gandalf/secubox-openwrt
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs: Document Docker to LXC migration for mail and media services

Browse Source 
Migrated services from Docker to LXC:
- mailserver: Postfix/Dovecot on Alpine (192.168.255.30)
- roundcube: Webmail on Alpine with nginx/PHP (port 8027)
- jellyfin: Media server on Debian (192.168.255.31)

All Docker containers removed, auto-start via /etc/init.d/secubox-lxc

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
CyberMind-FR 2026-02-14 09:02:11 +01:00
parent 2637fb516b
commit 3d78b22d85
1 changed files with 53 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

53
.claude/HISTORY.md
View File

@ -1449,3 +1449,56 @@ _Last updated: 2026-02-11_
- Streamlit apps work with full WebSocket support
- Other services still protected by mitmproxy WAF
- Hybrid approach balances security and functionality
## 2026-02-14: Docker to LXC Migration - Mail Services
### Converted Services
1. **Mailserver** (Docker `secubox-mailserver` → LXC `mailserver`)
- Alpine Linux with Postfix + Dovecot
- IP: 192.168.255.30
- Ports: SMTP (25), SMTPS (465), Submission (587), IMAP (143), IMAPS (993)
- User: `admin@secubox.in` / `NDdC73130`
2. **Roundcube Webmail** (Docker `secubox-webmail` → LXC `roundcube`)
- Alpine Linux with nginx + PHP-FPM + Roundcube 1.6.12
- Host networking, port 8027
- Connected to mailserver at ssl://192.168.255.30:993
### LXC Configurations
- `/srv/lxc/mailserver/config` - Mail server container
- `/srv/lxc/roundcube/config` - Webmail container
- `/srv/lxc/mailserver/rootfs/opt/start-mail.sh` - Startup script
- `/srv/lxc/roundcube/rootfs/opt/start-roundcube.sh` - Startup script
### Result
- Docker containers removed
- Services accessible via https://webmail.gk2.secubox.in
- Auto-start via `/etc/init.d/secubox-lxc`
## 2026-02-14: Docker to LXC Migration - Jellyfin
### Converted Service
- **Jellyfin** (Docker `secbx-jellyfin` → LXC `jellyfin`)
- Debian-based (exported from Docker image)
- IP: 192.168.255.31
- Port: 8096
- Jellyfin 10.11.6
### LXC Configuration
- `/srv/lxc/jellyfin/config` - Container config with bind mounts
- `/srv/lxc/jellyfin/rootfs/opt/start-jellyfin.sh` - Startup script
- Mounts: /srv/SHARE (media, ro), /srv/jellyfin/config, /srv/jellyfin/cache
### HAProxy Updates
- Updated `haproxy.cfg5726ed_media.address` to 192.168.255.31
- Added `waf_bypass=1` for media.maegia.tv
- Disabled Docker jellyfin init script (`/etc/init.d/jellyfin`)
### Auto-start Script
Updated `/etc/init.d/secubox-lxc` to manage all LXC containers:
- haproxy, mailserver, roundcube, jellyfin
### Result
- All Docker containers removed
- Jellyfin accessible via https://media.maegia.tv
- Full LXC-based infrastructure