C
Coder.com2y ago
Grafnus

docker.sock connect permission denied

Hey, I am running coder as a docker container. Now I want to add a template but get the Error: Error pinging Docker server: Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get "http://%2Fvar%2Frun%2Fdocker.sock/_ping": dial unix /var/run/docker.sock: connect: permission denied error. I saw a post here saying to chmod 666 the docker.sock but I dont like that. I have tried sudo usermod -aG docker coder to add the coder user to the docker group to make it able to access the docker.sock but it does not work. Any Ideas how I can fix this? Thanks ^^
16 Replies
Phorcys
Phorcys2y ago
need to run coder server as coder:docker
Grafnus
Grafnus2y ago
But it is running in a docker container. How to I switch that?
https://vsus.app
https://vsus.app2y ago
did you try restarting?
Grafnus
Grafnus2y ago
I cannot add the group docker to the User in the container where coder server is called... Is there a way I can do that? usermod does not work. @https://vsus.app yes I have tried restarting the Docker container
https://vsus.app
https://vsus.app2y ago
like the server can you try login to the coder account and check for group? sudo su - coder -s /bin/bash
Grafnus
Grafnus2y ago
On the host machine? On the host machine where is typed coder templates create it is coder : coder docher. Inside the Docker container it is coder : coder
Phorcys
Phorcys2y ago
are you using docker compose ?
Grafnus
Grafnus2y ago
Yes, I have spun up the coder server on my server using docker-compose behind a traefik reversed Proxy, with PostgreSQL and OIDC authentication. On the host machine I tried to use coder templates create
Phorcys
Phorcys2y ago
alright then you can just use the user directive under your service declaration like this user: coder:998 where 998 is the gid of the docker group so maybe it's not the same for you
Grafnus
Grafnus2y ago
It works, thank you ^^ Just a short question: the coder-server is not available for the internet, right? Only logged in users can access it, right?
Phorcys
Phorcys2y ago
depends on how you set it up also I think you're asking if there's anonymous access ? answer is no : you need an account on the instance to use coder
Grafnus
Grafnus2y ago
On the coder workspace is a code-server I can access. Is this access available to the Internet (I don't want it to be). The coder instance itself is available to the Internet because I choose to expose it.
Phorcys
Phorcys2y ago
if your coder is exposed to "the internet" then every coder_app is also exposed in some way, otherwise you wouldn't be able to use them, but no, you need to be authenticated to access any coder_app but in reality, the coder instance proxies your code-server, so that also makes it "available" to the internet, otherwise you wouldn't be able to access it
Grafnus
Grafnus2y ago
Okay thank you ^^
Phorcys
Phorcys2y ago
you can close this using /resolve if you don't have any other questions
Codercord
Codercord2y ago
Marked the thread as resolved.
Want results from more Discord servers?
Add your server