We will install Docker as our container engine; optionally we will install Nvidia drivers and "Nvidia Container Toolkit"; and we will configure SELinux to secure Docker.
- Run:
./scripts/docker_setup.sh admin. Adds the Docker repository, installs it, enables the service, and adds theadminuser to thedockergroup. - Run:
./scripts/selinux_setup.sh. Enables SELinux in Docker; restarts the Docker service for the changes to take effect; enables the flag that allows containers to manage the network and use the GPU; and installs the SELinux policies. These are required for some containers to be able to access Samba files and interact with WireGuard and for rsync to be able to backup the apps. - Optional: If you have a relatively modern Nvidia card, run:
./scripts/nvidia_setup.sh. Adds "RPM Fusion" and Nvidia repositories to install the driver and "Nvidia Container Toolkit" for Docker. It also registers the "Akmods" key in the Secure Boot chain. It is necessary to reboot and repeat the key enrollment process as we did with ZFS. After rebooting and logging in, don't forget to assumerootwithsudo -i. - Run:
./scripts/create_portainer_folder.shto generate the container directory on the SSD. - Run:
./scripts/run_portainer.sh. This runs a Portainer Community Edition container and will listen on port9443. - Configure Portainer from the browser.
- Access Portainer through https://192.168.1.253:9443. If you get a security alert, you can accept the risk since Portainer uses a self-signed SSL certificate.
- Set a random password and create user
admin. Bitwarden is recommended again for this. - Navigate to "Environments" > "local" and change "Public IP" with the server's hostname
server.lan.
