76 lines
2.6 KiB
Bash
76 lines
2.6 KiB
Bash
#!/bin/bash
|
|
set -euxo pipefail
|
|
|
|
# see https://github.com/moby/moby/releases
|
|
# renovate: datasource=github-releases depName=moby/moby
|
|
default_docker_version='28.3.3'
|
|
|
|
# see https://github.com/moby/moby/releases
|
|
docker_version="${1:-$default_docker_version}"; shift || true
|
|
registry_proxy_domain="${1:-$(hostname --fqdn)}"; shift || true
|
|
# NB as-of docker 19.03.8, there is still no way to specify a registry mirror credentials,
|
|
# as such, we cannot use our docker-group registry, instead we must use the docker-proxy
|
|
# registry and allow anonymous access to it.
|
|
# see https://github.com/moby/moby/issues/30880
|
|
registry_proxy_host="$registry_proxy_domain:5002"
|
|
registry_proxy_url="https://$registry_proxy_host"
|
|
|
|
# prevent apt-get et al from asking questions.
|
|
# NB even with this, you'll still get some warnings that you can ignore:
|
|
# dpkg-preconfigure: unable to re-open stdin: No such file or directory
|
|
export DEBIAN_FRONTEND=noninteractive
|
|
|
|
# make sure the package index cache is up-to-date before installing anything.
|
|
apt-get update
|
|
|
|
# install docker.
|
|
# see https://docs.docker.com/engine/installation/linux/docker-ce/ubuntu/#install-using-the-repository
|
|
apt-get install -y apt-transport-https software-properties-common
|
|
wget -qO- https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /etc/apt/keyrings/download.docker.com.gpg
|
|
echo "deb [arch=amd64 signed-by=/etc/apt/keyrings/download.docker.com.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" >/etc/apt/sources.list.d/docker.list
|
|
apt-get update
|
|
apt-cache madison docker-ce
|
|
docker_package_version="$(apt-cache madison docker-ce | awk "/$docker_version/{print \$3}")"
|
|
apt-get install -y "docker-ce=$docker_package_version" "docker-ce-cli=$docker_package_version" containerd.io
|
|
|
|
# configure it.
|
|
systemctl stop docker
|
|
cat >/etc/docker/daemon.json <<'EOF'
|
|
{
|
|
"experimental": false,
|
|
"debug": false,
|
|
"features": {
|
|
"buildkit": true
|
|
},
|
|
"log-driver": "journald",
|
|
"labels": [
|
|
"os=linux"
|
|
],
|
|
"hosts": [
|
|
"fd://"
|
|
],
|
|
"containerd": "/run/containerd/containerd.sock",
|
|
"registry-mirror": "$registry_proxy_url"
|
|
}
|
|
EOF
|
|
# start docker without any command line flags as its entirely configured from daemon.json.
|
|
install -d /etc/systemd/system/docker.service.d
|
|
cat >/etc/systemd/system/docker.service.d/override.conf <<'EOF'
|
|
[Service]
|
|
ExecStart=
|
|
ExecStart=/usr/bin/dockerd
|
|
EOF
|
|
systemctl daemon-reload
|
|
systemctl start docker
|
|
|
|
# let the vagrant user manage docker.
|
|
usermod -aG docker vagrant
|
|
|
|
# kick the tires.
|
|
ctr version
|
|
docker version
|
|
docker info
|
|
docker network ls
|
|
ip link
|
|
bridge link
|