• Hi, Pleskians! We are running a UX testing of our upcoming product intended for server management and monitoring.
    We would like to invite you to have a call with us and have some fun checking our prototype. The agenda is pretty simple - we bring new design and some scenarios that you need to walk through and succeed. We will be watching and taking insights for further development of the design.
    If you would like to participate, please use this link to book a meeting. We will sent the link to the clickable prototype at the meeting.
  • (Plesk for Windows):
    MySQL Connector/ODBC 3.51, 5.1, and 5.3 are no longer shipped with Plesk because they have reached end of life. MariaDB Connector/ODBC 64-bit 3.2.4 is now used instead.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.

Question How may I run docker commands in Deploy actions of Git?

M

Marchiuz

New Pleskian
Server operating system version
AlmaLinux 8.4 x86_64
Plesk version and microupdate number
Plesk Obsidian 18.0.41.1
From what I understand, the deployment actions are performed in some specific chroot environment, how may I allow this environment to run docker commands? Docker is in /usr/bin
 
Still looking for an answer for this. It seems like a pretty common task - to run additional commands after deployment, how come there's so little information about it?
 
Only root/sudoers have access to docker by default.

Technically, you can:

1) grant the subscription's system user (at Web Hosting Access) with shell access. Then modify user by adding the docker group, for example:
# usermod -aG docker jdoe

and call the commands in deployment actions afterward.

2) with deployment actions write some content(the commands, for example) to a file, which is checked by some background script(for example, powered with inotifywait) and executed by background script on behalf of root.

P.S. in both cases, especially the second one you should mind that the whole docker service will be exposed to that user.
 
Strangelove said:
Only root/sudoers have access to docker by default.

Technically, you can:

1) grant the subscription's system user (at Web Hosting Access) with shell access. Then modify user by adding the docker group, for example:
# usermod -aG docker jdoe

and call the commands in deployment actions afterward.

2) with deployment actions write some content(the commands, for example) to a file, which is checked by some background script(for example, powered with inotifywait) and executed by background script on behalf of root.

P.S. in both cases, especially the second one you should mind that the whole docker service will be exposed to that user.
Click to expand...
Thanks for suggestions.
This doesn't sound like a safe option, shouldn't there be a more standard way of doing this, having in mind that this is probably quite a casual task?
 
Not quite casual, when containers are ran as root by default.

Nonetheless, you can deploy a container manually as non-root user:
docs.docker.com

Rootless mode

Run the Docker daemon as a non-root user (Rootless mode)
docs.docker.com docs.docker.com

I'd recommend testing that scenario on a staging server first.
 
You must log in or register to reply here.

Similar threads

Zéfyx
Issue Git - additional deploy actions : Limited access to binaries [Git extension bug: EXTGIT-22]
Replies
2
Views
2K
Zéfyx
Zéfyx
D
Issue Installing Rocket Chat in Plesk with Docker using tutorial, need an answer.
2
Replies
33
Views
5K
David Borrink
D
M
Question How to run git commands on plesk?
Replies
1
Views
843
havi5
havi5
D
Issue Installing Mattermost via Docker in Plesk - issues with containers
2
Replies
21
Views
12K
David Borrink
D
T
Question Redis on server vs Docker container
Replies
4
Views
2K
Kaspar@Plesk
Kaspar@Plesk
Back
Top