holm/zerotier-docker
1
1
Fork 0
forked from extern/zerotier-docker
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #7 from red-avtovo/main

Browse Source 
Cleanup bridge
This commit is contained in:
Lukas Prettenthaler 2022-01-30 17:02:25 +01:00 committed by GitHub
commit 16cd0d1dba
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 8 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
Dockerfile.bridge
View File

@ -3,13 +3,12 @@ ARG FROM_VERSION=latest
FROM ${FROM_IMAGE}:${FROM_VERSION} FROM ${FROM_IMAGE}:${FROM_VERSION}
RUN apk add --no-cache --purge --clean-protected supervisor iptables \ RUN apk add --no-cache --purge --clean-protected iptables \
&& mkdir -p /var/log/supervisor \
&& rm -rf /var/cache/apk/* && rm -rf /var/cache/apk/*
ENV LOG_PATH=/var/log/supervisor ENV LOG_PATH=/var/log/supervisor
COPY conf scripts /opt COPY scripts /opt
EXPOSE 9993/udp EXPOSE 9993/udp

15
conf/supervisord.conf
View File

@ -1,15 +0,0 @@
[supervisord]
nodaemon=true
user=root
logfile=%(ENV_LOG_PATH)s/supervisord.log
childlogdir=%(ENV_LOG_PATH)s
priority=1
[program:bridge]
command=/opt/bridge.sh
stdout_logfile=%(ENV_LOG_PATH)s/bridge.stdout.log
stderr_logfile=%(ENV_LOG_PATH)s/bridge.stderr.log
startsecs=0
autorestart=false
exitcodes=0
priority=1

23
scripts/bridge.sh
View File

@ -1,23 +0,0 @@
#!/usr/bin/env sh
set -o errexit
set -o pipefail
set -o nounset
# set -o xtrace
echo "Waiting for network interface to be ready..."
while ! ifconfig | grep -q zt; do
echo -n "."
sleep 1
done
echo "Network interface is ready. Starting bridge..."
PHY_IFACE=eth0
ZT_IFACE=$(ifconfig | grep zt | awk '{print $1}')
iptables -t nat -A POSTROUTING -o $PHY_IFACE -j MASQUERADE
iptables -A FORWARD -i $PHY_IFACE -o $ZT_IFACE -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i $ZT_IFACE -o $PHY_IFACE -j ACCEPT
echo "Bridge started."

7
scripts/entrypoint.sh
View File

@ -1,4 +1,9 @@
#!/usr/bin/env sh #!/usr/bin/env sh
/usr/bin/supervisord --configuration /opt/supervisord.conf & PHY_IFACE=eth0
ZT_IFACE="zt+"
iptables -t nat -A POSTROUTING -o $PHY_IFACE -j MASQUERADE
iptables -A FORWARD -i $PHY_IFACE -o $ZT_IFACE -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i $ZT_IFACE -o $PHY_IFACE -j ACCEPT
zerotier-one $@ zerotier-one $@