Nginx Question posted in
The official documentation can be found here.

Docker rootless Error: you need to share your Docker host socket with a volume at /var/run/docker.sock – Nginx

I am trying to go rootless with Docker.

I have followed all the steps presented in the official documentation. I also allowed the use of the unprivileged ports, to include the 443.

To test if everything works the way I need it, I installed the "nginx-proxy-automation".

Everything got installed flawlessly. However, the jrcs/letsencrypt-nginx-proxy-companion:2.1 container

version: '3'

services:
  nginx-proxy-automation-letsencrypt:
    image: jrcs/letsencrypt-nginx-proxy-companion:${NGINX_PROXY_COMPANION_IMAGE_VERSION:-2.0}
    container_name: ${LETS_ENCRYPT_SEVICE_NAME:-nginx-proxy-automation-letsencrypt}
    restart: always
    volumes:
      - ${NGINX_FILES_PATH:-./data}/conf.d:/etc/nginx/conf.d
      - ${NGINX_FILES_PATH:-./data}/vhost.d:/etc/nginx/vhost.d
      - ${NGINX_FILES_PATH:-./data}/html:/usr/share/nginx/html
      - ${NGINX_FILES_PATH:-./data}/certs:/etc/nginx/certs:rw
      - ${NGINX_FILES_PATH:-./data}/acme.sh:/etc/acme.sh
      - /var/run/docker.sock:/var/run/docker.sock:ro

reports the following error:

Error: you need to share your Docker host socket with a volume at /var/run/docker.sock
Typically you should run your container with: '-v /var/run/docker.sock:/var/run/docker.sock:ro' 
Info: running acme-companion version v2.1.0

which causes the container to restart every x seconds.

What can I do to fix it? What am I missing?

Workaround

Based on @gdahlm ‘s answer, I first tried the following:

- unix://$XDG_RUNTIME_DIR/docker.sock:/var/run/docker.sock:ro

But I got the following error:

ERROR: Volume unix://$XDG_RUNTIME_DIR/docker.sock:/tmp/docker.sock:ro
has incorrect format, should be external:internal[:mode]

simply because there’s an extra : colon in the volume path.

So digging further in this Trying Rootless Docker with Testcontainers article, I then tried

- $XDG_RUNTIME_DIR/docker.sock:/var/run/docker.sock:ro

But it didn’t work either, because I got the following error:

ERROR: Named volume "$XDG_RUNTIME_DIR/docker.sock:/tmp/docker.sock:ro"
is used in service "docker-gen-auto" but no declaration was found in
the volumes section.

Finally I tried echoing out the $XDG_RUNTIME_DIR in the terminal, like so:

$ echo $XDG_RUNTIME_DIR

And I got:

/run/user/1000

So, I hardcoded it into the .env file variable:

DOCKER_HOST_ROOTLESS_PATH=/run/user/1000/docker.sock

and inside the docker-compose.yml file

  - ${DOCKER_HOST_ROOTLESS_PATH:-/var/run/docker.sock}:/tmp/docker.sock:ro

And it finally worked!

But leaving it like this inside the .env file:

DOCKER_HOST_ROOTLESS_PATH=$XDG_RUNTIME_DIR/docker.sock

didn’t work.

Tags:

2

Answers


  1. 0

    This is a jrcs/letsencrypt-nginx-proxy-companion specific bug, if you look in the docker-compose.yml you will see this.

        - "/var/run/docker.sock:/var/run/docker.sock:ro"

    Try changing that to:

       - "unix://$XDG_RUNTIME_DIR/docker.sock:/var/run/docker.sock:ro"

    But that value may change based on how your install is configured.

    Really the maintainer of jrcs/letsencrypt-nginx-proxy-companion needs to move to using $DOCKER_HOST vs using a hard coded path.

    Login or Signup to reply.
  2. 0

    Another way to do it for those running Docker on Windows with WSL, try running docker compose up -d using WSL instead of PowerShell.

    From the accepted answer, since the dev used a hardcoded path instead of $DOCKER_HOST most likely the difference in the file systems causes the error so of course when you specify "unix://$XDG_RUNTIME_DIR/... it works, but ultimately it is up to the maintainers to tackle this as gdahlm also stated in his answer.

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search