Removing Docker Images, Containers, Volumes, and Networks

Docker is a free, open-source tool for application containerization. Containers are isolated environments similar to virtual machines (VMs), but they are more lightweight and portable across platforms, requiring fewer system resources. Docker uses OS-level virtualization, leveraging features built into the Linux kernel. This guide walks through installing Docker on Ubuntu 22.04 but also applies to other Ubuntu versions. Additionally, we’ll download Docker Compose, a tool essential for managing multiple containers efficiently. For this guide, we will use a Hostman cloud server. System Requirements According to Docker's documentation, the following 64-bit Ubuntu versions are supported: Ubuntu Oracular 24.10 Ubuntu Noble 24.04 (LTS) Ubuntu Jammy 22.04 (LTS) Ubuntu Focal 20.04 (LTS) Docker works on most popular architectures. The resource requirements for your device will depend on your intended use and how comfortably you want to work with Docker. The scale of applications you plan to deploy in containers will largely dictate the system needs. Some sources recommend a minimum of 2 GB of RAM. Additionally, a stable internet connection is required. Installing Docker on Ubuntu 22.04 Installing Docker on Ubuntu 22.04 involves executing a series of terminal commands. Below is a step-by-step guide with explanations. The steps are also applicable to server versions of Ubuntu. 1. Update Package Indexes The default repository may not always contain the latest software releases. Therefore, we will download Docker from its official repository to ensure the latest version. First, update the package indexes: sudo apt update 2. Install Additional Packages To install Docker, you’ll need to download four additional packages: curl: Required for interacting with web resources. software-properties-common: Enables software management via scripts. ca-certificates: Contains information about certification authorities. apt-transport-https: Necessary for data transfer over the HTTPS protocol. Download these packages with the following command: sudo apt install curl software-properties-common ca-certificates apt-transport-https -y The -y flag automatically answers "Yes" to all terminal prompts. 3. Import the GPG Key The GPG key is required to verify software signatures. It is needed to add Docker's repository to the local list. Import the GPG key with the following command: wget -O- https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor | sudo tee /etc/apt/keyrings/docker.gpg > /dev/null During the import process, the terminal may display a warning before confirming the successful execution of the command. 4. Add Docker Repository Add the repository for your version of Ubuntu, named "Jammy." For other versions, use their respective code names listed in the "System Requirements" section. Run the following command: echo "deb [arch=amd64 signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu jammy stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null During execution, the terminal will prompt you to confirm the operation. Press Enter. 5. Update Package Indexes Again After making these changes, update the package indexes once more using the familiar command: sudo apt update 6. Verify the Repository Ensure that the installation will proceed from the correct repository by running the following command: apt-cache policy docker-ce Output example: The output may vary depending on the latest Docker releases. The key point is to confirm that the installation will be performed from Docker's official repository. 7. Installing Docker After configuring the repositories, proceed with the Docker installation: sudo apt install docker-ce -y The installation process will begin immediately. To confirm a successful installation, check Docker's status in the system: sudo systemctl status docker Output example: The output should indicate that the Docker service is active and running. Installing Docker Compose Docker Compose is a Docker tool designed for managing multiple containers. It is commonly used in projects where many containers must work together as a unified system. Managing this process manually can be challenging. Instead, you describe the entire configuration in a single YAML file containing the settings and configurations for all containers and their applications. There are several ways to install Docker Compose. If you need the latest version, make sure to use manual installation and installation via the Git version control system. Installation via apt-get If having the latest version is not critical for you, Docker Compose can be installed directly from the Ubuntu repository. Run the following command: sudo apt-get install docker-compose Installing via Git First, install Git: sudo apt-get install git Verify the installation by checking the Git version: git --version The output should show the Git version. Next, clone the Docker Compose repository. Navigate to the Docker Compose GitHub page and copy the repository URL. Run the following command to clone the repository: git clone https://github.com/docker/compose.git The cloning process will begin, and the repository will be downloaded from GitHub. Manual Installation Go to the Docker Compose GitHub repository and locate the latest release version under the Latest tag. At the time of writing, the Latest version of Docker Compose is v2.31.0. Let's download it: sudo curl -L "https://github.com/docker/compose/releases/download/v2.31.0/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose In this command, the parameters $(uname -s) and $(uname -m) automatically account for the system characteristics and architecture. After the download finishes, change the file's permissions: sudo chmod +x /usr/local/bin/docker-compose Conclusion In this guide, we covered the installation of Docker on Ubuntu 22.04, along with several ways to install Docker Compose. You can order a cloud server at Hostman for your experiments and practice.

Nextcloud is an open-source software for creating and using your own cloud storage. It allows users to store data, synchronize it between devices, and share files through a user-friendly interface. This solution is ideal for those prioritizing privacy and security over public cloud services. Nextcloud offers a range of features, including file management, calendars, contacts, and integration with other services and applications. When deploying Nextcloud, Docker provides a convenient and efficient way to install and manage the application. Docker uses containerization technology, simplifying deployment and configuration and ensuring scalability and portability. Combining Docker with Docker Compose allows you to automate and standardize the deployment process, making it accessible even to users with minimal technical expertise. In this guide, we'll walk you through installing Nextcloud using Docker Compose, configuring Nginx as a reverse proxy, and obtaining an SSL certificate with Certbot to secure your connection. Installing Docker and Docker Compose Docker is a powerful tool for developers that makes deploying and running applications in containers easy. Docker Compose simplifies orchestration of multi-container applications using YAML configuration files, which streamline the setup and management of complex applications. Download the installation script by running the command: curl -fsSL https://get.docker.com -o get-docker.sh This script automates the Docker installation process for various Linux distributions. Run the installation script: sudo sh ./get-docker.sh This command installs both Docker and Docker Compose. You can add the --dry-run option to preview the actions without executing them. After the script completes, verify that Docker and Docker Compose are installed correctly by using the following commands: docker -vdocker compose version These commands should display the installed versions, confirming successful installation. Preparing to Install Nextcloud Creating a Working Directory In Linux, third-party applications are often installed in the /opt directory. Navigate to this directory with the command: cd /opt Create a folder named mynextcloud in the /opt directory, which will serve as the working directory for your Nextcloud instance: mkdir mynextcloud Configuring the docker-compose.yml File After creating the directory, navigate into it: cd mynextcloud We will define the Docker Compose configuration in the docker-compose.yml file. To edit this file, use a text editor such as nano or vim: nano docker-compose.yml In the docker-compose.yml file, you should include the following content: version: '2' volumes: mynextcloud: db: services: db: image: mariadb:10.6 restart: unless-stopped command: --transaction-isolation=READ-COMMITTED --log-bin=binlog --binlog-format=ROW volumes: - db:/var/lib/mysql environment: - MYSQL_ROOT_PASSWORD=RootPass - MYSQL_PASSWORD=NextPass - MYSQL_DATABASE=nextclouddb - MYSQL_USER=nextclouduser app: image: nextcloud restart: unless-stopped ports: - 8081:80 links: - db volumes: - mynextcloud:/var/www/html environment: - MYSQL_PASSWORD=NextPass - MYSQL_DATABASE=nextclouddb - MYSQL_USER=nextclouduser - MYSQL_HOST=db Parameters in this file: version: '2': Specifies the version of Docker Compose being used. Version 2 is known for its simplicity and stability. volumes: Defines two named volumes: mynextcloud for app data and db for database storage. services: db: image: Uses the MariaDB 10.6 image. restart: Automatically restarts the service unless manually stopped. volumes: Binds the db volume to /var/lib/mysql in the container for persistent database storage. environment: Sets environment variables like passwords, database name, and user credentials. app: image: Uses the Nextcloud image. ports: Maps port 8081 on the host to port 80 inside the container, allowing access to Nextcloud through port 8081. links: Links the app container to the db container for database interaction. volumes: Binds the mynextcloud volume to /var/www/html for storing Nextcloud files. environment: Configures database-related environment variables, linking the Nextcloud app to the database. This configuration sets up your application and database environment. Now, we can move on to launching and configuring Nextcloud. Running and Configuring Nextcloud Once the docker-compose.yml configuration is ready, you can start the project. Run the following commands in the mynextcloud directory to download the necessary images and start the containers: docker compose pulldocker compose up The docker compose pull command will download the required Nextcloud and MariaDB images. The docker compose up command will launch the containers based on your configuration. The initial setup may take a while. When it’s complete, you will see messages like: nextcloud-app-1  | New nextcloud instancenextcloud-app-1  | Initializing finished After the initial configuration, you can access Nextcloud through your browser. Enter http://server-ip:8081 into the browser’s address bar. You will be prompted to create an administrator account by providing your desired username and password. During the initial configuration, you can also choose additional apps to install. Stopping and Restarting Containers in Detached Mode After verifying that Nextcloud is running correctly through the web interface, you can restart the containers in detached mode to keep them running in the background. If the containers are still running in interactive mode (after executing docker compose up without the -d flag), stop them by pressing Ctrl+C in the terminal. To restart the containers in detached mode, use the command: docker compose up -d The -d flag stands for "detached mode," which allows the containers to run in the background independently of your terminal session. Now the containers are running in the background. If you have a domain ready, you can proceed with configuring the server as a reverse proxy. Setting up Nginx as a Reverse Proxy Installation Nginx is often chosen as a reverse proxy due to its performance and flexibility. You can install it by running the command: sudo apt install nginx Configuring Nginx Create a configuration file for your domain (e.g., nextcloud-test.com). Use a text editor to create the file in the /etc/nginx/sites-available directory: sudo nano /etc/nginx/sites-available/nextcloud-test.com Add the following directives to the file: server { listen 80; server_name nextcloud-test.com; location / { proxy_pass http://localhost:8081; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; add_header Strict-Transport-Security "max-age=15552000; includeSubDomains" always; } location ^~ /.well-known { location = /.well-known/carddav { return 301 /remote.php/dav/; } location = /.well-known/caldav { return 301 /remote.php/dav/; } location /.well-known/acme-challenge { try_files $uri $uri/ =404; } location /.well-known/pki-validation { try_files $uri $uri/ =404; } return 301 /index.php$request_uri; } } This configuration sets up the web server to proxy requests to Nextcloud running on port 8081, with headers for security and proxying. Key Configuration Details Basic Configuration: server { listen 80; server_name nextcloud-test.com; location / { proxy_pass http://localhost:8081; ... } } This block configures the server to listen on port 80 (standard HTTP) and handle requests directed to nextcloud-test.com. Requests are proxied to the Docker container running Nextcloud on port 8081. Proxy Settings: proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; These headers ensure that the original request information (like the client’s IP address and request protocol) is passed on to the application, which is important for proper functionality and security. HSTS (HTTP Strict Transport Security): add_header Strict-Transport-Security "max-age=15552000; includeSubDomains" always; This header enforces security by instructing browsers only to use HTTPS when accessing your site for the next 180 days. Well-Known URI Settings: location ^~ /.well-known { ... } This block handles special requests to .well-known URIs, used for service discovery (e.g., CalDAV, CardDAV) and domain ownership verification (e.g., for SSL certificates). Enabling the Nginx Configuration Create a symbolic link to the configuration file from the /etc/nginx/sites-enabled/ directory: sudo ln -s /etc/nginx/sites-available/nextcloud-test.com /etc/nginx/sites-enabled/ Now restart Nginx to apply the new configuration: sudo systemctl restart nginx At this point, your web server is configured as a reverse proxy for the Nextcloud application, and you can access it via your domain (note that you might initially see an "Access through untrusted domain" error, which we’ll fix later). Configuring SSL Certificates with Certbot Installing Certbot Certbot is a tool from the Electronic Frontier Foundation (EFF) used for obtaining and managing SSL certificates from Let's Encrypt. It automates the process, enhancing your website's security by encrypting the data exchanged between the server and its users. To install Certbot and the Nginx plugin, use the following command: sudo apt install certbot python3-certbot-nginx Obtaining and Installing the SSL Certificate To obtain an SSL certificate for your domain and configure the web server to use it, run the command: sudo certbot --non-interactive -m [email protected] --agree-tos --no-eff-email --nginx -d nextcloud-test.com In this command: --non-interactive: Runs Certbot without interactive prompts. -m [email protected]: Specifies the admin email for notifications. --agree-tos: Automatically agrees to Let's Encrypt’s terms of service. --no-eff-email: Opts out of EFF-related emails. --nginx: Uses the Nginx plugin to automatically configure SSL. -d nextcloud-test.com: Specifies the domain for which the certificate is issued. Certbot will automatically update the Nginx configuration to use the SSL certificate, including setting up HTTP-to-HTTPS redirection. After Certbot completes the process, restart Nginx to apply the changes: sudo systemctl restart nginx Now, your Nextcloud instance is secured with an SSL certificate, and all communication between the server and clients will be encrypted. Fixing the "Access through Untrusted Domain" Error When accessing Nextcloud through your domain, you may encounter an "Access through untrusted domain" error. This occurs because the initial configuration was done using the server’s IP address. Since our application is running inside a container, you can either use docker exec or modify the Docker volume directly. We’ll use the latter method since we created Docker volumes earlier in the docker-compose.yml file. First, list your Docker volumes: docker volume ls Find the volume named mynextcloud_mynextcloud. To access the volume, run: docker volume inspect mynextcloud_mynextcloud Look for the Mountpoint value to find the path to the volume. Change to that directory: cd /var/lib/docker/volumes/mynextcloud_mynextcloud/_data Navigate to the config directory and open the config.php file for editing: cd confignano config.php In the file, update the following lines: Change overwrite.cli.url from http://server_ip:8081 to https://your_domain. In the trusted_domains section, replace server_ip:8081 with your domain. Add the line 'overwriteprotocol' => 'https' after overwrite.cli.url to ensure all resources load via HTTPS. Save the changes (in Nano, use Ctrl+O, then Ctrl+X to exit). After saving the changes in config.php, you should be able to access the application through your domain without encountering the "untrusted domain" error. Conclusion Following these steps, you’ll have a fully functional, secure Nextcloud instance running in a containerized environment.

When working with Docker, users deal with images which are executable files that contain everything needed to run an application, including the app's source code, libraries, etc. These images are stored in specialized repositories known as registries, which can be either private or public. The most well-known public registry is Docker Hub, where you can find many official images like Nginx, PostgreSQL, Alpine, Ubuntu, Node, and MongoDB. Users can register on Docker Hub and store their images, with access to three private repositories and one public repository by default. Docker Hub is the default registry used by Docker to pull images. This guide will cover changing Docker's default registry to another one. Using External Docker Registries A simple way to use external registries is to leverage third-party registries offered by companies like Google and Amazon. Below is a list of public registries you can use: Owner Registry URL Google https://mirror.gcr.io Amazon https://public.ecr.aws Red Hat https://quay.io https://registry.access.redhat.com https://registry.redhat.io Using unknown external Docker registries may pose security risks, so proceed with caution. Follow the steps below to switch the default Docker Hub registry to another one. Linux Configuration Open the daemon.json file using any text editor. If Docker is installed normally (not in rootless mode), the file is located in /etc/docker. If the file doesn’t exist, the command will create it: nano /etc/docker/daemon.json For Docker in rootless mode, the file is located at ~/.config/docker in the user's home directory. Again, the command will create the file if it doesn't exist: nano ~/.config/docker/daemon.json Add the following parameter to set a new default registry (https://mirror.gcr.io in this example): {  "registry-mirrors": ["https://mirror.gcr.io"]} Save and exit the file. Restart the Docker service to apply the changes: systemctl reload docker Now, when you pull an image, Docker will use the newly specified registry. For example, pull the Alpine image from Google's registry: docker pull mirror.gcr.io/alpine You can also specify a tag. For instance, pull Nginx version 1.25.2: docker pull mirror.gcr.io/nginx:1.25.2 Windows Configuration (Docker Desktop) Open the daemon.json file located at: C:\Users\<your_username>\.docker\daemon.json Add the registry-mirrors parameter: {  "registry-mirrors": ["https://mirror.gcr.io"]} Save the file, then restart Docker. Right-click the Docker icon in the system tray and select "Restart." Alternatively, you can configure the registry via Docker Desktop’s UI. Go to the Docker Engine section and add: {  "registry-mirrors": ["https://mirror.gcr.io"]} Click Apply & Restart to save the changes and restart Docker. After restarting, Docker will use the new registry for image pulls. For example, download a curl image: docker pull mirror.gcr.io/curlimages/curl To pull a specific version, specify the tag. For example: docker pull mirror.gcr.io/node:21-alpine Using Nexus as a Docker Registry You can also use Nexus to manage Docker images. Nexus supports proxy repositories, which cache images pulled from external registries like Docker Hub. This allows Nexus to act as a caching proxy repository for Docker images, which can be useful if external registries are unavailable. Setting up a Proxy Repository in Nexus Log in to Nexus using an administrator or a user with repository creation rights. Go to Server Administration and Configuration and navigate to Repositories. Click Create repository and choose the docker (proxy) type. Fill out the necessary fields: Name: Give the repository a unique name. Online: Ensure this checkbox is checked, allowing the repository to accept incoming requests. If Nexus is behind a proxy server (such as Nginx), you won’t need to use ports for authentication. If no proxy is used, assign a unique port for HTTP or HTTPS. Allow anonymous docker pull: If checked, you won’t need to authenticate using docker login. If not checked, you’ll need to log in before pulling images. Remote storage: Specify the URL of the external registry (e.g., https://registry-1.docker.io for Docker Hub). After the repository is created, log in to the Nexus registry (if authentication is required) using: docker login <nexus_registry_address> To pull an image, use the following format: docker pull <nexus_registry_address>/image_name:tag For example, to pull a Python image with tag 3.8.19-alpine: docker pull nexus-repo.com/python:3.8.19-alpine Avoid using the latest tag for security reasons, as it may contain bugs or vulnerabilities. Conclusion This article reviewed several methods for pulling and storing Docker images. Using third-party Docker registries can be helpful when the default registry is unavailable. If you don’t trust external registries, you can always set up your own private or public registry.