ogawatti/docker.yml

## docker.yml
# Example to use Docker instead of containerd & nerdctl
# $ limactl start ./docker.yaml
# $ limactl shell docker docker run -it -v $HOME:$HOME --rm alpine

# To run `docker` on the host (assumes docker-cli is installed):
# $ export DOCKER_HOST=$(limactl list docker --format 'unix://{{.Dir}}/sock/docker.sock')
# $ docker ...

# Specify Intel x86-64 VM
# arch: "x86_64"

# CPUs (Default: 4)
cpus: 4

# Memory size (Default: "4GiB")
memory: "8GiB"

# Disk size (Default: "100GiB")
# disk: "100GiB"

# This example requires Lima v0.8.0 or later
images:
# Hint: run `limactl prune` to invalidate the "current" cache
- location: "https://cloud-images.ubuntu.com/impish/current/impish-server-cloudimg-amd64.img"
  arch: "x86_64"
- location: "https://cloud-images.ubuntu.com/impish/current/impish-server-cloudimg-arm64.img"
  arch: "aarch64"
mounts:
- location: "~"
- location: "/private/tmp"
  writable: true
# containerd is managed by Docker, not by Lima, so the values are set to false here.
containerd:
  system: false
  user: false
provision:
- mode: system
  script: |
    #!/bin/sh
    sed -i 's/host.lima.internal.*/host.lima.internal host.docker.internal/' /etc/hosts
- mode: system
  script: |
    #!/bin/bash
    set -eux -o pipefail
    command -v docker >/dev/null 2>&1 && exit 0
    export DEBIAN_FRONTEND=noninteractive
    curl -fsSL https://get.docker.com | sh
    # NOTE: you may remove the lines below, if you prefer to use rootful docker, not rootless
    systemctl disable --now docker
    apt-get install -y uidmap dbus-user-session
- mode: user
  script: |
    #!/bin/bash
    set -eux -o pipefail
    systemctl --user start dbus
    dockerd-rootless-setuptool.sh install
    docker context use rootless
probes:
- script: |
    #!/bin/bash
    set -eux -o pipefail
    if ! timeout 30s bash -c "until command -v docker >/dev/null 2>&1; do sleep 3; done"; then
      echo >&2 "docker is not installed yet"
      exit 1
    fi
    if ! timeout 30s bash -c "until pgrep rootlesskit; do sleep 3; done"; then
      echo >&2 "rootlesskit (used by rootless docker) is not running"
      exit 1
    fi
  hint: See "/var/log/cloud-init-output.log". in the guest
portForwards:
- guestSocket: "/run/user/{{.UID}}/docker.sock"
  hostSocket: "{{.Dir}}/sock/docker.sock"
message: |
  To run `docker` on the host (assumes docker-cli is installed):
  $ export DOCKER_HOST=unix://{{.Dir}}/sock/docker.sock
  $ docker ...

## ssh_config
Host lima-docker
  IdentityFile "/Users/ogawatti/.lima/_config/user"
  IdentityFile "/Users/ogawatti/.ssh/id_rsa"
  StrictHostKeyChecking no
  UserKnownHostsFile /dev/null
  NoHostAuthenticationForLocalhost yes
  GSSAPIAuthentication no
  PreferredAuthentications publickey
  Compression no
  BatchMode yes
  IdentitiesOnly yes
  Ciphers "^aes128-gcm@openssh.com,aes256-gcm@openssh.com"
  User ogawatti
  ControlMaster no
  ControlPath "/Users/ogawatti/.lima/docker/ssh.sock"
  ControlPersist no
  Hostname 127.0.0.1
  Port 50272
	# Example to use Docker instead of containerd & nerdctl
	# $ limactl start ./docker.yaml
	# $ limactl shell docker docker run -it -v $HOME:$HOME --rm alpine

	# To run `docker` on the host (assumes docker-cli is installed):
	# $ export DOCKER_HOST=$(limactl list docker --format 'unix://{{.Dir}}/sock/docker.sock')
	# $ docker ...

	# Specify Intel x86-64 VM
	# arch: "x86_64"

	# CPUs (Default: 4)
	cpus: 4

	# Memory size (Default: "4GiB")
	memory: "8GiB"

	# Disk size (Default: "100GiB")
	# disk: "100GiB"

	# This example requires Lima v0.8.0 or later
	images:
	# Hint: run `limactl prune` to invalidate the "current" cache
	- location: "https://cloud-images.ubuntu.com/impish/current/impish-server-cloudimg-amd64.img"
	arch: "x86_64"
	- location: "https://cloud-images.ubuntu.com/impish/current/impish-server-cloudimg-arm64.img"
	arch: "aarch64"
	mounts:
	- location: "~"
	- location: "/private/tmp"
	writable: true
	# containerd is managed by Docker, not by Lima, so the values are set to false here.
	containerd:
	system: false
	user: false
	provision:
	- mode: system
	script: \|
	#!/bin/sh
	sed -i 's/host.lima.internal.*/host.lima.internal host.docker.internal/' /etc/hosts
	- mode: system
	script: \|
	#!/bin/bash
	set -eux -o pipefail
	command -v docker >/dev/null 2>&1 && exit 0
	export DEBIAN_FRONTEND=noninteractive
	curl -fsSL https://get.docker.com \| sh
	# NOTE: you may remove the lines below, if you prefer to use rootful docker, not rootless
	systemctl disable --now docker
	apt-get install -y uidmap dbus-user-session
	- mode: user
	script: \|
	#!/bin/bash
	set -eux -o pipefail
	systemctl --user start dbus
	dockerd-rootless-setuptool.sh install
	docker context use rootless
	probes:
	- script: \|
	#!/bin/bash
	set -eux -o pipefail
	if ! timeout 30s bash -c "until command -v docker >/dev/null 2>&1; do sleep 3; done"; then
	echo >&2 "docker is not installed yet"
	exit 1
	fi
	if ! timeout 30s bash -c "until pgrep rootlesskit; do sleep 3; done"; then
	echo >&2 "rootlesskit (used by rootless docker) is not running"
	exit 1
	fi
	hint: See "/var/log/cloud-init-output.log". in the guest
	portForwards:
	- guestSocket: "/run/user/{{.UID}}/docker.sock"
	hostSocket: "{{.Dir}}/sock/docker.sock"
	message: \|
	To run `docker` on the host (assumes docker-cli is installed):
	$ export DOCKER_HOST=unix://{{.Dir}}/sock/docker.sock
	$ docker ...
	Host lima-docker
	IdentityFile "/Users/ogawatti/.lima/_config/user"
	IdentityFile "/Users/ogawatti/.ssh/id_rsa"
	StrictHostKeyChecking no
	UserKnownHostsFile /dev/null
	NoHostAuthenticationForLocalhost yes
	GSSAPIAuthentication no
	PreferredAuthentications publickey
	Compression no
	BatchMode yes
	IdentitiesOnly yes
	Ciphers "^aes128-gcm@openssh.com,aes256-gcm@openssh.com"
	User ogawatti
	ControlMaster no
	ControlPath "/Users/ogawatti/.lima/docker/ssh.sock"
	ControlPersist no
	Hostname 127.0.0.1
	Port 50272