I'm trying out a home server with debian installed. I've also installed https://yacht.sh/docs/Pages/Applications and am now going to make a postgres docker. I'm not familiar with yacht.sh I'm just trying it out. But I want a docker postgres server for my random scripts to connect to. For that purpose, which network mode would be best for this? I'm generally familiar with docker in an amateur sense, this is just a hole in my knowledge.
I'm reserving a native debian install of postgres for a different purpose.
I'm open to unrelated suggestions about what to install on my new home server. Samba is already installed, Jellyfin is next after this.
Some ideas, you could create a wireguard VPN so you can connect to your home wifi network from outside the home. And you could run some kind of torrent client in a container which is bridged through an anonymizing VPN.
I've had it in mind to do the latter someday. I'd like it to be able to drop torrent files/magnet links through some web interface from any device, and then it would handle downloading the torrent and automatically disconnect after it reaches some upload ratio.
Yeah that's a super fun project. Most clients already have images with bundled VPNs. I like arch-delugevpn. There's a webui and Android thin clients. Then you can get even further into automating getting media with sonarr/radar and overseerr.
I believe you need to set the network mode tohostto allow scripts run on the host to connect with docker containers running in the daemon on that host. I could be mistaken (or maybe things have changed since), but I remember being unable to use certain fancy automatic devops stuff for a web application I was working on because I couldn't usehostnetwork mode.Edit: apparently I'm wrong; never mind
eventually I figured out bridge mode gives each container (or the bridge itself? idk) it's own IP address and that mostly Just Worked™.
Yeah, bridge is good because it allows the containers to communicate using their container IP while you can access them using the host IP and container port.
Also recommend throwing Nginx or Nginx proxy manager on there to help you manage routing and domain names. If you create a record in your router you can point it to your host machine then let Nginx figure out which container and port it is by reading the URL.
I think I forgot to mention, my scripts will probably mostly not be inside docker containers, is that an issue for which network type to select?
As long as you define a port for the container (not familiar with yacht, but eg add a
portssection to the compose file) the DB engine will be reachable on localhost at that port.Eg for postgres' default ports.
ports: - "5432:5432"If there's no firewall on the docker daemon host, and no IP range restrictions in postgres' configuration, this would also be reachable from other machines on your local network.
My understanding is that what you're describing does not work when a container is in
bridgenetwork mode; in my experience the behavior you're talking about requires that a container be inhostnetwork mode.Seems OK in bridge mode, though I am running a few months behind latest for docker itself
https://hexbear.net/pictrs/image/AEj1GMKo5E.png
I use podman in prod and docker locally since podman wasn't playing nice with WSL
