A collection of engine-room-<NAME> Docker containers. Hacking on any host
happens in one common and feature-rich container.
An engine-room can be individualized (named service) in the file
docker-compose.yml. engine-room:<NAME> images are defined in the directory
images.
The base container itself derives from engine-room:os and is ready to go
on any Docker host.
Therefore, it is often sufficient to use the engine-room:base container for
any named engine-room service and just configure the service specific
environment variables, volumes, secrets, ports, etc. in the
docker-compose.yml file.
Shared configuration is provided in the tracked dotfiles or the untracked
secrets directory.
docker, docker-compose, and the files of this repository located
(recommended is a git clone) at ~/engine-room.
A running ssh-agent with the private key(s) of the user. An unlocked
KeePassXC database can launch the ssh-agent and add the private key(s) to it.
Docker resources file sharing settings are for the computer and not for any container running on it. This is why bind volume mount host paths must exist with one and the same path on the computer and in a container that runs another Docker container.
On macOS and Linux we have an /opt directory.
It is recommended to create a directory /opt/bind on the host and to mount it
into any engine-room container.
- Directory
/opt/bind/workspacesowned by the host user.
git clone git@github.com:jamilraichouni/engine-room.git ~/engine-room
echo -e "USERMAP_UID=$(id -u)\nUSERMAP_GID=$(id -g)" > ~/engine-room/.env
find ~/engine-room/dotfiles/ssh -type f -exec chmod 600 {} +
find ~/engine-room/secrets -type f -exec chmod 600 {} +Ensure that secret environment variables are defined. An option is to create a
file /etc/zshenv.secrets that will be sourced by /etc/zshenv:
Look into the file ~/engine-room/docker-compose.yml for references to
secret environment variables.
Only, if you want to work in the terminal of the host with the same configuration as in the containers.
Install fzf to /usr/local/bin/fzf. fzf comes ready as release on GitHub:
https://github.com/junegunn/fzf/releases.
mkdir -p ~/bin
ln -s ~/engine-room/bin/pathprepend.zsh ~/bin/pathprepend
ln -s ~/engine-room/bin/ssh.zsh ~/bin/ssh
ln ~/engine-room/dotfiles/ssh/authorized_keys ~/.ssh/authorized_keys
ln ~/engine-room/dotfiles/ssh/config ~/.ssh/config
cat << 'EOF' > /tmp/setup_docker_host.zsh
# backup and replace system-wide zsh configuration
for F in /etc/zshenv /etc/zprofile /etc/zshrc; do [[ -f $F ]] && mv $F{,.bak}; done
# environment variables
ln -s ~/engine-room/dotfiles/zsh/env/ALL_HOSTS.zsh ~/.zshenv
# login zsh configuration
ln -s ~/engine-room/dotfiles/zsh/profile/ALL_HOSTS.zsh ~/.zprofile
# interactive zsh configuration
ln -s ~/engine-room/dotfiles/zsh/interactive/ALL_HOSTS.zsh ~/.zshrc
rm -f /usr/local/bin/nvim
ln -s /opt/nvim/bin/nvim /usr/local/bin/nvim
EOF
sudo zsh /tmp/setup_docker_host.zshSecrets that are referenced by any service (engine-room) in the file
docker-compose.yml) must be either defined as environment variable on the
host (e. g. /etc/zshenv) or as file in the Git ignored directory
~/engine-room/secrets.
Both of the ssh files will be mounted as secrets into any running container.
Also ensure, that the private part of a key is added to the ssh-agent (check
it with ssh-add -l). The private key should have its public part listed in
the ~/.ssh/authorized_keys file.
The file ~/.ssh/config should contain the following:
Host NAME
HostName localhost
Port 1978
User nerdHere, NAME is the name of the host/ engine-room (service in
docker-compose.yml)
Start:
docker compose up -d <service>(without -d for debugging to see the ouput of the container)
Stop:
docker compose down <service>Enter:
ssh NAME # with NAME as defined in ~/.ssh/configStart:
docker compose up capella-7.0.0Enter:
docker exec -it --user=techuser capella zshWhen DISPLAY=:10 is set in the container, the Capella desktop can be accessed
via http://localhost:10700/ in your browser.