Develop Reference

nextcloud in docker-compose not reachable

I am using docker compose on my raspberry pi. In the yaml file I have a nextcloud and nginx (for outside communication). But as my raspberry pi is in my private network, I want to have also a direct connection for my immobile setup.
Something like an ip: 192.168.0.100:1080
What I have tried:
version: '3'
volumes:
nextcloud-data:
nextcloud-db:
npm-data:
npm-ssl:
npm-db:
networks:
frontend:
backend:
services:
nextcloud-app:
image: nextcloud
restart: always
ports:
- "1080:80"
- "1443:443"
volumes:
- nextcloud-data:/var/www/html
environment:
- MYSQL_PASSWORD=replace-with-secure-password
- MYSQL_DATABASE=nextcloud
- MYSQL_USER=nextcloud
- MYSQL_HOST=nextcloud-db
networks:
- frontend
- backend
nextcloud-db:
image: mariadb
restart: always
command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
volumes:
- nextcloud-db:/var/lib/mysql
environment:
- MYSQL_ROOT_PASSWORD=replace-with-secure-password
- MYSQL_PASSWORD=replace-with-secure-password
- MYSQL_DATABASE=nextcloud
- MYSQL_USER=nextcloud
networks:
- backend
npm-app:
image: jc21/nginx-proxy-manager:latest
restart: always
ports:
- "80:80"
- "81:81"
- "443:443"
environment:
- DB_MYSQL_HOST=npm-db
- DB_MYSQL_PORT=3306
- DB_MYSQL_USER=npm
- DB_MYSQL_PASSWORD=replace-with-secure-password
- DB_MYSQL_NAME=npm
volumes:
- npm-data:/data
- npm-ssl:/etc/letsencrypt
networks:
- frontend
- backend
npm-db:
image: jc21/mariadb-aria:latest
restart: always
environment:
- MYSQL_ROOT_PASSWORD=replace-with-secure-password
- MYSQL_DATABASE=npm
- MYSQL_USER=npm
- MYSQL_PASSWORD=replace-with-secure-password
volumes:
- npm-db:/var/lib/mysql
networks:
- backend
Additional information
The docker is started with docker-compose up -d
Nginx is not configured yet
Nextcloud is not configured yet
But with this approach the address 192.168.0.100:1080 does not resolve. Is this the right way to do it or why is the port 1080 not reachable?

Trying to install jfrog insights

I am trying to install jfrog insights by following the official documentation available on the website using docker-compose method.
ERROR: The Compose file './docker-compose.yaml' is invalid because:
services.router.ports is invalid: Invalid port ":", should be [[remote_ip:]remote_port[-remote_port]:]port[/protocol]
services.router.ports is invalid: Invalid port ":", should be [[remote_ip:]remote_port[-remote_port]:]port[/protocol]
services.router.ports value [':', ':'] has non-unique elements
The docker file looks
version: '3'
services:
router:
image: releases-docker.jfrog.io/jfrog/router:${DOCKER_VERSION_ROUTER}
container_name: insight_router
restart: always
environment:
- JF_ROUTER_TOPOLOGY_LOCAL_REQUIREDSERVICETYPES=jfisv,jfisc
- JF_ROUTER_ENTRYPOINTS_EXTERNALPORT=${JF_ROUTER_ENTRYPOINTS_EXTERNALPORT}
ports:
- ${JF_ELASTICSEARCH_TRANSPORTPORT}:${JF_ELASTICSEARCH_TRANSPORTPORT}
- ${JF_ROUTER_ENTRYPOINTS_EXTERNALPORT}:${JF_ROUTER_ENTRYPOINTS_EXTERNALPORT} # for router communication
user: "${INSIGHT_USER}:${INSIGHT_USER}"
volumes:
- /etc/localtime:/etc/localtime:ro
- "${ROOT_DATA_DIR}/var:/var/opt/jfrog/router"
scheduler:
image: ${DOCKER_REGISTRY}/jfrog/insight-scheduler:${DOCKER_VERSION_JFSC}
container_name: insight_scheduler
restart: always
volumes:
- /etc/localtime:/etc/localtime:ro
- "${ROOT_DATA_DIR}/var:/var/opt/jfrog/insight"
logging:
driver: json-file
options:
max-size: 50m
max-file: '10'
network_mode: service:router
insight_server:
image: ${DOCKER_REGISTRY}/jfrog/insight-server:${DOCKER_VERSION_JFIS}
container_name: insight_server
restart: always
volumes:
- /etc/localtime:/etc/localtime:ro
- "${ROOT_DATA_DIR}/var:/var/opt/jfrog/insight"
logging:
driver: json-file
options:
max-size: 50m
max-file: '10'
network_mode: service:router
elasticsearch:
entrypoint: ""
command: /bin/bash -c " (/usr/local/bin/initializeSearchGuard.sh &) && docker-entrypoint.sh 'elasticsearch'"
image: releases-docker.jfrog.io/jfrog/elasticsearch-sg:7.16.3
container_name: insight_elasticsearch
volumes:
- /etc/localtime:/etc/localtime:ro
- "${ROOT_DATA_DIR}/var/data/elasticsearch/data:/usr/share/elasticsearch/data"
- "${ROOT_DATA_DIR}/var/log/elasticsearch:/usr/share/elasticsearch/logs"
- "${ROOT_DATA_DIR}/var/data/elasticsearch/config/jvm.options.d:/usr/share/elasticsearch/config/jvm.options.d"
- "${ROOT_DATA_DIR}/var/data/elasticsearch/sgconfig:/usr/share/elasticsearch/plugins/search-guard-7/sgconfig"
- "${ROOT_DATA_DIR}/var/data/elasticsearch/config/unicast_hosts.txt:/usr/share/elasticsearch/config/unicast_hosts.txt"
environment:
- transport.host=0.0.0.0
- transport.port=9300
- transport.publish_host=${HOST_IP}
- bootstrap.memory_lock=true
- node.name=${HOST_IP}
- discovery.seed_providers=file
- $ES_MASTER_NODE_SETTINGS
- ELASTICSEARCH_USERNAME=REPLACE_ELASTICSEARCH_USERNAME
- ELASTICSEARCH_PASSWORD=REPLACE_ELASTICSEARCH_PASSWORD
- ELASTICSEARCH_CLUSTERSETUP=${JF_ELASTICSEARCH_CLUSTERSETUP}
restart: always
ulimits:
memlock:
soft: -1
hard: -1
nofile:
soft: 65536
hard: 65536
cap_add:
- IPC_LOCK
logging:
driver: json-file
options:
max-size: 50m
max-file: '10'
network_mode: service:router

Hamza - can you confirm if you are using this latest documentation - https://www.jfrog.com/confluence/display/JFROG/Installing+Insight
This has a step (step #3) to run installer script ./config.sh - did you run it?

Traefik not routing to other containers

I've set up Traefik and Portainer on my server running Ubuntu 20.04 that is in my front room (I used this guide and this one, but didn't set up the default IP whitelist in the second tutorial as I want it to be a publicly accessible webserver). Both apps work and appear to be using HTTPS. I can manage and create containers in Portainer.
To test out my configuration, I added two containers - MySQL and Wordpress. I added in the Traefik labels from the above tutorials like when I set up Traefik, and I set the Wordpress container's domain name in Portainer, but whenever I try to access the Wordpress site at that domain, I get a Bad Gateway error (just the words 'Bad Gateway', not even a status code).
I'm not sure where I've gone wrong. Here are my configuration files:
traefik.yml:
api:
dashboard: true
entryPoints:
http:
address: ":80"
https:
address: ":443"
providers:
docker:
endpoint: "unix:///var/run/docker.sock"
exposedByDefault: false
file:
filename: /config.yml
version: '3'
services:
traefik:
image: traefik:v2.0
container_name: traefik
restart: unless-stopped
security_opt:
- no-new-privileges:true
networks:
- proxy
ports:
- 80:80
- 443:443
volumes:
- /etc/localtime:/etc/localtime:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
- ./data/traefik.yml:/traefik.yml:ro
- ./data/acme.json:/acme.json
labels:
- "traefik.enable=true"
- "traefik.http.routers.traefik.entrypoints=http"
- "traefik.http.routers.traefik.rule=Host(`traefik.mywebsite.com`)"
- "traefik.http.middlewares.traefik-auth.basicauth.users=michael:$$apr1$$.m1mfSB0$$6Ypx6rfih8y.vHkNQe9rJ0"
- "traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https"
- "traefik.http.routers.traefik.middlewares=traefik-https-redirect"
- "traefik.http.routers.traefik-secure.entrypoints=https"
- "traefik.http.routers.traefik-secure.rule=Host(`traefik.mywebsite.com`)"
- "traefik.http.routers.traefik-secure.middlewares=traefik-auth"
- "traefik.http.routers.traefik-secure.tls=true"
- "traefik.http.routers.traefik-secure.tls.certresolver=http"
- "traefik.http.routers.traefik-secure.service=api#internal"
networks:
proxy:
external: true
certificatesResolvers:
http:
acme:
email: me#myemail.com
storage: acme.json
httpChallenge:
entryPoint: http
config.yml:
http:
middlewares:
https-redirect:
redirectScheme:
scheme: https
docker-compose.yml:
version: '3'
services:
traefik:
image: traefik:v2.0
container_name: traefik
restart: unless-stopped
security_opt:
- no-new-privileges:true
networks:
- proxy
ports:
- 80:80
- 443:443
volumes:
- /etc/localtime:/etc/localtime:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
- ./data/traefik.yml:/traefik.yml:ro
- ./data/acme.json:/acme.json
- ./data/config.yml:/config.yml:ro
labels:
- "traefik.enable=true"
- "traefik.http.routers.traefik.entrypoints=http"
- "traefik.http.routers.traefik.rule=Host(`traefik.mywebsite.com`)"
- "traefik.http.middlewares.traefik-auth.basicauth.users=michael:$$apr1$$.m1mfSB0$$6Ypx6rfih8y.vHkNQe9rJ0"
- "traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https"
- "traefik.http.routers.traefik.middlewares=traefik-https-redirect"
- "traefik.http.routers.traefik-secure.entrypoints=https"
- "traefik.http.routers.traefik-secure.rule=Host(`traefik.mywebsite.com`)"
- "traefik.http.routers.traefik-secure.middlewares=traefik-auth"
- "traefik.http.routers.traefik-secure.tls=true"
- "traefik.http.routers.traefik-secure.tls.certresolver=http"
- "traefik.http.routers.traefik-secure.service=api#internal"
networks:
proxy:
external: true
Wordpress/MySQL docker-compose.yml:
version: '3.1'
services:
wordpress:
image: wordpress
restart: always
environment:
WORDPRESS_DB_HOST: db
WORDPRESS_DB_USER: admin
WORDPRESS_DB_PASSWORD: password
WORDPRESS_DB_NAME: wordpressdb
volumes:
- wordpress:/var/www/html
networks:
- proxy
labels:
- "traefik.enable=true"
- "traefik.http.routers.wordpress.entrypoints=http"
- "traefik.http.routers.wordpress.rule=Host(`myblog.com`)"
- "traefik.http.routers.wordpress.middlewares=https-redirect#file"
- "traefik.http.routers.wordpress-secure.entrypoints=https"
- "traefik.http.routers.wordpress-secure.rule=Host(`myblog.com`)"
- "traefik.http.routers.wordpress-secure.tls=true"
- "traefik.http.routers.wordpress-secure.tls.certresolver=http"
- "traefik.http.routers.wordpress-secure.service=wordpress"
- "traefik.http.services.wordpress.loadbalancer.server.port=9000"
- "traefik.docker.network=proxy"
db:
image: mysql:5.7
restart: always
environment:
MYSQL_DATABASE: exampledb
MYSQL_USER: username
MYSQL_PASSWORD: password
MYSQL_RANDOM_ROOT_PASSWORD: '1'
volumes:
- db:/var/lib/mysql
networks:
- proxy
labels:
- "traefik.enable=true"
- "traefik.http.routers.mysql.entrypoints=http"
- "traefik.http.routers.mysql.middlewares=https-redirect#file"
- "traefik.http.routers.mysql-secure.entrypoints=https"
- "traefik.http.routers.mysql-secure.tls=true"
- "traefik.http.routers.mysql-secure.tls.certresolver=http"
- "traefik.http.routers.mysql-secure.service=mysql"
- "traefik.http.services.mysql.loadbalancer.server.port=9000"
- "traefik.docker.network=proxy"
volumes:
wordpress:
db:
networks:
proxy:
external: true
I can provide the Portainer docker-compose.yml file too if needed, but I don't really think it's necessary. Any help here would be great!

For network connectivity between the different applications you must create the network in one of your applications. I would do that in your traefik docker-compose.yml
Meaning, that in your traefik compose file you must NOT specify the proxy network as external, because you create it internally in that application like this:
networks:
proxy:
In your Wordpress/MySQL docker-compose.yml you must specify a name for the external network like this:
networks:
proxy:
external:
name: "traefik_proxy"
When you create a new application using compose, everything in the application gets a prefix, that is the directoryname in which the compose file is placed.
Meaning the above example only works if your traefik compose file is placed in a directory named "traefik"
This should fix your issue with connectivity.

docker-compose on cloudbuild / networking issues

Having the wollowing docker-compose file :
version: '3'
services:
postgres:
image: postgres:12.1
environment:
- POSTGRES_PASSWORD:'xyz'
ports:
- '5432:5432'
volumes:
- postgres:/var/lib/postgresql/data
- ./init.sql:/docker-entrypoint-initdb.d/init.sql
redis:
image: 'redis:5-alpine'
command: redis-server
ports:
- '6379:6379'
volumes:
- 'redis:/data'
specs:
image: gcr.io/project_id/container_name:latest
depends_on:
- 'postgres'
- 'redis'
build: .
entrypoint:
- /bin/bash
- -c
- |
...stuff that require database processing...
environment:
- RAILS_ENV=test
- REDIS_URL=redis://redis:6379/0
- DATABASE_URL=postgres://postgres:#postgres:5432/test_db
links:
- postgres
- redis
volumes:
redis:
postgres:
networks:
default:
external:
name: cloudbuild
and the following cloudbuild step (we're using the community cloud builder) :
...
- name: 'gcr.io/app-dmx-sh/docker-compose'
args:
- 'run'
- 'specs'
id: 'specs'
...
we keep hitting the following error :
could not translate host name "postgres" to address: Name or service not known
We've also tried to add the network_mode: cloudbuild for each containers in the compose file, no success.
What should be done to be able have the compose file network work as expected within this cloudbuild environment ?

multiple docker compose container - single ip

I have this application.
How can I assign a single ip-address to the web-service and use the database within?
version: "2"
services:
web:
image: kartoffeltoby/typo3:latest
hostname: localhost
container_name: web
ports:
- 80:80
link:
- db:database
volumes:
- ./www/:/var/www/
environment:
- DOCROOT=/var/www/web
- PAGESPEED=Off
db:
image: mysql:5.6
hostname: database
volumes:
- ./DB/:/var/lib/mysql/
- ./db/:/var/tmp/db
environment:
- MYSQL_ROOT_PASSWORD=passwort

The solution is:
network_mode: service:web
version: "2"
services:
typo3:
image: kartoffeltoby/typo3:latest
hostname: axdbw.vagrant
container_name: typo3
volumes:
- ./www/:/var/www/
environment:
- DOCROOT=/var/www/web
- PAGESPEED=Off
networks:
mynet:
ipv4_address: 172.16.47.14
db:
image: mysql:5.6
volumes:
- ./DB/:/var/lib/mysql/
- ./db/:/var/tmp/db
environment:
- MYSQL_ROOT_PASSWORD=passwort
network_mode: service:web
networks:
mynet:
driver: bridge
ipam:
driver: default
config:
- subnet: 172.16.47.0/24

There is no reason to use a specific IP. The solution can be as simple as this:
version: "3"
services:
typo3:
image: kartoffeltoby/typo3:latest
container_name: typo3
networks:
- mynet
db:
image: mysql:5.6
network_mode: "service:typo3"
networks:
mynet:
driver: bridge
This will place the db container onto the same IP as the typo3 container. Beware of possible port collisions.
In my use-case, I had to avoid nasty cross origin errors. Hosting the database on the same IP as my frontend container helped get around those issues.