omarchy/install/config/docker.sh

OMARCHY_DESCRIPTION="Docker Configuration"

omarchy_install() {
  # Configure Docker daemon:
  # - limit log size to avoid running out of disk
  # - use host's DNS resolver
  sudo mkdir -p /etc/docker
  sudo tee /etc/docker/daemon.json >/dev/null <<'EOF'
{
  "log-driver": "json-file",
  "log-opts": { "max-size": "10m", "max-file": "5" },
  "dns": ["172.17.0.1"],
  "bip": "172.17.0.1/16"
}
EOF

  # Expose systemd-resolved to our Docker network
  sudo mkdir -p /etc/systemd/resolved.conf.d
  echo -e '[Resolve]\nDNSStubListenerExtra=172.17.0.1' | sudo tee /etc/systemd/resolved.conf.d/20-docker-dns.conf >/dev/null
  sudo systemctl restart systemd-resolved

  # Start Docker automatically
  sudo systemctl enable docker

  # Give this user privileged Docker access
  sudo usermod -aG docker ${USER}

  # Prevent Docker from preventing boot for network-online.target
  sudo mkdir -p /etc/systemd/system/docker.service.d
  sudo tee /etc/systemd/system/docker.service.d/no-block-boot.conf <<'EOF'
[Unit]
DefaultDependencies=no
EOF

  sudo systemctl daemon-reload
}

omarchy_verify() {
  [[ -f /etc/docker/daemon.json ]] || add_error "Docker daemon.json missing"
  [[ -f /etc/systemd/resolved.conf.d/20-docker-dns.conf ]] || add_error "Docker DNS config missing"
  [[ -f /etc/systemd/system/docker.service.d/no-block-boot.conf ]] || add_error "Docker boot config missing"

  getent group docker >/dev/null 2>&1 || add_error "Docker group does not exist"

  groups "$USER" | grep -q docker || add_error "User $USER not in docker group"

  if systemctl list-unit-files | grep -q docker.service; then
    systemctl is-enabled docker >/dev/null 2>&1 || add_error "Docker service not enabled"

    systemctl is-active docker >/dev/null 2>&1 || add_warning "Docker service is not running (may be intentional)"
  fi
}