systems:media_server:set_up_the_mediaserver_docker_compose_file
This is an old revision of the document!
Table of Contents
Systems - Media Server - Set Up the Mediaserver Docker Compose File
Edit the docker-compose-mediaserver.yml and populate with…
Define Default Network
- /home/peter/docker/docker-compose-mediaserver.yml
networks: default: driver: bridge
NOTE: This defines one network called default.
- driver: bridge - The default bridge network is created automatically when Docker is installed.
- It provides basic networking capabilities for containers running on the same host.
- Containers connected to the bridge network can communicate with each other using their IP addresses or container names.
Add Docker Media Server Containers
- /home/peter/docker/docker-compose-mediaserver.yml
networks: default: driver: bridge include:
NOTE: Each app or service will be defined into its own yaml file.
- These individual services will be added into that include block in the main Docker Compose file.
—-
Create Socket Proxy Docker Compose
Create a file called socket-proxy.yml inside /home/peter/docker/compose/mediaserver
- /home/peter/docker/compose/mediaserver
services: socket-proxy: image: lscr.io/linuxserver/socket-proxy:latest container_name: socket-proxy environment: - ALLOW_START=0 #optional - ALLOW_STOP=0 #optional - ALLOW_RESTARTS=0 #optional - AUTH=0 #optional - BUILD=0 #optional - COMMIT=0 #optional - CONFIGS=0 #optional - CONTAINERS=0 #optional - DISABLE_IPV6=0 #optional - DISTRIBUTION=0 #optional - EVENTS=1 #optional - EXEC=0 #optional - IMAGES=0 #optional - INFO=0 #optional - LOG_LEVEL=info #optional - NETWORKS=0 #optional - NODES=0 #optional - PING=1 #optional - PLUGINS=0 #optional - POST=0 #optional - SECRETS=0 #optional - SERVICES=0 #optional - SESSION=0 #optional - SWARM=0 #optional - SYSTEM=0 #optional - TASKS=0 #optional - VERSION=1 #optional - VOLUMES=0 #optional volumes: - /var/run/docker.sock:/var/run/docker.sock:ro restart: unless-stopped read_only: true tmpfs: - /run
ALERT: When running Docker in production, you typically do not want to expose the Docker daemon socket to external networks.
- This poses a challenge for tools and apps that need access to the Docker API.
- One solution is to set up a proxy that controls and secures access to the Docker API.
- The docker-socket-proxy will need to run as the root user to be able to proxy the docker socket to the services.
Example Service using Socket Proxy
- example-service.yml
version: "3.1" services: my-service: image: my-service environment: - DOCKER_HOST=tcp://docker-socket-proxy:2375 networks: - my-network docker-socket-proxy: image: tecnativa/docker-socket-proxy environment: - SERVICES=1 - TASKS=1 - NETWORKS=1 - NODES=1 volumes: - /var/run/docker.sock:/var/run/docker.sock networks: - my-network deploy: placement: constraints: [node.role == manager] networks: my-network: driver: overlay
NOTE: Proxy the docker socket to my-service.
- The important line to add to each service is DOCKER_HOST=tcp:docker-socket-proxy:2375** * See: https://github.com/Tecnativa/docker-socket-proxy </WRAP> —- ===== References ===== https://docs.linuxserver.io/images/docker-socket-proxy/ https://github.com/Tecnativa/docker-socket-proxy
systems/media_server/set_up_the_mediaserver_docker_compose_file.1749051243.txt.gz · Last modified: 2025/06/04 15:34 by peter