Skip to content

Installation of Linux and Docker

Updated: 1/30/2025

  • Installed Ubuntu 22.04 (Jammy)
  • Updated to latest - (Noble). Yes it would have been faster to start with this, but I didn't have the disk and didn't think about it.
sudo apt update && sudo apt upgrade -y
sudo apt autoremove -y && sudo apt autoclean
sudo do-release-upgrade -d
sudo reboot
  • Installed hyper-v tools
sudo apt update
sudo apt install linux-cloud-tools-virtual linux-cloud-tools-generic -y
  • Enable Dynamic Memory, Time Sync, and Guest Services. These should be enabled by default, but you can manually check:
systemctl status hv-kvp-daemon.service
systemctl status hv-vss-daemon.service
  • If not enabled

bash sudo systemctl enable --now hv-kvp-daemon.service hv-vss-daemon.service hv-fcopy-daemon.service

  • Reboot again
sudo reboot

Docker Installation

  • First we'll make sure docker isn't installed through snap or some other process.
sudo apt remove docker docker-engine docker.io containerd runc -y
sudo apt autoremove -y
  • Now we'll add docker's key and repository
sudo apt update
sudo apt install -y ca-certificates curl gnupg lsb-release

# Add Docker’s official GPG key
sudo mkdir -m 0755 -p /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo tee /etc/apt/keyrings/docker.asc > /dev/null
sudo chmod a+r /etc/apt/keyrings/docker.asc

# Add the Docker repository
echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
  $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

sudo apt update
  • Then we'll install docker and check the version
sudo apt install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
docker --version
  • Next we'll setup docker to run from the /docker directory
  sudo systemctl stop docker
  sudo systemctl stop containerd
  sudo mv /var/lib/docker /docker
  • Update the docker configuration
sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json > /dev/null <<EOF
{
  "data-root": "/docker"
}
EOF
  • Restart docker
sudo systemctl daemon-reload
sudo systemctl restart docker
sudo systemctl enable docker
docker info | grep "Docker Root Dir"
  • Enable non-root access for our account
sudo usermod -aG docker $USER

Nginx Proxy Manager Setup

bash mkdir -p /docker/npm/data /docker/npm/letsencrypt

  • create the docker-compose.yml file
tee /docker/npm/docker-compose.yml > /dev/null <<EOF
version: '3'
services:
  npm:
    image: 'jc21/nginx-proxy-manager:latest'
    container_name: npm
    restart: unless-stopped
    ports:
      - "80:80"
      - "443:443"
      - "81:81" # Admin UI
    environment:
      DB_SQLITE_FILE: "/data/database.sqlite"
    volumes:
      - /docker/npm/data:/data
      - /docker/npm/letsencrypt:/etc/letsencrypt
EOF
  • start nginx proxy manager
cd /docker/npm
docker compose up -d
docker ps | grep npm
  • Verify it is up
  http://<ipaddress>.foo.bar:81

Default Login:

  • Email: [email protected]

  • Password: changeme

  • Update the credentials. Save in Password Manager.

Let's Encrypt

Create an A Record in Cloudflare

Since we are using DNS validation, we do not need to expose the server publicly.

  1. Log in to Cloudflare Dashboard
  2. Select foo.bar

  3. Go to DNS → Click Add Record

    • Type: A
    • Name: serverName
    • IPv4 Address: server internal IP
    • Proxy Status: DNS only (gray cloud ☁️)
    • TTL: Auto

  4. Add a second Record

  5. Type: A
  6. Name: * - That's a star
  7. IPv4 Address: server internal IP
  8. Proxy Status: DNS only (gray cloud ☁️)
  9. TTL: Auto

Enable Cloudflare API for DNS Challenge

Get Cloudflare API Token

  1. Go to Cloudflare Dashboard → My Profile
  2. Click API TokensCreate Token
  3. Under Custom Token, click Create Custom Token
  4. Permissions:
    • Zone → DNS → Edit
    • Zone → Zone → Read
  5. Zone Resources:
    • IncludeSpecific Zonefoo.bar
  6. Click Create Token and Copy the API Token - Save in Password Manager.

Configure Nginx Proxy Manager for DNS Challenge

  • Log into Nginx Proxy Manager (http://serverName:81)
  • Go to SSL Certificates → Add SSL Certificate → Add the domain name (server.foo.bar)
  • Make sure your email is correct
  • Select DNS Challenge
  • Choose Cloudflare as the DNS Provider
  • Paste the Cloudflare API Token
  • Save Settings

Adding hosts to Nginx Proxy Manager

  • Click on Hosts.
  • Click on Add Proxy Host
  • Under the details tab
  • Domain Names: dockerContainer.foo.bar
  • Scheme: http
  • Forward Hostname / IP: dockerContainerIP
  • Forward Port: dockerContainerPort
  • Block Common Exploits
  • Enable Web Sockets Support
  • Under the SSL tab
  • Request New Certificate with Let's Encrypt
  • Force SSL
  • HSTS Enabled
  • Use a DNS Challenge
  • DNS Provider: CloudFlare
  • CloudFlare API Token: Paste yours in.
  • Agree to Terms of Service