About •
Download •
Create a New Virtual Machine •
Install Debian OS •
Install Necessary Software •
Port Forwarding •
Save the Configuration •
Pre-Configure Docker •
Change Domain and Install Certificates •
License
This project is designed to enhance my understanding of system administration by utilising Docker to virtualise multiple images within my virtual machine. The objective is to establish a streamlined infrastructure incorporating WordPress alongside a LEMP Stack (consisting of Nginx, MariaDB, and PHP) using Docker and Docker-Compose while ensuring compliance with predefined guidelines specified in the subject.
In this README, you'll find a pseudo-step-by-step guide.
CREATE A NEW VIRTUAL MACHINE
Name and Operating System
Name
inception
Machine Folder
/home/<intra_user>/VirtualBox VMs
Type
Linux
Version
Debian (64-bit)
Storage on Physical Hard Disk
Note
If needed, you can add more processor cores to the virtual machine: Settings
> System
> Processor
.
TAB
Move
Space
Select
Enter
Confirm
Debian GNU/Linux Installer Menu (BIOS mode)
Hostname
inception
Domain Name
<empty>
Set Up Users and Passwords
Root Password
<password>
Full Name for the New User
<intra_user>
Username for Your Account
<intra_user>
Choose a Password for the New User
<password>
Configure the Package Manager
Configure Popularity-Contest
Install the GRUB Boot Loader
Finish the Installation and Reboot
Open the VirtualBox;
Left Click
on top of the right icon of your VM;
Click on Snapshots
;
Click on Take
;
Write a name for future reference;
Go to the VirtualBox folder and compress the inception
folder;
Also you can use the Export
function in VirtualBox;
Upload to the internet, usually 1-2 GB;
Find the main folder of VirtualBox virtual machines;
Copy and uncompress the files inside the folder;
Open VirtualBox and everything should appear correctly;
INSTALL NECESSARY SOFTWARE
inception login
root
Password
<insert_password>
Update repository list
apt update
Install necessary apps
apt install -y sudo ufw docker docker-compose make openbox xinit kitty firefox-esr
Run GUI
startx
Test Firefox
Right Click
> Applications
> Internet
> Firefox ESR
Test terminal
Right Click
> Applications
> System
> kitty
Close GUI
Right Click
> Exit
Tip
Don't forget to take a snapshot and save it in the cloud.
Edit sshd_config file
nano /etc/ssh/sshd_config
Change ssh port to 4242
#Port 22
to Port 4242
Enable root login
#PermitRootLogin prohibit-password
to PermitRootLogin yes
Enable password authentication (Optional)
#PasswordAuthentication yes
to PasswordAuthentication yes
Save and exit sshd_config file
Ctrl + X
> Y
> Enter
Restart ssh
service ssh restart
Restart sshd
service sshd restart
Check SSH status
service ssh status
Check status
ufw status
Enable ufw
ufw enable
Open port 4242 (ssh)
ufw allow 4242
Open port 80 (http)
ufw allow 80
Open port 443 (https)
ufw allow 443
Close virtual machine
shutdown now
Name
Protocol
Host IP
Host Port
Guest IP
Guest Port
ssh
TCP
127.0.0.1
4242
10.0.2.15
4242
http
TCP
<empty>
80
<empty>
80
https
TCP
<empty>
443
<empty>
443
Login with the OS terminal
Start VM and login with ssh on host pc
ssh root@localhost -p 4242
Check the ip adress
ip a
or hostname -I
Check for known ssh hosts
cat ~/.ssh/known_hosts
Display socket information
ss -tunlp
Tip
Don't forget to take a snapshot and save it in the cloud.
Open sudoers file
nano /etc/sudoers
Under # User privilege specification
Add <intra_user> ALL=(ALL:ALL) ALL
Save and exit
Ctrl + X
> Y
> Enter
Add user to docker group
sudo usermod -aG docker <intra_user>
Check user groups
groups <intra_user>
Switch user
su <intra_user>
Go to home directory
cd ~/
Download Docker sample
git clone https://github.com/codesshaman/simple_docker_nginx_html.git
Change directory and build Docker
cd simple_docker_nginx_html/ && docker-compose up -d && cd ~/
Open browser and write in the URL
172.0.0.1
(NAT) or <vm_ip_adress>
(Bridged Adapter)
Verify website
It should display My html config is work!
Create Project Directories and Files
Create .sh file
nano make_inception.sh
Copy and past the bash code
(Paste the provided bash code bellow)
Save and exit
Ctrl + X
> Y
> Enter
Give permissions to file
chmod 777 make_inception.sh
Run .sh file
./make_inception.sh
Warning
Change <intra_user>
to your username. There are three instances. CTRL + \
to search and replace.
#! /bin/bash
mkdir project
mkdir project/srcs
touch project/Makefile
mkdir project/srcs/requirements
touch project/srcs/docker-compose.yml
touch project/srcs/.env
echo " DOMAIN_NAME=<intra_user>.42.fr" > project/srcs/.env
echo " CERT_=./requirements/tools/<intra_user>.42.fr.crt" >> project/srcs/.env
echo " KEY_=./requirements/tools/<intra_user>.42.fr.key" >> project/srcs/.env
echo " DB_NAME=wordpress" >> project/srcs/.env
echo " DB_ROOT=rootpass" >> project/srcs/.env
echo " DB_USER=wpuser" >> project/srcs/.env
echo " DB_PASS=wppass" >> project/srcs/.env
mkdir project/srcs/requirements/bonus
mkdir project/srcs/requirements/mariadb
mkdir project/srcs/requirements/mariadb/conf
touch project/srcs/requirements/mariadb/conf/create_db.sh
mkdir project/srcs/requirements/mariadb/tools
echo " " > project/srcs/requirements/mariadb/tools/.gitkeep
touch project/srcs/requirements/mariadb/Dockerfile
touch project/srcs/requirements/mariadb/.dockerignore
echo " .git" > project/srcs/requirements/mariadb/.dockerignore
echo " .env" >> project/srcs/requirements/mariadb/.dockerignore
mkdir project/srcs/requirements/nginx
mkdir project/srcs/requirements/nginx/conf
touch project/srcs/requirements/nginx/conf/nginx.conf
mkdir project/srcs/requirements/nginx/tools
touch project/srcs/requirements/nginx/Dockerfile
echo " .git" > project/srcs/requirements/mariadb/.dockerignore
echo " .env" >> project/srcs/requirements/mariadb/.dockerignore
mkdir project/srcs/requirements/tools
mkdir project/srcs/requirements/wordpress
mkdir project/srcs/requirements/wordpress/conf
touch project/srcs/requirements/wordpress/conf/wp-config-create.sh
mkdir project/srcs/requirements/wordpress/tools
echo " " > project/srcs/requirements/wordpress/tools/.gitkeep
touch project/srcs/requirements/wordpress/Dockerfile
touch project/srcs/requirements/wordpress/.dockerignore
echo " .git" > project/srcs/requirements/wordpress/.dockerignore
echo " .env" >> project/srcs/requirements/wordpress/.dockerignore
Tip
Don't forget to take a snapshot and save it in the cloud.
CHANGE DOMAIN AND INSTALL CERTIFICATES
Step
Command
Update list of repositories
sudo apt update -y
Install utilities for mkcert
sudo apt install -y wget curl libnss3-tools
Download mkcert binary
(Copy and paste the command bellow)
Rename the binary
mv mkcert-v*-linux-amd64 mkcert
Give all permissions
chmod 777 mkcert
Move mkcert to bin directory
sudo mv mkcert /usr/local/bin/
Check mkcert version
mkcert --version
curl -s https://api.github.com/repos/FiloSottile/mkcert/releases/latest| grep browser_download_url | grep linux-amd64 | cut -d '"' -f 4 | wget -qi -
Edit hosts file
sudo nano /etc/hosts
NAT configuration
Change 127.0.0.1 localhost
to 127.0.0.1 <intra_user>.42.fr localhost
Bridged Adapter configuration
Add <vm_ip_address> <intra_user>.42.fr
Start Docker
cd ~/simple_docker_nginx_html/ && docker-compose up -d && cd ~/
Start GUI
sudo startx
Open Firefox in VM
Right Click
> Open Firefox
Type the following URL
http://<intra_user>.42.fr
Change directory
cd ~/project/srcs/requirements/tools/
Obtain certificate
mkcert <intra_user>.42.fr
Change extension name
mv <intra_user>.42.fr-key.pem <intra_user>.42.fr.key
Change extension name
mv <intra_user>.42.fr.pem <intra_user>.42.fr.crt
Reconfigure Docker NGINX File
Edit NGINX configuration
nano ~/simple_docker_nginx_html/nginx/conf.d/nginx.conf
Paste configuration code
(Copy and paste the provided configuration code bellow)
Warning
Change <intra_user>
to your username. There are three instances. CTRL + \
to search and replace.
server {
# Listen on port http
listen 80;
# Listen on port https - ssl
listen 443 ssl;
# Set the domain we will work on:
server_name < intra_user> .42.fr < intra_user> .42.fr;
# Specify the root directory of the project:
root /var/www/public/html;
# The next section is commented out for
# normal operation with the host machine.
# Redirect from http to https:
# if ($scheme = 'http') {
# return 301 https://<intra_user>.42.fr$request_uri;
# }
# Specify the path to the certificate and key:
ssl_certificate /etc/nginx/ssl/< intra_user> .42.fr.crt;
ssl_certificate_key /etc/nginx/ssl/< intra_user> .42.fr.key;
# Specify supported tls protocols:
ssl_protocols TLSv1.2 TLSv1.3;
# Specify caching options and timeouts:
ssl_session_timeout 10m;
keepalive_timeout 70;
# Tell the server which file extension
# to look for in our root folder:
location / {
try_files $uri /index.html;
}
}
Reconfigure Docker YML File
Stop Docker
cd ~/simple_docker_nginx_html/ && docker-compose down && cd ~/
Edit Docker YML File
cd ~/simple_docker_nginx_html/ && nano docker-compose.yml && cd ~/
In the volume section add
/home/${USER}/project/srcs/requirements/tools:/etc/nginx/ssl
In the ports section add
"443:443"
Run Project Via HTTPS With GUI
Start Docker
cd ~/simple_docker_nginx_html/ && docker-compose up -d && cd ~/
Start GUI
sudo startx
Open Firefox in VM
Check the browser for self-signed certificate
Type the following URL
<intra_user>.42.fr
or 127.0.0.1
or <vm_ip_adress>
Create Makefile
nano ~/simple_docker_nginx_html/Makefile
Copy and paste the Makefile rules
(Copy and paste the provided configuration code bellow)
name = simple_nginx_html
all:
@printf " Running the configuration ${name} ...\n"
@docker-compose -f ./docker-compose.yml up -d
build:
@printf " Assembling the configuration ${name} ...\n"
@docker-compose -f ./docker-compose.yml up -d --build
down:
@printf " Stopping the configuration ${name} ...\n"
@docker-compose -f ./docker-compose.yml down
re:
@printf " Rebuilding the configuration ${name} ...\n"
@docker-compose -f ./docker-compose.yml up -d --build
clean: down
@printf " Cleaning the configuration ${name} ...\n"
@docker system prune -a
fclean:
@printf " Complete cleanup of all docker configurations...\n"
@docker stop $$ (docker ps -qa)
@docker system prune --all --force --volumes
@docker network prune --force
@docker volume prune --force
.PHONY: all build down re clean clean
CREATING AN NGINX CONTAINER
Nginx
Proxying Web Server
443
PHP
Scripting language for the web
-
Php-Fpm
A set of libraries for the FastCGI API
9000
WordPress
Content Management System
-
MariaDB
Relational Database
3306
Go to the folder of our nginx
cd ~/project/srcs/requirements/nginx/
Create a Dockerfile in it
nano Dockerfile
Copy and paste
(copy and paste the code below)
Check latest alpine version
Visit Alpine Linux website
FROM alpine:3.16
RUN apk update && apk upgrade && apk add --no-cache nginx
EXPOSE 443
CMD [" nginx" , " -g" , " daemon off;" ]
Create a Configuration File
Create our config file nginx.conf
nano conf/nginx.conf
Copy and paste
(copy and paste the code below)
Copy certificate keys to the nginx tools folder
cp ~/project/srcs/requirements/tools/* ~/project/srcs/requirements/nginx/tools/
server {
listen 443 ssl;
server_name < intra_user> .42.fr www.< intra_user> .42.fr;
root /var/www/;
index index.php index.html;
ssl_certificate /etc/nginx/ssl/< intra_user> .42.fr.crt;
ssl_certificate_key /etc/nginx/ssl/< intra_user> .42.fr.key;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_session_timeout 10m;
keepalive_timeout 70;
location / {
try_files $uri /index.php? $args /index.html;
add_header Last-Modified $date_gmt ;
add_header Cache-Control ' no-store, no-cache' ;
if_modified_since off;
expires off;
etag off;
}
# location ~ \.php$ {
# fastcgi_split_path_info ^(.+\.php)(/.+)$;
# fastcgi_pass wordpress:9000;
# fastcgi_index index.php;
# include fastcgi_params;
# fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
# fastcgi_param PATH_INFO $fastcgi_path_info;
# }
}
Creating a docker-compose Configuration
Open docker-compose.yml
cd ../../ && nano docker-compose.yml
Copy and paste
(Copy and paste the code below)
Turn off test configuration
cd ~/simple_docker_nginx_html/ && docker-compose down
Launch the new configuration
cd ~/project/srcs/ && docker-compose up -d
Access via HTTPS
https://127.0.0.1
in the browser
https://<intra_user>.42.fr
in the GUI
version: ' 3'
services:
nginx:
build:
context: .
dockerfile: requirements/nginx/Dockerfile
container_name: nginx
# depends_on:
# - wordpress
ports:
- " 443:443"
volumes:
- ./requirements/nginx/conf/:/etc/nginx/http.d/
- ./requirements/nginx/tools:/etc/nginx/ssl/
- /home/${USER} /simple_docker_nginx_html/public/html:/var/www/
restart: always
This work is published under the terms of 42 Unlicense .