Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

Common Docker setup guidelines

These guidelines are fit for setting up a simple docker-compose orchestrated system.

1. Required software

The server must have the docker systemd service, which must be enabled.

The docker engine must be of the latest version that the package repository provides.

There must be a docker compose plugin installed with a version of at least 2.20

2. Users

There must be a ci user, regardless if any CI pipelines are actually set up.

This user must also have the git credentials set up.

3. Docker compose directory placement

All services must be placed in the /opt/cont directory, with each service having the following directory: /opt/cont/%s/, where %s is a service name.

In addition, they may be grouped like this: /opt/cont/%s/%s/, where the first %s is the name of the group, and the second %s is a name of a service inside the group.

/opt/cont must be owned by ci:ci, as well as all of its chlidren. It is permissible that inside a service some files may be owned by root:root due to container limitations.

3.1. Docker image files placement

Custom per-server images must be placed in the /opt/image directory, with its first-level subdirectories being named as it is with the services.

/opt/cont must be owned by ci:ci, as well as all of its chlidren, with no exceptions, unlike the service directories.

4. Updating code from Git

You must run all git commands as the ci user:

sudo -uci git pull
sudo -uci git clone ...

4.1. Comitting code to git

In rare cases, it may be necessary to do some changes on the server. When that happens, you should set up your git name and email on your personal administrator account and temporarily reassign the ownership to yourself for just enough time to make the commit:

git config --global user.name ...
git config --global user.email ...

sudo chmod -R "$(id -u):$(id -g)" .
git add file1 file2 ... fileN
git commit -m "change stuff"
sudo chmod -R ci:ci .

And if you want to push these changes, you will have to run the git push command as the ci user, and do not set up git credentials for your own user.