Docker - Ghost - CIFS

ghost Sep 23, 2020

When you hear the words docker, most people think one click install of an app.

When you combine Docker with CIFS it's a different ball game. Problems and endless hours of Googling entail.


Firstly My setup is:

  • Proxmox Hypervisor
  • Ubuntu LTS VM
  • Docker with Portainer

Mounting a CIFS Share in Ubuntu

Lets create a credentials file to hold the CIFS details

sudo nano /etc/win-credentials

Add The following lines

username=WINUSER
password=WINPASS
domain=DOMAINNAME

Ctrl O - to write file

Ctrl X - to exit

Make a mountpoint

sudo mkdir /mnt/Ghost-Blog

Using FSTAB to Automatically mount share on startup

sudo nano /etc/fstab
//CIFS-ServerName/Share /mnt/Ghost-Blog cifs credentials=/etc/win-credentials,noserverino,context=system_u:object_r:svirt_sandbox_file_t:s0,file_mode=0777,dir_mode=0777 0 0

Ctrl O - to write file

Ctrl X - to exit

sudo mount -a

Now we need to create a Docker Volume - this is key for the Docker Container to work correctly with CIFS and esspecially the SQL database.

docker volume create --opt type=cifs --opt device=//SERVER-NAME/Share/ --opt o=username=WINUSER,password=WINPASS,domain=DOMAINNAME,noserverino,file_mode=0777,dir_mode=0777,noperm,iocharset=utf8,nobrl Ghost-Blog

Head over to Portainer

Create a new Container

Port Config 3001:2368

Environmental Variable

url:https://yourdomain.com

PUID:1000

PGID:1000

Volume - /var/lib/ghost/content:Ghost-Blog  (Drop down box select the volume you created earlier)

Restart policy - unless stopped

Deploy


Web Browser

http://Docker-IP:3001

admin interface http://docker-IP:3001/ghost


Optional: NGINX

Create a new Server-Block

##Blog-Ghost##
server {
listen [::]:443 ssl http2;
listen 443 ssl http2;
server_name ghost.mydomain.com; 

include ssl.conf

location / {
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header HOST $http_host;
    proxy_set_header X-NginX-Proxy true;
	proxy_set_header X-Forwarded-Proto $scheme;
    proxy_pass http://docker-IP:3001;
    proxy_redirect off;

ssl.conf contains my crt, key and some security settings.


Thats it - Time to start blogging

Tags

Great! You've successfully subscribed.
Great! Next, complete checkout for full access.
Welcome back! You've successfully signed in.
Success! Your account is fully activated, you now have access to all content.