Hi there! I’m not sure if this helps you out, but I fired up a lxd instance on my system this evening to test the mailcow deployment. It went pretty smoothly, so hopefully my experiences can help you get it deployed similarly.
The entirety of my deployment is at https://asciinema.org/a/yfaU6Gc5aRuASglBC38wtriR3
I had to run a privileged base lxd container to get this working correctly, though, so keep that in mind from a security perspective.
What isn’t shown in that asciinema output, is when I created my docker profile. I did that with lxc profile copy default docker and then edited with lxc profile edit docker adding the raw.lxc configuration as follows:
config:
raw.lxc: |-
lxc.aa_profile = unconfined
lxc.cgroup.devices.allow = a
lxc.mount.auto=proc:rw sys:rw
lxc.cap.drop=
When you deploy the lxd instance, make sure you enable the configuration settings that allow Docker to run embedded, which are security.nesting=true and security.privileged=true.
You can do this at lxc launch time with the -c flag or after-the-launch with a combination of:
lxc config set mailcow security.nesting true
lxc config set mailcow security.privileged true
lxc restart mailcow
Good luck, and I hope you manage to get everything working as expected.
Cheers,
- Andrew
