serverConfigDocker.md: Consolidate docker config info.

README.md

@@ -1,6 +1,7 @@
 Document repository of... breadcrumbs? 
 
 ## Method
+- [docker/docker-compose](serverConfigDocker.md)  
 - [fileshare](fileshare/README.md)  
 - [mdadm](mdadm.md)  
 - [Transmission (server)](serverConfigTransmission.md)  
@@ -17,6 +18,8 @@ Document repository of... breadcrumbs?
 - [config-general](config.md)  
 - [hardware/firmware](hardware/README.md)
 - [server-General](serverConfigGeneral.md)  
+- [Transmission (docker)](serverConfigDocker.md#transmission)  
+- [Tvheadend (docker)](serverConfigDocker.md#tvheadend)  
 
 ## NOTES
 

microOS.md

@@ -1,13 +1,13 @@
 # MicroOS
-An immutable OS with a minimal presentation and tumbleweed's package base.  
+A rolling-release & immutable OS with a minimal presentation and tumbleweed's package base.  
 Out of the box, MicroOS is designed as a foundation for single-purpose server/appliance usage.  
 Some tweaks are needed to better suit more standard desktop-PC usage.
 
 - [As a desktop PC](#as-a-desktop-pc)
 - [As a server](#as-a-server)
 
 ## As a desktop PC
-Aeon was the original goal (rolling-release AND immutable OS), but my older hardware forces Aeon to use "fallback FDE mode" which requires a passphrase on each boot, which is NOT okay for a family-friendly-living-room PC.  
+Aeon was the original goal (also rolling-release AND immutable OS), but my older hardware forces Aeon to use "fallback FDE mode" which requires a passphrase on each boot, which is NOT okay for a family-friendly-living-room PC.  
 A slightly customized MicroOS is the easy next-best choice.
 
 ### Overview
@@ -37,6 +37,8 @@ malcontent{,-control}
 ```sh
 # create user
 sudo useradd -d /home/username username
+```
+```sh
 # set password for 'username'
 passwd username
 ```
@@ -56,68 +58,24 @@ systemd-boot
 layered packages  
 ```sh
 transactional-update pkg in -t pattern file_server
+```
+```sh
 transactional-update pkg in samba docker{,-compose}
-usermod -aG docker cyril #or whomever will need to test and run docker containers
 ```
-
-## Container life:  
 ```sh
-docker create --name transmission lscr.io/linuxserver/transmission:latest
-docker create --name jelyfin jellyfin/jellyfin:latest
+usermod -aG docker cyril #or whomever will need to test and run docker containers
 ```
 
-`/etc/docker/docker-compose.yml` #config file for starting/running containers
-```
----
-services:
-  jellyfin:
-    image: jellyfin/jellyfin:latest
-    container_name: jellyfin
-    # user: 1000:100
-    network_mode: 'host'
-    volumes:
-      - /etc/jellyfin/config:/config
-      - /etc/jellyfin/cache:/cache
-      - /var/storage/media/video:/data/video
-      - /var/storage/media/music:/data/music
-      - /var/storage/media/pictures:/data/pictures
-      - /var/storage/media/books:/data/books
-    # Optional - alternative address used for autodiscovery
-    environment:
-      - PUID=1000
-      - PGID=100
-      - JELLYFIN_PublishedServerUrl=192.168.9.40
-      - TZ=America/Denver
-    # Optional - may be necessary for docker healthcheck to pass if running in host network mode
-    extra_hosts:
-      - 'host.docker.internal:host-gateway'
-    devices: #optional, see 'hardware acceleration'
-      - /dev/dri:/dev/dri
-    restart: 'unless-stopped'
-
-  transmission:
-    image: lscr.io/linuxserver/transmission:latest
-    container_name: transmission
-    environment:
-      - PUID=1000
-      - PGID=100
-      - TZ=America/Denver
-      - TRANSMISSION_WEB_HOME= #optional
-      - USER= #optional
-      - PASS= #optional
-      - WHITELIST=127.0.0.1,192.168.9.*
-      - PEERPORT= #optional
-      - HOST_WHITELIST=serverus
-    volumes:
-      - /etc/transmission/config:/config
-      - /var/storage/media:/media
-      - /var/storage/watch:/watch
-    ports:
-      - 9091:9091
-      - 51413:51419 #must manually forward port in router software
-      - 51413:51419/udp #must manually forward port in router software
-    restart: unless-stopped
-```
+## Container life:  
+Apps on a headless & immutable OS are best installed as containers  
+Docker (& docker-compose) is the way: [serverConfigDocker.md](serverConfigDocker.md)
+
+Install as desired, configure as needed  
+(links to Docker service entries):  
+[BOINC](serverConfigDocker#boinc)  
+[Jellyfin](serverConfigDocker#jellyfin)  
+[Transmission](serverConfigDocker#transmission)  
+[tvheadend](serverConfigDocker#tvheadend)  
 
 ## Polkit policy
 The defualt profile for polkit privilege is set as `restrictive` (the most secure option), which requires authentication for reboot & power-off (among other small-worry items).  

serverConfigDocker.md

@@ -0,0 +1,154 @@
+# Docker / docker-compose
+
+With Compose, a YAML file is used to configure each application’s services.  
+Then, a single command creates and starts all the services from the YAML configuration.
+
+### Benefits:
+- Configuration of each app is easy to track & modify (docker-compose entry)
+- All entries are in one file ( /etc/docker-compose.yml )
+- Keeps the app (& dependencies & issues) isolated from other apps and the OS
+- Updates independently from the OS
+
+### Drawbacks:
+- The benefit of app-isolation inherently adds a layer of complexity to installation/operation.  
+This is mostly mitigated by the friendliness of the docker ecosystem.
+- Updates independently from the OS
+
+### Commonly used commands
+`docker-compose` commands must be executed from the `/etc/docker-compose` directory  
+
+`docker` commands can be executed from anywhere in the filesystem
+
+```sh
+#start or restart all containers in detached mode
+docker-compose up -d
+
+#start or restart specific container in detached mode
+docker-compose up -d <container-name>
+
+#update all docker images
+docker-compose pull
+
+#update specific docker image
+docker-compose pull <container-name>
+
+#stop "container name"
+docker stop <container-name>
+
+#list all running containers
+docker ps
+```
+
+# BOINC
+
+```yaml
+---
+services:
+  boinc:
+    image: lscr.io/linuxserver/boinc:latest
+    container_name: boinc
+    security_opt:
+      - seccomp:unconfined #optional
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Etc/UTC
+      - PASSWORD= #optional
+    volumes:
+      - /etc/boinc/config:/config
+    ports:
+      - 8080:8080
+      - 8181:8181
+    devices:
+      - /dev/dri:/dev/dri #optional
+    restart: unless-stopped
+   ```
+
+# Jellyfin
+
+```yaml
+---
+services:
+  jellyfin:
+    image: jellyfin/jellyfin:latest
+    container_name: jellyfin
+    # user: 1000:100
+    network_mode: 'host'
+    volumes:
+      - /etc/jellyfin/config:/config
+      - /etc/jellyfin/cache:/cache
+      - /var/storage/media/video:/data/video
+      - /var/storage/media/music:/data/music
+      - /var/storage/media/pictures:/data/pictures
+      - /var/storage/media/books:/data/books
+    # Optional - alternative address used for autodiscovery
+    environment:
+      - PUID=1000
+      - PGID=100
+      - JELLYFIN_PublishedServerUrl=192.168.9.40
+      - TZ=America/Denver
+    # Optional - may be necessary for docker healthcheck to pass if running in host network mode
+    extra_hosts:
+      - 'host.docker.internal:host-gateway'
+    devices: #optional, see 'hardware acceleration'
+      - /dev/dri:/dev/dri
+    restart: 'unless-stopped'
+```
+
+# Transmission
+
+/etc/docker/docker-compose.yml
+
+```yaml
+---
+services:
+  transmission:
+    image: lscr.io/linuxserver/transmission:latest
+    container_name: transmission
+    environment:
+      - PUID=1000
+      - PGID=100
+      - TZ=America/Denver
+      - TRANSMISSION_WEB_HOME= #optional
+      - USER= #optional
+      - PASS= #optional
+      - WHITELIST=127.0.0.1,192.168.9.*
+      - PEERPORT=51419 #must manually forward port in router software
+      - HOST_WHITELIST=serverus #must have defined by router ip-reservation
+    volumes:
+      - /etc/transmission/config:/config
+      - /var/storage/media:/media
+      - /var/storage/watch:/watch
+    ports:
+      - 9091:9091
+      - 51419:51419 #must manually forward port in router software
+      - 51419:51419/udp #must manually forward port in router software
+    restart: unless-stopped
+```
+
+# TVHeadend
+
+/etc/docker/docker-compose.yml
+
+```yaml
+---
+services:
+  tvheadend:
+    image: lscr.io/linuxserver/tvheadend:latest
+    container_name: tvheadend
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=America/Denver
+      - RUN_OPTS= #optional
+    volumes:
+      - /etc/tvheadend/config:/config
+      - /var/storage/media/video/tv:/recordings
+    ports:
+      - 9981:9981
+      - 9982:9982
+    devices:
+      - /dev/dri:/dev/dri #optional
+      - /dev/dvb:/dev/dvb #optional
+    restart: unless-stopped
+```

serverConfigTVH.md

@@ -1,3 +1,4 @@
+- [Tvheadend (docker)](serverConfigDocker#tvheadend)
 - [Tvheadend](#pvr-backend--tvheadend)
 - [EPG Data](#epg-data-other-than-ota)
 

serverConfigTransmission.md

@@ -1,54 +1,7 @@
 # Torrent | Transmission
-1. [Docker container installation](#docker-container-installation) (For use on immutable OS)
+1. [Docker container installation](serverConfigDocker#transmission) (For use on immutable OS)
 2. [Traditional linux installation](#traditional-linux-installation)
 
-## Docker container installation
-
-Setup the directory structure
-```sh
-mkdir -p /etc/transmission/config
-mkdir -p /var/storage/watch
-```
-
-### Create Docker entry  
-Defines core transmission-server parameters  
-and maps host ports & directories to the container  
-
-`/etc/docker/docker-compose.yml`  
-
-```yaml
----
-services:
-  transmission:
-    image: lscr.io/linuxserver/transmission:latest
-    container_name: transmission
-    environment:
-      - PUID=1000
-      - PGID=100
-      - TZ=America/Denver
-      - TRANSMISSION_WEB_HOME= #optional
-      - USER= #optional
-      - PASS= #optional
-      - WHITELIST=127.0.0.1,192.168.9.*
-      - PEERPORT=51419 #must manually forward port in router software
-      - HOST_WHITELIST=serverus #must have defined by router ip-reservation
-    volumes:
-      - /etc/transmission/config:/config
-      - /var/storage/media:/media
-      - /var/storage/watch:/watch
-    ports:
-      - 9091:9091
-      - 51419:51419 #must manually forward port in router software
-      - 51419:51419/udp #must manually forward port in router software
-    restart: unless-stopped
-
-```
-
-### Notes:  
-- `Systemctl daemon-reload` for each edit of `transmission.service`
-- Am able to set webUI torrent location to `/any/path/I/choose`, and it will create the directories as needed on the host OS under `/var/storage` (as defined by the `docker-compose.yml`)
-- Ref: https://docs.linuxserver.io/images/docker-transmission/
-
 ## Traditional linux installation
 192.168.9.13:9091 :: dubserv:9091 :: [ref_Transmission_Docs_headless](https://github.com/transmission/transmission/blob/main/docs/Headless-Usage.md) :: [ref_Fedora-spec](https://ask.fedoraproject.org/en/question/67980/how-do-i-use-transmission-from-server-21/) :: [ref_ubuntu-inst](https://help.ubuntu.com/community/TransmissionHowTo) ::