diff options
| author | Hugo Osvaldo Barrera | 2020-12-18 19:41:24 +0100 |
|---|---|---|
| committer | Hugo Osvaldo Barrera | 2020-12-18 19:41:24 +0100 |
| commit | b1e4f3e090cc1246e9e3356c30b6224a75da6d88 (patch) | |
| tree | 88a299dcfb4069c749a47e8a29bcff0824e0e970 | |
| download | aur-b1e4f3e090cc1246e9e3356c30b6224a75da6d88.tar.gz | |
Initial commit
| -rw-r--r-- | .SRCINFO | 22 | ||||
| -rw-r--r-- | 99-docker-rootless.conf | 1 | ||||
| -rw-r--r-- | PKGBUILD | 34 | ||||
| -rw-r--r-- | docker-rootless-extras-bin.install | 23 | ||||
| -rw-r--r-- | docker.service | 22 | ||||
| -rw-r--r-- | docker.socket | 9 |
6 files changed, 111 insertions, 0 deletions
diff --git a/.SRCINFO b/.SRCINFO new file mode 100644 index 000000000000..91be3d066135 --- /dev/null +++ b/.SRCINFO @@ -0,0 +1,22 @@ +pkgbase = docker-rootless-extras-bin + pkgdesc = Extras to run docker as non-root. + pkgver = 20.10.1 + pkgrel = 1 + url = https://docs.docker.com/engine/security/rootless/ + install = docker-rootless-extras-bin.install + arch = x86_64 + license = Apache + depends = docker + provides = docker-rootless + provides = docker-rootless-extras + conflicts = docker-rootless + conflicts = docker-rootless-extras + source = https://download.docker.com/linux/static/stable/x86_64/docker-rootless-extras-20.10.1.tgz + source = docker.service + source = docker.socket + sha256sums = 12e6bccb2ebbb3386a0157d04c03950cbab670bdd910ed408d8740d0e1543af9 + sha256sums = 87b4bd7f8a1dc0462f58a25a5f8513eb316c45b2748dff5f4d2e2fa59be3f037 + sha256sums = d8695293e5d4a814763f13e1d36ed37273040666b4b91363d6c33171df8934c7 + +pkgname = docker-rootless-extras-bin + diff --git a/99-docker-rootless.conf b/99-docker-rootless.conf new file mode 100644 index 000000000000..dec5a7731e28 --- /dev/null +++ b/99-docker-rootless.conf @@ -0,0 +1 @@ +kernel.unprivileged_userns_clone=1 diff --git a/PKGBUILD b/PKGBUILD new file mode 100644 index 000000000000..8dc9982128f3 --- /dev/null +++ b/PKGBUILD @@ -0,0 +1,34 @@ +# Maintainer: Hugo Osvaldo Barrera <hugo@barrera.io> +# Contributors: PastLeo <chgu82837@gmail.com> +# Contributors: koba1t <kobdotsh at gmail dot com> + +pkgname=docker-rootless-extras-bin +pkgver=20.10.1 +pkgrel=1 +pkgdesc="Extras to run docker as non-root." +arch=('x86_64') +url="https://docs.docker.com/engine/security/rootless/" +license=('Apache') +depends=('docker') +optdpends=('fuse-overlayfs: overlayfs support' + 'slirp4netns: faster network stack') +provides=('docker-rootless' 'docker-rootless-extras') +conflicts=('docker-rootless' 'docker-rootless-extras') +install=$pkgname.install +source=( + "https://download.docker.com/linux/static/stable/x86_64/docker-rootless-extras-$pkgver.tgz" + "docker.service" + "docker.socket" +) + +sha256sums=('12e6bccb2ebbb3386a0157d04c03950cbab670bdd910ed408d8740d0e1543af9' + '87b4bd7f8a1dc0462f58a25a5f8513eb316c45b2748dff5f4d2e2fa59be3f037' + 'd8695293e5d4a814763f13e1d36ed37273040666b4b91363d6c33171df8934c7') + +package() { + mkdir -p "$pkgdir/usr/bin/" + + install -Dm755 "$srcdir/docker-rootless-extras/"* "$pkgdir/usr/bin/" + install -Dm644 "$srcdir/docker.service" "$pkgdir/usr/lib/systemd/user/docker.service" + install -Dm644 "$srcdir/docker.socket" "$pkgdir/usr/lib/systemd/user/docker.socket" +} diff --git a/docker-rootless-extras-bin.install b/docker-rootless-extras-bin.install new file mode 100644 index 000000000000..d60510a0b341 --- /dev/null +++ b/docker-rootless-extras-bin.install @@ -0,0 +1,23 @@ +post_install() { + sysctl --system + cat <<EOT + +=== Post installation message from docker-rootless === +This is based on https://docs.docker.com/engine/security/rootless/ +To Run the Docker daemon as a non-root user (Rootless mode) for ArchLinux, you need to do the following things: + +1. Configure subuid and subgid + +Create '/etc/subuid' and '/etc/subgid' with: 'testuser:231072:65536' (for example, 'testuser' is username) + +2. Enable socket-activation for the user service: 'systemctl --user enable --now docker.socket' + +3. Finally set docker socket environment variable: + + export DOCKER_HOST=unix://\$XDG_RUNTIME_DIR/docker.sock + +You can also add it to '~/.bashrc' or somewhere alike. + +========= +EOT +} diff --git a/docker.service b/docker.service new file mode 100644 index 000000000000..b9d3c8aaf5d1 --- /dev/null +++ b/docker.service @@ -0,0 +1,22 @@ +[Unit] +Description=Docker Application Container Engine (Rootless) +Documentation=https://docs.docker.com/engine/security/rootless/ + +[Service] +Environment=PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ExecStart=/usr/bin/dockerd-rootless.sh +ExecReload=/bin/kill -s HUP $MAINPID +TimeoutSec=0 +RestartSec=2 +Restart=always +StartLimitBurst=3 +StartLimitInterval=60s +LimitNOFILE=infinity +LimitNPROC=infinity +LimitCORE=infinity +TasksMax=infinity +Delegate=yes +Type=simple + +[Install] +WantedBy=default.target diff --git a/docker.socket b/docker.socket new file mode 100644 index 000000000000..7a057c554e2e --- /dev/null +++ b/docker.socket @@ -0,0 +1,9 @@ +[Unit] +Description=Docker Socket for the API + +[Socket] +ListenStream=%t/docker.sock +SocketMode=0660 + +[Install] +WantedBy=sockets.target |