Inspired by the excellent work of Peter Scargill ("The Script") about an automatic installer of everything you need to start a platform useful to manage IOT devices, I'd like to convert that to a Docker container based setup, keeping all the easy install features you already are used to.
I know, this is far from being secure and should be avoided, but as this simplifies operations for not skilled people, and in the end it's a local setup, this is what should be done to avoid me the headaches of having to help people with permission issues. You don't agree? Then feel free to study proper security measures and fix this yourself :)
# give root user a password
sudo passwd root
# change these 2 lines in /etc/ssh/sshd_config to allow root login via ssh
PermitRootLogin yes
PasswordAuthentication yes
# now restart ssh to apply changes without reboot
sudo systemctl restart ssh
from now on, EVERY command you'll see MUST be run as root, so you'll not find any reference to sudo anymore
before going on, you'll need some basic tools, like jq
and dialog
(both used by my new menu), and of course git
, so please install them with something similar to this (adapt to your linux distro if it's not debian based):
apt install -y jq dialog git
curl -fsSL https://get.docker.com -o get-docker.sh
sh ./get-docker.sh
docker --version
mkdir -p ~/.docker/cli-plugins/
curl -SL https://github.com/docker/compose/releases/download/v2.26.1/docker-compose-linux-$(uname -m) -o ~/.docker/cli-plugins/docker-compose
chmod +x ~/.docker/cli-plugins/docker-compose
docker compose version
cd; git clone https://github.com/fragolinux/DockerIOT
startup:
docker compose up -d
shutdown:
docker compose down
logs (following):
docker compose logs -f
update:
docker compose down
docker compose pull
docker compose up -d --force-recreate
feel free to check docker --help
and docker compose --help
to learn a lot more, but this is enough to deal with this setup
alias docker-compose="docker compose"
alias dstart="docker compose up -d"
alias dstop="docker compose down"
alias drestart="docker compose down; docker compose up -d"
alias dlogs="docker compose logs -f"
alias dupdate="docker compose down; docker compose pull; docker compose up -d --force-recreate"
alias dsh="docker compose exec \$(grep -A1 services docker-compose.yml|tail -1|cut -d: -f1|awk '{\$1=\$1};1') /bin/sh"
alias dbash="docker compose exec \$(grep -A1 services docker-compose.yml|tail -1|cut -d: -f1|awk '{\$1=\$1};1') /bin/bash"
note: the last 2 commands need a bit of tuning for docker-compose files containing more than a single service, I'll work on them ASAP
# compress a full folder, PRESERVING permissions (change the date as you want)
cd && tar cvzfp DockerIOT-20240414.tgz DockerIOT
# decompress a full folder, PRESERVING permissions
# BEWARE, risk of overwrite if something is already there in same folder, so better renaming the old one before with "mv DockerIOT DockerIOT-orig"
cd && tar xvzfp DockerIOT-20240414.tgz
# copy a folder from a linux system to an other, directly without windows:
# BEWARE, risk of overwrite if something is already on the remote system...
cd && scp -r DockerIOT root@192.168.1.X:/root
# copy a single file from 1 system to an other:
# SAFER way, as file is compressed and has a date in its name:
cd && scp DockerIOT-20240414.tgz root@192.168.1.X:/root
the iotmenu.sh
script (call it using bash iotmenu.sh
from inside the main DockerIOT folder) allows easy access to all the services, showing which one is running and on which ports, and all the above docker commands without having to remember their syntax.
you MUST add a line like this to your /etc/hosts
file pointing your device ip (change the X) with a name host
192.168.1.X host
every service in this repository is already configured to use host
to access other services, or ad hoc notes are present in each service README file, if needed. So, in nodered, point influxdb on host
, same for mqtt or whatever other service (ssh exec nodes, too).
a basic backup script is now added to this repo, it will create a folder for each week day under ./backup and under them 1 folder for each service, containing a tgz file with full datetime as name. If service is running, it will be stopped for consistent backup before, and restarted as soon as backup completed, while stopped services will just be compressed in the tgz without any other intervention.
you can run the backup script as is, with bash backup.sh
, or pass a folder name, in this case it will backup only that folder: bash backup.sh nodered
, for example. For easier access, it has been added to the iotmenu.sh
script, too, as 1st element for each service.