universal-dind: initial release

This commit is contained in:
aptalca
2021-04-06 16:46:57 -04:00
parent d1dc6e5858
commit 16eb7b6d87
9 changed files with 171 additions and 78 deletions
+6
View File
@@ -0,0 +1,6 @@
#!/usr/bin/with-contenv bash
ABC_USER=$(id -nu ${PUID:-911})
exec \
s6-setuidgid ${ABC_USER} s6-log n30 s10000000 S30000000 T !"gzip -nq9" /config/logs/dockerd
+27
View File
@@ -0,0 +1,27 @@
#!/usr/bin/with-contenv bash
## dind hack from https://github.com/moby/moby/blob/master/hack/dind
export container=docker
if [ -d /sys/kernel/security ] && ! mountpoint -q /sys/kernel/security; then
mount -t securityfs none /sys/kernel/security || {
echo 'Could not mount /sys/kernel/security.'
echo 'AppArmor detection and --privileged mode might break.'
}
fi
# Mount /tmp (conditionally)
if ! mountpoint -q /tmp; then
mount -t tmpfs none /tmp
fi
# cgroup v2: enable nesting
if [ -f /sys/fs/cgroup/cgroup.controllers ]; then
# move the init process (PID 1) from the root group to the /init group,
# otherwise writing subtree_control fails with EBUSY.
mkdir -p /sys/fs/cgroup/init
echo 1 > /sys/fs/cgroup/init/cgroup.procs
# enable controllers
sed -e 's/ / +/g' -e 's/^/+/' < /sys/fs/cgroup/cgroup.controllers \
> /sys/fs/cgroup/cgroup.subtree_control
fi
exec 2>&1 /usr/local/bin/dockerd \
--data-root "/config/var/lib/docker"