Mention caveat of network_mode=host when running docker-in-docker #17
Description
I have a rust project using this attached configuration.
Setting network_mode=host was the only way I could download crates for compilation.
If it is in the users cache it will use that.
Should we mention something like this in the docs?
docker-compose.yaml
version: "3"
services:
development:
build:
dockerfile: ./Dockerfile
args:
USER_UID: ${USER_UID:-1000}
USER_GID: ${USER_GID:-1000}
environment:
DOCKER_HOST: tcp://localhost:2375
PRELOAD_EXTENSIONS: "arrterian.nix-env-selector"
volumes:
- ..:/workspace:cached
- nix:/nix
security_opt:
- label:disable
network_mode: host
docker:
image: docker:dind-rootless
environment:
DOCKER_TLS_CERTDIR: ""
DOCKER_DRIVER: overlay2
privileged: true
volumes:
- ..:/workspace:cached
- nix:/nix
- docker:/var/lib/docker
security_opt:
- label:disable
network_mode: host
volumes:
nix:
docker:shell.nix
with builtins;
let
rust_overlay = import (fetchTarball "https://github.com/oxalica/rust-overlay/archive/master.tar.gz");
# Pinning nixpkgs
# https://github.com/waynevanson/nixpkgs/commits/d66b5294264c19e7ba7f9097356f69c32cbcb24a
# which contains the following PR's
# - aws-lambda-cli>=1.7 - cargo-lambda support - https://github.com/NixOS/nixpkgs/pull/224039
# - cargo-lambda - upgrade required (forgot why) - https://github.com/NixOS/nixpkgs/pull/224814
pinned_pkgs = import (fetchTarball "https://github.com/waynevanson/nixpkgs/tarball/d66b5294264c19e7ba7f9097356f69c32cbcb24a");
pkgs = pinned_pkgs {
overlays = [ rust_overlay ];
};
# use toolchain from workspace.
rust_toolchains = pkgs.rust-bin.fromRustupToolchainFile ./rust-toolchain.toml;
in
with pkgs;
mkShell
{
nativeBuildInputs = [
# nix
nixpkgs-fmt
rnix-lsp
docker-client
gnumake
# rust
rust_toolchains
cargo-cross
cargo-lambda
cargo-make
cargo-xbuild
cargo-tarpaulin
kcov
# rust-dependencies
pkg-config
openssl
#
aws-sam-cli
rustup
# js
yarn
];
}