Ebook Syafi
Koleksi
Admin
← Kembali ke Upgrade Kerjaya Dengan Homelab
Edit Bab
Tajuk Bab
Urutan
Jenis
Syarat & Amaran
Mukadimah
Bab/Chapter
Penutup
Kandungan HTML
<h1 id="bab-7-docker-dan-container">Bab 7: Docker dan Container</h1> <p>Okay, sekarang kita masuk bahagian yang saya rasa paling exciting dalam homelab — Docker! Kalau tadi kita belajar virtualisasi (komputer dalam komputer), Docker pula macam “kotak berasingan” untuk setiap aplikasi. Setiap kotak ada semua yang app tu perlukan, dan kotak-kotak ni tak kacau antara satu sama lain.</p> <p><strong>Apa yang anda akan belajar:</strong></p> <ul> <li>Konsep image, container, volume, dan network</li> <li>Cara pasang Docker dan deploy service pertama menggunakan Docker Compose</li> <li>Struktur folder yang kemas untuk mengurus banyak service</li> </ul> <h2 id="cara-ikut-bab-ini">Cara Ikut Bab Ini</h2> <ol type="1"> <li>Pasang Docker dahulu dan sahkan dengan <code>hello-world</code>.</li> <li>Deploy satu service mudah dahulu sebelum cuba satu stack besar.</li> <li>Biasakan diri dengan log, volume, dan port kerana tiga perkara ini paling kerap digunakan.</li> </ol> <blockquote> <p><strong>Nota Beginner:</strong> Cara paling mudah memahami Docker ialah anggap setiap service sebagai satu folder yang ada satu fail <code>docker-compose.yml</code> dan satu tempat simpan data. Itu sahaja. Jangan overthink.</p> </blockquote> <h3 id="laluan-paling-mudah-untuk-beginner">Laluan Paling Mudah untuk Beginner</h3> <ul> <li>Pasang Docker, uji <code>hello-world</code>, kemudian deploy satu service mudah seperti Uptime Kuma atau Vaultwarden.</li> <li>Gunakan satu folder per service supaya config dan data tidak bercampur.</li> <li>Belajar tiga benda dulu: <code>ports</code>, <code>volumes</code>, dan <code>logs</code>.</li> </ul> <h2 id="langkah-1-mulakan-dengan-gambaran-besar">Langkah 1: Mulakan dengan Gambaran Besar</h2> <p>Docker mengubah cara ramai orang memasang dan mengurus aplikasi. Dulu, nak install satu app kena install macam-macam dependency, configure banyak benda, dan kadang-kadang satu app boleh rosakkan app lain.</p> <p>Dengan Docker, semua tu dah settle. Setiap app jalan dalam container sendiri, dengan dependency sendiri. Bersih, kemas, dan mudah diulang semula jika berlaku masalah.</p> <figure><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 800 500" width="800" height="500"> <defs> <linearGradient id="bg3" x1="0%" y1="0%" x2="100%" y2="100%"> <stop offset="0%" style="stop-color:#f8f9fa"/> <stop offset="100%" style="stop-color:#e9ecef"/> </linearGradient> </defs> <rect width="800" height="500" fill="url(#bg3)" rx="10"/> <text x="400" y="35" font-family="Arial" font-size="18" font-weight="bold" fill="#2d3436" text-anchor="middle">Seni Bina Docker & Docker Compose</text> <!-- Docker Host --> <rect x="40" y="50" width="720" height="430" rx="10" fill="#e8f4f8" stroke="#0db7ed" stroke-width="2" stroke-dasharray="8,4"/> <text x="400" y="75" font-family="Arial" font-size="14" font-weight="bold" fill="#0db7ed" text-anchor="middle">Docker Host</text> <!-- Reverse Proxy --> <rect x="250" y="90" width="300" height="55" rx="8" fill="#e17055" stroke="#d63031" stroke-width="2"/> <text x="400" y="115" font-family="Arial" font-size="13" font-weight="bold" fill="#fff" text-anchor="middle">Traefik / Nginx Proxy Manager</text> <text x="400" y="133" font-family="Arial" font-size="10" fill="#ffeaa7" text-anchor="middle">Port 80/443 - SSL Automatik</text> <!-- Arrow down --> <line x1="400" y1="145" x2="400" y2="170" stroke="#636e72" stroke-width="2" marker-end="url(#arrowhead)"/> <!-- Docker Network --> <rect x="60" y="170" width="680" height="295" rx="8" fill="rgba(13,183,237,0.08)" stroke="#0db7ed" stroke-width="1"/> <text x="400" y="190" font-family="Arial" font-size="12" fill="#0db7ed" text-anchor="middle">Rangkaian Docker (docker-network)</text> <!-- Container Row 1 --> <rect x="80" y="205" width="145" height="100" rx="6" fill="#0984e3" stroke="#74b9ff" stroke-width="1.5"/> <text x="152" y="228" font-family="Arial" font-size="12" font-weight="bold" fill="#fff" text-anchor="middle">Nextcloud</text> <text x="152" y="248" font-family="Arial" font-size="10" fill="#dfe6e9" text-anchor="middle">Storan Awan</text> <rect x="92" y="260" width="121" height="35" rx="3" fill="rgba(255,255,255,0.15)"/> <text x="152" y="275" font-family="Arial" font-size="9" fill="#dfe6e9" text-anchor="middle">Volume: /data</text> <text x="152" y="288" font-family="Arial" font-size="9" fill="#dfe6e9" text-anchor="middle">Port: 8080</text> <rect x="240" y="205" width="145" height="100" rx="6" fill="#00b894" stroke="#55efc4" stroke-width="1.5"/> <text x="312" y="228" font-family="Arial" font-size="12" font-weight="bold" fill="#fff" text-anchor="middle">Gitea</text> <text x="312" y="248" font-family="Arial" font-size="10" fill="#dfe6e9" text-anchor="middle">Git Hosting</text> <rect x="252" y="260" width="121" height="35" rx="3" fill="rgba(255,255,255,0.15)"/> <text x="312" y="275" font-family="Arial" font-size="9" fill="#dfe6e9" text-anchor="middle">Volume: /repos</text> <text x="312" y="288" font-family="Arial" font-size="9" fill="#dfe6e9" text-anchor="middle">Port: 3000</text> <rect x="400" y="205" width="145" height="100" rx="6" fill="#6c5ce7" stroke="#a29bfe" stroke-width="1.5"/> <text x="472" y="228" font-family="Arial" font-size="12" font-weight="bold" fill="#fff" text-anchor="middle">Vaultwarden</text> <text x="472" y="248" font-family="Arial" font-size="10" fill="#dfe6e9" text-anchor="middle">Pengurus Kata Laluan</text> <rect x="412" y="260" width="121" height="35" rx="3" fill="rgba(255,255,255,0.15)"/> <text x="472" y="275" font-family="Arial" font-size="9" fill="#dfe6e9" text-anchor="middle">Volume: /data</text> <text x="472" y="288" font-family="Arial" font-size="9" fill="#dfe6e9" text-anchor="middle">Port: 8000</text> <rect x="560" y="205" width="165" height="100" rx="6" fill="#fdcb6e" stroke="#f9ca24" stroke-width="1.5"/> <text x="642" y="228" font-family="Arial" font-size="12" font-weight="bold" fill="#2d3436" text-anchor="middle">Home Assistant</text> <text x="642" y="248" font-family="Arial" font-size="10" fill="#636e72" text-anchor="middle">Automasi Rumah</text> <rect x="572" y="260" width="141" height="35" rx="3" fill="rgba(0,0,0,0.08)"/> <text x="642" y="275" font-family="Arial" font-size="9" fill="#636e72" text-anchor="middle">Volume: /config</text> <text x="642" y="288" font-family="Arial" font-size="9" fill="#636e72" text-anchor="middle">Port: 8123</text> <!-- Container Row 2 --> <rect x="80" y="320" width="145" height="100" rx="6" fill="#e84393" stroke="#fd79a8" stroke-width="1.5"/> <text x="152" y="343" font-family="Arial" font-size="12" font-weight="bold" fill="#fff" text-anchor="middle">Grafana</text> <text x="152" y="363" font-family="Arial" font-size="10" fill="#dfe6e9" text-anchor="middle">Pemantauan</text> <rect x="92" y="375" width="121" height="35" rx="3" fill="rgba(255,255,255,0.15)"/> <text x="152" y="390" font-family="Arial" font-size="9" fill="#dfe6e9" text-anchor="middle">Volume: /grafana</text> <text x="152" y="403" font-family="Arial" font-size="9" fill="#dfe6e9" text-anchor="middle">Port: 3000</text> <rect x="240" y="320" width="145" height="100" rx="6" fill="#00cec9" stroke="#81ecec" stroke-width="1.5"/> <text x="312" y="343" font-family="Arial" font-size="12" font-weight="bold" fill="#fff" text-anchor="middle">Pi-hole</text> <text x="312" y="363" font-family="Arial" font-size="10" fill="#dfe6e9" text-anchor="middle">DNS & Ad-block</text> <rect x="252" y="375" width="121" height="35" rx="3" fill="rgba(255,255,255,0.15)"/> <text x="312" y="390" font-family="Arial" font-size="9" fill="#dfe6e9" text-anchor="middle">Volume: /pihole</text> <text x="312" y="403" font-family="Arial" font-size="9" fill="#dfe6e9" text-anchor="middle">Port: 53, 8081</text> <rect x="400" y="320" width="145" height="100" rx="6" fill="#636e72" stroke="#b2bec3" stroke-width="1.5"/> <text x="472" y="343" font-family="Arial" font-size="12" font-weight="bold" fill="#fff" text-anchor="middle">Portainer</text> <text x="472" y="363" font-family="Arial" font-size="10" fill="#dfe6e9" text-anchor="middle">Pengurusan Docker</text> <rect x="412" y="375" width="121" height="35" rx="3" fill="rgba(255,255,255,0.15)"/> <text x="472" y="390" font-family="Arial" font-size="9" fill="#dfe6e9" text-anchor="middle">Volume: /docker.sock</text> <text x="472" y="403" font-family="Arial" font-size="9" fill="#dfe6e9" text-anchor="middle">Port: 9443</text> <rect x="560" y="320" width="165" height="100" rx="6" fill="#2d3436" stroke="#636e72" stroke-width="1.5"/> <text x="642" y="343" font-family="Arial" font-size="12" font-weight="bold" fill="#dfe6e9" text-anchor="middle">Watchtower</text> <text x="642" y="363" font-family="Arial" font-size="10" fill="#b2bec3" text-anchor="middle">Auto-Kemas Kini</text> <rect x="572" y="375" width="141" height="35" rx="3" fill="rgba(255,255,255,0.08)"/> <text x="642" y="390" font-family="Arial" font-size="9" fill="#b2bec3" text-anchor="middle">Volume: /docker.sock</text> <text x="642" y="403" font-family="Arial" font-size="9" fill="#b2bec3" text-anchor="middle">Jadual: Harian</text> </svg> <figcaption>Seni Bina Docker & Docker Compose</figcaption></figure> <h2 id="langkah-2-faham-apa-itu-docker">Langkah 2: Faham Apa Itu Docker?</h2> <p>Docker adalah platform container yang membungkus aplikasi bersama semua kebergantungannya ke dalam unit yang dipanggil <strong>container</strong>. Setiap container berjalan secara terpencil tetapi berkongsi kernel OS host.</p> <h3 id="perbezaan-docker-vs-mesin-maya">Perbezaan Docker vs Mesin Maya</h3> <p>Ini soalan yang ramai orang tanya. Mari kita tengok perbezaan dia:</p> <pre><code>Mesin Maya: Docker: ┌──────────────┐ ┌──────┐ ┌──────┐ ┌──────┐ │ Aplikasi A │ │App A │ │App B │ │App C │ ├──────────────┤ ├──────┤ ├──────┤ ├──────┤ │ OS Penuh │ │ Libs │ │ Libs │ │ Libs │ ├──────────────┤ └──────┘ └──────┘ └──────┘ │ Hypervisor │ ┌─────────────────────────┐ ├──────────────┤ │ Docker Engine │ │ OS Hos │ ├─────────────────────────┤ ├──────────────┤ │ OS Hos │ │ Perkakasan │ ├─────────────────────────┤ └──────────────┘ │ Perkakasan │ └─────────────────────────┘ Saiz: GB Saiz: MB Boot: Minit Boot: Saat</code></pre> <p>Nampak tak perbezaan dia? VM perlu satu OS penuh untuk setiap instance. Docker hanya perlu app dan library dia sahaja. Sebab tu Docker jauh lebih ringan dan laju.</p> <h3 id="konsep-utama-docker">Konsep Utama Docker</h3> <table> <colgroup> <col style="width: 50%" /> <col style="width: 50%" /> </colgroup> <thead> <tr class="header"> <th>Konsep</th> <th>Penerangan</th> </tr> </thead> <tbody> <tr class="odd"> <td><strong>Image</strong></td> <td>Template baca sahaja untuk mencipta container</td> </tr> <tr class="even"> <td><strong>Container</strong></td> <td>Instance berjalan daripada image</td> </tr> <tr class="odd"> <td><strong>Dockerfile</strong></td> <td>Skrip untuk membina image</td> </tr> <tr class="even"> <td><strong>Volume</strong></td> <td>Storan berterusan untuk data container</td> </tr> <tr class="odd"> <td><strong>Network</strong></td> <td>Rangkaian maya untuk komunikasi antara container</td> </tr> <tr class="even"> <td><strong>Registry</strong></td> <td>Repositori untuk menyimpan dan berkongsi image (Docker Hub)</td> </tr> </tbody> </table> <blockquote> <p><strong>Nota Beginner:</strong> Analogi mudah — Image macam resipi, Container macam masakan yang dah siap dimasak. Satu resipi boleh buat banyak masakan, dan setiap masakan berdiri sendiri.</p> </blockquote> <h2 id="langkah-3-pemasangan-docker">Langkah 3: Pemasangan Docker</h2> <h3 id="pada-ubuntudebian">Pada Ubuntu/Debian</h3> <p>Ikut langkah ni satu per satu. Copy paste je arahan di bawah.</p> <div class="sourceCode" id="cb2"><pre class="sourceCode bash"><code class="sourceCode bash"><span id="cb2-1"><a href="#cb2-1" aria-hidden="true" tabindex="-1"></a><span class="co"># Buang versi lama</span></span> <span id="cb2-2"><a href="#cb2-2" aria-hidden="true" tabindex="-1"></a><span class="fu">sudo</span> apt remove docker docker-engine docker.io containerd runc</span> <span id="cb2-3"><a href="#cb2-3" aria-hidden="true" tabindex="-1"></a></span> <span id="cb2-4"><a href="#cb2-4" aria-hidden="true" tabindex="-1"></a><span class="co"># Pasang kebergantungan</span></span> <span id="cb2-5"><a href="#cb2-5" aria-hidden="true" tabindex="-1"></a><span class="fu">sudo</span> apt update</span> <span id="cb2-6"><a href="#cb2-6" aria-hidden="true" tabindex="-1"></a><span class="fu">sudo</span> apt install <span class="at">-y</span> ca-certificates curl gnupg</span> <span id="cb2-7"><a href="#cb2-7" aria-hidden="true" tabindex="-1"></a></span> <span id="cb2-8"><a href="#cb2-8" aria-hidden="true" tabindex="-1"></a><span class="co"># Tambah kunci GPG rasmi Docker</span></span> <span id="cb2-9"><a href="#cb2-9" aria-hidden="true" tabindex="-1"></a><span class="fu">sudo</span> install <span class="at">-m</span> 0755 <span class="at">-d</span> /etc/apt/keyrings</span> <span id="cb2-10"><a href="#cb2-10" aria-hidden="true" tabindex="-1"></a><span class="ex">curl</span> <span class="at">-fsSL</span> https://download.docker.com/linux/ubuntu/gpg <span class="kw">|</span> <span class="dt">\</span></span> <span id="cb2-11"><a href="#cb2-11" aria-hidden="true" tabindex="-1"></a> <span class="fu">sudo</span> gpg <span class="at">--dearmor</span> <span class="at">-o</span> /etc/apt/keyrings/docker.gpg</span> <span id="cb2-12"><a href="#cb2-12" aria-hidden="true" tabindex="-1"></a><span class="fu">sudo</span> chmod a+r /etc/apt/keyrings/docker.gpg</span> <span id="cb2-13"><a href="#cb2-13" aria-hidden="true" tabindex="-1"></a></span> <span id="cb2-14"><a href="#cb2-14" aria-hidden="true" tabindex="-1"></a><span class="co"># Tambah repositori</span></span> <span id="cb2-15"><a href="#cb2-15" aria-hidden="true" tabindex="-1"></a><span class="bu">echo</span> <span class="dt">\</span></span> <span id="cb2-16"><a href="#cb2-16" aria-hidden="true" tabindex="-1"></a> <span class="st">"deb [arch=</span><span class="va">$(</span><span class="ex">dpkg</span> <span class="at">--print-architecture</span><span class="va">)</span><span class="st"> </span><span class="dt">\</span></span> <span id="cb2-17"><a href="#cb2-17" aria-hidden="true" tabindex="-1"></a><span class="st"> signed-by=/etc/apt/keyrings/docker.gpg] </span><span class="dt">\</span></span> <span id="cb2-18"><a href="#cb2-18" aria-hidden="true" tabindex="-1"></a><span class="st"> https://download.docker.com/linux/ubuntu </span><span class="dt">\</span></span> <span id="cb2-19"><a href="#cb2-19" aria-hidden="true" tabindex="-1"></a><span class="st"> </span><span class="va">$(</span><span class="bu">.</span> /etc/os-release <span class="kw">&&</span> <span class="bu">echo</span> <span class="st">"</span><span class="va">$VERSION_CODENAME</span><span class="st">"</span><span class="va">)</span><span class="st"> stable"</span> <span class="kw">|</span> <span class="dt">\</span></span> <span id="cb2-20"><a href="#cb2-20" aria-hidden="true" tabindex="-1"></a> <span class="fu">sudo</span> tee /etc/apt/sources.list.d/docker.list <span class="op">></span> /dev/null</span> <span id="cb2-21"><a href="#cb2-21" aria-hidden="true" tabindex="-1"></a></span> <span id="cb2-22"><a href="#cb2-22" aria-hidden="true" tabindex="-1"></a><span class="co"># Pasang Docker</span></span> <span id="cb2-23"><a href="#cb2-23" aria-hidden="true" tabindex="-1"></a><span class="fu">sudo</span> apt update</span> <span id="cb2-24"><a href="#cb2-24" aria-hidden="true" tabindex="-1"></a><span class="fu">sudo</span> apt install <span class="at">-y</span> docker-ce docker-ce-cli <span class="dt">\</span></span> <span id="cb2-25"><a href="#cb2-25" aria-hidden="true" tabindex="-1"></a> containerd.io docker-buildx-plugin docker-compose-plugin</span> <span id="cb2-26"><a href="#cb2-26" aria-hidden="true" tabindex="-1"></a></span> <span id="cb2-27"><a href="#cb2-27" aria-hidden="true" tabindex="-1"></a><span class="co"># Tambah pengguna ke kumpulan docker</span></span> <span id="cb2-28"><a href="#cb2-28" aria-hidden="true" tabindex="-1"></a><span class="fu">sudo</span> usermod <span class="at">-aG</span> docker <span class="va">$USER</span></span></code></pre></div> <p>Log keluar dan log masuk semula untuk perubahan kumpulan berkuat kuasa.</p> <blockquote> <p><strong>Nota Beginner:</strong> Arahan <code>usermod -aG docker $USER</code> membolehkan anda guna Docker tanpa <code>sudo</code> setiap kali. Penting untuk kemudahan. Tapi anda perlu log out dan log in balik (atau reboot) untuk ia berkuat kuasa.</p> </blockquote> <h3 id="pengesahan-pemasangan">Pengesahan Pemasangan</h3> <div class="sourceCode" id="cb3"><pre class="sourceCode bash"><code class="sourceCode bash"><span id="cb3-1"><a href="#cb3-1" aria-hidden="true" tabindex="-1"></a><span class="co"># Periksa versi</span></span> <span id="cb3-2"><a href="#cb3-2" aria-hidden="true" tabindex="-1"></a><span class="ex">docker</span> <span class="at">--version</span></span> <span id="cb3-3"><a href="#cb3-3" aria-hidden="true" tabindex="-1"></a><span class="ex">docker</span> compose version</span> <span id="cb3-4"><a href="#cb3-4" aria-hidden="true" tabindex="-1"></a></span> <span id="cb3-5"><a href="#cb3-5" aria-hidden="true" tabindex="-1"></a><span class="co"># Jalankan container ujian</span></span> <span id="cb3-6"><a href="#cb3-6" aria-hidden="true" tabindex="-1"></a><span class="ex">docker</span> run hello-world</span></code></pre></div> <p>Kalau anda nampak mesej “Hello from Docker!” — tahniah, Docker dah berjaya dipasang!</p> <h2 id="langkah-4-docker-compose">Langkah 4: Docker Compose</h2> <p>Docker Compose membolehkan anda mendefinisikan dan menjalankan aplikasi Docker berbilang container menggunakan fail YAML. Ini cara yang paling popular untuk deploy service dalam homelab.</p> <h3 id="struktur-fail-docker-compose.yml">Struktur Fail docker-compose.yml</h3> <div class="sourceCode" id="cb4"><pre class="sourceCode yaml"><code class="sourceCode yaml"><span id="cb4-1"><a href="#cb4-1" aria-hidden="true" tabindex="-1"></a><span class="co"># Contoh asas docker-compose.yml</span></span> <span id="cb4-2"><a href="#cb4-2" aria-hidden="true" tabindex="-1"></a><span class="fu">services</span><span class="kw">:</span></span> <span id="cb4-3"><a href="#cb4-3" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">nama-perkhidmatan</span><span class="kw">:</span></span> <span id="cb4-4"><a href="#cb4-4" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">image</span><span class="kw">:</span><span class="at"> nama-image:tag</span></span> <span id="cb4-5"><a href="#cb4-5" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">container_name</span><span class="kw">:</span><span class="at"> nama-kontena</span></span> <span id="cb4-6"><a href="#cb4-6" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">ports</span><span class="kw">:</span></span> <span id="cb4-7"><a href="#cb4-7" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> </span><span class="st">"port-hos:port-kontena"</span></span> <span id="cb4-8"><a href="#cb4-8" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">volumes</span><span class="kw">:</span></span> <span id="cb4-9"><a href="#cb4-9" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> ./data-tempatan:/data-kontena</span></span> <span id="cb4-10"><a href="#cb4-10" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">environment</span><span class="kw">:</span></span> <span id="cb4-11"><a href="#cb4-11" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> VARIABLE=nilai</span></span> <span id="cb4-12"><a href="#cb4-12" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">restart</span><span class="kw">:</span><span class="at"> unless-stopped</span></span> <span id="cb4-13"><a href="#cb4-13" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">networks</span><span class="kw">:</span></span> <span id="cb4-14"><a href="#cb4-14" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> rangkaian-nama</span></span> <span id="cb4-15"><a href="#cb4-15" aria-hidden="true" tabindex="-1"></a></span> <span id="cb4-16"><a href="#cb4-16" aria-hidden="true" tabindex="-1"></a><span class="fu">networks</span><span class="kw">:</span></span> <span id="cb4-17"><a href="#cb4-17" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">rangkaian-nama</span><span class="kw">:</span></span> <span id="cb4-18"><a href="#cb4-18" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">driver</span><span class="kw">:</span><span class="at"> bridge</span></span></code></pre></div> <p>Tip dari saya — sentiasa guna <code>restart: unless-stopped</code> supaya container auto-start bila server reboot. Satu benda kecil tapi sangat penting.</p> <h3 id="arahan-docker-compose-asas">Arahan Docker Compose Asas</h3> <p>Ini arahan yang anda akan guna setiap hari. Hafal je lima arahan pertama, yang lain boleh rujuk balik bila perlu.</p> <div class="sourceCode" id="cb5"><pre class="sourceCode bash"><code class="sourceCode bash"><span id="cb5-1"><a href="#cb5-1" aria-hidden="true" tabindex="-1"></a><span class="co"># Mulakan semua perkhidmatan</span></span> <span id="cb5-2"><a href="#cb5-2" aria-hidden="true" tabindex="-1"></a><span class="ex">docker</span> compose up <span class="at">-d</span></span> <span id="cb5-3"><a href="#cb5-3" aria-hidden="true" tabindex="-1"></a></span> <span id="cb5-4"><a href="#cb5-4" aria-hidden="true" tabindex="-1"></a><span class="co"># Hentikan semua perkhidmatan</span></span> <span id="cb5-5"><a href="#cb5-5" aria-hidden="true" tabindex="-1"></a><span class="ex">docker</span> compose down</span> <span id="cb5-6"><a href="#cb5-6" aria-hidden="true" tabindex="-1"></a></span> <span id="cb5-7"><a href="#cb5-7" aria-hidden="true" tabindex="-1"></a><span class="co"># Lihat log</span></span> <span id="cb5-8"><a href="#cb5-8" aria-hidden="true" tabindex="-1"></a><span class="ex">docker</span> compose logs <span class="at">-f</span></span> <span id="cb5-9"><a href="#cb5-9" aria-hidden="true" tabindex="-1"></a></span> <span id="cb5-10"><a href="#cb5-10" aria-hidden="true" tabindex="-1"></a><span class="co"># Lihat status</span></span> <span id="cb5-11"><a href="#cb5-11" aria-hidden="true" tabindex="-1"></a><span class="ex">docker</span> compose ps</span> <span id="cb5-12"><a href="#cb5-12" aria-hidden="true" tabindex="-1"></a></span> <span id="cb5-13"><a href="#cb5-13" aria-hidden="true" tabindex="-1"></a><span class="co"># Mulakan semula perkhidmatan</span></span> <span id="cb5-14"><a href="#cb5-14" aria-hidden="true" tabindex="-1"></a><span class="ex">docker</span> compose restart nama-perkhidmatan</span> <span id="cb5-15"><a href="#cb5-15" aria-hidden="true" tabindex="-1"></a></span> <span id="cb5-16"><a href="#cb5-16" aria-hidden="true" tabindex="-1"></a><span class="co"># Tarik imej terkini</span></span> <span id="cb5-17"><a href="#cb5-17" aria-hidden="true" tabindex="-1"></a><span class="ex">docker</span> compose pull</span> <span id="cb5-18"><a href="#cb5-18" aria-hidden="true" tabindex="-1"></a></span> <span id="cb5-19"><a href="#cb5-19" aria-hidden="true" tabindex="-1"></a><span class="co"># Bina semula dan mulakan</span></span> <span id="cb5-20"><a href="#cb5-20" aria-hidden="true" tabindex="-1"></a><span class="ex">docker</span> compose up <span class="at">-d</span> <span class="at">--build</span></span></code></pre></div> <blockquote> <p><strong>Nota Beginner:</strong> Flag <code>-d</code> bermaksud “detached” — container jalan di background. Flag <code>-f</code> pada <code>logs</code> bermaksud “follow” — log keluar secara live. Tekan <code>Ctrl+C</code> untuk keluar dari mod follow.</p> </blockquote> <h2 id="langkah-5-bina-projek-docker-untuk-homelab">Langkah 5: Bina Projek Docker untuk Homelab</h2> <h3 id="struktur-direktori-disyorkan">Struktur Direktori Disyorkan</h3> <p>Ini struktur folder yang saya cadangkan. Ia kemas, mudah di-backup, dan mudah dipindahkan ke server lain.</p> <pre><code>/opt/docker/ ├── docker-compose.yml # Fail utama ├── .env # Pembolehubah persekitaran ├── traefik/ │ ├── traefik.yml │ └── acme.json ├── nextcloud/ │ └── data/ ├── vaultwarden/ │ └── data/ ├── pihole/ │ ├── etc-pihole/ │ └── etc-dnsmasq.d/ ├── gitea/ │ └── data/ ├── grafana/ │ └── data/ ├── homeassistant/ │ └── config/ └── portainer/ └── data/</code></pre> <h3 id="fail-.env">Fail .env</h3> <p>Fail <code>.env</code> simpan pembolehubah yang digunakan dalam <code>docker-compose.yml</code>. Guna satu tempat untuk semua setting supaya senang diubah.</p> <div class="sourceCode" id="cb7"><pre class="sourceCode bash"><code class="sourceCode bash"><span id="cb7-1"><a href="#cb7-1" aria-hidden="true" tabindex="-1"></a><span class="co"># .env - Pembolehubah persekitaran</span></span> <span id="cb7-2"><a href="#cb7-2" aria-hidden="true" tabindex="-1"></a><span class="va">PUID</span><span class="op">=</span>1000</span> <span id="cb7-3"><a href="#cb7-3" aria-hidden="true" tabindex="-1"></a><span class="va">PGID</span><span class="op">=</span>1000</span> <span id="cb7-4"><a href="#cb7-4" aria-hidden="true" tabindex="-1"></a><span class="va">TZ</span><span class="op">=</span>Asia/Kuala_Lumpur</span> <span id="cb7-5"><a href="#cb7-5" aria-hidden="true" tabindex="-1"></a><span class="va">DOMAIN</span><span class="op">=</span>lab.local</span> <span id="cb7-6"><a href="#cb7-6" aria-hidden="true" tabindex="-1"></a><span class="va">DATA_DIR</span><span class="op">=</span>/opt/docker</span></code></pre></div> <h3 id="docker-compose-lengkap-untuk-homelab">Docker Compose Lengkap untuk Homelab</h3> <p>Ini contoh stack homelab yang lengkap. Anda tak perlu deploy semua sekali — pilih mana yang anda perlukan dulu.</p> <div class="sourceCode" id="cb8"><pre class="sourceCode yaml"><code class="sourceCode yaml"><span id="cb8-1"><a href="#cb8-1" aria-hidden="true" tabindex="-1"></a><span class="co"># docker-compose.yml - Stack Homelab Lengkap</span></span> <span id="cb8-2"><a href="#cb8-2" aria-hidden="true" tabindex="-1"></a></span> <span id="cb8-3"><a href="#cb8-3" aria-hidden="true" tabindex="-1"></a><span class="fu">services</span><span class="kw">:</span></span> <span id="cb8-4"><a href="#cb8-4" aria-hidden="true" tabindex="-1"></a><span class="co"> # ============================================</span></span> <span id="cb8-5"><a href="#cb8-5" aria-hidden="true" tabindex="-1"></a><span class="co"> # Portainer - Pengurusan Docker</span></span> <span id="cb8-6"><a href="#cb8-6" aria-hidden="true" tabindex="-1"></a><span class="co"> # ============================================</span></span> <span id="cb8-7"><a href="#cb8-7" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">portainer</span><span class="kw">:</span></span> <span id="cb8-8"><a href="#cb8-8" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">image</span><span class="kw">:</span><span class="at"> portainer/portainer-ce:latest</span></span> <span id="cb8-9"><a href="#cb8-9" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">container_name</span><span class="kw">:</span><span class="at"> portainer</span></span> <span id="cb8-10"><a href="#cb8-10" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">ports</span><span class="kw">:</span></span> <span id="cb8-11"><a href="#cb8-11" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> </span><span class="st">"9443:9443"</span></span> <span id="cb8-12"><a href="#cb8-12" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">volumes</span><span class="kw">:</span></span> <span id="cb8-13"><a href="#cb8-13" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> /var/run/docker.sock:/var/run/docker.sock</span></span> <span id="cb8-14"><a href="#cb8-14" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> ./portainer/data:/data</span></span> <span id="cb8-15"><a href="#cb8-15" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">restart</span><span class="kw">:</span><span class="at"> unless-stopped</span></span> <span id="cb8-16"><a href="#cb8-16" aria-hidden="true" tabindex="-1"></a></span> <span id="cb8-17"><a href="#cb8-17" aria-hidden="true" tabindex="-1"></a><span class="co"> # ============================================</span></span> <span id="cb8-18"><a href="#cb8-18" aria-hidden="true" tabindex="-1"></a><span class="co"> # Nextcloud - Storan Awan Peribadi</span></span> <span id="cb8-19"><a href="#cb8-19" aria-hidden="true" tabindex="-1"></a><span class="co"> # ============================================</span></span> <span id="cb8-20"><a href="#cb8-20" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">nextcloud-db</span><span class="kw">:</span></span> <span id="cb8-21"><a href="#cb8-21" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">image</span><span class="kw">:</span><span class="at"> mariadb:latest</span></span> <span id="cb8-22"><a href="#cb8-22" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">container_name</span><span class="kw">:</span><span class="at"> nextcloud-db</span></span> <span id="cb8-23"><a href="#cb8-23" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">environment</span><span class="kw">:</span></span> <span id="cb8-24"><a href="#cb8-24" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">MYSQL_ROOT_PASSWORD</span><span class="kw">:</span><span class="at"> ${DB_ROOT_PASS}</span></span> <span id="cb8-25"><a href="#cb8-25" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">MYSQL_DATABASE</span><span class="kw">:</span><span class="at"> nextcloud</span></span> <span id="cb8-26"><a href="#cb8-26" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">MYSQL_USER</span><span class="kw">:</span><span class="at"> nextcloud</span></span> <span id="cb8-27"><a href="#cb8-27" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">MYSQL_PASSWORD</span><span class="kw">:</span><span class="at"> ${DB_PASS}</span></span> <span id="cb8-28"><a href="#cb8-28" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">volumes</span><span class="kw">:</span></span> <span id="cb8-29"><a href="#cb8-29" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> ./nextcloud/db:/var/lib/mysql</span></span> <span id="cb8-30"><a href="#cb8-30" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">restart</span><span class="kw">:</span><span class="at"> unless-stopped</span></span> <span id="cb8-31"><a href="#cb8-31" aria-hidden="true" tabindex="-1"></a></span> <span id="cb8-32"><a href="#cb8-32" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">nextcloud</span><span class="kw">:</span></span> <span id="cb8-33"><a href="#cb8-33" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">image</span><span class="kw">:</span><span class="at"> nextcloud:latest</span></span> <span id="cb8-34"><a href="#cb8-34" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">container_name</span><span class="kw">:</span><span class="at"> nextcloud</span></span> <span id="cb8-35"><a href="#cb8-35" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">ports</span><span class="kw">:</span></span> <span id="cb8-36"><a href="#cb8-36" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> </span><span class="st">"8080:80"</span></span> <span id="cb8-37"><a href="#cb8-37" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">environment</span><span class="kw">:</span></span> <span id="cb8-38"><a href="#cb8-38" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">MYSQL_HOST</span><span class="kw">:</span><span class="at"> nextcloud-db</span></span> <span id="cb8-39"><a href="#cb8-39" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">MYSQL_DATABASE</span><span class="kw">:</span><span class="at"> nextcloud</span></span> <span id="cb8-40"><a href="#cb8-40" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">MYSQL_USER</span><span class="kw">:</span><span class="at"> nextcloud</span></span> <span id="cb8-41"><a href="#cb8-41" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">MYSQL_PASSWORD</span><span class="kw">:</span><span class="at"> ${DB_PASS}</span></span> <span id="cb8-42"><a href="#cb8-42" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">NEXTCLOUD_TRUSTED_DOMAINS</span><span class="kw">:</span><span class="at"> </span><span class="st">"nextcloud.${DOMAIN}"</span></span> <span id="cb8-43"><a href="#cb8-43" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">volumes</span><span class="kw">:</span></span> <span id="cb8-44"><a href="#cb8-44" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> ./nextcloud/data:/var/www/html</span></span> <span id="cb8-45"><a href="#cb8-45" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">depends_on</span><span class="kw">:</span></span> <span id="cb8-46"><a href="#cb8-46" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> nextcloud-db</span></span> <span id="cb8-47"><a href="#cb8-47" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">restart</span><span class="kw">:</span><span class="at"> unless-stopped</span></span> <span id="cb8-48"><a href="#cb8-48" aria-hidden="true" tabindex="-1"></a></span> <span id="cb8-49"><a href="#cb8-49" aria-hidden="true" tabindex="-1"></a><span class="co"> # ============================================</span></span> <span id="cb8-50"><a href="#cb8-50" aria-hidden="true" tabindex="-1"></a><span class="co"> # Vaultwarden - Pengurus Kata Laluan</span></span> <span id="cb8-51"><a href="#cb8-51" aria-hidden="true" tabindex="-1"></a><span class="co"> # ============================================</span></span> <span id="cb8-52"><a href="#cb8-52" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">vaultwarden</span><span class="kw">:</span></span> <span id="cb8-53"><a href="#cb8-53" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">image</span><span class="kw">:</span><span class="at"> vaultwarden/server:latest</span></span> <span id="cb8-54"><a href="#cb8-54" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">container_name</span><span class="kw">:</span><span class="at"> vaultwarden</span></span> <span id="cb8-55"><a href="#cb8-55" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">ports</span><span class="kw">:</span></span> <span id="cb8-56"><a href="#cb8-56" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> </span><span class="st">"8000:80"</span></span> <span id="cb8-57"><a href="#cb8-57" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">environment</span><span class="kw">:</span></span> <span id="cb8-58"><a href="#cb8-58" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">DOMAIN</span><span class="kw">:</span><span class="at"> </span><span class="st">"https://vault.${DOMAIN}"</span></span> <span id="cb8-59"><a href="#cb8-59" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">SIGNUPS_ALLOWED</span><span class="kw">:</span><span class="at"> </span><span class="st">"true"</span></span> <span id="cb8-60"><a href="#cb8-60" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">volumes</span><span class="kw">:</span></span> <span id="cb8-61"><a href="#cb8-61" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> ./vaultwarden/data:/data</span></span> <span id="cb8-62"><a href="#cb8-62" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">restart</span><span class="kw">:</span><span class="at"> unless-stopped</span></span> <span id="cb8-63"><a href="#cb8-63" aria-hidden="true" tabindex="-1"></a></span> <span id="cb8-64"><a href="#cb8-64" aria-hidden="true" tabindex="-1"></a><span class="co"> # ============================================</span></span> <span id="cb8-65"><a href="#cb8-65" aria-hidden="true" tabindex="-1"></a><span class="co"> # Jellyfin - Server Media</span></span> <span id="cb8-66"><a href="#cb8-66" aria-hidden="true" tabindex="-1"></a><span class="co"> # ============================================</span></span> <span id="cb8-67"><a href="#cb8-67" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">jellyfin</span><span class="kw">:</span></span> <span id="cb8-68"><a href="#cb8-68" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">image</span><span class="kw">:</span><span class="at"> jellyfin/jellyfin:latest</span></span> <span id="cb8-69"><a href="#cb8-69" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">container_name</span><span class="kw">:</span><span class="at"> jellyfin</span></span> <span id="cb8-70"><a href="#cb8-70" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">ports</span><span class="kw">:</span></span> <span id="cb8-71"><a href="#cb8-71" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> </span><span class="st">"8096:8096"</span></span> <span id="cb8-72"><a href="#cb8-72" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">volumes</span><span class="kw">:</span></span> <span id="cb8-73"><a href="#cb8-73" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> ./jellyfin/config:/config</span></span> <span id="cb8-74"><a href="#cb8-74" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> ./jellyfin/cache:/cache</span></span> <span id="cb8-75"><a href="#cb8-75" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> /path/to/media:/media:ro</span></span> <span id="cb8-76"><a href="#cb8-76" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">restart</span><span class="kw">:</span><span class="at"> unless-stopped</span></span> <span id="cb8-77"><a href="#cb8-77" aria-hidden="true" tabindex="-1"></a></span> <span id="cb8-78"><a href="#cb8-78" aria-hidden="true" tabindex="-1"></a><span class="co"> # ============================================</span></span> <span id="cb8-79"><a href="#cb8-79" aria-hidden="true" tabindex="-1"></a><span class="co"> # Home Assistant - Automasi Rumah</span></span> <span id="cb8-80"><a href="#cb8-80" aria-hidden="true" tabindex="-1"></a><span class="co"> # ============================================</span></span> <span id="cb8-81"><a href="#cb8-81" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">homeassistant</span><span class="kw">:</span></span> <span id="cb8-82"><a href="#cb8-82" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">image</span><span class="kw">:</span><span class="at"> ghcr.io/home-assistant/home-assistant:stable</span></span> <span id="cb8-83"><a href="#cb8-83" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">container_name</span><span class="kw">:</span><span class="at"> homeassistant</span></span> <span id="cb8-84"><a href="#cb8-84" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">ports</span><span class="kw">:</span></span> <span id="cb8-85"><a href="#cb8-85" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> </span><span class="st">"8123:8123"</span></span> <span id="cb8-86"><a href="#cb8-86" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">volumes</span><span class="kw">:</span></span> <span id="cb8-87"><a href="#cb8-87" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> ./homeassistant/config:/config</span></span> <span id="cb8-88"><a href="#cb8-88" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> /etc/localtime:/etc/localtime:ro</span></span> <span id="cb8-89"><a href="#cb8-89" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">restart</span><span class="kw">:</span><span class="at"> unless-stopped</span></span> <span id="cb8-90"><a href="#cb8-90" aria-hidden="true" tabindex="-1"></a></span> <span id="cb8-91"><a href="#cb8-91" aria-hidden="true" tabindex="-1"></a><span class="co"> # ============================================</span></span> <span id="cb8-92"><a href="#cb8-92" aria-hidden="true" tabindex="-1"></a><span class="co"> # Gitea - Git Hosting</span></span> <span id="cb8-93"><a href="#cb8-93" aria-hidden="true" tabindex="-1"></a><span class="co"> # ============================================</span></span> <span id="cb8-94"><a href="#cb8-94" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">gitea</span><span class="kw">:</span></span> <span id="cb8-95"><a href="#cb8-95" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">image</span><span class="kw">:</span><span class="at"> gitea/gitea:latest</span></span> <span id="cb8-96"><a href="#cb8-96" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">container_name</span><span class="kw">:</span><span class="at"> gitea</span></span> <span id="cb8-97"><a href="#cb8-97" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">ports</span><span class="kw">:</span></span> <span id="cb8-98"><a href="#cb8-98" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> </span><span class="st">"3000:3000"</span></span> <span id="cb8-99"><a href="#cb8-99" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> </span><span class="st">"2222:22"</span></span> <span id="cb8-100"><a href="#cb8-100" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">environment</span><span class="kw">:</span></span> <span id="cb8-101"><a href="#cb8-101" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">USER_UID</span><span class="kw">:</span><span class="at"> ${PUID}</span></span> <span id="cb8-102"><a href="#cb8-102" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">USER_GID</span><span class="kw">:</span><span class="at"> ${PGID}</span></span> <span id="cb8-103"><a href="#cb8-103" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">volumes</span><span class="kw">:</span></span> <span id="cb8-104"><a href="#cb8-104" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> ./gitea/data:/data</span></span> <span id="cb8-105"><a href="#cb8-105" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> /etc/timezone:/etc/timezone:ro</span></span> <span id="cb8-106"><a href="#cb8-106" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> /etc/localtime:/etc/localtime:ro</span></span> <span id="cb8-107"><a href="#cb8-107" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">restart</span><span class="kw">:</span><span class="at"> unless-stopped</span></span> <span id="cb8-108"><a href="#cb8-108" aria-hidden="true" tabindex="-1"></a></span> <span id="cb8-109"><a href="#cb8-109" aria-hidden="true" tabindex="-1"></a><span class="co"> # ============================================</span></span> <span id="cb8-110"><a href="#cb8-110" aria-hidden="true" tabindex="-1"></a><span class="co"> # Uptime Kuma - Pemantauan</span></span> <span id="cb8-111"><a href="#cb8-111" aria-hidden="true" tabindex="-1"></a><span class="co"> # ============================================</span></span> <span id="cb8-112"><a href="#cb8-112" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">uptime-kuma</span><span class="kw">:</span></span> <span id="cb8-113"><a href="#cb8-113" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">image</span><span class="kw">:</span><span class="at"> louislam/uptime-kuma:latest</span></span> <span id="cb8-114"><a href="#cb8-114" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">container_name</span><span class="kw">:</span><span class="at"> uptime-kuma</span></span> <span id="cb8-115"><a href="#cb8-115" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">ports</span><span class="kw">:</span></span> <span id="cb8-116"><a href="#cb8-116" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> </span><span class="st">"3001:3001"</span></span> <span id="cb8-117"><a href="#cb8-117" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">volumes</span><span class="kw">:</span></span> <span id="cb8-118"><a href="#cb8-118" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> ./uptime-kuma/data:/app/data</span></span> <span id="cb8-119"><a href="#cb8-119" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">restart</span><span class="kw">:</span><span class="at"> unless-stopped</span></span> <span id="cb8-120"><a href="#cb8-120" aria-hidden="true" tabindex="-1"></a></span> <span id="cb8-121"><a href="#cb8-121" aria-hidden="true" tabindex="-1"></a><span class="co"> # ============================================</span></span> <span id="cb8-122"><a href="#cb8-122" aria-hidden="true" tabindex="-1"></a><span class="co"> # Watchtower - Kemas Kini Automatik</span></span> <span id="cb8-123"><a href="#cb8-123" aria-hidden="true" tabindex="-1"></a><span class="co"> # ============================================</span></span> <span id="cb8-124"><a href="#cb8-124" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">watchtower</span><span class="kw">:</span></span> <span id="cb8-125"><a href="#cb8-125" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">image</span><span class="kw">:</span><span class="at"> containrrr/watchtower:latest</span></span> <span id="cb8-126"><a href="#cb8-126" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">container_name</span><span class="kw">:</span><span class="at"> watchtower</span></span> <span id="cb8-127"><a href="#cb8-127" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">volumes</span><span class="kw">:</span></span> <span id="cb8-128"><a href="#cb8-128" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> /var/run/docker.sock:/var/run/docker.sock</span></span> <span id="cb8-129"><a href="#cb8-129" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">environment</span><span class="kw">:</span></span> <span id="cb8-130"><a href="#cb8-130" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">WATCHTOWER_CLEANUP</span><span class="kw">:</span><span class="at"> </span><span class="st">"true"</span></span> <span id="cb8-131"><a href="#cb8-131" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">WATCHTOWER_SCHEDULE</span><span class="kw">:</span><span class="at"> </span><span class="st">"0 0 4 * * *"</span></span> <span id="cb8-132"><a href="#cb8-132" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">TZ</span><span class="kw">:</span><span class="at"> ${TZ}</span></span> <span id="cb8-133"><a href="#cb8-133" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">restart</span><span class="kw">:</span><span class="at"> unless-stopped</span></span></code></pre></div> <blockquote> <p><strong>Nota Beginner:</strong> Saya cadangkan mulakan dengan Portainer (untuk urus Docker secara visual) dan Uptime Kuma (untuk pantau service). Dua ni ringan dan sangat berguna dari awal lagi.</p> </blockquote> <h2 id="langkah-6-pengurusan-docker">Langkah 6: Pengurusan Docker</h2> <h3 id="arahan-docker-berguna">Arahan Docker Berguna</h3> <p>Ini arahan harian yang anda perlu tahu. Tak perlu hafal semua — bookmark page ni dan rujuk bila perlu.</p> <div class="sourceCode" id="cb9"><pre class="sourceCode bash"><code class="sourceCode bash"><span id="cb9-1"><a href="#cb9-1" aria-hidden="true" tabindex="-1"></a><span class="co"># Senarai container berjalan</span></span> <span id="cb9-2"><a href="#cb9-2" aria-hidden="true" tabindex="-1"></a><span class="ex">docker</span> ps</span> <span id="cb9-3"><a href="#cb9-3" aria-hidden="true" tabindex="-1"></a></span> <span id="cb9-4"><a href="#cb9-4" aria-hidden="true" tabindex="-1"></a><span class="co"># Senarai semua container (termasuk berhenti)</span></span> <span id="cb9-5"><a href="#cb9-5" aria-hidden="true" tabindex="-1"></a><span class="ex">docker</span> ps <span class="at">-a</span></span> <span id="cb9-6"><a href="#cb9-6" aria-hidden="true" tabindex="-1"></a></span> <span id="cb9-7"><a href="#cb9-7" aria-hidden="true" tabindex="-1"></a><span class="co"># Lihat log container</span></span> <span id="cb9-8"><a href="#cb9-8" aria-hidden="true" tabindex="-1"></a><span class="ex">docker</span> logs <span class="at">-f</span> nama-kontena</span> <span id="cb9-9"><a href="#cb9-9" aria-hidden="true" tabindex="-1"></a></span> <span id="cb9-10"><a href="#cb9-10" aria-hidden="true" tabindex="-1"></a><span class="co"># Masuk ke dalam container</span></span> <span id="cb9-11"><a href="#cb9-11" aria-hidden="true" tabindex="-1"></a><span class="ex">docker</span> exec <span class="at">-it</span> nama-kontena /bin/bash</span> <span id="cb9-12"><a href="#cb9-12" aria-hidden="true" tabindex="-1"></a></span> <span id="cb9-13"><a href="#cb9-13" aria-hidden="true" tabindex="-1"></a><span class="co"># Statistik sumber container</span></span> <span id="cb9-14"><a href="#cb9-14" aria-hidden="true" tabindex="-1"></a><span class="ex">docker</span> stats</span> <span id="cb9-15"><a href="#cb9-15" aria-hidden="true" tabindex="-1"></a></span> <span id="cb9-16"><a href="#cb9-16" aria-hidden="true" tabindex="-1"></a><span class="co"># Buang container dan imej yang tidak digunakan</span></span> <span id="cb9-17"><a href="#cb9-17" aria-hidden="true" tabindex="-1"></a><span class="ex">docker</span> system prune <span class="at">-a</span></span> <span id="cb9-18"><a href="#cb9-18" aria-hidden="true" tabindex="-1"></a></span> <span id="cb9-19"><a href="#cb9-19" aria-hidden="true" tabindex="-1"></a><span class="co"># Periksa penggunaan storan Docker</span></span> <span id="cb9-20"><a href="#cb9-20" aria-hidden="true" tabindex="-1"></a><span class="ex">docker</span> system df</span></code></pre></div> <h3 id="docker-networks">Docker Networks</h3> <p>Rangkaian Docker membolehkan container berkomunikasi antara satu sama lain dengan selamat.</p> <div class="sourceCode" id="cb10"><pre class="sourceCode bash"><code class="sourceCode bash"><span id="cb10-1"><a href="#cb10-1" aria-hidden="true" tabindex="-1"></a><span class="co"># Cipta rangkaian khusus</span></span> <span id="cb10-2"><a href="#cb10-2" aria-hidden="true" tabindex="-1"></a><span class="ex">docker</span> network create homelab-net</span> <span id="cb10-3"><a href="#cb10-3" aria-hidden="true" tabindex="-1"></a></span> <span id="cb10-4"><a href="#cb10-4" aria-hidden="true" tabindex="-1"></a><span class="co"># Senarai rangkaian</span></span> <span id="cb10-5"><a href="#cb10-5" aria-hidden="true" tabindex="-1"></a><span class="ex">docker</span> network ls</span> <span id="cb10-6"><a href="#cb10-6" aria-hidden="true" tabindex="-1"></a></span> <span id="cb10-7"><a href="#cb10-7" aria-hidden="true" tabindex="-1"></a><span class="co"># Periksa rangkaian</span></span> <span id="cb10-8"><a href="#cb10-8" aria-hidden="true" tabindex="-1"></a><span class="ex">docker</span> network inspect homelab-net</span></code></pre></div> <p><strong>Konfigurasi rangkaian dalam docker-compose.yml:</strong></p> <div class="sourceCode" id="cb11"><pre class="sourceCode yaml"><code class="sourceCode yaml"><span id="cb11-1"><a href="#cb11-1" aria-hidden="true" tabindex="-1"></a><span class="fu">services</span><span class="kw">:</span></span> <span id="cb11-2"><a href="#cb11-2" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">app</span><span class="kw">:</span></span> <span id="cb11-3"><a href="#cb11-3" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">networks</span><span class="kw">:</span></span> <span id="cb11-4"><a href="#cb11-4" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> frontend</span></span> <span id="cb11-5"><a href="#cb11-5" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> backend</span></span> <span id="cb11-6"><a href="#cb11-6" aria-hidden="true" tabindex="-1"></a></span> <span id="cb11-7"><a href="#cb11-7" aria-hidden="true" tabindex="-1"></a><span class="fu">networks</span><span class="kw">:</span></span> <span id="cb11-8"><a href="#cb11-8" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">frontend</span><span class="kw">:</span></span> <span id="cb11-9"><a href="#cb11-9" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">driver</span><span class="kw">:</span><span class="at"> bridge</span></span> <span id="cb11-10"><a href="#cb11-10" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">backend</span><span class="kw">:</span></span> <span id="cb11-11"><a href="#cb11-11" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">driver</span><span class="kw">:</span><span class="at"> bridge</span></span> <span id="cb11-12"><a href="#cb11-12" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">internal</span><span class="kw">:</span><span class="at"> </span><span class="ch">true</span><span class="co"> # Tiada akses internet</span></span></code></pre></div> <blockquote> <p><strong>Nota Beginner:</strong> Network <code>internal: true</code> bermaksud container dalam rangkaian tu tak boleh akses internet. Ini bagus untuk database — anda tak mahu database anda boleh “bercakap” dengan internet, kan?</p> </blockquote> <h3 id="docker-volumes">Docker Volumes</h3> <p>Volume adalah cara Docker simpan data yang kekal walaupun container dihapuskan. Ini sangat penting — tanpa volume, semua data hilang bila container dibuang.</p> <div class="sourceCode" id="cb12"><pre class="sourceCode bash"><code class="sourceCode bash"><span id="cb12-1"><a href="#cb12-1" aria-hidden="true" tabindex="-1"></a><span class="co"># Cipta volume bernama</span></span> <span id="cb12-2"><a href="#cb12-2" aria-hidden="true" tabindex="-1"></a><span class="ex">docker</span> volume create data-nextcloud</span> <span id="cb12-3"><a href="#cb12-3" aria-hidden="true" tabindex="-1"></a></span> <span id="cb12-4"><a href="#cb12-4" aria-hidden="true" tabindex="-1"></a><span class="co"># Senarai volumes</span></span> <span id="cb12-5"><a href="#cb12-5" aria-hidden="true" tabindex="-1"></a><span class="ex">docker</span> volume ls</span> <span id="cb12-6"><a href="#cb12-6" aria-hidden="true" tabindex="-1"></a></span> <span id="cb12-7"><a href="#cb12-7" aria-hidden="true" tabindex="-1"></a><span class="co"># Buang volume yang tidak digunakan</span></span> <span id="cb12-8"><a href="#cb12-8" aria-hidden="true" tabindex="-1"></a><span class="ex">docker</span> volume prune</span></code></pre></div> <p><strong>Jenis mount:</strong></p> <div class="sourceCode" id="cb13"><pre class="sourceCode yaml"><code class="sourceCode yaml"><span id="cb13-1"><a href="#cb13-1" aria-hidden="true" tabindex="-1"></a><span class="fu">volumes</span><span class="kw">:</span></span> <span id="cb13-2"><a href="#cb13-2" aria-hidden="true" tabindex="-1"></a><span class="co"> # Bind mount (direktori host)</span></span> <span id="cb13-3"><a href="#cb13-3" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> ./data:/app/data</span></span> <span id="cb13-4"><a href="#cb13-4" aria-hidden="true" tabindex="-1"></a></span> <span id="cb13-5"><a href="#cb13-5" aria-hidden="true" tabindex="-1"></a><span class="co"> # Named volume (diuruskan Docker)</span></span> <span id="cb13-6"><a href="#cb13-6" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> data-volume:/app/data</span></span> <span id="cb13-7"><a href="#cb13-7" aria-hidden="true" tabindex="-1"></a></span> <span id="cb13-8"><a href="#cb13-8" aria-hidden="true" tabindex="-1"></a><span class="co"> # Read-only mount</span></span> <span id="cb13-9"><a href="#cb13-9" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> ./config:/app/config:ro</span></span></code></pre></div> <p>Tip dari saya — guna bind mount (<code>./data:/app/data</code>) untuk homelab sebab senang di-backup. Anda nampak terus folder tu dalam filesystem host.</p> <h2 id="langkah-7-keselamatan-docker">Langkah 7: Keselamatan Docker</h2> <h3 id="amalan-terbaik">Amalan Terbaik</h3> <p>Keselamatan penting walaupun dalam homelab. Biasakan amalan ni dari awal supaya bila anda kerja dalam production nanti, dah jadi habit.</p> <ol type="1"> <li><strong>Jangan jalankan container sebagai root:</strong></li> </ol> <div class="sourceCode" id="cb14"><pre class="sourceCode yaml"><code class="sourceCode yaml"><span id="cb14-1"><a href="#cb14-1" aria-hidden="true" tabindex="-1"></a><span class="fu">services</span><span class="kw">:</span></span> <span id="cb14-2"><a href="#cb14-2" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">app</span><span class="kw">:</span></span> <span id="cb14-3"><a href="#cb14-3" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">user</span><span class="kw">:</span><span class="at"> </span><span class="st">"1000:1000"</span></span></code></pre></div> <ol start="2" type="1"> <li><strong>Hadkan sumber:</strong></li> </ol> <div class="sourceCode" id="cb15"><pre class="sourceCode yaml"><code class="sourceCode yaml"><span id="cb15-1"><a href="#cb15-1" aria-hidden="true" tabindex="-1"></a><span class="fu">services</span><span class="kw">:</span></span> <span id="cb15-2"><a href="#cb15-2" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">app</span><span class="kw">:</span></span> <span id="cb15-3"><a href="#cb15-3" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">deploy</span><span class="kw">:</span></span> <span id="cb15-4"><a href="#cb15-4" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">resources</span><span class="kw">:</span></span> <span id="cb15-5"><a href="#cb15-5" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">limits</span><span class="kw">:</span></span> <span id="cb15-6"><a href="#cb15-6" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">cpus</span><span class="kw">:</span><span class="at"> </span><span class="st">'2'</span></span> <span id="cb15-7"><a href="#cb15-7" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="fu">memory</span><span class="kw">:</span><span class="at"> 1G</span></span></code></pre></div> <ol start="3" type="1"> <li><p><strong>Gunakan imej rasmi dan dipercayai sahaja</strong></p></li> <li><p><strong>Kemas kini imej secara berkala:</strong></p></li> </ol> <div class="sourceCode" id="cb16"><pre class="sourceCode bash"><code class="sourceCode bash"><span id="cb16-1"><a href="#cb16-1" aria-hidden="true" tabindex="-1"></a><span class="ex">docker</span> compose pull <span class="kw">&&</span> <span class="ex">docker</span> compose up <span class="at">-d</span></span></code></pre></div> <ol start="5" type="1"> <li><strong>Jangan dedahkan Docker socket tanpa perlu:</strong></li> </ol> <div class="sourceCode" id="cb17"><pre class="sourceCode yaml"><code class="sourceCode yaml"><span id="cb17-1"><a href="#cb17-1" aria-hidden="true" tabindex="-1"></a><span class="co"># ELAKKAN ini melainkan benar-benar perlu</span></span> <span id="cb17-2"><a href="#cb17-2" aria-hidden="true" tabindex="-1"></a><span class="fu">volumes</span><span class="kw">:</span></span> <span id="cb17-3"><a href="#cb17-3" aria-hidden="true" tabindex="-1"></a><span class="at"> </span><span class="kw">-</span><span class="at"> /var/run/docker.sock:/var/run/docker.sock</span></span></code></pre></div> <ol start="6" type="1"> <li><strong>Gunakan .env untuk rahsia:</strong></li> </ol> <div class="sourceCode" id="cb18"><pre class="sourceCode bash"><code class="sourceCode bash"><span id="cb18-1"><a href="#cb18-1" aria-hidden="true" tabindex="-1"></a><span class="co"># .env</span></span> <span id="cb18-2"><a href="#cb18-2" aria-hidden="true" tabindex="-1"></a><span class="va">DB_ROOT_PASS</span><span class="op">=</span>kata_laluan_sangat_selamat</span> <span id="cb18-3"><a href="#cb18-3" aria-hidden="true" tabindex="-1"></a><span class="va">DB_PASS</span><span class="op">=</span>kata_laluan_pangkalan_data</span></code></pre></div> <blockquote> <p><strong>Nota Beginner:</strong> Docker socket (<code>docker.sock</code>) memberi akses penuh kepada Docker Engine. Hanya service yang memang perlu (seperti Portainer atau Watchtower) patut dapat akses ini. Jangan bagi semua container akses socket.</p> </blockquote> <h2 id="langkah-8-penyelesaian-masalah-docker">Langkah 8: Penyelesaian Masalah Docker</h2> <p>Jangan risau kalau container tak jalan. Ini normal, terutama pada awalnya. Saya pun masih troubleshoot Docker sampai sekarang. Berikut adalah masalah biasa dan cara selesaikannya.</p> <h3 id="masalah-biasa-dan-penyelesaian">Masalah Biasa dan Penyelesaian</h3> <p><strong>Container tidak dapat bermula:</strong></p> <div class="sourceCode" id="cb19"><pre class="sourceCode bash"><code class="sourceCode bash"><span id="cb19-1"><a href="#cb19-1" aria-hidden="true" tabindex="-1"></a><span class="co"># Periksa log — ini SENTIASA langkah pertama</span></span> <span id="cb19-2"><a href="#cb19-2" aria-hidden="true" tabindex="-1"></a><span class="ex">docker</span> logs nama-kontena</span> <span id="cb19-3"><a href="#cb19-3" aria-hidden="true" tabindex="-1"></a></span> <span id="cb19-4"><a href="#cb19-4" aria-hidden="true" tabindex="-1"></a><span class="co"># Periksa konfigurasi</span></span> <span id="cb19-5"><a href="#cb19-5" aria-hidden="true" tabindex="-1"></a><span class="ex">docker</span> inspect nama-kontena</span></code></pre></div> <p><strong>Port sudah digunakan:</strong></p> <div class="sourceCode" id="cb20"><pre class="sourceCode bash"><code class="sourceCode bash"><span id="cb20-1"><a href="#cb20-1" aria-hidden="true" tabindex="-1"></a><span class="co"># Cari proses yang menggunakan port</span></span> <span id="cb20-2"><a href="#cb20-2" aria-hidden="true" tabindex="-1"></a><span class="fu">sudo</span> lsof <span class="at">-i</span> :8080</span> <span id="cb20-3"><a href="#cb20-3" aria-hidden="true" tabindex="-1"></a><span class="fu">sudo</span> ss <span class="at">-tlnp</span> <span class="kw">|</span> <span class="fu">grep</span> 8080</span></code></pre></div> <p><strong>Kehabisan ruang storan:</strong></p> <div class="sourceCode" id="cb21"><pre class="sourceCode bash"><code class="sourceCode bash"><span id="cb21-1"><a href="#cb21-1" aria-hidden="true" tabindex="-1"></a><span class="co"># Periksa penggunaan</span></span> <span id="cb21-2"><a href="#cb21-2" aria-hidden="true" tabindex="-1"></a><span class="ex">docker</span> system df</span> <span id="cb21-3"><a href="#cb21-3" aria-hidden="true" tabindex="-1"></a></span> <span id="cb21-4"><a href="#cb21-4" aria-hidden="true" tabindex="-1"></a><span class="co"># Bersihkan</span></span> <span id="cb21-5"><a href="#cb21-5" aria-hidden="true" tabindex="-1"></a><span class="ex">docker</span> system prune <span class="at">-a</span> <span class="at">--volumes</span></span></code></pre></div> <p><strong>Masalah kebenaran fail:</strong></p> <div class="sourceCode" id="cb22"><pre class="sourceCode bash"><code class="sourceCode bash"><span id="cb22-1"><a href="#cb22-1" aria-hidden="true" tabindex="-1"></a><span class="co"># Tetapkan pemilikan</span></span> <span id="cb22-2"><a href="#cb22-2" aria-hidden="true" tabindex="-1"></a><span class="fu">sudo</span> chown <span class="at">-R</span> 1000:1000 ./data</span> <span id="cb22-3"><a href="#cb22-3" aria-hidden="true" tabindex="-1"></a></span> <span id="cb22-4"><a href="#cb22-4" aria-hidden="true" tabindex="-1"></a><span class="co"># Atau gunakan PUID/PGID dalam environment</span></span></code></pre></div> <blockquote> <p><strong>Nota Beginner:</strong> 90% masalah Docker boleh diselesaikan dengan membaca log (<code>docker logs nama-kontena</code>). Biasakan diri baca log — ia macam “doktor” yang beritahu anda apa yang tak kena.</p> </blockquote> <h3 id="checklist-siap-bab-ini">Checklist Siap Bab Ini</h3> <ul class="task-list"> <li><label><input type="checkbox" />Saya sudah faham peranan image, container, dan volume.</label></li> <li><label><input type="checkbox" />Saya sudah sedia untuk deploy satu service pertama dengan Docker Compose.</label></li> <li><label><input type="checkbox" />Saya tahu di mana hendak semak logs jika service gagal bermula.</label></li> </ul> <h2 id="ringkasan">Ringkasan</h2> <p>Dalam bab ini, kita telah belajar tentang:</p> <ul> <li>Konsep Docker dan perbezaannya dengan VM</li> <li>Pemasangan Docker dan Docker Compose</li> <li>Fail docker-compose.yml untuk stack homelab lengkap</li> <li>Pengurusan container, rangkaian, dan volume</li> <li>Keselamatan dan amalan terbaik Docker</li> <li>Penyelesaian masalah biasa</li> </ul> <p>Docker adalah salah satu kemahiran paling bernilai yang anda boleh belajar dalam homelab. Hampir semua syarikat IT moden guna container dalam satu bentuk atau yang lain.</p> <p>Jangan rasa perlu kuasai semua sekali gus. Mulakan dengan satu service, fahamkan flow dia, dan tambah service lain bila dah selesa. Satu langkah pada satu masa!</p> <p>Seterusnya, kita akan masuk bahagian Docker lanjutan — reverse proxy, health check, backup, dan macam-macam lagi yang akan buat setup anda lebih mantap.</p>
💾 Kemaskini
Batal