search

konstruktoid / ansible-role-docker-rootless

Ansible role to install a rootless Docker server
Apache License 2.0
68 stars 22 forks source link

RootlessKit port driver #426

Closed msladek closed 3 months ago

msladek commented 3 months ago

I run reverse proxies in a docker rootless setup and need source IP propagation. Thus in my employments I extended your role with the following task for changing the RootlessKit's port driver: 

- name: Configure docker source IP propagation
  # https://docs.docker.com/engine/security/rootless/#docker-run--p-does-not-propagate-source-ip-addresses
  community.general.ini_file:
    path: ~/.config/systemd/user/docker.service.d/override.conf
    section: Service
    option: Environment
    values:
      - '"DOCKERD_ROOTLESS_ROOTLESSKIT_NET=slirp4netns"'
      - '"DOCKERD_ROOTLESS_ROOTLESSKIT_PORT_DRIVER=slirp4netns"'
    state: present
  become: true
  become_user: "{{ docker_user }}"
  notify: docker_service_restart

Would you be interested in a pull request extending the role with this functionality? We could introduce a var for the port driver, the default being builtin as is now but also providing slirp4netns and perhaps pasta.

If so I'd be willing to make this contribution.

konstruktoid commented 3 months ago

That sounds like a really good idea, @msladek feel free to create that PR

msladek commented 3 months ago

Sure, gonna open a PR next week.

msladek commented 3 months ago

https://github.com/konstruktoid/ansible-role-docker-rootless/pull/432 merged