Recommended Docker Images
whoami
This is a great simple container for troubleshooting network connectivity. Once started it will give you a webserver that will reply with header info or using get vars for things like /data?size=1&unit=MB or ?wait=5s
docker run -d --name=whoami -p 80:80 containous/whoamiversion: "3.8"
services:
whoami:
image: containous/whoami:latest
ports:
- "80:80"iperf3
networkstatic/iperf3
iperf3 is a great container to leave running to do point to point bandwidth tests on a network
docker run -d --name=iperf3-server -p 5201:5201 networkstatic/iperf3 -sThen from any other machine in the LAN you can max speed test to this one with:
iperf3 -c hostname.example.comAnd you will get results that look like:
[ 4] 0.00-10.00 sec 2.80 GBytes 2.40 Gbits/sec sender
OpenSpeedTest
Don’t want to have to install iperf3 on both the server and client-side to get speed results? OpenSpeedTest is an in-browser client that can get you download/upload speeds.
docker run --restart=unless-stopped --name=openspeedtest -d -p 7777:3000 openspeedtest/latest
Portainer
Portainer is a great web interface that lets you control docker
docker volume create portainer_data #otherwise you get some random named volume
docker run -d -p 8000:8000 -p 9000:9000 --name=portainer --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer-ceThen access it with http://localhost:9000
SMTP Relay to Amazon SES
Many services have trouble talking to well-secured SMTP servers like Amazon SES. A relay is a nice way to allow those devices or services to talk to a simpler server that will then forward it to SES.
docker run -d -p 25:25 --name smtp-to-ses-relay --restart=always -e SMTP_USERNAME=abcdefgh -e SMTP_PASSWORD=123abc -e AWS_REGION=us-west-2 building5/ses-relay:latest
version: "3.8"
services:
ses-relay:
image: building5/ses-relay:latest
environment:
SMTP_USERNAME: ABCD1EFGHI2JK3LMNOPQ
SMTP_PASSWORD: abcDefgHi1jK2aAAAAaAAAa3AaaAAAABCDefg3hij4K
AWS_REGION: us-west-2
ports:
- "25:25"Splunk
https://github.com/splunk/docker-splunk
This is a great log analyzer that lets you load in any text logs and search for patterns or create dashboards.
By default, when you create a Splunk Docker container, it will enable a Splunk Trial license which is good for 30 days from the start of your instance.
- 500MB/day log ingest
- Allowed 3 license violations in last 30 days (you can ingest any amount of data in 24h)
- 30 Day Trial, can register to get to Splunk Free license
- no alerting/monitoring
- no users
- no report clustering
docker run -d -p 8000:8000 -e "SPLUNK_START_ARGS=--accept-license" -e "SPLUNK_PASSWORD=<password>" --name splunk splunk/splunk:latestUses ~3GB of memory and a constant 5% cpu idling. It also will spike its CPU when the container is left alone for a long time.
Privatebin
https://hub.docker.com/r/privatebin/nginx-fpm-alpine
PrivateBin is a minimalist, open-source online pastebin where the server has zero knowledge of pasted data. Data is encrypted and decrypted in the browser using 256bit AES in Galois Counter mode.
version: '3'
services:
app:
image: 'privatebin/nginx-fpm-alpine:latest'
read_only: true #for security
ports:
- '8080:8080'
volumes:
- /mnt/content-ebs/privatebin/data:/srv/data
- /mnt/content-ebs/privatebin/conf.php:/srv/cfg/conf.phpCopy a config from https://raw.githubusercontent.com/PrivateBin/PrivateBin/master/cfg/conf.sample.php as conf.php
(idles at 20mb memory usage with 0% cpu)
PHP
Is a pain. The default docker images are too bare bones with the expectation you will build your own. Apache+PHP is much easier to build but nginx+PHP-FPM is still doable. I like to avoid all HTTPS/SSL in this container and instead use something like docker-router to handle certificate generation. I recommend using a major version tag instead of :latest as going from PHP 7 to 8 can be a bump as I expect PHP 9 will be.
<project-folder>/Dockerfile
FROM php:8-apache
RUN docker-php-ext-install mysqli
RUN apt-get update && apt-get install -y zlib1g-dev libpng-dev libzip-dev libwebp-dev libjpeg-dev libfreetype6-dev exiftool
RUN docker-php-ext-configure gd --with-freetype --with-webp --with-jpeg && docker-php-ext-install gd
RUN docker-php-ext-install exif
RUN a2enmod rewrite Optionally, I like making a build.sh to get a nice image name and normalize versioning and updating the latest tags.
TODAY=`date -u +"%Y%m%d"`
IMAGE_NAME=PROJECT-webserver
MAJOR_VERSION=1
docker build -t ${IMAGE_NAME}:${MAJOR_VERSION}.${TODAY} .
docker tag ${IMAGE_NAME}:${MAJOR_VERSION}.${TODAY} ${IMAGE_NAME}:latestYou can try to use the stock php
docker run -d --name lan-links -v /mnt/lan-links:/var/www/html -p80:80 php:7-apacheversion: '3'
services:
web:
image: php:7-apache
hostname: "docker-php"
restart: "no"
ports:
- 80:80
volumes:
- /mnt/docker-swarm-volumes-nfs/test-nginx:/var/www/html
# this pushes the container onto your actual LAN, but needs the macvlan network setup already, just leave this out if it isn't setup
networks:
default:
external:
name: on-lan-networkJellyfin
version: '3.5'
services:
app:
image: jellyfin/jellyfin
ports:
- "8096:8096"
volumes:
- /Users/steve/jellyfin/config:/config
- /Users/steve/jellyfin/cache:/cache
- /Users/steve/jellyfin/media:/media
environment:
- JELLYFIN_PublishedServerUrl=http://example.comcalibre-web ebook library
docker run -d \
--name=calibre-web \
-e PUID=1000 \
-e PGID=1000 \
-e TZ=America/Chicago \
-e DOCKER_MODS=linuxserver/calibre-web:calibre \
-p 8083:8083 \
-v /mnt/calibre-web/config:/config \
-v /mnt/calibre-web/books:/books \
--restart unless-stopped \
ghcr.io/linuxserver/calibre-webversion: "3"
services:
calibre:
image: ghcr.io/linuxserver/calibre-web
ports:
- 8083:8083
volumes:
- /mnt/calibre-web/config:/config
- /mnt/calibre-web/books:/books
environment:
PUID: 1000
PGID: 1000
TZ: "America/Chicago"
DOCKER_MODS: "linuxserver/calibre-web:calibre"On the first run, it will complain about a missing database, you have to run this to manually create the file or load in a pre-existing one.
cd /app/calibre/bin && ./calibredb restore_database --really-do-it --with-library /books chmod 777 metadata.db
Default user is admin and password is admin123
(idles at 200mb memory and 0% cpu)
Postgres
`docker run`
project-db:
image: postgres
environment:
- POSTGRES_USER=appname
- POSTGRES_PASSWORD=asdf1234
volumes:
- /mnt/appname/db:/var/lib/postgresql/dataRedis Cache
Redis is a high speed in memory key value store, its a great place to store values that don’t change often but want fast lookup time. Alot of systems render a page and just save it to redis.
version: "3"
services:
cache:
image: redis:7-alpine
ports:
- '6379:6379'
command: redis-server --save 60 1 --loglevel warning --requirepass $PASSWORD
volumes:
- /mnt/redis:/dataVS Code
If you want a cloud hosted vscode that runs in your browser, this is a great way if you have a dev instance that you want fast iterations on.
version: '3'
services:
code-server:
image: lscr.io/linuxserver/code-server:latest
environment:
- TZ=America/Chicago
- PASSWORD=asdf123
- SUDO_PASSWORD=9abc3823Zxm
- PROXY_DOMAIN=vscode.i.zazeski.com
- DEFAULT_WORKSPACE=/workspace
volumes:
- /Users/steve/steve/serve-config/config:/config
- /Users/steve/steve/serve:/workspace
ports:
- 8443:8443VaultWarden
If you are looking for a self hosted password manager with unlimited users at no cost.
version: "3"
services:
vaultwarden:
image: vaultwarden/server:latest
restart: unless-stopped
expose:
- 8443:443 # https
- 8012:3012 # websocket
env_file:
- /mnt/vaultwarden/config.env
volumes:
- /etc/localtime:/etc/localtime:ro
- /mnt/vaultwarden/data:/data
I'm a 35 year old UIUC Computer Engineer building mobile apps, websites and hardware integrations with an interest in 3D printing, biotechnology and Arduinos.
https://github.com/statping/statping