAJOR_VERSION}.${TODAY} .
docker tag ${IMAGE_NAME}:${MAJOR_VERSION}.${TODAY} ${IMAGE_NAME}:latest

You can try to use the stock php

docker run -d --name lan-links -v /mnt/lan-links:/var/www/html -p80:80 php:7-apache
version: '3'

services:
  web:
    image: php:7-apache
    hostname: "docker-php"
    restart: "no"
    ports:
      - 80:80
    volumes:
      - /mnt/docker-swarm-volumes-nfs/test-nginx:/var/www/html

# this pushes the container onto your actual LAN, but needs the macvlan network setup already, just leave this out if it isn't setup
networks:
  default:
    external: 
      name: on-lan-network

Jellyfin

version: '3.5'
services:
  app:
    image: jellyfin/jellyfin
    ports:
      - "8096:8096"
    volumes:
      - /Users/steve/jellyfin/config:/config
      - /Users/steve/jellyfin/cache:/cache
      - /Users/steve/jellyfin/media:/media
    environment:
      - JELLYFIN_PublishedServerUrl=http://example.com

calibre-web ebook library

docker run -d \
  --name=calibre-web \
  -e PUID=1000 \
  -e PGID=1000 \
  -e TZ=America/Chicago \
  -e DOCKER_MODS=linuxserver/calibre-web:calibre \
  -p 8083:8083 \
  -v /mnt/calibre-web/config:/config \
  -v /mnt/calibre-web/books:/books \
  --restart unless-stopped \
  ghcr.io/linuxserver/calibre-web
version: "3"
services:
  calibre:
    image: ghcr.io/linuxserver/calibre-web
    ports:
      - 8083:8083
    volumes:
      - /mnt/calibre-web/config:/config
      - /mnt/calibre-web/books:/books
    environment:
      PUID: 1000
      PGID: 1000
      TZ: "America/Chicago"
      DOCKER_MODS: "linuxserver/calibre-web:calibre"

On the first run, it will complain about a missing database, you have to run this to manually create the file or load in a pre-existing one.

cd /app/calibre/bin && ./calibredb restore_database --really-do-it --with-library /books

chmod 777 metadata.db

Default user is admin and password is admin123

(idles at 200mb memory and 0% cpu)

Postgres

`docker run`

project-db:
      image: postgres
      environment:
        - POSTGRES_USER=appname
        - POSTGRES_PASSWORD=asdf1234
      volumes:
        - /mnt/appname/db:/var/lib/postgresql/data

Redis Cache

Redis is a high speed in memory key value store, its a great place to store values that don’t change often but want fast lookup time. Alot of systems render a page and just save it to redis.

version: "3"
services:
  cache:
    image: redis:7-alpine
    ports:
      - '6379:6379'
    command: redis-server --save 60 1 --loglevel warning --requirepass $PASSWORD
    volumes:
      - /mnt/redis:/data

VS Code

If you want a cloud hosted vscode that runs in your browser, this is a great way if you have a dev instance that you want fast iterations on.

version: '3'
services:
  code-server:
    image: lscr.io/linuxserver/code-server:latest
    environment:
      - TZ=America/Chicago
      - PASSWORD=asdf123
      - SUDO_PASSWORD=9abc3823Zxm
      - PROXY_DOMAIN=vscode.i.zazeski.com
      - DEFAULT_WORKSPACE=/workspace
    volumes:
      - /Users/steve/steve/serve-config/config:/config
      - /Users/steve/steve/serve:/workspace
    ports:
      - 8443:8443

VaultWarden

If you are looking for a self hosted password manager with unlimited users at no cost.

version: "3"
services:
  vaultwarden:
    image: vaultwarden/server:latest
    restart: unless-stopped
    expose:
      - 8443:443  # https
      - 8012:3012 # websocket
    env_file:
      - /mnt/vaultwarden/config.env
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - /mnt/vaultwarden/data:/data
openanalytics 2381 views

I'm a 35 year old UIUC Computer Engineer building mobile apps, websites and hardware integrations with an interest in 3D printing, biotechnology and Arduinos.


View Comments

This site uses Akismet to reduce spam. Learn how your comment data is processed.