Docker Desktop

Realizing I didn’t really remember my setup for my raspberry pi instance and the fact that I didn’t have a sandbox install, I decided to test it out locally… And since the laptop got repaired, I didn’t have Docker installed anymore. So I installed the latest version: [[Docker Desktop]]@4.12.0. Didn’t bother with a docker.com account, although I should have one. I’m also doing this for purely edutainment purposes so no licensing!

Ran through the built in tutorial. Useful refresher and highly recommended.

Using the default Image:

nginx on Docker 🌐

Most basic install run it with a name of `some-nginx`, pulling the default `nginx` image… doesn’t actually do anything. It’s running, but not listening so you can’t use it.

```console
$ docker run --name some-nginx -d nginx
```

-p 80:80 now maps port 80 to expose it.

```console
$ docker run --name some-nginx -p 80:80 -d nginx
```

Success! Serving up some content at `http://localhost/`

Map custom content

Of course, that’s the default content. So let’s create a ‘content’ directory and serve up our own content – good refresher on volumes.

Their example maps `/some/content` to the doc root for nginx: `/usr/share/nginx/html`

```console
$ docker run --name some-nginx -v /some/content:/usr/share/nginx/html:ro -d nginx
```

So let’s create a file:

```console
$ mkdir content
$ cd content
$ cat >> index.html
<html>
<head>
<title> Secure BFFs TEst</title>
</head>
<body>
<h1>
Secure BFFs Test
</h1>
Hello wrold!
</html>
^D

$ cd ..
```

This creates an `index.html` file under the `content` directory. Now let’s map it into the index:

```console
$ docker run --name some-nginx -v content:/usr/share/nginx/html:ro -p 80:80 -d nginx 
```

Whoops, what happened? Same output?
Path needs to be full qualified!

```console
$ docker run --name some-nginx -v /Users/jlin/projects/https/content:/usr/share/nginx/html:ro -d -p 80:80 nginx
```

Success!

Conclusion

You now have a local docker instance running a fetched `nginx` instance serving up your own custom content!

Well, not really secure.  I did want to post some more things about getting Raspberry PI up and running.  But that ended up being fairly hard to do when you wanted your only Pi up and running.  I did make it pretty useful – mostly a network server and the docker host running this blog.

I recently started using Obsidian and wanted to try to set up my own github repo – but – not over https this time, but over https.  What did that mean?  Secure Meadering! aka https on meander!

Looking into the Google Domains guild to enabling https on your domain took me to Letsencrypt:

If your web host doesn’t offer HTTPS security, you can obtain an SSL/TLS certificate for your domain from a CA. [Let’s Encrypt](https://letsencrypt.org/) is a CA that provides certificates in the interest of creating a safer Internet.

Reading up on some docker configurations like this one from zactyh 📄, I was reminded of ‘good’ containerized architecture. Leave each module as small and focused as possible.  But my wordpress instance was running double duty – handling requests and serving up wordpress.

Current

Goal:

Plan

Proof of Concept

– Play with nginx image to serve content somewhere other than my machine
– Get a cert and serve up content via https
– Proxy content to existing wordpress instance

Dockerize

– Repackage nginx image with my config
– Update docker compose to use new nginx image
– Run image on Raspberry Pi

Cleanup and follow up

– Lock down ports
– set up redirect

Let’s see how all this goes!