Welcome to Richard's Blog

Author: applegater

How to set up agent edge on multiserver
Docker-compose is my go-to for secondary or distributed servers. It’s better than docker run because it’s more clean and organized and easier to set up. And one time, too.

So all you need to do is make sure the Secondary Server or Multiserver needs to install Docker and Docker Compose. Please follow this step by step.

Install Docker Engine on Ubuntu | Docker Documentation

Now that we have created the docker-compose files, we can create them where you want them to be saved. The secondary server has not yet set up Portainer, so this tutorial is for using SSH instead of Portainer. The docker compose will do the job, and our primary server will attach secondary from an outside server. This is cool, no need to use a port or anything else.

Open the Portainer site on the primary server, then go to environment, add environment, Docker standalone, start wizard, and edge agent standard. Write down your edge ID and key in this way.

You should see Edge ID and Edge Key on the primary Portainer site.

Please ensure that you obtain the Edge ID and Edge Key. Make sure to change your volume path and change your volume path. Look for the highlights below.
```
Version: '3.9'
services:
    agent:
        image: 'portainer/agent:2.20.2'
        container_name: portainer_edge_agent
        environment:
            - EDGE_INSECURE_POLL=1
            - EDGE_KEY=
            - EDGE_ID=
            - EDGE=1
        restart: always
        volumes:
            - '/yourpathportainer/data:/data'
            - '/:/host'
            - '/var/lib/docker/volumes:/var/lib/docker/volumes'
            - '/var/run/docker.sock:/var/run/docker.sock'
```
After deploying the stack, your secondary portainer should be active and should appear on your primary portainer. Look like this:

Continue to deploy and build Docker Portainer many more servers to benefit the future!
May 7, 2024
Fail2ban – how to unbanip on your sshd
IP address unban

Fail2Ban is an intrusion prevention system that protects computer servers from brute-force attacks. It can monitor specific logs and block IP addresses that act like brute-force attacks.

Fail2Ban particularly monitors the number of connection attempts. After 5 failed SSH connection attempts, Fail2Ban will ban the IP address from connecting via SSH for 10 minutes. If this address fails several times, it might be banned permanently until you contact admin@richardapplegate.io and explain why you are attacking my server.

Unban an IP address

To unblock an IP address, you must first access it from another IP (VPN) address or internet connection than the one that is blocked.

Look at the Fail2Ban log to find out where the IP address was banned.jail
```
sudo tail /var/log/fail2ban.log 
2019-01-07 16:24:47 fail2ban.filter  [1837]: INFO    [sshd] Found 11.22.33.44 
2019-01-07 16:24:49 fail2ban.filter  [1837]: INFO    [sshd] Found 11.22.33.44 
2019-01-07 16:24:51 fail2ban.filter  [1837]: INFO    [sshd] Found 11.22.33.44 
2019-01-07 16:24:54 fail2ban.filter  [1837]: INFO    [sshd] Found 11.22.33.44 
2019-01-07 16:24:57 fail2ban.filter  [1837]: INFO    [sshd] Found 11.22.33.44 
2019-01-07 16:24:57 fail2ban.actions [1837]: NOTICE  [sshd] Ban 11.22.33.44 
2019-01-07 16:24:57 fail2ban.filter  [1837]: NOTICE  [recidive] Ban 11.22.33.44
```
Here, the 11.22.33.44 IP address has been banned in the sshd and recidive jails.

Then use the following commands to unban the IP address.
```
sudo fail2ban-client set sshd unbanip 11.22.33.44
sudo fail2ban-client set recidive unbanip 11.22.33.44
```
March 28, 2024
🔄 How to Safely Back Up & Restore Docker Compose Data
When you’re running apps with Docker Compose, your data is the heart and soul of your services—databases, media files, configurations, and more. Without a solid backup and restore plan, a simple mistake (or disk failure!) can lead to a world of pain. Here’s a step-by-step guide to properly back up and restore data from Docker Compose environments, the right way.

Why Back Up Docker Compose Volumes and Data?

By default, Docker containers are ephemeral. Persistent data lives in volumes or bind mounts—which need explicit backup. Databases (Postgres, MySQL), app uploads, and configs are often stored here.

If you lose a volume, your critical data is gone.

🗂️ What Should You Back Up?
1. Docker Volumes: Contents of named volumes managed by Docker.
2. Bind Mounts: Data mapped to host folders.
3. Database Dumps: Logical (SQL) dumps for easy portability & restore.
4. Configs: Your docker-compose.yml, .env, TLS keys, and other setup files.
🚀 Step-by-Step: Back Up Docker Compose Data

1️⃣ Identify Your Data

First, look at your docker-compose.yml for volumes/bind mounts:
```
services:
  db:
    image: postgres
    volumes:
      - pgdata:/var/lib/postgresql/data

volumes:
  pgdata:
```
Here the named volume is pgdata.

2️⃣ Stop the Compose Stack (Recommended)

This ensures consistent backups (especially for databases):
```
docker compose down
```
3️⃣ Back Up Docker Volumes

List all local volumes:
```
docker volume ls
```
To back up a volume (e.g., pgdata), run:
```
docker run --rm 
  -v pgdata:/volume 
  -v $(pwd):/backup 
  busybox 
  tar czvf /backup/pgdata_backup.tar.gz -C /volume .
```
- This creates a pgdata_backup.tar.gz in your current directory.
- More on managing Docker volumes
Repeat for each volume you want to back up.

Bind mounts?

Just copy the folder on the host:
```
cp -a /absolute/path/to/mount /your/backup/location
```
4️⃣ Logical Database Backups (Recommended for Portability)

For MySQL:
```
docker exec <db_container> mysqldump -u root -p<pass> <database> > mysql_backup.sql
```
For PostgreSQL:
```
docker exec -t <db_container> pg_dump -U <user> <db> > pg_backup.sql
```
💾 Restoring Your Data

1️⃣ Restore a Docker Volume from Backup

Create the volume if needed:
```
docker volume create pgdata
```
Unpack the tarball:
```
docker run --rm 
  -v pgdata:/volume 
  -v $(pwd):/backup 
  busybox 
  tar xzvf /backup/pgdata_backup.tar.gz -C /volume
```
2️⃣ Restore a Bind Mount

Just reverse your earlier copy:
```
cp -a /your/backup/location /absolute/path/to/mount
```
3️⃣ Restore Database from Dump

For MySQL:
```
docker exec -i <db_container> mysql -u root -p<pass> <database> < mysql_backup.sql
```
For PostgreSQL:
```
cat pg_backup.sql | docker exec -i <db_container> psql -U <user> <db>
```
4️⃣ Bring the Stack Up
```
docker compose up -d
```
🔐 Pro Tips
- Automate backups! Use cron or a backup script.
- Store backups offsite (cloud, external drive, etc).
- Test your backups regularly! A backup you can’t restore isn’t a backup.
📚 Resources
- Backup, restore, or migrate data volumes | Docker Docs
- Docker Compose file reference
- Best practices for backing up Docker containers – Docker Blog
- Backing up Docker volumes to S3 (article)
March 25, 2024