Add Rootless Docker in Debian 11.

Debian11-WinterBoot-Docker-Rootless

#!/bin/bash

# Author: Jinta Orishima

set -eu

script_name="Debian 11 Winter Boot Docker Rootless"
compose_v="2.6.0"

echo "Running ${script_name}..."

# Git のインストール
sudo apt -y install git-all

# Rootless Dockerの設定
sudo apt -y install uidmap dbus-user-session slirp4netns

sudo sh -c "echo \"kernel.unprivileged_userns_clone=1\" >> /etc/sysctl.d/10-docker.conf"
sudo sysctl --system
sudo sh -c "echo \"options overlay permit_mounts_in_userns=1\" >> /etc/modprobe.d/10-docker.conf"
sudo modprobe overlay permit_mounts_in_userns=1

curl -fsSL https://get.docker.com/rootless | sh

echo "export PATH=/home/$(whoami)/bin:\$PATH && export DOCKER_HOST=unix:///run/user/${UID}/docker.sock" >> ~/.bashrc
source ~/.bashrc

systemctl --user enable --now docker
systemctl --user enable --now dbus

# Docker Composeのインストール
DOCKER_CONFIG=${DOCKER_CONFIG:-$HOME/.docker}
mkdir -p $DOCKER_CONFIG/cli-plugins
curl -SL https://github.com/docker/compose/releases/download/v${compose_v}/docker-compose-linux-x86_64 -o $DOCKER_CONFIG/cli-plugins/docker-compose
chmod +x $DOCKER_CONFIG/cli-plugins/docker-compose

# Rootless Dockerの特権ポートの公開に対応
sudo setcap cap_net_bind_service=ep $(which rootlesskit)
systemctl --user restart docker

# max_user_watchesの更新
sudo sh -c "echo \"fs.inotify.max_user_watches=524288\" >> /etc/sysctl.d/10-docker.conf"
sudo sysctl --system