| On void linux. | |
| Under `/etc/containers/` there is a file called `registries.conf`. It is complemented by `man 5 containers-registries.conf`. | |
| Change (for me lines 11-12) which say | |
| [registries.search] | |
| registries = [] | |
In order for the LXC container to have full access the proxmox host directory, a subgid is set as owner of a host directory, and an ACL is used to ensure permissions.
Add the following line to /etc/pve/lxc/<CT_ID>.conf
mp0:/mount/point/on/host,mp=/mount/point/on/lxc
In the default Proxmox configuration, unpriviliged container subgids will have the prefix "10" followed by the expected 4-digit gid.
| I tried every possible combination of configurations in the last two hours. | |
| What reliably fixed it for me is this: | |
| Creating a "Allow 0.0.0.0/0" rule in the Access List Tab | |
| Deactivating "Satisfy Any" in ACL Tab | |
| Create a NEW Proxy Host. | |
| Deactivating HTST, HTST Subdomains and HTTP/2 in the Proxy Host Tab. Force SSL works for me when everything else is off. | |
| And yes. It is crucial to first create the ACL and then create a NEW Proxy Host. Adding the ACL to an existing proxy host will result in 403 error, or in logging in having no effect and login window showing over and over again. | |
| Note: When I misconfigured it i had to "clear the site data" in the browser for it to work again once it was configured right. |
| version: "3.4" | |
| services: | |
| netmaker: | |
| container_name: netmaker | |
| image: gravitl/netmaker:$SERVER_IMAGE_TAG | |
| env_file: ./netmaker.env | |
| restart: always | |
| volumes: |
In case there's already a DHCP config for netplan for the private IP address:
File: /etc/netplan/50-cloud-init.yaml
Contents:
# This file is generated from information provided by
# the datasource. Changes to it will not persist across an instance.
# To disable cloud-init's network configuration capabilities, write a file
# /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following:
| We're going to adjust the installer script: | |
| If you want to take a look at it beforehand it's in this repo under "/usr/sbin/truenas-install" https://github.com/truenas/truenas-installer | |
| # to get working arrow keys and command recall type bash to start a bash console: | |
| bash | |
| # find the installer script, this should yield 3 hits | |
| find / -name truenas-install | |
| # /usr/sbin/truenas-install is the one we're after | |
| # feel the pain as vi seems to be the only available editor |
| #!/usr/bin/env bash | |
| # | |
| # Enable docker and docker-compose on TrueNAS SCALE (no Kubernetes) | |
| # | |
| # This script is a hack! Use it at your own risk!! | |
| # Using this script to enable Docker is NOT SUPPORTED by ix-systems! | |
| # You CANNOT use SCALE Apps while using this script! | |
| # | |
| # 1 Create a dedicated Docker zvol on one of your zpools: zfs create -V 100G data/_docker |
This assumes you have installed a docker swarm
When one has a docker swarm a container running on any node in the swarm can be accesed using any IP address of any swarm memeber.
For example if you had a single web server running on port 80, on one node of a swarm you could access the web server with any of the following IP addresses:
See this issue.
Docker best practise to Control and configure Docker with systemd.
Create daemon.json file in /etc/docker:
{"hosts": ["tcp://0.0.0.0:2375", "unix:///var/run/docker.sock"]}