Any step by step guides to using Portainer and YNH?

I would like to install Omeka and some other digital humanities style software on my YNH server, and it seems like using docker would be the best way to do that. I have tried just installing Omeka at least with my_webapp but it didn’t seen to play very well (I kept getting nginx deadends). So I’ve installed portainer and spun up some containers but I keep getting quite confused with how to use the redirect all to point to a container, so I was wondering if anyone had any practical experience or a guide they’ve used to set up portainer+YNH.

I should probably just learn how to package programs on YNH as there’s a bunch of things I’d like to selfhost but it remains just beyond the limits of my ability—I’m not comfortable with PHP or with virtual box so I guess if anyone had a very clear guide on how to learn all of that I’d be willing to try, but I’d much rather use my docker experience

Dunno if that answers the question but are you aware of the portainer app ?

Though I don’t know what it’s worth … I can see our automatic tests are pretty much happy … It’s level 4 instead of 7 only because of a “minor” issue / bad practice in one of the scripts.

(Edit: the package is a bit unmaintainted though)

well, yes I am! and I use the portainer app to set up an omeka container…but then I can’t access it! I’m trying to figure out how to get it live on the internet because you can publish a certain port via docker but I don’t know how to access it otherwise

I was looking for instructions on what port or how to publish it in order to use the redirect for say omeka.DOMAIN.com. or perhaps its possible to tell portainer to publish to omeka.DOMAIN.com?

Okay I wanted to create a step by step documentation of what I am doing for portainer just to check that I’m doing it right. I am trying to install bookstack via linuxserver.io’s image. Portainer is installed on server at portainer.

1. Add book.domain.com to cloudflare.
2. Add book.domain.com to YNH, run diagonsis
3. Add let’s encrypt SSL certificate to book.domain.com via YNH web portal.
4. Portainer is already installed on portainer.domain.com
5. I go to stacks in the portainer menu and choose “new stack” and use this docker compose file:

---
version: "2"
services:
  bookstack:
    image: linuxserver/bookstack
    container_name: bookstack
    environment:
      - PUID=1000
      - PGID=1000
      - DB_HOST=bookstack_db
      - DB_USER=bookstack
      - DB_PASS=yourdbpass
      - DB_DATABASE=bookstackapp
    volumes:
      - /path/to/data:/config
    ports:
      - 6875:80
    restart: unless-stopped
    depends_on:
      - bookstack_db
  bookstack_db:
    image: linuxserver/mariadb
    container_name: bookstack_db
    environment:
      - PUID=1000
      - PGID=1000
      - MYSQL_ROOT_PASSWORD=yourdbpass
      - TZ=Europe/London
      - MYSQL_DATABASE=bookstackapp
      - MYSQL_USER=bookstack
      - MYSQL_PASSWORD=yourdbpass
    volumes:
      - /path/to/data:/config
    restart: unless-stopped

6. It shows as running:
   

   

   image1500×339 24.9 KB

7. This guide says to go to domain.com:6875 , which I suspect will not work, but I try it anyhow. It does not work.

8. Then I try the duplicate/edit button in order to add the domain name domain.com to the advanced options
   

   

   image695×515 22.4 KB

(I’ve replaced this with my actual domain.com but not book.domain.com

This does not work. Figures. I go back and
9. Update it to book.domain.com in the advanced options.
10. This also does not work.
11. Maybe I need a redirect app.
12. I make a redirect app and install it on book.domain.com

image1224×700 33.9 KB

This also doesn’t seem to work.

what am I doing wrong?

Hi !

So, docker makes Bookstack available on localhost:6875, but this port is not open outside of localhost thanks to the firewall. Let’s keep it like that.

You are in the right direction with the Redirect app: it will make localhost:6875 available on book.domain.com. All you have to do is put http://localhost:6875/ in the destination path and make it a invisible proxy redirect too.

(edit: you may need a trailing slash, or not, I never know when it’s important)

I think you should not change anything in the Network section of the container settings. Revert it back if it does not work.

This is helpful!

Following your instructions I tried it with a slash

image1463×452 21.8 KB

This just did nothing except stall forever at a blank screen and not go anywhere. So I tried it without a slash.

image1293×440 21.2 KB

This went to a 404

But I think I might be missing something with portainer. My understanding of docker and portainer is that when it goes 6875:80 (like this):

image1304×285 13.7 KB

that it actually means that it is published on 6875 on docker and then docker is publishing it again on 80. Before I tried your solution i DID remove book.domain.com from the “network section”. Was this wrong?

Nope, as written in your screenshot, it is the other way around. The host’s 6875 port (your server) is to be bound to the container’s 80 port.

That is also written on the docker page. Read it, it seems you need to add an environment variable APP_URL=http://book.domain.com (or https)

Thank you for all your help! That’s absolutely right about the ports, it seems that I mixed those up, so I appreciate the coorection!

So here’s what I did

1. Added APP_URL = https://book.domain.com to the docker-compose environment.

2. Set Redirect app with these settings:

Choose a domain for your redirect
> book.domain.com
Choose a path for your redirect
>  /
Redirect destination path
> http://localhost**:6875/**
Redirect type
> Proxy, invisible (nginx proxy_pass). Only Accessible for allowed users. 

Result: the nginx page.

3. Deleted. Reinstalled Redirect with these settings:

Choose a domain for your redirect
> book.domain.com
Choose a path for your redirect
>  /
Redirect destination path
> http://localhost:**6875**
Redirect type
> Proxy, invisible (nginx proxy_pass). Only Accessible for allowed users. 

Result: nginix proxy page.

4. Deleted. Reinstalled Redirect with these settings:

Choose a domain for your redirect
> book.domain.com
Choose a path for your redirect
>  /
Redirect destination path
> http://localhost:**6875**
Redirect type
> Proxy, invisible (nginx proxy_pass). **Everyone will be able to access it.** 

Result: nginix proxy page.

5. Deleted. Reinstalled Redirect with these settings:

Choose a domain for your redirect
> book.domain.com
Choose a path for your redirect
>  /
Redirect destination path
> http://localhost:**6875/**
Redirect type
> Proxy, invisible (nginx proxy_pass). **Everyone will be able to access it.** 

Result: nginix proxy page.

6. Deleted. Set app_url to http://book.domain.com
7. Restarted bookstack and bookstack_db
8. Retried Redirect app with every setting from above and get the same result.: Welcome to nginx!

I have tried to install it myself, but it seems the containers are failing to initialize:

---
version: "2"
services:
  bookstack:
    image: linuxserver/bookstack
    container_name: bookstack
    environment:
      - PUID=1000
      - PGID=1000
      - DB_HOST=bookstack_db
      - DB_USER=bookstack
      - DB_PASSWORD=yourdbpass
      - DB_DATABASE=bookstackapp
#      - APP_URL=https://book.domain.com/
    volumes:
      - /tmp/bookstack:/config
    ports:
      - 6875:80
    restart: unless-stopped
    depends_on:
      - bookstack_db
  bookstack_db:
    image: linuxserver/mariadb
    container_name: bookstack_db
    environment:
      - PUID=1000
      - PGID=1000
      - MYSQL_ROOT_PASSWORD=yourdbpass
      - TZ=Europe/London
      - MYSQL_DATABASE=bookstackapp
      - MYSQL_USER=bookstack
      - MYSQL_PASSWORD=yourdbpass
    volumes:
      - /tmp/bookstack_db:/config
    restart: unless-stopped

Note that I replaced /path/to/config with an actual directories I created at /tmp/bookstack(_db)

Here are the log of the database container:

$ docker logs -f bookstack_db
[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 01-envfile: executing...
[cont-init.d] 01-envfile: exited 0.
[cont-init.d] 10-adduser: executing...

-------------------------------------
          _         ()
         | |  ___   _    __
         | | / __| | |  /  \
         | | \__ \ | | | () |
         |_| |___/ |_|  \__/


Brought to you by linuxserver.io
-------------------------------------

To support LSIO projects visit:
https://www.linuxserver.io/donate/
-------------------------------------
GID/UID
-------------------------------------

User uid:    1000
User gid:    1000
-------------------------------------

[cont-init.d] 10-adduser: exited 0.
[cont-init.d] 30-config: executing...
[cont-init.d] 30-config: exited 0.
[cont-init.d] 40-initialise-db: executing...
Setting Up Initial Databases
Installing MariaDB/MySQL system tables in '/config/databases' ...
2020-09-25 12:38:44 0 [ERROR] mysqld: Got error 'Size of control file is smaller than expected' when trying to use aria control file '/config/databases/aria_log_control'
2020-09-25 12:38:44 0 [ERROR] Plugin 'Aria' init function returned error.
2020-09-25 12:38:44 0 [ERROR] Plugin 'Aria' registration as a STORAGE ENGINE failed.
2020-09-25 12:38:44 0 [ERROR] InnoDB: The Auto-extending innodb_system data file './ibdata1' is of a different size 0 pages than specified in the .cnf file: initial 768 pages, max 0 (relevant if non-zero) pages!
2020-09-25 12:38:44 0 [ERROR] InnoDB: Plugin initialization aborted with error Generic error
2020-09-25 12:38:45 0 [ERROR] Plugin 'InnoDB' init function returned error.
2020-09-25 12:38:45 0 [ERROR] Plugin 'InnoDB' registration as a STORAGE ENGINE failed.
2020-09-25 12:38:45 0 [ERROR] Failed to initialize plugins.
2020-09-25 12:38:45 0 [ERROR] Aborting

And obviously if the DB fails, the main container too:

$   docker logs -f bookstack
[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 01-envfile: executing...
[cont-init.d] 01-envfile: exited 0.
[cont-init.d] 10-adduser: executing...

-------------------------------------
          _         ()
         | |  ___   _    __
         | | / __| | |  /  \
         | | \__ \ | | | () |
         |_| |___/ |_|  \__/


Brought to you by linuxserver.io
-------------------------------------

To support LSIO projects visit:
https://www.linuxserver.io/donate/
-------------------------------------
GID/UID
-------------------------------------

User uid:    1000
User gid:    1000
-------------------------------------

[cont-init.d] 10-adduser: exited 0.
[cont-init.d] 20-config: executing...
[cont-init.d] 20-config: exited 0.
[cont-init.d] 30-keygen: executing...
using keys found in /config/keys
[cont-init.d] 30-keygen: exited 0.
[cont-init.d] 50-config: executing...
App Key found - setting variable for seds
Running config - db_user set

   Illuminate\Database\QueryException  : SQLSTATE[HY000] [2002] Connection refused (SQL: select * from information_schema.tables where table_schema = bookstackapp and table_name = migrations and table_type = 'BASE TABLE')

  at /var/www/html/vendor/laravel/framework/src/Illuminate/Database/Connection.php:669
    665|         // If an exception occurs when attempting to run a query, we'll format the error
    666|         // message to include the bindings with SQL, which will make this exception a
    667|         // lot more helpful to the developer instead of just the database's errors.
    668|         catch (Exception $e) {
  > 669|             throw new QueryException(
    670|                 $query, $this->prepareBindings($bindings), $e
    671|             );
    672|         }
    673|

  Exception trace:

  1   Doctrine\DBAL\Driver\PDOException::("SQLSTATE[HY000] [2002] Connection refused")
      /var/www/html/vendor/doctrine/dbal/lib/Doctrine/DBAL/Driver/PDOConnection.php:31

  2   PDOException::("SQLSTATE[HY000] [2002] Connection refused")
      /var/www/html/vendor/doctrine/dbal/lib/Doctrine/DBAL/Driver/PDOConnection.php:27

  Please use the argument -v to see more details.
[cont-init.d] 50-config: exited 0.
[cont-init.d] 99-custom-files: executing...
[custom-init] no custom files found exiting...
[cont-init.d] 99-custom-files: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] done.

Can you check on your end that you have the same issue?

I do not seem to be having that problem

Database logs

Caught SIGTERM signal!,
[cont-finish.d] executing container finish scripts...,
[cont-finish.d] done.,
[s6-finish] waiting for services.,
[s6-finish] sending all processes the TERM signal.,
[s6-finish] sending all processes the KILL signal and exiting.,
[s6-init] making user provided files available at /var/run/s6/etc...exited 0.,
[s6-init] ensuring user provided files have correct perms...exited 0.,
[fix-attrs.d] applying ownership & permissions fixes...,
[fix-attrs.d] done.,
[cont-init.d] executing container initialization scripts...,
[cont-init.d] 01-envfile: executing... ,
[cont-init.d] 01-envfile: exited 0.,
[cont-init.d] 10-adduser: executing... ,
usermod: no changes,
,
-------------------------------------,
          _         (),
         | |  ___   _    __,
         | | / __| | |  /  \ ,
         | | \__ \ | | | () |,
         |_| |___/ |_|  \__/,
,
,
Brought to you by linuxserver.io,
-------------------------------------,
,
To support LSIO projects visit:,
https://www.linuxserver.io/donate/,
-------------------------------------,
GID/UID,
-------------------------------------,
,
User uid:    1000,
User gid:    1000,
-------------------------------------,
,
[cont-init.d] 10-adduser: exited 0.,
[cont-init.d] 30-config: executing... ,
[cont-init.d] 30-config: exited 0.,
[cont-init.d] 40-initialise-db: executing... ,
[cont-init.d] 40-initialise-db: exited 0.,
[cont-init.d] 99-custom-scripts: executing... ,
[custom-init] no custom files found exiting...,
[cont-init.d] 99-custom-scripts: exited 0.,
[cont-init.d] done.,
[services.d] starting services,
[services.d] done.,
200925 10:38:03 mysqld_safe Logging to syslog.,
200925 10:38:03 mysqld_safe Starting mysqld daemon with databases from /config/databases,
Caught SIGTERM signal!,
[cont-finish.d] executing container finish scripts...,
[cont-finish.d] done.,
[s6-finish] waiting for services.,
[s6-finish] sending all processes the TERM signal.,
[s6-finish] sending all processes the KILL signal and exiting.,
[s6-init] making user provided files available at /var/run/s6/etc...exited 0.,
[s6-init] ensuring user provided files have correct perms...exited 0.,
[fix-attrs.d] applying ownership & permissions fixes...,
[fix-attrs.d] done.,
[cont-init.d] executing container initialization scripts...,
[cont-init.d] 01-envfile: executing... ,
[cont-init.d] 01-envfile: exited 0.,
[cont-init.d] 10-adduser: executing... ,
usermod: no changes,
,
-------------------------------------,
          _         (),
         | |  ___   _    __,
         | | / __| | |  /  \ ,
         | | \__ \ | | | () |,
         |_| |___/ |_|  \__/,
,
,
Brought to you by linuxserver.io,
-------------------------------------,
,
To support LSIO projects visit:,
https://www.linuxserver.io/donate/,
-------------------------------------,
GID/UID,
-------------------------------------,
,
User uid:    1000,
User gid:    1000,
-------------------------------------,
,
[cont-init.d] 10-adduser: exited 0.,
[cont-init.d] 30-config: executing... ,
[cont-init.d] 30-config: exited 0.,
[cont-init.d] 40-initialise-db: executing... ,
[cont-init.d] 40-initialise-db: exited 0.,
[cont-init.d] 99-custom-scripts: executing... ,
[custom-init] no custom files found exiting...,
[cont-init.d] 99-custom-scripts: exited 0.,
[cont-init.d] done.,
[services.d] starting services,
[services.d] done.,
200925 10:41:21 mysqld_safe Logging to syslog.,
200925 10:41:21 mysqld_safe Starting mysqld daemon with databases from /config/databases,

Server logs:

Brought to you by linuxserver.io,
-------------------------------------,
,
To support LSIO projects visit:,
https://www.linuxserver.io/donate/,
-------------------------------------,
GID/UID,
-------------------------------------,
,
User uid:    1000,
User gid:    1000,
-------------------------------------,
,
[cont-init.d] 10-adduser: exited 0.,
[cont-init.d] 20-config: executing... ,
[cont-init.d] 20-config: exited 0.,
[cont-init.d] 30-keygen: executing... ,
using keys found in /config/keys,
[cont-init.d] 30-keygen: exited 0.,
[cont-init.d] 50-config: executing... ,
App Key found - setting variable for seds,
Running config - db_user set,
/var/run/s6/etc/cont-init.d/50-config: line 77: warning: command substitution: ignored null byte in input,
[cont-finish.d] executing container finish scripts...,
[cont-finish.d] done.,
[s6-finish] waiting for services.,
[s6-finish] sending all processes the TERM signal.,
[s6-finish] sending all processes the KILL signal and exiting.,
[s6-init] making user provided files available at /var/run/s6/etc...exited 0.,
[s6-init] ensuring user provided files have correct perms...exited 0.,
[fix-attrs.d] applying ownership & permissions fixes...,
[fix-attrs.d] done.,
[cont-init.d] executing container initialization scripts...,
[cont-init.d] 01-envfile: executing... ,
[cont-init.d] 01-envfile: exited 0.,
[cont-init.d] 10-adduser: executing... ,
usermod: no changes,
,
-------------------------------------,
          _         (),
         | |  ___   _    __,
         | | / __| | |  /  \ ,
         | | \__ \ | | | () |,
         |_| |___/ |_|  \__/,
,
,
Brought to you by linuxserver.io,
-------------------------------------,
,
To support LSIO projects visit:,
https://www.linuxserver.io/donate/,
-------------------------------------,
GID/UID,
-------------------------------------,
,
User uid:    1000,
User gid:    1000,
-------------------------------------,
,
[cont-init.d] 10-adduser: exited 0.,
[cont-init.d] 20-config: executing... ,
[cont-init.d] 20-config: exited 0.,
[cont-init.d] 30-keygen: executing... ,
using keys found in /config/keys,
[cont-init.d] 30-keygen: exited 0.,
[cont-init.d] 50-config: executing... ,
App Key found - setting variable for seds,
Running config - db_user set,
/var/run/s6/etc/cont-init.d/50-config: line 77: warning: command substitution: ignored null byte in input,
/var/run/s6/etc/cont-init.d/50-config: line 77: warning: command substitution: ignored null byte in input,
,
   Illuminate\Database\QueryException  : SQLSTATE[HY000] [1045] Access denied for user 'USER'@'bookstack.bookstack_default' (using password: YES) (SQL: select * from information_schema.tables where table_schema = bookstackapp and table_name = migrations and table_type = 'BASE TABLE'),
,
  at /var/www/html/vendor/laravel/framework/src/Illuminate/Database/Connection.php:669,
    665|         // If an exception occurs when attempting to run a query, we'll format the error,
    666|         // message to include the bindings with SQL, which will make this exception a,
    667|         // lot more helpful to the developer instead of just the database's errors.,
    668|         catch (Exception $e) {,
  > 669|             throw new QueryException(,
    670|                 $query, $this->prepareBindings($bindings), $e,
    671|             );,
    672|         },
    673|,
,
  Exception trace:,
,
  1   Doctrine\DBAL\Driver\PDOException::("SQLSTATE[HY000] [1045] Access denied for user 'USER'@'bookstack.bookstack_default' (using password: YES)"),
      /var/www/html/vendor/doctrine/dbal/lib/Doctrine/DBAL/Driver/PDOConnection.php:31,
,
  2   PDOException::("SQLSTATE[HY000] [1045] Access denied for user 'USER'@'bookstack.bookstack_default' (using password: YES)"),
      /var/www/html/vendor/doctrine/dbal/lib/Doctrine/DBAL/Driver/PDOConnection.php:27,
,
  Please use the argument -v to see more details.,
[cont-init.d] 50-config: exited 0.,
[cont-init.d] 99-custom-files: executing... ,
[custom-init] no custom files found exiting...,
[cont-init.d] 99-custom-files: exited 0.,
[cont-init.d] done.,
[services.d] starting services,
[services.d] done.,

I do see the error there

  2   PDOException::("SQLSTATE[HY000] [1045] Access denied for user 'USER'@'bookstack.bookstack_default' (using password: YES)"),

So I wonder if I need to just use the default information??

The app basically doesn’t matter at this point. I could spin up something else if you have used something on potrainer successfully? Mostly I am trying to sort how to get the redirect working. I will play around with the user login info.

To try something else out, I tried lazylibrarian: https://hub.docker.com/r/linuxserver/lazylibrarian

First I tried this

---
version: "2"
services:
  lazylibrarian:
    image: linuxserver/lazylibrarian
    container_name: lazylibrarian
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=Europe/London
      - DOCKER_MODS=linuxserver/calibre-web:calibre|linuxserver/mods:lazylibrarian-ffmpeg #optional
    volumes:
      - path to data:/config
      - path to downloads:/downloads
      - path to data:/books
    ports:
      - 5299:5299
    restart: unless-stopped

I used version “2” becasue “2.1” is not supported.

This fails because I don’t have a path to data. I’m unsure what to put into those places, this is why I am trying to build a guide on how to do YNHOHOST with docker…do I use /var? or perhaps /home/USER/lazylibrarian? /home/portainer?

To Update:

I tried this:

---
version: "2"
services:
  lazylibrarian:
    image: linuxserver/lazylibrarian
    container_name: lazylibrarian
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=Europe/London
      - DOCKER_MODS=linuxserver/calibre-web:calibre|linuxserver/mods:lazylibrarian-ffmpeg #optional
      - APP_URL=https://book.domain.com
    volumes:
      - /lazy/config:/config
      - /lazy/downloads:/downloads
      - /lazy/books:/books
    ports:
      - 5299:5299
    restart: unless-stopped

I tried the redirect app with

book.domain.com
/
http://localhost:5299/home/
nginix proxy pass

I just get the nginx page.

Final attempt today. I tried grocy because it seemed simple: Docker

docker-compose:

---
version: "2"
services:
  grocy:
    image: linuxserver/grocy
    container_name: grocy
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=Europe/London
    volumes:
      - path to data:/config
    ports:
      - 9283:80
    restart: unless-stopped

Redirect app:

book.domain.com
/
http://localhost:9283/
invisible ngninx proxy pass

result: nginix page

Then I tried adding APP_URL=https://book.brimstor.me

Same result. It is probably worth saying that I stop all previous containers before I try each new thing.

omg I finally got something to work!

I’m not sure what I did right so here’s a list of the final actions I took to get grocy to work. Using portainer I:

1. copied the volume patterning of portainer—i.e. container /config and host /home/yunohost.docker/portainer/grocy/config. Maybe this could just be in /home/yunohost.docker/grocy/config though? that might be safer.
2. Network: I changed this to bridge like portainer instead of grocy_default. Are there security issues with this?
3. I removed the APP_URL env variable.
4. Redirect app:

book.domain.com
/
http://localhost:9283/
nginx proxy pass (the one for logged in users)

5. restarted nginix.
6. logged in through webadmin.
7. went to book.domain.com

it works!

I will have to try for other apps now. Is any of this helpful @tituspijean in realizing what I was doing wrong in the fiirst place? I’d like to make a guide on using portainer in yunohost (because trying to package an app is super confusing to me)

updates: it has to be on a primary domain. book.domain.com/grocy does not work. I don’t know if this is a result of something I did wrong on portainer. It also looks like it has to be nginix proxy pass for allowed users. restarting nginx does not seem necessary.

I also managed to get lazylibrarian set up using this process. it did require restarting nginix though. or maybe it didn’t and it just took longer. not sure yet.

In my tests I usually put ./folder:/folder for the volumes. (beware of the dot!) It means that the data for the container will be put in the directory where the docker-compose.yml file lies.

So, I removed everything related to Bookstack too, and tried Lazylibrarian. It worked right away !

---
version: "2.1"
services:
  lazylibrarian:
    image: linuxserver/lazylibrarian
    container_name: lazylibrarian
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=Europe/London
      - DOCKER_MODS=linuxserver/calibre-web:calibre|linuxserver/mods:lazylibrarian-ffmpeg #optional
    volumes:
      - ./config:/config
      - ./downloads:/downloads
      - ./books:/books
    ports:
      - 5299:5299
    restart: unless-stopped

cd $your_path_to_yml_file
docker-compose up -d
# It will take some time to initialize after starting up the container

# Meanwhile
yunohost app install redirect -a "label=LazyLibrarian&domain=book.domain.com&path=/&redirect_path=http://127.0.0.1:5299&redirect_type=private_proxy"

I cannot quite acknowledge everything you did and tried, but I will try.

1. I am not sure what you copied and where to. This kind of this should be managed by Portainer, you should not have to tinker into that.
2. Regarding the network : a bridge, as far as my limited knowledge allows me to understand, makes the container available on a subnetworks managed by the host. Some explainations can be found here. But that’s the default Docker behaviour. There should not be issues as long as you do not open ports on the host or create routing rules between your main network interface and the containers subnetwork.
3. Yeah, that variable is most likely specific to Bookstack, it tells it to expect browsing with URL starting by that.
4. For your guide: always use the proxy options (either public or private, that’s up to you). It will not work if you choose the 301 or 302 options. These two latter options will basically make Nginx tell your visitors to go to http://127.0.0.1:port or whatever. But that’s on their own computer, not your host. With the proxy options, it tells Nginx to fetch itself the http://127.0.0.1:port pages, which are indeed the container’s, and serve it to the visitors. So to summarize:
   • public_302 and public_301: not OK
   • public_proxy and private_proxy: OK
5. Regarding the possibility to have a domain.com/path instead of app.domain.com: that’s up to how the app is made. You have to check the apps README to find out. For Bookstack, since it has a APP_URL variable (it can be named differently for other apps, it’s only a variable), I guess it is open to different paths.

1. I think you misunderstood—but only because I wasn’t clear! What I meant is that I copied the volume variables (and I think the network ones) from the “portainer” container to another container and that is what made things work.
2. I read that page too! I don’t know if yunohost changes things, but I’ve had best luck with keeping things on bridge network but I’m still expirementing.

Thanks for #4+5, that’s helpful to know. For the most part I’ve just been making new domains but now I’m pushing 30+ domains and holy hell the diagnosis feature really slows down with a lot more.

Here are the apps I have tried and confirmed working:

• trillium
• pinry (but I am having a lot of issues trying to get the initial first user registered? i followed the instructions in the docs but it’s not kicking off)
• Omeka (right now it’s erroring out but that I think is because I need to do initial setup stuff)
• VSCodeServer
• Bookstack
• Grocy
• vabene1111/recipes
• iqVoc (semantic thesaurus management)
• dillinger
• grocy

Thanks for this interesting thread! I came across while looking for the same information in this thread, and I’m happy to see a more detailed discussion going on! However, as explained in the other thread, I lack a bit of insight in how to link up everything (specifically the parts on referral links, ports, etc…, I am not really used to work with these)… I saw that you mentioned writing a short guideline… if it can be of help/motivation: I would be glad to use it/test it out!

for anyone in the future: Docker Container, redirect? - #7 by brimwats

I would also like to thank you for rolling this thread out. I got useful hints, and stayed for three nights with testing.
It’s actually pretty easy.

But first I must say, that my goal was to get portainer and nginx proxy manager running on my vps. I wanted nginx proxy manager to manage certificates, etc.
That wasn’t working in any way.
The good news is, you can use portainer and install any other docker apps, but you don’t need (cannot use) the nginx proxy manager. Instead, you can (you must) use yunohost.

1
So, at first you have to install docker for debian. Just follow the official guides.
Get the apt-key for the docker repository, add the repository, update apt and then install docker.

curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add -

add-apt-repository \
"deb [arch=amd64] https://download.docker.com/linux/debian \
$(lsb_release -cs) \
stable"

apt update

apt install docker-ce docker-ce-cli containerd.io

It seems portainer has docker-compose inside. But it’s no problem, and a good idea anyway to install the newest version on your host, seperatly.

apt install docker-compose

2
So, you got docker, and now it’s time to install portainer.
At first create a volume for portainer

docker volume create portainer_data

Then run and install the community edition

docker run -d -p 8000:8000 -p 9000:9000 --name=portainer --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer-ce

Next step is to set-up portainer with your credentials. Call your server with the IP address over port 9000.
http://1.2.3.4:9000

3
To reach portainer, or later other docker apps on your server over a FQDN or sub domain, you must add a DNS entry.
Go to your registrar and add an A-Record or CNAME for portainer.example.org that hints the IP of your server.

On yunohost, add this domain or subdomain to the list of managed names.

4
Then install the younohost app → redirect

You can install the app several times. Any other instance needs this app again!

In this example you will setup the app for
portainer.example.org

Label for Redirect: just give it a name
Redirect-portainer

Choose the (sub-)domain for your app instance
portainer.example.org

Choose the path for this app (leave empty)
/

Redirect destination path
(YOU NEED THE docker portainer → any INSTANCE IP OF THE CONTAINER AND THE PORT to point at), for example:
http://172.18.0.1:9000/

For nginx proxy manager it would have been http://172.19.0.4:81 // just an example // not important anymore.

VERY IMPORTANT IS THE
Redirect type

CHOOSE
Proxy, invisible (nginx proxy_pass). Everybody will be able to access it.

Then click install to get the yunohost redirect app running.

5
Go back to yunohost domains and request a Let’s encrypt certificate for the sub-domain where the docker-app (portainer) runs.

Finally call your project at portainer.example.org

Repeat this for other docker-apps in portainer on your yunohost.

Hey @jensensen2 and @brimwats. It seems I was too confidently cheering on my success in installing portainer/redirect some apps here, as I now get suddenly the error 502 Bad Gateway nginx at all of them.

I don’t know the technical details in depth, but I assume this has to do either with:

1. Insufficient memory allocation, as indicated in an error log that popped up while trying to create a redirect-app → I assume this was temporary, and not the primary reason for the bad gateway (?) Around the time of this error one of the portainer-containers (Metabase) did shut itself down. On other fora I’ve read that this might be due to insufficient RAM (I have 2 GB for ± 8 YunoHost apps + 2 on portainer)
2. the thing on ngix you mention here: ?

What I did previously: make a redirect to appname.my.yunohost.me:first portnumber indicated in container (portainer), for example: huginn.my.yunohost.me:49156

image1634×369 30.4 KB

In your use-case you use two different IP-addresses and ports. To which do they relate?