Both sides previous revision Previous revision Next revision | Previous revision Next revisionBoth sides next revision |
docker_notes:docker-deluge [2023-03-04 Sat wk09 09:56] – ↷ Page moved from tech_notes:docker-deluge to docker_notes:docker-deluge baumkp | docker_notes:docker-deluge [2024-01-10 Wed wk02 19:24] – [Docker Deluge Image / Service] baumkp |
---|
{{tag>linux docker image container init s6 s6-rc openvpn "docker compose" wireguard macvlan nftables}} | {{tag>linux docker image container init s6 s6-rc openvpn "docker compose" wireguard macvlan nftables}} |
======Docker Deluge Image / Service====== | ======Docker Deluge Image / Service====== |
I want a torrent service that uses a VPN and is set-up to have blocked WAN (internet) access. On my virtual machine implementation of this I used the following 3 packages: deluge (deluged with deluge-web), openvpn and nftables. I used both iptables and nftables and nftables is definitely more elegant to use. As far as I can tell there is not Docker image that will meet my needs. So time to delve in deeper myself. | I want a torrent service that uses a VPN and is set-up to block non VPN WAN (internet) access. On my virtual machine implementation of this I used the following 3 packages: deluge (deluged with deluge-web), openvpn and nftables. I have used both iptables and nftables and find nftables is definitely more elegant to use. As far as I can tell there is not a Docker image that will meet my needs. |
| |
| I have been successfully been running this in a container on my home server since early 2023. This replaced the a similar setup that have I been operating since about 2017 on a virtual machine using Linux KVM/Libvirt/QEMU. |
| |
=====s6 supervision rc system===== | =====s6 supervision rc system===== |
I decided to build this container image based upon Alpine Linux using the [[https://www.skarnet.org/software/s6/index.html|S6]] init system. The Skarnet.org is the S6 authors web site and main repository. | I decided to build this container image based upon Alpine Linux using the [[https://www.skarnet.org/software/s6/index.html|S6]] init system. The Skarnet.org is the S6 authors web site and main repository. |
| |
S6 [[https://www.skarnet.org/software/s6/servicedir.html|Service directories]] | S6 [[http://www.skarnet.org/software/s6/servicedir.html|Service directories]] |
| |
++++Basic S6 commands:| | ++++Basic S6 commands:| |
*''s6-rc-db -d|-u timeout servicename'' - lists the timeout, -d for timeout down and -u for timeout up | *''s6-rc-db -d|-u timeout servicename'' - lists the timeout, -d for timeout down and -u for timeout up |
| |
BTW dont spell dependencies as dependancies and wonder why things don't work, lol the English language sucks. | BTW dont spell dependencies as dependencies and wonder why things don't work, lol the English language sucks. |
++++ | ++++ |
| |
| |
Reference: | Reference: |
*[[https://github.com/just-containers/s6-overlay| just-containers/s6-overlay]] | *[[https://github.com/just-containers/s6-overlay| just-containers/s6-overlay]] (Version 3.1.6.2 as of 2023-12-30) |
*[[https://skarnet.org/software/s6-rc/s6-rc-compile.html|The s6-rc-compile program]] Describes the functionality of the S6-rc system | *[[https://skarnet.org/software/s6-rc/s6-rc-compile.html|The s6-rc-compile program]] Describes the functionality of the S6-rc system |
*[[https://forum.level1techs.com/t/easy-to-follow-beginner-guide-on-s6-starter-pack/178411| | *[[https://forum.level1techs.com/t/easy-to-follow-beginner-guide-on-s6-starter-pack/178411|Easy to follow Beginner Guide on s6 Starter Pack]] |
Easy to follow Beginner Guide on s6 Starter Pack ]] | |
| ---- |
| |
| Other Supervisor software discussions: |
| *[[https://ahmet.im/blog/minimal-init-process-for-containers/|Choosing an init process for multi-process containers]] - Interesting discussion on different init systems, current at that time. (Seems relevant now too.) |
| *supervisord: [[http://supervisord.org/|Supervisor: A Process Control System]] |
| *[[https://stackoverflow.com/questions/33117068/use-of-supervisor-in-docker|Use of Supervisor in docker]] |
=====dockerfile===== | =====dockerfile===== |
++++Dockerfile| | ++++Dockerfile| |
| |
=====Environment Variables into Docker===== | =====Environment Variables into Docker===== |
I need to work on this one more. It did not seem to work well for me in attempts to date. | I need to work on this one more. It did not seem to work well for me in attempts to date. I tried again in mailserver setup also to no avail. |
| |
''S6_KEEP_ENV'' (default = 0): if set, then environment is not reset and whole supervision tree sees original set of env vars. It switches with-contenv into a nop. I placed ''ENV S6_KEEP_ENV=1'' before first init and all the environment variable were visible. | ''S6_KEEP_ENV'' (default = 0): if set, then environment is not reset and whole supervision tree sees original set of env vars. It switches with-contenv into a nop. I placed ''ENV S6_KEEP_ENV=1'' before first init and all the environment variable were visible. |
*[[http://skarnet.org/software/s6/s6-setuidgid.html|The s6-setuidgid program]] s6-setuidgid executes a program as another user. I used this to change the deluged and delugeweb programs not to run as root. | *[[http://skarnet.org/software/s6/s6-setuidgid.html|The s6-setuidgid program]] s6-setuidgid executes a program as another user. I used this to change the deluged and delugeweb programs not to run as root. |
*[[http://skarnet.org/software/s6/s6-envuidgid.html|The s6-envuidgid program]] s6-envuidgid potentially sets the UID, GID and GIDLIST environment variables according to the options and arguments it is given; then it executes into another program. | *[[http://skarnet.org/software/s6/s6-envuidgid.html|The s6-envuidgid program]] s6-envuidgid potentially sets the UID, GID and GIDLIST environment variables according to the options and arguments it is given; then it executes into another program. |
| |
| =====Alpine Docker BusyBox s6-rc===== |
| The Alpine docker image is build using musl, BusyBox and OpenRC, however I have setup to use s6-rc instead of OpenRC. The "standard" shell commands are build in the ash library with additional commands in Busybox, Busybox is a single file. Some addtional functionality can be found by using ''apk add util-linux''. See [[https://en.wikipedia.org/wiki/Util-linux|Wikipedia util-linux]] for a list of additional functionality in util-linux. |
| |
| A list of [[https://boxmatrix.info/wiki/BusyBox-Commands|BusyBox Commands]] |
| |
=====References===== | =====References===== |
| |
| |
<- tech_notes:docker-dokuwiki|Back ^ tech_notes:index|Start page ^ tech_notes:docker-mailserver|Next -> | <- docker_notes:docker-calibre|Back ^ docker_notes:index|Start page ^ docker_notes:docker-mailserver|Next -> |