From c447a4defcc251c627c83cc8e48f003ff8114fb3 Mon Sep 17 00:00:00 2001 From: Simon L Date: Thu, 28 Sep 2023 12:24:07 +0200 Subject: [PATCH] some small improvements to docker-rootles and multiple-instances docs Signed-off-by: Simon L --- docker-rootless.md | 2 +- multiple-instances.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docker-rootless.md b/docker-rootless.md index a3894a641ab..7e46cf49171 100644 --- a/docker-rootless.md +++ b/docker-rootless.md @@ -5,7 +5,7 @@ You can run AIO with docker rootless by following the steps below. 0. If docker is already installed, you should consider disabling it first: (`sudo systemctl disable --now docker.service docker.socket`) 1. Install docker rootless by following the official documentation: https://docs.docker.com/engine/security/rootless/#install. The easiest way is installing it **Without packages** (`curl -fsSL https://get.docker.com/rootless | sh`). Further limitations, distribution specific hints, etc. are discussed on the same site. Also do not forget to enable the systemd service, which may not be enabled always by default. See https://docs.docker.com/engine/security/rootless/#usage. (`systemctl --user enable docker`) 1. If you need ipv6 support, you should enable it by following https://github.com/nextcloud/all-in-one/blob/main/docker-ipv6-support.md. -1. Do not forget to set the mentioned environmental variables and in best case add them to your `~/.bashrc` file as shown! +1. Do not forget to set the mentioned environmental variables `PATH` and `DOCKER_HOST` and in best case add them to your `~/.bashrc` file as shown! 1. Also do not forget to run `loginctl enable-linger USERNAME` (and substitute USERNAME with the correct one) in order to make sure that user services are automatically started after every reboot. 1. Expose the privileged ports by following https://docs.docker.com/engine/security/rootless/#exposing-privileged-ports. (`sudo setcap cap_net_bind_service=ep $(which rootlesskit); systemctl --user restart docker`) 1. Use the official AIO startup command but use `--volume $XDG_RUNTIME_DIR/docker.sock:/var/run/docker.sock:ro` instead of `--volume /var/run/docker.sock:/var/run/docker.sock:ro` and also add `--env WATCHTOWER_DOCKER_SOCKET_PATH=$XDG_RUNTIME_DIR/docker.sock` to the initial container startup (which is needed for mastercontainer updates to work correctly). diff --git a/multiple-instances.md b/multiple-instances.md index d4065efa5fb..fd457e628da 100644 --- a/multiple-instances.md +++ b/multiple-instances.md @@ -7,7 +7,7 @@ Below is described more in detail how the the second way works. ## Run multiple AIO instances on the same server with docker rootless 1. Create as many linux users as you need first. The easiest way is to use `sudo adduser` and follow the setup for that. Make sure to create a strong unique password for each of them and write it down! -1. Log in as each of the users by opening a new SSH connection as the user and install docker rootless for each of them by following step 0-4 of the [docker rootless documentation](./docker-rootless.md). +1. Log in as each of the users by opening a new SSH connection as the user and install docker rootless for each of them by following step 0-1 and 3-4 of the [docker rootless documentation](./docker-rootless.md) (you can skip step 2 in this case). 1. Then install AIO in reverse proxy mode by using the command that is descriebed in step 2 and 3 of the [reverse proxy documentation](./reverse-proxy.md) but use a different `APACHE_PORT` and [`TALK_PORT`](https://github.com/nextcloud/all-in-one#how-to-adjust-the-talk-port) for each instance as otherwise it will bug out. Also make sure to adjust the docker socket and `WATCHTOWER_DOCKER_SOCKET_PATH` correctly for each of them by following step 6 of the [docker rootless documentation](./docker-rootless.md). Additionally, modify `--publish 8080:8080` to a different port for each container, e.g. `8081:8080` as otherwise it will not work.
**⚠️ Please note:** If you want to adjust the `NEXTCLOUD_DATADIR`, make sure to apply the correct permissions to the chosen path as documented at the bottom of the [docker rootless documentation](./docker-rootless.md). Also for the built-in backup to work, the target path needs to have the correct permissions as documented there, too. 1. Now install your webserver of choice on the host system. It is recommended to use caddy for this as it is by far the easiest solution. You can do so by following https://caddyserver.com/docs/install#debian-ubuntu-raspbian or below. (It needs to be installed directly on the host or on a different server in the same network).