Tag Archives: docker

SELinux fix for Mergerfs to allow Docker and Samba access

I recently started using Snapraid and Mergerfs setup to manage my disk pool. I have ~27TB of raw storage which I am managing.

While setting up Mergerfs as usual ran into SELinux issues that will prohibit Docker and Samba access to the storage. So, here’s my fix.



Docker Container for SMTP Relay

SMTP Relay service allows you to use an external SMTP server to send your mails through. After many frustrating hours of working with several SMTP Relay Docker Images, I finally found the one that works.

Link: https://hub.docker.com/r/tecnativa/postfix-relay/

Configuration is very easy; Sample Run script

After this you will have a running Docker container that will relay all your emails to the “smtpserver” you have set.

Docker Container for phpMyAdmin

Been containerizing a lot of my tools and just added phpMyAdmin to that list.

It’s very easy to get going with it esp. if you also happen to have a Docker container running MySQL albeit with one minor issue.

Official docker hub page: https://hub.docker.com/r/phpmyadmin/phpmyadmin/

Use an example Docker Run script below

  • localport is the port you want phpMyAdmin to use. Generally it’s port 80 but I like to override that with a different port#
  • mysqlcontainer is the name of the running MySQL container
  • The “-e” option with “PMA_HOST” must be provided (atleast for now) with value equal to the name of the running MySQL container. Note that the official docs do not indicate that but without this I was receiving following error while trying to log in. So PMA_HOST is a workaround

#2002 – php_network_getaddresses: getaddrinfo failed: Name does not resolve — The server is not responding (or the local server’s socket is not


Docker Transmission Container with Windscribe VPN

Found this awesome container that has Transmission with VPN support which I can use with Windscribe VPN.

Docker Hub Link – https://hub.docker.com/r/haugene/transmission-openvpn/

Run command:

Things to keep in mind:

  • I had to use dns parameters with Google DNS because my Docker container was not able to resolve any domains. You may not need it
  • user name and password is different from the ones you use to login to Windscribe site. Get these from here: https://windscribe.com/getconfig/openvpn
  • iprange is something like depending upon your local area network
  • SELinux will cause issues. So, use following code to set an SELinux policy

  • All the “-e” options that start with TRANSMISSION are Optional but I find those useful to set
    • Use rpc_user / rpc_pass if you want to have transmission use a user for login
    • somescript is a post-download script you want to execute
    • Set the Upload speed and queue size
    • Set the Download queue size

Additionally, I discovered that by default this container will use Port 1194 to connect to Windscribe. I prefer to use 443. There are many ways you can override the port and here’s how I preferred to do it.

I downloaded the OVPN file from Windscribe using link: https://windscribe.com/getconfig/openvpn

Then modified the OVPN file to add “/config/openvpn-credentials.txt” at the end of the line that starts with “auth-user-pass”. The file referenced will be automatically created by the container with Windscribe user/pass values you provide in the Run script. Then OpenVPN can use this auth information and seamlessly connect to Windscribe.

Thereafter, modified the Run script to use a CUSTOM provider and also mapped the location of OVPN file to /etc/openvpn/custom/default.ovpn.

Notice that this does not have “OPENVPN_CONFIG” variable set. This is because we are overriding OpenVPN default config file.

Fire up your container, and you are all set!

Fixing Random Samba Share Lockouts w/Docker

Continuation of my previous post about fixing random Samba Share lockouts. I discovered that Docker and Samba were fighting to gain access to the folders. If I set the label to samba_share_t, then Docker loses access. If I allow Docker (with “Z” option while running container), then Docker resets the label to “svirt_sandbox_file_t”. How can I make both use it? Turns out there is a solution. Credit to this Serverfault post: https://serverfault.com/a/881098/449814

Create a new SELinux Policy Module to allow Samba to access the Docker label.

Then start the Docker container with Volumes mounted using “Z” option. You should now be good to go with both Samba and Docker living together happily ever after…


Configuring GD and Freetype on WordPress Docker Image

This applies to official WordPress image but can be used with PHP image also.

Create Dockerfile with following contents:

Build your image

Or you can use my image here.