Skip to content

Instantly share code, notes, and snippets.

@shizonic

shizonic/README.md

Forked from e-minguez/README.md
Created December 29, 2021 06:54
Show Gist options
  • Save shizonic/7c8ecfc347e2cc737bd1c30999898cef to your computer and use it in GitHub Desktop.
Save shizonic/7c8ecfc347e2cc737bd1c30999898cef to your computer and use it in GitHub Desktop.
Download ZIP
docker on lxc on turris omnia
Raw
README.md

Turris

opkg install kmod-veth
opkg install kmod-ipt-extra
opkg install iptables-mod-extra
  • Install a new container (I created an arch linux container)
  • Open up the /srv/lxc/containername/config file for editing:
# Be aware this has security implications
lxc.include = /usr/share/lxc/config/nesting.conf

# Configure network to bridge to lan
lxc.net.0.type = veth
lxc.net.0.link = br-lan
lxc.net.0.flags = up
lxc.net.0.name = eth0
lxc.net.0.hwaddr = 22:11:85:de:f9:fb
# Add the following lines to open up access to the host, allowing docker to successfully start
raw.lxc: |-
lxc.mount.auto = cgroup:rw:force
lxc.cgroup.devices.allow = a
security.nesting: "true"
security.privileged: "true"
lxc.cap.drop =
  • Save and exit the config file
  • Start the lxc container
lxc-start -n <container_name>
  • Attach to the console of the lxc container
lxc-attach -n <container_name>

Install prerrequisites:

apt install iptables kmod
update-alternatives --set iptables /usr/sbin/iptables-legacy
update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy

Finally, install docker:

curl -fsSL https://get.docker.com -o get-docker.sh
sudo sh get-docker.sh
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment