Hi, I'm running a docker container inside wsl ubuntu on windows 10, and I am logged in as root user.
I have a compose.yaml with 3 services (web, postgres and nginx), I try to integrate zrok inside the container but I get the error "unable to load environment; did you 'zrok enable'?".
I am following the guide Getting Started with Docker | Zrok
This is my compose.yaml
If I run the command
zrok share reserved "demo" --headless
in a console, it works without errors
Hi @jp17711, welcome to the community and to zrok (and OpenZiti and BrowZer)!
I tried it out real quick on my wsl/ubuntu and can confirm I also get the issue. It looks to me that the problem is going to be with the rootless container and permissions to the zrok folder. I'll give it a whirl on my side and see i can get something working. I'll reply back in a bit.
Ok. I see some options.
I think the easiest thing to do for right now is to run the zrok container as root, if you want... It defeats the purpose of running a rootless container though... but you might not care too much.
services:
zrok:
image: openziti/zrok
restart: unless-stopped
user: "root"
volumes:
- ${HOME}/.zrok:/root/.zrok
environment:
PFXLOG_NO_JSON: "true"
command: share public 192.168.253.239:9090 --headless
Doesn't feel like a great answer but it'll work... This let's others read and exec into your directory... The identities in here are 'secrets' so I don't love this approach
chmod -R 705 $HOME/.zrok
Make a new group for zrok, add your user to the group, chown the .zrok home directory to the zrok group
sudo groupadd -g 2171 zrok_group
sudo useradd -u 2171 -g 2171 -M -s /usr/sbin/nologin zrok
sudo usermod -aG zrok_group $USER
chmod -R g+rx $HOME/.zrok
chgrp -R zrok_group $HOME/.zrok
and use user 2171:
services:
zrok:
image: openziti/zrok
restart: unless-stopped
user: "2171"
volumes:
- ${HOME}/.zrok:/home/ziggy/.zrok
environment:
PFXLOG_NO_JSON: "true"
command: share public 192.168.253.239:9090 --headless
@qrkourier - is this what you had in mind for people? Is there something easier that I'm missing?
Thank you very much, I am surprised by the speed of response. 
I changed ${UID} to root, but now it gives me the error zrok/endpoints/proxy.newReverseProxy.func2: proxying error: dial tcp [::1]:49152: connect: connection refused
compose.yaml
What I expect is that the container runs the reserved subdomain, as shown in the guide Getting Started with Docker | Zrok.
I reserve a subdomain from a wsl console
zrok reserve public --unique-name "demo" https://localhost:49152
and then in the container I run the subdomain, as shown in compose.yaml
command: share reserved "demo" --headless.
It might be important to say that I installed zrok inside wsl and am running it from there.
I also have Docker Desktop installed on Windows 10.
proxying error: dial tcp [::1]:49152: connect: connection refused
I expect you have created your reserved share with "localhost"? It's easy to forget that the network within docker is different and has different rules. I expect what you actually want was to reference nginx.
Looking back at your ports for nginx I can see: - '49152:80'... You can't use "localhost" in this situation. Instead, you want to zrok share a url that's relative to the zrok container. In your case, I would think you'd want to zrok reserve share public nginx:80 (not "localhost:49152").
Does that make sense? I'm expecting you're exporting port 49152 so your LOCAL machine can also access nginx but if you wanted to, you could actually turn off that exported port and have no exposed ports into your docker environment... (i think that's pretty darn cool) 
Hopefully that all makes sense.
Yes, I was going the wrong way. Thank you very much, it works perfectly now.
