Public | Automated Build

Last pushed: 3 months ago
Short Description
A container for running discourse_docker tools
Full Description

A container for running discourse_docker tools


The way the Discourse project currently uses Docker is kind of annoying. Containers are treated like VMs (sort of), being provisioned and managed using some tooling on top of docker exec and docker commit. Importantly, for some of the dependencies provisioned in this way, important side effects happen to persistent data during the build process, thus rendering the container images non-portable and forcing you to have the toolchain on your Docker host instead of uploading images built elsewhere and simply launching them.

I use Atomic hosts exclusively in production, and among other things the discourse_docker launcher requires git to keep itself up to date. An SCM tool like git has no place in a container host OS, so this container exists to provide an environment where the tools from the discourse_docker project can be used, because I have better things to do than maintain a fork of Discourse's packaging methodology.


Launch this interactively with privileges, host networking, and the Docker socket and /var/discourse mounted from the host. If you have not created /var/discourse on the host yet, do so first.

sudo mkdir -p /var/discourse

sudo docker run -it --rm --privileged --net=host -v /var/run/docker.sock:/var/run/docker.sock -v /var/discourse:/var/discourse:z koinu/discourse-launcher-env

On non-SELinux hosts or if your Docker doesn't support the :z option, omit it from the volume mapping for /var/discourse. Its purpose is to ensure that /var/discourse gets the correct SELinux labels applied to enable access from unprivileged containers. This matters for the shared data directories that the discourse_docker tools create and use as volumes for the actual Discourse containers.

Use the discourse_launcher tools per the documentation, just inside the throw-away container. For instance, installing Discourse might look like this:

git clone

cp samples/standalone.yml containers/app.yml

vi containers/app.yml

./launcher bootstrap app

./launcher start app

Once done, simply exit the shell. Any time you need to rebuild or update your Discourse containers, just run a new one with the same docker run command.

A word about sshd

You will almost certainly want to remove the parts of the container yml that cause it to set up ssh access to the container, as running sshd inside a container (for the purpose of simply running commands inside the container) is an archaic hold-over from before docker exec existed.

The diff to accomplish this for samples/standalone.yml currently looks like this:

<   - "templates/sshd.template.yml"
<   - "2222:22" # fwd host port 2222 to container port 22 (ssh)
<   ## If you want to configure password login for root, uncomment and change:
<   ## Use only one of the following lines:
<   #- exec: /usr/sbin/usermod -p 'PASSWORD_HASH' root
<   #- exec: /usr/sbin/usermod -p "$(mkpasswd -m sha-256 'RAW_PASSWORD')" root
<   ## If you want to authorized additional users, uncomment and change:
<   #- exec: ssh-import-id username
<   #- exec: ssh-import-id anotherusername
<   - exec: awk -F\# '{print $1;}' ~/.ssh/authorized_keys | awk 'BEGIN { print "Authorized SSH keys for this container:"; } NF>=2 {print $NF;}'
Docker Pull Command