Backport v2.5.x documentation changes

* Backport v2.5.x documentation changes for Docker and Podman
abraunegg · Nov 15, 2023 · 1a88d33 · 1a88d33
1 parent 6282ec9
commit 1a88d33
Show file tree

Hide file tree

Showing 2 changed files with 297 additions and 150 deletions.
diff --git a/docs/Docker.md b/docs/Docker.md
@@ -15,78 +15,139 @@ This client can be run as a Docker container, with 3 available container base op
 These containers offer a simple monitoring-mode service for the OneDrive Client for Linux.
 
 The instructions below have been validated on:
-*   Red Hat Enterprise Linux 8.x 
-*   Ubuntu Server 22.04
+*   Fedora 38
 
 The instructions below will utilise the 'edge' tag, however this can be substituted for any of the other docker tags such as 'latest' from the table above if desired.
 
 The 'edge' Docker Container will align closer to all documentation and features, where as 'latest' is the release version from a static point in time. The 'latest' tag however may contain bugs and/or issues that will have been fixed, and those fixes are contained in 'edge'.
 
 Additionally there are specific version release tags for each release. Refer to https://hub.docker.com/r/driveone/onedrive/tags for any other Docker tags you may be interested in.
 
-## Basic Setup
-### 0. Install docker using your distribution platform's instructions
-1.  Ensure that SELinux has been disabled on your system. A reboot may be required to ensure that this is correctly disabled.
-2.  Install Docker as per required for your platform. Refer to https://docs.docker.com/engine/install/ for assistance.
-3.  Obtain your normal, non-root user UID and GID by using the `id` command
-4.  As your normal, non-root user, ensure that you can run `docker run hello-world` *without* using `sudo`
+**Note:** The below instructions for docker has been tested and validated when logging into the system as an unprivileged user (non 'root' user).
 
-Once the above 4 steps are complete and you can successfully run `docker run hello-world` without sudo, only then proceed to 'Pulling and Running the Docker Image'
+## High Level Configuration Steps
+1. Install 'docker' as per your distribution platform's instructions if not already installed.
+2. Configure 'docker' to allow non-privileged users to run Docker commands
+3. Disable 'SELinux' as per your distribution platform's instructions
+4. Test 'docker' by running a test container without using `sudo`
+5. Prepare the required docker volumes to store the configuration and data
+6. Run the 'onedrive' container and perform authorisation
+7. Running the 'onedrive' container under 'docker'
 
-## Pulling and Running the Docker Image
-### 1. Pull the image
+## Configuration Steps
+
+### 1. Install 'docker' on your platform
+Install 'docker' as per your distribution platform's instructions if not already installed.
+
+### 2. Configure 'docker' to allow non-privileged users to run Docker commands
+Read https://docs.docker.com/engine/install/linux-postinstall/ to configure the 'docker' user group with your user account to allow your non 'root' user to run 'docker' commands.
+
+### 3. Disable SELinux on your platform
+In order to run the Docker container, SELinux must be disabled. Without doing this, when the application is authenticated in the steps below, the following error will be presented:
+```text
+ERROR: The local file system returned an error with the following message:
+  Error Message:    /onedrive/conf/refresh_token: Permission denied
+
+The database cannot be opened. Please check the permissions of ~/.config/onedrive/items.sqlite3
+```
+The only known work-around for the above problem at present is to disable SELinux. Please refer to your distribution platform's instructions on how to perform this step.
+
+* Fedora: https://docs.fedoraproject.org/en-US/quick-docs/selinux-changing-states-and-modes/#_disabling_selinux
+* Red Hat Enterprise Linux: https://access.redhat.com/solutions/3176
+
+Post disabling SELinux and reboot your system, confirm that `getenforce` returns `Disabled`:
+```text
+$ getenforce
+Disabled
+```
+
+If you are still experiencing permission issues despite disabling SELinux, please read https://www.redhat.com/sysadmin/container-permission-denied-errors
+
+### 4. Test 'docker' on your platform
+Ensure that 'docker' is running as a system service, and is enabled to be activated on system reboot:
 ```bash
-docker pull driveone/onedrive:edge
+sudo systemctl enable --now docker
 ```
 
-**NOTE:** SELinux context needs to be configured or disabled for Docker to be able to write to OneDrive host directory.
+Test that 'docker' is operational for your 'non-root' user, as per below:
+```bash
+[alex@fedora-38-docker-host ~]$ docker run hello-world
+Unable to find image 'hello-world:latest' locally
+latest: Pulling from library/hello-world
+719385e32844: Pull complete 
+Digest: sha256:88ec0acaa3ec199d3b7eaf73588f4518c25f9d34f58ce9a0df68429c5af48e8d
+Status: Downloaded newer image for hello-world:latest
+
+Hello from Docker!
+This message shows that your installation appears to be working correctly.
+
+To generate this message, Docker took the following steps:
+ 1. The Docker client contacted the Docker daemon.
+ 2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
+    (amd64)
+ 3. The Docker daemon created a new container from that image which runs the
+    executable that produces the output you are currently reading.
+ 4. The Docker daemon streamed that output to the Docker client, which sent it
+    to your terminal.
+
+To try something more ambitious, you can run an Ubuntu container with:
+ $ docker run -it ubuntu bash
+
+Share images, automate workflows, and more with a free Docker ID:
+ https://hub.docker.com/
+
+For more examples and ideas, visit:
+ https://docs.docker.com/get-started/
+
+[alex@fedora-38-docker-host ~]$ 
+```
 
-### 2. Prepare config volume
-The Docker container requries 2 Docker volumes:
+### 5. Configure the required docker volumes
+The 'onedrive' Docker container requires 2 docker volumes to operate:
 *    Config Volume
 *    Data Volume
 
-Create the config volume with the following command:
+The first volume is the configuration volume that stores all the applicable application configuration + current runtime state. In a non-containerised environment, this normally resides in `~/.config/onedrive` - in a containerised environment this is stored in the volume tagged as `/onedrive/conf`
+
+The second volume is the data volume, where all your data from Microsoft OneDrive is stored locally. This volume is mapped to an actual directory point on your local filesystem and this is stored in the volume tagged as `/onedrive/data`
+
+#### 5.1 Prepare the 'config' volume
+Create the 'config' volume with the following command:
 ```bash
 docker volume create onedrive_conf
 ```
 
-This will create a docker volume labeled `onedrive_conf`, where all configuration of your onedrive account will be stored. You can add a custom config file and other things later.
+This will create a docker volume labeled `onedrive_conf`, where all configuration of your onedrive account will be stored. You can add a custom config file in this location at a later point in time if required.
+
+#### 5.2 Prepare the 'data' volume
+Create the 'data' volume with the following command:
+```bash
+docker volume create onedrive_data
+```
 
-The second docker volume is for your data folder and is created in the next step. This volume needs to be a path to a directory on your local filesystem, and this is where your data will be stored from OneDrive. Keep in mind that:
+This will create a docker volume labeled `onedrive_data` and will map to a path on your local filesystem. This is where your data from Microsoft OneDrive will be stored. Keep in mind that:
 
 *   The owner of this specified folder must not be root
 *   The owner of this specified folder must have permissions for its parent directory
+*   Docker will attempt to change the permissions of the volume to the user the container is configured to run as
 
-**NOTE:** Issues occur when this target folder is a mounted folder of an external system (NAS, SMB mount, USB Drive etc) as the 'mount' itself is owned by 'root'. If this is your use case, you *must* ensure your normal user can mount your desired target without having the target mounted by 'root'. If you do not fix this, your Docker container will fail to start with the following error message:
+**NOTE:** Issues occur when this target folder is a mounted folder of an external system (NAS, SMB mount, USB Drive etc) as the 'mount' itself is owed by 'root'. If this is your use case, you *must* ensure your normal user can mount your desired target without having the target mounted by 'root'. If you do not fix this, your Docker container will fail to start with the following error message:
 ```bash
 ROOT level privileges prohibited!
 ```
 
-### 3. First run
-The 'onedrive' client within the Docker container needs to be authorized with your Microsoft account. This is achieved by initially running docker in interactive mode. 
+### 6. First run of Docker container under docker and performing authorisation
+The 'onedrive' client within the container first needs to be authorised with your Microsoft account. This is achieved by initially running docker in interactive mode.
 
-Run the docker image with the commands below and make sure to change `ONEDRIVE_DATA_DIR` to the actual onedrive data directory on your filesystem that you wish to use (e.g. `"/home/abraunegg/OneDrive"`).
-```bash
-export ONEDRIVE_DATA_DIR="${HOME}/OneDrive"
-mkdir -p ${ONEDRIVE_DATA_DIR}
-docker run -it --name onedrive -v onedrive_conf:/onedrive/conf \
-    -v "${ONEDRIVE_DATA_DIR}:/onedrive/data" \
-    -e "ONEDRIVE_UID=${ONEDRIVE_UID}" \
-    -e "ONEDRIVE_GID=${ONEDRIVE_GID}" \
-    driveone/onedrive:edge
-```
-**Important:** The 'target' folder of `ONEDRIVE_DATA_DIR` must exist before running the Docker container, otherwise, Docker will create the target folder, and the folder will be given 'root' permissions, which then causes the Docker container to fail upon startup with the following error message:
-```bash
-ROOT level privileges prohibited!
-```
-**NOTE:** It is also highly advisable for you to replace `${ONEDRIVE_UID}` and `${ONEDRIVE_GID}` with your actual UID and GID as specified by your `id` command output to avoid any any potential user or group conflicts.
+Run the docker image with the commands below and make sure to change the value of `ONEDRIVE_DATA_DIR` to the actual onedrive data directory on your filesystem that you wish to use (e.g. `export ONEDRIVE_DATA_DIR="/home/abraunegg/OneDrive"`).
+
+**Important:** The 'target' folder of `ONEDRIVE_DATA_DIR` must exist before running the docker container. The script below will create 'ONEDRIVE_DATA_DIR' so that it exists locally for the docker volume mapping to occur.
 
-**Example:**
+It is also a requirement that the container be run using a non-root uid and gid, you must insert a non-root UID and GID (e.g.` export ONEDRIVE_UID=1000` and export `ONEDRIVE_GID=1000`). The script below will use `id` to evaluate your system environment to use the correct values.
 ```bash
+export ONEDRIVE_DATA_DIR="${HOME}/OneDrive"
 export ONEDRIVE_UID=`id -u`
 export ONEDRIVE_GID=`id -g`
-export ONEDRIVE_DATA_DIR="${HOME}/OneDrive"
 mkdir -p ${ONEDRIVE_DATA_DIR}
 docker run -it --name onedrive -v onedrive_conf:/onedrive/conf \
     -v "${ONEDRIVE_DATA_DIR}:/onedrive/data" \
@@ -105,42 +166,41 @@ Once the 'onedrive' application is authorised, the client will automatically sta
 
 If the client is working as expected, you can detach from the container with Ctrl+p, Ctrl+q.
 
-### 4. Docker Container Status, stop, and restart
-Check if the monitor service is running
+### 7. Running the 'onedrive' container under 'docker'
 
+#### 7.1 Check if the monitor service is running
 ```bash
 docker ps -f name=onedrive
 ```
 
-Show monitor run logs
-
+#### 7.2 Show 'onedrive' runtime logs
 ```bash
 docker logs onedrive
 ```
 
-Stop running monitor
-
+#### 7.3 Stop running 'onedrive' container
 ```bash
 docker stop onedrive
 ```
 
-Resume monitor
-
+#### 7.4 Start 'onedrive' container
 ```bash
 docker start onedrive
 ```
 
-Remove onedrive Docker container
-
+#### 7.5 Remove 'onedrive' container
 ```bash
 docker rm -f onedrive
 ```
-## Advanced Setup
 
-### 5. Docker-compose
-Also supports docker-compose schemas > 3. 
-In the following example it is assumed you have a `ONEDRIVE_DATA_DIR` environment variable and a `onedrive_conf` volume. 
-However, you can also use bind mounts for the configuration folder, e.g. `export ONEDRIVE_CONF="${HOME}/OneDriveConfig"`.  
+## Advanced Usage
+
+### How to use Docker-compose
+You can utilise `docker-compose` if available on your platform if you are able to use docker compose schemas > 3.
+
+In the following example it is assumed you have a `ONEDRIVE_DATA_DIR` environment variable and have already created the `onedrive_conf` volume. 
+
+You can also use docker bind mounts for the configuration folder, e.g. `export ONEDRIVE_CONF="${HOME}/OneDriveConfig"`.
 
 ```
 version: "3"
@@ -158,7 +218,7 @@ services:
 
 Note that you still have to perform step 3: First Run. 
 
-### 6. Edit the config
+### Editing the running configuration and using a 'config' file
 The 'onedrive' client should run in default configuration, however you can change this default configuration by placing a custom config file in the `onedrive_conf` docker volume. First download the default config from [here](https://raw.githubusercontent.com/abraunegg/onedrive/master/config)  
 Then put it into your onedrive_conf volume path, which can be found with:  
 
@@ -170,8 +230,8 @@ Or you can map your own config folder to the config volume. Make sure to copy al
 
 The detailed document for the config can be found here: [Configuration](https://github.com/abraunegg/onedrive/blob/master/docs/USAGE.md#configuration)
 
-### 7. Sync multiple accounts
-There are many ways to do this, the easiest is probably to
+### Syncing multiple accounts
+There are many ways to do this, the easiest is probably to do the following:
 1. Create a second docker config volume (replace `Work` with your desired name):  `docker volume create onedrive_conf_Work`
 2. And start a second docker monitor container (again replace `Work` with your desired name):
 ```
@@ -180,7 +240,7 @@ mkdir -p ${ONEDRIVE_DATA_DIR_WORK}
 docker run -it --restart unless-stopped --name onedrive_Work -v onedrive_conf_Work:/onedrive/conf -v "${ONEDRIVE_DATA_DIR_WORK}:/onedrive/data" driveone/onedrive:edge
 ```
 
-## Run or update with one script
+### Run or update the Docker container with one script
 If you are experienced with docker and onedrive, you can use the following script:
 
 ```bash
@@ -196,7 +256,7 @@ docker inspect onedrive > /dev/null 2>&1 && docker rm -f onedrive
 docker run $firstRun --restart unless-stopped --name onedrive -v onedrive_conf:/onedrive/conf -v "${ONEDRIVE_DATA_DIR}:/onedrive/data" driveone/onedrive:edge
 ```
 
-## Environment Variables
+## Supported Docker Environment Variables
 | Variable | Purpose | Sample Value |
 | ---------------- | --------------------------------------------------- |:--------------------------------------------------------------------------------------------------------------------------------:|
 | <B>ONEDRIVE_UID</B> | UserID (UID) to run as  | 1000 |
@@ -215,7 +275,7 @@ docker run $firstRun --restart unless-stopped --name onedrive -v onedrive_conf:/
 | <B>ONEDRIVE_DISPLAY_CONFIG</B> | Controls "--display-running-config" switch on onedrive sync. Default is 0 | 1 |
 | <B>ONEDRIVE_SINGLE_DIRECTORY</B> | Controls "--single-directory" option. Default = "" | "mydir" |
 
-### Usage Examples
+### Environment Variables Usage Examples
 **Verbose Output:**
 ```bash
 docker container run -e ONEDRIVE_VERBOSE=1 -v onedrive_conf:/onedrive/conf -v "${ONEDRIVE_DATA_DIR}:/onedrive/data" driveone/onedrive:edge
@@ -237,13 +297,25 @@ docker container run -e ONEDRIVE_RESYNC=1 -e ONEDRIVE_VERBOSE=1 -v onedrive_conf
 docker container run -it -e ONEDRIVE_LOGOUT=1 -v onedrive_conf:/onedrive/conf -v "${ONEDRIVE_DATA_DIR}:/onedrive/data" driveone/onedrive:edge
 ```
 
-## Build instructions
+## Building a custom Docker image
+
 ### Build Environment Requirements
 *   Build environment must have at least 1GB of memory & 2GB swap space
 
-There are 2 ways to validate this requirement:
-*   Modify the file `/etc/dphys-swapfile` and edit the `CONF_SWAPSIZE`, for example: `CONF_SWAPSIZE=2048`. A reboot is required to make this change effective.
-*   Dynamically allocate a swapfile for building:
+You can validate your build environment memory status with the following command:
+```text
+cat /proc/meminfo | grep -E 'MemFree|Swap'
+```
+This should result in the following similar output:
+```text
+MemFree:         3704644 kB
+SwapCached:            0 kB
+SwapTotal:       8117244 kB
+SwapFree:        8117244 kB
+```
+
+If you do not have enough swap space, you can use the following script to dynamically allocate a swapfile for building the Docker container:
+
 ```bash
 cd /var 
 sudo fallocate -l 1.5G swapfile
@@ -258,31 +330,36 @@ swapon -s
 free -h
 ```
 
-### Building a custom Docker image
+If you are running a Raspberry Pi, you will need to edit your system configuration to increase your swapfile:
+
+*   Modify the file `/etc/dphys-swapfile` and edit the `CONF_SWAPSIZE`, for example: `CONF_SWAPSIZE=2048`. 
+
+A reboot of your Raspberry Pi is required to make this change effective.
+
+### Building and running a custom Docker image
 You can also build your own image instead of pulling the one from [hub.docker.com](https://hub.docker.com/r/driveone/onedrive):
 ```bash
 git clone https://github.com/abraunegg/onedrive
 cd onedrive
 docker build . -t local-onedrive -f contrib/docker/Dockerfile
+docker container run -v onedrive_conf:/onedrive/conf -v "${ONEDRIVE_DATA_DIR}:/onedrive/data" local-onedrive:latest
 ```
 
-There are alternate, smaller images available by building
-Dockerfile-debian or Dockerfile-alpine.  These [multi-stage builder pattern](https://docs.docker.com/develop/develop-images/multistage-build/)
-Dockerfiles require Docker version at least 17.05.
+There are alternate, smaller images available by using `Dockerfile-debian` or `Dockerfile-alpine`. These [multi-stage builder pattern](https://docs.docker.com/develop/develop-images/multistage-build/) Dockerfiles require Docker version at least 17.05.
 
-#### How to build and run a custom Docker image based on Debian
+### How to build and run a custom Docker image based on Debian
 ``` bash
 docker build . -t local-ondrive-debian -f contrib/docker/Dockerfile-debian
 docker container run -v onedrive_conf:/onedrive/conf -v "${ONEDRIVE_DATA_DIR}:/onedrive/data" local-ondrive-debian:latest
 ```
 
-#### How to build and run a custom Docker image based on Alpine Linux
+### How to build and run a custom Docker image based on Alpine Linux
 ``` bash
 docker build . -t local-ondrive-alpine -f contrib/docker/Dockerfile-alpine
 docker container run -v onedrive_conf:/onedrive/conf -v "${ONEDRIVE_DATA_DIR}:/onedrive/data" local-ondrive-alpine:latest
 ```
 
-#### How to build and run a custom Docker image for ARMHF (Raspberry Pi)
+### How to build and run a custom Docker image for ARMHF (Raspberry Pi)
 Compatible with:
 *    Raspberry Pi
 *    Raspberry Pi 2
@@ -294,13 +371,12 @@ docker build . -t local-onedrive-armhf -f contrib/docker/Dockerfile-debian
 docker container run -v onedrive_conf:/onedrive/conf -v "${ONEDRIVE_DATA_DIR}:/onedrive/data" local-onedrive-armhf:latest
 ```
 
-#### How to build and run a custom Docker image for AARCH64 Platforms
+### How to build and run a custom Docker image for AARCH64 Platforms
 ``` bash
 docker build . -t local-onedrive-aarch64 -f contrib/docker/Dockerfile-debian
 docker container run -v onedrive_conf:/onedrive/conf -v "${ONEDRIVE_DATA_DIR}:/onedrive/data" local-onedrive-aarch64:latest
 ```
-
-#### How to support double-byte languages
+### How to support double-byte languages
 In some geographic regions, you may need to change and/or update the locale specification of the Docker container to better support the local language used for your local filesystem. To do this, follow the example below:
 ```
 FROM driveone/onedrive
@@ -317,4 +393,4 @@ RUN echo "ja_JP.UTF-8 UTF-8" > /etc/locale.gen && \
 
 ENV LC_ALL ja_JP.UTF-8
 ```
-The above example changes the Docker container to support Japanese. To support your local language, change `ja_JP.UTF-8` to the required entry.
+The above example changes the Docker container to support Japanese. To support your local language, change `ja_JP.UTF-8` to the required entry.