Home A - Z Changelog
Page Index 
# Setup

- Docker
- fail2ban
- ufw
- secure ssh with password access blocked



## Docker 

Following the instruction in <https://docs.docker.com/>. 

You need `docker` and `docker-compose`. Since we are not running in unpriviledged, we don't need the `rootless` packages. 

Normaly, we don't need anything else.

We store `docker-compose` files in `/opt/docker`, and data in `/mnt/data` and `/mnt/ncdata`. 

The `docker` user and group should be created to manage volumes and permissions. Each admin user should be added to the docker group. 

File permissions for the docker container data and configs should be set to the docker:docker  and add read/write/execute permissions for the docker group, for easier admin management without having to elevating permissions to root. 


```
# Example of setting the permissions for the 

sudo chown -R docker:docker /mnt/data/container &&
sudo find /mnt/data/container -type d -exec chmod 775 {} \; &&
sudo find /mnt/data/container -type f -exec chmod 664 {} \;
```
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9