diff --git a/README.md b/README.md index 99e1088..65a6a6c 100644 --- a/README.md +++ b/README.md @@ -167,15 +167,17 @@ sudo -u rss-svc -H curl -fsSL https://get.docker.com/rootless -o /tmp/install-ro sudo -u rss-svc -H sh /tmp/install-rootless.sh ``` -Add to `~/.bashrc` (as `rss-svc` — e.g. `sudo -u rss-svc -H bash`): +The installer detects there's no active systemd **user session** for `rss-svc` (we're not logging in interactively), so instead of wiring up a per-user service it falls back to a runtime directory under the user's home — and prints the exact paths to use, e.g.: ```sh +export XDG_RUNTIME_DIR=/home/rss-svc/.docker/run export PATH=/home/rss-svc/bin:$PATH -export XDG_RUNTIME_DIR=/run/rss-svc-docker -export DOCKER_HOST=unix:///run/rss-svc-docker/docker.sock +export DOCKER_HOST=unix:///home/rss-svc/.docker/run/docker.sock ``` -Now create the system unit at `/etc/systemd/system/docker-rss-svc.service`: +Use the values **the installer prints for you** (add them to `~/.bashrc` as `rss-svc` — e.g. `sudo -u rss-svc -H bash`) — this is actually convenient for us, since `~/.docker/run` is a regular on-disk directory that persists across reboots without any `tmpfiles`/`RuntimeDirectory=` trickery. + +Now create the system unit at `/etc/systemd/system/docker-rss-svc.service`, pointing `XDG_RUNTIME_DIR` at that same directory: ```ini [Unit] @@ -186,10 +188,7 @@ After=network.target User=rss-svc Group=rss-svc Environment=PATH=/home/rss-svc/bin:/usr/bin:/bin -Environment=XDG_RUNTIME_DIR=%t/rss-svc-docker -RuntimeDirectory=rss-svc-docker -RuntimeDirectoryMode=0700 -RuntimeDirectoryPreserve=yes +Environment=XDG_RUNTIME_DIR=/home/rss-svc/.docker/run ExecStart=/home/rss-svc/bin/dockerd-rootless.sh Restart=always RestartSec=2 @@ -204,7 +203,7 @@ LimitNOFILE=1048576 WantedBy=multi-user.target ``` -`RuntimeDirectory=` makes systemd create `/run/rss-svc-docker` (owned by `rss-svc`, mode `0700`) on every boot — that's the `XDG_RUNTIME_DIR` rootless Docker needs, supplied without any session manager. Then enable and start it: +Then enable and start it: ```sh sudo systemctl daemon-reload