In this article, you'll learn how to install Rocket.Chat with Docker on a VPS and use it as a Slack alternative.

Installing Rocket.Chat with Docker on Your VPS

To install Rocket.Chat with Docker and use it. You'll first download the official Rocket.Chat docker compose file, set up environment variables, run the container, then secure it with an SSL certificate. This is everything you need to have a fully functional self-hosted communications platform.

Why Use a Self-hosted Slack Alternative?

We originally published this Rocket.Chat tutorial back in 2017 after a highly publicized series of Slack service outages. When your entire team is reliant on an externally-hosted solution, that’s a risk you run.

Additionally, Slack isn’t entirely free, as it requires you to purchase a plan for unlimited message history and other basic features. Rocket.Chat offers this and more, with control and flexibility. By self-hosting a Slack alternative, you avoid depending on third-party services and gain full ownership of your data.

What You Need to Install Rocket.Chat with Docker

• A Docker-ready VPS.  If you haven't noticed, we offer the best priced, most reliable VPS servers in the world. Take a look at our offerings and prepare for your mind to be blown .
• A functioning Docker installation, plus Docker Compose—see our Getting Started tutorial for more details.
• A non-root user account to SSH into. Check out How to access your server using SSH to learn how to access your server and create a sudo user.

Step 1 - Downloading the Rocket.Chat Docker Compose File

$ cd ~
$ mkdir rocket.chat && cd rocket.chat

curl -L https://raw.githubusercontent.com/RocketChat/Docker.Official.Image/master/compose.yml -O

nano .env

### Rocket.Chat configuration

# Rocket.Chat version
# see:- https://github.com/RocketChat/Rocket.Chat/releases
RELEASE=6.11.0
# MongoDB endpoint (include ?replicaSet= parameter)
#MONGO_URL=
# MongoDB endpoint to the local database
#MONGO_OPLOG_URL=
# IP to bind the process to
#BIND_IP=
# URL used to access your Rocket.Chat instance
ROOT_URL=http://rocket.example.com
# Port Rocket.Chat runs on (in-container)
#PORT=
# Port on the host to bind to
#HOST_PORT=

### MongoDB configuration
# MongoDB version/image tag
#MONGODB_VERSION=
# See:- https://hub.docker.com/r/bitnami/mongodb

### Traefik config (if enabled)
# Traefik version/image tag
#TRAEFIK_RELEASE=
# Domain for https (change ROOT_URL & BIND_IP accordingly)
#DOMAIN=
# Email for certificate notifications
#LETSENCRYPT_EMAIL=

Start your docker-compose Rocket.Chat container using the following command:

docker compose up -d

This will download and start both the Rocket.Chat service and a MongoDB service to enable live backups.

You should see an output similar to the following:

You can now access your Rocket.Chat interface using your domain and port 3000.

http://rocket.example.com:3000

If you are facing issues with the installation, check the Rocket.Chat container logs using the following command. This will give you detailed information in case of any configuration errors:

docker compose logs -f rocketchat

If properly configured, the logs will show a result similar to the following:

rocketchat-1  | +------------------------------------------------+
rocketchat-1  | |                 SERVER RUNNING                 |
rocketchat-1  | +------------------------------------------------+
rocketchat-1  | |                                                |
rocketchat-1  | |  Rocket.Chat Version: 6.11.0                   |
rocketchat-1  | |       NodeJS Version: 14.21.3 - x64            |
rocketchat-1  | |      MongoDB Version: 5.0.24                   |
rocketchat-1  | |       MongoDB Engine: wiredTiger               |
rocketchat-1  | |             Platform: linux                    |
rocketchat-1  | |         Process Port: 3000                     |
rocketchat-1  | |        Site URL:   http://rocket.example.com   |
rocketchat-1  | |     ReplicaSet OpLog: Enabled                  |
rocketchat-1  | |          Commit Hash: 640d569eeb               |
rocketchat-1  | |        Commit Branch: HEAD                     |
rocketchat-1  | |                                                |
rocketchat-1  | +------------------------------------------------+

It is important to secure your Rocket.Chat server with encrypted HTTPS connections. To do this, it is recommended that you use Traefik, an HTTP reverse proxy and load balancer for deploying self-hosted applications.

First, open your .env file:

nano .env

Update the following variables:

ROOT_URL=http://rocket.example.com
#BIND_IP=
#DOMAIN=
#LETSENCRYPT_EMAIL=

ROOT_URL=https://rocket.example.com
BIND_IP=127.0.0.1
DOMAIN=rocket.example.com
LETSENCRYPT_EMAIL=your_email@example.com

curl -LO \
     https://raw.githubusercontent.com/RocketChat/Docker.Official.Image/master/traefik.yml 

docker compose up -d rocketchat --force-recreate

docker compose -f traefik.yml up -d

https://rocket.example.com

Rocket.Chat vs Other Slack Alternatives

In this section, we'll take a look at how Rocket.Chat compares to other self-hosted slack alternatives.

Rocket.Chat vs Mattermost

Rocket.Chat and Mattermost both offer self-hosting options for full data control. Rocket.Chat is generally more customizable with a broader range of integrations, while Mattermost requires more technical expertise for similar flexibility. Both platforms have active communities and offer paid support plans.

Rocket.Chat vs Element

Rocket.Chat and Element both prioritize data privacy, but Element, based on the Matrix protocol, offers default end-to-end encryption and decentralized communication, which can be more secure. Rocket.Chat is easier to set up, especially with its cloud-hosted option, and comes with a rich set of built-in features, while Element is more focused on secure, federated communication.

Rocket.Chat vs Zulip

Rocket.Chat and Zulip differ primarily in how they organize conversations—Zulip uses a unique "topic threading" model that can reduce noise, while Rocket.Chat follows a traditional chat structure with threaded messages within channels. Rocket.Chat offers more integrations and easier setup, making it a better choice for teams needing extensive tool connectivity, though both have active communities.

Rocket.Chat vs Matrix

Rocket.Chat is a centralized platform with the option for self-hosting, making it easier to deploy and manage, while Matrix is a decentralized protocol that allows for cross-server communication and greater data control. Matrix emphasizes end-to-end encryption and decentralization for heightened security, but it can be more complex to set up, whereas Rocket.Chat focuses on ease of use and robust features.

Mailcow's only officially-supported install method uses the consistency and ease of Docker and dockerized services, so this can be done quickly if you already have a functional Docker setup in place. That said, here are some prerequisites for Mailcow, as well as the steps to follow to get Mailcow up and running.

Prerequisites

• Docker and docker-compose installed and configured, as well as docker-compose
• A-Name record for email server address
• FQDN chosen and configured (can use the same address as above)
• MX Record for primary domain
• SSL Certificate for mail server
• Required ports open
• At least 3GB of RAM available on your VPS

Installing Mailcow using Docker and Docker Compose

Assuming Docker is all setup and ready to go, the installation process is fairly straightforward. Docker makes things a lot simpler, as packages and dependencies are self-managed within each docker image or package. All you need is to clone the mailcow: dockerized repository, configure it, then launch it.

Step 1: Check Umask Settings

First, we’ll need to ensure that the unmask settings for the operating system are correct. Typically, this is already the case, but it never hurts to check.

umask
0022

You’ll want to run the umask command, and if it isn’t 0022, modify your systems umask settings to match that.

Step 2: Clone the mailcow: dockerized Repository

Next, we’ll switch to the /opt folder and create our working directory. Git must be installed for this part, although most Linux-based operating systems have it available in their default repository, if not installed already.

cd /opt
git clone https://github.com/mailcow/mailcow-dockerized
cd mailcow-dockerized

Now, we will generate the configuration file that Mailcow will use. Luckily, there’s a simple-to-use script that allows us to just enter a few pieces of information to get this going.

./generate_config.sh

At this point, the script will ask for your FQDN. Keep in mind, this is different than your mail domain. For instance, if you plan on using emails that use the domain example.com, you might use the FQDN of mail.example.com. It will also ask you for your Time Zone. It’s perfectly fine to use the default (hit enter), or you can choose your local timezone as explicitly listed as the TZ database name here. I chose the America/Los_Angeles time zone as I am in the Pacific Standard time zone.

If you are using a reverse proxy, you’ll need to further modify the configuration file as necessary to accommodate for the default 80 and 443 ports to be already spoken for by your web server. Otherwise, the default configuration file that is generated is fine for a standalone server.

Step 3: Launch the Mailcow Docker Compose

Now, we’ve completed our setup. We just need to actually pull and launch the docker images that will run our Mailcow instance. While still in the /opt/mailcow-dockerized folder, we’ll run the docker-compose commands.

docker-compose pull
docker-compose up -d

The -d flag causes the Mailcow docker installation to run detached from the primary window, allowing it to continue running after the current session ends. Be patient, as this step can take some time. It’s pulling in and configuring all the different parts of the docker configuration that helps us run our Mailcow install.

If you navigate to your domain name:

https://mail.example.com

You'll likely see a page informing you that the database is being initialized:

This will take a few minutes.

After the database is fully initialized, refresh the page, and the Mailcow user interface will appear:

Mailcow Setup

We'll now complete the mailcow setup, and create an email address.

Log into your new mailcow install by navigating to the secure url for your FQDN. Using our previous example, if your FQDN is mail.example.com, you’d want to point your browser to https://mail.example.com. The default username and password for your new Mailcow install is admin and moohoo, respectively.

Adding a Domain to Mailcow

First, we’ll need to add our domain. So after logging in, navigate to the E-Mail tab and click Configuration.

Next, we’ll click the Add domain button to add a domain.

Fill out the domain name. That is, the root domain that we want to use for our email addresses. The defaults are fine, unless you specifically know something you need to change for your needs. To finish, click the Add domain and restart SOGo button. This adds the domain and restarts the service that manages it at the same time.

Adding a Mailbox to Mailcow

Next, you'll need to create a mail box. Click over the Mailboxes tab then click the Mailboxes button.

Click Add mailbox, you'll be presented with a form similar to the following:

Enter a username, select the domain (if you’ve added more than one), then type in the full name for the user.
For the quota, leave it as 0 for no size limit, and then create or generate a password.

Finally, click Add.

And that’s it! You’ve setup mailcow, created an email address, and now are ready to use your email address to send and receive emails. Log out of the Admin user and navigate to https://your.mailhost.domain/SOGo and log in with the email address and password you created.

Alternatively, you can log into any standard email client using POP3 or IMAP4 protocols as you normally would.

Conclusion

You've installed Mailcow with Docker and Docker Compose using the mailcow: dockerized repository, and you now have a fully functional emailing system on your VPS. You can send, receive and manage your email with full control over your data. For more information on Mailcow, check out the official documentation.

FAQ: Questions on Mailcow

Does Mailcow support SSL encryption?

Yes, Mailcow supports SSL encryption. It can automatically generate SSL certificates using Let's Encrypt or you can manually configure your own SSL certificates for securing email traffic.

How do I back up Mailcow?

Mailcow provides built-in backup functionality. You can use the backup_and_restore.sh script found in the Mailcow tools directory. This script allows you to back up the Mailcow Docker volumes, which include email data, user settings, and configurations.

Is Mailcow suitable for business use?

Yes, Mailcow is well-suited for business use. It offers features like user and domain management, email filtering, and security options such as DKIM, SPF, and DMARC. However, businesses may need technical expertise for setup and ongoing management.

How do I manage users in Mailcow?

User management in Mailcow is done through the web admin interface. You can create, delete, and modify users, assign email addresses to domains, and set quotas for mailbox storage. The interface makes it easy to manage users even with multiple domains.

In this article, I will go through how Docker can benefit your VPS, how to install it, and how to use it.

Why Install Docker on a VPS?

Docker is a platform for designing, building, and launching "containers," which are isolated environments containing all the software and configuration files necessary to run a service or application.

Running Docker on your virtual server gives you more stability, more flexibility, and a lot more ways to recover quickly if (or when) you mess things up.

Installing Docker on your VPS brings significant benefits:

• You can develop locally using a specific environment.
• You can ensure that local development environment is replicated exactly when you're ready to deploy code, ensuring 100% compatibility.
• Build Dockerfiles/Docker images to make your site/app portable to multiple VPSs for redundancy or fail-over.
• Host multiple applications on a single VPS without them interacting—or conflict—with one another. For example, run two WordPress installations with separate Apache/Nginx web servers and separate MySQL databases.
• One container can crash without affecting other containers or the health of your VPS.
• Capability to automatically restart containers upon reboot of the VPS itself.
• A certain degree of improved security by separating different apps into different containers.
• Easy backups!

With this, it's clear that having Docker on your VPS is a must. Now, let's get started on installing Docker and taking the first steps toward a container-powered VPS.

Prerequisites for Running Docker on a VPS

• A virtual private server (VPS) running any of our available OS options. See our pricing for details.
• A non-root user account (commands requiring escalated privileges will use sudo).

Step 1 - Installing Docker on Your VPS

sudo apt-get update

sudo apt-get install curl gnupg2 apt-transport-https ca-certificates software-properties-common 

sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc

# Add the repository to Apt sources:
echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
  $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update

sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin

sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc

# Add the repository to Apt sources:
echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian \
  $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update

sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin

Step 2 - Testing Your VPS Docker Installation

The people behind Docker recommend testing out your Docker installation with a basic Hello world command to ensure everything is working the way it should. If so, you'll see the following output:

$ sudo docker run hello-world

Step 3 - Some Docker Post-installation Configurations

Now that Docker is installed, let's take a moment to make a few quality-of-life improvements. These will help make Docker a little easier to use on a day-to-day basis:

• Enable Docker to start automatically after a reboot.
• Allow the non-root user to manage Docker.

Enable Docker Service

In CentOS, Debian, and Ubuntu, systemd is responsible for managing which services start when the system boots up.
Enabling the Docker service means configuring it to start automatically after a reboot. To do this, you can enable the Docker daemon with systemctl and make it automatically start on your VPS with a single command:

$ sudo systemctl enable docker

Once the Docker service is set to start automatically upon rebooting your VPS, all Docker containers will also spin up automatically. All your apps running in Docker containers will come back online without any manual intervention.

Once you have enabled the docker service itself, you do not need to take any further steps. This means that any application you run via Docker will gracefully restart after boot, potentially minimizing downtime (as long as the services inside the container are set up to start at boot themselves).

Docker Non-root Access

In order to give our non-root user access to the Docker management commands, we need to create a docker group (it may already be created for you), and then add your primary user to that group.

$ sudo groupadd docker
$ sudo usermod -aG docker $USER

Log out of your VPS by typing exit or Ctrl+D and log back in. Then, you can test whether or not you can use the docker command without prepending sudo.

$ docker run hello-world

Step 4 - Installing Docker-compose on Your VPS

Docker Compose is a tool that helps simplify the configuration and deployment of Docker containers and applications by using an easy-to-read .yml/.yaml file. In some cases, this will be easier than writing out a lengthy command for the shell prompt.

To install Docker Compose, first determine the latest version from the releases page. At the time of writing, the current stable version is 2.26.0.

mkdir -p ~/.docker/cli-plugins/

curl -SL https://github.com/docker/compose/releases/download/v2.26.0/docker-compose-linux-x86_64 -o ~/.docker/cli-plugins/docker-compose

chmod +x ~/.docker/cli-plugins/docker-compose

docker compose version

Step 5 - Testing Docker with a Basic LAMP Stack

Now we can get to the exciting bit—getting started running some actual applications in Docker containers. No more Hello, world!

We'll start by creating a very basic LAMP stack using the php:apache container available from Docker. But, before that, let's create a directory on the host to store our files, which we'll link to the /var/www/html directory within the container.

$ mkdir $HOME/apache && cd $HOME/apache

Then, we can create a small PHP file named info.php that will display information about the PHP configuration. It's a standard method of testing PHP-based installations.

$ printf '<?php\nphpinfo();\n?>' > info.php

Finally, we have our docker command. But, before you run it, check out the information just beneath the command so that you can understand exactly what it's accomplishing.

$ docker run -d --name=apache -p 8080:80 -v $HOME/apache:/var/www/html php:apache

First, the docker run specifies that we are going to create and start a new container, and the -d option means we will "detach" from it, much the way one detaches from a tmux session or an ssh session. In cases where you want to immediately run commands inside the newly-created container, you can omit the -d.

We use --name=apache to give the container a specific name. This is recommended, because your chosen names will be easier to manage and remember than the randomized defaults—comes in handy when you want to stop or delete a container.

-p 8080:80 will expose port 8080 to traffic arriving on the VPS, and will route that traffic to port 80 on the container. This makes it possible to expose different containers to different ports, and enable more complex configurations with an nginx reverse proxy.

-v $HOME/apache:/var/www/html is a virtual drive mapping. In this case, any files in the directory before the colon, $HOME/apache, will be available in the /var/www/html directory inside the container.

And finally, php:apache tells docker which image to use. More images can be found on the Docker Hub.

You should now be able to see that the container is running with the docker ps command:

$ docker ps
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                  NAMES
d1fbdb7e0c5f        php:apache          "docker-php-entryp..."   3 seconds ago       Up 3 seconds        0.0.0.0:8080->80/tcp   apache

You can now also access your basic Apache web server by visiting http://YOUR-SERVER-IP:8080/info.php in your favorite browser. If all has gone correctly, you'll see something like the following:

Now, for the sake of showing some more core docker commands, let's gracefully shut down this container, delete the container, followed by the image itself.

$ docker stop apache
$ docker rm apache
$ docker rmi php:apache

You should receive the following output:

For more, check out How To Remove Docker Images, Containers, and Volumes.

Step 6 - Installing WordPress with Docker on Your VPS

Okay, we've gotten started with Docker and tested the LAMP stack.

So, now let's take the LAMP stack a step further with a full-blown WordPress installation, and this time, let's also use docker-compose to make the process a little bit more human-readable.

The first step is creating a new directory for this project.

$ mkdir wp_test && cd wp_test

Then, create a docker-compose.yml file that will specify the configuration. This will create two containers: one running Apache/Wordpress, and another running the mysql instance, with data persisted between reboots and container shutdowns. Of course, for production use, you will want to change the passwords to be more secure.

version: '2'

services:
   db:
     image: mysql:5.7
     volumes:
       - db_data:/var/lib/mysql
     restart: always
     environment:
       MYSQL_ROOT_PASSWORD: somewordpress
       MYSQL_DATABASE: wordpress
       MYSQL_USER: wordpress
       MYSQL_PASSWORD: wordpress
     container_name: wp_test_db

   wordpress:
     depends_on:
       - db
     image: wordpress:latest
     ports:
       - "8080:80"
     restart: always
     environment:
       WORDPRESS_DB_HOST: db:3306
       WORDPRESS_DB_USER: wordpress
       WORDPRESS_DB_PASSWORD: wordpress
     container_name: wp_test
volumes:
    db_data:

To launch the container for the first time, use the docker-compose up command.

$ docker compose up -d

Now, you can check on these new containers using docker ps.

$ docker ps
20570a5eb798        wordpress:latest    "docker-entrypoint..."   3 seconds ago       Up 2 seconds        0.0.0.0:8080->80/tcp   wp_test
c1872cb1443d        mysql:5.7           "docker-entrypoint..."   3 seconds ago       Up 3 seconds        3306/tcp               wp_test_db

Of course, the WordPress installation is now available on http://YOUR-SERVER-IP:8080, for you to begin the famous 5-minute installation. And, if for any reason, you need to shut down these containers while retaining the data, use docker-compose down.

Getting Started with Docker on Your VPS: Next Steps

With this, I hope you're excited to get started taking full advantage of Docker on your VPS.

By offloading services to containers, you can keep your base OS cleaner, with fewer attack vectors, and with less risk of various applications conflicting with one another.

Plus, it's much safer to make mistakes with containers! All you need to do is stop the container, remove it, and try again, without worrying that you're cluttering up your system or potentially breaking it.

If you want to get started leveling up your Docker skills, check out a few of our Docker tutorials:

• Host multiple websites on one VPS with Docker and Nginx
• Hosting multiple SSL-enabled sites with Docker and Nginx
• Self-hosting with Docker: The definitive handbook

Enjoy your containers! And, while it's definitely possible, we can't recommend running Docker inside of Docker.

Additional resources:

• Docker Community Edition for Debian
• Docker Community Edition for Ubuntu
• Docker Community Edition for CentOS
• Post-installation steps for Linux
• Docker command line
• The Docker Hub
• Quickstart: Compose and WordPress
• A curated list of Docker resources and projects

Specifically, we'll be installing Nexcloud along with an Nginx reverse proxy and Let’s Encrypt SSL in a CentOS, Ubuntu, or Debian dockerized environment.

Why Install Nextcloud With Docker and Docker Compose?

Nextcloud is an open source software suite for storing and synchronizing data, sort of like a free alternative to Dropbox or Google Drive.

Plus, with Nextcloud, you get an open system architecture that gives you additional functionality and full control of your data.

With Nextcloud, you can:

• Store files, contacts, calendars and more on your server, and synchronize them across various devices
• Share your data with others to view and collaborate on
• Expand your Nextcloud installation with apps from the Nextcloud App Store,
• Or build your own apps and integrate them with Nextcloud.

Install Nextcloud with Docker: Prerequisites

• A VPS running Ubuntu 24.04, CentOS or Debian.  If you don't have one, no worries! We offer the best priced, most reliable, and fastest VPS servers in the market
• A working Docker installation—for information about how to install Docker, check out our getting started with Docker tutorial.

Note

If you want to skip all the technical steps of setting up Nextcloud on your server and have it installed in minutes, then I have some great news for you! Our team of engineers has prepared a ready-to-use 1-Click Nextcloud application for your convenience. Just choose a server, and while prompted to choose the operating system, choose Nextcloud from the dropdown menu. This will set up Nextcloud in minutes, which means you don't even need this tutorial. Save time and save money with our Nextcloud 1-Click solution.

Step 1. Install Docker

Ubuntu 24.04/Debian 12
For both Ubuntu and Debian servers, the latest versions of Docker CE may not be available in the repositories. We need to install the prerequisite packages:

sudo apt-get update

sudo apt-get install curl gnupg2 apt-transport-https ca-certificates software-properties-common 

Next, we add the GPG keys, Docker repositories and finally install Docker. Here is where it gets different for both Ubuntu and Debian:

Ubuntu:

sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc

# Add the repository to Apt sources:
echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
  $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update

Then install docker:

sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin

Debian:

sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc

# Add the repository to Apt sources:
echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian \
  $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update

Now install Docker:

sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin

Other Linux Distributions

If you are using another Linux distribution, check out the official Docker documentation.

Step 2. Install Docker Compose

mkdir -p ~/.docker/cli-plugins/

curl -SL https://github.com/docker/compose/releases/download/v2.26.0/docker-compose-linux-x86_64 -o ~/.docker/cli-plugins/docker-compose

chmod +x ~/.docker/cli-plugins/docker-compose

docker compose version

Docker Compose version v2.26.0

Step 3. Install Nextcloud using Docker and Docker Compose

We can now install Nextcloud with Docker and Docker Compose.

Before we start defining services in the docker-compose.yml file, we create a network so that containers can communicate. Run the following command in the terminal:

$ docker network create nextcloud_network

Since we want to containerize Nextcloud along with other containers associated with it, we will define and knit all the services together in the docker-compose.yml file incrementally.

For this tutorial, we’ll define the services one by one, starting with the Nginx reverse proxy:

• Nginx reverse proxy
• Let’s Encrypt
• MariaDB
• Nextcloud

Create the docker compose file where we will define all the services.

$ nano docker-compose.yml

Step 4. Configure the Nginx Reverse Proxy Container

In the file you just created, paste the following:

version: '3'  

services:

  proxy:
    image: jwilder/nginx-proxy:alpine
    labels:
      - "com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy=true"
    container_name: nextcloud-proxy
    networks:
      - nextcloud_network
    ports:
      - 80:80
      - 443:443
    volumes:
      - ./proxy/conf.d:/etc/nginx/conf.d:rw
      - ./proxy/vhost.d:/etc/nginx/vhost.d:rw
      - ./proxy/html:/usr/share/nginx/html:rw
      - ./proxy/certs:/etc/nginx/certs:ro
      - /etc/localtime:/etc/localtime:ro
      - /var/run/docker.sock:/tmp/docker.sock:ro
    restart: unless-stopped

Let’s look at the configuration created in the above docker-compose.yml file in detail. The service for proxy uses the image from jwilder/nginx-proxy. The label "com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy" is used so that the Let’s Encrypt container knows which nginx proxy container to use for certificate generation.Then, there is network by the name nextcloud_network, which is used by the containers to communicate among themselves. The Volumes section is used by the container to configure the Nginx virtual host and to access certificates generated by Let’s Encrypt companion container. The /etc/localtime:/etc/localtime:ro is used to duplicate the host timezone inside the container.

Step 5. Configure the Let’s Encrypt Container

Now that you have nginx-proxy container set up, you can add the following to your docker-compose.yml file.

  letsencrypt:
    image: jrcs/letsencrypt-nginx-proxy-companion
    container_name: nextcloud-letsencrypt
    depends_on:
      - proxy
    networks:
      - nextcloud_network
    volumes:
      - ./proxy/certs:/etc/nginx/certs:rw
      - ./proxy/vhost.d:/etc/nginx/vhost.d:rw
      - ./proxy/html:/usr/share/nginx/html:rw
      - /etc/localtime:/etc/localtime:ro
      - /var/run/docker.sock:/var/run/docker.sock:ro
    restart: unless-stopped

The Lets’ Encrypt container depends on our first service (proxy) and is a part of the network nextcloud_network. The restart: unless-stopped allows the containers to be stopped gracefully unless you manually run docker stop letsencrypt or docker-compose down letsencrypt.

Step 6. Configure the MariaDB Container

For Nextcloud to work correctly, we need to connect it to a MariaDB database. Fortunately, we can add that to our docker-compose.yml file as well:

  db:
    image: mariadb
    container_name: nextcloud-mariadb
    networks:
      - nextcloud_network
    volumes:
      - db:/var/lib/mysql
      - /etc/localtime:/etc/localtime:ro
    environment:
      - MYSQL_ROOT_PASSWORD=secret
      - MYSQL_PASSWORD=mysql
      - MYSQL_DATABASE=nextcloud
      - MYSQL_USER=nextcloud
    restart: unless-stopped

The service section for MariaDB is pretty self-explanatory. This container is also part of the network nextcloud_network. We have also defined the environment variable for the database name, username, and password that Nextcloud uses to connect to the database.

Step 7. Configure the Nextcloud Docker Container

We’re finally ready to create the Nextcloud Docker container in our docker-compose.yml file. Add the following to the bottom.

  app:
    image: nextcloud:latest
    container_name: nextcloud-app
    networks:
      - nextcloud_network
    depends_on:
      - letsencrypt
      - proxy
      - db
    volumes:
      - nextcloud:/var/www/html
      - ./app/config:/var/www/html/config
      - ./app/custom_apps:/var/www/html/custom_apps
      - ./app/data:/var/www/html/data
      - ./app/themes:/var/www/html/themes
      - /etc/localtime:/etc/localtime:ro
    environment:
      - VIRTUAL_HOST=nextcloud.YOUR-DOMAIN
      - LETSENCRYPT_HOST=nextcloud.YOUR-DOMAIN
      - LETSENCRYPT_EMAIL=YOUR-EMAIL
    restart: unless-stopped

The nextcloud service depends on the other three containers. To make Nextcloud’s data persistent while upgrading, and get access to backups, we use a named Docker volume nextcloud, similar to the way we used a Docker volume named db for the MariaDB data.
Here, we have defined the virtual host, Let’s Encrypt host, and email in the environment variables VIRTUAL_HOST, LETSENCRYPTHOST, and LETSENCRYPT``EMAIL, respectively. The proxy service creates the subdomain and encrypts it with Let’s Encrypt certificates for the container, given you supply valid domains and emails for those three environment variables.

At last, we need defined volumes for both Nextcloud and MariaDB for data persistence followed by networks.

volumes:
  nextcloud:
  db:

networks:
  nextcloud_network:

After combining all the service definitions, your final docker-compose.yml should look like following:

version: '3' 

services:

  proxy:
    image: jwilder/nginx-proxy:alpine
    labels:
      - "com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy=true"
    container_name: nextcloud-proxy
    networks:
      - nextcloud_network
    ports:
      - 80:80
      - 443:443
    volumes:
      - ./proxy/conf.d:/etc/nginx/conf.d:rw
      - ./proxy/vhost.d:/etc/nginx/vhost.d:rw
      - ./proxy/html:/usr/share/nginx/html:rw
      - ./proxy/certs:/etc/nginx/certs:ro
      - /etc/localtime:/etc/localtime:ro
      - /var/run/docker.sock:/tmp/docker.sock:ro
    restart: unless-stopped

  letsencrypt:
    image: jrcs/letsencrypt-nginx-proxy-companion
    container_name: nextcloud-letsencrypt
    depends_on:
      - proxy
    networks:
      - nextcloud_network
    volumes:
      - ./proxy/certs:/etc/nginx/certs:rw
      - ./proxy/vhost.d:/etc/nginx/vhost.d:rw
      - ./proxy/html:/usr/share/nginx/html:rw
      - /etc/localtime:/etc/localtime:ro
      - /var/run/docker.sock:/var/run/docker.sock:ro
    restart: unless-stopped

  db:
    image: mariadb
    container_name: nextcloud-mariadb
    networks:
      - nextcloud_network
    volumes:
      - db:/var/lib/mysql
      - /etc/localtime:/etc/localtime:ro
    environment:
      - MYSQL_ROOT_PASSWORD=toor
      - MYSQL_PASSWORD=mysql
      - MYSQL_DATABASE=nextcloud
      - MYSQL_USER=nextcloud
    restart: unless-stopped

  app:
    image: nextcloud:latest
    container_name: nextcloud-app
    networks:
      - nextcloud_network
    depends_on:
      - letsencrypt
      - proxy
      - db
    volumes:
      - nextcloud:/var/www/html
      - ./app/config:/var/www/html/config
      - ./app/custom_apps:/var/www/html/custom_apps
      - ./app/data:/var/www/html/data
      - ./app/themes:/var/www/html/themes
      - /etc/localtime:/etc/localtime:ro
    environment:
      - VIRTUAL_HOST=nextcloud.YOUR-DOMAIN
      - LETSENCRYPT_HOST=nextcloud.YOUR-DOMAIN
      - LETSENCRYPT_EMAIL=YOUR-EMAIL
    restart: unless-stopped

volumes:
  nextcloud:
  db:

networks:
  nextcloud_network:

Step 8. Get Everything Running!

Now run the docker compose from the terminal to create the containers:

$ docker compose up -d
Creating nextcloud-mariadb ... done
Creating nextcloud-proxy   ... done
Creating nextcloud-letsencrypt ... done
Creating nextcloud-app         ... done

To confirm all the containers are running, issue the following command:

$ docker ps -a
CONTAINER ID        IMAGE                                    COMMAND                  CREATED             STATUS              PORTS                                      NAMES
92222232c4be        nextcloud:latest                         "/entrypoint.sh apac…"   9 minutes ago       Up 9 minutes        80/tcp                                     nextcloud-app
89e96fe10ee6        jrcs/letsencrypt-nginx-proxy-companion   "/bin/bash /app/entr…"   9 minutes ago       Up 9 minutes                                                   nextcloud-letsencrypt
d059517f519c        jwilder/nginx-proxy:alpine               "/app/docker-entrypo…"   9 minutes ago       Up 9 minutes        0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp   nextcloud-proxy
7e0945eb6608        mariadb                                  "docker-entrypoint.s…"   9 minutes ago       Up 9 minutes        3306/tcp                                   nextcloud-mariadb

Wait a minute for the SSL certificate generation process to finish, and then load up the domain name you chose in your browser. Enter your chosen admin username and password. Choose MySQL as the database in the configure database section. Type in the username, password, and database name you configured via the MYSQL_USER, MYSQL_PASSWORD, and MYSQL_DATABASE environment variable from earlier. Change the hostname value from localhost to db and click Finish Setup. The system then redirects you to the Nextcloud dashboard.

The containerization of Nextcloud with Docker is complete! You have now learned how to install Nextcloud using Docker and Docker Compose.

Now you can upload files and photos to your drive hosted on your VPS and share them with others.

To extend the functionality of your Nextcloud server, you can now consider installing any number of the available apps, such as Bookmarks, Calendar, Contacts, Tasks, Notes, and more available on the Nextcloud App Store.

Docker allows developers to quickly and easily deploy their applications in a consistent environment, without having to worry about the underlying infrastructure. Docker also provides a rich set of tools and services for managing and monitoring applications, as well as for building and sharing images with other developers. Docker is an essential tool for modern software development, and it is used by many of the world's leading companies.

In this tutorial, you’ll learn how to remove Docker images, containers, and volumes to free up disk space on your system.

Prerequisites

• Basic knowledge of the Linux command line.
• An Ubuntu 22.04 server with a non-root user with sudo privileges. You can get affordable, and powerful Ubuntu servers from our website, and you can check out our How to access your server using SSH guide to learn how to access your server and create a sudo user.
• Docker installed on your server. See How To Install and Use Docker on Ubuntu 22.04 to learn how to install Docker and use it to download images and run containers.

Pulling a Few Images from Docker Hub

Docker Hub is a cloud-based service that provides a centralized repository for Docker images. It allows users to store, manage, and share Docker images with other users. It provides a secure and reliable way to share and store Docker images, which can be used to create and deploy applications. Docker Hub also provides a wide range of services, such as private repositories, automated builds, and integration with other services.

To test whether you can access Docker Hub, run the hello-world image:

sudo docker run hello-world

You should receive an output that shows that your installation is working correctly:

Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
2db29710123e: Pull complete 
Digest: sha256:c77be1d3a47d0caf71a82dd893ee61ce01f32fc758031a6ec4cf1389248bb833
Status: Downloaded newer image for hello-world:latest

Hello from Docker!
This message shows that your installation appears to be working correctly.

To generate this message, Docker took the following steps:
 1. The Docker client contacted the Docker daemon.
 2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
    (amd64)
 3. The Docker daemon created a new container from that image which runs the
    executable that produces the output you are currently reading.
 4. The Docker daemon streamed that output to the Docker client, which sent it
    to your terminal.

To try something more ambitious, you can run an Ubuntu container with:
 $ docker run -it ubuntu bash

Share images, automate workflows, and more with a free Docker ID:
 https://hub.docker.com/

For more examples and ideas, visit:
 https://docs.docker.com/get-started/

To demonstrate how to remove images and containers, we will first download a few images and use them to run containers.

For example, run the following command to download the official Ubuntu image:

sudo docker pull ubuntu

You can also download the official Debian image like so:

sudo docker pull debian

Next, to demonstrate how to remove a actively running container, we will download the official nginx image and run a container using it:

sudo docker pull nginx

Run a Nginx container and call it docker-nginx using the following command:

sudo docker run --name docker-nginx -p 80:80 -d nginx

You should receive the container's ID as an output.

Next, run a container using the Ubuntu image you've downloaded previously with an interactive shell using the docker run and the -it switches:

sudo docker run -it ubuntu

Your prompt should now be a root shell like so:

root@242d22e1d9da:/#

Exit from it using the following command:

exit

With this, the Ubuntu container will have a status of Exited. Next, you'll learn how to list and remove images and containers.

Listing Images and Containers

You can list the images you've downloaded so far using the following command:

sudo docker images

You should see a list of the images you've downloaded so far:

REPOSITORY    TAG       IMAGE ID       CREATED         SIZE
nginx         latest    3964ce7b8458   5 days ago      142MB
ubuntu        latest    6b7dfa7e8fdb   10 days ago     77.8MB
debian        latest    291bf168077c   13 days ago     124MB
hello-world   latest    feb5d9fea6a5   15 months ago   13.3kB

To list the containers you have on your system, use the following command:

sudo docker container ls -a

You should receive a table that shows a list of containers and information on each one of them, similar to the following:

CONTAINER ID   IMAGE         COMMAND                  CREATED        STATUS                    PORTS                               NAMES
fe965bef3738   ubuntu        "bash"                   27 hours ago   Exited (0) 27 hours ago                                       unruffled_wright
d509c583954b   nginx         "/docker-entrypoint.…"   27 hours ago   Up 27 hours               0.0.0.0:80->80/tcp, :::80->80/tcp   docker-nginx
434eb7e61fab   ubuntu        "bash"                   27 hours ago   Exited (0) 27 hours ago                                       jolly_jones
c199b4904b1f   nginx         "/docker-entrypoint.…"   27 hours ago   Exited (0) 27 hours ago                                       festive_newton

You will need the container ID to remove a container, so take note of it.

Removing a Docker Container

To remove a docker container, use the docker container rm command and pass it the ID of the container you wish to remove, or multiple container IDs if you wish to remove multiple ones. For example, to delete the first container in the previous list, run the following command:

sudo docker container rm fe965bef3738

You should receive the container ID as an output. Check that the container is properly removed by listing your containers:

sudo docker container ls -a

The Ubuntu container with the ID fe965bef3738 should no longer be in the list.

You can remove multiple containers at once by passing multiple container IDs to the docker container rm command like so:

docker container rm dbc6a1c52dbf 242d22e1d9da

If you attempt to remove a running container, such as the docker-nginx container, you will receive an error message similar to the following:

Error response from daemon: You cannot remove a running container d509c583954b31eb02bd26a9c8f2cf832d5213020362f89d1999c097ef64a98d. Stop the container before attempting removal or force remove

As you can see in the error message, you need to stop any running containers before removing them.

To stop a container, use the docker container stop command:

sudo docker container stop d509c583954b

Once stopped, you can remove it using docker container rm.

To remove all stopped containers at once, use the docker container prune command:

sudo docker container prune

This should output a warning, and a prompt for confirmation, once you confirm, a list of the removed containers will be displayed with the total cleared up space:

WARNING! This will remove all stopped containers.
Are you sure you want to continue? [y/N] y
Deleted Containers:
434eb7e61fabc5707717bc12433615b4bd0b42766f5a51c7d6f506c6fb1f9bbf
c199b4904b1f20509170f56403141db9c3996aa7b6eeb3155837d10a5d8d0b08
dbc6a1c52dbfe7e92bc920dd2565383b30e827782943487b9e00f41435916f57
a7c5f7b98198361524d6f5904ee8b299c7901968327dee87ca76dcc73f79fdf6
242d22e1d9da87f49da95b047eecc6d0f41bb6ba8cb6cec6e5e89835323f5608
4aa674aadcdd96d98ae783c8d85625486ff98e44f9a4b9c99fb6c24de1e4b6e2

Total reclaimed space: 70.15MB

Listing and Removing Docker Images

As previously demonstrated, to list all the downloaded Docker images, you can use the following command:

sudo docker images

This should display a list of the images you've downloaded so far in a table similar to the following:

REPOSITORY    TAG       IMAGE ID       CREATED         SIZE
nginx         latest    3964ce7b8458   8 days ago      142MB
ubuntu        latest    6b7dfa7e8fdb   13 days ago     77.8MB
debian        latest    291bf168077c   2 weeks ago     124MB
hello-world   latest    feb5d9fea6a5   15 months ago   13.3kB

To remove a Docker image, pass its ID to the docker image rm command like so:

sudo docker image rm 6b7dfa7e8fdb

You can also remove multiple images at once by passing multiple IDs to the docker image rm like so:

sudo docker image rm 291bf168077c 3964ce7b8458

To remove all dangling and unused images, use the docker image prune command with the -a flag to remove both untagged and unused images:

sudo docker image prune -a

Listing and Removing Docker Volumes

In a similar way to containers and images, you can use the docker volume ls to list Docker volumes in your system:

sudo docker volume ls

If you have Docker volumes on your system, you should receive a list of volumes like so:

DRIVER    VOLUME NAME
local     basic
local     faa5ac67cf1325d03b01c72f56749d3f1a8010fd6db24d8683b490c8819d775e

To remove a volume, pass its VOLUME NAME to the docker volume rm command like so:

sudo docker volume rm faa5ac67cf1325d03b01c72f56749d3f1a8010fd6db24d8683b490c8819d775e

If a container is actively using the volume you wish to remove, you'll receive an error message similar to the following:

Error response from daemon: remove faa5ac67cf1325d03b01c72f56749d3f1a8010fd6db24d8683b490c8819d775e: volume is in use - [da5fdeaad32aa66b6f7f2a8da8b21b5477dd217fc46340d711476f96707ede58]

To fix this, make sure to remove the container that uses the volume you wish to remove first.

To remove all unused volumes, use the docker volume prune command like so:

sudo docker volume prune

Removing Unused Docker Containers, Images, and Networks

To remove all unused Docker objects at once, such as all stopped containers, dangling images, unused networks, and all build cache, use the following command:

docker system prune -a

This should display the following warning:

WARNING! This will remove:
  - all stopped containers
  - all networks not used by at least one container
  - all images without at least one container associated to them
  - all build cache

Are you sure you want to continue? [y/N]

This lists all the Docker objects that will be removed, confirm the process by typing y then ENTER.

Note that the previous command does not remove unused volumes to prevent accidental data loss. To also remove unused volumes, use the following command:

docker system prune --volumes

Conclusion

With this, you can now clean up your system by removing unwanted Docker objects, such as unused images, unused stopped containers, and unused volumes. Check out the Docker guides for more information on Docker.

Docker is an open-source platform for developing, shipping, and running applications. It is designed to make it easier to create, deploy, and run applications by using containers. With Docker, developers can package their applications into standardized units called containers, which can then be run on any computer, regardless of the operating system or hardware.

Docker allows developers to quickly and easily deploy their applications in a consistent environment, without having to worry about the underlying infrastructure. Docker also provides a rich set of tools and services for managing and monitoring applications, as well as for building and sharing images with other developers. Docker is an essential tool for modern software development, and it is used by many of the world's leading companies.

In this tutorial, you’ll install and use Docker Community Edition (CE) on Ubuntu 22.04.

Prerequisites

• Basic knowledge of the Linux command line.
• An Ubuntu 22.04 server with a non-root user with sudo privileges. You can get affordable, and powerful Ubuntu servers from our website, and you can check out our How to access your server using SSH guide to learn how to access your server and create a sudo user.

Updating the Package Cache and Required Packages

Start by updating the packages in the package manager cache to the latest available versions using the following command:

sudo apt update

Next install a few packages that will allow us to use apt with HTTPS in order to add the official docker repository and get the latest version of Docker. To do this, run the following command:

sudo apt -y install apt-transport-https ca-certificates curl software-properties-common

Installing Docker

We will use the official Docker repository to install the latest version of Docker.

First, add the GPG key for the official Docker repository to your system:

curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg

Next add the official Docker repository to your APT sources:

echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

Update your package index:

sudo apt update

Now, with the repository added, install the docker-ce package, which is the Docker Community Edition package:

sudo apt install docker-ce

Once the installation finishes, check that Docker is running:

sudo systemctl status docker

You should receive output indicating that Docker is active and running, similar to the following:

● docker.service - Docker Application Container Engine
     Loaded: loaded (/lib/systemd/system/docker.service; enabled; vendor preset: enabled)
     Active: active (running) since Sun 2022-12-18 13:50:49 UTC; 32s ago
TriggeredBy: ● docker.socket
       Docs: https://docs.docker.com
   Main PID: 323716 (dockerd)
      Tasks: 9
     Memory: 24.4M
        CPU: 429ms
     CGroup: /system.slice/docker.service
             └─323716 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock

Using Docker

With docker installed, you can now use it to manage Docker images.

To see all available docker subcommands, run the following command:

docker

You should receive a list of docker subcommands and a brief description for each one.

You can use the syntax docker COMMAND --help to get more information on a specific subcommand. For example, to get more information on the docker rm command, you can use the --help flag as follows:

docker rm --help

You should receive output similar to the following:

Usage:  docker rm [OPTIONS] CONTAINER [CONTAINER...]

Remove one or more containers

Options:
  -f, --force     Force the removal of a running container (uses SIGKILL)
  -l, --link      Remove the specified link
  -v, --volumes   Remove anonymous volumes associated with the container

To view general information on your Docker installation, use docker info like so:

sudo docker info

This will show you information on your Docker configuration and server properties.

Downloading a Docker Image from Docker Hub

Docker Hub is a cloud-based service that provides a centralized repository for Docker images. It allows users to store, manage, and share Docker images with other users. It provides a secure and reliable way to share and store Docker images, which can be used to create and deploy applications. Docker Hub also provides a wide range of services, such as private repositories, automated builds, and integration with other services.

To test whether you can access Docker Hub, run the hello-world image:

sudo docker run hello-world

You should receive an output that shows that your installation is working correctly:

Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
2db29710123e: Pull complete 
Digest: sha256:c77be1d3a47d0caf71a82dd893ee61ce01f32fc758031a6ec4cf1389248bb833
Status: Downloaded newer image for hello-world:latest

Hello from Docker!
This message shows that your installation appears to be working correctly.

You can use the docker search command to search for images hosted on Docker Hub like so:

sudo docker search ubuntu

Here, you search for the Ubuntu image. You should see a list of results like so:

NAME                             DESCRIPTION                                     STARS     OFFICIAL   AUTOMATED
ubuntu                           Ubuntu is a Debian-based Linux operating sys…   15357     [OK]       
websphere-liberty                WebSphere Liberty multi-architecture images …   290       [OK]       
ubuntu-upstart                   DEPRECATED, as is Upstart (find other proces…   112       [OK]       
neurodebian                      NeuroDebian provides neuroscience research s…   97        [OK]       
ubuntu/nginx                     Nginx, a high-performance reverse proxy & we…   71                   

...

Images that are officially maintained and supported are labeled as [OK] under the OFFICIAL column.

In the results above, you see that ubuntu is the name of the official Ubuntu image. You can download it using the docker pull command like so:

sudo docker pull ubuntu

You should receive the following output:

Using default tag: latest
latest: Pulling from library/ubuntu
6e3729cf69e0: Pull complete 
Digest: sha256:27cb6e6ccef575a4698b66f5de06c7ecd61589132d5a91d098f7f3f9285415a9
Status: Downloaded newer image for ubuntu:latest
docker.io/library/ubuntu:latest

You can list the images you've downloaded so far using the following command:

sudo docker images

You should see ubuntu and hello-world like so:

REPOSITORY    TAG       IMAGE ID       CREATED         SIZE
ubuntu        latest    6b7dfa7e8fdb   9 days ago      77.8MB
hello-world   latest    feb5d9fea6a5   15 months ago   13.3kB

The reason the image hello-world was downloaded, is that the docker run command either runs a container using an image if it has been downloaded, or downloads the image and then runs a container using it.

Running a Docker Container

Docker containers can be run to perform a task in an isolated environment, just like running the hello-world container performs the task of printing a message. However, containers can also be interactive.

For example, you can run a container using the Ubuntu image you've downloaded previously with an interactive shell using the docker run and the -it switches:

sudo docker run -it ubuntu

Your prompt should now be a root shell like so:

root@242d22e1d9da:/#

This is the root user of your Ubuntu container, and you can now manage it just like a virtual machine.

With this shell prompt, you can run any command inside your Ubuntu container. For example, you can update the package index inside the container using apt update like so:

root@242d22e1d9da:/# apt update

And you can also install any application or package using apt install. For example, you can install Python 3 like so:

root@242d22e1d9da:/# apt install python3

Once the installation finishes, you can run python like so:

root@242d22e1d9da:/# python3

This should allow you to access the Python REPL inside your Ubuntu container:

Python 3.10.6 (main, Nov 14 2022, 16:10:14) [GCC 11.3.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>>

With this, you can run programs and modify your container in an environment that is isolated from the rest of your server.

Congrats

You now have Docker installed on your system, and you've learned how to search for Docker images in the official Docker Hub, how to download an image, and how to use it for a container. You then learned how to run the container's shell and how to manage its packages and how to install programs on it.

Check out the Docker guides for more information on Docker.

Docker offers various ways to provide networking to its containers. Each container can get its own networking stack including an IP Address. The containers themselves can interact with each other as if they are talking to different nodes on the network. But before we delve into the details about networking let's clear up a few basic details.

Docker for Windows or Mac vs Docker on Linux

Docker on Windows or Mac doesn't run on the operating system itself. What Docker does, instead, is to run a virtual machine on top of Hyper-V Windows or HyperKit on Mac OS.

This VM is connected via its own virtual network interface which complicates the matter. To keep things simple we want to start with Docker on Linux which is the state of Docker that you are most likely to encounter in production. Also this is the state where you have to be concerned about making your application available to the outside world in a secure way.

So to observe Docker networking in its natural habitat takes us to an SSDNodes VPS running Linux (Ubuntu 18.04 LTS) with Docker installed on top of it. The VPS has Docker installed in it.

Pre-requisites

Here's the setup I will be using for this post, in case you want to follow along:

1. Ubuntu 18.04 LTS server with a public IP on SSDNodes. Let's call this variable, Public_IP which would be different for different users.

Initial Networking Setup

Let\'s set a baseline by looking at the networking interfaces we have on our VPS before and after Docker was installed. Use the command ip addr to list them.

$ ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: enp3s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 52:54:f3:e8:f7:c7 brd ff:ff:ff:ff:ff:ff
    inet 63.250.55.61/24 brd 63.250.55.255 scope global enp3s0
       valid_lft forever preferred_lft forever
    inet6 fe80::5054:f3ff:fee8:f7c7/64 scope link
       valid_lft forever preferred_lft forever

We have two interfaces one with the main public IP, called ens3,and another is a loopback interface lo used for debugging and other purposes. Now you can go ahead and install Docker. This is what your system has by default.

After installing Docker, if you have not started any new container you will see one new entry.

$ ip addr
3: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
    link/ether 02:42:1e:3f:71:13 brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
       valid_lft forever preferred_lft forever
    inet6 fe80::42:1eff:fe3f:7113/64 scope link
       valid_lft forever preferred_lft forever

This new interface docker0 is added to the VPS and the VPS has an IP 172.17.0.1 on this new interface. Let's create a Ubuntu container and see what we can investigate from that.

$ sudo docker run -dit --name container1 ubuntu:latest

After you create this container, if you run ip addr you will see a new interface will pop up but it will not have any IPv4 address. This is because this interface is used by the container, not the host. However, the container does have an IP address and we can figure it out by running docker inspect

$ docker inspect container1 | grep IPAdress
"IPAddress": "172.17.0.2",
"IPAddress": "172.17.0.2",

You can see that Docker has a virtual network of its own. The Docker host (our main VPS) is the gateway (with an IP of 172.17.0.1) to the outside world and the container1 has an IPAdress of 172.17.0.2 and new containers on this default network will have incremental IP Addresses in the subnet 172.17.0.0/16

This is part of the default networking set up in Docker. Let's look at what other options we have here.

Networking Drivers

Networking in Docker is implemented using Networking drivers. Each driver serves a different purpose and there are a few of them. When you create a network, you specify which driver to use, and that helps you separate different sets of containers into different networks. Let's see some of the most use drivers available

1. Bridge - This is the most used network driver. It helps create a network with a subnet mask, where each container gets its own private IP. We will be dealing with only the bridge networks since these are the most useful ones. The default example we saw above also uses Bridge networking.
2. Host - This driver allows your container to access all the traffic of the host system. For example, if you are running a webserver in a container, with host networking. All the traffic on the host's port 80 is directly exposed to the container.
3. Null - You can run processes in isolated containers that will never see the light of the day (or The Internet) if you create a network uses the null. Basically you have no networking capabilities.

By default, Docker creates three networks using the network drivers mentioned above. The default network names as their underlying drivers. You can list them by running:

$ docker network ls
NETWORK ID     NAME      DRIVER    SCOPE
2c1de7bd40f1   bridge    bridge    local
00d5b332145a   host      host      local
558ee98b0614   none      null      local

Out of the three, its the bridge network that containers will connect to by default. The docker0 interface that we saw earlier connects the host machine to this network as well, with an IP address, which in our case was 172.17.0.1.

If we try to inspect the default bridge network, we will get an overwhelming JSON output printed on our screen, but a little bit of patient inspection would show what containers are a part of this network. Since we created container1 earlier and this is the default network, we would expect to see it here. Inspect the bridge network to list all the containers that are attached to it.

$ docker inspect bridge
 "Containers": {
            "1fa3d365508b14d3b2b7dbf41031de1e76e4bb7a11cd738a807d9e1881b94c61": {
                "Name": "container2",
                "EndpointID": "339014ea840c592f4ea8e7fcb9f05add1659fbf051e16a5a72f89e5c949a4b6b",
                "MacAddress": "02:42:ac:11:00:03",
                "IPv4Address": "172.17.0.3/16",
                "IPv6Address": ""
            },
            "d080b3d8eec29209bd625e93fa06ed0b860d1357cf3e7b5dc1c9fe0ef9401028": {
                "Name": "container1",
                "EndpointID": "a56031f89bc1e432e78b5fd0035e8aa139057e2be2967781535ae11d9c87600e",
                "MacAddress": "02:42:ac:11:00:02",
                "IPv4Address": "172.17.0.2/16",
                "IPv6Address": ""
            }
        },

You can see that the container has MacAddress and a convenient IP of 172.17.0.2. Of course the /16 at the end of the IP means that we can have 2 raised to the power 16 unique IPs in this network. Theoretically, you can connect 65535 containers on this network. You can create a new container2 and inspect the bridge again to see if the new one appears as a member. Try to ping those containers' IP too, if you want to make sure they are reachable from host or from other containers in the same network.

Creating a Docker Network

You can create your own Docker network using one of the three drivers listed above. We will, of course, be using bridge driver.

$ docker network create --driver=bridge my-network
$ docker network ls
NETWORK ID     NAME         DRIVER    SCOPE
2c1de7bd40f1   bridge       bridge    local
00d5b332145a   host         host      local
d2f78256ff59   my-network   bridge    local
558ee98b0614   none         null      local

The above command created my-network now when you create new containers, you can attach them to this network instead of the default bridge network. Set the --network flag to the name of your custom network for this.

$ docker run -dit --name container3 --network=my-network ubuntu

First thing you would notice is that after docker network create command, your ifconfig shows a new interface with yet another IP address for your host. At this point your host has 4 IPv4 addresses. The newest one would have a randomly chosen name.

$ ip a
8: br-d2f78256ff59: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
    link/ether 02:42:f1:49:9c:89 brd ff:ff:ff:ff:ff:ff
    inet 172.18.0.1/16 brd 172.18.255.255 scope global br-d2f78256ff59
       valid_lft forever preferred_lft forever
    inet6 fe80::42:f1ff:fe49:9c89/64 scope link
       valid_lft forever preferred_lft forever

You can also inspect the network and find that the container3 that you created earlier are not the part of default bridge network but the newer my-network.

$ docker inspect my-network
  "Containers": {
    "f7823c06cca2d7836f8e58c0c3ccbe267c4368a581eed9d9f2212e22d147f40a": {
       "Name": "container3",
       "EndpointID": "e27a4dd8ea4d9d4e4a88e8681bc13d83a8cdf900347e1654a47b8625f4d3ebb9",
       "MacAddress": "02:42:ac:12:00:02",
       "IPv4Address": "172.18.0.2/16",
       "IPv6Address": ""
     }
  },

So the my-network is a new subnet of its own 172.18.0.0/16.

Why Create new networks?

You might be thinking why bother with knowing all of this? Shouldn't the default network be sufficient? And this is where we need to understand how Docker is intended to use.

An application like, let\'s say, WordPress contains at least two pieces, a database and a webserver with WordPress installed on it. So to Dockerize your WordPress site, you will create an Nginx server with WordPress and connect it to a MySQL container. Now, let\'s say you want to install multiple instances of WordPress on your VPS and they all need to be isolated from one another. Your first line of defense, in this scenario, is to create different networks and have WordPress and MySQL for one instance on one network, and WordPress and MySQL for another instance on another network.

Members of different network can't directly communicate with one another giving us a way to isolate different environments from one another. This results in easier management and improved in security.

Conclusion

Official documentation recommends that we should create our own network instead of relying on the default one. While there are several reasons for this, one of the main ones concern the exposed ports of a container.

With the default network, you have to specify during the creation of a container what ports do you want to expose (most often this is specified in the Dockerfile) but you don't have to do that when you create a network of your own, all the ports of all the containers are accessible from ~within~ the network. You can read about these subtle difference in greater depth (here)[https://docs.docker.com/network/bridge/#differences-between-user-defined-bridges-and-the-default-bridge].

It's an interesting alternative to Zoom or Google Hangouts and it's easy to set up on most Linux servers. In this article, we'll show you how to install Jitsi Meet on a VPS running Centos 8.

Note: Jitsi.org doesn't officially have a supported CentOS-compatible release candidate. So instead, we'll use Docker to deploy a functional Jitsi Meet setup.

Not running CentOS?
Click here to set up Jitsi Meet on Ubuntu
Click here to set up Jitsi Meet on Debian

Why is Jitsi better than Zoom?

First of all, we're not saying that it is!

But there have been questions about the quality of Zoom's privacy that are leading a lot of people to look for other options. Among other things, Jitsi doesn't require you to create an account or install browser plugins to work.

Plus Jitsi Meet comes with a pretty rich feature set completely free, things like:

• Screen sharing for presentations or document reviews
• Fun, customizable meeting URLs
• Invite as many users as your infrastructure will support
• Collaborative document editing (with Etherpad)
• Google and Microsoft Calendar integrations
• Integration with other collaboration software, like Slack
• Mobile apps for Android and Apple

Prerequisites to run Jitsi Meet on your VPS

• Root or Sudo User (this article defaults to the root user)
• Fully-Qualified Domain Name (FQDN) pointing to the IP Address of your server
• Server hostname set to match the above FQDN
• IP Address for your server
• Git installed and configured
• Docker and Docker Compose installed
• Minimum 1-core, 1GB Ram VPS running CentOS 8

Installing Jitsi Meet on Centos 8 using Docker

Okay, let's begin.

Clone the git repository for the docker-based Jitsi Meet instance and switch to the folder it downloads using this command:

git clone https://github.com/jitsi/docker-jitsi-meet && cd docker-jitsi-meet

Copy the example .env file to its own.

cp example.env .env

Make the required CONFIG directories.

mkdir -p ~/.jitsi-meet-cfg/{web/letsencrypt,transcripts,prosody,jicofo,jvb}

Finally, start the docker instance with the following command:

docker-compose up -d

Now you can navigate to your install at the FQDN you set up beforehand. You will need to use the specified port to do so, however.

jisti.your-domain.tld:8443

And that's it!

You've enabled Jitsi Meet and can now use it to run web conferences from your VPS running Centos 8.

Want to discover more open source web conferencing options?

Check out this article for our list of alternatives to Zoom for taking care of business at a distance or connecting with friends and family.

By default, Docker services all listen on port 80, which would create conflicts for incoming traffic. You can change the listening port, of course, but no one wants to type in coolwebsite.com:34567 to access their favorite site.

What if, instead, you could use nginx to route traffic arriving at coolwebsite.com to a unique to a container listening on the 34567 port, and route traffic arriving to anothercoolwebsite.net a second container listening to 45678?

That's exactly what nginx-proxy does: it listens to port 80 (the standard HTTP port) and forwards incoming requests to the appropriate container. This is often known as a reverse proxy, and takes advantage of Docker's VIRTUAL_HOST variable.

In this tutorial, we'll set up nginx-proxy and learn how to use Docker and Nginx to route traffic to different containers, thereby allowing you to host multiple websites on different domains from a single website.

Prerequisites

• An Ubuntu/Debian/CentOS server with Docker installed—to get started with that, check out our getting started with Docker tutorial.
• A non-root user with sudo privileges.

Step 1. Starting up nginx-proxy to hook Docker and Nginx together

To get started, let's start up the nginx-proxy container. This can be accomplished either by a single docker command, or using docker-compose. Let's cover both.

To get started, create a Docker network

Before we get started, either way, we need to first create a Docker network that we will use to bridge all of these containers together.

$ docker network create nginx-proxy

From now on, we need to ensure that we're always adding new containers to the nginx-proxy Docker network.

Installing nginx-proxy with Docker

$ docker run -d -p 80:80 --name nginx-proxy --net nginx-proxy -v /var/run/docker.sock:/tmp/docker.sock jwilder/nginx-proxy

Installing nginx-proxy with docker-compose

First, create a new docker-compose.yml file in the directory of your choosing (one titled nginx-proxy is a good idea), and copy in the following text:

version: "3"
services:
  nginx-proxy:
    image: jwilder/nginx-proxy
    container_name: nginx-proxy
    ports:
      - "80:80"
    volumes:
      - /var/run/docker.sock:/tmp/docker.sock:ro

networks:
  default:
    external:
      name: nginx-proxy

And then run the following docker-compose command to get started.

$ docker-compose up -d

How nginx-proxy works to host multiple websites

As you can see from the code in both options, the container listens on port 80 and exposes the same port inside of the container. That allows all incoming traffic to flow though nginx.

You might be wondering what the /var/run/docker.sock:/tmp/docker.sock line accomplishes. Essentially, this gives any container access to the host's Docker socket, which contains information about a variety of Docker events, such as creating a new container, or shutting one down.

This means that every time you add a container, nginx-proxy sees the event through the socket, automatically creates the configuration file needed to route traffic, and restarts nginx to make the changes available immediately. nginx-proxy looks for containers with the VIRTUAL_HOST variable enabled, so that's critical to our operations moving forward.

Also important to note is the --net nginx-proxy line in the Docker command, and the networks: default: external: name: nginx-proxy block in the docker-compose.yml file. These establish that all containers will communicate over that Docker network.

Step 2. Adding a container to the proxy

Now that we have nginx-proxy running, we can start adding new containers, which will be automatically picked up and configured for. Because we covered it in the last Docker tutorial, and since it's an easy implementation to try out, let's use WordPress as an example.

Using Docker

Starting a WordPress container with a basic configuration is quite easy.

$ docker run -d --name blog --expose 80 --net nginx-proxy -e VIRTUAL_HOST=blog.DOMAIN.TLD wordpress

Take note of a few elements here. --expose 80 will allow traffic to flow into the container on port 80. --net nginx-proxy ensures we're using the Docker network we created earlier. Finally, -e VIRTUAL_HOST=blog.DOMAIN.TLD flags nginx-proxy to create the proxy information and direct traffic arriving to the correct domain.

Using docker-compose

Start by creating a 'docker-compose.yml' file in an empty directory and copying in the following.

version: "3"

services:
   db_node_domain:
     image: mysql:5.7
     volumes:
       - db_data:/var/lib/mysql
     restart: always
     environment:
       MYSQL_ROOT_PASSWORD: PASSWORD
       MYSQL_DATABASE: wordpress
       MYSQL_USER: wordpress
       MYSQL_PASSWORD: PASSWORD
     container_name: wordpress_db

   wordpress:
     depends_on:
       - db_node_domain
     image: wordpress:latest
     expose:
       - 80
     restart: always
     environment:
       VIRTUAL_HOST: blog.DOMAIN.TLD
       WORDPRESS_DB_HOST: db_node_domain:3306
       WORDPRESS_DB_USER: wordpress
       WORDPRESS_DB_PASSWORD: PASSWORD
     container_name: wordpress
volumes:
    db_data:

networks:
  default:
    external:
      name: nginx-proxy

Again, take note of the expose and environment: VIRTUAL_HOST options within the file. Also, the networks option at the bottom is necessary to allow this container to "speak" with nginx-proxy.

Also, take note of the line that begins with db_node_domain. If you are going to host multiple WordPress blogs using this method, you need to create unique database names for each. You should replace db_node_domain with your preferring naming scheme. You also need to update two other fields with this chosen name. First:

depends_on:

  - db_node_domain

And second:

WORDPRESS_DB_HOST: db_node_domain:3306

Once the configuration file is set up, you can run the docker-compose up -d command. As long as your DNS is set up to route traffic properly, things should work correctly.

From here, you can start up any number of additional WordPress site—or any type of service, for that matter—and have them be automatically added to the nginx-proxy network. This Docker and Nginx configuration is pretty infinitely extensible, limited only by the VPS resources available to you.

Additional resources to host multiple websites

Of course, be sure to check out the extensive documentation for nginx-proxy to learn more about how you can configure some more complex proxies between Docker and Nginx, such as those using SSL, with multiple ports, or multiple networks.

We haven't tested it out yet, but there's a "companion" to nginx-proxy called letsencrypt-nginx-proxy-companion that allows for the creation/renewal of Let's Encrypt certificates automatically directly alongside the proxy itself.

Just another example of the really cool things that you can do with Docker!
Thanks much to our sharp-eyed reader John! He pointed out how we can improve our docker-compose files by creating unique database names for each instance of WordPress!