From 9ff5d629869ee8d6e1024c1c25d973c36df6a9a1 Mon Sep 17 00:00:00 2001 From: Phorcys <57866459+phorcys420@users.noreply.github.com> Date: Tue, 12 Aug 2025 07:38:13 +0000 Subject: [PATCH 1/3] chore: add production usage disclaimer --- registry/coder-labs/templates/docker-build/README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/registry/coder-labs/templates/docker-build/README.md b/registry/coder-labs/templates/docker-build/README.md index 94d01b88..e24160a4 100644 --- a/registry/coder-labs/templates/docker-build/README.md +++ b/registry/coder-labs/templates/docker-build/README.md @@ -8,6 +8,10 @@ tags: [docker, container, dockerfile] # Remote Development on Docker Containers (Build from Dockerfile) +> [!NOTE] +> This template is designed to be a starting point for testing purposes. +> In a production environment, you would want to move away from storing the Dockerfile in-template and move towards using a centralized image registry. + Build and provision Docker containers from a Dockerfile as [Coder workspaces](https://coder.com/docs/workspaces) with this example template. This template builds a custom Docker image from the included Dockerfile, allowing you to customize the development environment by modifying the Dockerfile rather than using a pre-built image. From fa51da8592988c87026de816e89584bfe0140376 Mon Sep 17 00:00:00 2001 From: Phorcys <57866459+phorcys420@users.noreply.github.com> Date: Tue, 12 Aug 2025 07:47:39 +0000 Subject: [PATCH 2/3] chore: update README of docker-based templates --- .../templates/docker-build/README.md | 15 +++++++++++++-- .../templates/docker-devcontainer/README.md | 19 +++++++++++++++---- registry/coder/templates/docker/README.md | 15 +++++++++++++-- 3 files changed, 41 insertions(+), 8 deletions(-) diff --git a/registry/coder-labs/templates/docker-build/README.md b/registry/coder-labs/templates/docker-build/README.md index e24160a4..78002e8d 100644 --- a/registry/coder-labs/templates/docker-build/README.md +++ b/registry/coder-labs/templates/docker-build/README.md @@ -22,8 +22,19 @@ This template builds a custom Docker image from the included Dockerfile, allowin ### Infrastructure -The VM you run Coder on must have a running Docker socket and the `coder` user must be added to the Docker group: - +#### Running Coder inside Docker +If you installed Coder as a container within Docker, you will have to do the following things: +- Make the the Docker socket available to the container + - **(recommended) Mount `/var/run/docker.sock` via `--mount`/`volume`** + - _(advanced) Restrict the Docker socket via https://github.com/Tecnativa/docker-socket-proxy_ +- Set `--group-add`/`group_add` to the GID of the Docker group on the **host** machine + - You can get the GID by running `getent group docker` on the **host** machine + +If you are using `docker-compose`, here is an example on how to do those things (don't forget to edit `group_add`!): +https://github.com/coder/coder/blob/0bfe0d63aec83ae438bdcb77e306effd100dba3d/docker-compose.yaml#L16-L23 + +#### Running Coder outside of Docker +If you installed Coder as a system package, the VM you run Coder on must have a running Docker socket and the `coder` user must be added to the Docker group: ```sh # Add coder user to Docker group sudo adduser coder docker diff --git a/registry/coder/templates/docker-devcontainer/README.md b/registry/coder/templates/docker-devcontainer/README.md index b5341071..3d94ab8e 100644 --- a/registry/coder/templates/docker-devcontainer/README.md +++ b/registry/coder/templates/docker-devcontainer/README.md @@ -14,11 +14,22 @@ Provision Devcontainers as [Coder workspaces](https://coder.com/docs/workspaces) ### Infrastructure -Coder must have access to a running Docker socket, and the `coder` user must be a member of the `docker` group: - -```shell +#### Running Coder inside Docker +If you installed Coder as a container within Docker, you will have to do the following things: +- Make the the Docker socket available to the container + - **(recommended) Mount `/var/run/docker.sock` via `--mount`/`volume`** + - _(advanced) Restrict the Docker socket via https://github.com/Tecnativa/docker-socket-proxy_ +- Set `--group-add`/`group_add` to the GID of the Docker group on the **host** machine + - You can get the GID by running `getent group docker` on the **host** machine + +If you are using `docker-compose`, here is an example on how to do those things (don't forget to edit `group_add`!): +https://github.com/coder/coder/blob/0bfe0d63aec83ae438bdcb77e306effd100dba3d/docker-compose.yaml#L16-L23 + +#### Running Coder outside of Docker +If you installed Coder as a system package, the VM you run Coder on must have a running Docker socket and the `coder` user must be added to the Docker group: +```sh # Add coder user to Docker group -sudo usermod -aG docker coder +sudo adduser coder docker # Restart Coder server sudo systemctl restart coder diff --git a/registry/coder/templates/docker/README.md b/registry/coder/templates/docker/README.md index a65c45f8..9e2b8b8b 100644 --- a/registry/coder/templates/docker/README.md +++ b/registry/coder/templates/docker/README.md @@ -16,8 +16,19 @@ Provision Docker containers as [Coder workspaces](https://coder.com/docs/workspa ### Infrastructure -The VM you run Coder on must have a running Docker socket and the `coder` user must be added to the Docker group: - +#### Running Coder inside Docker +If you installed Coder as a container within Docker, you will have to do the following things: +- Make the the Docker socket available to the container + - **(recommended) Mount `/var/run/docker.sock` via `--mount`/`volume`** + - _(advanced) Restrict the Docker socket via https://github.com/Tecnativa/docker-socket-proxy_ +- Set `--group-add`/`group_add` to the GID of the Docker group on the **host** machine + - You can get the GID by running `getent group docker` on the **host** machine + +If you are using `docker-compose`, here is an example on how to do those things (don't forget to edit `group_add`!): +https://github.com/coder/coder/blob/0bfe0d63aec83ae438bdcb77e306effd100dba3d/docker-compose.yaml#L16-L23 + +#### Running Coder outside of Docker +If you installed Coder as a system package, the VM you run Coder on must have a running Docker socket and the `coder` user must be added to the Docker group: ```sh # Add coder user to Docker group sudo adduser coder docker From 965517adf0c565da551fc606236a14b5195fd1d5 Mon Sep 17 00:00:00 2001 From: Phorcys <57866459+phorcys420@users.noreply.github.com> Date: Wed, 13 Aug 2025 13:57:53 +0000 Subject: [PATCH 3/3] chore: fmt --- registry/coder-labs/templates/docker-build/README.md | 4 ++++ registry/coder/templates/docker-devcontainer/README.md | 4 ++++ registry/coder/templates/docker/README.md | 4 ++++ 3 files changed, 12 insertions(+) diff --git a/registry/coder-labs/templates/docker-build/README.md b/registry/coder-labs/templates/docker-build/README.md index 78002e8d..9ed62f68 100644 --- a/registry/coder-labs/templates/docker-build/README.md +++ b/registry/coder-labs/templates/docker-build/README.md @@ -23,7 +23,9 @@ This template builds a custom Docker image from the included Dockerfile, allowin ### Infrastructure #### Running Coder inside Docker + If you installed Coder as a container within Docker, you will have to do the following things: + - Make the the Docker socket available to the container - **(recommended) Mount `/var/run/docker.sock` via `--mount`/`volume`** - _(advanced) Restrict the Docker socket via https://github.com/Tecnativa/docker-socket-proxy_ @@ -34,7 +36,9 @@ If you are using `docker-compose`, here is an example on how to do those things https://github.com/coder/coder/blob/0bfe0d63aec83ae438bdcb77e306effd100dba3d/docker-compose.yaml#L16-L23 #### Running Coder outside of Docker + If you installed Coder as a system package, the VM you run Coder on must have a running Docker socket and the `coder` user must be added to the Docker group: + ```sh # Add coder user to Docker group sudo adduser coder docker diff --git a/registry/coder/templates/docker-devcontainer/README.md b/registry/coder/templates/docker-devcontainer/README.md index 3d94ab8e..3b2a4370 100644 --- a/registry/coder/templates/docker-devcontainer/README.md +++ b/registry/coder/templates/docker-devcontainer/README.md @@ -15,7 +15,9 @@ Provision Devcontainers as [Coder workspaces](https://coder.com/docs/workspaces) ### Infrastructure #### Running Coder inside Docker + If you installed Coder as a container within Docker, you will have to do the following things: + - Make the the Docker socket available to the container - **(recommended) Mount `/var/run/docker.sock` via `--mount`/`volume`** - _(advanced) Restrict the Docker socket via https://github.com/Tecnativa/docker-socket-proxy_ @@ -26,7 +28,9 @@ If you are using `docker-compose`, here is an example on how to do those things https://github.com/coder/coder/blob/0bfe0d63aec83ae438bdcb77e306effd100dba3d/docker-compose.yaml#L16-L23 #### Running Coder outside of Docker + If you installed Coder as a system package, the VM you run Coder on must have a running Docker socket and the `coder` user must be added to the Docker group: + ```sh # Add coder user to Docker group sudo adduser coder docker diff --git a/registry/coder/templates/docker/README.md b/registry/coder/templates/docker/README.md index 9e2b8b8b..2b5885bb 100644 --- a/registry/coder/templates/docker/README.md +++ b/registry/coder/templates/docker/README.md @@ -17,7 +17,9 @@ Provision Docker containers as [Coder workspaces](https://coder.com/docs/workspa ### Infrastructure #### Running Coder inside Docker + If you installed Coder as a container within Docker, you will have to do the following things: + - Make the the Docker socket available to the container - **(recommended) Mount `/var/run/docker.sock` via `--mount`/`volume`** - _(advanced) Restrict the Docker socket via https://github.com/Tecnativa/docker-socket-proxy_ @@ -28,7 +30,9 @@ If you are using `docker-compose`, here is an example on how to do those things https://github.com/coder/coder/blob/0bfe0d63aec83ae438bdcb77e306effd100dba3d/docker-compose.yaml#L16-L23 #### Running Coder outside of Docker + If you installed Coder as a system package, the VM you run Coder on must have a running Docker socket and the `coder` user must be added to the Docker group: + ```sh # Add coder user to Docker group sudo adduser coder docker