cherrymusic as a docker service

Quickstart

create the data-container:

docker create --name cherrymusic-data -v /home/cm/.config/cherrymusic -v /home/cm/.¬local/share/cherrymusic klingtdotnet/cherrymusic

run once to create the initial configuration

docker run --rm --volumes-from cherrymusic-data -it klingtdotnet/cherrymusic

edit the configuration

docker run --rm --volumes-from cherrymusic-data -it klingtdotnet/vim vim /home/cm/.¬config/cherrymusic/cherrymusic.conf

normal run with read-only mounted music volume (or as SystemD service)

docker run --rm --volumes-from cherrymusic-data --volume /path/to/local/music:/home/cm/basedir/:ro -it klingtdotnet/vim vim /home/cm/.¬config/cherrymusic/cherrymusic.conf

SystemD Service

copy the [email protected] file to /etc/systemd/system and run systemctl daemon-reload
edit the environment file cherrymusic and copy it to /etc/sysconfig
run the service with systemctl start cherrymusic@someuser or enable it (start automatically on boot) systemctl enable cherrymusic@someuser

nginx Reverse Proxy Example

to generate a self-signed certificate: openssl req -x509 -newkey rsa:4096 -keyout music.klingt.net.pem -out music.klingt.net.crt -days 360

erver {
    listen 80;
    listen [::]:80;
    server_name music.some.domain;
    return 301 https://music.some.domain$request_uri;
}

server {
    listen       443 ssl spdy;
    listen       [::]:443 ssl spdy;
    server_name  music.some.domain;

    ssl_certificate         /etc/nginx/certs/_.some.domain/_.some.domain.pem;
    ssl_certificate_key     /etc/nginx/certs/_.some.domain/_.some.domain.key;
    ssl_password_file       /etc/nginx/certs/_.some.domain/.pass;

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

    location / {
        proxy_http_version 1.1;
        # Set proxy headers for the passthrough
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

        # Let the Set-Cookie header through.
        proxy_pass_header Set-Cookie;
        proxy_pass  http://localhost:8765/;
    }
}

SELinux Troublehshooting

certificate not readable by nginx, despite correct permmissions -> update SELinux context

restorecon -v -R /path/to/certs/

nginx returns 502 Bad Gateway -> add port to allowed http ports

semanage port -a -t http_port_t -p tcp 20800
# check
semanage port -l | grep 20800

note that semanage takes a lot of resources (I would like to know why), maybe you have to setup a swapfile for systems with less than 512MB of RAM. Otherwise it will stop with a KILLED message

oscarcarlsson / docker-cherrymusic Goto Github PK

docker-cherrymusic's Introduction

cherrymusic as a docker service

Quickstart

SystemD Service

nginx Reverse Proxy Example

SELinux Troublehshooting

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent