Setup

From my previous post, I am using a docker folder structure like /home/<username>/Docker/<container> to store my data and docker-compose files.

So first make the Portainer folder

cd ~/Docker
mkdir portainer && cd portainer
vi docker-compose.yml

Next we take the basic template from before and setup our Portainer container.

version: "3"
services:
  portainer:
    container_name: portainer
    image: portainer/portainer
    command: -H unix:///var/run/docker.sock
    ports:
      - 9000:9000
    volumes:
      - ${PWD}/data:/data
    labels:
      - "traefik.enable=true"
      - "traefik.frontend.rule=Host:portainer.domain.com"
      - "traefik.port=9000"

So a few things I learned while setting up Portainer is that, in my last post, all my containers (traefik and whoami) were in the same docker-compose file. Therefore they used the same network interface. This isn’t true anymore as Portainer has its own file and we need to create a seperate network for all the containers to use together.

To make a new network run

docker network create webproxy

I just call it webproxy because it is a proxy for my web-services.

We can now change the old traefik+whoami docker-compose file to look like this

version: "3"

services:
  traefik:
    container_name: traefik
    image: traefik:alpine
    ports:
      - 80:80
      - 443:443
    # - 8080:8080
    volumes:
      - ${PWD}/config:/etc/traefik
      - /var/run/docker.sock:/var/run/docker.sock
    labels:
      - "traefik.enable=true"
      - "traefik.frontend.rule=Host:traefik.domain.com"
      - "traefik.port=8080"
  whoami:
    container_name: whoami
    image: emilevauge/whoami
    labels:
      - "traefik.enable=true"
      - "traefik.frontend.rule=Host:whoami.domain.com"

networks:
  default:
    external:
      name: webproxy

As you can also see, I have commented out the port setting of the traefik container. This is done because I don’t want it to be accessible on http://domain.com:8080. I want it to be available exclusively on https://traefik.domain.com.

Going back to the Portainer file from above, I have made a few changed as seen here

version: "3"

services:
  portainer:
    container_name: portainer
    image: portainer/portainer
    command: -H unix:///var/run/docker.sock
    volumes:
      - ${PWD}/data:/data
      - /var/run/docker.sock:/var/run/docker.sock
    labels:
      - "traefik.enable=true"
      - "traefik.frontend.rule=Host:portainer.domain.com"
      - "traefik.port=9000"

networks:
  default:
    external:
      name: webproxy

Now we can start the container using docker-compose up -d and access it (after a minute or two) at portainer.domain.com First setup a username and password and then login.

Backup

I like to keep a simple daily backup of my Portainer data, so I can restore it if anything happens. Portainer doesn’t really store anything besides your login information, but I still like to have a backup.

Like my folder ~/Docker, I am creading a Backup folder in the same location.

cd ~
mkdir Backup && cd Backup

Inside there, I want folders like my docker folder, so let us create a Portainer folder.

mkdir portainer && cd portainer
vi portainer.sh

The script is a very simple bash script that backs up the data folder every day at 4am.

#!/bin/bash

NOW=$(date +"%Y%m%d-%H%M")
CURPATH='/home/<username>/Backup/portainer'
echo $(/bin/mkdir -p "$CURPATH/$NOW")
echo $(/usr/bin/rsync -av --delete /home/<username>/Docker/portainer/data/ "$CURPATH/$NOW")

First we set up the environment and create two variables. NOW is a string like 20181017-0400 and CURPATH is just the current working path we want to use. Then we create a folder at the path with the date-name. Using rsync we copy the data from our Portainer folder to the backup folder.

In order to use the script we need to make it executabel

chmod +x portainer.sh

Since some of the files are protected, we need to use sudo to run the script. In order to run it automatically, set up a cron job

sudo crontab -e

Add a line like

0 4 * * * bash /home/<username>/Backup/portainer/portainer.sh

Here we want to execute the script every day at 4:00am

Restore

Restoring is just as simple.

mv /home/<username>/Backup/portainer/<date>/ /home/<username>/Docker/portainer/data/

If you moved your backup to another server or need to restore the date to another server, just use scp to move the data.

scp /home/<username>Backup/portainer/<date>/ <username>@domain.com:/home/<username>/Docker/portainer/data/