#!/bin/bash
##############################################################
# File Name: docker_install.sh
# Version: V1.0
# Author: sanshi
# Organization: https://www.9133w.cn/sources/
# Created Time : 2021-06-08 09:24:49
# Description:
##############################################################
#!/bin/bash

set -e

download_url="https://download.docker.com/linux/static/stable/x86_64/"
docker_version=`curl -sSL $download_url | \
	grep -E 'docker-[0-9]+' | \
	grep -oP '(?<=href=")docker-\K\d+.\d+.\d+' | \
	sort -t. -k1nr -k3nr | head -1`

if [ "$(id -u)" != "0" ]; then
        echo "this script must be run as root" 1>&2
        exit 1
fi

SELINUX=$(getenforce)
if [[ $SELINUX == "Enforcing" ]]; then
        echo "Please disable selinux"
        exit 1
fi

[ -f /opt/docker-${docker_version}.tgz ] || wget ${download_url}docker-${docker_version}.tgz -P /opt/

pushd /opt/ && \
echo "Unarchiving docker..." && \
tar -xzf docker-${docker_version}.tgz && \
echo "Installing docker..." && \
/bin/cp docker/* /usr/bin/ && popd



cat <<-'EOF' > /usr/lib/systemd/system/docker.service
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target firewalld.service
Wants=network-online.target

[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/bin/dockerd
ExecReload=/bin/kill -s HUP $MAINPID
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
# Uncomment TasksMax if your systemd version supports it.
# Only systemd 226 and above support this version.
#TasksMax=infinity
TimeoutStartSec=0
# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes
# kill only the docker process, not all processes in the cgroup
KillMode=process
# restart the docker process if it exits prematurely
Restart=on-failure
StartLimitBurst=3
StartLimitInterval=60s
MountFlags=slave

[Install]
WantedBy=multi-user.target
EOF

[ -d /etc/docker ] || mkdir -p /etc/docker
[ -d /data/docker ] || mkdir -p /data/docker
cat > /etc/docker/daemon.json << EOF
{
        "registry-mirrors": ["https://0quel0z8.mirror.aliyuncs.com"],
        "exec-opts": ["native.cgroupdriver=systemd"],
        "data-root": "/data/docker"
}
EOF
[ -f /proc/sys/net/bridge/bridge-nf-call-iptables ] || modprobe br_netfilter
echo 1 > /proc/sys/net/bridge/bridge-nf-call-iptables
echo 1 > /proc/sys/net/bridge/bridge-nf-call-ip6tables

systemctl daemon-reload

echo "Starting docker..."
systemctl enable docker
systemctl start docker

echo "Update docker group"
groupadd docker
usermod -aG docker $USER

echo "Successfully"