genju83/docker.yaml

## docker.yaml
# based from https://github.com/lima-vm/lima/blob/62159c9be1d8f00b3d7d7879ac87dec0d4ed65a7/examples/docker.yaml
# Example to use Docker instead of containerd & nerdctl
# $ limactl start ./docker.yaml
# $ limactl shell docker docker run -it -v $HOME:$HOME --rm alpine

# Hint: To allow `docker` CLI on the host to connect to the Docker daemon running inside the guest,
# add `NoHostAuthenticationForLocalhost yes` in ~/.ssh/config , and then run the following commands:
# $ export DOCKER_HOST=ssh://localhost:60006
# $ docker ...

# If ssh:// ... does not work, try the following commands:
# $ ssh -f -N -p 60006 -i ~/.lima/_config/user -o NoHostAuthenticationForLocalhost=yes -L $HOME/docker.sock:/run/user/$(id -u)/docker.sock 127.0.0.1
# $ export DOCKER_HOST=unix://$HOME/docker.sock
# $ docker ...

images:
# Try to use release-yyyyMMdd image if available. Note that release-yyyyMMdd will be removed after several months.
- location: "https://cloud-images.ubuntu.com/releases/22.04/release-20220712/ubuntu-22.04-server-cloudimg-amd64.img"
  arch: "x86_64"
  digest: "sha256:86481acb9dbd62e3e93b49eb19a40c66c8aa07f07eff10af20ddf355a317e29f"
- location: "https://cloud-images.ubuntu.com/releases/22.04/release-20220712/ubuntu-22.04-server-cloudimg-arm64.img"
  arch: "aarch64"
  digest: "sha256:e1ce033239f0038dca5ef09e582762ba0d0dfdedc1d329bc51bb0e9f5057af9d"
# Fallback to the latest release image.
# Hint: run `limactl prune` to invalidate the cache
- location: "https://cloud-images.ubuntu.com/releases/22.04/release/ubuntu-22.04-server-cloudimg-amd64.img"
  arch: "x86_64"
- location: "https://cloud-images.ubuntu.com/releases/22.04/release/ubuntu-22.04-server-cloudimg-arm64.img"
  arch: "aarch64"

mounts:
  # Export files from container
  - location: "~"
    writable: true
  - location: "/tmp/lima"
    writable: true
  - location: "/var/folders"
    writable: true

ssh:
  localPort: 60006
  # Load ~/.ssh/*.pub in addition to $LIMA_HOME/_config/user.pub , for allowing DOCKER_HOST=ssh:// .
  # This option is enabled by default.
  # If you have an insecure key under ~/.ssh, do not use this option.
  loadDotSSHPubKeys: true
# containerd is managed by Docker, not by Lima, so the values are set to false here.
containerd:
  system: false
  user: false
provision:
  - mode: system
    script: |
      #!/bin/bash
      set -eux -o pipefail
      command -v docker >/dev/null 2>&1 && exit 0
      export DEBIAN_FRONTEND=noninteractive
      curl -fsSL https://get.docker.com | sh
      # NOTE: you may remove the lines below, if you prefer to use rootful docker, not rootless
      systemctl disable --now docker
      apt-get install -y uidmap
      VER=$(curl -s https://api.github.com/repos/docker/compose/releases/latest | awk -F'"' '/"name": "v/{print $4}')
      curl -L "https://github.com/docker/compose/releases/download/${VER}/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
      chmod +x /usr/local/bin/docker-compose
  - mode: user
    script: |
      #!/bin/bash
      set -eux -o pipefail
      dockerd-rootless-setuptool.sh install
      docker context use rootless
probes:
  - script: |
      #!/bin/bash
      set -eux -o pipefail
      if ! timeout 30s bash -c "until command -v docker >/dev/null 2>&1; do sleep 3; done"; then
        echo >&2 "docker is not installed yet"
        exit 1
      fi
      if ! timeout 30s bash -c "until pgrep rootlesskit; do sleep 3; done"; then
        echo >&2 "rootlesskit (used by rootless docker) is not running"
        exit 1
      fi
    hint: See "/var/log/cloud-init-output.log". in the guest
	# based from https://github.com/lima-vm/lima/blob/62159c9be1d8f00b3d7d7879ac87dec0d4ed65a7/examples/docker.yaml
	# Example to use Docker instead of containerd & nerdctl
	# $ limactl start ./docker.yaml
	# $ limactl shell docker docker run -it -v $HOME:$HOME --rm alpine

	# Hint: To allow `docker` CLI on the host to connect to the Docker daemon running inside the guest,
	# add `NoHostAuthenticationForLocalhost yes` in ~/.ssh/config , and then run the following commands:
	# $ export DOCKER_HOST=ssh://localhost:60006
	# $ docker ...

	# If ssh:// ... does not work, try the following commands:
	# $ ssh -f -N -p 60006 -i ~/.lima/_config/user -o NoHostAuthenticationForLocalhost=yes -L $HOME/docker.sock:/run/user/$(id -u)/docker.sock 127.0.0.1
	# $ export DOCKER_HOST=unix://$HOME/docker.sock
	# $ docker ...

	images:
	# Try to use release-yyyyMMdd image if available. Note that release-yyyyMMdd will be removed after several months.
	- location: "https://cloud-images.ubuntu.com/releases/22.04/release-20220712/ubuntu-22.04-server-cloudimg-amd64.img"
	arch: "x86_64"
	digest: "sha256:86481acb9dbd62e3e93b49eb19a40c66c8aa07f07eff10af20ddf355a317e29f"
	- location: "https://cloud-images.ubuntu.com/releases/22.04/release-20220712/ubuntu-22.04-server-cloudimg-arm64.img"
	arch: "aarch64"
	digest: "sha256:e1ce033239f0038dca5ef09e582762ba0d0dfdedc1d329bc51bb0e9f5057af9d"
	# Fallback to the latest release image.
	# Hint: run `limactl prune` to invalidate the cache
	- location: "https://cloud-images.ubuntu.com/releases/22.04/release/ubuntu-22.04-server-cloudimg-amd64.img"
	arch: "x86_64"
	- location: "https://cloud-images.ubuntu.com/releases/22.04/release/ubuntu-22.04-server-cloudimg-arm64.img"
	arch: "aarch64"

	mounts:
	# Export files from container
	- location: "~"
	writable: true
	- location: "/tmp/lima"
	writable: true
	- location: "/var/folders"
	writable: true

	ssh:
	localPort: 60006
	# Load ~/.ssh/*.pub in addition to $LIMA_HOME/_config/user.pub , for allowing DOCKER_HOST=ssh:// .
	# This option is enabled by default.
	# If you have an insecure key under ~/.ssh, do not use this option.
	loadDotSSHPubKeys: true
	# containerd is managed by Docker, not by Lima, so the values are set to false here.
	containerd:
	system: false
	user: false
	provision:
	- mode: system
	script: \|
	#!/bin/bash
	set -eux -o pipefail
	command -v docker >/dev/null 2>&1 && exit 0
	export DEBIAN_FRONTEND=noninteractive
	curl -fsSL https://get.docker.com \| sh
	# NOTE: you may remove the lines below, if you prefer to use rootful docker, not rootless
	systemctl disable --now docker
	apt-get install -y uidmap
	VER=$(curl -s https://api.github.com/repos/docker/compose/releases/latest \| awk -F'"' '/"name": "v/{print $4}')
	curl -L "https://github.com/docker/compose/releases/download/${VER}/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
	chmod +x /usr/local/bin/docker-compose
	- mode: user
	script: \|
	#!/bin/bash
	set -eux -o pipefail
	dockerd-rootless-setuptool.sh install
	docker context use rootless
	probes:
	- script: \|
	#!/bin/bash
	set -eux -o pipefail
	if ! timeout 30s bash -c "until command -v docker >/dev/null 2>&1; do sleep 3; done"; then
	echo >&2 "docker is not installed yet"
	exit 1
	fi
	if ! timeout 30s bash -c "until pgrep rootlesskit; do sleep 3; done"; then
	echo >&2 "rootlesskit (used by rootless docker) is not running"
	exit 1
	fi
	hint: See "/var/log/cloud-init-output.log". in the guest