create AUR docker-rootless

5 files changed, 96 insertions, 0 deletions

diff --git a/.SRCINFO b/.SRCINFO
new file mode 100644
index 000000000000..a7a63e32b000
--- /dev/null
+++ b/.SRCINFO
@@ -0,0 +1,17 @@
+pkgbase = docker-rootless
+	pkgdesc = Run the Docker daemon as a non-root user (Rootless mode)
+	pkgver = 1
+	pkgrel = 1
+	url = https://docs.docker.com/engine/security/rootless/
+	install = docker-rootless.install
+	arch = x86_64
+	license = Apache
+	depends = docker
+	provides = docker-rootless
+	source = https://master.dockerproject.org/linux/x86_64/docker-rootless-extras.tgz
+	source = docker.service
+	md5sums = 943e113aedab4ee159977d9d16f7e712
+	md5sums = 30a7a07f461b6c9f2f068a9505ba79bc
+
+pkgname = docker-rootless
+
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 000000000000..1d1b73b03d7b
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,3 @@
+docker-rootless-*
+src
+pkg
diff --git a/PKGBUILD b/PKGBUILD
new file mode 100644
index 000000000000..dd015edfa7f2
--- /dev/null
+++ b/PKGBUILD
@@ -0,0 +1,25 @@
+# Maintainer: PastLeo <chgu82837@gmail.com>
+pkgname=docker-rootless
+pkgver=1
+pkgrel=1
+pkgdesc="Run the Docker daemon as a non-root user (Rootless mode)"
+arch=('x86_64')
+url="https://docs.docker.com/engine/security/rootless/"
+license=('Apache')
+depends=('docker')
+provides=('docker-rootless')
+install=docker-rootless.install
+source=(
+	"https://master.dockerproject.org/linux/x86_64/docker-rootless-extras.tgz"
+	"docker.service"
+)
+md5sums=(
+	"943e113aedab4ee159977d9d16f7e712"
+	"30a7a07f461b6c9f2f068a9505ba79bc"
+)
+
+package() {
+	mkdir -p "$pkgdir/usr/bin/"
+	install -Dm755 "$srcdir/docker-rootless-extras/"* "$pkgdir/usr/bin/"
+	install -Dm644 "$srcdir/docker.service" "$pkgdir/usr/lib/systemd/user/docker.service"
+}
diff --git a/docker-rootless.install b/docker-rootless.install
new file mode 100644
index 000000000000..db36f507a6b6
--- /dev/null
+++ b/docker-rootless.install
@@ -0,0 +1,28 @@
+post_install() {
+	cat <<EOT
+
+=== Post installation message from docker-rootless ===
+This is based on https://docs.docker.com/engine/security/rootless/
+To Run the Docker daemon as a non-root user (Rootless mode) for ArchLinux, you need to do the following things:
+
+1. configure kernel settings
+
+create '/etc/sysctl.d/99-docker-rootless.conf': 'kernel.unprivileged_userns_clone=1'
+
+and then run: 'sudo sysctl --system'
+
+> see https://docs.docker.com/engine/security/rootless/#distribution-specific-hint for detailed information
+
+2. configure subuid and subgid
+
+and create '/etc/subuid' and '/etc/subgid' with: 'testuser:231072:65536' (for example, 'testuser' is username)
+
+> see https://docs.docker.com/engine/security/userns-remap/#prerequisites for detailed information
+
+3. start and enable user service: 'systemctl --user status|start|stop docker'
+
+4. finally set docker socket environment variable: 'export DOCKER_HOST=unix://\$XDG_RUNTIME_DIR/docker.sock', you can also add it to '~/.bashrc' or somewhere alike
+=========
+
+EOT
+}
diff --git a/docker.service b/docker.service
new file mode 100644
index 000000000000..76ae83c29436
--- /dev/null
+++ b/docker.service
@@ -0,0 +1,23 @@
+[Unit]
+Description=Docker Application Container Engine (Rootless)
+Documentation=https://docs.docker.com
+
+[Service]
+Environment=PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+Environment=DOCKERD_FLAGS="--experimental --storage-driver=vfs"
+ExecStart=/usr/bin/dockerd-rootless.sh $DOCKERD_FLAGS
+ExecReload=/bin/kill -s HUP $MAINPID
+TimeoutSec=0
+RestartSec=2
+Restart=always
+StartLimitBurst=3
+StartLimitInterval=60s
+LimitNOFILE=infinity
+LimitNPROC=infinity
+LimitCORE=infinity
+TasksMax=infinity
+Delegate=yes
+Type=simple
+
+[Install]
+WantedBy=multi-user.target