2 posts tagged with "docker"

View All Tags

Ansible boilerplate for webapps with Docker, Traefik and Let's Encrypt

I created an Ansible boilerplate for setting up a webserver that can run any webapp that runs in a Docker container. You can use this boilerplate to setup a secure webserver on a freshly installed Debian based linux server (something like an Amazon EC2 instance or VPS). This boilerplate uses Traefik, Let's Encrypt and Docker Compose.

The code is available at: https://github.com/jurruh/ansible-webserver-boilerplate

How to use it?#

You have to set your own host in the hosts file. After that you can run the playbook.

ansible-playbook site.yml

The playbook will install Docker and the other requisites on the machine.

How to deploy an app#

The boilerplate contains an example app (roles/example-app). You can rename or copy it as a starting point, make sure you replace all "example-app" occurences in the folder with your new chosen name. After that you can edit the docker-compose.yml file in the templates directory and add your own services.

Replace the domain in the following line "traefik.http.routers.example-app.rule=Host(`example.jurrevriesen.nl`)" with the domain that is pointed to your webserver to make sure a Let's Encrypt SSL certificate is requested.

After you added the new role in site.yml, you can run the playbook again and the new app should be deployed.

Restart Docker container on image change

This blog is a static website served from a Docker container. The content is written in markdown and pushed to a Git repository hosted on GitHub. Every time I push to that repository a Docker image containing the new version is build on DockerHub.

While the new image is available on DockerHub there is still a container running containing the old version. Normally I would go to the server where the container is running and perform a manual docker pull command and spin up a new container. I hated doing this manual step and automated it:

๐Ÿ‘‰ The people from containrrr.dev made a simple to use piece of software called watchtower. This detects when the image of a container changes. When that happens the changed image is pulled and the container will be restarted. Watchtower can be started as an individual Docker container with the following command:

docker run -d \
--name watchtower \
-v /var/run/docker.sock:/var/run/docker.sock \
containrrr/watchtower <name of the container to watch : optional>

๐Ÿ““ if no name is given all containers are watched.

I like to configure and document my containers with a docker-compose file. This is also supported by watchtower.

version: "3"
services:
cavo:
image: jurruh/blog:latest
container_name: jurruh_blog
ports:
- "80:80"
watchtower:
image: containrrr/watchtower
volumes:
- /var/run/docker.sock:/var/run/docker.sock
command: jurruh_blog