ant compile -f /opt/yacy_search_server/build.xml &&\
ant compile -f /opt/yacy_search_server/build.xml &&\
rm -rf /opt/yacy_search_server/.git &&\
apt-get purge -yq --auto-remove ant &&\
apt-get purge -yq --auto-remove ant git &&\
apt-get clean &&\
apt-get clean &&\
rm -rf /var/lib/apt/lists/*
rm -rf /var/lib/apt/lists/*
RUN\
RUN\
# Set initial admin password : "docker" (encoded with custom yacy md5 function net.yacy.cora.order.Digest.encodeMD5Hex())
# Set initial admin password: "yacy" (encoded with custom yacy md5 function net.yacy.cora.order.Digest.encodeMD5Hex())
# > java -classpath classes net.yacy.cora.order.Digest -strfhex "admin:The YaCy access is limited to administrators. If you don't know the password, you can change it using <yacy-home>/bin/passwd.sh <new-password>:docker"
# > java -classpath classes net.yacy.cora.order.Digest -strfhex "admin:The YaCy access is limited to administrators. If you don't know the password, you can change it using <yacy-home>/bin/passwd.sh <new-password>:docker"
sed -i "/adminAccountBase64MD5=/c\adminAccountBase64MD5=MD5:e672161ffdce91be4678605f4f4e6786" /opt/yacy_search_server/defaults/yacy.init &&\
sed -i "/adminAccountBase64MD5=/c\adminAccountBase64MD5=MD5:8cffbc0d66567a0987a4aba1ec46d63c" /opt/yacy_search_server/defaults/yacy.init &&\
# Intially enable HTTPS : this is the most secure option for remote administrator authentication
sed -i "/adminAccountForLocalhost=/c\adminAccountForLocalhost=false" /opt/yacy_search_server/defaults/yacy.init &&\
# Intially enable HTTPS: this is the most secure option for remote administrator authentication
sed -i "/server.https=false/c\server.https=true" /opt/yacy_search_server/defaults/yacy.init &&\
sed -i "/server.https=false/c\server.https=true" /opt/yacy_search_server/defaults/yacy.init &&\
# Create user and group yacy: this user will be used to run YaCy main process
# Create user and group yacy: this user will be used to run YaCy main process
This image is based on latest stable official Debian stable [openjdk](https://hub.docker.com/_/openjdk/) 8 image provided by Docker. Embed Yacy compiled from latest git repository sources.
## Image variants
`yacy/yacy_search_server:latest-alpine`
This image is based on latest stable official Alpine Linux [openjdk](https://hub.docker.com/_/openjdk/) 8 image provided by Docker. Embed Yacy compiled from latest git repository sources.
* `yacy/yacy_search_server:latest`: This image is based on latest stable official Debian stable [openjdk](https://hub.docker.com/_/openjdk/) 8 image provided by Docker. Embed Yacy compiled from latest git repository sources.
* `yacy/yacy_search_server:latest-alpine`: This image is based on latest stable official Alpine Linux [openjdk](https://hub.docker.com/_/openjdk/) 8 image provided by Docker. Embed Yacy compiled from latest git repository sources.
## Default admin account
## Default admin account
login : admin
* login: admin
* password: yacy
password : docker
You should modify this default password with page /ConfigAccounts_p.html when exposing publicly your YaCy container.
You should modify this default password with page /ConfigAccounts_p.html when exposing publicly your YaCy container.
## Usage
## Usage
### First start
### First start
#### Most basic
#### Most basic
docker run yacy/yacy_search_server
docker run yacy/yacy_search_server
YaCy web interface is then exposed at http://[container_ip]:8090.
YaCy web interface is then exposed at http://[container_ip]:8090
You can retrieve the container IP address with `docker inspect`.
You can retrieve the container IP address with `docker inspect`.
* --name: allow easier management of your container (without it, docker automatically generate a new name at each startup).
* --name: allow easier management of your container (without it, docker automatically generate a new name at each startup).
* -p 8090:8090 -p 8443:8443: map host ports to YaCy container ports, allowing web interface access through the usual http://localhost:8090 and https://localhost:8443 (you can set a different mapping, for example -p 443:8443 if you prefer to use the default HTTPS port on your host)
* -p 8090:8090 -p 8443:8443: map host ports to YaCy container ports, allowing web interface access through the usual http://localhost:8090 and https://localhost:8443 (you can set a different mapping, for example -p 443:8443 if you prefer to use the default HTTPS port on your host)
* --log-opt max-size: limit maximum docker log file size for this container
* --log-opt max-size: limit maximum docker log file size for this container
* --log-opt max-file: limit number of docker rotated log files for this container
* --log-opt max-file: limit number of docker rotated log files for this container
Note: if you do not specify the log related options, when running a YaCy container 24hour a day with default log level, your Docker container log file will grow up to some giga bytes in a few days!
Note: if you do not specify the log related options, when running a YaCy container 24hour a day with default log level, your Docker container log file will grow up to some giga bytes in a few days!
#### Handle persistent data volume
#### Handle persistent data volume
As configured in the Dockerfile, by default yacy data (in /opt/yacy_search_server/DATA) will persist after container stop or deletion, in a volume with an automatically generated id.
As configured in the Dockerfile, by default yacy data (in /opt/yacy_search_server/DATA) will persist after container stop or deletion, in a volume with an automatically generated id.
But you may map a host directory to hold yacy data in container:
But you may map a host directory to hold yacy data in container:
docker run -v [/your_host/data/directory]:/opt/yacy_search_server/DATA yacy/yacy_search_server
docker run -v [/your_host/data/directory]:/opt/yacy_search_server/DATA yacy/yacy_search_server
Or just use a volume label to help identify it later
Or just use a volume label to help identify it later
docker run -v yacy_volume:/opt/yacy_search_server/DATA yacy/yacy_search_server
docker run -v yacy_volume:/opt/yacy_search_server/DATA yacy/yacy_search_server
Note that you can list all docker volumes with:
Note that you can list all docker volumes with:
docker volume ls
docker volume ls
#### Start as background process
#### Start as background process
docker run -d yacy/yacy_search_server
docker run -d yacy/yacy_search_server
### HTTPS support
### HTTPS support
@ -93,89 +98,87 @@ This images are default configured with HTTPS enabled, and use a default certifi
A self-signed certificate will provide encrypted communications with your YaCy server, but browsers will still complain about an invalid security certificate with the error "SEC_ERROR_UNKNOWN_ISSUER". If it is sufficient for you, you can permanently add and exception to your browser.
A self-signed certificate will provide encrypted communications with your YaCy server, but browsers will still complain about an invalid security certificate with the error "SEC_ERROR_UNKNOWN_ISSUER". If it is sufficient for you, you can permanently add and exception to your browser.
This kind of certificate can be generated and added to your YaCy Docker container with the following:
This kind of certificate can be generated and added to your YaCy Docker container with the following:
Importing a certificate validated by a certification authority (CA) will ensure you have full HTTPS support with no security errors when accessing your YaCy peer. You can import an existing certificate in pkcs12 format.
Importing a certificate validated by a certification authority (CA) will ensure you have full HTTPS support with no security errors when accessing your YaCy peer. You can import an existing certificate in pkcs12 format.
First copy it to the YaCy Docker container volume:
First copy it to the YaCy Docker container volume:
Michael Peter Christen
4 years ago