After seeing someone else posting their struggles with getting Docker running on their system, I thought I might share my process for setting up new Docker nodes. I don't make any representations about my way being the right way, or the best way, but this way has been working for me. I have been playing around with a swarm, but if you aren't setting up a swarm you can just omit the swarm commands and some of the firewall allows (keep what you need open, obviously, like 22 for SSH if you're using it). Similarly, if you aren't connecting to a NAS, you can leave out the part about mounting external storage.
# new Docker Swarm node setup from fresh Debian Netinst
# as root, all nodes
apt install sudo
usermod -aG sudo [user]
logout
# as [user], all nodes
sudo apt update
sudo apt upgrade -y
sudo apt install fail2ban rkhunter ufw unattended-upgrades ca-certificates curl -y
sudo ufw allow 22
sudo ufw allow 2377
sudo ufw allow 7946
sudo ufw allow 4789
sudo ufw enable
sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian \
$(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt update
sudo apt install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin -y
sudo usermod -aG docker [user]
## Shared Storage Stuff, all nodes ##
nano ~/.smbcredentials
# paste the following:
# username=[cluserUser]
# password=[clusterPW]
#
# add mount point for shared storage
sudo nano /etc/fstab
# add the following to the bottom:
# /[NAS.IP.Address]/[ClusterStorageFolder]/ /home/[user]/share cifs credentials=/home/[user]/.smbcredentials 0 0
# on main node only
docker swarm init --advertise-address
# copy the join command, we'll need it next
# on any additional nodes, paste the command copied above
docker swarm join [...all the rest of the command...]
# for each docker container, on any manager node
mkdir ~/share/[serviceName]
cd ~/share/[serviceName]
# copy relevant compose.yml into the folder
# if necessary, also create any needed directories
docker compose up -d
docker compose down
docker stack deploy -c compose.yml
This position is wild to me. Kids go to school every day, where there is a library that has interlibrary loans as an option. The barrier you are suggesting is mostly imaginary. Libraries today offer ebooks, too, no travel required, and a higher barrier to entry (and thus, higher barrier to spreading misinformation), than the internet.
I'm honestly frustrated you would outright say I'm arguing in bad faith and I don't know where that accusation comes from. "Libraries are hard" is a really bad argument, you are pretending there is a larger barrier than there is and asserting it prohibits information transfer without any evidence to demonstrate it. You can ask the internet anything and have some search engine or LLM tell you why yoy are right, and that isn't exactly useful feedback.
Here's a bad faith argument: you seem to want the ease of asking a search bar for an answer without doing any of the work to understand the context of the response provided or its accuracy.
Here's a better faith one: people will use the tools available to them to the best they learn and feel inclined to do, and in both the past and the present paradigms, lots of people choose the lazy means of information consumption (what the paper/radio/TV says) than the more intellectually intensive (actual research or deferment to subject matter expert recommendation). Catering to that dynamic has been a net detriment to all society to the benefit of people selling impressions for the particularly "engaging" content being offered. I think we need to find a way to incentivize content creation and dispersion differently than what we're doing right now.