feat(setup): implement Docker permissions setup and configuration for user access

packages/server/src/setup/server-setup.ts

@@ -15,6 +15,7 @@ import {
 } from "@dokploy/server/setup/traefik-setup";
 import slug from "slugify";
 import { Client } from "ssh2";
+import { encodeBase64 } from "../utils/docker/utils";
 import { recreateDirectory } from "../utils/filesystem/directory";
 
 export const slugify = (text: string | undefined) => {
@@ -74,10 +75,7 @@ SYS_ARCH=$(uname -m)
 CURRENT_USER=$USER
 
 echo "Installing requirements for: OS: $OS_TYPE"
-if [ $EUID != 0 ]; then
-	echo "Please run this script as root or with sudo ❌"
-	exit
-fi
+
 
 # Check if the OS is manjaro, if so, change it to arch
 if [ "$OS_TYPE" = "manjaro" ] || [ "$OS_TYPE" = "manjaro-arm" ]; then
@@ -146,6 +144,9 @@ ${installRClone()}
 echo -e "4. Installing Docker. "
 ${installDocker()}
 
+echo -e "4.1. Setting up Docker permissions"
+${setupDockerPermissions()}
+
 echo -e "5. Setting up Docker Swarm"
 ${setupSwarm()}
 
@@ -192,7 +193,15 @@ const installRequirements = async (
 	return new Promise<void>((resolve, reject) => {
 		client
 			.once("ready", () => {
-				const command = server.command || defaultCommand();
+				const base64Command = encodeBase64(server.command || defaultCommand());
+				const newCommand = `
+				echo "${base64Command}" | base64 -d > setup.sh
+				chmod +x setup.sh
+				sudo bash setup.sh
+				rm setup.sh
+				`;
+
+				const command = newCommand;
 				client.exec(command, (err, stream) => {
 					if (err) {
 						onData?.(err.message);
@@ -216,16 +225,16 @@ const installRequirements = async (
 				client.end();
 				if (err.level === "client-authentication") {
 					onData?.(
-						`Authentication failed: Invalid SSH private key. ❌ Error: ${err.message} ${err.level}`,
+						"Authentication failed: Invalid SSH private key. ❌ Error: $err.message$err.level",
 					);
 					reject(
 						new Error(
-							`Authentication failed: Invalid SSH private key. ❌ Error: ${err.message} ${err.level}`,
+							"Authentication failed: Invalid SSH private key. ❌ Error: $err.message$err.level",
 						),
 					);
 				} else {
-					onData?.(`SSH connection error: ${err.message} ${err.level}`);
-					reject(new Error(`SSH connection error: ${err.message}`));
+					onData?.("SSH connection error: $err.message$err.level");
+					reject(new Error("SSH connection error: $err.message"));
 				}
 			})
 			.connect({
@@ -247,8 +256,8 @@ const setupDirectories = () => {
 	const chmodCommand = `chmod 700 "${SSH_PATH}"`;
 
 	const command = `
-	${createDirsCommand}
-	${chmodCommand}
+	$createDirsCommand
+	$chmodCommand
 	`;
 
 	return command;
@@ -526,6 +535,9 @@ const createTraefikConfig = () => {
 	const config = getDefaultServerTraefikConfig();
 
 	const command = `
+	# Create Traefik directories if they don't exist
+	mkdir -p /etc/dokploy/traefik/dynamic
+	
 	if [ -f "/etc/dokploy/traefik/dynamic/acme.json" ]; then
 		chmod 600 "/etc/dokploy/traefik/dynamic/acme.json"
 	fi
@@ -542,6 +554,9 @@ const createTraefikConfig = () => {
 const createDefaultMiddlewares = () => {
 	const config = getDefaultMiddlewares();
 	const command = `
+	# Ensure dynamic directory exists
+	mkdir -p /etc/dokploy/traefik/dynamic
+	
 	if [ -f "/etc/dokploy/traefik/dynamic/middlewares.yml" ]; then
 		echo "Middlewares config already exists ✅"
 	else
@@ -561,6 +576,49 @@ export const installRClone = () => `
 	fi
 `;
 
+const setupDockerPermissions = () => `
+	# Get the original user who ran sudo (if any)
+	ORIGINAL_USER=\${SUDO_USER:-\$USER}
+	
+	# Add user to docker group
+	if getent group docker > /dev/null 2>&1; then
+		if ! groups \$ORIGINAL_USER | grep -q docker; then
+			echo "Adding user \$ORIGINAL_USER to docker group..."
+			usermod -aG docker \$ORIGINAL_USER
+			echo "User \$ORIGINAL_USER added to docker group ✅"
+		else
+			echo "User \$ORIGINAL_USER already in docker group ✅"
+		fi
+	else
+		echo "Docker group not found, creating it..."
+		groupadd docker
+		usermod -aG docker \$ORIGINAL_USER
+		echo "Docker group created and user added ✅"
+	fi
+	
+	# Configure sudo to allow docker commands without password for the user
+	if [ "\$ORIGINAL_USER" != "root" ]; then
+		echo "Configuring passwordless sudo for Docker commands..."
+		echo "\$ORIGINAL_USER ALL=(ALL) NOPASSWD: /usr/bin/docker, /usr/bin/docker-compose, /usr/local/bin/docker-compose" > /etc/sudoers.d/\$ORIGINAL_USER-docker
+		chmod 440 /etc/sudoers.d/\$ORIGINAL_USER-docker
+		echo "Docker sudo configuration completed ✅"
+	fi
+	
+	# Restart docker service to ensure group changes take effect
+	systemctl restart docker
+	echo "Docker service restarted ✅"
+	
+	# Create a configuration file to tell Dokploy to use sudo for Docker commands
+	if [ "\$ORIGINAL_USER" != "root" ]; then
+		echo "Creating Dokploy Docker configuration..."
+		mkdir -p /etc/dokploy/config
+		echo "USE_SUDO_FOR_DOCKER=true" > /etc/dokploy/config/docker.conf
+		echo "DOCKER_USER=\$ORIGINAL_USER" >> /etc/dokploy/config/docker.conf
+		chown -R \$ORIGINAL_USER:\$ORIGINAL_USER /etc/dokploy/config
+		echo "Dokploy Docker configuration created ✅"
+	fi
+`;
+
 export const createTraefikInstance = () => {
 	const command = `
 	    # Check if dokpyloy-traefik exists