First run the following command.
cat <<EOF | sudo sh -x
apt-get install -y uidmap
EOF
Get rootless Docker and install.
curl -sSL https://get.docker.com/rootless | sh
Then add the following to ~/.bashrc
export PATH=/home/dockerufw/bin:$PATH
export DOCKER_HOST=unix:///run/user/1000/docker.sock
Then run the same commands just to be sure...
export PATH=/home/dockerufw/bin:$PATH
export DOCKER_HOST=unix:///run/user/1000/docker.sock
Then edit ip_unpriviledged_port_start to 1
sudo nano /proc/sys/net/ipv4/ip_unprivileged_port_start
Copy Docker bin to /usr/bin/
.
sudo cp ~/bin/docker /usr/bin/
Edit UFW for homelab, first allow SSH
sudo ufw allow 22
Then allow DNS
sudo ufw allow 53
Finally allow Pi-Hole admin panel access from reverse proxy (Traefik) IP.
sudo ufw allow from <reverse proxy IP> to any port 80
UFW then should look something like this:
$ sudo ufw status verbose
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), disabled (routed)
New profiles: skip
To Action From
-- ------ ----
53 ALLOW IN Anywhere
22 ALLOW IN Anywhere
80 ALLOW IN <Reverse proxy IP>
53 (v6) ALLOW IN Anywhere (v6)
22 (v6) ALLOW IN Anywhere (v6
Now UFW should work with (rootless) Docker and Docker Compose.