mirror/webgui
1
0
Fork 0
mirror of https://github.com/unraid/webgui.git synced 2026-04-21 09:19:35 -05:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1417 from bergware/master

Browse Source 
docker: fix routing when "host access" is enabled
This commit is contained in:
tom mortensen
2023-08-25 08:56:49 -07:00
committed by GitHub
parent 2573157697 05d5738423
commit c2f7d47a51
8 changed files with 69 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files
emhttp/languages/en_US/helptext.txt
+1 -1
View File
@@ -621,7 +621,7 @@ Share can *not* be deleted as long as it contains data. Be aware that some data
:end
:share_edit_exclusive_access_help:
When set to "Yes" indicates a synmlink directly to a pool has been set up for the share in the /mnt/user tree.
When set to "Yes" indicates a symlink directly to a pool has been set up for the share in the /mnt/user tree.
Refer to [Global Share Settings](Settings/ShareSettings) -> Permit exclusive shares.
:end
emhttp/plugins/dynamix.docker.manager/DockerSettings.page
+4 -4
View File
@@ -320,8 +320,8 @@ _(IPv4 custom network on interface)_ <?=$network?> (_(optional)_):
<?
for ($b=$box; $b<=3; $b++) {
switch ($b) {
case 1: $step = $size/65536%256; break;
case 2: $step = $size/256%256; break;
case 1: $step = floor($size/65536)%256; break;
case 2: $step = floor($size/256)%256; break;
case 3: $step = $size%256; break;
}
if ($step===0) $step = 256;
@@ -781,8 +781,8 @@ function changeMask(id,val) {
for (var b=1; b<=3; b++) {
var cell = id+b;
switch (b) {
case 1: var step = mask/65536%256; break;
case 2: var step = mask/256%256; break;
case 1: var step = Math.floor(mask/65536)%256; break;
case 2: var step = Math.floor(mask/256)%256; break;
case 3: var step = mask%256; break;
}
if (step==0) step = 256;
emhttp/plugins/dynamix/Notifications.page
+6
View File
@@ -23,6 +23,7 @@ $disabled = $notify['system'] ? '' : 'disabled';
?>
<style>
select.a{min-width:220px}
input.a{width:220px}
span.a{display:inline-block;width:220px;font-style:italic}
</style>
<script>
@@ -123,6 +124,11 @@ _(Notifications display)_:
:notifications_display_help:
_(Notifications life time)_ (_(seconds)_):
: <input type="number" name="life" class="a" min="0" max="60" value="<?=$notify['life']?>"> _(a value of zero means no automatic closure)_
:notifications_life_time_help:
_(Date format)_:
: <select name="date" class="a">
<?=mk_option($notify['date'], "d-m-Y", _("DD-MM-YYYY"))?>
emhttp/plugins/dynamix/default.cfg
+1
View File
@@ -41,6 +41,7 @@ cron=""
write="NOCORRECT"
[notify]
display="0"
life="5"
date="d-m-Y"
time="H:i"
position="top-right"
emhttp/plugins/dynamix/include/DefaultPageLayout.php
+5 -1
View File
@@ -559,7 +559,11 @@ $(function() {
$.jGrowl.defaults.theme = '';
$.jGrowl.defaults.themeState = '';
$.jGrowl.defaults.pool = 10;
$.jGrowl.defaults.life = 3000;
<?if ($notify['life'] > 0):?>
$.jGrowl.defaults.life = <?=$notify['life']*1000?>;
<?else:?>
$.jGrowl.defaults.sticky = true;
<?endif;?>
Shadowbox.setup('a.sb-enable', {modal:true});
// add any pre-existing reboot notices
$.post('/webGui/include/Report.php',{cmd:'notice'},function(notices){
etc/rc.d/rc.docker
+37 -22
View File
@@ -75,14 +75,14 @@ MTU=$(ip link show $PORT|grep -Po 'mtu \K\d+')
[[ -n $MTU && $MTU -ne 1500 ]] && DOCKER_OPTS="--mtu=$MTU $DOCKER_OPTS"
# Enable IPv6 for docker bridge network
if [[ -n $(ip -6 route show dev $PORT default) ]]; then
if [[ -n $(ip -6 route show default dev $PORT) ]]; then
DOCKER0='fd17::/64'
DOCKER_OPTS="--ipv6 --fixed-cidr-v6=$DOCKER0 $DOCKER_OPTS"
# create IPv6 NAT rule for docker0
[[ -z $(ip6tables -t nat -S|grep -o "$DOCKER0") ]] && ip6tables -t nat -A POSTROUTING -s $DOCKER0 ! -o docker0 -j MASQUERADE
else
# ipv6 disabled
[[ -e $SYSTEM/docker0 ]] && echo 1 > $CONF6/docker0/disable_ipv6
[[ -d $CONF6/docker0 ]] && echo 1 > $CONF6/docker0/disable_ipv6
fi
export DOCKER_RAMDISK=true
@@ -339,24 +339,25 @@ start_network(){
SUBNET=; GATEWAY=; SERVER=; RANGE=;
IPV4=$(ip -br -4 addr show $NETWORK|awk '{print $3;exit}')
if [[ -n $IPV4 ]]; then
SUBNET=$(ip -4 route show dev $NETWORK $IPV4|awk '{print $1;exit}')
SUBNET=$(ip -4 route show $IPV4 dev $NETWORK|awk '{print $1;exit}')
SERVER=${IPV4%/*}
DHCP=${NETWORK/./_}
DHCP=DOCKER_DHCP_${DHCP^^}
RANGE=${!DHCP}
GATEWAY=$(ip -4 route show dev $NETWORK default|awk '{print $3;exit}')
GATEWAY=$(ip -4 route show default dev $NETWORK|awk '{print $3;exit}')
fi
SUBNET6=; GATEWAY6=; SERVER6=; RANGE6=;
IPV6=$(min6 $(max6 $(wipe $(ip -br -6 addr show $NETWORK scope global|awk '{$2="";print;exit}'))|sort|head -1))
if [[ -n $IPV6 ]]; then
SUBNET6=$(ip -6 route show dev $NETWORK $IPV6|awk '{print $1;exit}')
# get IPV6 subnet, preset to /64 if single host address is given
[[ ${IPV6#*/} == 128 ]] && SUBNET6=$(echo $IPV6|sed -r 's/^([^:]+):([^:]+):([^:]+):([^:]+).*$/\1:\2:\3:\4::\/64/') || SUBNET6=$(ip -6 route show $IPV6 dev $NETWORK|awk '{print $1;exit}')
SERVER6=${IPV6%/*}
DHCP6=${NETWORK/./_}
DHCP6=DOCKER_DHCP6_${DHCP6^^}
RANGE6=${!DHCP6}
GATEWAY6=$(ip -6 route show dev $NETWORK default|awk '{print $3;exit}')
GATEWAY6=$(ip -6 route show default dev $NETWORK|awk '{print $3;exit}')
# replace link local address for first address in subnet
[[ ${GATEWAY6:0:4} == fe80 ]] && GATEWAY6=${SUBNET6%%/*}1
[[ ${GATEWAY6:0:4} == fe80 ]] && GATEWAY6=${SUBNET6%/*}1
fi
else
# add user defined networks
@@ -442,31 +443,43 @@ start_network(){
# hack to let containers talk to host
if [[ $TYPE == br ]]; then
LINK=shim-$NETWORK
if [[ $DOCKER_ALLOW_ACCESS == yes && (-n $IPV4 || -n $IPV6) ]]; then
# create shim interface with predefined MAC address and copy server IPv4/IPv6 addresses to shim interface
MAC=$(echo $(hostname)-$NETWORK|md5sum|sed -r 's/^(..)(..)(..)(..)(..).*$/02:\1:\2:\3:\4:\5/')
[[ -e $SYSTEM/$LINK ]] || ip link add $LINK link $NETWORK address $MAC type $ATTACH mode $MODE
ip addr flush dev $LINK
[[ -n $IPV4 ]] && ip -4 addr add $IPV4 dev $LINK metric 0
[[ -n $IPV6 ]] && ip -6 addr add $IPV6 dev $LINK metric 1 || echo 1 > $CONF6/$LINK/disable_ipv6
GW=($(ip -4 route show default dev $NETWORK|awk '{print $3,$5;exit}'))
if [[ $DOCKER_ALLOW_ACCESS == yes && -n $IPV4 ]]; then
# create shim interface and copy parent IPv4 address to shim interface
[[ -e $SYSTEM/$LINK ]] || ip link add $LINK link $NETWORK type $ATTACH mode $MODE
ip -4 addr flush dev $LINK
ip -4 addr add $IPV4 dev $LINK metric 0
# disable IPv6 on shim interface
echo 1 > $CONF6/$LINK/disable_ipv6
ip link set $LINK up
if [[ -n $GW ]]; then
if [[ -z ${GW[1]} ]]; then
METRIC=1
METRICS=$(ip -4 route show default|grep -Po 'metric \K\d+')
while [[ " $METRICS " =~ " $METRIC " ]]; do ((METRIC++)); done
# update existing route to avoid conflict with shim route
ip -4 route del default via $GW dev $NETWORK
ip -4 route add default via $GW dev $NETWORK metric $METRIC
fi
ip -4 route add default via $GW dev $LINK metric 0
fi
logger -t $(basename $0) "created network $LINK for host access"
elif [[ -e $SYSTEM/$LINK ]]; then
# remove shim interface
ip addr flush dev $LINK
[[ -n $GW ]] && ip -4 route del default via $GW dev $LINK
ip -4 addr flush dev $LINK
ip link set $LINK down
ip link del $LINK
fi
else
if [[ $DOCKER_ALLOW_ACCESS == yes && (-n $IPV4 || -n $IPV6) ]]; then
ip addr flush dev $VHOST
# copy server IPv4/IPv6 address to vhost interface
[[ -n $IPV4 ]] && ip -4 addr add $IPV4 dev $VHOST metric 0
[[ -n $IPV6 ]] && ip -6 addr add $IPV6 dev $VHOST metric 1
if [[ $DOCKER_ALLOW_ACCESS == yes && -n $IPV4 ]]; then
ip -4 addr flush dev $VHOST
# copy parent IPv4 address to vhost interface
ip -4 addr add $IPV4 dev $VHOST metric 0
logger -t $(basename $0) "prepared network $VHOST for host access"
elif [[ -e $SYSTEM/$VHOST ]]; then
# remove IP addresses
ip addr flush dev $VHOST
ip -4 addr flush dev $VHOST
fi
fi
fi
@@ -488,6 +501,8 @@ stop_network(){
if [[ $TYPE == br ]]; then
LINK=shim-$NETWORK
if [[ -e $SYSTEM/$LINK ]]; then
GW=$(ip -4 route show default dev $LINK|awk '{print $3;exit}')
[[ -n $GW ]] && ip -4 route del default via $GW dev $LINK
ip addr flush dev $LINK
ip link set $LINK down
ip link del $LINK
@@ -604,7 +619,7 @@ restart)
disown
;;
status)
if is_docker_running; then
if is_docker_running; then
echo "status of $DOCKERD: running"
echo "running containers:" $(running_containers)
else
etc/rc.d/rc.inet1
+11 -10
View File
@@ -54,6 +54,7 @@
# Adapted by Bergware for use in unRAID - August 2023
# - added macvtap network creation
# - removed unnecessary error output redirection for 'run' command
############################
# READ NETWORK CONFIG FILE #
@@ -237,7 +238,7 @@ vlan_up(){
VLAN=${VLANID[$i,$j]}
run ip link add link $PORT name $PORT.$VLAN type vlan id $VLAN
[[ ${PORT:0:3} == eth ]] && set_mtu $PORT.$VLAN
run ip link set $PORT.$VLAN up 2>/dev/null
run ip link set $PORT.$VLAN up
done
done
}
@@ -246,8 +247,8 @@ vlan_up(){
vlan_down(){
for PORT in ${BRNICS[$i]:-${IFNAME[$i]}}; do
for VLAN in $(ls --indicator-style=none $SYSTEM|grep -Po "$PORT\.\d+"); do
run ip link set $VLAN down 2>/dev/null
run ip link del $VLAN 2>/dev/null
run ip link set $VLAN down
run ip link del $VLAN
done
done
}
@@ -260,12 +261,12 @@ macvtap_up(){
MAC=$(echo $(hostname)-$VTAP|md5sum|sed -r 's/^(..)(..)(..)(..)(..).*$/02:\1:\2:\3:\4:\5/')
run ip link add link $PARENT name $VTAP address $MAC type macvtap mode bridge
set_mtu $VTAP
run ip link set $VTAP up 2>/dev/null
run ip link set $VTAP up
for ((j=1;j<${VLANS[$i]:-0};j++)); do
VLAN=${VLANID[$i,$j]}
run ip link add link $PARENT.$VLAN name $VTAP.$VLAN address $MAC type macvtap mode bridge
set_mtu $VTAP.$VLAN
run ip link set $VTAP.$VLAN up 2>/dev/null
run ip link set $VTAP.$VLAN up
done
}
@@ -277,12 +278,12 @@ macvtap_down(){
for ((j=1;j<${VLANS[$i]:-0};j++)); do
VLAN=${VLANID[$i,$j]}
run ip addr flush dev $VTAP.$VLAN
run ip link set $VTAP.$VLAN down 2>/dev/null
run ip link del $VTAP.$VLAN 2>/dev/null
run ip link set $VTAP.$VLAN down
run ip link del $VTAP.$VLAN
done
run ip addr flush dev $VTAP
run ip link set $VTAP down 2>/dev/null
run ip link del $VTAP 2>/dev/null
run ip link set $VTAP down
run ip link del $VTAP
}
# function to enable/disable ipv6 protocol per interface
@@ -411,7 +412,7 @@ ipaddr_down(){
[[ $IP == ipv4 ]] && DHCP_OPTIONS="$DHCP_OPTIONS -4"
[[ $IP == ipv6 ]] && DHCP_OPTIONS="$DHCP_OPTIONS -6"
# release DHCP assigned addresses
run dhcpcd $DHCP_OPTIONS $IFACE 2>/dev/null
run dhcpcd $DHCP_OPTIONS $IFACE
sleep 1
fi
# release assigned addresses and routes
sbin/create_network_ini
+4 -4
View File
@@ -141,7 +141,7 @@ for ((i=0;i<${SYSNICS:-1};i++)); do
echo "USE_DHCP6:0=\"${USE_DHCP6[$i]}\"" >>$ini
if [[ ${USE_DHCP6[$i]} == yes ]]; then
# get auto assigned ipv6 address & prefix
NET6=($(ip -br -6 addr show $IFACE scope global|awk '{sub("/"," ",$3);print $3;exit}'))
NET6=($(ip -br -6 addr show $IFACE scope global|awk '{sub("/"," ",$NF);print $NF;exit}'))
GW6=$(ip -6 route show default dev $IFACE|awk '{print $3;exit}')
echo "IPADDR6:0=\"${NET6[0]}\"" >>$ini
echo "NETMASK6:0=\"${NET6[1]}\"" >>$ini
@@ -194,7 +194,7 @@ for ((i=0;i<${SYSNICS:-1};i++)); do
if [[ ${USE_DHCP6[$i,$j]} == yes ]]; then
DEV=$IFACE.${VLANID[$i,$j]}
# get auto assigned ipv6 address & prefix
NET6=($(ip -br -6 addr show $DEV scope global|awk '{sub("/"," ",$3);print $3;exit}'))
NET6=($(ip -br -6 addr show $DEV scope global|awk '{sub("/"," ",$NF);print $NF;exit}'))
GW6=$(ip -6 route show default dev $DEV|awk '{print $3;exit}')
echo "IPADDR6:$j=\"${NET6[0]}\"" >>$ini
echo "NETMASK6:$j=\"${NET6[1]}\"" >>$ini
@@ -235,8 +235,8 @@ if [[ -z $interface || "eth0 br0 bond0" =~ $interface ]]; then
# find management interface
[[ -e /sys/class/net/bond0 ]] && dev=bond0 || dev=eth0
[[ -e /sys/class/net/br0 ]] && dev=br0
IPv4=$(ip -br -4 addr show $dev scope global|awk '{print $3}')
IPv6=$(ip -br -6 addr show $dev scope global|awk '{print $3}')
IPv4=$(ip -br -4 addr show $dev scope global|awk '{print $3;exit}')
IPv6=$(ip -br -6 addr show $dev scope global|awk '{print $NF;exit}')
[[ -n $IPv4 ]] && echo " IPv4 address: ${IPv4%/*}">>/etc/issue || echo " IPv4 address: not set">>/etc/issue
[[ -n $IPv6 ]] && echo " IPv6 address: ${IPv6%/*}">>/etc/issue || echo " IPv6 address: not set">>/etc/issue
echo >>/etc/issue