Setup Guide

Overview

Docker is a platform for developing, shipping, and running applications in containers. This guide covers installation and security setup on Debian-based systems.

Set Up Docker Repository

Configures package sources and GPG keys to ensure secure package installation from Docker's official repository.

# Update system and install required packages
sudo apt-get update
sudo apt-get install ca-certificates curl gnupg

# Create directory for keys
sudo install -m 0755 -d /etc/apt/keyrings

# Add Docker's GPG key
sudo curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc

# Add Docker repository
echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian \
  $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

Install Docker Components

Installs core Docker components including the engine, CLI tools, and container runtime.

sudo apt-get update
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin

Configure Docker User

Creates a dedicated Docker user and sets appropriate permissions for security.

# Create docker user
sudo useradd -r -g docker -s /bin/bash docker
sudo passwd docker

# Create home directory
sudo mkdir -p /home/docker
sudo chown docker:docker /home/docker

# Set permissions
sudo chown docker:docker /var/lib/docker
sudo chown docker:docker /var/run/docker.sock

Security Configuration

Implements basic security measures including SSH restrictions and resource limits.

# Disable SSH for docker user
sudo echo "DenyUsers docker" >> /etc/ssh/sshd_config
sudo systemctl reload ssh

Service Management

Ensures Docker starts correctly and runs reliably.

sudo systemctl daemon-reload
sudo systemctl restart docker
sudo systemctl enable docker

# Verify installation
sudo docker run hello-world

Maintenance Tasks

# Clean unused resources
docker system prune -a --volumes

# Monitor disk usage
docker system df

# View logs
journalctl -fu docker
Edit this page on GitHub
Table of Contents