Package your first application
Let's take as an example, Matomo web analytics.
- Tired: Write your own image and compose file
- Wired: Use someone else's image (& maybe compose file)
- Inspired: Upstream image, someone else's compose file
- On fire: Upstream compose file
I'm feeling lazy so, luckily for me, Matomo already has an example compose file in their repository! Let's download and edit it:
$ mkdir matomo && cd matomo $ wget https://raw.githubusercontent.com/matomo-org/docker/master/.examples/apache/docker-compose.yml -O compose.yml
compose.yml in your favourite editor and have a gander . There are a few things we're looking for -- full list to come -- but a few things we can immediately see are:
- Let's bump the version to
3.8, to make sure we can use all the latest swarm coolness
- We load environment variables separately via abra, so we'll strip out
/var/www/htmlvolume definition on L21 is a bit overzealous; it means a copy of Matomo will be stored separately per app instance, which is a waste of space in most cases. We'll narrow it down according to the documentation -- here, the developers have been nice enough to suggest
configvolumes instead, which is a decent start
- The MySQL passwords are sent as variables which is fine for basic use, but if we replace them with Docker secrets we can keep them out of our env files if we want to publish those more widely.
- The MariaDB service doesn't need to be exposed to the internet, so we can define an
internalnetwork for it to communicate with Matomo.
- Lastly, we want to use
deploy.labelsand remove the
ports:definition, to tell Traefik to forward requests to Matomo based on hostname and generate an SSL certificate.
compose.yml is available here.
Now, create an
.envrc file (or call it anything else, but remember to specify the
-e option for
TYPE=matomo DOMAIN=matomo.example.com LETS_ENCRYPT_ENV=production SECRET_DB_PASSWORD_VERSION=v1 SECRET_DB_ROOT_PASSWORD_VERSION=v1
Then, open the
DOMAIN you configured (you might need to wait a while for Traefik to generate SSL certificates) to finish the set-up. Luckily, this container is (mostly) configurable via environment variables -- if we want to auto-generate the configuration we can use a
config and / or a custom
coop-cloud/mediawiki for examples of both).