summaryrefslogtreecommitdiffhomepage
path: root/applications/luci-app-dockerman/root/etc
diff options
context:
space:
mode:
authorFlorian Eckert <fe@dev.tdt.de>2020-04-22 12:00:15 +0200
committerFlorian Eckert <fe@dev.tdt.de>2020-06-10 08:44:58 +0200
commitf68e5c1071b0006cd62ca32ecbd349f028607d26 (patch)
tree28d5f3c4d28281e94e71f6ffd5ea1a3f7d58b6bd /applications/luci-app-dockerman/root/etc
parent16f443bf4caf6e7dd85efd1ce111b45779acdf5e (diff)
luci-app-dockerman: initial checkin
Inital commit version v0.5.13 from https://github.com/lisaac/luci-app-dockerman Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Diffstat (limited to 'applications/luci-app-dockerman/root/etc')
-rw-r--r--applications/luci-app-dockerman/root/etc/config/dockerman10
-rwxr-xr-xapplications/luci-app-dockerman/root/etc/init.d/dockerman46
-rwxr-xr-xapplications/luci-app-dockerman/root/etc/uci-defaults/luci-app-dockerman15
3 files changed, 71 insertions, 0 deletions
diff --git a/applications/luci-app-dockerman/root/etc/config/dockerman b/applications/luci-app-dockerman/root/etc/config/dockerman
new file mode 100644
index 0000000000..63e30bf24c
--- /dev/null
+++ b/applications/luci-app-dockerman/root/etc/config/dockerman
@@ -0,0 +1,10 @@
+config section 'local'
+ option socket_path '/var/run/docker.sock'
+ option status_path '/tmp/.docker_action_status'
+ option debug 'false'
+ option debug_path '/tmp/.docker_debug'
+ option remote_endpoint 'false'
+ option daemon_ea 'true'
+ option daemon_data_root '/opt/docker'
+ option daemon_log_level 'warn'
+ list ac_allowed_interface 'br-lan'
diff --git a/applications/luci-app-dockerman/root/etc/init.d/dockerman b/applications/luci-app-dockerman/root/etc/init.d/dockerman
new file mode 100755
index 0000000000..22629c1933
--- /dev/null
+++ b/applications/luci-app-dockerman/root/etc/init.d/dockerman
@@ -0,0 +1,46 @@
+#!/bin/sh /etc/rc.common
+
+START=99
+DOCKERD_CONF="/etc/docker/daemon.json"
+
+config_load dockerman
+config_get daemon_ea "local" daemon_ea
+
+init_dockerman_chain(){
+ iptables -N DOCKER-MAN >/dev/null 2>&1
+ iptables -F DOCKER-MAN >/dev/null 2>&1
+ iptables -D DOCKER-USER -j DOCKER-MAN >/dev/null 2>&1
+ iptables -I DOCKER-USER -j DOCKER-MAN >/dev/null 2>&1
+}
+
+add_allowed_interface(){
+ iptables -A DOCKER-MAN -i $1 -o docker0 -j RETURN
+}
+
+add_allowed_ip(){
+ iptables -A DOCKER-MAN -d $1 -o docker0 -j RETURN
+}
+
+handle_allowed_interface(){
+ #config_list_foreach "local" allowed_ip add_allowed_ip
+ config_list_foreach "local" ac_allowed_interface add_allowed_interface
+ iptables -A DOCKER-MAN -m conntrack --ctstate ESTABLISHED,RELATED -o docker0 -j RETURN >/dev/null 2>&1
+ iptables -A DOCKER-MAN -m conntrack --ctstate NEW,INVALID -o docker0 -j DROP >/dev/null 2>&1
+ iptables -A DOCKER-MAN -j RETURN >/dev/null 2>&1
+}
+
+start(){
+ [ ! -x "/etc/init.d/dockerd" ] && return 0
+ init_dockerman_chain
+ if [ -n "$daemon_ea" ]; then
+ handle_allowed_interface
+ lua /usr/share/dockerman/dockerd-config.lua "$DOCKERD_CONF" && /etc/init.d/dockerd restart && sleep 5 || {
+ # 1 running, 0 stopped
+ STATE=$([ -n "$(ps |grep /usr/bin/dockerd | grep -v grep)" ] && echo 1 || echo 0)
+ [ "$STATE" == "0" ] && /etc/init.d/dockerd start && sleep 5
+ }
+ lua /usr/share/dockerman/dockerd-ac.lua
+ else
+ /etc/init.d/dockerd stop
+ fi
+}
diff --git a/applications/luci-app-dockerman/root/etc/uci-defaults/luci-app-dockerman b/applications/luci-app-dockerman/root/etc/uci-defaults/luci-app-dockerman
new file mode 100755
index 0000000000..eab5d73547
--- /dev/null
+++ b/applications/luci-app-dockerman/root/etc/uci-defaults/luci-app-dockerman
@@ -0,0 +1,15 @@
+#!/bin/sh
+
+uci -q batch <<-EOF >/dev/null
+ set uhttpd.main.script_timeout="360"
+ commit uhttpd
+ delete ucitrack.@dockerman[-1]
+ add ucitrack dockerman
+ set ucitrack.@dockerman[-1].exec='/etc/init.d/dockerman start'
+ commit ucitrack
+EOF
+[ -x "$(which dockerd)" ] && chmod +x /etc/init.d/dockerman && /etc/init.d/dockerd disable && /etc/init.d/dockerman enable >/dev/null 2>&1
+sed -i 's/self:cfgvalue(section) or {}/self:cfgvalue(section) or self.default or {}/' /usr/lib/lua/luci/view/cbi/dynlist.htm
+/etc/init.d/uhttpd restart >/dev/null 2>&1
+rm -fr /tmp/luci-indexcache /tmp/luci-modulecache >/dev/null 2>&1
+exit 0 \ No newline at end of file