• We value your experience with Plesk during 2024
    Plesk strives to perform even better in 2025. To help us improve further, please answer a few questions about your experience with Plesk Obsidian 2024.
    Please take this short survey:
    https://pt-research.typeform.com/to/AmZvSXkx
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Question How may I run docker commands in Deploy actions of Git?

M

Marchiuz

New Pleskian
Server operating system version
AlmaLinux 8.4 x86_64
Plesk version and microupdate number
Plesk Obsidian 18.0.41.1
From what I understand, the deployment actions are performed in some specific chroot environment, how may I allow this environment to run docker commands? Docker is in /usr/bin
 
Still looking for an answer for this. It seems like a pretty common task - to run additional commands after deployment, how come there's so little information about it?
 
Only root/sudoers have access to docker by default.

Technically, you can:

1) grant the subscription's system user (at Web Hosting Access) with shell access. Then modify user by adding the docker group, for example:
# usermod -aG docker jdoe

and call the commands in deployment actions afterward.

2) with deployment actions write some content(the commands, for example) to a file, which is checked by some background script(for example, powered with inotifywait) and executed by background script on behalf of root.

P.S. in both cases, especially the second one you should mind that the whole docker service will be exposed to that user.
 
Strangelove said:
Only root/sudoers have access to docker by default.

Technically, you can:

1) grant the subscription's system user (at Web Hosting Access) with shell access. Then modify user by adding the docker group, for example:
# usermod -aG docker jdoe

and call the commands in deployment actions afterward.

2) with deployment actions write some content(the commands, for example) to a file, which is checked by some background script(for example, powered with inotifywait) and executed by background script on behalf of root.

P.S. in both cases, especially the second one you should mind that the whole docker service will be exposed to that user.
Click to expand...
Thanks for suggestions.
This doesn't sound like a safe option, shouldn't there be a more standard way of doing this, having in mind that this is probably quite a casual task?
 
Not quite casual, when containers are ran as root by default.

Nonetheless, you can deploy a container manually as non-root user:
docs.docker.com

Rootless mode

Run the Docker daemon as a non-root user (Rootless mode)
docs.docker.com docs.docker.com

I'd recommend testing that scenario on a staging server first.
 
You must log in or register to reply here.

Similar threads

D
Issue Installing Rocket Chat in Plesk with Docker using tutorial, need an answer.
2
Replies
30
Views
3K
Hangover2
Hangover2
M
Question How to run git commands on plesk?
Replies
1
Views
540
havi5
havi5
D
Issue Installing Mattermost via Docker in Plesk - issues with containers
2
Replies
21
Views
11K
David Borrink
D
T
Question Redis on server vs Docker container
Replies
4
Views
970
Kaspar@Plesk
Kaspar@Plesk
P
Resolved How to expose a Docker port to the public?
Replies
1
Views
2K
philippL
P
Back
Top