Incus is version 6.0.0-1ubuntu0.1 provided by the Ubuntu 24.04 LTS repos.
I am getting a permission error about accessing /var/run/docker.sock
from trying to implement the basic Traefik example found here Traefik Docker TLS Challenge Documentation - Traefik.
As far as I can tell the permission error is entirely contained in the container and does not have to do with the actual networking of Traefik. root
seems to be the owner of /var/run/docker.sock
. Adding root
to the docker
group didn’t change anything nor did chmod 777 /var/run/docker.sock
- which is why I am thinking it must be a container issue of some sort?
The error is as follows:
ERR Failed to retrieve information of the docker client and server host error="permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get \"http://%2Fvar%2Frun%2Fdocker.sock/v1.24/version\": dial unix /var/run/docker.sock: socket: permission denied" providerName=docker
Code I am using to create the LXC container and docker container inside that:
sudo mkdir /server
sudo chown -R ubuntu:ubuntu /server
sudo incus profile create docker
sudo incus profile set docker security.nesting=true
sudo incus launch images:debian/12/cloud whoogle --profile docker --config limits.cpu=1 --config limits.memory=400MiB --storage default --network incusbr0
sudo incus exec whoogle -- bash -c "sudo apt install -y nano"
sudo incus exec whoogle -- bash -c "sudo apt install -y ca-certificates curl"
sudo incus exec whoogle -- bash -c "sudo install -m 0755 -d /etc/apt/keyrings"
sudo incus exec whoogle -- bash -c "sudo curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc"
sudo incus exec whoogle -- bash -c "sudo chmod a+r /etc/apt/keyrings/docker.asc"
sudo incus exec whoogle -- bash -c 'echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian \
$(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null'
sudo incus exec whoogle -- bash -c "sudo apt update"
sudo incus exec whoogle -- bash -c "sudo apt install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin"
mkdir /server/whoogle
mkdir /server/whoogle/letsencrypt
sudo incus config device add whoogle config disk source=/server/whoogle path=/server/whoogle shift=true
nano /server/whoogle/docker-compose.yml # paste in from https://doc.traefik.io/traefik/user-guides/docker-compose/acme-tls/ , edit domain
sudo incus exec whoogle -- bash -c "docker compose -f /server/whoogle/docker-compose.yml up -d"