From cf455fc19b1dd97cdb559c5f24eb1dd555c1d788 Mon Sep 17 00:00:00 2001 From: Daan Date: Fri, 7 Jun 2024 13:25:46 +0200 Subject: [PATCH] Modified code so that the docker logging makes sense. Also fixed a bug which can happen with iptables (-s illegal option). Pushing to repo. --- docker/Dockerfile | 7 ++++++- docker/compose.yaml | 2 +- docker/entrypoint.sh | 7 ++++--- 3 files changed, 11 insertions(+), 5 deletions(-) diff --git a/docker/Dockerfile b/docker/Dockerfile index aa75ae0..70be161 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -40,12 +40,14 @@ RUN apt-get update && apt-get upgrade -y \ && rm -rf /var/lib/apt/lists/* # Removing the Linux Image package to preserve space on the image, for this reason also deleting apt lists, to be able to install packages: run apt update. +# Using WGDASH -- like wg_net functionally as a ARG command. But it is needed in entrypoint.sh so it needs to be exported as environment variable. ENV WGDASH=/opt/wireguardashboard RUN python3 -m venv ${WGDASH}/venv # Doing WireGuard Dashboard installation measures. RUN . ${WGDASH}/venv/bin/activate \ && git clone -b ${dash_ver} https://github.com/donaldzou/WGDashboard.git ${WGDASH}/app \ + && sed -i '/Restart=always/a\StandardOutput=file:{{APP_ROOT}}/log/log1.log\nStandardError=file:{{APP_ROOT}}/log/log2.log' ${WGDASH}/app/src/wg-dashboard.service \ && pip3 install -r ${WGDASH}/app/src/requirements.txt \ && chmod +x ${WGDASH}/app/src/wgd.sh \ && .${WGDASH}/app/src/wgd.sh install @@ -63,12 +65,15 @@ RUN wg genkey | tee /etc/wireguard/wg0_privatekey \ && echo "PrivateKey = $(cat /etc/wireguard/wg0_privatekey)" >> /etc/wireguard/wg0.conf \ && echo "PostUp = iptables -t nat -I POSTROUTING 1 -s ${wg_net}/24 -o $(ip -o -4 route show to default | awk '{print $NF}') -j MASQUERADE" >> /etc/wireguard/wg0.conf \ && echo "PostUp = iptables -I FORWARD -i wg0 -o wg0 -j DROP" >> /etc/wireguard/wg0.conf \ - && echo "PreDown = iptables -t nat -D POSTROUTING 1 -s ${wg_net}/24 -o $(ip -o -4 route show to default | awk '{print $NF}') -j MASQUERADE" >> /etc/wireguard/wg0.conf \ + && echo "PreDown = iptables -t nat -D POSTROUTING 1" >> /etc/wireguard/wg0.conf \ && echo "PreDown = iptables -D FORWARD -i wg0 -o wg0 -j DROP" >> /etc/wireguard/wg0.conf \ && echo "ListenPort = 51820" >> /etc/wireguard/wg0.conf \ #&& echo "DNS = ${global_dns}" >> /etc/wireguard/wg0.conf \ && rm /etc/wireguard/wg0_privatekey +# Defining a way for Docker to check the health of the container. +HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 CMD curl -f http://localhost:10086/signin || exit 1 + # Exposing the default WireGuard Dashboard port for web access. EXPOSE 10086 ENTRYPOINT ["/bin/bash", "/entrypoint.sh"] \ No newline at end of file diff --git a/docker/compose.yaml b/docker/compose.yaml index 5c2a1d9..abc9ffc 100644 --- a/docker/compose.yaml +++ b/docker/compose.yaml @@ -1,6 +1,6 @@ services: wireguard-dashboard: - image: repo.nerthus.nl/app/wireguard-dashboard:dev + image: repo.nerthus.nl/app/wireguard-dashboard:latest restart: unless-stopped container_name: wire-dash environment: diff --git a/docker/entrypoint.sh b/docker/entrypoint.sh index 4024b30..c0d51c3 100644 --- a/docker/entrypoint.sh +++ b/docker/entrypoint.sh @@ -77,13 +77,14 @@ set_envvars() { } ensure_blocking() { + sleep 1s echo "Ensuring container continuation." # This function checks if the latest error log is created and tails it for docker logs uses. if find "/opt/wireguardashboard/app/src/log" -mindepth 1 -maxdepth 1 -type f | read -r; then - latestlog=$(find /opt/wireguardashboard/app/src/log -name "error_*.log" | head -n 1) - sleep 3s - tail -f "${latestlog}" + latestErrLog=$(find /opt/wireguardashboard/app/src/log -name "error_*.log" | head -n 1) + latestAccLog=$(find /opt/wireguardashboard/app/src/log -name "access_*.log" | head -n 1) + tail -f "${latestErrLog}" "${latestAccLog}" fi # Blocking command in case of erroring. So the container does not quit.