Portainer does not take into account the ~/.docker/config.json, especially regarding proxies definition

[vemonet]

Bug description

Portainer does not use the docker configuration defined for the user that is running portainer. And it is not possible to configure the HTTP_PROXY and HTTPS_PROXY used by stacks deployed by portainer.

1. Setting the proxies in ~/.docker/config.json is not picked up by portainer
2. Setting HTTP_PROXY on the portainer container does not enable this proxy in containers started from portainer (I guess it only

Here is the ~/.docker/config.json file I defined:

{
	"auths": {},
	"currentContext": "rootless",
        "proxies": {
		"default": {
			"httpProxy": "http://our-proxy:3128",
			"httpsProxy": "http://our-proxy:3128",
			"noProxy": "127.0.0.1,localhost,137.120.0.0/16"
		}
	}
}

Obviously when running docker compose up from my terminal with my user docker uses the proxies defined in ~/.docker/config.json

But this does not happen when deploying a stack through portainer.

And forces us to manually configure the HTTP_PROXY and HTTPS_PROXY environment variable for each container. Which is not ideal for reusability of the containers.

Expected behavior

Portainer should use the config defined at ~/.docker/config.json , at least for the proxies config (it's in the home folder, so there is no reason portainer can't read it no?). Here is the official docker docs for this config file: https://docs.docker.com/network/proxy/#configure-the-docker-client

In general ideally portainer should not add any weird behavior that differ from running docker compose directly from the terminal. docker compose automatically sets the right proxy, but not when run through portainer, meaning portainer is probably adding an unexpected layer of configuration on top of the configuration that have been defined for the server.

Steps to reproduce the issue:

1. Install rootless docker (your sysadmin will thanks you!)
2. Change your ~/.docker/config.json for a broken proxy URL
3. Start a container from portainer
4. Accessing internet inside this container should fail if portainer where picking up the default global docker config, but it will work because portainer will continue to use a default proxy

Technical details:

• Portainer version: Community Edition 2.17.1
• Docker version (managed by Portainer): 23.0.1 rootless
• Kubernetes version (managed by Portainer): no kubernetes, just Docker Compose version v2.16.0
• Platform (windows/linux): Linux ubuntu 22.04
• Command used to start Portainer (docker run -p 9443:9443 portainer/portainer):

version: "3"
services:
  portainer:
    image: portainer/portainer-ce:latest
    networks:
      - nginx
    environment:
      - VIRTUAL_HOST=portainer.our-url
      - LETSENCRYPT_HOST=portainer.our-url
      - VIRTUAL_PORT=9000
      - HTTP_PROXY=http://our-proxy:3128
      - HTTPS_PROXY=http://our-proxy:3128
      - http_proxy=http://our-proxy:3128
      - https_proxy=http://our-proxy:3128
    volumes:
      - ${DOCKER_SOCK:-/var/run/docker.sock}:/var/run/docker.sock
      - /data/portainer:/data
    restart: unless-stopped

networks:
  nginx:
    name: nginx

• Browser: Firefox
• Use Case (delete as appropriate): Using Portainer in a academic research setup
• Have you reviewed our technical documentation and knowledge base? Yes

Additional context
Only found this issue #469 about configuring the HTTP_PROXY of the portainer container, but that's not the same as having portainer behaving as expected following the global docker config.

Any idea how could this be fixed? Could it be due to the fact we use rootless docker? (maybe rootless puts the .docker/config.json file at a different spot than what you are used to)