Docker Install Simplified (run script and small modification)

DefenderOogway · March 19, 2021, 1:51pm

When installing this way LDAP will not work as I disable it so you will get an error message on the Web Interface loading, but everything appears to work. You can probably setup LDAP and get that error message to disappear.

FreedomBox needs docker to ipv6 config setup.
my docker config looks like this:
/etc/docker/daemon.json

{
“userland-proxy”: false,
“iptables”: true,
“ipv6”: true,
“fixed-cidr-v6”: “2001:db8:1::/64”
}

Cut and paste the following code into shell script and run as docker user:

#!/bin/bash
docker run -itd --name freedombox --privileged -v /run/systemd/system:/run/systemd/system -v /var/run/dbus/system_bus_socket:/var/run/dbus/system_bus_socket -p 4445:80 -p 4446:443 debian:unstable /bin/bash
docker exec -it freedombox sh -c  "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin DEBIAN_FRONTEND=noninteractive apt update"
docker exec -it freedombox sh -c  "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin DEBIAN_FRONTEND=noninteractive apt install snapd freedombox systemd syslog-ng mariadb-server -y"
docker exec -it freedombox sh -c  "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin DEBIAN_FRONTEND=noninteractive apt purge resolvconf -y"
docker commit freedombox freedombox
docker stop freedombox
docker rm freedombox
docker run -itd --name freedombox --privileged -v /run/systemd/system:/run/systemd/system -v /var/run/dbus/system_bus_socket:/var/run/dbus/system_bus_socket -p 4445:80 -p 4446:443 --entrypoint /sbin/init freedombox
docker exec -it freedombox sh -c   "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin systemctl enable snapd"
docker exec -it freedombox sh -c   "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin systemctl start snapd"
docker exec -it freedombox sh -c   "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin snap install core"
docker exec -it freedombox sh -c   "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin systemctl restart snapd"
docker exec -it freedombox sh -c   "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin systemctl enable apache2"
docker exec -it freedombox sh -c   "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin systemctl enable uwsgi"
docker exec -it freedombox sh -c   "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin systemctl start apache2"
docker exec -it freedombox sh -c   "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin systemctl start uwsgi"
docker exec -it freedombox sh -c   "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin systemctl enable syslog-ng"
docker exec -it freedombox sh -c   "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin systemctl start syslog-ng"
docker exec -it freedombox sh -c   "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin systemctl disable slapd"
docker exec -it freedombox sh -c   "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin systemctl stop slapd"

`

1> root@944457c6fee1:/# vi /usr/lib/python3/dist-packages/plinth/modules/storage/__init__.py

`

look for this code and change def get_filesystem_type(mount_point=’/’):
“”“Returns the type of the filesystem mounted at mountpoint.”“”
for partition in psutil.disk_partitions():
if partition.mountpoint == mount_point:
return partition.fstype

and make it this:

get_filesystem_type(mount_point=’/’):
“”“Returns the type of the filesystem mounted at mountpoint.”""
for partition in psutil.disk_partitions(all=True):
if partition.mountpoint == mount_point:
return partition.fstype

2> root@944457c6fee1:# systemctl start plinth
3> root@944457c6fee1:# systemctl start firewalld
(woops we need this , importnant component for auto-configs…possibly)
4> browse to your port things should be and running see screen shots attached:

Grab the password
When you log in you’ll see this enter and start setting things up:

Enter the secret generated during FreedomBox installation. This secret can also be obtained by running the command “sudo cat /var/lib/plinth/firstboot-wizard-secret” on your FreedomBox
After the install I used the FreedomBox to install those applications without modification

All Applications that were installed pretty quickly after changes mentioned.

When installing RoundCube you need to start the apache server back up there is a small bug that it kills the server and doesnt restart:

docker exec -it freedombox /bin/bash

systemctl start apache2

If you want I2P working there is a small bug you need to fix:

edit the following file:
docker exec -it freedombox /bin/bash
change both files here

vi /usr/share/plinth/actions/i2p
vi /usr/lib/python3/dist-packages/plinth/modules/i2p/helpers.py
Look in the files (first 4 lines in mine, and replace )

I2P_CONF_DIR =‘/var/lib/i2p/i2p-config/’

change to

I2P_CONF_DIR = ‘/usr/share/i2p’

And it should install ok.

NickA · March 20, 2021, 9:04am

I’m not sure if your putting your work towards docker is worth it.

Docker’s application-containers are not designed to support managed distributions and derivative projects like freedombox. Also they introduce dependencies on several external services and installations depend on non-native read-only base images under external control with additional maintenance lag, instead of being under the direct control of the distribution’s package management. It seems to be about the same with LXD (Image handling - LXD - system container manager).

I’d expect freedombox to work much better (well) in virtual system enviroments, simply by installing freedombox (image or debian package), wherever the platform provides system-VMs or system-containers.

To help out widening the options, you could maybe create a script to spin-up freedombox under LXC, this could allow to run freedombox using arbitrary linux distributions as container host (virtualization server).

As Freedombox is itself a server management system, it does not fit into third-party app-shipping channel building schemes.

(originally from: https://robinsystems.com/blog/containers-deep-dive-lxc-vs-docker-comparison/)

NickA · March 20, 2021, 9:15am

Maybe the LXC support from libvirt and virt-manager could be a good option, as it includes graphical container management.

That’s probably better for many Freedombox users.

NickA · March 20, 2021, 9:48am

The manual way could work similar to this:
https://www.rutschle.net/2020/09/05/yunohost.html

DefenderOogway · March 20, 2021, 2:22pm

Nick , I understand what your saying, what dockers designed for. I’ll definitely look into LXC as well I know virtual box also helps with better anonymity am I right?

Also docker pretty much works now, there are very few things that are different that im aware from the normal manual install may help from a developers point of view, snapshots and what not. But maybe LXC will help out better i’ll look into it.

NickA · March 20, 2021, 3:34pm

The docker stuff looks like using and depending on snapd, some base system image, docker dns server configs, apt updates gettting lost on restarts, …etc. (maintenance abysm).

So, as kvm and virtualbox images are already available for download on freedombox.org, it looks the only things that are missing are build scripts for container images that can be used anywhere where plain lxc or libvirt-lxc is available.

I guess, figuring out how to manually set up a freedombox LXC container with the graphical virt-manager could already be of great help.

DefenderOogway · March 20, 2021, 5:45pm

Hello NickA,

snapd I believe is used by freedombox, from the underlying workings. I’m using the same steps now with LXC. I have it working, it looks great!! I’ll do another post soon with similar steps for LXC.

Pre-Reqs: LXC is properly configured. I’m installing it on a Unpriviliged image.

this LXC really appears to faster as well. neat.

NickA · March 20, 2021, 6:21pm

Nice!
Are you really using some pre-made “unprivileged” image? From LXC - Debian Wiki I thought the lxc-create templates would use stock debootstrap to install debian into the local rootfs folder.

NickA · March 20, 2021, 7:27pm

Hopefuly, it’s as simple as this to get freedombox running after booting the basic debian rootfilesystem in a LXC container:
https://wiki.debian.org/FreedomBox/Hardware/Debian

DefenderOogway · March 20, 2021, 7:39pm

@NickA

Was pretty simple.

Speaking with a friend, the docker install has many benefits, it can be used on OS X, Windows docker instances as well…

But LXC is definitely amazing on linux host systems.

DefenderOogway · March 20, 2021, 7:49pm

Yes, its that simple, with just some port-forwarding.

mtinman · November 28, 2021, 12:01am

DefenderOogway:

As an Update/FYI to everyone who reads this post, in the code block you provided above, where you say
"Templates for LXC can be found here:

https://us.images.linuxcontainers.org/images/", it appears that the URL is no longer valid, and there was no redirect from that address either. After a quick search, I found that Canonical has taken possession of this domain, and when I visited https://images.linuxcontainers.org/, I was redirected to https://us.lxd.images.canonical.com/. I hope this helps.