From 2a44208f567273fa700229c8b76ef1b0587cc69b Mon Sep 17 00:00:00 2001 From: Simon L Date: Sun, 16 Apr 2023 18:19:47 +0200 Subject: [PATCH] add custom ipv6 docs Signed-off-by: Simon L --- docker-ipv6-support.md | 28 ++++++++++++++++++++++++++++ docker-rootless.md | 2 +- readme.md | 2 +- 3 files changed, 30 insertions(+), 2 deletions(-) create mode 100644 docker-ipv6-support.md diff --git a/docker-ipv6-support.md b/docker-ipv6-support.md new file mode 100644 index 00000000..a7c475d7 --- /dev/null +++ b/docker-ipv6-support.md @@ -0,0 +1,28 @@ +# IPv6-Support for Docker + +**Note**: IPv6 networking is only supported on Docker daemons running on Linux hosts. So it is neither supported on Windows nor on macOS. + +Before you can use IPv6 in Docker containers or swarm services, you need to enable IPv6 support in the Docker daemon. Afterward, you can choose to use either IPv4 or IPv6 (or both) with any container, service, or network. + +1. Edit `/etc/docker/daemon.json` (or `~/.config/docker/daemon.json` in case of docker-rootless), set the `ipv6` key to `true` and the `fixed-cidr-v6` key to your IPv6 subnet. In this example we are setting it to `2001:db8:1::/64`. Additionally set `experimental` to `true` and `ip6tables` to `true` as well. + + ```json + { + "ipv6": true, + "fixed-cidr-v6": "2001:db8:1::/64", + "experimental": true, + "ip6tables": true + } + ``` + + Save the file. + +2. Reload the Docker configuration file. + + ```console + sudo systemctl reload docker + ``` + +You can now create networks with the `--ipv6` flag and assign containers IPv6 addresses using the `--ip6` flag. + +**Note**: This is a copy of the original docker docs at https://docs.docker.com/config/daemon/ipv6/ which apparently are not correct. However experimental is set to true which the ip6tables feature needs. Thus it will not get included into the official docs. However it is needed to make it work in our testing. diff --git a/docker-rootless.md b/docker-rootless.md index 11c9c6bf..b9b8426d 100644 --- a/docker-rootless.md +++ b/docker-rootless.md @@ -4,7 +4,7 @@ You can run AIO with docker rootless by following the steps below. 0. If docker is already installed, you should consider disabling it first: (`sudo systemctl disable --now docker.service docker.socket`) 1. Install docker rootless by following the official documentation: https://docs.docker.com/engine/security/rootless/#install. The easiest way is installing it **Without packages** (`curl -fsSL https://get.docker.com/rootless | sh`). Further limitations, distribution specific hints, etc. are discussed on the same site. Also do not forget to enable the systemd service, which may not be enabled always by default. See https://docs.docker.com/engine/security/rootless/#usage. (`systemctl --user enable docker`) -1. If you need ipv6 support, you should enable it by following https://docs.docker.com/config/daemon/ipv6/. The daemon.json file is most likely stored in `~/.config/docker/daemon.json`. +1. If you need ipv6 support, you should enable it by following https://github.com/nextcloud/all-in-one/blob/main/docker-ipv6-support.md. 1. Do not forget to set the mentioned environmental variables and in best case add them to your `~/.bashrc` file as shown! 1. Also do not forget to run `loginctl enable-linger USERNAME` (and substitute USERNAME with the correct one) in order to make sure that user services are automatically started after every reboot. 1. Expose the privileged ports by following https://docs.docker.com/engine/security/rootless/#exposing-privileged-ports. (`sudo setcap cap_net_bind_service=ep $(which rootlesskit); systemctl --user restart docker`) diff --git a/readme.md b/readme.md index 5540e7b8..bbb93c7b 100644 --- a/readme.md +++ b/readme.md @@ -17,7 +17,7 @@ The following instructions are meant for installations without a web server or r ```sh curl -fsSL https://get.docker.com | sudo sh ``` -1. If you need ipv6 support, you should enable it by following https://docs.docker.com/config/daemon/ipv6/. +1. If you need ipv6 support, you should enable it by following https://github.com/nextcloud/all-in-one/blob/main/docker-ipv6-support.md. 2. Run the command below in order to start the container: ``` # For Linux and without a web server or reverse proxy (like Apache, Nginx and else) already in place: