Website

Docker Problems In Almalinux 8

I kept having issues with Docker in Almalinux 8/Cloudlinux 8/Centos 8. Basically, any time that the server would reboot, my Docker containers would fail to start. If I restarted the Docker service manually, it would start working. The problem is that Docker manipulates iptables, but when the Firewall would start, Docker’s iptables would be overwritten. After doing a lot of Googling, it seems I have found a solution.

To resolve this create the following in /etc/csf/csfpre.sh

iptables -t nat -N DOCKER
iptables -t nat -A PREROUTING -m addrtype --dst-type LOCAL -j DOCKER
iptables -t nat -A OUTPUT ! -d 127.0.0.0/8 -m addrtype --dst-type LOCAL -j DOCKER
iptables -t nat -A POSTROUTING -s 172.17.0.0/16 ! -o docker0 -j MASQUERADE

iptables -t filter -N DOCKER
iptables -t filter -A FORWARD -o docker0 -j DOCKER
iptables -t filter -A FORWARD -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
iptables -t filter -A FORWARD -i docker0 ! -o docker0 -j ACCEPT
iptables -t filter -A FORWARD -i docker0 -o docker0 -j ACCEPT

I found this solution posted here.

Russel Taylor April 16, 2022 No Comments

DirectAdmin + Seafile Configuration

After a lot of trial and error, I have finally managed to get Seafile working with my DirectAdmin panel. I am posting my configuration here so that it will be much easier to do the next time!

First, here is my docker-compose.yml file:

version: '2.0'
services:
  db:
    image: mariadb:10.5
    restart: always
    container_name: seafile-mysql
    environment:
      - MYSQL_ROOT_PASSWORD=************  # Requested, set the root's password of MySQL service.
      - MYSQL_LOG_CONSOLE=true
    volumes:
      - /app/seafile/seafile-mysql/db:/var/lib/mysql  # Requested, specifies the path to MySQL data persistent store.
    networks:
      - seafile-net

  memcached:
    image: memcached:1.5.6
    restart: always
    container_name: seafile-memcached
    entrypoint: memcached -m 256
    networks:
      - seafile-net

  elasticsearch:
    image: seafileltd/elasticsearch-with-ik:5.6.16
    restart: always
    container_name: seafile-elasticsearch
    environment:
      - discovery.type=single-node
      - bootstrap.memory_lock=true
      - "ES_JAVA_OPTS=-Xms1g -Xmx1g"
    ulimits:
      memlock:
        soft: -1
        hard: -1
    mem_limit: 2g
    volumes:
      - /app/seafile/seafile-elasticsearch/data:/usr/share/elasticsearch/data  # Requested, specifies the path to Elasticsearch data persistent store.
    networks:
      - seafile-net
  
  seafile:
    image: docker.seadrive.org/seafileltd/seafile-pro-mc:latest
    restart: always
    container_name: seafile
    ports:
      - "8082:80"
      - "8443:443"  # If https is enabled, cancel the comment.
    volumes:
      - /app/seafile/seafile-data:/shared   # Requested, specifies the path to Seafile data persistent store.
    environment:
      - DB_HOST=db
      - DB_ROOT_PASSWD=***********  # Requested, the value shuold be root's password of MySQL service.
      - TIME_ZONE=America/Chicago # Optional, default is UTC. Should be uncomment and set to your local time zone.
      - SEAFILE_ADMIN_EMAIL=********@***********.com # Specifies Seafile admin user, default is 'me@example.com'
      - SEAFILE_ADMIN_PASSWORD=************     # Specifies Seafile admin password, default is 'asecret'
      - SEAFILE_SERVER_LETSENCRYPT=false   # Whether to use https or not
      - SEAFILE_SERVER_HOSTNAME=************.com # Specifies your host name if https is enabled
    depends_on:
      - db
      - memcached
      - elasticsearch
    networks:
      - seafile-net

networks:
  seafile-net:

And now, here is the DirectAdmin Reverse Proxy code that should be pasted in to the Custom HTTPD section:

|*if SUB="seafile"|
SSLProxyEngine On
ProxyPreserveHost On

ProxyPass / https://seafile.EXAMPLE.COM:8443/
ProxyPassReverse / https://seafile.EXAMPLE.COM:8443/

|*endif|

Russel Taylor June 24, 2021 No Comments