Lossless Image Compressions using Docker

I tried couple of existing docker containers to compress images without success. Both suffered a sever security threat because of being ‘very old’. There was only one complete tool zevilz/zImageOptimizer and that too didn’t have docker (have sent a pull request) meaning that you have to install everything for the compression.

I turned it into docker image over  varunbatrait/zimageoptimizer

My primary requirement was to use this image to shrink images every week or a fortnight on few blogs or images shot by my camera.This docker image is ideal for that.

It supports cron and as a web user compressing images helps in saving your BW and thus contribute you scalability.

Supported Format

  1. JPEG
  2. PNG
  3. GIF

How to use?

There are two ways to do it:

Maintain the marker

Marker is just a file with a timestamp of last run command. If new images are added, zImageOptimizer will consider only new image.

docker run -it -u "$UID:$GID" -d --volume /mnt/ImagesHundred/marker:/work/marker --volume /mnt/ImagesHundred/images/:/work/images/ -v /etc/passwd:/etc/passwd:ro -v /etc/group:/etc/group:ro varunbatrait/zimageoptimizer ./zImageOptimizer.sh -p /work/images/ -q -n -m /work/marker/marker

Not Maintaining the marker

docker run -u "$UID:$GID" --volume /path/to/images:/work/images -v /etc/passwd:/etc/passwd:ro -v /etc/group:/etc/group:ro  varunbatrait/zimageoptimizer

Takeaways:

  1. Images are losslessly compressed – no quality loss.
  2. You don’t have to install dependencies on every server. It is in docker.
  3. You can use it with cron.

Pain with PNGs

Please note that PNGs images can take significant time (15-25 seconds per image) and CPU (almost 100%). Just stay calm! 🙂

Worth Sharing?

Passing Real IP in WordPress behind Proxy or in Docker

If you have followed the tutorial on How to run WordPress Blog behind Nginx Secure (https) Proxy, you might be under a situation that WordPress is showing all ips as proxy ips. In case of Docker it must be like 172.X.X.X otherwise, it is the ip of your server. 

If this is a problem?

You might be wondering if this is worth solving? Well Yes!, Most of the real comments were categorized as spam. 

Adding Real-IP to WordPress

Step 1 – Editing WordPress config

In wp-config.php file add following lines just above /* That’s all, stop editing! Happy blogging. */

// Use X-Forwarded-For HTTP Header to Get Visitor's Real IP Address
if ( isset( $_SERVER['HTTP_X_FORWARDED_FOR'] ) ) {
  $http_x_headers = explode( ',', $_SERVER['HTTP_X_FORWARDED_FOR'] );
  $_SERVER['REMOTE_ADDR'] = $http_x_headers[0];
}
/* That's all, stop editing! Happy blogging. */

Step 2 – Editing Nginx

Inside your proxy settings in nginx, simply add this:

proxy_set_header        HTTP_X_FORWARDED_FOR       $remote_addr;

In case of WordPress Behind Docker

In case if you are using Docker, you will need to copy wp-config.php from container and later copy to container. This can be done as following.

#Copy from docker container
docker cp project_wordpress_1:/var/www/html/wp-config.php .

#Copy to docker container
docker cp wp-config.php project_wordpress_1:/var/www/html/wp-config.php

Easy-peasy right?

Worth Sharing?

Launch your VPN using Docker under a minute

You might be wondering that having your own VPN is very hard to configure, we thought that too. You will be surprised to know that as long as you have af_key module.

 

af_key Module

You can check it by issuing following command

sudo modprobe af_key

If you see this kind of error, that means it isn’t present and you have to change your configuration:

modprobe: ERROR: ../libkmod/libkmod.c:586 kmod_search_moddep() could not open moddep file '/lib/modules/4.17.8-x86_64-linode110/modules.dep.bin'
modprobe: FATAL: Module af_key not found in directory /lib/modules/4.17.8-x86_64-linode110

You can try adding following to /etc/modules like and remote your server but it will not work if your kernel doesn’t support it.

af_key

Run a 5$/month Linode for your own VPN

If you have Linode, you can choose GRUB2 kernel to enable af_key as shown below.

docker-compose.yml for VPN

Following is the content of your docker-compose.yml


version: '3.2'
services:
  vpn:
    image: hwdsl2/ipsec-vpn-server
    restart: always
    hostname: localvpn
    privileged: true
    volumes:
        - "/etc/passwd:/etc/passwd:ro"
        - "/etc/group:/etc/group:ro"
        - "/lib/modules:/lib/modules:ro"
    ports:
        - "500:500/udp"
        - "4500:4500/udp"
    environment:
        - VPN_IPSEC_PSK=secret_code
        - VPN_USER=login_with_this_user
        - VPN_PASSWORD=login_with_this_password

Run VPN

docker-compose up -d

Now use above credentials to connect to your VPN and it should run without any issues.

 

Worth Sharing?