Docker Socket Proxy fails to start.

[ShapeShifter499]

Steps to reproduce

Install the docker, see log.

Expected behavior

Docker socket proxy should load and work.

Actual behavior

AIO settings webpage states "starting" but it never appears to actually start. I see errors in the log for nextcloud-aio-docker-socket-proxy, log attached at the bottom.

Host OS

Manjaro x86_64

Nextcloud AIO version

Current channel

Nextcloud AIO v7.4.1

Other valuable info

nextcloud-aio-docker-socket-proxy_log.txt

[szaimen]

This is the issue apparently:

[ALERT]    (23) : Not enough memory to allocate 1073741815 entries for fdtab!
[ALERT]    (23) : No polling mechanism available.
  This may happen when using thread-groups with old pollers (poll/select), or
  it is possible that haproxy was built with TARGET=generic and that FD_SETSIZE
  is too low on this platform to support maxconn and the number of listeners
  and servers. You should rebuild haproxy specifying your system using TARGET=
  in order to support other polling systems (poll, epoll, kqueue) or reduce the
  global maxconn setting to accommodate the system's limitation. For reference,
  FD_SETSIZE=1024 on this system, global.maxconn=536870896 resulting in a maximum of
  1073741815 file descriptors. You should thus reduce global.maxconn by 536870396. Also,
  check build settings using 'haproxy -vv'.

[szaimen]

haproxy/haproxy#2043

[szaimen]

Possible fix: matrix-org/sytest@a42e75a

[ShapeShifter499]

Possible fix: matrix-org/sytest@a42e75a

so this would be added to the haproxy used inside the AIO?

[szaimen]

Possible fix: matrix-org/sytest@a42e75a

so this would be added to the haproxy used inside the AIO?

yes

[sol8712]

Will adding maxconn to the haproxy config directly be removed on a restart of the container?

You could attempt setting a higher limit for all of docker as in this Q/A:
https://stackoverflow.com/questions/71828013/docker-container-has-a-too-large-file-descriptor-limit-ulimit-n

Or try this only on your AIO docker file as shown by the OP here:
https://www.reddit.com/r/EndeavourOS/comments/u9cpb7/docker_and_limitsconf/?rdt=64474

IF these work these are temporary fixes. Also maybe usefull for debugging.

[szaimen]

This is now fixed with v7.5.0 Beta. Testing and feedback is welcome! See https://github.com/nextcloud/all-in-one#how-to-switch-the-channel

[ShapeShifter499]

@szaimen I have pulled the latest beta and the nextcloud-aio-docker-socket-proxy now loads properly. Thank you for the help.

[ShapeShifter499]

@szaimen One more related concern, while the container doesn't throw errors anymore. I do see this in Nextcloud for the App API. I'm guessing I ignore the fact it cannot access the socket since it's getting a proxy? It does return a message that it connected successfully. Does this screenshot look correct to you?

I edited out my domain name.

EDIT: Setup is behind a reverse haproxy and that handles SSL

[szaimen]

This looks like something that should get reported to https://github.com/cloud-py-api/app_api/issues

[ShapeShifter499]

@szaimen --volume /var/run/docker.sock:/var/run/docker.sock:ro should still work if I set it up like this? or should the 'ro' be 'rw' to use this? the documentation is a little unclear to me. Also I kind of assumed that 'docker socket proxy' was supposed to make access a little more secure.

[szaimen]

Yes ro should work