C
Coder.comโ€ข2y ago
Fuglen

Permission denied creating first template

I know its been posted before but I cant find the solution. My friend got Coder working on our Ubuntu 22.04 with docker-compose. The error is: 
Error: Error pinging Docker server: Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get "http://%2Fvar%2Frun%2Fdocker.sock/_ping": dial unix /var/run/docker.sock: connect: permission denied
on main.tf line 21, in provider "docker":
  21: provider "docker" {
Error: Error pinging Docker server: Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get "http://%2Fvar%2Frun%2Fdocker.sock/_ping": dial unix /var/run/docker.sock: connect: permission denied
on main.tf line 21, in provider "docker":
  21: provider "docker" {
I tried creating a "coder" user and adding it to the docker group without success. I restarted the Coder container, do I need to restart Docker itself too?
Solution:
uncomment the group_add line and change 998 to the GID of your Docker group
Jump to solution
15 Replies
Codercord
Codercordโ€ข2y ago
<#1108447542221471744>
Category
Help needed
Product
Coder OSS (v2)
Platform
Linux
Logs
Please post any relevant logs/error messages.
Fuglen
FuglenOPโ€ข2y ago
Initializing the backend...
Initializing provider plugins...
- Finding coder/coder versions matching "~> 0.7.0"...
- Finding kreuzwerker/docker versions matching "~> 3.0.1"...
- Installing coder/coder v0.7.0...
- Installed coder/coder v0.7.0 (signed by a HashiCorp partner, key ID 93C75807601AA0EC)
- Installing kreuzwerker/docker v3.0.2...
- Installed kreuzwerker/docker v3.0.2 (self-signed, key ID BD080C4571C6104C)
Partner and community providers are signed by their developers.
If you'd like to know more about provider signing, you can read about it here:
https://www.terraform.io/docs/cli/plugins/signing.html
Terraform has created a lock file .terraform.lock.hcl to record the provider
selections it made above. Include this file in your version control repository
so that Terraform can guarantee to make the same selections by default when
you run "terraform init" in the future.
Terraform has been successfully initialized!
You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.
If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.
Terraform 1.4.6
data.coder_workspace.me: Refreshing...
data.coder_provisioner.me: Refreshing...
data.coder_workspace.me: Refresh complete after 0s [id=bfb835aa-aff7-44ed-bd6b-75c8b0908cb0]
data.coder_provisioner.me: Refresh complete after 0s [id=62831a34-210b-4713-ac2c-1b25b8ed848c]
coder_agent.main: Plan to create
coder_app.code-server: Plan to create
Plan: 2 to add, 0 to change, 0 to destroy.
Error: Error pinging Docker server: Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get "http://%2Fvar%2Frun%2Fdocker.sock/_ping": dial unix /var/run/docker.sock: connect: permission denied
on main.tf line 21, in provider "docker":
  21: provider "docker" {
Initializing the backend...
Initializing provider plugins...
- Finding coder/coder versions matching "~> 0.7.0"...
- Finding kreuzwerker/docker versions matching "~> 3.0.1"...
- Installing coder/coder v0.7.0...
- Installed coder/coder v0.7.0 (signed by a HashiCorp partner, key ID 93C75807601AA0EC)
- Installing kreuzwerker/docker v3.0.2...
- Installed kreuzwerker/docker v3.0.2 (self-signed, key ID BD080C4571C6104C)
Partner and community providers are signed by their developers.
If you'd like to know more about provider signing, you can read about it here:
https://www.terraform.io/docs/cli/plugins/signing.html
Terraform has created a lock file .terraform.lock.hcl to record the provider
selections it made above. Include this file in your version control repository
so that Terraform can guarantee to make the same selections by default when
you run "terraform init" in the future.
Terraform has been successfully initialized!
You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.
If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.
Terraform 1.4.6
data.coder_workspace.me: Refreshing...
data.coder_provisioner.me: Refreshing...
data.coder_workspace.me: Refresh complete after 0s [id=bfb835aa-aff7-44ed-bd6b-75c8b0908cb0]
data.coder_provisioner.me: Refresh complete after 0s [id=62831a34-210b-4713-ac2c-1b25b8ed848c]
coder_agent.main: Plan to create
coder_app.code-server: Plan to create
Plan: 2 to add, 0 to change, 0 to destroy.
Error: Error pinging Docker server: Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get "http://%2Fvar%2Frun%2Fdocker.sock/_ping": dial unix /var/run/docker.sock: connect: permission denied
on main.tf line 21, in provider "docker":
  21: provider "docker" {
Fuglen
FuglenOPโ€ข2y ago
FIXED! For others, this did the trick for me โ—Use 660 instead of 666 โ—
No description
Moondog
Moondogโ€ข2y ago
I just tried this for myself and no dice. Is there a chance you did some other stuff?
Fuglen
FuglenOPโ€ข2y ago
There might be, but what error do you get?
Moondog
Moondogโ€ข2y ago
Pretty much what you got but managed to figure out it's was a typo in the docker compose file. I type 997 instead of 998 for the docker group. All sorted. Can't believe I spent a few hours on something like that ๐Ÿ˜…
Immuc
Immucโ€ข6mo ago
Thank you!
Fuglen
FuglenOPโ€ข6mo ago
I'm glad my update helped you, I hope you didn't use hours on this error like us? ๐Ÿ˜‚
Immuc
Immucโ€ข6mo ago
No i just searched for permission denied here in help xD probably saved me that exact time haha
Phorcys
Phorcysโ€ข6mo ago
oh no that is really bad in terms of security, this is giving access to the Docker socket to all the users of your system you should revert the permissions back to 660 and instead edit the Docker Compose file for Coder to make it run within the Docker group
Fuglen
FuglenOPโ€ข6mo ago
At that time I didn't care much and I no longer use Docker ๐Ÿ˜… Updated my fix ๐Ÿ™‚
Phorcys
Phorcysโ€ข6mo ago
see this https://github.com/coder/coder/blob/main/docker-compose.yaml#L16-L21
GitHub
coder/docker-compose.yaml at main ยท coder/coder
Provision remote development environments via Terraform - coder/coder
Solution
Phorcys
Phorcysโ€ข6mo ago
uncomment the group_add line and change 998 to the GID of your Docker group
Phorcys
Phorcysโ€ข6mo ago
@Moondog @Jackson, you will also want to revert this permission change as it is very unsafe
Fuglen
FuglenOPโ€ข6mo ago
Nice spotted, sorry for the inconvenience guys ๐Ÿ™ˆ
Want results from more Discord servers?
Add your server