Sign upLogin

dotcloud/docker

View on GitHub
Star
hack/make/run

Summary

Maintainability
Test Coverage
#!/usr/bin/env bash

set -e
rm -rf "$DEST"

if ! command -v dockerd &> /dev/null; then
    echo >&2 'error: binary-daemon or dynbinary-daemon must be run before run'
    false
fi

DOCKER_COMMAND="$(command -v dockerd)"

DOCKER_GRAPHDRIVER=${DOCKER_GRAPHDRIVER:-vfs}
DOCKER_USERLANDPROXY=${DOCKER_USERLANDPROXY:-true}

# example usage: DOCKER_STORAGE_OPTS="dm.basesize=20G,dm.loopdatasize=200G"
storage_params=""
if [ -n "$DOCKER_STORAGE_OPTS" ]; then
    IFS=','
    for i in ${DOCKER_STORAGE_OPTS}; do
        storage_params="--storage-opt $i $storage_params"
    done
    unset IFS
fi

listen_port=2375
if [ -n "$DOCKER_PORT" ]; then
    listen_port="${DOCKER_PORT##*:}"
fi

if [ -n "$DELVE_PORT" ]; then
    delve_listen_port="${DELVE_PORT##*:}"
fi

extra_params="$DOCKERD_ARGS"
if [ "$DOCKER_REMAP_ROOT" ]; then
    extra_params="$extra_params --userns-remap $DOCKER_REMAP_ROOT"
fi

if [ -n "$DOCKER_EXPERIMENTAL" ]; then
    extra_params="$extra_params --experimental"
fi

socket=/var/run/docker.sock
if [ -n "$DOCKER_ROOTLESS" ]; then
    user="unprivilegeduser"
    uid=$(id -u $user)
    # shellcheck disable=SC2174
    mkdir -p -m 700 "/tmp/docker-${uid}"
    chown $user "/tmp/docker-${uid}"
    socket=/tmp/docker-${uid}/docker.sock
fi

# shellcheck disable=SC2206
args=(
    --debug
    --host="tcp://0.0.0.0:${listen_port}"
    --host="unix://${socket}"
    --storage-driver="${DOCKER_GRAPHDRIVER}"
    --userland-proxy="${DOCKER_USERLANDPROXY}"
    --tls=false
    $storage_params
    $extra_params
)

dockerd=("$DOCKER_COMMAND")

if [ -n "$DELVE_PORT" ]; then
    dockerd=(
        dlv
        --listen="0.0.0.0:$delve_listen_port"
        --headless=true
        --log
        --api-version=2
        --only-same-user=false
        --check-go-version=false
        --accept-multiclient
        exec "${dockerd[@]}" --
    )
fi

if [ -n "$DOCKER_ROOTLESS" ]; then
    dockerd=(
        sudo -u "$user"
        -E DOCKERD="${dockerd[*]}"
        -E XDG_RUNTIME_DIR="/tmp/docker-${uid}"
        -E XDG_CONFIG_HOME="/home/${user}/.config"
        -E HOME="/home/${user}"
        --
        dockerd-rootless.sh
    )
fi

# On a host using nftables, the ip6_tables kernel module may need to be loaded.
# This trick is borrowed from the docker (dind) official image ...
# "modprobe" without modprobe
#   https://twitter.com/lucabruno/status/902934379835662336
# This isn't 100% fool-proof, but it'll have a much higher success rate than
# simply using the "real" modprobe (which isn't installed in the dev container).
if ! ip6tables -nL > /dev/null 2>&1; then
    ip link show ip6_tables > /dev/null 2>&1 || true
    if ! ip6tables -nL > /dev/null 2>&1; then
        echo >&2 'ip6tables is not available'
    fi
fi

set -x
# shellcheck disable=SC2086
exec "${dockerd[@]}" "${args[@]}"