Raspberry Pi 4 8GB RAM
CoolerMaster CPU Cooler
DietPi ARMv8 Bullseye -> microSD boot
think lean. most applications should be available in Docker, so we won't want to use DietPi-Software if they are available. Netdata may need a native install though for hardware sensors.
must deploy MariaDB first. Docker stack name is lars3_snipeit
---
version: "2.1"
services:
mariadb:
image: lscr.io/linuxserver/mariadb:latest
container_name: mariadb.lars3
environment:
- PUID=1000
- PGID=1000
- MYSQL_ROOT_PASSWORD=supersecretROOTpassword
- TZ=America/Chicago
volumes:
- mariadb_config:/config
ports:
- 3306:3306
restart: unless-stopped
volumes:
mariadb_config:
use Portainer console on mariadb.lars3 to run mysql -u root -p & execute the statements below.
create statements for snipeIT DB, DB user & permissions
create database snipeit_lars3;
grant all privileges on snipeit_lars3.* TO 'svc_docker'@'%' identified by 'supersecretSQLpassword';
flush privileges;
note: we're being a little silly here allowing access from any (%) host, as we are localhost. this is needed once you separate the application from the SQL server.
MariaDB - https://docs.linuxserver.io/images/docker-mariadb
SnipeIT - https://docs.linuxserver.io/images/docker-snipe-it
---
version: "2.1"
services:
mariadb:
image: lscr.io/linuxserver/mariadb:latest
container_name: mariadb.lars3
environment:
- PUID=1000
- PGID=1000
- MYSQL_ROOT_PASSWORD=supersecretROOTpassword
- TZ=America/Chicago
volumes:
- mariadb_config:/config
ports:
- 3306:3306
restart: unless-stopped
snipe-it:
image: lscr.io/linuxserver/snipe-it:latest
container_name: snipe-it.lars3
environment:
- PUID=1000
- PGID=1000
- APP_URL=http://DockerPi1:8080
- MYSQL_PORT_3306_TCP_ADDR=192.168.86.56
- MYSQL_PORT_3306_TCP_PORT=3306
- MYSQL_DATABASE=snipeit_lars3
- MYSQL_USER=svc_docker
- MYSQL_PASSWORD=supersecretSQLpassword
- TZ=US/Central
volumes:
- snipeit_config:/config
ports:
- 8080:80
restart: unless-stopped
volumes:
mariadb_config:
snipeit_config:
pre-req - Sign up for https://netdata.cloud via Google to get UI & API access/keys
Netdata - https://learn.netdata.cloud/docs/agent/packaging/docker
version: '3'
services:
netdata:
image: netdata/netdata
container_name: netdata.lars3
hostname: DockerPi1 # set to fqdn of host
ports:
- 19999:19999
restart: unless-stopped
cap_add:
- SYS_PTRACE
security_opt:
- apparmor:unconfined
volumes:
- netdataconfig:/etc/netdata
- netdatalib:/var/lib/netdata
- netdatacache:/var/cache/netdata
- /etc/passwd:/host/etc/passwd:ro
- /etc/group:/host/etc/group:ro
- /proc:/host/proc:ro
- /sys:/host/sys:ro
- /etc/os-release:/host/etc/os-release:ro
environment:
- NETDATA_CLAIM_TOKEN=iW3I_7YvPdBnn8zQk0YiQGqg7epTlJywr_ccMYoyGytqdc3dC8I1zGtKQZoIDvg9HQB-pjs2hDwhe2ecMniOZ2nLrfGHVxqsNfFw5SuImkV3pJB6serw-YQl52XgDCtpIWWLkik
- NETDATA_CLAIM_URL=https://app.netdata.cloud
- NETDATA_CLAIM_ROOMS=
volumes:
netdataconfig:
netdatalib:
netdatacache:
/home/dietpi/backup.scripts/sqlbackup.bak.sh
mysqldump -h192.168.86.56 -P3306 -uroot -psupersecretROOTpassword snipeit_lars3 > /mnt/omv1_ironwolf1/backups/db/snipeit_lars3_backup-`date +"%Y-%m-%d"`.sql
halt & prepare to add CIFS network drive to DockerPi1 for backups
sudo mkdir /mnt/omv1_ironwolf1
make & setup SMB credentials file
touch /home/dietpi/.smbcredentials.omv1
chmod 600 /home/dietpi/.smbcredentials.omv1
edit credentials file
username=mysecretusername
password=mysecretpassword
add the following to /etc/fstab
//192.168.56.34/ironwolf1 /mnt/omv1_ironwolf1 cifs credentials=/home/dietpi/.smbcredentials.omv1,iocharset=utf8,uid=1000,gid=1000,forceuid,forcegid,_netdev 0 0
verify SMB permissions on omv1
this is where we left off on 2/9
verify SMB credentials used on other devices that were used to connect to omv1/ironwolf1
we should also double-check omv1's ACL for ironwolf1 & verify permissions
crontab add
# begin nightly DB backups
0 22 * * * sh /home/dietpi/backup.scripts/sqlbackup.bak.sh